diff --git a/Cargo.lock b/Cargo.lock index 0877717..4f38799 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -4414,7 +4414,7 @@ dependencies = [ [[package]] name = "wasmcloud-operator" -version = "0.2.0" +version = "0.2.1" dependencies = [ "anyhow", "async-nats", @@ -4452,7 +4452,7 @@ dependencies = [ [[package]] name = "wasmcloud-operator-types" -version = "0.1.2" +version = "0.1.3" dependencies = [ "k8s-openapi", "kube", diff --git a/Cargo.toml b/Cargo.toml index 070f800..28101ad 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "wasmcloud-operator" -version = "0.2.0" +version = "0.2.1" edition = "2021" [[bin]] diff --git a/crates/types/Cargo.toml b/crates/types/Cargo.toml index 5e1ec1c..51db27c 100644 --- a/crates/types/Cargo.toml +++ b/crates/types/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "wasmcloud-operator-types" -version = "0.1.2" +version = "0.1.3" edition = "2021" [dependencies] diff --git a/crates/types/src/v1alpha1/wasmcloud_host_config.rs b/crates/types/src/v1alpha1/wasmcloud_host_config.rs index cb6cd19..f670145 100644 --- a/crates/types/src/v1alpha1/wasmcloud_host_config.rs +++ b/crates/types/src/v1alpha1/wasmcloud_host_config.rs @@ -54,14 +54,30 @@ pub struct WasmCloudHostConfigSpec { /// The Jetstream domain to use for the NATS sidecar. Defaults to "default". #[serde(default = "default_jetstream_domain")] pub jetstream_domain: String, + /// Allow the host to deploy using the latest tag on OCI components or providers + #[serde(default)] + pub allow_latest: bool, + /// Allow the host to pull artifacts from OCI registries insecurely + #[serde(default)] + pub allowed_insecure: Option>, /// The log level to use for the host. Defaults to "INFO". #[serde(default = "default_log_level")] pub log_level: String, + pub policy_service: Option, /// Kubernetes scheduling options for the wasmCloud host. pub scheduling_options: Option, } #[derive(Serialize, Deserialize, Clone, Debug, JsonSchema)] +#[serde(rename_all = "camelCase")] +pub struct PolicyService { + pub subject: Option, + pub timeout_ms: Option, + pub changes_subject: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, JsonSchema)] +#[serde(rename_all = "camelCase")] pub struct KubernetesSchedulingOptions { /// Run hosts as a DaemonSet instead of a Deployment. #[serde(default)] diff --git a/sample.yaml b/sample.yaml index bce34e6..8d57048 100644 --- a/sample.yaml +++ b/sample.yaml @@ -4,7 +4,7 @@ metadata: name: my-wasmcloud-cluster namespace: default spec: - hostReplicas: 2 + hostReplicas: 1 issuers: - CDKF6OKPOBQKAX57UOXO7SCHURTOZWKWIVPC2HFJTGFXY5VJX44ECEHH # The lattice to connect the hosts to @@ -18,23 +18,39 @@ spec: secretName: cluster-secrets logLevel: INFO natsAddress: nats://nats-cluster.default.svc.cluster.local + ################################################ + # Additional options that can be set for hosts: + ################################################ + # allowLatest: true + # allowedInsecure: + # - "localhost:5001" + # - "kind-registry:5000" + # Policy service configuration + # policyService: + # subject: "foo" + # changesSubject: "bar" + # timeoutMs: 5000 # Additional options to control how the underlying wasmCloud hosts are scheduled in Kubernetes. # This includes setting resource requirements for the nats and wasmCloud host # containers along with any additional pot template settings. - #schedulingOptions: + # schedulingOptions: # Enable the following to run the wasmCloud hosts as a DaemonSet - #daemonset: true + # daemonset: true # Set the resource requirements for the nats and wasmCloud host containers. - #resources: - # nats: - # requests: - # cpu: 100m - # wasmCloudHost: - # requests: - # cpu: 100m + # resources: + # nats: + # requests: + # cpu: 100m + # wasmCloudHost: + # requests: + # cpu: 100m # Any additional pod template settings to apply to the wasmCloud host pods. # See https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#podspec-v1-core for all valid options. # Note that you *cannot* set the `containers` field here as it is managed by the controller. - #pod_template_additions: + # podTemplateAdditions: + # spec: + # env: + # - name: HOST_IP + # value: spec.hostIP # nodeSelector: # kubernetes.io/os: linux diff --git a/src/controller.rs b/src/controller.rs index 550a6da..3959c7e 100644 --- a/src/controller.rs +++ b/src/controller.rs @@ -342,6 +342,48 @@ fn pod_template(config: &WasmCloudHostConfig, _ctx: Arc) -> PodTemplate }); } + if config.spec.allow_latest { + wasmcloud_env.push(EnvVar { + name: "WASMCLOUD_OCI_ALLOW_LATEST".to_string(), + value: Some("true".to_string()), + ..Default::default() + }); + } + + if let Some(values) = &config.spec.allowed_insecure { + wasmcloud_env.push(EnvVar { + name: "WASMCLOUD_OCI_ALLOWED_INSECURE".to_string(), + value: Some(values.join(",")), + ..Default::default() + }); + } + + if let Some(policy) = &config.spec.policy { + if let Some(subject) = &policy.subject { + wasmcloud_env.push(EnvVar { + name: "WASMCLOUD_POLICY_TOPIC".to_string(), + value: Some(subject.clone()), + ..Default::default() + }); + } + + if let Some(changes) = &policy.changes_subject { + wasmcloud_env.push(EnvVar { + name: "WASMCLOUD_POLICY_CHANGES_TOPIC".to_string(), + value: Some(changes.clone()), + ..Default::default() + }); + } + + if let Some(timeout) = &policy.timeout_ms { + wasmcloud_env.push(EnvVar { + name: "WASMCLOUD_POLICY_TIMEOUT".to_string(), + value: Some(timeout.to_string()), + ..Default::default() + }); + } + } + if let Some(labels) = &config.spec.host_labels { for (k, v) in labels.iter() { wasmcloud_env.push(EnvVar {