refactor!: new cloud native approach for reconciliation (#150)

* refactor!: new cloud native approach for reconciliation

* ci: remove old script

* fix: lint errors

* fix: makefile

.gitignore

@@ -7,6 +7,7 @@
 *.dylib
 bin
 manager
+proxy/proxy
 
 # Test binary, build with `go test -c`
 *.test

.goreleaser.yaml

@@ -7,12 +7,22 @@ builds:
   - linux
   env:
   - CGO_ENABLED=0
+- id: proxy
+  binary: proxy
+  goos:
+  - linux
+  env:
+  - CGO_ENABLED=0
 
 archives:
 - id: manager
   name_template: "manager_{{ .Version }}_{{ .Os }}_{{ .Arch }}"
   builds:
   - manager
+- id: proxy
+  name_template: "proxy_{{ .Version }}_{{ .Os }}_{{ .Arch }}"
+  builds:
+  - proxy
 
 checksum:
   name_template: 'checksums.txt'
@@ -35,8 +45,6 @@ dockers:
   - ghcr.io/doodlescheduling/{{ .ProjectName }}:v{{ .Version }}-amd64
   dockerfile: Dockerfile
   use: buildx
-  extra_files:
-  - assets
   ids:
   - manager
   build_flag_templates:
@@ -54,8 +62,6 @@ dockers:
   goarch: arm64
   dockerfile: Dockerfile
   use: buildx
-  extra_files:
-  - assets
   ids:
   - manager
   build_flag_templates:
@@ -68,6 +74,39 @@ dockers:
   - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }}
   - --label=org.opencontainers.image.revision={{ .FullCommit }}
   - --label=org.opencontainers.image.licenses=Apache-2.0
+- image_templates:
+  - ghcr.io/doodlescheduling/{{ .ProjectName }}/proxy:v{{ .Version }}-amd64
+  dockerfile: proxy/Dockerfile
+  use: buildx
+  ids:
+  - proxy
+  build_flag_templates:
+  - --platform=linux/amd64
+  - --label=org.opencontainers.image.title={{ .ProjectName }}
+  - --label=org.opencontainers.image.description={{ .ProjectName }}
+  - --label=org.opencontainers.image.url=https://github.com/doodlescheduling/{{ .ProjectName }}
+  - --label=org.opencontainers.image.source=https://github.com/doodlescheduling/{{ .ProjectName }}
+  - --label=org.opencontainers.image.version={{ .Version }}
+  - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }}
+  - --label=org.opencontainers.image.revision={{ .FullCommit }}
+  - --label=org.opencontainers.image.licenses=Apache-2.0
+- image_templates: 
+  - ghcr.io/doodlescheduling/{{ .ProjectName }}/proxy:v{{ .Version }}-arm64v8
+  goarch: arm64
+  dockerfile: proxy/Dockerfile
+  use: buildx
+  ids:
+  - proxy
+  build_flag_templates:
+  - --platform=linux/arm64/v8
+  - --label=org.opencontainers.image.title={{ .ProjectName }}
+  - --label=org.opencontainers.image.description={{ .ProjectName }}
+  - --label=org.opencontainers.image.url=https://github.com/doodlescheduling/{{ .ProjectName }}
+  - --label=org.opencontainers.image.source=https://github.com/doodlescheduling/{{ .ProjectName }}
+  - --label=org.opencontainers.image.version={{ .Version }}
+  - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }}
+  - --label=org.opencontainers.image.revision={{ .FullCommit }}
+  - --label=org.opencontainers.image.licenses=Apache-2.0
 
 docker_manifests:
 - name_template: ghcr.io/doodlescheduling/{{ .ProjectName }}:v{{ .Version }}
@@ -78,6 +117,14 @@ docker_manifests:
   image_templates:
   - ghcr.io/doodlescheduling/{{ .ProjectName }}:v{{ .Version }}-amd64
   - ghcr.io/doodlescheduling/{{ .ProjectName }}:v{{ .Version }}-arm64v8
+- name_template: ghcr.io/doodlescheduling/{{ .ProjectName }}/proxy:v{{ .Version }}
+  image_templates:
+  - ghcr.io/doodlescheduling/{{ .ProjectName }}/proxy:v{{ .Version }}-amd64
+  - ghcr.io/doodlescheduling/{{ .ProjectName }}/proxy:v{{ .Version }}-arm64v8
+- name_template: ghcr.io/doodlescheduling/{{ .ProjectName }}/proxy:latest
+  image_templates:
+  - ghcr.io/doodlescheduling/{{ .ProjectName }}/proxy:v{{ .Version }}-amd64
+  - ghcr.io/doodlescheduling/{{ .ProjectName }}/proxy:v{{ .Version }}-arm64v8
 
 signs:
 - cmd: cosign

Dockerfile

@@ -1,9 +1,6 @@
-FROM amazoncorretto:17.0.8
+FROM gcr.io/distroless/static:nonroot
 WORKDIR /
 COPY manager manager
 USER 65532:65532
-COPY assets /assets
-ENV ASSETS_PATH="/assets"
-ENV USER keycloak-controller
 
 ENTRYPOINT ["/manager"]

Makefile

@@ -1,5 +1,6 @@
 
 # Image URL to use all building/pushing image targets
+PROXY_IMG ?= keycloak-controller-proxy:latest
 IMG ?= keycloak-controller:latest
 # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary.
 ENVTEST_K8S_VERSION = 1.27
@@ -72,6 +73,7 @@ test: manifests generate fmt vet tidy envtest ## Run tests.
 .PHONY: build
 build: generate fmt vet tidy ## Build manager binary.
 	CGO_ENABLED=0 go build -o manager main.go
+	CGO_ENABLED=0 go build -o proxy/proxy ./proxy/
 
 .PHONY: run
 run: manifests generate fmt vet tidy ## Run a controller from your host.
@@ -90,10 +92,12 @@ api-docs: gen-crd-api-reference-docs
 .PHONY: docker-build
 docker-build: build
 	docker build -t ${IMG} .
+	docker build -t ${PROXY_IMG} proxy
 
 .PHONY: docker-push
 docker-push: ## Push docker image with the manager.
 	docker push ${IMG}
+	docker push ${PROXY_IMG}
 
 ##@ Deployment
 
@@ -123,10 +127,10 @@ CLUSTER=kind
 
 .PHONY: kind-test
 kind-test: ## Deploy including test
-	kustomize build config/base/crd | kubectl --context kind-${CLUSTER} apply -f -	
+	kustomize build config/base/crd | kubectl --context kind-${CLUSTER} apply --server-side=true -f -
 	kubectl --context kind-${CLUSTER} -n keycloak-system delete pods --all
 	kind load docker-image ${IMG} --name ${CLUSTER}
-	kustomize build config/tests/cases/${TEST_PROFILE} --enable-helm | kubectl --context kind-${CLUSTER} apply -f -	
+	kustomize build config/tests/cases/${TEST_PROFILE} --enable-helm | kubectl --context kind-${CLUSTER} apply --server-side=true -f -
 	kubectl --context kind-${CLUSTER} -n keycloak-system wait --for=condition=Ready pods -l control-plane=controller-manager -l app.kubernetes.io/managed-by!=Helm,verify!=yes --timeout=3m
 	kubectl --context kind-${CLUSTER} -n keycloak-system wait --for=jsonpath='{.status.conditions[1].reason}'=PodCompleted pods -l app.kubernetes.io/managed-by!=Helm,verify=yes --timeout=3m