Merge pull request #259 from gianlucam76/main

Merge dev to main

.github/workflows/main.yaml

@@ -18,7 +18,7 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@v4
       with:
-        go-version: 1.20.8
+        go-version: 1.21.5
     - name: Build
       run: make build
     - name: FMT
@@ -37,7 +37,7 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@v4
       with:
-        go-version: 1.20.8
+        go-version: 1.21.5
     - name: ut
       run: make test
       env:

.golangci.yaml

@@ -1,24 +1,4 @@
 linters-settings:
-  depguard:
-    list-type: blacklist
-    packages:
-      # Following logging implementations are allowed:
-      #   k8s.io/klog
-      #   go.uber.org/zap
-      #   go-logr/logr
-      #
-      # note that the following list will grow.
-      - github.com/google/glog
-      - log
-      - github.com/sirupsen/logrus
-      - github.com/wojas/genericr
-      - logfmt
-    packages-with-error-message:
-      - github.com/google/glog: "Use klog, zap, or logr for logging."
-      - log: "Use klog, zap, or logr for logging."
-      - github.com/sirupsen/logrus: "Use klog, zap, or logr for logging."
-      - github.com/wojas/genericr: "Use klog, zap, or logr for logging."
-      - logfmt: "Use klog, zap, or logr for logging."
   dupl:
     threshold: 200
   errorlint:
@@ -116,7 +96,6 @@ linters:
     - bidichk
     - containedctx
     - bodyclose
-    - depguard
     - dogsled
     - dupl
     - durationcheck

Makefile

@@ -31,7 +31,7 @@ KUSTOMIZE := $(TOOLS_BIN_DIR)/kustomize
 GINKGO := $(TOOLS_BIN_DIR)/ginkgo
 SETUP_ENVTEST := $(TOOLS_BIN_DIR)/setup_envs
 
-GOLANGCI_LINT_VERSION := "v1.52.2"
+GOLANGCI_LINT_VERSION := "v1.55.2"
 
 $(CONTROLLER_GEN): $(TOOLS_DIR)/go.mod # Build controller-gen from tools folder.
 	cd $(TOOLS_DIR); $(GOBUILD) -tags=tools -o $(subst $(TOOLS_DIR)/hack/tools/,,$@) sigs.k8s.io/controller-tools/cmd/controller-gen

api/v1alpha1/addoncompliance_type.go

@@ -43,28 +43,6 @@ func GetClusterAnnotation() string {
 	return "addon-compliance-ready"
 }
 
-type OpenAPIValidationRef struct {
-	// Namespace of the referenced resource.
-	// +kubebuilder:validation:MinLength=1
-	Namespace string `json:"namespace"`
-
-	// Name of the referenced resource.
-	// +kubebuilder:validation:MinLength=1
-	Name string `json:"name"`
-
-	// Kind of the resource. Supported kinds are:
-	// - flux GitRepository;OCIRepository;Bucket
-	// - ConfigMap/Secret
-	// +kubebuilder:validation:Enum=GitRepository;OCIRepository;Bucket;ConfigMap;Secret
-	Kind string `json:"kind"`
-
-	// Path to the directory containing the openapi validations.
-	// Defaults to 'None', which translates to the root path of the SourceRef.
-	// Ignored for ConfigMap/Secret.
-	// +optional
-	Path string `json:"path,omitempty"`
-}
-
 type LuaValidationRef struct {
 	// Namespace of the referenced resource.
 	// +kubebuilder:validation:MinLength=1
@@ -80,7 +58,7 @@ type LuaValidationRef struct {
 	// +kubebuilder:validation:Enum=GitRepository;OCIRepository;Bucket;ConfigMap;Secret
 	Kind string `json:"kind"`
 
-	// Path to the directory containing the openapi validations.
+	// Path to the directory containing the lua validations.
 	// Defaults to 'None', which translates to the root path of the SourceRef.
 	// Ignored for ConfigMap/Secret.
 	// +optional
@@ -97,11 +75,6 @@ type AddonComplianceSpec struct {
 	// +optional
 	ClusterRefs []corev1.ObjectReference `json:"clusterRefs,omitempty"`
 
-	// OpenAPIValidationRefs is a list of OpenAPI validations. In the matching clusters, add-ons
-	// will be deployed only if all validations pass.
-	// +omitempty
-	OpenAPIValidationRefs []OpenAPIValidationRef `json:"openAPIValidationRefs,omitempty"`
-
 	// LuaValidationRefs is a list of validations defined in Lua language. In the matching clusters,
 	// add-ons will be deployed only if all validations pass.
 	// +omitempty
@@ -114,10 +87,6 @@ type AddonComplianceStatus struct {
 	// ClusterSelector
 	MatchingClusterRefs []corev1.ObjectReference `json:"matchingClusters,omitempty"`
 
-	// OpenapiValidations contains all validations collected from all existing
-	// referenced resources
-	OpenapiValidations map[string][]byte `json:"openapiValidations,omitempty"`
-
 	// LuaValidations contains all validations collected from all existing
 	// referenced resources
 	LuaValidations map[string][]byte `json:"luaValidations,omitempty"`

api/v1alpha1/classifier_types.go

@@ -1,5 +1,5 @@
 /*
-Copyright 2022. projectsveltos.io. All rights reserved.
+Copyright 2022-23. projectsveltos.io. All rights reserved.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -58,18 +58,6 @@ func GetClusterInfo(clusterNamespace, clusterName string) string {
 	return fmt.Sprintf("%s--%s", clusterNamespace, clusterName)
 }
 
-// Operation specifies
-// +kubebuilder:validation:Enum:=Equal;Different
-type Operation string
-
-const (
-	// OperationEqual will verify equality. Corresponds to ==
-	OperationEqual = Operation("Equal")
-
-	// OperationDifferent will verify difference. Corresponds to !=
-	OperationDifferent = Operation("Different")
-)
-
 type ClassifierLabel struct {
 	// Key is the label key
 	Key string `json:"key"`
@@ -78,66 +66,28 @@ type ClassifierLabel struct {
 	Value string `json:"value"`
 }
 
-type LabelFilter struct {
-	// Key is the label key
-	Key string `json:"key"`
-
-	// Operation is the comparison operation
-	Operation Operation `json:"operation"`
-
-	// Value is the label value
-	Value string `json:"value"`
-}
-
-type FieldFilter struct {
-	// Field is the field
-	Field string `json:"field"`
-
-	// Operation is the comparison operation
-	Operation Operation `json:"operation"`
-
-	// Value is the field value
-	Value string `json:"value"`
-}
-
 type DeployedResourceConstraint struct {
-	// Namespace of the resource deployed in the  Cluster.
-	// Empty for resources scoped at cluster level.
-	// +optional
-	Namespace string `json:"namespace,omitempty"`
-
-	// Group of the resource deployed in the Cluster.
-	Group string `json:"group"`
-
-	// Version of the resource deployed in the Cluster.
-	Version string `json:"version"`
-
-	// Kind of the resource deployed in the Cluster.
-	// +kubebuilder:validation:MinLength=1
-	Kind string `json:"kind"`
-
-	// LabelFilters allows to filter resources based on current labels.
-	LabelFilters []LabelFilter `json:"labelFilters,omitempty"`
-
-	// FieldFilters allows to filter resources based on current field values.
-	// Internally uses FieldSelector so only fields supported by FieldSelector can
-	// be used.
-	// Current list: https://github.com/kubernetes/kubernetes/blob/9d577d8a29893062dfbd669997396dbd01ab0e47/pkg/apis/core/v1/conversion.go#L33
-	FieldFilters []FieldFilter `json:"fieldFilters,omitempty"`
-
-	// MinCount is the minimum number of resources to match
-	// +optional
-	MinCount *int `json:"minCount,omitempty"`
-
-	// MaxCount is the maximun number of resources to match
+	// ResourceSelectors identifies what resources to select
+	// If no AggregatedClassification is specified, a cluster is
+	// a match for Classifier instance, if all ResourceSelectors returns at
+	// least one match.
+	ResourceSelectors []ResourceSelector `json:"resourceSelectors"`
+
+	// AggregatedClassification is optional and can be used to specify a Lua function
+	// that will be used to further detect whether the subset of the resources
+	// selected using the ResourceSelector field are a match for this Classifier.
+	// The function will receive the array of resources selected by ResourceSelectors.
+	// If this field is not specified, a cluster is a match for Classifier instance,
+	// if all ResourceSelectors returns at least one match.
+	// This field allows to perform more complex evaluation  on the resources, looking
+	// at all resources together.
+	// This can be useful for more sophisticated tasks, such as identifying resources
+	// that are related to each other or that have similar properties.
+	// The Lua function must return a struct with:
+	// - "matching" field: boolean indicating whether cluster is a match;
+	// - "message" field: (optional) message.
 	// +optional
-	MaxCount *int `json:"maxCount,omitempty"`
-
-	// Script is a text containing a lua script.
-	// Must return struct with field "matching"
-	// representing whether object is a match.
-	// +optional
-	Script string `json:"script,omitempty"`
+	AggregatedClassification string `json:"aggregatedClassification,omitempty"`
 }
 
 type KubernetesComparison string
@@ -163,10 +113,12 @@ type KubernetesVersionConstraint struct {
 
 // ClassifierSpec defines the desired state of Classifier
 type ClassifierSpec struct {
-	// DeployedResourceConstraints allows to classify based on current deployed resources
-	DeployedResourceConstraints []DeployedResourceConstraint `json:"deployedResourceConstraints,omitempty"`
+	// DeployedResourceConstraint allows to classify based on current deployed resources
+	// +optional
+	DeployedResourceConstraint *DeployedResourceConstraint `json:"deployedResourceConstraint,omitempty"`
 
 	// KubernetesVersionConstraints allows to classify based on current kubernetes version
+	// +optional
 	KubernetesVersionConstraints []KubernetesVersionConstraint `json:"kubernetesVersionConstraints,omitempty"`
 
 	// ClassifierLabels is set of labels, key,value pair, that will be added to each

api/v1alpha1/clusterhealthcheck_type.go

@@ -47,6 +47,14 @@ const (
 	WebexRoomID = "WEBEX_ROOM_ID"
 )
 
+// Discord constant
+// To have Sveltos sends a Discord notification, create a Secret of type "addons.projectsveltos.io/cluster-profile"
+// In the data section set both discord token and discord server ID
+const (
+	DiscordToken     = "DISCORD_TOKEN"
+	DiscordChannelID = "DISCORD_CHANNEL_ID"
+)
+
 // ConditionSeverity expresses the severity of a Condition Type failing.
 type ConditionSeverity string
 
@@ -140,7 +148,7 @@ type LivenessCheck struct {
 }
 
 // NotificationType specifies different type of notifications
-// +kubebuilder:validation:Enum:=KubernetesEvent;Slack;Webex
+// +kubebuilder:validation:Enum:=KubernetesEvent;Slack;Webex;Discord
 type NotificationType string
 
 const (
@@ -152,6 +160,9 @@ const (
 
 	// NotificationTypeWebex refers to generating a Webex message
 	NotificationTypeWebex = NotificationType("Webex")
+
+	// NotificationTypeDiscord refers to generating a Discord message
+	NotificationTypeDiscord = NotificationType("Discord")
 )
 
 type Notification struct {

api/v1alpha1/common_types.go

@@ -111,3 +111,56 @@ type ClusterInfo struct {
 	// +optional
 	FailureMessage *string `json:"failureMessage,omitempty"`
 }
+
+// Operation specifies
+// +kubebuilder:validation:Enum:=Equal;Different
+type Operation string
+
+const (
+	// OperationEqual will verify equality. Corresponds to ==
+	OperationEqual = Operation("Equal")
+
+	// OperationDifferent will verify difference. Corresponds to !=
+	OperationDifferent = Operation("Different")
+)
+
+type LabelFilter struct {
+	// Key is the label key
+	Key string `json:"key"`
+
+	// Operation is the comparison operation
+	Operation Operation `json:"operation"`
+
+	// Value is the label value
+	Value string `json:"value"`
+}
+
+// ResourceSelector defines what resources are a match
+type ResourceSelector struct {
+	// Group of the resource deployed in the Cluster.
+	Group string `json:"group"`
+
+	// Version of the resource deployed in the Cluster.
+	Version string `json:"version"`
+
+	// Kind of the resource deployed in the Cluster.
+	// +kubebuilder:validation:MinLength=1
+	Kind string `json:"kind"`
+
+	// LabelFilters allows to filter resources based on current labels.
+	// +optional
+	LabelFilters []LabelFilter `json:"labelFilters,omitempty"`
+
+	// Namespace of the resource deployed in the  Cluster.
+	// Empty for resources scoped at cluster level.
+	// +optional
+	Namespace string `json:"namespace,omitempty"`
+
+	// Evaluate contains a function "evaluate" in lua language.
+	// The function will be passed one of the object selected based on
+	// above criteria.
+	// Must return struct with field "matching" representing whether
+	// object is a match and an optional "message" field.
+	// +optional
+	Evaluate string `json:"evaluate,omitempty"`
+}

api/v1alpha1/eventsource_type.go

@@ -30,30 +30,23 @@ const (
 
 // EventSourceSpec defines the desired state of EventSource
 type EventSourceSpec struct {
-	// Group of the resource deployed in the Cluster.
-	Group string `json:"group"`
-
-	// Version of the resource deployed in the Cluster.
-	Version string `json:"version"`
-
-	// Kind of the resource deployed in the Cluster.
-	// +kubebuilder:validation:MinLength=1
-	Kind string `json:"kind"`
-
-	// LabelFilters allows to filter resources based on current labels.
-	// +optional
-	LabelFilters []LabelFilter `json:"labelFilters,omitempty"`
-
-	// Namespace of the resource deployed in the  Cluster.
-	// Empty for resources scoped at cluster level.
-	// +optional
-	Namespace string `json:"namespace,omitempty"`
-
-	// Script is a text containing a lua script.
-	// Must return struct with field "matching"
-	// representing whether object is a match.
-	// +optional
-	Script string `json:"script,omitempty"`
+	// ResourceSelectors identifies what resources to select
+	ResourceSelectors []ResourceSelector `json:"resourceSelectors"`
+
+	// This field is optional and can be used to specify a Lua function
+	// that will be used to further select a subset of the resources that
+	// have already been selected using the ResourceSelector field.
+	// The function will receive the array of resources selected by ResourceSelectors.
+	// If this field is not specified, all resources selected by the ResourceSelector
+	// field will be considered.
+	// This field allows to perform more complex filtering or selection operations
+	// on the resources, looking at all resources together.
+	// This can be useful for more sophisticated tasks, such as identifying resources
+	// that are related to each other or that have similar properties.
+	// The Lua function must return a struct with:
+	// - "resources" field: slice of matching resorces;
+	// - "message" field: (optional) message.
+	AggregatedSelection string `json:"aggregatedSelection,omitempty"`
 
 	// CollectResources indicates whether matching resources need
 	// to be collected and added to EventReport.