Switch from krt library to controller-runtime library (#15)

* Switch from krt to controller-runtime

* Add a SAN for vCluster's k8s API service

This fixes the issue where ArgoCD cannot communicate to
a vCluster through the host svc on the kubeconfig due
to the certificate missing a SAN for the
<clustername>.<namespace>.svc hostname

* Add container image build GHA

* Remove unused sample secret

.github/workflows/build-container-image.yaml

@@ -0,0 +1,100 @@
+name: Build and Push Image
+
+on:
+  push:
+    branches: 
+      - 'main'
+    paths:
+      - '**.go'
+      - 'go.mod'
+      - 'go.sum'
+      - 'Dockerfile'
+    tags:
+      - 'v**'
+
+jobs:
+  buildx:
+    needs: setup
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        platform:
+        - 'linux/amd64'
+        - 'linux/arm64'
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          persist-credentials: true
+
+      - name: Docker meta
+        id: image-metadata
+        uses: docker/metadata-action@v5
+        env:
+          DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index
+        with:
+          images: |
+            docker.io/superorbital/capargo
+          tags: |
+            type=raw,value=latest,enable={{is_default_branch}}
+            type=sha,enable={{is_default_branch}}
+            type=schedule,pattern={{date 'YYYYMMDD-hhmmss' tz='UTC'}},enable={{is_default_branch}}
+            type=match,pattern=v(\d.\d.\d),group=1,prefix=v,enable=${{ startsWith(github.ref, 'refs/tags/v') }}
+            type=match,pattern=v(\d.\d).\d,group=1,prefix=v,enable=${{ startsWith(github.ref, 'refs/tags/v') }}
+            type=match,pattern=v(\d).\d.\d,group=1,prefix=v,enable=${{ startsWith(github.ref, 'refs/tags/v') }}
+          labels: |
+            org.opencontainers.image.licenses=LicenseRef-Proprietary
+            org.opencontainers.image.authors=SuperOrbital, LLC
+            org.opencontainers.image.description=A controller that automatically registers any Cluster API cluster in your local ArgoCD instance.
+            org.opencontainers.image.documentation=https://github.com/superorbital/${{ github.event.repository.name }}/tree/${{ github.sha }}
+            org.opencontainers.image.revision=${{ github.sha }}
+            org.opencontainers.image.source=https://github.com/superorbital/${{ github.event.repository.name }}/tree/${{ github.sha }}
+            org.opencontainers.image.title=${{ matrix.directory }}
+            org.opencontainers.image.url=https://github.com/superorbital/${{ github.event.repository.name }}/tree/${{ github.sha }}
+            org.opencontainers.image.vendor=SuperOrbital, LLC
+          annotations: |
+            org.opencontainers.image.licenses=LicenseRef-Proprietary
+            org.opencontainers.image.authors=SuperOrbital, LLC
+            org.opencontainers.image.description=A controller that automatically registers any Cluster API cluster in your local ArgoCD instance.
+            org.opencontainers.image.documentation=https://github.com/superorbital/${{ github.event.repository.name }}/tree/${{ github.sha }}
+            org.opencontainers.image.revision=${{ github.sha }}
+            org.opencontainers.image.source=https://github.com/superorbital/${{ github.event.repository.name }}/tree/${{ github.sha }}
+            org.opencontainers.image.title=${{ matrix.directory }}
+            org.opencontainers.image.url=https://github.com/superorbital/${{ github.event.repository.name }}/tree/${{ github.sha }}
+            org.opencontainers.image.vendor=SuperOrbital, LLC
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Available platforms
+        run: echo ${{ steps.buildx.outputs.platforms }}
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Build and push
+        id: docker_build
+        uses: docker/build-push-action@v5
+        with:
+          provenance: false
+          sbom: false
+          build-args: |
+            BUILDTIME=${{ fromJSON(steps.image-metadata.outputs.json).labels['org.opencontainers.image.created'] }}
+            VERSION=${{ fromJSON(steps.image-metadata.outputs.json).labels['org.opencontainers.image.version'] }}
+            REVISION=${{ fromJSON(steps.image-metadata.outputs.json).labels['org.opencontainers.image.revision'] }}
+          context: '.'
+          file: Dockerfile
+          platforms: ${{ matrix.platform }}
+          push: true
+          tags: ${{ steps.image-metadata.outputs.tags }}
+          labels: ${{ steps.image-metadata.outputs.labels }}
+          annotations: ${{ steps.image-metadata.outputs.annotations }}

cmd/root.go

@@ -8,11 +8,17 @@ import (
 	"github.com/spf13/cobra"
 	"github.com/superorbital/capargo/internal/controller"
 	"github.com/superorbital/capargo/pkg/types"
-	"istio.io/istio/pkg/cluster"
-	"istio.io/istio/pkg/kube"
-	istiolog "istio.io/istio/pkg/log"
-	ctrl "sigs.k8s.io/controller-runtime"
-	restconfig "sigs.k8s.io/controller-runtime/pkg/client/config"
+
+	corev1 "k8s.io/api/core/v1"
+
+	"k8s.io/apimachinery/pkg/runtime"
+	clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1"
+	"sigs.k8s.io/controller-runtime/pkg/builder"
+	"sigs.k8s.io/controller-runtime/pkg/client/config"
+	logf "sigs.k8s.io/controller-runtime/pkg/log"
+	"sigs.k8s.io/controller-runtime/pkg/log/zap"
+	"sigs.k8s.io/controller-runtime/pkg/manager"
+	"sigs.k8s.io/controller-runtime/pkg/manager/signals"
 )
 
 // Build information
@@ -32,14 +38,19 @@ type BuildInfo struct {
 }
 
 // Flags
-var loggingOptions = istiolog.DefaultOptions()
+var opts = zap.Options{}
 var (
 	clusterID        string
 	clusterNamespace string
 	argoNamespace    string
 	timeout          time.Duration
 )
 
+// Scheme
+var (
+	scheme = runtime.NewScheme()
+)
+
 var rootCmd = &cobra.Command{
 	Use:   "capargo",
 	Short: "Runs the capargo controller",
@@ -52,47 +63,55 @@ var rootCmd = &cobra.Command{
 			Timeout:          timeout,
 		}
 		// Logger options
-		istiolog.Configure(loggingOptions)
-		logger := istiolog.RegisterScope("capargo-main", "")
+		logf.SetLogger(zap.New(zap.UseFlagOptions(&opts)))
+		logger := logf.Log.WithName("capargo-main")
 
 		// Display build information
 		b := BuildInfo{
 			BuildTime: BuildTime,
 			GitCommit: Revision,
 			Version:   Version,
 		}
-		logger.Infof("Starting up capargo binary: version=%s, revision=%s, build time=%s",
-			b.Version,
-			b.GitCommit,
-			b.BuildTime,
+		logger.Info("Starting up capargo binary",
+			"version", b.Version,
+			"revision", b.GitCommit,
+			"build time", b.BuildTime,
 		)
 
 		// Initialize controller
-		config, err := restconfig.GetConfig()
+		mgr, err := manager.New(config.GetConfigOrDie(), manager.Options{
+			Scheme: scheme,
+		})
 		if err != nil {
-			logger.Errorf("Failed to get restconfig: %v", err)
+			logger.Error(err, "could not create manager")
 			os.Exit(1)
 		}
-		client, err := kube.NewClient(kube.NewClientConfigForRestConfig(config), cluster.ID(o.ClusterID))
+
+		err = builder.
+			ControllerManagedBy(mgr).
+			For(&clusterv1.Cluster{}).
+			Owns(&corev1.Secret{}).
+			Complete(&controller.ClusterKubeconfigReconciler{
+				Client:  mgr.GetClient(),
+				Options: o,
+			})
 		if err != nil {
-			logger.Errorf("Unable to initialize Kubernetes client: %v", err)
+			logger.Error(err, "could not create controller")
 			os.Exit(1)
 		}
-		ctx := ctrl.SetupSignalHandler()
-		coll := controller.NewCollection(ctx, client, o)
-		go coll.Synced().WaitUntilSynced(ctx.Done())
-		if !client.RunAndWait(ctx.Done()) {
-			logger.Error("Failed to start informers and sync client")
-			client.Shutdown()
+
+		if err := mgr.Start(signals.SetupSignalHandler()); err != nil {
+			logger.Error(err, "could not start manager")
 			os.Exit(1)
 		}
-		<-ctx.Done()
 	},
 }
 
 func init() {
+	_ = corev1.AddToScheme(scheme)
+	_ = clusterv1.AddToScheme(scheme)
+	opts.BindFlags(flag.CommandLine)
 	rootCmd.PersistentFlags().AddGoFlagSet(flag.CommandLine)
-	loggingOptions.AttachCobraFlags(rootCmd)
 	rootCmd.Flags().StringVar(&clusterID, "id", "kind", "The name of the cluster where capargo is located.")
 	rootCmd.Flags().StringVar(&clusterNamespace, "cluster-namespace", "", "The namespace to watch for clusters")
 	rootCmd.Flags().DurationVar(&timeout, "timeout", 5*time.Minute, "The timeout period for any update action")

go.mod

@@ -5,8 +5,7 @@ go 1.22.1
 replace github.com/imdario/mergo => github.com/imdario/mergo v0.3.5
 
 require (
-	github.com/spf13/pflag v1.0.5
-	istio.io/istio v0.0.0-20240410182740-0cb5c33595cd
+	github.com/spf13/cobra v1.8.0
 	k8s.io/api v0.29.3
 	k8s.io/apimachinery v0.29.3
 	k8s.io/client-go v0.29.3
@@ -15,112 +14,65 @@ require (
 )
 
 require (
-	cel.dev/expr v0.15.0 // indirect
-	github.com/Masterminds/goutils v1.1.1 // indirect
-	github.com/Masterminds/semver/v3 v3.2.1 // indirect
-	github.com/Masterminds/sprig/v3 v3.2.3 // indirect
-	github.com/antlr/antlr4/runtime/Go/antlr/v4 v4.0.0-20230305170008-8188dc5388df // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
-	github.com/census-instrumentation/opencensus-proto v0.4.1 // indirect
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
-	github.com/cncf/xds/go v0.0.0-20240329184929-0c46c01016dc // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
-	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 // indirect
 	github.com/emicklei/go-restful/v3 v3.11.2 // indirect
-	github.com/envoyproxy/go-control-plane v0.12.1-0.20240409154308-6a432fea92ca // indirect
-	github.com/envoyproxy/protoc-gen-validate v1.0.4 // indirect
 	github.com/evanphx/json-patch v5.9.0+incompatible // indirect
 	github.com/evanphx/json-patch/v5 v5.9.0 // indirect
 	github.com/fsnotify/fsnotify v1.7.0 // indirect
 	github.com/go-logr/logr v1.4.1 // indirect
-	github.com/go-logr/stdr v1.2.2 // indirect
+	github.com/go-logr/zapr v1.3.0 // indirect
 	github.com/go-openapi/jsonpointer v0.20.2 // indirect
 	github.com/go-openapi/jsonreference v0.20.4 // indirect
 	github.com/go-openapi/swag v0.22.9 // indirect
-	github.com/goccy/go-json v0.10.2 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
-	github.com/google/btree v1.1.2 // indirect
-	github.com/google/cel-go v0.17.7 // indirect
 	github.com/google/gnostic-models v0.6.8 // indirect
 	github.com/google/go-cmp v0.6.0 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
+	github.com/google/pprof v0.0.0-20240227163752-401108e1b7e7 // indirect
 	github.com/google/uuid v1.6.0 // indirect
-	github.com/gorilla/websocket v1.5.1 // indirect
-	github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect
-	github.com/hashicorp/errwrap v1.1.0 // indirect
-	github.com/hashicorp/go-multierror v1.1.1 // indirect
-	github.com/huandu/xstrings v1.4.0 // indirect
 	github.com/imdario/mergo v1.0.0 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
-	github.com/lestrrat-go/backoff/v2 v2.0.8 // indirect
-	github.com/lestrrat-go/blackmagic v1.0.2 // indirect
-	github.com/lestrrat-go/httpcc v1.0.1 // indirect
-	github.com/lestrrat-go/iter v1.0.2 // indirect
-	github.com/lestrrat-go/jwx v1.2.29 // indirect
-	github.com/lestrrat-go/option v1.0.1 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
-	github.com/mitchellh/copystructure v1.2.0 // indirect
-	github.com/mitchellh/go-homedir v1.1.0 // indirect
-	github.com/mitchellh/reflectwalk v1.0.2 // indirect
-	github.com/moby/spdystream v0.2.0 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
-	github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect
-	github.com/peterbourgon/diskv v2.0.1+incompatible // indirect
+	github.com/onsi/ginkgo/v2 v2.16.0 // indirect
+	github.com/onsi/gomega v1.32.0 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
-	github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 // indirect
+	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/prometheus/client_golang v1.19.0 // indirect
 	github.com/prometheus/client_model v0.6.1 // indirect
 	github.com/prometheus/common v0.52.2 // indirect
 	github.com/prometheus/procfs v0.13.0 // indirect
-	github.com/shopspring/decimal v1.3.1 // indirect
-	github.com/spf13/cast v1.6.0 // indirect
-	github.com/spf13/cobra v1.8.0 // indirect
-	github.com/stoewer/go-strcase v1.3.0 // indirect
-	go.opentelemetry.io/otel v1.24.0 // indirect
-	go.opentelemetry.io/otel/exporters/prometheus v0.46.0 // indirect
-	go.opentelemetry.io/otel/metric v1.24.0 // indirect
-	go.opentelemetry.io/otel/sdk v1.24.0 // indirect
-	go.opentelemetry.io/otel/sdk/metric v1.24.0 // indirect
-	go.opentelemetry.io/otel/trace v1.24.0 // indirect
-	go.opentelemetry.io/proto/otlp v1.1.0 // indirect
-	go.uber.org/atomic v1.11.0 // indirect
+	github.com/rogpeppe/go-internal v1.12.0 // indirect
+	github.com/spf13/pflag v1.0.5 // indirect
+	github.com/stretchr/testify v1.9.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	go.uber.org/zap v1.27.0 // indirect
-	golang.org/x/crypto v0.22.0 // indirect
 	golang.org/x/exp v0.0.0-20240325151524-a685a6edb6d8 // indirect
 	golang.org/x/net v0.24.0 // indirect
 	golang.org/x/oauth2 v0.19.0 // indirect
-	golang.org/x/sync v0.7.0 // indirect
 	golang.org/x/sys v0.19.0 // indirect
 	golang.org/x/term v0.19.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	golang.org/x/time v0.5.0 // indirect
 	gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
-	google.golang.org/genproto/googleapis/api v0.0.0-20240401170217-c3f982113cda // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20240401170217-c3f982113cda // indirect
-	google.golang.org/grpc v1.63.0 // indirect
 	google.golang.org/protobuf v1.33.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
-	gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	istio.io/api v1.19.0-alpha.1.0.20240408183855-15a4e3d6643d // indirect
-	istio.io/client-go v1.19.0-alpha.1.0.20240408184455-7ae57ef2f5b6 // indirect
 	k8s.io/apiextensions-apiserver v0.29.3 // indirect
-	k8s.io/apiserver v0.29.3 // indirect
 	k8s.io/component-base v0.29.3 // indirect
 	k8s.io/klog/v2 v2.120.1 // indirect
 	k8s.io/kube-openapi v0.0.0-20240126223410-2919ad4fcfec // indirect
 	k8s.io/utils v0.0.0-20240310230437-4693a0247e57 // indirect
-	sigs.k8s.io/gateway-api v1.0.1-0.20240301190905-f6102784e488 // indirect
 	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
-	sigs.k8s.io/mcs-api v0.1.0 // indirect
 	sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
 	sigs.k8s.io/yaml v1.4.0 // indirect
 )