Merge pull request #14 from fluxcd/generate

Generate kustomization.yaml automatically

Author: stefanprodan

.github/workflows/e2e.yaml

@@ -54,7 +54,9 @@ jobs:
       - name: Run smoke tests
         run: |
           kubectl apply -k ./config/testdata/webapp
+          kubectl apply -k ./config/testdata/generate
           kubectl wait kustomizations/frontend --for=condition=ready --timeout=4m
+          kubectl wait kustomizations/generate --for=condition=ready --timeout=4m
           kubectl -n kustomize-system logs deploy/kustomize-controller
       - name: Debug failure
         if: failure()

README.md

@@ -7,14 +7,15 @@
 
 The kustomize-controller is a continuous delivery tool for Kubernetes, specialized in running 
 CD pipelines inside the cluster for workloads and infrastructure manifests
-generated with Kustomize coming from source control systems.
+coming from source control systems.
 
-![overview](docs/diagrams/fluxcd-kustomize-source-controllers.png)
+![overview](docs/diagrams/kustomize-controller-overview.png)
 
 Features:
 * watches for [Kustomization](docs/spec/v1alpha1/README.md) objects
 * fetches artifacts produced by [source-controller](https://github.com/fluxcd/source-controller) from `Source` objects 
 * watches `Source` objects for revision changes 
+* generates the `kustomization.yaml` file if needed
 * generates Kubernetes manifests with kustomize build
 * validates the build output with client-side or APIServer dry-run
 * applies the generated manifests on the cluster
@@ -102,17 +103,22 @@ spec:
   timeout: 80s
 ```
 
+> **Note** that if your repository contains only plain Kubernetes manifests,
+> you can configure the controller to
+> [automatically generate](docs/spec/v1alpha1/kustomization.md#generate-kustomizationyaml)
+> a kustomization.yaml file inside the specified path.
+
 A detailed explanation of the Kustomization object and its fields
 can be found in the [specification doc](docs/spec/v1alpha1/README.md). 
 
-![pipeline](docs/diagrams/fluxcd-kustomization-pipeline.png)
-
 Based on the above definition, the kustomize-controller fetches the Git repository content from source-controller,
 generates Kubernetes manifests by running kustomize build inside `./overlays/dev/`,
 and validates them with a dry-run apply. If the manifests pass validation, the controller will apply them 
 on the cluster and starts the health assessment of the deployed workload. If the health checks are passing, the
 Kustomization object status transitions to a ready state.
 
+![workflow](docs/diagrams/kustomize-controller-flow.png)
+
 You can wait for the kustomize controller to complete the deployment with:
 
 ```bash
@@ -250,6 +256,8 @@ set in the Git repository manifest.
 
 The kustomize controller can post message to Slack or Discord whenever a kustomization status changes.
 
+![pipeline](docs/diagrams/kustomize-controller-pipeline.png)
+
 Alerting can be configured by creating a profile that targets a list of kustomizations:
 
 ```yaml

api/v1alpha1/kustomization_types.go

@@ -30,6 +30,12 @@ type KustomizationSpec struct {
 	// +optional
 	DependsOn []string `json:"dependsOn,omitempty"`
 
+	// When enabled, the kustomization.yaml is automatically generated
+	// for all the Kubernetes manifests in the specified path and sub-directories.
+	// The generated kustomization.yaml contains a label transformer matching the prune field.
+	// +optional
+	Generate bool `json:"generate,omitempty"`
+
 	// The interval at which to apply the kustomization.
 	// +required
 	Interval metav1.Duration `json:"interval"`

config/crd/bases/kustomize.fluxcd.io_kustomizations.yaml

@@ -52,6 +52,12 @@ spec:
               items:
                 type: string
               type: array
+            generate:
+              description: When enabled, the kustomization.yaml is automatically generated
+                for all the Kubernetes manifests in the specified path and sub-directories.
+                The generated kustomization.yaml contains a label transformer matching
+                the prune field.
+              type: boolean
             healthChecks:
               description: A list of workloads (Deployments, DaemonSets and StatefulSets)
                 to be included in the health assessment.

config/testdata/generate/generate.yaml

@@ -0,0 +1,19 @@
+apiVersion: kustomize.fluxcd.io/v1alpha1
+kind: Kustomization
+metadata:
+  name: generate
+spec:
+  interval: 5m
+  generate: true
+  path: "./plain/"
+  prune: "env=test"
+  sourceRef:
+    kind: GitRepository
+    name: webapp
+  healthChecks:
+    - kind: Deployment
+      name: backend
+      namespace: test
+    - kind: Deployment
+      name: frontend
+      namespace: test

config/testdata/generate/gitrepository.yaml

@@ -0,0 +1,9 @@
+apiVersion: source.fluxcd.io/v1alpha1
+kind: GitRepository
+metadata:
+  name: webapp
+spec:
+  interval: 10m
+  url: https://github.com/stefanprodan/podinfo-deploy
+  ref:
+    branch: master

config/testdata/generate/kustomization.yaml

@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - gitrepository.yaml
+  - generate.yaml
+

controllers/kustomization_controller.go

@@ -17,6 +17,8 @@ limitations under the License.
 package controllers
 
 import (
+	"bufio"
+	"bytes"
 	"context"
 	"errors"
 	"fmt"
@@ -25,6 +27,7 @@ import (
 	"os/exec"
 	"path"
 	"strings"
+	"text/template"
 	"time"
 
 	"github.com/go-logr/logr"
@@ -198,6 +201,16 @@ func (r *KustomizationReconciler) sync(
 		), err
 	}
 
+	// generate kustomization.yaml
+	err = r.generate(kustomization, tmpDir)
+	if err != nil {
+		return kustomizev1.KustomizationNotReady(
+			kustomization,
+			kustomizev1.BuildFailedReason,
+			"kustomize create failed",
+		), err
+	}
+
 	// kustomize build
 	err = r.build(kustomization, tmpDir)
 	if err != nil {
@@ -263,6 +276,108 @@ func (r *KustomizationReconciler) download(kustomization kustomizev1.Kustomizati
 	return nil
 }
 
+func (r *KustomizationReconciler) generate(kustomization kustomizev1.Kustomization, tmpDir string) error {
+	if !kustomization.Spec.Generate {
+		return nil
+	}
+
+	timeout := kustomization.GetTimeout() + (time.Second * 1)
+	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	defer cancel()
+
+	dirPath := path.Join(tmpDir, kustomization.Spec.Path)
+	cmd := fmt.Sprintf("cd %s && kustomize create --autodetect --recursive", dirPath)
+	command := exec.CommandContext(ctx, "/bin/sh", "-c", cmd)
+	output, err := command.CombinedOutput()
+	if err != nil {
+		if errors.Is(err, context.DeadlineExceeded) {
+			return err
+		}
+		return fmt.Errorf("kustomize create failed: %s", string(output))
+	}
+
+	if err := r.generateLabelTransformer(kustomization, dirPath); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (r *KustomizationReconciler) generateLabelTransformer(kustomization kustomizev1.Kustomization, dirPath string) error {
+	labelTransformer := `
+apiVersion: builtin
+kind: LabelTransformer
+metadata:
+  name: labels
+labels:
+{{- range $key, $value := . }}
+  {{ $key }}: {{ $value }}
+{{- end }}
+fieldSpecs:
+  - path: metadata/labels
+    create: true
+`
+
+	transformers := `
+transformers:
+  - gc-labels.yaml
+`
+
+	prune := kustomization.Spec.Prune
+	if prune == "" {
+		return nil
+	}
+
+	// transform prune into label selectors
+	selectors := make(map[string]string)
+	for _, ls := range strings.Split(prune, ",") {
+		if kv := strings.Split(ls, "="); len(kv) == 2 {
+			selectors[kv[0]] = kv[1]
+		}
+	}
+
+	t, err := template.New("tmpl").Parse(labelTransformer)
+	if err != nil {
+		return fmt.Errorf("labelTransformer template parsing failed: %w", err)
+	}
+
+	var data bytes.Buffer
+	writer := bufio.NewWriter(&data)
+	if err := t.Execute(writer, selectors); err != nil {
+		return fmt.Errorf("labelTransformer template excution failed: %w", err)
+	}
+
+	if err := writer.Flush(); err != nil {
+		return fmt.Errorf("labelTransformer flush failed: %w", err)
+	}
+
+	file, err := os.Create(path.Join(dirPath, "gc-labels.yaml"))
+	if err != nil {
+		return fmt.Errorf("labelTransformer create failed: %w", err)
+	}
+	defer file.Close()
+
+	if _, err := file.WriteString(data.String()); err != nil {
+		return fmt.Errorf("labelTransformer write failed: %w", err)
+	}
+
+	if err := file.Sync(); err != nil {
+		return fmt.Errorf("labelTransformer sync failed: %w", err)
+	}
+
+	kfile, err := os.OpenFile(path.Join(dirPath, "kustomization.yaml"), os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
+	if err != nil {
+		return fmt.Errorf("kustomization file open failed: %w", err)
+	}
+	defer kfile.Close()
+
+	if _, err := kfile.WriteString(transformers); err != nil {
+		return fmt.Errorf("kustomization file append failed: %w", err)
+	}
+
+	return nil
+}
+
 func (r *KustomizationReconciler) build(kustomization kustomizev1.Kustomization, tmpDir string) error {
 	timeout := kustomization.GetTimeout() + (time.Second * 1)
 	ctx, cancel := context.WithTimeout(context.Background(), timeout)

controllers/kustomization_predicate.go

@@ -20,7 +20,6 @@ import (
 	"context"
 	"fmt"
 	"os/exec"
-	"strings"
 
 	"github.com/go-logr/logr"
 	"sigs.k8s.io/controller-runtime/pkg/event"
@@ -76,12 +75,12 @@ func (gc KustomizationGarbageCollectPredicate) Delete(e event.DeleteEvent) bool
 			command := exec.CommandContext(ctx, "/bin/sh", "-c", cmd)
 			if output, err := command.CombinedOutput(); err != nil {
 				gc.Log.Error(err, "Garbage collection failed",
-					"output", string(output),
-					strings.ToLower(k.Kind), fmt.Sprintf("%s/%s", k.GetNamespace(), k.GetName()))
+					"kustomization", fmt.Sprintf("%s/%s", k.GetNamespace(), k.GetName()),
+					"output", string(output))
 			} else {
 				gc.Log.Info("Garbage collection completed",
-					"output", string(output),
-					strings.ToLower(k.Kind), fmt.Sprintf("%s/%s", k.GetNamespace(), k.GetName()))
+					"kustomization", fmt.Sprintf("%s/%s", k.GetNamespace(), k.GetName()),
+					"output", string(output))
 			}
 		}
 	}