From eb0e6a6cf1e6d5e302a164b9aa7e59bf1519e154 Mon Sep 17 00:00:00 2001 From: Alexander Cristurean Date: Mon, 9 Mar 2026 18:06:57 +0100 Subject: [PATCH 01/15] feat: make local-setup. Signed-off-by: Alexander Cristurean --- Makefile | 3 ++ make/dependencies.mk | 52 ++++++++++++++++++++++++++++++++++ make/envoygateway.mk | 11 ++++++++ make/istio.mk | 33 ++++++++++++++++++++++ make/kind.mk | 14 ++++++++++ make/kuadrant.mk | 66 ++++++++++++++++++++++++++++++++++++++++++++ make/local-setup.mk | 28 +++++++++++++++++++ make/tools.mk | 32 +++++++++++++++++++++ 8 files changed, 239 insertions(+) create mode 100644 make/dependencies.mk create mode 100644 make/envoygateway.mk create mode 100644 make/istio.mk create mode 100644 make/kind.mk create mode 100644 make/kuadrant.mk create mode 100644 make/local-setup.mk create mode 100644 make/tools.mk diff --git a/Makefile b/Makefile index c829a32d..670c8691 100644 --- a/Makefile +++ b/Makefile @@ -190,6 +190,9 @@ test-scale-dnspolicy: kube-burner ## Run DNSPolicy scale tests. cd scale_test/dnspolicy && $(KUBE_BURNER) init -c ${KUBEBURNER_WORKLOAD} --log-level debug +# Include local environment setup modules +include ./make/*.mk + ##@ Build Dependencies ## Location to install dependencies to diff --git a/make/dependencies.mk b/make/dependencies.mk new file mode 100644 index 00000000..20834e0c --- /dev/null +++ b/make/dependencies.mk @@ -0,0 +1,52 @@ + +##@ Core Dependencies + +CERT_MANAGER_VERSION ?= v1.18.2 +METALLB_VERSION ?= v0.15.2 +GATEWAY_API_VERSION ?= v1.3.0 + +.PHONY: install-metrics-server +install-metrics-server: ## Install metrics-server + @echo "Installing metrics-server..." + kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml + kubectl patch deployment metrics-server -n kube-system --type=json -p '[{"op":"add","path":"/spec/template/spec/containers/0/args/-","value":"--kubelet-insecure-tls"}]' + @echo "✅ metrics-server installed" + +.PHONY: install-metallb +install-metallb: ## Install MetalLB for LoadBalancer services + @echo "Installing MetalLB $(METALLB_VERSION)..." + kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/$(METALLB_VERSION)/config/manifests/metallb-native.yaml + kubectl wait --namespace metallb-system --for=condition=Available deployment/controller --timeout=90s + kubectl wait --namespace metallb-system --for=condition=ready pod --selector=component=controller --timeout=90s + @echo "Configuring MetalLB IP pool..." + @printf '%s\n' \ + 'apiVersion: metallb.io/v1beta1' \ + 'kind: IPAddressPool' \ + 'metadata:' \ + ' name: default' \ + ' namespace: metallb-system' \ + 'spec:' \ + ' addresses:' \ + ' - 172.18.255.200-172.18.255.250' \ + | kubectl apply -f - + @printf '%s\n' \ + 'apiVersion: metallb.io/v1beta1' \ + 'kind: L2Advertisement' \ + 'metadata:' \ + ' name: default' \ + ' namespace: metallb-system' \ + | kubectl apply -f - + @echo "✅ MetalLB installed with IP pool 172.18.255.200-172.18.255.250" + +.PHONY: gateway-api-install +gateway-api-install: ## Install Gateway API CRDs + @echo "Installing Gateway API $(GATEWAY_API_VERSION)..." + kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/$(GATEWAY_API_VERSION)/standard-install.yaml + @echo "✅ Gateway API CRDs installed" + +.PHONY: install-cert-manager +install-cert-manager: ## Install cert-manager + @echo "Installing cert-manager $(CERT_MANAGER_VERSION)..." + kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/$(CERT_MANAGER_VERSION)/cert-manager.yaml + kubectl wait --namespace cert-manager --for=condition=Available deployment/cert-manager --timeout=120s + @echo "✅ cert-manager installed" \ No newline at end of file diff --git a/make/envoygateway.mk b/make/envoygateway.mk new file mode 100644 index 00000000..dd14e331 --- /dev/null +++ b/make/envoygateway.mk @@ -0,0 +1,11 @@ + +##@ EnvoyGateway + +.PHONY: envoygateway-install +envoygateway-install: ## Install EnvoyGateway + @echo "Installing EnvoyGateway..." + helm install eg oci://docker.io/envoyproxy/gateway-helm --version v1.2.4 \ + --create-namespace \ + --namespace envoy-gateway-system \ + --wait + @echo "✅ EnvoyGateway installed" \ No newline at end of file diff --git a/make/istio.mk b/make/istio.mk new file mode 100644 index 00000000..9b7d63cc --- /dev/null +++ b/make/istio.mk @@ -0,0 +1,33 @@ + +##@ Istio + +ISTIO_VERSION ?= v1.26-latest +SAIL_OPERATOR_VERSION ?= v1.26-latest + +.PHONY: istio-install +istio-install: ## Install Istio via SAIL operator + @echo "Installing Sail Operator $(SAIL_OPERATOR_VERSION)..." + helm repo add sail-operator https://istio-ecosystem.github.io/sail-operator --force-update + helm install sail-operator \ + --create-namespace \ + --namespace istio-system \ + --wait \ + --timeout=300s \ + sail-operator/sail-operator \ + --version $(SAIL_OPERATOR_VERSION) + @echo "Creating Istio CR..." + @printf '%s\n' \ + 'apiVersion: sailoperator.io/v1' \ + 'kind: Istio' \ + 'metadata:' \ + ' name: default' \ + 'spec:' \ + ' namespace: istio-system' \ + ' updateStrategy:' \ + ' type: InPlace' \ + ' values:' \ + ' pilot:' \ + ' autoscaleMin: 2' \ + ' version: $(ISTIO_VERSION)' \ + | kubectl apply -f - + @echo "✅ Istio $(ISTIO_VERSION) installed via SAIL" \ No newline at end of file diff --git a/make/kind.mk b/make/kind.mk new file mode 100644 index 00000000..b50b3be6 --- /dev/null +++ b/make/kind.mk @@ -0,0 +1,14 @@ + +##@ Kind Cluster + +KIND_CLUSTER_NAME ?= kuadrant-local + +.PHONY: kind-create-cluster +kind-create-cluster: ## Create kind cluster + @echo "Creating kind cluster '$(KIND_CLUSTER_NAME)'..." + @kind create cluster --name $(KIND_CLUSTER_NAME) || echo "Cluster already exists" + +.PHONY: kind-delete-cluster +kind-delete-cluster: ## Delete kind cluster + @echo "Deleting kind cluster '$(KIND_CLUSTER_NAME)'..." + @kind delete cluster --name $(KIND_CLUSTER_NAME) || true \ No newline at end of file diff --git a/make/kuadrant.mk b/make/kuadrant.mk new file mode 100644 index 00000000..df9faaad --- /dev/null +++ b/make/kuadrant.mk @@ -0,0 +1,66 @@ + +##@ Kuadrant + +KUADRANT_NAMESPACE ?= kuadrant-system +KUADRANT_OPERATOR_VERSION ?= latest +KUADRANT_OPERATOR_IMAGE ?= + +.PHONY: create-test-namespaces +create-test-namespaces: ## Create namespaces for testing + @echo "Creating test namespaces..." + kubectl create namespace kuadrant || true + kubectl create namespace kuadrant2 || true + @echo "✅ Test namespaces created" + +.PHONY: deploy-kuadrant-operator +deploy-kuadrant-operator: ## Deploy Kuadrant Operator (via Helm by default, or custom image) +ifneq ($(KUADRANT_OPERATOR_IMAGE),) + @echo "Installing Kuadrant Operator from custom image: $(KUADRANT_OPERATOR_IMAGE)" + $(MAKE) deploy-kuadrant-operator-local +else ifeq ($(KUADRANT_OPERATOR_VERSION),latest) + @echo "Installing Kuadrant Operator (latest from Helm)..." + helm repo add kuadrant https://kuadrant.io/helm-charts/ --force-update + helm install kuadrant-operator kuadrant/kuadrant-operator --create-namespace --namespace $(KUADRANT_NAMESPACE) + kubectl -n $(KUADRANT_NAMESPACE) wait --timeout=300s --for=condition=Available deployments --all + @echo "✅ Kuadrant Operator installed (latest)" +else + @echo "Installing Kuadrant Operator version $(KUADRANT_OPERATOR_VERSION)..." + helm repo add kuadrant https://kuadrant.io/helm-charts/ --force-update + helm install kuadrant-operator kuadrant/kuadrant-operator --version $(KUADRANT_OPERATOR_VERSION) --create-namespace --namespace $(KUADRANT_NAMESPACE) + kubectl -n $(KUADRANT_NAMESPACE) wait --timeout=300s --for=condition=Available deployments --all + @echo "✅ Kuadrant Operator $(KUADRANT_OPERATOR_VERSION) installed" +endif + +.PHONY: deploy-kuadrant-operator-local +deploy-kuadrant-operator-local: ## Deploy Kuadrant Operator from local build/image + @if [ -z "$(KUADRANT_OPERATOR_IMAGE)" ]; then \ + echo "ERROR: KUADRANT_OPERATOR_IMAGE not set"; \ + echo "Set KUADRANT_OPERATOR_IMAGE=your-image:tag"; \ + exit 1; \ + fi + @echo "Loading image into kind cluster..." + kind load docker-image $(KUADRANT_OPERATOR_IMAGE) --name $(KIND_CLUSTER_NAME) + @echo "Deploying operator with image $(KUADRANT_OPERATOR_IMAGE)..." + kubectl create namespace $(KUADRANT_NAMESPACE) || true + kubectl apply -k https://github.com/kuadrant/kuadrant-operator/config/crd + cd /tmp && \ + git clone --depth=1 https://github.com/kuadrant/kuadrant-operator.git kuadrant-operator-deploy 2>/dev/null || (cd kuadrant-operator-deploy && git pull) && \ + cd kuadrant-operator-deploy/config/manager && \ + kustomize edit set image controller=$(KUADRANT_OPERATOR_IMAGE) && \ + kustomize build ../deploy | kubectl apply --server-side -f - + kubectl -n $(KUADRANT_NAMESPACE) wait --timeout=300s --for=condition=Available deployments --all + @echo "✅ Kuadrant Operator deployed from image $(KUADRANT_OPERATOR_IMAGE)" + +.PHONY: deploy-kuadrant-cr +deploy-kuadrant-cr: ## Deploy Kuadrant CR + @echo "Creating Kuadrant CR..." + @printf '%s\n' \ + 'apiVersion: kuadrant.io/v1beta1' \ + 'kind: Kuadrant' \ + 'metadata:' \ + ' name: kuadrant-sample' \ + ' namespace: $(KUADRANT_NAMESPACE)' \ + 'spec: {}' \ + | kubectl apply -f - + kubectl wait kuadrant/kuadrant-sample --for=condition=Ready=True -n $(KUADRANT_NAMESPACE) --timeout=120s + @echo "✅ Kuadrant CR ready" \ No newline at end of file diff --git a/make/local-setup.mk b/make/local-setup.mk new file mode 100644 index 00000000..0fffe158 --- /dev/null +++ b/make/local-setup.mk @@ -0,0 +1,28 @@ + +##@ Local Environment Setup + +GATEWAYAPI_PROVIDER ?= istio + +.PHONY: local-setup +local-setup: ## Complete local environment setup (kind cluster + all dependencies) + $(MAKE) kind-delete-cluster + $(MAKE) kind-create-cluster + $(MAKE) install-metrics-server + $(MAKE) install-metallb + $(MAKE) gateway-api-install + $(MAKE) install-cert-manager + $(MAKE) $(GATEWAYAPI_PROVIDER)-install + $(MAKE) create-test-namespaces + $(MAKE) deploy-kuadrant-operator + $(MAKE) deploy-kuadrant-cr + $(MAKE) deploy-testsuite-tools + @echo "" + @echo "🎉 Local environment setup complete!" + @echo " Cluster: $(KIND_CLUSTER_NAME)" + @echo " Gateway Provider: $(GATEWAYAPI_PROVIDER)" + @echo "" + @echo "Run tests with: make kuadrant" + +.PHONY: local-cleanup +local-cleanup: ## Delete local kind cluster + $(MAKE) kind-delete-cluster \ No newline at end of file diff --git a/make/tools.mk b/make/tools.mk new file mode 100644 index 00000000..1345621d --- /dev/null +++ b/make/tools.mk @@ -0,0 +1,32 @@ + +##@ Testsuite Tools + +RH_REGISTRY_USERNAME ?= +RH_REGISTRY_PASSWORD ?= + +.PHONY: deploy-testsuite-tools +deploy-testsuite-tools: ## Deploy testsuite tools (Keycloak, etc.) + @echo "Deploying testsuite tools..." + kubectl create namespace tools || true + @if [ -n "$(RH_REGISTRY_USERNAME)" ] && [ -n "$(RH_REGISTRY_PASSWORD)" ]; then \ + echo "Creating Red Hat registry secret..."; \ + kubectl -n tools create secret docker-registry redhat-registry-secret \ + --docker-server=registry.redhat.io \ + --docker-username="$(RH_REGISTRY_USERNAME)" \ + --docker-password="$(RH_REGISTRY_PASSWORD)" \ + --dry-run=client -o yaml | kubectl apply -f -; \ + kubectl -n tools patch serviceaccount default \ + -p '{"imagePullSecrets": [{"name": "redhat-registry-secret"}]}'; \ + else \ + echo "Red Hat registry credentials not provided, skipping secret creation"; \ + fi + helm repo add kuadrant-olm https://kuadrant.io/helm-charts-olm --force-update + helm repo update + helm install \ + --set=tools.keycloak.keycloakProvider=deployment \ + --set=tools.coredns.enable=false \ + --debug \ + --wait \ + --timeout=10m0s \ + tools kuadrant-olm/tools-instances + @echo "✅ Testsuite tools deployed" \ No newline at end of file From 8c98821204bdca9d8bfd4093d3bd9176e3d26fbb Mon Sep 17 00:00:00 2001 From: Alexander Cristurean Date: Tue, 10 Mar 2026 10:51:31 +0100 Subject: [PATCH 02/15] fix: cosmetic changes. Signed-off-by: Alexander Cristurean --- Makefile | 4 +++- make/dependencies.mk | 10 +++------- make/istio.mk | 5 +---- make/kind.mk | 2 -- make/kuadrant.mk | 31 +++++++++++++------------------ make/local-setup.mk | 8 ++++++-- make/tools.mk | 5 +---- make/vars.mk | 32 ++++++++++++++++++++++++++++++++ 8 files changed, 59 insertions(+), 38 deletions(-) create mode 100644 make/vars.mk diff --git a/Makefile b/Makefile index 670c8691..5a79dc9c 100644 --- a/Makefile +++ b/Makefile @@ -191,7 +191,9 @@ test-scale-dnspolicy: kube-burner ## Run DNSPolicy scale tests. # Include local environment setup modules -include ./make/*.mk +# Load variables first, then all other modules +include ./make/vars.mk +include $(filter-out ./make/vars.mk,$(wildcard ./make/*.mk)) ##@ Build Dependencies diff --git a/make/dependencies.mk b/make/dependencies.mk index 20834e0c..85d833fb 100644 --- a/make/dependencies.mk +++ b/make/dependencies.mk @@ -1,10 +1,6 @@ ##@ Core Dependencies -CERT_MANAGER_VERSION ?= v1.18.2 -METALLB_VERSION ?= v0.15.2 -GATEWAY_API_VERSION ?= v1.3.0 - .PHONY: install-metrics-server install-metrics-server: ## Install metrics-server @echo "Installing metrics-server..." @@ -16,8 +12,8 @@ install-metrics-server: ## Install metrics-server install-metallb: ## Install MetalLB for LoadBalancer services @echo "Installing MetalLB $(METALLB_VERSION)..." kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/$(METALLB_VERSION)/config/manifests/metallb-native.yaml - kubectl wait --namespace metallb-system --for=condition=Available deployment/controller --timeout=90s - kubectl wait --namespace metallb-system --for=condition=ready pod --selector=component=controller --timeout=90s + kubectl wait --namespace metallb-system --for=condition=Available deployment/controller --timeout=$(METALLB_TIMEOUT) + kubectl wait --namespace metallb-system --for=condition=ready pod --selector=component=controller --timeout=$(METALLB_TIMEOUT) @echo "Configuring MetalLB IP pool..." @printf '%s\n' \ 'apiVersion: metallb.io/v1beta1' \ @@ -48,5 +44,5 @@ gateway-api-install: ## Install Gateway API CRDs install-cert-manager: ## Install cert-manager @echo "Installing cert-manager $(CERT_MANAGER_VERSION)..." kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/$(CERT_MANAGER_VERSION)/cert-manager.yaml - kubectl wait --namespace cert-manager --for=condition=Available deployment/cert-manager --timeout=120s + kubectl wait --namespace cert-manager --for=condition=Available deployment/cert-manager --timeout=$(CERT_MANAGER_TIMEOUT) @echo "✅ cert-manager installed" \ No newline at end of file diff --git a/make/istio.mk b/make/istio.mk index 9b7d63cc..86f22020 100644 --- a/make/istio.mk +++ b/make/istio.mk @@ -1,9 +1,6 @@ ##@ Istio -ISTIO_VERSION ?= v1.26-latest -SAIL_OPERATOR_VERSION ?= v1.26-latest - .PHONY: istio-install istio-install: ## Install Istio via SAIL operator @echo "Installing Sail Operator $(SAIL_OPERATOR_VERSION)..." @@ -12,7 +9,7 @@ istio-install: ## Install Istio via SAIL operator --create-namespace \ --namespace istio-system \ --wait \ - --timeout=300s \ + --timeout=$(HELM_TIMEOUT) \ sail-operator/sail-operator \ --version $(SAIL_OPERATOR_VERSION) @echo "Creating Istio CR..." diff --git a/make/kind.mk b/make/kind.mk index b50b3be6..c8fecfea 100644 --- a/make/kind.mk +++ b/make/kind.mk @@ -1,8 +1,6 @@ ##@ Kind Cluster -KIND_CLUSTER_NAME ?= kuadrant-local - .PHONY: kind-create-cluster kind-create-cluster: ## Create kind cluster @echo "Creating kind cluster '$(KIND_CLUSTER_NAME)'..." diff --git a/make/kuadrant.mk b/make/kuadrant.mk index df9faaad..fb9a2680 100644 --- a/make/kuadrant.mk +++ b/make/kuadrant.mk @@ -1,10 +1,6 @@ ##@ Kuadrant -KUADRANT_NAMESPACE ?= kuadrant-system -KUADRANT_OPERATOR_VERSION ?= latest -KUADRANT_OPERATOR_IMAGE ?= - .PHONY: create-test-namespaces create-test-namespaces: ## Create namespaces for testing @echo "Creating test namespaces..." @@ -17,17 +13,13 @@ deploy-kuadrant-operator: ## Deploy Kuadrant Operator (via Helm by default, or c ifneq ($(KUADRANT_OPERATOR_IMAGE),) @echo "Installing Kuadrant Operator from custom image: $(KUADRANT_OPERATOR_IMAGE)" $(MAKE) deploy-kuadrant-operator-local -else ifeq ($(KUADRANT_OPERATOR_VERSION),latest) - @echo "Installing Kuadrant Operator (latest from Helm)..." - helm repo add kuadrant https://kuadrant.io/helm-charts/ --force-update - helm install kuadrant-operator kuadrant/kuadrant-operator --create-namespace --namespace $(KUADRANT_NAMESPACE) - kubectl -n $(KUADRANT_NAMESPACE) wait --timeout=300s --for=condition=Available deployments --all - @echo "✅ Kuadrant Operator installed (latest)" else - @echo "Installing Kuadrant Operator version $(KUADRANT_OPERATOR_VERSION)..." + @echo "Installing Kuadrant Operator $(KUADRANT_OPERATOR_VERSION) from Helm..." helm repo add kuadrant https://kuadrant.io/helm-charts/ --force-update - helm install kuadrant-operator kuadrant/kuadrant-operator --version $(KUADRANT_OPERATOR_VERSION) --create-namespace --namespace $(KUADRANT_NAMESPACE) - kubectl -n $(KUADRANT_NAMESPACE) wait --timeout=300s --for=condition=Available deployments --all + $(if $(filter latest,$(KUADRANT_OPERATOR_VERSION)), \ + helm install kuadrant-operator kuadrant/kuadrant-operator --create-namespace --namespace $(KUADRANT_NAMESPACE), \ + helm install kuadrant-operator kuadrant/kuadrant-operator --version $(KUADRANT_OPERATOR_VERSION) --create-namespace --namespace $(KUADRANT_NAMESPACE)) + kubectl -n $(KUADRANT_NAMESPACE) wait --timeout=$(KUBECTL_TIMEOUT) --for=condition=Available deployments --all @echo "✅ Kuadrant Operator $(KUADRANT_OPERATOR_VERSION) installed" endif @@ -43,12 +35,15 @@ deploy-kuadrant-operator-local: ## Deploy Kuadrant Operator from local build/ima @echo "Deploying operator with image $(KUADRANT_OPERATOR_IMAGE)..." kubectl create namespace $(KUADRANT_NAMESPACE) || true kubectl apply -k https://github.com/kuadrant/kuadrant-operator/config/crd - cd /tmp && \ - git clone --depth=1 https://github.com/kuadrant/kuadrant-operator.git kuadrant-operator-deploy 2>/dev/null || (cd kuadrant-operator-deploy && git pull) && \ - cd kuadrant-operator-deploy/config/manager && \ + @if [ ! -d "/tmp/kuadrant-operator-deploy" ]; then \ + cd /tmp && git clone --depth=1 https://github.com/kuadrant/kuadrant-operator.git kuadrant-operator-deploy; \ + else \ + cd /tmp/kuadrant-operator-deploy && git pull; \ + fi + cd /tmp/kuadrant-operator-deploy/config/manager && \ kustomize edit set image controller=$(KUADRANT_OPERATOR_IMAGE) && \ kustomize build ../deploy | kubectl apply --server-side -f - - kubectl -n $(KUADRANT_NAMESPACE) wait --timeout=300s --for=condition=Available deployments --all + kubectl -n $(KUADRANT_NAMESPACE) wait --timeout=$(KUBECTL_TIMEOUT) --for=condition=Available deployments --all @echo "✅ Kuadrant Operator deployed from image $(KUADRANT_OPERATOR_IMAGE)" .PHONY: deploy-kuadrant-cr @@ -62,5 +57,5 @@ deploy-kuadrant-cr: ## Deploy Kuadrant CR ' namespace: $(KUADRANT_NAMESPACE)' \ 'spec: {}' \ | kubectl apply -f - - kubectl wait kuadrant/kuadrant-sample --for=condition=Ready=True -n $(KUADRANT_NAMESPACE) --timeout=120s + kubectl wait kuadrant/kuadrant-sample --for=condition=Ready=True -n $(KUADRANT_NAMESPACE) --timeout=$(KUADRANT_CR_TIMEOUT) @echo "✅ Kuadrant CR ready" \ No newline at end of file diff --git a/make/local-setup.mk b/make/local-setup.mk index 0fffe158..341469d0 100644 --- a/make/local-setup.mk +++ b/make/local-setup.mk @@ -1,10 +1,14 @@ ##@ Local Environment Setup -GATEWAYAPI_PROVIDER ?= istio - .PHONY: local-setup local-setup: ## Complete local environment setup (kind cluster + all dependencies) + @# Validate GATEWAYAPI_PROVIDER + @if [ "$(GATEWAYAPI_PROVIDER)" != "istio" ] && [ "$(GATEWAYAPI_PROVIDER)" != "envoygateway" ]; then \ + echo "ERROR: Invalid GATEWAYAPI_PROVIDER='$(GATEWAYAPI_PROVIDER)'"; \ + echo "Valid values: istio, envoygateway"; \ + exit 1; \ + fi $(MAKE) kind-delete-cluster $(MAKE) kind-create-cluster $(MAKE) install-metrics-server diff --git a/make/tools.mk b/make/tools.mk index 1345621d..51e1fc3a 100644 --- a/make/tools.mk +++ b/make/tools.mk @@ -1,9 +1,6 @@ ##@ Testsuite Tools -RH_REGISTRY_USERNAME ?= -RH_REGISTRY_PASSWORD ?= - .PHONY: deploy-testsuite-tools deploy-testsuite-tools: ## Deploy testsuite tools (Keycloak, etc.) @echo "Deploying testsuite tools..." @@ -27,6 +24,6 @@ deploy-testsuite-tools: ## Deploy testsuite tools (Keycloak, etc.) --set=tools.coredns.enable=false \ --debug \ --wait \ - --timeout=10m0s \ + --timeout=$(TOOLS_TIMEOUT) \ tools kuadrant-olm/tools-instances @echo "✅ Testsuite tools deployed" \ No newline at end of file diff --git a/make/vars.mk b/make/vars.mk new file mode 100644 index 00000000..fcaafbef --- /dev/null +++ b/make/vars.mk @@ -0,0 +1,32 @@ + +##@ Configuration Variables + +# Kind cluster configuration +KIND_CLUSTER_NAME ?= kuadrant-local + +# Gateway provider (istio or envoygateway) +GATEWAYAPI_PROVIDER ?= istio + +# Version pinning +ISTIO_VERSION ?= v1.26-latest +SAIL_OPERATOR_VERSION ?= v1.26-latest +CERT_MANAGER_VERSION ?= v1.18.2 +METALLB_VERSION ?= v0.15.2 +GATEWAY_API_VERSION ?= v1.3.0 + +# Kuadrant configuration +KUADRANT_NAMESPACE ?= kuadrant-system +KUADRANT_OPERATOR_VERSION ?= latest +KUADRANT_OPERATOR_IMAGE ?= + +# Red Hat registry credentials (optional) +RH_REGISTRY_USERNAME ?= +RH_REGISTRY_PASSWORD ?= + +# Timeout configurations (in seconds) +KUBECTL_TIMEOUT ?= 300s +CERT_MANAGER_TIMEOUT ?= 120s +KUADRANT_CR_TIMEOUT ?= 120s +METALLB_TIMEOUT ?= 90s +HELM_TIMEOUT ?= 300s +TOOLS_TIMEOUT ?= 10m0s From 012081e59c27adbc1791a652ab5fed3f83b0c611 Mon Sep 17 00:00:00 2001 From: Alexander Cristurean Date: Tue, 10 Mar 2026 14:39:36 +0100 Subject: [PATCH 03/15] fix: add cluster issuer. Signed-off-by: Alexander Cristurean --- make/dependencies.mk | 15 ++++++++++++++- make/local-setup.mk | 1 + 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/make/dependencies.mk b/make/dependencies.mk index 85d833fb..453d4256 100644 --- a/make/dependencies.mk +++ b/make/dependencies.mk @@ -45,4 +45,17 @@ install-cert-manager: ## Install cert-manager @echo "Installing cert-manager $(CERT_MANAGER_VERSION)..." kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/$(CERT_MANAGER_VERSION)/cert-manager.yaml kubectl wait --namespace cert-manager --for=condition=Available deployment/cert-manager --timeout=$(CERT_MANAGER_TIMEOUT) - @echo "✅ cert-manager installed" \ No newline at end of file + @echo "✅ cert-manager installed" + +.PHONY: create-cluster-issuer +create-cluster-issuer: ## Create self-signed ClusterIssuer for TLS testing + @echo "Creating self-signed ClusterIssuer..." + @printf '%s\n' \ + 'apiVersion: cert-manager.io/v1' \ + 'kind: ClusterIssuer' \ + 'metadata:' \ + ' name: kuadrant-qe-issuer' \ + 'spec:' \ + ' selfSigned: {}' \ + | kubectl apply -f - + @echo "✅ ClusterIssuer 'kuadrant-qe-issuer' created" \ No newline at end of file diff --git a/make/local-setup.mk b/make/local-setup.mk index 341469d0..e6e3ad8e 100644 --- a/make/local-setup.mk +++ b/make/local-setup.mk @@ -15,6 +15,7 @@ local-setup: ## Complete local environment setup (kind cluster + all dependencie $(MAKE) install-metallb $(MAKE) gateway-api-install $(MAKE) install-cert-manager + $(MAKE) create-cluster-issuer $(MAKE) $(GATEWAYAPI_PROVIDER)-install $(MAKE) create-test-namespaces $(MAKE) deploy-kuadrant-operator From 87e6693ea27a01f879bee997c7357093c0df608f Mon Sep 17 00:00:00 2001 From: Alexander Cristurean Date: Tue, 10 Mar 2026 15:10:42 +0100 Subject: [PATCH 04/15] fix: add cluster issuer. Signed-off-by: Alexander Cristurean --- make/dependencies.mk | 2 ++ 1 file changed, 2 insertions(+) diff --git a/make/dependencies.mk b/make/dependencies.mk index 453d4256..24c698cd 100644 --- a/make/dependencies.mk +++ b/make/dependencies.mk @@ -45,6 +45,8 @@ install-cert-manager: ## Install cert-manager @echo "Installing cert-manager $(CERT_MANAGER_VERSION)..." kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/$(CERT_MANAGER_VERSION)/cert-manager.yaml kubectl wait --namespace cert-manager --for=condition=Available deployment/cert-manager --timeout=$(CERT_MANAGER_TIMEOUT) + kubectl wait --namespace cert-manager --for=condition=Available deployment/cert-manager-webhook --timeout=$(CERT_MANAGER_TIMEOUT) + kubectl wait --namespace cert-manager --for=condition=ready pod --selector=app.kubernetes.io/name=webhook --timeout=$(CERT_MANAGER_TIMEOUT) @echo "✅ cert-manager installed" .PHONY: create-cluster-issuer From 2b0c1da94d850a2269907db3109a57445b7d24a2 Mon Sep 17 00:00:00 2001 From: Alexander Cristurean Date: Tue, 10 Mar 2026 15:58:40 +0100 Subject: [PATCH 05/15] fix: added aws creds secret creation for dns. Signed-off-by: Alexander Cristurean --- make/dependencies.mk | 21 ++++++++++++++++++++- make/local-setup.mk | 1 + make/vars.mk | 8 +++++++- 3 files changed, 28 insertions(+), 2 deletions(-) diff --git a/make/dependencies.mk b/make/dependencies.mk index 24c698cd..183eda0d 100644 --- a/make/dependencies.mk +++ b/make/dependencies.mk @@ -60,4 +60,23 @@ create-cluster-issuer: ## Create self-signed ClusterIssuer for TLS testing 'spec:' \ ' selfSigned: {}' \ | kubectl apply -f - - @echo "✅ ClusterIssuer 'kuadrant-qe-issuer' created" \ No newline at end of file + @echo "✅ ClusterIssuer 'kuadrant-qe-issuer' created" + +.PHONY: create-aws-credentials +create-aws-credentials: ## Create AWS credentials secret for DNS testing + @echo "Creating AWS credentials secret..." + @printf '%s\n' \ + 'apiVersion: v1' \ + 'kind: Secret' \ + 'metadata:' \ + ' name: aws-credentials' \ + ' namespace: kuadrant' \ + ' annotations:' \ + ' base_domain: $(AWS_BASE_DOMAIN)' \ + 'stringData:' \ + ' AWS_ACCESS_KEY_ID: $(AWS_ACCESS_KEY_ID)' \ + ' AWS_REGION: $(AWS_REGION)' \ + ' AWS_SECRET_ACCESS_KEY: $(AWS_SECRET_ACCESS_KEY)' \ + 'type: kuadrant.io/aws' \ + | kubectl apply -f - + @echo "✅ AWS credentials secret created in kuadrant namespace" \ No newline at end of file diff --git a/make/local-setup.mk b/make/local-setup.mk index e6e3ad8e..fa1c18fc 100644 --- a/make/local-setup.mk +++ b/make/local-setup.mk @@ -18,6 +18,7 @@ local-setup: ## Complete local environment setup (kind cluster + all dependencie $(MAKE) create-cluster-issuer $(MAKE) $(GATEWAYAPI_PROVIDER)-install $(MAKE) create-test-namespaces + $(MAKE) create-aws-credentials $(MAKE) deploy-kuadrant-operator $(MAKE) deploy-kuadrant-cr $(MAKE) deploy-testsuite-tools diff --git a/make/vars.mk b/make/vars.mk index fcaafbef..e0475923 100644 --- a/make/vars.mk +++ b/make/vars.mk @@ -19,10 +19,16 @@ KUADRANT_NAMESPACE ?= kuadrant-system KUADRANT_OPERATOR_VERSION ?= latest KUADRANT_OPERATOR_IMAGE ?= -# Red Hat registry credentials (optional) +# Red Hat registry credentials RH_REGISTRY_USERNAME ?= RH_REGISTRY_PASSWORD ?= +# AWS credentials for DNS testing (optional - defaults to dummy values) +AWS_ACCESS_KEY_ID ?= +AWS_SECRET_ACCESS_KEY ?= +AWS_REGION ?= +AWS_BASE_DOMAIN ?= + # Timeout configurations (in seconds) KUBECTL_TIMEOUT ?= 300s CERT_MANAGER_TIMEOUT ?= 120s From 375cb518d4aa675dbbcc59b31ada67e2d3680b3f Mon Sep 17 00:00:00 2001 From: Alexander Cristurean Date: Tue, 10 Mar 2026 16:17:05 +0100 Subject: [PATCH 06/15] fix: cosmetic changes. Signed-off-by: Alexander Cristurean --- README.md | 52 ++++++++++++++++++++++++++++++++++++++++++++ make/dependencies.mk | 38 +++++++++++++++++--------------- make/tools.mk | 30 ++++++++++++------------- make/vars.mk | 2 +- 4 files changed, 89 insertions(+), 33 deletions(-) diff --git a/README.md b/README.md index 75606569..541976a7 100644 --- a/README.md +++ b/README.md @@ -32,6 +32,58 @@ make poetry > - [Kuadrant Helm Charts](https://github.com/Kuadrant/helm-charts) for any Kubernetes cluster > - [Deploying Kuadrant via OLM](https://github.com/Kuadrant/helm-charts-olm/blob/main/README.md) for OpenShift (recommended as it also deploys testing tools) +## Local Kind Cluster Setup + +For local development and testing, you can set up a complete Kuadrant environment using Kind (Kubernetes in Docker). + +### Prerequisites +* [Kind](https://kind.sigs.k8s.io/docs/user/quick-start/#installation) +* [Helm](https://helm.sh/docs/intro/install/) +* **Red Hat Registry credentials** (optional but recommended for testing tools) + - Username: Your Red Hat account username + - Password: Your Red Hat registry token (from [console.redhat.com/openshift/downloads](https://console.redhat.com/openshift/downloads)) + - **Note:** Without these credentials, testing tools (Keycloak, Mockserver, etc.) won't be deployed, but core Kuadrant functionality will still work + +### Quick Start + +Set up a complete local environment with one command: + +```bash +# Optional: Red Hat registry credentials (for testing tools like Keycloak) +# (if not provided, tools won't be deployed but core functionality will work) +export RH_REGISTRY_USERNAME= +export RH_REGISTRY_PASSWORD= + +# Optional: AWS credentials for DNS testing +# (if not provided, the secret won't be created and DNS tests will be skipped) +export AWS_ACCESS_KEY_ID= +export AWS_SECRET_ACCESS_KEY= +export AWS_REGION=us-east-1 +export AWS_BASE_DOMAIN=test.example.com + +# Run the setup (defaults to Istio gateway) +make local-setup + +# Or specify EnvoyGateway +GATEWAYAPI_PROVIDER=envoygateway make local-setup +``` + +This will: +1. Create a Kind cluster named `kuadrant-local` +2. Install metrics-server and MetalLB (LoadBalancer support) +3. Install Gateway API CRDs +4. Install cert-manager and create a self-signed ClusterIssuer +5. Install Istio or EnvoyGateway (based on `GATEWAYAPI_PROVIDER`) +6. Create test namespaces (`kuadrant`, `kuadrant2`) +7. Create AWS credentials secret (only if AWS credentials are provided) +8. Deploy Kuadrant Operator and Kuadrant CR +9. Deploy testing tools (only if RH_REGISTRY credentials are provided) - Keycloak, Mockserver, etc. + +**Cleanup:** +```bash +make local-cleanup # Delete the Kind cluster +``` + ## Configuration The Kuadrant testsuite uses [Dynaconf](https://www.dynaconf.com/) for configuration. diff --git a/make/dependencies.mk b/make/dependencies.mk index 183eda0d..3fc74859 100644 --- a/make/dependencies.mk +++ b/make/dependencies.mk @@ -63,20 +63,24 @@ create-cluster-issuer: ## Create self-signed ClusterIssuer for TLS testing @echo "✅ ClusterIssuer 'kuadrant-qe-issuer' created" .PHONY: create-aws-credentials -create-aws-credentials: ## Create AWS credentials secret for DNS testing - @echo "Creating AWS credentials secret..." - @printf '%s\n' \ - 'apiVersion: v1' \ - 'kind: Secret' \ - 'metadata:' \ - ' name: aws-credentials' \ - ' namespace: kuadrant' \ - ' annotations:' \ - ' base_domain: $(AWS_BASE_DOMAIN)' \ - 'stringData:' \ - ' AWS_ACCESS_KEY_ID: $(AWS_ACCESS_KEY_ID)' \ - ' AWS_REGION: $(AWS_REGION)' \ - ' AWS_SECRET_ACCESS_KEY: $(AWS_SECRET_ACCESS_KEY)' \ - 'type: kuadrant.io/aws' \ - | kubectl apply -f - - @echo "✅ AWS credentials secret created in kuadrant namespace" \ No newline at end of file +create-aws-credentials: ## Create AWS credentials secret for DNS testing (only if credentials provided) + @if [ -n "$(AWS_ACCESS_KEY_ID)" ] && [ -n "$(AWS_SECRET_ACCESS_KEY)" ] && [ -n "$(AWS_REGION)" ] && [ -n "$(AWS_BASE_DOMAIN)" ]; then \ + echo "Creating AWS credentials secret..."; \ + printf '%s\n' \ + 'apiVersion: v1' \ + 'kind: Secret' \ + 'metadata:' \ + ' name: aws-credentials' \ + ' namespace: kuadrant' \ + ' annotations:' \ + ' base_domain: $(AWS_BASE_DOMAIN)' \ + 'stringData:' \ + ' AWS_ACCESS_KEY_ID: $(AWS_ACCESS_KEY_ID)' \ + ' AWS_REGION: $(AWS_REGION)' \ + ' AWS_SECRET_ACCESS_KEY: $(AWS_SECRET_ACCESS_KEY)' \ + 'type: kuadrant.io/aws' \ + | kubectl apply -f -; \ + echo "✅ AWS credentials secret created in kuadrant namespace"; \ + else \ + echo "⏭️ Skipping AWS credentials secret (requires AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_REGION, and AWS_BASE_DOMAIN)"; \ + fi \ No newline at end of file diff --git a/make/tools.mk b/make/tools.mk index 51e1fc3a..ba3cbbab 100644 --- a/make/tools.mk +++ b/make/tools.mk @@ -2,10 +2,10 @@ ##@ Testsuite Tools .PHONY: deploy-testsuite-tools -deploy-testsuite-tools: ## Deploy testsuite tools (Keycloak, etc.) - @echo "Deploying testsuite tools..." - kubectl create namespace tools || true +deploy-testsuite-tools: ## Deploy testsuite tools (Keycloak, etc.) - requires RH_REGISTRY credentials @if [ -n "$(RH_REGISTRY_USERNAME)" ] && [ -n "$(RH_REGISTRY_PASSWORD)" ]; then \ + echo "Deploying testsuite tools..."; \ + kubectl create namespace tools || true; \ echo "Creating Red Hat registry secret..."; \ kubectl -n tools create secret docker-registry redhat-registry-secret \ --docker-server=registry.redhat.io \ @@ -14,16 +14,16 @@ deploy-testsuite-tools: ## Deploy testsuite tools (Keycloak, etc.) --dry-run=client -o yaml | kubectl apply -f -; \ kubectl -n tools patch serviceaccount default \ -p '{"imagePullSecrets": [{"name": "redhat-registry-secret"}]}'; \ + helm repo add kuadrant-olm https://kuadrant.io/helm-charts-olm --force-update; \ + helm repo update; \ + helm install \ + --set=tools.keycloak.keycloakProvider=deployment \ + --set=tools.coredns.enable=false \ + --debug \ + --wait \ + --timeout=$(TOOLS_TIMEOUT) \ + tools kuadrant-olm/tools-instances; \ + echo "✅ Testsuite tools deployed"; \ else \ - echo "Red Hat registry credentials not provided, skipping secret creation"; \ - fi - helm repo add kuadrant-olm https://kuadrant.io/helm-charts-olm --force-update - helm repo update - helm install \ - --set=tools.keycloak.keycloakProvider=deployment \ - --set=tools.coredns.enable=false \ - --debug \ - --wait \ - --timeout=$(TOOLS_TIMEOUT) \ - tools kuadrant-olm/tools-instances - @echo "✅ Testsuite tools deployed" \ No newline at end of file + echo "⏭️ Skipping testsuite tools deployment (requires RH_REGISTRY_USERNAME and RH_REGISTRY_PASSWORD)"; \ + fi \ No newline at end of file diff --git a/make/vars.mk b/make/vars.mk index e0475923..1bcc111a 100644 --- a/make/vars.mk +++ b/make/vars.mk @@ -23,7 +23,7 @@ KUADRANT_OPERATOR_IMAGE ?= RH_REGISTRY_USERNAME ?= RH_REGISTRY_PASSWORD ?= -# AWS credentials for DNS testing (optional - defaults to dummy values) +# AWS credentials for DNS testing (optional - secret only created if provided) AWS_ACCESS_KEY_ID ?= AWS_SECRET_ACCESS_KEY ?= AWS_REGION ?= From e4efe50e3fab00ad293d2b45ec7cf2e3a1c51942 Mon Sep 17 00:00:00 2001 From: Alexander Cristurean Date: Wed, 11 Mar 2026 13:46:29 +0100 Subject: [PATCH 07/15] feat: added env patch for kuadrant-operator. Signed-off-by: Alexander Cristurean --- make/kuadrant.mk | 24 ++++++++++++++++++++++++ make/vars.mk | 5 +++++ 2 files changed, 29 insertions(+) diff --git a/make/kuadrant.mk b/make/kuadrant.mk index fb9a2680..dc97998d 100644 --- a/make/kuadrant.mk +++ b/make/kuadrant.mk @@ -20,6 +20,7 @@ else helm install kuadrant-operator kuadrant/kuadrant-operator --create-namespace --namespace $(KUADRANT_NAMESPACE), \ helm install kuadrant-operator kuadrant/kuadrant-operator --version $(KUADRANT_OPERATOR_VERSION) --create-namespace --namespace $(KUADRANT_NAMESPACE)) kubectl -n $(KUADRANT_NAMESPACE) wait --timeout=$(KUBECTL_TIMEOUT) --for=condition=Available deployments --all + $(MAKE) patch-kuadrant-operator-env @echo "✅ Kuadrant Operator $(KUADRANT_OPERATOR_VERSION) installed" endif @@ -44,8 +45,31 @@ deploy-kuadrant-operator-local: ## Deploy Kuadrant Operator from local build/ima kustomize edit set image controller=$(KUADRANT_OPERATOR_IMAGE) && \ kustomize build ../deploy | kubectl apply --server-side -f - kubectl -n $(KUADRANT_NAMESPACE) wait --timeout=$(KUBECTL_TIMEOUT) --for=condition=Available deployments --all + $(MAKE) patch-kuadrant-operator-env @echo "✅ Kuadrant Operator deployed from image $(KUADRANT_OPERATOR_IMAGE)" +.PHONY: patch-kuadrant-operator-env +patch-kuadrant-operator-env: ## Patch Kuadrant Operator deployment with custom env vars +ifneq ($(KUADRANT_OPERATOR_ENV_VARS),) + @echo "Patching Kuadrant Operator with environment variables..." + @ENV_PATCH='['; \ + IFS=',' read -ra PAIRS <<< "$(KUADRANT_OPERATOR_ENV_VARS)"; \ + for i in "$${!PAIRS[@]}"; do \ + PAIR="$${PAIRS[$$i]}"; \ + NAME=$$(echo "$$PAIR" | cut -d'=' -f1); \ + VALUE=$$(echo "$$PAIR" | cut -d'=' -f2-); \ + [ $$i -gt 0 ] && ENV_PATCH="$$ENV_PATCH,"; \ + ENV_PATCH="$$ENV_PATCH{\"name\":\"$$NAME\",\"value\":\"$$VALUE\"}"; \ + done; \ + ENV_PATCH="$$ENV_PATCH]"; \ + kubectl patch deployment kuadrant-operator-controller-manager -n $(KUADRANT_NAMESPACE) \ + --type=json -p="[{\"op\":\"add\",\"path\":\"/spec/template/spec/containers/0/env\",\"value\":$$ENV_PATCH}]"; \ + kubectl -n $(KUADRANT_NAMESPACE) rollout status deployment/kuadrant-operator-controller-manager --timeout=$(KUBECTL_TIMEOUT) + @echo "✅ Kuadrant Operator patched with env vars" +else + @echo "No custom env vars specified (KUADRANT_OPERATOR_ENV_VARS not set)" +endif + .PHONY: deploy-kuadrant-cr deploy-kuadrant-cr: ## Deploy Kuadrant CR @echo "Creating Kuadrant CR..." diff --git a/make/vars.mk b/make/vars.mk index 1bcc111a..fceaf4db 100644 --- a/make/vars.mk +++ b/make/vars.mk @@ -19,6 +19,11 @@ KUADRANT_NAMESPACE ?= kuadrant-system KUADRANT_OPERATOR_VERSION ?= latest KUADRANT_OPERATOR_IMAGE ?= +# Kuadrant Operator environment variables +# Default: Service timeouts for faster test execution +# Override with your own: KUADRANT_OPERATOR_ENV_VARS="LOG_LEVEL=debug,..." +KUADRANT_OPERATOR_ENV_VARS ?= AUTH_SERVICE_TIMEOUT=1000ms,RATELIMIT_SERVICE_TIMEOUT=1000ms,RATELIMIT_CHECK_SERVICE_TIMEOUT=1000ms,RATELIMIT_REPORT_SERVICE_TIMEOUT=1000ms + # Red Hat registry credentials RH_REGISTRY_USERNAME ?= RH_REGISTRY_PASSWORD ?= From 5599247d5818e94198e20b4b53cde8bb7687a4f0 Mon Sep 17 00:00:00 2001 From: Alexander Cristurean Date: Wed, 11 Mar 2026 14:04:19 +0100 Subject: [PATCH 08/15] fix: env patch on kuadrant-operator. Signed-off-by: Alexander Cristurean --- make/kuadrant.mk | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/make/kuadrant.mk b/make/kuadrant.mk index dc97998d..a2745286 100644 --- a/make/kuadrant.mk +++ b/make/kuadrant.mk @@ -52,18 +52,20 @@ deploy-kuadrant-operator-local: ## Deploy Kuadrant Operator from local build/ima patch-kuadrant-operator-env: ## Patch Kuadrant Operator deployment with custom env vars ifneq ($(KUADRANT_OPERATOR_ENV_VARS),) @echo "Patching Kuadrant Operator with environment variables..." - @ENV_PATCH='['; \ + @EXISTING_ENV=$$(kubectl get deployment kuadrant-operator-controller-manager -n $(KUADRANT_NAMESPACE) -o jsonpath='{.spec.template.spec.containers[0].env}'); \ + NEW_ENV='['; \ IFS=',' read -ra PAIRS <<< "$(KUADRANT_OPERATOR_ENV_VARS)"; \ for i in "$${!PAIRS[@]}"; do \ PAIR="$${PAIRS[$$i]}"; \ NAME=$$(echo "$$PAIR" | cut -d'=' -f1); \ VALUE=$$(echo "$$PAIR" | cut -d'=' -f2-); \ - [ $$i -gt 0 ] && ENV_PATCH="$$ENV_PATCH,"; \ - ENV_PATCH="$$ENV_PATCH{\"name\":\"$$NAME\",\"value\":\"$$VALUE\"}"; \ + [ $$i -gt 0 ] && NEW_ENV="$$NEW_ENV,"; \ + NEW_ENV="$$NEW_ENV{\"name\":\"$$NAME\",\"value\":\"$$VALUE\"}"; \ done; \ - ENV_PATCH="$$ENV_PATCH]"; \ + NEW_ENV="$$NEW_ENV]"; \ + MERGED_ENV=$$(echo "$$EXISTING_ENV$$NEW_ENV" | jq -s '.[0] + .[1] | unique_by(.name)'); \ kubectl patch deployment kuadrant-operator-controller-manager -n $(KUADRANT_NAMESPACE) \ - --type=json -p="[{\"op\":\"add\",\"path\":\"/spec/template/spec/containers/0/env\",\"value\":$$ENV_PATCH}]"; \ + --type=json -p="[{\"op\":\"replace\",\"path\":\"/spec/template/spec/containers/0/env\",\"value\":$$MERGED_ENV}]"; \ kubectl -n $(KUADRANT_NAMESPACE) rollout status deployment/kuadrant-operator-controller-manager --timeout=$(KUBECTL_TIMEOUT) @echo "✅ Kuadrant Operator patched with env vars" else From 5e9f6ea6a2135eef3c07283e4e39d872c39e5f03 Mon Sep 17 00:00:00 2001 From: Alexander Cristurean Date: Thu, 12 Mar 2026 15:42:48 +0100 Subject: [PATCH 09/15] fix: cosmetic changes. Signed-off-by: Alexander Cristurean --- make/dependencies.mk | 14 +++++++------- make/envoygateway.mk | 2 +- make/istio.mk | 2 +- make/kind.mk | 2 +- make/kuadrant.mk | 10 +++++----- make/local-setup.mk | 4 ++-- make/tools.mk | 4 ++-- 7 files changed, 19 insertions(+), 19 deletions(-) diff --git a/make/dependencies.mk b/make/dependencies.mk index 3fc74859..c735b50d 100644 --- a/make/dependencies.mk +++ b/make/dependencies.mk @@ -6,7 +6,7 @@ install-metrics-server: ## Install metrics-server @echo "Installing metrics-server..." kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml kubectl patch deployment metrics-server -n kube-system --type=json -p '[{"op":"add","path":"/spec/template/spec/containers/0/args/-","value":"--kubelet-insecure-tls"}]' - @echo "✅ metrics-server installed" + @echo "metrics-server installed" .PHONY: install-metallb install-metallb: ## Install MetalLB for LoadBalancer services @@ -32,13 +32,13 @@ install-metallb: ## Install MetalLB for LoadBalancer services ' name: default' \ ' namespace: metallb-system' \ | kubectl apply -f - - @echo "✅ MetalLB installed with IP pool 172.18.255.200-172.18.255.250" + @echo "MetalLB installed with IP pool 172.18.255.200-172.18.255.250" .PHONY: gateway-api-install gateway-api-install: ## Install Gateway API CRDs @echo "Installing Gateway API $(GATEWAY_API_VERSION)..." kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/$(GATEWAY_API_VERSION)/standard-install.yaml - @echo "✅ Gateway API CRDs installed" + @echo "Gateway API CRDs installed" .PHONY: install-cert-manager install-cert-manager: ## Install cert-manager @@ -47,7 +47,7 @@ install-cert-manager: ## Install cert-manager kubectl wait --namespace cert-manager --for=condition=Available deployment/cert-manager --timeout=$(CERT_MANAGER_TIMEOUT) kubectl wait --namespace cert-manager --for=condition=Available deployment/cert-manager-webhook --timeout=$(CERT_MANAGER_TIMEOUT) kubectl wait --namespace cert-manager --for=condition=ready pod --selector=app.kubernetes.io/name=webhook --timeout=$(CERT_MANAGER_TIMEOUT) - @echo "✅ cert-manager installed" + @echo "cert-manager installed" .PHONY: create-cluster-issuer create-cluster-issuer: ## Create self-signed ClusterIssuer for TLS testing @@ -60,7 +60,7 @@ create-cluster-issuer: ## Create self-signed ClusterIssuer for TLS testing 'spec:' \ ' selfSigned: {}' \ | kubectl apply -f - - @echo "✅ ClusterIssuer 'kuadrant-qe-issuer' created" + @echo "ClusterIssuer 'kuadrant-qe-issuer' created" .PHONY: create-aws-credentials create-aws-credentials: ## Create AWS credentials secret for DNS testing (only if credentials provided) @@ -80,7 +80,7 @@ create-aws-credentials: ## Create AWS credentials secret for DNS testing (only i ' AWS_SECRET_ACCESS_KEY: $(AWS_SECRET_ACCESS_KEY)' \ 'type: kuadrant.io/aws' \ | kubectl apply -f -; \ - echo "✅ AWS credentials secret created in kuadrant namespace"; \ + echo "AWS credentials secret created in kuadrant namespace"; \ else \ echo "⏭️ Skipping AWS credentials secret (requires AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_REGION, and AWS_BASE_DOMAIN)"; \ - fi \ No newline at end of file + fi diff --git a/make/envoygateway.mk b/make/envoygateway.mk index dd14e331..c503cb08 100644 --- a/make/envoygateway.mk +++ b/make/envoygateway.mk @@ -8,4 +8,4 @@ envoygateway-install: ## Install EnvoyGateway --create-namespace \ --namespace envoy-gateway-system \ --wait - @echo "✅ EnvoyGateway installed" \ No newline at end of file + @echo "EnvoyGateway installed" diff --git a/make/istio.mk b/make/istio.mk index 86f22020..81a6d14d 100644 --- a/make/istio.mk +++ b/make/istio.mk @@ -27,4 +27,4 @@ istio-install: ## Install Istio via SAIL operator ' autoscaleMin: 2' \ ' version: $(ISTIO_VERSION)' \ | kubectl apply -f - - @echo "✅ Istio $(ISTIO_VERSION) installed via SAIL" \ No newline at end of file + @echo "Istio $(ISTIO_VERSION) installed via SAIL" diff --git a/make/kind.mk b/make/kind.mk index c8fecfea..f034bf66 100644 --- a/make/kind.mk +++ b/make/kind.mk @@ -9,4 +9,4 @@ kind-create-cluster: ## Create kind cluster .PHONY: kind-delete-cluster kind-delete-cluster: ## Delete kind cluster @echo "Deleting kind cluster '$(KIND_CLUSTER_NAME)'..." - @kind delete cluster --name $(KIND_CLUSTER_NAME) || true \ No newline at end of file + @kind delete cluster --name $(KIND_CLUSTER_NAME) || true diff --git a/make/kuadrant.mk b/make/kuadrant.mk index a2745286..0f4c746b 100644 --- a/make/kuadrant.mk +++ b/make/kuadrant.mk @@ -6,7 +6,7 @@ create-test-namespaces: ## Create namespaces for testing @echo "Creating test namespaces..." kubectl create namespace kuadrant || true kubectl create namespace kuadrant2 || true - @echo "✅ Test namespaces created" + @echo "Test namespaces created" .PHONY: deploy-kuadrant-operator deploy-kuadrant-operator: ## Deploy Kuadrant Operator (via Helm by default, or custom image) @@ -21,7 +21,7 @@ else helm install kuadrant-operator kuadrant/kuadrant-operator --version $(KUADRANT_OPERATOR_VERSION) --create-namespace --namespace $(KUADRANT_NAMESPACE)) kubectl -n $(KUADRANT_NAMESPACE) wait --timeout=$(KUBECTL_TIMEOUT) --for=condition=Available deployments --all $(MAKE) patch-kuadrant-operator-env - @echo "✅ Kuadrant Operator $(KUADRANT_OPERATOR_VERSION) installed" + @echo "Kuadrant Operator $(KUADRANT_OPERATOR_VERSION) installed" endif .PHONY: deploy-kuadrant-operator-local @@ -46,7 +46,7 @@ deploy-kuadrant-operator-local: ## Deploy Kuadrant Operator from local build/ima kustomize build ../deploy | kubectl apply --server-side -f - kubectl -n $(KUADRANT_NAMESPACE) wait --timeout=$(KUBECTL_TIMEOUT) --for=condition=Available deployments --all $(MAKE) patch-kuadrant-operator-env - @echo "✅ Kuadrant Operator deployed from image $(KUADRANT_OPERATOR_IMAGE)" + @echo "Kuadrant Operator deployed from image $(KUADRANT_OPERATOR_IMAGE)" .PHONY: patch-kuadrant-operator-env patch-kuadrant-operator-env: ## Patch Kuadrant Operator deployment with custom env vars @@ -67,7 +67,7 @@ ifneq ($(KUADRANT_OPERATOR_ENV_VARS),) kubectl patch deployment kuadrant-operator-controller-manager -n $(KUADRANT_NAMESPACE) \ --type=json -p="[{\"op\":\"replace\",\"path\":\"/spec/template/spec/containers/0/env\",\"value\":$$MERGED_ENV}]"; \ kubectl -n $(KUADRANT_NAMESPACE) rollout status deployment/kuadrant-operator-controller-manager --timeout=$(KUBECTL_TIMEOUT) - @echo "✅ Kuadrant Operator patched with env vars" + @echo "Kuadrant Operator patched with env vars" else @echo "No custom env vars specified (KUADRANT_OPERATOR_ENV_VARS not set)" endif @@ -84,4 +84,4 @@ deploy-kuadrant-cr: ## Deploy Kuadrant CR 'spec: {}' \ | kubectl apply -f - kubectl wait kuadrant/kuadrant-sample --for=condition=Ready=True -n $(KUADRANT_NAMESPACE) --timeout=$(KUADRANT_CR_TIMEOUT) - @echo "✅ Kuadrant CR ready" \ No newline at end of file + @echo "Kuadrant CR ready" diff --git a/make/local-setup.mk b/make/local-setup.mk index fa1c18fc..91e05eac 100644 --- a/make/local-setup.mk +++ b/make/local-setup.mk @@ -23,7 +23,7 @@ local-setup: ## Complete local environment setup (kind cluster + all dependencie $(MAKE) deploy-kuadrant-cr $(MAKE) deploy-testsuite-tools @echo "" - @echo "🎉 Local environment setup complete!" + @echo "Local environment setup complete!" @echo " Cluster: $(KIND_CLUSTER_NAME)" @echo " Gateway Provider: $(GATEWAYAPI_PROVIDER)" @echo "" @@ -31,4 +31,4 @@ local-setup: ## Complete local environment setup (kind cluster + all dependencie .PHONY: local-cleanup local-cleanup: ## Delete local kind cluster - $(MAKE) kind-delete-cluster \ No newline at end of file + $(MAKE) kind-delete-cluster diff --git a/make/tools.mk b/make/tools.mk index ba3cbbab..8d2fd322 100644 --- a/make/tools.mk +++ b/make/tools.mk @@ -23,7 +23,7 @@ deploy-testsuite-tools: ## Deploy testsuite tools (Keycloak, etc.) - requires RH --wait \ --timeout=$(TOOLS_TIMEOUT) \ tools kuadrant-olm/tools-instances; \ - echo "✅ Testsuite tools deployed"; \ + echo "Testsuite tools deployed"; \ else \ echo "⏭️ Skipping testsuite tools deployment (requires RH_REGISTRY_USERNAME and RH_REGISTRY_PASSWORD)"; \ - fi \ No newline at end of file + fi From 4c34a39e26ebb87f461c9e533d2cf13b22d70885 Mon Sep 17 00:00:00 2001 From: Alexander Cristurean Date: Fri, 13 Mar 2026 17:33:29 +0100 Subject: [PATCH 10/15] fix: cosmetic changes. Signed-off-by: Alexander Cristurean --- README.md | 1 + make/envoygateway.mk | 2 +- make/vars.mk | 5 +++-- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 541976a7..18a7ec24 100644 --- a/README.md +++ b/README.md @@ -39,6 +39,7 @@ For local development and testing, you can set up a complete Kuadrant environmen ### Prerequisites * [Kind](https://kind.sigs.k8s.io/docs/user/quick-start/#installation) * [Helm](https://helm.sh/docs/intro/install/) +* [jq](https://jqlang.github.io/jq/download/) (JSON processor) * **Red Hat Registry credentials** (optional but recommended for testing tools) - Username: Your Red Hat account username - Password: Your Red Hat registry token (from [console.redhat.com/openshift/downloads](https://console.redhat.com/openshift/downloads)) diff --git a/make/envoygateway.mk b/make/envoygateway.mk index c503cb08..efaab26f 100644 --- a/make/envoygateway.mk +++ b/make/envoygateway.mk @@ -4,7 +4,7 @@ .PHONY: envoygateway-install envoygateway-install: ## Install EnvoyGateway @echo "Installing EnvoyGateway..." - helm install eg oci://docker.io/envoyproxy/gateway-helm --version v1.2.4 \ + helm install eg oci://docker.io/envoyproxy/gateway-helm --version $(ENVOYGATEWAY_VERSION) \ --create-namespace \ --namespace envoy-gateway-system \ --wait diff --git a/make/vars.mk b/make/vars.mk index fceaf4db..8cfaf584 100644 --- a/make/vars.mk +++ b/make/vars.mk @@ -8,8 +8,9 @@ KIND_CLUSTER_NAME ?= kuadrant-local GATEWAYAPI_PROVIDER ?= istio # Version pinning -ISTIO_VERSION ?= v1.26-latest -SAIL_OPERATOR_VERSION ?= v1.26-latest +ISTIO_VERSION ?= v1.27-latest +SAIL_OPERATOR_VERSION ?= v1.27-latest +ENVOYGATEWAY_VERSION ?= v1.2.4 CERT_MANAGER_VERSION ?= v1.18.2 METALLB_VERSION ?= v0.15.2 GATEWAY_API_VERSION ?= v1.3.0 From 6ff784028c5e5ec21c436a75eca53f8a8e168b70 Mon Sep 17 00:00:00 2001 From: Alexander Cristurean Date: Fri, 13 Mar 2026 17:59:43 +0100 Subject: [PATCH 11/15] revert: istio versions - 1.27 causes restart Signed-off-by: Alexander Cristurean --- make/vars.mk | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/make/vars.mk b/make/vars.mk index 8cfaf584..de0052a7 100644 --- a/make/vars.mk +++ b/make/vars.mk @@ -8,8 +8,8 @@ KIND_CLUSTER_NAME ?= kuadrant-local GATEWAYAPI_PROVIDER ?= istio # Version pinning -ISTIO_VERSION ?= v1.27-latest -SAIL_OPERATOR_VERSION ?= v1.27-latest +ISTIO_VERSION ?= v1.26-latest +SAIL_OPERATOR_VERSION ?= v1.26-latest ENVOYGATEWAY_VERSION ?= v1.2.4 CERT_MANAGER_VERSION ?= v1.18.2 METALLB_VERSION ?= v0.15.2 From 40ad4f3a9470325c525ebc52e4afc0720a827cb6 Mon Sep 17 00:00:00 2001 From: Alexander Cristurean Date: Mon, 16 Mar 2026 12:21:37 +0100 Subject: [PATCH 12/15] docs: document macOS limitation. Signed-off-by: Alexander Cristurean --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index 18a7ec24..0ebe8f6e 100644 --- a/README.md +++ b/README.md @@ -45,6 +45,9 @@ For local development and testing, you can set up a complete Kuadrant environmen - Password: Your Red Hat registry token (from [console.redhat.com/openshift/downloads](https://console.redhat.com/openshift/downloads)) - **Note:** Without these credentials, testing tools (Keycloak, Mockserver, etc.) won't be deployed, but core Kuadrant functionality will still work +> **⚠️ macOS Limitation:** +> MetalLB LoadBalancer services have limited functionality on macOS due to Docker Desktop's VM isolation. While MetalLB will work inside the cluster, LoadBalancer IPs won't be accessible from your Mac host machine. **For macOS users, we recommend running tests in containers** (see [From a Container](#from-a-container) section above) in addition to the local Kind setup. + ### Quick Start Set up a complete local environment with one command: From d5de51c41044d4ef2a97e1705993f58d9b06cd66 Mon Sep 17 00:00:00 2001 From: Alexander Cristurean Date: Tue, 17 Mar 2026 11:31:52 +0100 Subject: [PATCH 13/15] fix: added component mode. Signed-off-by: Alexander Cristurean --- CLAUDE.md | 17 ++++++++++++ README.md | 48 ++++++++++++++++++++------------- make/components.mk | 64 ++++++++++++++++++++++++++++++++++++++++++++ make/dependencies.mk | 32 +++++++++------------- make/kuadrant.mk | 45 +++++++++---------------------- make/local-setup.mk | 4 ++- make/tools.mk | 38 +++++++++----------------- make/vars.mk | 14 +++------- 8 files changed, 155 insertions(+), 107 deletions(-) create mode 100644 make/components.mk diff --git a/CLAUDE.md b/CLAUDE.md index 52582b1a..7dae8584 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -15,6 +15,23 @@ make poetry # Install dependencies without dev tools (used in CI/container) make poetry-no-dev + +# Complete local setup (creates kind cluster + installs all components) +make local-setup # Default: components mode (latest from GitHub) + +# Use Helm instead of components mode +KUADRANT_DEPLOY_MODE=helm make local-setup + +# Apply additional manifests during setup (e.g., DNS credentials, secrets) +ADDITIONAL_MANIFESTS=./my-secrets.yaml make local-setup + +# Deploy specific versions +AUTHORINO_OPERATOR_VERSION=v0.13.0 \ + LIMITADOR_OPERATOR_VERSION=v1.5.0 \ + DNS_OPERATOR_VERSION=v0.8.0 \ + make local-setup # Components: specific versions +KUADRANT_DEPLOY_MODE=helm KUADRANT_OPERATOR_VERSION=v0.10.0 \ + make local-setup # Helm: specific version ``` ### Running Tests diff --git a/README.md b/README.md index 0ebe8f6e..633972e8 100644 --- a/README.md +++ b/README.md @@ -53,21 +53,12 @@ For local development and testing, you can set up a complete Kuadrant environmen Set up a complete local environment with one command: ```bash -# Optional: Red Hat registry credentials (for testing tools like Keycloak) -# (if not provided, tools won't be deployed but core functionality will work) -export RH_REGISTRY_USERNAME= -export RH_REGISTRY_PASSWORD= - -# Optional: AWS credentials for DNS testing -# (if not provided, the secret won't be created and DNS tests will be skipped) -export AWS_ACCESS_KEY_ID= -export AWS_SECRET_ACCESS_KEY= -export AWS_REGION=us-east-1 -export AWS_BASE_DOMAIN=test.example.com - # Run the setup (defaults to Istio gateway) make local-setup +# Optional: Apply additional manifests (e.g., DNS provider credentials, secrets, etc.) +ADDITIONAL_MANIFESTS=./my-secrets.yaml make local-setup + # Or specify EnvoyGateway GATEWAYAPI_PROVIDER=envoygateway make local-setup ``` @@ -79,9 +70,9 @@ This will: 4. Install cert-manager and create a self-signed ClusterIssuer 5. Install Istio or EnvoyGateway (based on `GATEWAYAPI_PROVIDER`) 6. Create test namespaces (`kuadrant`, `kuadrant2`) -7. Create AWS credentials secret (only if AWS credentials are provided) +7. Apply additional manifests (only if `ADDITIONAL_MANIFESTS` is provided) 8. Deploy Kuadrant Operator and Kuadrant CR -9. Deploy testing tools (only if RH_REGISTRY credentials are provided) - Keycloak, Mockserver, etc. +9. Deploy testing tools - Keycloak, Mockserver, etc. **Cleanup:** ```bash @@ -136,19 +127,38 @@ helm install --values values-tools.yaml --wait --timeout 10m -g charts/tools-ins
DNS Provider Secret example (click to expand) +Save this as a file (e.g., `additionalManifests.yaml`) and provide it via `ADDITIONAL_MANIFESTS`: +```bash +ADDITIONAL_MANIFESTS=./additionalManifests.yaml make local-setup +``` + ```yaml -kind: Secret apiVersion: v1 +kind: Secret metadata: name: aws-credentials namespace: kuadrant annotations: base_domain: example.com -data: - AWS_ACCESS_KEY_ID: - AWS_REGION: - AWS_SECRET_ACCESS_KEY: +stringData: + AWS_ACCESS_KEY_ID: + AWS_REGION: + AWS_SECRET_ACCESS_KEY: type: kuadrant.io/aws +--- +# You can include multiple resources in the same file +# For example, GCP credentials: +apiVersion: v1 +kind: Secret +metadata: + name: gcp-credentials + namespace: kuadrant + annotations: + base_domain: example.com +stringData: + PROJECT_ID: + GOOGLE: +type: kuadrant.io/gcp ```
diff --git a/make/components.mk b/make/components.mk new file mode 100644 index 00000000..20b70ad6 --- /dev/null +++ b/make/components.mk @@ -0,0 +1,64 @@ + +##@ Component Deployment (Direct from GitHub) + +# Component versions (when not using Helm) +AUTHORINO_OPERATOR_VERSION ?= latest +LIMITADOR_OPERATOR_VERSION ?= latest +DNS_OPERATOR_VERSION ?= latest + +# Convert "latest" to "main" for GitHub refs, otherwise use as-is (e.g., v0.13.0) +AUTHORINO_GITREF = $(if $(filter latest,$(AUTHORINO_OPERATOR_VERSION)),main,$(AUTHORINO_OPERATOR_VERSION)) +LIMITADOR_GITREF = $(if $(filter latest,$(LIMITADOR_OPERATOR_VERSION)),main,$(LIMITADOR_OPERATOR_VERSION)) +DNS_GITREF = $(if $(filter latest,$(DNS_OPERATOR_VERSION)),main,$(DNS_OPERATOR_VERSION)) + +.PHONY: deploy-authorino-operator +deploy-authorino-operator: ## Deploy Authorino Operator + @echo "Deploying Authorino Operator ($(AUTHORINO_GITREF)) to $(KUADRANT_NAMESPACE)..." + @mkdir -p /tmp/kuadrant-kustomize-authorino + @printf '%s\n' \ + 'namespace: $(KUADRANT_NAMESPACE)' \ + 'resources:' \ + '- github.com/Kuadrant/authorino-operator/config/deploy?ref=$(AUTHORINO_GITREF)' \ + > /tmp/kuadrant-kustomize-authorino/kustomization.yaml + kubectl apply --server-side -k /tmp/kuadrant-kustomize-authorino + @rm -rf /tmp/kuadrant-kustomize-authorino + @echo "Authorino Operator deployed" + +.PHONY: deploy-limitador-operator +deploy-limitador-operator: ## Deploy Limitador Operator + @echo "Deploying Limitador Operator ($(LIMITADOR_GITREF)) to $(KUADRANT_NAMESPACE)..." + @mkdir -p /tmp/kuadrant-kustomize-limitador + @printf '%s\n' \ + 'namespace: $(KUADRANT_NAMESPACE)' \ + 'resources:' \ + '- github.com/Kuadrant/limitador-operator/config/default?ref=$(LIMITADOR_GITREF)' \ + > /tmp/kuadrant-kustomize-limitador/kustomization.yaml + kubectl apply --server-side -k /tmp/kuadrant-kustomize-limitador + @rm -rf /tmp/kuadrant-kustomize-limitador + @echo "Limitador Operator deployed" + +.PHONY: deploy-dns-operator +deploy-dns-operator: ## Deploy DNS Operator + @echo "Deploying DNS Operator ($(DNS_GITREF)) to $(KUADRANT_NAMESPACE)..." + @mkdir -p /tmp/kuadrant-kustomize-dns + @printf '%s\n' \ + 'namespace: $(KUADRANT_NAMESPACE)' \ + 'resources:' \ + '- github.com/kuadrant/dns-operator/config/default?ref=$(DNS_GITREF)' \ + > /tmp/kuadrant-kustomize-dns/kustomization.yaml + kubectl apply --server-side -k /tmp/kuadrant-kustomize-dns + @rm -rf /tmp/kuadrant-kustomize-dns + @echo "DNS Operator deployed" + +.PHONY: deploy-kuadrant-operator-components +deploy-kuadrant-operator-components: ## Deploy Kuadrant Operator from components + kubectl create namespace $(KUADRANT_NAMESPACE) || true + $(MAKE) deploy-authorino-operator + $(MAKE) deploy-limitador-operator + $(MAKE) deploy-dns-operator + @echo "Deploying Kuadrant Operator ($(KUADRANT_OPERATOR_GITREF)) to $(KUADRANT_NAMESPACE)..." + kubectl apply --server-side -k "github.com/kuadrant/kuadrant-operator/config/deploy?ref=$(KUADRANT_OPERATOR_GITREF)" + @echo "Waiting for all operator deployments to be ready..." + kubectl -n $(KUADRANT_NAMESPACE) wait --timeout=$(KUBECTL_TIMEOUT) --for=condition=Available deployments --all + $(MAKE) patch-kuadrant-operator-env + @echo "All operators deployed in $(KUADRANT_NAMESPACE)" \ No newline at end of file diff --git a/make/dependencies.mk b/make/dependencies.mk index c735b50d..c81e4e8b 100644 --- a/make/dependencies.mk +++ b/make/dependencies.mk @@ -62,25 +62,17 @@ create-cluster-issuer: ## Create self-signed ClusterIssuer for TLS testing | kubectl apply -f - @echo "ClusterIssuer 'kuadrant-qe-issuer' created" -.PHONY: create-aws-credentials -create-aws-credentials: ## Create AWS credentials secret for DNS testing (only if credentials provided) - @if [ -n "$(AWS_ACCESS_KEY_ID)" ] && [ -n "$(AWS_SECRET_ACCESS_KEY)" ] && [ -n "$(AWS_REGION)" ] && [ -n "$(AWS_BASE_DOMAIN)" ]; then \ - echo "Creating AWS credentials secret..."; \ - printf '%s\n' \ - 'apiVersion: v1' \ - 'kind: Secret' \ - 'metadata:' \ - ' name: aws-credentials' \ - ' namespace: kuadrant' \ - ' annotations:' \ - ' base_domain: $(AWS_BASE_DOMAIN)' \ - 'stringData:' \ - ' AWS_ACCESS_KEY_ID: $(AWS_ACCESS_KEY_ID)' \ - ' AWS_REGION: $(AWS_REGION)' \ - ' AWS_SECRET_ACCESS_KEY: $(AWS_SECRET_ACCESS_KEY)' \ - 'type: kuadrant.io/aws' \ - | kubectl apply -f -; \ - echo "AWS credentials secret created in kuadrant namespace"; \ +.PHONY: apply-additional-manifests +apply-additional-manifests: ## Apply additional manifests from file (if ADDITIONAL_MANIFESTS is set) + @if [ -n "$(ADDITIONAL_MANIFESTS)" ]; then \ + if [ -f "$(ADDITIONAL_MANIFESTS)" ]; then \ + echo "Applying additional manifests from $(ADDITIONAL_MANIFESTS)..."; \ + kubectl apply -f "$(ADDITIONAL_MANIFESTS)"; \ + echo "Additional manifests applied"; \ + else \ + echo "❌ Error: ADDITIONAL_MANIFESTS file '$(ADDITIONAL_MANIFESTS)' not found"; \ + exit 1; \ + fi; \ else \ - echo "⏭️ Skipping AWS credentials secret (requires AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_REGION, and AWS_BASE_DOMAIN)"; \ + echo "⏭️ No additional manifests to apply (ADDITIONAL_MANIFESTS not set)"; \ fi diff --git a/make/kuadrant.mk b/make/kuadrant.mk index 0f4c746b..60487c5c 100644 --- a/make/kuadrant.mk +++ b/make/kuadrant.mk @@ -9,45 +9,26 @@ create-test-namespaces: ## Create namespaces for testing @echo "Test namespaces created" .PHONY: deploy-kuadrant-operator -deploy-kuadrant-operator: ## Deploy Kuadrant Operator (via Helm by default, or custom image) -ifneq ($(KUADRANT_OPERATOR_IMAGE),) - @echo "Installing Kuadrant Operator from custom image: $(KUADRANT_OPERATOR_IMAGE)" - $(MAKE) deploy-kuadrant-operator-local +deploy-kuadrant-operator: ## Deploy Kuadrant Operator (mode: helm or components) + @# Validate KUADRANT_DEPLOY_MODE + @if [ "$(KUADRANT_DEPLOY_MODE)" != "helm" ] && [ "$(KUADRANT_DEPLOY_MODE)" != "components" ]; then \ + echo "ERROR: Invalid KUADRANT_DEPLOY_MODE='$(KUADRANT_DEPLOY_MODE)'"; \ + echo "Valid values: helm, components"; \ + exit 1; \ + fi +ifeq ($(KUADRANT_DEPLOY_MODE),components) + @echo "Deploying Kuadrant Operator from components ($(KUADRANT_OPERATOR_VERSION))..." + $(MAKE) deploy-kuadrant-operator-components else @echo "Installing Kuadrant Operator $(KUADRANT_OPERATOR_VERSION) from Helm..." helm repo add kuadrant https://kuadrant.io/helm-charts/ --force-update $(if $(filter latest,$(KUADRANT_OPERATOR_VERSION)), \ - helm install kuadrant-operator kuadrant/kuadrant-operator --create-namespace --namespace $(KUADRANT_NAMESPACE), \ - helm install kuadrant-operator kuadrant/kuadrant-operator --version $(KUADRANT_OPERATOR_VERSION) --create-namespace --namespace $(KUADRANT_NAMESPACE)) - kubectl -n $(KUADRANT_NAMESPACE) wait --timeout=$(KUBECTL_TIMEOUT) --for=condition=Available deployments --all + helm install kuadrant-operator kuadrant/kuadrant-operator --create-namespace --namespace $(KUADRANT_NAMESPACE) --wait --timeout=$(HELM_TIMEOUT), \ + helm install kuadrant-operator kuadrant/kuadrant-operator --version $(KUADRANT_OPERATOR_VERSION) --create-namespace --namespace $(KUADRANT_NAMESPACE) --wait --timeout=$(HELM_TIMEOUT)) $(MAKE) patch-kuadrant-operator-env - @echo "Kuadrant Operator $(KUADRANT_OPERATOR_VERSION) installed" + @echo "Kuadrant Operator $(KUADRANT_OPERATOR_VERSION) installed from Helm" endif -.PHONY: deploy-kuadrant-operator-local -deploy-kuadrant-operator-local: ## Deploy Kuadrant Operator from local build/image - @if [ -z "$(KUADRANT_OPERATOR_IMAGE)" ]; then \ - echo "ERROR: KUADRANT_OPERATOR_IMAGE not set"; \ - echo "Set KUADRANT_OPERATOR_IMAGE=your-image:tag"; \ - exit 1; \ - fi - @echo "Loading image into kind cluster..." - kind load docker-image $(KUADRANT_OPERATOR_IMAGE) --name $(KIND_CLUSTER_NAME) - @echo "Deploying operator with image $(KUADRANT_OPERATOR_IMAGE)..." - kubectl create namespace $(KUADRANT_NAMESPACE) || true - kubectl apply -k https://github.com/kuadrant/kuadrant-operator/config/crd - @if [ ! -d "/tmp/kuadrant-operator-deploy" ]; then \ - cd /tmp && git clone --depth=1 https://github.com/kuadrant/kuadrant-operator.git kuadrant-operator-deploy; \ - else \ - cd /tmp/kuadrant-operator-deploy && git pull; \ - fi - cd /tmp/kuadrant-operator-deploy/config/manager && \ - kustomize edit set image controller=$(KUADRANT_OPERATOR_IMAGE) && \ - kustomize build ../deploy | kubectl apply --server-side -f - - kubectl -n $(KUADRANT_NAMESPACE) wait --timeout=$(KUBECTL_TIMEOUT) --for=condition=Available deployments --all - $(MAKE) patch-kuadrant-operator-env - @echo "Kuadrant Operator deployed from image $(KUADRANT_OPERATOR_IMAGE)" - .PHONY: patch-kuadrant-operator-env patch-kuadrant-operator-env: ## Patch Kuadrant Operator deployment with custom env vars ifneq ($(KUADRANT_OPERATOR_ENV_VARS),) diff --git a/make/local-setup.mk b/make/local-setup.mk index 91e05eac..8744a893 100644 --- a/make/local-setup.mk +++ b/make/local-setup.mk @@ -9,6 +9,8 @@ local-setup: ## Complete local environment setup (kind cluster + all dependencie echo "Valid values: istio, envoygateway"; \ exit 1; \ fi + @echo "Using Kuadrant deployment mode: $(KUADRANT_DEPLOY_MODE)" + @echo " (Change with: KUADRANT_DEPLOY_MODE=components make local-setup)" $(MAKE) kind-delete-cluster $(MAKE) kind-create-cluster $(MAKE) install-metrics-server @@ -18,7 +20,7 @@ local-setup: ## Complete local environment setup (kind cluster + all dependencie $(MAKE) create-cluster-issuer $(MAKE) $(GATEWAYAPI_PROVIDER)-install $(MAKE) create-test-namespaces - $(MAKE) create-aws-credentials + $(MAKE) apply-additional-manifests $(MAKE) deploy-kuadrant-operator $(MAKE) deploy-kuadrant-cr $(MAKE) deploy-testsuite-tools diff --git a/make/tools.mk b/make/tools.mk index 8d2fd322..f257b1cd 100644 --- a/make/tools.mk +++ b/make/tools.mk @@ -2,28 +2,16 @@ ##@ Testsuite Tools .PHONY: deploy-testsuite-tools -deploy-testsuite-tools: ## Deploy testsuite tools (Keycloak, etc.) - requires RH_REGISTRY credentials - @if [ -n "$(RH_REGISTRY_USERNAME)" ] && [ -n "$(RH_REGISTRY_PASSWORD)" ]; then \ - echo "Deploying testsuite tools..."; \ - kubectl create namespace tools || true; \ - echo "Creating Red Hat registry secret..."; \ - kubectl -n tools create secret docker-registry redhat-registry-secret \ - --docker-server=registry.redhat.io \ - --docker-username="$(RH_REGISTRY_USERNAME)" \ - --docker-password="$(RH_REGISTRY_PASSWORD)" \ - --dry-run=client -o yaml | kubectl apply -f -; \ - kubectl -n tools patch serviceaccount default \ - -p '{"imagePullSecrets": [{"name": "redhat-registry-secret"}]}'; \ - helm repo add kuadrant-olm https://kuadrant.io/helm-charts-olm --force-update; \ - helm repo update; \ - helm install \ - --set=tools.keycloak.keycloakProvider=deployment \ - --set=tools.coredns.enable=false \ - --debug \ - --wait \ - --timeout=$(TOOLS_TIMEOUT) \ - tools kuadrant-olm/tools-instances; \ - echo "Testsuite tools deployed"; \ - else \ - echo "⏭️ Skipping testsuite tools deployment (requires RH_REGISTRY_USERNAME and RH_REGISTRY_PASSWORD)"; \ - fi +deploy-testsuite-tools: ## Deploy testsuite tools (Keycloak, etc.) + @echo "Deploying testsuite tools..." + kubectl create namespace tools || true + helm repo add kuadrant-olm https://kuadrant.io/helm-charts-olm --force-update + helm repo update + helm install \ + --set=tools.keycloak.keycloakProvider=deployment \ + --set=tools.coredns.enable=true \ + --debug \ + --wait \ + --timeout=$(TOOLS_TIMEOUT) \ + tools kuadrant-olm/tools-instances + @echo "Testsuite tools deployed" diff --git a/make/vars.mk b/make/vars.mk index de0052a7..3bc5ae3d 100644 --- a/make/vars.mk +++ b/make/vars.mk @@ -23,17 +23,11 @@ KUADRANT_OPERATOR_IMAGE ?= # Kuadrant Operator environment variables # Default: Service timeouts for faster test execution # Override with your own: KUADRANT_OPERATOR_ENV_VARS="LOG_LEVEL=debug,..." -KUADRANT_OPERATOR_ENV_VARS ?= AUTH_SERVICE_TIMEOUT=1000ms,RATELIMIT_SERVICE_TIMEOUT=1000ms,RATELIMIT_CHECK_SERVICE_TIMEOUT=1000ms,RATELIMIT_REPORT_SERVICE_TIMEOUT=1000ms +KUADRANT_OPERATOR_ENV_VARS ?= AUTH_SERVICE_TIMEOUT=1000ms,RATELIMIT_SERVICE_TIMEOUT=1000ms,RATELIMIT_CHECK_SERVICE_TIMEOUT=1000ms,RATELIMIT_REPORT_SERVICE_TIMEOUT=1000ms,TRACING_SERVICE_TIMEOUT=1000ms,DNS_DEFAULT_TTL=1,DNS_DEFAULT_LB_TTL=1 -# Red Hat registry credentials -RH_REGISTRY_USERNAME ?= -RH_REGISTRY_PASSWORD ?= - -# AWS credentials for DNS testing (optional - secret only created if provided) -AWS_ACCESS_KEY_ID ?= -AWS_SECRET_ACCESS_KEY ?= -AWS_REGION ?= -AWS_BASE_DOMAIN ?= +# Additional manifests to apply during setup (optional - e.g., secrets, configmaps) +# Point to a YAML file containing any additional Kubernetes resources +ADDITIONAL_MANIFESTS ?= # Timeout configurations (in seconds) KUBECTL_TIMEOUT ?= 300s From 56e0adb91cfe444d1bc6d83685e88a4bdac5bcf3 Mon Sep 17 00:00:00 2001 From: Alexander Cristurean Date: Tue, 17 Mar 2026 11:32:12 +0100 Subject: [PATCH 14/15] fix: component mode vars. Signed-off-by: Alexander Cristurean --- make/vars.mk | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/make/vars.mk b/make/vars.mk index 3bc5ae3d..24110d0e 100644 --- a/make/vars.mk +++ b/make/vars.mk @@ -20,6 +20,12 @@ KUADRANT_NAMESPACE ?= kuadrant-system KUADRANT_OPERATOR_VERSION ?= latest KUADRANT_OPERATOR_IMAGE ?= +# Kuadrant deployment mode: "components" (GitHub kustomize, default) or "helm" (stable releases) +KUADRANT_DEPLOY_MODE ?= components + +# Component versions (used when KUADRANT_DEPLOY_MODE=components) +KUADRANT_OPERATOR_GITREF = $(if $(filter latest,$(KUADRANT_OPERATOR_VERSION)),main,$(KUADRANT_OPERATOR_VERSION)) + # Kuadrant Operator environment variables # Default: Service timeouts for faster test execution # Override with your own: KUADRANT_OPERATOR_ENV_VARS="LOG_LEVEL=debug,..." From f69cd27413caffd0893c30046ba0eee707244092 Mon Sep 17 00:00:00 2001 From: Alexander Cristurean Date: Tue, 17 Mar 2026 12:13:35 +0100 Subject: [PATCH 15/15] fix: install prometheus crds for make clean. Signed-off-by: Alexander Cristurean --- CLAUDE.md | 3 +++ README.md | 17 ++++++++++++----- make/dependencies.mk | 7 +++++++ make/local-setup.mk | 1 + make/vars.mk | 1 + 5 files changed, 24 insertions(+), 5 deletions(-) diff --git a/CLAUDE.md b/CLAUDE.md index 7dae8584..42cb022a 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -22,6 +22,9 @@ make local-setup # Default # Use Helm instead of components mode KUADRANT_DEPLOY_MODE=helm make local-setup +# Enable Prometheus CRDs for observability testing (ServiceMonitor, PodMonitor) +INSTALL_PROMETHEUS=true make local-setup + # Apply additional manifests during setup (e.g., DNS credentials, secrets) ADDITIONAL_MANIFESTS=./my-secrets.yaml make local-setup diff --git a/README.md b/README.md index 633972e8..d3d18222 100644 --- a/README.md +++ b/README.md @@ -59,8 +59,14 @@ make local-setup # Optional: Apply additional manifests (e.g., DNS provider credentials, secrets, etc.) ADDITIONAL_MANIFESTS=./my-secrets.yaml make local-setup +# Optional: Install Prometheus CRDs for observability testing +INSTALL_PROMETHEUS=true make local-setup + # Or specify EnvoyGateway GATEWAYAPI_PROVIDER=envoygateway make local-setup + +# Combine options +GATEWAYAPI_PROVIDER=envoygateway INSTALL_PROMETHEUS=true ADDITIONAL_MANIFESTS=./secrets.yaml make local-setup ``` This will: @@ -68,11 +74,12 @@ This will: 2. Install metrics-server and MetalLB (LoadBalancer support) 3. Install Gateway API CRDs 4. Install cert-manager and create a self-signed ClusterIssuer -5. Install Istio or EnvoyGateway (based on `GATEWAYAPI_PROVIDER`) -6. Create test namespaces (`kuadrant`, `kuadrant2`) -7. Apply additional manifests (only if `ADDITIONAL_MANIFESTS` is provided) -8. Deploy Kuadrant Operator and Kuadrant CR -9. Deploy testing tools - Keycloak, Mockserver, etc. +5. Install Prometheus CRDs (only if `INSTALL_PROMETHEUS=true`) - ServiceMonitor, PodMonitor, etc. +6. Install Istio or EnvoyGateway (based on `GATEWAYAPI_PROVIDER`) +7. Create test namespaces (`kuadrant`, `kuadrant2`) +8. Apply additional manifests (only if `ADDITIONAL_MANIFESTS` is provided) +9. Deploy Kuadrant Operator and Kuadrant CR +10. Deploy testing tools - Keycloak, Mockserver, etc. **Cleanup:** ```bash diff --git a/make/dependencies.mk b/make/dependencies.mk index c81e4e8b..fecab783 100644 --- a/make/dependencies.mk +++ b/make/dependencies.mk @@ -62,6 +62,13 @@ create-cluster-issuer: ## Create self-signed ClusterIssuer for TLS testing | kubectl apply -f - @echo "ClusterIssuer 'kuadrant-qe-issuer' created" +.PHONY: install-prometheus-crds +install-prometheus-crds: ## Install only Prometheus Operator CRDs (ServiceMonitor, PodMonitor, etc.) + @echo "Installing Prometheus Operator CRDs $(PROMETHEUS_OPERATOR_VERSION)..." + @curl -sL https://github.com/prometheus-operator/prometheus-operator/releases/download/$(PROMETHEUS_OPERATOR_VERSION)/stripped-down-crds.yaml | \ + kubectl apply --server-side -f - + @echo "Prometheus CRDs installed" + .PHONY: apply-additional-manifests apply-additional-manifests: ## Apply additional manifests from file (if ADDITIONAL_MANIFESTS is set) @if [ -n "$(ADDITIONAL_MANIFESTS)" ]; then \ diff --git a/make/local-setup.mk b/make/local-setup.mk index 8744a893..69d721d5 100644 --- a/make/local-setup.mk +++ b/make/local-setup.mk @@ -18,6 +18,7 @@ local-setup: ## Complete local environment setup (kind cluster + all dependencie $(MAKE) gateway-api-install $(MAKE) install-cert-manager $(MAKE) create-cluster-issuer + $(MAKE) install-prometheus-crds $(MAKE) $(GATEWAYAPI_PROVIDER)-install $(MAKE) create-test-namespaces $(MAKE) apply-additional-manifests diff --git a/make/vars.mk b/make/vars.mk index 24110d0e..cb42f169 100644 --- a/make/vars.mk +++ b/make/vars.mk @@ -14,6 +14,7 @@ ENVOYGATEWAY_VERSION ?= v1.2.4 CERT_MANAGER_VERSION ?= v1.18.2 METALLB_VERSION ?= v0.15.2 GATEWAY_API_VERSION ?= v1.3.0 +PROMETHEUS_OPERATOR_VERSION ?= v0.78.2 # Kuadrant configuration KUADRANT_NAMESPACE ?= kuadrant-system