feat: Integrate Tanzu Sources (vSphere/Horizon) for Knative

Closes: 1066
Signed-off-by: William Lam <[email protected]>

files/configs/event-router/templates/vmware-event-router-config-template.yaml

@@ -2,11 +2,8 @@
 #@ load("@ytt:data", "data")
 
 #@ load("@ytt:json", "json")
-#@ vcenter = json.decode(data.values.config)["ESCAPED_VCENTER_SERVER"]
-#@ vcenterUsername = json.decode(data.values.config)["ESCAPED_VCENTER_USERNAME"]
-#@ vcenterPassword = json.decode(data.values.config)["ESCAPED_VCENTER_PASSWORD"]
-#@ vcenterTls = json.decode(data.values.config)["VCENTER_DISABLE_TLS"]
-
+#@ webhookUsername = json.decode(data.values.config)["ESCAPED_WEBHOOK_USERNAME"]
+#@ webhookPassword = json.decode(data.values.config)["ESCAPED_WEBHOOK_PASSWORD"]
 #@ routerName = "vmware-event-router-config-knative-" + data.values.eventProvider
 
 apiVersion: event-router.vmware.com/v1alpha1
@@ -23,48 +20,6 @@ eventProcessor:
         name: default
         namespace: vmware-functions
 eventProvider:
-  #@ if data.values.eventProvider == "vcenter":
-  name: veba-vc-01
-  type: vcenter
-  vcenter:
-    address: #@ "https://"+vcenter+"/sdk"
-    auth:
-      basicAuth:
-        username: #@ vcenterUsername
-        password: #@ vcenterPassword
-      type: basic_auth
-    #@ if vcenterTls == "True":
-    insecureSSL: true
-    #@ else:
-    insecureSSL: false
-    #@ end
-    checkpoint: false
-  #@ end
-  #@ if data.values.eventProvider == "horizon":
-  #@ horizon = json.decode(data.values.config)["ESCAPED_HORIZON_SERVER"]
-  #@ horizonDomain = json.decode(data.values.config)["HORIZON_DOMAIN"]
-  #@ horizonUsername = json.decode(data.values.config)["ESCAPED_HORIZON_USERNAME"]
-  #@ horizonPassword = json.decode(data.values.config)["ESCAPED_HORIZON_PASSWORD"]
-  #@ horizonNoTLS = json.decode(data.values.config)["HORIZON_DISABLE_TLS"]
-  name: veba-horizon-01
-  type: horizon
-  horizon:
-    address: #@ "https://"+horizon
-    auth:
-      type: active_directory
-      activeDirectoryAuth:
-        domain: #@ horizonDomain
-        username: #@ horizonUsername
-        password: #@ horizonPassword
-    #@ if horizonNoTLS == "True":
-    insecureSSL: true
-    #@ else:
-    insecureSSL: false
-    #@ end
-  #@ end
-  #@ if data.values.eventProvider == "webhook":
-  #@ webhookUsername = json.decode(data.values.config)["ESCAPED_WEBHOOK_USERNAME"]
-  #@ webhookPassword = json.decode(data.values.config)["ESCAPED_WEBHOOK_PASSWORD"]
   name: veba-webhook-01
   type: webhook
   webhook:
@@ -77,7 +32,6 @@ eventProvider:
         username: #@ webhookUsername
         password: #@ webhookPassword
     #@ end
-  #@ end
 kind: RouterConfig
 metadata:
   name: #@ routerName

files/configs/event-router/templates/vmware-event-router-k8s-template.yaml

@@ -56,12 +56,10 @@ spec:
       name: metrics
       protocol: TCP
       targetPort: 8082
-    #@ if data.values.eventProvider == "webhook":
     - port: 8080
       name: webhook
       protocol: TCP
       targetPort: 8080
-    #@ end
   selector:
     app: #@ routerName
   sessionAffinity: None

files/configs/horizon-source/templates/horizon-source-template.yml

@@ -0,0 +1,27 @@
+#@ load("@ytt:overlay", "overlay")
+#@ load("@ytt:data", "data")
+
+#@ load("@ytt:json", "json")
+#@ horizon = json.decode(data.values.config)["ESCAPED_HORIZON_SERVER"]
+#@ horizonDisableTls = json.decode(data.values.config)["HORIZON_DISABLE_TLS"]
+
+apiVersion: sources.tanzu.vmware.com/v1alpha1
+kind: HorizonSource
+metadata:
+  name: horizon-source
+spec:
+  sink:
+    ref:
+      apiVersion: eventing.knative.dev/v1
+      kind: Broker
+      name: default
+      namespace: vmware-functions
+  address: #@ "https://"+horizon
+  #@ if horizonDisableTls == "True":
+  skipTLSVerify: true
+  #@ else:
+  skipTLSVerify: false
+  #@ end
+  secretRef:
+    name: horizon-creds
+  serviceAccountName: horizon-source-sa

files/configs/vsphere-source/templates/vsphere-source-template.yml

@@ -0,0 +1,32 @@
+#@ load("@ytt:overlay", "overlay")
+#@ load("@ytt:data", "data")
+
+#@ load("@ytt:json", "json")
+#@ vcenter = json.decode(data.values.config)["ESCAPED_VCENTER_SERVER"]
+#@ vcenterDisableTls = json.decode(data.values.config)["VCENTER_DISABLE_TLS"]
+#@ vcenterCheckpointAge = json.decode(data.values.config)["VCENTER_CHECKPOINTING_AGE"]
+#@ vcenterCheckpointPeriod = json.decode(data.values.config)["VCENTER_CHECKPOINTING_PERIOD"]
+
+apiVersion: sources.tanzu.vmware.com/v1alpha1
+kind: VSphereSource
+metadata:
+  name: vsphere-source
+spec:
+  sink:
+    ref:
+      apiVersion: eventing.knative.dev/v1
+      kind: Broker
+      name: default
+      namespace: vmware-functions
+  address: #@ "https://"+vcenter
+  checkpointConfig:
+    maxAgeSeconds: #@ vcenterCheckpointAge
+    periodSeconds: #@ vcenterCheckpointPeriod
+  #@ if vcenterDisableTls == "True":
+  skipTLSVerify: true
+  #@ else:
+  skipTLSVerify: false
+  #@ end
+  secretRef:
+    name: vsphere-creds
+  serviceAccountName: vsphere-source-sa

files/downloads/tanzu-sources/overlay.yaml

@@ -0,0 +1,50 @@
+#@ load("@ytt:overlay", "overlay")
+#@ load("@ytt:data", "data")
+
+#@ load("@ytt:json", "json")
+#@ tanzuSourcesDebug = json.decode(data.values.config)["TANZU_SOURCES_DEBUG"]
+
+#@ def updates():
+  #@ if tanzuSourcesDebug == "True":
+  level: "debug"
+  #@ end
+#@ end
+
+#@overlay/match by=overlay.subset({"kind":"Deployment", "metadata": {"name": "horizon-source-controller", "namespace": "vmware-sources"}})
+---
+spec:
+  template:
+    spec:
+      containers:
+      #@overlay/match by=overlay.all, expects="1+"
+      -
+        #@overlay/match missing_ok=True
+        imagePullPolicy: IfNotPresent
+
+#@overlay/match by=overlay.subset({"kind":"Deployment", "metadata": {"name": "horizon-source-webhook", "namespace": "vmware-sources"}})
+---
+spec:
+  template:
+    spec:
+      containers:
+      #@overlay/match by=overlay.all, expects="1+"
+      -
+        #@overlay/match missing_ok=True
+        imagePullPolicy: IfNotPresent
+
+#@overlay/match by=overlay.subset({"kind":"Deployment", "metadata": {"name": "vsphere-source-webhook", "namespace": "vmware-sources"}})
+---
+spec:
+  template:
+    spec:
+      containers:
+      #@overlay/match by=overlay.all, expects="1+"
+      -
+        #@overlay/match missing_ok=True
+        imagePullPolicy: IfNotPresent
+
+#@overlay/match by=overlay.subset({"metadata":{"name":"config-logging"}}), expects="1+"
+---
+data:
+  #@overlay/replace via=lambda a,_: json.encode(overlay.apply(json.decode(a), updates()), indent=2)
+  zap-logger-config:

files/setup-01-os.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Copyright 2021 VMware, Inc. All rights reserved.
+# Copyright 2023 VMware, Inc. All rights reserved.
 # SPDX-License-Identifier: BSD-2
 
 # OS Specific Settings where ordering does not matter

files/setup-010-veba-ui.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Copyright 2021 VMware, Inc. All rights reserved.
+# Copyright 2023 VMware, Inc. All rights reserved.
 # SPDX-License-Identifier: BSD-2
 
 # Setup Knative UI

files/setup-011-fluentbit.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Copyright 2021 VMware, Inc. All rights reserved.
+# Copyright 2023 VMware, Inc. All rights reserved.
 # SPDX-License-Identifier: BSD-2
 
 # Setup FluentBit

files/setup-012-cadvisor.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Copyright 2021 VMware, Inc. All rights reserved.
+# Copyright 2023 VMware, Inc. All rights reserved.
 # SPDX-License-Identifier: BSD-2
 
 # Setup Google cAdvisor

files/setup-02-proxy.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Copyright 2021 VMware, Inc. All rights reserved.
+# Copyright 2023 VMware, Inc. All rights reserved.
 # SPDX-License-Identifier: BSD-2
 
 # Setup Network Proxy for both OS and Containerd

files/setup-03-network.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Copyright 2021 VMware, Inc. All rights reserved.
+# Copyright 2023 VMware, Inc. All rights reserved.
 # SPDX-License-Identifier: BSD-2
 
 # Setup Networking

files/setup-04-kubernetes.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Copyright 2021 VMware, Inc. All rights reserved.
+# Copyright 2023 VMware, Inc. All rights reserved.
 # SPDX-License-Identifier: BSD-2
 
 # Setup Containerd and Kubernetes

files/setup-05-knative.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-# Copyright 2021 VMware, Inc. All rights reserved.
+# Copyright 2023 VMware, Inc. All rights reserved.
 # SPDX-License-Identifier: BSD-2
 
 # Setup Knative
@@ -10,6 +10,7 @@ echo -e "\e[92mDeploying Knative Serving ..." > /dev/console
 kubectl apply -f /root/download/serving-crds.yaml
 kubectl apply -f /root/download/serving-core.yaml
 kubectl wait deployment --all --timeout=${KUBECTL_WAIT} --for=condition=Available -n knative-serving
+
 kubectl apply -f /root/download/knative-contour.yaml
 kubectl apply -f /root/download/net-contour.yaml
 kubectl patch configmap/config-network --namespace knative-serving --type merge --patch '{"data":{"ingress.class":"contour.ingress.networking.knative.dev"}}'
@@ -19,7 +20,7 @@ kubectl wait deployment --all --timeout=${KUBECTL_WAIT} --for=condition=Availabl
 echo -e "\e[92mDeploying Knative Eventing ..." > /dev/console
 kubectl apply -f /root/download/eventing-crds.yaml
 kubectl apply -f /root/download/eventing-core.yaml
-kubectl wait pod --timeout=${KUBECTL_WAIT} --for=condition=Ready -l '!job-name' -n knative-eventing
+kubectl wait deployment --all --timeout=${KUBECTL_WAIT} --for=condition=Available -n knative-eventing
 
 echo -e "\e[92mDeploying RabbitMQ Cluster Operator ..." > /dev/console
 kubectl apply -f /root/download/cluster-operator.yml
@@ -42,6 +43,7 @@ RABBITMQ_CONFIG_TEMPLATE=/root/config/knative/templates/rabbit-template.yaml
 RABBITMQ_CONFIG=/root/config/knative/rabbit.yaml
 ytt --data-value-file bom=${VEBA_BOM_FILE} -f ${RABBITMQ_CONFIG_TEMPLATE} > ${RABBITMQ_CONFIG}
 kubectl apply -f ${RABBITMQ_CONFIG}
+kubectl wait --for=condition=Ready broker/default --timeout=${KUBECTL_WAIT} -n vmware-functions
 
 echo -e "\e[92mDeploying Sockeye ..." > /dev/console
 
@@ -55,4 +57,17 @@ SOCKEYE_CONFIG=/root/config/knative/sockeye.yaml
 # Apply YTT overlay
 ytt --data-value-file bom=${VEBA_BOM_FILE} -f ${SOCKEYE_TEMPLATE} > ${SOCKEYE_CONFIG}
 
-kubectl -n vmware-functions apply -f ${SOCKEYE_CONFIG}
+kubectl -n vmware-functions apply -f ${SOCKEYE_CONFIG}
+
+# Install Tanzu Sources for Knative
+echo -e "\e[92mDeploying Tanzu Sources for Knative ..." > /dev/console
+TANZU_SOURCES_TEMPLATE=/root/download/tanzu-sources/templates/tanzu-sources-release.yaml
+TANZU_SOURCES_OVERLAY=/root/download/tanzu-sources/overlay.yaml
+TANZU_SOURCES_CONFIG=/root/download/tanzu-sources-release.yaml
+ytt --data-value-file config=${VEBA_CONFIG_FILE} -f ${TANZU_SOURCES_OVERLAY} -f ${TANZU_SOURCES_TEMPLATE} > ${TANZU_SOURCES_CONFIG}
+kubectl apply -f ${TANZU_SOURCES_CONFIG}
+
+# Wait for all controllers/webhook to be ready
+kubectl wait --for=condition=ready pod -l app=horizon-source-controller --timeout=${KUBECTL_WAIT} -n vmware-sources
+kubectl wait --for=condition=ready pod -l app=horizon-source-webhook --timeout=${KUBECTL_WAIT} -n vmware-sources
+kubectl wait --for=condition=ready pod -l app=vsphere-source-webhook --timeout=${KUBECTL_WAIT} -n vmware-sources

files/setup-06-horizon-sources.sh

@@ -0,0 +1,25 @@
+#!/bin/bash
+# Copyright 2023 VMware, Inc. All rights reserved.
+# SPDX-License-Identifier: BSD-2
+
+# Setup Horizon Sources
+
+set -euo pipefail
+
+# Create Horizon Secret
+echo -e "\e[92mCreating Horizon Secret ..." > /dev/console
+kubectl -n vmware-functions create secret generic horizon-creds --from-literal=domain=${HORIZON_DOMAIN} --from-literal=username=${HORIZON_USERNAME} --from-literal=password=${HORIZON_PASSWORD}
+
+# Create vSphere Source
+echo -e "\e[92mCreating Horizon Source ..." > /dev/console
+
+echo -e "\e[92mCreating Horizon ServiceAccount ..." > /dev/console
+kubectl -n vmware-functions create sa horizon-source-sa
+
+HORIZON_SOURCE_CONFIG_TEMPLATE=/root/config/horizon-source/templates/horizon-source-template.yml
+HORIZON_SOURCE_CONFIG=/root/config/horizon-source/horizon-source.yml
+
+ytt --data-value-file config=${VEBA_CONFIG_FILE} -f ${HORIZON_SOURCE_CONFIG_TEMPLATE} > ${HORIZON_SOURCE_CONFIG}
+
+kubectl -n vmware-functions create -f ${HORIZON_SOURCE_CONFIG}
+kubectl wait --for=condition=Available deploy/horizon-source-adapter --timeout=${KUBECTL_WAIT} -n vmware-functions

files/setup-06-vsphere-sources.sh

@@ -0,0 +1,25 @@
+#!/bin/bash
+# Copyright 2023 VMware, Inc. All rights reserved.
+# SPDX-License-Identifier: BSD-2
+
+# Setup vSphere Sources
+
+set -euo pipefail
+
+echo -e "\e[92mCreating vSphere Secret ..." > /dev/console
+kubectl -n vmware-functions create secret generic vsphere-creds --from-literal=username=${VCENTER_USERNAME} --from-literal=password=${VCENTER_PASSWORD}
+
+echo -e "\e[92mCreating vSphere ServiceAccount ..." > /dev/console
+kubectl -n vmware-functions create sa vsphere-source-sa
+
+echo -e "\e[92mCreating vSphere Source ..." > /dev/console
+# Create vSphere Source
+VSPHERE_SOURCE_CONFIG_TEMPLATE=/root/config/vsphere-source/templates/vsphere-source-template.yml
+VSPHERE_SOURCE_CONFIG=/root/config/vsphere-source/vsphere-source.yml
+
+ytt --data-value-file config=${VEBA_CONFIG_FILE} -f ${VSPHERE_SOURCE_CONFIG_TEMPLATE} > ${VSPHERE_SOURCE_CONFIG}
+
+kubectl -n vmware-functions create -f ${VSPHERE_SOURCE_CONFIG}
+kubectl wait --for=condition=ready vspheresource.sources.tanzu.vmware.com/vsphere-source --timeout=${KUBECTL_WAIT} -n vmware-functions
+kubectl wait --for=condition=ready vspherebinding.sources.tanzu.vmware.com/vsphere-source-vspherebinding --timeout=${KUBECTL_WAIT} -n vmware-functions
+