From 0eba9662e61e9ed7130bb056ad6def921d883844 Mon Sep 17 00:00:00 2001 From: Somtochi Onyekwere Date: Thu, 19 Oct 2023 14:07:28 +0100 Subject: [PATCH] prevent flux install from overriding bootrapped cluster Signed-off-by: Somtochi Onyekwere --- cmd/flux/cluster_info.go | 87 ++++ cmd/flux/cluster_info_test.go | 132 ++++++ cmd/flux/install.go | 14 + .../cluster_info/gitrepositories.yaml | 424 ++++++++++++++++++ 4 files changed, 657 insertions(+) create mode 100644 cmd/flux/cluster_info.go create mode 100644 cmd/flux/cluster_info_test.go create mode 100644 cmd/flux/testdata/cluster_info/gitrepositories.yaml diff --git a/cmd/flux/cluster_info.go b/cmd/flux/cluster_info.go new file mode 100644 index 00000000..0a1f59bf --- /dev/null +++ b/cmd/flux/cluster_info.go @@ -0,0 +1,87 @@ +/* +Copyright 2023 The Flux authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package main + +import ( + "context" + "fmt" + + apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" + "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "sigs.k8s.io/controller-runtime/pkg/client" + + kustomizev1 "github.com/fluxcd/kustomize-controller/api/v1" + sourcev1 "github.com/fluxcd/source-controller/api/v1" +) + +// bootstrapLabels are labels put on a resource by kustomize-controller. These labels on the CRD indicates +// that flux has been bootstrapped. +var bootstrapLabels = []string{ + fmt.Sprintf("%s/name", kustomizev1.GroupVersion.Group), + fmt.Sprintf("%s/namespace", kustomizev1.GroupVersion.Group), +} + +// fluxClusterInfo contains information about an existing flux installation on a cluster. +type fluxClusterInfo struct { + // bootstrapped indicates that Flux was installed using the `flux bootstrap` command. + bootstrapped bool + // managedBy is the name of the tool being used to manage the installation of Flux. + managedBy string + // version is the Flux version number in semver format. + version string +} + +// getFluxClusterInfo returns information on the Flux installation running on the cluster. +// If the information cannot be retrieved, the boolean return value will be false. +// If an error occurred, the returned error will be non-nil. +// +// This function retrieves the GitRepository CRD from the cluster and checks it +// for a set of labels used to determine the Flux version and how Flux was installed. +func getFluxClusterInfo(ctx context.Context, c client.Client) (fluxClusterInfo, bool, error) { + var info fluxClusterInfo + crdMetadata := &metav1.PartialObjectMetadata{ + TypeMeta: metav1.TypeMeta{ + APIVersion: apiextensionsv1.SchemeGroupVersion.String(), + Kind: "CustomResourceDefinition", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: fmt.Sprintf("gitrepositories.%s", sourcev1.GroupVersion.Group), + }, + } + if err := c.Get(ctx, client.ObjectKeyFromObject(crdMetadata), crdMetadata); err != nil { + if errors.IsNotFound(err) { + return info, false, nil + } + return info, false, err + } + + info.version = crdMetadata.Labels["app.kubernetes.io/version"] + + var present bool + for _, l := range bootstrapLabels { + _, present = crdMetadata.Labels[l] + } + if present { + info.bootstrapped = true + } + + if manager, ok := crdMetadata.Labels["app.kubernetes.io/managed-by"]; ok { + info.managedBy = manager + } + return info, true, nil +} diff --git a/cmd/flux/cluster_info_test.go b/cmd/flux/cluster_info_test.go new file mode 100644 index 00000000..bce39be9 --- /dev/null +++ b/cmd/flux/cluster_info_test.go @@ -0,0 +1,132 @@ +/* +Copyright 2023 The Flux authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package main + +import ( + "context" + "fmt" + "os" + "testing" + + . "github.com/onsi/gomega" + apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" + "k8s.io/apimachinery/pkg/runtime" + "sigs.k8s.io/controller-runtime/pkg/client/fake" + + kustomizev1 "github.com/fluxcd/kustomize-controller/api/v1" + "github.com/fluxcd/pkg/ssa" +) + +func Test_getFluxClusterInfo(t *testing.T) { + g := NewWithT(t) + f, err := os.Open("./testdata/cluster_info/gitrepositories.yaml") + g.Expect(err).To(BeNil()) + + objs, err := ssa.ReadObjects(f) + g.Expect(err).To(Not(HaveOccurred())) + gitrepo := objs[0] + + tests := []struct { + name string + labels map[string]string + wantErr bool + wantBool bool + wantInfo fluxClusterInfo + }{ + { + name: "no git repository CRD present", + wantBool: false, + }, + { + name: "CRD with kustomize-controller labels", + labels: map[string]string{ + fmt.Sprintf("%s/name", kustomizev1.GroupVersion.Group): "flux-system", + fmt.Sprintf("%s/namespace", kustomizev1.GroupVersion.Group): "flux-system", + "app.kubernetes.io/version": "v2.1.0", + }, + wantBool: true, + wantInfo: fluxClusterInfo{ + version: "v2.1.0", + bootstrapped: true, + }, + }, + { + name: "CRD with kustomize-controller labels and managed-by label", + labels: map[string]string{ + fmt.Sprintf("%s/name", kustomizev1.GroupVersion.Group): "flux-system", + fmt.Sprintf("%s/namespace", kustomizev1.GroupVersion.Group): "flux-system", + "app.kubernetes.io/version": "v2.1.0", + "app.kubernetes.io/managed-by": "flux", + }, + wantBool: true, + wantInfo: fluxClusterInfo{ + version: "v2.1.0", + bootstrapped: true, + managedBy: "flux", + }, + }, + { + name: "CRD with only managed-by label", + labels: map[string]string{ + "app.kubernetes.io/version": "v2.1.0", + "app.kubernetes.io/managed-by": "helm", + }, + wantBool: true, + wantInfo: fluxClusterInfo{ + version: "v2.1.0", + managedBy: "helm", + }, + }, + { + name: "CRD with no labels", + labels: map[string]string{}, + wantBool: true, + }, + { + name: "CRD with only version label", + labels: map[string]string{ + "app.kubernetes.io/version": "v2.1.0", + }, + wantBool: true, + wantInfo: fluxClusterInfo{ + version: "v2.1.0", + }, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + g := NewWithT(t) + newscheme := runtime.NewScheme() + apiextensionsv1.AddToScheme(newscheme) + builder := fake.NewClientBuilder().WithScheme(newscheme) + if tt.labels != nil { + gitrepo.SetLabels(tt.labels) + builder = builder.WithRuntimeObjects(gitrepo) + } + + client := builder.Build() + info, present, err := getFluxClusterInfo(context.Background(), client) + if tt.wantErr { + g.Expect(err).To(HaveOccurred()) + } + + g.Expect(present).To(Equal(tt.wantBool)) + g.Expect(info).To(BeEquivalentTo(tt.wantInfo)) + }) + } +} diff --git a/cmd/flux/install.go b/cmd/flux/install.go index 53712021..6580c0e4 100644 --- a/cmd/flux/install.go +++ b/cmd/flux/install.go @@ -183,6 +183,20 @@ func installCmdRun(cmd *cobra.Command, args []string) error { logger.Successf("manifests build completed") logger.Actionf("installing components in %s namespace", *kubeconfigArgs.Namespace) + kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions) + if err != nil { + return err + } + + info, installed, err := getFluxClusterInfo(ctx, kubeClient) + if err != nil { + return fmt.Errorf("cluster info unavailable: %w", err) + } + + if installed && info.bootstrapped { + return fmt.Errorf("this cluster has already been bootstrapped with Flux %s! Please use 'flux bootstrap' to upgrade", info.version) + } + applyOutput, err := utils.Apply(ctx, kubeconfigArgs, kubeclientOptions, tmpDir, filepath.Join(tmpDir, manifest.Path)) if err != nil { return fmt.Errorf("install failed: %w", err) diff --git a/cmd/flux/testdata/cluster_info/gitrepositories.yaml b/cmd/flux/testdata/cluster_info/gitrepositories.yaml new file mode 100644 index 00000000..3e4ba5c7 --- /dev/null +++ b/cmd/flux/testdata/cluster_info/gitrepositories.yaml @@ -0,0 +1,424 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.12.0 + name: gitrepositories.source.toolkit.fluxcd.io +spec: + group: source.toolkit.fluxcd.io + names: + kind: GitRepository + listKind: GitRepositoryList + plural: gitrepositories + shortNames: + - gitrepo + singular: gitrepository + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.url + name: URL + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v1 + schema: + openAPIV3Schema: + description: GitRepository is the Schema for the gitrepositories API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: GitRepositorySpec specifies the required configuration to + produce an Artifact for a Git repository. + properties: + ignore: + description: Ignore overrides the set of excluded patterns in the + .sourceignore format (which is the same as .gitignore). If not provided, + a default will be used, consult the documentation for your version + to find out what those are. + type: string + include: + description: Include specifies a list of GitRepository resources which + Artifacts should be included in the Artifact produced for this GitRepository. + items: + description: GitRepositoryInclude specifies a local reference to + a GitRepository which Artifact (sub-)contents must be included, + and where they should be placed. + properties: + fromPath: + description: FromPath specifies the path to copy contents from, + defaults to the root of the Artifact. + type: string + repository: + description: GitRepositoryRef specifies the GitRepository which + Artifact contents must be included. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + toPath: + description: ToPath specifies the path to copy contents to, + defaults to the name of the GitRepositoryRef. + type: string + required: + - repository + type: object + type: array + interval: + description: Interval at which the GitRepository URL is checked for + updates. This interval is approximate and may be subject to jitter + to ensure efficient use of resources. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + proxySecretRef: + description: ProxySecretRef specifies the Secret containing the proxy + configuration to use while communicating with the Git server. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + recurseSubmodules: + description: RecurseSubmodules enables the initialization of all submodules + within the GitRepository as cloned from the URL, using their default + settings. + type: boolean + ref: + description: Reference specifies the Git reference to resolve and + monitor for changes, defaults to the 'master' branch. + properties: + branch: + description: Branch to check out, defaults to 'master' if no other + field is defined. + type: string + commit: + description: "Commit SHA to check out, takes precedence over all + reference fields. \n This can be combined with Branch to shallow + clone the branch, in which the commit is expected to exist." + type: string + name: + description: "Name of the reference to check out; takes precedence + over Branch, Tag and SemVer. \n It must be a valid Git reference: + https://git-scm.com/docs/git-check-ref-format#_description Examples: + \"refs/heads/main\", \"refs/tags/v0.1.0\", \"refs/pull/420/head\", + \"refs/merge-requests/1/head\"" + type: string + semver: + description: SemVer tag expression to check out, takes precedence + over Tag. + type: string + tag: + description: Tag to check out, takes precedence over Branch. + type: string + type: object + secretRef: + description: SecretRef specifies the Secret containing authentication + credentials for the GitRepository. For HTTPS repositories the Secret + must contain 'username' and 'password' fields for basic auth or + 'bearerToken' field for token auth. For SSH repositories the Secret + must contain 'identity' and 'known_hosts' fields. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: Suspend tells the controller to suspend the reconciliation + of this GitRepository. + type: boolean + timeout: + default: 60s + description: Timeout for Git operations like cloning, defaults to + 60s. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + url: + description: URL specifies the Git repository URL, it can be an HTTP/S + or SSH address. + pattern: ^(http|https|ssh)://.*$ + type: string + verify: + description: Verification specifies the configuration to verify the + Git commit signature(s). + properties: + mode: + default: HEAD + description: "Mode specifies which Git object(s) should be verified. + \n The variants \"head\" and \"HEAD\" both imply the same thing, + i.e. verify the commit that the HEAD of the Git repository points + to. The variant \"head\" solely exists to ensure backwards compatibility." + enum: + - head + - HEAD + - Tag + - TagAndHEAD + type: string + secretRef: + description: SecretRef specifies the Secret containing the public + keys of trusted Git authors. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - secretRef + type: object + required: + - interval + - url + type: object + status: + default: + observedGeneration: -1 + description: GitRepositoryStatus records the observed state of a Git repository. + properties: + artifact: + description: Artifact represents the last successful GitRepository + reconciliation. + properties: + digest: + description: Digest is the digest of the file in the form of ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to + the last update of the Artifact. + format: date-time + type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI annotations. + type: object + path: + description: Path is the relative file path of the Artifact. It + can be used to locate the file in the root of the Artifact storage + on the local file system of the controller managing the Source. + type: string + revision: + description: Revision is a human-readable identifier traceable + in the origin source system. It can be a Git commit SHA, Git + tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: URL is the HTTP address of the Artifact as exposed + by the controller managing the Source. It can be used to retrieve + the Artifact for consumption, e.g. by another controller applying + the Artifact contents. + type: string + required: + - lastUpdateTime + - path + - revision + - url + type: object + conditions: + description: Conditions holds the conditions for the GitRepository. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + includedArtifacts: + description: IncludedArtifacts contains a list of the last successfully + included Artifacts as instructed by GitRepositorySpec.Include. + items: + description: Artifact represents the output of a Source reconciliation. + properties: + digest: + description: Digest is the digest of the file in the form of + ':'. + pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$ + type: string + lastUpdateTime: + description: LastUpdateTime is the timestamp corresponding to + the last update of the Artifact. + format: date-time + type: string + metadata: + additionalProperties: + type: string + description: Metadata holds upstream information such as OCI + annotations. + type: object + path: + description: Path is the relative file path of the Artifact. + It can be used to locate the file in the root of the Artifact + storage on the local file system of the controller managing + the Source. + type: string + revision: + description: Revision is a human-readable identifier traceable + in the origin source system. It can be a Git commit SHA, Git + tag, a Helm chart version, etc. + type: string + size: + description: Size is the number of bytes in the file. + format: int64 + type: integer + url: + description: URL is the HTTP address of the Artifact as exposed + by the controller managing the Source. It can be used to retrieve + the Artifact for consumption, e.g. by another controller applying + the Artifact contents. + type: string + required: + - lastUpdateTime + - path + - revision + - url + type: object + type: array + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + observedGeneration: + description: ObservedGeneration is the last observed generation of + the GitRepository object. + format: int64 + type: integer + observedIgnore: + description: ObservedIgnore is the observed exclusion patterns used + for constructing the source artifact. + type: string + observedInclude: + description: ObservedInclude is the observed list of GitRepository + resources used to produce the current Artifact. + items: + description: GitRepositoryInclude specifies a local reference to + a GitRepository which Artifact (sub-)contents must be included, + and where they should be placed. + properties: + fromPath: + description: FromPath specifies the path to copy contents from, + defaults to the root of the Artifact. + type: string + repository: + description: GitRepositoryRef specifies the GitRepository which + Artifact contents must be included. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + toPath: + description: ToPath specifies the path to copy contents to, + defaults to the name of the GitRepositoryRef. + type: string + required: + - repository + type: object + type: array + observedRecurseSubmodules: + description: ObservedRecurseSubmodules is the observed resource submodules + configuration used to produce the current Artifact. + type: boolean + sourceVerificationMode: + description: SourceVerificationMode is the last used verification + mode indicating which Git object(s) have been verified. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {}