Hybrid Application Service (HAS)
An Kubernetes operator to create and manage applications and control the lifecycle of applications.
Building & Testing
This operator provides a Makefile
to run all the usual development tasks. If you simply run make
without any arguments, you'll get a list of available "targets".
To build the operator binary run:
make build
To test the code:
make test
To build the docker image of the operator one can run:
make docker-build
This will make a docker image called controller:latest
which might or might not be what you want. To override the name of the image build, specify it in the IMG
environment variable, e.g.:
IMG=quay.io/user/hasoperator:next make docker-build
To push the image to an image repository one can use:
make docker-push
The image being pushed can again be modified using the environment variable:
IMG=quay.io/user/hasoperator:next make docker-push
Deploying the Operator (non-KCP)
The following section outlines the steps to deploy HAS on a physical Kubernetes cluster. If you are looking to deploy HAS on KCP, please see this document.
Setting up the AppStudio Build Service environment
- Install
OpenShift GitOps
from the in-cluster Operator Marketplace.
oc -n openshift-gitops apply -f https://raw.githubusercontent.com/redhat-appstudio/infra-deployments/main/argo-cd-apps/base/build.yaml
As a user, upon creation of Component, Tekton resources would be created by the controller.
If you wish to get 'working' PipelineRuns,
- Create an image pull secret named
redhat-appstudio-registry-pull-secret
. See Kubernetes docs for more information on how to create
Secrets
containing registry credentials.
- Configure the default image repository to which Pipelines would push images to by defining the environment variable
IMAGE_REPOSITORY
for the operator deployment.
Defaults to quay.io/redhat-appstudio/user-workload
.
Pipelines would use the credentials in the image pull secret redhat-appstudio-registry-pull-secret
to push to $IMAGE_REPOSITORY.
Creating a GitHub Secret for HAS
Before deploying the operator, you must ensure that a secret, has-github-token
, exists in the namespace where HAS will be deployed. This secret must contain a key-value pair, where the key is token
and where the value points to a valid GitHub Personal Access Token.
The token that is used here must have the following permissions set:
In addition to this, the GitHub token must be associated with an account that has write access to the GitHub organization you plan on using with HAS (see next section).
For example, on OpenShift:
Deploying HAS
Once a secret has been created, simply run the following commands to deploy HAS:
make install
make deploy
Specifying Alternate GitHub org
By default, HAS will use the redhat-appstudio-appdata
org for the creation of GitOps repositories. If you wish to use your own account, or a different GitHub org, setting GITHUB_ORG=<org>
before deploying will ensure that an alternate location is used.
For example:
GITHUB_ORG=fake-organization make deploy
would deploy HAS configured to use github.com/fake-organization.
Disabling Webhooks for Local Dev
Webhooks require self-signed certificates to validate the resources. To disable webhooks during local dev and testing, export ENABLE_WEBHOOKS=false
Useful links: