Skip to content

✨ Add Proxy support to rukpak generator #1998

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

✨ Add Proxy support to rukpak generator #1998

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
7183b67
Add Proxy support to rukpak generator
thetechnick May 28, 2025
f6da150
f
thetechnick May 28, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 11 additions & 2 deletions internal/operator-controller/rukpak/render/registryv1/generators/generators.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,11 +69,20 @@ func BundleCSVDeploymentGenerator(rv1 *bundle.RegistryV1, opts render.Options) (
// See https://github.com/operator-framework/operator-lifecycle-manager/blob/dfd0b2bea85038d3c0d65348bc812d297f16b8d2/pkg/controller/install/deployment.go#L177-L180
depSpec.Spec.RevisionHistoryLimit = ptr.To(int32(1))

deploymentOpts := []ResourceCreatorOption{
WithDeploymentSpec(depSpec.Spec),
WithLabels(depSpec.Label),
}
if opts.Proxy != nil {
deploymentOpts = append(
deploymentOpts,
WithProxy(opts.Proxy.HTTPProxy, opts.Proxy.HTTPSProxy, opts.Proxy.NoProxy),
)
}
deploymentResource := CreateDeploymentResource(
depSpec.Name,
opts.InstallNamespace,
WithDeploymentSpec(depSpec.Spec),
WithLabels(depSpec.Label),
deploymentOpts...,
)

secretInfo := render.CertProvisionerFor(depSpec.Name, opts).GetCertSecretInfo()
Expand Down
34 changes: 34 additions & 0 deletions internal/operator-controller/rukpak/render/registryv1/generators/resources.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -115,6 +115,40 @@ func WithMutatingWebhooks(webhooks ...admissionregistrationv1.MutatingWebhook) f
}
}

// With
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: incomplete comment

func WithProxy(httpProxy, httpsProxy, noProxy string) func(client.Object) {
return func(obj client.Object) {
switch o := obj.(type) {
case *appsv1.Deployment:
addProxyEnvVars(httpProxy, httpsProxy, noProxy, o.Spec.Template.Spec.Containers)
}
}
}

func addProxyEnvVars(httpProxy, httpsProxy, noProxy string, containers []corev1.Container) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should we nuke any preexisting proxy env vars?

cs := containers
for i := range cs {
Comment on lines +129 to +130
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this needed? Can't we just do

Suggested change
cs := containers
for i := range cs {
for container, _ := range containers {

if len(httpProxy) > 0 {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit

Suggested change
if len(httpProxy) > 0 {
if len(httpProxy) != 0 {

seems cleaner

cs[i].Env = append(cs[i].Env, corev1.EnvVar{
Name: "HTTP_PROXY",
Value: httpProxy,
})
}
if len(httpsProxy) > 0 {
cs[i].Env = append(cs[i].Env, corev1.EnvVar{
Name: "HTTPS_PROXY",
Value: httpsProxy,
})
}
if len(noProxy) > 0 {
cs[i].Env = append(cs[i].Env, corev1.EnvVar{
Name: "NO_PROXY",
Value: noProxy,
})
}
}
}

// CreateServiceAccountResource creates a ServiceAccount resource with name 'name', namespace 'namespace', and applying
// any ServiceAccount related options in opts
func CreateServiceAccountResource(name string, namespace string, opts ...ResourceCreatorOption) *corev1.ServiceAccount {
Expand Down
59 changes: 59 additions & 0 deletions internal/operator-controller/rukpak/render/registryv1/generators/resources_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,10 @@ import (
"strings"
"testing"

"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
admissionregistrationv1 "k8s.io/api/admissionregistration/v1"
appsv1 "k8s.io/api/apps/v1"
corev1 "k8s.io/api/core/v1"
rbacv1 "k8s.io/api/rbac/v1"
"sigs.k8s.io/controller-runtime/pkg/client"
Expand Down Expand Up @@ -276,3 +278,60 @@ func Test_WithMutatingWebhook(t *testing.T) {
{Name: "wh-two"},
}, wh.Webhooks)
}

func Test_WithProxy(t *testing.T) {
depSpec := appsv1.DeploymentSpec{
Template: corev1.PodTemplateSpec{
Spec: corev1.PodSpec{
Containers: []corev1.Container{
{
Name: "c1",
Env: []corev1.EnvVar{
{
Name: "TEST",
Value: "xxx",
},
},
},
{
Name: "c2",
Env: []corev1.EnvVar{
{
Name: "TEST",
Value: "xxx",
},
},
},
},
},
},
}

depl := generators.CreateDeploymentResource(
"test",
"test-ns",
generators.WithDeploymentSpec(depSpec),
generators.WithProxy("http,prox", "https,prox", "no,prox"),
)

expected := []corev1.EnvVar{
{
Name: "TEST",
Value: "xxx",
},
{
Name: "HTTP_PROXY",
Value: "http,prox",
},
{
Name: "HTTPS_PROXY",
Value: "https,prox",
},
{
Name: "NO_PROXY",
Value: "no,prox",
},
}
assert.Equal(t, expected, depl.Spec.Template.Spec.Containers[0].Env)
assert.Equal(t, expected, depl.Spec.Template.Spec.Containers[1].Env)
}
11 changes: 11 additions & 0 deletions internal/operator-controller/rukpak/render/render.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,11 +56,16 @@ func (r ResourceGenerators) ResourceGenerator() ResourceGenerator {

type UniqueNameGenerator func(string, interface{}) (string, error)

type Proxy struct {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: should we call it ProxyConfig or something?

HTTPProxy, HTTPSProxy, NoProxy string
}

type Options struct {
InstallNamespace string
TargetNamespaces []string
UniqueNameGenerator UniqueNameGenerator
CertificateProvider CertificateProvider
Proxy *Proxy
}

func (o *Options) apply(opts ...Option) *Options {
Expand Down Expand Up @@ -106,6 +111,12 @@ func WithCertificateProvider(provider CertificateProvider) Option {
}
}

func WithProxy(proxy Proxy) Option {
return func(o *Options) {
o.Proxy = &proxy
}
}

type BundleRenderer struct {
BundleValidator BundleValidator
ResourceGenerators []ResourceGenerator
Expand Down
Loading