The Bundle should validate all the Kubernetes objects it can. This includes the custom resources that are used for option-configuration.

We should add conversion methods for cluster objects to typed K8S objects. Frequently, it's much easier to work directly with the K8S objects.

Kubernetes uses the RawExtension type to represent arbitrary JSON components. Right now in the proto-world, I'm using Struct and in the Go IDL version (soon to come) I'll probably use map[string]interface{} for compatibility. But this is non-standard and the standard type for this purpose is RawExtension.

https://github.com/kubernetes/apimachinery/blob/ed135c5b96450fd24e5e981c708114fbbd950697/pkg/runtime/types.go

type RawExtension struct {
	// Raw is the underlying serialization of this object.
	//
	// TODO: Determine how to detect ContentType and ContentEncoding of 'Raw' data.
	Raw []byte `protobuf:"bytes,1,opt,name=raw"`
	// Object can hold a representation of this extension - useful for working with versioned
	// structs.
	Object Object `json:"-"`
}

We should add a CRD + Generated client for bundles and components to make them easier to use.

Now that we parse File URLs as real urls, we should validate that all URLs are well formed.

Depends on #96

Right now the proto files generate go files as part of blaze gen rules. That doesn't work great with go get

Instead, we need to check in those generated go files into the src tree.

https://github.com/golang/protobuf#using-protocol-buffers-with-go

Right now the Bundle is just a spec. The components will also be converted to be in a spec too. But that opens tho question: What should be in the Status? It seems like there should be something

We should add tests to converter library to ensure that round-trip conversion works and gives the same result (->ToObject->ToYAML->ToObject). It would help catch issues like #93

Right now, raw text objects are inlined as ConfigMaps. This is a for using the existing K8S infrastructure, but it can be nice to know when the config maps are actually sourced from raw text.

Solution for this is to add labels or annotations indicating that it was a raw-text source.

Maybe this is just me, but I would really love a fluid/functional style API for the bundle library. Most of these transformations feel like map/filter/reduce/transform, so it seems like it could work well.

fluid.FluidBundle(bundle).
  Filter().
  Assert(fn).
  TransformImages().
  FindComponent(cname).
  Get() 
-> Returns component

Right now, dash separate YAMLs are not supported during the inline process. We should add support for dash-separated yamls.

Currently the validation doesn't validate the apiVersion or kind fields of the bundle or component object, and it definitely should.

The cluster bundle CLI should be able to generate configuration (in a similar way to kubebuilder). This really reduces the friction when using the tooling and helps enforce design patterns.

We should add validation for CRDs. The Kubernetes libraries provide this functionality, but I held off on this due to import-dependency-issues.

Now that there's a MinRequirements, there should be some validation on a Bundle that the Bundle's components in the bundle meet a specific components' min requirements.

Core kubernetes has a bunch of validation built in. For example: https://github.com/kubernetes/apimachinery/blob/master/pkg/api/validation/objectmeta.go

We should consider deferring to that where possible.

Right now, the bundle uses strategic merge patch directly for doing patching. https://github.com/kubernetes-sigs/kustomize has many more advanced features around patching and we should probably that instead.

Right now, I've been calling the Bundle CLI bundler. I think it would be good to have a better name. Some ideas:

• bundlectl
• cbundle
• kbundle
• kubebundle

The ClusterObjectKey serves as a reference to select a single Kubernetes object from the bundle. It doesn't quite fit. Here are some ideas:

• Name it ClusterObjectRef
• Reuse the ObjectRef object

The bundle allows for arbitrary urls in the bundle. At the moment, the libarary only supports local files, but we should also support remote files (AWS, GCS, http, etc)

From a release / build perspective, it might be useful to have once-apply patches. Say for example, those that change the image.

We should describe in the docs the use cases the bundle is trying to solve,

This is a note to me that options probably needs more design work. Right now there's set of top-level options keys. I think each component should have their own options specified -- rather like helm has Values for every component. That being said, I think there probably needs to be 'global' options as well, which would have things like 'namespace' and 'clusterName'.

And if there is a top-level global options, is there a translation between that and the component-level options?

We ought to add method for looking for container images and transforming them.

A TODO for myself in the Filter API. I'd like to change KeepOnly to RemoveOnly, effectively inverting the logic. I think KeepOnly should be the default behavior -- you're more likely to select what you want rather than select what you don't want.

For now, the min requirements and component API version will be removed. This sort of version dependency is hard and needs a more careful design.

We should add tests for bundleio.go in pkg/commands/cmdlib/bundleio.go

Feature request under consideration: perhaps we should add a list of images to the Bundle.

Reasoning:

• Pause container probably won't be referenced directly by application manifests
• Some manifests might themselves be hardcoded elsewhere.

So, for flexibility, having a list of all the images would be very useful. Especially for things like private registries.

To make the CLI easier to use, it should provide a --format flag. I'm imagining 'json' or 'yaml', but it could support more esoteric forms too like GoTemplate.

Right now, find.Finder does object lookup based on the name. That's not ideal -- it should be using the ObjectRef (since name is not guaranteed to be unique).

Right now, the inlined type is really a parseable-as-yaml/json type. But this excludes templates that are specified as un-parseable go/jsonnet/salt (etc.) templates. I think the way to support this is to have a new url / inlined type called 'raw' or somesuch, that is just not parseable.

So right now there's

  repeated google.protobuf.Struct cluster_objects = 7;
  repeated File cluster_object_files = 8;

this would imply adding

  repeated string raw_objects = 7; // or maybe bytes
  repeated string raw_object_files = 8;

This would add a great deal of flexibility (it could support helm, for example).

We should move the shared deps to the very top (root.go or main.go). Right now the deps are injected in at the command level, so each command needs to instantiate its own dep, which isn't great.

Now that versions have a strict meaning in the cluster bundle sense, there should be tooling to enforce version numbers are semantic version numbers.

Right now, the components don't have a spec / status. This make them problematic to apply to the cluster and act on them. I think this means that they probably need to be full spec / status objects (even though that adds a bit of noise to the schema)

I think it would be useful to add a full version library to make working with versions more palatable.

We have something like this in GKE, it would be useful to have something similar here.

One cool feature would be to add an edit command to the bundle to edit things like images, namespaces, and so on.

For example:

bundlectl edit images -f bundle.yam

Which would pop you over to an editor.

Of course, this would work best with local files, but might be possible with remote files

We should rename ClusterComponent to ComponentPackage or just ClusterPackage. Or maybe just Package! This is more consistent with terminology used elsewhere. We'll still use the Bundle terminology for referring to collections of packages.

Right now the validation is baked in. The cluster bundle becomes even more compelling if there are variable levels of validation in both the Bundle and Component.

I'm imagining something like:

message Validation {
  bool disable_unique_metadata = 1:
  bool enable_image_validation = 2;
}

Or maybe it's just a string->bool flag mapping

message Validation {
  map<string, bool> options
}

Or maybe just a list of options

message Validation {
  repeated string = 1;
}

Both these latter options are more extensible. But that means that the validation phase needs to be configurable (which it probably should be, I suppose).

Looks like inlining raw-text doesn't work for nested child components. Basically, just need to replicate the following for raw text also:

» » » for _, ocf := range comp.GetSpec().GetClusterObjectFiles() {
» » » » compUrl := cf.GetUrl()
» » » » objUrl := ocf.GetUrl()
» » » » if strings.HasPrefix(objUrl, "file://") && strings.HasPrefix(compUrl, "file://") {
» » » » » ocf.Url = "file://" + filepath.Join(filepath.Dir(shortFileUrl(compUrl)), shortFileUrl(objUrl))
» » » » }
» » » }

Open feature question: Should there be a minRequirements for components? For example, should a component say, I must have >= Kubernetes 1.10.

It would be really cool to have diffing functionality for bundles, node configs, components, cluster objects. Not something that is planned for the very near term, but definitely something planned for reasonably soon -- it's essentially for building automation.

This is a reminder to me to add support for componentSets as file type in CLI. Initially, this needs to be used for the validate subcommand group.

After using this library, I've found it would be very useful to be able to filter specific components, as I've done for bundles.

Here's my idea for unifying patching and node config, both of which have seemed pretty adhoc: Move them to an 'extensions' API and include them as just ordinary objects in a component.

pkg/apis/extensions/v1alpha1/ for example.

This has the advantage of greatly simplifying what a component package is. Moreover, these objects can reuse the searching and externalization infrastructure already existing in components.

It would be very useful to have an embedding tool built into bundlectl or adjacent as a helper tool. This would be like a simpler, standalone version of the Bazel go_embed rule, which would take a file and embed it as a raw string or as bytes in a go map.

Support for prow has been enabled on the TestInfra side, but we need to finish of the integration:

kubernetes/test-infra#9551 (comment)

Some ideas:

Filter based on annotations, labels, perhaps even some combination of GVK+Name

Currently the bundle and component types are specified as proto. That's fine for working with the Bundle, but for actually applying to the cluster we need a CRD. Also, for ease of use, a client library would be useful.

So, practically, this means making a go struct (aka go IDL) version of the api and running kubebuilder.

We should add automatic go-vet checks. Would help make the repo more robust!

It would significantly improve the UX of using the bundle if, like with kubebuilder, there was a way to generate Bundle and Component configuration.

Maybe something like:

bundlectl generate --out_dir=...  -f existingbundlr.yaml