[dev] add gp-gcloud direct replacement for gcloud cli for certain gcloud cli commands

[sagor999]

Description

For reference: https://github.com/gitpod-io/ops/issues/2259
We need to be able to label disks when creating instance templates used by workspace clusters.
gcloud cli does not support that. REST API or go library does.
Using REST API directly would be too bulky and not very maintainable.
Hence gp-gcloud cli was created. It acts as a direct drop in replacement for gcloud cli.
Currently only supports compute instance-templates create command.
Otherwise we can still use gcloud for other commands.

Related Issue(s)

Fixes #

How to test

Open this PR in gitpod.
Run this command that will create instance template in workspace-preview project (if you have access to it):

cd dev/gp-gcloud
go build
./gp-gcloud compute instance-templates create awesome-template-name2 --image="projects/workspace-clusters/global/images/gitpod-k3s-202204191639" --boot-disk-type=pd-ssd --network-interface="network=global/networks/default,network-tier=PREMIUM,address=" --scopes=compute-rw,storage-ro,service-management,service-control,logging-write,monitoring --metadata="block-project-ssh-keys=TRUE,enable-oslogin=FALSE,cluster-name=us444,cluster-location=test-region,disable-legacy-endpoints=true,kube-env=AUTOSCALER_ENV_VARS: os_distribution=ubuntu;os=linux" --no-restart-on-failure --labels="cluster-name=us444,cluster-location=usa,instance-type=control-plane" --tags servers-us444,us444 --boot-disk-size '512GB' --service-account="lala" --machine-type n2d-standard-4 --min-cpu-platform="AMD Milan" --project workspace-preview --region us --local-ssd interface=NVME --local-ssd interface=NVME --local-ssd interface=NVME --local-ssd interface=NVME

Release Notes

none

Documentation

Werft options:

• /werft with-preview

[jenting]

Sorry I missed this issue https://github.com/gitpod-io/ops/issues/2259.

Looks like we decided to write a new CLI with the Go library instead of the REST API call comment?

[sagor999]

@jenting yeah. I think it will be better long term then using REST API directly. (As suggested by Alejandro)

[jenting]

@jenting yeah. I think it will be better long term then using REST API directly. (As suggested by Alejandro)

The PR LGTM, thank you 😃
However, for this enhancement, I'd vote to use REST API directly.

[kylos101]

@sagor999 while testing I bumped into an issue.

gitpod /workspace/workspace-preview/gitpod/dev/gp-gcloud (pavel/gp-gcloud) $ go build
# github.com/gitpod-io/gitpod/gp-gcloud/cmd/compute
cmd/compute/instance-templates-create.go:228:24: undefined: strings.Cut
cmd/compute/instance-templates-create.go:246:24: undefined: strings.Cut
note: module requires Go 1.18

gitpod /workspace/workspace-preview/gitpod (main) $ go version
go version go1.17.5 linux/amd64

gitpod /workspace/workspace-preview/gitpod (main) $ printenv | grep GO
CARGO_HOME=/workspace/.cargo
GOROOT=/home/gitpod/go
GO_VERSION=1.17.5
GOPATH=/workspace/go

I think it's because the image for workspace-preview is old, still using Go 1.17. I am building again so we can use the latest. More updates to follow.

PEBKAC.

[kylos101]

It lives!

[kylos101]

Went through all files, except dev/gp-gcloud/cmd/compute/instance-templates-create.go. Would like a fresh pair of eyes before I ✅, and will do first thing tomorrow AM.

[kylos101]

Hey @sagor999 👋 , I was comparing the awesome instance template with a real one, and observed some differences.

eu51 internal xl:

awesome template:

Other feedback incoming via the code! ✉️

edit: @sagor999 wdyt of the differences? I'm thinking we should have gp-gcloud match what we're currently doing, unless there's a compelling security reason to disable everything.

[kylos101]

Hey @sagor999 no requested changes, just some questions to help me better understand how to test, and how some values were set.

[kylos101]

This is the label set we cannot set w/o the CLI, right?

Can we test this w/o building an ephemeral cluster? For example, after building this template, can we curl it to determine what these properties should look like?

[sagor999]

you can check those labels by inspecting created instance template in gcp.

[kylos101]

I did not see them in my instance template...can you share a screenie of what you mean given a similar example created with this CLI?

[sagor999]

[kylos101]

TIL about equivalent rest response, thanks @sagor999 ! 🤝

I was expecting to see labels on both the boot and local SSD disks, but, only see them on boot. 🤔 Am I missing something?

[sagor999]

Oh man.

	// Labels: Labels to apply to this disk. These can be later modified by
	// the disks.setLabels method. This field is only applicable for
	// persistent disks.
	Labels map[string]string `json:"labels,omitempty"`

Sigh. So I guess labels are ONLY supported for persistent disks. It is a benefit, since once we switch to PVC we will use much less local ssd drives.
But let me look a bit further into it.

[sagor999]

Yeah, local ssd drives do not support labels, since they are so ephemeral. Only persistent disks support labels. :(

[sagor999]

Updated code to reflect that.

[kylos101]

Roger that! I just wrapped an IDE incident, and it's time to get ice cream with the Mrs., so I"ll pick this up on Monday. 👋 🍨 🥄

Thank you for the update, bud, have a nice weekend! 🎉

[sagor999]

I will double check access scopes, those should have been correct with this --scopes 'storage-ro,compute-rw,monitoring,logging-write,cloud-platform'

[sagor999]

@kylos101 fixed API scopes. Thank you for catching it!

[kylos101]

@kylos101 fixed API scopes. Thank you for catching it!

👍 scopes seem off still, I might be doing something wrong? They appear to be granting full access.

I see this in gen54:

And this in awesome template:

[kylos101]

Resolved meow:

[kylos101]

Thank you, @sagor999 ! Appreciate your patience on this one.

[TuckerJN]

Sweet