Initial implementation

.dockerignore

@@ -0,0 +1,4 @@
+# More info: https://docs.docker.com/engine/reference/builder/#dockerignore-file
+# Ignore build and test binaries.
+bin/
+testbin/

.gitignore

@@ -0,0 +1,40 @@
+
+# Binaries for programs and plugins
+*.exe
+*.exe~
+*.dll
+*.so
+*.dylib
+bin
+testbin/*
+Dockerfile.cross
+
+# Test binary, build with `go test -c`
+*.test
+
+# Output of the go coverage tool, specifically when used with LiteIDE
+*.out
+
+# Kubernetes Generated files - skip generated files, except for vendored files
+
+!vendor/**/zz_generated.*
+
+# editor and IDE paraphernalia
+.idea
+*.swp
+*.swo
+*~
+
+
+# IDE
+.vscode
+.idea
+
+# ignore output by test
+/**/_test
+
+# 
+policy-collection
+out
+work
+kubeconfig.*

.golangci.yaml

@@ -0,0 +1,24 @@
+linters-settings:
+  misspell:
+    ignore-words:
+    - creater
+
+linters:
+  enable:
+  - asciicheck
+  - bidichk
+  - durationcheck
+  - errname
+  - errorlint
+  - exportloopref
+  - gofmt
+  - gosimple
+  - govet
+  - importas
+  - ineffassign
+  - misspell
+  - nilerr
+  - unconvert
+  - unused
+  - errcheck
+  - nolintlint

Dockerfile

@@ -0,0 +1,48 @@
+# Build the manager binary
+FROM golang:1.19 as builder
+ARG TARGETOS
+ARG TARGETARCH
+
+WORKDIR /workspace
+# Copy the Go Modules manifests
+COPY go.mod go.mod
+COPY go.sum go.sum
+# cache deps before building and copying source so that we don't need to re-download as much
+# and so that source changes don't invalidate our downloaded layer
+RUN go mod download
+
+# Copy the go source
+COPY main.go main.go
+COPY api/ api/
+COPY controllers/ controllers/
+COPY pkg/ pkg/
+
+# Build
+# the GOARCH has not a default value to allow the binary be built according to the host where the command
+# was called. For example, if we call make docker-build in a local env which has the Apple Silicon M1 SO
+# the docker BUILDPLATFORM arg will be linux/arm64 when for Apple x86 it will be linux/amd64. Therefore,
+# by leaving it empty we can ensure that the container and binary shipped on it will have the same platform.
+RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -a -o manager main.go
+
+RUN wget https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v5.0.1/kustomize_v5.0.1_linux_${TARGETARCH}.tar.gz
+RUN tar zxvf kustomize_v5.0.1_linux_${TARGETARCH}.tar.gz
+RUN wget https://github.com/open-cluster-management-io/policy-generator-plugin/archive/refs/tags/v1.11.0.tar.gz
+RUN tar zxvf v1.11.0.tar.gz
+RUN cd policy-generator-plugin-1.11.0; CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -o . ./cmd/PolicyGenerator
+
+FROM busybox:1.35.0-uclibc as busybox
+
+# Use distroless as minimal base image to package the manager binary
+# Refer to https://github.com/GoogleContainerTools/distroless for more details
+FROM gcr.io/distroless/static:nonroot
+COPY --from=busybox /bin/sh /bin/sh
+COPY --from=busybox /bin/mkdir /bin/mkdir
+
+WORKDIR /
+COPY --from=builder /workspace/manager .
+COPY --from=builder /workspace/kustomize /bin/kustomize
+RUN mkdir -p /home/nonroot/.config/kustomize/plugin/policy.open-cluster-management.io/v1/policygenerator
+COPY --from=builder /workspace/policy-generator-plugin-1.11.0/PolicyGenerator /home/nonroot/.config/kustomize/plugin/policy.open-cluster-management.io/v1/policygenerator/PolicyGenerator
+USER 65532:65532
+
+ENTRYPOINT ["/manager"]