Merge pull request 'feat: add dry-run functionality and similar dependency' (#62) from feat/dryRun into master
Reviewed-on: https://git.nationtech.io/NationTech/harmony/pulls/62 Reviewed-by: wjro <wrolleman@nationtech.io>
This commit is contained in:
commit
55143dcad4
7
Cargo.lock
generated
7
Cargo.lock
generated
@ -1577,6 +1577,7 @@ dependencies = [
|
|||||||
"serde-value",
|
"serde-value",
|
||||||
"serde_json",
|
"serde_json",
|
||||||
"serde_yaml",
|
"serde_yaml",
|
||||||
|
"similar",
|
||||||
"temp-dir",
|
"temp-dir",
|
||||||
"temp-file",
|
"temp-file",
|
||||||
"tokio",
|
"tokio",
|
||||||
@ -4091,6 +4092,12 @@ dependencies = [
|
|||||||
"rand_core 0.6.4",
|
"rand_core 0.6.4",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "similar"
|
||||||
|
version = "2.7.0"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "bbbb5d9659141646ae647b42fe094daf6c6192d1620870b449d9557f748b2daa"
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "simple_asn1"
|
name = "simple_asn1"
|
||||||
version = "0.6.3"
|
version = "0.6.3"
|
||||||
|
|||||||
47
Cargo.toml
47
Cargo.toml
@ -20,34 +20,23 @@ readme = "README.md"
|
|||||||
license = "GNU AGPL v3"
|
license = "GNU AGPL v3"
|
||||||
|
|
||||||
[workspace.dependencies]
|
[workspace.dependencies]
|
||||||
log = "0.4.22"
|
log = "0.4"
|
||||||
env_logger = "0.11.5"
|
env_logger = "0.11"
|
||||||
derive-new = "0.7.0"
|
derive-new = "0.7"
|
||||||
async-trait = "0.1.82"
|
async-trait = "0.1"
|
||||||
tokio = { version = "1.40.0", features = [
|
tokio = { version = "1.40", features = ["io-std", "fs", "macros", "rt-multi-thread"] }
|
||||||
"io-std",
|
|
||||||
"fs",
|
|
||||||
"macros",
|
|
||||||
"rt-multi-thread",
|
|
||||||
] }
|
|
||||||
cidr = { features = ["serde"], version = "0.2" }
|
cidr = { features = ["serde"], version = "0.2" }
|
||||||
russh = "0.45.0"
|
russh = "0.45"
|
||||||
russh-keys = "0.45.0"
|
russh-keys = "0.45"
|
||||||
rand = "0.8.5"
|
rand = "0.8"
|
||||||
url = "2.5.4"
|
url = "2.5"
|
||||||
kube = "0.98.0"
|
kube = "0.98"
|
||||||
k8s-openapi = { version = "0.24.0", features = ["v1_30"] }
|
k8s-openapi = { version = "0.24", features = ["v1_30"] }
|
||||||
serde_yaml = "0.9.34"
|
serde_yaml = "0.9"
|
||||||
serde-value = "0.7.0"
|
serde-value = "0.7"
|
||||||
http = "1.2.0"
|
http = "1.2"
|
||||||
inquire = "0.7.5"
|
inquire = "0.7"
|
||||||
convert_case = "0.8.0"
|
convert_case = "0.8"
|
||||||
chrono = "0.4"
|
chrono = "0.4"
|
||||||
|
similar = "2"
|
||||||
[workspace.dependencies.uuid]
|
uuid = { version = "1.11", features = [ "v4", "fast-rng", "macro-diagnostics" ] }
|
||||||
version = "1.11.0"
|
|
||||||
features = [
|
|
||||||
"v4", # Lets you generate random UUIDs
|
|
||||||
"fast-rng", # Use a faster (but still sufficiently random) RNG
|
|
||||||
"macro-diagnostics", # Enable better diagnostics for compile-time UUIDs
|
|
||||||
]
|
|
||||||
|
|||||||
@ -53,3 +53,4 @@ fqdn = { version = "0.4.6", features = [
|
|||||||
] }
|
] }
|
||||||
temp-dir = "0.1.14"
|
temp-dir = "0.1.14"
|
||||||
dyn-clone = "1.0.19"
|
dyn-clone = "1.0.19"
|
||||||
|
similar.workspace = true
|
||||||
|
|||||||
@ -10,4 +10,6 @@ lazy_static! {
|
|||||||
std::env::var("HARMONY_REGISTRY_URL").unwrap_or_else(|_| "hub.nationtech.io".to_string());
|
std::env::var("HARMONY_REGISTRY_URL").unwrap_or_else(|_| "hub.nationtech.io".to_string());
|
||||||
pub static ref REGISTRY_PROJECT: String =
|
pub static ref REGISTRY_PROJECT: String =
|
||||||
std::env::var("HARMONY_REGISTRY_PROJECT").unwrap_or_else(|_| "harmony".to_string());
|
std::env::var("HARMONY_REGISTRY_PROJECT").unwrap_or_else(|_| "harmony".to_string());
|
||||||
|
pub static ref DRY_RUN: bool =
|
||||||
|
std::env::var("HARMONY_DRY_RUN").map_or(true, |value| value.parse().unwrap_or(true));
|
||||||
}
|
}
|
||||||
|
|||||||
@ -4,9 +4,11 @@ use kube::{
|
|||||||
Api, Client, Config, Error, Resource,
|
Api, Client, Config, Error, Resource,
|
||||||
api::{Patch, PatchParams},
|
api::{Patch, PatchParams},
|
||||||
config::{KubeConfigOptions, Kubeconfig},
|
config::{KubeConfigOptions, Kubeconfig},
|
||||||
|
core::ErrorResponse,
|
||||||
};
|
};
|
||||||
use log::{debug, error, trace};
|
use log::{debug, error, trace};
|
||||||
use serde::de::DeserializeOwned;
|
use serde::de::DeserializeOwned;
|
||||||
|
use similar::TextDiff;
|
||||||
|
|
||||||
#[derive(new)]
|
#[derive(new)]
|
||||||
pub struct K8sClient {
|
pub struct K8sClient {
|
||||||
@ -48,8 +50,79 @@ impl K8sClient {
|
|||||||
.name
|
.name
|
||||||
.as_ref()
|
.as_ref()
|
||||||
.expect("K8s Resource should have a name");
|
.expect("K8s Resource should have a name");
|
||||||
api.patch(name, &patch_params, &Patch::Apply(resource))
|
|
||||||
.await
|
if *crate::config::DRY_RUN {
|
||||||
|
match api.get(name).await {
|
||||||
|
Ok(current) => {
|
||||||
|
trace!("Received current value {current:#?}");
|
||||||
|
// The resource exists, so we calculate and display a diff.
|
||||||
|
println!("\nPerforming dry-run for resource: '{}'", name);
|
||||||
|
let mut current_yaml = serde_yaml::to_value(¤t)
|
||||||
|
.expect(&format!("Could not serialize current value : {current:#?}"));
|
||||||
|
if current_yaml.is_mapping() && current_yaml.get("status").is_some() {
|
||||||
|
let map = current_yaml.as_mapping_mut().unwrap();
|
||||||
|
let removed = map.remove_entry("status");
|
||||||
|
trace!("Removed status {:?}", removed);
|
||||||
|
} else {
|
||||||
|
trace!(
|
||||||
|
"Did not find status entry for current object {}/{}",
|
||||||
|
current.meta().namespace.as_ref().unwrap_or(&"".to_string()),
|
||||||
|
current.meta().name.as_ref().unwrap_or(&"".to_string())
|
||||||
|
);
|
||||||
|
}
|
||||||
|
let current_yaml = serde_yaml::to_string(¤t_yaml)
|
||||||
|
.unwrap_or_else(|_| "Failed to serialize current resource".to_string());
|
||||||
|
let new_yaml = serde_yaml::to_string(resource)
|
||||||
|
.unwrap_or_else(|_| "Failed to serialize new resource".to_string());
|
||||||
|
|
||||||
|
if current_yaml == new_yaml {
|
||||||
|
println!("No changes detected.");
|
||||||
|
// Return the current resource state as there are no changes.
|
||||||
|
return Ok(current);
|
||||||
|
}
|
||||||
|
|
||||||
|
println!("Changes detected:");
|
||||||
|
let diff = TextDiff::from_lines(¤t_yaml, &new_yaml);
|
||||||
|
|
||||||
|
// Iterate over the changes and print them in a git-like diff format.
|
||||||
|
for change in diff.iter_all_changes() {
|
||||||
|
let sign = match change.tag() {
|
||||||
|
similar::ChangeTag::Delete => "-",
|
||||||
|
similar::ChangeTag::Insert => "+",
|
||||||
|
similar::ChangeTag::Equal => " ",
|
||||||
|
};
|
||||||
|
print!("{}{}", sign, change);
|
||||||
|
}
|
||||||
|
// In a dry run, we return the new resource state that would have been applied.
|
||||||
|
Ok(resource.clone())
|
||||||
|
}
|
||||||
|
Err(Error::Api(ErrorResponse { code: 404, .. })) => {
|
||||||
|
// The resource does not exist, so the "diff" is the entire new resource.
|
||||||
|
println!("\nPerforming dry-run for new resource: '{}'", name);
|
||||||
|
println!(
|
||||||
|
"Resource does not exist. It would be created with the following content:"
|
||||||
|
);
|
||||||
|
let new_yaml = serde_yaml::to_string(resource)
|
||||||
|
.unwrap_or_else(|_| "Failed to serialize new resource".to_string());
|
||||||
|
|
||||||
|
// Print each line of the new resource with a '+' prefix.
|
||||||
|
for line in new_yaml.lines() {
|
||||||
|
println!("+{}", line);
|
||||||
|
}
|
||||||
|
// In a dry run, we return the new resource state that would have been created.
|
||||||
|
Ok(resource.clone())
|
||||||
|
}
|
||||||
|
Err(e) => {
|
||||||
|
// Another API error occurred.
|
||||||
|
error!("Failed to get resource '{}': {}", name, e);
|
||||||
|
Err(e)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
return api
|
||||||
|
.patch(name, &patch_params, &Patch::Apply(resource))
|
||||||
|
.await;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn apply_many<K>(&self, resource: &Vec<K>, ns: Option<&str>) -> Result<Vec<K>, Error>
|
pub async fn apply_many<K>(&self, resource: &Vec<K>, ns: Option<&str>) -> Result<Vec<K>, Error>
|
||||||
|
|||||||
@ -138,6 +138,7 @@ impl K8sTenantManager {
|
|||||||
"kind": "NetworkPolicy",
|
"kind": "NetworkPolicy",
|
||||||
"metadata": {
|
"metadata": {
|
||||||
"name": format!("{}-network-policy", config.name),
|
"name": format!("{}-network-policy", config.name),
|
||||||
|
"namespace": self.get_namespace_name(config),
|
||||||
},
|
},
|
||||||
"spec": {
|
"spec": {
|
||||||
"podSelector": {},
|
"podSelector": {},
|
||||||
@ -219,8 +220,29 @@ impl K8sTenantManager {
|
|||||||
})
|
})
|
||||||
})
|
})
|
||||||
.collect();
|
.collect();
|
||||||
|
let ports: Option<Vec<NetworkPolicyPort>> =
|
||||||
|
c.1.as_ref().map(|spec| match &spec.data {
|
||||||
|
super::PortSpecData::SinglePort(port) => vec![NetworkPolicyPort {
|
||||||
|
port: Some(IntOrString::Int(port.clone().into())),
|
||||||
|
..Default::default()
|
||||||
|
}],
|
||||||
|
super::PortSpecData::PortRange(start, end) => vec![NetworkPolicyPort {
|
||||||
|
port: Some(IntOrString::Int(start.clone().into())),
|
||||||
|
end_port: Some(end.clone().into()),
|
||||||
|
protocol: None, // Not currently supported by Harmony
|
||||||
|
}],
|
||||||
|
|
||||||
|
super::PortSpecData::ListOfPorts(items) => items
|
||||||
|
.iter()
|
||||||
|
.map(|i| NetworkPolicyPort {
|
||||||
|
port: Some(IntOrString::Int(i.clone().into())),
|
||||||
|
..Default::default()
|
||||||
|
})
|
||||||
|
.collect(),
|
||||||
|
});
|
||||||
let rule = serde_json::from_value::<NetworkPolicyIngressRule>(json!({
|
let rule = serde_json::from_value::<NetworkPolicyIngressRule>(json!({
|
||||||
"from": cidr_list
|
"from": cidr_list,
|
||||||
|
"ports": ports,
|
||||||
}))
|
}))
|
||||||
.map_err(|e| {
|
.map_err(|e| {
|
||||||
ExecutorError::ConfigurationError(format!(
|
ExecutorError::ConfigurationError(format!(
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user