feat: add generic kubernetest resource management api

pkg/resources/clusterrole.go

@@ -0,0 +1,47 @@
+package resources
+
+import (
+	"fmt"
+
+	"sigs.k8s.io/controller-runtime/pkg/client"
+
+	v1 "k8s.io/api/rbac/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+type ClusterRoleMutator struct {
+	Name  string
+	Rules []v1.PolicyRule
+	meta  Mutator[client.Object]
+}
+
+var _ Mutator[*v1.ClusterRole] = &ClusterRoleMutator{}
+
+func NewClusterRoleMutator(name string, rules []v1.PolicyRule, labels map[string]string, annotations map[string]string) Mutator[*v1.ClusterRole] {
+	return &ClusterRoleMutator{
+		Name:  name,
+		Rules: rules,
+		meta:  NewMetadataMutator(labels, annotations),
+	}
+}
+
+func (m *ClusterRoleMutator) String() string {
+	return fmt.Sprintf("clusterrole %s", m.Name)
+}
+
+func (m *ClusterRoleMutator) Empty() *v1.ClusterRole {
+	return &v1.ClusterRole{
+		TypeMeta: metav1.TypeMeta{
+			APIVersion: "rbac.authorization.k8s.io/v1",
+			Kind:       "ClusterRole",
+		},
+		ObjectMeta: metav1.ObjectMeta{
+			Name: m.Name,
+		},
+	}
+}
+
+func (m *ClusterRoleMutator) Mutate(r *v1.ClusterRole) error {
+	r.Rules = m.Rules
+	return m.meta.Mutate(r)
+}

pkg/resources/clusterrole_test.go

@@ -0,0 +1,84 @@
+package resources_test
+
+import (
+	"context"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+	v1 "k8s.io/api/rbac/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+
+	"github.com/openmcp-project/controller-utils/pkg/resources"
+	"github.com/openmcp-project/controller-utils/pkg/testing"
+)
+
+var _ = Describe("ClusterRoleMutator", func() {
+	var (
+		ctx         context.Context
+		fakeClient  client.WithWatch
+		scheme      *runtime.Scheme
+		rules       []v1.PolicyRule
+		labels      map[string]string
+		annotations map[string]string
+		mutator     resources.Mutator[*v1.ClusterRole]
+	)
+
+	BeforeEach(func() {
+		ctx = context.TODO()
+
+		// Create a scheme and register the rbac/v1 API
+		scheme = runtime.NewScheme()
+		Expect(v1.AddToScheme(scheme)).To(Succeed())
+
+		// Initialize the fake client
+		var err error
+		fakeClient, err = testing.GetFakeClient(scheme)
+		Expect(err).ToNot(HaveOccurred())
+
+		// Define rules, labels, and annotations
+		rules = []v1.PolicyRule{
+			{
+				APIGroups: []string{""},
+				Resources: []string{"pods"},
+				Verbs:     []string{"get", "list"},
+			},
+		}
+		labels = map[string]string{"key1": "value1"}
+		annotations = map[string]string{"annotation1": "value1"}
+
+		// Create a cluster role mutator
+		mutator = resources.NewClusterRoleMutator("test-clusterrole", rules, labels, annotations)
+	})
+
+	It("should create an empty cluster role with correct metadata", func() {
+		clusterRole := mutator.Empty()
+
+		Expect(clusterRole.Name).To(Equal("test-clusterrole"))
+		Expect(clusterRole.APIVersion).To(Equal("rbac.authorization.k8s.io/v1"))
+		Expect(clusterRole.Kind).To(Equal("ClusterRole"))
+	})
+
+	It("should apply rules using Mutate", func() {
+		clusterRole := mutator.Empty()
+
+		// Apply the mutator's Mutate method
+		Expect(mutator.Mutate(clusterRole)).To(Succeed())
+
+		// Verify that the rules are applied
+		Expect(clusterRole.Rules).To(Equal(rules))
+	})
+
+	It("should create and retrieve the cluster role using the fake client", func() {
+		clusterRole := mutator.Empty()
+		Expect(mutator.Mutate(clusterRole)).To(Succeed())
+
+		// Create the cluster role in the fake client
+		Expect(fakeClient.Create(ctx, clusterRole)).To(Succeed())
+
+		// Retrieve the cluster role from the fake client and verify it
+		retrievedClusterRole := &v1.ClusterRole{}
+		Expect(fakeClient.Get(ctx, client.ObjectKey{Name: "test-clusterrole"}, retrievedClusterRole)).To(Succeed())
+		Expect(retrievedClusterRole).To(Equal(clusterRole))
+	})
+})

pkg/resources/clusterrolebinding.go

@@ -0,0 +1,50 @@
+package resources
+
+import (
+	"fmt"
+
+	"sigs.k8s.io/controller-runtime/pkg/client"
+
+	v1 "k8s.io/api/rbac/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+type ClusterRoleBindingMutator struct {
+	ClusterRoleBindingName string
+	RoleRef                v1.RoleRef
+	Subjects               []v1.Subject
+	meta                   Mutator[client.Object]
+}
+
+var _ Mutator[*v1.ClusterRoleBinding] = &ClusterRoleBindingMutator{}
+
+func NewClusterRoleBindingMutator(clusterRoleBindingName string, subjects []v1.Subject, roleRef v1.RoleRef, labels map[string]string, annotations map[string]string) Mutator[*v1.ClusterRoleBinding] {
+	return &ClusterRoleBindingMutator{
+		ClusterRoleBindingName: clusterRoleBindingName,
+		RoleRef:                roleRef,
+		Subjects:               subjects,
+		meta:                   NewMetadataMutator(labels, annotations),
+	}
+}
+
+func (m *ClusterRoleBindingMutator) String() string {
+	return fmt.Sprintf("clusterrolebinding %s", m.ClusterRoleBindingName)
+}
+
+func (m *ClusterRoleBindingMutator) Empty() *v1.ClusterRoleBinding {
+	return &v1.ClusterRoleBinding{
+		TypeMeta: metav1.TypeMeta{
+			APIVersion: "rbac.authorization.k8s.io/v1",
+			Kind:       "ClusterRoleBinding",
+		},
+		ObjectMeta: metav1.ObjectMeta{
+			Name: m.ClusterRoleBindingName,
+		},
+	}
+}
+
+func (m *ClusterRoleBindingMutator) Mutate(r *v1.ClusterRoleBinding) error {
+	r.RoleRef = m.RoleRef
+	r.Subjects = m.Subjects
+	return m.meta.Mutate(r)
+}

pkg/resources/clusterrolebinding_test.go

@@ -0,0 +1,87 @@
+package resources_test
+
+import (
+	"context"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+	v1 "k8s.io/api/rbac/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+
+	"github.com/openmcp-project/controller-utils/pkg/resources"
+	"github.com/openmcp-project/controller-utils/pkg/testing"
+)
+
+var _ = Describe("ClusterRoleBindingMutator", func() {
+	var (
+		ctx         context.Context
+		fakeClient  client.WithWatch
+		scheme      *runtime.Scheme
+		subjects    []v1.Subject
+		roleRef     v1.RoleRef
+		labels      map[string]string
+		annotations map[string]string
+		mutator     resources.Mutator[*v1.ClusterRoleBinding]
+	)
+
+	BeforeEach(func() {
+		ctx = context.TODO()
+
+		// Create a scheme and register the rbac/v1 API
+		scheme = runtime.NewScheme()
+		Expect(v1.AddToScheme(scheme)).To(Succeed())
+
+		// Initialize the fake client
+		var err error
+		fakeClient, err = testing.GetFakeClient(scheme)
+		Expect(err).ToNot(HaveOccurred())
+
+		// Define subjects, roleRef, labels, and annotations
+		subjects = []v1.Subject{
+			{
+				Kind:      "User",
+				Name:      "test-user",
+				Namespace: "test-namespace",
+			},
+		}
+		roleRef = resources.NewClusterRoleRef("test-role")
+		labels = map[string]string{"key1": "value1"}
+		annotations = map[string]string{"annotation1": "value1"}
+
+		// Create a cluster role binding mutator
+		mutator = resources.NewClusterRoleBindingMutator("test-clusterrolebinding", subjects, roleRef, labels, annotations)
+	})
+
+	It("should create an empty cluster role binding with correct metadata", func() {
+		clusterRoleBinding := mutator.Empty()
+
+		Expect(clusterRoleBinding.Name).To(Equal("test-clusterrolebinding"))
+		Expect(clusterRoleBinding.APIVersion).To(Equal("rbac.authorization.k8s.io/v1"))
+		Expect(clusterRoleBinding.Kind).To(Equal("ClusterRoleBinding"))
+	})
+
+	It("should apply subjects and roleRef using Mutate", func() {
+		clusterRoleBinding := mutator.Empty()
+
+		// Apply the mutator's Mutate method
+		Expect(mutator.Mutate(clusterRoleBinding)).To(Succeed())
+
+		// Verify that the subjects and roleRef are applied
+		Expect(clusterRoleBinding.Subjects).To(Equal(subjects))
+		Expect(clusterRoleBinding.RoleRef).To(Equal(roleRef))
+	})
+
+	It("should create and retrieve the cluster role binding using the fake client", func() {
+		clusterRoleBinding := mutator.Empty()
+		Expect(mutator.Mutate(clusterRoleBinding)).To(Succeed())
+
+		// Create the cluster role binding in the fake client
+		Expect(fakeClient.Create(ctx, clusterRoleBinding)).To(Succeed())
+
+		// Retrieve the cluster role binding from the fake client and verify it
+		retrievedClusterRoleBinding := &v1.ClusterRoleBinding{}
+		Expect(fakeClient.Get(ctx, client.ObjectKey{Name: "test-clusterrolebinding"}, retrievedClusterRoleBinding)).To(Succeed())
+		Expect(retrievedClusterRoleBinding).To(Equal(clusterRoleBinding))
+	})
+})

pkg/resources/configmap.go

@@ -0,0 +1,55 @@
+package resources
+
+import (
+	"fmt"
+
+	core "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+)
+
+type ConfigMapMutator struct {
+	Name      string
+	Namespace string
+	Data      map[string]string
+	meta      Mutator[client.Object]
+}
+
+var _ Mutator[*core.ConfigMap] = &ConfigMapMutator{}
+
+func NewConfigMapMutator(name, namespace string, data map[string]string, labels map[string]string, annotations map[string]string) Mutator[*core.ConfigMap] {
+	return &ConfigMapMutator{
+		Name:      name,
+		Namespace: namespace,
+		Data:      data,
+		meta:      NewMetadataMutator(labels, annotations),
+	}
+}
+
+func (m *ConfigMapMutator) String() string {
+	return fmt.Sprintf("configmap %s/%s", m.Namespace, m.Name)
+}
+
+func (m *ConfigMapMutator) Empty() *core.ConfigMap {
+	return &core.ConfigMap{
+		TypeMeta: metav1.TypeMeta{
+			APIVersion: "v1",
+			Kind:       "ConfigMap",
+		},
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      m.Name,
+			Namespace: m.Namespace,
+		},
+		Data: m.Data,
+	}
+}
+
+func (m *ConfigMapMutator) Mutate(cm *core.ConfigMap) error {
+	if cm.Data == nil {
+		cm.Data = make(map[string]string)
+	}
+	for key, value := range m.Data {
+		cm.Data[key] = value
+	}
+	return m.meta.Mutate(cm)
+}