Support chart repo crd

.dockerignore

@@ -1,6 +1,5 @@
 captain
 .kube
 .helm
-artifacts
 docs
 

.gitignore

@@ -1,5 +1,5 @@
 .idea/
-captain
+/captain
 .helm/
 .kube/
 artifacts/coverage.out

Dockerfile

@@ -1,16 +1,17 @@
 FROM golang:1.12.4
 
-COPY . $GOPATH/src/alauda.io/captain
-WORKDIR $GOPATH/src/alauda.io/captain
+COPY . $GOPATH/src/github.com/alauda/captain
+WORKDIR $GOPATH/src/github.com/alauda/captain
 RUN make build
 
 FROM index.alauda.cn/alaudaorg/alaudabase-alpine-run:alpine3.9.3
 
 WORKDIR /captain
 
-COPY --from=0 /go/src/alauda.io/captain/captain /captain/
-COPY hack/run.sh /captain/run.sh
-RUN chmod a+x /captain/captain /captain/run.sh
+COPY --from=0 /go/src/github.com/alauda/captain/captain /captain/
+COPY artifacts/helm/repositories.yaml /captain/.helm/repository/
+RUN chmod a+x /captain/captain
 
-ENTRYPOINT ["/captain/run.sh"]
+
+# ENTRYPOINT ["/captain/run.sh"]
 CMD ["/captain/captain"]

README.md

@@ -14,6 +14,7 @@ released yet, we add some little medication to help create this controller. Of c
 
 ## Features
 * HelmRequest and Release CRD, namespace based
+* ChartRepo CRD
 * Multi cluster support based on [https://github.com/kubernetes/cluster-registry](https://github.com/kubernetes/cluster-registry)
 * Dependency check for HelmRequest (between HelmRequests)
 * `valuesFrom` support, also use ConfigMap or Secret to store values
@@ -54,6 +55,7 @@ For the detailed explain and advanced usage, please check the documentation belo
 * [How captain works](./docs/captain.md)
 * [HelmRequest CRD](./docs/helmrequest.md)
 * [Release CRD](./docs/release.md)
+* [ChartRepo CRD](./docs/chartrepo.md)
 
 
 

artifacts/crd/chartrepo/alauda.yaml

@@ -0,0 +1,6 @@
+apiVersion: app.alauda.io/v1alpha1
+kind: ChartRepo
+metadata:
+  name: alauda
+spec:
+  url: https://alauda.github.io/charts

artifacts/crd/chartrepo/stable.yaml

@@ -0,0 +1,6 @@
+apiVersion: app.alauda.io/v1alpha1
+kind: ChartRepo
+metadata:
+  name: stable
+spec:
+  url: https://kubernetes-charts.storage.googleapis.com

charts/captain/Chart.yaml

@@ -1,4 +1,4 @@
 name: captain
 appVersion: "2.0"
-version: v0.8.0
+version: v0.9.0
 description: A Helm3 Controller

charts/captain/templates/chartrepo.yaml

@@ -0,0 +1,34 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: chartrepos.app.alauda.io
+spec:
+  group: app.alauda.io
+  version: v1alpha1
+  names:
+    kind: ChartRepo
+    listKind: ChartRepoList
+    plural: chartrepos
+    singular: chartrepo
+    shortNames:
+      - ctr
+  additionalPrinterColumns:
+    - name: URL
+      type: string
+      description: The url of this chart repo
+      JSONPath: .spec.url
+    - name: Phase
+      type: string
+      description: The phase of this ChartRepo
+      JSONPath: .status.phase
+    - name: Age
+      type: date
+      JSONPath: .metadata.creationTimestamp
+  scope: Namespaced
+  validation:
+    # openAPIV3Schema is the schema for validating custom objects.
+    openAPIV3Schema:
+      properties:
+        spec:
+          required:
+            - url

charts/captain/templates/deployment.yaml

@@ -17,21 +17,16 @@ spec:
           image: "{{ .Values.global.images.captain.repository }}:{{ .Values.global.images.captain.tag }}"
           terminationMessagePolicy: File
           imagePullPolicy: {{ .Values.image.policy }}
-          args:
+          command:
             - /captain/captain
             - -cluster-namespace={{ .Values.namespace }}
+            - -chartrepo-namespace={{ .Values.namespace }}
           resources:
 {{ toYaml .Values.resources | indent 12 }}
           volumeMounts:
-          - name: config-volume
-            mountPath: /tmp/repositories.yaml
-            subPath: repositories.yaml
           - name: certs
             mountPath: /tmp/k8s-webhook-server/serving-certs
       volumes:
-      - name: config-volume
-        configMap:
-          name: captain
       - name: certs
         secret:
           optional: true

charts/captain/templates/validation.yaml

@@ -23,3 +23,20 @@ webhooks:
           - UPDATE
         resources:
           - helmrequests
+  - clientConfig:
+      caBundle: Cg==
+      service:
+        name: captain
+        namespace: {{ .Values.namespace }}
+        path: /validate-chartrepo
+    failurePolicy: Fail
+    name: validate-chartrepos.app.alauda.io
+    rules:
+      - apiGroups:
+          - app.alauda.io
+        apiVersions:
+          - v1alpha1
+        operations:
+          - UPDATE
+        resources:
+          - chartrepos

charts/captain/values.yaml

@@ -13,4 +13,4 @@ global:
   images:
     captain:
       repository: alaudapublic/captain
-      tag: v0.8.0
+      tag: v0.9.0

docs/captain.md

@@ -6,45 +6,28 @@ Captain is regular kubernetes controller, it watch specific resource (HelmReques
 
 ## Helm Repo
 
-Since Helm3 code is under active development, it not totally ready to act as an library. So some of the helm function still need the old fashion way. Helm2 use local files to store repo information and index. In Captain, it remains the same way. But it mount the repo file from a kubernetes config(ConfigMap, Secret). For example,  in our deployment, the captain charts contains a ConfigMap looks like this:
+Since Helm3 code is under active development, it not totally ready to act as an library. So some of the helm function still need the old fashion way. Helm2 use local files to store repo information and index. 
+In Captain, it remains the same way. But it can read third-party repo from `ChartRepo` CRD, which users can read and write directly using `kubectl`,
+Here is the default ChartRepo which captain will install automatically when start: 
 
 
 ```yaml
-apiVersion: v1
-data:
-  repositories.yaml: |
-    apiVersion: v1
-    generated: 2019-06-19T17:26:28.715546186+08:00
-    repositories:
-    - caFile: ""
-      cache: /root/.helm/repository/cache/stable-index.yaml
-      certFile: ""
-      keyFile: ""
-      name: stable
-      password: ""
-      url: https://kubernetes-charts.storage.googleapis.com
-      username: ""
-kind: ConfigMap
+apiVersion: app.alauda.io/v1alpha1
+kind: ChartRepo
 metadata:
-  creationTimestamp: "2019-07-27T07:48:36Z"
-  name: captain
+  creationTimestamp: "2019-08-09T08:04:16Z"
+  generation: 2
+  name: stable
   namespace: captain
-  resourceVersion: "4886209"
-  selfLink: /api/v1/namespaces/captain/configmaps/captain
-  uid: f100c3eb-b042-11e9-bf4f-5254004f2ad2
+  resourceVersion: "7253523"
+  selfLink: /apis/app.alauda.io/v1alpha1/namespaces/captain/chartrepos/stable
+  uid: 48515f13-ba7c-11e9-98c3-5254004f2ad2
+spec:
+  url: https://kubernetes-charts.storage.googleapis.com
+status:
+  phase: Synced
 ```
-
-
-
-You can see the content format is the same as helm client. If you need to add custom repo to captain, you will have to edit this ConfigMap and restart the Captain deployment. Captain will perioldyy update the repo index to keep the local cache update to date.
-
-
-
-The future plan is to use a CRD to define repo info
-
-
-
-
+For detaild information about ChartRepo, please checkout [ChartRepo CRD](./chartrepo.md)
 
 ## Clusters
 

docs/chartrepo.md

@@ -0,0 +1,62 @@
+## ChartRepo
+
+`ChartRepo` represents a helm repository, where helm client can retrieve and upload helm charts. 
+The definition is quite simple, For example, the most simplest ones is :
+
+```yaml
+apiVersion: app.alauda.io/v1alpha1
+kind: ChartRepo
+metadata:
+  name: stable
+  namespace: captain
+spec:
+  url: https://kubernetes-charts.storage.googleapis.com
+``` 
+
+* `metadata.name`: the name of this repo
+* `metadata.namespace`: Captain will only read ChartRepo resources from one namespace, 
+   default to `captain`, and can be customized in helm values (`.namespace`)
+* `spec.url`: the url of this repo
+
+After created, we can use `kubectl` to checkout the repo list
+
+```bash
+root@VM-16-12-ubuntu:/home/ubuntu# kubectl get ctr -n captain
+NAME     URL                                                PHASE    AGE
+stable   https://kubernetes-charts.storage.googleapis.com   Synced   21m
+```
+
+The output is very similar to `helm repo list`.
+
+### Basic Auth
+Of course ,many repos need auth support. Currently, `ChartRepo` has support basic auth by specify 
+a secret resource in the spec:
+
+```yaml
+apiVersion: app.alauda.io/v1alpha1
+kind: ChartRepo
+metadata:
+  name: new
+  namespace: captain
+spec:
+  url: <url>
+  secret:
+    name: new
+``` 
+
+* `spec.secret.name`: name of the secret
+* `spec.secret.namespace`: namespace of the secret, an optional field, default to the same namespace as `ChartRepo`
+
+Then, all you need is a secret which contains `username` and `password` data:
+
+```yaml
+apiVersion: v1
+data:
+  password: MndiNEUxaXlkUmo3
+  username: N0RPOVFvTHREeDFn
+kind: Secret
+metadata:
+  name: new
+  namespace: captain
+type: Opaque
+```

docs/install.md

@@ -34,5 +34,5 @@ helm install \
 ``` bash
 helm repo add alauda https://alauda.github.io/charts
 kubectl create namespace captain # or choose a namespace you likes， just remember to update the args below
-helm install  --name=captain --version=v0.8.0 --namespace=captain --set namespace=captain alauda/captain
+helm install  --name=captain --version=v0.9.0 --namespace=captain --set namespace=captain alauda/captain
 ```

main.go

@@ -22,6 +22,8 @@ import (
 	"fmt"
 	"time"
 
+	"github.com/alauda/captain/pkg/chartrepo"
+
 	"github.com/alauda/captain/pkg/webhook"
 
 	"sigs.k8s.io/controller-runtime/pkg/log"
@@ -66,7 +68,7 @@ func main() {
 	// init helm dirs
 	helm.Init()
 
-	// init kube client
+	// init kube config
 	cfg, err := clientcmd.BuildConfigFromFlags(options.MasterURL, options.KubeConfig)
 	if err != nil {
 		klog.Fatalf("Error building kubeconfig: %s", err.Error())
@@ -79,15 +81,22 @@ func main() {
 	}
 
 	// add helm repo syncer
-	if err := mgr.Add(helm.NewDefaultIndexSyncer()); err != nil {
-		klog.Fatal("add helm repo syncer error: ", err)
-	}
+	// if err := mgr.Add(helm.NewDefaultIndexSyncer()); err != nil {
+	//	klog.Fatal("add helm repo syncer error: ", err)
+	// }
 
 	// install HelmRequest CRD
 	if err := installCRDIfRequired(cfg, options.InstallCRD); err != nil {
 		klog.Fatalf("Error install CRD: %s", err.Error())
 	}
 
+	// install default chartrepo
+	if err := chartrepo.InstallDefaultChartRepo(cfg, options.ChartRepoNamespace); err != nil {
+		klog.Fatal("error install default helm repo:", err)
+	}
+
+	klog.Info("create default chart repo")
+
 	// create controller
 	_, err = controller.NewController(mgr, &options, stopCh)
 	if err != nil {

pkg/apis/app/v1alpha1/register.go

@@ -38,6 +38,8 @@ func addKnownTypes(scheme *runtime.Scheme) error {
 		&HelmRequestList{},
 		&Release{},
 		&ReleaseList{},
+		&ChartRepo{},
+		&ChartRepoList{},
 	)
 
 	scheme.AddKnownTypes(