Backport cluster-compare templates to 4.16

Signed-off-by: Jim Ramsay <[email protected]>

Makefile

@@ -0,0 +1,17 @@
+.PHONY: ci-validate
+ci-validate: check-reference
+
+# Basic lint checking
+lintCheck:
+	# The configuration is done piece-wise in order to skip the
+	# kube-compare reference tree. Those yamls are augmented with
+	# golang templating and are not expected to be legal yaml.
+	yamllint -c .yamllint.yaml telco-core/configuration/*yaml
+	yamllint -c .yamllint.yaml telco-core/configuration/reference-crs
+	yamllint -c .yamllint.yaml telco-core/configuration/template-values
+	yamllint -c .yamllint.yaml telco-core/install/
+	yamllint -c .yamllint.yaml telco-hub/
+
+.PHONY: check-reference
+check-reference:
+	$(MAKE) -C ./telco-core/configuration check

telco-core/configuration/Makefile

@@ -0,0 +1,18 @@
+.PHONY: check
+check: compare_crs missing_crs
+
+
+.PHONY: compare_crs
+compare_crs:
+	@CLUSTER_COMPARE=$$(command -v kubectl-cluster_compare); \
+	if [[ -z $${CLUSTER_COMPARE} ]]; then \
+		echo "kubectl-cluster_compare tool isn't installed; please download it from https://github.com/openshift/kube-compare"; \
+		exit 1; \
+	fi; \
+	$${CLUSTER_COMPARE} -r ./reference-crs-kube-compare/metadata.yaml -f ./reference-crs -R -p ./reference-crs-kube-compare/comparison-overrides.yaml
+
+
+.PHONY: missing_crs
+missing_crs:
+	./compare.sh reference-crs reference-crs-kube-compare reference-crs-kube-compare/compare_ignore
+

telco-core/configuration/README.md

@@ -0,0 +1,65 @@
+# Reference configuration
+
+## Structure
+This directory contains four key components of the reference configuration
+ - The `reference-crs` tree contains the baseline configuration CRs which make
+   up the Core reference configuration. These are further separated into
+   optional vs required configuration.
+ - The yaml files in this top level support application and ongoing management
+   of the reference configuration using Advanced Cluster Management (ACM)
+   Policy. These yaml serve as manifests which define how CRs from the
+   reference-crs tree are grouped into policies and apply certain use case
+   specific patches to the policy wrapped CRs.
+ - The `template-values` directory holds ConfigMaps which provide values used in
+   the ACM Policies. See the "Templating" section below for more details.
+ - The `reference-crs-kube-compare` tree contains the template copy of the
+   baseline configuration for use by the
+   [cluster-compare tool](https://github.com/openshift/kube-compare).
+
+## Reference CRs
+
+## Policy generation CRs
+### Policy Generators
+There are three reference PolicyGenerator CRs.
+ - `core-baseline` contains fixed required content
+ - `core-overlay` contains content where updates/patches are expected. This
+   reference also contains the optional components
+ - `core-upgrade` contains policies which can be used to upgrade a cluster from
+   the prior release to the current release.
+
+Other custom content can be added through additional PolicyGenerator CRs.
+
+### Templating
+These PolicyGenerator CRs create Policies which include ACM hub side
+templates. These templates will pull values from 3 configmaps:
+
+`template-values/hw-types` -- Hardware dependent data.
+ - Current set of keys are fixed valued based on hardware profiles (mcp names)
+   as defined in core-overlay.
+
+`template-values/regional` -- Values which may depend on the region/zone where a
+cluster is deployed.
+ - keyed by a "region" label on the ManagedCluster
+ - eg %s-log-url -- a cluster labeled 'region: abcd' would use abcd-log-url
+   from regional configmap
+
+`<clusterName>` -- Values which are cluster specific. One ConfigMap per cluster
+is needed. The ConfigMap name is the cluster name eg cluster-1234
+ - Current set of keys are fixed values
+
+# Contributing
+
+Given that the `reference-crs` and `reference-crs-kube-compare` versions of the
+baseline configuration must be kept in sync, there is a github CI check than
+enforces this.  Running `make check` in this directory locally is equivalent to
+the CI.
+
+If `make check` detects differences, you should take one of the following actions:
+
+- Edit the `reference-crs` CRs or `reference-crs-kube-compare` templates so the
+  templates match the corresponding CRs.
+- For missing files, add the missing file to either the `reference-crs`
+  directory, or the `reference-crs-kube-compare` directory and metadata.yaml
+  - Alternatively, add the filename to the
+    `reference-crs-kube-compare/compare_ignore`, but only if the CR in
+    `reference-crs` should not be checked by the cluster-compare tool.

telco-core/configuration/compare.sh

@@ -0,0 +1,157 @@
+#! /bin/bash
+
+trap cleanup EXIT
+
+function cleanup() {
+  rm -rf source_file rendered_file same_file
+}
+
+function read_dir() {
+  local dir=$1
+  local file
+
+  for file in "$dir"/*; do
+    if [ -d "$file" ]; then
+      read_dir "$file"
+    else
+      echo "$file"
+    fi
+  done
+}
+
+function compare_cr {
+  local rendered_dir=$1
+  local source_dir=$2
+  local exclusionfile=$3
+  local status=0
+
+  read_dir "$rendered_dir" |grep yaml  > rendered_file
+  read_dir "$source_dir" |grep yaml  > source_file
+
+  local source_cr rendered
+  while IFS= read -r source_cr; do
+    while IFS= read -r rendered; do
+      if [ "${source_cr##*/}" = "${rendered##*/}" ]; then
+        echo "$source_cr" >> same_file
+      fi
+    done < rendered_file
+  done < source_file
+
+  # Filter out files with a source-cr/reference match from the full list of potentiol source-crs/reference files
+  while IFS= read -r file; do
+    [[ ${file::1} != "#" ]] || continue # Skip any comment lines in the exclusionfile
+    [[ -n ${file} ]] || continue # Skip empty lines
+    sed -i "/${file##*/}/d" source_file
+    sed -i "/${file##*/}/d" rendered_file
+  done < <(cat same_file "$exclusionfile")
+
+  if [[ -s source_file || -s rendered_file ]]; then
+    [ -s source_file ] && printf "\n\nThe following files exist in source-crs only, but not found in reference:\n" && cat source_file
+    [ -s rendered_file ] && printf "\nThe following files exist in reference only, but not found in source-crs:\n" && cat rendered_file
+    status=1
+  fi
+
+  return $status
+}
+
+sync_cr() {
+    local rendered_dir=$1
+    local source_dir=$2
+    local exclusionfile=$3
+    local status=0
+
+    local -a renderedFiles
+    readarray -t renderedFiles < <(read_dir "$rendered_dir" | grep yaml)
+
+    local -a sourceFiles
+    readarray -t sourceFiles < <(read_dir "$source_dir" | grep yaml)
+
+    local -a excludedFiles
+    readarray -t excludedFiles < <(grep -v '^#' "$exclusionfile" | grep -v '^$')
+
+    local source rendered excluded found
+    for rendered in "${renderedFiles[@]}"; do
+        found=0
+        for source in "${sourceFiles[@]}"; do
+            if [ "${source##*/}" = "${rendered##*/}" ]; then
+                # Match found!
+                found=1
+                break
+            fi
+        done
+        if [[ $found == 0 ]]; then
+            source="$source_dir/${rendered##*/}"
+        fi
+
+        # Replace the CR with the rendered copy (minus the helm-rendered heading)
+        tail -n +3 "$rendered" >"$source"
+        git add "$source"
+    done
+
+    for source in "${sourceFiles[@]}"; do
+        found=0
+        for rendered in "${renderedFiles[@]}"; do
+            if [ "${source##*/}" = "${rendered##*/}" ]; then
+                # Match found!
+                found=1
+                break
+            fi
+        done
+        for excluded in "${excludedFiles[@]}"; do
+            if [ "${source##*/}" = "${excluded##*/}" ]; then
+                # Match found!
+                found=1
+                break
+            fi
+        done
+        if [[ $found == 0 ]]; then
+            git rm -f "$source"
+        fi
+    done
+
+    git diff --cached --stat --exit-code
+}
+
+usage() {
+    echo "$(basename "$0") [--sync] sourceDir renderDir"
+    echo
+    echo "Compares the rendered reference-based CRs to the CRs in the compare directory"
+}
+
+DOSYNC=0
+for arg in "$@"; do
+    case "$arg" in
+        -h | --help)
+            usage
+            exit 0
+            ;;
+        --sync)
+            DOSYNC=1
+            shift
+            ;;
+    esac
+done
+SOURCEDIR=$1
+if [[ ! -d $SOURCEDIR ]]; then
+    echo "No such source directory $SOURCEDIR"
+    usage
+    exit 1
+fi
+RENDERDIR=$2
+if [[ ! -d $RENDERDIR ]]; then
+    echo "No such source directory $RENDERDIR"
+    usage
+    exit 1
+fi
+IGNORE=$3
+if [[ ! -f $IGNORE ]]; then
+    echo "No such ignorefile $IGNORE"
+    usage
+    exit 1
+fi
+
+if [[ $DOSYNC == 1 ]]; then
+    sync_cr "$RENDERDIR" "$SOURCEDIR" "$IGNORE"
+else
+    compare_cr "$RENDERDIR" "$SOURCEDIR" "$IGNORE"
+fi

telco-core/configuration/reference-crs-kube-compare/ReferenceVersionCheck.yaml

@@ -0,0 +1,7 @@
+apiVersion: config.openshift.io/v1
+kind: ClusterVersion
+metadata:
+  name: version
+status:
+  desired:
+    version: {{ template "versionMatch" (list .status.desired.version "4.16") }}

telco-core/configuration/reference-crs-kube-compare/compare_ignore

@@ -0,0 +1,20 @@
+# Internal files for cluster-compare, not real CRs
+metadata.yaml
+comparison-overrides.yaml
+
+# Used in the reference only for version compliance checks
+ReferenceVersionCheck.yaml
+
+# Utility objects used to migrate from CLO5->CLO6
+ClusterLogging5Cleanup.yaml
+ClusterLogOperatorStatus.yaml
+ClusterLogForwarderDeleted.yaml
+ClusterLogging.yaml
+
+# Utility objects to wait for and acknowledge cluster ugprades
+ClusterVersion.yaml
+upgrade-ack.yaml
+
+# Deprecated CRs, no longer in the reference-crs examples:
+optional/networking/sriov/SriovNetworkPoolConfig.yaml
+required/networking/metallb/service.yaml

telco-core/configuration/reference-crs-kube-compare/comparison-overrides.yaml

@@ -0,0 +1,7 @@
+- apiVersion: config.openshift.io/v1
+  kind: ClusterVersion
+  name: version
+  patch: '{"status":null}'
+  reason: The ClusterVersion in reference-crs should not be corellated to ReferenceVersionCheck
+  templatePath: ReferenceVersionCheck.yaml
+  type: mergepatch