add render package

Signed-off-by: Per Goncalves da Silva <[email protected]>

Author: Per Goncalves da Silva

internal/operator-controller/rukpak/convert/render/generate.go

@@ -0,0 +1,165 @@
+package render
+
+import (
+    "fmt"
+    "github.com/operator-framework/operator-controller/internal/operator-controller/rukpak/convert"
+    "github.com/operator-framework/operator-controller/internal/operator-controller/rukpak/util"
+    registrybundle "github.com/operator-framework/operator-registry/pkg/lib/bundle"
+    corev1 "k8s.io/api/core/v1"
+    rbacv1 "k8s.io/api/rbac/v1"
+    "k8s.io/apimachinery/pkg/util/sets"
+    "k8s.io/utils/ptr"
+    "sigs.k8s.io/controller-runtime/pkg/client"
+    "strings"
+)
+
+type Options struct {
+    InstallNamespace    string
+    TargetNamespaces    []string
+    UniqueNameGenerator func(string, interface{}) (string, error)
+}
+
+type ResourceGenerator func(rv1 *convert.RegistryV1, opts Options) ([]client.Object, error)
+
+func (g ResourceGenerator) GenerateResources(rv1 *convert.RegistryV1, opts Options) ([]client.Object, error) {
+    return g(rv1, opts)
+}
+
+func ChainedResourceGenerator(resourceGenerators ...ResourceGenerator) ResourceGenerator {
+    return func(rv1 *convert.RegistryV1, opts Options) ([]client.Object, error) {
+        var renderedObjects []client.Object
+        for _, generator := range resourceGenerators {
+            objs, err := generator(rv1, opts)
+            if err != nil {
+                return nil, err
+            }
+            renderedObjects = append(renderedObjects, objs...)
+        }
+        return renderedObjects, nil
+    }
+}
+
+func BundleDeploymentGenerator(rv1 *convert.RegistryV1, opts Options) ([]client.Object, error) {
+    var objs []client.Object
+    for _, depSpec := range rv1.CSV.Spec.InstallStrategy.StrategySpec.DeploymentSpecs {
+        annotations := util.MergeMaps(rv1.CSV.Annotations, depSpec.Spec.Template.Annotations)
+        annotations["olm.targetNamespaces"] = strings.Join(opts.TargetNamespaces, ",")
+        depSpec.Spec.Template.Annotations = annotations
+
+        // Hardcode the deployment with RevisionHistoryLimit=1 (something OLMv0 does, not sure why)
+        depSpec.Spec.RevisionHistoryLimit = ptr.To(int32(1))
+
+        objs = append(objs,
+            GenerateDeploymentResource(
+                depSpec.Name,
+                opts.InstallNamespace,
+                WithDeploymentSpec(depSpec.Spec),
+                WithLabels(depSpec.Label),
+            ),
+        )
+    }
+    return objs, nil
+}
+
+func BundlePermissionsGenerator(rv1 *convert.RegistryV1, opts Options) ([]client.Object, error) {
+    permissions := rv1.CSV.Spec.InstallStrategy.StrategySpec.Permissions
+    clusterPermissions := rv1.CSV.Spec.InstallStrategy.StrategySpec.ClusterPermissions
+
+    // If we're in AllNamespaces mode, promote the permissions to clusterPermissions
+    if len(opts.TargetNamespaces) == 1 && opts.TargetNamespaces[0] == "" {
+        for _, p := range permissions {
+            p.Rules = append(p.Rules, rbacv1.PolicyRule{
+                Verbs:     []string{"get", "list", "watch"},
+                APIGroups: []string{corev1.GroupName},
+                Resources: []string{"namespaces"},
+            })
+            clusterPermissions = append(clusterPermissions, p)
+        }
+        permissions = nil
+    }
+
+    var objs []client.Object
+    serviceAccountNames := sets.Set[string]{}
+    for _, ns := range opts.TargetNamespaces {
+        for _, permission := range permissions {
+            saName := saNameOrDefault(permission.ServiceAccountName)
+            name, err := opts.UniqueNameGenerator(fmt.Sprintf("%s-%s", rv1.CSV.Name, saName), permission)
+            if err != nil {
+                return nil, err
+            }
+
+            objs = append(objs,
+                GenerateRoleResource(name, ns, WithRules(permission.Rules...)),
+                GenerateRoleBindingResource(
+                    name,
+                    ns,
+                    WithSubjects(rbacv1.Subject{Kind: "ServiceAccount", Namespace: ns, Name: saName}),
+                    WithRoleRef(rbacv1.RoleRef{APIGroup: rbacv1.GroupName, Kind: "Role", Name: name}),
+                ),
+            )
+
+            serviceAccountNames.Insert(saName)
+        }
+    }
+
+    for _, permission := range clusterPermissions {
+        saName := saNameOrDefault(permission.ServiceAccountName)
+        name, err := opts.UniqueNameGenerator(fmt.Sprintf("%s-%s", rv1.CSV.Name, saName), permission)
+        if err != nil {
+            return nil, err
+        }
+        objs = append(objs,
+            GenerateClusterRoleResource(name, WithRules(permission.Rules...)),
+            GenerateClusterRoleBindingResource(
+                name,
+                WithSubjects(rbacv1.Subject{Kind: "ServiceAccount", Namespace: opts.InstallNamespace, Name: saName}),
+                WithRoleRef(rbacv1.RoleRef{APIGroup: rbacv1.GroupName, Kind: "ClusterRole", Name: name}),
+            ),
+        )
+
+        serviceAccountNames.Insert(saName)
+    }
+
+    for _, serviceAccountName := range serviceAccountNames.UnsortedList() {
+        // no need to generate the default service account
+        if serviceAccountName != "default" {
+            objs = append(objs, GenerateServiceAccountResource(serviceAccountName, opts.InstallNamespace))
+        }
+    }
+
+    return objs, nil
+}
+
+func BundleCRDGenerator(rv1 *convert.RegistryV1, _ Options) ([]client.Object, error) {
+    var objs []client.Object
+    for _, crd := range rv1.CRDs {
+        objs = append(objs, crd.DeepCopy())
+    }
+    return objs, nil
+}
+
+func BundleResourceGenerator(rv1 *convert.RegistryV1, _ Options) ([]client.Object, error) {
+    var objs []client.Object
+    for _, res := range rv1.Others {
+        supported, namespaced := registrybundle.IsSupported(res.GetKind())
+        if !supported {
+            return nil, fmt.Errorf("bundle contains unsupported resource: Name: %v, Kind: %v", res.GetName(), res.GetKind())
+        }
+
+        obj := res.DeepCopy()
+        if namespaced {
+            obj.SetNamespace(res.GetNamespace())
+        }
+
+        objs = append(objs, obj)
+
+    }
+    return objs, nil
+}
+
+func saNameOrDefault(saName string) string {
+    if saName == "" {
+        return "default"
+    }
+    return saName
+}