CLI: add support for namespace other than flux-system

cmd/gitops/app/bootstrap/cmd.go

@@ -12,6 +12,7 @@ import (
 )
 
 const (
+	wgeDefaultNamespace = "flux-system"
 	cmdName             = "bootstrap"
 	cmdShortDescription = "Installs Weave GitOps Enterprise in simple steps"
 	cmdLongDescription  = `Installs Weave GitOps Enterprise in simple steps:
@@ -29,10 +30,15 @@ gitops bootstrap --kubeconfig <your-kubeconfig-location>
 
 # Start WGE installation with given 'username' and 'password'
 gitops bootstrap --username wego-admin --password=hell0!
+
+# Start WGE installation within different namespace than flux-system
+gitops bootstrap -n test-namespace
+
 `
 )
 
 type bootstrapFlags struct {
+	namespace          string
 	username           string
 	password           string
 	version            string
@@ -52,7 +58,7 @@ func Command(opts *config.Options) *cobra.Command {
 		Example: cmdExamples,
 		RunE:    getBootstrapCmdRun(opts),
 	}
-
+	cmd.PersistentFlags().StringVarP(&flags.namespace, "namespace", "n", wgeDefaultNamespace, "The namespace scope for this operation")
 	cmd.Flags().StringVarP(&flags.username, "username", "u", "", "dashboard admin username")
 	cmd.Flags().StringVarP(&flags.password, "password", "p", "", "dashboard admin password")
 	cmd.Flags().StringVarP(&flags.version, "version", "v", "", "version of Weave GitOps Enterprise (should be from the latest 3 versions)")
@@ -72,6 +78,7 @@ func getBootstrapCmdRun(opts *config.Options) func(*cobra.Command, []string) err
 		c, err := steps.NewConfigBuilder().
 			WithLogWriter(cliLogger).
 			WithKubeconfig(opts.Kubeconfig).
+			WithNamespace(flags.namespace).
 			WithUsername(flags.username).
 			WithPassword(flags.password).
 			WithVersion(flags.version).

pkg/bootstrap/steps/admin_password.go

@@ -54,7 +54,7 @@ func NewAskAdminCredsSecretStep(config Config) BootstrapStep {
 			Msg:             existingCredsMsg,
 			DefaultValue:    "",
 			Valuesfn:        isExistingAdminSecret,
-			StepInformation: fmt.Sprintf(adminSecretExistsMsgFormat, adminSecretName, WGEDefaultNamespace),
+			StepInformation: fmt.Sprintf(adminSecretExistsMsgFormat, adminSecretName, config.Namespace),
 		},
 	}
 
@@ -99,7 +99,7 @@ func createCredentials(input []StepInput, c *Config) ([]StepOutput, error) {
 
 	if existing, _ := isExistingAdminSecret(input, c); existing.(bool) {
 		if continueWithExistingCreds != confirmYes {
-			return []StepOutput{}, fmt.Errorf(existingCredsExitMsg, adminSecretName, WGEDefaultNamespace)
+			return []StepOutput{}, fmt.Errorf(existingCredsExitMsg, adminSecretName, c.Namespace)
 		} else {
 			return []StepOutput{}, nil
 		}
@@ -119,7 +119,7 @@ func createCredentials(input []StepInput, c *Config) ([]StepOutput, error) {
 	secret := corev1.Secret{
 		ObjectMeta: v1.ObjectMeta{
 			Name:      adminSecretName,
-			Namespace: WGEDefaultNamespace,
+			Namespace: c.Namespace,
 		},
 		Data: data,
 	}
@@ -139,7 +139,7 @@ func createCredentials(input []StepInput, c *Config) ([]StepOutput, error) {
 // returns true if admin secret is already on the cluster
 // returns false if no admin secret on the cluster
 func isExistingAdminSecret(input []StepInput, c *Config) (interface{}, error) {
-	_, err := utils.GetSecret(c.KubernetesClient, adminSecretName, WGEDefaultNamespace)
+	_, err := utils.GetSecret(c.KubernetesClient, adminSecretName, c.Namespace)
 	if err != nil {
 		return false, nil
 	}

pkg/bootstrap/steps/admin_password_test.go

@@ -43,7 +43,7 @@ func TestCreateCredentials(t *testing.T) {
 					Value: v1.Secret{
 						ObjectMeta: metav1.ObjectMeta{
 							Name:      adminSecretName,
-							Namespace: WGEDefaultNamespace,
+							Namespace: testNamespace,
 						},
 						Data: map[string][]byte{
 							"username": []byte("wego-admin"),
@@ -56,7 +56,7 @@ func TestCreateCredentials(t *testing.T) {
 		{
 			name: "secret exist and user refuse to continue",
 			secret: &v1.Secret{
-				ObjectMeta: metav1.ObjectMeta{Name: adminSecretName, Namespace: WGEDefaultNamespace},
+				ObjectMeta: metav1.ObjectMeta{Name: adminSecretName, Namespace: testNamespace},
 				Type:       "Opaque",
 				Data: map[string][]byte{
 					"username": []byte("test-username"),
@@ -83,7 +83,7 @@ func TestCreateCredentials(t *testing.T) {
 		{
 			name: "secret exist and user continue",
 			secret: &v1.Secret{
-				ObjectMeta: metav1.ObjectMeta{Name: adminSecretName, Namespace: WGEDefaultNamespace},
+				ObjectMeta: metav1.ObjectMeta{Name: adminSecretName, Namespace: testNamespace},
 				Type:       "Opaque",
 				Data: map[string][]byte{
 					"username": []byte("test-username"),
@@ -112,7 +112,7 @@ func TestCreateCredentials(t *testing.T) {
 					Value: v1.Secret{
 						ObjectMeta: metav1.ObjectMeta{
 							Name:      adminSecretName,
-							Namespace: WGEDefaultNamespace,
+							Namespace: testNamespace,
 						},
 						Data: map[string][]byte{
 							"username": []byte("wego-admin"),
@@ -126,7 +126,9 @@ func TestCreateCredentials(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			config := makeTestConfig(t, Config{}, tt.secret)
+			config := makeTestConfig(t, Config{
+				Namespace: testNamespace,
+			}, tt.secret)
 
 			out, err := createCredentials(tt.input, &config)
 			if err != nil {

pkg/bootstrap/steps/common_tests.go

@@ -7,12 +7,15 @@ import (
 	"k8s.io/apimachinery/pkg/runtime"
 )
 
+const testNamespace = "test-ns"
+
 func makeTestConfig(t *testing.T, config Config, objects ...runtime.Object) Config {
 	fakeClient := utils.CreateFakeClient(t, objects...)
 	cliLogger := utils.CreateLogger()
 	return Config{
 		KubernetesClient:   fakeClient,
 		Logger:             cliLogger,
+		Namespace:          config.Namespace,
 		WGEVersion:         config.WGEVersion,
 		DomainType:         config.DomainType,
 		Username:           config.UserDomain,

pkg/bootstrap/steps/config.go

@@ -41,6 +41,7 @@ const (
 type ConfigBuilder struct {
 	logger             logger.Logger
 	kubeconfig         string
+	namespace          string
 	username           string
 	password           string
 	wGEVersion         string
@@ -59,6 +60,11 @@ func (c *ConfigBuilder) WithLogWriter(logger logger.Logger) *ConfigBuilder {
 	return c
 }
 
+func (c *ConfigBuilder) WithNamespace(namespace string) *ConfigBuilder {
+	c.namespace = namespace
+	return c
+}
+
 func (c *ConfigBuilder) WithUsername(username string) *ConfigBuilder {
 	c.username = username
 	return c
@@ -103,6 +109,8 @@ type Config struct {
 	KubernetesClient k8s_client.Client
 	Logger           logger.Logger
 
+	Namespace string
+
 	WGEVersion string // user want this version in the cluster
 
 	Username string // cluster user username
@@ -142,6 +150,7 @@ func (cb *ConfigBuilder) Build() (Config, error) {
 	return Config{
 		KubernetesClient:   kubeHttp.Client,
 		WGEVersion:         cb.wGEVersion,
+		Namespace:          cb.namespace,
 		Username:           cb.username,
 		Password:           cb.password,
 		Logger:             cb.logger,

pkg/bootstrap/steps/domain_type_test.go

@@ -33,7 +33,7 @@ func TestSelectDomainType(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			config := makeTestConfig(t, Config{})
+			config := makeTestConfig(t, Config{Namespace: testNamespace})
 
 			_, err := selectDomainType(tt.input, &config)
 			if err != nil {

pkg/bootstrap/steps/entitlement.go

@@ -18,7 +18,7 @@ const (
 	nonExistingEntitlementSecretMsg = "entitlement file is not found, To get Weave GitOps Entitelment secret, please contact *[email protected]* and add it to your cluster"
 	invalidEntitlementSecretMsg     = "entitlement file is invalid, please verify the secret content. If you still facing issues, please contact *[email protected]*"
 	expiredEntitlementSecretMsg     = "entitlement file is expired at: %s, please contact *[email protected]*"
-	entitlementCheckMsg             = "verifying Weave GitOps Entitlement File"
+	entitlementCheckMsg             = "verifying Weave GitOps Entitlement File in namespace: %s"
 )
 
 // wge consts
@@ -37,8 +37,8 @@ var CheckEntitlementSecret = BootstrapStep{
 }
 
 func checkEntitlementSecret(input []StepInput, c *Config) ([]StepOutput, error) {
-	c.Logger.Actionf(entitlementCheckMsg)
-	err := verifyEntitlementSecret(c.KubernetesClient)
+	c.Logger.Actionf(entitlementCheckMsg, c.Namespace)
+	err := verifyEntitlementSecret(c.KubernetesClient, c.Namespace)
 	if err != nil {
 		return []StepOutput{}, err
 	}
@@ -51,8 +51,8 @@ func checkEntitlementSecret(input []StepInput, c *Config) ([]StepOutput, error)
 // verifing entitlement by the public key (private key is used for encrypting and public is for verification)
 // and making sure it's not expired
 // verifying username and password by making http request for downloading charts and ensuring it's authenticated
-func verifyEntitlementSecret(client k8s_client.Client) error {
-	secret, err := utils.GetSecret(client, entitlementSecretName, WGEDefaultNamespace)
+func verifyEntitlementSecret(client k8s_client.Client, namespace string) error {
+	secret, err := utils.GetSecret(client, entitlementSecretName, namespace)
 	if err != nil {
 		return fmt.Errorf("%s: %v", nonExistingEntitlementSecretMsg, err)
 	}

pkg/bootstrap/steps/entitlement_test.go

@@ -27,7 +27,7 @@ func TestCheckEntitlementFile(t *testing.T) {
 		{
 			name: "invalid entitlement",
 			secret: &v1.Secret{
-				ObjectMeta: metav1.ObjectMeta{Name: entitlementSecretName, Namespace: WGEDefaultNamespace},
+				ObjectMeta: metav1.ObjectMeta{Name: entitlementSecretName, Namespace: testNamespace},
 				Type:       "Opaque",
 				Data: map[string][]byte{
 					"entitlement": []byte(invalidEntitlement),
@@ -40,7 +40,7 @@ func TestCheckEntitlementFile(t *testing.T) {
 		{
 			name: "expired entitlement",
 			secret: &v1.Secret{
-				ObjectMeta: metav1.ObjectMeta{Name: entitlementSecretName, Namespace: WGEDefaultNamespace},
+				ObjectMeta: metav1.ObjectMeta{Name: entitlementSecretName, Namespace: testNamespace},
 				Type:       "Opaque",
 				Data: map[string][]byte{
 					"entitlement": []byte(expiredEntitlement),
@@ -54,7 +54,7 @@ func TestCheckEntitlementFile(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			config := makeTestConfig(t, Config{}, tt.secret)
+			config := makeTestConfig(t, Config{Namespace: testNamespace}, tt.secret)
 			_, err := checkEntitlementSecret([]StepInput{}, &config)
 			if err != nil {
 				if tt.err {

pkg/bootstrap/steps/flux.go

@@ -3,6 +3,7 @@ package steps
 import (
 	"fmt"
 
+	"github.com/weaveworks/weave-gitops-enterprise/pkg/bootstrap/utils"
 	"github.com/weaveworks/weave-gitops/pkg/runner"
 )
 
@@ -11,7 +12,7 @@ const (
 	fluxBoostrapCheckMsg     = "checking flux"
 	fluxExistingInstallMsg   = "flux is installed"
 	fluxExistingBootstrapMsg = "flux is bootstrapped"
-	fluxRecoverMsg           = "please bootstrap Flux in 'flux-system' namespace: more info https://fluxcd.io/flux/installation"
+	fluxRecoverMsg           = "please bootstrap Flux: more info https://fluxcd.io/flux/installation"
 )
 
 // VerifyFluxInstallation checks that Flux is present in the cluster. It fails in case not and returns next steps to install it.
@@ -24,18 +25,19 @@ var VerifyFluxInstallation = BootstrapStep{
 func verifyFluxInstallation(input []StepInput, c *Config) ([]StepOutput, error) {
 	var runner runner.CLIRunner
 
-	c.Logger.Actionf("verifying flux installation")
-	out, err := runner.Run("flux", "check")
+	c.Logger.Actionf("verifying flux installation in namespace: %s", c.Namespace)
+	out, err := runner.Run("flux", "check", "-n", c.Namespace)
 	if err != nil {
 		return []StepOutput{}, fmt.Errorf("flux installed error: %v. %s", string(out), fluxRecoverMsg)
 	}
 	c.Logger.Successf(fluxExistingInstallMsg)
 
-	c.Logger.Actionf("verifying flux reconcillation")
-	out, err = runner.Run("flux", "reconcile", "kustomization", "flux-system")
+	c.Logger.Actionf("verifying flux reconcillation in namespace: %s", c.Namespace)
+	err = utils.ReconcileFlux(c.Namespace)
 	if err != nil {
-		return []StepOutput{}, fmt.Errorf("flux bootstrapped error: %v. %s", string(out), fluxRecoverMsg)
+		return []StepOutput{}, fmt.Errorf("flux bootstrapped error: %v. %s", err, fluxRecoverMsg)
 	}
+
 	c.Logger.Successf(fluxExistingBootstrapMsg)
 
 	return []StepOutput{}, nil

pkg/bootstrap/steps/install_wge.go

@@ -26,7 +26,6 @@ const (
 	wgeChartName                      = "mccp"
 	wgeHelmRepositoryName             = "weave-gitops-enterprise-charts"
 	WgeHelmReleaseName                = "weave-gitops-enterprise"
-	WGEDefaultNamespace               = "flux-system"
 	WGEDefaultRepoName                = "flux-system"
 	wgeHelmrepoFileName               = "wge-hrepo.yaml"
 	wgeHelmReleaseFileName            = "wge-hrelease.yaml"
@@ -85,7 +84,7 @@ func installWge(input []StepInput, c *Config) ([]StepOutput, error) {
 
 	c.Logger.Actionf(wgeInstallMsg, c.WGEVersion)
 
-	wgehelmRepo, err := constructWgeHelmRepository()
+	wgehelmRepo, err := constructWgeHelmRepository(c.Namespace)
 	if err != nil {
 		return []StepOutput{}, err
 	}
@@ -127,7 +126,7 @@ func installWge(input []StepInput, c *Config) ([]StepOutput, error) {
 		ClusterController: clusterController,
 	}
 
-	wgeHelmRelease, err := constructWGEhelmRelease(values, c.WGEVersion)
+	wgeHelmRelease, err := constructWGEhelmRelease(c.Namespace, values, c.WGEVersion)
 	if err != nil {
 		return []StepOutput{}, err
 	}
@@ -158,11 +157,11 @@ func installWge(input []StepInput, c *Config) ([]StepOutput, error) {
 	}, nil
 }
 
-func constructWgeHelmRepository() (string, error) {
+func constructWgeHelmRepository(namespace string) (string, error) {
 	wgeHelmRepo := sourcev1beta2.HelmRepository{
 		ObjectMeta: v1.ObjectMeta{
 			Name:      wgeHelmRepositoryName,
-			Namespace: WGEDefaultNamespace,
+			Namespace: namespace,
 		},
 		Spec: sourcev1beta2.HelmRepositorySpec{
 			URL: wgeChartUrl,
@@ -201,7 +200,7 @@ func constructIngressValues(userDomain string) map[string]interface{} {
 	return ingressValues
 }
 
-func constructWGEhelmRelease(valuesFile valuesFile, chartVersion string) (string, error) {
+func constructWGEhelmRelease(namespace string, valuesFile valuesFile, chartVersion string) (string, error) {
 	valuesBytes, err := json.Marshal(valuesFile)
 	if err != nil {
 		return "", err
@@ -210,15 +209,15 @@ func constructWGEhelmRelease(valuesFile valuesFile, chartVersion string) (string
 	wgeHelmRelease := helmv2.HelmRelease{
 		ObjectMeta: v1.ObjectMeta{
 			Name:      WgeHelmReleaseName,
-			Namespace: WGEDefaultNamespace,
+			Namespace: namespace,
 		}, Spec: helmv2.HelmReleaseSpec{
 			Chart: helmv2.HelmChartTemplate{
 				Spec: helmv2.HelmChartTemplateSpec{
 					Chart:             wgeChartName,
 					ReconcileStrategy: sourcev1beta2.ReconcileStrategyChartVersion,
 					SourceRef: helmv2.CrossNamespaceObjectReference{
 						Name:      wgeHelmRepositoryName,
-						Namespace: WGEDefaultNamespace,
+						Namespace: namespace,
 					},
 					Version: chartVersion,
 				},