Merge pull request #104 from awslabs/client

refactor: consolidate Kubernetes client management into unified `client.Set`

Author: michaelhtm

cmd/controller/main.go

@@ -31,10 +31,10 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/predicate"
 
 	xv1alpha1 "github.com/awslabs/kro/api/v1alpha1"
+	kroclient "github.com/awslabs/kro/internal/client"
 	resourcegroupctrl "github.com/awslabs/kro/internal/controller/resourcegroup"
 	"github.com/awslabs/kro/internal/dynamiccontroller"
 	"github.com/awslabs/kro/internal/graph"
-	"github.com/awslabs/kro/internal/kubernetes"
 	//+kubebuilder:scaffold:imports
 )
 
@@ -90,7 +90,14 @@ func main() {
 
 	ctrl.SetLogger(rootLogger)
 
-	mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{
+	set, err := kroclient.NewSet(kroclient.Config{})
+	if err != nil {
+		setupLog.Error(err, "unable to create client set")
+		os.Exit(1)
+	}
+	restConfig := set.RESTConfig()
+
+	mgr, err := ctrl.NewManager(restConfig, ctrl.Options{
 		Scheme: scheme,
 		Metrics: metricsserver.Options{
 			BindAddress: metricsAddr,
@@ -115,23 +122,16 @@ func main() {
 		os.Exit(1)
 	}
 
-	kConfig, _, dynamicClient, crdClient, err := kubernetes.NewClients()
-	if err != nil {
-		setupLog.Error(err, "unable to create clients")
-		os.Exit(1)
-	}
-	crdManager := kubernetes.NewCRDClient(crdClient, rootLogger)
-
 	dc := dynamiccontroller.NewDynamicController(rootLogger, dynamiccontroller.Config{
 		Workers: dynamicControllerConcurrentReconciles,
 		// TODO(a-hilaly): expose these as flags
 		ShutdownTimeout: 60 * time.Second,
 		ResyncPeriod:    10 * time.Hour,
 		QueueMaxRetries: 20,
-	}, dynamicClient)
+	}, set.Dynamic())
 
 	resourceGroupGraphBuilder, err := graph.NewBuilder(
-		kConfig,
+		restConfig,
 	)
 	if err != nil {
 		setupLog.Error(err, "unable to create resource group graph builder")
@@ -141,9 +141,8 @@ func main() {
 	reconciler := resourcegroupctrl.NewResourceGroupReconciler(
 		rootLogger,
 		mgr.GetClient(),
-		dynamicClient,
+		set,
 		allowCRDDeletion,
-		crdManager,
 		dc,
 		resourceGroupGraphBuilder,
 	)

internal/client/crd.go

@@ -0,0 +1,177 @@
+// Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License"). You may
+// not use this file except in compliance with the License. A copy of the
+// License is located at
+//
+//	http://aws.amazon.com/apache2.0/
+//
+// or in the "license" file accompanying this file. This file is distributed
+// on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+// express or implied. See the License for the specific language governing
+// permissions and limitations under the License.
+package client
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"time"
+
+	"github.com/go-logr/logr"
+	v1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
+	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1"
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/apimachinery/pkg/util/wait"
+)
+
+const (
+	// DefaultPollInterval is the default interval for polling CRD status
+	defaultPollInterval = 150 * time.Millisecond
+	// DefaultTimeout is the default timeout for waiting for CRD status
+	defaultTimeout = 2 * time.Minute
+)
+
+var _ CRDClient = &CRDWrapper{}
+
+// CRDClient represents operations for managing CustomResourceDefinitions
+type CRDClient interface {
+	// EnsureCreated ensures a CRD exists and is ready
+	Ensure(ctx context.Context, crd v1.CustomResourceDefinition) error
+
+	// Delete removes a CRD if it exists
+	Delete(ctx context.Context, name string) error
+
+	// Get retrieves a CRD by name
+	Get(ctx context.Context, name string) (*v1.CustomResourceDefinition, error)
+}
+
+// CRDWrapper provides a simplified interface for CRD operations
+type CRDWrapper struct {
+	client       apiextensionsv1.CustomResourceDefinitionInterface
+	log          logr.Logger
+	pollInterval time.Duration
+	timeout      time.Duration
+}
+
+// CRDWrapperConfig contains configuration for the CRD wrapper
+type CRDWrapperConfig struct {
+	Client       *apiextensionsv1.ApiextensionsV1Client
+	Log          logr.Logger
+	PollInterval time.Duration
+	Timeout      time.Duration
+}
+
+// DefaultConfig returns a CRDWrapperConfig with default values
+func DefaultCRDWrapperConfig() CRDWrapperConfig {
+	return CRDWrapperConfig{
+		PollInterval: defaultPollInterval,
+		Timeout:      defaultTimeout,
+	}
+}
+
+// newCRDWrapper creates a new CRD wrapper
+func newCRDWrapper(cfg CRDWrapperConfig) *CRDWrapper {
+	if cfg.PollInterval == 0 {
+		cfg.PollInterval = defaultPollInterval
+	}
+	if cfg.Timeout == 0 {
+		cfg.Timeout = defaultTimeout
+	}
+
+	return &CRDWrapper{
+		client:       cfg.Client.CustomResourceDefinitions(),
+		log:          cfg.Log.WithName("crd-wrapper"),
+		pollInterval: cfg.PollInterval,
+		timeout:      cfg.Timeout,
+	}
+}
+
+// Ensure ensures a CRD exists, up-to-date, and is ready. This can be
+// a dangerous operation as it will update the CRD if it already exists.
+//
+// The caller is responsible for ensuring the CRD, isn't introducing
+// breaking changes.
+func (w *CRDWrapper) Ensure(ctx context.Context, crd v1.CustomResourceDefinition) error {
+	_, err := w.Get(ctx, crd.Name)
+	if err != nil {
+		if !apierrors.IsNotFound(err) {
+			return fmt.Errorf("failed to check for existing CRD: %w", err)
+		}
+
+		w.log.Info("Creating CRD", "name", crd.Name)
+		if err := w.create(ctx, crd); err != nil {
+			return fmt.Errorf("failed to create CRD: %w", err)
+		}
+	} else {
+		w.log.Info("Updating existing CRD", "name", crd.Name)
+		if err := w.patch(ctx, crd); err != nil {
+			return fmt.Errorf("failed to patch CRD: %w", err)
+		}
+	}
+
+	return w.waitForReady(ctx, crd.Name)
+}
+
+// Get retrieves a CRD by name
+func (w *CRDWrapper) Get(ctx context.Context, name string) (*v1.CustomResourceDefinition, error) {
+	return w.client.Get(ctx, name, metav1.GetOptions{})
+}
+
+func (w *CRDWrapper) create(ctx context.Context, crd v1.CustomResourceDefinition) error {
+	_, err := w.client.Create(ctx, &crd, metav1.CreateOptions{})
+	return err
+}
+
+func (w *CRDWrapper) patch(ctx context.Context, newCRD v1.CustomResourceDefinition) error {
+	patchBytes, err := json.Marshal(newCRD)
+	if err != nil {
+		return fmt.Errorf("failed to marshal CRD for patch: %w", err)
+	}
+
+	_, err = w.client.Patch(
+		ctx,
+		newCRD.Name,
+		types.MergePatchType,
+		patchBytes,
+		metav1.PatchOptions{},
+	)
+	return err
+}
+
+// Delete removes a CRD if it exists
+func (w *CRDWrapper) Delete(ctx context.Context, name string) error {
+	w.log.Info("Deleting CRD", "name", name)
+
+	err := w.client.Delete(ctx, name, metav1.DeleteOptions{})
+	if err != nil && !apierrors.IsNotFound(err) {
+		return fmt.Errorf("failed to delete CRD: %w", err)
+	}
+	return nil
+}
+
+// waitForReady waits for a CRD to become ready
+func (w *CRDWrapper) waitForReady(ctx context.Context, name string) error {
+	w.log.Info("Waiting for CRD to become ready", "name", name)
+
+	return wait.PollUntilContextTimeout(ctx, w.pollInterval, w.timeout, true,
+		func(ctx context.Context) (bool, error) {
+			crd, err := w.Get(ctx, name)
+			if err != nil {
+				if apierrors.IsNotFound(err) {
+					return false, nil
+				}
+				return false, err
+			}
+
+			for _, cond := range crd.Status.Conditions {
+				if cond.Type == v1.Established && cond.Status == v1.ConditionTrue {
+					return true, nil
+				}
+			}
+
+			return false, nil
+		})
+}

internal/client/set.go

@@ -0,0 +1,135 @@
+// Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License"). You may
+// not use this file except in compliance with the License. A copy of the
+// License is located at
+//
+//	http://aws.amazon.com/apache2.0/
+//
+// or in the "license" file accompanying this file. This file is distributed
+// on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+// express or implied. See the License for the specific language governing
+// permissions and limitations under the License.
+package client
+
+import (
+	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1"
+	"k8s.io/client-go/dynamic"
+	"k8s.io/client-go/kubernetes"
+	"k8s.io/client-go/rest"
+	ctrlrtconfig "sigs.k8s.io/controller-runtime/pkg/client/config"
+)
+
+const (
+	// defaultQPS is the default QPS for the client
+	defaultQPS = 100
+	// defaultBurst is the default burst for the client
+	defaultBurst = 150
+)
+
+// Set provides a unified interface for different Kubernetes clients
+type Set struct {
+	config          *rest.Config
+	kubernetes      *kubernetes.Clientset
+	dynamic         *dynamic.DynamicClient
+	apiExtensionsV1 *apiextensionsv1.ApiextensionsV1Client
+}
+
+// Config holds configuration for client creation
+type Config struct {
+	RestConfig      *rest.Config
+	ImpersonateUser string
+}
+
+// NewSet creates a new client Set with the given config
+func NewSet(cfg Config) (*Set, error) {
+	var err error
+	config := cfg.RestConfig
+
+	if config == nil {
+		config, err = ctrlrtconfig.GetConfig()
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	if cfg.ImpersonateUser != "" {
+		config = rest.CopyConfig(config)
+		config.Impersonate = rest.ImpersonationConfig{
+			UserName: cfg.ImpersonateUser,
+		}
+	}
+
+	// Set default QPS and burst
+	if config.QPS == 0 {
+		config.QPS = defaultQPS
+	}
+	if config.Burst == 0 {
+		config.Burst = defaultBurst
+	}
+
+	c := &Set{config: config}
+	if err := c.init(); err != nil {
+		return nil, err
+	}
+
+	return c, nil
+}
+
+func (c *Set) init() error {
+	var err error
+
+	c.kubernetes, err = kubernetes.NewForConfig(c.config)
+	if err != nil {
+		return err
+	}
+
+	c.dynamic, err = dynamic.NewForConfig(c.config)
+	if err != nil {
+		return err
+	}
+
+	c.apiExtensionsV1, err = apiextensionsv1.NewForConfig(c.config)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// Kubernetes returns the standard Kubernetes clientset
+func (c *Set) Kubernetes() *kubernetes.Clientset {
+	return c.kubernetes
+}
+
+// Dynamic returns the dynamic client
+func (c *Set) Dynamic() *dynamic.DynamicClient {
+	return c.dynamic
+}
+
+// APIExtensionsV1 returns the API extensions client
+func (c *Set) APIExtensionsV1() *apiextensionsv1.ApiextensionsV1Client {
+	return c.apiExtensionsV1
+}
+
+// RESTConfig returns a copy of the underlying REST config
+func (c *Set) RESTConfig() *rest.Config {
+	return rest.CopyConfig(c.config)
+}
+
+// CRD returns a new CRDWrapper instance
+func (s *Set) CRD(cfg CRDWrapperConfig) *CRDWrapper {
+	if cfg.Client == nil {
+		cfg.Client = s.apiExtensionsV1
+	}
+
+	return newCRDWrapper(cfg)
+}
+
+// WithImpersonation returns a new client that impersonates the given user
+func (c *Set) WithImpersonation(user string) (*Set, error) {
+	return NewSet(Config{
+		RestConfig:      c.config,
+		ImpersonateUser: user,
+	})
+}