kubev2v · ahadas · Jul 23, 2023 · Jul 3, 2023 · Jul 23, 2023
@@ -23,6 +23,7 @@ build --action_env=POPULATOR_CONTROLLER_IMAGE=quay.io/kubev2v/populator-controll
 build --action_env=OPENSTACK_POPULATOR_IMAGE=quay.io/kubev2v/openstack-populator:latest
 build --action_env=OVIRT_POPULATOR_IMAGE=quay.io/kubev2v/ovirt-populator:latest
 build --action_env=OPERATOR_IMAGE=quay.io/kubev2v/forklift-operator:latest
+build --action_env=OVA_PROVIDER_SERVER_IMAGE=quay.io/kubev2v/forklift-ova-provider-server:latest
 
 # Appliance build
 # container_run_and_extract() does not work inside Podman and Docker

@@ -68,6 +68,8 @@ spec:
           value: ${OVIRT_POPULATOR_IMAGE}
         - name: OPENSTACK_POPULATOR_IMAGE
           value: ${OPENSTACK_POPULATOR_IMAGE}
+        - name: OVA_PROVIDER_SERVER_IMAGE
+          value: ${OVA_PROVIDER_SERVER_IMAGE}
         livenessProbe:
           httpGet:
             path: /healthz

@@ -21,6 +21,7 @@ rules:
   # PVs added for the populator(s) that uses the same role as forklift-controller
   - persistentvolumes
   - persistentvolumeclaims
+  - services
   verbs:
   - get
   - list
@@ -121,4 +122,16 @@ rules:
   - create
   - update
   - patch
-  - delete
+  - delete
+- apiGroups:
+  - apps
+  resources:
+  - deployments
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - update
+  - patch
+  - delete
@@ -61,3 +61,15 @@ rules:
   - certificates
   verbs:
   - '*'
+- apiGroups:
+  - security.openshift.io
+  resources:
+  - securitycontextconstraints
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - watch
+  - update
+  - patch
@@ -115,3 +115,5 @@ must_gather_image_fqin: "{{ lookup( 'env', 'MUST_GATHER_IMAGE') or lookup( 'env'
 virt_v2v_image_fqin: "{{ lookup( 'env', 'VIRT_V2V_IMAGE') or lookup( 'env', 'RELATED_IMAGE_VIRT_V2V') }}"
 virt_v2v_warm_image_fqin: "{{ lookup( 'env', 'VIRT_V2V_WARM_IMAGE') or lookup( 'env', 'RELATED_IMAGE_VIRT_V2V_WARM') }}"
 virt_v2v_dont_request_kvm: "{{ lookup( 'env', 'VIRT_V2V_DONT_REQUEST_KVM') }}"
+
+ova_provider_server_fqin: "{{ lookup( 'env', 'OVA_PROVIDER_SERVER_IMAGE') or lookup( 'env', 'RELATED_IMAGE_OVA_PROVIDER_SERVER') }}"
@@ -79,6 +79,12 @@
       definition: "{{ lookup('template', 'controller/route-inventory.yml.j2') }}"
     when: not k8s_cluster|bool
 
+  - name: "Setup forklift-controller security context constraints"
+    k8s:
+      state: present
+      definition: "{{ lookup('template', 'controller/controller-scc.yml.j2') }}"
+    when: not k8s_cluster|bool
+
   - when: feature_volume_populator|bool
     block:
     - name: "Setup populator controller deployment"

@@ -0,0 +1,12 @@
+---
+kind: SecurityContextConstraints
+apiVersion: security.openshift.io/v1
+metadata:
+  name: forklift-controller-scc
+users:
+  - system:serviceaccount:konveyor-forklift:forklift-controller
+runAsUser:
+  type: RunAsAny
+seLinuxContext:
+  type: RunAsAny
+allowPrivilegedContainer: false
@@ -142,6 +142,8 @@ spec:
           value: '8082'
         - name: SECRET_NAME
           value: webhook-server-secret
+        - name: OVA_PROVIDER_SERVER_IMAGE
+          value: {{ ova_provider_server_fqin }}
 {% if feature_validation|bool %}
         - name: POLICY_AGENT_URL
           value: "https://{{ validation_service_name }}.{{ app_namespace }}.svc.cluster.local:8181"

@@ -40,13 +40,16 @@ const (
 	OVirt ProviderType = "ovirt"
 	// OpenStack
 	OpenStack ProviderType = "openstack"
+	// OVA
+	Ova ProviderType = "ova"
 )
 
 var ProviderTypes = []ProviderType{
 	OpenShift,
 	VSphere,
 	OVirt,
 	OpenStack,
+	Ova,
 }
 
 func (t ProviderType) String() string {
@@ -164,5 +167,5 @@ func (p *Provider) HasReconciled() bool {
 
 // This provider requires VM guest conversion.
 func (p *Provider) RequiresConversion() bool {
-	return p.Type() == VSphere
+	return p.Type() == VSphere || p.Type() == Ova
 }
@@ -9,6 +9,7 @@ go_library(
         "//pkg/apis/forklift/v1beta1",
         "//pkg/controller/host/handler/ocp",
         "//pkg/controller/host/handler/openstack",
+        "//pkg/controller/host/handler/ova",
         "//pkg/controller/host/handler/ovirt",
         "//pkg/controller/host/handler/vsphere",
         "//pkg/controller/watch/handler",

@@ -4,6 +4,7 @@ import (
 	api "github.com/konveyor/forklift-controller/pkg/apis/forklift/v1beta1"
 	"github.com/konveyor/forklift-controller/pkg/controller/host/handler/ocp"
 	"github.com/konveyor/forklift-controller/pkg/controller/host/handler/openstack"
+	"github.com/konveyor/forklift-controller/pkg/controller/host/handler/ova"
 	"github.com/konveyor/forklift-controller/pkg/controller/host/handler/ovirt"
 	"github.com/konveyor/forklift-controller/pkg/controller/host/handler/vsphere"
 	"github.com/konveyor/forklift-controller/pkg/controller/watch/handler"
@@ -47,6 +48,11 @@ func New(
 			client,
 			channel,
 			provider)
+	case api.Ova:
+		h, err = ova.New(
+			client,
+			channel,
+			provider)
 	default:
 		err = liberr.New("provider not supported.")
 	}

@@ -0,0 +1,17 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "ova",
+    srcs = [
+        "doc.go",
+        "handler.go",
+    ],
+    importpath = "github.com/konveyor/forklift-controller/pkg/controller/host/handler/ova",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//pkg/apis/forklift/v1beta1",
+        "//pkg/controller/watch/handler",
+        "//vendor/sigs.k8s.io/controller-runtime/pkg/client",
+        "//vendor/sigs.k8s.io/controller-runtime/pkg/event",
+    ],
+)
@@ -0,0 +1,22 @@
+package ova
+
+import (
+	api "github.com/konveyor/forklift-controller/pkg/apis/forklift/v1beta1"
+	"github.com/konveyor/forklift-controller/pkg/controller/watch/handler"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/event"
+)
+
+// Handler factory.
+func New(
+	client client.Client,
+	channel chan event.GenericEvent,
+	provider *api.Provider) (h *Handler, err error) {
+	//
+	b, err := handler.New(client, channel, provider)
+	if err != nil {
+		return
+	}
+	h = &Handler{Handler: b}
+	return
+}
@@ -0,0 +1,15 @@
+package ova
+
+import (
+	"github.com/konveyor/forklift-controller/pkg/controller/watch/handler"
+)
+
+// Provider watch event handler.
+type Handler struct {
+	*handler.Handler
+}
+
+// Ensure watch on hosts.
+func (r *Handler) Watch(watch *handler.WatchManager) (err error) {
+	return
+}
@@ -0,0 +1,18 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "ova",
+    srcs = [
+        "doc.go",
+        "handler.go",
+    ],
+    importpath = "github.com/konveyor/forklift-controller/pkg/controller/map/storage/handler/ova",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//pkg/apis/forklift/v1beta1",
+        "//pkg/controller/watch/handler",
+        "//pkg/lib/logging",
+        "//vendor/sigs.k8s.io/controller-runtime/pkg/client",
+        "//vendor/sigs.k8s.io/controller-runtime/pkg/event",
+    ],
+)
@@ -0,0 +1,22 @@
+package ova
+
+import (
+	api "github.com/konveyor/forklift-controller/pkg/apis/forklift/v1beta1"
+	"github.com/konveyor/forklift-controller/pkg/controller/watch/handler"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/event"
+)
+
+// Handler factory.
+func New(
+	client client.Client,
+	channel chan event.GenericEvent,
+	provider *api.Provider) (h *Handler, err error) {
+	//
+	b, err := handler.New(client, channel, provider)
+	if err != nil {
+		return
+	}
+	h = &Handler{Handler: b}
+	return
+}
@@ -0,0 +1,14 @@
+package ova
+
+import (
+	"github.com/konveyor/forklift-controller/pkg/controller/watch/handler"
+	"github.com/konveyor/forklift-controller/pkg/lib/logging"
+)
+
+// Package logger.
+var log = logging.WithName("storageMap|ova")
+
+// Provider watch event handler.
+type Handler struct {
+	*handler.Handler
+}
@@ -9,6 +9,7 @@ go_library(
         "//pkg/apis/forklift/v1beta1",
         "//pkg/controller/plan/handler/ocp",
         "//pkg/controller/plan/handler/openstack",
+        "//pkg/controller/plan/handler/ova",
         "//pkg/controller/plan/handler/ovirt",
         "//pkg/controller/plan/handler/vsphere",
         "//pkg/controller/watch/handler",

@@ -4,6 +4,7 @@ import (
 	api "github.com/konveyor/forklift-controller/pkg/apis/forklift/v1beta1"
 	"github.com/konveyor/forklift-controller/pkg/controller/plan/handler/ocp"
 	"github.com/konveyor/forklift-controller/pkg/controller/plan/handler/openstack"
+	"github.com/konveyor/forklift-controller/pkg/controller/plan/handler/ova"
 	"github.com/konveyor/forklift-controller/pkg/controller/plan/handler/ovirt"
 	"github.com/konveyor/forklift-controller/pkg/controller/plan/handler/vsphere"
 	"github.com/konveyor/forklift-controller/pkg/controller/watch/handler"
@@ -47,6 +48,11 @@ func New(
 			client,
 			channel,
 			provider)
+	case api.Ova:
+		h, err = ova.New(
+			client,
+			channel,
+			provider)
 	default:
 		err = liberr.New("provider not supported.")
 	}

@@ -0,0 +1,22 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+go_library(
+    name = "ova",
+    srcs = [
+        "doc.go",
+        "handler.go",
+    ],
+    importpath = "github.com/konveyor/forklift-controller/pkg/controller/plan/handler/ova",
+    visibility = ["//visibility:public"],
+    deps = [
+        "//pkg/apis/forklift/v1beta1",
+        "//pkg/controller/provider/web/ova",
+        "//pkg/controller/watch/handler",
+        "//pkg/lib/error",
+        "//pkg/lib/inventory/web",
+        "//pkg/lib/logging",
+        "//vendor/golang.org/x/net/context",
+        "//vendor/sigs.k8s.io/controller-runtime/pkg/client",
+        "//vendor/sigs.k8s.io/controller-runtime/pkg/event",
+    ],
+)
@@ -0,0 +1,22 @@
+package ova
+
+import (
+	api "github.com/konveyor/forklift-controller/pkg/apis/forklift/v1beta1"
+	"github.com/konveyor/forklift-controller/pkg/controller/watch/handler"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/event"
+)
+
+// Handler factory.
+func New(
+	client client.Client,
+	channel chan event.GenericEvent,
+	provider *api.Provider) (h *Handler, err error) {
+	//
+	b, err := handler.New(client, channel, provider)
+	if err != nil {
+		return
+	}
+	h = &Handler{Handler: b}
+	return
+}