aws mock & envtest suite

components/kcp/Makefile

@@ -62,7 +62,7 @@ vet: ## Run go vet against code.
 
 .PHONY: test
 test: manifests generate fmt vet envtest ## Run tests.
-	KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) --bin-dir $(LOCALBIN) -p path)" go test ./... -coverprofile cover.out
+	ENVTEST_K8S_VERSION="$(ENVTEST_K8S_VERSION)" PROJECTROOT="$(PROJECTROOT)" KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) --bin-dir $(LOCALBIN) -p path)" go test ./... -v -coverprofile cover.out
 
 GOLANGCI_LINT = $(shell pwd)/bin/golangci-lint
 GOLANGCI_LINT_VERSION ?= v1.54.2
@@ -143,6 +143,8 @@ undeploy: ## Undeploy controller from the K8s cluster specified in ~/.kube/confi
 
 ##@ Build Dependencies
 
+PROJECTROOT ?= $(shell pwd)
+
 ## Location to install dependencies to
 LOCALBIN ?= $(shell pwd)/bin
 $(LOCALBIN):

components/kcp/cmd/main.go

@@ -19,28 +19,14 @@ package main
 import (
 	"flag"
 	"fmt"
-	"os"
-
-	kcpscope "github.com/kyma-project/cloud-manager/components/kcp/pkg/kcp/scope"
 	scopeclient "github.com/kyma-project/cloud-manager/components/kcp/pkg/kcp/scope/client"
-
-	"github.com/kyma-project/cloud-manager/components/kcp/pkg/common/abstractions"
-	"github.com/kyma-project/cloud-manager/components/kcp/pkg/common/actions/focal"
-	"github.com/kyma-project/cloud-manager/components/kcp/pkg/iprange"
-	"github.com/kyma-project/cloud-manager/components/kcp/pkg/nfsinstance"
-	awsiprange "github.com/kyma-project/cloud-manager/components/kcp/pkg/provider/aws/iprange"
 	awsiprangeclient "github.com/kyma-project/cloud-manager/components/kcp/pkg/provider/aws/iprange/client"
-	awsnfsinstance "github.com/kyma-project/cloud-manager/components/kcp/pkg/provider/aws/nfsinstance"
 	awsnfsinstanceclient "github.com/kyma-project/cloud-manager/components/kcp/pkg/provider/aws/nfsinstance/client"
-	azureiprange "github.com/kyma-project/cloud-manager/components/kcp/pkg/provider/azure/iprange"
-	azurenfsinstance "github.com/kyma-project/cloud-manager/components/kcp/pkg/provider/azure/nfsinstance"
-	gcpiprange "github.com/kyma-project/cloud-manager/components/kcp/pkg/provider/gcp/iprange"
 	gcpiprangeclient "github.com/kyma-project/cloud-manager/components/kcp/pkg/provider/gcp/iprange/client"
-	gcpnfsinstance "github.com/kyma-project/cloud-manager/components/kcp/pkg/provider/gcp/nfsinstance"
 	gcpFilestoreClient "github.com/kyma-project/cloud-manager/components/kcp/pkg/provider/gcp/nfsinstance/client"
-	skrruntime "github.com/kyma-project/cloud-manager/components/kcp/pkg/skr/runtime"
-	"github.com/kyma-project/cloud-manager/components/lib/composed"
+	"os"
 
+	skrruntime "github.com/kyma-project/cloud-manager/components/kcp/pkg/skr/runtime"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 
 	// Import all Kubernetes client auth plugins (e.g. Azure, GCP, OIDC, etc.)
@@ -72,6 +58,7 @@ func init() {
 	utilruntime.Must(clientgoscheme.AddToScheme(kcpScheme))
 	utilruntime.Must(cloudcontrolv1beta1.AddToScheme(kcpScheme))
 
+	utilruntime.Must(clientgoscheme.AddToScheme(skrScheme))
 	utilruntime.Must(cloudresourcesv1beta1.AddToScheme(skrScheme))
 	//+kubebuilder:scaffold:scheme
 }
@@ -125,6 +112,7 @@ func main() {
 	}
 
 	skrRegistry := skrruntime.NewRegistry(skrScheme)
+	skrLoop := skrruntime.NewLooper(mgr, skrScheme, skrRegistry, mgr.GetLogger())
 
 	// SKR Controllers
 	if err = cloudresourcescontroller.SetupCloudResourcesReconciler(skrRegistry); err != nil {
@@ -145,44 +133,28 @@ func main() {
 	}
 
 	// KCP Controllers
-	if err = (&cloudcontrolcontroller.ScopeReconciler{
-		Reconciler: kcpscope.NewScopeReconciler(kcpscope.NewStateFactory(
-			composed.NewStateFactory(composed.NewStateClusterFromManager(mgr)),
-			abstractions.NewFileReader(),
-			scopeclient.NewAwsStsGardenClientProvider(),
-		)),
-	}).SetupWithManager(mgr); err != nil {
+	if err = cloudcontrolcontroller.SetupScopeReconciler(mgr, scopeclient.NewAwsStsGardenClientProvider(), skrLoop); err != nil {
 		setupLog.Error(err, "unable to create controller", "controller", "Scope")
 		os.Exit(1)
 	}
-	if err = (&cloudcontrolcontroller.NfsInstanceReconciler{
-		Reconciler: nfsinstance.NewNfsInstanceReconciler(
-			composed.NewStateFactory(composed.NewStateClusterFromManager(mgr)),
-			focal.NewStateFactory(),
-			awsnfsinstance.NewStateFactory(awsnfsinstanceclient.NewClientProvider(), abstractions.NewOSEnvironment()),
-			azurenfsinstance.NewStateFactory(),
-			gcpnfsinstance.NewStateFactory(gcpFilestoreClient.NewFilestoreClient(), abstractions.NewOSEnvironment()),
-		),
-	}).SetupWithManager(mgr); err != nil {
+	if err = cloudcontrolcontroller.SetupNfsInstanceReconciler(
+		mgr,
+		awsnfsinstanceclient.NewClientProvider(),
+		gcpFilestoreClient.NewFilestoreClient(),
+	); err != nil {
 		setupLog.Error(err, "unable to create controller", "controller", "NfsInstance")
 		os.Exit(1)
 	}
-	if err = (&cloudcontrolcontroller.VpcPeeringReconciler{
-		Client: mgr.GetClient(),
-		Scheme: mgr.GetScheme(),
-	}).SetupWithManager(mgr); err != nil {
+	if err = cloudcontrolcontroller.SetupVpcPeeringReconciler(mgr); err != nil {
 		setupLog.Error(err, "unable to create controller", "controller", "VpcPeering")
 		os.Exit(1)
 	}
-	if err = (&cloudcontrolcontroller.IpRangeReconciler{
-		Reconciler: iprange.NewIPRangeReconciler(
-			composed.NewStateFactory(composed.NewStateClusterFromManager(mgr)),
-			focal.NewStateFactory(),
-			awsiprange.NewStateFactory(awsiprangeclient.NewClientProvider(), abstractions.NewOSEnvironment()),
-			azureiprange.NewStateFactory(nil),
-			gcpiprange.NewStateFactory(gcpiprangeclient.NewServiceNetworkingClient(), gcpiprangeclient.NewComputeClient(), abstractions.NewOSEnvironment()),
-		),
-	}).SetupWithManager(mgr); err != nil {
+	if err = cloudcontrolcontroller.SetupIpRangeReconciler(
+		mgr,
+		awsiprangeclient.NewClientProvider(),
+		gcpiprangeclient.NewServiceNetworkingClient(),
+		gcpiprangeclient.NewComputeClient(),
+	); err != nil {
 		setupLog.Error(err, "unable to create controller", "controller", "IpRange")
 		os.Exit(1)
 	}
@@ -197,7 +169,6 @@ func main() {
 		os.Exit(1)
 	}
 
-	skrLoop := skrruntime.NewLooper(mgr, skrScheme, skrRegistry, mgr.GetLogger())
 	//skrLoop.AddKymaName("dffb0722-a18c-11ee-8c90-0242ac120002")
 	//skrLoop.AddKymaName("134c0a3c-873d-436a-81c3-9b830a27b73a")
 	//skrLoop.AddKymaName("264bb633-80f7-455b-83b2-f86630a57635")

components/kcp/config/crd/gardener/core.gardener.cloud_secretbindings.yaml

@@ -0,0 +1,129 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.13.0
+  name: secretbindings.core.gardener.cloud
+spec:
+  group: core.gardener.cloud
+  names:
+    kind: SecretBinding
+    listKind: SecretBindingList
+    plural: secretbindings
+    singular: secretbinding
+  scope: Namespaced
+  versions:
+  - name: v1beta1
+    schema:
+      openAPIV3Schema:
+        description: SecretBinding represents a binding to a secret in the same or
+          another namespace.
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          provider:
+            description: Provider defines the provider type of the SecretBinding.
+              This field is immutable.
+            properties:
+              type:
+                description: "Type is the type of the provider. \n For backwards compatibility,
+                  the field can contain multiple providers separated by a comma. However
+                  the usage of single SecretBinding (hence Secret) for different cloud
+                  providers is strongly discouraged."
+                type: string
+            required:
+            - type
+            type: object
+          quotas:
+            description: Quotas is a list of references to Quota objects in the same
+              or another namespace. This field is immutable.
+            items:
+              description: "ObjectReference contains enough information to let you
+                inspect or modify the referred object. --- New uses of this type are
+                discouraged because of difficulty describing its usage when embedded
+                in APIs. 1. Ignored fields.  It includes many fields which are not
+                generally honored.  For instance, ResourceVersion and FieldPath are
+                both very rarely valid in actual usage. 2. Invalid usage help.  It
+                is impossible to add specific help for individual usage.  In most
+                embedded usages, there are particular restrictions like, \"must refer
+                only to types A and B\" or \"UID not honored\" or \"name must be restricted\".
+                Those cannot be well described when embedded. 3. Inconsistent validation.
+                \ Because the usages are different, the validation rules are different
+                by usage, which makes it hard for users to predict what will happen.
+                4. The fields are both imprecise and overly precise.  Kind is not
+                a precise mapping to a URL. This can produce ambiguity during interpretation
+                and require a REST mapping.  In most cases, the dependency is on the
+                group,resource tuple and the version of the actual struct is irrelevant.
+                5. We cannot easily change it.  Because this type is embedded in many
+                locations, updates to this type will affect numerous schemas.  Don't
+                make new APIs embed an underspecified API type they do not control.
+                \n Instead of using this type, create a locally provided and used
+                type that is well-focused on your reference. For example, ServiceReferences
+                for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533
+                ."
+              properties:
+                apiVersion:
+                  description: API version of the referent.
+                  type: string
+                fieldPath:
+                  description: 'If referring to a piece of an object instead of an
+                    entire object, this string should contain a valid JSON/Go field
+                    access statement, such as desiredState.manifest.containers[2].
+                    For example, if the object reference is to a container within
+                    a pod, this would take on a value like: "spec.containers{name}"
+                    (where "name" refers to the name of the container that triggered
+                    the event) or if no container name is specified "spec.containers[2]"
+                    (container with index 2 in this pod). This syntax is chosen only
+                    to have some well-defined way of referencing a part of an object.
+                    TODO: this design is not final and this field is subject to change
+                    in the future.'
+                  type: string
+                kind:
+                  description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+                  type: string
+                name:
+                  description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+                  type: string
+                namespace:
+                  description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
+                  type: string
+                resourceVersion:
+                  description: 'Specific resourceVersion to which this reference is
+                    made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
+                  type: string
+                uid:
+                  description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
+                  type: string
+              type: object
+              x-kubernetes-map-type: atomic
+            type: array
+          secretRef:
+            description: SecretRef is a reference to a secret object in the same or
+              another namespace. This field is immutable.
+            properties:
+              name:
+                description: name is unique within a namespace to reference a secret
+                  resource.
+                type: string
+              namespace:
+                description: namespace defines the space within which the secret name
+                  must be unique.
+                type: string
+            type: object
+            x-kubernetes-map-type: atomic
+        required:
+        - secretRef
+        type: object
+    served: true
+    storage: true