Skip to content

Commit

Permalink
refactor: remove use of k8s namespace (#2550)
Browse files Browse the repository at this point in the history
## Description

This change removes the k8s namespace code and replaces it with direct
use of the client set instead.

## Related Issue

Relates to #2507

## Checklist before merging

- [x] Test, docs, adr added or updated as needed
- [x] [Contributor Guide
Steps](https://github.com/defenseunicorns/zarf/blob/main/.github/CONTRIBUTING.md#developer-workflow)
followed

---------
  • Loading branch information
phillebaba authored Jun 3, 2024
1 parent 1749dd5 commit 0527bea
Show file tree
Hide file tree
Showing 8 changed files with 77 additions and 103 deletions.
3 changes: 2 additions & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ go 1.21.8
replace github.com/xeipuuv/gojsonschema => github.com/defenseunicorns/gojsonschema v0.0.0-20231116163348-e00f069122d6

require (
cuelang.org/go v0.7.0
github.com/AlecAivazis/survey/v2 v2.3.7
github.com/Masterminds/semver/v3 v3.2.1
github.com/agnivade/levenshtein v1.1.1
Expand Down Expand Up @@ -62,6 +61,8 @@ require (
sigs.k8s.io/yaml v1.4.0
)

require cuelang.org/go v0.7.0 // indirect

require (
atomicgo.dev/cursor v0.2.0 // indirect
atomicgo.dev/keyboard v0.2.9 // indirect
Expand Down
19 changes: 13 additions & 6 deletions src/internal/packager/helm/post-render.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ import (
"os"
"path/filepath"
"reflect"
"slices"

"github.com/defenseunicorns/pkg/helpers"
"github.com/defenseunicorns/zarf/src/config"
Expand Down Expand Up @@ -119,29 +120,35 @@ func (r *renderer) Run(renderedManifests *bytes.Buffer) (*bytes.Buffer, error) {

func (r *renderer) adoptAndUpdateNamespaces(ctx context.Context) error {
c := r.cluster
existingNamespaces, _ := c.GetNamespaces(ctx)
namespaceList, err := r.cluster.Clientset.CoreV1().Namespaces().List(ctx, metav1.ListOptions{})
if err != nil {
return err
}
for name, namespace := range r.namespaces {

// Check to see if this namespace already exists
var existingNamespace bool
for _, serverNamespace := range existingNamespaces.Items {
for _, serverNamespace := range namespaceList.Items {
if serverNamespace.Name == name {
existingNamespace = true
}
}

if !existingNamespace {
// This is a new namespace, add it
if _, err := c.CreateNamespace(ctx, namespace); err != nil {
_, err := c.Clientset.CoreV1().Namespaces().Create(ctx, namespace, metav1.CreateOptions{})
if err != nil {
return fmt.Errorf("unable to create the missing namespace %s", name)
}
} else if r.cfg.DeployOpts.AdoptExistingResources {
if r.cluster.IsInitialNamespace(name) {
// If this is a K8s initial namespace, refuse to adopt it
// Refuse to adopt namespace if it is one of four initial Kubernetes namespaces.
// https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/#initial-namespaces
if slices.Contains([]string{"default", "kube-node-lease", "kube-public", "kube-system"}, name) {
message.Warnf("Refusing to adopt the initial namespace: %s", name)
} else {
// This is an existing namespace to adopt
if _, err := c.UpdateNamespace(ctx, namespace); err != nil {
_, err := c.Clientset.CoreV1().Namespaces().Update(ctx, namespace, metav1.UpdateOptions{})
if err != nil {
return fmt.Errorf("unable to adopt the existing namespace %s", name)
}
}
Expand Down
27 changes: 26 additions & 1 deletion src/pkg/cluster/namespace.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,10 +6,12 @@ package cluster

import (
"context"
"time"

"github.com/defenseunicorns/zarf/src/pkg/k8s"
"github.com/defenseunicorns/zarf/src/pkg/message"
corev1 "k8s.io/api/core/v1"
kerrors "k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)

Expand All @@ -18,7 +20,30 @@ func (c *Cluster) DeleteZarfNamespace(ctx context.Context) error {
spinner := message.NewProgressSpinner("Deleting the zarf namespace from this cluster")
defer spinner.Stop()

return c.DeleteNamespace(ctx, ZarfNamespaceName)
err := c.Clientset.CoreV1().Namespaces().Delete(ctx, ZarfNamespaceName, metav1.DeleteOptions{})
if kerrors.IsNotFound(err) {
return nil
}
if err != nil {
return err
}
timer := time.NewTimer(0)
defer timer.Stop()
for {
select {
case <-ctx.Done():
return ctx.Err()
case <-timer.C:
_, err := c.Clientset.CoreV1().Namespaces().Get(ctx, ZarfNamespaceName, metav1.GetOptions{})
if kerrors.IsNotFound(err) {
return nil
}
if err != nil {
return err
}
timer.Reset(1 * time.Second)
}
}
}

// NewZarfManagedNamespace returns a corev1.Namespace with Zarf-managed labels
Expand Down
11 changes: 7 additions & 4 deletions src/pkg/cluster/secrets.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ import (
"reflect"

corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"

"github.com/defenseunicorns/zarf/src/config"
"github.com/defenseunicorns/zarf/src/pkg/k8s"
Expand Down Expand Up @@ -80,11 +81,12 @@ func (c *Cluster) UpdateZarfManagedImageSecrets(ctx context.Context, state *type
spinner := message.NewProgressSpinner("Updating existing Zarf-managed image secrets")
defer spinner.Stop()

if namespaces, err := c.GetNamespaces(ctx); err != nil {
namespaceList, err := c.Clientset.CoreV1().Namespaces().List(ctx, metav1.ListOptions{})
if err != nil {
spinner.Errorf(err, "Unable to get k8s namespaces")
} else {
// Update all image pull secrets
for _, namespace := range namespaces.Items {
for _, namespace := range namespaceList.Items {
currentRegistrySecret, err := c.GetSecret(ctx, namespace.Name, config.ZarfImagePullSecretName)
if err != nil {
continue
Expand Down Expand Up @@ -115,11 +117,12 @@ func (c *Cluster) UpdateZarfManagedGitSecrets(ctx context.Context, state *types.
spinner := message.NewProgressSpinner("Updating existing Zarf-managed git secrets")
defer spinner.Stop()

if namespaces, err := c.GetNamespaces(ctx); err != nil {
namespaceList, err := c.Clientset.CoreV1().Namespaces().List(ctx, metav1.ListOptions{})
if err != nil {
spinner.Errorf(err, "Unable to get k8s namespaces")
} else {
// Update all git pull secrets
for _, namespace := range namespaces.Items {
for _, namespace := range namespaceList.Items {
currentGitSecret, err := c.GetSecret(ctx, namespace.Name, config.ZarfGitServerSecretName)
if err != nil {
continue
Expand Down
11 changes: 4 additions & 7 deletions src/pkg/cluster/state.go
Original file line number Diff line number Diff line change
Expand Up @@ -87,16 +87,12 @@ func (c *Cluster) InitZarfState(ctx context.Context, initOptions types.ZarfInitO
// Setup zarf agent PKI
state.AgentTLS = pki.GeneratePKI(config.ZarfAgentHost)

namespaces, err := c.GetNamespaces(ctx)
namespaceList, err := c.Clientset.CoreV1().Namespaces().List(ctx, metav1.ListOptions{})
if err != nil {
return fmt.Errorf("unable to get the Kubernetes namespaces: %w", err)
}
// Mark existing namespaces as ignored for the zarf agent to prevent mutating resources we don't own.
for _, namespace := range namespaces.Items {
// Skip Zarf namespace if it already exists.
if namespace.Name == ZarfNamespaceName {
continue
}
for _, namespace := range namespaceList.Items {
spinner.Updatef("Marking existing namespace %s as ignored by Zarf Agent", namespace.Name)
if namespace.Labels == nil {
// Ensure label map exists to avoid nil panic
Expand All @@ -105,7 +101,8 @@ func (c *Cluster) InitZarfState(ctx context.Context, initOptions types.ZarfInitO
// This label will tell the Zarf Agent to ignore this namespace.
namespace.Labels[k8s.AgentLabel] = "ignore"
namespaceCopy := namespace
if _, err = c.UpdateNamespace(ctx, &namespaceCopy); err != nil {
_, err := c.Clientset.CoreV1().Namespaces().Update(ctx, &namespaceCopy, metav1.UpdateOptions{})
if err != nil {
// This is not a hard failure, but we should log it.
message.WarnErrf(err, "Unable to mark the namespace %s as ignored by Zarf Agent", namespace.Name)
}
Expand Down
8 changes: 5 additions & 3 deletions src/pkg/cluster/zarf.go
Original file line number Diff line number Diff line change
Expand Up @@ -72,15 +72,17 @@ func (c *Cluster) StripZarfLabelsAndSecretsFromNamespaces(ctx context.Context) {
LabelSelector: k8s.ZarfManagedByLabel + "=zarf",
}

if namespaces, err := c.GetNamespaces(ctx); err != nil {
namespaceList, err := c.Clientset.CoreV1().Namespaces().List(ctx, metav1.ListOptions{})
if err != nil {
spinner.Errorf(err, "Unable to get k8s namespaces")
} else {
for _, namespace := range namespaces.Items {
for _, namespace := range namespaceList.Items {
if _, ok := namespace.Labels[k8s.AgentLabel]; ok {
spinner.Updatef("Removing Zarf Agent label for namespace %s", namespace.Name)
delete(namespace.Labels, k8s.AgentLabel)
namespaceCopy := namespace
if _, err = c.UpdateNamespace(ctx, &namespaceCopy); err != nil {
_, err := c.Clientset.CoreV1().Namespaces().Update(ctx, &namespaceCopy, metav1.UpdateOptions{})
if err != nil {
// This is not a hard failure, but we should log it
spinner.Errorf(err, "Unable to update the namespace labels for %s", namespace.Name)
}
Expand Down
79 changes: 0 additions & 79 deletions src/pkg/k8s/namespace.go

This file was deleted.

22 changes: 20 additions & 2 deletions src/pkg/packager/deploy.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,12 @@ import (
"sync"
"time"

corev1 "k8s.io/api/core/v1"
kerrors "k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"

"github.com/defenseunicorns/pkg/helpers"

"github.com/defenseunicorns/zarf/src/config"
"github.com/defenseunicorns/zarf/src/config/lang"
"github.com/defenseunicorns/zarf/src/internal/packager/git"
Expand All @@ -32,7 +37,6 @@ import (
"github.com/defenseunicorns/zarf/src/pkg/packager/filters"
"github.com/defenseunicorns/zarf/src/pkg/transform"
"github.com/defenseunicorns/zarf/src/types"
corev1 "k8s.io/api/core/v1"
)

func (p *Packager) resetRegistryHPA(ctx context.Context) {
Expand Down Expand Up @@ -451,7 +455,21 @@ func (p *Packager) setupState(ctx context.Context) (err error) {
// Try to create the zarf namespace
spinner.Updatef("Creating the Zarf namespace")
zarfNamespace := cluster.NewZarfManagedNamespace(cluster.ZarfNamespaceName)
if _, err := p.cluster.CreateNamespace(ctx, zarfNamespace); err != nil {
err := func() error {
_, err := p.cluster.Clientset.CoreV1().Namespaces().Create(ctx, zarfNamespace, metav1.CreateOptions{})
if err != nil && !kerrors.IsAlreadyExists(err) {
return err
}
if err == nil {
return nil
}
_, err = p.cluster.Clientset.CoreV1().Namespaces().Update(ctx, zarfNamespace, metav1.UpdateOptions{})
if err != nil {
return err
}
return nil
}()
if err != nil {
spinner.Fatalf(err, "Unable to create the zarf namespace")
}
}
Expand Down

0 comments on commit 0527bea

Please sign in to comment.