Install v3 (#30)

* Move frontendconfig under global in dashboard-values

Signed-off-by: Jens Schneider <jens.schneider.ac@posteo.de>

* Create install v3 due to breaking change in dashboard configuration

Signed-off-by: Jens Schneider <jens.schneider.ac@posteo.de>

---------

Signed-off-by: Jens Schneider <jens.schneider.ac@posteo.de>

pkg/install/install.go

@@ -12,6 +12,7 @@ import (
 
 	installv1 "github.com/23technologies/23kectl/pkg/install/v1"
 	installv2 "github.com/23technologies/23kectl/pkg/install/v2"
+	installv3 "github.com/23technologies/23kectl/pkg/install/v3"
 )
 
 func Install(kubeconfig string, isDryRun bool) error {
@@ -32,6 +33,8 @@ func Install(kubeconfig string, isDryRun bool) error {
 		return installv2.Install(kubeconfig, isDryRun)
 	case "v2":
 		return installv2.Install(kubeconfig, isDryRun)
+	case "v3":
+		return installv3.Install(kubeconfig, isDryRun)
 	default:
 		return fmt.Errorf("your current version of 23kectl is too old to install the requested version. Please update 23kectl and try again")
 	}

pkg/install/v2/__embed__/config/config/dashboard-values.yaml

@@ -6,5 +6,6 @@ metadata:
 type: Opaque
 stringData:
   values.yaml: |
-    frontendConfig:
-      seedCandidateDeterminationStrategy: MinimalDistance
+    global:
+      frontendConfig:
+        seedCandidateDeterminationStrategy: MinimalDistance

pkg/install/v2/__fixture__/config/config/dashboard-values.yaml

@@ -6,5 +6,6 @@ metadata:
 type: Opaque
 stringData:
   values.yaml: |
-    frontendConfig:
-      seedCandidateDeterminationStrategy: MinimalDistance
+    global:
+      frontendConfig:
+        seedCandidateDeterminationStrategy: MinimalDistance

pkg/install/v3/__embed__/config/config/addons-values.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: addons-values
+  namespace: flux-system
+type: Opaque
+stringData:
+  values.yaml: |
+    backups:
+      enabled: {{ .BackupConfig.Enabled }}
+    vpa:
+      enabled: {{ .BaseCluster.HasVerticalPodAutoscaler | boolPtrIsTrue | not }}

pkg/install/v3/__embed__/config/config/cloudprofiles-values.yaml

@@ -0,0 +1,22 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: cloudprofiles-values
+  namespace: flux-system
+type: Opaque
+stringData:
+  values.yaml: |
+    global:
+      kubernetes:
+        versions:
+          1.24.12:
+            classification: preview
+      seedSelector:
+        enabled: true
+        selector:
+          providerTypes:
+            - {{ .BaseCluster.Provider }}
+{{ range .CloudProfiles }}
+    {{ . }}:
+      enabled: true
+{{- end }}

pkg/install/v3/__embed__/config/config/dashboard-values.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: dashboard-values
+  namespace: flux-system
+type: Opaque
+stringData:
+  values.yaml: |
+    global:
+      dashboard:
+        frontendConfig:
+          seedCandidateDeterminationStrategy: MinimalDistance

pkg/install/v3/__embed__/config/config/extensions-values.yaml

@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: extensions-values
+  namespace: flux-system
+type: Opaque
+stringData:
+  values.yaml: |
+    os-ubuntu:
+      enabled: true
+    os-gardenlinux:
+      enabled: true
+    networking-calico:
+      enabled: true
+    {{- nindent 4 (toYaml .ExtensionsConfig) }}

pkg/install/v3/__embed__/config/config/gardener-values.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: gardener-values
+  namespace: flux-system
+type: Opaque
+stringData:
+  values.yaml: |
+    global:
+      deployment:
+        virtualGarden:
+          clusterIP: {{ .Gardener.ClusterIP }}

pkg/install/v3/__embed__/config/config/gardenlet-values.yaml

@@ -0,0 +1,28 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: gardenlet-values
+  namespace: flux-system
+type: Opaque
+stringData:
+  values.yaml: |-
+    config:
+      seedConfig:
+        metadata:
+          name: initial-seed 
+        spec:
+          networks:
+            nodes: {{ .Gardenlet.SeedNodeCidr }}
+            pods: {{ .Gardenlet.SeedPodCidr }}
+            services: {{ .Gardenlet.SeedServiceCidr }}
+            shootDefaults:
+              pods: 100.100.0.0/16
+              services: 100.101.0.0/16
+          provider:
+            region: {{ .BaseCluster.Region }}
+            type: {{ .BaseCluster.Provider }}
+          settings:
+            excessCapacityReservation:
+              enabled: false
+            verticalPodAutoscaler:
+              enabled: {{ .BaseCluster.HasVerticalPodAutoscaler | boolPtrIsTrue | not }} 

pkg/install/v3/__embed__/config/config/identity-values.yaml

@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: identity-values
+  namespace: flux-system
+type: Opaque
+stringData:
+  values.yaml: |
+    staticPasswords:
+    - email: {{ .Admin.Email }}
+      hash: {{ .Admin.Password }}
+      username: "admin"
+      userID: "08a8684b-db88-4b73-90a9-3cd1661f5466"

pkg/install/v3/__embed__/config/config/kustomization.yaml

@@ -0,0 +1,12 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - addons-values.yaml
+  - cloudprofiles-values.yaml
+  - dashboard-values.yaml
+  - extensions-values.yaml
+  - gardener-values.yaml
+  - gardenlet-values.yaml
+#  - hr-terminal-controller-application.yaml
+#  - hr-terminal-controller-runtime.yaml
+  - identity-values.yaml

pkg/install/v3/__embed__/config/flux/23ke-env-config.yaml

@@ -0,0 +1,13 @@
+apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
+kind: Kustomization
+metadata:
+  name: 23ke-env-config
+  namespace: flux-system
+spec:
+  interval: 1m0s
+  sourceRef:
+    kind: GitRepository
+    name: 23ke-config
+  path: ./config/
+  prune: true
+  validation: client

pkg/install/v3/__embed__/config/flux/23ke-env-garden-content.yaml

@@ -0,0 +1,18 @@
+apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
+kind: Kustomization
+metadata:
+  name: 23ke-env-garden-content
+  namespace: flux-system
+spec:
+  kubeConfig:
+    secretRef:
+      name: gardener-internal-kubeconfig
+  interval: 1m0s
+  dependsOn:
+    - name: gardener
+  sourceRef:
+    kind: GitRepository
+    name: 23ke-config
+  path: ./garden-content/
+  prune: false
+  validation: none

pkg/install/v3/__embed__/config/garden-content/admin-clusterrolebinding.yaml

@@ -0,0 +1,12 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: dev-env-admin-full
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cluster-admin
+subjects:
+  - apiGroup: rbac.authorization.k8s.io
+    kind: User
+    name: {{ .Admin.Email }}

pkg/install/v3/__embed__/config/garden-content/kustomization.yaml

@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - admin-clusterrolebinding.yaml
+  - rbac.yaml
+  - project-dev.yaml

pkg/install/v3/__embed__/config/garden-content/project-dev.yaml

@@ -0,0 +1,22 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: garden-dev
+  labels:
+    gardener.cloud/role: project
+    project.gardener.cloud/name: dev
+  annotations:
+    namespace.gardener.cloud/keep-after-project-deletion: "true"
+---
+apiVersion: core.gardener.cloud/v1beta1
+kind: Project
+metadata:
+  name: dev
+spec:
+  owner:
+    apiGroup: rbac.authorization.k8s.io
+    kind: User
+    name: {{ .Admin.Email }}
+  members: []
+  namespace: garden-dev

pkg/install/v3/__embed__/config/garden-content/rbac.yaml

@@ -0,0 +1,80 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: dashboard.gardener.cloud:system:project-member
+  labels:
+    rbac.gardener.cloud/aggregate-to-project-member: "true"
+rules:
+  - apiGroups:
+      - dashboard.gardener.cloud
+    resources:
+      - terminals
+    verbs:
+      - create
+      - delete
+      - deletecollection
+      - get
+      - list
+      - patch
+      - update
+      - watch
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: gardener.cloud:system:seeds
+rules:
+  - apiGroups:
+      - '*'
+    resources:
+      - '*'
+    verbs:
+      - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: gardener.cloud:system:seeds
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: gardener.cloud:system:seeds
+subjects:
+  - kind: Group
+    name: gardener.cloud:system:seeds
+    apiGroup: rbac.authorization.k8s.io
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: gardener.cloud:system:seed-bootstrapper
+rules:
+  - apiGroups:
+      - certificates.k8s.io
+    resources:
+      - certificatesigningrequests
+    verbs:
+      - create
+      - get
+  - apiGroups:
+      - certificates.k8s.io
+    resources:
+      - certificatesigningrequests/seedclient
+    verbs:
+      - create
+---
+# A kubelet/gardenlet authenticating using bootstrap tokens is authenticated as
+# a user in the group system:bootstrappers
+# Allows the Gardenlet to create a CSR
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: gardener.cloud:system:seed-bootstrapper
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: gardener.cloud:system:seed-bootstrapper
+subjects:
+  - kind: Group
+    name: system:bootstrappers
+    apiGroup: rbac.authorization.k8s.io

pkg/install/v3/__embed__/config/kustomization.yaml

@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - flux/23ke-env-config.yaml
+  - flux/23ke-env-garden-content.yaml

pkg/install/v3/__fixture__/config/config/addons-values.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: addons-values
+  namespace: flux-system
+type: Opaque
+stringData:
+  values.yaml: |
+    backups:
+      enabled: true
+    vpa:
+      enabled: true

pkg/install/v3/__fixture__/config/config/cloudprofiles-values.yaml

@@ -0,0 +1,23 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: cloudprofiles-values
+  namespace: flux-system
+type: Opaque
+stringData:
+  values.yaml: |
+    global:
+      kubernetes:
+        versions:
+          1.24.12:
+            classification: preview
+      seedSelector:
+        enabled: true
+        selector:
+          providerTypes:
+            - hcloud
+
+    hcloud:
+      enabled: true
+    regiocloud:
+      enabled: true

pkg/install/v3/__fixture__/config/config/dashboard-values.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: dashboard-values
+  namespace: flux-system
+type: Opaque
+stringData:
+  values.yaml: |
+    global:
+      dashboard:
+        frontendConfig:
+          seedCandidateDeterminationStrategy: MinimalDistance