[installer]: add namespace to validate cluster command

installer/README.md

@@ -495,6 +495,13 @@ command.
 ./installer render --config gitpod.config.yaml --namespace gitpod > gitpod.yaml
 ```
 
+The `validate cluster` command also accepts a namespace, allowing you to run
+the checks on that namespace.
+
+```shell
+./installer validate cluster --kubeconfig ~/.kube/config --config gitpod.config.yaml --namespace gitpod
+```
+
 **IMPORTANT**: this does not create the namespace, so you will need to create
 that separately. This is so that uninstallation of Gitpod does not remove any
 Kubernetes objects, such as your TLS certificate or connection secrets.

installer/cmd/validate-cluster.go → installer/cmd/validate_cluster.go

@@ -18,8 +18,9 @@ import (
 )
 
 var validateClusterOpts struct {
-	Kube   kubeConfig
-	Config string
+	Kube      kubeConfig
+	Namespace string
+	Config    string
 }
 
 // validateClusterCmd represents the cluster command
@@ -39,18 +40,14 @@ var validateClusterCmd = &cobra.Command{
 		if err != nil {
 			return err
 		}
-		namespace, _, err := clientcfg.Namespace()
-		if err != nil {
-			return err
-		}
 
-		result, err := cluster.ClusterChecks.Validate(context.Background(), res, namespace)
+		result, err := cluster.ClusterChecks.Validate(context.Background(), res, validateClusterOpts.Namespace)
 		if err != nil {
 			return err
 		}
 
 		if validateClusterOpts.Config != "" {
-			res, err := runClusterConfigValidation(context.Background(), res, namespace)
+			res, err := runClusterConfigValidation(context.Background(), res, validateClusterOpts.Namespace)
 			if err != nil {
 				return err
 			}
@@ -107,4 +104,5 @@ func init() {
 
 	validateClusterCmd.PersistentFlags().StringVar(&validateClusterOpts.Kube.Config, "kubeconfig", "", "path to the kubeconfig file")
 	validateClusterCmd.PersistentFlags().StringVarP(&validateClusterOpts.Config, "config", "c", os.Getenv("GITPOD_INSTALLER_CONFIG"), "path to the config file")
+	validateClusterCmd.PersistentFlags().StringVarP(&validateClusterOpts.Namespace, "namespace", "n", "default", "namespace to deploy to")
 }

installer/go.mod

@@ -174,6 +174,7 @@ require (
 	github.com/rs/xid v1.2.1 // indirect
 	github.com/rubenv/sql-migrate v0.0.0-20210614095031-55d5740dbbcc // indirect
 	github.com/russross/blackfriday v1.5.2 // indirect
+	github.com/seccomp/libseccomp-golang v0.9.1 // indirect
 	github.com/shirou/gopsutil v2.20.9+incompatible // indirect
 	github.com/shopspring/decimal v1.2.0 // indirect
 	github.com/sirupsen/logrus v1.8.1 // indirect

installer/go.sum

@@ -1076,6 +1076,7 @@ github.com/safchain/ethtool v0.0.0-20190326074333-42ed695e3de8/go.mod h1:Z0q5wiB
 github.com/samuel/go-zookeeper v0.0.0-20190923202752-2cc03de413da/go.mod h1:gi+0XIa01GRL2eRQVjQkKGqKF3SF9vZR/HnPullcV2E=
 github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
 github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc=
+github.com/seccomp/libseccomp-golang v0.9.1 h1:NJjM5DNFOs0s3kYE1WUOr6G8V97sdt46rlXTMfXGWBo=
 github.com/seccomp/libseccomp-golang v0.9.1/go.mod h1:GbW5+tmTXfcxTToHLXlScSlAvWlF4P2Ca7zGrPiEpWo=
 github.com/segmentio/backo-go v0.0.0-20200129164019-23eae7c10bd3/go.mod h1:9/Rh6yILuLysoQnZ2oNooD2g7aBnvM7r/fNVxRNWfBc=
 github.com/sergi/go-diff v1.1.0 h1:we8PVUC3FE2uYfodKH/nBHMSetSfHDR6scGdBi+erh0=

installer/pkg/cluster/checks.go

@@ -68,18 +68,22 @@ func checkCertManagerInstalled(ctx context.Context, config *rest.Config, namespa
 	clusterIssuers, err := client.CertmanagerV1().ClusterIssuers().List(ctx, metav1.ListOptions{})
 	if err != nil {
 		// If cert-manager not installed, this will error
-		return []ValidationError{{
-			Message: err.Error(),
-			Type:    ValidationStatusError,
-		}}, nil
+		return []ValidationError{
+			{
+				Message: err.Error(),
+				Type:    ValidationStatusError,
+			},
+		}, nil
 	}
 
 	if len(clusterIssuers.Items) == 0 {
 		// Treat as warning - may be bringing their own certs
-		return []ValidationError{{
-			Message: "no cluster issuers configured",
-			Type:    ValidationStatusWarning,
-		}}, nil
+		return []ValidationError{
+			{
+				Message: "no cluster issuers configured",
+				Type:    ValidationStatusWarning,
+			},
+		}, nil
 	}
 
 	return nil, nil
@@ -275,3 +279,33 @@ func checkKernelVersion(ctx context.Context, config *rest.Config, namespace stri
 
 	return res, nil
 }
+
+func checkNamespaceExists(ctx context.Context, config *rest.Config, namespace string) ([]ValidationError, error) {
+	client, err := clientsetFromContext(ctx, config)
+	if err != nil {
+		return nil, err
+	}
+
+	namespaces, err := client.CoreV1().Namespaces().List(ctx, metav1.ListOptions{})
+	if err != nil {
+		return nil, err
+	}
+	namespaceExists := false
+	for _, nsp := range namespaces.Items {
+		if !namespaceExists && nsp.Name == namespace {
+			namespaceExists = true
+			break
+		}
+	}
+
+	if !namespaceExists {
+		return []ValidationError{
+			{
+				Message: fmt.Sprintf("Namespace %s does not exist", namespace),
+				Type:    ValidationStatusError,
+			},
+		}, nil
+	}
+
+	return nil, nil
+}

installer/pkg/cluster/validation.go

@@ -75,6 +75,11 @@ var ClusterChecks = ValidationChecks{
 		Check:       checkCertManagerInstalled,
 		Description: "cert-manager is installed and has available issuer",
 	},
+	{
+		Name:        "Namespace exists",
+		Description: "ensure that the target namespace exists",
+		Check:       checkNamespaceExists,
+	},
 }
 
 // ValidationChecks are a group of validations