Add required features

Signed-off-by: Tamal Saha <[email protected]>
kubeops · Feb 28, 2024 · 579c0d0 · 579c0d0
1 parent a1ce645
commit 579c0d0
Show file tree

Hide file tree

Showing 34 changed files with 917 additions and 17 deletions.
diff --git a/go.mod b/go.mod
@@ -42,11 +42,11 @@ require (
 	k8s.io/kube-state-metrics/v2 v2.7.0
 	kmodules.xyz/apiversion v0.2.0
 	kmodules.xyz/authorizer v0.29.0
-	kmodules.xyz/client-go v0.29.7
+	kmodules.xyz/client-go v0.29.12
 	kmodules.xyz/custom-resources v0.29.1
 	kmodules.xyz/go-containerregistry v0.0.12
 	kmodules.xyz/monitoring-agent-api v0.29.0
-	kmodules.xyz/resource-metadata v0.18.2-0.20240219094915-0a7ba5704897
+	kmodules.xyz/resource-metadata v0.18.2-0.20240228113134-63a3fce6587c
 	kmodules.xyz/resource-metrics v0.29.0
 	kmodules.xyz/sets v0.29.0
 	kubeops.dev/falco-ui-server v0.0.3

diff --git a/go.sum b/go.sum
@@ -3466,8 +3466,8 @@ kmodules.xyz/apiversion v0.2.0 h1:vAQYqZFm4xu4pbB1cAdHbFEPES6EQkcR4wc06xdTOWk=
 kmodules.xyz/apiversion v0.2.0/go.mod h1:oPX8g8LvlPdPX3Yc5YvCzJHQnw3YF/X4/jdW0b1am80=
 kmodules.xyz/authorizer v0.29.0 h1:ND8YGeyzExdZ8Bq5Z6UdFO794I6+oPuXbUMWyjlsYgM=
 kmodules.xyz/authorizer v0.29.0/go.mod h1:UQmE3sNXeliebUqjEeD9QYiY+Na27/C5Bg/ekVRfQ3U=
-kmodules.xyz/client-go v0.29.7 h1:ax1QB4CA2olWU+DsLHwSiK5xvLlxOBpMnJWSu+gvRi8=
-kmodules.xyz/client-go v0.29.7/go.mod h1:uzg0eWRy+KvxAcXRRu2KNJlVgXXYbTujAgwsz/XR5EU=
+kmodules.xyz/client-go v0.29.12 h1:OZV5a9fEJwx0XI8OJYDqYRuCEeJyhsZN0iUs1YCBeks=
+kmodules.xyz/client-go v0.29.12/go.mod h1:WYM/ZC3I5/AUGHYyYYEzYHFhnSwK+tEZyGld6KpLoxI=
 kmodules.xyz/crd-schema-fuzz v0.29.1 h1:zJTlWYOrT5dsVVHW8HGcnR/vaWfxQfNh11QwTtkYpcs=
 kmodules.xyz/crd-schema-fuzz v0.29.1/go.mod h1:n708z9YQqLMP2KNLQVgBcRJw1QpSWLvpNCEi+KJDOYE=
 kmodules.xyz/custom-resources v0.29.1 h1:xiNylhs3ILRbcUhxxy306AOy9GMA4Mq7xFIptZKgal4=
@@ -3478,8 +3478,8 @@ kmodules.xyz/monitoring-agent-api v0.29.0 h1:gpFl6OZrlMLb/ySMHdREI9EwGtnJ91oZBn9
 kmodules.xyz/monitoring-agent-api v0.29.0/go.mod h1:iNbvaMTgVFOI5q2LJtGK91j4Dmjv4ZRiRdasGmWLKQI=
 kmodules.xyz/offshoot-api v0.29.0 h1:GHLhxxT9jU1N8+FvOCCeJNyU5g0duYS46UGrs6AHNLY=
 kmodules.xyz/offshoot-api v0.29.0/go.mod h1:5NxhBblXoDHWStx9HCDJR2KFTwYjEZ7i1Id3jelIunw=
-kmodules.xyz/resource-metadata v0.18.2-0.20240219094915-0a7ba5704897 h1:mpv8wiSPScA763f0erwUozO3n1v0ALRw6hB+TTmca00=
-kmodules.xyz/resource-metadata v0.18.2-0.20240219094915-0a7ba5704897/go.mod h1:nWzNouxIj4fvirSS1mkWO9sm1GHCQLcxJL+IzMCKQgE=
+kmodules.xyz/resource-metadata v0.18.2-0.20240228113134-63a3fce6587c h1:3U5+AtvM5sz0ZnjL0fuZ9Ty+f5A4N9UDsAWmHDdHow8=
+kmodules.xyz/resource-metadata v0.18.2-0.20240228113134-63a3fce6587c/go.mod h1:nWzNouxIj4fvirSS1mkWO9sm1GHCQLcxJL+IzMCKQgE=
 kmodules.xyz/resource-metrics v0.29.0 h1:YBSVCbGdAugUqZK4igHu3fPhxvpYar4xejE6njryNM4=
 kmodules.xyz/resource-metrics v0.29.0/go.mod h1:OuG/QobZ7o8GFHl/u3lqaUR0fDZDegxtV8Vdh+MNBD4=
 kmodules.xyz/sets v0.29.0 h1:ZX/qOECzUob95JhhRtngJElHSlJ1UNNdwK4hTEy+nl0=

diff --git a/vendor/kmodules.xyz/client-go/api/v1/cluster.go b/vendor/kmodules.xyz/client-go/api/v1/cluster.go
@@ -49,15 +49,28 @@ type ClusterMetadata struct {
 	Provider    HostingProvider `json:"provider,omitempty" protobuf:"bytes,4,opt,name=provider,casttype=HostingProvider"`
 }
 
+/*
+ENUM(
+
+	ACE                         = 1
+	OCMHub                      = 2
+	OCMMulticlusterControlplane = 4
+	OCMSpoke                    = 8
+	OpenShift                   = 16
+	Rancher                     = 32
+	VirtualCluster              = 64
+
+)
+*/
 type ClusterManager int
 
 const (
 	ClusterManagerACE ClusterManager = 1 << iota
 	ClusterManagerOCMHub
-	ClusterManagerOCMSpoke
 	ClusterManagerOCMMulticlusterControlplane
-	ClusterManagerRancher
+	ClusterManagerOCMSpoke
 	ClusterManagerOpenShift
+	ClusterManagerRancher
 	ClusterManagerVirtualCluster
 )
 

diff --git a/vendor/kmodules.xyz/client-go/api/v1/cluster_enum.go b/vendor/kmodules.xyz/client-go/api/v1/cluster_enum.go
@@ -0,0 +1,84 @@
+/*
+Copyright AppsCode Inc. and Contributors
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1
+
+import (
+	"fmt"
+	"strings"
+)
+
+var ErrInvalidClusterManager = fmt.Errorf("not a valid ClusterManager, try [%s]", strings.Join(_ClusterManagerNames, ", "))
+
+const _ClusterManagerName = "ACEOCMHubOCMMulticlusterControlplaneOCMSpokeOpenShiftRancherVirtualCluster"
+
+var _ClusterManagerNames = []string{
+	_ClusterManagerName[0:3],
+	_ClusterManagerName[3:9],
+	_ClusterManagerName[9:36],
+	_ClusterManagerName[36:44],
+	_ClusterManagerName[44:53],
+	_ClusterManagerName[53:60],
+	_ClusterManagerName[60:74],
+}
+
+// ClusterManagerNames returns a list of possible string values of ClusterManager.
+func ClusterManagerNames() []string {
+	tmp := make([]string, len(_ClusterManagerNames))
+	copy(tmp, _ClusterManagerNames)
+	return tmp
+}
+
+// ClusterManagerValues returns a list of the values for ClusterManager
+func ClusterManagerValues() []ClusterManager {
+	return []ClusterManager{
+		ClusterManagerACE,
+		ClusterManagerOCMHub,
+		ClusterManagerOCMMulticlusterControlplane,
+		ClusterManagerOCMSpoke,
+		ClusterManagerOpenShift,
+		ClusterManagerRancher,
+		ClusterManagerVirtualCluster,
+	}
+}
+
+var _ClusterManagerMap = map[ClusterManager]string{
+	ClusterManagerACE:                         _ClusterManagerName[0:3],
+	ClusterManagerOCMHub:                      _ClusterManagerName[3:9],
+	ClusterManagerOCMMulticlusterControlplane: _ClusterManagerName[9:36],
+	ClusterManagerOCMSpoke:                    _ClusterManagerName[36:44],
+	ClusterManagerOpenShift:                   _ClusterManagerName[44:53],
+	ClusterManagerRancher:                     _ClusterManagerName[53:60],
+	ClusterManagerVirtualCluster:              _ClusterManagerName[60:74],
+}
+
+var _ClusterManagerValue = map[string]ClusterManager{
+	_ClusterManagerName[0:3]:   ClusterManagerACE,
+	_ClusterManagerName[3:9]:   ClusterManagerOCMHub,
+	_ClusterManagerName[9:36]:  ClusterManagerOCMMulticlusterControlplane,
+	_ClusterManagerName[36:44]: ClusterManagerOCMSpoke,
+	_ClusterManagerName[44:53]: ClusterManagerOpenShift,
+	_ClusterManagerName[53:60]: ClusterManagerRancher,
+	_ClusterManagerName[60:74]: ClusterManagerVirtualCluster,
+}
+
+// ParseClusterManager attempts to convert a string to a ClusterManager.
+func ParseClusterManager(name string) (ClusterManager, error) {
+	if x, ok := _ClusterManagerValue[name]; ok {
+		return x, nil
+	}
+	return ClusterManager(0), fmt.Errorf("%s is %w", name, ErrInvalidClusterManager)
+}
diff --git a/vendor/kmodules.xyz/client-go/apiextensions/v1/crd.go b/vendor/kmodules.xyz/client-go/apiextensions/v1/crd.go
@@ -18,6 +18,7 @@ package v1
 
 import (
 	"context"
+	"time"
 
 	"github.com/pkg/errors"
 	api "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
@@ -29,6 +30,10 @@ import (
 	kutil "kmodules.xyz/client-go"
 )
 
+const (
+	RetryTimeout = 10 * time.Minute
+)
+
 func CreateOrUpdateCustomResourceDefinition(
 	ctx context.Context,
 	c cs.Interface,
@@ -70,7 +75,7 @@ func TryUpdateCustomResourceDefinition(
 	opts metav1.UpdateOptions,
 ) (result *api.CustomResourceDefinition, err error) {
 	attempt := 0
-	err = wait.PollUntilContextTimeout(ctx, kutil.RetryInterval, kutil.RetryTimeout, true, func(ctx context.Context) (bool, error) {
+	err = wait.PollUntilContextTimeout(ctx, kutil.RetryInterval, RetryTimeout, true, func(ctx context.Context) (bool, error) {
 		attempt++
 		cur, e2 := c.ApiextensionsV1().CustomResourceDefinitions().Get(ctx, name, metav1.GetOptions{})
 		if kerr.IsNotFound(e2) {

diff --git a/vendor/kmodules.xyz/client-go/core/v1/kubernetes.go b/vendor/kmodules.xyz/client-go/core/v1/kubernetes.go
@@ -19,6 +19,8 @@ package v1
 import (
 	"sort"
 
+	"kmodules.xyz/client-go/meta"
+
 	jsoniter "github.com/json-iterator/go"
 	"gomodules.xyz/mergo"
 	core "k8s.io/api/core/v1"
@@ -108,6 +110,33 @@ func UpsertContainer(containers []core.Container, upsert core.Container) []core.
 	return append(containers, upsert)
 }
 
+func MergeContainer(container core.Container, containerTemplate core.Container) core.Container {
+	if len(containerTemplate.Command) > 0 {
+		container.Command = containerTemplate.Command
+	}
+	container.Args = meta.UpsertArgumentList(container.Args, containerTemplate.Args)
+	container.WorkingDir = containerTemplate.WorkingDir
+	container.EnvFrom = containerTemplate.EnvFrom
+	container.Env = UpsertEnvVars(container.Env, containerTemplate.Env...)
+	container.Ports = UpsertContainerPorts(container.Ports, containerTemplate.Ports...)
+	container.Resources = containerTemplate.Resources
+	container.ResizePolicy = containerTemplate.ResizePolicy
+	container.RestartPolicy = containerTemplate.RestartPolicy
+	container.VolumeMounts = UpsertVolumeMount(container.VolumeMounts, containerTemplate.VolumeMounts...)
+	container.VolumeDevices = containerTemplate.VolumeDevices
+	container.LivenessProbe = containerTemplate.LivenessProbe
+	container.ReadinessProbe = containerTemplate.ReadinessProbe
+	container.StartupProbe = containerTemplate.StartupProbe
+	container.Lifecycle = containerTemplate.Lifecycle
+	container.TerminationMessagePath = containerTemplate.TerminationMessagePath
+	container.TerminationMessagePolicy = containerTemplate.TerminationMessagePolicy
+	container.ImagePullPolicy = containerTemplate.ImagePullPolicy
+	container.SecurityContext = containerTemplate.SecurityContext
+	container.StdinOnce = containerTemplate.StdinOnce
+	container.TTY = containerTemplate.TTY
+	return container
+}
+
 func UpsertContainers(containers []core.Container, addons []core.Container) []core.Container {
 	out := containers
 	for _, c := range addons {
@@ -264,6 +293,26 @@ func EnsureVolumeMountDeletedByPath(mounts []core.VolumeMount, mountPath string)
 	return mounts
 }
 
+func UpsertContainerPorts(ports []core.ContainerPort, np ...core.ContainerPort) []core.ContainerPort {
+	upsert := func(p core.ContainerPort) {
+		for i, port := range ports {
+			if port.Name == p.Name {
+				err := mergo.Merge(&ports[i], p, mergo.WithOverride)
+				if err != nil {
+					panic(err)
+				}
+				return
+			}
+		}
+		ports = append(ports, p)
+	}
+
+	for _, port := range np {
+		upsert(port)
+	}
+	return ports
+}
+
 func GetEnvByName(envs []core.EnvVar, name string) *core.EnvVar {
 	for i := range envs {
 		if envs[i].Name == name {

diff --git a/vendor/kmodules.xyz/client-go/meta/hash.go b/vendor/kmodules.xyz/client-go/meta/hash.go
@@ -19,16 +19,24 @@ package meta
 import (
 	"fmt"
 	"hash"
-	"hash/fnv"
 	"reflect"
 	"strconv"
 
 	"github.com/davecgh/go-spew/spew"
 	"github.com/fatih/structs"
+	"github.com/zeebo/xxh3"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 )
 
+func ResourceHash(obj metav1.Object) string {
+	h := xxh3.New()
+	_, _ = h.WriteString(string(obj.GetUID()))
+	_, _ = h.WriteString(",")
+	_, _ = h.WriteString(strconv.FormatInt(obj.GetGeneration(), 10))
+	return strconv.FormatUint(h.Sum64(), 10)
+}
+
 // ObjectHash includes all top label fields (like data, spec) except TypeMeta, ObjectMeta and Status
 // also includes Generation, Annotation and Labels form ObjectMeta
 func ObjectHash(in metav1.Object) string {
@@ -57,7 +65,7 @@ func ObjectHash(in metav1.Object) string {
 		}
 	}
 
-	h := fnv.New64a()
+	h := xxh3.New()
 	DeepHashObject(h, obj)
 	return strconv.FormatUint(h.Sum64(), 10)
 }
@@ -77,7 +85,7 @@ func GenerationHash(in metav1.Object) string {
 		}
 		obj["annotations"] = data
 	}
-	h := fnv.New64a()
+	h := xxh3.New()
 	DeepHashObject(h, obj)
 	return strconv.FormatUint(h.Sum64(), 10)
 }

diff --git a/vendor/kmodules.xyz/client-go/policy/secomp/lib.go b/vendor/kmodules.xyz/client-go/policy/secomp/lib.go
@@ -37,7 +37,7 @@ func init() {
 			panic(err)
 		}
 		kc := kubernetes.NewForConfigOrDie(cfg)
-		yes, err := discovery.CheckAPIVersion(kc.Discovery(), ">= 1.27")
+		yes, err := discovery.CheckAPIVersion(kc.Discovery(), ">= 1.25")
 		if err != nil {
 			panic(err)
 		}

diff --git a/...r/kmodules.xyz/resource-metadata/hub/resourceblockdefinitions/cert-manager.io/v1/tls.yaml b/...r/kmodules.xyz/resource-metadata/hub/resourceblockdefinitions/cert-manager.io/v1/tls.yaml
@@ -16,6 +16,9 @@ spec:
     ref:
       group: cert-manager.io
       kind: Certificate
+    requiredFeatureSets:
+      opscenter-security:
+      - cert-manager
   - actions:
       create: Never
     displayMode: List
@@ -27,6 +30,9 @@ spec:
     ref:
       group: cert-manager.io
       kind: Issuer
+    requiredFeatureSets:
+      opscenter-security:
+      - cert-manager
   - actions:
       create: Never
     displayMode: List
@@ -38,6 +44,9 @@ spec:
     ref:
       group: cert-manager.io
       kind: ClusterIssuer
+    requiredFeatureSets:
+      opscenter-security:
+      - cert-manager
   - actions:
       create: Never
     displayMode: List

diff --git a/...ce-metadata/hub/resourceblockdefinitions/falco.appscode.com/v1alpha1/falcoevents-app.yaml b/...ce-metadata/hub/resourceblockdefinitions/falco.appscode.com/v1alpha1/falcoevents-app.yaml
@@ -16,5 +16,9 @@ spec:
     ref:
       group: falco.appscode.com
       kind: FalcoEvent
+    requiredFeatureSets:
+      opscenter-security:
+      - falco
+      - falco-ui-server
     view:
       name: falco.appscode.com-v1alpha1-falcoevents-app
diff --git a/vendor/kmodules.xyz/resource-metadata/hub/resourceblockdefinitions/policy/v1/policies.yaml b/vendor/kmodules.xyz/resource-metadata/hub/resourceblockdefinitions/policy/v1/policies.yaml
@@ -7,3 +7,9 @@ spec:
   blocks:
   - kind: Custom
     name: Policy Report
+    requiredFeatureSets:
+      opscenter-security:
+      - gatekeeper
+      - gatekeeper-constraints
+      - gatekeeper-grafana-dashboards
+      - gatekeeper-templates
diff --git a/.../kmodules.xyz/resource-metadata/hub/resourcedescriptors/kubedb.com/v1alpha2/mongodbs.yaml b/.../kmodules.xyz/resource-metadata/hub/resourcedescriptors/kubedb.com/v1alpha2/mongodbs.yaml
@@ -108,7 +108,7 @@ spec:
     command:
     - bash
     - -c
-    - mongo admin -u "$MONGO_INITDB_ROOT_USERNAME" -p "$MONGO_INITDB_ROOT_PASSWORD"
+    - mongosh admin -u "$MONGO_INITDB_ROOT_USERNAME" -p "$MONGO_INITDB_ROOT_PASSWORD"
     container: mongodb
     help: |
       show dbs;

diff --git a/...rce-metadata/hub/resourceeditors/catalog.kubeware.dev/v1alpha1/elasticsearchbindings.yaml b/...rce-metadata/hub/resourceeditors/catalog.kubeware.dev/v1alpha1/elasticsearchbindings.yaml
@@ -0,0 +1,26 @@
+apiVersion: ui.k8s.appscode.com/v1alpha1
+kind: ResourceEditor
+metadata:
+  creationTimestamp: null
+  labels:
+    k8s.io/group: catalog.kubeware.dev
+    k8s.io/kind: ElasticsearchBinding
+    k8s.io/resource: elasticsearchbindings
+    k8s.io/version: v1alpha1
+  name: catalog.kubeware.dev-v1alpha1-elasticsearchbindings
+spec:
+  resource:
+    group: catalog.kubeware.dev
+    kind: ElasticsearchBinding
+    name: elasticsearchbindings
+    scope: Namespaced
+    version: v1alpha1
+  ui:
+    editor:
+      name: catalogkubewaredev-elasticsearchbinding-editor
+      sourceRef:
+        apiGroup: source.toolkit.fluxcd.io
+        kind: HelmRepository
+        name: appscode-charts-oci
+      version: v0.4.18
+    enforceQuota: false