Merge pull request #223 from vshn/add/miniobucket

Add minio objectbucket
vshn · Sep 20, 2023 · 1ef730b · 1ef730b
2 parents 53ed71d + d514489
commit 1ef730b
Show file tree

Hide file tree

Showing 60 changed files with 693 additions and 653 deletions.
diff --git a/Makefile.vars.mk b/Makefile.vars.mk
@@ -32,7 +32,7 @@ JSONNET_DOCKER  ?= $(DOCKER_CMD) $(DOCKER_ARGS) $(root_volume) --entrypoint=json
 VALE_CMD  ?= $(DOCKER_CMD) $(DOCKER_ARGS) $(root_volume) --volume "$${PWD}"/docs/modules:/pages ghcr.io/vshn/vale:2.15.5
 VALE_ARGS ?= --minAlertLevel=error --config=/pages/ROOT/pages/.vale.ini /pages
 
-ANTORA_PREVIEW_CMD ?= $(DOCKER_CMD) run --rm --publish 35729:35729 --publish 2020:2020 $(antora_git_volume) --volume "${PWD}/docs":/preview/antora/docs ghcr.io/vshn/antora-preview:3.1.2.3 --style=syn --antora=docs
+ANTORA_PREVIEW_CMD ?= $(DOCKER_CMD) run --rm --publish 35729:35729 --publish 2020:2020 $(antora_git_volume) --volume "${PWD}/docs":/preview/antora/docs ghcr.io/vshn/antora-preview:3.1.4 --style=syn --antora=docs
 
 COMMODORE_CMD  ?= $(DOCKER_CMD) $(DOCKER_ARGS) $(root_volume) docker.io/projectsyn/commodore:latest
 COMPILE_CMD    ?= $(COMMODORE_CMD) component compile . $(commodore_args)

diff --git a/class/defaults.yml b/class/defaults.yml
@@ -39,7 +39,7 @@ parameters:
       appcat:
         registry: ghcr.io
         repository: vshn/appcat
-        tag: v4.25.0
+        tag: v4.27.0
       apiserver:
         registry: ghcr.io
         repository: vshn/appcat-apiserver
@@ -222,7 +222,8 @@ parameters:
           package: ${appcat:images:provider-minio:registry}/${appcat:images:provider-minio:repository}:${appcat:images:provider-minio:tag}
         controllerConfig:
           serviceAccountName: provider-minio
-        providerConfig: {}
+        providerConfigRefs: []
+        additionalProviderConfigs: []
 
     services:
       # Used for deploying jobs
@@ -325,7 +326,7 @@ parameters:
                 cpu: "1"
                 memory: "1Gi"
                 disk: 50Gi
-
+          instances: []
 
       # Config for exoscale composites
       exoscale:
@@ -371,6 +372,13 @@ parameters:
               secretNamespace: ${appcat:services:generic:objectstorage:secretNamespace}
               providerSecretNamespace: ${appcat:providers:cloudscale:connectionSecretNamespace}
               bucketDeletionPolicy: ${appcat:services:generic:objectstorage:bucketDeletionPolicy}
+            minio:
+              enabled: false
+              secretNamespace: ${appcat:services:generic:objectstorage:secretNamespace}
+              providerSecretNamespace: ${appcat:providers:cloudscale:connectionSecretNamespace}
+              bucketDeletionPolicy: ${appcat:services:generic:objectstorage:bucketDeletionPolicy}
+              grpcEndpoint: ${appcat:grpcEndpoint}
+              providerConfig: minio
 
           # Generic config for objecstorage composite
           secretNamespace: ${crossplane:namespace}

diff --git a/component/appcat_sla_reporter.jsonnet b/component/appcat_sla_reporter.jsonnet
@@ -59,12 +59,7 @@ local ObjectStorage = kube._Object('appcat.vshn.io/v1', 'ObjectBucket', 'appcat-
   metadata: {
     namespace: slos_params.namespace,
     name: 'appcat-sla-reports',
-    annotations: {
-      // Our current ArgoCD configuration can't handle the claim -> composite
-      // relationship
-      'argocd.argoproj.io/compare-options': 'IgnoreExtraneous',
-      'argocd.argoproj.io/sync-options': 'Prune=false',
-    },
+    annotations: common.ArgoCDAnnotations(),
   },
   spec: {
     parameters: {

diff --git a/component/common.libsonnet b/component/common.libsonnet
@@ -15,7 +15,7 @@ local exoscaleZones = [ 'de-fra-1', 'de-muc-1', 'at-vie-1', 'ch-gva-2', 'ch-dk-2
 local cloudscaleZones = [ 'lpg', 'rma' ];
 
 local strExoscaleZones = std.join(', ', exoscaleZones);
-local strCloudscaleZones = std.join('and', cloudscaleZones);
+local strCloudscaleZones = std.join(', ', cloudscaleZones);
 
 local syncOptions = {
   metadata+: {
@@ -32,7 +32,7 @@ local vshnMetaDBaaSExoscale(dbname) = {
       'metadata.appcat.vshn.io/displayname': 'Exoscale ' + dbname,
       'metadata.appcat.vshn.io/description': dbname + ' DBaaS instances by Exoscale',
       'metadata.appcat.vshn.io/end-user-docs-url': 'https://vs.hn/exo-' + std.asciiLower(dbname),
-      'metadata.appcat.vshn.io/zone': 'Exoscale zones: ' + strExoscaleZones,
+      'metadata.appcat.vshn.io/zone': strExoscaleZones,
       'metadata.appcat.vshn.io/product-description': 'https://products.docs.vshn.ch/products/appcat/exoscale_dbaas.html',
     },
     labels+: {
@@ -67,14 +67,18 @@ local vshnMetaVshnDBaas(dbname, flavor, offered, plans) = vshnMetaVshn(dbname, f
   },
 };
 
+local providerZones(provider) =
+  if provider == 'Exoscale' then strExoscaleZones
+  else if provider == 'cloudscale.ch' then strCloudscaleZones
+  else 'default';
+
 local vshnMetaObjectStorage(provider) = {
   metadata+: {
     annotations+: {
       'metadata.appcat.vshn.io/displayname': provider + ' Object Storage',
       'metadata.appcat.vshn.io/description': 'S3 compatible object storage hosted by ' + provider,
       'metadata.appcat.vshn.io/end-user-docs-url': 'https://vs.hn/objstor',
-      'metadata.appcat.vshn.io/zone': provider + ' zones: ' +
-                                      if provider == 'Exoscale' then strExoscaleZones else strCloudscaleZones,
+      'metadata.appcat.vshn.io/zone': providerZones(provider),
       'metadata.appcat.vshn.io/product-description': 'https://products.docs.vshn.ch/products/appcat/objectstorage.html',
     },
     labels+: {
@@ -155,6 +159,20 @@ local promRuleSLA(value, service) = kube._Object('monitoring.coreos.com/v1', 'Pr
   },
 };
 
+local removeField(obj, name) = {
+  // We don't want the name field in the actual providerConfig
+  [k]: obj[k]
+  for k in std.objectFieldsAll(obj)
+  if k != name
+};
+
+local argoCDAnnotations() = {
+  // Our current ArgoCD configuration can't handle the claim -> composite
+  // relationship
+  'argocd.argoproj.io/compare-options': 'IgnoreExtraneous',
+  'argocd.argoproj.io/sync-options': 'Prune=false',
+};
+
 {
   SyncOptions: syncOptions,
   VshnMetaDBaaSExoscale(dbname):
@@ -181,4 +199,8 @@ local promRuleSLA(value, service) = kube._Object('monitoring.coreos.com/v1', 'Pr
     getApiserverImageString(),
   PromRuleSLA(value, service):
     promRuleSLA(value, service),
+  RemoveField(obj, name):
+    removeField(obj, name),
+  ArgoCDAnnotations():
+    argoCDAnnotations(),
 }
diff --git a/component/objectstorage.jsonnet b/component/objectstorage.jsonnet
@@ -241,9 +241,64 @@ local compositionExoscale =
     },
   };
 
+local minioComp(name) =
+  local compParams = objStoParams.compositions.minio;
+
+  kube._Object('apiextensions.crossplane.io/v1', 'Composition', name + '.objectbuckets.appcat.vshn.io') +
+  common.SyncOptions +
+  common.VshnMetaObjectStorage('Minio-' + name) +
+  {
+    spec: {
+      compositeTypeRef: comp.CompositeRef(xrd),
+      writeConnectionSecretsToNamespace: compParams.secretNamespace,
+      functions:
+        [
+          {
+            name: 'minio-func',
+            type: 'Container',
+            config: kube.ConfigMap('xfn-config') + {
+              metadata: {
+                labels: {
+                  name: 'xfn-config',
+                },
+                name: 'xfn-config',
+              },
+              data: {
+                providerConfig: name,
+              },
+            },
+            container: {
+              image: 'miniobucket',
+              imagePullPolicy: 'IfNotPresent',
+              timeout: '20s',
+              runner: {
+                endpoint: objStoParams.compositions.minio.grpcEndpoint,
+              },
+            },
+          },
+        ],
+    },
+  };
+
+local compositionMinio =
+  local provider = params.providers.minio;
+  [
+    minioComp(config.name)
+    for config in provider.additionalProviderConfigs
+  ] + [
+    minioComp(configRef)
+    for configRef in provider.providerConfigRefs
+  ] + [
+    // Automagically add the defined instances as well
+    minioComp(instance.name)
+    for instance in params.services.vshn.minio.instances
+  ];
+
+
 if objStoParams.enabled then {
   '20_xrd_objectstorage': xrd,
   '20_rbac_objectstorage': xrds.CompositeClusterRoles(xrd),
   [if objStoParams.compositions.cloudscale.enabled then '21_composition_objectstorage_cloudscale']: compositionCloudscale,
   [if objStoParams.compositions.exoscale.enabled then '21_composition_objectstorage_exoscale']: compositionExoscale,
+  [if objStoParams.compositions.minio.enabled then '21_composition_objectstorage_minio']: compositionMinio,
 } else {}
diff --git a/component/provider.jsonnet b/component/provider.jsonnet
@@ -1,3 +1,4 @@
+local common = import 'common.libsonnet';
 local com = import 'lib/commodore.libjsonnet';
 local kap = import 'lib/kapitan.libjsonnet';
 local kube = import 'lib/kube.libjsonnet';
@@ -209,6 +210,11 @@ local controllerConfigRef(config) =
           resources: [ 'snapshots' ],
           verbs: [ 'get' ],
         },
+        {
+          apiGroups: [ 'minio.crossplane.io' ],
+          resources: [ 'providerconfigs' ],
+          verbs: [ 'get', 'list', 'watch', 'update', 'patch', 'create', 'delete' ],
+        },
       ],
     };
     local rolebinding = kube.ClusterRoleBinding('crossplane:provider:provider-kubernetes:system:custom') {
@@ -348,15 +354,18 @@ local controllerConfigRef(config) =
     controllerConf
     +
     [
-      crossplane.ProviderConfig('minio') {
+      crossplane.ProviderConfig(config.name) {
         apiVersion: 'minio.crossplane.io/v1',
         spec+: addCredentials(
-          provider.providerConfig,
+          common.RemoveField(config, 'name'),
           {
             source: 'InjectedIdentity',
           }
         ),
-      },
+      }
+      for config in provider.additionalProviderConfigs
+    ] +
+    [
       sa,
       role,
       rolebinding,

diff --git a/component/vshn_minio.jsonnet b/component/vshn_minio.jsonnet
@@ -17,8 +17,8 @@ local serviceNamespaceLabelKey = 'appcat.vshn.io/claim-namespace';
 
 local connectionSecretKeys = [
   'MINIO_URL',
-  'MINIO_USERNAME',
-  'MINIO_PASSWORD',
+  'AWS_SECRET_ACCESS_KEY',
+  'AWS_ACCESS_KEY_ID',
 ];
 
 local minioPlans = common.FilterDisabledParams(minioParams.plans);
@@ -33,7 +33,7 @@ local xrd = xrds.XRDFromCRD(
 local composition =
   kube._Object('apiextensions.crossplane.io/v1', 'Composition', 'vshnminio.vshn.appcat.vshn.io') +
   common.SyncOptions +
-  common.VshnMetaVshn('Minio', 'distributed', 'true', minioPlans) +
+  common.VshnMetaVshn('Minio', 'distributed', 'false', minioPlans) +
   {
     spec: {
       compositeTypeRef: comp.CompositeRef(xrd),
@@ -56,6 +56,7 @@ local composition =
                 minioChartVersion: params.charts.minio.version,
                 plans: std.toString(minioPlans),
                 defaultPlan: minioParams.defaultPlan,
+                providerEnabled: std.toString(params.providers.minio.enabled),
               },
             },
             container: {
@@ -71,8 +72,21 @@ local composition =
     },
   };
 
+
+local instances = [
+  kube._Object('vshn.appcat.vshn.io/v1', 'VSHNMinio', instance.name) + {
+    metadata+: {
+      namespace: instance.namespace,
+      annotations+: common.ArgoCDAnnotations(),
+    },
+    spec+: instance.spec,
+  }
+  for instance in minioParams.instances
+];
+
 if params.services.vshn.enabled && minioParams.enabled then {
   '20_xrd_vshn_minio': xrd,
   '20_rbac_vshn_minio': xrds.CompositeClusterRoles(xrd),
   '21_composition_vshn_minio': composition,
+  [if std.length(instances) != 0 then '22_minio_instances']: instances,
 } else {}