Initial commit for the operator

shared/definitions.go

@@ -0,0 +1,98 @@
+package shared
+
+import (
+	"regexp"
+	"strings"
+)
+
+const (
+	// JOB IMAGES
+	BACKUP_JOB_IMAGE = "ghcr.io/lukaszraczylo/docker-image-management:v0.0.6"
+
+	// AVAILABLE STATUSES
+	STATUS_PENDING  = "PENDING"
+	STATUS_STARTING = "STARTING"
+	STATUS_RETRYING = "RETRYING"
+	STATUS_RUNNING  = "RUNNING"
+	STATUS_FAILED   = "FAILED"
+	STATUS_SUCCESS  = "COMPLETED"
+	STATUS_PRESENT  = "PRESENT"
+
+	// STORAGE DEFINITIONS
+	STORAGE_S3   = "S3"
+	STORAGE_FILE = "FILE"
+)
+
+type Container struct {
+	Image    string `json:"image"`
+	Tag      string `json:"tag"`
+	Sha      string `json:"sha"`
+	FullName string `json:"fullName"`
+}
+
+type ContainersList struct {
+	Containers []Container `json:"containers"`
+}
+
+func RemoveDuplicates(containersList ContainersList) ContainersList {
+	// remove duplicates from the list
+	encountered := map[Container]bool{}
+	result := ContainersList{}
+	for v := range containersList.Containers {
+		if !encountered[containersList.Containers[v]] {
+			encountered[containersList.Containers[v]] = true
+			result.Containers = append(result.Containers, containersList.Containers[v])
+		}
+	}
+	return result
+}
+
+func RemoveExcludedImages(containers ContainersList, excludes []string) ContainersList {
+	// remove excluded images from the list
+	result := ContainersList{}
+	for _, container := range containers.Containers {
+		excluded := false
+		for _, exclude := range excludes {
+			if strings.Contains(strings.ToLower(container.Image), strings.ToLower(exclude)) {
+				excluded = true
+				break
+			}
+		}
+		if !excluded {
+			result.Containers = append(result.Containers, container)
+		}
+	}
+	return result
+}
+
+func IncludeOnlyImages(containers ContainersList, includes []string) ContainersList {
+	// include only images from the list
+	result := ContainersList{}
+	for _, container := range containers.Containers {
+		included := false
+		for _, include := range includes {
+			if strings.Contains(strings.ToLower(container.Image), strings.ToLower(include)) {
+				included = true
+				break
+			}
+		}
+		if included {
+			result.Containers = append(result.Containers, container)
+		}
+	}
+	return result
+}
+
+var imageNameRegexp = regexp.MustCompile(`[/:@&=+$,\?%\{\}\[\]\\^~#\s]`)
+var imageNameRegexpReplace = regexp.MustCompile(`-+`)
+
+func NormalizeImageName(name string) string {
+	// Replace special characters with hyphens
+	normalized := imageNameRegexp.ReplaceAllString(name, "-")
+
+	// Remove consecutive hyphens
+	normalized = imageNameRegexpReplace.ReplaceAllString(normalized, "-")
+
+	// Trim leading and trailing hyphens
+	return strings.Trim(normalized, "-")
+}

shared/jobs.go

@@ -0,0 +1,82 @@
+package shared
+
+import (
+	"fmt"
+	"strings"
+
+	batchv1 "k8s.io/api/batch/v1"
+	corev1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/utils/pointer"
+	raczylocomv1 "raczylo.com/kubernetes-images-sync-operator/api/raczylo.com/v1"
+)
+
+type JobParams struct {
+	Name            string
+	Namespace       string
+	Image           string
+	Commands        []string
+	EnvVars         []corev1.EnvVar
+	OwnerReferences []metav1.OwnerReference
+}
+
+func CreateJob[T any](params JobParams, setupFunc func(T) []string) *batchv1.Job {
+	return &batchv1.Job{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:            params.Name,
+			Namespace:       params.Namespace,
+			OwnerReferences: params.OwnerReferences,
+			Labels: map[string]string{
+				"app": "image-export",
+			},
+		},
+		Spec: batchv1.JobSpec{
+			Template: corev1.PodTemplateSpec{
+				ObjectMeta: metav1.ObjectMeta{
+					Labels: map[string]string{
+						"app": "image-export",
+					},
+				},
+				Spec: corev1.PodSpec{
+					RestartPolicy: corev1.RestartPolicyOnFailure,
+					Containers: []corev1.Container{
+						{
+							Name:  "export",
+							Image: params.Image,
+							TTY:   true,
+							Command: []string{
+								"bash",
+								"-c",
+								strings.Join(params.Commands, " && "),
+							},
+							Env: params.EnvVars,
+							SecurityContext: &corev1.SecurityContext{
+								Privileged: pointer.Bool(true),
+							},
+						},
+					},
+				},
+			},
+		},
+	}
+}
+
+func SetupS3Params(s3Config raczylocomv1.ClusterImageStorageS3) []string {
+	params := []string{}
+	if s3Config.UseRole {
+		params = append(params, "--use-role")
+	} else {
+		params = append(params, fmt.Sprintf("--aws_access_key_id='%s'", s3Config.AccessKey))
+		params = append(params, fmt.Sprintf("--aws_secret_access_key='%s'", s3Config.SecretKey))
+	}
+	if s3Config.RoleARN != "" {
+		params = append(params, fmt.Sprintf("--role_name='%s'", s3Config.RoleARN))
+	}
+	if s3Config.Endpoint != "" {
+		params = append(params, fmt.Sprintf("--endpoint_url='%s'", s3Config.Endpoint))
+	}
+	if s3Config.Region != "" {
+		params = append(params, fmt.Sprintf("--region=%s", s3Config.Region))
+	}
+	return params
+}

shared/k8s.go

@@ -0,0 +1,142 @@
+package shared
+
+import (
+	"context"
+	"fmt"
+	"strings"
+
+	appsv1 "k8s.io/api/apps/v1"
+	batchv1 "k8s.io/api/batch/v1"
+	corev1 "k8s.io/api/core/v1"
+	raczylocomv1 "raczylo.com/kubernetes-images-sync-operator/api/raczylo.com/v1"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/manager"
+)
+
+type K8sResource interface {
+	GetPodSpec() *corev1.PodSpec
+}
+
+// Wrapper types
+type DeploymentWrapper appsv1.Deployment
+type JobWrapper batchv1.Job
+type DaemonSetWrapper appsv1.DaemonSet
+type CronJobWrapper batchv1.CronJob
+
+// Implement the K8sResource interface for wrapper types
+func (d *DeploymentWrapper) GetPodSpec() *corev1.PodSpec { return &d.Spec.Template.Spec }
+func (j *JobWrapper) GetPodSpec() *corev1.PodSpec        { return &j.Spec.Template.Spec }
+func (ds *DaemonSetWrapper) GetPodSpec() *corev1.PodSpec { return &ds.Spec.Template.Spec }
+func (cj *CronJobWrapper) GetPodSpec() *corev1.PodSpec {
+	return &cj.Spec.JobTemplate.Spec.Template.Spec
+}
+
+func processContainerName(containerName string) (Container, error) {
+	cnt := Container{}
+	parts := strings.Split(containerName, "@")
+	if len(parts) > 2 {
+		return cnt, fmt.Errorf("invalid container name format: %s", containerName)
+	}
+	imageAndTag := strings.Split(parts[0], ":")
+	cnt.Image = imageAndTag[0]
+	if len(imageAndTag) > 2 {
+		return cnt, fmt.Errorf("invalid image:tag format: %s", parts[0])
+	}
+	if len(imageAndTag) == 2 {
+		cnt.Tag = imageAndTag[1]
+	}
+	if len(parts) == 2 {
+		shaParts := strings.SplitN(parts[1], ":", 2)
+		if len(shaParts) != 2 || (shaParts[0] != "sha" && shaParts[0] != "sha256") {
+			return cnt, fmt.Errorf("invalid SHA format: %s", parts[1])
+		}
+		cnt.Sha = parts[1]
+	}
+	cnt.FullName = containerName
+	// if tag is empty and sha is empty - use tag 'latest'
+	if cnt.Sha == "" && cnt.Tag == "" {
+		cnt.Tag = "latest"
+	}
+
+	if cnt.Image == "" {
+		return cnt, fmt.Errorf("image name is required")
+	}
+	return cnt, nil
+}
+
+func processContainers[T K8sResource](resource T, containersList *ContainersList) error {
+	podSpec := resource.GetPodSpec()
+	if podSpec == nil {
+		return fmt.Errorf("nil PodSpec")
+	}
+
+	allContainers := append(podSpec.Containers, podSpec.InitContainers...)
+	for _, container := range allContainers {
+		if err := processContainer(container.Image, containersList); err != nil {
+			return err
+		}
+	}
+
+	for _, container := range podSpec.EphemeralContainers {
+		if err := processContainer(container.EphemeralContainerCommon.Image, containersList); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+// processContainer handles the processing of a single container image
+func processContainer(image string, containersList *ContainersList) error {
+	cnt, err := processContainerName(image)
+	if err != nil {
+		return fmt.Errorf("failed to process container name: %s - %w", image, err)
+	}
+	containersList.Containers = append(containersList.Containers, cnt)
+	return nil
+}
+
+// listAndProcessResources is a generic function to list and process K8s resources
+func ListAndProcessResources[T K8sResource, L client.ObjectList](ctx context.Context, r client.Client, list L, containersList *ContainersList) error {
+	if err := r.List(ctx, list, &client.ListOptions{}); err != nil {
+		return fmt.Errorf("failed to list resources: %w", err)
+	}
+
+	switch typedList := any(list).(type) {
+	case *appsv1.DeploymentList:
+		for i := range typedList.Items {
+			if err := processContainers((*DeploymentWrapper)(&typedList.Items[i]), containersList); err != nil {
+				return err
+			}
+		}
+	case *batchv1.JobList:
+		for i := range typedList.Items {
+			if err := processContainers((*JobWrapper)(&typedList.Items[i]), containersList); err != nil {
+				return err
+			}
+		}
+	case *appsv1.DaemonSetList:
+		for i := range typedList.Items {
+			if err := processContainers((*DaemonSetWrapper)(&typedList.Items[i]), containersList); err != nil {
+				return err
+			}
+		}
+	case *batchv1.CronJobList:
+		for i := range typedList.Items {
+			if err := processContainers((*CronJobWrapper)(&typedList.Items[i]), containersList); err != nil {
+				return err
+			}
+		}
+	default:
+		return fmt.Errorf("unsupported list type: %T", list)
+	}
+
+	return nil
+}
+
+func SetupIndexers(mgr manager.Manager) error {
+	return mgr.GetFieldIndexer().IndexField(context.Background(), &raczylocomv1.ClusterImage{}, "spec.exportName", func(rawObj client.Object) []string {
+		clusterImage := rawObj.(*raczylocomv1.ClusterImage)
+		return []string{clusterImage.Spec.ExportName}
+	})
+}