feat(pluginpresets): evaluate CEL expressions for owned Plugins (#1774) ver.2

.golangci.yaml

@@ -99,6 +99,9 @@ linters:
           msg: github.com/howeyc/gopass is archived, use golang.org/x/term instead
     goconst:
       min-occurrences: 5
+      ignore-tests: true
+      ignore-string-values:
+        - "^[a-zA-Z_-]{1,20}$" # ignore short identifiers like "account" or "project_id"
     gocritic:
       enabled-checks:
         - boolExprSimplify

api/v1alpha1/plugin_types.go

@@ -66,6 +66,9 @@ type PluginOptionValue struct {
 	// ValueFrom references value in another source.
 	ValueFrom *PluginValueFromSource `json:"valueFrom,omitempty"`
 	// Expression is a YAML string with ${...} placeholders that will be evaluated as CEL expressions.
+	//
+	// Deprecated: Expression is deprecated on standalone Plugins and will be removed in a future release.
+	// Consider using a PluginPreset to deploy Plugins utilizing the Expression field.
 	Expression *string `json:"expression,omitempty"`
 }
 
@@ -77,6 +80,9 @@ type PluginValueFromSource struct {
 	// Secret references the v1.Secret containing the value that needs to be extracted
 	Secret *SecretKeyReference `json:"secret,omitempty"`
 	// Ref references values defined in another resource (Plugin, PluginPreset)
+	//
+	// Deprecated: Ref is deprecated on standalone Plugins and will be removed in a future release.
+	// Consider using a PluginPreset to deploy Plugins utilizing the Ref field.
 	Ref *ExternalValueSource `json:"ref,omitempty"`
 }
 

api/v1alpha1/pluginpreset_types.go

@@ -6,6 +6,7 @@ package v1alpha1
 import (
 	"slices"
 
+	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 
 	greenhousemetav1alpha1 "github.com/cloudoperators/greenhouse/api/meta/v1alpha1"
@@ -30,7 +31,7 @@ const (
 type PluginPresetSpec struct {
 
 	// PluginSpec is the spec of the plugin to be deployed by the PluginPreset.
-	Plugin PluginSpec `json:"plugin"`
+	Plugin PluginPresetPluginSpec `json:"plugin"`
 
 	// ClusterSelector is a label selector to select the clusters the plugin bundle should be deployed to.
 	ClusterSelector metav1.LabelSelector `json:"clusterSelector"`
@@ -50,6 +51,66 @@ type PluginPresetSpec struct {
 	DeletionPolicy string `json:"deletionPolicy,omitempty"`
 }
 
+// PluginPresetPluginSpec defines the desired state of Plugin
+type PluginPresetPluginSpec struct {
+	// PluginDefinitionRef is the reference to the (Cluster-)PluginDefinition.
+	PluginDefinitionRef PluginDefinitionReference `json:"pluginDefinitionRef"`
+
+	// DisplayName is an optional name for the Plugin to be displayed in the Greenhouse UI.
+	// This is especially helpful to distinguish multiple instances of a PluginDefinition in the same context.
+	// Defaults to a normalized version of metadata.name.
+	DisplayName string `json:"displayName,omitempty"`
+
+	// Values are the values for a PluginDefinition instance.
+	OptionValues []PluginOptionValue `json:"optionValues,omitempty"`
+
+	// ReleaseNamespace is the namespace in the remote cluster to which the backend is deployed.
+	// Defaults to the Greenhouse managed namespace if not set.
+	ReleaseNamespace string `json:"releaseNamespace,omitempty"`
+
+	// ReleaseName is the name of the helm release in the remote cluster to which the backend is deployed.
+	// If the Plugin was already deployed, the Plugin's name is used as the release name.
+	// If this Plugin is newly created, the releaseName is defaulted to the PluginDefinitions HelmChart name.
+	// +Optional
+	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="ReleaseName is immutable"
+	// +kubebuilder:validation:MaxLength=53
+	ReleaseName string `json:"releaseName,omitempty"`
+
+	// DeletionPolicy defines how Helm Releases created by a Plugin are handled upon deletion of the Plugin.
+	// Supported values are "Delete" and "Retain". If not set, defaults to "Delete".
+	// +Optional
+	// +kubebuilder:default=Delete
+	// +kubebuilder:validation:Enum=Delete;Retain
+	DeletionPolicy string `json:"deletionPolicy,omitempty"`
+
+	// IgnoreDifferences defines paths to ignore when detecting drift between desired and actual state.
+	// +Optional
+	IgnoreDifferences []IgnoreDifference `json:"ignoreDifferences,omitempty"`
+}
+
+// PluginPresetPluginOptionValue is the value for a PluginOption.
+type PluginPresetPluginOptionValue struct {
+	// Name of the values.
+	Name string `json:"name"`
+	// Value is the actual value in plain text.
+	Value *apiextensionsv1.JSON `json:"value,omitempty"`
+	// ValueFrom references value in another source.
+	ValueFrom *PluginPresetPluginValueFromSource `json:"valueFrom,omitempty"`
+	// Expression is a YAML string with ${...} placeholders that will be evaluated as CEL expressions.
+	Expression *string `json:"expression,omitempty"`
+}
+
+// PluginPresetPluginValueFromSource defines how to extract dynamic values
+// only one of secret or ref can be set
+// +kubebuilder:validation:XValidation:rule="!(has(self.secret) && has(self.ref))",message="both secret and ref cannot be set"
+// +kubebuilder:validation:XValidation:rule="has(self.secret) || has(self.ref)",message="one of secret or ref must be set"
+type PluginPresetPluginValueFromSource struct {
+	// Secret references the v1.Secret containing the value that needs to be extracted
+	Secret *SecretKeyReference `json:"secret,omitempty"`
+	// Ref references values defined in another resource (Plugin, PluginPreset)
+	Ref *ExternalValueSource `json:"ref,omitempty"`
+}
+
 // ClusterOptionOverride defines which plugin option should be override in which cluster
 // +Optional
 type ClusterOptionOverride struct {

charts/greenhouse/ci/test-values.yaml

@@ -15,6 +15,9 @@ global:
     expressionEvaluationEnabled: false
     integrationEnabled: false
     ociMirroringEnabled: false
+  # PluginPreset configuration for Greenhouse.
+  pluginPreset:
+    expressionEvaluationEnabled: true
   linkerd_enabled: false
   region: greenhouse
   registry: ghcr.io/cloudoperators/greenhouse

charts/greenhouse/values.yaml

@@ -23,6 +23,9 @@ global:
     expressionEvaluationEnabled: false
     integrationEnabled: false
     ociMirroringEnabled: false
+  # PluginPreset configuration for Greenhouse.
+  pluginPreset:
+    expressionEvaluationEnabled: true
 
 postgresqlng:
   enabled: true

charts/manager/ci/test-values.yaml

@@ -13,6 +13,8 @@ global:
     expressionEvaluationEnabled: false
     integrationEnabled: false
     ociMirroringEnabled: false
+  pluginPreset:
+    expressionEvaluationEnabled: true
 
 controllerManager:
   args:

charts/manager/crds/greenhouse.sap_pluginpresets.yaml

@@ -71,8 +71,11 @@ spec:
                         description: PluginOptionValue is the value for a PluginOption.
                         properties:
                           expression:
-                            description: Expression is a YAML string with ${...} placeholders
-                              that will be evaluated as CEL expressions.
+                            description: |-
+                              Expression is a YAML string with ${...} placeholders that will be evaluated as CEL expressions.
+
+                              Deprecated: Expression is deprecated on standalone Plugins and will be removed in a future release.
+                              Consider using a PluginPreset to deploy Plugins utilizing the Expression field.
                             type: string
                           name:
                             description: Name of the values.
@@ -84,8 +87,11 @@ spec:
                             description: ValueFrom references value in another source.
                             properties:
                               ref:
-                                description: Ref references values defined in another
-                                  resource (Plugin, PluginPreset)
+                                description: |-
+                                  Ref references values defined in another resource (Plugin, PluginPreset)
+
+                                  Deprecated: Ref is deprecated on standalone Plugins and will be removed in a future release.
+                                  Consider using a PluginPreset to deploy Plugins utilizing the Ref field.
                                 properties:
                                   expression:
                                     description: Expression is a CEL expression to
@@ -252,11 +258,6 @@ spec:
                 description: PluginSpec is the spec of the plugin to be deployed by
                   the PluginPreset.
                 properties:
-                  clusterName:
-                    description: ClusterName is the name of the cluster the plugin
-                      is deployed to. If not set, the plugin is deployed to the greenhouse
-                      cluster.
-                    type: string
                   deletionPolicy:
                     default: Delete
                     description: |-
@@ -309,8 +310,11 @@ spec:
                       description: PluginOptionValue is the value for a PluginOption.
                       properties:
                         expression:
-                          description: Expression is a YAML string with ${...} placeholders
-                            that will be evaluated as CEL expressions.
+                          description: |-
+                            Expression is a YAML string with ${...} placeholders that will be evaluated as CEL expressions.
+
+                            Deprecated: Expression is deprecated on standalone Plugins and will be removed in a future release.
+                            Consider using a PluginPreset to deploy Plugins utilizing the Expression field.
                           type: string
                         name:
                           description: Name of the values.
@@ -322,8 +326,11 @@ spec:
                           description: ValueFrom references value in another source.
                           properties:
                             ref:
-                              description: Ref references values defined in another
-                                resource (Plugin, PluginPreset)
+                              description: |-
+                                Ref references values defined in another resource (Plugin, PluginPreset)
+
+                                Deprecated: Ref is deprecated on standalone Plugins and will be removed in a future release.
+                                Consider using a PluginPreset to deploy Plugins utilizing the Ref field.
                               properties:
                                 expression:
                                   description: Expression is a CEL expression to extract
@@ -455,28 +462,6 @@ spec:
                       ReleaseNamespace is the namespace in the remote cluster to which the backend is deployed.
                       Defaults to the Greenhouse managed namespace if not set.
                     type: string
-                  waitFor:
-                    description: WaitFor defines other Plugins to wait for before
-                      installing this Plugin.
-                    items:
-                      description: WaitForItem is a wrapper around PluginRef to add
-                        context for every WaitFor list item.
-                      properties:
-                        pluginRef:
-                          description: PluginRef defines a reference to the Plugin.
-                          properties:
-                            name:
-                              description: Name of the Plugin.
-                              type: string
-                            pluginPreset:
-                              description: PluginPreset is the name of the PluginPreset
-                                which creates the Plugin.
-                              type: string
-                          type: object
-                      required:
-                      - pluginRef
-                      type: object
-                    type: array
                 required:
                 - pluginDefinitionRef
                 type: object

charts/manager/crds/greenhouse.sap_plugins.yaml

@@ -124,8 +124,11 @@ spec:
                   description: PluginOptionValue is the value for a PluginOption.
                   properties:
                     expression:
-                      description: Expression is a YAML string with ${...} placeholders
-                        that will be evaluated as CEL expressions.
+                      description: |-
+                        Expression is a YAML string with ${...} placeholders that will be evaluated as CEL expressions.
+
+                        Deprecated: Expression is deprecated on standalone Plugins and will be removed in a future release.
+                        Consider using a PluginPreset to deploy Plugins utilizing the Expression field.
                       type: string
                     name:
                       description: Name of the values.
@@ -137,8 +140,11 @@ spec:
                       description: ValueFrom references value in another source.
                       properties:
                         ref:
-                          description: Ref references values defined in another resource
-                            (Plugin, PluginPreset)
+                          description: |-
+                            Ref references values defined in another resource (Plugin, PluginPreset)
+
+                            Deprecated: Ref is deprecated on standalone Plugins and will be removed in a future release.
+                            Consider using a PluginPreset to deploy Plugins utilizing the Ref field.
                           properties:
                             expression:
                               description: Expression is a CEL expression to extract

charts/manager/templates/_helpers.tpl

@@ -117,3 +117,7 @@ Define postgresql helpers
 {{- define "plugin.ociMirroringEnabled" -}}
   {{- printf "%t" (required "global.plugin.ociMirroringEnabled missing" .Values.global.plugin.ociMirroringEnabled) }}
 {{- end }}
+{{/* Render the pluginPreset expression evaluation flag */}}
+{{- define "pluginPreset.expressionEvaluationEnabled" -}}
+  {{- printf "%t" (required "global.pluginPreset.expressionEvaluationEnabled missing" .Values.global.pluginPreset.expressionEvaluationEnabled) }}
+{{- end }}

charts/manager/templates/manager/feature-flag.yaml

@@ -26,9 +26,17 @@ data:
       expressionEvaluationEnabled: false / true
       integrationEnabled: false / true
       ociMirroringEnabled: false / true
+    # enable pluginPreset features
+    # expressionEvaluationEnabled allows you to enable or disable CEL expression evaluation in PluginPreset
+    # when enabled, expressions in PluginPreset.spec.plugin.optionValues are evaluated before creating the Plugin
+    pluginPreset: |
+      expressionEvaluationEnabled: false / true
+      integrationEnabled: false / true
   dex: |
     storage: {{ include "dex.backend" $ }}
   plugin: |
     expressionEvaluationEnabled: {{ include "plugin.expressionEvaluationEnabled" $ }}
     integrationEnabled: {{ include "plugin.integrationEnabled" $ }}
     ociMirroringEnabled: {{ include "plugin.ociMirroringEnabled" $ }}
+  pluginPreset: |
+    expressionEvaluationEnabled: {{ include "pluginPreset.expressionEvaluationEnabled" $ }}