Merge branch 'main' into stop-using-kots

Author: sgalsaleh

.github/workflows/ci.yaml

@@ -511,11 +511,11 @@ jobs:
 
       - name: Build
         env:
+          APP_CHANNEL: CI
           APP_CHANNEL_ID: 2cHXb1RCttzpR0xvnNWyaZCgDBP
           APP_CHANNEL_SLUG: ci
           RELEASE_YAML_DIR: e2e/kots-release-install
-          S3_BUCKET: "tf-staging-embedded-cluster-bin"
-          USES_DEV_BUCKET: "0"
+          S3_BUCKET: tf-staging-embedded-cluster-bin
           AWS_ACCESS_KEY_ID: ${{ secrets.STAGING_EMBEDDED_CLUSTER_UPLOAD_IAM_KEY_ID }}
           AWS_SECRET_ACCESS_KEY: ${{ secrets.STAGING_EMBEDDED_CLUSTER_UPLOAD_IAM_SECRET }}
           AWS_REGION: "us-east-1"
@@ -646,11 +646,11 @@ jobs:
 
       - name: Build
         env:
+          APP_CHANNEL: CI
           APP_CHANNEL_ID: 2cHXb1RCttzpR0xvnNWyaZCgDBP
           APP_CHANNEL_SLUG: ci
           RELEASE_YAML_DIR: e2e/kots-release-upgrade
-          S3_BUCKET: "tf-staging-embedded-cluster-bin"
-          USES_DEV_BUCKET: "0"
+          S3_BUCKET: tf-staging-embedded-cluster-bin
           AWS_ACCESS_KEY_ID: ${{ secrets.STAGING_EMBEDDED_CLUSTER_UPLOAD_IAM_KEY_ID }}
           AWS_SECRET_ACCESS_KEY: ${{ secrets.STAGING_EMBEDDED_CLUSTER_UPLOAD_IAM_SECRET }}
           AWS_REGION: "us-east-1"
@@ -761,8 +761,7 @@ jobs:
           REPLICATED_API_TOKEN: ${{ secrets.STAGING_REPLICATED_API_TOKEN }}
           REPLICATED_API_ORIGIN: "https://api.staging.replicated.com/vendor"
           APP_CHANNEL: CI
-          USES_DEV_BUCKET: "0"
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          S3_BUCKET: tf-staging-embedded-cluster-bin
         run: |
           export SHORT_SHA=dev-${{ needs.output-vars.outputs.git_sha }}
 
@@ -820,7 +819,7 @@ jobs:
           REPLICATED_API_TOKEN: ${{ secrets.STAGING_REPLICATED_API_TOKEN }}
           REPLICATED_API_ORIGIN: "https://api.staging.replicated.com/vendor"
           APP_CHANNEL: CI-airgap
-          USES_DEV_BUCKET: "0"
+          S3_BUCKET: tf-staging-embedded-cluster-bin
         run: |
           export SHORT_SHA=dev-${{ needs.output-vars.outputs.git_sha }}
 

.github/workflows/release-prod.yaml

@@ -314,7 +314,7 @@ jobs:
           REPLICATED_API_TOKEN: ${{ secrets.STAGING_REPLICATED_API_TOKEN }}
           REPLICATED_API_ORIGIN: "https://api.staging.replicated.com/vendor"
           APP_CHANNEL: CI
-          USES_DEV_BUCKET: "0"
+          S3_BUCKET: tf-staging-embedded-cluster-bin
         run: |
           # re-promote a release containing an old version of embedded-cluster to test upgrades
           export APP_VERSION="appver-${{ github.ref_name }}-pre-minio-removal"
@@ -362,7 +362,7 @@ jobs:
           REPLICATED_API_TOKEN: ${{ secrets.STAGING_REPLICATED_API_TOKEN }}
           REPLICATED_API_ORIGIN: "https://api.staging.replicated.com/vendor"
           APP_CHANNEL: CI-airgap
-          USES_DEV_BUCKET: "0"
+          S3_BUCKET: tf-staging-embedded-cluster-bin
         run: |
           # promote a release containing the previous stable version of embedded-cluster to test upgrades
           export EC_VERSION="${{ needs.find-previous-stable.outputs.ec_version }}"
@@ -400,7 +400,7 @@ jobs:
           REPLICATED_API_TOKEN: ${{ secrets.STAGING_REPLICATED_API_TOKEN }}
           REPLICATED_API_ORIGIN: "https://api.staging.replicated.com/vendor"
           APP_CHANNEL: Stable
-          USES_DEV_BUCKET: "0"
+          S3_BUCKET: tf-staging-embedded-cluster-bin
         run: |
           # create a release in the stable channel of our test app for use by CMX
           export EC_VERSION="${{ github.ref_name }}"

.gitignore

@@ -39,3 +39,6 @@ e2e/support-bundle*.tar.gz
 
 # Local Netlify folder
 .netlify
+
+# Test web assets created during dryrun tests
+tests/dryrun/web/

.trivyignore

@@ -183,6 +183,12 @@ output/bin/embedded-cluster-release-builder:
 	mkdir -p output/bin
 	CGO_ENABLED=0 go build -o output/bin/embedded-cluster-release-builder e2e/embedded-cluster-release-builder/main.go
 
+.PHONY: e2e-v3-initial-release
+e2e-v3-initial-release: export ARCH = amd64
+e2e-v3-initial-release: export UPLOAD_BINARIES = 1
+e2e-v3-initial-release: export ENABLE_V3 = 1
+e2e-v3-initial-release: initial-release
+
 .PHONY: initial-release
 initial-release: export EC_VERSION = $(VERSION)-$(CURRENT_USER)
 initial-release: export APP_VERSION = appver-dev-$(call random-string)
@@ -385,8 +391,12 @@ create-node%:
 	@$(MAKE) ssh-node$*
 
 .PHONY: ssh-node%
+ssh-node%: CUSTOMER_LICENSE_FILE = $(shell source ./local-dev/env.sh && echo "$$CUSTOMER_LICENSE_FILE")
 ssh-node%:
-	@docker exec -it -w /replicatedhq/embedded-cluster node$* bash
+	@docker exec -it -w /replicatedhq/embedded-cluster \
+		-e CUSTOMER_LICENSE_FILE="$(CUSTOMER_LICENSE_FILE)" \
+		node$* \
+		bash
 
 .PHONY: delete-node%
 delete-node%:

Makefile

@@ -25,6 +25,7 @@ Additionally, it includes a Registry when deployed in air gap mode, and SeaweedF
 - jq
 - oras
 - crane
+- op (1Password CLI)
 - Kubectl (for integration tests)
 - Kind (for integration tests)
 
@@ -36,36 +37,11 @@ Additionally, it includes a Registry when deployed in air gap mode, and SeaweedF
     cd embedded-cluster
     ```
 
-1. Set the following environment variables:
+1. Sign into the 1Password CLI (access to the "Developer Automation" vault is required)
     ```bash
-    export REPLICATED_APP=
-    export REPLICATED_API_TOKEN=
-    export REPLICATED_API_ORIGIN=
-    export APP_CHANNEL=
-    export APP_CHANNEL_ID=
-    export APP_CHANNEL_SLUG=
-    export AWS_ACCESS_KEY_ID=
-    export AWS_SECRET_ACCESS_KEY=
+    op signin
     ```
 
-    | Environment Variable | Description | Default Value |
-    |----------------------|-------------|---------------|
-    | `REPLICATED_APP` | The application slug | `embedded-cluster-smoke-test-staging-app` |
-    | `REPLICATED_API_TOKEN` | A vendor portal API token with write access to the application | (required) |
-    | `REPLICATED_API_ORIGIN` | The vendor-api URL | `https://api.staging.replicated.com/vendor` |
-    | `APP_CHANNEL` | The channel name (it's recommended to create a new channel just for your development environment.) | (required) |
-    | `APP_CHANNEL_ID` | The channel ID | (required) |
-    | `APP_CHANNEL_SLUG` | The channel slug | (required) |
-    | `AWS_ACCESS_KEY_ID` | AWS access key ID with write access to the `dev-embedded-cluster-bin` bucket in Replicated's dev AWS account | (required) |
-    | `AWS_SECRET_ACCESS_KEY` | AWS secret access key with write access to the `dev-embedded-cluster-bin` bucket in Replicated's dev AWS account | (required) |
-
-    Note: 
-    - To use a different AWS bucket or account, override using the `S3_BUCKET` environment variable.
-    - To use the Replicated staging bucket used in CI, set `USES_DEV_BUCKET=0`.
-
-1. In the Vendor Portal, create and download a license that is assigned to the channel.
-We recommend storing this license in the `local-dev/` directory, as it is gitignored and not otherwise used by the CI.
-
 ### V2 installs
 
 **For Online:**
@@ -79,7 +55,7 @@ We recommend storing this license in the `local-dev/` directory, as it is gitign
     ```
 1. Install the release:
     ```bash
-    output/bin/embedded-cluster install --license <license-file>
+    output/bin/embedded-cluster install --license "$CUSTOMER_LICENSE_FILE"
     ```
 1. Once that completes, you can access the admin console at http://localhost:30000
 
@@ -140,7 +116,7 @@ Embedded Cluster supports v3 releases which provide an enhanced manager UI exper
     ```
 1. Install the release:
     ```bash
-    ENABLE_V3=1 EC_DEV_ENV=true output/bin/embedded-cluster install --license <license-file> --target linux
+    ENABLE_V3=1 EC_DEV_ENV=true output/bin/embedded-cluster install --license "$CUSTOMER_LICENSE_FILE" --target linux
     ```
 
 **For Airgap:**
@@ -156,7 +132,7 @@ Embedded Cluster supports v3 releases which provide an enhanced manager UI exper
 1. Run the download and extract commands from the install instructions on the customer page.
 1. Run the following command to install the EC release in airgap mode:
     ```bash
-    ENABLE_V3=1 sudo -E ./<app-slug> install --license <license-file> --airgap-bundle <app-slug>.airgap --target linux
+    ENABLE_V3=1 sudo -E ./<app-slug> install --license "$CUSTOMER_LICENSE_FILE" --airgap-bundle <app-slug>.airgap --target linux
     ```
 
 **Note:** The release will be created using the manifests located in the `e2e/kots-release-install-v3` directory.
@@ -174,7 +150,7 @@ Embedded Cluster supports v3 releases which provide an enhanced manager UI exper
     ```
 1. Run the following command to upgrade the EC release:
     ```bash
-    ENABLE_V3=1 EC_DEV_ENV=true output/bin/embedded-cluster upgrade --license <license-file> --target linux
+    ENABLE_V3=1 EC_DEV_ENV=true output/bin/embedded-cluster upgrade --license "$CUSTOMER_LICENSE_FILE" --target linux
     ```
 
 **For Airgap:**
@@ -190,7 +166,7 @@ Embedded Cluster supports v3 releases which provide an enhanced manager UI exper
 1. Run the download and extract commands from the install instructions on the customer page.
 1. Run the following command to upgrade to the new EC release in airgap mode:
     ```bash
-    ENABLE_V3=1 EC_DEV_ENV=true sudo -E ./<app-slug> upgrade --license <license-file> --airgap-bundle <app-slug>.airgap --target linux
+    ENABLE_V3=1 EC_DEV_ENV=true sudo -E ./<app-slug> upgrade --license "$CUSTOMER_LICENSE_FILE" --airgap-bundle <app-slug>.airgap --target linux
     ```
 
 **Note:** The release will be created using the manifests located in the `e2e/kots-release-upgrade-v3` directory.

README.md

@@ -7,6 +7,7 @@ import (
 	"github.com/replicatedhq/embedded-cluster/api/controllers/console"
 	kubernetesinstall "github.com/replicatedhq/embedded-cluster/api/controllers/kubernetes/install"
 	kubernetesupgrade "github.com/replicatedhq/embedded-cluster/api/controllers/kubernetes/upgrade"
+	kurlmigration "github.com/replicatedhq/embedded-cluster/api/controllers/kurlmigration"
 	linuxinstall "github.com/replicatedhq/embedded-cluster/api/controllers/linux/install"
 	linuxupgrade "github.com/replicatedhq/embedded-cluster/api/controllers/linux/upgrade"
 	"github.com/replicatedhq/embedded-cluster/api/pkg/logger"
@@ -56,6 +57,7 @@ type API struct {
 	linuxUpgradeController      linuxupgrade.Controller
 	kubernetesInstallController kubernetesinstall.Controller
 	kubernetesUpgradeController kubernetesupgrade.Controller
+	kurlMigrationController     kurlmigration.Controller
 
 	handlers handlers
 }
@@ -105,6 +107,13 @@ func WithKubernetesUpgradeController(kubernetesUpgradeController kubernetesupgra
 	}
 }
 
+// WithKURLMigrationController configures the kURL migration controller for the API.
+func WithKURLMigrationController(kurlMigrationController kurlmigration.Controller) Option {
+	return func(a *API) {
+		a.kurlMigrationController = kurlMigrationController
+	}
+}
+
 // WithLogger configures the logger for the API. If not provided, a default logger will be created.
 func WithLogger(logger logrus.FieldLogger) Option {
 	return func(a *API) {

api/api.go

@@ -40,6 +40,11 @@ type Client interface {
 	ProcessLinuxUpgradeAirgap(ctx context.Context) (types.Airgap, error)
 	GetLinuxUpgradeAirgapStatus(ctx context.Context) (types.Airgap, error)
 
+	// kURL Migration methods
+	GetKURLMigrationConfig(ctx context.Context) (types.LinuxInstallationConfigResponse, error)
+	StartKURLMigration(ctx context.Context, transferMode string, config *types.LinuxInstallationConfig) (types.StartKURLMigrationResponse, error)
+	GetKURLMigrationStatus(ctx context.Context) (types.KURLMigrationStatusResponse, error)
+
 	GetKubernetesInstallationConfig(ctx context.Context) (types.KubernetesInstallationConfigResponse, error)
 	ConfigureKubernetesInstallation(ctx context.Context, config types.KubernetesInstallationConfig) (types.Status, error)
 	GetKubernetesInstallationStatus(ctx context.Context) (types.Status, error)

api/client/client.go

@@ -0,0 +1,100 @@
+package client
+
+import (
+	"bytes"
+	"context"
+	"encoding/json"
+	"fmt"
+	"net/http"
+
+	"github.com/replicatedhq/embedded-cluster/api/types"
+)
+
+// GetKURLMigrationConfig returns the installation configuration with kURL values, EC defaults, and resolved values.
+func (c *client) GetKURLMigrationConfig(ctx context.Context) (types.LinuxInstallationConfigResponse, error) {
+	req, err := http.NewRequestWithContext(ctx, "GET", fmt.Sprintf("%s/api/linux/kurl-migration/config", c.apiURL), nil)
+	if err != nil {
+		return types.LinuxInstallationConfigResponse{}, fmt.Errorf("create request: %w", err)
+	}
+	setAuthorizationHeader(req, c.token)
+
+	resp, err := c.httpClient.Do(req)
+	if err != nil {
+		return types.LinuxInstallationConfigResponse{}, fmt.Errorf("do request: %w", err)
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		return types.LinuxInstallationConfigResponse{}, errorFromResponse(resp)
+	}
+
+	var result types.LinuxInstallationConfigResponse
+	if err := json.NewDecoder(resp.Body).Decode(&result); err != nil {
+		return types.LinuxInstallationConfigResponse{}, fmt.Errorf("decode response: %w", err)
+	}
+
+	return result, nil
+}
+
+// StartKURLMigration starts a new kURL to EC migration.
+func (c *client) StartKURLMigration(ctx context.Context, transferMode string, config *types.LinuxInstallationConfig) (types.StartKURLMigrationResponse, error) {
+	requestBody := types.StartKURLMigrationRequest{
+		TransferMode: types.TransferMode(transferMode),
+		Config:       config,
+	}
+
+	body, err := json.Marshal(requestBody)
+	if err != nil {
+		return types.StartKURLMigrationResponse{}, fmt.Errorf("marshal request: %w", err)
+	}
+
+	req, err := http.NewRequestWithContext(ctx, "POST", fmt.Sprintf("%s/api/linux/kurl-migration/start", c.apiURL), bytes.NewReader(body))
+	if err != nil {
+		return types.StartKURLMigrationResponse{}, fmt.Errorf("create request: %w", err)
+	}
+	req.Header.Set("Content-Type", "application/json")
+	setAuthorizationHeader(req, c.token)
+
+	resp, err := c.httpClient.Do(req)
+	if err != nil {
+		return types.StartKURLMigrationResponse{}, fmt.Errorf("do request: %w", err)
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		return types.StartKURLMigrationResponse{}, errorFromResponse(resp)
+	}
+
+	var result types.StartKURLMigrationResponse
+	if err := json.NewDecoder(resp.Body).Decode(&result); err != nil {
+		return types.StartKURLMigrationResponse{}, fmt.Errorf("decode response: %w", err)
+	}
+
+	return result, nil
+}
+
+// GetKURLMigrationStatus returns the current status of the kURL migration.
+func (c *client) GetKURLMigrationStatus(ctx context.Context) (types.KURLMigrationStatusResponse, error) {
+	req, err := http.NewRequestWithContext(ctx, "GET", fmt.Sprintf("%s/api/linux/kurl-migration/status", c.apiURL), nil)
+	if err != nil {
+		return types.KURLMigrationStatusResponse{}, fmt.Errorf("create request: %w", err)
+	}
+	setAuthorizationHeader(req, c.token)
+
+	resp, err := c.httpClient.Do(req)
+	if err != nil {
+		return types.KURLMigrationStatusResponse{}, fmt.Errorf("do request: %w", err)
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		return types.KURLMigrationStatusResponse{}, errorFromResponse(resp)
+	}
+
+	var result types.KURLMigrationStatusResponse
+	if err := json.NewDecoder(resp.Body).Decode(&result); err != nil {
+		return types.KURLMigrationStatusResponse{}, fmt.Errorf("decode response: %w", err)
+	}
+
+	return result, nil
+}