Skip to content

Commit

Permalink
feat: Add NexusScript custom resource (#17)
Browse files Browse the repository at this point in the history
Change-Id: I2df6c897ace09dbac3705544f97a77812eb25923
  • Loading branch information
zmotso committed Dec 28, 2023
1 parent 92cb8e7 commit 10d88f6
Show file tree
Hide file tree
Showing 40 changed files with 2,239 additions and 70 deletions.
11 changes: 11 additions & 0 deletions .mockery.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
with-expecter: True
inpackage: False
dir: "{{.InterfaceDir}}/mocks"
mockname: "Mock{{.InterfaceName}}"
outpkg: "mocks"
filename: "{{.InterfaceName | lower}}_mock.go"
all: True
packages:
github.com/epam/edp-nexus-operator/pkg/client/nexus:
config:
recursive: True
10 changes: 9 additions & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ GIT_COMMIT=$(shell git rev-parse HEAD)
GIT_TAG=$(shell if [ -z "`git status --porcelain`" ]; then git describe --exact-match --tags HEAD 2>/dev/null; fi)
KUBECTL_VERSION=$(shell go list -m all | grep k8s.io/client-go| cut -d' ' -f2)
ENVTEST ?= $(LOCALBIN)/setup-envtest
ENVTEST_K8S_VERSION = 1.23.5
ENVTEST_K8S_VERSION = 1.27.1

override LDFLAGS += \
-X ${PACKAGE}.version=${VERSION} \
Expand Down Expand Up @@ -190,3 +190,11 @@ ENVTEST=$(LOCALBIN)/setup-envtest
envtest: $(ENVTEST) ## Download envtest-setup locally if necessary.
$(ENVTEST): $(LOCALBIN)
$(call go-get-tool,$(ENVTEST),sigs.k8s.io/controller-runtime/tools/setup-envtest,latest)

mocks:
$(MOCKERY)

MOCKERY = $(LOCALBIN)/mockery
.PHONY: mockery
mockery: ## Download mockery locally if necessary.
$(call go-get-tool,$(MOCKERY),github.com/vektra/mockery/v2,v2.38.0)
9 changes: 9 additions & 0 deletions PROJECT
Original file line number Diff line number Diff line change
Expand Up @@ -47,4 +47,13 @@ resources:
kind: NexusRepository
path: github.com/epam/edp-nexus-operator/api/v1alpha1
version: v1alpha1
- api:
crdVersion: v1
namespaced: true
controller: true
domain: epam.com
group: edp
kind: NexusScript
path: github.com/epam/edp-nexus-operator/api/v1alpha1
version: v1alpha1
version: "3"
75 changes: 75 additions & 0 deletions api/v1alpha1/nexusscript_types.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,75 @@
package v1alpha1

import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"

"github.com/epam/edp-nexus-operator/api/common"
)

// NexusScriptSpec defines the desired state of NexusScript.
type NexusScriptSpec struct {
// Name is the id of the script.
// Name should be unique across all scripts.
// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="Value is immutable"
// +kubebuilder:validation:MaxLength=512
// +required
// +kubebuilder:example="anonymous"
Name string `json:"name"`

// Content is the content of the script.
// +required
// +kubebuilder:example="security.setAnonymousAccess(Boolean.valueOf(args))"
Content string `json:"content"`

// Payload is the payload of the script.
// +optional
// +kubebuilder:example="true"
Payload string `json:"payload,omitempty"`

// NexusRef is a reference to Nexus custom resource.
// +required
NexusRef common.NexusRef `json:"nexusRef"`
}

// NexusScriptStatus defines the observed state of NexusScript.
type NexusScriptStatus struct {
// Value is a status of the script.
// +optional
Value string `json:"value,omitempty"`

// Error is an error message if something went wrong.
// +optional
Error string `json:"error,omitempty"`

// Executed defines if script was executed.
Executed bool `json:"executed,omitempty"`
}

//+kubebuilder:object:root=true
//+kubebuilder:subresource:status

// NexusScript is the Schema for the nexusscripts API.
type NexusScript struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`

Spec NexusScriptSpec `json:"spec,omitempty"`
Status NexusScriptStatus `json:"status,omitempty"`
}

func (in *NexusScript) GetNexusRef() common.NexusRef {
return in.Spec.NexusRef
}

//+kubebuilder:object:root=true

// NexusScriptList contains a list of NexusScript.
type NexusScriptList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []NexusScript `json:"items"`
}

func init() {
SchemeBuilder.Register(&NexusScript{}, &NexusScriptList{})
}
90 changes: 90 additions & 0 deletions api/v1alpha1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

89 changes: 89 additions & 0 deletions config/crd/bases/edp.epam.com_nexusscripts.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,89 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.13.0
name: nexusscripts.edp.epam.com
spec:
group: edp.epam.com
names:
kind: NexusScript
listKind: NexusScriptList
plural: nexusscripts
singular: nexusscript
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: NexusScript is the Schema for the nexusscripts API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: NexusScriptSpec defines the desired state of NexusScript.
properties:
content:
description: Content is the content of the script.
example: security.setAnonymousAccess(Boolean.valueOf(args))
type: string
name:
description: Name is the id of the script. Name should be unique across
all scripts.
example: anonymous
maxLength: 512
type: string
x-kubernetes-validations:
- message: Value is immutable
rule: self == oldSelf
nexusRef:
description: NexusRef is a reference to Nexus custom resource.
properties:
kind:
default: Nexus
description: Kind specifies the kind of the Nexus resource.
type: string
name:
description: Name specifies the name of the Nexus resource.
type: string
required:
- name
type: object
payload:
description: Payload is the payload of the script.
example: "true"
type: string
required:
- content
- name
- nexusRef
type: object
status:
description: NexusScriptStatus defines the observed state of NexusScript.
properties:
error:
description: Error is an error message if something went wrong.
type: string
executed:
description: Executed defines if script was executed.
type: boolean
value:
description: Value is a status of the script.
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}
3 changes: 3 additions & 0 deletions config/crd/kustomization.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ resources:
- bases/edp.epam.com_nexusroles.yaml
- bases/edp.epam.com_nexususers.yaml
- bases/edp.epam.com_nexusrepositories.yaml
- bases/edp.epam.com_nexusscripts.yaml
#+kubebuilder:scaffold:crdkustomizeresource

patchesStrategicMerge:
Expand All @@ -15,6 +16,7 @@ patchesStrategicMerge:
#- patches/webhook_in_nexusroles.yaml
#- patches/webhook_in_nexususers.yaml
#- patches/webhook_in_nexusrepositories.yaml
#- patches/webhook_in_nexusscripts.yaml
#+kubebuilder:scaffold:crdkustomizewebhookpatch

# [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix.
Expand All @@ -23,6 +25,7 @@ patchesStrategicMerge:
#- patches/cainjection_in_nexususers.yaml
#- patches/cainjection_in_nexusroles.yaml
#- patches/cainjection_in_nexusrepositories.yaml
#- patches/cainjection_in_nexusscripts.yaml
#+kubebuilder:scaffold:crdkustomizecainjectionpatch

# the following config is for teaching kustomize how to do kustomization for CRDs.
Expand Down
7 changes: 7 additions & 0 deletions config/crd/patches/cainjection_in_nexusscripts.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
# The following patch adds a directive for certmanager to inject CA into the CRD
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
name: nexusscripts.edp.epam.com
16 changes: 16 additions & 0 deletions config/crd/patches/webhook_in_nexusscripts.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
# The following patch enables a conversion webhook for the CRD
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: nexusscripts.edp.epam.com
spec:
conversion:
strategy: Webhook
webhook:
clientConfig:
service:
namespace: system
name: webhook-service
path: /convert
conversionReviewVersions:
- v1
31 changes: 31 additions & 0 deletions config/rbac/nexusscript_editor_role.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
# permissions for end users to edit nexusscripts.
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/name: clusterrole
app.kubernetes.io/instance: nexusscript-editor-role
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: nexus-operator
app.kubernetes.io/part-of: nexus-operator
app.kubernetes.io/managed-by: kustomize
name: nexusscript-editor-role
rules:
- apiGroups:
- edp.epam.com
resources:
- nexusscripts
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- edp.epam.com
resources:
- nexusscripts/status
verbs:
- get
Loading

0 comments on commit 10d88f6

Please sign in to comment.