Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

converter for istio in-cluster operator config to sail operator config #616

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
+351 −3
Open

converter for istio in-cluster operator config to sail operator config #616

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
c9c8706
converter for istio in-cluster operator config to sail operator config
ctartici Feb 4, 2025
610ea23
Added output argument and a new test for optional arguments
ctartici Feb 13, 2025
af099c7
removed -i and -o from arguments
ctartici Feb 13, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
35 changes: 33 additions & 2 deletions docs/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -252,7 +252,7 @@ spec:
values:
pilot:
traceSampling: 0.1
version: v1.23.2
version: v1.24.3
```

Note that the only field that was added is the `spec.version` field. There are a few situations however where the APIs are different and require different approaches to achieve the same outcome.
Expand Down Expand Up @@ -293,7 +293,7 @@ spec:
pilot:
env:
PILOT_ENABLE_STATUS: "true"
version: v1.23.0
version: v1.24.3
namespace: istio-system
```

Expand All @@ -303,6 +303,37 @@ Note the quotes around the value of `spec.values.pilot.env.PILOT_ENABLE_STATUS`.

Sail Operator's Istio resource does not have a `spec.components` field. Instead, you can enable and disable components directly by setting `spec.values.<component>.enabled: true/false`. Other functionality exposed through `spec.components` like the k8s overlays is not currently available.

### Converter Script
This script is used to convert an Istio in-cluster operator configuration to a Sail Operator configuration. Upon execution, the script takes an input YAML file and istio version and generates a sail operator configuration file.

#### Usage
To run the configuration-converter.sh script, you need to provide four arguments, two of which are required:

1. Input file path (<input>): The path to your Istio operator configuration YAML file (required).
2. Output file path (<output>): The path where the converted Sail configuration will be saved. If not provided, the script will save the output with -sail.yaml appended to the input file name.
3. Namespace (-n <namespace>): The Kubernetes namespace for the Istio deployment. Defaults to istio-system if not provided.
4. Version (-v <version>): The version of Istio to be used (required).

```bash
./tools/configuration-converter.sh /path/to/input.yaml [optional-output.yaml] -n [optional-namespace] -v [version]
```

##### Sample command with default namespace and output:

```bash
./tools/configuration-converter.sh /home/user/istio_config.yaml -v v1.24.3
```

##### Sample command with custom output and namespace:

```bash
./tools/configuration-converter.sh /home/user/input/istio_config.yaml /home/user/output/output.yaml -n custom-namespace -v v1.24.3
```

> [!WARNING]
> This script is still under development.
> Please verify the resulting configuration carefully after conversion to ensure it meets your expectations and requirements.

### CNI

The CNI plugin's lifecycle is managed separately from the control plane. You will have to create a [IstioCNI resource](#istiocni-resource) to use CNI.
Expand Down
191 changes: 191 additions & 0 deletions pkg/converter/converter_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,191 @@
// Copyright Istio Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package converter

import (
"fmt"
"os"
"path/filepath"
"strings"
"testing"

"github.com/istio-ecosystem/sail-operator/pkg/test/project"
"github.com/istio-ecosystem/sail-operator/pkg/test/util/supportedversion"
"github.com/istio-ecosystem/sail-operator/tests/e2e/util/shell"
. "github.com/onsi/gomega"
)

var (
controlPlaneNamespace = "istio-system"
istioVersion = supportedversion.Default
istioFile = filepath.Join(project.RootDir, "tools", "istioConfig.yaml")
sailFile = filepath.Join(project.RootDir, "tools", "istioConfig-sail.yaml")
)

func TestConversion(t *testing.T) {
t.Cleanup(func() {
os.Remove(istioFile)
os.Remove(sailFile)
})
testcases := []struct {
name string
input string
expectedOutput string
}{
{
name: "simple",
input: `apiVersion: install.istio.io/v1alpha1
kind: IstioOperator
metadata:
name: default
spec:`,
expectedOutput: `apiVersion: sailoperator.io/v1
kind: Istio
metadata:
name: default
spec:
version: %s
namespace: %s`,
},
{
name: "complex",
input: `apiVersion: install.istio.io/v1alpha1
kind: IstioOperator
metadata:
name: default
spec:
components:
base:
enabled: true
pilot:
enabled: false
values:
global:
externalIstiod: true
operatorManageWebhooks: true
configValidation: false
base:
enableCRDTemplates: true
pilot:
env:
PILOT_ENABLE_STATUS: true`,
expectedOutput: `apiVersion: sailoperator.io/v1
kind: Istio
metadata:
name: default
spec:
values:
global:
externalIstiod: true
operatorManageWebhooks: true
configValidation: false
base:
enableCRDTemplates: true
enabled: true
pilot:
env:
PILOT_ENABLE_STATUS: "true"
enabled: false
version: %s
namespace: %s`,
},
{
name: "mandatory-arguments-only",
input: `apiVersion: install.istio.io/v1alpha1
kind: IstioOperator
metadata:
name: default
spec:`,
expectedOutput: `apiVersion: sailoperator.io/v1
kind: Istio
metadata:
name: default
spec:
version: %s
namespace: %s`,
},
}
for _, tc := range testcases {
t.Run(tc.name, func(t *testing.T) {
g := NewWithT(t)
err := saveYamlToFile(tc.input, istioFile)
g.Expect(err).To(Succeed(), "failed to write YAML file")

if tc.name == "mandatory-arguments-only" {
g.Expect(executeConfigConverter(istioFile, "", "", istioVersion)).To(Succeed(), "error in execution of ./configuration-converter.sh")
} else {
g.Expect(executeConfigConverter(istioFile, sailFile, controlPlaneNamespace,
istioVersion)).To(Succeed(), "error in execution of ./configuration-converter.sh")
}
tc.expectedOutput = fmt.Sprintf(tc.expectedOutput, istioVersion, controlPlaneNamespace)
isConversionValidated, err := validateYamlContent(tc.expectedOutput, sailFile)
g.Expect(err).To(Succeed(), "Can not open file to compare")
g.Expect(isConversionValidated).To(BeTrue(), "Converted content is not as expected")
})
}
}

// saveYamlToFile writes the given YAML content to given file
func saveYamlToFile(input, istioFile string) error {
if err := os.WriteFile(istioFile, []byte(input), 0o644); err != nil {
return fmt.Errorf("failed to write YAML file: %w", err)
}
return nil
}

func executeConfigConverter(input, output, controlPlaneNamespace, istioVersion string) error {
converter := filepath.Join(project.RootDir, "tools", "configuration-converter.sh")
args := []string{converter, input}

if output != "" {
args = append(args, output)
}

if controlPlaneNamespace != "" {
args = append(args, "-n", controlPlaneNamespace)
}

args = append(args, "-v", istioVersion)

cmd := strings.Join(args, " ")
_, err := shell.ExecuteCommand(cmd)
if err != nil {
return fmt.Errorf("error in execution of %s %s %s -n %s -v %s: %w", converter, input, output, controlPlaneNamespace, istioVersion, err)
}
return nil
}

// compareYamlContent checks if the provided YAML content matches the content of converted sail operator config
func validateYamlContent(expectedOutput, sailFile string) (bool, error) {
// Write the input YAML string to a temporary file
tmpFile := filepath.Join(project.RootDir, "tools", "temp.yaml")
err := os.WriteFile(tmpFile, []byte(expectedOutput), 0o644)
if err != nil {
return false, fmt.Errorf("failed to write temporary YAML file: %w", err)
}
defer os.Remove(tmpFile)

// The command will check if the files are equal, ignoring order
cmd := fmt.Sprintf("diff <(yq -P 'sort_keys(..)' -o=props %s) <(yq -P 'sort_keys(..)' -o=props %s)", sailFile, tmpFile)
output, err := shell.ExecuteCommand(cmd)
if err != nil {
return false, fmt.Errorf("error executing yq comparison: %w", err)
}
if output != "" {
return false, nil
}
// If no output from yq, the files are considered equal
return true, nil
}
2 changes: 1 addition & 1 deletion tests/e2e/util/shell/shell.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ func ExecuteCommand(command string) (string, error) {

// ExecuteShell executes a command given the input string and returns the output and err if any
func ExecuteShell(command string, input string) (string, error) {
cmd := exec.Command("sh", "-c", command)
cmd := exec.Command("bash", "-c", command)
if input != "" {
cmd.Stdin = strings.NewReader(input)
}
Expand Down
126 changes: 126 additions & 0 deletions tools/configuration-converter.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,126 @@
#!/bin/bash

# Copyright Istio Authors
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# This script is used to convert istio configuration to sail operator configuration.
# In the end of the execution new yaml file will be created with "sail-ISTIO_CONFIG_YAML" name.
# Usage: ./configuration-converter.sh ISTIO_CONFIG_YAML_WITH_PATH, example: ./configuration-converter.sh sample_config.yaml"
set -e

# Default values
NAMESPACE="istio-system"
VERSION=""
INPUT=""
OUTPUT=""

# Function to show usage
usage() {
echo "Usage: $0 <input> [output] [-n <namespace>] [-v <version>]"
echo " <input> : Input file (required)"
echo " [output] : Output file (optional, defaults to input's base directory with '-sail.yaml' suffix)"
echo " -n <namespace> : Namespace (optional, defaults to 'istio-system')"
echo " -v <version> : Istio Version (required)"
exit 1
}

# Ensure input file is provided
if [[ -z "$1" ]]; then
echo "Error: Input file is required."
usage
fi

INPUT="$1"
OUTPUT="$2"

# Shift parameters if output is provided
if [[ -n "$OUTPUT" && "$OUTPUT" != -* ]]; then
shift 2
else
OUTPUT="$(dirname "$INPUT")/$(basename "$INPUT" .yaml)-sail.yaml"
shift 1
fi

# Ensure output is not a directory
if [[ -d "$OUTPUT" ]]; then
echo "Error: OUTPUT must be a file, not a directory."
exit 1
fi

# Parse optional namespace and version arguments
while [[ $# -gt 0 ]]; do
case "$1" in
-n)
NAMESPACE="$2"
shift 2
;;
-v)
VERSION="$2"
shift 2
;;
*)
usage
;;
esac
done

if [[ -z "$VERSION" ]]; then
echo "Error: Version (-v) is required."
usage
fi

ctartici marked this conversation as resolved.
Show resolved Hide resolved
if ! command -v yq &>/dev/null; then
echo "Error: 'yq' is not installed. Please install it before running the script."
exit 1
fi

function add_mandatory_fields(){
yq -i eval ".apiVersion = \"sailoperator.io/v1\"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would add a check for the yq binary installed.
Otherwise, the command will fail without specifying a reason.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It will fail with yq command not found. You think I need to catch command not found and inform user with better error message?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You could add the following function.
It will check for the yq command available.
And if missing, will download it and use.

function verify_yq() {
    if ! command -v yq &> /dev/null; then
        if [[ "${OS}" == "darwin" ]]; then
            ERROR "Perform 'brew install yq' and try again."
        elif [[ "${OS}" == "linux" ]]; then
            WARNING "Missing yq command. Installing..."
            mkdir -p "$HOME"/.local/bin
            wget -qO- https://github.com/mikefarah/yq/releases/download/v4.16.2/yq_linux_amd64 \
                -O "$HOME"/.local/bin/yq && chmod +x "$HOME"/.local/bin/yq
            
            # Add local BIN dir to PATH
            [[ ":$PATH:" = *":$HOME/.local/bin:"* ]] || export PATH="$HOME/.local/bin:$PATH"
        fi
        INFO "The yq command installed"
    fi
    INFO "The yq command is found"
}

Or just check and explicitly tell the user what is missing.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done. added an error message for yq installation

| .kind = \"Istio\"
| (select(.spec.meshConfig) | .spec.values.meshConfig) = .spec.meshConfig
| (select(.spec.values.istio_cni) | .spec.values.pilot.cni) = .spec.values.istio_cni
| .metadata.name = \"default\"
| .spec.version = \"$VERSION\"
| .spec.namespace = \"$NAMESPACE\"
| del(.spec.values.istio_cni)
| del(.spec.meshConfig)
| del(.spec.hub)
| del(.spec.tag)
| del(.spec.values.gateways)" "$OUTPUT"
}

#Convert boolean values to string if they are under *.env
function boolean_2_string(){
yq -i -e '(.spec.values.[].env.[] | select(. == true)) |= "true"
| (.spec.values.[].env.[] | select(. == false)) |= "false"' "$OUTPUT"
yq -i -e 'del(.. | select(tag == "!!seq" and length == 0))' "$OUTPUT"
}

# Note that if there is an entry except spec.components.<component>.enabled: true/false converter will delete them and warn user
function validate_spec_components(){
yq -i 'del(.spec.components.[] | keys[] | select(. != "enabled")) | .spec.values *= .spec.components | del (.spec.components)' "$OUTPUT"
echo "Only values in the format spec.components.<component>.enabled: true/false are supported for conversion. For more details, refer to the documentation: https://github.com/istio-ecosystem/sail-operator/tree/main/docs#components-field"
}

# create output file
cp "$INPUT" "$OUTPUT"

# in-place edit created output file
add_mandatory_fields
boolean_2_string
if [[ $(yq eval '.spec.components' "$OUTPUT") != "null" ]]; then
validate_spec_components
fi

echo "Sail configuration file created with name: $(realpath "$OUTPUT")"