github-personal/cozystack
1
0
Fork 0
mirror of https://github.com/outbackdingo/cozystack.git synced 2026-01-27 10:18:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update dashboard to use Cozystack API (#539)

Browse Source 
<img width="1675" alt="Screenshot 2024-12-23 at 13 40 30"
src="https://github.com/user-attachments/assets/cc123697-4efd-4a4f-909c-793cec8d91bd"
/>
<img width="1673" alt="Screenshot 2024-12-23 at 13 40 45"
src="https://github.com/user-attachments/assets/3be63e8d-9ee6-487d-90d0-3583dc968dfc"
/>


Signed-off-by: Andrei Kvapil <kvapss@gmail.com>


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

- **New Features**
- Introduced a new `pluginConfig` section in the Kubeapps dashboard
configuration for managing a broader range of applications.
- **Bug Fixes**
- Enhanced URL generation logic to ensure proper encoding of package
identifiers.
- **Chores**
- Updated image digests in the configuration for both the dashboard and
kubeappsapis sections.
	- Removed unnecessary patch application steps from the build process.
	- Upgraded the Go version used for building the application.
- Updated the application version for the tenant package from `1.6.3` to
`1.6.4`.
	- Added a new version `1.6.4 HEAD` for the tenant package.
- Adjusted RBAC configuration to streamline permissions and enhance
group-based access management.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
Co-authored-by: klinch0 <68821526+klinch0@users.noreply.github.com>
This commit is contained in:
Andrei Kvapil
2024-12-27 11:22:25 +01:00
committed by GitHub
parent 97d006e99f
commit 3c9e50a4df
17 changed files with 453 additions and 3595 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
packages/apps/tenant/Chart.yaml
View File

@@ -4,4 +4,4 @@ description: Separated tenant namespace
icon: /logos/tenant.svg
type: application
version: 1.6.3
version: 1.6.4

49
packages/apps/tenant/templates/tenant.yaml
View File

@@ -31,9 +31,7 @@ rules:
- apiGroups: ["rbac.authorization.k8s.io"]
resources: ["roles"]
verbs: ["get"]
- apiGroups: ["helm.toolkit.fluxcd.io"]
resources: ["helmreleases"]
verbs: ["*"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
@@ -86,14 +84,6 @@ rules:
- get
- list
- watch
- apiGroups:
- helm.toolkit.fluxcd.io
resources:
- helmreleases
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
@@ -122,6 +112,9 @@ subjects:
name: tenant-root-view
apiGroup: rbac.authorization.k8s.io
{{- end }}
- kind: Group
name: {{ include "tenant.name" . }}-view
apiGroup: rbac.authorization.k8s.io
{{- if hasPrefix "tenant-" .Release.Namespace }}
{{- $parts := splitList "-" .Release.Namespace }}
{{- range $i, $v := $parts }}
@@ -158,13 +151,6 @@ rules:
- get
- list
- watch
- apiGroups: ["helm.toolkit.fluxcd.io"]
resources:
- helmreleases
verbs:
- get
- list
- watch
- apiGroups: [""]
resources:
- "*"
@@ -198,6 +184,9 @@ subjects:
name: tenant-root-use
apiGroup: rbac.authorization.k8s.io
{{- end }}
- kind: Group
name: {{ include "tenant.name" . }}-use
apiGroup: rbac.authorization.k8s.io
{{- if hasPrefix "tenant-" .Release.Namespace }}
{{- $parts := splitList "-" .Release.Namespace }}
{{- range $i, $v := $parts }}
@@ -234,13 +223,6 @@ rules:
- list
- watch
- delete
- apiGroups: ["helm.toolkit.fluxcd.io"]
resources:
- helmreleases
verbs:
- get
- list
- watch
- apiGroups: ["kubevirt.io"]
resources:
- virtualmachines
@@ -293,6 +275,9 @@ subjects:
name: tenant-root-admin
apiGroup: rbac.authorization.k8s.io
{{- end }}
- kind: Group
name: {{ include "tenant.name" . }}-admin
apiGroup: rbac.authorization.k8s.io
{{- if hasPrefix "tenant-" .Release.Namespace }}
{{- $parts := splitList "-" .Release.Namespace }}
{{- range $i, $v := $parts }}
@@ -329,11 +314,6 @@ rules:
- list
- watch
- delete
- apiGroups: ["helm.toolkit.fluxcd.io"]
resources:
- helmreleases
verbs:
- '*'
- apiGroups: ["kubevirt.io"]
resources:
- virtualmachines
@@ -363,6 +343,9 @@ subjects:
name: tenant-root-super-admin
apiGroup: rbac.authorization.k8s.io
{{- end }}
- kind: Group
name: {{ include "tenant.name" . }}-super-admin
apiGroup: rbac.authorization.k8s.io
{{- if hasPrefix "tenant-" .Release.Namespace }}
{{- $parts := splitList "-" .Release.Namespace }}
{{- range $i, $v := $parts }}
@@ -405,6 +388,12 @@ subjects:
- kind: Group
name: {{ include "tenant.name" . }}-admin
apiGroup: rbac.authorization.k8s.io
- kind: Group
name: {{ include "tenant.name" . }}-use
apiGroup: rbac.authorization.k8s.io
- kind: Group
name: {{ include "tenant.name" . }}-view
apiGroup: rbac.authorization.k8s.io
- kind: ServiceAccount
name: {{ include "tenant.name" . }}
namespace: {{ include "tenant.name" . }}

3
packages/apps/versions_map
View File

@@ -93,7 +93,8 @@ tenant 1.5.0 48128743
tenant 1.6.0 df448b99
tenant 1.6.1 edbbb9be
tenant 1.6.2 ccedc5fe
tenant 1.6.3 HEAD
tenant 1.6.3 2057bb96
tenant 1.6.4 HEAD
virtual-machine 0.1.4 f2015d6
virtual-machine 0.1.5 7cd7de7
virtual-machine 0.2.0 5ca8823

4
packages/system/cozystack-api/templates/configmap.yaml
View File

@@ -71,7 +71,7 @@ data:
labels:
cozystack.io/ui: "true"
chart:
name: http-cache
name: tcp-balancer
sourceRef:
kind: HelmRepository
name: cozystack-apps
@@ -207,7 +207,7 @@ data:
singular: kafka
plural: kafkas
release:
prefix: ferretdb-
prefix: kafka-
labels:
cozystack.io/ui: "true"
chart:

7
packages/system/dashboard/Makefile
View File

@@ -25,7 +25,7 @@ update-dockerfiles:
version=$$(echo "$$tag" | sed 's/^v//') && \
sed -i "s/ARG VERSION=.*/ARG VERSION=$${version}/" images/dashboard/Dockerfile
image-dashboard:
image-dashboard: update-version
docker buildx build images/dashboard \
--provenance false \
--tag $(REGISTRY)/dashboard:$(call settag,$(TAG)) \
@@ -44,7 +44,7 @@ image-dashboard:
yq -i '.kubeapps.dashboard.image.digest = strenv(DIGEST)' values.yaml
rm -f images/dashboard.json
image-kubeapps-apis:
image-kubeapps-apis: update-version
docker buildx build images/kubeapps-apis \
--provenance false \
--tag $(REGISTRY)/kubeapps-apis:$(call settag,$(TAG)) \
@@ -62,3 +62,6 @@ image-kubeapps-apis:
DIGEST=$$(yq e '."containerimage.digest"' images/kubeapps-apis.json -o json -r) \
yq -i '.kubeapps.kubeappsapis.image.digest = strenv(DIGEST)' values.yaml
rm -f images/kubeapps-apis.json
update-version:
sed -i "s|\(\"appVersion\":\).*|\1 \"$(TAG)\",|g" ./charts/kubeapps/templates/dashboard/configmap.yaml

2
packages/system/dashboard/charts/kubeapps/templates/dashboard/configmap.yaml
View File

@@ -76,7 +76,7 @@ data:
"kubeappsNamespace": {{ .Release.Namespace | quote }},
"helmGlobalNamespace": {{ include "kubeapps.helmGlobalPackagingNamespace" . | quote }},
"carvelGlobalNamespace": {{ .Values.kubeappsapis.pluginConfig.kappController.packages.v1alpha1.globalPackagingNamespace | quote }},
"appVersion": {{ printf "v%s" .Chart.AppVersion | quote }},
"appVersion": "latest",
"authProxyEnabled": {{ .Values.authProxy.enabled }},
"oauthLoginURI": {{ .Values.authProxy.oauthLoginURI | quote }},
"oauthLogoutURI": {{ .Values.authProxy.oauthLogoutURI | quote }},

10
packages/system/dashboard/images/dashboard/Dockerfile
View File

File diff suppressed because one or more lines are too long

13
packages/system/dashboard/images/dashboard/documentation.diff Normal file
View File

@@ -0,0 +1,13 @@
diff --git a/dashboard/src/components/AppList/AppListGrid.tsx b/dashboard/src/components/AppList/AppListGrid.tsx
index d3261e459..597512e62 100644
--- a/dashboard/src/components/AppList/AppListGrid.tsx
+++ b/dashboard/src/components/AppList/AppListGrid.tsx
@@ -42,7 +42,7 @@ function AppListGrid(props: IAppListProps) {
Start browsing your <Link to={url.app.catalog(cluster, namespace)}>favourite apps</Link>{" "}
or check the{" "}
<a
- href={`https://github.com/vmware-tanzu/kubeapps/blob/${appVersion}/site/content/docs/latest/tutorials/getting-started.md`}
+ href={`https://cozystack.io/docs/`}
target="_blank"
rel="noopener noreferrer"
>

34
packages/system/dashboard/images/dashboard/release-url.diff Normal file
View File

@@ -0,0 +1,34 @@
diff --git a/dashboard/src/shared/url.ts b/dashboard/src/shared/url.ts
index 7918652b0..64c3435af 100644
--- a/dashboard/src/shared/url.ts
+++ b/dashboard/src/shared/url.ts
@@ -36,7 +36,7 @@ export const app = {
return `${app.apps.list(
pkgCluster,
pkgNamespace,
- )}/${pkgPluginName}/${pkgPluginVersion}/${pkgId}`;
+ )}/${pkgPluginName}/${pkgPluginVersion}/${encodeURIComponent(pkgId)}`;
},
upgrade: (ref: InstalledPackageReference) => `${app.apps.get(ref)}/upgrade`,
upgradeTo: (ref: InstalledPackageReference, version?: string) =>
diff --git a/dashboard/src/components/DeploymentForm/DeploymentForm.tsx b/dashboard/src/components/DeploymentForm/DeploymentForm.tsx
index 7ccb77b5d..589f72b65 100644
--- a/dashboard/src/components/DeploymentForm/DeploymentForm.tsx
+++ b/dashboard/src/components/DeploymentForm/DeploymentForm.tsx
@@ -144,13 +144,15 @@ export default function DeploymentForm() {
);
setDeploying(false);
if (deployed) {
+ const chartParts = packageId?.split("/") || [];
+ const kind = chartParts[chartParts.length - 1];
push(
// Redirect to the installed package, note that the cluster/ns are the ones passed
// in the URL, not the ones from the package.
url.app.apps.get({
context: { cluster: targetCluster, namespace: targetNamespace },
plugin: pluginObj,
- identifier: releaseName,
+ identifier: `${kind}%2F${releaseName}`,
} as AvailablePackageReference),
);
}

66
packages/system/dashboard/images/dashboard/remove-manage-repositories.diff Normal file
View File

@@ -0,0 +1,66 @@
diff --git a/dashboard/src/components/Catalog/Catalog.tsx b/dashboard/src/components/Catalog/Catalog.tsx
index 5f2d2a1c5..093cb598d 100644
--- a/dashboard/src/components/Catalog/Catalog.tsx
+++ b/dashboard/src/components/Catalog/Catalog.tsx
@@ -15,7 +15,6 @@ import qs from "qs";
import React, { useEffect } from "react";
import { useDispatch, useSelector } from "react-redux";
import * as ReactRouter from "react-router-dom";
-import { Link } from "react-router-dom";
import { IClusterServiceVersion, IStoreState } from "shared/types";
import { app } from "shared/url";
import { escapeRegExp, getPluginPackageName } from "shared/utils";
@@ -85,7 +84,6 @@ export default function Catalog() {
operators,
repos: { reposSummaries: repos },
config: {
- appVersion,
kubeappsCluster,
helmGlobalNamespace,
carvelGlobalNamespace,
@@ -420,24 +418,6 @@ export default function Catalog() {
<div className="empty-catalog">
<CdsIcon shape="bundle" />
<p>The current catalog is empty.</p>
- <p>
- Manage your Package Repositories in Kubeapps by visiting the Package repositories
- configuration page.
- </p>
- <Link to={app.config.pkgrepositories(cluster || "", namespace || "")}>
- <CdsButton>Manage Package Repositories</CdsButton>
- </Link>
- <p>
- For help managing other packaging formats, such as Flux or Carvel, please refer to the{" "}
- <a
- target="_blank"
- rel="noopener noreferrer"
- href={`https://github.com/vmware-tanzu/kubeapps/tree/${appVersion}/site/content/docs/latest`}
- >
- Kubeapps documentation
- </a>
- .
- </p>
</div>
) : (
<Row>
diff --git a/dashboard/src/components/Header/Menu.tsx b/dashboard/src/components/Header/Menu.tsx
index c8ec1da8c..e59f90190 100644
--- a/dashboard/src/components/Header/Menu.tsx
+++ b/dashboard/src/components/Header/Menu.tsx
@@ -78,16 +78,6 @@ function Menu({ clusters, appVersion, logout }: IContextSelectorProps) {
<div className="dropdown-menu dropdown-configuration-menu" role="menu" hidden={!open}>
<div>
<label className="dropdown-menu-padding dropdown-menu-label">Administration</label>
- <Link
- to={app.config.pkgrepositories(clusters.currentCluster, namespaceSelected)}
- className="dropdown-menu-link"
- onClick={toggleOpen}
- >
- <div className="dropdown-menu-item" role="menuitem">
- <CdsIcon solid={true} size="md" shape="library" />{" "}
- <span>Package Repositories</span>
- </div>
- </Link>
<div className="dropdown-divider" role="separator" />
{featureFlags?.operators && (
<Link

13
packages/system/dashboard/images/kubeapps-apis/Dockerfile
View File

@@ -4,18 +4,10 @@
# syntax = docker/dockerfile:1
FROM alpine as source
ARG VERSION=v2.12.0
ARG COMMIT_REF=cb657ea90a7bc1a2545db046692612317ef1a546
RUN apk add --no-cache patch
WORKDIR /source
RUN wget -O- https://github.com/vmware-tanzu/kubeapps/archive/refs/tags/${VERSION}.tar.gz | tar xzf - --strip-components=1
COPY fluxcd.diff /patches/fluxcd.diff
COPY labels.diff /patches/labels.diff
COPY reconcile-strategy.diff /patches/reconcile-strategy.diff
COPY dashboard-resource.diff /patches/dashboard-resource.diff
RUN patch -p1 < /patches/fluxcd.diff
RUN patch -p1 < /patches/labels.diff
RUN patch -p1 < /patches/reconcile-strategy.diff
RUN patch -p1 < /patches/dashboard-resource.diff
RUN wget -O- https://github.com/aenix-io/kubeapps/archive/${COMMIT_REF}.tar.gz | tar xzf - --strip-components=1
FROM bitnami/golang:1.23.4 AS builder
WORKDIR /go/src/github.com/vmware-tanzu/kubeapps
@@ -45,7 +37,6 @@ RUN curl -sSL "https://github.com/bufbuild/buf/releases/download/v$BUF_VERSION/b
# TODO: Remove and instead use built-in gRPC container probes once we're supporting >= 1.24 only. https://kubernetes.io/blog/2022/05/13/grpc-probes-now-in-beta/
RUN curl -sSL "https://github.com/grpc-ecosystem/grpc-health-probe/releases/download/v${GRPC_HEALTH_PROBE_VERSION}/grpc_health_probe-linux-${TARGETARCH}" -o "/bin/grpc_health_probe" && chmod +x "/bin/grpc_health_probe"
# With the trick below, Go's build cache is kept between builds.
# https://github.com/golang/go/issues/27719#issuecomment-514747274
RUN --mount=type=cache,target=/go/pkg/mod \

155
packages/system/dashboard/images/kubeapps-apis/dashboard-resource.diff
View File

@@ -1,155 +0,0 @@
diff --git a/cmd/kubeapps-apis/plugins/fluxv2/packages/v1alpha1/server.go b/cmd/kubeapps-apis/plugins/fluxv2/packages/v1alpha1/server.go
index ef3d506b3..a69f8552f 100644
--- a/cmd/kubeapps-apis/plugins/fluxv2/packages/v1alpha1/server.go
+++ b/cmd/kubeapps-apis/plugins/fluxv2/packages/v1alpha1/server.go
@@ -5,6 +5,7 @@ package main
import (
"context"
+ "encoding/json"
"fmt"
"net/http"
@@ -16,7 +17,6 @@ import (
helmv2 "github.com/fluxcd/helm-controller/api/v2"
sourcev1 "github.com/fluxcd/source-controller/api/v1"
authorizationv1 "k8s.io/api/authorization/v1"
- metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/runtime/schema"
"k8s.io/apimachinery/pkg/types"
@@ -28,12 +28,16 @@ import (
"github.com/vmware-tanzu/kubeapps/cmd/kubeapps-apis/gen/plugins/fluxv2/packages/v1alpha1"
"github.com/vmware-tanzu/kubeapps/cmd/kubeapps-apis/plugins/fluxv2/packages/v1alpha1/cache"
"github.com/vmware-tanzu/kubeapps/cmd/kubeapps-apis/plugins/fluxv2/packages/v1alpha1/common"
- "github.com/vmware-tanzu/kubeapps/cmd/kubeapps-apis/plugins/pkg/clientgetter"
"github.com/vmware-tanzu/kubeapps/cmd/kubeapps-apis/plugins/pkg/paginate"
"github.com/vmware-tanzu/kubeapps/cmd/kubeapps-apis/plugins/pkg/pkgutils"
- "github.com/vmware-tanzu/kubeapps/cmd/kubeapps-apis/plugins/pkg/resourcerefs"
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
log "k8s.io/klog/v2"
ctrlclient "sigs.k8s.io/controller-runtime/pkg/client"
+
+ "github.com/vmware-tanzu/kubeapps/cmd/kubeapps-apis/plugins/pkg/clientgetter"
+ "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+ "k8s.io/client-go/discovery/cached/memory"
+ "k8s.io/client-go/restmapper"
)
// Compile-time statement to ensure this service implementation satisfies the core packaging API
@@ -135,6 +139,7 @@ func NewServer(configGetter core.KubernetesConfigGetter, kubeappsCluster string,
if err != nil {
log.Fatalf("%s", err)
}
+
return &Server{
clientGetter: clientProvider,
serviceAccountClientGetter: backgroundClientGetter,
@@ -462,36 +467,84 @@ func (s *Server) DeleteInstalledPackage(ctx context.Context, request *connect.Re
// resources created by an installed package.
func (s *Server) GetInstalledPackageResourceRefs(ctx context.Context, request *connect.Request[corev1.GetInstalledPackageResourceRefsRequest]) (*connect.Response[corev1.GetInstalledPackageResourceRefsResponse], error) {
pkgRef := request.Msg.GetInstalledPackageRef()
- identifier := pkgRef.GetIdentifier()
- log.InfoS("+fluxv2 GetInstalledPackageResourceRefs", "cluster", pkgRef.GetContext().GetCluster(), "namespace", pkgRef.GetContext().GetNamespace(), "id", identifier)
+ log.InfoS("+fluxv2 GetInstalledPackageResourceRefs", "cluster", pkgRef.GetContext().GetCluster(), "namespace", pkgRef.GetContext().GetNamespace(), "id", pkgRef.GetIdentifier())
- key := types.NamespacedName{Namespace: pkgRef.Context.Namespace, Name: identifier}
- rel, err := s.getReleaseInCluster(ctx, request.Header(), key)
+ // Getting dynamic client
+ dynamicClient, err := s.clientGetter.Dynamic(request.Header(), pkgRef.GetContext().GetCluster())
if err != nil {
+ log.Errorf("Failed to get dynamic client: %v", err)
return nil, err
}
- hrName := helmReleaseName(key, rel)
- refs, err := resourcerefs.GetInstalledPackageResourceRefs(request.Header(), hrName, s.actionConfigGetter)
+
+ // Getting Discovery Client to work with RESTMapper
+ discoveryClient, err := s.clientGetter.Typed(request.Header(), pkgRef.GetContext().GetCluster())
if err != nil {
+ log.Errorf("Failed to create discovery client: %v", err)
return nil, err
- } else {
- return connect.NewResponse(
- &corev1.GetInstalledPackageResourceRefsResponse{
- Context: &corev1.Context{
- Cluster: s.kubeappsCluster,
- // TODO (gfichtenholt) it is not specifically called out in the spec why there is a
- // need for a Context in the response and MORE imporantly what the value of Namespace
- // field should be. In particular, there is use case when Flux Helm Release in
- // installed in ns1 but specifies targetNamespace as test2. Should we:
- // (a) return ns1 (the namespace where CRs are installed) OR
- // (b) return ns2 (the namespace where flux installs the resources specified by the
- // release).
- // For now lets use (a)
- Namespace: key.Namespace,
- },
- ResourceRefs: refs,
- }), nil
}
+ mapper := restmapper.NewDeferredDiscoveryRESTMapper(memory.NewMemCacheClient(discoveryClient.Discovery()))
+
+ // Getting the role
+ roleGVR := schema.GroupVersionResource{Group: "rbac.authorization.k8s.io", Version: "v1", Resource: "roles"}
+ roleName := fmt.Sprintf("%s-dashboard-resources", pkgRef.GetIdentifier())
+ namespace := pkgRef.GetContext().GetNamespace()
+ role, err := dynamicClient.Resource(roleGVR).Namespace(namespace).Get(ctx, roleName, metav1.GetOptions{})
+ if err != nil {
+ log.Errorf("Failed to get role %s: %v", roleName, err)
+ return nil, connect.NewError(connect.CodeInvalidArgument, fmt.Errorf("Unable to get role %s: %w", roleName, err))
+ }
+
+ // Logging Role content for debugging
+ roleContent, _ := json.Marshal(role)
+ log.Infof("Role content: %s", string(roleContent))
+
+ // Parsing rules from Role and creating ResourceRefs
+ resourcesFromRole := make([]*corev1.ResourceRef, 0)
+ rules, found, _ := unstructured.NestedSlice(role.Object, "rules")
+ if !found {
+ log.Errorf("No rules found in role %s", roleName)
+ return nil, connect.NewError(connect.CodeInternal, fmt.Errorf("No rules found in role %s", roleName))
+ }
+
+ for _, rule := range rules {
+ r := rule.(map[string]interface{})
+ resources, _ := r["resources"].([]interface{})
+ apiGroups, _ := r["apiGroups"].([]interface{})
+
+ for _, resource := range resources {
+ resourceStr := resource.(string)
+ for _, apiGroup := range apiGroups {
+ apiGroupStr := apiGroup.(string)
+
+ // Using GroupVersionResource to get GroupVersionKind
+ gvr := schema.GroupVersionResource{Group: apiGroupStr, Version: "v1", Resource: resourceStr}
+ gvk, err := mapper.KindFor(gvr)
+ if err != nil {
+ log.Errorf("Failed to get GroupVersionKind for GVR %v: %v", gvr, err)
+ continue
+ }
+
+ resourceNames, _ := r["resourceNames"].([]interface{})
+ for _, resourceName := range resourceNames {
+ resourceNameStr := resourceName.(string)
+ resourcesFromRole = append(resourcesFromRole, &corev1.ResourceRef{
+ ApiVersion: gvk.GroupVersion().String(),
+ Kind: gvk.Kind,
+ Name: resourceNameStr,
+ Namespace: namespace,
+ })
+ }
+ }
+ }
+ }
+
+ return connect.NewResponse(&corev1.GetInstalledPackageResourceRefsResponse{
+ Context: &corev1.Context{
+ Cluster: s.kubeappsCluster,
+ Namespace: namespace,
+ },
+ ResourceRefs: resourcesFromRole,
+ }), nil
}
func (s *Server) AddPackageRepository(ctx context.Context, request *connect.Request[corev1.AddPackageRepositoryRequest]) (*connect.Response[corev1.AddPackageRepositoryResponse], error) {

38
packages/system/dashboard/images/kubeapps-apis/dockerfile.diff
View File

@@ -1,38 +0,0 @@
--- b/system/kubeapps/images/kubeapps-apis/Dockerfile
+++ a/system/kubeapps/images/kubeapps-apis/Dockerfile
@@ -3,9 +3,19 @@
# syntax = docker/dockerfile:1
+FROM alpine as source
+ARG VERSION=v2.11.0
+RUN apk add --no-cache patch
+WORKDIR /source
+RUN wget -O- https://github.com/vmware-tanzu/kubeapps/archive/refs/tags/${VERSION}.tar.gz | tar xzf - --strip-components=1
+COPY fluxcd.diff /patches/fluxcd.diff
+COPY labels.diff /patches/labels.diff
+COPY reconcile-strategy.diff /patches/reconcile-strategy.diff
+COPY dashboard-resource.diff /patches/dashboard-resource.diff
+RUN patch -p1 < /patches/fluxcd.diff
+RUN patch -p1 < /patches/labels.diff
+RUN patch -p1 < /patches/reconcile-strategy.diff
+RUN patch -p1 < /patches/dashboard-resource.diff
+
FROM bitnami/golang:1.22.2 as builder
WORKDIR /go/src/github.com/vmware-tanzu/kubeapps
-COPY go.mod go.sum ./
+COPY --from=source /source/go.mod /source/go.sum ./
ARG VERSION="devel"
ARG TARGETARCH
@@ -40,8 +52,8 @@
# We don't copy the pkg and cmd directories until here so the above layers can
# be reused.
-COPY pkg pkg
-COPY cmd cmd
+COPY --from=source /source/pkg pkg
+COPY --from=source /source/cmd cmd
RUN if [ ! -z ${lint:-} ]; then \
# Run golangci-lint to detect issues

3268
packages/system/dashboard/images/kubeapps-apis/fluxcd.diff
View File

File diff suppressed because it is too large Load Diff

69
packages/system/dashboard/images/kubeapps-apis/labels.diff
View File

@@ -1,69 +0,0 @@
diff --git a/cmd/kubeapps-apis/plugins/fluxv2/packages/v1alpha1/release.go b/cmd/kubeapps-apis/plugins/fluxv2/packages/v1alpha1/release.go
index 37593c166..bc58a05ef 100644
--- a/cmd/kubeapps-apis/plugins/fluxv2/packages/v1alpha1/release.go
+++ b/cmd/kubeapps-apis/plugins/fluxv2/packages/v1alpha1/release.go
@@ -29,8 +29,10 @@ import (
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/api/meta"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/labels"
"k8s.io/apimachinery/pkg/types"
log "k8s.io/klog/v2"
+ ctrlclient "sigs.k8s.io/controller-runtime/pkg/client"
"sigs.k8s.io/yaml"
)
@@ -54,7 +56,10 @@ func (s *Server) listReleasesInCluster(ctx context.Context, headers http.Header,
// see any results created/updated/deleted after the first request is issued
// To fix this, we must make use of resourceVersion := relList.GetResourceVersion()
var relList helmv2.HelmReleaseList
- if err = client.List(ctx, &relList); err != nil {
+ listOptions := ctrlclient.ListOptions{
+ LabelSelector: labels.SelectorFromSet(labels.Set{"cozystack.io/ui": "true"}),
+ }
+ if err = client.List(ctx, &relList, &listOptions); err != nil {
return nil, connecterror.FromK8sError("list", "HelmRelease", namespace+"/*", err)
} else {
return relList.Items, nil
@@ -508,6 +513,9 @@ func (s *Server) newFluxHelmRelease(chart *models.Chart, targetName types.Namesp
ObjectMeta: metav1.ObjectMeta{
Name: targetName.Name,
Namespace: targetName.Namespace,
+ Labels: map[string]string{
+ "cozystack.io/ui": "true",
+ },
},
Spec: helmv2.HelmReleaseSpec{
Chart: &helmv2.HelmChartTemplate{
diff --git a/cmd/kubeapps-apis/plugins/fluxv2/packages/v1alpha1/repo.go b/cmd/kubeapps-apis/plugins/fluxv2/packages/v1alpha1/repo.go
index 5154ed7f7..fe80fdf4f 100644
--- a/cmd/kubeapps-apis/plugins/fluxv2/packages/v1alpha1/repo.go
+++ b/cmd/kubeapps-apis/plugins/fluxv2/packages/v1alpha1/repo.go
@@ -32,6 +32,7 @@ import (
apiv1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/api/meta"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/labels"
"k8s.io/apimachinery/pkg/types"
"k8s.io/apimachinery/pkg/util/sets"
log "k8s.io/klog/v2"
@@ -64,7 +65,8 @@ func (s *Server) listReposInNamespace(ctx context.Context, headers http.Header,
var repoList sourcev1.HelmRepositoryList
listOptions := ctrlclient.ListOptions{
- Namespace: ns,
+ Namespace: ns,
+ LabelSelector: labels.SelectorFromSet(labels.Set{"cozystack.io/ui": "true"}),
}
if err := client.List(backgroundCtx, &repoList, &listOptions); err != nil {
return nil, connecterror.FromK8sError("list", "HelmRepository", "", err)
@@ -927,6 +929,9 @@ func newFluxHelmRepo(
ObjectMeta: metav1.ObjectMeta{
Name: targetName.Name,
Namespace: targetName.Namespace,
+ Labels: map[string]string{
+ "cozystack.io/ui": "true",
+ },
},
Spec: sourcev1.HelmRepositorySpec{
URL: url,

12
packages/system/dashboard/images/kubeapps-apis/reconcile-strategy.diff
View File

@@ -1,12 +0,0 @@
diff --git a/cmd/kubeapps-apis/plugins/fluxv2/packages/v1alpha1/release.go b/cmd/kubeapps-apis/plugins/fluxv2/packages/v1alpha1/release.go
index bc58a05ef..895a4024f 100644
--- a/cmd/kubeapps-apis/plugins/fluxv2/packages/v1alpha1/release.go
+++ b/cmd/kubeapps-apis/plugins/fluxv2/packages/v1alpha1/release.go
@@ -526,6 +526,7 @@ func (s *Server) newFluxHelmRelease(chart *models.Chart, targetName types.Namesp
Kind: sourcev1.HelmRepositoryKind,
Namespace: chart.Repo.Namespace,
},
+ ReconcileStrategy: "Revision",
},
},
},

303
packages/system/dashboard/values.yaml
View File

@@ -41,10 +41,309 @@ kubeapps:
registry: ghcr.io/aenix-io/cozystack
repository: dashboard
tag: latest
digest: "sha256:c0a3122652cdceb06d73777126cb3fb11334a5da758eaa690bfed2fcec08b839"
digest: "sha256:48d84bd1d0371d89bba8e2b379186cc1349f88e99ddd41bd453d91ffce9ab5c0"
kubeappsapis:
image:
registry: ghcr.io/aenix-io/cozystack
repository: kubeapps-apis
tag: latest
digest: "sha256:c20941e09628e625951558fe850310c4cf00aee2c26749a870108ea96ab881fd"
digest: "sha256:00f1545c7bb3a98ff387a9ab1bb5501e3108a868be0c7cf138bd1eb7452ceddf"
pluginConfig:
flux:
packages:
v1alpha1:
resources:
- application:
kind: Bucket
singular: bucket
plural: buckets
release:
prefix: bucket-
labels:
cozystack.io/ui: "true"
chart:
name: bucket
sourceRef:
kind: HelmRepository
name: cozystack-apps
namespace: cozy-public
- application:
kind: ClickHouse
singular: clickhouse
plural: clickhouses
release:
prefix: clickhouse-
labels:
cozystack.io/ui: "true"
chart:
name: clickhouse
sourceRef:
kind: HelmRepository
name: cozystack-apps
namespace: cozy-public
- application:
kind: HTTPCache
singular: httpcache
plural: httpcaches
release:
prefix: http-cache-
labels:
cozystack.io/ui: "true"
chart:
name: http-cache
sourceRef:
kind: HelmRepository
name: cozystack-apps
namespace: cozy-public
- application:
kind: NATS
singular: nats
plural: natses
release:
prefix: nats-
labels:
cozystack.io/ui: "true"
chart:
name: nats
sourceRef:
kind: HelmRepository
name: cozystack-apps
namespace: cozy-public
- application:
kind: TCPBalancer
singular: tcpbalancer
plural: tcpbalancers
release:
prefix: tcp-balancer-
labels:
cozystack.io/ui: "true"
chart:
name: tcp-balancer
sourceRef:
kind: HelmRepository
name: cozystack-apps
namespace: cozy-public
- application:
kind: VirtualMachine
singular: virtualmachine
plural: virtualmachines
release:
prefix: virtual-machine-
labels:
cozystack.io/ui: "true"
chart:
name: virtual-machine
sourceRef:
kind: HelmRepository
name: cozystack-apps
namespace: cozy-public
- application:
kind: VPN
singular: vpn
plural: vpns
release:
prefix: vpn-
labels:
cozystack.io/ui: "true"
chart:
name: vpn
sourceRef:
kind: HelmRepository
name: cozystack-apps
namespace: cozy-public
- application:
kind: MySQL
singular: mysql
plural: mysqls
release:
prefix: mysql-
labels:
cozystack.io/ui: "true"
chart:
name: mysql
sourceRef:
kind: HelmRepository
name: cozystack-apps
namespace: cozy-public
- application:
kind: Tenant
singular: tenant
plural: tenants
release:
prefix: tenant-
labels:
cozystack.io/ui: "true"
chart:
name: tenant
sourceRef:
kind: HelmRepository
name: cozystack-apps
namespace: cozy-public
- application:
kind: Kubernetes
singular: kubernetes
plural: kuberneteses
release:
prefix: kubernetes-
labels:
cozystack.io/ui: "true"
chart:
name: kubernetes
sourceRef:
kind: HelmRepository
name: cozystack-apps
namespace: cozy-public
- application:
kind: Redis
singular: redis
plural: redises
release:
prefix: redis-
labels:
cozystack.io/ui: "true"
chart:
name: redis
sourceRef:
kind: HelmRepository
name: cozystack-apps
namespace: cozy-public
- application:
kind: RabbitMQ
singular: rabbitmq
plural: rabbitmqs
release:
prefix: rabbitmq-
labels:
cozystack.io/ui: "true"
chart:
name: rabbitmq
sourceRef:
kind: HelmRepository
name: cozystack-apps
namespace: cozy-public
- application:
kind: Postgres
singular: postgres
plural: postgreses
release:
prefix: postgres-
labels:
cozystack.io/ui: "true"
chart:
name: postgres
sourceRef:
kind: HelmRepository
name: cozystack-apps
namespace: cozy-public
- application:
kind: FerretDB
singular: ferretdb
plural: ferretdb
release:
prefix: ferretdb-
labels:
cozystack.io/ui: "true"
chart:
name: ferretdb
sourceRef:
kind: HelmRepository
name: cozystack-apps
namespace: cozy-public
- application:
kind: Kafka
singular: kafka
plural: kafkas
release:
prefix: kafka-
labels:
cozystack.io/ui: "true"
chart:
name: kafka
sourceRef:
kind: HelmRepository
name: cozystack-apps
namespace: cozy-public
- application:
kind: VMDisk
plural: vmdisks
singular: vmdisk
release:
prefix: vm-disk-
labels:
cozystack.io/ui: "true"
chart:
name: vm-disk
sourceRef:
kind: HelmRepository
name: cozystack-apps
namespace: cozy-public
- application:
kind: VMInstance
plural: vminstances
singular: vminstance
release:
prefix: vm-instance-
labels:
cozystack.io/ui: "true"
chart:
name: vm-instance
sourceRef:
kind: HelmRepository
name: cozystack-apps
namespace: cozy-public
- application:
kind: Monitoring
plural: monitorings
singular: monitoring
release:
prefix: ""
labels:
cozystack.io/ui: "true"
chart:
name: monitoring
sourceRef:
kind: HelmRepository
name: cozystack-extra
namespace: cozy-public
- application:
kind: Etcd
plural: etcds
singular: etcd
release:
prefix: ""
labels:
cozystack.io/ui: "true"
chart:
name: etcd
sourceRef:
kind: HelmRepository
name: cozystack-extra
namespace: cozy-public
- application:
kind: Ingress
plural: ingresses
singular: ingress
release:
prefix: ""
labels:
cozystack.io/ui: "true"
chart:
name: ingress
sourceRef:
kind: HelmRepository
name: cozystack-extra
namespace: cozy-public
- application:
kind: SeaweedFS
plural: seaweedfses
singular: seaweedfs
release:
prefix: ""
labels:
cozystack.io/ui: "true"
chart:
name: seaweedfs
sourceRef:
kind: HelmRepository
name: cozystack-extra
namespace: cozy-public