* operator/registration: switch to Kubebuilder client
Fixes#239
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* operator/registration: adapt tests to Kubebuilder client
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* unit-tests: vendor controller-runtime fake client
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* operator: add yaml annotations for correct marshalling
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* operator/RBAC: add "get" verb to ServiceAccount resources
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* operator: generate rbac
make generate-manifests
make build-rbac
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* Add elementalcli package
Create a separate package to deal with elemental-cli installation.
This brings the elemental-cli functions declared in the config package
to a new package that just parses a map[string]interface argument.
This is a step to enable usage of the elemental-cli functions with the
new elementalv1.Config.Elemental.Install type.
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* register: switch to Kubebuilder api
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* register: add mapstructure annotations for correct marshalling
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* register: reduce complexity of the run function
Make linter happy:
"cyclomatic complexity 16 of func `run` is high (> 15) (gocyclo)"
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* register: drop io/ioutil in favor of os package
io/ioutil is deprecated
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* Implement syncer logic as part of the ManagedOSVersionChannel controller
This commit adds the logic to synchronize managedosversionchannels
within the already existing controller.
* make generate
* make build-manifests
* Update chart
* update e2e tests
Signed-off-by: David Cassany <dcassany@suse.com>
* Update vendor
* Run generation tasks
* Minor fixes in Makefile
* Remove old code
* Add remaning controllers
* Minor e2e tests improvements
* Switch osversionchannel syncer to controll runtime
* Minor fixes in controllers
* Fix unit tests
* Add new package to Dockerfile
* Update dependencies
* Add unit test helpers
* Add new machine registration controller
* Remove old machine registration controller
* Add rbac tag for secrets
* Fix container argument in chart
* Add labels to all created resources
The right way to set labels for the MachineInventory objs is to set
them in the MachineRegistration:spec:machineInventoryLabels, which
will be processed by the operator.
Drop MachineRegistration spec:config:elemental:registration:labels.
Fixes#161
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
Till now, the attestation and communication with the elemental operator
were all demanded to the github.com/rancher-sandbox/go-tpm package.
Split TPM attestation from the communication with the elemental operator
demanding TPM authentication to the external library while taking full
control of the communication with the operator.
This doesn't introduce functional changes (so it will keep retrocompatibility
with the current elemental operator) and is a preparatory step to address
rancher/elemental-operator#5
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
Make sure we have a decent description for the --operator-image flag as
that is used down the line by the syncer to run the display command and
gather the results from the version syncer.
Also remove the default value for the flag. It makes no sense to have a
default value if we mark a flag as required, as that value will always
be overwritten by the flag.
Signed-off-by: Itxaka <igarcia@suse.com>
* Produce 2 binaries instead of one
This generates a different binary for the register command as to not
bundle it with the full operator.
On the makefile separated builds have been done for operator and
registry.
On the docker image a different container is created for the register
and pushed to a different repo as well.
For releases gorelease generates 2 different binaries.
Signed-off-by: Itxaka <igarcia@suse.com>
This commit uses /oem/registration as the default directory
to load configuration from in elemental-opertator register command
Signed-off-by: David Cassany <dcassany@suse.com>
We now process the cacert as a file path: the yaml file from kubernetes
anyway passes it as the acutal cert data. Manage both cases.
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
* Some register fixes
- Add debug flag for debug loggin
- Add docs to command
- Add docs to flags
- Pass the cacert via a file, NOT via string
- Rename var config so it doesnt clash with imported package name
Signed-off-by: Itxaka <igarcia@suse.com>
The elemental-operator register command, after retrieving the config
registration will directly call the elemental cli to start the actual
installation process.
Co-authored-by: David Cassany <dcassany@suse.com>
Co-authored-by: Francesco Giudici <francesco.giudici@suse.com>
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
Co-authored-by: Itxaka <igarcia@suse.com>
* Generate v3.Setting code
Signed-off-by: Itxaka <igarcia@suse.com>
* Use the rancher cacerts for the registration
Also drops the cacert passing via chart, adds proper permissions to the
settings resource, adds the cache index and checks that indeed we are
returning a cacert on the registration url
Signed-off-by: Itxaka <igarcia@suse.com>
* fix lint
Signed-off-by: Itxaka <igarcia@suse.com>
* Drop manual rancherl-url and get the rancher url automatically
Drop any manual setup of rancher-url and use the settings to get the set
rancher-url
Signed-off-by: Itxaka <igarcia@suse.com>
* Small fix for getRancherCACert
Signed-off-by: Itxaka <igarcia@suse.com>
* Fix test setting the wrong url
Signed-off-by: Itxaka <igarcia@suse.com>
This commit makes sure elemental-operator and elemental-installer are
using the same structures to describe and define the elemental-cli
installation.
Signed-off-by: David Cassany <dcassany@suse.com>
There seems to have some confusion between the namespace of the operator
to run on and the namespaces we want the operator to watch
This restores the sync_namespaces so the operator can watch all
namespaces and sets teh namespace option to be where the operator is
runnig, needed for things like the registration url to be properly
served
Signed-off-by: Itxaka <igarcia@suse.com>
For some reson copying the file to stdout produces an empty line which
breaks reading from it, restore it to how it was
Signed-off-by: Itxaka <igarcia@suse.com>
Remove all the mentions to rancheros-operator in tests, imports and
dependencies.
Restore e2e scripts and test targets on makefile
Fix all lint issues
Signed-off-by: Itxaka <igarcia@suse.com>
* Move main into a cmd/operator package
* Add elemental-installer
* Adding installer unit tests
* Update Makefile
* Update .github/workflows/unit-tests.yaml
* Adapat Dockerfile and golreleaser to keep releasing and building elemental-operator as they used to
Signed-off-by: David Cassany <dcassany@suse.com>
Co-authored-by: Itxaka <igarcia@suse.com>
- Drops everything not needed for ros-operator
- New simple Dockerfile
- New jobs based on ros-operator only
- Remove uneeded tests
- Remove dependency on os2 images for integration tests
- Use gorelease to release ros-operator binaries
- Use docker to push ci images to ros-operator-ci registry on PR
- Use docker to push master/tag images to ros-operator registry
- Build chart indepently
- Have a null test CI job for future integration tests
Signed-off-by: Itxaka <igarcia@suse.com>
* Allow to specify a upgradeContainerSpec on ManagedOS
https://github.com/rancher-sandbox/os2/issues/59
Signed-off-by: Ettore Di Giacinto <edigiacinto@suse.com>
* Run go generate and update wrangler
Also pin golang.org/x/tools to latest, to workaround
https://github.com/golang/go/issues/37617
Signed-off-by: Ettore Di Giacinto <edigiacinto@suse.com>
* Update docs
Signed-off-by: Ettore Di Giacinto <edigiacinto@suse.com>
* Adapt to new wrangler signal context
9460166aed
Signed-off-by: Ettore Di Giacinto <edigiacinto@suse.com>
* Fixup license headers
Signed-off-by: Ettore Di Giacinto <edigiacinto@suse.com>
Alexander Demicev