Create OpenAPIV3 schema for kapp-controller package and generate pack…

…age with the schema (#2819)

* Create OpenAPIV3 schema for kapp-controller package and generate package with the schema
* Fix bug in package-overlay.yaml
* Add checks to scripts to error out when ytt manifests not generated successfully

Signed-off-by: Shivaani Gupta <gshivaani@vmware.com>

addons/packages/kapp-controller/0.30.0/bundle/config/schema.yaml

@@ -0,0 +1,45 @@
+#! schema.yaml
+
+#@data/values-schema
+#@schema/desc "OpenAPIv3 Schema for kapp-controller"
+---
+#@schema/desc "The namespace in which to deploy kapp-controller"
+namespace: kapp-controller
+#@schema/desc "Configuration for kapp-controller"
+kappController:
+  #@schema/desc "The namespace value used by older templates, will overwrite with top level namespace if present, for backward compatibility"
+  #@schema/nullable
+  namespace: kapp-controller
+  #@schema/desc "Whether to create namespace specified for kapp-controller"
+  createNamespace: true
+  #@schema/desc "The namespace value used for global packaging resources. Any Package and PackageMetadata CRs within that namespace will be included in all other namespaces on the cluster, without duplicating them"
+  globalNamespace: tanzu-package-repo-global
+  deployment:
+    #@schema/desc "The coreDNSIP will be injected into /etc/resolv.conf of kapp-controller pod"
+    #@schema/nullable
+    coreDNSIP: ""
+    #@schema/desc "Host network of kapp-controller deployment"
+    #@schema/nullable
+    hostNetwork: ""
+    #@schema/desc "The priority value that various system components use to find the priority of the kapp-controller pod"
+    #@schema/nullable
+    priorityClassName: ""
+    #@schema/desc "Concurrency of kapp-controller deployment"
+    concurrency: 4
+    #@schema/desc "kapp-controller deployment tolerations"
+    tolerations: ["toleration1"]
+    #@schema/desc "Bind port for kapp-controller API"
+    apiPort: 10350
+    #@schema/desc "Address for metrics server"
+    metricsBindAddress: ":8080"
+  config:
+    #@schema/desc "A cert chain of trusted CA certs. These will be added to the system-wide cert pool of trusted CA's"
+    caCerts: ""
+    #@schema/desc "The url/ip of a proxy for kapp controller to use when making network requests"
+    httpProxy: ""
+    #@schema/desc "The url/ip of a TLS capable proxy for kapp-controller to use when making network requests"
+    httpsProxy: ""
+    #@schema/desc "A comma delimited list of domain names which kapp-controller should bypass the proxy for when making requests"
+    noProxy: ""
+    #@schema/desc "A comma delimited list of hostnames for which kapp-controller should skip TLS verification"
+    dangerousSkipTLSVerify: ""

addons/packages/kapp-controller/0.30.0/package.yaml

@@ -5,21 +5,111 @@ metadata:
 spec:
   refName: kapp-controller.community.tanzu.vmware.com
   version: 0.30.0
-  releaseNotes: "kapp-controller 0.30.0 https://github.com/vmware-tanzu/carvel-kapp-controller"
+  releaseNotes: kapp-controller 0.30.0 https://github.com/vmware-tanzu/carvel-kapp-controller
   licenses:
-    - "Apache 2.0"
+  - Apache 2.0
   template:
     spec:
       fetch:
-        - imgpkgBundle:
-            image: projects.registry.vmware.com/tce/kapp-controller@sha256:26428e5233c6fa610a950c216c8e3eee5c76ce05e5385e8291b6acd91dc5bc26
+      - imgpkgBundle:
+          image: projects.registry.vmware.com/tce/kapp-controller@sha256:713530834c0849526b95dfa48027aa510c5fc1ec29a585a817a0918a542ce135
       template:
-        - ytt:
-            paths:
-              - config/
-        - kbld:
-            paths:
-              - "-"
-              - .imgpkg/images.yml
+      - ytt:
+          paths:
+          - config/
+      - kbld:
+          paths:
+          - '-'
+          - .imgpkg/images.yml
       deploy:
-        - kapp: {}
+      - kapp: {}
+  valuesSchema:
+    openAPIv3:
+      type: object
+      additionalProperties: false
+      description: OpenAPIv3 Schema for kapp-controller
+      properties:
+        namespace:
+          type: string
+          default: kapp-controller
+          description: The namespace in which to deploy kapp-controller
+        kappController:
+          type: object
+          additionalProperties: false
+          description: Configuration for kapp-controller
+          properties:
+            namespace:
+              type: string
+              default: null
+              nullable: true
+              description: The namespace value used by older templates, will overwrite with top level namespace if present, for backward compatibility
+            createNamespace:
+              type: boolean
+              default: true
+              description: Whether to create namespace specified for kapp-controller
+            globalNamespace:
+              type: string
+              default: tanzu-package-repo-global
+              description: The namespace value used for global packaging resources. Any Package and PackageMetadata CRs within that namespace will be included in all other namespaces on the cluster, without duplicating them
+            deployment:
+              type: object
+              additionalProperties: false
+              properties:
+                coreDNSIP:
+                  type: string
+                  default: null
+                  nullable: true
+                  description: The coreDNSIP will be injected into /etc/resolv.conf of kapp-controller pod
+                hostNetwork:
+                  type: string
+                  default: null
+                  nullable: true
+                  description: Host network of kapp-controller deployment
+                priorityClassName:
+                  type: string
+                  default: null
+                  nullable: true
+                  description: The priority value that various system components use to find the priority of the kapp-controller pod
+                concurrency:
+                  type: integer
+                  default: 4
+                  description: Concurrency of kapp-controller deployment
+                tolerations:
+                  type: array
+                  description: kapp-controller deployment tolerations
+                  items:
+                    type: string
+                    default: toleration1
+                  default: []
+                apiPort:
+                  type: integer
+                  default: 10350
+                  description: Bind port for kapp-controller API
+                metricsBindAddress:
+                  type: string
+                  default: :8080
+                  description: Address for metrics server
+            config:
+              type: object
+              additionalProperties: false
+              properties:
+                caCerts:
+                  type: string
+                  default: ""
+                  description: A cert chain of trusted CA certs. These will be added to the system-wide cert pool of trusted CA's
+                httpProxy:
+                  type: string
+                  default: ""
+                  description: The url/ip of a proxy for kapp controller to use when making network requests
+                httpsProxy:
+                  type: string
+                  default: ""
+                  description: The url/ip of a TLS capable proxy for kapp-controller to use when making network requests
+                noProxy:
+                  type: string
+                  default: ""
+                  description: A comma delimited list of domain names which kapp-controller should bypass the proxy for when making requests
+                dangerousSkipTLSVerify:
+                  type: string
+                  default: ""
+                  description: A comma delimited list of hostnames for which kapp-controller should skip TLS verification

addons/packages/package-overlay/package-overlay.yaml

@@ -4,6 +4,12 @@
 #@overlay/match by=overlay.subset({"kind":"Package"}),expects="1+"
 ---
 spec:
-#@overlay/replace
+  #@overlay/match missing_ok=True
+  valuesSchema: {}
+
+#@overlay/match by=overlay.subset({"kind":"Package"}),expects="1+"
+---
+spec:
+  #@overlay/replace
   valuesSchema:
     openAPIv3:  #@ yaml.decode(data.values.openapi)["components"]["schemas"]["dataValues"]

hack/packages/check-sample-values-and-render-ytt.sh

@@ -30,6 +30,7 @@ BUNDLE_DIR="${VERSION_DIR}/bundle"
 CONFIG_DIR="${BUNDLE_DIR}/config"
 NC='\033[0m' # No Color
 GREEN='\033[0;32m'
+RED='\033[0;31m'
 
 check_sample_values_and_render_ytt() {
   sample_values_dir="${VERSION_DIR}/sample-values"
@@ -41,7 +42,10 @@ check_sample_values_and_render_ytt() {
   fi
   cd "${CONFIG_DIR}" || exit
 	${yttCmd} > /dev/null
-	echo -e "${GREEN}===> ytt manifests successfully rendered for ${PACKAGE}/${VERSION}${NC}"
+	status=$?
+
+	[ $status -eq 0 ] && echo -e "${GREEN}===> ytt manifests successfully rendered for ${PACKAGE}/${VERSION}${NC}" || echo -e "${RED}===> $yttCmd failed. ytt manifests could not be generated!!${NC}"
+
 }
 
 check_sample_values_and_render_ytt

hack/packages/verify-openapischema-for-package.sh

@@ -40,10 +40,16 @@ verify_openapischema_for_package() {
     mkdir -p "${ARTIFACTS_DIR}"
     cd "${ARTIFACTS_DIR}" || exit
     ytt -f ../bundle/config/schema.yaml --data-values-schema-inspect -o openapi-v3 > generated-openapi-schema.yaml
-    yq e '.components.schemas.dataValues' generated-openapi-schema.yaml > schema-contents.yaml
-    yq e '.spec.valuesSchema.openAPIv3' ../package.yaml > package-schema-contents.yaml
-    diffyaml schema-contents.yaml package-schema-contents.yaml
-    echo -e "${GREEN}===> OpenAPIv3 contents match successful for schema and package${NC}"
+    status=$?
+    if [ $status -eq 0 ]; then
+      yq e '.components.schemas.dataValues' generated-openapi-schema.yaml > schema-contents.yaml
+      yq e '.spec.valuesSchema.openAPIv3' ../package.yaml > package-schema-contents.yaml
+      diffyaml schema-contents.yaml package-schema-contents.yaml
+      echo -e "${GREEN}===> OpenAPIv3 contents successfully matched for schema and package${NC}"
+    else
+      echo -e "${RED}===> ytt manifests could not be generated!!${NC}"
+      exit 1
+    fi
   fi
 }