actions · summerwind · Mar 7, 2020 · Mar 7, 2020 · Mar 8, 2020 · Mar 8, 2020
@@ -13,6 +13,8 @@ RUN go mod download
 COPY main.go main.go
 COPY api/ api/
 COPY controllers/ controllers/
+COPY webhook/ webhook/
+COPY github/ github/
 
 # Build
 RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 GO111MODULE=on go build -a -o manager main.go

@@ -21,25 +21,52 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
+const (
+	KeyRunnerName       = "actions.summerwind.dev/runner-name"
+	KeyRunnerRepository = "actions.summerwind.dev/runner-repository"
+
+	EnvRunnerName       = "RUNNER_NAME"
+	EnvRunnerRepository = "RUNNER_REPO"
+	EnvRunnerToken      = "RUNNER_TOKEN"
+
+	ContainerName = "runner"
+)
+
 // RunnerSpec defines the desired state of Runner
 type RunnerSpec struct {
 	// +kubebuilder:validation:MinLength=3
 	// +kubebuilder:validation:Pattern=`^[^/]+/[^/]+$`
 	Repository string `json:"repository"`
 
 	// +optional
-	Image string `json:"image"`
+	Replicas *int32 `json:"replicas,omitempty"`
+
+	// +optional
+	Image string `json:"image,omitempty"`
 
 	// +optional
-	Env []corev1.EnvVar `json:"env"`
+	Env []corev1.EnvVar `json:"env,omitempty"`
 }
 
 // RunnerStatus defines the observed state of Runner
 type RunnerStatus struct {
-	Registration RunnerStatusRegistration `json:"registration"`
-	Phase        string                   `json:"phase"`
-	Reason       string                   `json:"reason"`
-	Message      string                   `json:"message"`
+	// +optional
+	Registration *RunnerStatusRegistration `json:"registration,omitempty"`
+	Phase        string                    `json:"phase"`
+	Reason       string                    `json:"reason"`
+	Message      string                    `json:"message"`
+
+	// +optional
+	Replicas int32 `json:"replicas,omitempty"`
+
+	// +optional
+	ReadyReplicas int32 `json:"readyReplicas,omitempty"`
+
+	// +optional
+	CurrentReplicas int32 `json:"currentReplicas,omitempty"`
+
+	// +optional
+	UpdatedReplicas int32 `json:"updatedReplicas,omitempty"`
 }
 
 type RunnerStatusRegistration struct {
@@ -50,8 +77,9 @@ type RunnerStatusRegistration struct {
 
 // +kubebuilder:object:root=true
 // +kubebuilder:subresource:status
-// +kubebuilder:printcolumn:JSONPath=".spec.repository",name=Repository,type=string
-// +kubebuilder:printcolumn:JSONPath=".status.phase",name=Status,type=string
+// +kubebuilder:printcolumn:JSONPath=".spec.replicas",name="Desired",type="integer",description="Desired Replicas"
+// +kubebuilder:printcolumn:JSONPath=".status.replicas",name="Current",type="integer",description="Current Replicas"
+// +kubebuilder:printcolumn:JSONPath=".status.readyReplicas",name="Ready",type="integer",description="Ready Replicas"
 
 // Runner is the Schema for the runners API
 type Runner struct {
@@ -62,23 +90,6 @@ type Runner struct {
 	Status RunnerStatus `json:"status,omitempty"`
 }
 
-func (r Runner) IsRegisterable() bool {
-	if r.Status.Registration.Repository != r.Spec.Repository {
-		return false
-	}
-
-	if r.Status.Registration.Token == "" {
-		return false
-	}
-
-	now := metav1.Now()
-	if r.Status.Registration.ExpiresAt.Before(&now) {
-		return false
-	}
-
-	return true
-}
-
 // +kubebuilder:object:root=true
 
 // RunnerList contains a list of Runner

@@ -163,6 +163,9 @@ spec:
                       type: array
                     image:
                       type: string
+                    replicas:
+                      format: int32
+                      type: integer
                     repository:
                       minLength: 3
                       pattern: ^[^/]+/[^/]+$

@@ -9,12 +9,18 @@ metadata:
   name: runners.actions.summerwind.dev
 spec:
   additionalPrinterColumns:
-  - JSONPath: .spec.repository
-    name: Repository
-    type: string
-  - JSONPath: .status.phase
-    name: Status
-    type: string
+  - JSONPath: .spec.replicas
+    description: Desired Replicas
+    name: Desired
+    type: integer
+  - JSONPath: .status.replicas
+    description: Current Replicas
+    name: Current
+    type: integer
+  - JSONPath: .status.readyReplicas
+    description: Ready Replicas
+    name: Ready
+    type: integer
   group: actions.summerwind.dev
   names:
     kind: Runner
@@ -142,6 +148,9 @@ spec:
               type: array
             image:
               type: string
+            replicas:
+              format: int32
+              type: integer
             repository:
               minLength: 3
               pattern: ^[^/]+/[^/]+$
@@ -152,10 +161,16 @@ spec:
         status:
           description: RunnerStatus defines the observed state of Runner
           properties:
+            currentReplicas:
+              format: int32
+              type: integer
             message:
               type: string
             phase:
               type: string
+            readyReplicas:
+              format: int32
+              type: integer
             reason:
               type: string
             registration:
@@ -172,11 +187,16 @@ spec:
               - repository
               - token
               type: object
+            replicas:
+              format: int32
+              type: integer
+            updatedReplicas:
+              format: int32
+              type: integer
           required:
           - message
           - phase
           - reason
-          - registration
           type: object
       type: object
   version: v1alpha1

@@ -163,6 +163,9 @@ spec:
                       type: array
                     image:
                       type: string
+                    replicas:
+                      format: int32
+                      type: integer
                     repository:
                       minLength: 3
                       pattern: ^[^/]+/[^/]+$

@@ -17,9 +17,9 @@ bases:
 - ../rbac
 - ../manager
 # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in crd/kustomization.yaml
-#- ../webhook
+- ../webhook
 # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required.
-#- ../certmanager
+- ../certmanager
 # [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. 
 #- ../prometheus
 
@@ -36,39 +36,39 @@ patchesStrategicMerge:
 #- manager_prometheus_metrics_patch.yaml
 
 # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in crd/kustomization.yaml
-#- manager_webhook_patch.yaml
+- manager_webhook_patch.yaml
 
 # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'.
 # Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks.
 # 'CERTMANAGER' needs to be enabled to use ca injection
-#- webhookcainjection_patch.yaml
+- webhookcainjection_patch.yaml
 
 # the following config is for teaching kustomize how to do var substitution
 vars:
 # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix.
-#- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR
-#  objref:
-#    kind: Certificate
-#    group: cert-manager.io
-#    version: v1alpha2
-#    name: serving-cert # this name should match the one in certificate.yaml
-#  fieldref:
-#    fieldpath: metadata.namespace
-#- name: CERTIFICATE_NAME
-#  objref:
-#    kind: Certificate
-#    group: cert-manager.io
-#    version: v1alpha2
-#    name: serving-cert # this name should match the one in certificate.yaml
-#- name: SERVICE_NAMESPACE # namespace of the service
-#  objref:
-#    kind: Service
-#    version: v1
-#    name: webhook-service
-#  fieldref:
-#    fieldpath: metadata.namespace
-#- name: SERVICE_NAME
-#  objref:
-#    kind: Service
-#    version: v1
-#    name: webhook-service
+- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR
+  objref:
+    kind: Certificate
+    group: cert-manager.io
+    version: v1alpha2
+    name: serving-cert # this name should match the one in certificate.yaml
+  fieldref:
+    fieldpath: metadata.namespace
+- name: CERTIFICATE_NAME
+  objref:
+    kind: Certificate
+    group: cert-manager.io
+    version: v1alpha2
+    name: serving-cert # this name should match the one in certificate.yaml
+- name: SERVICE_NAMESPACE # namespace of the service
+  objref:
+    kind: Service
+    version: v1
+    name: webhook-service
+  fieldref:
+    fieldpath: metadata.namespace
+- name: SERVICE_NAME
+  objref:
+    kind: Service
+    version: v1
+    name: webhook-service
@@ -6,10 +6,10 @@ metadata:
   name: mutating-webhook-configuration
   annotations:
     cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
----
-apiVersion: admissionregistration.k8s.io/v1beta1
-kind: ValidatingWebhookConfiguration
-metadata:
-  name: validating-webhook-configuration
-  annotations:
-    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+#---
+#apiVersion: admissionregistration.k8s.io/v1beta1
+#kind: ValidatingWebhookConfiguration
+#metadata:
+#  name: validating-webhook-configuration
+#  annotations:
+#    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
@@ -6,6 +6,25 @@ metadata:
   creationTimestamp: null
   name: manager-role
 rules:
+- apiGroups:
+  - ""
+  resources:
+  - events
+  verbs:
+  - create
+  - patch
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
 - apiGroups:
   - actions.summerwind.dev
   resources:
@@ -67,9 +86,9 @@ rules:
   - patch
   - update
 - apiGroups:
-  - ""
+  - apps
   resources:
-  - pods
+  - statefulsets
   verbs:
   - create
   - delete

@@ -0,0 +1,25 @@
+
+---
+apiVersion: admissionregistration.k8s.io/v1beta1
+kind: MutatingWebhookConfiguration
+metadata:
+  creationTimestamp: null
+  name: mutating-webhook-configuration
+webhooks:
+- clientConfig:
+    caBundle: Cg==
+    service:
+      name: webhook-service
+      namespace: system
+      path: /mutate-v1-pod
+  failurePolicy: Ignore
+  name: runner-pod.webhook.actions.summerwind.dev
+  rules:
+  - apiGroups:
+    - ""
+    apiVersions:
+    - v1
+    operations:
+    - CREATE
+    resources:
+    - pods