Add deploy and build manifests

.github/actions/kubebuilder/Dockerfile

@@ -0,0 +1,6 @@
+FROM giantswarm/tiny-tools
+
+COPY entrypoint.sh /entrypoint.sh
+RUN chmod +x /entrypoint.sh
+
+ENTRYPOINT ["/entrypoint.sh"]

.github/actions/kubebuilder/action.yml

@@ -0,0 +1,9 @@
+name: 'kubebuilder'
+description: 'A GitHub Action to run kubebuilder commands'
+author: 'Stefan Prodan'
+branding:
+  icon: 'command'
+  color: 'blue'
+runs:
+  using: 'docker'
+  image: 'Dockerfile'

.github/actions/kubebuilder/entrypoint.sh

@@ -0,0 +1,12 @@
+#!/bin/sh -l
+
+VERSION=2.3.1
+
+curl -sL https://go.kubebuilder.io/dl/${VERSION}/linux/amd64 | tar -xz -C /tmp/
+
+mkdir -p $GITHUB_WORKSPACE/kubebuilder
+mv /tmp/kubebuilder_${VERSION}_linux_amd64/* $GITHUB_WORKSPACE/kubebuilder/
+ls -lh $GITHUB_WORKSPACE/kubebuilder/bin
+
+echo "::add-path::$GITHUB_WORKSPACE/kubebuilder/bin"
+echo "::add-path::$RUNNER_WORKSPACE/$(basename $GITHUB_REPOSITORY)/kubebuilder/bin"

.github/actions/kustomize/Dockerfile

@@ -0,0 +1,6 @@
+FROM giantswarm/tiny-tools
+
+COPY entrypoint.sh /entrypoint.sh
+RUN chmod +x /entrypoint.sh
+
+ENTRYPOINT ["/entrypoint.sh"]

.github/actions/kustomize/action.yml

@@ -0,0 +1,9 @@
+name: 'kustomize'
+description: 'A GitHub Action to run kustomize commands'
+author: 'Stefan Prodan'
+branding:
+  icon: 'command'
+  color: 'blue'
+runs:
+  using: 'docker'
+  image: 'Dockerfile'

.github/actions/kustomize/entrypoint.sh

@@ -0,0 +1,12 @@
+#!/bin/sh -l
+
+VERSION=3.1.0
+curl -sfLo kustomize https://github.com/kubernetes-sigs/kustomize/releases/download/v${VERSION}/kustomize_${VERSION}_linux_amd64
+
+mkdir -p $GITHUB_WORKSPACE/bin
+cp ./kustomize $GITHUB_WORKSPACE/bin
+chmod +x $GITHUB_WORKSPACE/bin/kustomize
+ls -lh $GITHUB_WORKSPACE/bin
+
+echo "::add-path::$GITHUB_WORKSPACE/bin"
+echo "::add-path::$RUNNER_WORKSPACE/$(basename $GITHUB_REPOSITORY)/bin"

.github/workflows/e2e.yaml

@@ -0,0 +1,41 @@
+name: e2e
+
+on:
+  pull_request:
+  push:
+    branches:
+      - master
+
+jobs:
+  kind:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Restore Go cache
+        uses: actions/cache@v1
+        with:
+          path: ~/go/pkg/mod
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-go-
+      - name: Setup Go
+        uses: actions/setup-go@v2-beta
+        with:
+          go-version: 1.14.x
+      - name: Setup Kubernetes
+        uses: engineerd/setup-kind@v0.3.0
+      - name: Setup Kustomize
+        uses: ./.github/actions/kustomize
+      - name: Setup Kubebuilder
+        uses: ./.github/actions/kubebuilder
+      - name: Run tests
+        run: make test
+        env:
+          KUBEBUILDER_ASSETS: ${{ github.workspace }}/kubebuilder/bin
+      - name: Check if working tree is dirty
+        run: |
+          if [[ $(git diff --stat) != '' ]]; then
+            echo 'run make test and commit changes'
+            exit 1
+          fi

.github/workflows/release.yml

@@ -0,0 +1,49 @@
+name: release
+on:
+  push:
+    tags:
+      - 'v*'
+
+jobs:
+  build-push:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Setup Kustomize
+        uses: ./.github/actions/kustomize
+      - name: Generate release asset
+        run: |
+          mkdir -p config/release
+          cp config/default/* config/release
+          cd config/release
+          kustomize edit set image fluxcd/kustomize-controller=fluxcd/kustomize-controller:${{ github.ref }}
+          kustomize build . > source-controller.yaml
+      - name: Push image
+        uses: docker/build-push-action@v1
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+          repository: fluxcd/kustomize-controller
+          tag_with_ref: true
+      - name: Create release
+        id: create_release
+        uses: actions/create-release@latest
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: ${{ github.ref }}
+          release_name: ${{ github.ref }}
+          draft: false
+          prerelease: true
+          body: |
+            [CHANGELOG](https://github.com/fluxcd/kustomize-controller/blob/master/CHANGELOG.md)
+      - name: Upload artifacts
+        id: upload-release-asset
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.create_release.outputs.upload_url }}
+          asset_path: ./config/release/kustomize-controller.yaml
+          asset_name: kustomize-controller.yaml
+          asset_content_type: text/plain

Dockerfile

@@ -1,27 +1,37 @@
-# Build the manager binary
 FROM golang:1.13 as builder
 
 WORKDIR /workspace
-# Copy the Go Modules manifests
+
+RUN kustomize_ver=3.5.4 && \
+kustomize_url=https://github.com/kubernetes-sigs/kustomize/releases/download && \
+curl -sL ${kustomize_url}/kustomize%2Fv${kustomize_ver}/kustomize_v${kustomize_ver}_linux_amd64.tar.gz | \
+tar xz && mv kustomize /usr/local/bin/kustomize
+
+RUN kubectl_ver=1.18.0 && \
+curl -sL https://storage.googleapis.com/kubernetes-release/release/v${kubectl_ver}/bin/linux/amd64/kubectl \
+-o /usr/local/bin/kubectl && chmod +x /usr/local/bin/kubectl
+
+# copy modules manifests
 COPY go.mod go.mod
 COPY go.sum go.sum
-# cache deps before building and copying source so that we don't need to re-download as much
-# and so that source changes don't invalidate our downloaded layer
+
+# cache modules
 RUN go mod download
 
-# Copy the go source
+# copy source code
 COPY main.go main.go
 COPY api/ api/
 COPY controllers/ controllers/
 
-# Build
-RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 GO111MODULE=on go build -a -o manager main.go
+# build
+RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 GO111MODULE=on go build -a -o kustomize-controller main.go
 
-# Use distroless as minimal base image to package the manager binary
-# Refer to https://github.com/GoogleContainerTools/distroless for more details
-FROM gcr.io/distroless/static:nonroot
-WORKDIR /
-COPY --from=builder /workspace/manager .
-USER nonroot:nonroot
+FROM alpine:3.11
 
-ENTRYPOINT ["/manager"]
+RUN apk add --no-cache openssh-client ca-certificates tini 'git>=2.12.0' socat curl bash
+
+COPY --from=builder /usr/local/bin/kustomize /usr/local/bin/kustomize
+COPY --from=builder /usr/local/bin/kubectl /usr/local/bin/kubectl
+COPY --from=builder /workspace/kustomize-controller /usr/local/bin/
+
+ENTRYPOINT [ "/sbin/tini", "--", "kustomize-controller" ]

Makefile

@@ -1,8 +1,8 @@
 
 # Image URL to use all building/pushing image targets
-IMG ?= controller:latest
-# Produce CRDs that work back to Kubernetes 1.11 (no version conversion)
-CRD_OPTIONS ?= "crd:trivialVersions=true"
+IMG ?= fluxcd/kustomize-controller:latest
+# Produce CRDs that work back to Kubernetes 1.13
+CRD_OPTIONS ?= crd
 
 # Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)
 ifeq (,$(shell go env GOBIN))
@@ -35,12 +35,26 @@ uninstall: manifests
 
 # Deploy controller in the configured Kubernetes cluster in ~/.kube/config
 deploy: manifests
-	cd config/manager && kustomize edit set image controller=${IMG}
+	cd config/manager && kustomize edit set image fluxcd/kustomize-controller=${IMG}
 	kustomize build config/default | kubectl apply -f -
 
+# Deploy controller dev image in the configured Kubernetes cluster in ~/.kube/config
+dev-deploy: manifests
+	mkdir -p config/dev && cp config/default/* config/dev
+	cd config/dev && kustomize edit set image fluxcd/kustomize-controller=${IMG}
+	kustomize build config/dev | kubectl apply -f -
+	rm -rf config/dev
+
+# Delete dev deployment and CRDs
+dev-cleanup: manifests
+	mkdir -p config/dev && cp config/default/* config/dev
+	cd config/dev && kustomize edit set image fluxcd/kustomize-controller=${IMG}
+	kustomize build config/dev | kubectl delete -f -
+	rm -rf config/dev
+
 # Generate manifests e.g. CRD, RBAC etc.
 manifests: controller-gen
-	$(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role webhook paths="./..." output:crd:artifacts:config=config/crd/bases
+	$(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role paths="./..." output:crd:artifacts:config=config/crd/bases
 
 # Run go fmt against code
 fmt:
@@ -55,7 +69,7 @@ generate: controller-gen
 	$(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="./..."
 
 # Build the docker image
-docker-build: test
+docker-build:
 	docker build . -t ${IMG}
 
 # Push the docker image

config/default/kustomization.yaml

@@ -1,9 +1,9 @@
-namespace: kustomize-controller-system
-namePrefix: kustomize-controller-
-
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: kustomize-system
+namePrefix: kustomize-
 bases:
 - ../crd
 - ../rbac
 - ../manager
 
-

config/manager/deployment.yaml

@@ -1,10 +1,3 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  labels:
-    control-plane: controller-manager
-  name: system
----
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -21,19 +14,24 @@ spec:
     metadata:
       labels:
         control-plane: controller-manager
+      annotations:
+        prometheus.io/scrape: "true"
+        prometheus.io/port: "8282"
     spec:
       containers:
-      - command:
-        - /manager
+      - name: manager
+        image: fluxcd/kustomize-controller
+        imagePullPolicy: IfNotPresent
+        ports:
+          - containerPort: 8282
+            name: http-prom
         args:
         - --enable-leader-election
-        image: controller:latest
-        name: manager
         resources:
           limits:
-            cpu: 100m
-            memory: 30Mi
+            cpu: 1000m
+            memory: 1Gi
           requests:
             cpu: 100m
-            memory: 20Mi
+            memory: 64Mi
       terminationGracePeriodSeconds: 10

config/manager/kustomization.yaml

@@ -1,2 +1,9 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
 resources:
-- manager.yaml
+  - namespace.yaml
+  - deployment.yaml
+images:
+  - name: fluxcd/kustomize-controller
+    newName: fluxcd/kustomize-controller
+    newTag: latest

config/manager/namespace.yaml

@@ -0,0 +1,6 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  labels:
+    control-plane: controller
+  name: system

config/rbac/cluster_role.yaml

@@ -0,0 +1,10 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: reconciler-role
+rules:
+  - apiGroups: ['*']
+    resources: ['*']
+    verbs: ['*']
+  - nonResourceURLs: ['*']
+    verbs: ['*']

config/rbac/cluster_role_binding.yaml

@@ -0,0 +1,12 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: reconciler-rolebinding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: reconciler-role
+subjects:
+  - kind: ServiceAccount
+    name: default
+    namespace: system

config/rbac/kustomization.yaml

@@ -3,4 +3,5 @@ resources:
 - role_binding.yaml
 - leader_election_role.yaml
 - leader_election_role_binding.yaml
-
+- cluster_role.yaml
+- cluster_role_binding.yaml

config/rbac/role.yaml

@@ -26,3 +26,17 @@ rules:
   - get
   - patch
   - update
+- apiGroups:
+  - source.fluxcd.io
+  resources:
+  - gitrepositories
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - source.fluxcd.io
+  resources:
+  - gitrepositories/status
+  verbs:
+  - get

config/samples/kustomize_v1alpha1_kustomization.yaml

@@ -1,9 +1,25 @@
 apiVersion: kustomize.fluxcd.io/v1alpha1
 kind: Kustomization
 metadata:
-  name: podinfo
+  name: podinfo-dev
+  annotations:
+    kustomize.fluxcd.io/syncAt: "2020-04-15T15:39:52+03:00"
 spec:
-  path: "./kustomize/"
-  label: "app=podinfo"
+  interval: 1m
+  path: "./overlays/dev/"
+  prune: "env=dev"
+  gitRepositoryRef:
+    name: podinfo
+---
+apiVersion: kustomize.fluxcd.io/v1alpha1
+kind: Kustomization
+metadata:
+  name: podinfo-staging
+  annotations:
+    kustomize.fluxcd.io/syncAt: "2020-04-15T15:39:52+03:00"
+spec:
+  interval: 1m
+  path: "./overlays/staging/"
+  prune: "env=staging"
   gitRepositoryRef:
     name: podinfo

config/samples/source_v1alpha1_gitrepository.yaml

@@ -0,0 +1,11 @@
+apiVersion: source.fluxcd.io/v1alpha1
+kind: GitRepository
+metadata:
+  name: podinfo
+  annotations:
+    source.fluxcd.io/syncAt: "2020-04-06T15:39:52+03:00"
+spec:
+  interval: 1m
+  url: https://github.com/stefanprodan/podinfo-deploy
+  ref:
+    branch: master