Skip to content

Commit

Permalink
fix group name
Browse files Browse the repository at this point in the history
  • Loading branch information
@kkb0318
kkb0318 committed Jun 2, 2024
1 parent da13a71 commit 979d08e
Show file tree
Hide file tree
Showing 21 changed files with 802 additions and 464 deletions.
4 changes: 2 additions & 2 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ kubectl create secret generic aws-secret -n irsa-manager-system \
Define and apply an IRSASetup custom resource according to your needs.

```yaml
apiVersion: irsa.kkb0318.github.io/v1alpha1
apiVersion: irsa-manager.kkb0318.github.io/v1alpha1
kind: IRSASetup
metadata:
name: irsa-init
Expand Down Expand Up @@ -135,7 +135,7 @@ You can set IRSA for the Kubernetes ServiceAccount.
The following example shows that irsa-manager sets the `irsa1-sa` ServiceAccount in the kube-system and default namespaces with the AmazonS3FullAccess policy:

```yaml
apiVersion: irsa.kkb0318.github.io/v1alpha1
apiVersion: irsa-manager.kkb0318.github.io/v1alpha1
kind: IRSA
metadata:
name: irsa-sample
Expand Down
4 changes: 2 additions & 2 deletions api/v1alpha1/groupversion_info.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ limitations under the License.

// Package v1alpha1 contains API Schema definitions for the irsa v1alpha1 API group
// +kubebuilder:object:generate=true
// +groupName=irsa.kkb0318.github.io
// +groupName=irsa-manager.kkb0318.github.io
package v1alpha1

import (
Expand All @@ -26,7 +26,7 @@ import (

var (
// GroupVersion is group version used to register these objects
GroupVersion = schema.GroupVersion{Group: "irsa.kkb0318.github.io", Version: "v1alpha1"}
GroupVersion = schema.GroupVersion{Group: "irsa-manager.kkb0318.github.io", Version: "v1alpha1"}

// SchemeBuilder is used to add go types to the GroupVersionKind scheme
SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}
Expand Down
176 changes: 91 additions & 85 deletions charts/irsa-manager/crds/irsasetup-crd.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,96 +3,102 @@ kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
name: irsasetups.irsa.kkb0318.github.io
name: irsasetups.irsa-manager.kkb0318.github.io
spec:
group: irsa.kkb0318.github.io
group: irsa-manager.kkb0318.github.io
names:
kind: IRSASetup
listKind: IRSASetupList
plural: irsasetups
singular: irsasetup
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: IRSASetup represents a configuration for setting up IAM Roles
for Service Accounts (IRSA) in a Kubernetes cluster.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: IRSASetupSpec defines the desired state of IRSASetup
properties:
auth:
description: Auth contains authentication configuration details.
properties:
secretRef:
description: SecretRef specifies the reference to the Kubernetes
secret containing authentication details.
properties:
name:
description: Name specifies the name of the secret.
type: string
namespace:
description: Namespace specifies the namespace of the secret.
type: string
required:
- name
type: object
required:
- secretRef
type: object
discovery:
description: |-
Discovery configures the IdP Discovery process, essential for setting up IRSA by locating
the OIDC provider information.
properties:
s3:
description: S3 specifies the AWS S3 bucket details where the
OIDC provider's discovery information is hosted.
properties:
bucketName:
description: BucketName is the name of the S3 bucket that
hosts the OIDC discovery information.
type: string
region:
description: Region denotes the AWS region where the S3 bucket
is located.
type: string
required:
- bucketName
- region
type: object
type: object
mode:
description: Mode specifies the mode of operation. Can be either "selfhosted"
or "eks".
type: string
required:
- discovery
- mode
type: object
status:
description: IRSASetupStatus defines the observed state of IRSASetup
type: object
type: object
served: true
storage: true
subresources:
status: {}
- name: v1alpha1
schema:
openAPIV3Schema:
description:
IRSASetup represents a configuration for setting up IAM Roles
for Service Accounts (IRSA) in a Kubernetes cluster.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: IRSASetupSpec defines the desired state of IRSASetup
properties:
auth:
description: Auth contains authentication configuration details.
properties:
secretRef:
description:
SecretRef specifies the reference to the Kubernetes
secret containing authentication details.
properties:
name:
description: Name specifies the name of the secret.
type: string
namespace:
description: Namespace specifies the namespace of the secret.
type: string
required:
- name
type: object
required:
- secretRef
type: object
discovery:
description: |-
Discovery configures the IdP Discovery process, essential for setting up IRSA by locating
the OIDC provider information.
properties:
s3:
description:
S3 specifies the AWS S3 bucket details where the
OIDC provider's discovery information is hosted.
properties:
bucketName:
description:
BucketName is the name of the S3 bucket that
hosts the OIDC discovery information.
type: string
region:
description:
Region denotes the AWS region where the S3 bucket
is located.
type: string
required:
- bucketName
- region
type: object
type: object
mode:
description:
Mode specifies the mode of operation. Can be either "selfhosted"
or "eks".
type: string
required:
- discovery
- mode
type: object
status:
description: IRSASetupStatus defines the observed state of IRSASetup
type: object
type: object
served: true
storage: true
subresources:
status: {}
8 changes: 4 additions & 4 deletions charts/irsa-manager/templates/manager-rbac.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ metadata:
{{- include "irsa-manager.labels" . | nindent 4 }}
rules:
- apiGroups:
- irsa.kkb0318.github.io
- irsa-manager.kkb0318.github.io
resources:
- irsasetups
verbs:
Expand All @@ -18,13 +18,13 @@ rules:
- update
- watch
- apiGroups:
- irsa.kkb0318.github.io
- irsa-manager.kkb0318.github.io
resources:
- irsasetups/finalizers
verbs:
- update
- apiGroups:
- irsa.kkb0318.github.io
- irsa-manager.kkb0318.github.io
resources:
- irsasetups/status
verbs:
Expand All @@ -48,4 +48,4 @@ roleRef:
subjects:
- kind: ServiceAccount
name: '{{ include "irsa-manager.fullname" . }}-controller-manager'
namespace: '{{ .Release.Namespace }}'
namespace: '{{ .Release.Namespace }}'
Loading

0 comments on commit 979d08e

Please sign in to comment.