Skip to content

Commit

Permalink
rework ocihooks asset
Browse files Browse the repository at this point in the history
Signed-off-by: Francesco Romani <[email protected]>
  • Loading branch information
ffromani committed Mar 24, 2023
1 parent 111a4d4 commit f2d2718
Show file tree
Hide file tree
Showing 6 changed files with 64 additions and 34 deletions.
22 changes: 16 additions & 6 deletions pkg/assets/rte/assets.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,32 +7,42 @@ import (
"github.com/k8stopologyawareschedwg/deployer/pkg/deployer/platform"
)

const (
NotifierName = "rte-notifier.sh"
)

const (
// OCPVersion4.11 is DEPRECATED and will be removed in the next versions
OCPVersion411 = "v4.11"
)

const (
selinuxPolicyDir = "selinuxpolicy"
ocihooksDir = "ocihooks"

ocpVersion410 = "v4.10"
// TODO: demote public constant here once we can remove from the public API
ocpVersion412 = "v4.12"
ocpVersion413 = "v4.13"
)

//go:embed selinuxinstall.service.template
var SELinuxInstallSystemdServiceTemplate []byte
//go:embed ocihooks
var ocihooks embed.FS

//go:embed hookconfigrtenotifier.json.template
var HookConfigRTENotifier []byte
func GetOCIHookNotifierConfig() ([]byte, error) {
return ocihooks.ReadFile(filepath.Join(ocihooksDir, "hookconfigrtenotifier.json.template"))
}

//go:embed rte-notifier.sh
var NotifierScript []byte
func GetOCIHookNotifier() ([]byte, error) {
return ocihooks.ReadFile(filepath.Join(ocihooksDir, NotifierName))
}

//go:embed selinuxpolicy
var selinuxpolicy embed.FS

//go:embed selinuxinstall.service.template
var SELinuxInstallSystemdServiceTemplate []byte

func GetSELinuxPolicy(ver platform.Version) ([]byte, error) {
// keep it ordered from most recent supported to the oldest supported
for _, cand := range []string{ocpVersion413, ocpVersion412, OCPVersion411, ocpVersion410} {
Expand Down
File renamed without changes.
66 changes: 40 additions & 26 deletions pkg/manifests/manifests.go
Original file line number Diff line number Diff line change
Expand Up @@ -428,7 +428,11 @@ func DaemonSet(component, subComponent string, plat platform.Platform, namespace
return ds, nil
}

func MachineConfig(component string, ver platform.Version) (*machineconfigv1.MachineConfig, error) {
type MachineConfigOptions struct {
EnableNotifier bool
}

func MachineConfig(component string, ver platform.Version, opts MachineConfigOptions) (*machineconfigv1.MachineConfig, error) {
if component != ComponentResourceTopologyExporter {
return nil, fmt.Errorf("component %q is not an %q component", component, ComponentResourceTopologyExporter)
}
Expand All @@ -443,7 +447,7 @@ func MachineConfig(component string, ver platform.Version) (*machineconfigv1.Mac
return nil, fmt.Errorf("unexpected type, got %t", obj)
}

ignitionConfig, err := getIgnitionConfig(ver)
ignitionConfig, err := getIgnitionConfig(ver, opts)
if err != nil {
return nil, err
}
Expand All @@ -452,7 +456,7 @@ func MachineConfig(component string, ver platform.Version) (*machineconfigv1.Mac
return mc, nil
}

func getIgnitionConfig(ver platform.Version) ([]byte, error) {
func getIgnitionConfig(ver platform.Version, opts MachineConfigOptions) ([]byte, error) {
var files []igntypes.File

// get SELinux policy
Expand All @@ -464,29 +468,6 @@ func getIgnitionConfig(ver platform.Version) ([]byte, error) {
// load SELinux policy
files = addFileToIgnitionConfig(files, selinuxPolicy, 0644, seLinuxRTEPolicyDst)

// load RTE notifier OCI hook config
notifierHookConfigContent, err := getTemplateContent(rteassets.HookConfigRTENotifier, map[string]string{
templateNotifierBinaryDst: filepath.Join(defaultScriptsDir, "rte-notifier.sh"),
templateNotifierFilePath: filepath.Join(hostNotifierDir, rteNotifierFileName),
})
if err != nil {
return nil, err
}
files = addFileToIgnitionConfig(
files,
notifierHookConfigContent,
0644,
filepath.Join(defaultOCIHooksDir, "rte-notifier.json"),
)

// load RTE notifier script
files = addFileToIgnitionConfig(
files,
rteassets.NotifierScript,
0755,
filepath.Join(defaultScriptsDir, "rte-notifier.sh"),
)

// load systemd service to install SELinux policy
systemdServiceContent, err := getTemplateContent(
rteassets.SELinuxInstallSystemdServiceTemplate,
Expand All @@ -498,6 +479,39 @@ func getIgnitionConfig(ver platform.Version) ([]byte, error) {
return nil, err
}

if opts.EnableNotifier {
// load RTE notifier OCI hook config
hooknotifierConfig, err := rteassets.GetOCIHookNotifierConfig()
if err != nil {
return nil, err
}
notifierHookConfigContent, err := getTemplateContent(hooknotifierConfig, map[string]string{
templateNotifierBinaryDst: filepath.Join(defaultScriptsDir, rteassets.NotifierName),
templateNotifierFilePath: filepath.Join(hostNotifierDir, rteNotifierFileName),
})
if err != nil {
return nil, err
}
files = addFileToIgnitionConfig(
files,
notifierHookConfigContent,
0644,
filepath.Join(defaultOCIHooksDir, "rte-notifier.json"),
)

notifierScript, err := rteassets.GetOCIHookNotifier()
if err != nil {
return nil, err
}
// load RTE notifier script
files = addFileToIgnitionConfig(
files,
notifierScript,
0755,
filepath.Join(defaultScriptsDir, rteassets.NotifierName),
)
}

ignitionConfig := &igntypes.Config{
Ignition: igntypes.Ignition{
Version: defaultIgnitionVersion,
Expand Down
5 changes: 4 additions & 1 deletion pkg/manifests/manifests_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -591,7 +591,10 @@ func TestMachineConfig(t *testing.T) {

for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
mc, err := MachineConfig(ComponentResourceTopologyExporter, platform.Version(tc.platformVersion))
mcOpts := MachineConfigOptions{
EnableNotifier: true,
}
mc, err := MachineConfig(ComponentResourceTopologyExporter, platform.Version(tc.platformVersion), mcOpts)
if err != nil {
t.Fatalf("unexpected error: %v", err)
}
Expand Down
5 changes: 4 additions & 1 deletion pkg/manifests/rte/rte.go
Original file line number Diff line number Diff line change
Expand Up @@ -271,7 +271,10 @@ func GetManifests(plat platform.Platform, version platform.Version, namespace st
mf := New(plat)

if plat == platform.OpenShift {
mf.MachineConfig, err = manifests.MachineConfig(manifests.ComponentResourceTopologyExporter, version)
mcOpts := manifests.MachineConfigOptions{
EnableNotifier: true,
}
mf.MachineConfig, err = manifests.MachineConfig(manifests.ComponentResourceTopologyExporter, version, mcOpts)
if err != nil {
return mf, err
}
Expand Down

0 comments on commit f2d2718

Please sign in to comment.