Updating after the options command updated

Signed-off-by: Feny Mehta <[email protected]> Adding Primaza-Identity-Namespace Signed-off-by: Feny Mehta <[email protected]> Name change to service account Signed-off-by: Feny Mehta <[email protected]> updatd the test Signed-off-by: Feny Mehta <[email protected]> fixing tests and linter Signed-off-by: Feny Mehta <[email protected]> Test case1 Signed-off-by: Feny Mehta <[email protected]> Test8 Signed-off-by: Feny Mehta <[email protected]> Test9 Signed-off-by: Feny Mehta <[email protected]> Test10 Signed-off-by: Feny Mehta <[email protected]> Test passing1 Signed-off-by: Feny Mehta <[email protected]> Changing the - to _ Signed-off-by: Feny Mehta <[email protected]> Updating messages Signed-off-by: Feny Mehta <[email protected]>
primaza · Aug 10, 2023 · 7b8c65f · 7b8c65f
1 parent 668d1d1
commit 7b8c65f
Show file tree

Hide file tree

Showing 10 changed files with 179 additions and 80 deletions.
diff --git a/Makefile b/Makefile
@@ -85,6 +85,7 @@ $(PRIMAZA_CONFIG_DIR):
 
 APPLICATION_NAMESPACE ?= primaza-application
 SERVICE_NAMESPACE ?= primaza-service
+SERVICE_ACCOUNT_NAMESPACE ?= worker-sa
 
 PRIMAZA_CONFIG_FILE ?= $(PRIMAZA_CONFIG_DIR)/primaza_config_$(VERSION).yaml
 WORKER_CONFIG_FILE ?= $(PRIMAZA_CONFIG_DIR)/worker_config_$(VERSION).yaml
@@ -203,7 +204,7 @@ lint: primazactl ## Check python code
 
 .PHONY: test-local
 test-local: setup-test
-	$(PYTHON_VENV_DIR)/bin/primazatest -p $(PYTHON_VENV_DIR) -e $(WORKER_CONFIG_FILE) -f $(PRIMAZA_CONFIG_FILE) -c $(KUBE_KIND_CLUSTER_JOIN_NAME) -m $(KUBE_KIND_CLUSTER_TENANT_NAME) -a $(APPLICATION_AGENT_CONFIG_FILE) -s $(SERVICE_AGENT_CONFIG_FILE)
+	$(PYTHON_VENV_DIR)/bin/primazatest -p $(PYTHON_VENV_DIR) -e $(WORKER_CONFIG_FILE) -f $(PRIMAZA_CONFIG_FILE) -c $(KUBE_KIND_CLUSTER_JOIN_NAME) -m $(KUBE_KIND_CLUSTER_TENANT_NAME) -a $(APPLICATION_AGENT_CONFIG_FILE) -s $(SERVICE_AGENT_CONFIG_FILE) -j $(SERVICE_ACCOUNT_NAMESPACE)
 
 .PHONY: test-released
 test-released:
@@ -227,7 +228,7 @@ test-output: setup-test
 
 .PHONY: test-apply
 test-apply: setup-test
-	$(PYTHON_VENV_DIR)/bin/primazatest -t $(OPTIONS_FILE) -p $(PYTHON_VENV_DIR)
+	$(PYTHON_VENV_DIR)/bin/primazatest -t $(OPTIONS_FILE) -p $(PYTHON_VENV_DIR) 
 
 .PHONY: create-users
 create-users: primazactl
@@ -241,7 +242,6 @@ create-users: primazactl
 	$(PYTHON_VENV_DIR)/bin/primazauser service-agent -c $(KUBE_KIND_CLUSTER_JOIN_NAME) -o $(OUTPUT_DIR)/users
 	$(PYTHON_VENV_DIR)/bin/primazauser service-agent-bad -c $(KUBE_KIND_CLUSTER_JOIN_NAME) -o $(OUTPUT_DIR)/users
 
-
 .PHONY: test
 test: setup-test test-local test-released
 

diff --git a/README.md b/README.md
@@ -207,15 +207,14 @@ options:
 ## Join cluster command
 
 Notes:
-- requires a primaza tenant.
-- the namespace created is named `kube-system`.
-  - Not currently supported to use a different name.
+- Requires a primaza tenant.
+- It allows any namespace to be used, the namespace should already be created before using this. The default namespace used is named `kube-system`.
 
 
 ### Join cluster help
 ```
 usage: primazactl join cluster [-h] [-x] [-f CONFIG] [-v VERSION] [-p OPTIONS_FILE] [-c CONTEXT] [-k KUBECONFIG] [-u INTERNAL_URL] -d CLUSTER_ENVIRONMENT
-                               [-e ENVIRONMENT] [-l TENANT_KUBECONFIG] [-m TENANT_CONTEXT] [-t TENANT] [-y {client,server,none}] [-o {yaml,none}]
+                               [-e ENVIRONMENT] [-l TENANT_KUBECONFIG] [-m TENANT_CONTEXT] [-t TENANT] [-y {client,server,none}] [-o {yaml,none}] [-j SERVICE_ACCOUNT_NAMESPACE]
 
 options:
   -h, --help            show this help message and exit
@@ -247,6 +246,9 @@ options:
                         Set for dry run (default: none)
   -o {yaml,none}, --output {yaml,none}
                         Set to get output of resources which are created (default: none).
+  -j SERVICE_ACCOUNT_NAMESPACE, --service-account-namespace SERVICE_ACCOUNT_NAMESPACE
+                        name to be used for the WorkerNamespace which already exists.
+                        Default: kube-system
 ```
 
 ### Join cluster options
@@ -307,6 +309,9 @@ options:
         - No output produced.
         - Use in conjunction with `--output--` to get output without creating resources.
     - Default: none - resources are persisted.
+- `--service-account-namespace SERVICE_ACCOUNT_NAMESPACE`
+    - name to be used for the WorkerNamespace that will be created.
+    - Default is `kube-system`
 
 
 ## Create application namespace command

diff --git a/scripts/src/primazactl/cmd/apply/cluster_environment.py b/scripts/src/primazactl/cmd/apply/cluster_environment.py
@@ -20,6 +20,7 @@ class ClusterEnvironment(object):
     tenant: Tenant = None
     worker: WorkerCluster = None
     internal_url: str = None
+    service_account_namespace: str = None
 
     def __init__(self, options, tenant):
 
@@ -47,13 +48,22 @@ def __init__(self, options, tenant):
         self.version = tenant.version if tenant.version \
             else defaults["version"]
 
+        self.service_account_namespace = \
+            options.get("serviceAccountNamespace", None)
+        if not self.service_account_namespace:
+            self.service_account_namespace = \
+                defaults["service_account_namespace"]
+        logger.log_info(f"service_account_namespace: \
+            {self.service_account_namespace}")
+
         logger.log_info(f"Cluster Environment created: {self.name}")
 
     def join(self, name, context, kubeconfig, environment,
-             manifest, version, internal_url):
+             manifest, version, internal_url, service_account_namespace):
 
         self.add_args(name, context, kubeconfig, environment,
-                      manifest, version, internal_url)
+                      manifest, version, internal_url,
+                      service_account_namespace)
 
         logger.log_info(self.name)
 
@@ -71,14 +81,16 @@ def join(self, name, context, kubeconfig, environment,
                     environment=self.environment,
                     cluster_environment=self.name,
                     tenant=self.tenant.tenant,
-                    internal_url=self.internal_url
-                )
+                    internal_url=self.internal_url,
+                    service_account_namespace=self.service_account_namespace)
             self.worker.install_worker()
             return ""
 
-    def create_only(self, name, context, kubeconfig):
+    def create_only(self, name, context, kubeconfig,
+                    service_account_namespace):
 
-        self.add_args(name, context, kubeconfig, None, None, None, None)
+        self.add_args(name, context, kubeconfig, None, None, None, None,
+                      service_account_namespace)
         if not self.name:
             return "Namespace create requires a cluster environment name."
         else:
@@ -92,10 +104,11 @@ def create_only(self, name, context, kubeconfig):
                 cluster_environment=self.name,
                 tenant=self.tenant.tenant,
                 internal_url=None,
+                service_account_namespace=self.service_account_namespace,
             )
 
     def add_args(self, name, context, kubeconfig, environment,
-                 manifest, version, internal_url):
+                 manifest, version, internal_url, service_account_namespace):
 
         if name:
             self.name = name
@@ -118,6 +131,9 @@ def add_args(self, name, context, kubeconfig, environment,
         if internal_url:
             self.internal_url = internal_url
 
+        if service_account_namespace:
+            self.service_account_namespace = service_account_namespace
+
     def get_agents(self,  type):
         agents = []
         cluster_env = self.options

diff --git a/scripts/src/primazactl/cmd/apply/defaults.py b/scripts/src/primazactl/cmd/apply/defaults.py
@@ -1,6 +1,7 @@
 from primazactl.primazamain.constants import DEFAULT_TENANT
 from primazactl.version import __primaza_version__
 from primazactl.utils.kubeconfig import from_env
+from primazactl.primazaworker.constants import WORKER_NAMESPACE
 
 
 defaults = {"apiVersion": "primaza.io/v1alpha1",
@@ -11,4 +12,5 @@
             "tenant_config": "primaza_config_latest.yaml",
             "worker_config": "worker_config_latest.yaml",
             "service_agent_config": "service_agent_config_latest.yaml",
-            "app_agent_config": "application_agent_config_latest.yaml"}
+            "app_agent_config": "application_agent_config_latest.yaml",
+            "service_account_namespace": WORKER_NAMESPACE}
diff --git a/scripts/src/primazactl/cmd/apply/parser.py b/scripts/src/primazactl/cmd/apply/parser.py
@@ -85,7 +85,7 @@ def run_options(args):
         for cluster_environment in options.get_cluster_environments(tenant):
 
             # join cluster with no additional command line arguments.
-            error = cluster_environment.join(None, None, None,
+            error = cluster_environment.join(None, None, None, None,
                                              None, None, None, None)
             if error:
                 logger.log_error(error)

diff --git a/scripts/src/primazactl/cmd/create/namespace/common.py b/scripts/src/primazactl/cmd/create/namespace/common.py
@@ -12,6 +12,7 @@
 from primazactl.utils import settings
 from primazactl.utils import logger
 from primazactl.cmd.apply.options import Options
+from primazactl.primazaworker.constants import WORKER_NAMESPACE
 
 
 def add_args_namespace(parser: argparse.ArgumentParser, type):
@@ -72,6 +73,16 @@ def add_args_namespace(parser: argparse.ArgumentParser, type):
                 on which Primaza's Control Plane is running",
         default=None)
 
+    parser.add_argument(
+        "-j", "--service-account-namespace",
+        dest="service_account_namespace",
+        required=False,
+        help=f"namespace used for hosting the service account shared with\
+             Primaza's Control Plane(existing namespace).\
+             Default: {WORKER_NAMESPACE}.",
+        type=kubernetes_name,
+        default=None)
+
     parser.add_argument(
         "-v", "--version",
         dest="version",
@@ -155,9 +166,11 @@ def __create_namespace(args, type):
 
         # just want the cluster environment objects,
         # cluster should already be joined.
-        error = cluster_environment.create_only(args.cluster_environment,
-                                                args.context,
-                                                args.kubeconfig)
+        error = cluster_environment.create_only(
+            args.cluster_environment,
+            args.context,
+            args.kubeconfig,
+            args.service_account_namespace)
 
         if error:
             logger.log_error(error)

diff --git a/scripts/src/primazactl/cmd/join/parser.py b/scripts/src/primazactl/cmd/join/parser.py
@@ -10,6 +10,7 @@
 from primazactl.utils import settings
 from primazactl.cmd.apply.options import Options
 from primazactl.utils import logger
+from primazactl.primazaworker.constants import WORKER_NAMESPACE
 
 
 def add_group(parser: argparse.ArgumentParser, parents=[]):
@@ -86,6 +87,16 @@ def add_args_join(parser: argparse.ArgumentParser):
         type=str,
         default=None)
 
+    parser.add_argument(
+        "-j", "--service-account-namespace",
+        dest="service_account_namespace",
+        required=False,
+        help=f"namespace used for hosting the service account shared with\
+             Primaza's Control Plane(existing namespace).\
+             Default: {WORKER_NAMESPACE}.",
+        type=kubernetes_name,
+        default=None)
+
     # main
     parser.add_argument(
         "-d", "--cluster-environment",
@@ -195,7 +206,8 @@ def join_cluster(args):
                                          args.environment,
                                          args.config,
                                          args.version,
-                                         args.internal_url)
+                                         args.internal_url,
+                                         args.service_account_namespace)
 
         if error:
             logger.log_error(f"Join cluster {cluster_environment.name} "

diff --git a/scripts/src/primazactl/primazaworker/workercluster.py b/scripts/src/primazactl/primazaworker/workercluster.py
@@ -1,4 +1,3 @@
-from .constants import WORKER_NAMESPACE
 from primazactl.primazamain.maincluster import MainCluster
 from primazactl.primaza.primazacluster import PrimazaCluster
 from primazactl.kubectl.constants import WORKER_CONFIG
@@ -29,10 +28,11 @@ def __init__(
             cluster_environment: str,
             tenant: str,
             internal_url: str | None = None,
+            service_account_namespace: str | None = None,
             ):
 
         sa_name, _ = names.get_identity_names(tenant, cluster_environment)
-        super().__init__(WORKER_NAMESPACE,
+        super().__init__(service_account_namespace,
                          context,
                          sa_name,
                          cluster_environment,
@@ -45,7 +45,7 @@ def __init__(
         self.primaza_main = primaza_main
         self.environment = environment
         self.version = version
-        self.manifest = Manifest(WORKER_NAMESPACE, config_file,
+        self.manifest = Manifest(service_account_namespace, config_file,
                                  version, WORKER_CONFIG)
 
         kcw = KubeConfigWrapper(context, self.kube_config_file)

diff --git a/scripts/src/primazatest/options/primaza-alice.yaml b/scripts/src/primazatest/options/primaza-alice.yaml
@@ -1,21 +1,21 @@
 apiVersion: primaza.io/v1alpha1
-kind: Tenant
-manifestDirectory: ./out/config
-name: primaza-alice
-version: latest
-controlPlane:
-  context: kind-primazactl-tenant-test
-  internalUrl: null
-  kubeconfig: ~/.kube/config
 clusterEnvironments:
-- name: worker-alice
+- applicationNamespaces:
+  - name: alice-app
   environment: test
+  name: worker-alice
+  serviceAccountNamespace: worker-sa
+  serviceNamespaces:
+  - name: alice-svc
   targetCluster:
     context: kind-primazactl-join-test
     internalUrl: https://172.18.0.3:6443
     kubeconfig: ~/.kube/config
-  serviceNamespaces:
-    - name: alice-svc
-  applicationNamespaces:
-    - name: alice-app
-
+controlPlane:
+  context: kind-primazactl-tenant-test
+  internalUrl: https://172.18.0.2:6443
+  kubeconfig: ~/.kube/config
+kind: Tenant
+manifestDirectory: ./out/config
+name: primaza-alice
+version: latest