feat: implement cluster reconciler (#6)

* first working version

* do not override other infrastructure fields of Gateway

* simplify install/uninstall operations

* fix: apply helm namespace to target cluster

Author: ValentinGerlach

.gitignore

@@ -0,0 +1,37 @@
+
+
+# Binaries for programs and plugins
+*.exe
+*.exe~
+*.dll
+*.so
+*.dylib
+bin/
+Dockerfile.cross
+
+# Test binary, build with `go test -c`
+*.test
+
+# Output of the go coverage tool, specifically when used with LiteIDE
+*.out
+
+# Kubernetes Generated files - skip generated files, except for vendored files
+
+!vendor/**/zz_generated.*
+
+# editor and IDE paraphernalia
+.idea
+.vscode
+*.swp
+*.swo
+*~
+
+tmp/
+go.work*
+components/
+!**/components/
+/**/cover.html
+/**/cover.*.html
+
+*.tmp
+.task/

.gitmodules

@@ -0,0 +1,3 @@
+[submodule "hack/common"]
+	path = hack/common
+	url = https://github.com/openmcp-project/build.git

.golangci.yaml

@@ -0,0 +1,46 @@
+version: "2"
+run:
+  allow-parallel-runners: true
+linters:
+  default: none
+  enable:
+    - copyloopvar
+    - dupl
+    - errcheck
+    - ginkgolinter
+    - goconst
+    - gocyclo
+    - govet
+    - ineffassign
+    - misspell
+    - nakedret
+    - prealloc
+    - revive
+    - staticcheck
+    - unconvert
+    - unparam
+    - unused
+  settings:
+    revive:
+      rules:
+        - name: comment-spacings
+  exclusions:
+    generated: lax
+    rules:
+      - linters:
+          - dupl
+        path: internal/*
+    paths:
+      - third_party$
+      - builtin$
+      - examples$
+formatters:
+  enable:
+    - gofmt
+    - goimports
+  exclusions:
+    generated: lax
+    paths:
+      - third_party$
+      - builtin$
+      - examples$

Makefile

@@ -0,0 +1 @@
+./hack/common/Makefile

Taskfile.yaml

@@ -0,0 +1,18 @@
+version: 3
+
+includes:
+  shared:
+    taskfile: hack/common/Taskfile_controller.yaml
+    flatten: true
+    excludes: [] # put task names in here which are overwritten in this file
+    vars:
+      NESTED_MODULES: api
+      API_DIRS: '{{.ROOT_DIR}}/api/...'
+      MANIFEST_OUT: '{{.ROOT_DIR}}/api/crds/manifests'
+      CODE_DIRS: '{{.ROOT_DIR}}/cmd/... {{.ROOT_DIR}}/internal/... {{.ROOT_DIR}}/api/...'
+      COMPONENTS: platform-service-gateway
+      REPO_URL: 'https://github.com/openmcp-project/platform-service-gateway'
+      GENERATE_DOCS_INDEX: "false"
+      CHART_COMPONENTS: "[]"
+      CRDS_COMPONENTS: platform-service-gateway
+      CRDS_PATH: '{{.ROOT_DIR}}/api/crds/manifests'

VERSION

@@ -0,0 +1 @@
+v0.0.0-dev

api/crds/crds.go

@@ -0,0 +1,15 @@
+package crds
+
+import (
+	"embed"
+
+	crdutil "github.com/openmcp-project/controller-utils/pkg/crds"
+	apiextv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
+)
+
+//go:embed manifests
+var CRDFS embed.FS
+
+func CRDs() ([]*apiextv1.CustomResourceDefinition, error) {
+	return crdutil.CRDsFromFileSystem(CRDFS, "manifests")
+}

api/crds/manifests/gateway.openmcp.cloud_gatewayserviceconfigs.yaml

@@ -0,0 +1,135 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.18.0
+  labels:
+    openmcp.cloud/cluster: platform
+  name: gatewayserviceconfigs.gateway.openmcp.cloud
+spec:
+  group: gateway.openmcp.cloud
+  names:
+    kind: GatewayServiceConfig
+    listKind: GatewayServiceConfigList
+    plural: gatewayserviceconfigs
+    singular: gatewayserviceconfig
+  scope: Cluster
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: GatewayServiceConfig is the Schema for the Gateway PlatformService
+          configuration API
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: GatewayServiceConfigSpec defines the desired state of GatewayServiceConfig
+            properties:
+              clusters:
+                description: Clusters that should be included in the gateway configuration.
+                items:
+                  properties:
+                    clusterRef:
+                      description: ClusterRef can be used to reference a single cluster.
+                      properties:
+                        name:
+                          description: Name of the referenced Cluster.
+                          minLength: 1
+                          type: string
+                        namespace:
+                          default: default
+                          description: Namespace of the referenced Cluster.
+                          type: string
+                      required:
+                      - name
+                      - namespace
+                      type: object
+                    selector:
+                      description: Selector for multiple clusters using labels and
+                        purpose.
+                      properties:
+                        matchLabels:
+                          additionalProperties:
+                            type: string
+                          description: MatchLabels selects clusters based on labels.
+                          type: object
+                        matchPurpose:
+                          description: MatchPurpose selects clusters based on purpose.
+                          type: string
+                      type: object
+                  type: object
+                type: array
+              dns:
+                description: DNS configuration.
+                properties:
+                  baseDomain:
+                    description: 'BaseDomain is the domain from which subdomains will
+                      be derived. Example: dev.openmcp.example.com.'
+                    minLength: 1
+                    type: string
+                required:
+                - baseDomain
+                type: object
+              envoyGateway:
+                description: EnvoyGateway configuration.
+                properties:
+                  chart:
+                    description: Chart configuration for Envoy Gateway.
+                    properties:
+                      tag:
+                        description: 'Tag of the chart. Example: 1.5.4'
+                        minLength: 1
+                        type: string
+                      url:
+                        default: oci://docker.io/envoyproxy/gateway-helm
+                        description: 'URL to the chart. Default: oci://docker.io/envoyproxy/gateway-helm'
+                        type: string
+                    required:
+                    - tag
+                    - url
+                    type: object
+                  images:
+                    description: Images overrides container image locations for Envoy
+                      components.
+                    properties:
+                      gateway:
+                        description: 'EnvoyGateway image. Example: docker.io/envoyproxy/gateway:v1.5.1'
+                        type: string
+                      proxy:
+                        description: 'EnvoyProxy image. Example: docker.io/envoyproxy/envoy:distroless-v1.35.3'
+                        type: string
+                      rateLimit:
+                        description: 'Ratelimit image. Example: docker.io/envoyproxy/ratelimit:e74a664a'
+                        type: string
+                    required:
+                    - gateway
+                    - proxy
+                    - rateLimit
+                    type: object
+                required:
+                - chart
+                type: object
+            required:
+            - dns
+            - envoyGateway
+            type: object
+        type: object
+    served: true
+    storage: true

api/gateway/v1alpha1/config_types.go

@@ -0,0 +1,110 @@
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// GatewayServiceConfigSpec defines the desired state of GatewayServiceConfig
+type GatewayServiceConfigSpec struct {
+	// EnvoyGateway configuration.
+	EnvoyGateway EnvoyGatewayConfig `json:"envoyGateway"`
+
+	// Clusters that should be included in the gateway configuration.
+	Clusters []ClusterTerm `json:"clusters,omitempty"`
+
+	// DNS configuration.
+	DNS DNSConfig `json:"dns"`
+}
+
+type ClusterTerm struct {
+	// Selector for multiple clusters using labels and purpose.
+	Selector *ClusterSelector `json:"selector,omitempty"`
+
+	// ClusterRef can be used to reference a single cluster.
+	ClusterRef *ClusterRef `json:"clusterRef,omitempty"`
+}
+
+type ClusterSelector struct {
+	// MatchLabels selects clusters based on labels.
+	MatchLabels map[string]string `json:"matchLabels,omitempty"`
+
+	// MatchPurpose selects clusters based on purpose.
+	MatchPurpose string `json:"matchPurpose,omitempty"`
+}
+
+type ClusterRef struct {
+	// Name of the referenced Cluster.
+	// +kubebuilder:validation:Required
+	// +kubebuilder:validation:MinLength=1
+	Name string `json:"name"`
+
+	// Namespace of the referenced Cluster.
+	// +kubebuilder:default=default
+	Namespace string `json:"namespace"`
+}
+
+type EnvoyGatewayConfig struct {
+	// Images overrides container image locations for Envoy components.
+	Images *ImagesConfig `json:"images,omitempty"`
+
+	// Chart configuration for Envoy Gateway.
+	Chart EnvoyGatewayChart `json:"chart"`
+}
+
+type EnvoyGatewayChart struct {
+	// URL to the chart. Default: oci://docker.io/envoyproxy/gateway-helm
+	// +kubebuilder:default="oci://docker.io/envoyproxy/gateway-helm"
+	URL string `json:"url"`
+
+	// Tag of the chart. Example: 1.5.4
+	// +kubebuilder:validation:Required
+	// +kubebuilder:validation:MinLength=1
+	Tag string `json:"tag"`
+}
+
+type ImagesConfig struct {
+	// EnvoyProxy image. Example: docker.io/envoyproxy/envoy:distroless-v1.35.3
+	EnvoyProxy string `json:"proxy"`
+
+	// EnvoyGateway image. Example: docker.io/envoyproxy/gateway:v1.5.1
+	EnvoyGateway string `json:"gateway"`
+
+	// Ratelimit image. Example: docker.io/envoyproxy/ratelimit:e74a664a
+	Ratelimit string `json:"rateLimit"`
+}
+
+type DNSConfig struct {
+	// BaseDomain is the domain from which subdomains will be derived. Example: dev.openmcp.example.com.
+	// +kubebuilder:validation:Required
+	// +kubebuilder:validation:MinLength=1
+	BaseDomain string `json:"baseDomain"`
+
+	// SubdomainTemplate defines how subdomains for clusters will be generated.
+	// +kubebuilder:default={{.Cluster.Name}}.{{.Cluster.Namespace}}
+	// SubdomainTemplate string `json:"subdomainTemplate"`
+}
+
+// +kubebuilder:object:root=true
+// +kubebuilder:metadata:labels="openmcp.cloud/cluster=platform"
+// +kubebuilder:resource:scope=Cluster
+
+// GatewayServiceConfig is the Schema for the Gateway PlatformService configuration API
+type GatewayServiceConfig struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec GatewayServiceConfigSpec `json:"spec,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+
+// GatewayServiceConfigList contains a list of GatewayServiceConfig
+type GatewayServiceConfigList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []GatewayServiceConfig `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&GatewayServiceConfig{}, &GatewayServiceConfigList{})
+}

api/gateway/v1alpha1/constants.go

@@ -0,0 +1,11 @@
+package v1alpha1
+
+import (
+	openmcpconst "github.com/openmcp-project/openmcp-operator/api/constants"
+)
+
+const (
+	OperationAnnotation = "gateway." + openmcpconst.OperationAnnotation
+
+	GatewayFinalizerOnCluster = "platformservice." + openmcpconst.OpenMCPGroupName + "/gateway"
+)