fintechstudios · austince · Apr 18, 2020 · Apr 18, 2020 · Apr 18, 2020 · Apr 18, 2020
diff --git a/.gitignore b/.gitignore
@@ -32,4 +32,4 @@ resources.yaml
 ## TLS
 *.pem
 *.crt
-*.key
+*.key
diff --git a/Makefile b/Makefile
@@ -161,13 +161,16 @@ swagger-gen:
 	./hack/update-app-manager-swagger-codegen.sh \
 	 && ./hack/update-platform-swagger-codegen.sh
 
-.PHONY: docker-build
-docker-build:
-	docker build -f Dockerfile_build \
+.PHONY: docker-build-image
+docker-build-image:
+	docker build -f build.Dockerfile \
 		--cache-from $(DOCKER_REPO)-builder:$(VERSION) \
 		--tag $(DOCKER_REPO)-builder:$(VERSION) \
-		. \
-	&& docker build \
+		.
+
+.PHONY: docker-build
+docker-build: docker-build-image
+	docker build \
 		--build-arg BUILD_IMG=$(DOCKER_REPO)-builder:$(VERSION) \
 		--build-arg GIT_COMMIT=$(GIT_COMMIT) \
 		--build-arg VERSION=$(VERSION) \
@@ -191,16 +194,28 @@ test-cluster-create:
 test-cluster-delete:
 	$(KIND) delete cluster --name $(TEST_CLUSTER_NAME)
 
-.PHONY: test-cluster-install-vvp
-test-cluster-install-vvp:
+.PHONY: test-cluster-install-vvp-enterprise
+test-cluster-install-vvp-enterprise:
 	. ./hack/helm-init.sh \
 	&& helm upgrade --install \
-		--version 3.0.0 \
+		--version 4.0.0 \
 		--namespace vvp \
 		--set vvp.persistence.type=local \
-		-f ./vvp-values.yaml \
 		vvp \
-		ververica/ververica-platform
+		ververica/ververica-platform \
+		$(HELM_EXTRA_ARGS)
+
+.PHONY: test-cluster-install-vvp-community
+test-cluster-install-vvp-community:
+	. ./hack/helm-init.sh \
+	&& helm upgrade --install \
+		--version 4.0.0 \
+		--namespace vvp \
+		--set vvp.persistence.type=local \
+		--set acceptCommunityEditionLicense=true \
+		vvp \
+		ververica/ververica-platform \
+		$(HELM_EXTRA_ARGS)
 
 .PHONY: test-cluster-install-cert-manager
 test-cluster-install-cert-manager:
@@ -215,19 +230,40 @@ test-cluster-install-cert-manager:
 		jetstack/cert-manager
 
 .PHONY: test-cluster-install-chart
-test-cluster-install-chart:
+test-cluster-install-chart: docker-build test-cluster-load-image
 	. ./hack/helm-init.sh \
 	&& helm upgrade --install \
 		--namespace vvp \
 		vp-k8s-operator \
 		./charts/vp-k8s-operator \
-		-f vp-k8s-values.yaml
+		--set imageRepository=$(DOCKER_REPO) \
+		--set imageTag=$(VERSION) \
+		--set vvpEdition=community \
+		--set vvpUrl=http://vvp-ververica-platform \
+		$(HELM_EXTRA_ARGS)
 
 .PHONY: test-cluster-install-crds
 test-cluster-install-crds:
 	. ./hack/helm-init.sh \
 	&& helm upgrade --install \
-		--namespace default \
+		--namespace vvp \
 		vp-k8s-operator-crds \
 		./charts/vp-k8s-operator-crds \
-		-f vp-k8s-crds-values.yaml
+		$(HELM_EXTRA_ARGS)
+
+.PHONY: test-cluster-wait-for-cert-manager
+test-cluster-wait-for-cert-manager:
+	kubectl -n cert-manager wait --for=condition=available deployments --all
+
+.PHONY: test-cluster-wait-for-vvp
+test-cluster-wait-for-vvp:
+	kubectl -n vvp wait --for=condition=available deployments --all
+
+# Requires tiller to be running
+.PHONY: test-cluster-setup
+test-cluster-setup: test-cluster-install-cert-manager \
+					test-cluster-install-vvp-community \
+					test-cluster-wait-for-cert-manager \
+					test-cluster-wait-for-vvp \
+					test-cluster-install-chart \
+					test-cluster-install-crds
diff --git a/README.md b/README.md
@@ -26,13 +26,14 @@ custom VP Resources will all be prefixed with `Vp`.
 ## Unsupported
 
 * `Job`
+* `DeploymentDefaults`
 * `Secret Value`
 * `Status`
 
 To avoid naming conflicts, and for simplicity, and VP `metadata` and `spec` fields
 are nested under the top-level `spec` field of the K8s resource.
 
-Look in [docs/mappings](./docs/mappings) for information on each supported resource.
+Look in [docs/mappings](docs/mappings) for information on each supported resource.
 
 ## Running
 
@@ -41,6 +42,7 @@ To run the binary directly, after building run `./bin/manager`.
 **Flags:**
 * `--help` prints usage
 * `--vvp-url=http://localhost:8081` the url, without trailing slash, for the Ververica Platform
+* `--vvp-edition=enterprise` the Ververica Platform Edition to support. See [Editions](#Editions) for more.
 * `--debug` debug mode for logging
 * `--enable-leader-election` to ensure only one manager is active with a multi-replica deployment
 * `--metrics-addr=:8080` address to bind metrics to 
@@ -57,6 +59,13 @@ Specifying in the environment is a good way to integrate with namespaces that ar
 * `APPMANAGER_API_TOKEN_{NAMESPACE}` a token to use for resources in a specific Ververica Platform namespace, upper-cased
 * `APPMANAGER_API_TOKEN` if no namespace-specific token can be found, this value will be used. 
 
+## Editions
+
+This operator works with both the Community and Enterprise editions of the Ververica Platform, with the caveats:
+* `VpNamespaces` are not supported by the Community Edition, so the manager will not register those resources
+* The `spec.metadata.namespace` field must either be left unset or set explicitly to `default` for all `Vp` resources
+
+Find out more about [the editions here](https://www.ververica.com/pricing-editions).
 
 ## Docker
 
@@ -67,9 +76,12 @@ Images are published to [Docker Hub](https://hub.docker.com/r/fintechstudios/ver
 
 ## Helm
 
-A base Helm chart is provided in [`./charts/vp-k8s-operator`](charts/vp-k8s-operator).
+A Helm chart for the operator lives in [`./charts/vp-k8s-operator`](charts/vp-k8s-operator),
+which sets up a deployment with a metrics server, RBAC policies, CRDs, and, optionally,
+an RBAC proxy for the metrics over HTTPS.
 
-This sets up a deployment with a metrics server, RBAC policies, CRDs, and, optionally, an RBAC proxy for the metrics over HTTPS.
+The CRDs are managed in a separate chart ([`./charts/vp-k8s-operator-crds`](charts/vp-k8s-operator-crds)), which also
+needs to be installed.
 
 ## Development
 
@@ -78,7 +90,7 @@ Built using [`kubebuilder`](https://github.com/kubernetes-sigs/kubebuilder).
 though something like `minikube` will also do.  
 
 More on the design of the controller and its resources can be found
-in [docs/design.md](./docs/design.md).
+in [docs/design.md](docs/design.md).
 
 Also built as a Go module - no vendor files here.
 
@@ -93,23 +105,28 @@ System Pre-requisites:
 
 - `make` alias for `manager`
 - `make manager` builds the entire app binary
-- `make run` runs the entire app
-- `make manifests` builds the CRDs
-- `make install` installs the CRDs on the cluster
+- `make run` runs the entire app locally
+- `make manifests` builds the CRDs from `./config/crd`
+- `make install` installs the CRDs from `./config/crd` on the cluster
 - `make deploy` installs the entire app on the cluster
 - `make docker-build` builds the docker image
 - `make docker-push` pushes the built docker image
 - `make generate` generates the controller code from the `./api` package
-- `make controller-gen` loads the correct controller-gen binary
 - `make swagger-gen` generates the swagger code
-- `make lint` runs the golangci linter 
+- `make lint` runs linting on the source code
 - `make fmt` runs `go fmt` on the package
 - `make test` runs the test suites with coverage
-- `make test-cluster-create` initializes a cluster for testing, using kind
-- `make test-cluster-delete` deletes the testing cluster
 - `make patch-image` sets the current version as the default deployment image tag
 - `make kustomize-build` builds the default k8s resources for deployment
 
+#### For working with a local kind cluster
+
+- `make test-cluster-create` initializes a cluster for testing, using kind
+- `make test-cluster-delete` deletes the testing cluster
+- `make test-cluster-setup` installs cert-manager, the Community VVP, the vp-k8s-crds, and the vp-k8s-operator on the test cluster
+- `make test-cluster-instal-chart` builds the operator and installs it on the test cluster from the local chart
+- `make test-cluster-instal-crds` installs the vp-k8s-operator CRDs on the test cluster from the local chart
+
 ### Environment
 
 To use the default test cluster, you'll need to store a `KUBECONFIG` env var pointed to it.
@@ -122,8 +139,8 @@ The API Clients are auto-generated using the [Swagger Codegen utility](https://g
 
 #### AppManager
 
-The original Swagger file was taken from their live API documentation (available at `${VP_URL}/api/swagger`),
-but the docs don't exactly match their API, which makes the generated client incorrect.
+The [`appmanager-api` Swagger file](appmanager-api-swagger.json) is from the live API documentation (available at `${VP_URL}/api/swagger`),
+but the generated client needs a few updates to work correctly.
 
 ##### Post-Generation Changes
 
@@ -154,7 +171,7 @@ There is also a bug that cannot handle an empty Swagger type to represent the `a
 you must manually change [`model_any.go`](pkg/vvp/appmanager-api/model_any.go) to:
 
 ```go
-package ververicaplatformapi
+package appmanagerapi
 
 type Any interface {}
 ```
@@ -166,10 +183,10 @@ You'll also have to change any usages of this type in `structs` to be embedded,
 ### Building Images
 
 The images are built in two steps:
-1. The [`Dockerfile_build`](build.Dockerfile) image is a full development environment for running tests, linting,
+1. The [`build.Dockerfile`](build.Dockerfile) image is a full development environment for running tests, linting,
 and building the source with the correct tooling. This can also be used for development if you so like,
 just override the entrypoint.
-2. The build image is then passed as a build arg to the main [`Dockerfile`](./Dockerfile), which builds
+2. The build image is then passed as a build arg to the main [`Dockerfile`](Dockerfile), which builds
 the manager binary and copies it over into an image for distribution.
 
 
@@ -178,6 +195,8 @@ the manager binary and copies it over into an image for distribution.
 Other OSS that influenced this project:
 * [Kong Ingress Controller](https://github.com/Kong/kubernetes-ingress-controller)
 
-
 ## License
+
+[Licensed under Apache 2.0](LICENSE)
+
 [![FOSSA Status](https://app.fossa.io/api/projects/custom%2B12442%2Fgit%40github.com%3Afintechstudios%2Fververica-platform-k8s-operator.git.svg?type=large)](https://app.fossa.io/projects/custom%2B12442%2Fgit%40github.com%3Afintechstudios%2Fververica-platform-k8s-operator.git?ref=badge_large)
diff --git a/charts/vp-k8s-operator-crds/Chart.yaml b/charts/vp-k8s-operator-crds/Chart.yaml
@@ -2,4 +2,4 @@ apiVersion: v1
 appVersion: "1.0"
 description: A Helm chart for the CRDs that accompany the vp-k8s-operator
 name: vp-k8s-operator-crds
-version: 0.1.0
+version: 0.2.0
diff --git a/charts/vp-k8s-operator-crds/README.md b/charts/vp-k8s-operator-crds/README.md
@@ -0,0 +1,16 @@
+# Vp K8s Operator CRDs
+
+This chart manages the Custom Resource Definitions used by the Vp K8s Operator. Instead of
+including the CRDs in the main `vp-k8s-operator` chart, they exist here to allow templating and
+integrating with cert-manager for webhook certificates.
+
+Find out more about [managing CRDs with Helm here](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/). 
+
+## Installing the Chart
+
+| Parameter                    | Description                                           | Default                                            |
+|------------------------------|-------------------------------------------------------|----------------------------------------------------|
+| `webhookCert.namespace`      | Namespace of the secret containing the TLS cert for the webhook.              | ``                                             |
+| `webhookCert.name`           | Name of the secret containing the TLS cert for the webhook.              | ``                                             |
+| `webhookService.namespace`   | Namespace of the webhook service. (deployed w/ the operator)              | ``                                             |
+| `webhookService.name`        | Name of the webhook service. (deployed w/ the operator)             | ``                                             |
diff --git a/charts/vp-k8s-operator-crds/templates/NOTES.txt b/charts/vp-k8s-operator-crds/templates/NOTES.txt
@@ -0,0 +1,5 @@
+# Ververica Platform Kubernetes Operator CRDs
+
+See the available CRDs:
+
+  kubectl get crds | grep ververicaplatform
diff --git a/charts/vp-k8s-operator/Chart.yaml b/charts/vp-k8s-operator/Chart.yaml
@@ -2,4 +2,4 @@ apiVersion: v1
 appVersion: "latest"
 description: A Helm chart for the Ververica Platform K8s Operator
 name: vp-k8s-operator
-version: 0.11.0
+version: 0.12.0
diff --git a/charts/vp-k8s-operator/README.md b/charts/vp-k8s-operator/README.md
@@ -1,6 +1,6 @@
 # VP K8s Operator
 
-A little Helm chart for deploying the Ververica Platform Kubernetes Operator.
+A Helm chart for deploying the Ververica Platform Kubernetes Operator.
 
 ## Installing the Chart
 
@@ -18,6 +18,10 @@ A little Helm chart for deploying the Ververica Platform Kubernetes Operator.
 | `imagePullPolicy`            |                                                       | `IfNotPresent`                                     |
 | `metricsHost`                | Host for the metrics reporter.                        | `127.0.0.1`                                        |
 | `metricsPort`                | Port for the metrics reporter.                        | `8080`                                             |
-| `metricsMonitorEnabled`      | Whether or not to create a Prometheus ServiceMonitor. | `true`                                             |
-| `platformApiUrl`             | URL for the Ververica Platform API.                   | `http://ververica-platform-appmanager`             |
-| `appManagerApiUrl`           | URL for the Appmanager API.                           | `http://ververica-platform-appmanager/api`         |
+| `metricsMonitorEnabled`      | Whether or not to create a Prometheus ServiceMonitor. | `false`                                            |
+| `certs.enabled`              | Whether or not to create CertManager certs for webhook serving. | `true`                                   |
+| `certs.existingSecret`       | If not creating certs, must specify a secret with pre-existing certs. | `nil`                              |
+| `vvpUrl`                     | URL for the Ververica Platform.                       | `http://ververica-platform`                        |
+| `vvpEdition`                 | Ververica Platform Edition. Either `community` or `enterprise`. | `enterprise`                             |
+| `extraArgs`                  | Extra CLI args to pass to the controller manager.                | `[]`                                       |
+| `resources`                  | Resource specs for the manager deployment.             | `{ limits: { cpu: 100m, memory: 30Mi }, rqeuests: { cpu: 100m, memory 20Mi } }` |
diff --git a/charts/vp-k8s-operator/templates/NOTES.txt b/charts/vp-k8s-operator/templates/NOTES.txt
@@ -1,7 +1,6 @@
-# Ververica Platform Kubernetes Controller
+# Ververica Platform Kubernetes Operator
 
-
-Ensure the controller is running:
+Ensure the operator is running:
 
 kubectl get -n {{ .Release.Namespace }} deployments/{{ template "vp-k8s-operator.fullname" . }}-controller-manager
 

diff --git a/charts/vp-k8s-operator/templates/deployment.yaml b/charts/vp-k8s-operator/templates/deployment.yaml
@@ -38,7 +38,11 @@ spec:
             - /manager
           args:
             - --metrics-addr={{.Values.metricsHost}}:{{.Values.metricsPort}}
-            - --vvp-url={{.Values.vvpUrl}}
+            - --vvp-url={{ .Values.vvpUrl }}
+            - --vvp-edition={{ .Values.vvpEdition }}
+            {{- if .Values.extraArgs }}
+            {{ toYaml .Values.extraArgs | nindent 12 }}
+            {{- end }}
           ports:
             - containerPort: 443
               name: webhook-server
@@ -54,4 +58,8 @@ spec:
         - name: cert
           secret:
             defaultMode: 420
+            {{- if .Values.certs.enabled }}
             secretName: {{ template "vp-k8s-operator.fullname" . }}-webhook-server-cert
+            {{- else }}
+            secretName: {{ .Values.certs.existingSecret }}
+            {{- end }}
diff --git a/charts/vp-k8s-operator/templates/metrics.yaml b/charts/vp-k8s-operator/templates/metrics.yaml
@@ -1,12 +1,9 @@
 apiVersion: v1
 kind: Service
 metadata:
-  annotations:
-    prometheus.io/port: "8443"
-    prometheus.io/scheme: https
-    prometheus.io/scrape: "true"
   labels:
     control-plane: {{ template "vp-k8s-operator.name" . }}-controller-manager
+    {{ include "vp-k8s-operator.labels" . | nindent 4 }}
   name: {{ template "vp-k8s-operator.name" . }}-controller-manager-metrics-service
   namespace: {{ .Release.Namespace }}
 spec:
@@ -28,8 +25,12 @@ kind: ServiceMonitor
 metadata:
   labels:
     control-plane: {{ template "vp-k8s-operator.name" . }}-controller-manager
+    {{ include "vp-k8s-operator.labels" . | nindent 4 }}
+    {{- if .Values.metricsMonitorLabels }}
+    {{ toYaml .Values.metricsMonitorLabels | nindent 4 }}
+    {{- end }}
   name: {{ template "vp-k8s-operator.name" . }}-controller-manager-metrics-monitor
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ default .Values.metricsMonitorNamespace .Release.Namespace }}
 spec:
   endpoints:
   - path: /metrics
@@ -39,5 +40,7 @@ spec:
     port: http
      {{- end }}
   selector:
-    control-plane: {{ template "vp-k8s-operator.name" . }}-controller-manager
+    matchLabels:
+      control-plane: {{ template "vp-k8s-operator.name" . }}-controller-manager
+      {{ include "vp-k8s-operator.labels" . | nindent 4 }}
 {{- end }}