Merge pull request #2611 from ameijer/atm/update-working-branch-II

.github/workflows/build-and-publish-release.yml

@@ -102,7 +102,7 @@ jobs:
         uses: docker/setup-buildx-action@v3
         with:
           buildkitd-flags: --debug
-    
+
       - name: Install Go
         uses: actions/setup-go@v5
         with:
@@ -145,7 +145,7 @@ jobs:
       - name: Build and push (multiarch) OpenCost UI
         working-directory: ./opencost/ui
         run: |
-          just build '${{ steps.tags.outputs.IMAGE_TAG_UI }}'
+          just build '${{ steps.tags.outputs.IMAGE_TAG_UI }}' '${{ steps.version_number.outputs.RELEASE_VERSION }}'
           crane copy '${{ steps.tags.outputs.IMAGE_TAG_UI }}' '${{ steps.tags.outputs.IMAGE_TAG_UI_LATEST }}'
           crane copy '${{ steps.tags.outputs.IMAGE_TAG_UI }}' '${{ steps.tags.outputs.IMAGE_TAG_UI_VERSION }}'
         #  crane copy '${steps.tags.outputs.IMAGE_TAG_UI}' '${steps.tags.outputs.IMAGE_TAG_UI_QUAY}'

.gitignore

@@ -19,3 +19,6 @@ pkg/cloud/azureorphan_test.go
 
 #Apple
 *.DS_Store
+
+# tilt
+tilt_config.json

Dockerfile.debug

@@ -4,18 +4,26 @@ FROM golang:alpine
 # outside of Docker.
 ARG binary_path
 
+LABEL org.opencontainers.image.description="Cross-cloud cost allocation models for Kubernetes workloads"
+LABEL org.opencontainers.image.documentation=https://opencost.io/docs/
+LABEL org.opencontainers.image.licenses=Apache-2.0
+LABEL org.opencontainers.image.source=https://github.com/opencost/opencost
+LABEL org.opencontainers.image.title=kubecost-cost-model
+LABEL org.opencontainers.image.url=https://opencost.io
+
 WORKDIR /app
 RUN apk add --update --no-cache ca-certificates
 RUN go install github.com/go-delve/delve/cmd/dlv@latest
 
+ADD --chmod=644 ./THIRD_PARTY_LICENSES.txt /THIRD_PARTY_LICENSES.txt
 ADD --chmod=644 ./configs/default.json /models/default.json
 ADD --chmod=644 ./configs/azure.json /models/azure.json
 ADD --chmod=644 ./configs/aws.json /models/aws.json
 ADD --chmod=644 ./configs/gcp.json /models/gcp.json
 ADD --chmod=644 ./configs/alibaba.json /models/alibaba.json
+ADD --chmod=644 ./configs/oracle.json /models/oracle.json
 
-RUN echo "binary_path"
 COPY ${binary_path} main
 
 ENTRYPOINT ["/go/bin/dlv exec --listen=:40000 --api-version=2 --headless=true --accept-multiclient --log --continue /app/main"]
-EXPOSE 9003 40000
+EXPOSE 9003 40000

Tiltfile

@@ -1,130 +1,44 @@
-load('ext://helm_resource', 'helm_resource', 'helm_repo')
-load('ext://restart_process', 'docker_build_with_restart')
+load('Tiltfile.opencost', 'run_opencost')
 
 # WARNING: this allows any k8s context for deployment
-#allow_k8s_contexts(k8s_context())
+# allow_k8s_contexts(k8s_context())
 # To allow a specific context for deployment:
 # allow_k8s_contexts('kubectl-context')
-# See https://docs.tilt.dev/api.html#api.allow_k8s_contexts for default allowed contexts
-
-config.define_string('arch', args=False, usage='amd64')
-config.define_string('docker-repo', args=False, usage='')
+# See https://docs.tilt.dev/api.html#api.allow_k8s_contexts for default
+# allowed contexts
+
+config.define_string('arch')
+config.define_string('cloud-integration')
+config.define_bool('delve-continue')
+config.define_string('docker-repo')
+config.define_string('helm-values')
+config.define_string('port-costmodel')
+config.define_string('port-debug')
+config.define_string('port-prometheus')
+config.define_string('port-ui')
+config.define_string('service-key')
 cfg = config.parse()
 
-arch = cfg.get('arch')
-
-docker_platform = "linux/amd64"
-go_arch = "amd64"
-if arch == "arm64":
-    docker_platform = "linux/aarch64"
-    go_arch = "arm64"
-
-docker_repo = cfg.get('docker-repo')
-if docker_repo == None:
-    docker_repo = ''
-else:
-    docker_repo = docker_repo + "/"
-
-# Build and update opencost back end binary when code changes
-local_resource(
-    name='build-costmodel',
-    dir='.',
-    cmd='CGO_ENABLED=0 GOOS=linux GOARCH='+go_arch+' go build -o ./cmd/costmodel/costmodel-tilt ./cmd/costmodel/main.go',
-    deps=[
-        './cmd/costmodel/main.go',
-        './pkg',
-    ],
-    allow_parallel=True,
-    resource_deps=['build-go-mod-download'],
-)
-
-# Build back end docker container
-# If the binary is updated, update the running container and restart binary in dlv
-docker_build_with_restart(
-    ref=docker_repo+'opencost-costmodel',
-    context='.',
-    # remove --continue flag to make dlv wait until debugger is attached to start
-    entrypoint='/go/bin/dlv exec --listen=:40000 --api-version=2 --headless=true --accept-multiclient --log --continue /app/main',
-    dockerfile='Dockerfile.debug',
-    platform=docker_platform,
-
-    build_args={'binary_path':'./cmd/costmodel/costmodel-tilt'},
-    only=[
-        'cmd/costmodel/costmodel-tilt',
-        'configs',
-    ],
-    live_update=[
-       sync('./cmd/costmodel/costmodel-tilt', '/app/main'),
-    ],
-)
-
-# npm install if package.json changes
-local_resource(
-    name='build-npm-install',
-    dir='./ui',
-    cmd='npm install',
-    deps=[
-        './ui/package.json',
-    ],
-    allow_parallel=True,
-)
-
-# Build FE locally when code changes
-local_resource(
-    name='build-ui',
-    dir='./ui',
-    cmd='npx parcel build src/index.html',
-    deps=[
-        './ui/src',
-        './ui/package.json',
-    ],
-    allow_parallel=True,
-    resource_deps=['build-npm-install'],
-)
-
-# update container when relevant files change
-docker_build(
-    ref=docker_repo+'opencost-ui',
-    context='./ui',
-    dockerfile='./ui/Dockerfile.cross',
-    only=[
-        'dist',
-        'nginx.conf',
-        'default.nginx.conf.template',
-        'docker-entrypoint.sh',
-    ],
-    live_update=[
-       sync('./ui/dist', '/var/www'),
-    ],
-)
-
-# build yaml for deployment to k8s
-yaml = helm(
-    '../opencost-helm-chart/charts/opencost',
-    name='opencost',
-    values=['./tilt-values.yaml'],
-    # configuring opencost to also use the kubecost prometheus server below
-    set=[
-        'opencost.ui.image.fullImageName='+docker_repo+'opencost-ui',
-        'opencost.exporter.image.fullImageName='+docker_repo+'opencost-costmodel',
-        'opencost.prometheus.internal.namespaceName='+k8s_namespace(),
-    ]
-)
-k8s_yaml(yaml) # put resulting yaml into k8s
-k8s_resource(workload='opencost', port_forwards=['9003:9003','9090:9090','40000:40000'])
-
-helm_resource(
-    name='prometheus',
-    chart='prometheus-community/prometheus')
-k8s_resource(workload='prometheus', port_forwards=['9080:9090'])
-
-local_resource(
-    name='costmodel-test',
-    dir='.',
-    cmd='go test ./...',
-    deps=[
-        './pkg',
-    ],
-    allow_parallel=True,
-    resource_deps=['opencost'], # run tests after build to speed up deployment
-)
+docker_repo = cfg.get('docker-repo', '')
+if docker_repo != '':
+    docker_repo += "/"
+
+port_costmodel = cfg.get('port-costmodel', 9003)
+port_debug = cfg.get('port-debug', 40000)
+port_prometheus = cfg.get('port-prometheus', 9080)
+port_ui = cfg.get('port-ui', 9090)
+
+options = {
+    'arch': cfg.get('arch'),
+    'cloud_integration': cfg.get('cloud-integration', ''),
+    'delve_continue': cfg.get('delve-continue', True),
+    'docker_repo': docker_repo,
+    'helm_values': cfg.get('helm-values', './tilt-values.yaml'),
+    'port_costmodel': cfg.get('port-costmodel', '9003'),
+    'port_debug': cfg.get('port-debug', '40000'),
+    'port_prometheus': cfg.get('port-prometheus', '9080'),
+    'port_ui': cfg.get('port-ui', '9090'),
+    'service_key': cfg.get('service-key', ''),
+}
+
+run_opencost(options)

Tiltfile.opencost

@@ -0,0 +1,169 @@
+load('ext://helm_resource', 'helm_resource', 'helm_repo')
+load('ext://restart_process', 'docker_build_with_restart')
+load('ext://secret', 'secret_create_generic')
+
+
+def get_docker_platform(arch):
+    if arch == "arm64":
+        return "linux/arm64"
+    else:
+        return "linux/amd64"
+
+
+def get_go_arch(arch):
+    if arch == "arm64":
+        return "arm64"
+    else:
+        return "amd64"
+
+
+# run_opencost is encapsulated as a function to make import easier for running alongside kubecost.
+# The `../opencost` pattern that repeats across this function is to deal with how multiple tilt
+# files work - the base directory (`.`) is always relative to the Tiltfile executed and not the
+# directory containing this file.
+def run_opencost(options):
+
+    docker_platform = get_docker_platform(options["arch"])
+    go_arch = get_go_arch(options["arch"])
+    is_cloud_integration = options["cloud_integration"] != '' and os.path.exists(options["cloud_integration"])
+    is_service_key = options["service_key"] != '' and os.path.exists(options["service_key"])
+    continue_flag = '--continue'
+    if options["delve_continue"] == False:
+        continue_flag = ''
+
+    # Build and update opencost back end binary when code changes
+    local_resource(
+        name='build-costmodel',
+        dir='.',
+        cmd='CGO_ENABLED=0 GOOS=linux GOARCH='+go_arch+' go build -o ../opencost/cmd/costmodel/costmodel-tilt ../opencost/cmd/costmodel/main.go',
+        deps=[
+            '../opencost/cmd/costmodel/main.go',
+            '../opencost/pkg',
+        ],
+        allow_parallel=True,
+    )
+
+    # Build back end docker container
+    # If the binary is updated, update the running container and restart binary in dlv
+    docker_build_with_restart(
+        ref=options["docker_repo"]+'opencost-costmodel',
+        context='../opencost',
+        # remove --continue flag to make dlv wait until debugger is attached to start
+        entrypoint='/go/bin/dlv exec --listen=:40000 --api-version=2 --headless=true --accept-multiclient --log '+continue_flag+' /app/main',
+        dockerfile='../opencost/Dockerfile.debug',
+        platform=docker_platform,
+        build_args={'binary_path': './cmd/costmodel/costmodel-tilt'},
+        only=[
+            'cmd/costmodel/costmodel-tilt',
+            'configs',
+            'THIRD_PARTY_LICENSES.txt',
+        ],
+        live_update=[
+            sync('../opencost/cmd/costmodel/costmodel-tilt', '/app/main'),
+        ],
+    )
+
+    # npm install if package.json changes
+    local_resource(
+        name='build-npm-install',
+        dir='../opencost/ui',
+        cmd='npm install',
+        deps=[
+            '../opencost/ui/package.json',
+        ],
+        allow_parallel=True,
+    )
+
+    # Build FE locally when code changes
+    local_resource(
+        name='build-ui',
+        dir='../opencost/ui',
+        cmd='npx parcel build src/index.html',
+        deps=[
+            '../opencost/ui/src',
+            '../opencost/ui/package.json',
+        ],
+        allow_parallel=True,
+        resource_deps=['build-npm-install'],
+    )
+
+    # update container when relevant files change
+    docker_build(
+        ref=options["docker_repo"]+'opencost-ui',
+        context='../opencost/ui',
+        dockerfile='../opencost/ui/Dockerfile.debug',
+        only=[
+            'dist',
+            'nginx.conf',
+            'default.nginx.conf.template',
+            'docker-entrypoint.sh',
+        ],
+        live_update=[
+            sync('../opencost/ui/dist', '/var/www'),
+        ],
+    )
+
+    values_set = [
+        'opencost.ui.image.fullImageName='+options["docker_repo"]+'opencost-ui',
+        'opencost.exporter.image.fullImageName='+options["docker_repo"]+'opencost-costmodel',
+        'opencost.prometheus.internal.namespaceName='+k8s_namespace(),
+        'opencost.exporter.debugPort=40000',
+    ]
+
+    if is_cloud_integration:
+        values_set.append('opencost.cloudIntegrationSecret=cloud-integration')
+        values_set.append('opencost.cloudCost.enabled=true')
+    else:
+        values_set.append('opencost.cloudCost.enabled=false')
+
+    if is_cloud_integration:
+        secret_create_generic(
+            name='cloud-integration',
+            namespace=k8s_namespace(),
+            from_file=options["cloud_integration"],
+            secret_type=None,
+            from_env_file=None
+        )
+
+    if is_service_key:
+        secret_create_generic(
+            name='service-key',
+            namespace=k8s_namespace(),
+            from_file=options["service_key"],
+            secret_type=None,
+            from_env_file=None
+        )
+
+    # build yaml for deployment to k8s
+    yaml = helm(
+        '../opencost-helm-chart/charts/opencost',
+        name='opencost',
+        values=[options["helm_values"]],
+        set=values_set
+    )
+    k8s_yaml(yaml)  # put resulting yaml into k8s
+
+    port_forwards = [
+        options['port_costmodel']+':9003',
+        options['port_ui']+':9090',
+        options['port_debug']+':40000',
+    ]
+    k8s_resource(workload='opencost', port_forwards=port_forwards)
+
+    helm_repo('prometheus-community', 'https://prometheus-community.github.io/helm-charts')
+    helm_resource(
+        name='prometheus',
+        chart='prometheus-community/prometheus',
+        resource_deps=['prometheus-community'])
+    k8s_resource(workload='prometheus', port_forwards=[options['port_prometheus']+':9090'])
+
+    local_resource(
+        name='costmodel-test',
+        dir='../opencost',
+        cmd='go test ./...',
+        deps=[
+            './pkg',
+        ],
+        allow_parallel=True,
+        resource_deps=['opencost'],  # run tests after build to speed up deployment
+    )

justfile

@@ -16,8 +16,8 @@ build-local:
     cd ./cmd/costmodel && \
         {{commonenv}} go build \
         -ldflags \
-          "-X github.com/opencost/opencost/pkg/version.Version={{version}} \
-           -X github.com/opencost/opencost/pkg/version.GitCommit={{commit}}" \
+          "-X github.com/opencost/opencost/core/pkg/version.Version={{version}} \
+           -X github.com/opencost/opencost/core/pkg/version.GitCommit={{commit}}" \
         -o ./costmodel
 
 # Build multiarch binaries
@@ -39,16 +39,16 @@ build-binary VERSION=version:
         -o ./costmodel-arm64
 
 # Build and push a multi-arch Docker image
-build IMAGETAG VERSION=version: test (build-binary VERSION)
+build IMAGE_TAG RELEASE_VERSION: test (build-binary RELEASE_VERSION)
     docker buildx build \
         --rm \
         --platform "linux/amd64" \
         -f 'Dockerfile.cross' \
         --build-arg binarypath=./cmd/costmodel/costmodel-amd64 \
-        --build-arg version={{version}} \
+        --build-arg version={{RELEASE_VERSION}} \
         --build-arg commit={{commit}} \
         --provenance=false \
-        -t {{IMAGETAG}}-amd64 \
+        -t {{IMAGE_TAG}}-amd64 \
         --push \
         .
 
@@ -57,14 +57,14 @@ build IMAGETAG VERSION=version: test (build-binary VERSION)
         --platform "linux/arm64" \
         -f 'Dockerfile.cross' \
         --build-arg binarypath=./cmd/costmodel/costmodel-arm64 \
-        --build-arg version={{version}} \
+        --build-arg version={{RELEASE_VERSION}} \
         --build-arg commit={{commit}} \
         --provenance=false \
-        -t {{IMAGETAG}}-arm64 \
+        -t {{IMAGE_TAG}}-arm64 \
         --push \
         .
 
     manifest-tool push from-args \
         --platforms "linux/amd64,linux/arm64" \
-        --template {{IMAGETAG}}-ARCH \
-        --target {{IMAGETAG}}
+        --template {{IMAGE_TAG}}-ARCH \
+        --target {{IMAGE_TAG}}

kubernetes/opencost.yaml

@@ -142,7 +142,7 @@ spec:
       restartPolicy: Always
       serviceAccountName: opencost
       containers:
-        - image: quay.io/kubecost1/kubecost-cost-model:latest
+        - image: ghcr.io/opencost/opencost:latest
           name: opencost
           resources:
             requests:
@@ -167,7 +167,7 @@ spec:
             privileged: false
             readOnlyRootFilesystem: true
             runAsUser: 1001
-        - image: quay.io/kubecost1/opencost-ui:latest
+        - image: ghcr.io/opencost/opencost-ui:latest
           name: opencost-ui
           resources:
             requests:

pkg/customcost/pipelineservice.go

@@ -59,8 +59,10 @@ func getRegisteredPlugins(configDir string, execDir string) (map[string]*plugin.
 	configs := map[string]*plugin.ClientConfig{}
 	// set up the client config
 	for name, config := range pluginNames {
-		if _, err := os.Stat(fmt.Sprintf(execFmt, execDir, name, runtime.GOOS, version.Architecture)); err != nil {
-			msg := fmt.Sprintf("error reading executable for %s plugin. Plugin executables must be in %s and have name format <plugin name>.ocplugin.<opencost binary archtecture (arm64 or amd64)>", name, execDir)
+		file := fmt.Sprintf(execFmt, execDir, name, runtime.GOOS, version.Architecture)
+		log.Debugf("looking for file: %s", file)
+		if _, err := os.Stat(file); err != nil {
+			msg := fmt.Sprintf("error reading executable for %s plugin. Plugin executables must be in %s and have name format <plugin name>.ocplugin.<os>.<opencost binary archtecture (arm64 or amd64)>", name, execDir)
 			log.Errorf(msg)
 			return nil, fmt.Errorf(msg)
 		}

tilt-values.yaml

@@ -5,18 +5,13 @@ service:
   enabled: true
   # --  Kubernetes Service type
   type: ClusterIP
-  # -- extra ports.  Useful for sidecar pods such as oauth-proxy
-  extraPorts:
-    - name: debug
-      port: 40000
-      targetPort: 40000
 
 opencost:
   exporter:
     # -- The GCP Pricing API requires a key. This is supplied just for evaluation.
     cloudProviderApiKey: ""
     # -- Default cluster ID to use if cluster_id is not set in Prometheus metrics.
-    defaultClusterId: 'tilt-cluster'
+    defaultClusterId: "tilt-cluster"
   livenessProbe:
     # -- Whether probe is enabled
     enabled: true
@@ -36,6 +31,9 @@ opencost:
     periodSeconds: 10
     # -- Number of failures for probe to be considered failed
     failureThreshold: 3
+  # extraVolumeMounts:
+  #   - mountPath: /var/secrets
+  #     name: service-key-secret
 
   # Persistent volume claim for storing the data. eg: csv file
   persistence:
@@ -115,4 +113,8 @@ opencost:
       port: 80
   ui:
     # -- Enable OpenCost UI
-    enabled: true
+    enabled: true
+# extraVolumes:
+#   - name: service-key-secret
+#     secret:
+#       secretName: service-key

ui/Dockerfile.debug

@@ -0,0 +1,40 @@
+# This dockerfile is for development purposes only; do not use this for production deployments
+# This file exists due to changes introduced in https://github.com/opencost/opencost/pull/2502
+# Tilt cannot reference files that exist outside of this ./ui folder so the reference to THIRD_PARTY_LICENSES.txt is removed
+FROM nginx:alpine
+
+LABEL org.opencontainers.image.description="Cross-cloud cost allocation models for Kubernetes workloads"
+LABEL org.opencontainers.image.documentation=https://opencost.io/docs/
+LABEL org.opencontainers.image.licenses=Apache-2.0
+LABEL org.opencontainers.image.source=https://github.com/opencost/opencost
+LABEL org.opencontainers.image.title=opencost-ui
+LABEL org.opencontainers.image.url=https://opencost.io
+
+ARG version=dev
+ARG	commit=HEAD
+ENV VERSION=${version}
+ENV HEAD=${commit}
+
+ENV API_PORT=9003
+ENV API_SERVER=0.0.0.0
+ENV UI_PORT=9090
+
+COPY ./dist /opt/ui/dist
+COPY default.nginx.conf.template /etc/nginx/conf.d/default.nginx.conf.template
+COPY nginx.conf /etc/nginx/
+COPY ./docker-entrypoint.sh /usr/local/bin/
+RUN mkdir -p /var/www
+
+RUN rm -rf /etc/nginx/conf.d/default.conf
+
+RUN adduser 1001 -g 1000 -D
+RUN chown 1001:1000 -R /var/www
+RUN chown 1001:1000 -R /etc/nginx
+RUN chown 1001:1000 -R /usr/local/bin/docker-entrypoint.sh
+
+ENV BASE_URL=/model
+
+USER 1001
+
+ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
+CMD ["nginx", "-g", "daemon off;"]

ui/justfile

@@ -1,4 +1,3 @@
-version := `../tools/image-tag`
 commit := `git rev-parse --short HEAD`
 thirdPartyLicenseFile := "THIRD_PARTY_LICENSES.txt"
 
@@ -10,15 +9,15 @@ build-local:
 
     npx parcel build src/index.html
 
-build IMAGETAG: build-local
+build IMAGE_TAG RELEASE_VERSION: build-local
     cp ../{{thirdPartyLicenseFile}} .
     docker buildx build \
         --rm \
         --platform "linux/amd64" \
         -f 'Dockerfile.cross' \
         --provenance=false \
-        -t {{IMAGETAG}}-amd64 \
-        --build-arg version={{version}} \
+        -t {{IMAGE_TAG}}-amd64 \
+        --build-arg version={{RELEASE_VERSION}} \
         --build-arg commit={{commit}} \
         --push \
         .
@@ -28,16 +27,15 @@ build IMAGETAG: build-local
         --platform "linux/arm64" \
         -f 'Dockerfile.cross' \
         --provenance=false \
-        -t {{IMAGETAG}}-arm64 \
-        --build-arg version={{version}} \
+        -t {{IMAGE_TAG}}-arm64 \
+        --build-arg version={{RELEASE_VERSION}} \
         --build-arg commit={{commit}} \
         --push \
         .
 
     manifest-tool push from-args \
         --platforms "linux/amd64,linux/arm64" \
-        --template {{IMAGETAG}}-ARCH \
-        --target {{IMAGETAG}}
+        --template {{IMAGE_TAG}}-ARCH \
+        --target {{IMAGE_TAG}}
 
     rm -f {{thirdPartyLicenseFile}}
-