feat: setup dev-env

.envrc.dist

@@ -0,0 +1 @@
+use asdf

.gitignore

@@ -0,0 +1,14 @@
+.envrc
+.helm/
+.idea/
+.netrc
+.vscode/
+configs/certs
+!configs/certs/.gitkeep
+configs/kubeconfig
+configs/kubernetes-manifests/*-tls.yaml
+packages/
+repositories/
+tilt_config.json
+tilt_modules
+.kubeconfig

.tool-versions

@@ -0,0 +1,10 @@
+ctlptl 0.8.18
+helm 3.11.3
+jq 1.6
+kind 0.18.0
+kubectl 1.27.1
+make 4.4.1
+mkcert 1.4.4
+shellcheck 0.9.0
+tilt 0.32.3
+yq 4.33.3

Makefile

@@ -0,0 +1,179 @@
+ROOT_DIR := $(shell dirname $(realpath $(firstword $(MAKEFILE_LIST))))
+SHELL := /bin/bash
+PROJECT_NAME := kube-apiserver-proxy
+
+.DEFAULT_GOAL := help
+
+# ----------------------------------------------------------------------------------------------------------------------
+# Private variables
+# ----------------------------------------------------------------------------------------------------------------------
+
+_DOCKER_FILELINT_IMAGE=cytopia/file-lint:latest-0.8
+_DOCKER_HADOLINT_IMAGE=hadolint/hadolint:v2.12.0
+_DOCKER_JSONLINT_IMAGE=cytopia/jsonlint:1.6
+_DOCKER_MAKEFILELINT_IMAGE=cytopia/checkmake:latest-0.5
+_DOCKER_MARKDOWNLINT_IMAGE=davidanson/markdownlint-cli2:v0.6.0
+_DOCKER_SHELLCHECK_IMAGE=koalaman/shellcheck-alpine:v0.9.0
+_DOCKER_SHFMT_IMAGE=mvdan/shfmt:v3-alpine
+_DOCKER_YAMLLINT_IMAGE=cytopia/yamllint:1
+
+# TODO: replace this image with a kube-apiserver-proxy-specific one
+_DOCKER_TOOLS_IMAGE=omissis/go-jsonschema:tools-latest
+
+_PROJECT_DIRECTORY=$(dir $(realpath $(firstword $(MAKEFILE_LIST))))
+
+# ----------------------------------------------------------------------------------------------------------------------
+# Utility functions
+# ----------------------------------------------------------------------------------------------------------------------
+
+#1: docker image
+#2: script name
+define run-script-docker
+	@docker run --rm \
+		-v ${_PROJECT_DIRECTORY}:/data \
+		-w /data \
+		--entrypoint /bin/sh \
+		$(1) scripts/$(2).sh
+endef
+
+# check-variable-%: Check if the variable is defined.
+check-variable-%:
+	@[[ "${${*}}" ]] || (echo '*** Please define variable `${*}` ***' && exit 1)
+
+# ----------------------------------------------------------------------------------------------------------------------
+# Linting Targets
+# ----------------------------------------------------------------------------------------------------------------------
+
+.PHONY: lint lint-docker
+lint: lint-markdown lint-shell lint-yaml lint-dockerfile lint-makefile lint-json lint-file
+lint-docker: lint-markdown-docker lint-shell-docker lint-yaml-docker lint-dockerfile-docker lint-makefile-docker lint-json-docker lint-file-docker
+
+.PHONY: lint-markdown lint-markdown-docker
+lint-markdown:
+	@scripts/lint-markdown.sh
+
+lint-markdown-docker:
+	$(call run-script-docker,${_DOCKER_MARKDOWNLINT_IMAGE},lint-markdown)
+
+.PHONY: lint-shell lint-shell-docker
+lint-shell:
+	@scripts/lint-shell.sh
+
+lint-shell-docker:
+	$(call run-script-docker,${_DOCKER_SHELLCHECK_IMAGE},lint-shell)
+
+.PHONY: lint-yaml lint-yaml-docker
+lint-yaml:
+	@scripts/lint-yaml.sh
+
+lint-yaml-docker:
+	$(call run-script-docker,${_DOCKER_YAMLLINT_IMAGE},lint-yaml)
+
+.PHONY: lint-dockerfile lint-dockerfile-docker
+lint-dockerfile:
+	@scripts/lint-dockerfile.sh
+
+lint-dockerfile-docker:
+	$(call run-script-docker,${_DOCKER_HADOLINT_IMAGE},lint-dockerfile)
+
+.PHONY: lint-makefile lint-makefile-docker
+lint-makefile:
+	@scripts/lint-makefile.sh
+
+lint-makefile-docker:
+	$(call run-script-docker,${_DOCKER_MAKEFILELINT_IMAGE},lint-makefile)
+
+.PHONY: lint-json lint-json-docker
+lint-json:
+	@scripts/lint-json.sh
+
+lint-json-docker:
+	$(call run-script-docker,${_DOCKER_JSONLINT_IMAGE},lint-json)
+
+.PHONY: lint-file lint-file-docker
+lint-file:
+	@scripts/lint-file.sh
+
+lint-file-docker:
+	$(call run-script-docker,${_DOCKER_FILELINT_IMAGE},lint-file)
+
+# ----------------------------------------------------------------------------------------------------------------------
+# Formatting Targets
+# ----------------------------------------------------------------------------------------------------------------------
+
+.PHONY: format format-docker
+format: format-file format-shell format-markdown
+format-docker: format-file-docker format-shell-docker format-markdown-docker
+
+.PHONY: format-file format-file-docker
+format-file:
+	@scripts/format-file.sh
+
+format-file-docker:
+	$(call run-script-docker,${_DOCKER_FILELINT_IMAGE},format-file)
+
+.PHONY: format-markdown format-markdown-docker
+format-markdown:
+	@scripts/format-markdown.sh
+
+format-markdown-docker:
+	$(call run-script-docker,${_DOCKER_MARKDOWNLINT_IMAGE},format-markdown)
+
+.PHONY: format-shell format-shell-docker
+format-shell:
+	@scripts/format-shell.sh
+
+format-shell-docker:
+	$(call run-script-docker,${_DOCKER_SHFMT_IMAGE},format-shell)
+
+.PHONY: format-yaml format-yaml-docker
+
+format-yaml:
+	@scripts/format-yaml.sh
+
+format-yaml-docker: docker-tools
+	$(call run-script-docker,${_DOCKER_TOOLS_IMAGE},format-yaml)
+
+.PHONY: format-json format-json-docker
+
+format-json:
+	@scripts/format-json.sh
+
+format-json-docker: docker-tools
+	$(call run-script-docker,${_DOCKER_TOOLS_IMAGE},format-json)
+
+# -------------------------------------------------------------------------------------------------
+# Development Targets
+# -------------------------------------------------------------------------------------------------
+
+# dev-up: Start the local development environment with Tilt.
+# Use FORCE=1 to recreate the self-signed TLS certificates
+.PHONY: dev-up
+dev-up: check-variable-CLUSTER_VERSION
+	@./scripts/dev-up.sh $(CLUSTER_VERSION) $(FORCE)
+
+# dev-down: Tears down the local development environment.
+# Use FORCE=1 to delete local kind registry
+.PHONY: dev-down
+dev-down:
+	@./scripts/dev-down.sh $(FORCE)
+
+# dev-start: Resumes the local development environment.
+.PHONY: dev-start
+dev-start:
+	@./scripts/dev-start.sh
+
+# dev-stop: Pauses the local development environment.
+.PHONY: dev-stop
+dev-stop:
+	@./scripts/dev-stop.sh
+
+# Deploy ------------------------------------------------------------------------------------------
+
+# deploy-helm: Install or update deployment using helm
+.PHONY: deploy-helm
+deploy-helm: check-variable-IMAGE_TAG_NAME check-variable-CLUSTER_NAME check-variable-NAMESPACE
+	@helm upgrade -i ${PROJECT_NAME} helm_chart -f helm_chart/values.yaml \
+	 --namespace ${NAMESPACE} \
+	 --set image.repository=${PROJECT_NAME} \
+	 --set image.tag=${IMAGE_TAG_NAME}

README.md

@@ -0,0 +1,39 @@
+# Kubernetes Api Server Proxy
+
+This project is a proxy for the Kubernetes API server.
+
+It is designed to be used in a Kubernetes cluster to allow access to parts of the API server from outside the cluster in a convenient manner for other projects to use.
+
+## Development
+
+In order to start developing, it is recommended to install [asdf][asdf] and [direnv][direnv].
+Once those two tools are in place, you should copy the `.envrc.dist` file to `.envrc` and the `tilt_config.json.dist` file to `tilt_config.json`, and edit the latter's "workdir" value to point to the root of this project.
+Then, you can run `asdf install` to install the correct version of the required tools and `direnv allow` to load them within the context of this folder.
+Once that is done, you can run `make dev-up CLUSTER_VERSION=1.27.1` to startup a Kubernetes cluster for the project: this will spawn a Tilt.dev process, which in turn will start a Kubernetes cluster using [kind][kind] and deploy [ingress-nginx][ingress-nginx] and [metrics-server][metrics-server].
+
+In a nutshell:
+
+```shell
+# Step 1: copy the .envrc.dist and tilt_config.json.dist files
+cp .envrc.dist .envrc
+cp tilt_config.json.dist tilt_config.json
+
+# Step 2: Edit the workdir value in tilt_config.json to point to the root of this project
+
+# Step 3: Install asdf and direnv
+
+# Step 4: Install the dependencies
+asdf install
+
+# Step 5: Load the dependencies
+direnv allow
+
+# Step 6: start the development environment
+make dev-up CLUSTER_VERSION=1.27.1
+```
+
+[asdf]: https://asdf-vm.com/
+[direnv]: https://direnv.net/
+[kind]: https://kind.sigs.k8s.io/
+[ingress-nginx]: https://kubernetes.github.io/ingress-nginx/
+[metrics-server]: https://github.com/kubernetes-sigs/metrics-server

Tiltfile

@@ -0,0 +1,18 @@
+config.define_string("workdir")
+config.define_string_list("projects")
+config.define_string_list("services")
+
+parsed_config = config.parse()
+
+projects = parsed_config.get("projects", [])
+services = parsed_config.get("services", [])
+
+load_dynamic("./configs/tiltfiles/setup.tiltfile")
+
+path = parsed_config.get("workdir")
+
+for project in projects:
+  load_dynamic("%s/%s/Tiltfile" % (path, project))
+
+for service in services:
+  load_dynamic("./configs/tiltfiles/%s.tiltfile" % (service))

configs/dockerfiles/Dockerfile.ingress-nginx-controller

@@ -0,0 +1 @@
+FROM registry.k8s.io/ingress-nginx/controller:v1.7.0

configs/dockerfiles/Dockerfile.metrics-server

@@ -0,0 +1 @@
+FROM gcr.io/k8s-staging-metrics-server/metrics-server:v0.6.3

configs/helm-values/ingress-nginx.yaml

@@ -0,0 +1,13 @@
+---
+controller:
+  service:
+    type: NodePort
+    nodePorts:
+      http: 30080
+      https: 30443
+  admissionWebhooks:
+    enabled: false
+  image:
+    registry: docker.io/library
+    image: dev-ingress-nginx-controller
+    tag: 1.0.0

configs/kubernetes-manifests/ctlptl-registry.yml

@@ -0,0 +1,6 @@
+---
+apiVersion: ctlptl.dev/v1alpha1
+kind: Registry
+name: kube-apiserver-proxy-kind-registry
+port: 5005
+listenAddress: 127.0.0.1

configs/kubernetes-manifests/kind-config.yml

@@ -0,0 +1,17 @@
+---
+apiVersion: ctlptl.dev/v1alpha1
+kind: Cluster
+product: kind
+registry: kube-apiserver-proxy-kind-registry
+kindV1Alpha4Cluster:
+  name: kube-apiserver-proxy-kind
+  nodes:
+    - role: control-plane
+      image: kindest/node:v1.27.1
+      extraPortMappings:
+        - containerPort: 30080
+          hostPort: 80
+          protocol: TCP
+        - containerPort: 30443
+          hostPort: 443
+          protocol: TCP