From bbb622b8709ad6cc57b0c84eac4e9a6d6b26a8e9 Mon Sep 17 00:00:00 2001 From: Vibhav Bobade Date: Thu, 25 Nov 2021 13:02:20 +0530 Subject: [PATCH] feature: add service port spec for el add the ability to specify the service port for a eventlistener service. the TLS port will default to 443 instead of 8443 in the case where the service port is set. this has been done to circumvent the logic of 8443 only being set when the default port is set with TLS enabled else the servicePort is used. --- docs/eventlisteners.md | 14 ++++ .../eventlistener-serviceconfig.yaml | 18 +++++ go.sum | 13 ++-- pkg/apis/config/zz_generated.deepcopy.go | 1 + .../v1alpha1/zz_generated.deepcopy.go | 1 + .../triggers/v1beta1/event_listener_types.go | 1 + .../triggers/v1beta1/zz_generated.deepcopy.go | 1 + .../eventlistener/resources/common_test.go | 19 +++++ .../eventlistener/resources/service.go | 15 +++- .../eventlistener/resources/service_test.go | 71 +++++++++++++++++-- test/buffer.go | 1 + test/eventlistener_scale_test.go | 1 + test/eventlistener_test.go | 1 + 13 files changed, 143 insertions(+), 14 deletions(-) create mode 100644 examples/v1beta1/eventlisteners/eventlistener-serviceconfig.yaml diff --git a/docs/eventlisteners.md b/docs/eventlisteners.md index eb35ac15f9..447b133a21 100644 --- a/docs/eventlisteners.md +++ b/docs/eventlisteners.md @@ -24,6 +24,7 @@ or more [`Interceptors`](./interceptors.md). - [Specifying `TriggerGroups`](#specifying-triggergroups) - [Specifying `Resources`](#specifying-resources) - [Specifying a `kubernetesResource` object](#specifying-a-kubernetesresource-object) + - [Specifying `Service` configuration](#specifying-service-configuration) - [Specifying `Replicas`](#specifying-replicas) - [Specifying a `CustomResource` object](#specifying-a-customresource-object) - [Contract for the `CustomResource` object](#contract-for-the-customresource-object) @@ -282,6 +283,7 @@ spec: resources: kubernetesResource: serviceType: NodePort + servicePort: 80 spec: template: metadata: @@ -300,6 +302,18 @@ spec: effect: NoSchedule ``` +#### Specifying `Service` configuration + +The type and port for the `Service` created for the `EventListener` can be configured via the `ServiceType` and `ServicePort` +specifications respectively. By default, the `Service` type is set to `ClusterIP` and port is set to `8080`. +```yaml +spec: + resources: + kubernetesResource: + serviceType: LoadBalancer + servicePort: 8128 +``` + #### Specifying `Replicas` You can optionally use the `replicas` field to instruct Tekton Triggers to deploy more than one instance of your `EventListener` in individual Kubernetes Pods. diff --git a/examples/v1beta1/eventlisteners/eventlistener-serviceconfig.yaml b/examples/v1beta1/eventlisteners/eventlistener-serviceconfig.yaml new file mode 100644 index 0000000000..9c32fdab3d --- /dev/null +++ b/examples/v1beta1/eventlisteners/eventlistener-serviceconfig.yaml @@ -0,0 +1,18 @@ +--- +apiVersion: triggers.tekton.dev/v1beta1 +kind: EventListener +metadata: + name: listener-serviceconfig +spec: + serviceAccountName: tekton-triggers-example-sa + triggers: + - name: foo-trig + bindings: + - ref: pipeline-binding + - ref: message-binding + template: + ref: pipeline-template + resources: + kubernetesResource: + serviceType: LoadBalancer + servicePort: 5050 \ No newline at end of file diff --git a/go.sum b/go.sum index e28df320d5..0b639e4b79 100644 --- a/go.sum +++ b/go.sum @@ -1036,15 +1036,14 @@ github.com/tektoncd/pipeline v0.27.1-0.20210830154614-c8c729131d4a h1:JoBF2MT3hg github.com/tektoncd/pipeline v0.27.1-0.20210830154614-c8c729131d4a/go.mod h1:U6p87Pzl8b7Lid1HrMabDFDnKstf6ZmkSLKgPiAkQxY= github.com/tektoncd/plumbing v0.0.0-20210514044347-f8a9689d5bd5 h1:tY3t38AFNwlSWALhulEHryANpQ53Hfjp9jM5zl8ImSQ= github.com/tektoncd/plumbing v0.0.0-20210514044347-f8a9689d5bd5/go.mod h1:WTWwsg91xgm+jPOKoyKVK/yRYxnVDlUYeDlypB1lDdQ= -github.com/tidwall/gjson v1.9.0 h1:+Od7AE26jAaMgVC31cQV/Ope5iKXulNMflrlB7k+F9E= -github.com/tidwall/gjson v1.9.0/go.mod h1:5/xDoumyyDNerp2U36lyolv46b3uF/9Bu6OfyQ9GImk= -github.com/tidwall/match v1.0.3 h1:FQUVvBImDutD8wJLN6c5eMzWtjgONK9MwIBCOrUJKeE= -github.com/tidwall/match v1.0.3/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM= -github.com/tidwall/pretty v1.1.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= +github.com/tidwall/gjson v1.10.2 h1:APbLGOM0rrEkd8WBw9C24nllro4ajFuJu0Sc9hRz8Bo= +github.com/tidwall/gjson v1.10.2/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk= +github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA= +github.com/tidwall/match v1.1.1/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM= github.com/tidwall/pretty v1.2.0 h1:RWIZEg2iJ8/g6fDDYzMpobmaoGh5OLl4AXtGUGPcqCs= github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU= -github.com/tidwall/sjson v1.2.1 h1:r0D/mPikA5YxxFluOftF9DBnwTv9LzY9J4UteHTdh3A= -github.com/tidwall/sjson v1.2.1/go.mod h1:3nkMFbUMK4z5nlDu1y6g7O+zvjJ6hbyoJUZa4WzepBE= +github.com/tidwall/sjson v1.2.3 h1:5+deguEhHSEjmuICXZ21uSSsXotWMA0orU783+Z7Cp8= +github.com/tidwall/sjson v1.2.3/go.mod h1:5WdjKx3AQMvCJ4RG6/2UYT7dLrGvJUV1x4jdTAyGvZs= github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tsenart/go-tsz v0.0.0-20180814232043-cdeb9e1e981e/go.mod h1:SWZznP1z5Ki7hDT2ioqiFKEse8K9tU2OUvaRI0NeGQo= diff --git a/pkg/apis/config/zz_generated.deepcopy.go b/pkg/apis/config/zz_generated.deepcopy.go index 527c9e680c..fd5084233e 100644 --- a/pkg/apis/config/zz_generated.deepcopy.go +++ b/pkg/apis/config/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated /* diff --git a/pkg/apis/triggers/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/triggers/v1alpha1/zz_generated.deepcopy.go index ba039d09f4..bb9915334e 100644 --- a/pkg/apis/triggers/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/triggers/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated /* diff --git a/pkg/apis/triggers/v1beta1/event_listener_types.go b/pkg/apis/triggers/v1beta1/event_listener_types.go index 29dd814a42..20ee5f48da 100644 --- a/pkg/apis/triggers/v1beta1/event_listener_types.go +++ b/pkg/apis/triggers/v1beta1/event_listener_types.go @@ -78,6 +78,7 @@ type CustomResource struct { type KubernetesResource struct { Replicas *int32 `json:"replicas,omitempty"` ServiceType corev1.ServiceType `json:"serviceType,omitempty"` + ServicePort int32 `json:"servicePort,omitempty"` duckv1.WithPodSpec `json:"spec,omitempty"` } diff --git a/pkg/apis/triggers/v1beta1/zz_generated.deepcopy.go b/pkg/apis/triggers/v1beta1/zz_generated.deepcopy.go index 78d789b214..9d7c32a489 100644 --- a/pkg/apis/triggers/v1beta1/zz_generated.deepcopy.go +++ b/pkg/apis/triggers/v1beta1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated /* diff --git a/pkg/reconciler/eventlistener/resources/common_test.go b/pkg/reconciler/eventlistener/resources/common_test.go index 5a5010a929..c57e4ea4bb 100644 --- a/pkg/reconciler/eventlistener/resources/common_test.go +++ b/pkg/reconciler/eventlistener/resources/common_test.go @@ -87,3 +87,22 @@ func withTLSPort(el *v1beta1.EventListener) { c.Port = &x }))) } + +func withNonDefaultTLSPort(el *v1beta1.EventListener) { + el.Status.SetAddress(ListenerHostname(el, *MakeConfig(func(c *Config) { + x := 443 + c.Port = &x + }))) +} + +func withServiceTypeLoadBalancer(el *v1beta1.EventListener) { + el.Spec.Resources.KubernetesResource = &v1beta1.KubernetesResource{ + ServiceType: "LoadBalancer", + } +} + +func withServicePort80(el *v1beta1.EventListener) { + el.Spec.Resources.KubernetesResource = &v1beta1.KubernetesResource{ + ServicePort: 80, + } +} diff --git a/pkg/reconciler/eventlistener/resources/service.go b/pkg/reconciler/eventlistener/resources/service.go index 36d02bb268..6ba787dd18 100644 --- a/pkg/reconciler/eventlistener/resources/service.go +++ b/pkg/reconciler/eventlistener/resources/service.go @@ -50,12 +50,19 @@ var metricsPort = corev1.ServicePort{ func MakeService(ctx context.Context, el *v1beta1.EventListener, c Config) *corev1.Service { // for backward compatibility with original behavior - var serviceType corev1.ServiceType + var ( + serviceType corev1.ServiceType + servicePort corev1.ServicePort + ) if el.Spec.Resources.KubernetesResource != nil && el.Spec.Resources.KubernetesResource.ServiceType != "" { serviceType = el.Spec.Resources.KubernetesResource.ServiceType } + if el.Spec.Resources.KubernetesResource != nil && int(el.Spec.Resources.KubernetesResource.ServicePort) > 0 { + port := int(el.Spec.Resources.KubernetesResource.ServicePort) + c.Port = &port + } - servicePort := ServicePort(el, c) + servicePort = ServicePort(el, c) return &corev1.Service{ ObjectMeta: ObjectMeta(el, FilterLabels(ctx, el.Labels), c.StaticResourceLabels), @@ -99,6 +106,10 @@ func ServicePort(el *v1beta1.EventListener, c Config) corev1.ServicePort { // We return port 8443 if TLS is enabled and the default HTTP port is set. // This effectively makes 8443 the default HTTPS port unless a user explicitly sets a different port. servicePortPort = 8443 + } else { + // Return port 443 if TLS is enabled and the HTTP port is not the default one. + // This will allow traffic to be directed to the default HTTPS port. + servicePortPort = 443 } } diff --git a/pkg/reconciler/eventlistener/resources/service_test.go b/pkg/reconciler/eventlistener/resources/service_test.go index 3c839ea7d2..4a789b137b 100644 --- a/pkg/reconciler/eventlistener/resources/service_test.go +++ b/pkg/reconciler/eventlistener/resources/service_test.go @@ -68,11 +68,7 @@ func TestService(t *testing.T) { }, }, { name: "EventListener with type: LoadBalancer", - el: makeEL(func(el *v1beta1.EventListener) { - el.Spec.Resources.KubernetesResource = &v1beta1.KubernetesResource{ - ServiceType: "LoadBalancer", - } - }, withStatus), + el: makeEL(withServiceTypeLoadBalancer, withStatus), want: &corev1.Service{ ObjectMeta: metav1.ObjectMeta{ Name: generatedResourceName, @@ -118,6 +114,7 @@ func TestServicePort(t *testing.T) { el *v1beta1.EventListener config Config expectedServicePort corev1.ServicePort + expectedServiceType corev1.ServiceType }{{ name: "EventListener with status", el: makeEL(withStatus), @@ -174,6 +171,70 @@ func TestServicePort(t *testing.T) { IntVal: int32(eventListenerContainerPort), }, }, + }, { + name: "EventListener with ServicePort: 80", + el: makeEL(withStatus, withServicePort80), + config: *MakeConfig(func(d *Config) { + p := 80 + d.Port = &p + }), + expectedServicePort: corev1.ServicePort{ + Name: eventListenerServicePortName, + Protocol: corev1.ProtocolTCP, + Port: int32(80), + TargetPort: intstr.IntOrString{ + IntVal: int32(eventListenerContainerPort), + }, + }, + expectedServiceType: "LoadBalancer", + }, { + name: "EventListener with Service Port 80 and TLS configuration", + el: makeEL(withStatus, withServicePort80, withNonDefaultTLSPort, func(el *v1beta1.EventListener) { + el.Spec.Resources.KubernetesResource = &v1beta1.KubernetesResource{ + WithPodSpec: duckv1.WithPodSpec{ + Template: duckv1.PodSpecable{ + Spec: corev1.PodSpec{ + Containers: []corev1.Container{{ + Env: []corev1.EnvVar{{ + Name: "TLS_CERT", + ValueFrom: &corev1.EnvVarSource{ + SecretKeyRef: &corev1.SecretKeySelector{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: "tls-secret-key", + }, + Key: "tls.crt", + }, + }, + }, { + Name: "TLS_KEY", + ValueFrom: &corev1.EnvVarSource{ + SecretKeyRef: &corev1.SecretKeySelector{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: "tls-secret-key", + }, + Key: "tls.key", + }, + }, + }}, + }}, + }, + }, + }, + } + }), + config: *MakeConfig(func(d *Config) { + p := 80 + d.Port = &p + }), + expectedServicePort: corev1.ServicePort{ + Name: eventListenerServiceTLSPortName, + Protocol: corev1.ProtocolTCP, + Port: int32(443), + TargetPort: intstr.IntOrString{ + IntVal: int32(eventListenerContainerPort), + }, + }, + expectedServiceType: "LoadBalancer", }} for _, tt := range tests { diff --git a/test/buffer.go b/test/buffer.go index 2b62f100a1..7a9815c877 100644 --- a/test/buffer.go +++ b/test/buffer.go @@ -1,3 +1,4 @@ +//go:build e2e // +build e2e /* diff --git a/test/eventlistener_scale_test.go b/test/eventlistener_scale_test.go index 69ad570663..ab42b01525 100644 --- a/test/eventlistener_scale_test.go +++ b/test/eventlistener_scale_test.go @@ -1,3 +1,4 @@ +//go:build e2e // +build e2e /* diff --git a/test/eventlistener_test.go b/test/eventlistener_test.go index 967e83406f..6d331299c1 100644 --- a/test/eventlistener_test.go +++ b/test/eventlistener_test.go @@ -1,3 +1,4 @@ +//go:build e2e // +build e2e /*