-
Notifications
You must be signed in to change notification settings - Fork 420
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add ClusterInterceptor CRD for registering interceptors
This commit adds a new CRD type called ClusterInterceptor. In TEP-0026 this type was called InterceptorConfiguration The `spec` currently only contains a clientConfig field to locate where the interceptor is running. Other fields will be added as they are implemented in follow ups. This commit also adds a simple reconciler for this type that resolves the clientConfig to a URL and adds it to the `status.address.url` field. Part of #868 Signed-off-by: Dibyo Mukherjee <[email protected]>
- Loading branch information
Showing
36 changed files
with
2,318 additions
and
147 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,54 @@ | ||
| # Copyright 2021 The Tekton Authors | ||
| # | ||
| # Licensed under the Apache License, Version 2.0 (the "License"); | ||
| # you may not use this file except in compliance with the License. | ||
| # You may obtain a copy of the License at | ||
| # | ||
| # https://www.apache.org/licenses/LICENSE-2.0 | ||
| # | ||
| # Unless required by applicable law or agreed to in writing, software | ||
| # distributed under the License is distributed on an "AS IS" BASIS, | ||
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| # See the License for the specific language governing permissions and | ||
| # limitations under the License. | ||
|
|
||
| apiVersion: apiextensions.k8s.io/v1 | ||
| kind: CustomResourceDefinition | ||
| metadata: | ||
| name: clusterinterceptors.triggers.tekton.dev | ||
| labels: | ||
| app.kubernetes.io/instance: default | ||
| app.kubernetes.io/part-of: tekton-triggers | ||
| triggers.tekton.dev/release: "devel" | ||
| version: "devel" | ||
| spec: | ||
| group: triggers.tekton.dev | ||
| scope: Cluster | ||
| names: | ||
| kind: ClusterInterceptor | ||
| plural: clusterinterceptors | ||
| singular: clusterinterceptor | ||
| shortNames: | ||
| - ci | ||
| categories: | ||
| - tekton | ||
| - tekton-triggers | ||
| versions: | ||
| - name: v1alpha1 | ||
| served: true | ||
| storage: true | ||
| schema: | ||
| openAPIV3Schema: | ||
| type: object | ||
| # One can use x-kubernetes-preserve-unknown-fields: true | ||
| # at the root of the schema (and inside any properties, additionalProperties) | ||
| # to get the traditional CRD behaviour that nothing is pruned, despite | ||
| # setting spec.preserveUnknownProperties: false. | ||
| # | ||
| # See https://kubernetes.io/blog/2019/06/20/crd-structural-schema/ | ||
| # See issue: https://github.com/knative/serving/issues/912 | ||
| x-kubernetes-preserve-unknown-fields: true | ||
| # Opt into the status subresource so metadata.generation | ||
| # starts to increment | ||
| subresources: | ||
| status: {} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,57 @@ | ||
| <!-- | ||
| --- | ||
| linkTitle: "ClusterInterceptor" | ||
| weight: 9 | ||
| --- | ||
| --> | ||
| # ClusterInterceptor | ||
|
|
||
| A `ClusterInterceptor` is cluster scoped resource that registers a new Interceptor that | ||
| can be invoked during the processing of a trigger to modify the behavior or payload of Triggers. The | ||
| custom resource describes how an EventListener can connect to a workload that | ||
| is running the interceptor business logic (and in the future what extra | ||
| paramters the interceptor accepts). | ||
|
|
||
| **NOTE**: This doc is a WIP. Please also see the [Interceptors section](./eventlisteners.md#interceptors) in the EventListener doc. | ||
|
|
||
| - [Interceptors](#interceptors) | ||
| - [Syntax](#syntax) | ||
| - [clientConfig](#clientConfig) | ||
|
|
||
| ## Syntax | ||
|
|
||
| To define a configuration file for a `ClusterInterceptor` resource, you can specify | ||
| the following fields: | ||
|
|
||
| - Required: | ||
| - [`apiVersion`][kubernetes-overview] - Specifies the API version, for example | ||
| `triggers.tekton.dev/v1alpha1`. | ||
| - [`kind`][kubernetes-overview] - Specifies the `ClusterInterceptor` resource | ||
| object. | ||
| - [`metadata`][kubernetes-overview] - Specifies data to uniquely identify the | ||
| `ClusterInterceptor` resource object, for example a `name`. | ||
| - [`spec`][kubernetes-overview] - Specifies the configuration information for | ||
| your ClusterInterceptor resource object. The spec include: | ||
| - [`clientConfig`] - Specifies how a client (e.g. an EventListener) can communicate with the ClusterInterceptor. | ||
|
|
||
| ### clientConfig | ||
|
|
||
| The `clientConfig` field describes how a client can communicate with an | ||
| interceptor. It can contain either the `url` field whose value is | ||
| a resolvable URL or it can contain a reference to a Kubernetes service where the ClusterInterceptor is running. | ||
| EventListeners will send forward requests to this service or URL. | ||
|
|
||
| ```yaml | ||
| spec: | ||
| clientConfig: | ||
| url: "http://interceptor-svc.default.svc/" | ||
| --- | ||
| spec: | ||
| clientConfig: | ||
| service: | ||
| name: "my-interceptor-svc" | ||
| namespace: "default" | ||
| path: "/optional-path" # optional | ||
| port: 8081 # defaults to 80 | ||
| ``` | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
34 changes: 34 additions & 0 deletions
34
pkg/apis/triggers/v1alpha1/cluster_interceptor_defaults.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| /* | ||
| Copyright 2019 The Tekton Authors | ||
| Licensed under the Apache License, Version 2.0 (the "License"); | ||
| you may not use this file except in compliance with the License. | ||
| You may obtain a copy of the License at | ||
| http://www.apache.org/licenses/LICENSE-2.0 | ||
| Unless required by applicable law or agreed to in writing, software | ||
| distributed under the License is distributed on an "AS IS" BASIS, | ||
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| See the License for the specific language governing permissions and | ||
| limitations under the License. | ||
| */ | ||
|
|
||
| package v1alpha1 | ||
|
|
||
| import ( | ||
| "context" | ||
| ) | ||
|
|
||
| var defaultPort = int32(80) | ||
|
|
||
| // SetDefaults sets the defaults on the object. | ||
| func (it *ClusterInterceptor) SetDefaults(ctx context.Context) { | ||
| if IsUpgradeViaDefaulting(ctx) { | ||
| if svc := it.Spec.ClientConfig.Service; svc != nil { | ||
| if svc.Port == nil { | ||
| svc.Port = &defaultPort | ||
| } | ||
| } | ||
| } | ||
| } |
59 changes: 59 additions & 0 deletions
59
pkg/apis/triggers/v1alpha1/cluster_interceptor_defaults_test.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,59 @@ | ||
| package v1alpha1_test | ||
|
|
||
| import ( | ||
| "context" | ||
| "testing" | ||
|
|
||
| "knative.dev/pkg/ptr" | ||
|
|
||
| "github.com/google/go-cmp/cmp" | ||
| triggersv1 "github.com/tektoncd/triggers/pkg/apis/triggers/v1alpha1" | ||
| metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" | ||
| ) | ||
|
|
||
| func TestClusterInterceptorSetDefaults(t *testing.T) { | ||
| tests := []struct { | ||
| name string | ||
| in triggersv1.ClusterInterceptor | ||
| want triggersv1.ClusterInterceptor | ||
| }{{ | ||
| name: "sets default service port", | ||
| in: triggersv1.ClusterInterceptor{ | ||
| ObjectMeta: metav1.ObjectMeta{ | ||
| Name: "github", | ||
| }, | ||
| Spec: triggersv1.ClusterInterceptorSpec{ | ||
| ClientConfig: triggersv1.ClientConfig{ | ||
| Service: &triggersv1.ServiceReference{ | ||
| Namespace: "default", | ||
| Name: "github-svc", | ||
| }, | ||
| }, | ||
| }, | ||
| }, | ||
| want: triggersv1.ClusterInterceptor{ | ||
| ObjectMeta: metav1.ObjectMeta{ | ||
| Name: "github", | ||
| }, | ||
| Spec: triggersv1.ClusterInterceptorSpec{ | ||
| ClientConfig: triggersv1.ClientConfig{ | ||
| Service: &triggersv1.ServiceReference{ | ||
| Namespace: "default", | ||
| Name: "github-svc", | ||
| Port: ptr.Int32(80), | ||
| }, | ||
| }, | ||
| }, | ||
| }, | ||
| }} | ||
|
|
||
| for _, tc := range tests { | ||
| t.Run(tc.name, func(t *testing.T) { | ||
| got := tc.in | ||
| got.SetDefaults(triggersv1.WithUpgradeViaDefaulting(context.Background())) | ||
| if diff := cmp.Diff(tc.want, got); diff != "" { | ||
| t.Fatalf("ClusterInterceptor SetDefaults error: %s", diff) | ||
| } | ||
| }) | ||
| } | ||
| } |
107 changes: 107 additions & 0 deletions
107
pkg/apis/triggers/v1alpha1/cluster_interceptor_types.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,107 @@ | ||
| package v1alpha1 | ||
|
|
||
| import ( | ||
| "errors" | ||
| "fmt" | ||
|
|
||
| metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" | ||
| "knative.dev/pkg/apis" | ||
| duckv1 "knative.dev/pkg/apis/duck/v1" | ||
| ) | ||
|
|
||
| // Check that EventListener may be validated and defaulted. | ||
| var _ apis.Validatable = (*ClusterInterceptor)(nil) | ||
| var _ apis.Defaultable = (*ClusterInterceptor)(nil) | ||
|
|
||
| // +genclient | ||
| // +genclient:nonNamespaced | ||
| // +genreconciler:krshapedlogic=false | ||
| // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object | ||
| // +k8s:openapi-gen=true | ||
| // ClusterInterceptor describes a pluggable interceptor including configuration | ||
| // such as the fields it accepts and its deployment address. The type is based on | ||
| // the Validating/MutatingWebhookConfiguration types for configuring AdmissionWebhooks | ||
| type ClusterInterceptor struct { | ||
| metav1.TypeMeta `json:",inline"` | ||
| // +optional | ||
| metav1.ObjectMeta `json:"metadata,omitempty"` | ||
|
|
||
| Spec ClusterInterceptorSpec `json:"spec"` | ||
| // +optional | ||
| Status ClusterInterceptorStatus `json:"status"` | ||
| } | ||
|
|
||
| // ClusterInterceptorSpec describes the Spec for an ClusterInterceptor | ||
| type ClusterInterceptorSpec struct { | ||
| ClientConfig ClientConfig `json:"clientConfig"` | ||
| } | ||
|
|
||
| // ClusterInterceptorStatus holds the status of the ClusterInterceptor | ||
| // +k8s:deepcopy-gen=true | ||
| type ClusterInterceptorStatus struct { | ||
| duckv1.Status `json:",inline"` | ||
|
|
||
| // ClusterInterceptor is Addressable and exposes the URL where the Interceptor is running | ||
| duckv1.AddressStatus `json:",inline"` | ||
| } | ||
|
|
||
| // ClientConfig describes how a client can communicate with the Interceptor | ||
| type ClientConfig struct { | ||
| // URL is a fully formed URL pointing to the interceptor | ||
| // Mutually exclusive with Service | ||
| URL *apis.URL `json:"url,omitempty"` | ||
|
|
||
| // Service is a reference to a Service object where the interceptor is running | ||
| // Mutually exclusive with URL | ||
| Service *ServiceReference `json:"service,omitempty"` | ||
| } | ||
|
|
||
| // ServServiceReference is a reference to a Service object | ||
| // with an optional path | ||
| type ServiceReference struct { | ||
| // Name is the name of the service | ||
| Name string `json:"name"` | ||
|
|
||
| // Namespace is the namespace of the service | ||
| Namespace string `json:"namespace"` | ||
|
|
||
| // Path is an optional URL path | ||
| // +optional | ||
| Path string `json:"path"` | ||
|
|
||
| // Port is a valid port number | ||
| Port *int32 `json:"port"` | ||
| } | ||
|
|
||
| // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object | ||
| // ClusterInterceptorList contains a list of ClusterInterceptor | ||
| // We don't use this but it's required for certain codegen features. | ||
| type ClusterInterceptorList struct { | ||
| metav1.TypeMeta `json:",inline"` | ||
| // +optional | ||
| metav1.ListMeta `json:"metadata,omitempty"` | ||
| Items []ClusterInterceptor `json:"items"` | ||
| } | ||
|
|
||
| var ErrNilURL = errors.New("interceptor URL was nil") | ||
|
|
||
| // ResolveAddress returns the URL where the interceptor is running using its clientConfig | ||
| func (it *ClusterInterceptor) ResolveAddress() (*apis.URL, error) { | ||
| if url := it.Spec.ClientConfig.URL; url != nil { | ||
| return url, nil | ||
| } | ||
| svc := it.Spec.ClientConfig.Service | ||
| if svc == nil { | ||
| return nil, ErrNilURL | ||
| } | ||
| port := int32(80) | ||
| if svc.Port != nil { | ||
| port = *svc.Port | ||
| } | ||
| url := &apis.URL{ | ||
| Scheme: "http", // TODO: Support HTTPs if caBundle is present | ||
| Host: fmt.Sprintf("%s.%s.svc:%d", svc.Name, svc.Namespace, port), | ||
| Path: svc.Path, | ||
| } | ||
| return url, nil | ||
| } |
Oops, something went wrong.