HYPERFLEET-569 - feat: Implement maestro DSL loader

README.md

@@ -157,6 +157,7 @@ A  HyperFleet Adapter requires several files for configuration:
 To see all configuration options read [configuration.md](configuration.md) file
 
 #### Adapter configuration
+
 The adapter deployment configuration (`AdapterConfig`) controls runtime and infrastructure
 settings for the adapter process, such as client connections, retries, and broker
 subscription details. It is loaded with Viper, so values can be overridden by CLI flags
@@ -167,10 +168,11 @@ and environment variables in this priority order: CLI flags > env vars > file >
   (HyperFleet API, Maestro, broker, Kubernetes)
 
 Reference examples:
-- `configs/adapter-deployment-config.yaml` (full reference with env/flag notes)
-- `charts/examples/adapter-config.yaml` (minimal deployment example)
+
+- `charts/examples/adapter-config.yaml`
 
 #### Adapter task configuration
+
 The adapter task configuration (`AdapterTaskConfig`) defines the **business logic** for
 processing events: parameters, preconditions, resources to create, and post-actions.
 This file is loaded as **static YAML** (no Viper overrides) and is required at runtime.
@@ -180,13 +182,13 @@ This file is loaded as **static YAML** (no Viper overrides) and is required at r
 - **Resource manifests**: inline YAML or external file via `manifest.ref`
 
 Reference examples:
-- `charts/examples/adapter-task-config.yaml` (worked example)
-- `configs/adapter-task-config-template.yaml` (complete schema reference)
 
+- `charts/examples/adapter-task-config.yaml` (worked example)
 
 ### Broker Configuration
 
 Broker configuration is particular since responsibility is split between:
+
 - **Hyperfleet broker library**: configures the connection to a concrete broker (google pubsub, rabbitmq, ...)
   - Configured using a YAML file specified by the `BROKER_CONFIG_FILE` environment variable
 - **Adapter**: configures which topic/subscriptions to use on the broker

charts/examples/adapter-config.yaml

@@ -11,7 +11,9 @@ spec:
     version: "0.1.0"
 
   # Log the full merged configuration after load (default: false)
-  debugConfig: false
+  debugConfig: true
+  log:
+    level: debug
 
   clients:
     hyperfleetApi:
@@ -22,8 +24,51 @@ spec:
       retryBackoff: exponential
 
     broker:
-      subscriptionId: "example-clusters-subscription"
-      topic: "example-clusters"
+      subscriptionId: "CHANGE_ME"
+      topic: "CHANGE_ME"
 
     kubernetes:
       apiVersion: "v1"
+      #kubeConfigPath: PATH_TO_KUBECONFIG  # for local development
+
+    maestro:
+      grpcServerAddress: "maestro-grpc.maestro.svc.cluster.local:8090"
+
+      # HTTPS server address for REST API operations (optional)
+      # Environment variable: HYPERFLEET_MAESTRO_HTTP_SERVER_ADDRESS
+      httpServerAddress: "http://maestro.maestro.svc.cluster.local:8000"
+
+      # Source identifier for CloudEvents routing (must be unique across adapters)
+      # Environment variable: HYPERFLEET_MAESTRO_SOURCE_ID
+      sourceId: "hyperfleet-adapter"
+
+      # Client identifier (defaults to sourceId if not specified)
+      # Environment variable: HYPERFLEET_MAESTRO_CLIENT_ID
+      clientId: "hyperfleet-adapter-client"
+      insecure: true
+
+      # Authentication configuration
+      #auth:
+      #  type: "tls"  # TLS certificate-based mTLS
+      #  
+      #  tlsConfig:
+      #    # gRPC TLS configuration
+      #    # Certificate paths (mounted from Kubernetes secrets)
+      #    # Environment variable: HYPERFLEET_MAESTRO_CA_FILE
+      #    caFile: "/etc/maestro/certs/grpc/ca.crt"
+      #    
+      #    # Environment variable: HYPERFLEET_MAESTRO_CERT_FILE
+      #    certFile: "/etc/maestro/certs/grpc/client.crt"
+      #    
+      #    # Environment variable: HYPERFLEET_MAESTRO_KEY_FILE
+      #    keyFile: "/etc/maestro/certs/grpc/client.key"
+      #    
+      #    # Server name for TLS verification
+      #    # Environment variable: HYPERFLEET_MAESTRO_SERVER_NAME
+      #    serverName: "maestro-grpc.maestro.svc.cluster.local"
+      #    
+      #    # HTTP API TLS configuration (may use different CA than gRPC)
+      #    # If not set, falls back to caFile for backwards compatibility
+      #    # Environment variable: HYPERFLEET_MAESTRO_HTTP_CA_FILE
+      #    httpCaFile: "/etc/maestro/certs/https/ca.crt"
+

charts/examples/adapter-task-config.yaml

@@ -76,7 +76,31 @@ spec:
 
   # Resources with valid K8s manifests
   resources:
+    - name: "maestro"
+      transport:
+        client: "maestro"
+        maestro:
+          targetCluster: cluster1
+      manifest:
+        apiVersion: v1
+        kind: Namespace
+        metadata:
+          name: "maestro-{{ .clusterId }}"
+          labels:
+            hyperfleet.io/cluster-id: "{{ .clusterId }}"
+            hyperfleet.io/cluster-name: "{{ .clusterName }}"
+          annotations:
+            hyperfleet.io/generation: "{{ .generationSpec }}"
+      discovery:
+        namespace: "*"  # Cluster-scoped resource (Namespace)
+        bySelectors:
+          labelSelector:
+            hyperfleet.io/cluster-id: "{{ .clusterId }}"
+            hyperfleet.io/cluster-name: "{{ .clusterName }}"
+
     - name: "clusterNamespace"
+      transport:
+        client: "kubernetes"
       manifest:
         apiVersion: v1
         kind: Namespace
@@ -98,6 +122,8 @@ spec:
     # in the namespace created above
     # it will require a service account to be created in that namespace as well as a role and rolebinding
     - name: "jobServiceAccount"
+      transport:
+        client: "kubernetes"
       manifest:
         ref: "/etc/adapter/job-serviceaccount.yaml"
       discovery:
@@ -107,6 +133,8 @@ spec:
             hyperfleet.io/cluster-id: "{{ .clusterId }}"
 
     - name: "job_role"
+      transport:
+        client: "kubernetes"
       manifest:
         ref: "/etc/adapter/job-role.yaml"
       discovery:
@@ -118,6 +146,8 @@ spec:
             hyperfleet.io/resource-type: "role"
 
     - name: "job_rolebinding"
+      transport:
+        client: "kubernetes"
       manifest:
         ref: "/etc/adapter/job-rolebinding.yaml"
       discovery:
@@ -129,6 +159,8 @@ spec:
             hyperfleet.io/resource-type: "rolebinding"
 
     - name: "jobNamespace"
+      transport:
+        client: "kubernetes"
       manifest:
         ref: "/etc/adapter/job.yaml"
       discovery:
@@ -143,6 +175,8 @@ spec:
     # and using the same service account as the adapter
 
     - name: "deploymentNamespace"
+      transport:
+        client: "kubernetes"
       manifest:
         ref: "/etc/adapter/deployment.yaml"
       discovery:

cmd/adapter/main.go

@@ -9,10 +9,10 @@ import (
 	"syscall"
 	"time"
 
+	"github.com/openshift-hyperfleet/hyperfleet-adapter/internal/client_factory"
 	"github.com/openshift-hyperfleet/hyperfleet-adapter/internal/config_loader"
 	"github.com/openshift-hyperfleet/hyperfleet-adapter/internal/executor"
-	"github.com/openshift-hyperfleet/hyperfleet-adapter/internal/hyperfleet_api"
-	"github.com/openshift-hyperfleet/hyperfleet-adapter/internal/k8s_client"
+	"github.com/openshift-hyperfleet/hyperfleet-adapter/internal/maestro_client"
 	"github.com/openshift-hyperfleet/hyperfleet-adapter/pkg/health"
 	"github.com/openshift-hyperfleet/hyperfleet-adapter/pkg/logger"
 	"github.com/openshift-hyperfleet/hyperfleet-adapter/pkg/otel"
@@ -50,7 +50,6 @@ const (
 )
 
 func main() {
-
 	// Root command
 	rootCmd := &cobra.Command{
 		Use:   "adapter",
@@ -269,7 +268,7 @@ func runServe() error {
 
 	// Create HyperFleet API client from config
 	log.Info(ctx, "Creating HyperFleet API client...")
-	apiClient, err := createAPIClient(config.Spec.Clients.HyperfleetAPI, log)
+	apiClient, err := client_factory.CreateAPIClient(config.Spec.Clients.HyperfleetAPI, log)
 	if err != nil {
 		errCtx := logger.WithErrorField(ctx, err)
 		log.Errorf(errCtx, "Failed to create HyperFleet API client")
@@ -278,21 +277,39 @@ func runServe() error {
 
 	// Create Kubernetes client
 	log.Info(ctx, "Creating Kubernetes client...")
-	k8sClient, err := createK8sClient(ctx, config.Spec.Clients.Kubernetes, log)
+	k8sClient, err := client_factory.CreateK8sClient(ctx, config.Spec.Clients.Kubernetes, log)
 	if err != nil {
 		errCtx := logger.WithErrorField(ctx, err)
 		log.Errorf(errCtx, "Failed to create Kubernetes client")
 		return fmt.Errorf("failed to create Kubernetes client: %w", err)
 	}
 
+	// Create Maestro client if configured
+	var maestroClient maestro_client.ManifestWorkClient
+	if config.Spec.Clients.Maestro != nil {
+		log.Info(ctx, "Creating Maestro client...")
+		maestroClient, err = client_factory.CreateMaestroClient(ctx, config.Spec.Clients.Maestro, log)
+		if err != nil {
+			errCtx := logger.WithErrorField(ctx, err)
+			log.Errorf(errCtx, "Failed to create Maestro client")
+			return fmt.Errorf("failed to create Maestro client: %w", err)
+		}
+		log.Info(ctx, "Maestro client created successfully")
+	}
+
 	// Create the executor using the builder pattern
 	log.Info(ctx, "Creating event executor...")
-	exec, err := executor.NewBuilder().
+	execBuilder := executor.NewBuilder().
 		WithConfig(config).
 		WithAPIClient(apiClient).
 		WithK8sClient(k8sClient).
-		WithLogger(log).
-		Build()
+		WithLogger(log)
+
+	if maestroClient != nil {
+		execBuilder = execBuilder.WithMaestroClient(maestroClient)
+	}
+
+	exec, err := execBuilder.Build()
 	if err != nil {
 		errCtx := logger.WithErrorField(ctx, err)
 		log.Errorf(errCtx, "Failed to create executor")
@@ -437,60 +454,3 @@ func runServe() error {
 
 	return nil
 }
-
-// createAPIClient creates a HyperFleet API client from the config
-func createAPIClient(apiConfig config_loader.HyperfleetAPIConfig, log logger.Logger) (hyperfleet_api.Client, error) {
-	var opts []hyperfleet_api.ClientOption
-
-	// Set base URL if configured (env fallback handled in NewClient)
-	if apiConfig.BaseURL != "" {
-		opts = append(opts, hyperfleet_api.WithBaseURL(apiConfig.BaseURL))
-	}
-
-	// Set timeout if configured (0 means use default)
-	if apiConfig.Timeout > 0 {
-		opts = append(opts, hyperfleet_api.WithTimeout(apiConfig.Timeout))
-	}
-
-	// Set retry attempts
-	if apiConfig.RetryAttempts > 0 {
-		opts = append(opts, hyperfleet_api.WithRetryAttempts(apiConfig.RetryAttempts))
-	}
-
-	// Set retry backoff strategy
-	if apiConfig.RetryBackoff != "" {
-		switch apiConfig.RetryBackoff {
-		case hyperfleet_api.BackoffExponential, hyperfleet_api.BackoffLinear, hyperfleet_api.BackoffConstant:
-			opts = append(opts, hyperfleet_api.WithRetryBackoff(apiConfig.RetryBackoff))
-		default:
-			return nil, fmt.Errorf("invalid retry backoff strategy %q (supported: exponential, linear, constant)", apiConfig.RetryBackoff)
-		}
-	}
-
-	// Set retry base delay
-	if apiConfig.BaseDelay > 0 {
-		opts = append(opts, hyperfleet_api.WithBaseDelay(apiConfig.BaseDelay))
-	}
-
-	// Set retry max delay
-	if apiConfig.MaxDelay > 0 {
-		opts = append(opts, hyperfleet_api.WithMaxDelay(apiConfig.MaxDelay))
-	}
-
-	// Set default headers
-	for key, value := range apiConfig.DefaultHeaders {
-		opts = append(opts, hyperfleet_api.WithDefaultHeader(key, value))
-	}
-
-	return hyperfleet_api.NewClient(log, opts...)
-}
-
-// createK8sClient creates a Kubernetes client from the config
-func createK8sClient(ctx context.Context, k8sConfig config_loader.KubernetesConfig, log logger.Logger) (*k8s_client.Client, error) {
-	clientConfig := k8s_client.ClientConfig{
-		KubeConfigPath: k8sConfig.KubeConfigPath,
-		QPS:            k8sConfig.QPS,
-		Burst:          k8sConfig.Burst,
-	}
-	return k8s_client.NewClient(ctx, clientConfig, log)
-}