add build-controller.sh script into code generator

Pulls the scripts/build-controller.sh script and all necessary Bash
library files from the original repository in order to be able to call
`make build-controller SERVICE=$SERVICE` from the code-generator
repository.

Author: jaypipes

Makefile

@@ -3,6 +3,8 @@ SHELL := /bin/bash # Use bash syntax
 # Set up variables
 GO111MODULE=on
 
+AWS_SERVICE=$(shell echo $(SERVICE) | tr '[:upper:]' '[:lower:]')
+
 # Build ldflags
 VERSION ?= "v0.0.0"
 GITCOMMIT=$(shell git rev-parse HEAD)
@@ -15,7 +17,7 @@ GO_LDFLAGS=-ldflags "-X main.version=$(VERSION) \
 # aws-sdk-go/private/model/api package is gated behind a build tag "codegen"...
 GO_TAGS=-tags codegen
 
-.PHONY: all build-ack-generate test
+.PHONY: all build-ack-generate build-controller test
 
 all: test
 
@@ -24,6 +26,10 @@ build-ack-generate:	## Build ack-generate binary
 	@go build ${GO_TAGS} ${GO_LDFLAGS} -o bin/ack-generate cmd/ack-generate/main.go
 	@echo "ok."
 
+build-controller: build-ack-generate ## Generate controller code for SERVICE
+	@./scripts/install-controller-gen.sh 
+	@./scripts/build-controller.sh $(AWS_SERVICE)
+
 test: 				## Run code tests
 	go test ${GO_TAGS} ./...
 

scripts/build-controller.sh

@@ -0,0 +1,162 @@
+#!/usr/bin/env bash
+
+# A script that builds a single ACK service controller for an AWS service API
+
+set -eo pipefail
+
+SCRIPTS_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
+ROOT_DIR="$SCRIPTS_DIR/.."
+BIN_DIR="$ROOT_DIR/bin"
+
+source "$SCRIPTS_DIR/lib/common.sh"
+source "$SCRIPTS_DIR/lib/k8s.sh"
+
+check_is_installed controller-gen "You can install controller-gen with the helper scripts/install-controller-gen.sh"
+
+if ! k8s_controller_gen_version_equals "$CONTROLLER_TOOLS_VERSION"; then
+    echo "FATAL: Existing version of controller-gen "`controller-gen --version`", required version is $CONTROLLER_TOOLS_VERSION."
+    echo "FATAL: Please uninstall controller-gen and install the required version with scripts/install-controller-gen.sh."
+    exit 1
+fi
+
+ACK_GENERATE_CACHE_DIR=${ACK_GENERATE_CACHE_DIR:-"~/.cache/aws-controllers-k8s"}
+# The ack-generate code generator is in a separate source code repository,
+# typically at $GOPATH/src/github.com/aws-controllers-k8s/code-generator
+DEFAULT_ACK_GENERATE_BIN_PATH="$ROOT_DIR/bin/ack-generate"
+ACK_GENERATE_BIN_PATH=${ACK_GENERATE_BIN_PATH:-$DEFAULT_ACK_GENERATE_BIN_PATH}
+ACK_GENERATE_API_VERSION=${ACK_GENERATE_API_VERSION:-"v1alpha1"}
+ACK_GENERATE_CONFIG_PATH=${ACK_GENERATE_CONFIG_PATH:-""}
+DEFAULT_TEMPLATES_DIR="$ROOT_DIR/templates"
+TEMPLATES_DIR=${TEMPLATES_DIR:-$DEFAULT_TEMPLATES_DIR}
+
+USAGE="
+Usage:
+  $(basename "$0") <service>
+
+<service> should be an AWS service API aliases that you wish to build -- e.g.
+'s3' 'sns' or 'sqs'
+
+Environment variables:
+  ACK_GENERATE_CACHE_DIR    Overrides the directory used for caching AWS API
+                            models used by the ack-generate tool.
+                            Default: $ACK_GENERATE_CACHE_DIR
+  ACK_GENERATE_BIN_PATH:    Overrides the path to the the ack-generate binary.
+                            Default: $ACK_GENERATE_BIN_PATH
+  ACK_GENERATE_API_VERSION: Overrides the version of the Kubernetes API objects
+                            generated by the ack-generate apis command. If not
+                            specified, and the service controller has been
+                            previously generated, the latest generated API
+                            version is used. If the service controller has yet
+                            to be generated, 'v1alpha1' is used.
+  ACK_GENERATE_CONFIG_PATH: Specify a path to the generator config YAML file to
+                            instruct the code generator for the service.
+                            Default: services/{SERVICE}/generator.yaml
+  K8S_RBAC_ROLE_NAME:       Name of the Kubernetes Role to use when generating
+                            the RBAC manifests for the custom resource
+                            definitions.
+                            Default: $K8S_RBAC_ROLE_NAME
+"
+
+if [ $# -ne 1 ]; then
+    echo "ERROR: $(basename "$0") only accepts a single parameter" 1>&2
+    echo "$USAGE"
+    exit 1
+fi
+
+if [ ! -f $ACK_GENERATE_BIN_PATH ]; then
+    if is_installed "ack-generate"; then
+        ACK_GENERATE_BIN_PATH=$(which "ack-generate")
+    else
+        echo "ERROR: Unable to find an ack-generate binary.
+Either set the ACK_GENERATE_BIN_PATH to a valid location or
+run:
+ 
+   make build-ack-generate
+ 
+from the root directory or install ack-generate using:
+
+   go get -u github.com/aws-controllers-k8s/code-generator/cmd/ack-generate" 1>&2
+        exit 1;
+    fi
+fi
+SERVICE=$(echo "$1" | tr '[:upper:]' '[:lower:]')
+
+# Source code for the controller will be in a separate repo, typically in
+# $GOPATH/src/github.com/aws-controllers-k8s/$AWS_SERVICE-controller/
+DEFAULT_SERVICE_CONTROLLER_SOURCE_PATH="$ROOT_DIR/../$SERVICE-controller"
+SERVICE_CONTROLLER_SOURCE_PATH=${SERVICE_CONTROLLER_SOURCE_PATH:-$DEFAULT_SERVICE_CONTROLLER_SOURCE_PATH}
+
+if [[ ! -d $SERVICE_CONTROLLER_SOURCE_PATH ]]; then
+    echo "Error evaluating SERVICE_CONTROLLER_SOURCE_PATH environment variable:" 1>&2
+    echo "$SERVICE_CONTROLLER_SOURCE_PATH is not a directory." 1>&2
+    echo "${USAGE}"
+    exit 1
+fi
+
+K8S_RBAC_ROLE_NAME=${K8S_RBAC_ROLE_NAME:-"ack-$SERVICE-controller"}
+
+# If there's a generator.yaml in the service's directory and the caller hasn't
+# specified an override, use that.
+if [ -z "$ACK_GENERATE_CONFIG_PATH" ]; then
+    if [ -f "$SERVICE_CONTROLLER_SOURCE_PATH/generator.yaml" ]; then
+        ACK_GENERATE_CONFIG_PATH="$SERVICE_CONTROLLER_SOURCE_PATH/generator.yaml"
+    fi
+fi
+
+ag_args="$SERVICE -o $SERVICE_CONTROLLER_SOURCE_PATH --templates-dir $TEMPLATES_DIR"
+if [ -n "$ACK_GENERATE_CACHE_DIR" ]; then
+    ag_args="$ag_args --cache-dir $ACK_GENERATE_CACHE_DIR"
+fi
+
+apis_args="apis $ag_args"
+if [ -n "$ACK_GENERATE_API_VERSION" ]; then
+    apis_args="$apis_args --version $ACK_GENERATE_API_VERSION"
+fi
+
+if [ -n "$ACK_GENERATE_CONFIG_PATH" ]; then
+    ag_args="$ag_args --generator-config-path $ACK_GENERATE_CONFIG_PATH"
+    apis_args="$apis_args --generator-config-path $ACK_GENERATE_CONFIG_PATH"
+fi
+
+echo "Building Kubernetes API objects for $SERVICE"
+$ACK_GENERATE_BIN_PATH $apis_args
+if [ $? -ne 0 ]; then
+    exit 2
+fi
+
+config_output_dir="$SERVICE_CONTROLLER_SOURCE_PATH/config/"
+
+pushd $SERVICE_CONTROLLER_SOURCE_PATH/apis/$ACK_GENERATE_API_VERSION 1>/dev/null
+
+echo "Generating deepcopy code for $SERVICE"
+controller-gen object:headerFile=$TEMPLATES_DIR/boilerplate.txt paths=./...
+
+echo "Generating custom resource definitions for $SERVICE"
+# Latest version of controller-gen (master) is required for following two reasons
+# a) support for pointer values in map https://github.com/kubernetes-sigs/controller-tools/pull/317
+# b) support for float type (allowDangerousTypes) https://github.com/kubernetes-sigs/controller-tools/pull/449
+controller-gen crd:allowDangerousTypes=true paths=./... output:crd:artifacts:config=$config_output_dir/crd/bases
+
+popd 1>/dev/null
+
+echo "Building service controller for $SERVICE"
+controller_args="controller $ag_args"
+$ACK_GENERATE_BIN_PATH $controller_args
+if [ $? -ne 0 ]; then
+    exit 2
+fi
+
+pushd $SERVICE_CONTROLLER_SOURCE_PATH/pkg/resource 1>/dev/null
+
+echo "Generating RBAC manifests for $SERVICE"
+controller-gen rbac:roleName=$K8S_RBAC_ROLE_NAME paths=./... output:rbac:artifacts:config=$config_output_dir/rbac
+# controller-gen rbac outputs a ClusterRole definition in a
+# $config_output_dir/rbac/role.yaml file. We have some other standard Role
+# files for a reader and writer role, so here we rename the `role.yaml` file to
+# `cluster-role-controller.yaml` to better reflect what is in that file.
+mv $config_output_dir/rbac/role.yaml $config_output_dir/rbac/cluster-role-controller.yaml
+
+popd 1>/dev/null
+
+echo "Running gofmt against generated code for $SERVICE"
+gofmt -w "$SERVICE_CONTROLLER_SOURCE_PATH"

scripts/install-controller-gen.sh

@@ -0,0 +1,44 @@
+#!/usr/bin/env bash
+
+# ./scripts/install-controller-gen.sh
+#
+# Checks that the `controller-gen` binary is available on the host system and
+# if it is, that it matches the exact version that we require in order to
+# standardize the YAML manifests for CRDs and Kubernetes Roles.
+#
+# If the locally-installed controller-gen does not match the required version,
+# prints an error message asking the user to uninstall it.
+#
+# NOTE: We use this technique of building using `go build` within a temp
+# directory because controller-tools does not have a binary release artifact
+# for controller-gen.
+#
+# See: https://github.com/kubernetes-sigs/controller-tools/issues/500
+
+set -eo pipefail
+
+SCRIPTS_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
+ROOT_DIR="$SCRIPTS_DIR/.."
+CONTROLLER_TOOLS_VERSION="v0.4.0"
+
+source "$SCRIPTS_DIR/lib/common.sh"
+source "$SCRIPTS_DIR/lib/k8s.sh"
+
+if ! is_installed controller-gen; then
+    # GOBIN and GOPATH are not always set, so default to GOPATH from `go env`
+    __GOPATH=$(go env GOPATH)
+    __install_dir=${GOBIN:-$__GOPATH/bin}
+    __install_path="$__install_dir/controller-gen"
+    __work_dir=$(mktemp -d /tmp/controller-gen-XXX)
+
+    echo -n "installing controller-gen ${CONTROLLER_TOOLS_VERSION} ... "
+    cd "$__work_dir"
+
+    go mod init tmp 1>/dev/null 2>&1
+    go get -d "sigs.k8s.io/controller-tools/cmd/controller-gen@${CONTROLLER_TOOLS_VERSION}" 1>/dev/null 2>&1
+    go build -o "$__work_dir/controller-gen" sigs.k8s.io/controller-tools/cmd/controller-gen 1>/dev/null 2>&1
+    mv "$__work_dir/controller-gen" "$__install_path"
+
+    rm -rf "$WORK_DIR"
+    echo "ok."
+fi

scripts/lib/aws.sh

@@ -0,0 +1,61 @@
+#!/usr/bin/env bash
+
+DEFAULT_AWS_CLI_VERSION="2.0.52"
+
+# daws() executes the AWS Python CLI tool from a Docker container.
+#
+# Instead of relying on developers having a particular version of the AWS
+# Python CLI tool, this method allows a specific version of the CLI tool to be
+# executed within a Docker container.
+#
+# You call the daws function just like you were calling the `aws` CLI tool.
+#
+# Usage:
+#
+#   daws SERVICE COMMAND [OPTIONS]
+#
+# Example:
+#
+#   daws ecr describe-repositories --repository-name my-repo
+#
+# To use a specific version of the AWS CLI, set the ACK_AWS_CLI_IMAGE_VERSION
+# environment variable, otherwise the value of DEFAULT_AWS_CLI_VERSION is used.
+daws() {
+    aws_cli_img_version=${ACK_AWS_CLI_IMAGE_VERSION:-$DEFAULT_AWS_CLI_VERSION}
+    aws_cli_img="amazon/aws-cli:$aws_cli_img_version"
+    docker run --rm -v ~/.aws:/root/.aws:z  -v $(pwd):/aws "$aws_cli_img" "$@"
+}
+
+# aws_check_credentials() calls the STS::GetCallerIdentity API call and
+# verifies that there is a local identity for running AWS commands
+aws_check_credentials() {
+    echo -n "checking AWS credentials ... "
+    daws sts get-caller-identity --query "Account" >/dev/null ||
+        ( echo "\nFATAL: No AWS credentials found. Please run \`aws configure\` to set up the CLI for your credentials." && exit 1)
+    echo "ok."
+}
+
+# generate_aws_temp_creds function will generate temporary AWS CREDENTIALS which are valid for 900 seconds
+aws_generate_temp_creds() {
+    __uuid=$(uuidgen | cut -d'-' -f1 | tr '[:upper:]' '[:lower:]')
+
+    if [ -z "$AWS_ROLE_ARN" ]; then
+        printf "Missing input Role ARN, exiting...\n"
+        exit 1
+    fi
+
+    JSON=$(daws sts assume-role \
+           --role-arn "$AWS_ROLE_ARN"  \
+           --role-session-name tmp-role-"$__uuid" \
+           --duration-seconds 900 \
+           --output json || exit 1)
+
+    AWS_ACCESS_KEY_ID=$(echo "${JSON}" | jq --raw-output ".Credentials[\"AccessKeyId\"]")
+    AWS_SECRET_ACCESS_KEY=$(echo "${JSON}" | jq --raw-output ".Credentials[\"SecretAccessKey\"]")
+    AWS_SESSION_TOKEN=$(echo "${JSON}" | jq --raw-output ".Credentials[\"SessionToken\"]")
+}
+
+aws_account_id() {
+    JSON=$(daws sts get-caller-identity --output json || exit 1)
+    echo "${JSON}" | jq --raw-output ".Account"
+}

scripts/lib/common.sh

@@ -0,0 +1,90 @@
+#!/usr/bin/env bash
+
+# setting the -x option if debugging is true
+if [[ "${DEBUG:-"false"}" = "true" ]]; then
+    set -x
+fi
+
+# check_is_installed checks to see if the supplied executable is installed and
+# exits if not. An optional second argument is an extra message to display when
+# the supplied executable is not installed.
+#
+# Usage:
+#
+#   check_is_installed PROGRAM [ MSG ]
+#
+# Example:
+#
+#   check_is_installed kind "You can install kind with the helper scripts/install-kind.sh"
+check_is_installed() {
+    local __name="$1"
+    local __extra_msg="$2"
+    if ! is_installed "$__name"; then
+        echo "FATAL: Missing requirement '$__name'"
+        echo "Please install $__name before running this script."
+        if [[ -n $__extra_msg ]]; then
+            echo ""
+            echo "$__extra_msg"
+            echo ""
+        fi
+        exit 1
+    fi
+}
+
+is_installed() {
+    local __name="$1"
+    if $(which $__name >/dev/null 2>&1); then
+        return 0
+    else
+        return 1
+    fi
+}
+
+display_timelines() {
+    echo ""
+    echo "Displaying all step durations."
+    echo "TIMELINE: Docker build took $DOCKER_BUILD_DURATION seconds."
+    echo "TIMELINE: Upping test cluster took $UP_CLUSTER_DURATION seconds."
+    echo "TIMELINE: Base image integration tests took $BASE_INTEGRATION_DURATION seconds."
+    echo "TIMELINE: Current image integration tests took $LATEST_INTEGRATION_DURATION seconds."
+    echo "TIMELINE: Down processes took $DOWN_DURATION seconds."
+}
+
+should_execute() {
+  if [[ "$TEST_PASS" -ne 0 ]]; then
+    echo "NOTE: Skipping operation '$1'. Test is already marked as failed."
+    return 1
+  else
+    return 0
+  fi
+}
+
+# filenoext returns just the name of the supplied filename without the
+# extension
+filenoext() {
+    local __name="$1"
+    local __filename=$( basename "$__name" )
+    # How much do I despise Bash?!
+    echo "${__filename%.*}"
+}
+
+DEFAULT_DEBUG_PREFIX="DEBUG: "
+
+# debug_msg prints out a supplied message if the DEBUG environs variable is
+# set. An optional second argument indicates the "indentation level" for the
+# message. If the indentation level argument is missing, we look for the
+# existence of an environs variable called "indent_level" and use that.
+debug_msg() {
+    local __msg=${1:-}
+    local __indent_level=${2:-}
+    local __debug="${DEBUG:-""}"
+    local __debug_prefix="${DEBUG_PREFIX:-$DEFAULT_DEBUG_PREFIX}"
+    if [ ! -n "$__debug" ]; then
+        return 0
+    fi
+    __indent=""
+    if [ -n "$__indent_level" ]; then
+        __indent="$( for each in $( seq 0 $__indent_level ); do printf " "; done )"
+    fi
+    echo "$__debug_prefix$__indent$__msg"
+}