Merge pull request #26 from keptn-sandbox/bugfixes_operators

thschue · web-flow · commit abeba6f1e916 · 2022-03-16T08:20:31.000+01:00
changed shipyard handling
diff --git a/README.md b/README.md
@@ -12,28 +12,64 @@ The operators in this repository make keptn configurable via Custom Resources an
 * In order to be able to create and delete stages, the keptn operator depends on a patched version of the configuration-service and the shipyard controller
 
 ## Installation
+The operators and the promotion service, which is used to compose the files in the upstream repository are installed via helm. Following, the steps needed for deploying the operators are described.
+
+### Prepare Keys for encryption of secrets
+* Download Secrets helper from [Releases](https://github.com/keptn-sandbox/keptn-gitops-operator/releases)
+* Create a keypair: ` ./keptn-gitops-secrets-(version) generate-keys -f <prefix>`
+* Keep this secrets in a safe place, the public key will be needed for encrypting secrets, the private key to decrypt them on the server-side
+
+### Prepare environment variables
+Following, a few parameters have to be set upfront:
+* `API_HOSTNAME` describes the hostname of the keptn/cloud automation instance (e.g. my-hostname.keptn.sh)
+* `API_TOKEN` describes the Token of the keptn/cloud automation instance 
+* `RSA_PRIVATE_KEY` represents the private key you created before
+* `GITOPS_VERSION` specifies the Version you want to install (see [Releases](https://github.com/keptn-sandbox/keptn-gitops-operator/releases))
+
 ```shell
-helm install <TBD>
+export API_HOSTNAME="<hostname>"
+export API_TOKEN="<api-token>"
+export RSA_PRIVATE_KEY="<private-key>"
+export GITOPS_VERSION="0.1.0-pre.5"
+```
+
+### Install Custom Resource Definitions / Create Namespace
+```
+kubectl create namespace keptn
+kubectl apply -f https://github.com/keptn-sandbox/keptn-gitops-operator/releases/download/${GITOPS_VERSION}/keptn-operator_crd.yaml
+kubectl apply -f https://github.com/keptn-sandbox/keptn-gitops-operator/releases/download/${GITOPS_VERSION}/gitops-operator_crd.yaml
+```
+
+### Install Helm Chart
+```
+helm upgrade --install --atomic -n keptn keptn-gitops \
+  https://github.com/keptn-sandbox/keptn-gitops-operator/releases/download/${GITOPS_VERSION}/keptn-gitops-${GITOPS_VERSION}.tgz \
+  --set global.rsaSecret.privateBase64="${RSA_PUBLIC_KEY}" \
+  --set promotion-service.remoteControlPlane.enabled=true \
+  --set promotion-service.remoteControlPlane.api.protocol="https" \
+  --set promotion-service.remoteControlPlane.api.hostname="${API_HOSTNAME}" --set promotion-service.remoteControlPlane.api.token="${API_TOKEN}"
 ```
 
 ## Keptn Operator
 The operator introduces a set of custom resources to make keptn configurable via Kubernetes CRs.
 
 ### Custom Resources
-|     Kind      |                    Purpose                    |                                Sample                                |
-|:-------------:|:---------------------------------------------:|:--------------------------------------------------------------------:|
-| KeptnProject  |           Configure a Keptn Project           |           [./samples/project.yaml](./samples/project.yaml)           |
-| KeptnService  |           Configure a Keptn Service           |           [./samples/service.yaml](./samples/service.yaml)           |
-| KeptnSequence | Define a Keptn Sequence to be used in a Stage |          [./samples/sequence.yaml](./samples/sequence.yaml)          |
-| KeptnStage   |  Define a Keptn Stage |             [./samples/stage.yaml](./samples/stage.yaml)             |
-| KeptnSequenceExecution | Triggers a Keptn Sequence Execution | [./samples/sequenceexecution.yaml](./samples/sequenceexecution.yaml) |
+|          Kind          |                    Purpose                    |                                Sample                                |
+|:----------------------:|:---------------------------------------------:|:--------------------------------------------------------------------:|
+|     KeptnInstance      |          Configure a Keptn Instance           |          [./samples/instance.yaml](./samples/instance.yaml)          |
+|      KeptnProject      |           Configure a Keptn Project           |           [./samples/project.yaml](./samples/project.yaml)           |
+|      KeptnService      |           Configure a Keptn Service           |           [./samples/service.yaml](./samples/service.yaml)           |
+|     KeptnSequence      | Define a Keptn Sequence to be used in a Stage |          [./samples/sequence.yaml](./samples/sequence.yaml)          |
+|       KeptnStage       |             Define a Keptn Stage              |             [./samples/stage.yaml](./samples/stage.yaml)             |
+| KeptnServiceDeployment |  Specifies the deployed version of a service  | [./samples/servicedeployment.yaml](./samples/servicedeployment.yaml) |
 
 ### Usage:
 * Create an empty upstream repository
+* Create a KeptnInstance Custom Resource according to the [sample](./samples/instance.yaml). You can specify the secret to your secret either in clear text or RSA as an RSA encrypted string (prefix this with rsa:)
 * Create a KeptnProject Custom Resource according to the [sample](./samples/project.yaml). You can specify the secret to your secret either in clear text or RSA as an RSA encrypted string (prefix this with rsa:)
 * Create your keptn services according to the [sample](./samples/service.yaml). Ensure that you added the correct project.
 * Create stages, and sequences. Ensure that you created the sequences you are referring to in the stage custom resources
-* Define a sequence execution to trigger a keptn event
+* Define a service deployment to deploy the service
 
 ## GitOps Operator
 The operator looks for configuration in a git repository, applies Keptn Custom Resources (see above) and pushes artifacts to the Keptn Upstream Repository.
diff --git a/gitops-operator/config/crd/bases/keptn.sh_keptnprojects.yaml b/gitops-operator/config/crd/bases/keptn.sh_keptnprojects.yaml
@@ -37,6 +37,8 @@ spec:
             properties:
               defaultBranch:
                 type: string
+              initialShipyard:
+                type: string
               password:
                 type: string
               repository:
@@ -48,6 +50,9 @@ spec:
             type: object
           status:
             description: KeptnProjectStatus defines the observed state of KeptnProject
+            properties:
+              projectExists:
+                type: boolean
             type: object
         type: object
     served: true
diff --git a/keptn-operator/api/v1/keptnproject_types.go b/keptn-operator/api/v1/keptnproject_types.go
@@ -29,10 +29,11 @@ type KeptnProjectSpec struct {
 	// Important: Run "make" to regenerate code after modifying this file
 
 	// Foo is an example field of KeptnProject. Edit keptnproject_types.go to remove/update
-	Repository    string `json:"repository,omitempty"`
-	Username      string `json:"username,omitempty"`
-	Password      string `json:"password,omitempty"`
-	DefaultBranch string `json:"defaultBranch,omitempty"`
+	Repository      string `json:"repository,omitempty"`
+	Username        string `json:"username,omitempty"`
+	Password        string `json:"password,omitempty"`
+	InitialShipyard string `json:"initialShipyard,omitempty"`
+	DefaultBranch   string `json:"defaultBranch,omitempty"`
 }
 
 // KeptnProjectStatus defines the observed state of KeptnProject
diff --git a/keptn-operator/config/crd/bases/keptn.sh_keptnprojects.yaml b/keptn-operator/config/crd/bases/keptn.sh_keptnprojects.yaml
@@ -38,6 +38,8 @@ spec:
             properties:
               defaultBranch:
                 type: string
+              initialShipyard:
+                type: string
               password:
                 type: string
               repository:
diff --git a/keptn-operator/controllers/keptnprojectcontroller/keptnproject_controller.go b/keptn-operator/controllers/keptnprojectcontroller/keptnproject_controller.go
@@ -144,8 +144,10 @@ func (r *KeptnProjectReconciler) Reconcile(ctx context.Context, req ctrl.Request
 		}
 		return ctrl.Result{RequeueAfter: reconcileErrorInterval}, nil
 	} else if !keptnproject.Status.ProjectExists {
+
 		keptnproject.Status.ProjectExists = true
-		err := r.Client.Status().Update(ctx, keptnproject)
+
+		err = r.Client.Status().Update(ctx, keptnproject)
 		if err != nil {
 			r.ReqLogger.Error(err, "Could not update status of project "+keptnproject.Name)
 			return r.finishReconcile(err, false)
@@ -220,6 +222,7 @@ func (r *KeptnProjectReconciler) deleteKeptnProject(keptnproject *apiv1.KeptnPro
 }
 
 func (r *KeptnProjectReconciler) createProject(project *apiv1.KeptnProject) error {
+	var shipyard string
 	httpclient := nethttp.Client{
 		Timeout: 30 * time.Second,
 	}
@@ -230,11 +233,17 @@ func (r *KeptnProjectReconciler) createProject(project *apiv1.KeptnProject) erro
 		return err
 	}
 
+	if project.Spec.InitialShipyard == "" {
+		shipyard = "YXBpVmVyc2lvbjogInNwZWMua2VwdG4uc2gvMC4yLjAiCmtpbmQ6ICJTaGlweWFyZCIKbWV0YWRhdGE6CiAgbmFtZTogInBvZHRhdG8taGVhZCIKc3BlYzoKICBzdGFnZXM6CiAgICAtIG5hbWU6ICJkZXYiCiAgICAgIHNlcXVlbmNlczoKICAgICAgICAtIG5hbWU6ICJkdW1teSIKICAgICAgICAgIHRhc2tzOgogICAgICAgICAgICAtIG5hbWU6ICJkdW1teSIKICAgIC0gbmFtZTogImhhcmRlbmluZyIKICAgICAgc2VxdWVuY2VzOgogICAgICAgIC0gbmFtZTogImR1bW15IgogICAgICAgICAgdGFza3M6CiAgICAgICAgICAgIC0gbmFtZTogImR1bW15IgogICAgLSBuYW1lOiAicHJvZHVjdGlvbiIKICAgICAgc2VxdWVuY2VzOgogICAgICAgIC0gbmFtZTogImR1bW15IgogICAgICAgICAgdGFza3M6CiAgICAgICAgICAgIC0gbmFtZTogImR1bW15IgoK"
+	} else {
+		shipyard = project.Spec.InitialShipyard
+	}
+
 	data, _ := json.Marshal(map[string]string{
 		"gitRemoteURL": project.Spec.Repository,
 		"gitToken":     secret,
 		"gitUser":      project.Spec.Username,
-		"shipyard":     "YXBpVmVyc2lvbjogInNwZWMua2VwdG4uc2gvMC4yLjAiCmtpbmQ6ICJTaGlweWFyZCIKbWV0YWRhdGE6CiAgbmFtZTogInBvZHRhdG8taGVhZCIKc3BlYzoKICBzdGFnZXM6CiAgICAtIG5hbWU6ICJkZXYiCiAgICAgIHNlcXVlbmNlczoKICAgICAgICAtIG5hbWU6ICJkdW1teSIKICAgICAgICAgIHRhc2tzOgogICAgICAgICAgICAtIG5hbWU6ICJkdW1teSIKICAgIC0gbmFtZTogImhhcmRlbmluZyIKICAgICAgc2VxdWVuY2VzOgogICAgICAgIC0gbmFtZTogImR1bW15IgogICAgICAgICAgdGFza3M6CiAgICAgICAgICAgIC0gbmFtZTogImR1bW15IgogICAgLSBuYW1lOiAicHJvZHVjdGlvbiIKICAgICAgc2VxdWVuY2VzOgogICAgICAgIC0gbmFtZTogImR1bW15IgogICAgICAgICAgdGFza3M6CiAgICAgICAgICAgIC0gbmFtZTogImR1bW15IgoK",
+		"shipyard":     shipyard,
 		"name":         project.Name,
 	})
 
diff --git a/keptn-operator/pkg/utils/keptn.go b/keptn-operator/pkg/utils/keptn.go
@@ -62,10 +62,9 @@ func GetKeptnInstance(ctx context.Context, client client.Client, namespace strin
 
 //CheckKeptnProjectExists queries the keptn api if a project exists
 func CheckKeptnProjectExists(ctx context.Context, req ctrl.Request, clt client.Client, project string) (bool, error) {
-
 	instance, token, err := GetKeptnInstance(ctx, clt, req.Namespace)
 	if err != nil {
-
+		return false, err
 	}
 	projectsHandler := apiutils.NewAuthenticatedProjectHandler(instance.Spec.APIUrl, token, instance.Status.AuthHeader, nil, instance.Status.Scheme)
 
