* feat: add support for multiple Datastores
* docs: add guide for datastore overrides
* feat(datastore): add e2e test for dataStoreOverrides
* ci: reclaim disk space from runner to fix flaky tests
* Feat: Gateway Routes Specs, plus resource and status init progress
* Generated content, RBAC and start of e2e
* latest code POC Working but e2e fails
* Use Gateway API v1.2.0
* Remove draft comment
* Use TCPRoute
* Revert the charts folder to reduce noise
* Use the correct controller-gen version
* Rename fields and fix tcp/tls typos
* Rename TLSRouteSpec to GatewayRouteSpec
* Remove last instance of tcproute
* Renaming more fields to match the gateway api naming
* Remove ownership of the gateway
* Revert Ko to 0.14.1 and makefile comments
* service discovery, webhooks, and deadcode removal.
* add conditional check for gateway api resources and mark is as owned!
* removing duplicated code and note for maybe a refactor later
* E2E now works!
* e2e suite modifications to support Gateway API v1alpha2 TLSRoute
* Suggestions commit, naming and other related.
* First pass at the status update
* Rename route to gateway
* Only allow one hostname in gateway
* Update status types
* WIP: testing conditions
* Update status API
* Add tests
* Detect endpoint
* Update manifests
* Remove old code and use proper condition check
* Fix compilation error
* Watch the Gateway resources
* Rename fields
* Add missing port
* Add ingress endpoint to the kubeadm
* Error if access points are empty
* Check the spec and status to delay the creation of the kubeadm
* Use the spec for the hostname
* Update api/v1alpha1/tenantcontrolplane_types.go
Co-authored-by: Dario Tranchitella <dario@tranchitella.eu>
* PR fixes, CEL k8s validations, proper status updates checks
* more context and separation of functions
* resolve all pr comments, with indexer
* merge master - go {sum,mod} updates dependabot
* Feat: Gateway Routes Specs, plus resource and status init progress
* Use Gateway API v1.2.0
* merge master - go {sum,mod} updates dependabot
* sum go mod tidy
* leftover comments
* clean go.sum
* fix: missing generated crds spec
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
* docs: gateway api support
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
* golint comments
* linting and test fix.
* Gateway API resource watching was made conditional to prevent crashes when CRDs are absent, and TLSRoute creation now returns an error when the service isn't ready instead of creating invalid resources with empty rules.
* unit test was incorrect after all the fixes we did, gracefull errors are not expected due to conditional adds
* fix(conditional-indexer): Gateway Indexer should also be conditional
* fix(conditional-indexer): Gateway Indexer should also be conditional
---------
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
Co-authored-by: Hadrien Kohl <hadrien.kohl@gmail.com>
Co-authored-by: Dario Tranchitella <dario@tranchitella.eu>
* fix(coredns): using patch for deployment and service reconciliation
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
* feat(kubeproxy): using patch for daemonset reconciliation
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
---------
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
This commit extends CRD API: Added hostNetwork field to KonnectivityAgentSpec struct.
It's false by default so it's backwards compatible.
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
* feat(migration): customising timeout via tcp annotation
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
* docs: customising migration timeout via tcp annotation
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
* fix(migrate): delete job in case of timeout change
This will delete the failed job due to an incorrect timeout and performs
the creation of a new object rather than updating it, since its
immutability in the API specification.
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
---------
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
* feat(migration): cleanup prior migration
When using the annotation `kamaji.clastix.io/cleanup-prior-migration`
with a true boolean value, Kamaji will perform a clean-up on the target
DataStore to avoid stale resources when back and forth migrations occur.
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
* docs: cleanup prior migration
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
---------
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
* feat(api): introducing sleeping status
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
* chore(helm)!: introducing sleeping status
Marking this commit as breaking since a CustomResourceDefinition update
is required for users dealing with scale to zero since the introduction
of the new enum for the status field.
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
* docs: introducing sleeping status
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
---------
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
Addresses #688, this commit removes the deprecated `spec.loadBalancerIP`.
With the property being set in the service, the AWS cloud controller complained and caused issues.
This commit introduces a breaking change such as the removal of
the default bootstrap token created by kubeadm on an idempotent basis.
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
* feat(webhook): validating api server cert sans
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
* feat(controller): validating api server cert sans
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
---------
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
* feat(crd): add LoadBalancerSourceRanges field and integrate with service resource
* test(crd): add tests for CEL validation logic
* feat(webhook): implement LoadBalancerSourceRanges validation logic for CIDRs
* test(webhook): add tests for webhook validation logic
* test: modify Makefile for envtest setup
* docs: add LoadBalancerSourceRanges field to API reference
* feat: Add DataStoreSchema field to TCP spec
* feat: Read DB_SCHEMA from TCP spec field
* feat: Default DataStoreSchema in webhook
* fix: Catch unsetting the dataStore via CEL
* fix: Apply all patches, not only the first
This also includes converting OnUpdate() to a no-op, as the
existence and immutability of the fields are already checked
by the API server, thanks to kubebuilder markers.
The webhook ensures that fields like dataStore, dataStoreSchema
are defaulted during creation (if unset), and the CEL expressions
prohibit unsetting them during update.
* test: Add tests for defaulting webhook
* fix: typo
* fix: Linter issues
* fix: make apidoc
* Update TCP CRD in charts folder
* fix: Don't run E2E tests during `make test`
* fix: Use proper `metav1` import name
* feat: Handle updates of TCPs without dataStoreSchema (+ tests)
* fix: Prioritize Status over Spec
Co-authored-by: Dario Tranchitella <dario@tranchitella.eu>
* Update goDoc on DataStore field
* make apidoc
---------
Co-authored-by: Dario Tranchitella <dario@tranchitella.eu>
A bug has been introduced with #527 which doesn't handle properly all the required business logic, such as the application of customised labels, as well as the handling of the controller Resource.
Signed-off-by: Dario Tranchitella <dario@tranchitella.eu>
* chore: improve error handling and logging for certificate operations
- Enhance error reporting in GenerateCertificatePrivateKeyPair function
- Add detailed error checks for CA certificate and private key parsing
- Implement check for expected number of certificate files
- Improve error logging in APIServerCertificate resource
This commit preserves more details about certificate-related issues,
aiding in debugging and troubleshooting.
* feat: support loadbalancer hostname resolution
Add functionality to resolve loadbalancer hostname to IP address in DeclaredControlPlaneAddress method.
This enhances the existing IP address handling by allowing the use of hostnames for loadbalancers.
- Add hostname check in addition to IP check
- Implement hostname resolution using net.LookupIP
- Return the first resolved IP address if available
* fix: Remove hostname support for LoadBalancer ingress
- Extract LoadBalancer address logic to separate function
- Remove hostname resolution for LoadBalancer ingress
- Add explanatory comments on reasons for not supporting hostnames
* fix: replace fmt and vet with golint
- Remove fmt and vet targets
- Update build target to use golint instead of fmt and vet
- Remove fmt and vet dependencies from run target
* fix: lint errors
