Merge branch 'chore-oss-changes' into 'main'

feat(OSS): prepare project for OSS publish

Closes CN-2372

See merge request cloudnative/go/cidr-allocator!10

.github/workflows/build-pr.yaml

@@ -0,0 +1,47 @@
+name: build_pr
+on:
+  - pull_request
+
+jobs:
+  # Any checks that run pre-build
+  pre-build-checks:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+      -
+        name: Set environment variables
+        shell: bash
+        run: |
+          echo "TAG=${GITHUB_SHA}" >> $GITHUB_ENV
+          echo "GIT_SHA=${GITHUB_SHA}" >> $GITHUB_ENV
+      -
+        name: Docker meta
+        id: meta
+        uses: crazy-max/ghaction-docker-meta@v2
+        with:
+          images: statcan/cidr-allocator
+          labels: |
+            org.opencontainers.image.vendor=Statistics Canada
+            org.opencontainers.image.licenses=https://github.com/StatCan/cidr-allocator/blob/${{ env.GIT_SHA }}/LICENSE
+      -
+        name: Login to DockerHub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      -
+        name: Build
+        id: docker_build
+        uses: docker/build-push-action@v2
+        with:
+          push: false
+          tags: statcan/cidr-allocator:${{ env.TAG }}
+          labels: ${{ steps.meta.outputs.labels }}
+          build-args: |
+            IMAGE_REPOSITORY=docker.io/library
+            VERSION=${{ env.TAG }}
+      -
+        name: Image digest
+        run: echo ${{ steps.docker_build.outputs.digest }}

.github/workflows/build-push-master.yaml

@@ -0,0 +1,49 @@
+name: build_and_push_master
+on:
+  push:
+    branches:
+      - 'master'
+
+jobs:
+  # Any checks that run pre-build
+  pre-build-checks:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+      -
+        name: Set environment variables
+        shell: bash
+        run: |
+          echo "TAG=${GITHUB_SHA}" >> $GITHUB_ENV
+          echo "GIT_SHA=${GITHUB_SHA}" >> $GITHUB_ENV
+      -
+        name: Docker meta
+        id: meta
+        uses: crazy-max/ghaction-docker-meta@v2
+        with:
+          images: statcan/cidr-allocator
+          labels: |
+            org.opencontainers.image.vendor=Statistics Canada
+            org.opencontainers.image.licenses=https://github.com/StatCan/cidr-allocator/blob/${{ env.GIT_SHA }}/LICENSE
+      -
+        name: Login to DockerHub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      -
+        name: Build and push
+        id: docker_build
+        uses: docker/build-push-action@v2
+        with:
+          push: true
+          tags: statcan/cidr-allocator:${{ env.TAG }}
+          labels: ${{ steps.meta.outputs.labels }}
+          build-args: |
+            IMAGE_REPOSITORY=docker.io/library
+            VERSION=${{ env.TAG }}
+      -
+        name: Image digest
+        run: echo ${{ steps.docker_build.outputs.digest }}

.github/workflows/build-push-tags.yaml

@@ -0,0 +1,49 @@
+name: build_and_push_tag
+on:
+  push:
+    tags:
+      - "*"
+
+jobs:
+  # Any checks that run pre-build
+  pre-build-checks:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2
+      -
+        name: Set environment variables
+        shell: bash
+        run: |
+          echo "TAG=${GITHUB_REF/refs\/tags\//}" >> $GITHUB_ENV
+          echo "GIT_SHA=${GITHUB_SHA}" >> $GITHUB_ENV
+      -
+        name: Docker meta
+        id: meta
+        uses: crazy-max/ghaction-docker-meta@v2
+        with:
+          images: statcan/cidr-allocator
+          labels: |
+            org.opencontainers.image.vendor=Statistics Canada
+            org.opencontainers.image.licenses=https://github.com/StatCan/cidr-allocator/blob/${{ env.GIT_SHA }}/LICENSE
+      -
+        name: Login to DockerHub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      -
+        name: Build and push
+        id: docker_build
+        uses: docker/build-push-action@v2
+        with:
+          push: true
+          tags: statcan/cidr-allocator:${{ env.TAG }}
+          labels: ${{ steps.meta.outputs.labels }}
+          build-args: |
+            IMAGE_REPOSITORY=docker.io/library
+            VERSION=${{ env.TAG }}
+      -
+        name: Image digest
+        run: echo ${{ steps.docker_build.outputs.digest }}

.gitlab-ci.yml

@@ -5,9 +5,10 @@ include:
 
 variables:
   IMAGE_REPOSITORY: artifactory.cloud.statcan.ca/cwmd-cns-docker-local/cidr-allocator
+  KANIKO_OPTIONS: "--build-arg IMAGE_REPOSITORY=artifactory.cloud.statcan.ca/docker"
   DOCKERFILE: "./Dockerfile"
   DOCKLE_OPTIONS: "--ignore CIS-DI-0001"
-  HADOLINT_IGNORE: "--ignore DL3018"
+  HADOLINT_IGNORE: "--ignore DL3018 --ignore DL3026"
 
 stages:
   - version

CHANGELOG.md

@@ -5,9 +5,15 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## [Unreleased]
+## [v0.4.2] - 2023-11-16
+### Changed
+- ci(github): added GitHub workflows
+- ci(dockerfile): parametarize image repository
+- ci(gitlab): pass build args to use artifactory as image base and target
+- docs(README): documentation for installation/usage and design/architecture
+
+## [v0.4.1] - 2023-11-16
 
-## [v0.4.1] - 2023-XX-XX
 ### Fixed
 - Event rejection from Kube API server resolved by adding appropriate RBAC
 ### Added

CODE_OF_CONDUCT.md

@@ -0,0 +1,15 @@
+([Français](#code-de-conduite))
+
+## Code of Conduct
+
+Statistics Canada follows the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/main/code-of-conduct.md).
+
+Please review before contributing issues, pull requests, or joining the GitHub organization.
+
+______________________
+
+## Code de conduite
+
+Statistique Canada suit le [Code de conduite de la CNCF](https://github.com/cncf/foundation/blob/main/code-of-conduct-languages/fr.md).
+
+Veuillez passer en revue avant de contribuer à des problèmes, des demandes d'extraction ou de rejoindre l'organisation GitHub.

Dockerfile

@@ -13,8 +13,8 @@
 # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
 # WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 
-# Build the NodeCIDRAllocation controller binary
-FROM artifactory.cloud.statcan.ca/docker/golang:1.19 as builder
+FROM ${IMAGE_REPOSITORY}/golang:1.19 as builder
+ARG IMAGE_REPOSITORY
 ARG TARGETOS
 ARG TARGETARCH
 

LICENSE

@@ -1,7 +1,7 @@
 MIT License
 
 Copyright (c) His Majesty the King in Right of Canada, as represented by the
-Minister of Statistics Canada, 2022
+Minister responsible for Statistics Canada, 2023
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

README.md

@@ -1,24 +1,39 @@
-# cidr-allocator
+## CIDR-Allocator
 
-Used to allocate podCIDR subnets to nodes from a pool
+The CIDR-Allocator is a Kubernetes Operator that helps to implement dynamic IPAM irrespective of the Container Network Interface (CNI) being used.
 
-## Description
+At Statistics Canada, this operator is used to address an early design consideration for the Cloud Native Platform 2.0 (CNP2.0) related to our BGP route propagation solution.
 
-cidr-allocator is a Kubernetes operator consisting of a CRD and Controller. The controller expects a `NodeCIDRAllocation` custom resource (CR) to be specified that will identify `addressPools` that will be used as a basis for CIDR allocation. The CR also expects a `NodeSelector` to be specified so that the controller can identify which nodes should be targeted for CIDR allocations.
+In Kubernetes, a full PodCIDR **must be** allocated to a Node at creation-time since any modifications afterwards ti the `PodCIDR` or `PodCIDRs` fields are strictly prohibited.
 
-For an example, please take a look at [config/samples](/config/samples/)
+This project follows the [`Kubernetes Operator Pattern`](https://kubernetes.io/docs/concepts/extend-kubernetes/operator/)
 
-## Changelog
+### Architecture
 
-Changes to this project are tracked in the [CHANGELOG](/CHANGELOG.md) which uses the [keepachangelog](https://keepachangelog.com/en/1.0.0/) format.
+![CIDR-Allocator Solution Architecture](./docs/media/cidr_allocator_solution_architecture.svg)
+
+
+The controller watches for a [`NodeCIDRAllocation`](./api/v1alpha1/nodecidrallocation_types.go) custom resource (CR) that will identify blocks of IPv4 addresses that will be used during the allocation of a `PodCIDR` range to a Node. A `NodeSelector` is used to identify which `Node` resources should align with each `NodeCIDRAllocation` that is defined. This gives us the flexibility to manage Pod IP allocation with as much or as little granularity as desired.
 
-### How it works
-This project aims to follow the Kubernetes [Operator pattern](https://kubernetes.io/docs/concepts/extend-kubernetes/operator/).
+> By default, the size of the assigned `PodCIDR` range will be equal to the `MaxPods` attribute on the `Node` resource
 
-It uses [Controllers](https://kubernetes.io/docs/concepts/architecture/controller/),
-which provide a reconcile function responsible for synchronizing resources until the desired state is reached on the cluster.
+### Installation
 
-### Test It Out
+Install `CIDR-Allocator` from the official StatCan Helm Chart
+
+```bash
+helm repo add statcan https://statcan.github.io/charts
+helm repo update
+helm install my-cidr-allocator statcan/cidr-allocator
+```
+
+> For an example configuration for the `NodeCIDRAllocation` CR, please take a look at [config/samples](/config/samples/)
+
+### Changelog
+
+Changes to this project are tracked in the [CHANGELOG](/CHANGELOG.md) which uses the [keepachangelog](https://keepachangelog.com/en/1.0.0/) format.
+
+### Test It Out (locally)
 1. Install the CRDs into the cluster:
 
 ```sh
@@ -32,3 +47,17 @@ make run
 ```
 
 **NOTE:** You can also run this in one step by running: `make install run`
+
+______________________
+
+## CIDR-Allocator
+
+### Comment contribuer
+
+Voir [CONTRIBUTING.md](CONTRIBUTING.md)
+
+### Licence
+
+Sauf indication contraire, le code source de ce projet est protégé par le droit d'auteur de la Couronne du gouvernement du Canada et distribué sous la [licence MIT](LICENSE).
+
+Le mot-symbole « Canada » et les éléments graphiques connexes liés à cette distribution sont protégés en vertu des lois portant sur les marques de commerce et le droit d'auteur. Aucune autorisation n'est accordée pour leur utilisation à l'extérieur des paramètres du programme de coordination de l'image de marque du gouvernement du Canada. Pour obtenir davantage de renseignements à ce sujet, veuillez consulter les [Exigences pour l'image de marque](https://www.canada.ca/fr/secretariat-conseil-tresor/sujets/communications-gouvernementales/exigences-image-marque.html).

SECURITY.md

@@ -1,6 +1,6 @@
 ([Français](#sécurité))
 
-# Security
+## Security
 
 **Do not post any security issues on the public repository!** Security vulnerabilities must be reported by email to `statcan.opensource-logiciellibre.statcan@canada.ca`