Add Flux support to install resources from git source:

[matrus2]

Hello,

This a proposal and MVP for integration e2e framework with Flux. This one include:

• create and delete GitRepository,
• create and delete Kustmozation,
• example of how to use the functionality.

Please comment & review. Once first part is done we can focus to provide all other functionalities from Flux e.g. Helm repository reconciliation support.

[k8s-ci-robot]

Hi @matrus2. Thanks for your PR.

I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[ShwethaKumbla]

@matrus2 Thanks for this great contribution.

[ShwethaKumbla]

I see Copyrights added in the new files are for 2021 and 2022. Kindly update it with the latest Copyright (Copyright 2023 The Kubernetes Authors.)

[ShwethaKumbla]

This file can be moved under third-party/flux to maintain the structuring we followed for the other third-party support.

[vladimirvivien]

I second that. Putting flux references in pkg would make it a required dependency when pulling the project, whether you want it or not.

[ShwethaKumbla]

/ok-to-test

[ShwethaKumbla]

/cc @vladimirvivien

[vladimirvivien]

This is a great contribution. And it is a great start.
Let's continue the review process to get it where it needs to land.

[vladimirvivien]

Suggestion: this setup/teardown probably belongs in a test environment setup/finish block in TestMain.

[matrus2]

That is a great point, agree. It should go to setup block.

[vladimirvivien]

I second that. Putting flux references in pkg would make it a required dependency when pulling the project, whether you want it or not.

[vladimirvivien]

Question: where is the kustomization file GitRepository/hello-world.flux-system coming from ? Is it pulled from the repo?

[matrus2]

GitRepository/hello-world.flux-system is a reference to GitRepository object in the flux-system namespace created in previous step. Basically, GitRepository is the declaration of a git repository and reference to the source of manifest files:

  apiVersion: source.toolkit.fluxcd.io/v1
  kind: GitRepository
  metadata:
    name: hello-world
    namespace: flux-system
  spec:
    interval: 10m
    ref:
      branch: main
    url: ssh://git@github.com/matrus2/go-hello-world

The Kustomization is a specification, which files form Git Repository and how they should be deployed. In this example we deploy files from path template within 1 minute interval to target namespace default. See below the example:

  apiVersion: kustomize.toolkit.fluxcd.io/v1
  kind: Kustomization
  metadata:
    name: hello-world
    namespace: flux-system
  spec:
    interval: 1m
    targetNamespace: default
    path: template
    prune: true
    sourceRef:
      kind: GitRepository
      name: hello-world

[vladimirvivien]

This is awesome @matrus2 .
I would suggest to add documentation comments for the functions in package third_party/flux

[harshanarayana]

I think we need to find a better way to manage this repository may be. I would rather have this repo co-located with some kubernetes-sigs org than have it in a personal repo and then use it here. cc @vladimirvivien

[harshanarayana]

As an alternative, We could actually have a self-referencing repo and point the test to use e2e-framework repo itself. We can create the sample customization template and other bits and use that from here directly ?

[matrus2]

Yes, in fact this was the plan to move it here to e2e-framework repo after merge of this PR. I see two possible scenarios:

1. Merge this PR and later move the manifests to e2e-framework and at the same time harden the security and reference not a branch, but a commit SHA, so that we ensure no new unexpected changes will land to external repo.
2. Split this PR and first move manifests from external repo to e2e-framework, and in the next PR reference it via Flux.

Please advice which one you prefer.

[harshanarayana]

Do you think it would be a good idea to take the namespace as an optional argument here so that one can easily install this on a non standard flux-system namespace ?

[harshanarayana]

Would it not be easier to define a custom type for Source as string and define these as string values directly instead of using .String() function ?

[harshanarayana]

Please add some documentation for these helper functions.

[harshanarayana]

I also noticed that the repo https://github.com/matrus2/go-hello-world/blob/main/template/deployment.yaml#L18 hardcodes the image reference. Don't we need to create a ImageUpdateAutomation for it to really do the right thing ? Also I am not sure if we have any precedence for this where the image from a personal dockerhub repo is included into the rest util. May be we should move all of these repo and images to a common location and manage them like we do for rest of the test images and others in k8s ?

[matrus2]

For the purpose of this test the image reference is hardcoded and this is one of the use case. For example you may have some prerequisite components to install inside the cluster like CNI, before deploy your staff. The example here is the simplest possible.
For moving the manifests see my answer above, for image reference not sure if you have any kuberentes-sigs registry.

[matrus2]

/retest

[matrus2]

@vladimirvivien @harshanarayana Please take a look in spare time. I think I answered to all your comments. I would like to continue with Flux and add Helm support, which gives a lot of more flexibility and add possibility to write more complex use cases as examples.

[harshanarayana]

@matrus2 Sorry, this one totally went missing from my radar.

Thanks for taking care of this and working towards adding this awesome feature into the framework. With regards to the sample app part of the questions, I think we might be able to do it in two phases like you were suggesting above.

1. Add the sample/example hello world project to this repo as the first PR
2. Reference your current PR to use the main branch from e2e-framework repo itself after that changes are merged

This way, we can keep all the test data co-located and can easily make changes to new things. I wish there was a way to setup flux to use a local file system path as a repo instead of an actual URL. That would have simplified a whole lot of this work! I would prefer to hear from @vladimirvivien @cpanato @ShwethaKumbla on what their view on this is before we can make any further decision.

I will go over the rest of the changes and if I find something needing a change, I will leave a comment. Give me until Weekend to sort a few things out.

[matrus2]

@harshanarayana Thanks for taking time and review this one. Template migrated in #283, reference updated.

[vladimirvivien]

@matrus2 This will be great. Always a good thing when this framework can be integrated with other projects.

@harshanarayana thanks for looking at this so thoroughly🎉

[vladimirvivien]

/retest

[matrus2]

@vladimirvivien Thanks for taking a look at this. The test won't pass untill #283 is merged as files reference template directory.

[matrus2]

/retest

[harshanarayana]

cc @matrus2 Now that we have the template merged, this is more or less ready to be merged as well.

Recently we enabled a way to use a custom path for these binaries that we use in the framework. i.e You can specify a path outside of the $PATH that you have your binaries in. Can we have a mechanism similar to that here? We have the same behavior on kind/and helm already. A way to customize teh path using WithPath kind of helper would be great to have.

[matrus2]

This is now fixed.

[harshanarayana]

@vladimirvivien Would you mind taking a look at this and see if you have any more pending request that needs to be addressed on this ?

[matrus2]

Hi @vladimirvivien, any chance to wrap this up?

[vladimirvivien]

Hi @matrus2, apologies for the delay, I was on vacation.
Thanks for hanging in there and doing this valuable contribution.
Thanks @harshanarayana for the thorough reviews!!

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: matrus2, vladimirvivien

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [vladimirvivien]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment