feat: import fixes/updates from kubeadm bootstrap provider

This adds new conditions, and some small features, cleaning up failure conditions. Some changes: * tests no longer set up owner refs, they should be set by core CAPI controllers * set correctly `BootstrapRef` * TalosConfig controller no longer fails when requeueing is handled by watches * more tests for conditions With conditions enabled there should be no longer required to look into the controller logs to see why reconciliation failed. Signed-off-by: Andrey Smirnov <[email protected]>
siderolabs · Oct 7, 2021 · 04742b9 · 04742b9
1 parent 548b7fb
commit 04742b9
Show file tree

Hide file tree

Showing 15 changed files with 401 additions and 87 deletions.
diff --git a/.drone.yml b/.drone.yml
@@ -5,7 +5,7 @@ name: default
 
 services:
   - name: docker
-    image: docker:20.10-dind
+    image: ghcr.io/smira/docker:20.10-dind-hacked
     entrypoint: [dockerd]
     privileged: true
     volumes:
@@ -53,6 +53,7 @@ steps:
       INTEGRATION_SKIP_CLEANUP: 1 # make things a bit faster
     commands:
       - make env-up
+      - make release-manifests
       - make test
     when:
       event:
@@ -74,6 +75,10 @@ steps:
     environment:
       CODECOV_TOKEN:
         from_secret: CODECOV_TOKEN
+    when:
+      event:
+        include:
+          - pull_request
     volumes:
       - name: docker-socket
         path: /var/run
@@ -176,6 +181,6 @@ depends_on:
 
 ---
 kind: signature
-hmac: a7d3d09b2ec221337f14cde8f5f2a872a4c3500df09b7f27e6a169a4eb35944b
+hmac: 405eea502f51dfc9368f81971ca97c96ac99f5fff6ddc1afa613894e80dd67c2
 
 ...
diff --git a/Dockerfile b/Dockerfile
@@ -55,7 +55,10 @@ COPY --from=generate-build /src/api /api
 FROM build AS integration-test-build
 ENV CGO_ENABLED 1
 ARG TALOS_VERSION
-ARG GO_LDFLAGS="-linkmode=external -extldflags '-static' -X github.com/talos-systems/cluster-api-bootstrap-provider-talos/internal/integration.TalosVersion=${TALOS_VERSION}"
+ARG TAG
+ARG ARTIFACTS
+ARG PKG=github.com/talos-systems/cluster-api-bootstrap-provider-talos/internal/integration
+ARG GO_LDFLAGS="-linkmode=external -extldflags '-static' -X ${PKG}.TalosVersion=${TALOS_VERSION} -X ${PKG}.Artifacts=${ARTIFACTS} -X ${PKG}.Tag=${TAG}"
 RUN --mount=type=cache,target=/.cache go test -race -ldflags "${GO_LDFLAGS}" -coverpkg=./... -v -c ./internal/integration
 
 FROM scratch AS integration-test
@@ -74,7 +77,7 @@ RUN cd config/manager \
   && kustomize build config/default > /bootstrap-components.yaml \
   && cp config/metadata/metadata.yaml /metadata.yaml
 
-FROM scratch AS release
+FROM scratch AS release-manifests
 ARG TAG
 COPY --from=release-build /bootstrap-components.yaml /bootstrap-talos/${TAG}/bootstrap-components.yaml
 COPY --from=release-build /metadata.yaml /bootstrap-talos/${TAG}/metadata.yaml

diff --git a/Makefile b/Makefile
@@ -31,6 +31,7 @@ COMMON_ARGS += --build-arg=TOOLS=$(TOOLS)
 COMMON_ARGS += --build-arg=CONTROLLER_GEN_VERSION=$(CONTROLLER_GEN_VERSION)
 COMMON_ARGS += --build-arg=CONVERSION_GEN_VERSION=$(CONVERSION_GEN_VERSION)
 COMMON_ARGS += --build-arg=TALOS_VERSION=$(TALOS_VERSION)
+COMMON_ARGS += --build-arg=ARTIFACTS=$(ARTIFACTS)
 
 all: manifests container
 
@@ -91,10 +92,13 @@ release-notes: ## Create the release notes.
 	@mkdir -p $(ARTIFACTS)
 	ARTIFACTS=$(ARTIFACTS) ./hack/release.sh $@ $(ARTIFACTS)/RELEASE_NOTES.md $(TAG)
 
-.PHONY: release
-release: manifests container release-notes ## Create the release YAML. The build result will be ouput to the specified local destination.
+.PHONY: release-manifests
+release-manifests:
 	@$(MAKE) local-$@ DEST=./$(ARTIFACTS) PLATFORM=linux/amd64
 
+.PHONY: release
+release: manifests container release-notes release-manifests ## Create the release YAML. The build result will be ouput to the specified local destination.
+
 .PHONY: deploy
 deploy: manifests ## Deploy to a cluster. This is for testing purposes only.
 	kubectl apply -k config/default

diff --git a/README.md b/README.md
@@ -2,15 +2,14 @@
 
 ## Intro
 
-The Cluster API Bootstrap Provider Talos (CABPT) is a project by [Talos Systems](https://www.talos-systems.com/) that provides a [Cluster API](https://github.com/kubernetes-sigs/cluster-api)(CAPI) bootstrap provider for use in deploying Talos-based Kubernetes nodes across any environment.
+The Cluster API Bootstrap Provider Talos (CABPT) is a project by [Sidero Labs](https://www.siderolabs.com/) that provides a [Cluster API](https://github.com/kubernetes-sigs/cluster-api)(CAPI) bootstrap provider for use in deploying Talos-based Kubernetes nodes across any environment.
 Given some basic info, this provider will generate bootstrap configurations for a given machine and reconcile the necessary custom resources for CAPI to pick up the generated data.
 
 ## Corequisites
 
 There are a few corequisites and assumptions that go into using this project:
 
 - [Cluster API](https://github.com/kubernetes-sigs/cluster-api)
-- [Cluster API Provider Metal](https://github.com/talos-systems/cluster-api-provider-metal) (optional)
 
 ## Building and Installing
 
@@ -24,14 +23,14 @@ You will need at least the upstream CAPI components and an infrastructure provid
 
 ## Usage
 
-CAPM supports a single API type, a TalosConfig.
+CABPT supports a single API type, a TalosConfig.
 You can create YAML definitions of a TalosConfig and `kubectl apply` them as part of a larger CAPI cluster deployment.
 Below is a bare-minimum example.
 
 A basic config:
 
 ```yaml
-apiVersion: bootstrap.cluster.x-k8s.io/v1alpha2
+apiVersion: bootstrap.cluster.x-k8s.io/v1alpha3
 kind: TalosConfig
 metadata:
   name: talos-0
@@ -48,13 +47,13 @@ When creating a TalosConfig this way, you can then retrieve the talosconfig file
 
 If you wish to do something more complex, we allow for the ability to supply an entire Talos config file to the resource.
 This can be done by setting the generateType to `none` and specifying a `data` field.
-This config file can be generated with `osctl config generate` and the edited to supply the various options you may desire.
+This config file can be generated with `talosctl config generate` and the edited to supply the various options you may desire.
 This full config is blindly copied from the `data` section of the spec and presented under `.status.bootstrapData` so that the upstream CAPI controllers can see it and make use.
 
 An example of a more complex config:
 
 ```yaml
-apiVersion: bootstrap.cluster.x-k8s.io/v1alpha2
+apiVersion: bootstrap.cluster.x-k8s.io/v1alpha3
 kind: TalosConfig
 metadata:
   name: talos-0
@@ -72,5 +71,5 @@ spec:
     ...
 ```
 
-Note that specifying the full config above removes the ability for our bootstrap provider to generate a talosconfig for use.
-As such, you should keep track of the talosconfig that's generated when running `osctl config generate`.
+Note that specifying the full config above removes the ability for our bootstrap provider to generate a machine configuration for use.
+As such, you should keep track of the machine configuration that's generated when running `talosctl config generate`.
diff --git a/api/v1alpha3/conditions.go b/api/v1alpha3/conditions.go
@@ -0,0 +1,32 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+package v1alpha3
+
+import (
+	capiv1 "sigs.k8s.io/cluster-api/api/v1alpha4"
+)
+
+// Conditions and condition Reasons for the TalosConfig object
+
+const (
+	// DataSecretAvailableCondition documents the status of the bootstrap secret generation process.
+	//
+	// NOTE: When the DataSecret generation starts the process completes immediately and within the
+	// same reconciliation, so the user will always see a transition from Wait to Generated without having
+	// evidence that BootstrapSecret generation is started/in progress.
+	DataSecretAvailableCondition capiv1.ConditionType = "DataSecretAvailable"
+
+	// WaitingForClusterInfrastructureReason (Severity=Info) document a bootstrap secret generation process
+	// waiting for the cluster infrastructure to be ready.
+	//
+	// NOTE: Having the cluster infrastructure ready is a pre-condition for starting to create machines;
+	// the TalosConfig controller ensure this pre-condition is satisfied.
+	WaitingForClusterInfrastructureReason = "WaitingForClusterInfrastructure"
+
+	// DataSecretGenerationFailedReason (Severity=Warning) documents a TalosConfig controller detecting
+	// an error while generating a data secret; those kind of errors are usually due to misconfigurations
+	// and user intervention is required to get them fixed.
+	DataSecretGenerationFailedReason = "DataSecretGenerationFailed"
+)
diff --git a/api/v1alpha3/talosconfig_types.go b/api/v1alpha3/talosconfig_types.go
@@ -6,6 +6,7 @@ package v1alpha3
 
 import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	capiv1 "sigs.k8s.io/cluster-api/api/v1alpha4"
 )
 
 const (
@@ -42,6 +43,14 @@ type TalosConfigStatus struct {
 	// FailureMessage will be set on non-retryable errors
 	// +optional
 	FailureMessage string `json:"failureMessage,omitempty"`
+
+	// ObservedGeneration is the latest generation observed by the controller.
+	// +optional
+	ObservedGeneration int64 `json:"observedGeneration,omitempty"`
+
+	// Conditions defines current service state of the TalosConfig.
+	// +optional
+	Conditions capiv1.Conditions `json:"conditions,omitempty"`
 }
 
 // +kubebuilder:object:root=true
@@ -58,6 +67,16 @@ type TalosConfig struct {
 	Status TalosConfigStatus `json:"status,omitempty"`
 }
 
+// GetConditions returns the set of conditions for this object.
+func (c *TalosConfig) GetConditions() capiv1.Conditions {
+	return c.Status.Conditions
+}
+
+// SetConditions sets the conditions on this object.
+func (c *TalosConfig) SetConditions(conditions capiv1.Conditions) {
+	c.Status.Conditions = conditions
+}
+
 // +kubebuilder:object:root=true
 
 // TalosConfigList contains a list of TalosConfig

diff --git a/api/v1alpha3/zz_generated.deepcopy.go b/api/v1alpha3/zz_generated.deepcopy.go
diff --git a/config/crd/bases/bootstrap.cluster.x-k8s.io_talosconfigs.yaml b/config/crd/bases/bootstrap.cluster.x-k8s.io_talosconfigs.yaml
@@ -118,6 +118,50 @@ spec:
           status:
             description: TalosConfigStatus defines the observed state of TalosConfig
             properties:
+              conditions:
+                description: Conditions defines current service state of the TalosConfig.
+                items:
+                  description: Condition defines an observation of a Cluster API resource
+                    operational state.
+                  properties:
+                    lastTransitionTime:
+                      description: Last time the condition transitioned from one status
+                        to another. This should be when the underlying condition changed.
+                        If that is not known, then using the time when the API field
+                        changed is acceptable.
+                      format: date-time
+                      type: string
+                    message:
+                      description: A human readable message indicating details about
+                        the transition. This field may be empty.
+                      type: string
+                    reason:
+                      description: The reason for the condition's last transition
+                        in CamelCase. The specific API may choose whether or not this
+                        field is considered a guaranteed API. This field may not be
+                        empty.
+                      type: string
+                    severity:
+                      description: Severity provides an explicit classification of
+                        Reason code, so the users or machines can immediately understand
+                        the current situation and act accordingly. The Severity field
+                        MUST be set only when Status=False.
+                      type: string
+                    status:
+                      description: Status of the condition, one of True, False, Unknown.
+                      type: string
+                    type:
+                      description: Type of condition in CamelCase or in foo.example.com/CamelCase.
+                        Many .condition.type values are consistent across resources
+                        like Available, but because arbitrary conditions can be useful
+                        (see .node.status.conditions), the ability to deconflict is
+                        important.
+                      type: string
+                  required:
+                  - status
+                  - type
+                  type: object
+                type: array
               dataSecretName:
                 description: DataSecretName is the name of the secret that stores
                   the bootstrap data script.
@@ -128,6 +172,11 @@ spec:
               failureReason:
                 description: FailureReason will be set on non-retryable errors
                 type: string
+              observedGeneration:
+                description: ObservedGeneration is the latest generation observed
+                  by the controller.
+                format: int64
+                type: integer
               ready:
                 description: Ready indicates the BootstrapData field is ready to be
                   consumed