sedefsavas · sedefsavas · Feb 20, 2020
diff --git a/Makefile b/Makefile
@@ -203,6 +203,8 @@ generate-go: ## Runs Go related generate targets
 	$(MAKE) generate-go-core
 	$(MAKE) generate-go-kubeadm-bootstrap
 	$(MAKE) generate-go-kubeadm-control-plane
+	$(MAKE) generate-go-exp-postapply
+
 
 .PHONY: generate-go-core
 generate-go-core: $(CONTROLLER_GEN) $(CONVERSION_GEN)
@@ -231,6 +233,12 @@ generate-go-kubeadm-control-plane: $(CONTROLLER_GEN) $(CONVERSION_GEN) ## Runs G
 		object:headerFile=./hack/boilerplate/boilerplate.generatego.txt \
 		paths=./controlplane/kubeadm/api/...
 
+.PHONY: generate-go-exp-postapply
+generate-go-exp-postapply: $(CONTROLLER_GEN) $(CONVERSION_GEN) ## Runs Go related generate targets for the experimental postapply
+	$(CONTROLLER_GEN) \
+		object:headerFile=./hack/boilerplate/boilerplate.generatego.txt \
+		paths=./exp/postapply/api/...
+
 .PHONY: generate-bindata
 generate-bindata: $(KUSTOMIZE) $(GOBINDATA) clean-bindata ## Generate code for embedding the clusterctl api manifest
 	# Package manifest YAML into a single file.
@@ -250,6 +258,7 @@ generate-manifests: ## Generate manifests e.g. CRD, RBAC etc.
 	$(MAKE) generate-core-manifests
 	$(MAKE) generate-kubeadm-bootstrap-manifests
 	$(MAKE) generate-kubeadm-control-plane-manifests
+	$(MAKE) generate-exp-postapply-manifests
 
 .PHONY: generate-core-manifests
 generate-core-manifests: $(CONTROLLER_GEN) ## Generate manifests for the core provider e.g. CRD, RBAC etc.
@@ -293,6 +302,15 @@ generate-kubeadm-control-plane-manifests: $(CONTROLLER_GEN) ## Generate manifest
 		output:webhook:dir=./controlplane/kubeadm/config/webhook \
 		webhook
 
+.PHONY: generate-exp-postapply-manifests
+generate-exp-postapply-manifests: $(CONTROLLER_GEN) ## Generate manifests for the postapply controller e.g. CRD, RBAC etc.
+	$(CONTROLLER_GEN) \
+		paths=./exp/postapply/api/... \
+		paths=./exp/postapply/controllers/... \
+		crd:trivialVersions=false,preserveUnknownFields=false \
+		rbac:roleName=manager-role \
+		output:crd:dir=./exp/postapply/config/crd/bases
+
 .PHONY: modules
 modules: ## Runs go mod to ensure modules are up to date.
 	go mod tidy
@@ -431,13 +449,18 @@ release-manifests: $(RELEASE_DIR) $(KUSTOMIZE) ## Builds the manifests to publis
 	$(KUSTOMIZE) build bootstrap/kubeadm/config > $(RELEASE_DIR)/bootstrap-components.yaml
 	# Build control-plane-components.
 	$(KUSTOMIZE) build controlplane/kubeadm/config > $(RELEASE_DIR)/control-plane-components.yaml
+	# Build experimental postapply related components.
+	$(KUSTOMIZE) build exp/postapply/config/default > $(RELEASE_DIR)/postapply-components.yaml
 
 	## Build cluster-api-components (aggregate of all of the above).
 	cat $(RELEASE_DIR)/core-components.yaml > $(RELEASE_DIR)/cluster-api-components.yaml
 	echo "---" >> $(RELEASE_DIR)/cluster-api-components.yaml
 	cat $(RELEASE_DIR)/bootstrap-components.yaml >> $(RELEASE_DIR)/cluster-api-components.yaml
 	echo "---" >> $(RELEASE_DIR)/cluster-api-components.yaml
 	cat $(RELEASE_DIR)/control-plane-components.yaml >> $(RELEASE_DIR)/cluster-api-components.yaml
+	echo "---" >> $(RELEASE_DIR)/cluster-api-components.yaml
+	cat $(RELEASE_DIR)/postapply-components.yaml >> $(RELEASE_DIR)/cluster-api-components.yaml
+
 
 release-binaries: ## Builds the binaries to publish with a release
 	RELEASE_BINARY=./cmd/clusterctl GOOS=linux GOARCH=amd64 $(MAKE) release-binary

diff --git a/exp/postapply/api/v1alpha3/groupversion_info.go b/exp/postapply/api/v1alpha3/groupversion_info.go
@@ -0,0 +1,35 @@
+/*
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package v1alpha3 contains API Schema definitions for the postapply v1alpha3 API group
+// +kubebuilder:object:generate=true
+// +groupName=postapply.cluster.x-k8s.io
+package v1alpha3
+
+import (
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"sigs.k8s.io/controller-runtime/pkg/scheme"
+)
+
+var (
+	// GroupVersion is group version used to register these objects
+	GroupVersion = schema.GroupVersion{Group: "postapply.cluster.x-k8s.io", Version: "v1alpha3"}
+
+	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
+	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}
+
+	// AddToScheme adds the types in this group-version to the given scheme.
+	AddToScheme = SchemeBuilder.AddToScheme
+)
diff --git a/exp/postapply/api/v1alpha3/postapplyconfig_types.go b/exp/postapply/api/v1alpha3/postapplyconfig_types.go
@@ -0,0 +1,76 @@
+/*
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1alpha3
+
+import (
+	corev1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
+// NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
+
+// PostApplyConfigSpec defines the desired state of PostApplyConfig
+type PostApplyConfigSpec struct {
+	ClusterSelector metav1.LabelSelector `json:"clusterSelector"`
+	// PostApplyAddons is a list of Secrets in YAML format to be applied to remote clusters.
+	PostApplyAddons []*PostApplyAddon `json:"postApplyAddons,omitempty"`
+}
+
+// ANCHOR: PostApplyAddon
+
+// PostApplyAddon specifies the addon's Secret parameters.
+type PostApplyAddon struct {
+	Name string `json:"name,omitempty"`
+	// Namespace is the namespace of the secret.
+	Namespace string `json:"namespace,omitempty"`
+}
+
+// ANCHOR_END: PostApplyAddon
+
+// PostApplyConfigStatus defines the observed state of PostApplyConfig
+type PostApplyConfigStatus struct {
+	// ClusterRefList will point to the clusters that the postApplyConfig yamls successfully applied.
+	// +optional
+	ClusterRefList []*corev1.ObjectReference `json:"clusterRefList,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+// +kubebuilder:resource:path=postapplyconfigs,scope=Namespaced,categories=cluster-api
+// +kubebuilder:subresource:status
+// +kubebuilder:storageversion
+
+// PostApplyConfig is the Schema for the postapplyconfigs API
+type PostApplyConfig struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   PostApplyConfigSpec   `json:"spec,omitempty"`
+	Status PostApplyConfigStatus `json:"status,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+
+// PostApplyConfigList contains a list of PostApplyConfig
+type PostApplyConfigList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []PostApplyConfig `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&PostApplyConfig{}, &PostApplyConfigList{})
+}
diff --git a/exp/postapply/api/v1alpha3/zz_generated.deepcopy.go b/exp/postapply/api/v1alpha3/zz_generated.deepcopy.go
diff --git a/exp/postapply/config/certmanager/certificate.yaml b/exp/postapply/config/certmanager/certificate.yaml
@@ -0,0 +1,25 @@
+# The following manifests contain a self-signed issuer CR and a certificate CR.
+# More document can be found at https://docs.cert-manager.io
+# WARNING: Targets CertManager 0.11 check https://docs.cert-manager.io/en/latest/tasks/upgrading/index.html for breaking changes
+apiVersion: cert-manager.io/v1alpha2
+kind: Issuer
+metadata:
+  name: selfsigned-issuer
+  namespace: system
+spec:
+  selfSigned: {}
+---
+apiVersion: cert-manager.io/v1alpha2
+kind: Certificate
+metadata:
+  name: serving-cert  # this name should match the one appeared in kustomizeconfig.yaml
+  namespace: system
+spec:
+  # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize
+  dnsNames:
+  - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc
+  - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local
+  issuerRef:
+    kind: Issuer
+    name: selfsigned-issuer
+  secretName: webhook-server-cert # this secret will not be prefixed, since it's not managed by kustomize
diff --git a/exp/postapply/config/certmanager/kustomization.yaml b/exp/postapply/config/certmanager/kustomization.yaml
@@ -0,0 +1,5 @@
+resources:
+- certificate.yaml
+
+configurations:
+- kustomizeconfig.yaml
diff --git a/exp/postapply/config/certmanager/kustomizeconfig.yaml b/exp/postapply/config/certmanager/kustomizeconfig.yaml
@@ -0,0 +1,16 @@
+# This configuration is for teaching kustomize how to update name ref and var substitution 
+nameReference:
+- kind: Issuer
+  group: cert-manager.io
+  fieldSpecs:
+  - kind: Certificate
+    group: cert-manager.io
+    path: spec/issuerRef/name
+
+varReference:
+- kind: Certificate
+  group: cert-manager.io
+  path: spec/commonName
+- kind: Certificate
+  group: cert-manager.io
+  path: spec/dnsNames