Nephio operator for focom to oran-provisioning requests #849
Conversation
Co-authored-by: Fiachra Corcoran <[email protected]> Signed-off-by: Fiachra Corcoran <[email protected]>
Co-authored-by: Dejan Kitic <[email protected]> Co-authored-by: Fiachra Corcoran <[email protected]> Signed-off-by: Dejan Kitic <[email protected]>
|
|
|
Hi @dek5troza. Thanks for your PR. I'm waiting for a nephio-project member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/ok-to-test |
efiacor
requested review from
kispaljr,
vjayaramrh,
dkosteck and
JamesMcDermott
and removed request for
lapentad
operators/focom-operator/api/focom/v1alpha1/focomprovisioningrequest_types.go
Outdated
Show resolved
Hide resolved
operators/focom-operator/oran-provisioning-crd/provisioning-request-crd.yaml
Outdated
Show resolved
Hide resolved
operators/focom-operator/test-data/red-hat-cluster-template.yaml
Outdated
Show resolved
Hide resolved
| @@ -28,7 +26,7 @@ unit: test | |||
| .PHONY: test | |||
| test: ## Run unit tests (go test) | |||
| ifeq ($(CONTAINER_RUNNABLE), 0) | |||
| $(RUN_CONTAINER_COMMAND) docker.io/library/golang:${GO_VERSION}-alpine3.19 \ | |||
| $(RUN_CONTAINER_COMMAND) docker.io/nephio/gotests:1885274380137664512 \ | |||
There was a problem hiding this comment.
What is the rationale not to use a generally available golang container image? Thanks
There was a problem hiding this comment.
Plan is to move the presubmits for here and porch to use this common image coming form the test-infra project.
https://github.com/nephio-project/test-infra/blob/main/images/gotests/Dockerfile
| GIT_ROOT_DIR ?= $(dir $(lastword $(MAKEFILE_LIST))) | ||
| include $(GIT_ROOT_DIR)/detect-container-runtime.mk | ||
|
|
||
| # Install link at https://github.com/securego/gosec#install if not running inside a container | ||
| .PHONY: gosec | ||
| gosec: ## Inspect the source code for security problems by scanning the Go Abstract Syntax Tree | ||
| ifeq ($(CONTAINER_RUNNABLE), 0) | ||
| $(RUN_CONTAINER_COMMAND) docker.io/securego/gosec:${GOSEC_VER} ./... | ||
| $(RUN_CONTAINER_COMMAND) docker.io/nephio/gotests:1885274380137664512 gosec -fmt=html -out=gosec-results.html \ |
There was a problem hiding this comment.
why not use the regular available gosec image? Thanks
There was a problem hiding this comment.
Plan is to move the presubmits for here and porch to use this common image coming form the test-infra project.
https://github.com/nephio-project/test-infra/blob/main/images/gotests/Dockerfile
There was a problem hiding this comment.
@efiacor Appreciate the response,
From what I understand regarding container best practices, you want a container to contain only one application.
|
I am fine with this MR, I already tested it end-to-end with O2IMS operator. It works fine. I am not a big fan of how it consumes the kubeconfig as a secret but that can be discussed later. /approve |
|
I had a chance to look at the PR and got through the structure, was not able to test out the PR though. Looks good to me. |
|
/lgtm |
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: arora-sagar, liamfallon The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Prow docker build job for the following - #849
NOTE: All data under the /config directory is generated by the operator sdk so does not require a full review.
Very basic implementation of FOCOM operator, which reconciles FOCOM provisioning requests into oran provisioning requests. This PR contains very basic functionality based on the POCs explored earlier, and with the review, more functionality will be added if needed.
Reconciling FOCOM provisioning requests into oran provisioning requests, will look for correct TemplateInfo referenced in the request. Current validation only checks if the referenced TemplateInfo exists, with given name and version. Template parameters are not validated yet, it will be done in the future. Once the referenced template is validated, reconcile will proceed to find OCloudId referenced in the request and make sure it exists. From the OCloudId it will read the secret referenced in the OCloud.
In this early stage, secret contains kubeconfig for the OCloud cluster, which will be used to build client to interact with the remote cluster. Using this client reconciler will produce Oran provisioning requests on the remote cluster.
Later, this is planned to be changed to support REST-like interface on the remote cluster, rather then using kubeconfig. Secret in this phase should be endpoint and bearer token,
Project contains few test samples, using testenv, and there is usual e2e test from the operator-sdk that can validate operator deployment. This code is at the POC level, and needs more work to be production ready.
ORAN provisioning request CRD is located inside oran-provisioning-crd folder. Focom CRDS are generated by operator-sdk/kubebuilder from go structs in the api folder. Generated yaml files are located in config/crd/bases.
Current code does not cater for more then one-shot operations, and patching of ORAN provisioning requests is not supported yet. Validation of the TemplateInfo parameters is not implemented yet, potentially this can be done by validating webhook, making them immutable for a start.