Add Job Function

Signed-off-by: Max Schmidt <[email protected]>

api/v1beta1/shim_types.go

@@ -50,22 +50,13 @@ type RollingSpec struct {
 }
 
 // ShimStatus defines the observed state of Shim
+// +operator-sdk:csv:customresourcedefinitions:type=status
 type ShimStatus struct {
-	Conditions []ShimCondition `json:"conditions"`
-}
-
-type ShimCondition struct {
-	Type               string `json:"type"`
-	Status             string `json:"status"`
-	ConditionSeverity  string `json:"conditionSeverity"`
-	LastTransitionTime string `json:"lastTransitionTime"`
-	Reason             string `json:"reason"`
-	Message            string `json:"message"`
+	Conditions []metav1.Condition `json:"conditions,omitempty"`
 }
 
 // +kubebuilder:object:root=true
 // +kubebuilder:resource:path=shims,scope=Cluster
-// +kubebuilder:subresource:status
 // Shim is the Schema for the shims API
 type Shim struct {
 	metav1.TypeMeta   `json:",inline"`

config/crd/bases/runtime.kwasm.sh_shims.yaml

@@ -83,33 +83,73 @@ spec:
             properties:
               conditions:
                 items:
+                  description: "Condition contains details for one aspect of the current
+                    state of this API Resource. --- This struct is intended for direct
+                    use as an array at the field path .status.conditions.  For example,
+                    \n type FooStatus struct{ // Represents the observations of a
+                    foo's current state. // Known .status.conditions.type are: \"Available\",
+                    \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+                    // +listType=map // +listMapKey=type Conditions []metav1.Condition
+                    `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+                    protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
                   properties:
-                    conditionSeverity:
-                      type: string
                     lastTransitionTime:
+                      description: lastTransitionTime is the last time the condition
+                        transitioned from one status to another. This should be when
+                        the underlying condition changed.  If that is not known, then
+                        using the time when the API field changed is acceptable.
+                      format: date-time
                       type: string
                     message:
+                      description: message is a human readable message indicating
+                        details about the transition. This may be an empty string.
+                      maxLength: 32768
                       type: string
+                    observedGeneration:
+                      description: observedGeneration represents the .metadata.generation
+                        that the condition was set based upon. For instance, if .metadata.generation
+                        is currently 12, but the .status.conditions[x].observedGeneration
+                        is 9, the condition is out of date with respect to the current
+                        state of the instance.
+                      format: int64
+                      minimum: 0
+                      type: integer
                     reason:
+                      description: reason contains a programmatic identifier indicating
+                        the reason for the condition's last transition. Producers
+                        of specific condition types may define expected values and
+                        meanings for this field, and whether the values are considered
+                        a guaranteed API. The value should be a CamelCase string.
+                        This field may not be empty.
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
                       type: string
                     status:
+                      description: status of the condition, one of True, False, Unknown.
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
                       type: string
                     type:
+                      description: type of condition in CamelCase or in foo.example.com/CamelCase.
+                        --- Many .condition.type values are consistent across resources
+                        like Available, but because arbitrary conditions can be useful
+                        (see .node.status.conditions), the ability to deconflict is
+                        important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
                       type: string
                   required:
-                  - conditionSeverity
                   - lastTransitionTime
                   - message
                   - reason
                   - status
                   - type
                   type: object
                 type: array
-            required:
-            - conditions
             type: object
         type: object
     served: true
     storage: true
-    subresources:
-      status: {}

config/manager/kustomization.yaml

@@ -1,2 +1,8 @@
 resources:
 - manager.yaml
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+images:
+- name: controller
+  newName: controller
+  newTag: latest

controllers/shim_controller.go

@@ -18,21 +18,38 @@ package controllers
 
 import (
 	"context"
+	"fmt"
+	"os"
 
 	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/client-go/tools/record"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
 	"sigs.k8s.io/controller-runtime/pkg/log"
 
+	"github.com/kwasm/kwasm-operator/api/v1beta1"
 	runtimev1beta1 "github.com/kwasm/kwasm-operator/api/v1beta1"
+	batchv1 "k8s.io/api/batch/v1"
+	corev1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
 // ShimReconciler reconciles a Shim object
 type ShimReconciler struct {
 	client.Client
-	Scheme *runtime.Scheme
+	Scheme   *runtime.Scheme
+	Recorder record.EventRecorder
 }
 
+// Definitions to manage status conditions
+const (
+	// typeAvailableShim represents the status of the Deployment reconciliation
+	typeAvailableShim = "Available"
+	// typeDegradedShim represents the status used when the custom resource is deleted and the finalizer operations are must to occur.
+	typeDegradedShim = "Degraded"
+)
+
 //+kubebuilder:rbac:groups=runtime.kwasm.sh,resources=shims,verbs=get;list;watch;create;update;patch;delete
 //+kubebuilder:rbac:groups=runtime.kwasm.sh,resources=shims/status,verbs=get;update;patch
 //+kubebuilder:rbac:groups=runtime.kwasm.sh,resources=shims/finalizers,verbs=update
@@ -48,12 +65,64 @@ type ShimReconciler struct {
 // - https://pkg.go.dev/sigs.k8s.io/[email protected]/pkg/reconcile
 func (r *ShimReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
 	_ = log.FromContext(ctx)
+	// Fetch the Shim custom resource
+	shim := &v1beta1.Shim{}
+	err := r.Get(ctx, req.NamespacedName, shim)
+	if err != nil {
+		return ctrl.Result{}, client.IgnoreNotFound(err)
+	}
+
+	// Create a new Kubernetes Job based on the Shim custom resource
+	job := r.buildJobForShim(shim)
+
+	// Set the owner reference to the Shim custom resource
+	if err := controllerutil.SetControllerReference(shim, job, r.Scheme); err != nil {
+		return ctrl.Result{}, err
+	}
 
-	// TODO(user): your logic here
+	// Check if the Job already exists, if not, create it
+	found := &batchv1.Job{}
+	err = r.Get(ctx, req.NamespacedName, found)
+	if err != nil && client.IgnoreNotFound(err) != nil {
+		return ctrl.Result{}, err
+	}
 
+	if err != nil {
+		// Job does not exist, create it
+		if err := r.Create(ctx, job); err != nil {
+			return ctrl.Result{}, err
+		}
+		return ctrl.Result{}, nil
+	}
+
+	// Job already exists, do nothing
 	return ctrl.Result{}, nil
 }
 
+func (r *ShimReconciler) buildJobForShim(shim *v1beta1.Shim) *batchv1.Job {
+	job := &batchv1.Job{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      fmt.Sprintf("shim-job-%s", shim.Name),
+			Namespace: os.Getenv("CONTROLLER_NAMESPACE"),
+		},
+		Spec: batchv1.JobSpec{
+			Template: corev1.PodTemplateSpec{
+				Spec: corev1.PodSpec{
+					Containers: []corev1.Container{
+						{
+							Name:  "my-shim-container",
+							Image: "your-specific-image", // Set your specific image here
+							// Add other container settings as needed
+						},
+					},
+					RestartPolicy: "Never",
+				},
+			},
+		},
+	}
+	return job
+}
+
 // SetupWithManager sets up the controller with the Manager.
 func (r *ShimReconciler) SetupWithManager(mgr ctrl.Manager) error {
 	return ctrl.NewControllerManagedBy(mgr).

main.go

@@ -18,6 +18,7 @@ package main
 
 import (
 	"flag"
+	"fmt"
 	"os"
 
 	// Import all Kubernetes client auth plugins (e.g. Azure, GCP, OIDC, etc.)
@@ -48,6 +49,20 @@ func init() {
 	//+kubebuilder:scaffold:scheme
 }
 
+// getWatchNamespace returns the Namespace the operator should be watching for changes
+func getWatchNamespace() string {
+	// WatchNamespaceEnvVar is the constant for env variable WATCH_NAMESPACE
+	// which specifies the Namespace to watch.
+	// An empty value means the operator will fail to start.
+	var watchNamespaceEnvVar = "CONTROLLER_NAMESPACE"
+
+	ns, found := os.LookupEnv(watchNamespaceEnvVar)
+	if !found {
+		panic(fmt.Sprintf("env var '%s' must be set", watchNamespaceEnvVar))
+	}
+	return ns
+}
+
 func main() {
 	var metricsAddr string
 	var enableLeaderElection bool
@@ -70,6 +85,7 @@ func main() {
 		MetricsBindAddress:     metricsAddr,
 		Port:                   9443,
 		HealthProbeBindAddress: probeAddr,
+		Namespace:              getWatchNamespace(),
 		LeaderElection:         enableLeaderElection,
 		LeaderElectionID:       "7584d300.kwasm.sh",
 		// LeaderElectionReleaseOnCancel defines if the leader should step down voluntarily

test-crd.yaml

@@ -0,0 +1,45 @@
+apiVersion: runtime.kwasm.sh/v1beta1
+kind: Shim
+metadata:
+  # The Shim resource is a cluster wide resource, no namespace.
+  name: my-shim-v0.1.2
+spec:
+  # optional: label selector for nodes to target with shim.
+  # If not supplied, the shim should be installed on all nodes.
+  nodeSelector:
+    wasm: "true"
+
+  # required: The method for fetching a shim.
+  # This could be any number of strategies for fetching. For example, OCI.
+  fetchStrategy:
+    anonHttp:
+      location: https://github.com/some-org/some-project/releases/v0.8.0/shims.tar.gz
+
+  # required: The runtime class to be applied in the cluster for the shim.
+  # 
+  # The validation for this structure should also validate the `handler`
+  # will map to the name / path of the shim binary that is installed on the node.
+  #
+  # Upon installation of a shim to a node, a label should be added to the node
+  # to indicate a specific shim is installed on the node. This label must be
+  # used to inform the K8s scheduler where to schedule workloads for the given
+  # runtime class.
+  #
+  # ---
+  # apiVersion: node.k8s.io/v1
+  # kind: RuntimeClass
+  # metadata:
+  #   name: myshim-v0.1.2
+  # handler: myshim_v0_1_2
+  # scheduling:
+  #   nodeSelector:
+  #     myshim_v0_1_2: "true"
+  runtimeClass:
+    name: my-shim-v0.1.2
+
+  # rolloutStrategy describes how a change to this shim will be applied to nodes.
+  rolloutStrategy:
+    type: rolling
+    rolling:
+      maxUpdate: 5 # could also be a percentage of nodes, like 10% of nodes.
+  # conditions should provide the status of the resource and it's progression