Crossplane 1.14 compatibility

For compositions where we use functions, they had to be re-structured,
as in such cases the P+T part is just treated as another function.

For all non-function compositions no changes are necessary.

component/class/appcat.yml

@@ -64,6 +64,7 @@ parameters:
           - ${_base_directory}/component/vshn_minio.jsonnet
           - ${_base_directory}/component/vshn_services.jsonnet
           - ${_base_directory}/component/statefuleset-resize-controller.jsonnet
+          - ${_base_directory}/component/functions.jsonnet
         input_type: jsonnet
         output_path: appcat/
 

component/class/defaults.yml

@@ -39,11 +39,19 @@ parameters:
       appcat:
         registry: ghcr.io
         repository: vshn/appcat
-        tag: v4.42.0
+        tag: v4.43.0
       apiserver:
         registry: ghcr.io
         repository: vshn/appcat-apiserver
         tag: v0.1.4
+      functionAppcat:
+        registry: ${appcat:images:appcat:registry}
+        repository: ${appcat:images:appcat:repository}
+        tag: ${appcat:images:appcat:tag}-func
+      functionpnt:
+        registry: xpkg.upbound.io
+        repository: crossplane-contrib/function-patch-and-transform
+        tag: v0.1.4
 
     =_crd_version: ${appcat:images:appcat:tag}
 
@@ -54,7 +62,7 @@ parameters:
     appuioManaged: true
     tenantID: ${cluster:tenant}
     quotasEnabled: false
-    grpcEndpoint: unix-abstract:crossplane/fn/default.sock
+    grpcEndpoint: host.docker.internal:9443
 
     controller:
       enabled: false
@@ -258,6 +266,7 @@ parameters:
           bucket_endpoint: ""
           enabled: true
           grpcEndpoint: ${appcat:grpcEndpoint}
+          proxyFunction: false
           enableNetworkPolicy: true
           secretNamespace: ${appcat:services:vshn:secretNamespace}
           sgNamespace: syn-stackgres-operator
@@ -390,6 +399,7 @@ parameters:
           imageRegistry: ""
           bucket_region: "lpg"
           grpcEndpoint: ${appcat:grpcEndpoint}
+          proxyFunction: false
           defaultPlan: standard-1
           sla: 99.25
           plans:
@@ -429,6 +439,7 @@ parameters:
           secretNamespace: ${appcat:services:vshn:secretNamespace}
           helmChartVersion: ${appcat:charts:minio:version}
           grpcEndpoint: ${appcat:grpcEndpoint}
+          proxyFunction: false
           defaultPlan: standard-1
           sla: 99.25
           plans:
@@ -487,6 +498,7 @@ parameters:
               secretNamespace: ${appcat:services:generic:objectstorage:secretNamespace}
               providerSecretNamespace: ${appcat:providers:cloudscale:connectionSecretNamespace}
               grpcEndpoint: ${appcat:grpcEndpoint}
+              proxyFunction: false
               providerConfig: minio
 
           # Generic config for objecstorage composite

component/component/common.libsonnet

@@ -157,6 +157,18 @@ local argoCDAnnotations() = {
   'argocd.argoproj.io/sync-options': 'Prune=false',
 };
 
+local defaultReadinessCheck() = {
+  readinessChecks: [
+    {
+      matchCondition: {
+        status: 'True',
+        type: 'Ready',
+      },
+
+      type: 'MatchCondition',
+    },
+  ],
+};
 
 {
   SyncOptions: syncOptions,
@@ -188,4 +200,6 @@ local argoCDAnnotations() = {
     argoCDAnnotations(),
   EmailAlerting(alertingSettings):
     emailAlerting(alertingSettings),
+  DefaultReadinessCheck():
+    defaultReadinessCheck(),
 }

component/component/functions.jsonnet

@@ -0,0 +1,100 @@
+local common = import 'common.libsonnet';
+local com = import 'lib/commodore.libjsonnet';
+local kap = import 'lib/kapitan.libjsonnet';
+local kube = import 'lib/kube.libjsonnet';
+
+local crossplane = import 'lib/crossplane.libsonnet';
+
+local inv = kap.inventory();
+local params = inv.parameters.appcat;
+local appcatImage = params.images.functionAppcat;
+local pntImage = params.images.functionpnt;
+
+local getFunction(name, package) = {
+  apiVersion: 'pkg.crossplane.io/v1beta1',
+  kind: 'Function',
+  metadata: {
+    name: name,
+  },
+  spec: {
+    package: package,
+  },
+};
+
+local appcatRuntimeConfig = {
+  apiVersion: 'pkg.crossplane.io/v1beta1',
+  kind: 'DeploymentRuntimeConfig',
+  metadata: {
+    name: 'appcat-runtime-config',
+  },
+  spec: {
+    deploymentTemplate: {
+      spec: {
+        selector: {},
+        template: {
+          spec:
+            {
+              containers: [
+                {
+                  name: 'package-runtime',
+                  command: [ 'appcat' ],
+                  args: [ 'functions' ],
+                  securityContext: {},
+                },
+              ],
+              securityContext: {},
+            },
+        },
+      },
+    },
+  },
+};
+
+local defaultRuntimeConfig = {
+  apiVersion: 'pkg.crossplane.io/v1beta1',
+  kind: 'DeploymentRuntimeConfig',
+  metadata: {
+    name: 'default',
+  },
+  spec: {
+    deploymentTemplate: {
+      spec: {
+        selector: {},
+        template: {
+          spec:
+            {
+              containers: [
+                {
+                  name: 'package-runtime',
+                  securityContext: {},
+                },
+              ],
+              securityContext: {},
+            },
+        },
+      },
+    },
+  },
+};
+
+
+local appcatImageTag = std.strReplace(appcatImage.tag, '/', '_');
+
+local appcatFunctionImage = appcatImage.registry + '/' + appcatImage.repository + ':' + appcatImageTag;
+
+local appcat = getFunction('function-appcat', appcatFunctionImage) + {
+  spec+: {
+    runtimeConfigRef: {
+      name: 'appcat-runtime-config',
+    },
+  },
+};
+
+local pntFunctionImage = pntImage.registry + '/' + pntImage.repository + ':' + pntImage.tag;
+
+{
+  '10_function_patch_and_transform': getFunction('function-patch-and-transform', pntFunctionImage),
+  '10_function_appcat': appcat,
+  '10_runtimeconfig_appcat': appcatRuntimeConfig,
+  '10_runtimeconfig_default': defaultRuntimeConfig,
+}

component/component/objectstorage.jsonnet

@@ -106,7 +106,7 @@ local compositionCloudscale =
               },
             },
           ],
-        },
+        } + common.DefaultReadinessCheck(),
         {
           base: baseBucket,
           connectionDetails: [
@@ -133,7 +133,7 @@ local compositionCloudscale =
               ],
             },
           ],
-        },
+        } + common.DefaultReadinessCheck(),
       ],
     },
   };
@@ -253,12 +253,15 @@ local minioComp(name) =
     spec: {
       compositeTypeRef: comp.CompositeRef(xrd),
       writeConnectionSecretsToNamespace: compParams.secretNamespace,
-      functions:
+      mode: 'Pipeline',
+      pipeline:
         [
           {
-            name: 'minio-func',
-            type: 'Container',
-            config: kube.ConfigMap('xfn-config') + {
+            step: 'miniobucket-func',
+            functionRef: {
+              name: 'function-appcat',
+            },
+            input: kube.ConfigMap('xfn-config') + {
               metadata: {
                 labels: {
                   name: 'xfn-config',
@@ -267,15 +270,10 @@ local minioComp(name) =
               },
               data: {
                 providerConfig: name,
-              },
-            },
-            container: {
-              image: 'miniobucket',
-              imagePullPolicy: 'IfNotPresent',
-              timeout: '20s',
-              runner: {
-                endpoint: objStoParams.compositions.minio.grpcEndpoint,
-              },
+                serviceName: 'miniobucket',
+              } + if compParams.proxyFunction then {
+                proxyEndpoint: compParams.grpcEndpoint,
+              } else {},
             },
           },
         ],

component/component/provider.jsonnet

@@ -56,7 +56,7 @@ local controllerConfigRef(config) =
 
     local controllerConf = controllerConfig('cloudscale', provider.controllerConfig);
     [
-      crossplane.Provider('cloudscale') {
+      crossplane.Provider('provider-cloudscale') {
         spec+: provider.spec + controllerConfigRef(controllerConf),
       },
       crossplane.ProviderConfig('cloudscale') {
@@ -85,7 +85,7 @@ local controllerConfigRef(config) =
 
     local controllerConf = controllerConfig('exoscale', provider.controllerConfig);
     [
-      crossplane.Provider('exoscale') {
+      crossplane.Provider('provider-exoscale') {
         spec+: provider.spec + controllerConfigRef(controllerConf),
       },
       crossplane.ProviderConfig('exoscale') {
@@ -220,6 +220,11 @@ local controllerConfigRef(config) =
           resources: [ 'providerconfigs' ],
           verbs: [ 'get', 'list', 'watch', 'update', 'patch', 'create', 'delete' ],
         },
+        {
+          apiGroups: [ 'appcat.vshn.io' ],
+          resources: [ 'objectbuckets' ],
+          verbs: [ 'get', 'list', 'watch', 'update', 'patch', 'create', 'delete' ],
+        },
       ],
     };
     local rolebinding = kube.ClusterRoleBinding('crossplane:provider:provider-kubernetes:system:custom') {
@@ -230,7 +235,9 @@ local controllerConfigRef(config) =
     local controllerConf = controllerConfig('kubernetes', provider.controllerConfig);
 
     [
-      crossplane.Provider('kubernetes') {
+      // Very important: DON'T NAME THIS JUST `kubernetes` YOU WILL BREAK ALL PROVIDERS!
+      // https://crossplane.slack.com/archives/CEG3T90A1/p1699871771723179
+      crossplane.Provider('provider-kubernetes') {
         spec+: provider.spec + controllerConfigRef(controllerConf),
       },
     ]
@@ -248,7 +255,6 @@ local controllerConfigRef(config) =
           }
         ),
       },
-      sa,
       role,
       rolebinding,
     ],
@@ -298,7 +304,7 @@ local controllerConfigRef(config) =
     local controllerConf = controllerConfig('helm', provider.controllerConfig);
 
     [
-      crossplane.Provider('helm') {
+      crossplane.Provider('provider-helm') {
         spec+: provider.spec + controllerConfigRef(controllerConf),
       },
     ]
@@ -316,7 +322,6 @@ local controllerConfigRef(config) =
           }
         ),
       },
-      sa,
       role,
       rolebinding,
     ],
@@ -351,7 +356,7 @@ local controllerConfigRef(config) =
     local controllerConf = controllerConfig('minio', provider.controllerConfig);
 
     [
-      crossplane.Provider('minio') {
+      crossplane.Provider('provider-minio') {
         spec+: provider.spec + controllerConfigRef(controllerConf),
       },
     ]
@@ -371,7 +376,6 @@ local controllerConfigRef(config) =
       for config in provider.additionalProviderConfigs
     ] +
     [
-      sa,
       role,
       rolebinding,
     ],

component/component/vshn_minio.jsonnet

@@ -42,19 +42,23 @@ local composition =
     spec: {
       compositeTypeRef: comp.CompositeRef(xrd),
       writeConnectionSecretsToNamespace: minioParams.secretNamespace,
-      functions:
+      mode: 'Pipeline',
+      pipeline:
         [
           {
-            name: 'minio-func',
-            type: 'Container',
-            config: kube.ConfigMap('xfn-config') + {
+            step: 'minio-func',
+            functionRef: {
+              name: 'function-appcat',
+            },
+            input: kube.ConfigMap('xfn-config') + {
               metadata: {
                 labels: {
                   name: 'xfn-config',
                 },
                 name: 'xfn-config',
               },
               data: {
+                serviceName: 'minio',
                 imageTag: common.GetAppCatImageTag(),
                 minioChartRepository: params.charts.minio.source,
                 minioChartVersion: params.charts.minio.version,
@@ -63,15 +67,9 @@ local composition =
                 providerEnabled: std.toString(params.providers.minio.enabled),
                 controlNamespace: params.services.controlNamespace,
                 maintenanceSA: 'helm-based-service-maintenance',
-              },
-            },
-            container: {
-              image: 'minio',
-              imagePullPolicy: 'IfNotPresent',
-              timeout: '20s',
-              runner: {
-                endpoint: minioParams.grpcEndpoint,
-              },
+              } + if minioParams.proxyFunction then {
+                proxyEndpoint: minioParams.grpcEndpoint,
+              } else {},
             },
           },
         ],