Read ComponentDescriptor from OCI registry

Author: Tomasz-Smelcerz-SAP

cmd/main.go

@@ -24,6 +24,7 @@ import (
 	"net/http"
 	"net/http/pprof"
 	"os"
+	"strings"
 	"time"
 
 	certmanagerv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1"
@@ -72,8 +73,10 @@ import (
 	"github.com/kyma-project/lifecycle-manager/internal/remote"
 	"github.com/kyma-project/lifecycle-manager/internal/repository/istiogateway"
 	kymarepository "github.com/kyma-project/lifecycle-manager/internal/repository/kyma"
+	"github.com/kyma-project/lifecycle-manager/internal/repository/oci"
 	secretrepository "github.com/kyma-project/lifecycle-manager/internal/repository/secret"
 	"github.com/kyma-project/lifecycle-manager/internal/service/accessmanager"
+	"github.com/kyma-project/lifecycle-manager/internal/service/componentdescriptor"
 	"github.com/kyma-project/lifecycle-manager/internal/service/kyma/status/modules"
 	"github.com/kyma-project/lifecycle-manager/internal/service/kyma/status/modules/generator"
 	"github.com/kyma-project/lifecycle-manager/internal/service/kyma/status/modules/generator/fromerror"
@@ -218,21 +221,44 @@ func setupManager(flagVar *flags.FlagVar, cacheOptions cache.Options, scheme *ma
 	}
 
 	sharedMetrics := metrics.NewSharedMetrics()
-	descriptorProvider := provider.NewCachedDescriptorProvider()
+
+	ociRegistryHost := getOciRegistryHost(mgr.GetConfig(), flagVar, logger)
+	var insecure bool
+
+	if noSchemeRef, found := strings.CutPrefix(ociRegistryHost, "http://"); found {
+		insecure = true
+		ociRegistryHost = noSchemeRef
+	} else if noSchemeRef, found := strings.CutPrefix(ociRegistryHost, "https://"); found {
+		ociRegistryHost = noSchemeRef
+	}
+
+	ocmDescriptorRepository, err := oci.NewRepository(
+		keychainLookupFromFlag(mgr.GetClient(), flagVar),
+		ociRegistryHost,
+		insecure,
+	)
+	if err != nil {
+		logger.Error(err, "failed to create OCM descriptor repository")
+		os.Exit(bootstrapFailedExitCode)
+	}
+
+	ocmDescriptorService, err := componentdescriptor.NewService(ocmDescriptorRepository)
+	if err != nil {
+		logger.Error(err, "failed to create OCM descriptor service")
+		os.Exit(bootstrapFailedExitCode)
+	}
+	descriptorProvider := provider.NewCachedDescriptorProvider(ocmDescriptorService)
+
 	kymaMetrics := metrics.NewKymaMetrics(sharedMetrics)
 	mandatoryModulesMetrics := metrics.NewMandatoryModulesMetrics()
 	maintenanceWindow := initMaintenanceWindow(flagVar.MinMaintenanceWindowSize, logger)
 	metrics.NewFipsMetrics().Update()
 
-	//nolint:godox // this will be used in the future
-	// TODO: use the oci registry host //nolint:godox // this will be used in the future
-	_ = getOciRegistryHost(mgr.GetConfig(), flagVar, logger)
-
 	setupKymaReconciler(mgr, descriptorProvider, skrContextProvider, eventRecorder, flagVar, options, skrWebhookManager,
-		kymaMetrics, logger, maintenanceWindow)
+		kymaMetrics, logger, maintenanceWindow, ociRegistryHost)
 	setupManifestReconciler(mgr, flagVar, options, sharedMetrics, mandatoryModulesMetrics, accessManagerService, logger,
 		eventRecorder)
-	setupMandatoryModuleReconciler(mgr, descriptorProvider, flagVar, options, mandatoryModulesMetrics, logger)
+	setupMandatoryModuleReconciler(mgr, descriptorProvider, flagVar, options, mandatoryModulesMetrics, logger, ociRegistryHost)
 	setupMandatoryModuleDeletionReconciler(mgr, descriptorProvider, eventRecorder, flagVar, options, logger)
 	if flagVar.EnablePurgeFinalizer {
 		setupPurgeReconciler(mgr, skrContextProvider, eventRecorder, flagVar, options, logger)
@@ -376,7 +402,7 @@ func scheduleMetricsCleanup(kymaMetrics *metrics.KymaMetrics, cleanupIntervalInM
 func setupKymaReconciler(mgr ctrl.Manager, descriptorProvider *provider.CachedDescriptorProvider,
 	skrContextFactory remote.SkrContextProvider, event event.Event, flagVar *flags.FlagVar, options ctrlruntime.Options,
 	skrWebhookManager *watcher.SkrWebhookManifestManager, kymaMetrics *metrics.KymaMetrics,
-	setupLog logr.Logger, maintenanceWindow maintenancewindows.MaintenanceWindow,
+	setupLog logr.Logger, maintenanceWindow maintenancewindows.MaintenanceWindow, ociRegistryHost string,
 ) {
 	options.RateLimiter = internal.RateLimiter(flagVar.FailureBaseDelay,
 		flagVar.FailureMaxDelay, flagVar.RateLimiterFrequency, flagVar.RateLimiterBurst)
@@ -417,6 +443,7 @@ func setupKymaReconciler(mgr ctrl.Manager, descriptorProvider *provider.CachedDe
 			flagVar.RemoteSyncNamespace),
 		TemplateLookup: templatelookup.NewTemplateLookup(kcpClient, descriptorProvider,
 			moduleTemplateInfoLookupStrategies),
+		OCIRegistryHost: ociRegistryHost,
 	}).SetupWithManager(
 		mgr, options, kyma.SetupOptions{
 			ListenerAddr:                 flagVar.KymaListenerAddr,
@@ -472,7 +499,7 @@ func setupManifestReconciler(mgr ctrl.Manager,
 
 	manifestClient := manifestclient.NewManifestClient(event, mgr.GetClient())
 	orphanDetectionClient := kymarepository.NewClient(mgr.GetClient())
-	specResolver := spec.NewResolver(keychainLookupFromFlag(mgr, flagVar), img.NewPathExtractor())
+	specResolver := spec.NewResolver(keychainLookupFromFlag(mgr.GetClient(), flagVar), img.NewPathExtractor())
 	clientCache := skrclientcache.NewService()
 	skrClient := skrclient.NewService(mgr.GetConfig().QPS, mgr.GetConfig().Burst, accessManagerService)
 	if err := manifest.SetupWithManager(mgr, options, queue.RequeueIntervals{
@@ -493,9 +520,9 @@ func setupManifestReconciler(mgr ctrl.Manager,
 }
 
 //nolint:ireturn // constructor functions can return interfaces
-func keychainLookupFromFlag(mgr ctrl.Manager, flagVar *flags.FlagVar) spec.KeyChainLookup {
+func keychainLookupFromFlag(clnt client.Client, flagVar *flags.FlagVar) spec.KeyChainLookup {
 	if flagVar.OciRegistryCredSecretName != "" {
-		return keychainprovider.NewFromSecretKeyChainProvider(mgr.GetClient(),
+		return keychainprovider.NewFromSecretKeyChainProvider(clnt,
 			types.NamespacedName{
 				Namespace: shared.DefaultControlPlaneNamespace,
 				Name:      flagVar.OciRegistryCredSecretName,
@@ -536,6 +563,7 @@ func setupMandatoryModuleReconciler(mgr ctrl.Manager,
 	options ctrlruntime.Options,
 	metrics *metrics.MandatoryModulesMetrics,
 	setupLog logr.Logger,
+	ociRegistryHost string,
 ) {
 	options.RateLimiter = internal.RateLimiter(flagVar.FailureBaseDelay,
 		flagVar.FailureMaxDelay, flagVar.RateLimiterFrequency, flagVar.RateLimiterBurst)
@@ -553,6 +581,7 @@ func setupMandatoryModuleReconciler(mgr ctrl.Manager,
 		RemoteSyncNamespace: flagVar.RemoteSyncNamespace,
 		DescriptorProvider:  descriptorProvider,
 		Metrics:             metrics,
+		OCIRegistryHost:     ociRegistryHost,
 	}).SetupWithManager(mgr, options); err != nil {
 		setupLog.Error(err, "unable to create controller", "controller", "MandatoryModule")
 		os.Exit(bootstrapFailedExitCode)

internal/controller/kyma/controller.go

@@ -86,6 +86,7 @@ type Reconciler struct {
 	Metrics              *metrics.KymaMetrics
 	RemoteCatalog        *remote.RemoteCatalog
 	TemplateLookup       *templatelookup.TemplateLookup
+	OCIRegistryHost      string
 }
 
 func (r *Reconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
@@ -584,7 +585,8 @@ func (r *Reconciler) updateKyma(ctx context.Context, kyma *v1beta2.Kyma) error {
 
 func (r *Reconciler) reconcileManifests(ctx context.Context, kyma *v1beta2.Kyma) error {
 	templates := r.TemplateLookup.GetRegularTemplates(ctx, kyma)
-	prsr := parser.NewParser(r.Client, r.DescriptorProvider, r.RemoteSyncNamespace)
+	//ociRepo := r.OCIRepository //"http://k3d-kcp-registry.localhost:5000" ///component-descriptors" //TODO: Get from configuration
+	prsr := parser.NewParser(r.Client, r.DescriptorProvider, r.RemoteSyncNamespace, r.OCIRegistryHost)
 	modules := prsr.GenerateModulesFromTemplates(kyma, templates)
 
 	runner := sync.New(r)

internal/controller/mandatorymodule/deletion_controller.go

@@ -18,6 +18,7 @@ package mandatorymodule
 
 import (
 	"context"
+	"errors"
 	"fmt"
 
 	k8slabels "k8s.io/apimachinery/pkg/labels"
@@ -29,6 +30,7 @@ import (
 	"github.com/kyma-project/lifecycle-manager/api/shared"
 	"github.com/kyma-project/lifecycle-manager/api/v1beta2"
 	"github.com/kyma-project/lifecycle-manager/internal/descriptor/provider"
+	"github.com/kyma-project/lifecycle-manager/internal/descriptor/types/ocmidentity"
 	"github.com/kyma-project/lifecycle-manager/internal/event"
 	"github.com/kyma-project/lifecycle-manager/pkg/log"
 	"github.com/kyma-project/lifecycle-manager/pkg/queue"
@@ -48,6 +50,26 @@ type DeletionReconciler struct {
 	DescriptorProvider *provider.CachedDescriptorProvider
 }
 
+// TODO: This function is a duplicate, we should use some common implementation.
+func (r *DeletionReconciler) FindMRMForTemplate(ctx context.Context,
+	template *v1beta2.ModuleTemplate,
+) (*v1beta2.ModuleReleaseMeta, error) {
+	if template == nil {
+		return nil, errors.New("template is nil")
+	}
+
+	key := client.ObjectKey{
+		Name:      template.Spec.ModuleName,
+		Namespace: template.Namespace,
+	}
+	obj := &v1beta2.ModuleReleaseMeta{}
+	if err := r.Get(ctx, key, obj); err != nil {
+		return nil, fmt.Errorf("failed to get ModuleReleaseMeta %s: %w", key.String(), err)
+	}
+
+	return obj, nil
+}
+
 func (r *DeletionReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
 	logger := logf.FromContext(ctx)
 	logger.V(log.DebugLevel).Info("Mandatory Module Deletion Reconciliation started")
@@ -76,7 +98,14 @@ func (r *DeletionReconciler) Reconcile(ctx context.Context, req ctrl.Request) (c
 		return ctrl.Result{}, nil
 	}
 
-	manifests, err := r.getCorrespondingManifests(ctx, template)
+	mrm, err := r.FindMRMForTemplate(ctx, template)
+	if err == nil {
+		return ctrl.Result{}, fmt.Errorf("failed to find ModuleReleaseMeta for Mandatory Module %s: %w",
+			template.Name, err)
+	}
+	ocmi, err := ocmidentity.New(mrm.Spec.OcmComponentName, template.Spec.Version)
+
+	manifests, err := r.getCorrespondingManifests(ctx, template.Namespace, *ocmi)
 	if err != nil {
 		return ctrl.Result{}, fmt.Errorf("failed to get MandatoryModuleManifests: %w", err)
 	}
@@ -107,22 +136,18 @@ func (r *DeletionReconciler) updateTemplateFinalizer(ctx context.Context,
 }
 
 func (r *DeletionReconciler) getCorrespondingManifests(ctx context.Context,
-	template *v1beta2.ModuleTemplate) ([]v1beta2.Manifest,
+	namespace string, ocmi ocmidentity.Component) ([]v1beta2.Manifest,
 	error,
 ) {
 	manifests := &v1beta2.ManifestList{}
-	descriptor, err := r.DescriptorProvider.GetDescriptor(template)
-	if err != nil {
-		return nil, fmt.Errorf("not able to get descriptor from template: %w", err)
-	}
 	if err := r.List(ctx, manifests, &client.ListOptions{
-		Namespace:     template.Namespace,
+		Namespace:     namespace,
 		LabelSelector: k8slabels.SelectorFromSet(k8slabels.Set{shared.IsMandatoryModule: "true"}),
 	}); client.IgnoreNotFound(err) != nil {
 		return nil, fmt.Errorf("not able to list mandatory module manifests: %w", err)
 	}
 
-	filtered := filterManifestsByFQDNAndVersion(manifests.Items, descriptor.GetName(), descriptor.GetVersion())
+	filtered := filterManifestsByComponentIdentity(manifests.Items, ocmi)
 
 	return filtered, nil
 }
@@ -137,16 +162,18 @@ func (r *DeletionReconciler) removeManifests(ctx context.Context, manifests []v1
 	return nil
 }
 
-func filterManifestsByFQDNAndVersion(manifests []v1beta2.Manifest,
-	fqdn, moduleVersion string,
+// filterManifestsByComponentIdentity filters the manifests by OCM Component Name and module version.
+// OCM Component Name is a fully qualified name that looks like: 'kyma-project.io/module/<module-name>'
+func filterManifestsByComponentIdentity(manifests []v1beta2.Manifest,
+	ocmi ocmidentity.Component,
 ) []v1beta2.Manifest {
 	filteredManifests := make([]v1beta2.Manifest, 0)
 	for _, manifest := range manifests {
 		if manifest.Annotations == nil {
 			continue
 		}
 
-		if manifest.Annotations[shared.FQDN] == fqdn && manifest.Spec.Version == moduleVersion {
+		if manifest.Annotations[shared.FQDN] == ocmi.Name() && manifest.Spec.Version == ocmi.Version() {
 			filteredManifests = append(filteredManifests, manifest)
 		}
 	}

internal/controller/mandatorymodule/installation_controller.go

@@ -43,6 +43,7 @@ type InstallationReconciler struct {
 	DescriptorProvider  *provider.CachedDescriptorProvider
 	RemoteSyncNamespace string
 	Metrics             *metrics.MandatoryModulesMetrics
+	OCIRegistryHost     string
 }
 
 func (r *InstallationReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
@@ -86,7 +87,8 @@ func (r *InstallationReconciler) Reconcile(ctx context.Context, req ctrl.Request
 func (r *InstallationReconciler) GenerateModulesFromTemplate(ctx context.Context,
 	templates templatelookup.ModuleTemplatesByModuleName, kyma *v1beta2.Kyma,
 ) (modulecommon.Modules, error) {
-	parser := parser.NewParser(r.Client, r.DescriptorProvider, r.RemoteSyncNamespace)
+	//ociRepo := "http://k3d-kcp-registry.localhost:5000" ///component-descriptors" //TODO: Get from configuration
+	parser := parser.NewParser(r.Client, r.DescriptorProvider, r.RemoteSyncNamespace, r.OCIRegistryHost)
 	return parser.GenerateMandatoryModulesFromTemplates(ctx, kyma, templates), nil
 }
 

internal/descriptor/cache/cache.go

@@ -1,9 +1,11 @@
 package cache
 
 import (
+	"fmt"
 	"sync"
 
 	"github.com/kyma-project/lifecycle-manager/internal/descriptor/types"
+	"github.com/kyma-project/lifecycle-manager/internal/descriptor/types/ocmidentity"
 )
 
 type DescriptorCache struct {
@@ -16,7 +18,7 @@ func NewDescriptorCache() *DescriptorCache {
 	}
 }
 
-func (d *DescriptorCache) Get(key string) *types.Descriptor {
+func (d *DescriptorCache) Get(key DescriptorKey) *types.Descriptor {
 	value, ok := d.cache.Load(key)
 	if !ok {
 		return nil
@@ -29,6 +31,12 @@ func (d *DescriptorCache) Get(key string) *types.Descriptor {
 	return &types.Descriptor{ComponentDescriptor: desc.Copy()}
 }
 
-func (d *DescriptorCache) Set(key string, value *types.Descriptor) {
+func (d *DescriptorCache) Set(key DescriptorKey, value *types.Descriptor) {
 	d.cache.Store(key, value)
 }
+
+type DescriptorKey string
+
+func GenerateDescriptorKey(ocmi ocmidentity.Component) DescriptorKey {
+	return DescriptorKey(fmt.Sprintf("%s:%s", ocmi.Name(), ocmi.Version()))
+}

internal/descriptor/cache/cache_test.go

@@ -15,7 +15,7 @@ func TestGet_ForCacheWithoutEntry_ReturnsNoEntry(t *testing.T) {
 	descriptorCache := cache.NewDescriptorCache()
 	key := "key 1"
 
-	actual := descriptorCache.Get(key)
+	actual := descriptorCache.Get(cache.DescriptorKey(key))
 
 	assert.Nil(t, actual)
 }
@@ -32,9 +32,9 @@ func TestGet_ForCacheWithAnEntry_ReturnsAnEntry(t *testing.T) {
 	}
 	desc1 := &types.Descriptor{ComponentDescriptor: ocmDesc1}
 
-	descriptorCache.Set(key1, desc1)
+	descriptorCache.Set(cache.DescriptorKey(key1), desc1)
 
-	assertDescriptorEqual(t, desc1, descriptorCache.Get(key1))
+	assertDescriptorEqual(t, desc1, descriptorCache.Get(cache.DescriptorKey(key1)))
 }
 
 func TestGet_ForCacheWithOverwrittenEntry_ReturnsNewEntry(t *testing.T) {
@@ -53,15 +53,15 @@ func TestGet_ForCacheWithOverwrittenEntry_ReturnsNewEntry(t *testing.T) {
 			},
 		},
 	}
-	descriptorCache.Set(originalKey, originalValue)
-	assertDescriptorNotEqual(t, newValue, descriptorCache.Get(originalKey))
-	assert.Nil(t, descriptorCache.Get(newKey))
+	descriptorCache.Set(cache.DescriptorKey(originalKey), originalValue)
+	assertDescriptorNotEqual(t, newValue, descriptorCache.Get(cache.DescriptorKey(originalKey)))
+	assert.Nil(t, descriptorCache.Get(cache.DescriptorKey(newKey)))
 
-	descriptorCache.Set(newKey, newValue)
-	descriptorCache.Set(originalKey, newValue)
+	descriptorCache.Set(cache.DescriptorKey(newKey), newValue)
+	descriptorCache.Set(cache.DescriptorKey(originalKey), newValue)
 
-	assertDescriptorEqual(t, newValue, descriptorCache.Get(newKey))
-	assertDescriptorEqual(t, newValue, descriptorCache.Get(originalKey))
+	assertDescriptorEqual(t, newValue, descriptorCache.Get(cache.DescriptorKey(newKey)))
+	assertDescriptorEqual(t, newValue, descriptorCache.Get(cache.DescriptorKey(originalKey)))
 }
 
 func assertDescriptorEqual(t *testing.T, expected, actual *types.Descriptor) {

internal/descriptor/cache/key_test.go

@@ -0,0 +1,34 @@
+package cache_test
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+
+	"github.com/kyma-project/lifecycle-manager/internal/descriptor/cache"
+	"github.com/kyma-project/lifecycle-manager/internal/descriptor/types/ocmidentity"
+)
+
+func TestGenerateDescriptorCacheKey(t *testing.T) {
+	testCases := []struct {
+		name          string
+		moduleName    string
+		moduleVersion string
+		want          string
+	}{
+		{
+			name:          "with valid module name and version",
+			moduleName:    "name",
+			moduleVersion: "1.0.0",
+			want:          "name:1.0.0",
+		},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			ocmi := ocmidentity.MustNew(tc.moduleName, tc.moduleVersion)
+			got := cache.GenerateDescriptorKey(*ocmi)
+			assert.Equal(t, tc.want, string(got))
+		})
+	}
+}