[Backport v0.31.x] Conditonal volumes, service and sidecar. (#463) (#476)

* [Backport v0.31.x] Conditonal volumes, service and sidecar. (#463)

* fix changelog

* fix changelog

Author: chunter0

Makefile

@@ -20,7 +20,7 @@ install-go-tools: mod-download
 	go install github.com/pseudomuto/protoc-gen-doc/cmd/protoc-gen-doc
 	go install github.com/solo-io/[email protected]
 	go install github.com/golang/mock/[email protected]
-	go install github.com/onsi/ginkgo/v2/ginkgo@v2.8.1
+	go install github.com/onsi/ginkgo/v2/ginkgo@v2.9.5
 	go install golang.org/x/tools/cmd/goimports
 
 # proto compiler installation

changelog/v0.31.5/conditional-sidecar.yaml

@@ -0,0 +1,6 @@
+changelog:
+  - type: NEW_FEATURE
+    issueLink: https://github.com/solo-io/gloo-mesh-enterprise/issues/9850
+    resolvesIssue: false
+    description: >
+      Allows specifying conditional volume, service or sidecars.

codegen/cmd_test.go

@@ -3,6 +3,7 @@ package codegen_test
 import (
 	"bytes"
 	"encoding/json"
+	"fmt"
 	"io/ioutil"
 	"os"
 	"os/exec"
@@ -39,7 +40,117 @@ var _ = Describe("Cmd", func() {
 	skv2Imports.External["github.com/solo-io/cue"] = []string{
 		"encoding/protobuf/cue/cue.proto",
 	}
+	It("install conditional sidecars", func() {
+		var (
+			agentConditional = "and ($.Values.glooAgent.enabled) ($.Values.glooAgent.runAsSidecar)"
+		)
+
+		cmd := &Command{
+			Chart: &Chart{
+				Operators: []Operator{
+					{
+						Name: "gloo-mgmt-server",
+						Service: Service{
+							Ports: []ServicePort{{
+								Name:        "grpc",
+								DefaultPort: 9900,
+							}},
+						},
+						Rbac: []rbacv1.PolicyRule{{
+							Verbs:     []string{"*"},
+							APIGroups: []string{"coordination.k8s.io"},
+							Resources: []string{"leases"},
+						}},
+						Deployment: Deployment{
+							Sidecars: []Sidecar{
+								{
+									Name: "gloo-agent",
+									Volumes: []v1.Volume{
+										{
+											Name: "agent-volume",
+											VolumeSource: v1.VolumeSource{
+												Secret: &v1.SecretVolumeSource{
+													SecretName: "agent-volume",
+												},
+											},
+										},
+										{
+											Name: "agent-volume-2",
+											VolumeSource: v1.VolumeSource{
+												Secret: &v1.SecretVolumeSource{
+													SecretName: "agent-volume",
+												},
+											},
+										},
+									},
+									Rbac: []rbacv1.PolicyRule{{
+										Verbs:     []string{"*"},
+										APIGroups: []string{"apiextensions.k8s.io"},
+										Resources: []string{"customresourcedefinitions"},
+									}},
+									Container: Container{
+										Image: Image{
+											Registry:   "gcr.io/gloo-mesh",
+											Repository: "gloo-mesh-agent",
+											Tag:        "0.0.1",
+										},
+									},
+									Service: Service{
+										Ports: []ServicePort{{
+											Name:        "grpc",
+											DefaultPort: 9977,
+										}},
+									},
+									EnableStatement: agentConditional,
+									ValuesPath:      "$.Values.glooAgent",
+								},
+							},
+							Container: Container{
+								Image: Image{
+									Registry:   "gcr.io/gloo-mesh",
+									Repository: "gloo-mesh-mgmt-server",
+									Tag:        "0.0.1",
+								},
+								VolumeMounts: []v1.VolumeMount{{
+									Name:      "license-keys",
+									MountPath: "/etc/gloo-mesh/license-keys",
+									ReadOnly:  true,
+								}},
+							},
+							Volumes: []v1.Volume{
+								{
+									Name: "license-keys",
+									VolumeSource: v1.VolumeSource{
+										Secret: &v1.SecretVolumeSource{
+											SecretName: "license-keys",
+										},
+									},
+								},
+							},
+						},
+					},
+					{
+						Name:                  "gloo-agent",
+						CustomEnableCondition: `and ($.Values.glooAgent.enabled) (not $.Values.glooAgent.runAsSidecar)`,
+					},
+				},
+			},
+			ManifestRoot: "codegen/test/chart/conditional-sidecar",
+		}
+
+		Expect(cmd.Execute()).NotTo(HaveOccurred(), "failed to execute command")
 
+		absPath, err := filepath.Abs("./test/chart/conditional-sidecar/templates/deployment.yaml")
+		Expect(err).NotTo(HaveOccurred(), "failed to get abs path")
+
+		deployment, err := os.ReadFile(absPath)
+		Expect(err).NotTo(HaveOccurred(), "failed to read deployment.yaml")
+
+		Expect(deployment).To(ContainSubstring(fmt.Sprintf("{{- if %s -}}", agentConditional)))
+		Expect(deployment).To(ContainSubstring(fmt.Sprintf("{{- if %s }}", "and ($.Values.glooAgent.enabled) (not $.Values.glooAgent.runAsSidecar)")))
+		Expect(deployment).To(ContainSubstring("name: agent-volume"))
+		Expect(deployment).To(ContainSubstring("{{ $glooAgent.ports.grpc }}"))
+	})
 	It("generates controller code and manifests for a proto file", func() {
 		cmd := &Command{
 			Groups: []Group{
@@ -1107,8 +1218,8 @@ var _ = Describe("Cmd", func() {
 			Chart: &Chart{
 				Operators: []Operator{
 					{
-						Name:             "painter",
-						EnabledDependsOn: []string{"test1", "test2"},
+						Name:                  "painter",
+						CustomEnableCondition: "and $painter.enabled $.Values.test1.enabled $.Values.test2.enabled",
 						Rbac: []rbacv1.PolicyRule{
 							{
 								Verbs: []string{"GET"},

codegen/model/chart.go

@@ -9,7 +9,7 @@ import (
 
 	"github.com/iancoleman/strcase"
 	"github.com/solo-io/skv2/codegen/doc"
-	v1 "k8s.io/api/core/v1"
+	corev1 "k8s.io/api/core/v1"
 	rbacv1 "k8s.io/api/rbac/v1"
 )
 
@@ -84,14 +84,15 @@ type Operator struct {
 	// Custom values to include at operator level
 	Values interface{}
 
-	// (Optional) If this operator depends on another operator being enabled,
-	// the name of the other operator can be included in this list. This operator
-	// will not be provisioned unless both are enabled (by having values.enabled = true)
-	EnabledDependsOn []string
-
 	// (Optional) If this operator should be applied to a namespace
 	// specified in a common value (e.g. "$Values.common.addonNamespace") specify the full value path here
 	NamespaceFromValuePath string
+
+	// Optional: if specified, the operator resources will be abled based on the
+	// condition specified in the enable statement.
+	//
+	// E.g: `and (.Values.operator.customValueA) (.Values.operator.customValueB)`
+	CustomEnableCondition string
 }
 
 func (o Operator) FormattedName() string {
@@ -108,7 +109,7 @@ type Deployment struct {
 	UseDaemonSet bool
 	Container
 	Sidecars                    []Sidecar
-	Volumes                     []v1.Volume
+	Volumes                     []corev1.Volume
 	CustomPodLabels             map[string]string
 	CustomPodAnnotations        map[string]string
 	CustomDeploymentLabels      map[string]string
@@ -119,25 +120,30 @@ type Deployment struct {
 type Container struct {
 	// not configurable via helm values
 	Args           []string
-	VolumeMounts   []v1.VolumeMount
-	ReadinessProbe *v1.Probe
-	LivenessProbe  *v1.Probe
+	VolumeMounts   []corev1.VolumeMount
+	ReadinessProbe *corev1.Probe
+	LivenessProbe  *corev1.Probe
 
 	Image           Image
-	Env             []v1.EnvVar
-	Resources       *v1.ResourceRequirements
-	SecurityContext *v1.SecurityContext
+	Env             []corev1.EnvVar
+	Resources       *corev1.ResourceRequirements
+	SecurityContext *corev1.SecurityContext
 }
 
 // sidecars require a container config and a unique name
 type Sidecar struct {
 	Container
-	Name string
+	Service
+	Rbac            []rbacv1.PolicyRule
+	Volumes         []corev1.Volume
+	Name            string
+	EnableStatement string `json:"enableStatement,omitempty" yaml:"enableStatement,omitempty"` // Optional: if specified, the operator resources will be abled based on the condition specified in the enable statement.
+	ValuesPath      string `json:"valuesPath,omitempty" yaml:"valuesPath,omitempty"`           // Override for values path in generated yaml.
 }
 
 // values for struct template
 type Service struct {
-	Type              v1.ServiceType
+	Type              corev1.ServiceType
 	Ports             []ServicePort
 	CustomLabels      map[string]string
 	CustomAnnotations map[string]string
@@ -192,6 +198,11 @@ func (c Chart) BuildChartValues() values.UserHelmValues {
 		}
 		sidecars := map[string]values.UserContainerValues{}
 		for _, sidecar := range operator.Deployment.Sidecars {
+			// Note: We don't want to render docs for conditional sidecars
+			if sidecar.ValuesPath != "" {
+				continue
+			}
+
 			sidecars[strcase.ToLowerCamel(sidecar.Name)] = makeContainerDocs(sidecar.Container)
 		}
 

codegen/render/funcs.go

@@ -14,7 +14,9 @@ import (
 	"github.com/solo-io/skv2/codegen/model/values"
 	"github.com/solo-io/skv2/codegen/util/stringutils"
 	"google.golang.org/protobuf/types/known/structpb"
-	v1 "k8s.io/api/core/v1"
+	corev1 "k8s.io/api/core/v1"
+	rbacv1 "k8s.io/api/rbac/v1"
+	apiextv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
 	"k8s.io/apimachinery/pkg/api/resource"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/util/intstr"
@@ -129,8 +131,16 @@ func makeTemplateFuncs(customFuncs template.FuncMap) template.FuncMap {
 		},
 
 		"containerConfigs": containerConfigs,
+		"toListItem":       toListItem,
+		"opVar":            opVar,
 
-		"opVar": opVar,
+		"render_outer_conditional_crd_template": func(crd apiextv1.CustomResourceDefinition, currentVersion string, skips map[string]bool) bool {
+			return len(crd.Spec.Versions) < 2 && strings.Contains(currentVersion, "alpha") && !skips[crd.Spec.Group+"/"+currentVersion]
+		},
+
+		"render_inner_conditional_crd_template": func(crd apiextv1.CustomResourceDefinition, currentVersion string, skips map[string]bool) bool {
+			return len(crd.Spec.Versions) > 1 && strings.Contains(currentVersion, "alpha") && !skips[crd.Spec.Group+"/"+currentVersion]
+		},
 	}
 
 	for k, v := range skv2Funcs {
@@ -144,10 +154,18 @@ func makeTemplateFuncs(customFuncs template.FuncMap) template.FuncMap {
 	return f
 }
 
+func toListItem(item interface{}) []interface{} {
+	return []interface{}{item}
+}
+
 type containerConfig struct {
 	model.Container
-	Name      string
-	ValuesVar string
+	model.Service
+	Rbac            []rbacv1.PolicyRule
+	Volumes         []corev1.Volume
+	Name            string
+	ValuesVar       string
+	EnableStatement string
 }
 
 func containerConfigs(op model.Operator) []containerConfig {
@@ -159,11 +177,21 @@ func containerConfigs(op model.Operator) []containerConfig {
 	}}
 
 	for _, sidecar := range op.Deployment.Sidecars {
-		configs = append(configs, containerConfig{
-			Container: sidecar.Container,
-			Name:      sidecar.Name,
-			ValuesVar: valuesVar + ".sidecars." + strcase.ToLowerCamel(sidecar.Name),
-		})
+		config := containerConfig{
+			EnableStatement: sidecar.EnableStatement, // Change this to base name of operator e.g: $.Values.glooAgent.X
+			Rbac:            sidecar.Rbac,
+			Volumes:         sidecar.Volumes,
+			Service:         sidecar.Service,
+			Container:       sidecar.Container,
+			Name:            sidecar.Name,
+			ValuesVar:       valuesVar + ".sidecars." + strcase.ToLowerCamel(sidecar.Name),
+		}
+
+		if sidecar.ValuesPath != "" {
+			config.ValuesVar = sidecar.ValuesPath
+		}
+
+		configs = append(configs, config)
 	}
 
 	return configs
@@ -719,7 +747,7 @@ func createCustomTypeMapper(values values.UserHelmValues) customTypeMapper {
 			}
 		},
 
-		reflect.TypeOf(v1.SecurityContext{}): func(t reflect.Type, defaultSchema *jsonschema.Schema) *jsonschema.Schema {
+		reflect.TypeOf(corev1.SecurityContext{}): func(t reflect.Type, defaultSchema *jsonschema.Schema) *jsonschema.Schema {
 			return &jsonschema.Schema{
 				AnyOf: []*jsonschema.Schema{
 					defaultSchema,