Detect and correct cluster drift

Signed-off-by: Stefan Prodan <[email protected]>

.github/workflows/golangci-lint.yml → .github/workflows/golangci-lint.yaml

@@ -1,4 +1,4 @@
-name: golangci-lint
+name: golangci
 on:
  pull_request:
  branches:
@@ -8,16 +8,16 @@ permissions:
  contents: read
 
 jobs:
- golangci-lint:
- name: golangci-lint
+ lint:
  runs-on: ubuntu-latest
  steps:
  - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
  - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
  with:
  go-version-file: 'go.mod'
  cache: true
- - name: golangci-lint
- uses: golangci/golangci-lint-action@3cfe3a4abbb849e10058ce4af15d205b6da42804 # v4.0.0
+ - uses: golangci/golangci-lint-action@3cfe3a4abbb849e10058ce4af15d205b6da42804 # v4.0.0
  with:
+ version: latest
+ skip-pkg-cache: true
  args: --timeout=10m

.github/workflows/tests.yaml

@@ -21,12 +21,7 @@ jobs:
  with:
  go-version-file: 'go.mod'
  cache: true
- - run: go mod download
- - run: go build -v .
- - name: Run linters
- uses: golangci/golangci-lint-action@3cfe3a4abbb849e10058ce4af15d205b6da42804 # v4.0.0
- with:
- version: latest
+ - run: make build
  generate:
  runs-on: ubuntu-latest
  steps:
@@ -152,6 +147,24 @@ jobs:
  terraform apply -auto-approve -var "github_token=${GITHUB_TOKEN}" -var "github_org=fluxcd-testing" -var "github_repository=${{ steps.vars.outputs.test_repo_name }}"
  env:
  GITHUB_TOKEN: ${{ secrets.GITPROVIDER_BOT_TOKEN }}
+ - name: Teardown Flux
+ run: |
+ flux uninstall -s --keep-namespace
+ kubectl delete ns flux-system
+ - name: Restore Flux with Terraform
+ run: |
+ export TF_CLI_CONFIG_FILE="${PWD}/.terraformrc"
+ cd examples/github-via-ssh
+ terraform apply -auto-approve -var "github_token=${GITHUB_TOKEN}" -var "github_org=fluxcd-testing" -var "github_repository=${{ steps.vars.outputs.test_repo_name }}"
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITPROVIDER_BOT_TOKEN }}
+ - name: No-op apply Terraform
+ run: |
+ export TF_CLI_CONFIG_FILE="${PWD}/.terraformrc"
+ cd examples/github-via-ssh
+ terraform apply -auto-approve -var "github_token=${GITHUB_TOKEN}" -var "github_org=fluxcd-testing" -var "github_repository=${{ steps.vars.outputs.test_repo_name }}"
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITPROVIDER_BOT_TOKEN }}
  - name: Destroy Terraform
  run: |
  cd examples/github-via-ssh

Makefile

@@ -22,6 +22,12 @@ test: tidy fmt vet
 testacc: tidy fmt vet
  TF_ACC=1 go test ./... -v -count $(TEST_COUNT) -parallel $(ACCTEST_PARALLELISM) -timeout $(ACCTEST_TIMEOUT)
 
+# Run acceptance tests on macOS with the gitea-flux instance
+# Requires the following entry in /etc/hosts:
+# 127.0.0.1 gitea-flux
+testmacos: tidy fmt vet
+ TF_ACC=1 GITEA_HOSTNAME=gitea-flux go test ./... -v -parallel 1 -run TestAccBootstrapGit_Drift
+
 build:
  CGO_ENABLED=0 go build -o ./bin/terraform-provider-flux main.go
 

internal/provider/provider_resource_data.go

@@ -71,8 +71,7 @@ func (prd *providerResourceData) GetKubernetesClient() (client.WithWatch, error)
  return kubeClient, nil
 }
 
-func (prd *providerResourceData) GetGitClient(ctx context.Context) (*gogit.Client, error) {
- // Git configuration
+func (prd *providerResourceData) GetGitClient(tmpDir string) (*gogit.Client, error) {
  authOpts, err := getAuthOpts(prd.git)
  if err != nil {
  return nil, err
@@ -82,11 +81,20 @@ func (prd *providerResourceData) GetGitClient(ctx context.Context) (*gogit.Clien
  clientOpts = append(clientOpts, gogit.WithInsecureCredentialsOverHTTP())
  }
 
+ gitClient, err := gogit.NewClient(tmpDir, authOpts, clientOpts...)
+ if err != nil {
+ return nil, fmt.Errorf("could not create git client: %w", err)
+ }
+
+ return gitClient, nil
+}
+
+func (prd *providerResourceData) CloneRepository(ctx context.Context) (*gogit.Client, error) {
  tmpDir, err := manifestgen.MkdirTempAbs("", "flux-bootstrap-")
  if err != nil {
  return nil, fmt.Errorf("could not create temporary working directory for git repository: %w", err)
  }
- gitClient, err := gogit.NewClient(tmpDir, authOpts, clientOpts...)
+ gitClient, err := prd.GetGitClient(tmpDir)
  if err != nil {
  return nil, fmt.Errorf("could not create git client: %w", err)
  }
@@ -102,6 +110,25 @@ func (prd *providerResourceData) GetGitClient(ctx context.Context) (*gogit.Clien
  return gitClient, nil
 }
 
+func (prd *providerResourceData) GetBootstrapProvider(tmpDir string) (*bootstrap.PlainGitBootstrapper, error) {
+ gitClient, err := prd.GetGitClient(tmpDir)
+ if err != nil {
+ return nil, fmt.Errorf("could not create git client: %w", err)
+ }
+
+ kubeClient, err := prd.GetKubernetesClient()
+ if err != nil {
+ return nil, fmt.Errorf("could not get Kubernetes client: %w", err)
+ }
+
+ bootstrapOpts, err := prd.GetBootstrapOptions()
+ if err != nil {
+ return nil, fmt.Errorf("could not get bootstrap options: %w", err)
+ }
+
+ return bootstrap.NewPlainGitProvider(gitClient, kubeClient, bootstrapOpts...)
+}
+
 func (prd *providerResourceData) GetBootstrapOptions() ([]bootstrap.GitOption, error) {
  entityList, err := prd.GetEntityList()
  if err != nil {