feat: prep for new packs — runHooksFirst, ork migrate, guides restructure, autoscaler cross-source#181
Merged
Merged
Conversation
…migrate rewriter - types: add RunHooksFirst field to HookDeclaration; default false (templates run first) - reconciler: implement runHooksFirst dispatch — hybrid pattern runs declared templates before the hook unless runHooksFirst: true is set in the Katalog - katalog: register custom: block GVKs into the scheme so the fake dynamic client can create and retrieve them during simulate (previously failed silently) - simulate: prepend reactor on fake dynamic client to record ops before the tracker handles them — AddReactor was appended after the tracker and never fired - migrate: new package — AST rewriter from controller-runtime Reconcile signature to Orkestra constructor; handles signature, return types, req.NamespacedName, req.String(), Status().Update() flags, SetupWithManager removal, struct rewrite, import cleanup
… packs; add ork migrate command
- move registry-guide/under guides/ - sidebar: collapse three separate guide entries into one Guides entry - getting-started: rename 06-registry-guide.md → 06-registry.md - faqs: link hooks/constructor answers to migration guide; ecosystem FAQ links to ecosystem guide
…larations - autoscaler: crossSourceFor() — when an autoscale condition has no explicit source: block, look up the matching cross: declaration from operatorBox.cross; matches by decl.As alias OR decl.Crd so camelCase aliases (e.g. paymentSystem) correctly resolve against kebab-case crd names (e.g. payment-system); only selects entries with endpoint or type: metrics — cr/health/events entries are skipped - reconciler: thread crd.OperatorBox.Cross into NewAutoscaler so crossSourceFor has the declarations available at evaluation time - devserver: GET /autoscale-metrics returns a metrics payload (baseline: queueDepth 12, overloaded: 98); POST /autoscale-metrics/flip toggles state — used by 05-from-external-api to simulate an external payment system queue without a real service
…-external-api added 04-sibling-in-cluster: - remove duplicate source: block from autoscale when: condition; cross: declaration is now the single source of truth — no repetition needed (requires fix above) - README: cross-cluster section — external cluster uses an ingress URL at the /katalog route; Orkestra points its cross: endpoint there; no code change 05-from-external-api (new): - autoscale from any external HTTP endpoint, not an Orkestra runtime - cross: declares the endpoint and alias once; autoscale condition references the field path cross.paymentSystem.metrics.queueDepth with no source: on the condition - dev server simulates the payment system; flip via POST /autoscale-metrics/flip - as: paymentSystem (camelCase) — best practice for cross aliases
…(), removes , rewrites the struct, flags and with TODOs. Logging imports are left untouched. Output compiles; resolve TODOs and simulate.
…ocks GenerateRBACRules, GenerateRuntimeRBACRules, and GeneratePerCRDRBACRules now include policy rules for any apiVersion/kind declared under onCreate.custom and onReconcile.custom. The group is parsed from apiVersion; the resource plural is inferred as lowercase kind + s. Duplicates across phases are deduplicated. Tests use ParseBytes against testdata/ fixtures so they exercise the real parser path and Enabled() without a fallback.
GenerateGatewayRBACRules now returns nil early when gateway is disabled, so callers never receive rules for a component that is not active. The CLI also sets opts.IncludeGateway=false in the same case, which suppresses the orkestra-gateway ServiceAccount, ClusterRole, and ClusterRoleBinding from the generated bundle.
Deny violations write ValidationFailed=True with the rule message so users can see why a CR is not reconciling without access to operator logs. Warn violations write ValidationWarning=True as a separate condition so tooling can gate on denies independently of advisories. Both conditions clear to False on a clean reconcile.
…rces Kubernetes rejects owner references where a namespaced owner points to a resource in a different namespace and immediately GC-s the child. buildUnstructured now skips the owner reference in that case. Cluster-scoped owners are unaffected — they can own resources in any namespace.
Across examples with validation rules, replace log-only guidance with explicit kubectl commands and Control Center references for the ValidationFailed and ValidationWarning conditions written at reconcile time.
Teardown now calls HelmUninstall for each setup.helm release in reverse order so --use-current and --cluster runs leave the cluster clean.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
runHooksFirstordering — hooks run before operatorBox resources when setork migratecommand — rewrites controller-runtime reconcilers to Orkestra Katalogs (removes Reconcile signature boilerplate, adds TODOs)documentation/guides/, added top-level page04updated,05-from-external-apiadded; pkg resolves cross-source fromoperatorBox.crossdeclarationscustom:blocks emit correct RBAC rules; gateway RBAC and ServiceAccount guarded onIsGatewayEnabledbuildUnstructured()skips owner reference when a namespaced owner would own a resource in a different namespace; cluster-scoped owners unaffecteddenyandwarnoutcomes are written asValidationFailedandValidationWarningstatus conditions on the CR, visible in the Control Center and viakubectl getcount: 0assertions in side-by-side e2e filessetup.helmreleases now uninstalled in reverse order during teardown so--use-currentand--clusterruns leave the cluster clean