Enhance Makefile to easily deploy to a remote cluster (#1751)

* add step to build helm charts

* push helm charts to remote registry

* push docker images to remote registry

* create Extension for remote

* ignore build artifacts

* apply extension manifest

* add all-in-one step

* add pullSecretRef for Helm charts

* fix values and always pull images

* add documentation

* change yq quotes to work also on Linux

Author: matthias-horne

.gitignore

@@ -5,6 +5,7 @@
 **/dev
 /bin
 hack/tools/bin
+/remote
 
 *.coverprofile
 *.html

Makefile

@@ -120,6 +120,79 @@ docker-image-admission:
 .PHONY: docker-images
 docker-images: docker-image-provider docker-image-admission
 
+.PHONY: docker-push-provider
+docker-push-provider: $(KUBECTL)
+	$(eval REGISTRY_URL := $(shell $(KUBECTL) cluster-info | head -1 | grep -oP 'https://\K[^:]+' | sed 's/^api\./reg./'))
+	@docker tag $(IMAGE_PREFIX)/$(NAME):$(VERSION) $(REGISTRY_URL)/$(NAME):$(VERSION)
+	@docker push $(REGISTRY_URL)/$(NAME):$(VERSION)
+
+.PHONY: docker-push-admission
+docker-push-admission: $(KUBECTL)
+	$(eval REGISTRY_URL := $(shell $(KUBECTL) cluster-info | head -1 | grep -oP 'https://\K[^:]+' | sed 's/^api\./reg./'))
+	@docker tag $(IMAGE_PREFIX)/$(ADMISSION_NAME):$(VERSION) $(REGISTRY_URL)/$(ADMISSION_NAME):$(VERSION)
+	@docker push $(REGISTRY_URL)/$(ADMISSION_NAME):$(VERSION)
+
+.PHONY: docker-push
+docker-push: docker-push-provider docker-push-admission
+
+.PHONY: helm-chart-provider
+helm-chart-provider: $(HELM)
+	@mkdir -p remote
+	@$(HELM) package ./charts/$(EXTENSION_PREFIX)-$(NAME) --version $(VERSION) --app-version $(VERSION) --destination remote
+
+.PHONY: helm-chart-admission
+helm-chart-admission: $(HELM)
+	@mkdir -p remote
+	@$(HELM) package ./charts/$(EXTENSION_PREFIX)-$(ADMISSION_NAME)/charts/application --version $(VERSION) --app-version $(VERSION) --destination remote
+	@$(HELM) package ./charts/$(EXTENSION_PREFIX)-$(ADMISSION_NAME)/charts/runtime --version $(VERSION) --app-version $(VERSION) --destination remote
+
+.PHONY: helm-charts
+helm-charts: helm-chart-provider helm-chart-admission
+
+.PHONY: helm-push-provider
+helm-push-provider: $(HELM) $(KUBECTL)
+	$(eval REGISTRY_URL := $(shell $(KUBECTL) cluster-info | head -1 | grep -oP 'https://\K[^:]+' | sed 's/^api\./reg./'))
+	@$(HELM) push remote/$(EXTENSION_PREFIX)-$(NAME)-$(VERSION).tgz oci://$(REGISTRY_URL)
+
+.PHONY: helm-push-admission
+helm-push-admission: $(HELM) $(KUBECTL)
+	$(eval REGISTRY_URL := $(shell $(KUBECTL) cluster-info | head -1 | grep -oP 'https://\K[^:]+' | sed 's/^api\./reg./'))
+	@$(HELM) push remote/$(ADMISSION_NAME)-application-$(VERSION).tgz oci://$(REGISTRY_URL)
+	@$(HELM) push remote/$(ADMISSION_NAME)-runtime-$(VERSION).tgz oci://$(REGISTRY_URL)
+
+.PHONY: helm-push
+helm-push: helm-push-provider helm-push-admission
+
+.PHONY: extension-manifest
+extension-manifest: $(KUBECTL) $(YQ)
+	$(eval REGISTRY_URL := $(shell $(KUBECTL) cluster-info | head -1 | grep -oP 'https://\K[^:]+' | sed 's/^api\./reg./'))
+	@mkdir -p remote
+	@$(YQ) eval ".spec.deployment.admission.runtimeCluster.helm.ociRepository.ref = \"$(REGISTRY_URL)/$(ADMISSION_NAME)-runtime:$(VERSION)\" | \
+	          .spec.deployment.admission.runtimeCluster.helm.ociRepository.pullSecretRef.name = \"gardener-images\" | \
+	          .spec.deployment.admission.virtualCluster.helm.ociRepository.ref = \"$(REGISTRY_URL)/$(ADMISSION_NAME)-application:$(VERSION)\" | \
+	          .spec.deployment.admission.virtualCluster.helm.ociRepository.pullSecretRef.name = \"gardener-images\" | \
+	          .spec.deployment.extension.helm.ociRepository.ref = \"$(REGISTRY_URL)/$(EXTENSION_PREFIX)-$(NAME):$(VERSION)\" | \
+	          .spec.deployment.extension.helm.ociRepository.pullSecretRef.name = \"gardener-images\" | \
+	          .spec.deployment.admission.values.image.repository = \"$(REGISTRY_URL)/$(ADMISSION_NAME)\" | \
+	          .spec.deployment.admission.values.image.tag = \"$(VERSION)\" | \
+	          .spec.deployment.admission.values.image.pullPolicy = \"Always\" | \
+	          .spec.deployment.extension.values.image.repository = \"$(REGISTRY_URL)/$(NAME)\" | \
+	          .spec.deployment.extension.values.image.tag = \"$(VERSION)\" | \
+	          .spec.deployment.extension.values.image.pullPolicy = \"Always\" | \
+	          .spec.deployment.extension.runtimeClusterValues.image.repository = \"$(REGISTRY_URL)/$(NAME)\" | \
+	          .spec.deployment.extension.runtimeClusterValues.image.tag = \"$(VERSION)\" | \
+	          .spec.deployment.extension.runtimeClusterValues.image.pullPolicy = \"Always\"" \
+	          example/extension.yaml > remote/extension.yaml
+	@echo "Created remote/extension.yaml with registry $(REGISTRY_URL)"
+
+.PHONY: extension-apply
+extension-apply: $(KUBECTL)
+	@$(KUBECTL) apply -f remote/extension.yaml
+
+.PHONY: deploy-remote
+deploy-remote: docker-images docker-push helm-charts helm-push extension-manifest extension-apply
+	@echo "Successfully deployed extension to remote cluster"
+
 #####################################################################
 # Rules for verification, formatting, linting, testing and cleaning #
 #####################################################################

docs/development/local-setup.md

@@ -0,0 +1,82 @@
+# Remote Cluster Setup
+
+This guide describes how to build and deploy the AWS provider extension to a remote Kubernetes cluster for development and testing.
+
+## Prerequisites
+
+A Gardener installation deployed remotely following the [Gardener Remote Setup Guide](https://gardener.cloud/docs/gardener/deployment/getting_started_remotely/)
+
+**Important:** Ensure your `kubectl` context is set to the correct remote cluster before running any commands. The deployment process automatically detects the cluster's registry URL from the active kubeconfig.
+
+## Building and Deploying
+
+### Deploy Everything
+
+To build Docker images, Helm charts, and deploy the extension in one command:
+
+```bash
+make deploy-remote
+```
+
+This will:
+1. Build the provider and admission Docker images
+2. Push images to the cluster's registry
+3. Package the Helm charts
+4. Push charts to the cluster's registry
+5. Generate the extension manifest with correct registry references
+6. Apply the extension to the cluster
+
+### Individual Steps
+
+You can also run individual steps:
+
+```bash
+# Build Docker images
+make docker-images
+
+# Push Docker images
+make docker-push
+
+# Build Helm charts
+make helm-charts
+
+# Push Helm charts
+make helm-push
+
+# Generate extension manifest
+make extension-manifest
+
+# Apply extension to cluster
+make extension-apply
+```
+
+## Platform-Specific Notes
+
+### ARM Macs (Apple Silicon)
+
+When building on ARM Macs (M1/M2/M3), you must specify the target platform as `linux/amd64` since Kubernetes clusters typically run on AMD64 architecture:
+
+```bash
+TARGET_PLATFORMS=linux/amd64 make deploy-remote
+```
+
+Or for individual steps:
+
+```bash
+TARGET_PLATFORMS=linux/amd64 make docker-images
+make docker-push helm-charts helm-push extension-manifest extension-apply
+```
+
+## Generated Artifacts
+
+All build artifacts are placed in the `remote/` directory (gitignored):
+- `remote/*.tgz` - Helm chart packages
+- `remote/extension.yaml` - Generated extension manifest with registry URLs
+
+## Registry Configuration
+
+The deployment automatically derives the registry URL from your cluster's API server:
+- API server: `api.example.shoot.dev.k8s-hana.ondemand.com`
+- Registry: `reg.example.shoot.dev.k8s-hana.ondemand.com`
+
+The extension manifest is configured to pull images using the `gardener-images` secret.