From a5d7e24211eaee1e6c32cd04f2a4730c6cba64c6 Mon Sep 17 00:00:00 2001
From: Richard Wall <richard.wall@jetstack.io>
Date: Tue, 15 Dec 2020 15:00:44 +0000
Subject: [PATCH] Install the sample-external-issuer

Signed-off-by: Richard Wall <richard.wall@jetstack.io>
---
 devel/BUILD.bazel                             |  1 +
 .../addon/sample-external-issuer/BUILD.bazel  | 25 ++++++++++
 devel/addon/sample-external-issuer/install.sh | 46 +++++++++++++++++++
 devel/bin/kustomize                           | 31 +++++++++++++
 devel/lib/lib.sh                              |  3 +-
 devel/setup-e2e-deps.sh                       |  3 ++
 hack/bin/BUILD.bazel                          | 11 +++++
 hack/bin/deps.bzl                             | 34 ++++++++++++++
 test/e2e/images.bzl                           |  9 ++++
 9 files changed, 162 insertions(+), 1 deletion(-)
 create mode 100644 devel/addon/sample-external-issuer/BUILD.bazel
 create mode 100755 devel/addon/sample-external-issuer/install.sh
 create mode 100755 devel/bin/kustomize

diff --git a/devel/BUILD.bazel b/devel/BUILD.bazel
index 659b86dec..543e7253d 100644
--- a/devel/BUILD.bazel
+++ b/devel/BUILD.bazel
@@ -13,6 +13,7 @@ filegroup(
         "//devel/addon/certmanager:all-srcs",
         "//devel/addon/ingressnginx:all-srcs",
         "//devel/addon/pebble:all-srcs",
+        "//devel/addon/sample-external-issuer:all-srcs",
         "//devel/addon/samplewebhook:all-srcs",
         "//devel/addon/vault:all-srcs",
         "//devel/bin:all-srcs",
diff --git a/devel/addon/sample-external-issuer/BUILD.bazel b/devel/addon/sample-external-issuer/BUILD.bazel
new file mode 100644
index 000000000..0c45d5aff
--- /dev/null
+++ b/devel/addon/sample-external-issuer/BUILD.bazel
@@ -0,0 +1,25 @@
+load("@io_bazel_rules_docker//container:bundle.bzl", "container_bundle")
+
+container_bundle(
+    name = "bundle",
+    images = {
+        # TODO: Move this image to quay.io
+        # https://github.com/jetstack/cert-manager/issues/3531
+        "ghcr.io/wallrj/sample-external-issuer/controller:v0.0.0-30-gf333b9e": "@io_ghcr_wallrj_sample-external-issuer_controller//image",
+    },
+    tags = ["manual"],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+    visibility = ["//visibility:public"],
+)
diff --git a/devel/addon/sample-external-issuer/install.sh b/devel/addon/sample-external-issuer/install.sh
new file mode 100755
index 000000000..289af6428
--- /dev/null
+++ b/devel/addon/sample-external-issuer/install.sh
@@ -0,0 +1,46 @@
+#!/usr/bin/env bash
+
+# Copyright 2020 The cert-manager Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Installs an instance of the sample-external-issuer:
+# * https://github.com/cert-manager/sample-external-issuer
+
+set -o nounset
+set -o errexit
+set -o pipefail
+
+SCRIPT_ROOT=$(dirname "${BASH_SOURCE}")
+source "${SCRIPT_ROOT}/../../lib/lib.sh"
+SCRIPT_ROOT=$(dirname "${BASH_SOURCE}")
+
+setup_tools
+
+repo_dir="$(mktemp -d)"
+
+function cleanup {
+    rm -rf "${repo_dir}"
+}
+
+trap cleanup EXIT
+
+git clone https://github.com/cert-manager/sample-external-issuer "${repo_dir}"
+
+# TODO: Move this image to quay.io
+# https://github.com/jetstack/cert-manager/issues/3531
+img="ghcr.io/wallrj/sample-external-issuer/controller:v0.0.0-30-gf333b9e"
+
+require_image "${img}" "//devel/addon/sample-external-issuer:bundle"
+
+make -C "${repo_dir}" "IMG=${img}" deploy
diff --git a/devel/bin/kustomize b/devel/bin/kustomize
new file mode 100755
index 000000000..dedf0ba7d
--- /dev/null
+++ b/devel/bin/kustomize
@@ -0,0 +1,31 @@
+#!/usr/bin/env bash
+
+# Copyright 2020 The cert-manager Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -o nounset
+set -o errexit
+set -o pipefail
+
+if ! command -v bazel &>/dev/null; then
+  echo "Install bazel at https://bazel.build" >&2
+  exit 1
+fi
+
+if [ -z "${KUSTOMIZE:-}" ]; then
+    bazel build //hack/bin:kustomize
+    export KUSTOMIZE="$(bazel info bazel-genfiles)/hack/bin/kustomize"
+fi
+
+"${KUSTOMIZE}" "$@"
diff --git a/devel/lib/lib.sh b/devel/lib/lib.sh
index 32dc5e8dd..218ccc39a 100644
--- a/devel/lib/lib.sh
+++ b/devel/lib/lib.sh
@@ -39,7 +39,7 @@ export INGRESS_IP="${SERVICE_IP_PREFIX}.15"
 # versions of the tools required for development
 setup_tools() {
   check_bazel
-  bazel build //hack/bin:helm //hack/bin:kind //hack/bin:kubectl //devel/bin:ginkgo
+  bazel build //hack/bin:helm //hack/bin:kind //hack/bin:kubectl //hack/bin:kustomize //devel/bin:ginkgo
   if [[ "$IS_OPENSHIFT" == "true" ]] ; then
     bazel build //hack/bin:oc3
   fi
@@ -48,6 +48,7 @@ setup_tools() {
   export KIND="${bindir}/hack/bin/kind"
   export OC3="${bindir}/hack/bin/oc3"
   export KUBECTL="${bindir}/hack/bin/kubectl"
+  export KUSTOMIZE="${bindir}/hack/bin/kustomize"
   export GINKGO="${bindir}/devel/bin/ginkgo"
   # Configure PATH to use bazel provided e2e tools
   export PATH="${SCRIPT_ROOT}/bin:$PATH"
diff --git a/devel/setup-e2e-deps.sh b/devel/setup-e2e-deps.sh
index 0094ef44a..42d254da1 100755
--- a/devel/setup-e2e-deps.sh
+++ b/devel/setup-e2e-deps.sh
@@ -54,6 +54,9 @@ echo "Installing ingress-nginx into the cluster..."
 echo "Loading vault into the cluster..."
 "${SCRIPT_ROOT}/addon/vault/install.sh" &
 
+echo "Installing sample-external-issuer into the cluster..."
+"${SCRIPT_ROOT}/addon/sample-external-issuer/install.sh" &
+
 # Wait for all background jobs to finish and exit with non-zero if any of them fail
 # See https://stackoverflow.com/a/515170/919436
 for job in $(jobs -p); do
diff --git a/hack/bin/BUILD.bazel b/hack/bin/BUILD.bazel
index c656306b1..531b8d9f2 100644
--- a/hack/bin/BUILD.bazel
+++ b/hack/bin/BUILD.bazel
@@ -46,6 +46,17 @@ genrule(
     visibility = ["//visibility:public"],
 )
 
+genrule(
+    name = "fetch_kustomize",
+    srcs = select({
+        ":darwin": ["@kustomize_osx//:file"],
+        ":k8": ["@kustomize_linux//:file"],
+    }),
+    outs = ["kustomize"],
+    cmd = "cp $(SRCS) $@",
+    visibility = ["//visibility:public"],
+)
+
 genrule(
     name = "io_kubernetes_kube-apiserver",
     srcs = select({
diff --git a/hack/bin/deps.bzl b/hack/bin/deps.bzl
index 31255eaca..6fde49ce5 100644
--- a/hack/bin/deps.bzl
+++ b/hack/bin/deps.bzl
@@ -25,6 +25,7 @@ def install():
     install_kubectl()
     install_oc3()
     install_kind()
+    install_kustomize()
 
     # Install golang.org/x/build as kubernetes/repo-infra requires it for the
     # build-tar bazel target.
@@ -68,6 +69,38 @@ filegroup(
 """,
     )
 
+# Kustomize
+def install_kustomize():
+    http_archive(
+        name = "kustomize_linux",
+        sha256 = "175938206f23956ec18dac3da0816ea5b5b485a8493a839da278faac82e3c303",
+        urls = ["https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v3.8.8/kustomize_v3.8.8_linux_amd64.tar.gz"],
+        build_file_content = """
+filegroup(
+    name = "file",
+    srcs = [
+        "kustomize",
+    ],
+    visibility = ["//visibility:public"],
+)
+""",
+    )
+
+    http_archive(
+        name = "kustomize_osx",
+        sha256 = "561a28e5d705af3fd4d683e5059002a76d390737ee19fd5b64ef5bfe8cfa4541",
+        urls = ["https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v3.8.8/kustomize_v3.8.8_darwin_amd64.tar.gz"],
+        build_file_content = """
+filegroup(
+    name = "file",
+    srcs = [
+        "kustomize",
+    ],
+    visibility = ["//visibility:public"],
+)
+""",
+    )
+
 def install_misc():
     http_file(
         name = "jq_linux",
@@ -233,3 +266,4 @@ def install_kind():
         sha256 = "781c3db479b805d161b7c2c7a31896d1a504b583ebfcce8fcd49538c684d96bc",
         urls = ["https://github.com/kubernetes-sigs/kind/releases/download/v0.8.1/kind-linux-amd64"],
     )
+
diff --git a/test/e2e/images.bzl b/test/e2e/images.bzl
index 483ca758c..86233374e 100644
--- a/test/e2e/images.bzl
+++ b/test/e2e/images.bzl
@@ -62,3 +62,12 @@ def install():
         tag = "9.11.3-20190706",
         digest = "sha256:b8e84f9a9fe0c05c3a963606c3d0170622be9c5e8800431ffcaadb0c79a3ff75"
     )
+
+    ## Fetch sample-external-issuer for use during e2e tests
+    container_pull(
+        name = "io_ghcr_wallrj_sample-external-issuer_controller",
+        registry = "ghcr.io",
+        repository = "wallrj/sample-external-issuer/controller",
+        tag = "v0.0.0-30-gf333b9e",
+        digest = "sha256:609a12fca03554a186e516ef065b4152f02596fba697e3cc45f3593654c87a86"
+    )