-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit 2a71e3c
Showing
26 changed files
with
1,225 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
dist/ | ||
test/ | ||
.tmp/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
# To get started with Dependabot version updates, you'll need to specify which | ||
# package ecosystems to update and where the package manifests are located. | ||
# Please see the documentation for all configuration options: | ||
# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates | ||
|
||
version: 2 | ||
updates: | ||
- package-ecosystem: "gomod" | ||
directory: "/" | ||
schedule: | ||
interval: "daily" | ||
- package-ecosystem: "docker" | ||
directory: "/" | ||
schedule: | ||
interval: "daily" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
name: release | ||
on: | ||
push: | ||
tags: | ||
- "*" | ||
jobs: | ||
release: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/setup-go@v3 | ||
with: | ||
go-version: 1.20.x | ||
- uses: docker/setup-qemu-action@v2 | ||
- uses: docker/setup-buildx-action@v2 | ||
- uses: docker/login-action@v2 | ||
with: | ||
registry: ghcr.io | ||
username: airfocusio | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
- uses: actions/checkout@v3 | ||
with: | ||
fetch-depth: 0 | ||
- name: Run GoReleaser | ||
uses: goreleaser/goreleaser-action@v3 | ||
with: | ||
args: release --clean | ||
env: | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
name: test | ||
on: | ||
push: | ||
branches: | ||
- main | ||
pull_request: | ||
branches: | ||
- main | ||
env: | ||
GO111MODULE: on | ||
jobs: | ||
test: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/setup-go@v2 | ||
with: | ||
go-version: 1.20.x | ||
- uses: actions/checkout@v2 | ||
- name: Build sources | ||
run: go build ./... | ||
- name: Run tests | ||
run: make test |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
dist/ | ||
.tmp/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,54 @@ | ||
# This is an example .goreleaser.yml file with some sensible defaults. | ||
# Make sure to check the documentation at https://goreleaser.com | ||
project_name: kube-resourceless | ||
before: | ||
hooks: | ||
- go mod tidy | ||
- ./deploy/kubernetes/manifests.sh {{ .Version }} | ||
builds: | ||
- env: | ||
- CGO_ENABLED=0 | ||
goos: | ||
- linux | ||
goarch: | ||
- amd64 | ||
- arm64 | ||
release: | ||
extra_files: | ||
- glob: .tmp/manifests/manifests.yaml | ||
dockers: | ||
- image_templates: | ||
- "ghcr.io/airfocusio/{{ .ProjectName }}:{{ .Version }}-amd64" | ||
- "ghcr.io/airfocusio/{{ .ProjectName }}:latest-amd64" | ||
use: buildx | ||
goarch: amd64 | ||
dockerfile: Dockerfile | ||
build_flag_templates: | ||
- "--platform=linux/amd64" | ||
- image_templates: | ||
- "ghcr.io/airfocusio/{{ .ProjectName }}:{{ .Version }}-arm64" | ||
- "ghcr.io/airfocusio/{{ .ProjectName }}:latest-arm64" | ||
use: buildx | ||
goarch: arm64 | ||
dockerfile: Dockerfile | ||
build_flag_templates: | ||
- "--platform=linux/arm64" | ||
docker_manifests: | ||
- name_template: ghcr.io/airfocusio/{{ .ProjectName }}:{{ .Version }} | ||
image_templates: | ||
- ghcr.io/airfocusio/{{ .ProjectName }}:{{ .Version }}-amd64 | ||
- ghcr.io/airfocusio/{{ .ProjectName }}:{{ .Version }}-arm64 | ||
- name_template: ghcr.io/airfocusio/{{ .ProjectName }}:latest | ||
image_templates: | ||
- ghcr.io/airfocusio/{{ .ProjectName }}:latest-amd64 | ||
- ghcr.io/airfocusio/{{ .ProjectName }}:latest-arm64 | ||
checksum: | ||
name_template: 'checksums.txt' | ||
snapshot: | ||
name_template: "0.0.0-dev" | ||
changelog: | ||
sort: asc | ||
filters: | ||
exclude: | ||
- '^docs:' | ||
- '^test:' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
FROM scratch | ||
ENTRYPOINT ["/bin/kube-resourceless"] | ||
COPY kube-resourceless /bin/kube-resourceless | ||
WORKDIR /workdir |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
.PHONY: * | ||
|
||
test: | ||
go test -v ./... | ||
|
||
build: | ||
goreleaser release --clean --skip-publish --snapshot | ||
|
||
release: | ||
goreleaser release --clean | ||
|
||
|
||
kind-start: | ||
kind delete cluster --name=kube-resourceless | ||
kind create cluster --name=kube-resourceless | ||
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.12.3/cert-manager.yaml | ||
|
||
kind-stop: | ||
kind delete cluster --name=kube-resourceless | ||
|
||
kind: build | ||
kubectl -n kube-resourceless delete deployment -l app=kube-resourceless --wait | ||
kind load docker-image ghcr.io/airfocusio/kube-resourceless:0.0.0-dev-amd64 --name kube-resourceless | ||
kubectl apply -k test/deploy/kubernetes | ||
sleep 10 | ||
kubectl delete -k test/examples || true | ||
while ! kubectl apply -k test/examples; do sleep 1; done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,54 @@ | ||
package cmd | ||
|
||
import ( | ||
"io/ioutil" | ||
"log" | ||
"os" | ||
"os/signal" | ||
"syscall" | ||
|
||
"github.com/airfocusio/kube-resourceless/internal" | ||
"github.com/spf13/cobra" | ||
) | ||
|
||
var ( | ||
verbose bool | ||
rootCmdTLSCert string | ||
rootCmdTLSKey string | ||
rootCmd = &cobra.Command{ | ||
Use: "kube-resourceless", | ||
RunE: func(cmd *cobra.Command, args []string) error { | ||
service, err := internal.NewService(internal.ServiceOpts{ | ||
TLSCertFile: rootCmdTLSCert, | ||
TLSKeyFile: rootCmdTLSKey, | ||
}) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
term := make(chan os.Signal, 1) | ||
signal.Notify(term, syscall.SIGTERM) | ||
signal.Notify(term, syscall.SIGINT) | ||
if err := service.Run(term); err != nil { | ||
return err | ||
} | ||
return nil | ||
}, | ||
PersistentPreRun: func(cmd *cobra.Command, args []string) { | ||
if !verbose { | ||
internal.Debug = log.New(ioutil.Discard, "", log.LstdFlags) | ||
} | ||
}, | ||
} | ||
) | ||
|
||
func Execute() error { | ||
return rootCmd.Execute() | ||
} | ||
|
||
func init() { | ||
rootCmd.PersistentFlags().BoolVarP(&verbose, "verbose", "v", false, "") | ||
rootCmd.Flags().StringVar(&rootCmdTLSCert, "tls-cert", "/etc/certs/tls.crt", "Path to the TLS certificate") | ||
rootCmd.Flags().StringVar(&rootCmdTLSKey, "tls-key", "/etc/certs/tls.key", "Path to the TLS key") | ||
rootCmd.AddCommand(versionCmd) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
package cmd | ||
|
||
import ( | ||
"fmt" | ||
"os" | ||
"runtime/debug" | ||
|
||
"github.com/spf13/cobra" | ||
) | ||
|
||
var Version FullVersion | ||
|
||
var ( | ||
versionCmd = &cobra.Command{ | ||
Use: "version", | ||
Run: func(cmd *cobra.Command, args []string) { | ||
os.Stdout.Write([]byte(Version.ToString() + "\n")) | ||
}, | ||
} | ||
) | ||
|
||
type FullVersion struct { | ||
Version string | ||
Commit string | ||
Date string | ||
BuiltBy string | ||
} | ||
|
||
func (v FullVersion) ToString() string { | ||
result := v.Version | ||
if v.Commit != "" { | ||
result = fmt.Sprintf("%s\ncommit: %s", result, v.Commit) | ||
} | ||
if v.Date != "" { | ||
result = fmt.Sprintf("%s\nbuilt at: %s", result, v.Date) | ||
} | ||
if v.BuiltBy != "" { | ||
result = fmt.Sprintf("%s\nbuilt by: %s", result, v.BuiltBy) | ||
} | ||
if info, ok := debug.ReadBuildInfo(); ok && info.Main.Sum != "" { | ||
result = fmt.Sprintf("%s\nmodule version: %s, checksum: %s", result, info.Main.Version, info.Main.Sum) | ||
} | ||
return result | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
apiVersion: cert-manager.io/v1 | ||
kind: Certificate | ||
metadata: | ||
name: kube-resourceless | ||
namespace: kube-resourceless | ||
labels: | ||
app: kube-resourceless | ||
spec: | ||
secretName: kube-resourceless-tls | ||
dnsNames: | ||
- kube-resourceless | ||
- kube-resourceless.kube-resourceless.svc | ||
issuerRef: | ||
name: selfsigned |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
apiVersion: apps/v1 | ||
kind: Deployment | ||
metadata: | ||
name: kube-resourceless | ||
namespace: kube-resourceless | ||
labels: | ||
app: kube-resourceless | ||
spec: | ||
selector: | ||
matchLabels: | ||
app: kube-resourceless | ||
replicas: 1 | ||
template: | ||
metadata: | ||
labels: | ||
app: kube-resourceless | ||
spec: | ||
containers: | ||
- name: kube-resourceless | ||
image: ghcr.io/airfocusio/kube-resourceless:latest | ||
volumeMounts: | ||
- name: tls | ||
mountPath: "/etc/certs" | ||
readOnly: true | ||
terminationGracePeriodSeconds: 3 | ||
volumes: | ||
- name: tls | ||
secret: | ||
secretName: kube-resourceless-tls | ||
optional: false |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
apiVersion: cert-manager.io/v1 | ||
kind: Issuer | ||
metadata: | ||
name: selfsigned | ||
namespace: kube-resourceless | ||
labels: | ||
app: kube-resourceless | ||
spec: | ||
selfSigned: {} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
resources: | ||
- namespace.yaml | ||
- issuer.yaml | ||
- certificate.yaml | ||
- service.yaml | ||
- deployment.yaml | ||
- mutatingwebhookconfiguration.yaml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
#!/bin/bash | ||
set -euo pipefail | ||
|
||
rm -rf .tmp/manifests | ||
mkdir -p .tmp/manifests | ||
cat > .tmp/manifests/kustomization.yaml << EOF | ||
resources: | ||
- ../../deploy/kubernetes | ||
images: | ||
- name: 'ghcr.io/airfocusio/kube-resourceless' | ||
newTag: '${1}' | ||
EOF | ||
kustomize build .tmp/manifests > .tmp/manifests/manifests.yaml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
apiVersion: admissionregistration.k8s.io/v1 | ||
kind: MutatingWebhookConfiguration | ||
metadata: | ||
name: kube-resourceless | ||
labels: | ||
app: kube-resourceless | ||
annotations: | ||
cert-manager.io/inject-ca-from: kube-resourceless/kube-resourceless | ||
webhooks: | ||
- admissionReviewVersions: | ||
- v1 | ||
clientConfig: | ||
service: | ||
namespace: kube-resourceless | ||
name: kube-resourceless | ||
port: 8443 | ||
path: "/mutate" | ||
failurePolicy: Fail | ||
name: kube-resourceless.airfocus.io | ||
namespaceSelector: | ||
matchExpressions: | ||
- key: kubernetes.io/metadata.name | ||
operator: NotIn | ||
values: | ||
- "kube-system" | ||
- "kube-resourceless" | ||
rules: | ||
- apiGroups: | ||
- "" | ||
apiVersions: | ||
- v1 | ||
operations: | ||
- CREATE | ||
- UPDATE | ||
resources: | ||
- pods | ||
sideEffects: None |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
apiVersion: v1 | ||
kind: Namespace | ||
metadata: | ||
name: kube-resourceless | ||
labels: | ||
app: kube-resourceless |
Oops, something went wrong.