This PR updates the dependency on deislabs/cnab-go and removes all remaining dependencies for Duffle, drastically simplifying the dependencies for this project, and adds an initial implementation for a Kubernetes driver, that would execute a pod with the invocation image inside the cluster.
TODO:
[ ] add parameters as a top level field in the CRD, so users can set them when creating installations
[ ] add a reference to a secret containing credential sets
[ ] pull parameters and credential sets used for an installation and add them to the invocation pod
[x] add testing for the Kubernetes driver
[x] fix linter
[ ] update readme
There is a discussion needed about how to best wait for the result of executing the invocation image - note that the Run method for the driver should be run by the controller on reconciliation, whenever the pulled bundle digest is different than whatever is already in the cluster - meaning that if we wait for the execution there, we block the reconciliation loop.
An alternative would be to create an additional controller that watches for invocation pods, and whenever they finish, the respective action claim gets updated - and I think I incline towards this method - does anyone see immediate downsides for this approach?
This PR updates the dependency on
deislabs/cnab-go
and removes all remaining dependencies for Duffle, drastically simplifying the dependencies for this project, and adds an initial implementation for a Kubernetes driver, that would execute a pod with the invocation image inside the cluster.TODO:
There is a discussion needed about how to best wait for the result of executing the invocation image - note that the
Run
method for the driver should be run by the controller on reconciliation, whenever the pulled bundle digest is different than whatever is already in the cluster - meaning that if we wait for the execution there, we block the reconciliation loop.An alternative would be to create an additional controller that watches for invocation pods, and whenever they finish, the respective action claim gets updated - and I think I incline towards this method - does anyone see immediate downsides for this approach?
Thanks!