Merge pull request #297 from 3scale-ops/feat/dev/openshift

feat/dev/openshift

.github/workflows/release.yaml

@@ -7,34 +7,26 @@ on:
 
 jobs:
   build:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
 
       - name: Setup Go
-        uses: actions/setup-go@v2
+        uses: actions/setup-go@v5
         with:
           go-version: "1.21"
 
-      - uses: actions/cache@v2
-        with:
-          path: ~/go/pkg/mod
-          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
-          restore-keys: ${{ runner.os }}-go-
-
-      - uses: actions/cache@v2
-        with:
-          path: ./testbin
-          key: ${{ runner.os }}-testbin
-
-      - uses: actions/cache@v2
+      - uses: actions/cache@v4
         with:
           path: ./bin
           key: ${{ runner.os }}-bin
 
       - name: Run tests
         run: make test
 
+      - name: Run e2e tests
+        run: make test-e2e
+
       - name: Build image
         run: make docker-build
 
@@ -44,7 +36,7 @@ jobs:
 
       - name: Login to quay.io/3scale
         if: ${{ env.NEW_RELEASE != '' }}
-        uses: docker/login-action@v1
+        uses: docker/login-action@v3
         with:
           registry: quay.io
           username: ${{ secrets.REGISTRY_USER }}

.github/workflows/test.yaml

@@ -6,31 +6,22 @@ on:
       - main
 jobs:
   test:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
 
       - name: Setup Go
-        uses: actions/setup-go@v2
+        uses: actions/setup-go@v5
         with:
           go-version: "1.21"
 
-      - uses: actions/cache@v2
-        with:
-          path: ~/go/pkg/mod
-          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
-          restore-keys: ${{ runner.os }}-go-
-
-      - uses: actions/cache@v2
-        with:
-          path: ./testbin
-          key: ${{ runner.os }}-testbin
-
-      - uses: actions/cache@v2
+      - uses: actions/cache@v4
         with:
           path: ./bin
           key: ${{ runner.os }}-bin
 
       - name: Run tests
-        run: |
-          make test
+        run: make test
+
+      - name: Run e2e tests
+        run: make test-e2e

Makefile

@@ -3,7 +3,7 @@
 # To re-generate a bundle for another specific version without changing the standard setup, you can:
 # - use the VERSION as arg of the bundle target (e.g make bundle VERSION=0.0.2)
 # - use environment variables to overwrite this value (e.g export VERSION=0.0.2)
-VERSION ?= 0.22.0
+VERSION ?= 0.23.0-alpha.9
 # CHANNELS define the bundle channels used in the bundle.
 # Add a new line here if you would like to change its default config. (E.g CHANNELS = "candidate,fast,stable")
 # To re-generate a bundle for other specific channels without changing the standard setup, you can:
@@ -283,8 +283,16 @@ kind-refresh-controller: manifests kind docker-build ## Reloads the controller i
 	$(KIND) load docker-image $(IMG)
 	kubectl delete pod -l control-plane=controller-manager
 
+LOCAL_SETUP_INPUTS_PATH=config/local-setup/env-inputs
+$(LOCAL_SETUP_INPUTS_PATH)/seed-secret.yaml: $(LOCAL_SETUP_INPUTS_PATH)/seed.env
+	source $(@D)/seed.env && envsubst < $@.envsubst > $@
+
+kind-deploy-saas-inputs: export KUBECONFIG = $(PWD)/kubeconfig
+kind-deploy-saas-inputs: $(LOCAL_SETUP_INPUTS_PATH)/seed-secret.yaml $(LOCAL_SETUP_INPUTS_PATH)/pull-secrets.json
+	$(KUSTOMIZE) build $(LOCAL_SETUP_INPUTS_PATH) | kubectl apply -f -
+
 kind-deploy-databases: export KUBECONFIG = $(PWD)/kubeconfig
-kind-deploy-databases: kind-deploy-controller
+kind-deploy-databases: kind-deploy-controller kind-deploy-saas-inputs
 	$(KUSTOMIZE) build config/local-setup/databases | kubectl apply -f -
 	sleep 10
 	kubectl wait --for condition=ready --timeout=300s pod --all
@@ -298,37 +306,27 @@ kind-load-redis-with-ssh:
 	docker build -t $(REDIS_WITH_SSH_IMG) test/assets/redis-with-ssh
 	$(KIND) load docker-image $(REDIS_WITH_SSH_IMG)
 
-kind-deploy-saas: export KUBECONFIG = ${PWD}/kubeconfig
-kind-deploy-saas: kind-load-redis-with-ssh ## Deploys a 3scale SaaS dev environment
-	$(KUSTOMIZE) build config/local-setup | kubectl apply -f -
-	sleep 5
-	kubectl wait --for condition=ready --timeout=300s pod system-console-0
+kind-deploy-saas-workloads: export KUBECONFIG = ${PWD}/kubeconfig
+kind-deploy-saas-workloads: kind-deploy-controller $(LOCAL_SETUP_INPUTS_PATH)/seed-secret.yaml $(LOCAL_SETUP_INPUTS_PATH)/pull-secrets.json kind-load-redis-with-ssh ## Deploys the 3scale SaaS dev environment workloads
+	$(KUSTOMIZE) build config/local-setup | $(YQ) 'select(.kind!="Zync")' | kubectl apply -f -
+	sleep 10
 	kubectl get pods --no-headers -o name | grep -v system | xargs kubectl wait --for condition=ready --timeout=300s
-	kubectl -ti exec system-console-0 -c system-console -- bash -c '\
-		MASTER_DOMAIN=multitenant-admin \
-		MASTER_ACCESS_TOKEN=mtoken \
-		MASTER_PASSWORD=mpass \
-		MASTER_USER=admin \
-		TENANT_NAME=provider \
-		PROVIDER_NAME="3scale SaaS Dev Provider" \
-		USER_LOGIN=admin \
-		USER_PASSWORD=ppass \
-		ADMIN_ACCESS_TOKEN=ptoken \
-		USER_EMAIL="admin@cluster.local" \
-		DISABLE_DATABASE_ENVIRONMENT_CHECK=1 \
-		bundle exec rake db:setup'
-	kubectl get pods --no-headers -o name | grep system | xargs kubectl wait --for condition=ready --timeout=300s
+	$(KUSTOMIZE) build config/local-setup | $(YQ) 'select(.kind=="Zync")' | kubectl apply -f -
+	kubectl get pods --no-headers -o name | grep -v system | xargs kubectl wait --for condition=ready --timeout=300s
+
+kind-deploy-saas-run-db-setup: export KUBECONFIG = ${PWD}/kubeconfig
+kind-deploy-saas-run-db-setup:
+	 kubectl create -f config/local-setup/workloads/db-setup-pipelinerun.yaml
 
 kind-cleanup-saas: export KUBECONFIG = ${PWD}/kubeconfig
 kind-cleanup-saas:
-	-$(KUSTOMIZE) build config/local-setup/databases | kubectl delete -f -
 	-$(KUSTOMIZE) build config/local-setup | kubectl delete -f -
 	-kubectl get pod --no-headers -o name | grep -v saas-operator | xargs kubectl delete --grace-period=0 --force
 	-kubectl get pvc --no-headers -o name | xargs kubectl delete
 
-LOCAL_SETUP_DEPS = metallb cert-manager marin3r prometheus-crds tekton-crds grafana-crds external-secrets-crds minio
+LOCAL_SETUP_DEPS = metallb cert-manager marin3r prometheus-crds tekton grafana-crds external-secrets-crds minio
 kind-local-setup: export KUBECONFIG = ${PWD}/kubeconfig
-kind-local-setup: $(foreach elem,$(LOCAL_SETUP_DEPS),install-$(elem)) kind-deploy-controller kind-deploy-databases kind-deploy-saas
+kind-local-setup: $(foreach elem,$(LOCAL_SETUP_DEPS),install-$(elem)) kind-deploy-controller kind-deploy-saas-workloads kind-deploy-saas-run-db-setup
 
 ##@ Build Dependencies
 

api/v1alpha1/common_types.go

@@ -37,6 +37,8 @@ const (
 	// AnnotationsDomain is a common prefix for all "rollout triggering"
 	// annotation keys
 	AnnotationsDomain string = "saas.3scale.net"
+	// The name for the default seed Secret
+	DefaultSeedSecret string = "saas-seed"
 )
 
 var (
@@ -567,6 +569,11 @@ type SecretReference struct {
 	// +operator-sdk:csv:customresourcedefinitions:type=spec
 	// +optional
 	Override *string `json:"override,omitempty"`
+	// FromSeed will try to retrieve the secret value from
+	// the default seed Secret.
+	// +operator-sdk:csv:customresourcedefinitions:type=spec
+	// +optional
+	FromSeed *SeedSecretReference `json:"fromSeed,omitempty"`
 }
 
 // VaultSecretReference is a reference to a secret stored in
@@ -580,8 +587,12 @@ type VaultSecretReference struct {
 	Key string `json:"key"`
 }
 
-func (spec *VaultSecretReference) Default() {
-}
+func (spec *VaultSecretReference) Default() {}
+
+// SeedSecretReference represents options to
+// retrieve the secret value from the default seed Secret.
+// There are no configurable options at this point.
+type SeedSecretReference struct{}
 
 // ExternalSecretSecretStoreReferenceSpec is a reference to a secret store
 type ExternalSecretSecretStoreReferenceSpec struct {

api/v1alpha1/system_types.go

@@ -482,6 +482,8 @@ type SystemConfig struct {
 	Backend SystemBackendSpec `json:"backend"`
 	// Assets has configuration to access assets in AWS s3
 	Assets AssetsSpec `json:"assets"`
+	// Apicast can be used to pass down apicast endpoints configuration
+	Apicast *SystemApicastEndpointsSpec `json:"apicast,omitempty"`
 }
 
 // Default applies default values to a SystemConfig struct
@@ -668,6 +670,10 @@ type AssetsSpec struct {
 	// +operator-sdk:csv:customresourcedefinitions:type=spec
 	// +optional
 	Host *string `json:"host,omitempty"`
+	// Assets custom S3 endpoint
+	// +operator-sdk:csv:customresourcedefinitions:type=spec
+	// +optional
+	S3Endpoint *string `json:"s3Endpoint,omitempty"`
 }
 
 // SystemRailsSpec configures rails for system components
@@ -687,6 +693,18 @@ type SystemRailsSpec struct {
 	LogLevel *string `json:"logLevel,omitempty"`
 }
 
+// ApicastSpec holds properties to configure Apicast endpoints
+type SystemApicastEndpointsSpec struct {
+	// Apicast Staging endpoint
+	StagingDomain string `json:"stagingDomain"`
+	// Apicast Production endpoint
+	ProductionDomain string `json:"productionDomain"`
+	// Policies registry URL for Apicast Cloud Hosteed
+	CloudHostedRegistryURL string `json:"cloudHostedRegistryURL"`
+	// Policies registry URL for Apicast Self Managed (on-prem)
+	SelfManagedRegistryURL string `json:"selfManagedRegistryURL"`
+}
+
 // Default applies defaults for SystemRailsSpec
 func (srs *SystemRailsSpec) Default() {
 	srs.Console = boolOrDefault(srs.Console, util.Pointer(systemDefaultRailsConsole))