Compositions: Better Status fields for plan

barney-s commented 1 month ago

Change description

Capture per resource health status for each stage
Record the Composition generation and UID since we are dependent on it transiently and not directly
Record the Input API generation only (since it is the owner for the plan, we dont need to record UID)
Record the Plan generation last reconciled

Example AppTeam

status:
  compositionGeneration: 1
  compositionUID: 989e8004-17ee-4f63-b56c-b61fdbca17f2
  conditions:
  - lastTransitionTime: "2024-06-16T07:18:23Z"
    message: 'Evaluated and Applied stages: project, namespace, setup-kcc, project-owner,
      bucket, compositions-context'
    reason: ProcessedAllStages
    status: "True"
    type: Ready
  generation: 19
  inputGeneration: 3
  stages:
    bucket:
      appliedCount: 1
      lastApplied:
      - group: storage.cnrm.cloud.google.com
        isHealthy: true
        kind: StorageBucket
        name: test-bucket-clearing-fhcnds
        namespace: clearing-fhcnds
        status: Resource is current
        version: v1beta1
      resourceCount: 1
    compositions-context:
      appliedCount: 1
      lastApplied:
      - group: composition.google.com
        isHealthy: true
        kind: Context
        name: context
        namespace: clearing-fhcnds
        status: Resource is current
        version: v1alpha1
      resourceCount: 1
    namespace:
      appliedCount: 1
      lastApplied:
      - isHealthy: true
        kind: Namespace
        name: clearing-fhcnds
        status: Resource is current
        version: v1
      resourceCount: 1
    project:
      appliedCount: 1
      lastApplied:
      - group: resourcemanager.cnrm.cloud.google.com
        isHealthy: true
        kind: Project
        name: clearing-fhcnds
        namespace: config-control
        status: Resource is current
        version: v1beta1
      resourceCount: 1
    project-owner:
      appliedCount: 1
      lastApplied:
      - group: iam.cnrm.cloud.google.com
        isHealthy: true
        kind: IAMPartialPolicy
        name: kcc-owners-permissions-clearing-fhcnds
        namespace: config-control
        status: Resource is current
        version: v1beta1
      resourceCount: 1
    setup-kcc:
      appliedCount: 3
      lastApplied:
      - group: core.cnrm.cloud.google.com
        isHealthy: true
        kind: ConfigConnectorContext
        name: configconnectorcontext.core.cnrm.cloud.google.com
        namespace: clearing-fhcnds
        status: Resource is current
        version: v1beta1
      - group: iam.cnrm.cloud.google.com
        isHealthy: true
        kind: IAMServiceAccount
        name: kcc-clearing-fhcnds
        namespace: config-control
        status: Resource is current
        version: v1beta1
      - group: iam.cnrm.cloud.google.com
        isHealthy: true
        kind: IAMPartialPolicy
        name: clearing-fhcnds-sa-workload-identity-binding
        namespace: config-control
        status: Resource is current
        version: v1beta1
      resourceCount: 3

Example CloudSQL

status:
  compositionGeneration: 3
  compositionUID: 0cb1fbd3-5d5d-4c15-8a58-54d5d7f06ddf
  conditions:
  - lastTransitionTime: "2024-06-16T07:18:20Z"
    message: 'Evaluated and Applied stages: enable-services, block2, block3'
    reason: ProcessedAllStages
    status: "True"
    type: Ready
  generation: 5
  inputGeneration: 2
  stages:
    block2:
      appliedCount: 1
      lastApplied:
      - group: serviceusage.cnrm.cloud.google.com
        isHealthy: true
        kind: ServiceIdentity
        name: sqladmin.googleapis.com
        namespace: clearing-l8245dsw
        status: Resource is current
        version: v1beta1
      resourceCount: 1
    block3:
      appliedCount: 8
      lastApplied:
      - group: kms.cnrm.cloud.google.com
        isHealthy: true
        kind: KMSKeyRing
        name: kmscryptokeyring-us-central1
        namespace: clearing-l8245dsw
        status: Resource is current
        version: v1beta1
      - group: kms.cnrm.cloud.google.com
        isHealthy: true
        kind: KMSCryptoKey
        name: kmscryptokey-enc-us-central1
        namespace: clearing-l8245dsw
        status: Resource is current
        version: v1beta1
      - group: iam.cnrm.cloud.google.com
        isHealthy: true
        kind: IAMPolicyMember
        name: sql-kms-us-central1-policybinding
        namespace: clearing-l8245dsw
        status: Resource is current
        version: v1beta1
      - group: sql.cnrm.cloud.google.com
        isHealthy: true
        kind: SQLInstance
        name: collateral-db-main
        namespace: clearing-l8245dsw
        status: Resource is current
        version: v1beta1
      - group: kms.cnrm.cloud.google.com
        isHealthy: true
        kind: KMSKeyRing
        name: kmscryptokeyring-us-east1
        namespace: clearing-l8245dsw
        status: Resource is current
        version: v1beta1
      - group: kms.cnrm.cloud.google.com
        isHealthy: true
        kind: KMSCryptoKey
        name: kmscryptokey-enc-us-east1
        namespace: clearing-l8245dsw
        status: Resource is current
        version: v1beta1
      - group: iam.cnrm.cloud.google.com
        isHealthy: true
        kind: IAMPolicyMember
        name: sql-kms-us-east1-policybinding
        namespace: clearing-l8245dsw
        status: Resource is current
        version: v1beta1
      - group: sql.cnrm.cloud.google.com
        isHealthy: true
        kind: SQLInstance
        name: collateral-db-replica-us-east1
        namespace: clearing-l8245dsw
        status: Resource is current
        version: v1beta1
      resourceCount: 8
    enable-services:
      appliedCount: 4
      lastApplied:
      - group: serviceusage.cnrm.cloud.google.com
        isHealthy: true
        kind: Service
        name: cloudkms.googleapis.com
        namespace: clearing-l8245dsw
        status: Resource is current
        version: v1beta1
      - group: serviceusage.cnrm.cloud.google.com
        isHealthy: true
        kind: Service
        name: iam.googleapis.com
        namespace: clearing-l8245dsw
        status: Resource is current
        version: v1beta1
      - group: serviceusage.cnrm.cloud.google.com
        isHealthy: true
        kind: Service
        name: serviceusage.googleapis.com
        namespace: clearing-l8245dsw
        status: Resource is current
        version: v1beta1
      - group: serviceusage.cnrm.cloud.google.com
        isHealthy: true
        kind: Service
        name: sqladmin.googleapis.com
        namespace: clearing-l8245dsw
        status: Resource is current
        version: v1beta1
      resourceCount: 4

barney-s commented 1 month ago

/assign @cheftako /assign @justinsb /assign @xiaoweim

cheftako commented 1 month ago

/lgtm /approve Please fix the boolean field...

google-oss-prow[bot] commented 1 month ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: cheftako

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/GoogleCloudPlatform/k8s-config-connector/blob/master/OWNERS)~~ [cheftako] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment

GoogleCloudPlatform / k8s-config-connector