control plane working

Dockerfile

@@ -1,5 +1,5 @@
-FROM gcr.io/distroless/static:latest
+FROM gcr.io/distroless/static:nonroot
 WORKDIR /
 COPY bin/manager ./
-USER nobody
+USER nonroot:nonroot
 ENTRYPOINT ["/manager"]

Makefile

@@ -1,6 +1,6 @@
 
 # Image URL to use all building/pushing image targets
-IMG ?= ghcr.io/zawachte-msft/cluster-api-bootstrap-provider-k3s/controller:latest
+IMG ?= ghcr.io/zawachte-msft/cluster-api-bootstrap-provider-k3s/controller:latest5
 
 # Produce CRDs that work back to Kubernetes 1.11 (no version conversion)
 CRD_OPTIONS ?= "crd:trivialVersions=true"
@@ -20,7 +20,7 @@ test: generate fmt vet manifests
 
 # Build manager binary
 manager: generate fmt vet
-	go build -o bin/manager main.go
+	CGO_ENABLED=0 GOOS=linux go build -a -ldflags '-extldflags "-static"' -o bin/manager main.go
 
 # Run against the configured Kubernetes cluster in ~/.kube/config
 run: generate fmt vet manifests
@@ -60,7 +60,7 @@ generate: controller-gen
 	$(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="./..."
 
 # Build the docker image
-docker-build: #test
+docker-build: manager
 	docker build . -t ${IMG}
 
 # Push the docker image

PROJECT

@@ -1,7 +1,7 @@
-domain: k8s.io
+domain: cluster.x-k8s.io
 repo: github.com/zawachte-msft/cluster-api-bootstrap-provider-k3s
 resources:
 - group: bootstrap
   kind: KThreesConfig
-  version: v1alpha1
+  version: v1alpha3
 version: "2"

api/v1alpha1/groupversion_info.go → api/v1alpha3/groupversion_info.go

@@ -14,10 +14,10 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-// Package v1alpha1 contains API Schema definitions for the bootstrap v1alpha1 API group
+// Package v1alpha3 contains API Schema definitions for the bootstrap v1alpha3 API group
 // +kubebuilder:object:generate=true
-// +groupName=bootstrap.k8s.io
-package v1alpha1
+// +groupName=bootstrap.cluster.x-k8s.io
+package v1alpha3
 
 import (
 	"k8s.io/apimachinery/pkg/runtime/schema"
@@ -26,7 +26,7 @@ import (
 
 var (
 	// GroupVersion is group version used to register these objects
-	GroupVersion = schema.GroupVersion{Group: "bootstrap.k8s.io", Version: "v1alpha1"}
+	GroupVersion = schema.GroupVersion{Group: "bootstrap.cluster.x-k8s.io", Version: "v1alpha3"}
 
 	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
 	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}

api/v1alpha1/kthreesconfig_types.go → api/v1alpha3/kthreesconfig_types.go

@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-package v1alpha1
+package v1alpha3
 
 import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -61,6 +61,7 @@ type KThreesConfigStatus struct {
 }
 
 // +kubebuilder:object:root=true
+// +kubebuilder:subresource:status
 
 // KThreesConfig is the Schema for the kthreesconfigs API
 type KThreesConfig struct {

cluster.yaml

@@ -0,0 +1,29 @@
+apiVersion: cluster.x-k8s.io/v1alpha3
+kind: Cluster
+metadata:
+  labels:
+    cni: calico
+  name: joe-test
+  namespace: default
+spec:
+  clusterNetwork:
+    pods:
+      cidrBlocks:
+      - 192.168.0.0/16
+  infrastructureRef:
+    apiVersion: infrastructure.cluster.x-k8s.io/v1alpha3
+    kind: AzureCluster
+    name: joe-test
+---
+apiVersion: infrastructure.cluster.x-k8s.io/v1alpha3
+kind: AzureCluster
+metadata:
+  name: joe-test
+  namespace: default
+spec:
+  location: eastus
+  networkSpec:
+    vnet:
+      name: joe-test-vnet
+  resourceGroup: joe-test
+  subscriptionID: bbda620e-ad6d-4440-8ba0-ba1297702503

config/crd/bases/bootstrap.cluster.x-k8s.io_kthreesconfigs.yaml

@@ -0,0 +1,81 @@
+
+---
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.2.5
+  creationTimestamp: null
+  name: kthreesconfigs.bootstrap.cluster.x-k8s.io
+spec:
+  group: bootstrap.cluster.x-k8s.io
+  names:
+    kind: KThreesConfig
+    listKind: KThreesConfigList
+    plural: kthreesconfigs
+    singular: kthreesconfig
+  scope: Namespaced
+  subresources:
+    status: {}
+  validation:
+    openAPIV3Schema:
+      description: KThreesConfig is the Schema for the kthreesconfigs API
+      properties:
+        apiVersion:
+          description: 'APIVersion defines the versioned schema of this representation
+            of an object. Servers should convert recognized schemas to the latest
+            internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+          type: string
+        kind:
+          description: 'Kind is a string value representing the REST resource this
+            object represents. Servers may infer this from the endpoint the client
+            submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+          type: string
+        metadata:
+          type: object
+        spec:
+          description: KThreesConfigSpec defines the desired state of KThreesConfig
+          properties:
+            foo:
+              description: Foo is an example field of KThreesConfig. Edit KThreesConfig_types.go
+                to remove/update
+              type: string
+          type: object
+        status:
+          description: KThreesConfigStatus defines the observed state of KThreesConfig
+          properties:
+            bootstrapData:
+              format: byte
+              type: string
+            dataSecretName:
+              description: DataSecretName is the name of the secret that stores the
+                bootstrap data script.
+              type: string
+            failureMessage:
+              description: FailureMessage will be set on non-retryable errors
+              type: string
+            failureReason:
+              description: FailureReason will be set on non-retryable errors
+              type: string
+            observedGeneration:
+              description: ObservedGeneration is the latest generation observed by
+                the controller.
+              format: int64
+              type: integer
+            ready:
+              description: Ready indicates the BootstrapData field is ready to be
+                consumed
+              type: boolean
+          type: object
+      type: object
+  version: v1alpha3
+  versions:
+  - name: v1alpha3
+    served: true
+    storage: true
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []

config/crd/bases/bootstrap.k8s.io_kthreesconfigs.yaml

@@ -6,9 +6,9 @@ metadata:
   annotations:
     controller-gen.kubebuilder.io/version: v0.2.5
   creationTimestamp: null
-  name: kthreesconfigs.bootstrap.k8s.io
+  name: kthreesconfigs.bootstrap.cluster.x-k8s.io
 spec:
-  group: bootstrap.k8s.io
+  group: bootstrap.cluster.x-k8s.io
   names:
     kind: KThreesConfig
     listKind: KThreesConfigList
@@ -66,9 +66,9 @@ spec:
               type: boolean
           type: object
       type: object
-  version: v1alpha1
+  version: v1alpha3
   versions:
-  - name: v1alpha1
+  - name: v1alpha3
     served: true
     storage: true
 status:

config/crd/kustomization.yaml

@@ -1,8 +1,12 @@
+commonLabels:
+  cluster.x-k8s.io/v1alpha2: v1alpha2
+  cluster.x-k8s.io/v1alpha3: v1alpha3
+
 # This kustomization.yaml is not intended to be run by itself,
 # since it depends on service name and namespace that are out of this kustomize package.
 # It should be run by config/default
 resources:
-- bases/bootstrap.k8s.io_kthreesconfigs.yaml
+- bases/bootstrap.cluster.x-k8s.io_kthreesconfigs.yaml
 # +kubebuilder:scaffold:crdkustomizeresource
 
 patchesStrategicMerge:

config/crd/patches/cainjection_in_kthreesconfigs.yaml

@@ -5,4 +5,4 @@ kind: CustomResourceDefinition
 metadata:
   annotations:
     cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
-  name: kthreesconfigs.bootstrap.k8s.io
+  name: kthreesconfigs.bootstrap.cluster.x-k8s.io

config/crd/patches/webhook_in_kthreesconfigs.yaml

@@ -3,7 +3,7 @@
 apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
-  name: kthreesconfigs.bootstrap.k8s.io
+  name: kthreesconfigs.bootstrap.cluster.x-k8s.io
 spec:
   conversion:
     strategy: Webhook

config/default/kustomization.yaml

@@ -1,12 +1,12 @@
 # Adds namespace to all resources.
-namespace: cluster-api-bootstrap-provider-k3s-system
+namespace: capi-k3s-bootstrap-system
 
 # Value of this field is prepended to the
 # names of all resources, e.g. a deployment named
 # "wordpress" becomes "alices-wordpress".
 # Note that it should also match with the prefix (text before '-') of the namespace
 # field above.
-namePrefix: cluster-api-bootstrap-provider-k3s-
+namePrefix: capi-k3s-bootstrap-
 
 # Labels to add to all resources and selectors.
 #commonLabels:

config/manager/kustomization.yaml

@@ -5,4 +5,4 @@ kind: Kustomization
 images:
 - name: controller
   newName: ghcr.io/zawachte-msft/cluster-api-bootstrap-provider-k3s/controller
-  newTag: latest
+  newTag: latest5

config/manager/manager.yaml

@@ -22,18 +22,13 @@ spec:
       labels:
         control-plane: controller-manager
     spec:
+      imagePullSecrets:
+      - name: regcred
       containers:
       - command:
         - /manager
         args:
         - --enable-leader-election
         image: controller:latest
         name: manager
-        resources:
-          limits:
-            cpu: 100m
-            memory: 30Mi
-          requests:
-            cpu: 100m
-            memory: 20Mi
       terminationGracePeriodSeconds: 10

config/rbac/kthreesconfig_editor_role.yaml

@@ -5,7 +5,7 @@ metadata:
   name: kthreesconfig-editor-role
 rules:
 - apiGroups:
-  - bootstrap.k8s.io
+  - bootstrap.cluster.x-k8s.io
   resources:
   - kthreesconfigs
   verbs:
@@ -17,7 +17,7 @@ rules:
   - update
   - watch
 - apiGroups:
-  - bootstrap.k8s.io
+  - bootstrap.cluster.x-k8s.io
   resources:
   - kthreesconfigs/status
   verbs:

config/rbac/kthreesconfig_viewer_role.yaml

@@ -5,15 +5,15 @@ metadata:
   name: kthreesconfig-viewer-role
 rules:
 - apiGroups:
-  - bootstrap.k8s.io
+  - bootstrap.cluster.x-k8s.io
   resources:
   - kthreesconfigs
   verbs:
   - get
   - list
   - watch
 - apiGroups:
-  - bootstrap.k8s.io
+  - bootstrap.cluster.x-k8s.io
   resources:
   - kthreesconfigs/status
   verbs:

config/rbac/role.yaml

@@ -21,7 +21,7 @@ rules:
   - update
   - watch
 - apiGroups:
-  - bootstrap.k8s.io
+  - bootstrap.cluster.x-k8s.io
   resources:
   - kthreesconfigs
   verbs:
@@ -33,13 +33,17 @@ rules:
   - update
   - watch
 - apiGroups:
-  - bootstrap.k8s.io
+  - bootstrap.cluster.x-k8s.io
   resources:
   - kthreesconfigs/status
   verbs:
+  - create
+  - delete
   - get
+  - list
   - patch
   - update
+  - watch
 - apiGroups:
   - cluster.x-k8s.io
   resources:

config/samples/bootstrap_v1alpha1_kthreesconfig.yaml

@@ -1,4 +1,4 @@
-apiVersion: bootstrap.k8s.io/v1alpha1
+apiVersion: bootstrap.cluster.x-k8s.io/v1alpha3
 kind: KThreesConfig
 metadata:
   name: kthreesconfig-sample