asset/manifests: bootstrap manifest generation

cmd/openshift-install/main.go

@@ -13,6 +13,7 @@ import (
 var (
 	installConfigCommand   = kingpin.Command("install-config", "Generate the Install Config asset")
 	ignitionConfigsCommand = kingpin.Command("ignition-configs", "Generate the Ignition Config assets")
+	manifestsCommand       = kingpin.Command("manifests", "Generate the Kubernetes manifests")
 
 	dirFlag  = kingpin.Flag("dir", "assets directory").Default(".").String()
 	logLevel = kingpin.Flag("log-level", "log level (e.g. \"debug\")").Default("warn").Enum("debug", "info", "warn", "error", "fatal", "panic")
@@ -33,6 +34,10 @@ func main() {
 			assetStock.MasterIgnition(),
 			assetStock.WorkerIgnition(),
 		}
+	case manifestsCommand.FullCommand():
+		targetAssets = []asset.Asset{
+			assetStock.Manifests(),
+		}
 	}
 
 	l, err := log.ParseLevel(*logLevel)

pkg/asset/cluster/BUILD.bazel

@@ -0,0 +1,18 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "doc.go",
+        "stock.go",
+        "tfvar.go",
+    ],
+    importpath = "github.com/openshift/installer/pkg/asset/cluster",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//pkg/asset:go_default_library",
+        "//pkg/asset/ignition:go_default_library",
+        "//pkg/asset/installconfig:go_default_library",
+        "//pkg/types/config:go_default_library",
+    ],
+)

pkg/asset/manifests/BUILD.bazel

@@ -0,0 +1,32 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "kube-addon-operator.go",
+        "kube-core-operator.go",
+        "machine-api-operator.go",
+        "network-operator.go",
+        "operators.go",
+        "stock.go",
+        "template.go",
+        "utils.go",
+    ],
+    importpath = "github.com/openshift/installer/pkg/asset/manifests",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//pkg/asset:go_default_library",
+        "//pkg/asset/installconfig:go_default_library",
+        "//pkg/asset/kubeconfig:go_default_library",
+        "//pkg/asset/manifests/content:go_default_library",
+        "//pkg/asset/tls:go_default_library",
+        "//pkg/rhcos:go_default_library",
+        "//pkg/types:go_default_library",
+        "//vendor/github.com/apparentlymart/go-cidr/cidr:go_default_library",
+        "//vendor/github.com/coreos/tectonic-config/config/kube-addon:go_default_library",
+        "//vendor/github.com/coreos/tectonic-config/config/kube-core:go_default_library",
+        "//vendor/github.com/coreos/tectonic-config/config/tectonic-network:go_default_library",
+        "//vendor/github.com/ghodss/yaml:go_default_library",
+        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
+    ],
+)

pkg/asset/manifests/content/01-tectonic-namespace.go

@@ -0,0 +1,14 @@
+package content
+
+const (
+	// TectonicNamespace is the constant to represent contents of Tectonic_Namespace.yaml file
+	TectonicNamespace = `
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: tectonic-system # Create the namespace first.
+  labels: # network policy can only select by labels
+    name: tectonic-system
+    openshift.io/run-level: "1"
+    `
+)

pkg/asset/manifests/content/02-ingress-namespace.go

@@ -0,0 +1,17 @@
+package content
+
+const (
+	// IngressNamespace is the constant to represent contents of Ingress_Namespace.yaml file
+	IngressNamespace = `
+apiVersion: v1
+kind: Namespace
+metadata:
+  # This is the namespace used to hold the tectonic ingress controllers
+  name: openshift-ingress
+  # Give the namespace a label, so we can select for it in networkpolicy
+  labels:
+    kubernetes.io/ingress.class: tectonic
+    name: openshift-ingress
+    openshift.io/run-level: "1"
+    `
+)

pkg/asset/manifests/content/03-openshift-web-console-namespace.go

@@ -0,0 +1,15 @@
+package content
+
+const (
+	// OpenshiftWebConsoleNamespace is the constant to represent contents of Openshift_WebConsoleNamespace.yaml file
+	OpenshiftWebConsoleNamespace = `
+apiVersion: v1
+kind: Namespace
+metadata:
+  # This is the namespace used to hold the openshift console.
+  # They require openshift console run in this namespace.
+  name: openshift-web-console
+  labels:
+    name: openshift-web-console
+    `
+)

pkg/asset/manifests/content/04-openshift-machine-config-operator.go

@@ -0,0 +1,14 @@
+package content
+
+const (
+	// OpenshiftMachineConfigOperator is the constant to represent contents of Openshift_MachineConfigOperator.yaml file
+	OpenshiftMachineConfigOperator = `
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: openshift-machine-config-operator
+  labels:
+    name: openshift-machine-config-operator
+    openshift.io/run-level: "1"
+    `
+)

pkg/asset/manifests/content/05-openshift-cluster-api-namespace.go

@@ -0,0 +1,15 @@
+package content
+
+const (
+	// OpenshiftClusterAPINamespace is the constant to represent contents of Openshift_ClusterApiNamespace.yaml file
+	OpenshiftClusterAPINamespace = `
+apiVersion: v1
+kind: Namespace
+metadata:
+  # This is the namespace used to hold cluster-api components.
+  name: openshift-cluster-api
+  labels:
+    name: openshift-cluster-api
+    openshift.io/run-level: "1"
+    `
+)

pkg/asset/manifests/content/BUILD.bazel

@@ -0,0 +1,32 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "go_default_library",
+    srcs = [
+        "01-tectonic-namespace.go",
+        "02-ingress-namespace.go",
+        "03-openshift-web-console-namespace.go",
+        "04-openshift-machine-config-operator.go",
+        "05-openshift-cluster-api-namespace.go",
+        "app-version-kind.go",
+        "app-version-mao.go",
+        "app-version-tectonic-network.go",
+        "cluster-apiserver-certs.go",
+        "ign-config.go",
+        "kube-apiserver-secret.go",
+        "kube-cloud-config.go",
+        "kube-controller-manager-secret.go",
+        "machine-api-operator.go",
+        "machine-config-operator-00-config-crd.go",
+        "machine-config-operator-01-images-configmap.go",
+        "machine-config-operator-02-rbac.go",
+        "machine-config-operator-03-deployment.go",
+        "machine-config-server-tls-secret.go",
+        "openshift-apiserver-secret.go",
+        "operatorstatus-crd.go",
+        "pull.go",
+        "tectonic-network-operator.go",
+    ],
+    importpath = "github.com/openshift/installer/pkg/asset/manifests/content",
+    visibility = ["//visibility:public"],
+)

pkg/asset/manifests/content/app-version-kind.go

@@ -0,0 +1,17 @@
+package content
+
+const (
+	// AppVersionKind is the constant to represent contents of App_VersionKind.yaml file
+	AppVersionKind = `
+apiVersion: "apiextensions.k8s.io/v1beta1"
+kind: "CustomResourceDefinition"
+metadata:
+  name: "appversions.tco.coreos.com"
+spec:
+  group: "tco.coreos.com"
+  version: "v1"
+  names:
+    plural: "appversions"
+    kind: "AppVersion"
+    `
+)

pkg/asset/manifests/content/app-version-mao.go

@@ -0,0 +1,22 @@
+package content
+
+const (
+	// AppVersionMao is the constant to represent contents of App_VersionMao.yaml file
+	AppVersionMao = `
+apiVersion: tco.coreos.com/v1
+kind: AppVersion
+metadata:
+  name: machine-api
+  namespace: tectonic-system
+  labels:
+    managed-by-channel-operator: "true"
+spec:
+  desiredVersion:
+  paused: false
+status:
+  currentVersion:
+  paused: false
+upgradereq:  1
+upgradecomp: 0
+`
+)

pkg/asset/manifests/content/app-version-tectonic-network.go

@@ -0,0 +1,22 @@
+package content
+
+const (
+	// AppVersionTectonicNetwork is the constant to represent contents of App_VersionTectonicNetwork.yaml file
+	AppVersionTectonicNetwork = `
+apiVersion: tco.coreos.com/v1
+kind: AppVersion
+metadata:
+  name: tectonic-network
+  namespace: kube-system
+  labels:
+    managed-by-channel-operator: "true"
+spec:
+  desiredVersion:
+  paused: false
+status:
+  currentVersion:
+  paused: false
+upgradereq:  1
+upgradecomp: 0
+`
+)

pkg/asset/manifests/content/cluster-apiserver-certs.go

@@ -0,0 +1,23 @@
+package content
+
+import (
+	"text/template"
+)
+
+var (
+	// ClusterApiserverCerts is the constant to represent contents of cluster_apiservercerts.yaml file
+	ClusterApiserverCerts = template.Must(template.New("cluster-apiserver-certs.yaml").Parse(`
+apiVersion: v1
+kind: Secret
+type: kubernetes.io/tls
+metadata:
+  name: cluster-apiserver-certs
+  namespace: openshift-cluster-api
+  labels:
+    api: clusterapi
+    apiserver: "true"
+data:
+  tls.crt: {{.ClusterapiCaCert}}
+  tls.key: {{.ClusterapiCaKey}}
+  `))
+)

pkg/asset/manifests/content/ign-config.go

@@ -0,0 +1,19 @@
+package content
+
+import (
+	"text/template"
+)
+
+var (
+	// IgnConfig is the constant to represent contents of ign_config.yaml file
+	IgnConfig = template.Must(template.New("ign-config.yaml").Parse(`
+apiVersion: v1
+kind: Secret
+metadata:
+  name: ignition-worker
+  namespace: openshift-cluster-api
+type: Opaque
+data:
+  userData: {{.WorkerIgnConfig}}
+  `))
+)

pkg/asset/manifests/content/kube-apiserver-secret.go

@@ -0,0 +1,35 @@
+package content
+
+import (
+	"text/template"
+)
+
+var (
+	// KubeApiserverSecret is the constant to represent contents of kube_apiserversecret.yaml file
+	KubeApiserverSecret = template.Must(template.New("kube-apiserver-secret.yaml").Parse(`
+apiVersion: v1
+kind: Secret
+metadata:
+  name: kube-apiserver
+  namespace: kube-system
+type: Opaque
+data:
+  aggregator-ca.crt: {{.AggregatorCaCert}}
+  aggregator-ca.key: {{.AggregatorCaKey}}
+  apiserver.key: {{.ApiserverKey}}
+  apiserver.crt: {{.ApiserverCert}}
+  apiserver-proxy.key: {{.ApiserverProxyKey}}
+  apiserver-proxy.crt: {{.ApiserverProxyCert}}
+  service-account.pub: {{.ServiceaccountPub}}
+  service-account.key: {{.ServiceaccountKey}}
+  root-ca.crt: {{.RootCaCert}}
+  kube-ca.crt: {{.KubeCaCert}}
+  etcd-client-ca.crt: {{.EtcdCaCert}}
+  etcd-client.crt: {{.EtcdClientCert}}
+  etcd-client.key: {{.EtcdClientKey}}
+  oidc-ca.crt: {{.OidcCaCert}}
+  service-serving-ca.crt: {{.ServiceServingCaCert}}
+  service-serving-ca.key: {{.ServiceServingCaKey}}
+  kubeconfig: {{.OpenshiftLoopbackKubeconfig}}
+  `))
+)

pkg/asset/manifests/content/kube-cloud-config.go

@@ -0,0 +1,19 @@
+package content
+
+import (
+	"text/template"
+)
+
+var (
+	// KubeCloudConfig is the constant to represent contents of kube_cloudconfig.yaml file
+	KubeCloudConfig = template.Must(template.New("kube-cloud-config.yaml").Parse(`
+apiVersion: v1
+kind: Secret
+metadata:
+  name: kube-cloud-cfg
+  namespace: kube-system
+type: Opaque
+data:
+  config: ""
+  `))
+)

pkg/asset/manifests/content/kube-controller-manager-secret.go

@@ -0,0 +1,22 @@
+package content
+
+import (
+	"text/template"
+)
+
+var (
+	// KubeControllerManagerSecret is the constant to represent contents of kube_controllermanagersecret.yaml file
+	KubeControllerManagerSecret = template.Must(template.New("kube-controller-manager-secret.yaml").Parse(`
+apiVersion: v1
+kind: Secret
+metadata:
+  name: kube-controller-manager
+  namespace: kube-system
+type: Opaque
+data:
+  service-account.key: {{.ServiceaccountKey}}
+  root-ca.crt: {{.RootCaCert}}
+  kube-ca.crt: {{.KubeCaCert}}
+  kube-ca.key: {{.KubeCaKey}}
+  `))
+)