Skip to content

Commit 0854e44

Browse files
robnester-rhrobnester-rh
committed
initial migration of CRDs
This commit is the initial migration of the CRDs from `enterprise-contract/enterprise-contract-controller` to this repo. Assisted-by: claude-4-sonnet Ref: EC-1316 Signed-off-by: Rob Nester <[email protected]>
1 parent f11cb7e commit 0854e44

28 files changed

+3188
-1
lines changed

Makefile

Lines changed: 56 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -375,3 +375,59 @@ bump-minor-version:
375375
git commit $(VERSION_FILE) \
376376
-m "Bump minor version to $$(cat $(VERSION_FILE))" \
377377
-m 'Commit generated with `make bump-minor-version`'
378+
379+
##@ CRD Management
380+
381+
# CRD-related variables
382+
CRD_ROOT = $(dir $(abspath $(lastword $(MAKEFILE_LIST))))
383+
CONTROLLER_GEN = go run -modfile $(CRD_ROOT)tools/crd/go.mod sigs.k8s.io/controller-tools/cmd/controller-gen
384+
KUSTOMIZE = go run -modfile $(CRD_ROOT)tools/crd/go.mod sigs.k8s.io/kustomize/kustomize/v5
385+
ENVTEST = go run -modfile $(CRD_ROOT)tools/crd/go.mod sigs.k8s.io/controller-runtime/tools/setup-envtest
386+
CRD_DEF = ./api/v1alpha1
387+
388+
CRD_GEN_DEPS=\
389+
api/v1alpha1/enterprisecontractpolicy_types.go \
390+
api/v1alpha1/groupversion_info.go \
391+
tools/crd/go.sum
392+
393+
config/crd/bases/%.yaml: $(CRD_GEN_DEPS)
394+
$(CONTROLLER_GEN) rbac:roleName=enterprise-contract-role crd webhook paths=./api/... output:crd:artifacts:config=config/crd/bases
395+
yq -i 'del(.metadata.annotations["controller-gen.kubebuilder.io/version"])' $@
396+
397+
api/config/%.yaml: config/crd/bases/%.yaml
398+
@mkdir -p api/config
399+
@cp $< $@
400+
401+
.PHONY: crd-manifests
402+
crd-manifests: api/config/appstudio.redhat.com_enterprisecontractpolicies.yaml ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects.
403+
404+
.PHONY: crd-generate
405+
crd-generate: $(CRD_GEN_DEPS) ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations.
406+
$(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths=./api/...
407+
cd api && go generate ./...
408+
409+
.PHONY: crd-docs
410+
crd-docs: $(wildcard $(CRD_DEF)/*.go) ## Generate CRD documentation
411+
@go run -modfile tools/crd/go.mod github.com/elastic/crd-ref-docs --max-depth 50 --config=docs/crd/config.yaml --source-path=$(CRD_DEF) --templates-dir=docs/crd/templates --output-path=docs/modules/ROOT/pages/crd-reference.adoc
412+
413+
.PHONY: crd-test
414+
crd-test: crd-manifests crd-generate ## Run CRD tests.
415+
KUBEBUILDER_ASSETS="$$($(ENVTEST) use $(ENVTEST_K8S_VERSION) -p path)" go test ./... -coverprofile crd_cover.out
416+
cd api && go test ./... -coverprofile ../api_cover.out
417+
418+
.PHONY: crd-export-schema
419+
crd-export-schema: crd-generate ## Export the CRD schema to the schema directory as a json-store.org schema.
420+
@mkdir -p dist
421+
cp api/v1alpha1/policy_spec.json dist/
422+
423+
ifndef ignore-not-found
424+
ignore-not-found = false
425+
endif
426+
427+
.PHONY: crd-install
428+
crd-install: crd-manifests ## Install CRDs into the K8s cluster specified in ~/.kube/config.
429+
$(KUSTOMIZE) build config/crd | kubectl apply -f -
430+
431+
.PHONY: crd-uninstall
432+
crd-uninstall: crd-manifests ## Uninstall CRDs from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion.
433+
$(KUSTOMIZE) build config/crd | kubectl delete --ignore-not-found=$(ignore-not-found) -f -

api/config/appstudio.redhat.com_enterprisecontractpolicies.yaml

Lines changed: 239 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,239 @@
1+
---
2+
apiVersion: apiextensions.k8s.io/v1
3+
kind: CustomResourceDefinition
4+
metadata:
5+
annotations: {}
6+
name: enterprisecontractpolicies.appstudio.redhat.com
7+
spec:
8+
group: appstudio.redhat.com
9+
names:
10+
categories:
11+
- all
12+
kind: EnterpriseContractPolicy
13+
listKind: EnterpriseContractPolicyList
14+
plural: enterprisecontractpolicies
15+
shortNames:
16+
- ecp
17+
singular: enterprisecontractpolicy
18+
scope: Namespaced
19+
versions:
20+
- name: v1alpha1
21+
schema:
22+
openAPIV3Schema:
23+
description: EnterpriseContractPolicy is the Schema for the enterprisecontractpolicies API
24+
properties:
25+
apiVersion:
26+
description: |-
27+
APIVersion defines the versioned schema of this representation of an object.
28+
Servers should convert recognized schemas to the latest internal value, and
29+
may reject unrecognized values.
30+
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
31+
type: string
32+
kind:
33+
description: |-
34+
Kind is a string value representing the REST resource this object represents.
35+
Servers may infer this from the endpoint the client submits requests to.
36+
Cannot be updated.
37+
In CamelCase.
38+
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
39+
type: string
40+
metadata:
41+
type: object
42+
spec:
43+
description: EnterpriseContractPolicySpec is used to configure the Enterprise Contract Policy
44+
properties:
45+
configuration:
46+
description: Configuration handles policy modification configuration (exclusions and inclusions)
47+
properties:
48+
collections:
49+
description: |-
50+
Collections set of predefined rules. DEPRECATED: Collections can be listed in include
51+
with the "@" prefix.
52+
items:
53+
type: string
54+
type: array
55+
x-kubernetes-list-type: set
56+
exclude:
57+
description: |-
58+
Exclude set of policy exclusions that, in case of failure, do not block
59+
the success of the outcome.
60+
items:
61+
type: string
62+
type: array
63+
x-kubernetes-list-type: set
64+
include:
65+
description: |-
66+
Include set of policy inclusions that are added to the policy evaluation.
67+
These override excluded rules.
68+
items:
69+
type: string
70+
type: array
71+
x-kubernetes-list-type: set
72+
type: object
73+
description:
74+
description: Description of the policy or its intended use
75+
type: string
76+
identity:
77+
description: Identity to be used for keyless verification. This is an experimental feature.
78+
properties:
79+
issuer:
80+
description: Issuer is the URL of the certificate OIDC issuer for keyless verification.
81+
type: string
82+
issuerRegExp:
83+
description: |-
84+
IssuerRegExp is a regular expression to match the URL of the certificate OIDC issuer for
85+
keyless verification.
86+
type: string
87+
subject:
88+
description: Subject is the URL of the certificate identity for keyless verification.
89+
type: string
90+
subjectRegExp:
91+
description: |-
92+
SubjectRegExp is a regular expression to match the URL of the certificate identity for
93+
keyless verification.
94+
type: string
95+
type: object
96+
name:
97+
description: Optional name of the policy
98+
type: string
99+
publicKey:
100+
description: Public key used to validate the signature of images and attestations
101+
type: string
102+
rekorUrl:
103+
description: URL of the Rekor instance. Empty string disables Rekor integration
104+
type: string
105+
sources:
106+
description: One or more groups of policy rules
107+
items:
108+
description: Source defines policies and data that are evaluated together
109+
properties:
110+
config:
111+
description: |-
112+
Config specifies which policy rules are included, or excluded, from the
113+
provided policy source urls.
114+
properties:
115+
exclude:
116+
description: |-
117+
Exclude is a set of policy exclusions that, in case of failure, do not block
118+
the success of the outcome.
119+
items:
120+
type: string
121+
type: array
122+
x-kubernetes-list-type: set
123+
include:
124+
description: |-
125+
Include is a set of policy inclusions that are added to the policy evaluation.
126+
These take precedence over policy exclusions.
127+
items:
128+
type: string
129+
type: array
130+
x-kubernetes-list-type: set
131+
type: object
132+
data:
133+
description: List of go-getter style policy data source urls
134+
items:
135+
type: string
136+
type: array
137+
name:
138+
description: Optional name for the source
139+
type: string
140+
policy:
141+
description: List of go-getter style policy source urls
142+
items:
143+
type: string
144+
minItems: 1
145+
type: array
146+
ruleData:
147+
description: Arbitrary rule data that will be visible to policy rules
148+
type: object
149+
x-kubernetes-preserve-unknown-fields: true
150+
volatileConfig:
151+
description: |-
152+
Specifies volatile configuration that can include or exclude policy rules
153+
based on effective time.
154+
properties:
155+
exclude:
156+
description: |-
157+
Exclude is a set of policy exclusions that, in case of failure, do not block
158+
the success of the outcome.
159+
items:
160+
description: VolatileCriteria includes or excludes a policy rule with effective dates as an option.
161+
properties:
162+
effectiveOn:
163+
format: date-time
164+
type: string
165+
effectiveUntil:
166+
format: date-time
167+
type: string
168+
imageDigest:
169+
description: ImageDigest is used to specify an image by its digest.
170+
pattern: ^sha256:[a-fA-F0-9]{64}$
171+
type: string
172+
imageRef:
173+
description: |-
174+
DEPRECATED: Use ImageDigest instead
175+
ImageRef is used to specify an image by its digest.
176+
pattern: ^sha256:[a-fA-F0-9]{64}$
177+
type: string
178+
imageUrl:
179+
description: ImageUrl is used to specify an image by its URL without a tag.
180+
pattern: ^[a-z0-9][a-z0-9.-]*[a-z0-9](?:\/[a-z0-9][a-z0-9-]*[a-z0-9]){2,}$
181+
type: string
182+
reference:
183+
description: Reference is used to include a link to related information such as a Jira issue URL.
184+
type: string
185+
value:
186+
type: string
187+
required:
188+
- value
189+
type: object
190+
type: array
191+
include:
192+
description: |-
193+
Include is a set of policy inclusions that are added to the policy evaluation.
194+
These take precedence over policy exclusions.
195+
items:
196+
description: VolatileCriteria includes or excludes a policy rule with effective dates as an option.
197+
properties:
198+
effectiveOn:
199+
format: date-time
200+
type: string
201+
effectiveUntil:
202+
format: date-time
203+
type: string
204+
imageDigest:
205+
description: ImageDigest is used to specify an image by its digest.
206+
pattern: ^sha256:[a-fA-F0-9]{64}$
207+
type: string
208+
imageRef:
209+
description: |-
210+
DEPRECATED: Use ImageDigest instead
211+
ImageRef is used to specify an image by its digest.
212+
pattern: ^sha256:[a-fA-F0-9]{64}$
213+
type: string
214+
imageUrl:
215+
description: ImageUrl is used to specify an image by its URL without a tag.
216+
pattern: ^[a-z0-9][a-z0-9.-]*[a-z0-9](?:\/[a-z0-9][a-z0-9-]*[a-z0-9]){2,}$
217+
type: string
218+
reference:
219+
description: Reference is used to include a link to related information such as a Jira issue URL.
220+
type: string
221+
value:
222+
type: string
223+
required:
224+
- value
225+
type: object
226+
type: array
227+
type: object
228+
type: object
229+
minItems: 1
230+
type: array
231+
type: object
232+
status:
233+
description: EnterpriseContractPolicyStatus defines the observed state of EnterpriseContractPolicy
234+
type: object
235+
type: object
236+
served: true
237+
storage: true
238+
subresources:
239+
status: {}

api/go.mod

Lines changed: 93 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,93 @@
1+
module github.com/conforma/cli/api
2+
3+
go 1.23 // allow
4+
5+
require (
6+
k8s.io/apiextensions-apiserver v0.29.11
7+
k8s.io/apimachinery v0.29.11
8+
sigs.k8s.io/controller-runtime v0.17.6
9+
)
10+
11+
require (
12+
github.com/antlr/antlr4/runtime/Go/antlr/v4 v4.0.0-20230305170008-8188dc5388df // indirect
13+
github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a // indirect
14+
github.com/beorn7/perks v1.0.1 // indirect
15+
github.com/blang/semver/v4 v4.0.0 // indirect
16+
github.com/cenkalti/backoff/v4 v4.2.1 // indirect
17+
github.com/cespare/xxhash/v2 v2.2.0 // indirect
18+
github.com/coreos/go-semver v0.3.1 // indirect
19+
github.com/coreos/go-systemd/v22 v22.5.0 // indirect
20+
github.com/davecgh/go-spew v1.1.1 // indirect
21+
github.com/emicklei/go-restful/v3 v3.11.0 // indirect
22+
github.com/felixge/httpsnoop v1.0.3 // indirect
23+
github.com/go-logr/logr v1.4.1 // indirect
24+
github.com/go-logr/stdr v1.2.2 // indirect
25+
github.com/go-openapi/jsonpointer v0.19.6 // indirect
26+
github.com/go-openapi/jsonreference v0.20.2 // indirect
27+
github.com/go-openapi/swag v0.22.3 // indirect
28+
github.com/gogo/protobuf v1.3.2 // indirect
29+
github.com/golang/protobuf v1.5.4 // indirect
30+
github.com/google/cel-go v0.17.7 // indirect
31+
github.com/google/gnostic-models v0.6.8 // indirect
32+
github.com/google/go-cmp v0.6.0 // indirect
33+
github.com/google/gofuzz v1.2.0 // indirect
34+
github.com/google/uuid v1.3.0 // indirect
35+
github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 // indirect
36+
github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0 // indirect
37+
github.com/josharian/intern v1.0.0 // indirect
38+
github.com/json-iterator/go v1.1.12 // indirect
39+
github.com/mailru/easyjson v0.7.7 // indirect
40+
github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect
41+
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
42+
github.com/modern-go/reflect2 v1.0.2 // indirect
43+
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
44+
github.com/prometheus/client_golang v1.18.0 // indirect
45+
github.com/prometheus/client_model v0.5.0 // indirect
46+
github.com/prometheus/common v0.45.0 // indirect
47+
github.com/prometheus/procfs v0.12.0 // indirect
48+
github.com/rogpeppe/go-internal v1.11.0 // indirect
49+
github.com/spf13/pflag v1.0.5 // indirect
50+
github.com/stoewer/go-strcase v1.2.0 // indirect
51+
go.etcd.io/etcd/api/v3 v3.5.10 // indirect
52+
go.etcd.io/etcd/client/pkg/v3 v3.5.10 // indirect
53+
go.etcd.io/etcd/client/v3 v3.5.10 // indirect
54+
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.42.0 // indirect
55+
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.44.0 // indirect
56+
go.opentelemetry.io/otel v1.19.0 // indirect
57+
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.19.0 // indirect
58+
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.19.0 // indirect
59+
go.opentelemetry.io/otel/metric v1.19.0 // indirect
60+
go.opentelemetry.io/otel/sdk v1.19.0 // indirect
61+
go.opentelemetry.io/otel/trace v1.19.0 // indirect
62+
go.opentelemetry.io/proto/otlp v1.0.0 // indirect
63+
go.uber.org/multierr v1.11.0 // indirect
64+
go.uber.org/zap v1.26.0 // indirect
65+
golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e // indirect
66+
golang.org/x/net v0.23.0 // indirect
67+
golang.org/x/oauth2 v0.12.0 // indirect
68+
golang.org/x/sync v0.5.0 // indirect
69+
golang.org/x/sys v0.18.0 // indirect
70+
golang.org/x/term v0.18.0 // indirect
71+
golang.org/x/text v0.14.0 // indirect
72+
golang.org/x/time v0.3.0 // indirect
73+
google.golang.org/appengine v1.6.7 // indirect
74+
google.golang.org/genproto v0.0.0-20230803162519-f966b187b2e5 // indirect
75+
google.golang.org/genproto/googleapis/api v0.0.0-20230726155614-23370e0ffb3e // indirect
76+
google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect
77+
google.golang.org/grpc v1.58.3 // indirect
78+
google.golang.org/protobuf v1.33.0 // indirect
79+
gopkg.in/inf.v0 v0.9.1 // indirect
80+
gopkg.in/yaml.v2 v2.4.0 // indirect
81+
gopkg.in/yaml.v3 v3.0.1 // indirect
82+
k8s.io/api v0.29.11 // indirect
83+
k8s.io/apiserver v0.29.11 // indirect
84+
k8s.io/client-go v0.29.11 // indirect
85+
k8s.io/component-base v0.29.11 // indirect
86+
k8s.io/klog/v2 v2.110.1 // indirect
87+
k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect
88+
k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect
89+
sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.28.0 // indirect
90+
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
91+
sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
92+
sigs.k8s.io/yaml v1.4.0 // indirect
93+
)

0 commit comments

Comments
 (0)