better filtration

aenix-io · Nov 4, 2024 · 92ff4a6 · 92ff4a6
1 parent 0bf57ec
commit 92ff4a6
Show file tree

Hide file tree

Showing 6 changed files with 229 additions and 16 deletions.
diff --git a/packages/system/cozystack-api/images/cozystack-api.json b/packages/system/cozystack-api/images/cozystack-api.json
@@ -29,17 +29,17 @@
       }
     }
   },
-  "buildx.build.ref": "buildkit/buildkit0/q6txzxgatfbboh1lhj182mbyh",
-  "containerimage.config.digest": "sha256:9d63425558c9125f866e3273c2df248dddc3a21d2105aa355c4c9ceb6dd6e55e",
+  "buildx.build.ref": "buildkit/buildkit0/svegl11mvyyrdqqb1jpeccy90",
+  "containerimage.config.digest": "sha256:29418b171efae7e8fac0a60dae15797375e9dc4bc849c60e0e2374fcbf5f5a9a",
   "containerimage.descriptor": {
     "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
-    "digest": "sha256:a9598dfd73eeb6928d26d9bf2fb54eb7f3ecf4427db2dc89b80399d6df242a9e",
+    "digest": "sha256:510d981d0472cb59bba13572a45482fcc257f3da9d1631fc99139be414e79792",
     "size": 504,
     "platform": {
       "architecture": "amd64",
       "os": "linux"
     }
   },
-  "containerimage.digest": "sha256:a9598dfd73eeb6928d26d9bf2fb54eb7f3ecf4427db2dc89b80399d6df242a9e",
+  "containerimage.digest": "sha256:510d981d0472cb59bba13572a45482fcc257f3da9d1631fc99139be414e79792",
   "image.name": "ghcr.io/aenix-io/cozystack/cozystack-api:latest"
 }
diff --git a/packages/system/cozystack-api/templates/configmap.yaml b/packages/system/cozystack-api/templates/configmap.yaml
@@ -6,11 +6,136 @@ metadata:
 data:
   config.yaml: |
     resources:
+    - application:
+        kind: Bucket
+        singular: bucket
+        plural: buckets
+      release:
+        prefix: bucket-
+        labels:
+          cozystack.io/ui: "true"
+        chart:
+          name: bucket
+          sourceRef:
+            kind: HelmRepository
+            name: cozystack-apps
+            namespace: cozy-public
+    - application:
+        kind: ClickHouse
+        singular: clickhouse
+        plural: clickhouses
+      release:
+        prefix: clickhouse-
+        labels:
+          cozystack.io/ui: "true"
+        chart:
+          name: clickhouse
+          sourceRef:
+            kind: HelmRepository
+            name: cozystack-apps
+            namespace: cozy-public
+    - application:
+        kind: HTTPCache
+        singular: httpcache
+        plural: httpcaches
+      release:
+        prefix: http-cache-
+        labels:
+          cozystack.io/ui: "true"
+        chart:
+          name: http-cache
+          sourceRef:
+            kind: HelmRepository
+            name: cozystack-apps
+            namespace: cozy-public
+    - application:
+        kind: NATS
+        singular: nats
+        plural: natses
+      release:
+        prefix: nats-
+        labels:
+          cozystack.io/ui: "true"
+        chart:
+          name: nats
+          sourceRef:
+            kind: HelmRepository
+            name: cozystack-apps
+            namespace: cozy-public
+    - application:
+        kind: TCPBalancer
+        singular: tcpbalancer
+        plural: tcpbalancers
+      release:
+        prefix: tcp-balancer-
+        labels:
+          cozystack.io/ui: "true"
+        chart:
+          name: http-cache
+          sourceRef:
+            kind: HelmRepository
+            name: cozystack-apps
+            namespace: cozy-public
+    - application:
+        kind: VirtualMachine
+        singular: virtualmachine
+        plural: virtualmachines
+      release:
+        prefix: virtual-machine-
+        labels:
+          cozystack.io/ui: "true"
+        chart:
+          name: virtual-machine
+          sourceRef:
+            kind: HelmRepository
+            name: cozystack-apps
+            namespace: cozy-public
+    - application:
+        kind: VPN
+        singular: vpn
+        plural: vpns
+      release:
+        prefix: vpn-
+        labels:
+          cozystack.io/ui: "true"
+        chart:
+          name: vpn
+          sourceRef:
+            kind: HelmRepository
+            name: cozystack-apps
+            namespace: cozy-public
+    - application:
+        kind: MySQL
+        singular: mysql
+        plural: mysqls
+      release:
+        prefix: mysql-
+        labels:
+          cozystack.io/ui: "true"
+        chart:
+          name: mysql
+          sourceRef:
+            kind: HelmRepository
+            name: cozystack-apps
+            namespace: cozy-public
+    - application:
+        kind: Tenant
+        singular: tenant
+        plural: tenants
+      release:
+        prefix: tenant-
+        labels:
+          cozystack.io/ui: "true"
+        chart:
+          name: tenant
+          sourceRef:
+            kind: HelmRepository
+            name: cozystack-apps
+            namespace: cozy-public
     - application:
         kind: Kubernetes
         singular: kubernetes
         plural: kuberneteses
-        shortNames: ["kubernetes", "kuberneteses"]
       release:
         prefix: kubernetes-
         labels:
@@ -25,7 +150,6 @@ data:
         kind: Redis
         singular: redis
         plural: redises
-        shortNames: ["redis", "redises"]
       release:
         prefix: redis-
         labels:
@@ -40,7 +164,6 @@ data:
         kind: RabbitMQ
         singular: rabbitmq
         plural: rabbitmqs
-        shortNames: ["rabbitmq", "rabbitmqs"]
       release:
         prefix: rabbitmq-
         labels:
@@ -55,7 +178,6 @@ data:
         kind: Postgres
         singular: postgres
         plural: postgreses
-        shortNames: ["postgres", "postgreses"]
       release:
         prefix: postgres-
         labels:
@@ -70,7 +192,6 @@ data:
         kind: FerretDB
         singular: ferretdb
         plural: ferretdb
-        shortNames: ["ferretdb", "ferretdbs"]
       release:
         prefix: ferretdb-
         labels:
@@ -85,7 +206,6 @@ data:
         kind: Kafka
         singular: kafka
         plural: kafkas
-        shortNames: ["kafka", "kafkases"]
       release:
         prefix: ferretdb-
         labels:
@@ -100,7 +220,6 @@ data:
         kind: VMDisk
         plural: vmdisks
         singular: vmdisk
-        shortNames: ["vmdisk", "vmdisks"]
       release:
         prefix: vm-disk-
         labels:
@@ -115,7 +234,6 @@ data:
         kind: VMInstance
         plural: vminstances
         singular: vminstance
-        shortNames: ["vminstance", "vminstances"]
       release:
         prefix: vm-instance-
         labels:
@@ -126,3 +244,59 @@ data:
             kind: HelmRepository
             name: cozystack-apps
             namespace: cozy-public
+    - application:
+        kind: Monitoring
+        plural: monitorings
+        singular: monitoring
+      release:
+        prefix: ""
+        labels:
+          cozystack.io/ui: "true"
+        chart:
+          name: monitoring
+          sourceRef:
+            kind: HelmRepository
+            name: cozystack-extra
+            namespace: cozy-public
+    - application:
+        kind: Etcd
+        plural: etcds
+        singular: etcd
+      release:
+        prefix: ""
+        labels:
+          cozystack.io/ui: "true"
+        chart:
+          name: etcd
+          sourceRef:
+            kind: HelmRepository
+            name: cozystack-extra
+            namespace: cozy-public
+    - application:
+        kind: Ingress
+        plural: ingresses
+        singular: ingress
+      release:
+        prefix: ""
+        labels:
+          cozystack.io/ui: "true"
+        chart:
+          name: ingress
+          sourceRef:
+            kind: HelmRepository
+            name: cozystack-extra
+            namespace: cozy-public
+    - application:
+        kind: SeaweedFS
+        plural: seaweedfses
+        singular: seaweedfs
+      release:
+        prefix: ""
+        labels:
+          cozystack.io/ui: "true"
+        chart:
+          name: seaweedfs
+          sourceRef:
+            kind: HelmRepository
+            name: cozystack-extra
+            namespace: cozy-public
diff --git a/packages/system/cozystack-api/templates/deployment.yaml b/packages/system/cozystack-api/templates/deployment.yaml
@@ -14,6 +14,8 @@ spec:
     metadata:
       labels:
         app: cozystack-api
+      annotations:
+        checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
     spec:
       serviceAccountName: cozystack-api
       containers:

diff --git a/packages/system/cozystack-api/values.yaml b/packages/system/cozystack-api/values.yaml
@@ -1,2 +1,2 @@
 cozystackAPI:
-  image: ghcr.io/aenix-io/cozystack/cozystack-api:latest@sha256:a9598dfd73eeb6928d26d9bf2fb54eb7f3ecf4427db2dc89b80399d6df242a9e
+  image: ghcr.io/aenix-io/cozystack/cozystack-api:latest@sha256:510d981d0472cb59bba13572a45482fcc257f3da9d1631fc99139be414e79792
diff --git a/pkg/config/config.go b/pkg/config/config.go
@@ -66,9 +66,6 @@ func LoadConfig(path string) (*ResourceConfig, error) {
 		if res.Application.Plural == "" {
 			return nil, fmt.Errorf("resource at index %d has an empty plural", i)
 		}
-		if res.Release.Prefix == "" {
-			return nil, fmt.Errorf("resource at index %d has an empty release prefix", i)
-		}
 		if res.Release.Chart.Name == "" {
 			return nil, fmt.Errorf("resource at index %d has an empty chart name in release", i)
 		}

diff --git a/pkg/registry/apps/application/rest.go b/pkg/registry/apps/application/rest.go
@@ -164,20 +164,36 @@ func (r *REST) Get(ctx context.Context, name string, options *metav1.GetOptions)
 		return nil, err
 	}
 
+	// Check if HelmRelease meets the required chartName and sourceRef criteria
+	if !r.shouldIncludeHelmRelease(hr) {
+		klog.Errorf("HelmRelease %s does not match the required chartName and sourceRef criteria", helmReleaseName)
+		return nil, fmt.Errorf("resource %s not found", name)
+	}
+
 	// Convert HelmRelease to Application
 	convertedApp, err := r.ConvertHelmReleaseToApplication(hr)
 	if err != nil {
 		klog.Errorf("Conversion error from HelmRelease to Application for resource %s: %v", name, err)
 		return nil, fmt.Errorf("conversion error: %v", err)
 	}
 
+	// Explicitly set apiVersion and kind for Application
+	convertedApp.TypeMeta = metav1.TypeMeta{
+		APIVersion: "apps.cozystack.io/v1alpha1",
+		Kind:       r.kindName,
+	}
+
 	// Convert Application to unstructured format
 	unstructuredApp, err := runtime.DefaultUnstructuredConverter.ToUnstructured(&convertedApp)
 	if err != nil {
 		klog.Errorf("Failed to convert Application to unstructured for resource %s: %v", name, err)
 		return nil, fmt.Errorf("failed to convert Application to unstructured: %v", err)
 	}
 
+	// Explicitly set apiVersion and kind in unstructured object
+	unstructuredApp["apiVersion"] = "apps.cozystack.io/v1alpha1"
+	unstructuredApp["kind"] = r.kindName
+
 	klog.V(6).Infof("Successfully retrieved and converted resource %s of kind %s to unstructured", name, r.gvr.Resource)
 	return &unstructured.Unstructured{Object: unstructuredApp}, nil
 }
@@ -393,6 +409,7 @@ func (r *REST) Update(ctx context.Context, name string, objInfo rest.UpdatedObje
 		return nil, false, fmt.Errorf("failed to convert HelmRelease to unstructured: %v", err)
 	}
 
+	// Retrieve metadata from unstructured object
 	metadata, found, err := unstructured.NestedMap(unstructuredHR, "metadata")
 	if err != nil || !found {
 		klog.Errorf("Failed to retrieve metadata from HelmRelease: %v, found: %v", err, found)
@@ -402,13 +419,26 @@ func (r *REST) Update(ctx context.Context, name string, objInfo rest.UpdatedObje
 
 	klog.V(6).Infof("Updating HelmRelease %s in namespace %s", helmRelease.Name, helmRelease.Namespace)
 
+	// Before updating, ensure the HelmRelease meets the inclusion criteria
+	// This prevents updating HelmReleases that should not be managed as Applications
+	if !r.shouldIncludeHelmRelease(&unstructured.Unstructured{Object: unstructuredHR}) {
+		klog.Errorf("HelmRelease %s does not match the required chartName and sourceRef criteria", helmRelease.Name)
+		return nil, false, fmt.Errorf("resource %s does not match inclusion criteria", name)
+	}
+
 	// Update the HelmRelease in Kubernetes
 	resultHR, err := r.dynamicClient.Resource(helmReleaseGVR).Namespace(helmRelease.Namespace).Update(ctx, &unstructured.Unstructured{Object: unstructuredHR}, metav1.UpdateOptions{})
 	if err != nil {
 		klog.Errorf("Failed to update HelmRelease %s: %v", helmRelease.Name, err)
 		return nil, false, fmt.Errorf("failed to update HelmRelease: %v", err)
 	}
 
+	// After updating, ensure the updated HelmRelease still meets the inclusion criteria
+	if !r.shouldIncludeHelmRelease(resultHR) {
+		klog.Errorf("Updated HelmRelease %s does not match the required chartName and sourceRef criteria", resultHR.GetName())
+		return nil, false, fmt.Errorf("updated resource %s does not match inclusion criteria", name)
+	}
+
 	// Convert the updated HelmRelease back to Application
 	convertedApp, err := r.ConvertHelmReleaseToApplication(resultHR)
 	if err != nil {
@@ -418,13 +448,23 @@ func (r *REST) Update(ctx context.Context, name string, objInfo rest.UpdatedObje
 
 	klog.V(6).Infof("Successfully updated and converted HelmRelease %s to Application", resultHR.GetName())
 
+	// Explicitly set apiVersion and kind for Application
+	convertedApp.TypeMeta = metav1.TypeMeta{
+		APIVersion: "apps.cozystack.io/v1alpha1",
+		Kind:       r.kindName,
+	}
+
 	// Convert Application to unstructured format
 	unstructuredApp, err := runtime.DefaultUnstructuredConverter.ToUnstructured(&convertedApp)
 	if err != nil {
 		klog.Errorf("Failed to convert Application to unstructured for resource %s: %v", convertedApp.GetName(), err)
 		return nil, false, fmt.Errorf("failed to convert Application to unstructured: %v", err)
 	}
 
+	// Explicitly set apiVersion and kind in unstructured object
+	unstructuredApp["apiVersion"] = "apps.cozystack.io/v1alpha1"
+	unstructuredApp["kind"] = r.kindName
+
 	klog.V(6).Infof("Returning patched Application object: %+v", unstructuredApp)
 
 	return &unstructured.Unstructured{Object: unstructuredApp}, false, nil