Skip to content
This repository has been archived by the owner on Dec 16, 2024. It is now read-only.

WIP Use DNSProvider secret ref in DNSPolicy #636

Closed
wants to merge 4 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
50 changes: 22 additions & 28 deletions .github/workflows/ci-e2e.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ on:
branches:
- main
- "release-*"
- 406_dnspolicy_provider_ref
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ToDo Remove this before merge

tags:
- "v[0-9]+.[0-9]+.[0-9]+"
paths-ignore:
Expand Down Expand Up @@ -43,24 +44,6 @@ jobs:
- uses: actions/setup-go@v4
with:
go-version: "1.21.x"
- name: Create controller-config.env
run: |
echo "AWS_DNS_PUBLIC_ZONE_ID=${{ secrets.E2E_AWS_DNS_PUBLIC_ZONE_ID }}" >> controller-config.env
echo "ZONE_ROOT_DOMAIN=${{ secrets.E2E_AWS_DNS_PUBLIC_ZONE_NAME }}" >> controller-config.env
echo "ZONE_NAME=${{ secrets.E2E_GCP_ZONE_NAME }}" >> controller-config.env
echo "ZONE_DNS_NAME=${{ secrets.E2E_GCP_ZONE_DNS_NAME }}" >> controller-config.env

- name: Create aws-credentials.env
run: |
echo "AWS_ACCESS_KEY_ID=${{ secrets.E2E_AWS_ACCESS_KEY_ID }}" >> aws-credentials.env
echo "AWS_SECRET_ACCESS_KEY=${{ secrets.E2E_AWS_SECRET_ACCESS_KEY }}" >> aws-credentials.env
echo "AWS_REGION=${{ env.AWS_REGION }}" >> aws-credentials.env
- name: Create gcp-credentials.env
run: |
secret="${{ secrets.E2E_GOOGLE }}"
decoded=$(echo "$secret" | base64 --decode )
echo "GOOGLE=$decoded" >> gcp-credentials.env
echo "PROJECT_ID=${{ secrets.E2E_PROJECT_ID }}" >> gcp-credentials.env
- name: Setup environment
run: |
export OCM_SINGLE=1
Expand All @@ -74,31 +57,42 @@ jobs:
kubectl --context kind-mgc-control-plane -n multicluster-gateway-controller-system wait --timeout=300s --for=condition=Available deployment/mgc-policy-controller
kubectl --context kind-mgc-control-plane logs --all-containers --ignore-errors deployment/mgc-controller-manager -n multicluster-gateway-controller-system
kubectl --context kind-mgc-control-plane logs --all-containers --ignore-errors deployment/mgc-policy-controller -n multicluster-gateway-controller-system
kubectl get managedzones -n multi-cluster-gateways mgc-dev-mz-aws -o yaml
kubectl --context kind-mgc-control-plane -n multi-cluster-gateways wait --timeout=60s --for=condition=Ready managedzone/mgc-dev-mz-aws
kubectl get managedzones -n multi-cluster-gateways mgc-dev-mz-gcp -o yaml
kubectl --context kind-mgc-control-plane -n multi-cluster-gateways wait --timeout=60s --for=condition=Ready managedzone/mgc-dev-mz-gcp
- name: Create AWS provider secret
run: |
echo "{\"zoneIDFilter\": [], \"domainFilter\": [\"e2e.hcpapps.net\"]}" > e2e-test-aws-provider-config.json
kubectl create secret generic e2e-test-aws-credentials -n multi-cluster-gateways \
--type=kuadrant.io/aws \
--from-literal=AWS_ACCESS_KEY_ID=${{ secrets.E2E_AWS_ACCESS_KEY_ID }} \
--from-literal=AWS_SECRET_ACCESS_KEY=${{ secrets.E2E_AWS_SECRET_ACCESS_KEY }} \
--from-file=CONFIG=e2e-test-aws-provider-config.json
- name: Create GCP provider secret
run: |
secret="${{ secrets.E2E_GOOGLE }}"
decoded=$(echo "$secret" | base64 --decode )
echo "$decoded" >> gcp_credentials.json
echo "{\"zoneIDFilter\": [], \"domainFilter\": [\"e2e.google.hcpapps.net\"]}" > e2e-test-gcp-provider-config.json
kubectl create secret generic e2e-test-gcp-credentials -n multi-cluster-gateways \
--type=kuadrant.io/gcp \
--from-literal=PROJECT_ID=${{ secrets.E2E_PROJECT_ID }} \
--from-file=GOOGLE=gcp_credentials.json \
--from-file=CONFIG=e2e-test-gcp-provider-config.json
- name: Run suite AWS
run: |
export OCM_SINGLE=1
export TEST_HUB_NAMESPACE=multi-cluster-gateways
export TEST_HUB_KUBE_CONTEXT=kind-mgc-control-plane
export TEST_DNS_PROVIDER_SECRET_NAME=mgc-aws-credentials
export TEST_DNS_PROVIDER_SECRET_NAME=e2e-test-aws-credentials
export TEST_DNS_ZONE_DOMAIN_NAME=e2e.hcpapps.net
export TEST_DNS_ZONE_ID=Z086929132US3PB46EOLR
export TEST_MANAGED_ZONE=${{ secrets.E2E_AWS_DNS_PUBLIC_ZONE_NAME }}
export TEST_MANAGED_ZONE_NAME=mgc-dev-mz-aws
make test-e2e
- name: Run suite GCP
run: |
export OCM_SINGLE=1
export TEST_HUB_NAMESPACE=multi-cluster-gateways
export TEST_HUB_KUBE_CONTEXT=kind-mgc-control-plane
export TEST_DNS_PROVIDER_SECRET_NAME=mgc-gcp-credentials
export TEST_DNS_PROVIDER_SECRET_NAME=e2e-test-gcp-credentials
export TEST_DNS_ZONE_DOMAIN_NAME=e2e.google.hcpapps.net
export TEST_DNS_ZONE_ID=e2e-google-hcpapps-net
export TEST_MANAGED_ZONE=${{ secrets.E2E_GCP_ZONE_DNS_NAME }}
export TEST_MANAGED_ZONE_NAME=mgc-dev-mz-gcp
make test-e2e
- name: Dump Gateway Controller logs
if: ${{ failure() }}
Expand Down
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ gateway-manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole

.PHONY: policy-manifests
policy-manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects.
$(CONTROLLER_GEN) rbac:roleName=policy-role paths="./pkg/controllers/dnshealthcheckprobe" paths="./pkg/controllers/dnspolicy" paths="./pkg/controllers/dnsrecord" paths="./pkg/controllers/managedzone" paths="./pkg/controllers/tlspolicy" output:rbac:dir=config/policy-controller/rbac
$(CONTROLLER_GEN) rbac:roleName=policy-role paths="./pkg/controllers/dnshealthcheckprobe" paths="./pkg/controllers/dnspolicy" paths="./pkg/controllers/dnsrecord" paths="./pkg/controllers/tlspolicy" output:rbac:dir=config/policy-controller/rbac
$(CONTROLLER_GEN) crd paths="./..." output:crd:artifacts:config=config/policy-controller/crd/bases

.PHONY: manifests
Expand Down
8 changes: 0 additions & 8 deletions PROJECT
Original file line number Diff line number Diff line change
Expand Up @@ -11,14 +11,6 @@ resources:
kind: DNSRecord
path: github.com/Kuadrant/multicluster-gateway-controller/pkg/apis/v1alpha1
version: v1
- api:
crdVersion: v1
namespaced: true
controller: true
group: kuadrant.io
kind: ManagedZone
path: github.com/Kuadrant/multicluster-gateway-controller/api/v1alpha1
version: v1alpha1
- controller: true
domain: kuadrant.io
group: gateway.networking.k8s.io
Expand Down
10 changes: 9 additions & 1 deletion bundle/manifests/kuadrant.io_dnspolicies.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ spec:
jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
name: v1alpha1
name: v1alpha2
schema:
openAPIV3Schema:
description: DNSPolicy is the Schema for the dnspolicies API
Expand Down Expand Up @@ -156,6 +156,13 @@ spec:
type: integer
type: object
type: object
providerRef:
properties:
name:
type: string
required:
- name
type: object
routingStrategy:
default: loadbalanced
enum:
Expand Down Expand Up @@ -201,6 +208,7 @@ spec:
- name
type: object
required:
- providerRef
- routingStrategy
- targetRef
type: object
Expand Down
10 changes: 6 additions & 4 deletions bundle/manifests/kuadrant.io_dnsrecords.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ spec:
jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
name: v1alpha1
name: v1alpha2
schema:
openAPIV3Schema:
description: DNSRecord is the Schema for the dnsrecords API
Expand Down Expand Up @@ -85,15 +85,17 @@ spec:
type: object
minItems: 1
type: array
managedZone:
description: ManagedZoneReference holds a reference to a ManagedZone
providerRef:
properties:
name:
description: '`name` is the name of the managed zone. Required'
type: string
required:
- name
type: object
zoneID:
type: string
required:
- providerRef
type: object
status:
description: DNSRecordStatus defines the observed state of DNSRecord
Expand Down
196 changes: 0 additions & 196 deletions bundle/manifests/kuadrant.io_managedzones.yaml

This file was deleted.

Loading
Loading