Simple package orchestration (kptdev#2663)

Remove Placeholder kptlib (kptdev#2665)

* Fix Makefile Formatting

* Remove dependency on kptlib
* Tidy modules
* Delete kptlib
* Remove kptlib replace Clause

Add Porch Workflow

.github/workflows/porch.yml

@@ -0,0 +1,43 @@
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+name: Porch
+
+on:
+  push:
+    paths-ignore:
+      - "docs/**"
+      - "site/**"
+  pull_request:
+    paths-ignore:
+      - "docs/**"
+      - "site/**"
+
+jobs:
+  tests:
+    name: Porch Unit Tests
+    runs-on: ubuntu-latest
+    steps:
+      - name: Set up Go 1.17
+        uses: actions/setup-go@v2
+        with:
+          go-version: 1.17.6
+      - name: Run Porch Unit Tests
+        uses: actions/checkout@v2
+      - name: Build
+        run: make porch
+        working-directory: ./porch
+      - name: Test
+        run: make test
+        working-directory: ./porch

porch/.dockerignore

@@ -0,0 +1,3 @@
+.build/
+.cache/
+default.etcd/

porch/.gitignore

@@ -0,0 +1,10 @@
+vendor/
+apiserver.local.config/
+/apiserver/porch
+
+# Development artifact path
+.build/
+default.etcd/
+
+# Local cache files
+.cache/

porch/Makefile

@@ -0,0 +1,111 @@
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+.PHONY: all
+all: stop network start-etcd start-kube-apiserver run-local
+
+.PHONY: network
+network:
+	docker network create --subnet 192.168.8.0/24 porch
+
+.PHONY: stop
+stop:
+	docker stop kube-apiserver || true
+	docker rm kube-apiserver || true
+	docker stop etcd || true
+	docker rm etcd || true
+	docker network rm porch || true
+
+.PHONY: start-etcd
+start-etcd:
+	docker buildx build -t etcd --output=type=docker hack/local/etcd
+	mkdir -p .build/data/etcd
+	docker stop etcd || true
+	docker rm etcd || true
+	docker run --detach --user `id -u`:`id -g` \
+	  --network=porch \
+	  --ip 192.168.8.200 \
+	  --name etcd -v `pwd`/.build/data/etcd:/data \
+	  etcd --listen-client-urls http://0.0.0.0:2379 --advertise-client-urls http://127.0.0.1:2379
+
+.PHONY: start-kube-apiserver
+start-kube-apiserver:
+	docker buildx build -t kube-apiserver --output=type=docker hack/local/kube-apiserver
+	docker stop kube-apiserver || true
+	docker rm kube-apiserver || true
+	hack/local/makekeys.sh
+	docker run --detach --user `id -u`:`id -g` \
+	  --network=porch \
+	  --ip 192.168.8.201 \
+	  --name kube-apiserver -v `pwd`/.build/pki:/pki \
+	  --add-host host.docker.internal:host-gateway \
+	  kube-apiserver \
+	  --etcd-servers http://etcd:2379 \
+	  --secure-port 9444 \
+	  --service-account-issuer=https://kubernetes.default.svc.cluster.local \
+	  --service-account-key-file=/pki/service-account.pub \
+	  --service-account-signing-key-file=/pki/service-account.key \
+	  --cert-dir=/pki \
+	  --authorization-mode=RBAC \
+	  --anonymous-auth=false \
+	  --client-ca-file=/pki/ca.crt
+
+MODULES = $(shell find . -path ./forks -prune -o -name 'go.mod' -print)
+.PHONY: generate
+generate: $(MODULES)
+	@for f in $(^D); do (cd $$f; echo "Generating $$f"; go generate -v ./...) || exit 1; done
+
+.PHONY: tidy
+tidy: $(MODULES)
+	@for f in $(^D); do (cd $$f; echo "Tidying $$f"; go mod tidy) || exit 1; done
+
+.PHONY: test
+test: $(MODULES)
+	@for f in $(^D); do (cd $$f; echo "Testing $$f"; go test ./...) || exit 1; done
+
+.PHONY: vet
+vet: $(MODULES)
+	@#for f in $(^D); do (cd $$f; echo "Checking $$f"; go run honnef.co/go/tools/cmd/staticcheck@latest ./...); done
+	@for f in $(^D); do (cd $$f; echo "Vetting $$f"; go vet ./...); done
+
+.PHONY: fmt
+fmt: $(MODULES)
+	@for f in $(^D); do (cd $$f; echo "Formatting $$f"; gofmt -s -w .); done
+
+KUBECONFIG=$(dir $(abspath $(lastword $(MAKEFILE_LIST))))hack/local/kubeconfig
+
+.PHONY: init deinit
+init:
+	@ [[ -z $$(find "./config/$${USER}" -type f -name '*.yaml') ]] || KUBECONFIG="$(KUBECONFIG)" kubectl apply -f "./config/$${USER}"
+
+deinit:
+	@ [[ -z $$(find "./config/$${USER}" -type f -name '*.yaml') ]] || KUBECONFIG="$(KUBECONFIG)" kubectl delete -f "./config/$${USER}"
+
+.PHONY: run-local
+run-local:
+	KUBECONFIG=$(KUBECONFIG) kubectl apply -f hack/local/localconfig.yaml
+	KUBECONFIG=$(KUBECONFIG) kubectl apply -f controllers/pkg/apis/porch/v1alpha1/
+	cd apiserver; go run ./cmd/porch \
+	--secure-port 9443 \
+	--standalone-debug-mode \
+	--kubeconfig=$(KUBECONFIG) \
+	--cache-directory="$(dir $(abspath $(lastword $(MAKEFILE_LIST)))).cache"
+
+.PHONY: run-jaeger
+run-jaeger:
+	docker run --rm --name jaeger -d -p4317:55680 -p6831:6831/udp -p16686:16686 jaegertracing/opentelemetry-all-in-one:latest
+
+.PHONY: porch
+porch:
+	cd apiserver; go build ./cmd/porch

porch/README.md

@@ -0,0 +1,186 @@
+# Package Orchestration apiserver
+
+Created from https://github.com/kubernetes/sample-apiserver
+
+
+## Getting Started
+
+Clone this repository into `${GOPATH}/src/github.com/GoogleContainerTools/kpt`.
+
+```sh
+git clone https://github.com/GoogleContainerTools/kpt.git "${GOPATH}/src/github.com/GoogleContainerTools/kpt"
+cd "${GOPATH}/src/github.com/GoogleContainerTools/kpt"
+```
+
+Download dependencies:
+
+```sh
+make tidy
+```
+
+Run; Porch is implemented as an extension k8s apiserver so to run it, we need:
+* main apiserver
+* etcd (to back the main apiserver)
+* Porch (the extension apiserver)
+
+But first we need to create docker network for all the containers to run on:
+
+```sh
+make network
+```
+
+```sh
+# Start etcd
+make start-etcd
+
+# Start main apiserver
+make start-kube-apiserver
+
+# Start porch
+make run-local
+
+```
+
+To teardown the Docker containers and network:
+
+```sh
+make stop
+```
+
+### Registering a Repository
+
+Update the example configs of [git-repository.yaml](./config/samples/git-repository.yaml)
+or [oci-repository.yaml](./config/samples/oci-repository.yaml)
+with your Git repository or OCI repository respectively.
+
+For Git:
+
+* Create a Git repository for your blueprints.
+* GitHub: Create a [Personal Access Token](https://github.com/settings/tokens) to use with Porch
+* Create a secret with the token:
+  ```sh
+  kubectl create secret generic git-repository-auth \
+    --namespace=default \
+    --from-literal=username=<GitHub username> \
+    --from-literal=token=<GitHub Personal Access Token>
+  ```
+* Update the [git-repository.yaml](./config/samples/git-repository.yaml) with your repository address
+* Register the repository:
+  ```sh
+  KUBECONFIG=./hack/local/kubeconfig kubectl apply -f ./config/samples/git-repository.yaml
+  ```
+
+For OCI:
+
+* Create an [Artifact Registry repository](https://console.cloud.google.com/artifacts)
+* Update the [oci-repository.yaml](./config/samples/oci-repository.yaml) with your OCI repository address
+* Make sure your application default credentials are up-to-date, i.e. by running:
+  ```sh
+  gcloud artifacts docker images list <your OCI repository address>
+  ```
+* Register the repository:
+  ```sh
+  KUBECONFIG=./hack/local/kubeconfig kubectl apply -f ./config/samples/oci-repository.yaml
+  ```
+
+List the package revisions:
+
+```sh
+export KUBECONFIG="$(pwd)/hack/local/kubeconfig"
+kubectl get packagerevisions -oyaml
+kubectl get packagerevisionresources -oyaml
+```
+
+Or create a pakcage revision:
+```sh
+kubectl apply -f ./config/samples/bucket-label.yaml
+```
+
+## Development
+
+### Changing Types
+
+If you change the API object type definitions in any of the
+`api/porch/.../types.go`, update the generated code by running:
+
+```sh
+make generate
+```
+
+## Run in GKE Cluster
+
+Prerequisite:
+* Create GKE cluster
+* Create appropriate KUBECONFIG.
+
+### Build the Container Image
+
+Build a Docker image using a script:
+
+```sh
+./hack/build-image.sh
+
+# Supported flags
+# --repository [REPO]      name of the Docker repository
+# --project    [PROJECT]   GCP project (will translate to gcr.io/PROJECT)
+# --tag [TAG]              image tag, i.e. 'latest'
+# --push                   also push the image to the repository
+
+
+# Example
+./hack/build-image.sh --project=my-gcp-project --push
+```
+
+Or, build directly via docker:
+**Note**: This must be done from the parent directory (kpt, not porch):
+
+```sh
+docker build -t TAG -f ./porch/hack/Dockerfile .
+```
+
+### Deploy into a Kubernetes Cluster
+
+Edit `config/deploy/2-deployment.yaml`, updating the pod template's image
+reference to match what you pushed and setting the `imagePullPolicy`
+to something suitable.  Then call:
+
+```sh
+# Create CRDs
+kubectl apply -f ./controllers/pkg/apis/porch/v1alpha1/
+# Deploy Porch apiserver extension.
+kubectl apply -f ./config/deploy/
+```
+
+When running you can:
+
+```sh
+# notice porch.kpt.dev/v1alpha1 in the result
+kubectl api-resources
+
+# List packagerevisions
+kubectl get packagerevisions --namespace default
+```
+
+Follow the instructions above on how to register repositories and discover packges.
+
+### Running Locally
+
+Porch is an extension k8s apiserver. As such, it needs the main apiserver, which in turn needs `etcd`.
+
+Start `etcd` and main apiserver:
+
+```sh
+make start-etcd
+make start-kube-apiserver
+```
+
+Now, start the porch apiserver:
+
+```sh
+make run-local
+
+# Call the server
+KUBECONFIG=./hack/local/kubeconfig kubectl api-resources
+# List package revisions
+KUBECONFIG=./hack/local/kubeconfig kubectl get packagerevisions --namespace default
+```

porch/api/doc.go

@@ -0,0 +1,17 @@
+// Copyright 2022 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// +domain=kpt.dev
+
+package apis