feat: implement ConfigurationPlan CRD and Reconciler#16
Conversation
Signed-off-by: Vaishnav88sk <vaishnavsk8804@gmail.com>
|
That's pretty fast! Have you been able to test it out from end to end? Because I haven't published any documentation yet on how to deploy it, how to configure the Reshapr control plane to allow Kubernetes service account authentication and so on ... |
Haha! Actually started coding when we discussed earlier.. I haven't been able to test the full end-to-end flow against a secured Reshapr control plane yet. I've only tested the operator-side logic locally using Quarkus The reason I couldn't test the full flow is twofold:
Because I can't do end-to-end testing locally, this isn't a finalized PR. I think you might be much better equipped to test it with your system setup! And regarding the deployment docs, I just set it up following the normal standard processes. |
|
Here is, for information, how I am testing things locally:
|
|
Ahhh, Thanks for it. I actually did by simple process. But I'll validate this by given flow. This is how I'm learning deeper things 😉. Will need some time for this and then I'll update here. |
Description
This PR implements the
ConfigurationPlanCustom Resource Definition and its Reconciler, addressing the GitOps tenant lifecycle management requirements outlined in #13.Key Changes:
reshapr-kube-api): IntroducedConfigurationPlan,ConfigurationPlanSpec,ConfigurationPlanStatus, andOAuth2Specfollowing the GitOps framework.reshapr-kube-operator): ImplementedConfigurationPlanReconcilerwhich extendsBaseReshaprReconcilerto manage synchronization with the Reshapr control plane.Secretresources (Type:ENDPOINT) whenoauth2credentials are provided in the CRD.ConfigurationPlanon the remote platform, tracking thebackendSecretIdand generating API keys natively.Verification Logs
Verified locally using Quarkus dev mode. The operator successfully parses the CRD, registers the Reconciler, intercepts the new resource, and initiates the authentication flow:
Operator Initialization:
(Note: Authentication failure is expected during local execution outside the cluster since the projected service account token volume is absent).
Note to Maintainers (@lbroudoux ):
ConfigurationPlan, thebackendEndpointproperty is marked as@Nonnull, but it was omitted in the Issue Provide aConfigurationPlanReconcilerfor importing/syncing config plans into Reshapr #13 design draft. I have addedbackendEndpointto the CRD Spec to prevent null reference errors during serialization.OAuth2Speccurrently maps toOAuth2ClientConfiguration. Required fields likeauthorizationEndpointandtokenEndpointhave been defaulted to empty strings during creation if not explicitly provided.Fixes #13