Update CRD to apiextensions.k8s.io/v1

bitnami-labs · Dec 18, 2020 · 79cedd6 · 79cedd6
1 parent 0b2ea97
commit 79cedd6
Show file tree

Hide file tree

Showing 6 changed files with 85 additions and 12 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -72,6 +72,7 @@ jobs:
     needs: container
     strategy:
       matrix:
+        # 1.17.15 is broken with minikube, using 1.17.11
         k8s: ["1.16.13", "1.17.11"]
     env:
       MINIKUBE_WANTUPDATENOTIFICATION: "false"
@@ -130,8 +131,20 @@ jobs:
 
     - name: Testing environment setup
       run: |
+        cat controller.yaml
         kubectl apply -f controller.yaml
         kubectl rollout status deployment/sealed-secrets-controller -n kube-system -w --timeout=1m || kubectl -n kube-system describe pod -lname=sealed-secrets-controller
+        kubectl -n kube-system logs deploy/sealed-secrets-controller
 
     - name: Integration tests
-      run: make integrationtest CONTROLLER_IMAGE=$CONTROLLER_IMAGE GINKGO="ginkgo -v --randomizeSuites --failOnPending --trace --progress --compilers=2 --nodes=4"
+      run: |
+        make integrationtest CONTROLLER_IMAGE=$CONTROLLER_IMAGE GINKGO="ginkgo -v --randomizeSuites --failOnPending --trace --progress --compilers=2 --nodes=4" || {
+            echo FAILED
+            kubectl get secret -A
+            kubectl get all -A
+            echo sealed secrets resource:
+            kubectl get sealedsecrets -A
+            kubectl get sealedsecrets -A -oyaml
+            kubectl -n kube-system logs deploy/sealed-secrets-controller
+            exit 3
+        }
diff --git a/Makefile b/Makefile
@@ -135,11 +135,11 @@ controller.image: controller-manifest-$(subst :,$(comma),$(subst /,%,$(CONTROLLE
 	$(KUBECFG) show -V CONTROLLER_IMAGE=$(CONTROLLER_IMAGE) -V IMAGE_PULL_POLICY=$(IMAGE_PULL_POLICY) -o yaml $< > $@.tmp
 	mv $@.tmp $@
 
-controller.yaml: controller.jsonnet controller-norbac.jsonnet
+controller.yaml: controller.jsonnet controller-norbac.jsonnet schema-v1alpha1.yaml kube-fixes.libsonnet
 
-controller-norbac.yaml: controller-norbac.jsonnet
+controller-norbac.yaml: controller-norbac.jsonnet schema-v1alpha1.yaml kube-fixes.libsonnet
 
-controller-podmonitor.yaml: controller.jsonnet controller-norbac.jsonnet
+controller-podmonitor.yaml: controller.jsonnet controller-norbac.jsonnet schema-v1alpha1.yaml kube-fixes.libsonnet
 
 test:
 	$(GO) test $(GO_FLAGS) $(GO_PACKAGES)

diff --git a/controller-norbac.jsonnet b/controller-norbac.jsonnet
@@ -1,19 +1,28 @@
 // Minimal required deployment for a functional controller.
 
+local kubecfg = import "kubecfg.libsonnet";
+
 local namespace = 'kube-system';
 
 {
   kube:: (import 'vendor_jsonnet/kube-libsonnet/kube.libsonnet'),
-  local kube = self.kube,
+  local kube = self.kube + import 'kube-fixes.libsonnet',
 
   controllerImage:: std.extVar('CONTROLLER_IMAGE'),
   imagePullPolicy:: std.extVar('IMAGE_PULL_POLICY'),
 
   crd: kube.CustomResourceDefinition('bitnami.com', 'v1alpha1', 'SealedSecret') {
     spec+: {
-      subresources: {
-        status: {},
-      }
+      versions_+: {
+        v1alpha1+: {
+          served: true,
+          storage: true,
+          subresources: {
+            status: {},
+          },
+          schema: kubecfg.parseYaml(importstr "schema-v1alpha1.yaml")[0],
+        },
+      },
     },
   },
 

diff --git a/helm/sealed-secrets/templates/sealedsecret-crd.yaml b/helm/sealed-secrets/templates/sealedsecret-crd.yaml
@@ -1,5 +1,5 @@
 {{ if .Values.crd.create }}
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   name: sealedsecrets.bitnami.com
@@ -21,7 +21,17 @@ spec:
     plural: sealedsecrets
     singular: sealedsecret
   scope: Namespaced
-  subresources:
-    status: {}
-  version: v1alpha1
+  versions:
+  - name: v1alpha1
+    served: true
+    storage: true
+    subresources:
+      status: {}
+    schema:
+      openAPIV3Schema:
+        type: object
+        properties:
+          spec:
+            type: object
+            additionalProperties: true
 {{ end }}
diff --git a/kube-fixes.libsonnet b/kube-fixes.libsonnet
@@ -0,0 +1,27 @@
+{
+  CustomResourceDefinition(group, version, kind): {
+    local this = self,
+    apiVersion: 'apiextensions.k8s.io/v1',
+    kind: 'CustomResourceDefinition',
+    metadata+: {
+      name: this.spec.names.plural + '.' + this.spec.group,
+    },
+    spec: {
+      scope: 'Namespaced',
+      group: group,
+      versions_:: {
+        [version]: {
+          served: true,
+          storage: true,
+        },
+      },
+      versions: $.mapToNamedList(self.versions_),
+      names: {
+        kind: kind,
+        singular: $.toLower(self.kind),
+        plural: self.singular + 's',
+        listKind: self.kind + 'List',
+      },
+    },
+  },
+}
diff --git a/schema-v1alpha1.yaml b/schema-v1alpha1.yaml
@@ -0,0 +1,14 @@
+openAPIV3Schema:
+  type: object
+  properties:
+    spec:
+      type: object
+      properties:
+        template:
+          type: object
+          additionalProperties: true
+        encryptedData:
+          type: object
+          additionalProperties: true
+        data:
+          type: string