Feat: Support retrieving modules in private git repo through SSH (#349)

kubevela · Dec 9, 2022 · 841b0d1 · 841b0d1
1 parent 55fd92e
commit 841b0d1
Show file tree

Hide file tree

Showing 19 changed files with 668 additions and 55 deletions.
diff --git a/.gitignore b/.gitignore
@@ -30,3 +30,6 @@ terraform-controller-*
 examples/tf-native/alibaba/cs/kubeconfig
 
 bin/manager
+
+# Secret for git server 
+examples/git-credentials/git-ssh-auth-secret.yaml
diff --git a/.golangci.yml b/.golangci.yml
@@ -44,7 +44,7 @@ linters-settings:
 
   gocyclo:
     # minimal code complexity to report, 30 by default (but we recommend 10-20)
-    min-complexity: 30
+    min-complexity: 32
 
   maligned:
     # print struct with more effective memory layout or not, false by default
@@ -179,6 +179,14 @@ issues:
       linters:
         - revive
 
+    - text: "package-comments:"
+      linters:
+        - revive
+
+    - text: "exported:"
+      linters:
+        - revive
+
   # Independently from option `exclude` we use default exclude patterns,
   # it can be disabled by this option. To list all
   # excluded by default patterns execute `golangci-lint run --help`.

diff --git a/Makefile b/Makefile
@@ -90,7 +90,7 @@ else
 CONTROLLER_GEN=$(shell which controller-gen)
 endif
 
-GOLANGCILINT_VERSION ?= v1.38.0
+GOLANGCILINT_VERSION ?= v1.50.1
 HOSTOS := $(shell uname -s | tr '[:upper:]' '[:lower:]')
 HOSTARCH := $(shell uname -m)
 ifeq ($(HOSTARCH),x86_64)

diff --git a/api/types/state.go b/api/types/state.go
@@ -34,6 +34,7 @@ const (
 	GeneratingOutputs                    ConfigurationState = "GeneratingTerraformOutputs"
 	InvalidRegion                        ConfigurationState = "InvalidRegion"
 	TerraformInitError                   ConfigurationState = "TerraformInitError"
+	InvalidGitCredentialsSecretReference ConfigurationState = "InvalidGitCredentialsSecretReference"
 )
 
 // Stage is the Terraform stage

diff --git a/api/v1beta1/configuration_types.go b/api/v1beta1/configuration_types.go
@@ -17,6 +17,7 @@ limitations under the License.
 package v1beta1
 
 import (
+	v1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 
@@ -47,6 +48,9 @@ type ConfigurationSpec struct {
 	Path string `json:"path,omitempty"`
 
 	BaseConfigurationSpec `json:",inline"`
+
+	// GitCredentialsSecretReference specifies the reference to the secret containing the git credentials
+	GitCredentialsSecretReference *v1.SecretReference `json:"gitCredentialsSecretReference,omitempty"`
 }
 
 // BaseConfigurationSpec defines the common fields of a ConfigurationSpec
@@ -113,6 +117,7 @@ type Backend struct {
 // +kubebuilder:subresource:status
 // +kubebuilder:printcolumn:name="STATE",type="string",JSONPath=".status.apply.state"
 // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp"
+// +kubebuilder:resource:shortName={conf,terraform-conf}
 type Configuration struct {
 	metav1.TypeMeta   `json:",inline"`
 	metav1.ObjectMeta `json:"metadata,omitempty"`

diff --git a/api/v1beta1/zz_generated.deepcopy.go b/api/v1beta1/zz_generated.deepcopy.go
diff --git a/api/v1beta2/configuration_types.go b/api/v1beta2/configuration_types.go
@@ -17,6 +17,7 @@ limitations under the License.
 package v1beta2
 
 import (
+	v1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 
@@ -75,6 +76,9 @@ type ConfigurationSpec struct {
 	// ForceDelete will force delete Configuration no matter which state it is or whether it has provisioned some resources
 	// It will help delete Configuration in unexpected cases.
 	ForceDelete *bool `json:"forceDelete,omitempty"`
+
+	// GitCredentialsSecretReference specifies the reference to the secret containing the git credentials
+	GitCredentialsSecretReference *v1.SecretReference `json:"gitCredentialsSecretReference,omitempty"`
 }
 
 // ConfigurationStatus defines the observed state of Configuration
@@ -150,7 +154,7 @@ type S3BackendConf struct {
 // +kubebuilder:object:root=true
 
 // Configuration is the Schema for the configurations API
-//+kubebuilder:storageversion
+// +kubebuilder:storageversion
 // +kubebuilder:subresource:status
 // +kubebuilder:printcolumn:name="STATE",type="string",JSONPath=".status.apply.state"
 // +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp"

diff --git a/api/v1beta2/zz_generated.deepcopy.go b/api/v1beta2/zz_generated.deepcopy.go
diff --git a/chart/crds/terraform.core.oam.dev_configurations.yaml b/chart/crds/terraform.core.oam.dev_configurations.yaml
@@ -13,6 +13,9 @@ spec:
     kind: Configuration
     listKind: ConfigurationList
     plural: configurations
+    shortNames:
+    - conf
+    - terraform-conf
     singular: configuration
   scope: Namespaced
   versions:
@@ -68,6 +71,19 @@ spec:
                 description: DeleteResource will determine whether provisioned cloud
                   resources will be deleted when CR is deleted
                 type: boolean
+              gitCredentialsSecretReference:
+                description: GitCredentialsSecretReference specifies the reference
+                  to the secret containing the git credentials
+                properties:
+                  name:
+                    description: Name is unique within a namespace to reference a
+                      secret resource.
+                    type: string
+                  namespace:
+                    description: Namespace defines the space within which the secret
+                      name must be unique.
+                    type: string
+                type: object
               hcl:
                 description: HCL is the Terraform HCL type configuration
                 type: string
@@ -187,6 +203,9 @@ spec:
           spec:
             description: ConfigurationSpec defines the desired state of Configuration
             properties:
+              JobEnv:
+                type: object
+                x-kubernetes-preserve-unknown-fields: true
               backend:
                 description: 'Backend describes the Terraform backend configuration.
                   This field is needed if the users use a git repo to provide the
@@ -256,6 +275,19 @@ spec:
                   which state it is or whether it has provisioned some resources It
                   will help delete Configuration in unexpected cases.
                 type: boolean
+              gitCredentialsSecretReference:
+                description: GitCredentialsSecretReference specifies the reference
+                  to the secret containing the git credentials
+                properties:
+                  name:
+                    description: Name is unique within a namespace to reference a
+                      secret resource.
+                    type: string
+                  namespace:
+                    description: Namespace defines the space within which the secret
+                      name must be unique.
+                    type: string
+                type: object
               hcl:
                 description: HCL is the Terraform HCL type configuration
                 type: string
@@ -282,9 +314,6 @@ spec:
                 required:
                 - name
                 type: object
-              JobEnv:
-                type: object
-                x-kubernetes-preserve-unknown-fields: true
               remote:
                 description: Remote is a git repo which contains hcl files. Currently,
                   only public git repos are supported.