- rename ResourceID and related functions to ID
- move Update type from policy pkg to resource pkg to avoid circular dependency
- rename resource.Update to resource.PolicyUpdate
- run go fmt on all files
Flux choked on end-of-document markers (`...`).
To avoid complicating the existing multidoc parser (stolen from kubernetes) I
abused go-yaml's Decoder to obtain the raw documents from the stream by
unmarshalling to an interface{} and marshalling again.
Flux supported heterogeneous resource `List`s, however it didn't support
resource-kind specific lists such as `RoleList` unlike `kubectl`.
This changes parsing of lists to align `flux`'s behavior with `kubectl`'s.
So we can separate parsing from processing at least minimally, this
commit makes assigning a namespace to resources (that need one) a
post-processing step, in `Manifests.LoadManifests`. It also makes it a
more reliable operation than before, since it looks up whether or not
a particular resource is _supposed_ to have a namespace, according to
the Kubernetes API, before assigning the configured default.
It's possible to have manifests for namespaces resources in your git
repo, but not specify a namespace in them. In this case, `kubectl`,
and thereby fluxd, will transparently assign a default namespace
(either from kubeconfig, or if not given there, the default fallback
of `"default"`). When we're syncing, we need to be able to know which
namespace these resources will end up in, so we can identify them
during garbage collection.
The basic scheme is: in a few strategic places, let a fallback
namespace be supplied, which is used for anything that doesn't have
one. To avoid having to check which resources are supposed to have
namespaces (e.g., namespaces themselves), use the fallback to identify
everything that doesn't have one, either from a file or from the
cluster.
(The alternative is to figure out precisely which things need to have
namespaces, e.g., using the discovery API, and give only those a
default namespace. So long as the namespace is used _only_ to identify
resources, giving everything a namespace is equivalent. And since lots
of existing code assumes there's always a namespace, I leant that
way.)
Since the fallback namespace is decided by `kubectl`, that's what we
use to discover it.
The idea is to let people overlay bits of configuration by supplying
more than one `--git-path` argument.
Much of the machinery for dealing with manifest files (and
directories) already expected more than one path; but, it wasn't
necessarily convenient to supply all of them in one go, so I've
updated the Manifests interface and followed that through.
The git path appears in API results -- it's just an opaque string,
though, so joining the now multiple paths and returning that should be
fine.
This fixes the error
verifying changes: failed to verify changes: updating container
\"some-cronjob\" in resource \"default:cronjob/some-cronjob\" failed:
container \"some-cronjob\" not found in workload
while verifying a CronJob file.
`yaml.Unmarshal` unmarshals from yaml fields into struct fields
according to their lowercase version. For the struct field `JobTemplate`
it is looking for `jobtemplate` while it is actually named
`jobTemplate`.
It's not enough to be able to update images in a List resource, we
must be able to recognise them in the first place.
The Go YAML parser makes this a little tricky, because it doesn't give
you access to the bytes (like `UnmarshalJSON` does), so if we want
typed resources, we have to parse them generically and marshal them
back out to bytes.
Include an error report in the sync notification, with resources
v. errors (with the latter coming from `kubectl` most likely).
The most useful bit of information when a resource fails to sync --
more useful than the error from kubectl, even -- is the file that had
a problem. Include that in the notification.
Secondarily: to avoid having a long, tmpfile path in messages, make
the source of resources relative to the repo.
A couple of tests assume that the test files are 1-1 with
resources. This commit removes that assumption by comparing things to
the curated ServiceMap() instead.
It also puts one of the files in a subdirectory, to make sure things
still work.
It used to be the case that platform.Platform was both the interface
to the running cluster _and_ the interface exposed by the daemon to
the service over RPC.
Now that most operations are done in the daemon, these are quite
distinct, and keeping them together makes it difficult to define new
packages that depend on the `Cluster` interface without dragging in
platform (and introducing import cycles that then need to be worked
around).
This commit extracts the Cluster interface, and its implementation for
kubernetes, into new packages, and renames `platform` to `remote`, to
describe its purpose better.
This requires a bit of scaffolding to be able to compare the running
environment (which is obtained by cluster.Export) with the configured
environment (loaded from the files).
I've deliberately put a bit more structure than strictly necessary, in
anticipation of using this for other purposes, e.g., replacing
`kubeservice`.