Skip to content

Commit

Permalink
Move setting of environment to CRD
Browse files Browse the repository at this point in the history
Remove organization as the multiple org feature is no longer available
Scan all namespaces for CRDs
CRDs in namespaces other than the one kubetruth is installed in (the primary) are merged with those in the primary and trigger kubetruth to run them as a separate instance.  This makes it easy to run kubetruth for multiple environments in the same cluster by allowing full reuse of a single set templates/crds/etc across environments.
  • Loading branch information
wr0ngway committed Jun 30, 2021
1 parent 37daf2b commit d0ef48c
Show file tree
Hide file tree
Showing 33 changed files with 749 additions and 8,154 deletions.
3 changes: 3 additions & 0 deletions helm/helmv2/templates/projectmapping.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,9 @@ spec:
key_selector:
type: string
description: A regexp to limit the keys acted against
environment:
type: string
description: A environment to use to determine parameter values
skip:
type: boolean
description: Skips the generation of resources for the selected projects. Useful for excluding projects that should only be included into others.
Expand Down
3 changes: 3 additions & 0 deletions helm/kubetruth/crds/projectmapping.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,9 @@ spec:
key_selector:
type: string
description: A regexp to limit the keys acted against
environment:
type: string
description: A environment to use to determine parameter values
skip:
type: boolean
description: Skips the generation of resources for the selected projects
Expand Down
3 changes: 3 additions & 0 deletions helm/kubetruth/templates/clusterrole.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -13,4 +13,7 @@ rules:
- apiGroups: [""]
resources: ["namespaces"]
verbs: ["get", "list", "create"]
- apiGroups: ["kubetruth.cloudtruth.com"]
resources: ["projectmappings"]
verbs: ["get", "list", "watch"]
{{- end -}}
4 changes: 2 additions & 2 deletions helm/kubetruth/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,6 @@ affinity: {}

appSettings:
apiKey:
environment:
pollingInterval:
debug: false

Expand All @@ -85,13 +84,14 @@ appSettings:
projectMappings:
root:
scope: "root"
environment: "default"
project_selector: ""
key_selector: ""
skip: false
included_projects: []
context:
resource_name: "{{ project | dns_safe }}"
resource_namespace: ""
resource_namespace: "{{ mapping_namespace }}"
skip_secrets: false
resource_templates:
configmap: |
Expand Down
18 changes: 3 additions & 15 deletions lib/kubetruth/cli.rb
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
require_relative 'cli_base'
require_relative 'project'
require_relative 'ctapi'
require_relative 'etl'

module Kubetruth
Expand All @@ -11,14 +11,6 @@ class CLI < CLIBase
values to
EOF

option "--environment",
'ENV', "The cloudtruth environment",
environment_variable: 'CT_ENV',
default: "default"

option "--organization",
'ORG', "The cloudtruth organization"

option "--api-key",
'APIKEY', "The cloudtruth api key",
environment_variable: 'CLOUDTRUTH_API_KEY',
Expand Down Expand Up @@ -46,18 +38,14 @@ class CLI < CLIBase
def execute
super

ct_context = {
organization: organization,
environment: environment,
api_key: api_key
}
kube_context = {
namespace: kube_namespace,
token: kube_token,
api_url: kube_url
}

Project.ctapi_context = ct_context
Kubetruth.ctapi_setup(api_key: api_key)

etl = ETL.new(kube_context: kube_context, dry_run: dry_run?)

Signal.trap("HUP") do
Expand Down
8 changes: 6 additions & 2 deletions lib/kubetruth/config.rb
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,10 @@ class DuplicateSelection < Kubetruth::Error; end

ProjectSpec = Struct.new(
:scope,
:name,
:project_selector,
:key_selector,
:environment,
:skip,
:included_projects,
:context,
Expand Down Expand Up @@ -45,8 +47,10 @@ def convert_types(hash)

DEFAULT_SPEC = {
scope: 'override',
name: '',
project_selector: '',
key_selector: '',
environment: 'default',
skip: false,
included_projects: [],
context: {},
Expand Down Expand Up @@ -99,9 +103,9 @@ def spec_for_project(project_name)
logger.debug {"Using root spec for project '#{project_name}'"}
when 1
spec = specs.first
logger.debug {"Using override spec '#{spec.project_selector.source}' for project '#{project_name}'"}
logger.debug {"Using override spec '#{spec.name}:#{spec.project_selector.source}' for project '#{project_name}'"}
else
dupes = specs.collect {|s| "'#{s.project_selector}'" }
dupes = specs.collect {|s| "'#{s.name}:#{s.project_selector.source}'" }
raise DuplicateSelection, "Multiple configuration specs (#{dupes.inspect}) match the project '#{project_name}': }"
end

Expand Down
Loading

0 comments on commit d0ef48c

Please sign in to comment.