Cr 11553 (#395)

* wip

* wip

* wip

* bump

* bump

* resolve comments

* wip

* bump

* wip

* resolve comments

* resolve comments

* use go-sdk 0.43.7

* wip

* wip

Author: kim-codefresh

Makefile

@@ -1,4 +1,4 @@
-VERSION=v0.0.354
+VERSION=v0.0.355
 
 OUT_DIR=dist
 YEAR?=$(shell date +"%Y")

cmd/commands/runtime.go

@@ -82,8 +82,10 @@ type (
 		RuntimeToken                   string
 		RuntimeStoreIV                 string
 		HostName                       string
+		InternalHostName               string
 		IngressHost                    string
 		IngressClass                   string
+		InternalIngressHost            string
 		IngressController              ingressutil.IngressController
 		Insecure                       bool
 		InstallDemoResources           bool
@@ -102,6 +104,8 @@ type (
 		versionStr                     string
 		kubeContext                    string
 		kubeconfig                     string
+		InternalIngressAnnotation      map[string]string
+		ExternalIngressAnnotation      map[string]string
 	}
 
 	RuntimeUninstallOptions struct {
@@ -230,6 +234,10 @@ func NewRuntimeInstallCommand() *cobra.Command {
 				"Installing demo resources": strconv.FormatBool(installationOpts.InstallDemoResources),
 			}
 
+			if installationOpts.InternalIngressHost != "" {
+				finalParameters["Internal ingress host"] = installationOpts.InternalIngressHost
+			}
+
 			if err := getApprovalFromUser(cmd.Context(), finalParameters, "runtime install"); err != nil {
 				return err
 			}
@@ -245,6 +253,7 @@ func NewRuntimeInstallCommand() *cobra.Command {
 
 	cmd.Flags().StringVar(&installationOpts.IngressHost, "ingress-host", "", "The ingress host")
 	cmd.Flags().StringVar(&installationOpts.IngressClass, "ingress-class", "", "The ingress class name")
+	cmd.Flags().StringVar(&installationOpts.InternalIngressHost, "internal-ingress-host", "", "The internal ingress host (by default the external ingress will be used for both internal and external traffic)")
 	cmd.Flags().StringVar(&installationOpts.GitIntegrationRegistrationOpts.Token, "personal-git-token", "", "The Personal git token for your user")
 	cmd.Flags().StringVar(&installationOpts.versionStr, "version", "", "The runtime version to install (default: latest)")
 	cmd.Flags().BoolVar(&installationOpts.InstallDemoResources, "demo-resources", true, "Installs demo resources (default: true)")
@@ -258,6 +267,8 @@ func NewRuntimeInstallCommand() *cobra.Command {
 	cmd.Flags().BoolVar(&store.Get().SetDefaultResources, "set-default-resources", false, "If true, will set default requests and limits on all of the runtime components")
 	cmd.Flags().BoolVar(&installationOpts.FromRepo, "from-repo", false, "Installs a runtime from an existing repo. Used for recovery after cluster failure")
 	cmd.Flags().StringToStringVar(&installationOpts.NamespaceLabels, "namespace-labels", nil, "Optional labels that will be set on the namespace resource. (e.g. \"key1=value1,key2=value2\"")
+	cmd.Flags().StringToStringVar(&installationOpts.InternalIngressAnnotation, "internal-ingress-annotation", nil, "Add annotations to the internal ingress")
+	cmd.Flags().StringToStringVar(&installationOpts.ExternalIngressAnnotation, "external-ingress-annotation", nil, "Add annotations to the external ingress")
 
 	installationOpts.InsCloneOpts = apu.AddCloneFlags(cmd, &apu.CloneFlagsOptions{
 		CreateIfNotExist: true,
@@ -434,32 +445,57 @@ func ensureIngressHost(cmd *cobra.Command, opts *RuntimeInstallOptions) error {
 		}
 	}
 
-	parsed, err := url.Parse(opts.IngressHost)
+	if err := parseHostName(opts.IngressHost, &opts.HostName); err != nil {
+		return err
+	}
+
+	if opts.InternalIngressHost != "" {
+		if err := parseHostName(opts.InternalIngressHost, &opts.InternalHostName); err != nil {
+			return err
+		}
+	}
+
+	log.G(cmd.Context()).Infof("Using ingress host: %s", opts.IngressHost)
+
+	if !opts.SkipClusterChecks {
+		return nil
+	}
+
+	log.G(cmd.Context()).Info("Validating ingress host")
+
+	if opts.InternalIngressHost != "" {
+		if err := validateIngressHostCertificate(cmd, opts.InternalIngressHost); err != nil {
+			return err
+		}
+		log.G(cmd.Context()).Infof("Using internal ingress host: %s", opts.InternalIngressHost)
+	}
+
+	return validateIngressHostCertificate(cmd, opts.IngressHost)
+}
+
+func parseHostName(ingressHost string, hostName *string) error {
+	parsed, err := url.Parse(ingressHost)
 	if err != nil {
 		return err
 	}
 
 	isIP := util.IsIP(parsed.Host)
 	if !isIP {
-		opts.HostName, _, err = net.SplitHostPort(parsed.Host)
+		*hostName, _, err = net.SplitHostPort(parsed.Host)
 		if err != nil {
 			if err.Error() == fmt.Sprintf("address %s: missing port in address", parsed.Host) {
-				opts.HostName = parsed.Host
+				*hostName = parsed.Host
 			} else {
 				return err
 			}
 		}
 	}
 
-	log.G(cmd.Context()).Infof("Using ingress host: %s", opts.IngressHost)
-
-	if !opts.SkipClusterChecks {
-		return nil
-	}
-
-	log.G(cmd.Context()).Info("Validating ingress host")
+	return nil
+}
 
-	certValid, err := checkIngressHostCertificate(opts.IngressHost)
+func validateIngressHostCertificate(cmd *cobra.Command, ingressHost string) error {
+	certValid, err := checkIngressHostCertificate(ingressHost)
 	if err != nil {
 		log.G(cmd.Context()).Fatalf("failed to check ingress host: %v", err)
 	}
@@ -600,15 +636,16 @@ func RunRuntimeInstall(ctx context.Context, opts *RuntimeInstallOptions) error {
 	ingressControllerName := opts.IngressController.Name()
 
 	token, iv, err := createRuntimeOnPlatform(ctx, &model.RuntimeInstallationArgs{
-		RuntimeName:       opts.RuntimeName,
-		Cluster:           server,
-		RuntimeVersion:    runtimeVersion,
-		IngressHost:       &opts.IngressHost,
-		IngressClass:      &opts.IngressClass,
-		IngressController: &ingressControllerName,
-		ComponentNames:    componentNames,
-		Repo:              &opts.InsCloneOpts.Repo,
-		Recover:           &opts.FromRepo,
+		RuntimeName:         opts.RuntimeName,
+		Cluster:             server,
+		RuntimeVersion:      runtimeVersion,
+		IngressHost:         &opts.IngressHost,
+		InternalIngressHost: &opts.InternalIngressHost,
+		IngressClass:        &opts.IngressClass,
+		IngressController:   &ingressControllerName,
+		ComponentNames:      componentNames,
+		Repo:                &opts.InsCloneOpts.Repo,
+		Recover:             &opts.FromRepo,
 	})
 	handleCliStep(reporter.InstallStepCreateRuntimeOnPlatform, "Creating runtime on platform", err, false, true)
 	if err != nil {
@@ -620,6 +657,7 @@ func RunRuntimeInstall(ctx context.Context, opts *RuntimeInstallOptions) error {
 	rt.Spec.Cluster = server
 	rt.Spec.IngressHost = opts.IngressHost
 	rt.Spec.IngressClass = opts.IngressClass
+	rt.Spec.InternalIngressHost = opts.InternalIngressHost
 	rt.Spec.IngressController = string(opts.IngressController.Name())
 	rt.Spec.Repo = opts.InsCloneOpts.Repo
 
@@ -814,15 +852,21 @@ func createMasterIngressResource(ctx context.Context, opts *RuntimeInstallOption
 		return err
 	}
 
-	ingress := ingressutil.CreateIngress(&ingressutil.CreateIngressOptions{
+	ingressOptions := ingressutil.CreateIngressOptions{
 		Name:             opts.RuntimeName + store.Get().MasterIngressName,
 		Namespace:        opts.RuntimeName,
 		IngressClassName: opts.IngressClass,
 		Host:             opts.HostName,
 		Annotations: map[string]string{
 			"nginx.org/mergeable-ingress-type": "master",
 		},
-	})
+	}
+
+	if opts.ExternalIngressAnnotation != nil {
+		mergeAnnotations(ingressOptions.Annotations, opts.ExternalIngressAnnotation)
+	}
+
+	ingress := ingressutil.CreateIngress(&ingressOptions)
 
 	if err = fs.WriteYamls(fs.Join(store.Get().InClusterPath, "master-ingress.yaml"), ingress); err != nil {
 		return err
@@ -1329,6 +1373,7 @@ func RunRuntimeList(ctx context.Context) error {
 		healthMessage := "N/A"
 		installationStatus := rt.InstallationStatus
 		ingressHost := "N/A"
+		internalIngressHost := "N/A"
 		ingressClass := "N/A"
 
 		if rt.Metadata.Namespace != nil {
@@ -1351,11 +1396,15 @@ func RunRuntimeList(ctx context.Context) error {
 			ingressHost = *rt.IngressHost
 		}
 
+		if rt.InternalIngressHost != nil {
+			internalIngressHost = *rt.InternalIngressHost
+		}
+
 		if rt.IngressClass != nil {
 			ingressClass = *rt.IngressClass
 		}
 
-		_, err = fmt.Fprintf(tb, "%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\n",
+		_, err = fmt.Fprintf(tb, "%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\n",
 			name,
 			namespace,
 			cluster,
@@ -1365,6 +1414,7 @@ func RunRuntimeList(ctx context.Context) error {
 			healthMessage,
 			installationStatus,
 			ingressHost,
+			internalIngressHost,
 			ingressClass,
 		)
 		if err != nil {
@@ -1842,6 +1892,10 @@ func createWorkflowsIngress(ctx context.Context, opts *RuntimeInstallOptions, rt
 		},
 	}
 
+	if opts.ExternalIngressAnnotation != nil {
+		mergeAnnotations(ingressOptions.Annotations, opts.ExternalIngressAnnotation)
+	}
+
 	ingress := ingressutil.CreateIngress(&ingressOptions)
 	opts.IngressController.Decorate(ingress)
 
@@ -1881,6 +1935,12 @@ func createWorkflowsIngress(ctx context.Context, opts *RuntimeInstallOptions, rt
 	return apu.PushWithMessage(ctx, r, "Created Workflows Ingress")
 }
 
+func mergeAnnotations(annotation map[string]string, newAnnotation map[string]string) {
+	for key, element := range newAnnotation {
+		annotation[key] = element
+	}
+}
+
 func configureAppProxy(ctx context.Context, opts *RuntimeInstallOptions, rt *runtime.Runtime) error {
 	r, fs, err := opts.InsCloneOpts.GetRepo(ctx)
 	if err != nil {
@@ -1912,12 +1972,17 @@ func configureAppProxy(ctx context.Context, opts *RuntimeInstallOptions, rt *run
 		},
 	})
 
+	hostName := opts.HostName
+	if opts.InternalHostName != "" {
+		hostName = opts.InternalHostName
+	}
+
 	if !store.Get().SkipIngress {
 		ingressOptions := ingressutil.CreateIngressOptions{
 			Name:             rt.Name + store.Get().AppProxyIngressName,
 			Namespace:        rt.Namespace,
 			IngressClassName: opts.IngressClass,
-			Host:             opts.HostName,
+			Host:             hostName,
 			Paths: []ingressutil.IngressPath{
 				{
 					Path:        store.Get().AppProxyIngressPath,
@@ -1928,6 +1993,11 @@ func configureAppProxy(ctx context.Context, opts *RuntimeInstallOptions, rt *run
 			},
 		}
 
+		if opts.InternalIngressAnnotation != nil {
+			ingressOptions.Annotations = make(map[string]string)
+			mergeAnnotations(ingressOptions.Annotations, opts.InternalIngressAnnotation)
+		}
+
 		ingress := ingressutil.CreateIngress(&ingressOptions)
 		opts.IngressController.Decorate(ingress)
 
@@ -1969,6 +2039,7 @@ func updateCodefreshCM(ctx context.Context, opts *RuntimeInstallOptions, rt *run
 	runtime.Spec.IngressClass = opts.IngressClass
 	runtime.Spec.IngressController = opts.IngressController.Name()
 	runtime.Spec.IngressHost = opts.IngressHost
+	runtime.Spec.InternalIngressHost = opts.InternalIngressHost
 
 	marshalRuntime, err = yaml.Marshal(runtime)
 	if err != nil {

docs/commands/cli-v2_runtime_install.md

@@ -28,29 +28,32 @@ cli-v2 runtime install [runtime_name] [flags]
 ### Options
 
 ```
-      --context string                    The name of the kubeconfig context to use
-      --demo-resources                    Installs demo resources (default: true) (default true)
-      --disable-rollback                  If true, will not perform installation rollback after a failed installation
-      --disable-telemetry                 If true, will disable the analytics reporting for the installation process
-      --from-repo                         Installs a runtime from an existing repo. Used for recovery after cluster failure
-  -t, --git-token string                  Your git provider api token [GIT_TOKEN]
-  -u, --git-user string                   Your git provider user name [GIT_USER] (not required in GitHub)
-  -h, --help                              help for install
-      --ingress-class string              The ingress class name
-      --ingress-host string               The ingress host
-      --kubeconfig string                 Path to the kubeconfig file to use for CLI requests.
-  -n, --namespace string                  If present, the namespace scope for this CLI request
-      --namespace-labels stringToString   Optional labels that will be set on the namespace resource. (e.g. "key1=value1,key2=value2" (default [])
-      --personal-git-token string         The Personal git token for your user
-      --provider string                   The git provider, one of: azure|gitea|github|gitlab
-      --provider-api-url string           Git provider API url
-      --repo string                       Repository URL [GIT_REPO]
-      --set-default-resources             If true, will set default requests and limits on all of the runtime components
-      --skip-cluster-checks               Skips the cluster's checks
-      --skip-ingress                      Skips the creation of ingress resources
-  -b, --upsert-branch                     If true will try to checkout the specified branch and create it if it doesn't exist
-      --version string                    The runtime version to install (default: latest)
-      --wait-timeout duration             How long to wait for the runtime components to be ready (default 8m0s)
+      --context string                               The name of the kubeconfig context to use
+      --demo-resources                               Installs demo resources (default: true) (default true)
+      --disable-rollback                             If true, will not perform installation rollback after a failed installation
+      --disable-telemetry                            If true, will disable the analytics reporting for the installation process
+      --external-ingress-annotation stringToString   Add annotations to the external ingress (default [])
+      --from-repo                                    Installs a runtime from an existing repo. Used for recovery after cluster failure
+  -t, --git-token string                             Your git provider api token [GIT_TOKEN]
+  -u, --git-user string                              Your git provider user name [GIT_USER] (not required in GitHub)
+  -h, --help                                         help for install
+      --ingress-class string                         The ingress class name
+      --ingress-host string                          The ingress host
+      --internal-ingress-annotation stringToString   Add annotations to the internal ingress (default [])
+      --internal-ingress-host string                 The internal ingress host (by default the external ingress will be used for both internal and external traffic)
+      --kubeconfig string                            Path to the kubeconfig file to use for CLI requests.
+  -n, --namespace string                             If present, the namespace scope for this CLI request
+      --namespace-labels stringToString              Optional labels that will be set on the namespace resource. (e.g. "key1=value1,key2=value2" (default [])
+      --personal-git-token string                    The Personal git token for your user
+      --provider string                              The git provider, one of: azure|gitea|github|gitlab
+      --provider-api-url string                      Git provider API url
+      --repo string                                  Repository URL [GIT_REPO]
+      --set-default-resources                        If true, will set default requests and limits on all of the runtime components
+      --skip-cluster-checks                          Skips the cluster's checks
+      --skip-ingress                                 Skips the creation of ingress resources
+  -b, --upsert-branch                                If true will try to checkout the specified branch and create it if it doesn't exist
+      --version string                               The runtime version to install (default: latest)
+      --wait-timeout duration                        How long to wait for the runtime components to be ready (default 8m0s)
 ```
 
 ### Options inherited from parent commands

docs/releases/release_notes.md

@@ -23,7 +23,7 @@ cf version
 
 ```bash
 # download and extract the binary
-curl -L --output - https://github.com/codefresh-io/cli-v2/releases/download/v0.0.354/cf-linux-amd64.tar.gz | tar zx
+curl -L --output - https://github.com/codefresh-io/cli-v2/releases/download/v0.0.355/cf-linux-amd64.tar.gz | tar zx
 
 # move the binary to your $PATH
 mv ./cf-linux-amd64 /usr/local/bin/cf
@@ -36,7 +36,7 @@ cf version
 
 ```bash
 # download and extract the binary
-curl -L --output - https://github.com/codefresh-io/cli-v2/releases/download/v0.0.354/cf-darwin-amd64.tar.gz | tar zx
+curl -L --output - https://github.com/codefresh-io/cli-v2/releases/download/v0.0.355/cf-darwin-amd64.tar.gz | tar zx
 
 # move the binary to your $PATH
 mv ./cf-darwin-amd64 /usr/local/bin/cf

go.mod

@@ -10,7 +10,7 @@ require (
 	github.com/argoproj/argo-events v0.17.1-0.20220327045437-70eaafe9afec
 	github.com/argoproj/argo-workflows/v3 v3.3.1
 	github.com/briandowns/spinner v1.18.1
-	github.com/codefresh-io/go-sdk v0.43.6
+	github.com/codefresh-io/go-sdk v0.43.7
 	github.com/fatih/color v1.13.0
 	github.com/ghodss/yaml v1.0.1-0.20190212211648-25d852aebe32
 	github.com/go-git/go-billy/v5 v5.3.1

go.sum

@@ -254,8 +254,8 @@ github.com/cockroachdb/datadriven v0.0.0-20200714090401-bf6692d28da5/go.mod h1:h
 github.com/cockroachdb/errors v1.2.4/go.mod h1:rQD95gz6FARkaKkQXUksEje/d9a6wBJoCr5oaCLELYA=
 github.com/cockroachdb/logtags v0.0.0-20190617123548-eb05cc24525f/go.mod h1:i/u985jwjWRlyHXQbwatDASoW0RMlZ/3i9yJHE2xLkI=
 github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd/go.mod h1:sE/e/2PUdi/liOCUjSTXgM1o87ZssimdTWN964YiIeI=
-github.com/codefresh-io/go-sdk v0.43.6 h1:y2CbRSM1gNNZC3GRpRLNzp3zyHGo+pmo8OTr3OQxr3I=
-github.com/codefresh-io/go-sdk v0.43.6/go.mod h1:CcoVmTFWHGkbrSW8LyOGB/vJe5Vzr3iC/pNE2QIBTyg=
+github.com/codefresh-io/go-sdk v0.43.7 h1:s872fn7fD1S2gIy2sylgrtul4PBfabgE2jHWVFwgq3g=
+github.com/codefresh-io/go-sdk v0.43.7/go.mod h1:CcoVmTFWHGkbrSW8LyOGB/vJe5Vzr3iC/pNE2QIBTyg=
 github.com/codegangsta/inject v0.0.0-20150114235600-33e0aa1cb7c0/go.mod h1:4Zcjuz89kmFXt9morQgcfYZAYZ5n8WHjt81YYWIwtTM=
 github.com/codeskyblue/go-sh v0.0.0-20190412065543-76bd3d59ff27/go.mod h1:VQx0hjo2oUeQkQUET7wRwradO6f+fN5jzXgB/zROxxE=
 github.com/container-storage-interface/spec v1.5.0/go.mod h1:8K96oQNkJ7pFcC2R9Z1ynGGBB1I93kcS6PGg3SsOk8s=

manifests/runtime.yaml

@@ -5,7 +5,7 @@ metadata:
   namespace: "{{ namespace }}"
 spec:
   defVersion: 1.0.1
-  version: 0.0.354
+  version: 0.0.355
   bootstrapSpecifier: github.com/codefresh-io/cli-v2/manifests/argo-cd
   components:
     - name: events