diff --git a/bruce_operator/core.py b/bruce_operator/core.py index 7d3218c..c04398f 100644 --- a/bruce_operator/core.py +++ b/bruce_operator/core.py @@ -41,12 +41,13 @@ class Operator: self.custom_client = kubernetes.client.CustomObjectsApi(self.client.api_client) # Ensure resource definitions. + self.ensure_namespace() self.ensure_resource_definitions() self.ensure_volumes() - # TODO: Ensure registry. + self.ensure_registry() # Fetch all the buildpacks. - self.fetch_buildpacks() + self.spawn_fetch_buildpacks() @property def installed_buildpacks(self): @@ -105,6 +106,10 @@ class Operator: f"run bruce-operator-{label}-{_hash} --image={OPERATOR_IMAGE} -n {WATCH_NAMESPACE} --restart=Never --quiet=True --record=True --image-pull-policy=Always -- bruce-operator {cmd}" ) + def ensure_namespace(self): + self.logger.info("Ensuring bruce namespace...") + kubectl(f"apply -f ./deploy/_bruce-namespace.yml") + def ensure_kubeconfig(self): """Ensures that ~/.kube/config exists, when running in Kubernetes.""" # If we're running in a kubernets cluster... @@ -147,12 +152,19 @@ class Operator: kubectl(f"apply -f ./deploy/buildpacks-volume.yml -n {WATCH_NAMESPACE}") def spawn_fetch_buildpacks(self): + self.spawn_self(f"fetch-buildpacks", label="fetch") for buildpack in self.installed_buildpacks: self.logger.info(f"Pretending to fetch {buildpack_name!r} buildpack!") - self.spawn_self(f"fetch-buildpacks", label="fetch") - def fetch_buildpacks(self): + def ensure_registry(self): + self.logger.info("Ensuring Registry volume...") + kubectl(f"apply -f ./deploy/registry-data.yml -n {WATCH_NAMESPACE}") + self.logger.info("Ensuring Registry deployment...") + kubectl(f"apply -f ./deploy/registry-deployment.yml -n {WATCH_NAMESPACE}") + + self.logger.info("Ensuring Registry service...") + kubectl(f"apply -f ./deploy/registry-service.yml -n {WATCH_NAMESPACE}") def watch(self): self.logger.info("Pretending to watch...") diff --git a/deploy/rbac.yml b/deploy/rbac.yml new file mode 100644 index 0000000..9d0b717 --- /dev/null +++ b/deploy/rbac.yml @@ -0,0 +1,62 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: bruce-operator +rules: +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' +- apiGroups: + - bruce.kennethreitz.org + resources: + - buildpacks + - apps + verbs: + - '*' +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - '*' +- apiGroups: + - "" + resources: + - pods + verbs: + - list + - delete +- apiGroups: + - "" + resources: + - services + - endpoints + verbs: + - get + - create + - update +- apiGroups: + - "" + resources: + - nodes + verbs: + - list + - watch +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch diff --git a/deploy/registry-service.yml b/deploy/registry-service.yml index f8266e9..283225c 100644 --- a/deploy/registry-service.yml +++ b/deploy/registry-service.yml @@ -13,7 +13,7 @@ spec: ports: - name: registry-http port: 80 - nodePort: 80 + # nodePort: 80 targetPort: 0 selector: io.kompose.service: registry