Add service intentions as CRDs

acceptance/tests/fixtures/bases/partitions/intentions/kustomization.yaml

@@ -0,0 +1,2 @@
+resources:
+  - serviceintentions.yaml

acceptance/tests/fixtures/bases/partitions/intentions/serviceintentions.yaml

@@ -0,0 +1,5 @@
+apiVersion: consul.hashicorp.com/v1alpha1
+kind: ServiceIntentions
+metadata:
+  name: intentions
+spec: {}

acceptance/tests/fixtures/cases/crd-partitions/default-partition-default/kustomization.yaml

@@ -1,5 +1,5 @@
 resources:
-  - ../../../bases/exportedservices-default
+  - ../../../bases/partitions/exportedservices-default
 
 patchesStrategicMerge:
 - patch.yaml

acceptance/tests/fixtures/cases/crd-partitions/default-partition-ns1/kustomization.yaml

@@ -1,5 +1,5 @@
 resources:
-  - ../../../bases/exportedservices-default
+  - ../../../bases/partitions/exportedservices-default
 
 patchesStrategicMerge:
 - patch.yaml

acceptance/tests/fixtures/cases/crd-partitions/intentions-default-default/kustomization.yaml

@@ -0,0 +1,5 @@
+resources:
+  - ../../../bases/partitions/intentions
+
+patchesStrategicMerge:
+- patch.yaml

acceptance/tests/fixtures/cases/crd-partitions/intentions-default-default/patch.yaml

@@ -0,0 +1,13 @@
+apiVersion: consul.hashicorp.com/v1alpha1
+kind: ServiceIntentions
+metadata:
+  name: intentions
+spec:
+  destination:
+    name: static-server
+    namespace: default
+  sources:
+  - name: static-client
+    namespace: default
+    partition: secondary
+    action: allow

acceptance/tests/fixtures/cases/crd-partitions/intentions-default-namespaces/kustomization.yaml

@@ -0,0 +1,5 @@
+resources:
+  - ../../../bases/partitions/intentions
+
+patchesStrategicMerge:
+- patch.yaml

acceptance/tests/fixtures/cases/crd-partitions/intentions-default-namespaces/patch.yaml

@@ -0,0 +1,13 @@
+apiVersion: consul.hashicorp.com/v1alpha1
+kind: ServiceIntentions
+metadata:
+  name: intentions
+spec:
+  destination:
+    name: static-server
+    namespace: ns1
+  sources:
+  - name: static-client
+    namespace: ns2
+    partition: secondary
+    action: allow

acceptance/tests/fixtures/cases/crd-partitions/intentions-secondary-default/kustomization.yaml

@@ -0,0 +1,5 @@
+resources:
+  - ../../../bases/partitions/intentions
+
+patchesStrategicMerge:
+- patch.yaml

acceptance/tests/fixtures/cases/crd-partitions/intentions-secondary-default/patch.yaml

@@ -0,0 +1,13 @@
+apiVersion: consul.hashicorp.com/v1alpha1
+kind: ServiceIntentions
+metadata:
+  name: intentions
+spec:
+  destination:
+    name: static-server
+    namespace: default
+  sources:
+  - name: static-client
+    namespace: default
+    partition: default
+    action: allow

acceptance/tests/fixtures/cases/crd-partitions/intentions-secondary-namespaces/kustomization.yaml

@@ -0,0 +1,5 @@
+resources:
+  - ../../../bases/partitions/intentions
+
+patchesStrategicMerge:
+- patch.yaml

acceptance/tests/fixtures/cases/crd-partitions/intentions-secondary-namespaces/patch.yaml

@@ -0,0 +1,13 @@
+apiVersion: consul.hashicorp.com/v1alpha1
+kind: ServiceIntentions
+metadata:
+  name: intentions
+spec:
+  destination:
+    name: static-server
+    namespace: ns1
+  sources:
+  - name: static-client
+    namespace: ns2
+    partition: default
+    action: allow

acceptance/tests/fixtures/cases/crd-partitions/secondary-partition-default/kustomization.yaml

@@ -1,5 +1,5 @@
 resources:
-  - ../../../bases/exportedservices-secondary
+  - ../../../bases/partitions/exportedservices-secondary
 
 patchesStrategicMerge:
 - patch.yaml

acceptance/tests/fixtures/cases/crd-partitions/secondary-partition-ns1/kustomization.yaml

@@ -1,5 +1,5 @@
 resources:
-  - ../../../bases/exportedservices-secondary
+  - ../../../bases/partitions/exportedservices-secondary
 
 patchesStrategicMerge:
 - patch.yaml

acceptance/tests/partitions/partitions_test.go

@@ -604,33 +604,22 @@ func TestPartitions(t *testing.T) {
 						k8s.CheckStaticServerConnectionFailing(t, clientClusterStaticClientOpts, "http://localhost:1234")
 					}
 
-					intention := &api.ServiceIntentionsConfigEntry{
-						Name:      staticServerName,
-						Kind:      api.ServiceIntentions,
-						Namespace: staticServerNamespace,
-						Sources: []*api.SourceIntention{
-							{
-								Name:      staticClientName,
-								Namespace: staticClientNamespace,
-								Action:    api.IntentionActionAllow,
-							},
-						},
-					}
-
-					// Set the destination namespace to be the same
-					// unless mirrorK8S is true.
-					if !c.mirrorK8S {
-						intention.Namespace = c.destinationNamespace
-						intention.Sources[0].Namespace = c.destinationNamespace
-					}
-
 					logger.Log(t, "creating intention")
-					intention.Sources[0].Partition = secondaryPartition
-					_, _, err := consulClient.ConfigEntries().Set(intention, &api.WriteOptions{Partition: defaultPartition})
-					require.NoError(t, err)
-					intention.Sources[0].Partition = defaultPartition
-					_, _, err = consulClient.ConfigEntries().Set(intention, &api.WriteOptions{Partition: secondaryPartition})
-					require.NoError(t, err)
+					if c.destinationNamespace == defaultNamespace {
+						k8s.KubectlApplyK(t, serverClusterContext.KubectlOptions(t), "../fixtures/cases/crd-partitions/intentions-default-default")
+						k8s.KubectlApplyK(t, clientClusterContext.KubectlOptions(t), "../fixtures/cases/crd-partitions/intentions-secondary-default")
+						helpers.Cleanup(t, cfg.NoCleanupOnFailure, func() {
+							k8s.KubectlDeleteK(t, serverClusterContext.KubectlOptions(t), "../fixtures/cases/crd-partitions/intentions-default-default")
+							k8s.KubectlDeleteK(t, clientClusterContext.KubectlOptions(t), "../fixtures/cases/crd-partitions/intentions-secondary-default")
+						})
+					} else {
+						k8s.KubectlApplyK(t, serverClusterContext.KubectlOptions(t), "../fixtures/cases/crd-partitions/intentions-default-namespaces")
+						k8s.KubectlApplyK(t, clientClusterContext.KubectlOptions(t), "../fixtures/cases/crd-partitions/intentions-secondary-namespaces")
+						helpers.Cleanup(t, cfg.NoCleanupOnFailure, func() {
+							k8s.KubectlDeleteK(t, serverClusterContext.KubectlOptions(t), "../fixtures/cases/crd-partitions/intentions-default-namespaces")
+							k8s.KubectlDeleteK(t, clientClusterContext.KubectlOptions(t), "../fixtures/cases/crd-partitions/intentions-secondary-namespaces")
+						})
+					}
 				}
 
 				logger.Log(t, "checking that connection is successful")