pulumi · EronWright · Nov 5, 2024 · Nov 5, 2024 · Nov 5, 2024
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,10 @@
 CHANGELOG
 =========
 
+## Unreleased
+
+- Improved support for using custom program sources. [#741](https://github.com/pulumi/pulumi-kubernetes-operator/pull/741) 
+
 ## 2.0.0-beta.1 (2024-10-18)
 
 - Major update to new horizontally-scalable architecture. [#725](https://github.com/pulumi/pulumi-kubernetes-operator/pull/725)

diff --git a/deploy/crds/auto.pulumi.com_workspaces.yaml b/deploy/crds/auto.pulumi.com_workspaces.yaml
@@ -401,6 +401,15 @@ spec:
                   Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
                   More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
                 type: string
+              local:
+                description: Local is the local source containing the Pulumi program.
+                properties:
+                  dir:
+                    description: |-
+                      Dir gives the subdirectory containing the Pulumi project (i.e., containing Pulumi.yaml) of
+                      interest, within the workspace image.
+                    type: string
+                type: object
               podTemplate:
                 description: PodTemplate defines a PodTemplateSpec for Workspace's
                   pods.

diff --git a/deploy/crds/pulumi.com_stacks.yaml b/deploy/crds/pulumi.com_stacks.yaml
@@ -1153,6 +1153,14 @@ spec:
                         description: PullPolicy describes a policy for if/when to
                           pull a container image
                         type: string
+                      local:
+                        description: |-
+                          LocalSourceApplyConfiguration represents an declarative configuration of the LocalSource type for use
+                          with apply.
+                        properties:
+                          dir:
+                            type: string
+                        type: object
                       podTemplate:
                         description: |-
                           EmbeddedPodTemplateSpecApplyConfiguration represents an declarative configuration of the EmbeddedPodTemplateSpec type for use
@@ -10712,6 +10720,14 @@ spec:
                         description: PullPolicy describes a policy for if/when to
                           pull a container image
                         type: string
+                      local:
+                        description: |-
+                          LocalSourceApplyConfiguration represents an declarative configuration of the LocalSource type for use
+                          with apply.
+                        properties:
+                          dir:
+                            type: string
+                        type: object
                       podTemplate:
                         description: |-
                           EmbeddedPodTemplateSpecApplyConfiguration represents an declarative configuration of the EmbeddedPodTemplateSpec type for use

diff --git a/deploy/helm/pulumi-operator/crds/auto.pulumi.com_workspaces.yaml b/deploy/helm/pulumi-operator/crds/auto.pulumi.com_workspaces.yaml
@@ -401,6 +401,15 @@ spec:
                   Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
                   More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
                 type: string
+              local:
+                description: Local is the local source containing the Pulumi program.
+                properties:
+                  dir:
+                    description: |-
+                      Dir gives the subdirectory containing the Pulumi project (i.e., containing Pulumi.yaml) of
+                      interest, within the workspace image.
+                    type: string
+                type: object
               podTemplate:
                 description: PodTemplate defines a PodTemplateSpec for Workspace's
                   pods.

diff --git a/deploy/helm/pulumi-operator/crds/pulumi.com_stacks.yaml b/deploy/helm/pulumi-operator/crds/pulumi.com_stacks.yaml
@@ -1153,6 +1153,14 @@ spec:
                         description: PullPolicy describes a policy for if/when to
                           pull a container image
                         type: string
+                      local:
+                        description: |-
+                          LocalSourceApplyConfiguration represents an declarative configuration of the LocalSource type for use
+                          with apply.
+                        properties:
+                          dir:
+                            type: string
+                        type: object
                       podTemplate:
                         description: |-
                           EmbeddedPodTemplateSpecApplyConfiguration represents an declarative configuration of the EmbeddedPodTemplateSpec type for use
@@ -10712,6 +10720,14 @@ spec:
                         description: PullPolicy describes a policy for if/when to
                           pull a container image
                         type: string
+                      local:
+                        description: |-
+                          LocalSourceApplyConfiguration represents an declarative configuration of the LocalSource type for use
+                          with apply.
+                        properties:
+                          dir:
+                            type: string
+                        type: object
                       podTemplate:
                         description: |-
                           EmbeddedPodTemplateSpecApplyConfiguration represents an declarative configuration of the EmbeddedPodTemplateSpec type for use

diff --git a/deploy/yaml/install.yaml b/deploy/yaml/install.yaml
@@ -1388,6 +1388,14 @@ spec:
                         description: PullPolicy describes a policy for if/when to
                           pull a container image
                         type: string
+                      local:
+                        description: |-
+                          LocalSourceApplyConfiguration represents an declarative configuration of the LocalSource type for use
+                          with apply.
+                        properties:
+                          dir:
+                            type: string
+                        type: object
                       podTemplate:
                         description: |-
                           EmbeddedPodTemplateSpecApplyConfiguration represents an declarative configuration of the EmbeddedPodTemplateSpec type for use
@@ -10947,6 +10955,14 @@ spec:
                         description: PullPolicy describes a policy for if/when to
                           pull a container image
                         type: string
+                      local:
+                        description: |-
+                          LocalSourceApplyConfiguration represents an declarative configuration of the LocalSource type for use
+                          with apply.
+                        properties:
+                          dir:
+                            type: string
+                        type: object
                       podTemplate:
                         description: |-
                           EmbeddedPodTemplateSpecApplyConfiguration represents an declarative configuration of the EmbeddedPodTemplateSpec type for use
@@ -19904,6 +19920,15 @@ spec:
                   Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
                   More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
                 type: string
+              local:
+                description: Local is the local source containing the Pulumi program.
+                properties:
+                  dir:
+                    description: |-
+                      Dir gives the subdirectory containing the Pulumi project (i.e., containing Pulumi.yaml) of
+                      interest, within the workspace image.
+                    type: string
+                type: object
               podTemplate:
                 description: PodTemplate defines a PodTemplateSpec for Workspace's
                   pods.

diff --git a/operator/api/auto/v1alpha1/workspace_types.go b/operator/api/auto/v1alpha1/workspace_types.go
@@ -72,6 +72,10 @@ type WorkspaceSpec struct {
 	// +optional
 	Flux *FluxSource `json:"flux,omitempty"`
 
+	// Local is the local source containing the Pulumi program.
+	// +optional
+	Local *LocalSource `json:"local,omitempty"`
+
 	// List of sources to populate environment variables in the workspace.
 	// The keys defined within a source must be a C_IDENTIFIER. All invalid keys
 	// will be reported as an event when the container is starting. When a key exists in multiple
@@ -151,7 +155,7 @@ type GitAuth struct {
 	Token *corev1.SecretKeySelector `json:"token,omitempty"`
 }
 
-// FluxSource specifies how to fetch a Fllux source artifact.
+// FluxSource specifies how to fetch a Flux source artifact.
 type FluxSource struct {
 	// URL is the URL of the artifact to fetch.
 	Url string `json:"url,omitempty"`
@@ -163,6 +167,13 @@ type FluxSource struct {
 	Dir string `json:"dir,omitempty"`
 }
 
+// LocalSource specifies how to locate a local source directory.
+type LocalSource struct {
+	// Dir gives the subdirectory containing the Pulumi project (i.e., containing Pulumi.yaml) of
+	// interest, within the workspace image.
+	Dir string `json:"dir,omitempty"`
+}
+
 type WorkspaceStack struct {
 	Name string `json:"name"`
 

diff --git a/operator/api/auto/v1alpha1/zz_generated.deepcopy.go b/operator/api/auto/v1alpha1/zz_generated.deepcopy.go
diff --git a/operator/config/crd/bases/auto.pulumi.com_workspaces.yaml b/operator/config/crd/bases/auto.pulumi.com_workspaces.yaml
@@ -401,6 +401,15 @@ spec:
                   Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
                   More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
                 type: string
+              local:
+                description: Local is the local source containing the Pulumi program.
+                properties:
+                  dir:
+                    description: |-
+                      Dir gives the subdirectory containing the Pulumi project (i.e., containing Pulumi.yaml) of
+                      interest, within the workspace image.
+                    type: string
+                type: object
               podTemplate:
                 description: PodTemplate defines a PodTemplateSpec for Workspace's
                   pods.

diff --git a/operator/config/crd/bases/pulumi.com_stacks.yaml b/operator/config/crd/bases/pulumi.com_stacks.yaml
@@ -1153,6 +1153,14 @@ spec:
                         description: PullPolicy describes a policy for if/when to
                           pull a container image
                         type: string
+                      local:
+                        description: |-
+                          LocalSourceApplyConfiguration represents an declarative configuration of the LocalSource type for use
+                          with apply.
+                        properties:
+                          dir:
+                            type: string
+                        type: object
                       podTemplate:
                         description: |-
                           EmbeddedPodTemplateSpecApplyConfiguration represents an declarative configuration of the EmbeddedPodTemplateSpec type for use
@@ -10712,6 +10720,14 @@ spec:
                         description: PullPolicy describes a policy for if/when to
                           pull a container image
                         type: string
+                      local:
+                        description: |-
+                          LocalSourceApplyConfiguration represents an declarative configuration of the LocalSource type for use
+                          with apply.
+                        properties:
+                          dir:
+                            type: string
+                        type: object
                       podTemplate:
                         description: |-
                           EmbeddedPodTemplateSpecApplyConfiguration represents an declarative configuration of the EmbeddedPodTemplateSpec type for use

diff --git a/operator/examples/custom-source/Dockerfile b/operator/examples/custom-source/Dockerfile
@@ -0,0 +1,7 @@
+FROM pulumi/pulumi:3.137.0-nonroot
+
+# Clone the git repository
+RUN git clone --depth 1 https://github.com/pulumi/examples.git /home/pulumi/examples
+
+# Preinstall the plugins for the 'stack-readme-py' program
+RUN pulumi install -C /home/pulumi/examples/stack-readme-py
diff --git a/operator/examples/custom-source/Makefile b/operator/examples/custom-source/Makefile
@@ -0,0 +1,3 @@
+.PHONY: build
+build:
+	docker build --platform=linux/amd64 -t localhost:5000/pulumi-and-app:latest .
diff --git a/operator/examples/custom-source/README.md b/operator/examples/custom-source/README.md
@@ -0,0 +1,12 @@
+Demonstrates how to use your own program source rather than relying on built-in support for Git and Flux.
+
+To use your own source, you have two options:
+
+1. Use an init container to copy Pulumi project files to `/share/workspace`, or
+2. Bake your Pulumi project files into the workspace image.
+
+This example explores the second option. The procedure is:
+
+1. Build a Docker image containing your project files. See the example Dockerfile that clones Pulumi's repository of examples. It also runs `pulumi install` to pre-install your program's dependencies.
+2. In the `Stack` specification, customize the workspace template to point to a Pulumi project within the cloned repository, using `.spec.local.dir`.
+3. Deploy the stack. The system automatically links to the local directory.
diff --git a/operator/examples/custom-source/stack.yaml b/operator/examples/custom-source/stack.yaml
@@ -0,0 +1,43 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: custom-source
+  namespace: default
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: custom-source:system:auth-delegator
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: system:auth-delegator
+subjects:
+- kind: ServiceAccount
+  name: custom-source
+  namespace: default
+---
+apiVersion: pulumi.com/v1
+kind: Stack
+metadata:
+  name: custom-source
+  namespace: default
+spec:
+  serviceAccountName: custom-source
+  stack: dev
+  refresh: true
+  continueResyncOnCommitMatch: true
+  resyncFrequencySeconds: 60
+  destroyOnFinalize: true
+  envRefs:
+    PULUMI_ACCESS_TOKEN:
+      type: Secret
+      secret:
+        name: pulumi-api-secret
+        key: accessToken
+  workspaceTemplate:
+    spec:
+      image: localhost:5000/pulumi-and-app:latest
+      imagePullPolicy: IfNotPresent
+      local:
+        dir: /home/pulumi/examples/stack-readme-py
diff --git a/operator/internal/apply/auto/v1alpha1/localsource.go b/operator/internal/apply/auto/v1alpha1/localsource.go
diff --git a/operator/internal/apply/auto/v1alpha1/workspacespec.go b/operator/internal/apply/auto/v1alpha1/workspacespec.go