From b2e930feaa987d4261639036600bea256236d4f1 Mon Sep 17 00:00:00 2001 From: Erez Freiberger Date: Tue, 8 Sep 2020 14:25:59 +0300 Subject: [PATCH] preparing for v0.1 release --- Makefile | 6 +- build/crd.yaml | 74 +++++++ build/epsagon-operator.yaml | 338 ++++++++++++++++++++++++++++++ config/manager/kustomization.yaml | 2 +- 4 files changed, 418 insertions(+), 2 deletions(-) create mode 100644 build/crd.yaml create mode 100644 build/epsagon-operator.yaml diff --git a/Makefile b/Makefile index ba9d0a6..a099ac6 100644 --- a/Makefile +++ b/Makefile @@ -57,6 +57,11 @@ delete: manifests kustomize cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG} $(KUSTOMIZE) build config/default | kubectl delete -f - +update-release: docker-build docker-push + $(KUSTOMIZE) build config/crd > build/crd.yaml + cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG} + $(KUSTOMIZE) build config/default > build/epsagon-operator.yaml + # Generate manifests e.g. CRD, RBAC etc. manifests: controller-gen $(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role webhook paths="./..." output:crd:artifacts:config=config/crd/bases @@ -126,5 +131,4 @@ bundle: manifests bundle-build: $(CONTAINER_RUNTIME) build -f bundle.Dockerfile -t $(BUNDLE_IMG) . - build-push-deploy: docker-build docker-push deploy diff --git a/build/crd.yaml b/build/crd.yaml new file mode 100644 index 0000000..390535e --- /dev/null +++ b/build/crd.yaml @@ -0,0 +1,74 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.3.0 + creationTimestamp: null + name: epsagons.integration.epsagon.com +spec: + group: integration.epsagon.com + names: + kind: Epsagon + listKind: EpsagonList + plural: epsagons + singular: epsagon + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + description: Epsagon is the Schema for the epsagons API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: EpsagonSpec defines the desired state of Epsagon + properties: + clusterEndpoint: + description: ClusterEndpoint cluster api endpoint to access from outside + of the cluster + type: string + epsagonToken: + description: EpsagonToken is the Epsagon token for the account integrating + this cluster + type: string + required: + - clusterEndpoint + - epsagonToken + type: object + status: + description: EpsagonStatus defines the observed state of Epsagon + properties: + lastUpdate: + description: LastUpdate the last update time of this resource + format: date-time + type: string + reason: + description: Reason description of the error, if any. + type: string + status: + description: Status of the integration with Epsagon + type: string + type: object + type: object + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/build/epsagon-operator.yaml b/build/epsagon-operator.yaml new file mode 100644 index 0000000..f39362f --- /dev/null +++ b/build/epsagon-operator.yaml @@ -0,0 +1,338 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + control-plane: controller-manager + name: epsagon-operator-system +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.3.0 + creationTimestamp: null + name: epsagons.integration.epsagon.com +spec: + group: integration.epsagon.com + names: + kind: Epsagon + listKind: EpsagonList + plural: epsagons + singular: epsagon + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + description: Epsagon is the Schema for the epsagons API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: EpsagonSpec defines the desired state of Epsagon + properties: + clusterEndpoint: + description: ClusterEndpoint cluster api endpoint to access from outside + of the cluster + type: string + epsagonToken: + description: EpsagonToken is the Epsagon token for the account integrating + this cluster + type: string + required: + - clusterEndpoint + - epsagonToken + type: object + status: + description: EpsagonStatus defines the observed state of Epsagon + properties: + lastUpdate: + description: LastUpdate the last update time of this resource + format: date-time + type: string + reason: + description: Reason description of the error, if any. + type: string + status: + description: Status of the integration with Epsagon + type: string + type: object + type: object + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: epsagon-operator-epsagon-operator + namespace: default +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: epsagon-operator-leader-election-role + namespace: default +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - configmaps/status + verbs: + - get + - update + - patch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: epsagon-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - integration.epsagon.com + resources: + - epsagons + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - integration.epsagon.com + resources: + - epsagons/status + verbs: + - get + - patch + - update +- apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterroles + verbs: + - bind + - create + - delete + - escalate + - get + - list + - patch + - update + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: epsagon-operator-proxy-role +rules: +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: epsagon-operator-metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: epsagon-operator-leader-election-rolebinding + namespace: default +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: epsagon-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: default + namespace: default +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: epsagon-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: epsagon-operator-manager-role +subjects: +- kind: ServiceAccount + name: epsagon-operator-epsagon-operator + namespace: default +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: epsagon-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: epsagon-operator-proxy-role +subjects: +- kind: ServiceAccount + name: default + namespace: default +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: epsagon-operator-controller-manager-metrics-service + namespace: default +spec: + ports: + - name: https + port: 8443 + targetPort: https + selector: + control-plane: controller-manager +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + control-plane: controller-manager + name: epsagon-operator-controller-manager + namespace: default +spec: + replicas: 1 + selector: + matchLabels: + control-plane: controller-manager + template: + metadata: + labels: + control-plane: controller-manager + spec: + containers: + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=10 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.5.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + - args: + - --metrics-addr=127.0.0.1:8080 + - --enable-leader-election + command: + - /manager + image: docker.io/epsagon/epsagon-operator:v0.1 + name: manager + resources: + limits: + cpu: 100m + memory: 30Mi + requests: + cpu: 100m + memory: 20Mi + serviceAccountName: epsagon-operator-epsagon-operator + terminationGracePeriodSeconds: 10 diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index ee186af..de3ce7f 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -5,4 +5,4 @@ kind: Kustomization images: - name: controller newName: docker.io/epsagon/epsagon-operator - newTag: 0.0.33 + newTag: v0.1