Added validation and customization function in ghost app

package-examples/ghost/Kptfile

@@ -5,7 +5,7 @@ metadata:
   annotations:
     config.kubernetes.io/local-config: "true"
 info:
-  description: sample description
+  description: Package for Ghost application.
 pipeline:
   mutators:
     - image: gcr.io/kpt-fn/set-namespace:v0.3.4

package-examples/ghost/ghost-app/Kptfile

@@ -4,9 +4,16 @@ metadata:
   name: ghost-app
   annotations:
     config.kubernetes.io/local-config: "true"
+  labels:
+    app.kubernetes.io/name: ghost-app
 info:
   description: The Ghost App package contains the KRM resources for a Ghost Application.
 pipeline:
   mutators:
-    - image: gcr.io/kpt-fn/set-labels:v0.1.5
+    - image: set-labels:v0.1.5
       configPath: setlabels.yaml
+    - image: apply-replacements:v0.1.1
+      configPath: fn-config-update-host.yaml
+  validators:
+    - image: starlark:v0.4.3
+      configPath: fn-config-validate-host.yaml

package-examples/ghost/ghost-app/deployment-ghost.yaml

@@ -3,6 +3,8 @@ kind: Deployment
 metadata:
   name: ghost-app
   namespace: example
+  labels:
+    app.kubernetes.io/name: ghost-app
 spec:
   replicas: 1
   strategy:
@@ -14,7 +16,7 @@ spec:
       containers:
         - name: ghost-app
           image: docker.io/bitnami/ghost:4.45.0-debian-10-r0
-          imagePullPolicy: "IfNotPresent"
+          imagePullPolicy: IfNotPresent
           securityContext:
             runAsNonRoot: true
             runAsUser: 1001
@@ -24,23 +26,23 @@ spec:
             - name: ALLOW_EMPTY_PASSWORD
               value: "yes"
             - name: GHOST_DATABASE_HOST
-              value: "mariadb"
+              value: mariadb
             - name: GHOST_DATABASE_PORT_NUMBER
               value: "3306"
             - name: GHOST_DATABASE_NAME
-              value: "bitnami_ghost"
+              value: bitnami_ghost
             - name: GHOST_DATABASE_USER
-              value: "bn_ghost"
+              value: bn_ghost
             - name: GHOST_HOST
-              value: EXTERNAL_IP_FROM_SERVICE
+              value: example.com
             - name: GHOST_PORT_NUMBER
               value: "2368"
             - name: GHOST_USERNAME
-              value: "user"
+              value: user
             - name: GHOST_EMAIL
-              value: "user@example.com"
+              value: user@example.com
             - name: GHOST_BLOG_TITLE
-              value: "User's Blog"
+              value: User's Blog
             - name: GHOST_ENABLE_HTTPS
               value: "no"
             - name: GHOST_EXTERNAL_HTTP_PORT_NUMBER
@@ -56,7 +58,7 @@ spec:
           livenessProbe:
             httpGet:
               path: /
-              port: "http"
+              port: http
               scheme: HTTP
             initialDelaySeconds: 120
             periodSeconds: 10
@@ -66,7 +68,7 @@ spec:
           readinessProbe:
             httpGet:
               path: /
-              port: "http"
+              port: http
               scheme: HTTP
             initialDelaySeconds: 30
             periodSeconds: 5
@@ -83,3 +85,9 @@ spec:
         - name: ghost-data
           persistentVolumeClaim:
             claimName: ghost-app
+    metadata:
+      labels:
+        app.kubernetes.io/name: ghost-app
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: ghost-app

package-examples/ghost/ghost-app/fn-config-update-host.yaml

@@ -0,0 +1,19 @@
+apiVersion: fn.kpt.dev/v1alpha1
+kind: ApplyReplacements
+metadata:
+  name: update-host
+  annotations:
+    config.kubernetes.io/local-config: "true"
+  labels:
+    app.kubernetes.io/name: ghost-app
+replacements:
+- source:
+    kind: Ingress
+    name: ghost-app
+    fieldPath: spec.rules.0.host
+  targets:
+  - select:
+      name: ghost-app
+      kind: Deployment
+    fieldPaths:
+    - spec.template.spec.containers.[name=ghost-app].env.[name=GHOST_HOST].value

package-examples/ghost/ghost-app/fn-config-validate-host.yaml

@@ -0,0 +1,31 @@
+apiVersion: fn.kpt.dev/v1alpha1
+kind: StarlarkRun
+metadata:
+  name: validate-blog-host
+  annotations:
+    config.kubernetes.io/local-config: "true"
+  labels:
+    app.kubernetes.io/name: ghost-app
+source: |-
+  def validate_host(resources):
+    placeHolderHostname = "example.com"
+    for resource in resources:
+      # this is an abstract package, so ignore host name validation
+      if resource["kind"] == "ConfigMap" and resource["metadata"]["name"] == "kptfile.kpt.dev" and resource["data"]["name"] == "example":
+        return
+    host_in_ingress = ""
+    host_in_deployment = ""
+    for resource in ctx.resource_list["items"]:
+      if resource["kind"] == "Ingress":
+        host_in_ingress = resource["spec"]["rules"][0]["host"]
+      if resource["kind"] == "Deployment":
+        container = resource["spec"]["template"]["spec"]["containers"][0]
+        for env in container["env"]:
+          if env["name"] == "GHOST_HOST":
+            host_in_deployment = env["value"]
+    if host_in_ingress == placeHolderHostname:
+      fail("Blog's hostname must be specified in ingress-ghost.yaml")
+    if host_in_ingress != host_in_deployment:
+      fail("Blog host name in deployment object does not match with the one in ingress object")
+
+  validate_host(ctx.resource_list["items"])

package-examples/ghost/ghost-app/ingress-ghost.yaml

@@ -0,0 +1,16 @@
+apiVersion: networking.k8s.io/v1beta1
+kind: Ingress
+metadata:
+  name: ghost-app
+  namespace: example
+  labels:
+    app.kubernetes.io/name: ghost-app
+spec:
+  ingressClassName: nginx
+  rules:
+  - host: example.com
+    http:
+      paths:
+      - backend:
+          serviceName: ghost-app
+          servicePort: 80

package-examples/ghost/ghost-app/package-context.yaml

@@ -4,5 +4,7 @@ metadata:
   name: kptfile.kpt.dev
   annotations:
     config.kubernetes.io/local-config: "true"
+  labels:
+    app.kubernetes.io/name: ghost-app
 data:
   name: example

package-examples/ghost/ghost-app/persistentvolumeclaim-ghost.yaml

@@ -4,9 +4,11 @@ apiVersion: v1
 metadata:
   name: ghost-app
   namespace: example
+  labels:
+    app.kubernetes.io/name: ghost-app
 spec:
   accessModes:
-    - "ReadWriteOnce"
+    - ReadWriteOnce
   resources:
     requests:
-      storage: "8Gi"
+      storage: 8Gi

package-examples/ghost/ghost-app/service-ghost.yaml

@@ -3,6 +3,8 @@ kind: Service
 metadata:
   name: ghost-app
   namespace: example
+  labels:
+    app.kubernetes.io/name: ghost-app
 spec:
   type: LoadBalancer
   externalTrafficPolicy: Cluster
@@ -12,3 +14,5 @@ spec:
       port: 80
       protocol: TCP
       targetPort: http
+  selector:
+    app.kubernetes.io/name: ghost-app

package-examples/ghost/ghost-app/setlabels.yaml

@@ -5,5 +5,7 @@ metadata:
   namespace: example
   annotations:
     config.kubernetes.io/local-config: "true"
+  labels:
+    app.kubernetes.io/name: ghost-app
 labels:
-  app.kubernetes.io/name: ghost-app
+  app.kubernetes.io/name: ghost-app

package-examples/ghost/mariadb/Kptfile

@@ -4,9 +4,11 @@ metadata:
   name: mariadb
   annotations:
     config.kubernetes.io/local-config: "true"
+  labels:
+    app.kubernetes.io/name: mariadb
 info:
   description: The MariaDB which provides the storage for Ghost.
 pipeline:
   mutators:
     - image: gcr.io/kpt-fn/set-labels:v0.1.5
-      configPath: setlabels.yaml
+      configPath: setlabels.yaml

package-examples/ghost/mariadb/configmap-mariadb.yaml

@@ -4,6 +4,8 @@ kind: ConfigMap
 metadata:
   name: mariadb
   namespace: example
+  labels:
+    app.kubernetes.io/name: mariadb
 data:
   my.ini: |-
     [mysqld]

package-examples/ghost/mariadb/package-context.yaml

@@ -4,5 +4,7 @@ metadata:
   name: kptfile.kpt.dev
   annotations:
     config.kubernetes.io/local-config: "true"
+  labels:
+    app.kubernetes.io/name: mariadb
 data:
   name: example

package-examples/ghost/mariadb/service-mariadb.yaml

@@ -4,6 +4,8 @@ kind: Service
 metadata:
   name: mariadb
   namespace: example
+  labels:
+    app.kubernetes.io/name: mariadb
 spec:
   type: ClusterIP
   sessionAffinity: None
@@ -13,3 +15,5 @@ spec:
       protocol: TCP
       targetPort: mysql
       nodePort: null
+  selector:
+    app.kubernetes.io/name: mariadb

package-examples/ghost/mariadb/serviceaccount-mariadb.yaml

@@ -4,4 +4,6 @@ kind: ServiceAccount
 metadata:
   name: mariadb
   namespace: example
+  labels:
+    app.kubernetes.io/name: mariadb
 automountServiceAccountToken: false

package-examples/ghost/mariadb/setlabels.yaml

@@ -5,5 +5,7 @@ metadata:
   namespace: example
   annotations:
     config.kubernetes.io/local-config: "true"
+  labels:
+    app.kubernetes.io/name: mariadb
 labels:
-  app.kubernetes.io/name: mariadb
+  app.kubernetes.io/name: mariadb

package-examples/ghost/mariadb/statefulset-mariadb.yaml

@@ -4,6 +4,8 @@ kind: StatefulSet
 metadata:
   name: mariadb
   namespace: example
+  labels:
+    app.kubernetes.io/name: mariadb
 spec:
   replicas: 1
   revisionHistoryLimit: 10
@@ -17,17 +19,17 @@ spec:
       containers:
         - name: mariadb
           image: docker.io/bitnami/mariadb:10.6.7-debian-10-r62
-          imagePullPolicy: "IfNotPresent"
+          imagePullPolicy: IfNotPresent
           securityContext:
             runAsNonRoot: true
             runAsUser: 1001
           env:
             - name: BITNAMI_DEBUG
               value: "true"
             - name: MARIADB_USER
-              value: "bn_ghost"
+              value: bn_ghost
             - name: MARIADB_DATABASE
-              value: "bitnami_ghost"
+              value: bitnami_ghost
             - name: ALLOW_EMPTY_PASSWORD
               value: "true"
           ports:
@@ -46,12 +48,20 @@ spec:
         - name: config
           configMap:
             name: mariadb
+    metadata:
+      labels:
+        app.kubernetes.io/name: mariadb
   volumeClaimTemplates:
     - metadata:
         name: data
+        labels:
+          app.kubernetes.io/name: mariadb
       spec:
         accessModes:
-          - "ReadWriteOnce"
+          - ReadWriteOnce
         resources:
           requests:
-            storage: "8Gi"
+            storage: 8Gi
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: mariadb