Install the sample-external-issuer

Signed-off-by: Richard Wall <richard.wall@jetstack.io>
2020-12-15 15:00:44 +00:00 · 2020-12-15 15:00:44 +00:00 · a5d7e24211
commit a5d7e24211
parent 386c2bacb2
9 changed files with 162 additions and 1 deletions
--- a/devel/BUILD.bazel
+++ b/devel/BUILD.bazel
@ -13,6 +13,7 @@ filegroup(
        "//devel/addon/certmanager:all-srcs",
        "//devel/addon/ingressnginx:all-srcs",
        "//devel/addon/pebble:all-srcs",
+        "//devel/addon/sample-external-issuer:all-srcs",
        "//devel/addon/samplewebhook:all-srcs",
        "//devel/addon/vault:all-srcs",
        "//devel/bin:all-srcs",
--- a/devel/addon/sample-external-issuer/BUILD.bazel
+++ b/devel/addon/sample-external-issuer/BUILD.bazel
@ -0,0 +1,25 @@
+load("@io_bazel_rules_docker//container:bundle.bzl", "container_bundle")
+
+container_bundle(
+    name = "bundle",
+    images = {
+        # TODO: Move this image to quay.io
+        # https://github.com/jetstack/cert-manager/issues/3531
+        "ghcr.io/wallrj/sample-external-issuer/controller:v0.0.0-30-gf333b9e": "@io_ghcr_wallrj_sample-external-issuer_controller//image",
+    },
+    tags = ["manual"],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
--- a/devel/addon/sample-external-issuer/install.sh
+++ b/devel/addon/sample-external-issuer/install.sh
@ -0,0 +1,46 @@
+#!/usr/bin/env bash
+
+# Copyright 2020 The cert-manager Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Installs an instance of the sample-external-issuer:
+# * https://github.com/cert-manager/sample-external-issuer
+
+set -o nounset
+set -o errexit
+set -o pipefail
+
+SCRIPT_ROOT=$(dirname "${BASH_SOURCE}")
+source "${SCRIPT_ROOT}/../../lib/lib.sh"
+SCRIPT_ROOT=$(dirname "${BASH_SOURCE}")
+
+setup_tools
+
+repo_dir="$(mktemp -d)"
+
+function cleanup {
+    rm -rf "${repo_dir}"
+}
+
+trap cleanup EXIT
+
+git clone https://github.com/cert-manager/sample-external-issuer "${repo_dir}"
+
+# TODO: Move this image to quay.io
+# https://github.com/jetstack/cert-manager/issues/3531
+img="ghcr.io/wallrj/sample-external-issuer/controller:v0.0.0-30-gf333b9e"
+
+require_image "${img}" "//devel/addon/sample-external-issuer:bundle"
+
+make -C "${repo_dir}" "IMG=${img}" deploy
--- a/devel/bin/kustomize
+++ b/devel/bin/kustomize
@ -0,0 +1,31 @@
+#!/usr/bin/env bash
+
+# Copyright 2020 The cert-manager Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -o nounset
+set -o errexit
+set -o pipefail
+
+if ! command -v bazel &>/dev/null; then
+  echo "Install bazel at https://bazel.build" >&2
+  exit 1
+fi
+
+if [ -z "${KUSTOMIZE:-}" ]; then
+    bazel build //hack/bin:kustomize
+    export KUSTOMIZE="$(bazel info bazel-genfiles)/hack/bin/kustomize"
+fi
+
+"${KUSTOMIZE}" "$@"
--- a/devel/lib/lib.sh
+++ b/devel/lib/lib.sh
@ -39,7 +39,7 @@ export INGRESS_IP="${SERVICE_IP_PREFIX}.15"
 # versions of the tools required for development
 setup_tools() {
  check_bazel
-  bazel build //hack/bin:helm //hack/bin:kind //hack/bin:kubectl //devel/bin:ginkgo
+  bazel build //hack/bin:helm //hack/bin:kind //hack/bin:kubectl //hack/bin:kustomize //devel/bin:ginkgo
  if [[ "$IS_OPENSHIFT" == "true" ]] ; then
    bazel build //hack/bin:oc3
  fi
@ -48,6 +48,7 @@ setup_tools() {
  export KIND="${bindir}/hack/bin/kind"
  export OC3="${bindir}/hack/bin/oc3"
  export KUBECTL="${bindir}/hack/bin/kubectl"
+  export KUSTOMIZE="${bindir}/hack/bin/kustomize"
  export GINKGO="${bindir}/devel/bin/ginkgo"
  # Configure PATH to use bazel provided e2e tools
  export PATH="${SCRIPT_ROOT}/bin:$PATH"
--- a/devel/setup-e2e-deps.sh
+++ b/devel/setup-e2e-deps.sh
@ -54,6 +54,9 @@ echo "Installing ingress-nginx into the cluster..."
 echo "Loading vault into the cluster..."
 "${SCRIPT_ROOT}/addon/vault/install.sh" &

+echo "Installing sample-external-issuer into the cluster..."
+"${SCRIPT_ROOT}/addon/sample-external-issuer/install.sh" &
+
 # Wait for all background jobs to finish and exit with non-zero if any of them fail
 # See https://stackoverflow.com/a/515170/919436
 for job in $(jobs -p); do
--- a/hack/bin/BUILD.bazel
+++ b/hack/bin/BUILD.bazel
@ -46,6 +46,17 @@ genrule(
    visibility = ["//visibility:public"],
 )

+genrule(
+    name = "fetch_kustomize",
+    srcs = select({
+        ":darwin": ["@kustomize_osx//:file"],
+        ":k8": ["@kustomize_linux//:file"],
+    }),
+    outs = ["kustomize"],
+    cmd = "cp $(SRCS) $@",
+    visibility = ["//visibility:public"],
+)
+
 genrule(
    name = "io_kubernetes_kube-apiserver",
    srcs = select({
--- a/hack/bin/deps.bzl
+++ b/hack/bin/deps.bzl
@ -25,6 +25,7 @@ def install():
    install_kubectl()
    install_oc3()
    install_kind()
+    install_kustomize()

    # Install golang.org/x/build as kubernetes/repo-infra requires it for the
    # build-tar bazel target.
@ -68,6 +69,38 @@ filegroup(
 """,
    )

+# Kustomize
+def install_kustomize():
+    http_archive(
+        name = "kustomize_linux",
+        sha256 = "175938206f23956ec18dac3da0816ea5b5b485a8493a839da278faac82e3c303",
+        urls = ["https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v3.8.8/kustomize_v3.8.8_linux_amd64.tar.gz"],
+        build_file_content = """
+filegroup(
+    name = "file",
+    srcs = [
+        "kustomize",
+    ],
+    visibility = ["//visibility:public"],
+)
+""",
+    )
+
+    http_archive(
+        name = "kustomize_osx",
+        sha256 = "561a28e5d705af3fd4d683e5059002a76d390737ee19fd5b64ef5bfe8cfa4541",
+        urls = ["https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v3.8.8/kustomize_v3.8.8_darwin_amd64.tar.gz"],
+        build_file_content = """
+filegroup(
+    name = "file",
+    srcs = [
+        "kustomize",
+    ],
+    visibility = ["//visibility:public"],
+)
+""",
+    )
+
 def install_misc():
    http_file(
        name = "jq_linux",
@ -233,3 +266,4 @@ def install_kind():
        sha256 = "781c3db479b805d161b7c2c7a31896d1a504b583ebfcce8fcd49538c684d96bc",
        urls = ["https://github.com/kubernetes-sigs/kind/releases/download/v0.8.1/kind-linux-amd64"],
    )
+
--- a/test/e2e/images.bzl
+++ b/test/e2e/images.bzl
@ -62,3 +62,12 @@ def install():
        tag = "9.11.3-20190706",
        digest = "sha256:b8e84f9a9fe0c05c3a963606c3d0170622be9c5e8800431ffcaadb0c79a3ff75"
    )
+
+    ## Fetch sample-external-issuer for use during e2e tests
+    container_pull(
+        name = "io_ghcr_wallrj_sample-external-issuer_controller",
+        registry = "ghcr.io",
+        repository = "wallrj/sample-external-issuer/controller",
+        tag = "v0.0.0-30-gf333b9e",
+        digest = "sha256:609a12fca03554a186e516ef065b4152f02596fba697e3cc45f3593654c87a86"
+    )