diff --git a/Makefile b/Makefile index 17393aa..7288298 100644 --- a/Makefile +++ b/Makefile @@ -3,7 +3,7 @@ # To re-generate a bundle for another specific version without changing the standard setup, you can: # - use the VERSION as arg of the bundle target (e.g make bundle VERSION=0.0.2) # - use environment variables to overwrite this value (e.g export VERSION=0.0.2) -VERSION ?= 0.1.3 +VERSION ?= 0.1.4-rc.5 # CHANNELS define the bundle channels used in the bundle. # Add a new line here if you would like to change its default config. (E.g CHANNELS = "candidate,fast,stable") diff --git a/VERSION b/VERSION index b1e80bb..845639e 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -0.1.3 +0.1.4 diff --git a/bundle/manifests/kubero-operator.clusterserviceversion.yaml b/bundle/manifests/kubero-operator.clusterserviceversion.yaml index 8af0807..4a63fb2 100644 --- a/bundle/manifests/kubero-operator.clusterserviceversion.yaml +++ b/bundle/manifests/kubero-operator.clusterserviceversion.yaml @@ -1136,14 +1136,14 @@ metadata: capabilities: Basic Install categories: Integration & Delivery certified: "false" - containerImage: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.1.3 - createdAt: "2024-09-09T20:49:18Z" + containerImage: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.1.4-rc.5 + createdAt: "2024-09-20T11:44:44Z" description: Kubero is a GitOps continuous delivery tool for Kubernetes. operators.operatorframework.io/builder: operator-sdk-v1.34.1 operators.operatorframework.io/project_layout: helm.sdk.operatorframework.io/v1 repository: https://github.com/kubero-dev/kubero support: Kubero Community - name: kubero-operator.v0.1.3 + name: kubero-operator.v0.1.4-rc.5 namespace: placeholder spec: apiservicedefinitions: {} @@ -2039,7 +2039,8 @@ spec: - --metrics-bind-address=127.0.0.1:8080 - --leader-elect - --leader-election-id=kubero-operator - image: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.1.3 + - --zap-log-level=info + image: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.1.4-rc.5 livenessProbe: httpGet: path: /healthz @@ -2126,4 +2127,4 @@ spec: provider: name: kubero url: https://github.com/kubero-dev/ - version: 0.1.3 + version: 0.1.4-rc.5 diff --git a/config/default/manager_auth_proxy_patch.yaml b/config/default/manager_auth_proxy_patch.yaml index 093f084..b0ae91b 100644 --- a/config/default/manager_auth_proxy_patch.yaml +++ b/config/default/manager_auth_proxy_patch.yaml @@ -33,3 +33,4 @@ spec: - "--metrics-bind-address=127.0.0.1:8080" - "--leader-elect" - "--leader-election-id=kubero-operator" + - "--zap-log-level=info" diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index 4aba54d..f18b8a1 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -13,4 +13,4 @@ kind: Kustomization images: - name: controller newName: ghcr.io/kubero-dev/kubero-operator/kuberoapp - newTag: v0.1.3 + newTag: v0.1.4-rc.5 diff --git a/config/manifests/bases/kubero-operator.clusterserviceversion.yaml b/config/manifests/bases/kubero-operator.clusterserviceversion.yaml index 7fa6d06..1ace1c2 100644 --- a/config/manifests/bases/kubero-operator.clusterserviceversion.yaml +++ b/config/manifests/bases/kubero-operator.clusterserviceversion.yaml @@ -6,7 +6,7 @@ metadata: capabilities: Basic Install categories: Integration & Delivery certified: "false" - containerImage: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.1.3 + containerImage: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.1.4-rc.5 description: Kubero is a GitOps continuous delivery tool for Kubernetes. repository: https://github.com/kubero-dev/kubero support: Kubero Community diff --git a/deploy/operator.0.1.4-rc.1.yaml b/deploy/operator.0.1.4-rc.1.yaml new file mode 100644 index 0000000..676f786 --- /dev/null +++ b/deploy/operator.0.1.4-rc.1.yaml @@ -0,0 +1,1539 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + control-plane: controller-manager + name: kubero-operator-system +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoapps.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoApp + listKind: KuberoAppList + plural: kuberoapps + singular: kuberoapp + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoApp is the Schema for the kuberoapps API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoApp + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoApp + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberobuilds.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoBuild + listKind: KuberoBuildList + plural: kuberobuilds + singular: kuberobuild + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoBuild is the Schema for the kuberobuilds API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoBuild + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoBuild + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberocouchdbs.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoCouchDB + listKind: KuberoCouchDBList + plural: kuberocouchdbs + singular: kuberocouchdb + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoCouchDB is the Schema for the kuberocouchdbs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoCouchDB + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoCouchDB + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoelasticsearches.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoElasticsearch + listKind: KuberoElasticsearchList + plural: kuberoelasticsearches + singular: kuberoelasticsearch + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoElasticsearch is the Schema for the kuberoelasticsearches API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoElasticsearch + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoElasticsearch + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoes.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: Kubero + listKind: KuberoList + plural: kuberoes + singular: kubero + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Kubero is the Schema for the kuberoes API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of Kubero + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of Kubero + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberokafkas.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoKafka + listKind: KuberoKafkaList + plural: kuberokafkas + singular: kuberokafka + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoKafka is the Schema for the kuberokafkas API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoKafka + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoKafka + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberomails.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoMail + listKind: KuberoMailList + plural: kuberomails + singular: kuberomail + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoMail is the Schema for the kuberomails API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoMail + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoMail + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberomemcacheds.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoMemcached + listKind: KuberoMemcachedList + plural: kuberomemcacheds + singular: kuberomemcached + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoMemcached is the Schema for the kuberomemcacheds API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoMemcached + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoMemcached + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberomongodbs.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoMongoDB + listKind: KuberoMongoDBList + plural: kuberomongodbs + singular: kuberomongodb + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoMongoDB is the Schema for the kuberomongodbs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoMongoDB + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoMongoDB + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberomysqls.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoMysql + listKind: KuberoMysqlList + plural: kuberomysqls + singular: kuberomysql + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoMysql is the Schema for the kuberomysqls API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoMysql + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoMysql + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberopipelines.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoPipeline + listKind: KuberoPipelineList + plural: kuberopipelines + singular: kuberopipeline + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoPipeline is the Schema for the kuberopipelines API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoPipeline + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoPipeline + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberopostgresqls.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoPostgresql + listKind: KuberoPostgresqlList + plural: kuberopostgresqls + singular: kuberopostgresql + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoPostgresql is the Schema for the kuberopostgresqls API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoPostgresql + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoPostgresql + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoprometheuses.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoPrometheus + listKind: KuberoPrometheusList + plural: kuberoprometheuses + singular: kuberoprometheus + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoPrometheus is the Schema for the kuberoprometheuses API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoPrometheus + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoPrometheus + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberorabbitmqs.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoRabbitMQ + listKind: KuberoRabbitMQList + plural: kuberorabbitmqs + singular: kuberorabbitmq + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoRabbitMQ is the Schema for the kuberorabbitmqs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoRabbitMQ + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoRabbitMQ + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoredis.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoRedis + listKind: KuberoRedisList + plural: kuberoredis + singular: kuberoredis + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoRedis is the Schema for the kuberoredis API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoRedis + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoRedis + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: kubero-operator-controller-manager + namespace: kubero-operator-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: kubero-operator-leader-election-role + namespace: kubero-operator-system +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kubero-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get +- apiGroups: + - "" + - apps + resources: + - configmaps + - secrets + verbs: + - '*' +- apiGroups: + - "" + resources: + - events + verbs: + - create +- apiGroups: + - rbac.authorization.k8s.io + - "" + resources: + - roles + - clusterroles + - clusterrolebindings + - rolebindings + - secrets + - deployments + - namespaces + - services + - ingresses + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoapps + - kuberoapps/status + - kuberoapps/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + - "" + resources: + - deployments + - serviceaccounts + verbs: + - '*' +- apiGroups: + - autoscaling + resources: + - horizontalpodautoscalers + verbs: + - '*' +- apiGroups: + - networking.k8s.io + - "" + resources: + - ingresses + - rolebindings + - services + - jobs + verbs: + - '*' +- apiGroups: + - batch + resources: + - cronjobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - opstreelabs.in + resources: + - mongodbs + verbs: + - '*' +- apiGroups: + - redis.redis.opstreelabs.in + resources: + - redis + - redisclusters + verbs: + - '*' +- apiGroups: + - postgres-operator.crunchydata.com + resources: + - postgresclusters + verbs: + - '*' +- apiGroups: + - minio.min.io + resources: + - tenants + verbs: + - '*' +- apiGroups: + - charts.operatorhub.io + resources: + - cockroachdbs + verbs: + - '*' +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' +- apiGroups: + - networking.cfargotunnel.com + resources: + - tunnels + - tunnelbindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoes + - kuberoes/status + - kuberoes/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - "" + resources: + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + - persistentvolumeclaims/finalizers + - persistentvolumes/finalizers + verbs: + - '*' +- apiGroups: + - operators.coreos.com + resources: + - clusterserviceversions + verbs: + - '*' +- apiGroups: + - cert-manager.io + resources: + - certificates + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberopipelines + - kuberopipelines/status + - kuberopipelines/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - "" + resources: + - namespaces + - secrets + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberomysqls + - kuberomysqls/status + - kuberomysqls/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberopostgresqls + - kuberopostgresqls/status + - kuberopostgresqls/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoredis + - kuberoredis/status + - kuberoredis/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberomongodbs + - kuberomongodbs/status + - kuberomongodbs/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoelasticsearches + - kuberoelasticsearches/status + - kuberoelasticsearches/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberocouchdbs + - kuberocouchdbs/status + - kuberocouchdbs/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberokafkas + - kuberokafkas/status + - kuberokafkas/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - job + resources: + - batch + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberomails + - kuberomails/status + - kuberomails/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberorabbitmqs + - kuberorabbitmqs/status + - kuberorabbitmqs/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberomemcacheds + - kuberomemcacheds/status + - kuberomemcacheds/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoprometheuses + - kuberoprometheuses/status + - kuberoprometheuses/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - "" + resources: + - clusterrolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberobuilds + - kuberobuilds/status + - kuberobuilds/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - batch + resources: + - jobs + verbs: + - '*' +- apiGroups: + - "" + resources: + - pods + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kubero-operator-metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kubero-operator-proxy-role +rules: +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: kubero-operator-leader-election-rolebinding + namespace: kubero-operator-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: kubero-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: kubero-operator-controller-manager + namespace: kubero-operator-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: kubero-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: kubero-operator-manager-role +subjects: +- kind: ServiceAccount + name: kubero-operator-controller-manager + namespace: kubero-operator-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: kubero-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: kubero-operator-proxy-role +subjects: +- kind: ServiceAccount + name: kubero-operator-controller-manager + namespace: kubero-operator-system +--- +apiVersion: v1 +data: + controller_manager_config.yaml: | + apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 + kind: ControllerManagerConfig + health: + healthProbeBindAddress: :8081 + metrics: + bindAddress: 127.0.0.1:8080 + + leaderElection: + leaderElect: true + resourceName: 811c9dc5.kubero.dev +kind: ConfigMap +metadata: + name: kubero-operator-manager-config + namespace: kubero-operator-system +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: kubero-operator-controller-manager-metrics-service + namespace: kubero-operator-system +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + control-plane: controller-manager +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + control-plane: controller-manager + name: kubero-operator-controller-manager + namespace: kubero-operator-system +spec: + replicas: 1 + selector: + matchLabels: + control-plane: controller-manager + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: manager + labels: + control-plane: controller-manager + spec: + containers: + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=0 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.11.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + protocol: TCP + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi + - args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + - --leader-election-id=kubero-operator + image: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.1.4-rc.1 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 1000m + memory: 1Gi + requests: + cpu: 100m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + serviceAccountName: kubero-operator-controller-manager + terminationGracePeriodSeconds: 10 diff --git a/deploy/operator.0.1.4-rc.2.yaml b/deploy/operator.0.1.4-rc.2.yaml new file mode 100644 index 0000000..ceb9776 --- /dev/null +++ b/deploy/operator.0.1.4-rc.2.yaml @@ -0,0 +1,1539 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + control-plane: controller-manager + name: kubero-operator-system +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoapps.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoApp + listKind: KuberoAppList + plural: kuberoapps + singular: kuberoapp + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoApp is the Schema for the kuberoapps API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoApp + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoApp + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberobuilds.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoBuild + listKind: KuberoBuildList + plural: kuberobuilds + singular: kuberobuild + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoBuild is the Schema for the kuberobuilds API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoBuild + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoBuild + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberocouchdbs.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoCouchDB + listKind: KuberoCouchDBList + plural: kuberocouchdbs + singular: kuberocouchdb + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoCouchDB is the Schema for the kuberocouchdbs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoCouchDB + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoCouchDB + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoelasticsearches.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoElasticsearch + listKind: KuberoElasticsearchList + plural: kuberoelasticsearches + singular: kuberoelasticsearch + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoElasticsearch is the Schema for the kuberoelasticsearches API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoElasticsearch + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoElasticsearch + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoes.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: Kubero + listKind: KuberoList + plural: kuberoes + singular: kubero + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Kubero is the Schema for the kuberoes API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of Kubero + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of Kubero + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberokafkas.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoKafka + listKind: KuberoKafkaList + plural: kuberokafkas + singular: kuberokafka + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoKafka is the Schema for the kuberokafkas API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoKafka + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoKafka + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberomails.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoMail + listKind: KuberoMailList + plural: kuberomails + singular: kuberomail + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoMail is the Schema for the kuberomails API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoMail + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoMail + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberomemcacheds.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoMemcached + listKind: KuberoMemcachedList + plural: kuberomemcacheds + singular: kuberomemcached + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoMemcached is the Schema for the kuberomemcacheds API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoMemcached + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoMemcached + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberomongodbs.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoMongoDB + listKind: KuberoMongoDBList + plural: kuberomongodbs + singular: kuberomongodb + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoMongoDB is the Schema for the kuberomongodbs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoMongoDB + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoMongoDB + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberomysqls.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoMysql + listKind: KuberoMysqlList + plural: kuberomysqls + singular: kuberomysql + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoMysql is the Schema for the kuberomysqls API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoMysql + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoMysql + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberopipelines.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoPipeline + listKind: KuberoPipelineList + plural: kuberopipelines + singular: kuberopipeline + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoPipeline is the Schema for the kuberopipelines API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoPipeline + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoPipeline + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberopostgresqls.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoPostgresql + listKind: KuberoPostgresqlList + plural: kuberopostgresqls + singular: kuberopostgresql + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoPostgresql is the Schema for the kuberopostgresqls API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoPostgresql + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoPostgresql + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoprometheuses.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoPrometheus + listKind: KuberoPrometheusList + plural: kuberoprometheuses + singular: kuberoprometheus + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoPrometheus is the Schema for the kuberoprometheuses API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoPrometheus + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoPrometheus + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberorabbitmqs.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoRabbitMQ + listKind: KuberoRabbitMQList + plural: kuberorabbitmqs + singular: kuberorabbitmq + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoRabbitMQ is the Schema for the kuberorabbitmqs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoRabbitMQ + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoRabbitMQ + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoredis.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoRedis + listKind: KuberoRedisList + plural: kuberoredis + singular: kuberoredis + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoRedis is the Schema for the kuberoredis API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoRedis + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoRedis + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: kubero-operator-controller-manager + namespace: kubero-operator-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: kubero-operator-leader-election-role + namespace: kubero-operator-system +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kubero-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get +- apiGroups: + - "" + - apps + resources: + - configmaps + - secrets + verbs: + - '*' +- apiGroups: + - "" + resources: + - events + verbs: + - create +- apiGroups: + - rbac.authorization.k8s.io + - "" + resources: + - roles + - clusterroles + - clusterrolebindings + - rolebindings + - secrets + - deployments + - namespaces + - services + - ingresses + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoapps + - kuberoapps/status + - kuberoapps/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + - "" + resources: + - deployments + - serviceaccounts + verbs: + - '*' +- apiGroups: + - autoscaling + resources: + - horizontalpodautoscalers + verbs: + - '*' +- apiGroups: + - networking.k8s.io + - "" + resources: + - ingresses + - rolebindings + - services + - jobs + verbs: + - '*' +- apiGroups: + - batch + resources: + - cronjobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - opstreelabs.in + resources: + - mongodbs + verbs: + - '*' +- apiGroups: + - redis.redis.opstreelabs.in + resources: + - redis + - redisclusters + verbs: + - '*' +- apiGroups: + - postgres-operator.crunchydata.com + resources: + - postgresclusters + verbs: + - '*' +- apiGroups: + - minio.min.io + resources: + - tenants + verbs: + - '*' +- apiGroups: + - charts.operatorhub.io + resources: + - cockroachdbs + verbs: + - '*' +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' +- apiGroups: + - networking.cfargotunnel.com + resources: + - tunnels + - tunnelbindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoes + - kuberoes/status + - kuberoes/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - "" + resources: + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + - persistentvolumeclaims/finalizers + - persistentvolumes/finalizers + verbs: + - '*' +- apiGroups: + - operators.coreos.com + resources: + - clusterserviceversions + verbs: + - '*' +- apiGroups: + - cert-manager.io + resources: + - certificates + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberopipelines + - kuberopipelines/status + - kuberopipelines/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - "" + resources: + - namespaces + - secrets + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberomysqls + - kuberomysqls/status + - kuberomysqls/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberopostgresqls + - kuberopostgresqls/status + - kuberopostgresqls/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoredis + - kuberoredis/status + - kuberoredis/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberomongodbs + - kuberomongodbs/status + - kuberomongodbs/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoelasticsearches + - kuberoelasticsearches/status + - kuberoelasticsearches/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberocouchdbs + - kuberocouchdbs/status + - kuberocouchdbs/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberokafkas + - kuberokafkas/status + - kuberokafkas/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - job + resources: + - batch + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberomails + - kuberomails/status + - kuberomails/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberorabbitmqs + - kuberorabbitmqs/status + - kuberorabbitmqs/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberomemcacheds + - kuberomemcacheds/status + - kuberomemcacheds/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoprometheuses + - kuberoprometheuses/status + - kuberoprometheuses/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - "" + resources: + - clusterrolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberobuilds + - kuberobuilds/status + - kuberobuilds/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - batch + resources: + - jobs + verbs: + - '*' +- apiGroups: + - "" + resources: + - pods + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kubero-operator-metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kubero-operator-proxy-role +rules: +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: kubero-operator-leader-election-rolebinding + namespace: kubero-operator-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: kubero-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: kubero-operator-controller-manager + namespace: kubero-operator-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: kubero-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: kubero-operator-manager-role +subjects: +- kind: ServiceAccount + name: kubero-operator-controller-manager + namespace: kubero-operator-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: kubero-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: kubero-operator-proxy-role +subjects: +- kind: ServiceAccount + name: kubero-operator-controller-manager + namespace: kubero-operator-system +--- +apiVersion: v1 +data: + controller_manager_config.yaml: | + apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 + kind: ControllerManagerConfig + health: + healthProbeBindAddress: :8081 + metrics: + bindAddress: 127.0.0.1:8080 + + leaderElection: + leaderElect: true + resourceName: 811c9dc5.kubero.dev +kind: ConfigMap +metadata: + name: kubero-operator-manager-config + namespace: kubero-operator-system +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: kubero-operator-controller-manager-metrics-service + namespace: kubero-operator-system +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + control-plane: controller-manager +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + control-plane: controller-manager + name: kubero-operator-controller-manager + namespace: kubero-operator-system +spec: + replicas: 1 + selector: + matchLabels: + control-plane: controller-manager + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: manager + labels: + control-plane: controller-manager + spec: + containers: + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=0 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.11.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + protocol: TCP + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi + - args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + - --leader-election-id=kubero-operator + image: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.1.4-rc.2 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 1000m + memory: 1Gi + requests: + cpu: 100m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + serviceAccountName: kubero-operator-controller-manager + terminationGracePeriodSeconds: 10 diff --git a/deploy/operator.0.1.4-rc.3.yaml b/deploy/operator.0.1.4-rc.3.yaml new file mode 100644 index 0000000..0d2d08f --- /dev/null +++ b/deploy/operator.0.1.4-rc.3.yaml @@ -0,0 +1,1540 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + control-plane: controller-manager + name: kubero-operator-system +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoapps.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoApp + listKind: KuberoAppList + plural: kuberoapps + singular: kuberoapp + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoApp is the Schema for the kuberoapps API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoApp + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoApp + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberobuilds.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoBuild + listKind: KuberoBuildList + plural: kuberobuilds + singular: kuberobuild + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoBuild is the Schema for the kuberobuilds API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoBuild + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoBuild + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberocouchdbs.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoCouchDB + listKind: KuberoCouchDBList + plural: kuberocouchdbs + singular: kuberocouchdb + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoCouchDB is the Schema for the kuberocouchdbs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoCouchDB + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoCouchDB + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoelasticsearches.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoElasticsearch + listKind: KuberoElasticsearchList + plural: kuberoelasticsearches + singular: kuberoelasticsearch + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoElasticsearch is the Schema for the kuberoelasticsearches API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoElasticsearch + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoElasticsearch + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoes.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: Kubero + listKind: KuberoList + plural: kuberoes + singular: kubero + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Kubero is the Schema for the kuberoes API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of Kubero + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of Kubero + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberokafkas.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoKafka + listKind: KuberoKafkaList + plural: kuberokafkas + singular: kuberokafka + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoKafka is the Schema for the kuberokafkas API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoKafka + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoKafka + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberomails.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoMail + listKind: KuberoMailList + plural: kuberomails + singular: kuberomail + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoMail is the Schema for the kuberomails API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoMail + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoMail + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberomemcacheds.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoMemcached + listKind: KuberoMemcachedList + plural: kuberomemcacheds + singular: kuberomemcached + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoMemcached is the Schema for the kuberomemcacheds API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoMemcached + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoMemcached + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberomongodbs.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoMongoDB + listKind: KuberoMongoDBList + plural: kuberomongodbs + singular: kuberomongodb + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoMongoDB is the Schema for the kuberomongodbs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoMongoDB + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoMongoDB + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberomysqls.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoMysql + listKind: KuberoMysqlList + plural: kuberomysqls + singular: kuberomysql + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoMysql is the Schema for the kuberomysqls API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoMysql + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoMysql + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberopipelines.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoPipeline + listKind: KuberoPipelineList + plural: kuberopipelines + singular: kuberopipeline + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoPipeline is the Schema for the kuberopipelines API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoPipeline + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoPipeline + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberopostgresqls.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoPostgresql + listKind: KuberoPostgresqlList + plural: kuberopostgresqls + singular: kuberopostgresql + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoPostgresql is the Schema for the kuberopostgresqls API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoPostgresql + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoPostgresql + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoprometheuses.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoPrometheus + listKind: KuberoPrometheusList + plural: kuberoprometheuses + singular: kuberoprometheus + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoPrometheus is the Schema for the kuberoprometheuses API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoPrometheus + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoPrometheus + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberorabbitmqs.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoRabbitMQ + listKind: KuberoRabbitMQList + plural: kuberorabbitmqs + singular: kuberorabbitmq + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoRabbitMQ is the Schema for the kuberorabbitmqs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoRabbitMQ + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoRabbitMQ + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoredis.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoRedis + listKind: KuberoRedisList + plural: kuberoredis + singular: kuberoredis + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoRedis is the Schema for the kuberoredis API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoRedis + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoRedis + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: kubero-operator-controller-manager + namespace: kubero-operator-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: kubero-operator-leader-election-role + namespace: kubero-operator-system +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kubero-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get +- apiGroups: + - "" + - apps + resources: + - configmaps + - secrets + verbs: + - '*' +- apiGroups: + - "" + resources: + - events + verbs: + - create +- apiGroups: + - rbac.authorization.k8s.io + - "" + resources: + - roles + - clusterroles + - clusterrolebindings + - rolebindings + - secrets + - deployments + - namespaces + - services + - ingresses + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoapps + - kuberoapps/status + - kuberoapps/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + - "" + resources: + - deployments + - serviceaccounts + verbs: + - '*' +- apiGroups: + - autoscaling + resources: + - horizontalpodautoscalers + verbs: + - '*' +- apiGroups: + - networking.k8s.io + - "" + resources: + - ingresses + - rolebindings + - services + - jobs + verbs: + - '*' +- apiGroups: + - batch + resources: + - cronjobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - opstreelabs.in + resources: + - mongodbs + verbs: + - '*' +- apiGroups: + - redis.redis.opstreelabs.in + resources: + - redis + - redisclusters + verbs: + - '*' +- apiGroups: + - postgres-operator.crunchydata.com + resources: + - postgresclusters + verbs: + - '*' +- apiGroups: + - minio.min.io + resources: + - tenants + verbs: + - '*' +- apiGroups: + - charts.operatorhub.io + resources: + - cockroachdbs + verbs: + - '*' +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' +- apiGroups: + - networking.cfargotunnel.com + resources: + - tunnels + - tunnelbindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoes + - kuberoes/status + - kuberoes/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - "" + resources: + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + - persistentvolumeclaims/finalizers + - persistentvolumes/finalizers + verbs: + - '*' +- apiGroups: + - operators.coreos.com + resources: + - clusterserviceversions + verbs: + - '*' +- apiGroups: + - cert-manager.io + resources: + - certificates + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberopipelines + - kuberopipelines/status + - kuberopipelines/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - "" + resources: + - namespaces + - secrets + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberomysqls + - kuberomysqls/status + - kuberomysqls/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberopostgresqls + - kuberopostgresqls/status + - kuberopostgresqls/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoredis + - kuberoredis/status + - kuberoredis/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberomongodbs + - kuberomongodbs/status + - kuberomongodbs/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoelasticsearches + - kuberoelasticsearches/status + - kuberoelasticsearches/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberocouchdbs + - kuberocouchdbs/status + - kuberocouchdbs/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberokafkas + - kuberokafkas/status + - kuberokafkas/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - job + resources: + - batch + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberomails + - kuberomails/status + - kuberomails/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberorabbitmqs + - kuberorabbitmqs/status + - kuberorabbitmqs/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberomemcacheds + - kuberomemcacheds/status + - kuberomemcacheds/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoprometheuses + - kuberoprometheuses/status + - kuberoprometheuses/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - "" + resources: + - clusterrolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberobuilds + - kuberobuilds/status + - kuberobuilds/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - batch + resources: + - jobs + verbs: + - '*' +- apiGroups: + - "" + resources: + - pods + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kubero-operator-metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kubero-operator-proxy-role +rules: +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: kubero-operator-leader-election-rolebinding + namespace: kubero-operator-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: kubero-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: kubero-operator-controller-manager + namespace: kubero-operator-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: kubero-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: kubero-operator-manager-role +subjects: +- kind: ServiceAccount + name: kubero-operator-controller-manager + namespace: kubero-operator-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: kubero-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: kubero-operator-proxy-role +subjects: +- kind: ServiceAccount + name: kubero-operator-controller-manager + namespace: kubero-operator-system +--- +apiVersion: v1 +data: + controller_manager_config.yaml: | + apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 + kind: ControllerManagerConfig + health: + healthProbeBindAddress: :8081 + metrics: + bindAddress: 127.0.0.1:8080 + + leaderElection: + leaderElect: true + resourceName: 811c9dc5.kubero.dev +kind: ConfigMap +metadata: + name: kubero-operator-manager-config + namespace: kubero-operator-system +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: kubero-operator-controller-manager-metrics-service + namespace: kubero-operator-system +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + control-plane: controller-manager +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + control-plane: controller-manager + name: kubero-operator-controller-manager + namespace: kubero-operator-system +spec: + replicas: 1 + selector: + matchLabels: + control-plane: controller-manager + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: manager + labels: + control-plane: controller-manager + spec: + containers: + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=0 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.11.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + protocol: TCP + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi + - args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + - --leader-election-id=kubero-operator + - --zap-log-level=info + image: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.1.4-rc.3 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 1000m + memory: 1Gi + requests: + cpu: 100m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + serviceAccountName: kubero-operator-controller-manager + terminationGracePeriodSeconds: 10 diff --git a/deploy/operator.0.1.4-rc.4.yaml b/deploy/operator.0.1.4-rc.4.yaml new file mode 100644 index 0000000..e641c14 --- /dev/null +++ b/deploy/operator.0.1.4-rc.4.yaml @@ -0,0 +1,1540 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + control-plane: controller-manager + name: kubero-operator-system +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoapps.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoApp + listKind: KuberoAppList + plural: kuberoapps + singular: kuberoapp + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoApp is the Schema for the kuberoapps API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoApp + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoApp + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberobuilds.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoBuild + listKind: KuberoBuildList + plural: kuberobuilds + singular: kuberobuild + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoBuild is the Schema for the kuberobuilds API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoBuild + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoBuild + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberocouchdbs.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoCouchDB + listKind: KuberoCouchDBList + plural: kuberocouchdbs + singular: kuberocouchdb + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoCouchDB is the Schema for the kuberocouchdbs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoCouchDB + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoCouchDB + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoelasticsearches.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoElasticsearch + listKind: KuberoElasticsearchList + plural: kuberoelasticsearches + singular: kuberoelasticsearch + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoElasticsearch is the Schema for the kuberoelasticsearches API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoElasticsearch + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoElasticsearch + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoes.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: Kubero + listKind: KuberoList + plural: kuberoes + singular: kubero + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Kubero is the Schema for the kuberoes API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of Kubero + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of Kubero + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberokafkas.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoKafka + listKind: KuberoKafkaList + plural: kuberokafkas + singular: kuberokafka + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoKafka is the Schema for the kuberokafkas API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoKafka + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoKafka + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberomails.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoMail + listKind: KuberoMailList + plural: kuberomails + singular: kuberomail + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoMail is the Schema for the kuberomails API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoMail + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoMail + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberomemcacheds.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoMemcached + listKind: KuberoMemcachedList + plural: kuberomemcacheds + singular: kuberomemcached + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoMemcached is the Schema for the kuberomemcacheds API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoMemcached + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoMemcached + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberomongodbs.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoMongoDB + listKind: KuberoMongoDBList + plural: kuberomongodbs + singular: kuberomongodb + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoMongoDB is the Schema for the kuberomongodbs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoMongoDB + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoMongoDB + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberomysqls.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoMysql + listKind: KuberoMysqlList + plural: kuberomysqls + singular: kuberomysql + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoMysql is the Schema for the kuberomysqls API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoMysql + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoMysql + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberopipelines.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoPipeline + listKind: KuberoPipelineList + plural: kuberopipelines + singular: kuberopipeline + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoPipeline is the Schema for the kuberopipelines API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoPipeline + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoPipeline + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberopostgresqls.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoPostgresql + listKind: KuberoPostgresqlList + plural: kuberopostgresqls + singular: kuberopostgresql + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoPostgresql is the Schema for the kuberopostgresqls API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoPostgresql + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoPostgresql + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoprometheuses.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoPrometheus + listKind: KuberoPrometheusList + plural: kuberoprometheuses + singular: kuberoprometheus + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoPrometheus is the Schema for the kuberoprometheuses API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoPrometheus + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoPrometheus + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberorabbitmqs.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoRabbitMQ + listKind: KuberoRabbitMQList + plural: kuberorabbitmqs + singular: kuberorabbitmq + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoRabbitMQ is the Schema for the kuberorabbitmqs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoRabbitMQ + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoRabbitMQ + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoredis.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoRedis + listKind: KuberoRedisList + plural: kuberoredis + singular: kuberoredis + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoRedis is the Schema for the kuberoredis API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoRedis + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoRedis + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: kubero-operator-controller-manager + namespace: kubero-operator-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: kubero-operator-leader-election-role + namespace: kubero-operator-system +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kubero-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get +- apiGroups: + - "" + - apps + resources: + - configmaps + - secrets + verbs: + - '*' +- apiGroups: + - "" + resources: + - events + verbs: + - create +- apiGroups: + - rbac.authorization.k8s.io + - "" + resources: + - roles + - clusterroles + - clusterrolebindings + - rolebindings + - secrets + - deployments + - namespaces + - services + - ingresses + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoapps + - kuberoapps/status + - kuberoapps/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + - "" + resources: + - deployments + - serviceaccounts + verbs: + - '*' +- apiGroups: + - autoscaling + resources: + - horizontalpodautoscalers + verbs: + - '*' +- apiGroups: + - networking.k8s.io + - "" + resources: + - ingresses + - rolebindings + - services + - jobs + verbs: + - '*' +- apiGroups: + - batch + resources: + - cronjobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - opstreelabs.in + resources: + - mongodbs + verbs: + - '*' +- apiGroups: + - redis.redis.opstreelabs.in + resources: + - redis + - redisclusters + verbs: + - '*' +- apiGroups: + - postgres-operator.crunchydata.com + resources: + - postgresclusters + verbs: + - '*' +- apiGroups: + - minio.min.io + resources: + - tenants + verbs: + - '*' +- apiGroups: + - charts.operatorhub.io + resources: + - cockroachdbs + verbs: + - '*' +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' +- apiGroups: + - networking.cfargotunnel.com + resources: + - tunnels + - tunnelbindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoes + - kuberoes/status + - kuberoes/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - "" + resources: + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + - persistentvolumeclaims/finalizers + - persistentvolumes/finalizers + verbs: + - '*' +- apiGroups: + - operators.coreos.com + resources: + - clusterserviceversions + verbs: + - '*' +- apiGroups: + - cert-manager.io + resources: + - certificates + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberopipelines + - kuberopipelines/status + - kuberopipelines/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - "" + resources: + - namespaces + - secrets + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberomysqls + - kuberomysqls/status + - kuberomysqls/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberopostgresqls + - kuberopostgresqls/status + - kuberopostgresqls/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoredis + - kuberoredis/status + - kuberoredis/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberomongodbs + - kuberomongodbs/status + - kuberomongodbs/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoelasticsearches + - kuberoelasticsearches/status + - kuberoelasticsearches/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberocouchdbs + - kuberocouchdbs/status + - kuberocouchdbs/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberokafkas + - kuberokafkas/status + - kuberokafkas/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - job + resources: + - batch + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberomails + - kuberomails/status + - kuberomails/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberorabbitmqs + - kuberorabbitmqs/status + - kuberorabbitmqs/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberomemcacheds + - kuberomemcacheds/status + - kuberomemcacheds/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoprometheuses + - kuberoprometheuses/status + - kuberoprometheuses/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - "" + resources: + - clusterrolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberobuilds + - kuberobuilds/status + - kuberobuilds/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - batch + resources: + - jobs + verbs: + - '*' +- apiGroups: + - "" + resources: + - pods + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kubero-operator-metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kubero-operator-proxy-role +rules: +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: kubero-operator-leader-election-rolebinding + namespace: kubero-operator-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: kubero-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: kubero-operator-controller-manager + namespace: kubero-operator-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: kubero-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: kubero-operator-manager-role +subjects: +- kind: ServiceAccount + name: kubero-operator-controller-manager + namespace: kubero-operator-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: kubero-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: kubero-operator-proxy-role +subjects: +- kind: ServiceAccount + name: kubero-operator-controller-manager + namespace: kubero-operator-system +--- +apiVersion: v1 +data: + controller_manager_config.yaml: | + apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 + kind: ControllerManagerConfig + health: + healthProbeBindAddress: :8081 + metrics: + bindAddress: 127.0.0.1:8080 + + leaderElection: + leaderElect: true + resourceName: 811c9dc5.kubero.dev +kind: ConfigMap +metadata: + name: kubero-operator-manager-config + namespace: kubero-operator-system +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: kubero-operator-controller-manager-metrics-service + namespace: kubero-operator-system +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + control-plane: controller-manager +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + control-plane: controller-manager + name: kubero-operator-controller-manager + namespace: kubero-operator-system +spec: + replicas: 1 + selector: + matchLabels: + control-plane: controller-manager + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: manager + labels: + control-plane: controller-manager + spec: + containers: + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=0 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.11.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + protocol: TCP + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi + - args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + - --leader-election-id=kubero-operator + - --zap-log-level=info + image: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.1.4-rc.4 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 1000m + memory: 1Gi + requests: + cpu: 100m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + serviceAccountName: kubero-operator-controller-manager + terminationGracePeriodSeconds: 10 diff --git a/deploy/operator.0.1.4-rc.5.yaml b/deploy/operator.0.1.4-rc.5.yaml new file mode 100644 index 0000000..6ea0ced --- /dev/null +++ b/deploy/operator.0.1.4-rc.5.yaml @@ -0,0 +1,1540 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + control-plane: controller-manager + name: kubero-operator-system +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoapps.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoApp + listKind: KuberoAppList + plural: kuberoapps + singular: kuberoapp + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoApp is the Schema for the kuberoapps API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoApp + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoApp + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberobuilds.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoBuild + listKind: KuberoBuildList + plural: kuberobuilds + singular: kuberobuild + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoBuild is the Schema for the kuberobuilds API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoBuild + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoBuild + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberocouchdbs.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoCouchDB + listKind: KuberoCouchDBList + plural: kuberocouchdbs + singular: kuberocouchdb + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoCouchDB is the Schema for the kuberocouchdbs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoCouchDB + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoCouchDB + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoelasticsearches.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoElasticsearch + listKind: KuberoElasticsearchList + plural: kuberoelasticsearches + singular: kuberoelasticsearch + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoElasticsearch is the Schema for the kuberoelasticsearches API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoElasticsearch + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoElasticsearch + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoes.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: Kubero + listKind: KuberoList + plural: kuberoes + singular: kubero + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Kubero is the Schema for the kuberoes API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of Kubero + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of Kubero + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberokafkas.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoKafka + listKind: KuberoKafkaList + plural: kuberokafkas + singular: kuberokafka + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoKafka is the Schema for the kuberokafkas API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoKafka + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoKafka + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberomails.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoMail + listKind: KuberoMailList + plural: kuberomails + singular: kuberomail + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoMail is the Schema for the kuberomails API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoMail + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoMail + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberomemcacheds.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoMemcached + listKind: KuberoMemcachedList + plural: kuberomemcacheds + singular: kuberomemcached + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoMemcached is the Schema for the kuberomemcacheds API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoMemcached + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoMemcached + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberomongodbs.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoMongoDB + listKind: KuberoMongoDBList + plural: kuberomongodbs + singular: kuberomongodb + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoMongoDB is the Schema for the kuberomongodbs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoMongoDB + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoMongoDB + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberomysqls.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoMysql + listKind: KuberoMysqlList + plural: kuberomysqls + singular: kuberomysql + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoMysql is the Schema for the kuberomysqls API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoMysql + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoMysql + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberopipelines.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoPipeline + listKind: KuberoPipelineList + plural: kuberopipelines + singular: kuberopipeline + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoPipeline is the Schema for the kuberopipelines API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoPipeline + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoPipeline + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberopostgresqls.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoPostgresql + listKind: KuberoPostgresqlList + plural: kuberopostgresqls + singular: kuberopostgresql + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoPostgresql is the Schema for the kuberopostgresqls API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoPostgresql + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoPostgresql + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoprometheuses.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoPrometheus + listKind: KuberoPrometheusList + plural: kuberoprometheuses + singular: kuberoprometheus + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoPrometheus is the Schema for the kuberoprometheuses API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoPrometheus + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoPrometheus + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberorabbitmqs.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoRabbitMQ + listKind: KuberoRabbitMQList + plural: kuberorabbitmqs + singular: kuberorabbitmq + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoRabbitMQ is the Schema for the kuberorabbitmqs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoRabbitMQ + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoRabbitMQ + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: kuberoredis.application.kubero.dev +spec: + group: application.kubero.dev + names: + kind: KuberoRedis + listKind: KuberoRedisList + plural: kuberoredis + singular: kuberoredis + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: KuberoRedis is the Schema for the kuberoredis API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the desired state of KuberoRedis + type: object + x-kubernetes-preserve-unknown-fields: true + status: + description: Status defines the observed state of KuberoRedis + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: kubero-operator-controller-manager + namespace: kubero-operator-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: kubero-operator-leader-election-role + namespace: kubero-operator-system +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kubero-operator-manager-role +rules: +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get +- apiGroups: + - "" + - apps + resources: + - configmaps + - secrets + verbs: + - '*' +- apiGroups: + - "" + resources: + - events + verbs: + - create +- apiGroups: + - rbac.authorization.k8s.io + - "" + resources: + - roles + - clusterroles + - clusterrolebindings + - rolebindings + - secrets + - deployments + - namespaces + - services + - ingresses + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoapps + - kuberoapps/status + - kuberoapps/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + - "" + resources: + - deployments + - serviceaccounts + verbs: + - '*' +- apiGroups: + - autoscaling + resources: + - horizontalpodautoscalers + verbs: + - '*' +- apiGroups: + - networking.k8s.io + - "" + resources: + - ingresses + - rolebindings + - services + - jobs + verbs: + - '*' +- apiGroups: + - batch + resources: + - cronjobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - opstreelabs.in + resources: + - mongodbs + verbs: + - '*' +- apiGroups: + - redis.redis.opstreelabs.in + resources: + - redis + - redisclusters + verbs: + - '*' +- apiGroups: + - postgres-operator.crunchydata.com + resources: + - postgresclusters + verbs: + - '*' +- apiGroups: + - minio.min.io + resources: + - tenants + verbs: + - '*' +- apiGroups: + - charts.operatorhub.io + resources: + - cockroachdbs + verbs: + - '*' +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - '*' +- apiGroups: + - networking.cfargotunnel.com + resources: + - tunnels + - tunnelbindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoes + - kuberoes/status + - kuberoes/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - "" + resources: + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + - persistentvolumeclaims/finalizers + - persistentvolumes/finalizers + verbs: + - '*' +- apiGroups: + - operators.coreos.com + resources: + - clusterserviceversions + verbs: + - '*' +- apiGroups: + - cert-manager.io + resources: + - certificates + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberopipelines + - kuberopipelines/status + - kuberopipelines/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - "" + resources: + - namespaces + - secrets + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberomysqls + - kuberomysqls/status + - kuberomysqls/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberopostgresqls + - kuberopostgresqls/status + - kuberopostgresqls/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoredis + - kuberoredis/status + - kuberoredis/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberomongodbs + - kuberomongodbs/status + - kuberomongodbs/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoelasticsearches + - kuberoelasticsearches/status + - kuberoelasticsearches/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberocouchdbs + - kuberocouchdbs/status + - kuberocouchdbs/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberokafkas + - kuberokafkas/status + - kuberokafkas/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + - statefulsets + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + - serviceaccounts + - services + - persistentvolumeclaims + - persistentvolumes + verbs: + - '*' +- apiGroups: + - job + resources: + - batch + verbs: + - '*' +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberomails + - kuberomails/status + - kuberomails/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberorabbitmqs + - kuberorabbitmqs/status + - kuberorabbitmqs/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberomemcacheds + - kuberomemcacheds/status + - kuberomemcacheds/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberoprometheuses + - kuberoprometheuses/status + - kuberoprometheuses/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - serviceaccounts + - services + verbs: + - '*' +- apiGroups: + - apps + resources: + - deployments + verbs: + - '*' +- apiGroups: + - "" + resources: + - clusterrolebindings + verbs: + - '*' +- apiGroups: + - application.kubero.dev + resources: + - kuberobuilds + - kuberobuilds/status + - kuberobuilds/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - batch + resources: + - jobs + verbs: + - '*' +- apiGroups: + - "" + resources: + - pods + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kubero-operator-metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kubero-operator-proxy-role +rules: +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: kubero-operator-leader-election-rolebinding + namespace: kubero-operator-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: kubero-operator-leader-election-role +subjects: +- kind: ServiceAccount + name: kubero-operator-controller-manager + namespace: kubero-operator-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: kubero-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: kubero-operator-manager-role +subjects: +- kind: ServiceAccount + name: kubero-operator-controller-manager + namespace: kubero-operator-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: kubero-operator-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: kubero-operator-proxy-role +subjects: +- kind: ServiceAccount + name: kubero-operator-controller-manager + namespace: kubero-operator-system +--- +apiVersion: v1 +data: + controller_manager_config.yaml: | + apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 + kind: ControllerManagerConfig + health: + healthProbeBindAddress: :8081 + metrics: + bindAddress: 127.0.0.1:8080 + + leaderElection: + leaderElect: true + resourceName: 811c9dc5.kubero.dev +kind: ConfigMap +metadata: + name: kubero-operator-manager-config + namespace: kubero-operator-system +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: kubero-operator-controller-manager-metrics-service + namespace: kubero-operator-system +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + control-plane: controller-manager +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + control-plane: controller-manager + name: kubero-operator-controller-manager + namespace: kubero-operator-system +spec: + replicas: 1 + selector: + matchLabels: + control-plane: controller-manager + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: manager + labels: + control-plane: controller-manager + spec: + containers: + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=0 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.11.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + protocol: TCP + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi + - args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + - --leader-election-id=kubero-operator + - --zap-log-level=info + image: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.1.4-rc.5 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 1000m + memory: 1Gi + requests: + cpu: 100m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + serviceAccountName: kubero-operator-controller-manager + terminationGracePeriodSeconds: 10 diff --git a/deploy/operator.yaml b/deploy/operator.yaml index 29080ac..6ea0ced 100644 --- a/deploy/operator.yaml +++ b/deploy/operator.yaml @@ -1510,7 +1510,8 @@ spec: - --metrics-bind-address=127.0.0.1:8080 - --leader-elect - --leader-election-id=kubero-operator - image: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.1.3 + - --zap-log-level=info + image: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.1.4-rc.5 livenessProbe: httpGet: path: /healthz diff --git a/helm-charts/kubero/templates/config.yaml b/helm-charts/kubero/templates/config.yaml index b30fa0b..4d4a74d 100644 --- a/helm-charts/kubero/templates/config.yaml +++ b/helm-charts/kubero/templates/config.yaml @@ -3,7 +3,6 @@ kind: ConfigMap metadata: name: kubero-config data: -# Backwardcompatibility for .Values.kubero.config config.yaml: | {{- if and .Values.kubero.config (kindIs "string" .Values.kubero.config) }} {{ .Values.kubero.config | indent 4 }} diff --git a/helm-charts/kubero/templates/deployment.yaml b/helm-charts/kubero/templates/deployment.yaml index eae365c..410aa03 100644 --- a/helm-charts/kubero/templates/deployment.yaml +++ b/helm-charts/kubero/templates/deployment.yaml @@ -40,7 +40,6 @@ spec: readOnly: false {{- end }} env: - # TODO: needs some investigation. Crashes with UNABLE_TO_VERIFY_LEAF_SIGNATURE - name: NODE_TLS_REJECT_UNAUTHORIZED value: "0" - name: KUBERO_CONTEXT diff --git a/helm-charts/kubero/templates/pvc.yaml b/helm-charts/kubero/templates/pvc.yaml index cfc3580..26691ca 100644 --- a/helm-charts/kubero/templates/pvc.yaml +++ b/helm-charts/kubero/templates/pvc.yaml @@ -13,4 +13,4 @@ spec: resources: requests: storage: {{ .Values.kubero.auditLogs.size }} -{{- end }} #enabled +{{- end }} diff --git a/helm-charts/kubero/templates/registry.yaml b/helm-charts/kubero/templates/registry.yaml index e82c6db..f088900 100644 --- a/helm-charts/kubero/templates/registry.yaml +++ b/helm-charts/kubero/templates/registry.yaml @@ -93,7 +93,6 @@ metadata: nginx.ingress.kubernetes.io/cors-allow-origin: "*" nginx.ingress.kubernetes.io/cors-allow-credentials: "true" nginx.ingress.kubernetes.io/ssl-redirect: "false" - #nginx.ingress.kubernetes.io/whitelist-source-range: 10.0.0.0/8 cert-manager.io/cluster-issuer: letsencrypt-prod kubernetes.io/tls-acme: "true" nginx.ingress.kubernetes.io/auth-type: basic @@ -120,5 +119,5 @@ spec: name: kubero-registry port: number: 5000 -{{- end }} #create -{{- end }} #enabled \ No newline at end of file +{{- end }} +{{- end }} \ No newline at end of file diff --git a/helm-charts/kuberoapp/templates/deployment-web.yaml b/helm-charts/kuberoapp/templates/deployment-web.yaml index c916023..a5527c8 100644 --- a/helm-charts/kuberoapp/templates/deployment-web.yaml +++ b/helm-charts/kuberoapp/templates/deployment-web.yaml @@ -39,7 +39,7 @@ spec: {{- end }} {{- else if eq .Values.deploymentstrategy "git" }} imagePullSecrets: - - name: kubero-pull-secret # created by kuberopipeline/phases.yaml + - name: kubero-pull-secret {{- end }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} diff --git a/helm-charts/kuberoapp/templates/deployment-worker.yaml b/helm-charts/kuberoapp/templates/deployment-worker.yaml index c649679..563098a 100644 --- a/helm-charts/kuberoapp/templates/deployment-worker.yaml +++ b/helm-charts/kuberoapp/templates/deployment-worker.yaml @@ -39,7 +39,7 @@ spec: {{- end }} {{- else if eq .Values.deploymentstrategy "git" }} imagePullSecrets: - - name: kubero-pull-secret # created by kuberopipeline/phases.yaml + - name: kubero-pull-secret {{- end }} serviceAccountName: {{ include "kuberoapp.serviceAccountName" . }} securityContext: diff --git a/helm-charts/kuberoapp/templates/job-vulnerabilityscan.yaml b/helm-charts/kuberoapp/templates/job-vulnerabilityscan.yaml index 9516b46..43f3e9e 100644 --- a/helm-charts/kuberoapp/templates/job-vulnerabilityscan.yaml +++ b/helm-charts/kuberoapp/templates/job-vulnerabilityscan.yaml @@ -18,7 +18,6 @@ spec: {{- if eq .Values.deploymentstrategy "git" }} - name: trivy-repo-scan image: {{ .Values.vulnerabilityscan.image.repository }}:{{ .Values.vulnerabilityscan.image.tag | default "latest" }} - #command: ["trivy", "repo", "-q", "-f", "json", "--exit-code", "0", "--severity", "HIGH,CRITICAL", "--ignore-unfixed", ""] command: ["trivy", "repo", {{ .Values.gitrepo.clone_url | quote }}, "-q", "-f", "json", "--scanners", "vuln", "--exit-code", "0"] {{- else }} - name: trivy-image-scan diff --git a/helm-charts/kuberopipeline/templates/phases.yaml b/helm-charts/kuberopipeline/phases.yaml similarity index 58% rename from helm-charts/kuberopipeline/templates/phases.yaml rename to helm-charts/kuberopipeline/phases.yaml index ff2790f..5d4472c 100644 --- a/helm-charts/kuberopipeline/templates/phases.yaml +++ b/helm-charts/kuberopipeline/phases.yaml @@ -1,19 +1,20 @@ -# https://itnext.io/manage-auto-generated-secrets-in-your-helm-charts-5aee48ba6918 - {{- $mainnamespace := .Values.mainnamespace | default "kubero" -}} -# retrieve the secret data using lookup function and when not exists, return an empty dictionary / map as result {{- $secretObj := (lookup "v1" "Secret" $mainnamespace "registry-login") | default dict }} {{- $secretData := (get $secretObj "data") | default dict }} {{- $dockerconfigjson := (get $secretData ".dockerconfigjson") | default "" }} {{- $registryUsername := (get $secretData "username") | default "" }} {{- $registryPassword := (get $secretData "password") | default "" }} +{{- if eq .Values.enabled "showcomments" -}} +## Do not print comments to avoid reconsiclation issues +# https://itnext.io/manage-auto-generated-secrets-in-your-helm-charts-5aee48ba6918 #{{- $kuberoObj := (lookup "application.kubero.dev/v1alpha1" "Kubero" $mainnamespace "kubero") | default dict }} #{{- $specData := (get $kuberoObj "spec") | default dict }} #{{- $registryData := (get $specData "registry") | default dict }} #{{- $registryHost := (get $registryData "host") | default "missingregistry.mydomain.com/example" }} #{{- $registryProtocol := (get $registryData "protocol") | default "https" }} #{{- $registryPort := (get $registryData "port") | default 443 }} +{{- end }} {{- $name := .Values.name -}} {{- $deploymentstrategy := .Values.deploymentstrategy -}} @@ -29,12 +30,13 @@ metadata: name: {{ $name }}-{{ .name }} --- {{- if and (eq $deploymentstrategy "git") ($deploykeyPub) }} -# used by kuberoes Runpacks to pull the code apiVersion: v1 kind: Secret metadata: name: "deployment-keys" namespace: {{ $name }}-{{ .name }} + annotations: + app.kubernetes.io/comment: "used by kuberoes Runpacks to pull the code" type: Opaque data: deploykey: {{ $deploykey | quote }} @@ -51,81 +53,18 @@ type: kubernetes.io/dockerconfigjson data: .dockerconfigjson: {{ $dockerconfigjson | quote }} --- -# required by trivy to scan the image apiVersion: v1 kind: Secret metadata: name: registry-credentials namespace: {{ $name }}-{{ .name }} + annotations: + app.kubernetes.io/comment: "required by trivy to scan the image" type: Opaque data: username: {{ $registryUsername | quote }} password: {{ $registryPassword | quote }} --- -## kpack -#apiVersion: v1 -#kind: Secret -#metadata: -# name: git-ssh-auth -# namespace: {{ $name }}-{{ .name }} -# annotations: -# kpack.io/git: {{ $deploykeySshUrl }} -#type: kubernetes.io/ssh-auth -#data: -# ssh-privatekey: {{ $deploykey | quote }} -# ssh-publickey: {{ $deploykeyPub | quote }} -#--- -## kpack -#apiVersion: v1 -#metadata: -# name: kpack-sa -#kind: ServiceAccount -# namespace: {{ $name }}-{{ .name }} -#secrets: -# - name: git-ssh-auth -# - name: kubero-pull-secret -#--- -## kpack role -#apiVersion: rbac.authorization.k8s.io/v1 -#kind: Role -#metadata: -# name: kpack-role -# namespace: {{ $name }}-{{ .name }} -#rules: -# - apiGroups: -# - kpack.io -# - 'builds' -# resources: -# verbs: -# - '*' -# - apiGroups: -# - '' -# resources: -# - 'pods' -# verbs: -# - '*' -# - apiGroups: -# - 'application.kubero.dev' -# resources: -# - 'kuberoapps' -# verbs: -# - '*' -#--- -## kpack rolebinding -#apiVersion: rbac.authorization.k8s.io/v1 -#kind: RoleBinding -#metadata: -# name: kpack-rolebinding -# namespace: {{ $name }}-{{ .name }} -#roleRef: -# apiGroup: rbac.authorization.k8s.io -# kind: Role -# name: kpack-role -#subjects: -# - kind: ServiceAccount -# name: kpack-sa -# namespace: {{ $name }}-{{ .name }} -#--- -{{- end }} # end of git deploymentstrategy -{{- end }} # end of enabled -{{- end }} # end of range \ No newline at end of file +{{- end }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/helm-charts/kuberopipeline/secrets-pull-secret.yaml b/helm-charts/kuberopipeline/secrets-pull-secret.yaml new file mode 100644 index 0000000..dc13df2 --- /dev/null +++ b/helm-charts/kuberopipeline/secrets-pull-secret.yaml @@ -0,0 +1,37 @@ +{{- $mainnamespace := .Values.mainnamespace | default "kubero" -}} +{{- $secretObj := (lookup "v1" "Secret" $mainnamespace "registry-login") | default dict }} +{{- $secretData := (get $secretObj "data") | default dict }} +{{- $dockerconfigjson := (get $secretData ".dockerconfigjson") | default "" }} +{{- $registryUsername := (get $secretData "username") | default "" }} +{{- $registryPassword := (get $secretData "password") | default "" }} + +{{- $name := .Values.name -}} +{{- $deploymentstrategy := .Values.deploymentstrategy -}} + +{{- range .Values.phases }} +{{- if .enabled }} +{{- if and (eq $deploymentstrategy "git") (ne $registryUsername "") }} +apiVersion: v1 +kind: Secret +metadata: + name: kubero-pull-secret + namespace: {{ $name }}-{{ .name }} +type: kubernetes.io/dockerconfigjson +data: + .dockerconfigjson: {{ $dockerconfigjson | quote }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: registry-credentials + namespace: {{ $name }}-{{ .name }} + annotations: + app.kubernetes.io/comment: "required by trivy to scan the image" +type: Opaque +data: + username: {{ $registryUsername | quote }} + password: {{ $registryPassword | quote }} +--- +{{- end }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/helm-charts/kuberopipeline/templates/_helpers.tpl b/helm-charts/kuberopipeline/templates/_helpers.tpl new file mode 100644 index 0000000..c8f630b --- /dev/null +++ b/helm-charts/kuberopipeline/templates/_helpers.tpl @@ -0,0 +1,24 @@ +{{- define "kubero.registryUsername" -}} +{{- $mainnamespace := .Values.mainnamespace | default "kubero" -}} +{{- $secretObj := (lookup "v1" "Secret" $mainnamespace "registry-login") | default dict }} +{{- $secretData := (get $secretObj "data") | default dict }} +{{- $registryUsername := (get $secretData "username") | default "" }} +{{- $registryUsername }} +{{- end }} + +{{- define "kubero.registryPassword" -}} +{{- $mainnamespace := .Values.mainnamespace | default "kubero" -}} +{{- $secretObj := (lookup "v1" "Secret" $mainnamespace "registry-login") | default dict }} +{{- $secretData := (get $secretObj "data") | default dict }} +{{- $registryPassword := (get $secretData "password") | default "" }} +{{- $registryPassword }} +{{- end }} + +{{- define "kubero.dockerconfigjson" -}} +{{- $mainnamespace := .Values.mainnamespace | default "kubero" -}} +{{- $secretObj := (lookup "v1" "Secret" $mainnamespace "registry-login") | default dict }} +{{- $secretData := (get $secretObj "data") | default dict }} +{{- $dockerconfigjson := (get $secretData ".dockerconfigjson") | default "" }} +{{- $dockerconfigjson }} +{{- end }} + diff --git a/helm-charts/kuberopipeline/templates/namespaces.yaml b/helm-charts/kuberopipeline/templates/namespaces.yaml new file mode 100644 index 0000000..53f9c43 --- /dev/null +++ b/helm-charts/kuberopipeline/templates/namespaces.yaml @@ -0,0 +1,11 @@ +{{- $name := .Values.name -}} + +{{- range .Values.phases }} +{{- if .enabled }} +apiVersion: v1 +kind: Namespace +metadata: + name: {{ $name }}-{{ .name }} +--- +{{- end }} +{{- end }} \ No newline at end of file diff --git a/helm-charts/kuberopipeline/templates/secret-deployment-keys.yaml b/helm-charts/kuberopipeline/templates/secret-deployment-keys.yaml new file mode 100644 index 0000000..3c16d65 --- /dev/null +++ b/helm-charts/kuberopipeline/templates/secret-deployment-keys.yaml @@ -0,0 +1,24 @@ +{{- $name := .Values.name -}} +{{- $deploymentstrategy := .Values.deploymentstrategy -}} +{{- $deploykey := .Values.git.keys.priv -}} +{{- $deploykeyPub := .Values.git.keys.pub -}} +{{- $deploykeySshUrl := splitList ":" .Values.git.repository.ssh_url | first -}} + +{{- range .Values.phases }} +{{- if .enabled }} +{{- if and (eq $deploymentstrategy "git") ($deploykeyPub) }} +apiVersion: v1 +kind: Secret +metadata: + name: "deployment-keys" + namespace: {{ $name }}-{{ .name }} + annotations: + app.kubernetes.io/comment: "used by kuberoes Runpacks to pull the code" +type: Opaque +data: + deploykey: {{ $deploykey | quote }} + deploykey.pub: {{ $deploykeyPub | quote }} +--- +{{- end }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/helm-charts/kuberopipeline/templates/secrets-pull-secret.yaml b/helm-charts/kuberopipeline/templates/secrets-pull-secret.yaml new file mode 100644 index 0000000..ae3fe6d --- /dev/null +++ b/helm-charts/kuberopipeline/templates/secrets-pull-secret.yaml @@ -0,0 +1,33 @@ +{{- $name := .Values.name -}} +{{- $deploymentstrategy := .Values.deploymentstrategy -}} +{{- $dockerconfigjson := include "kubero.dockerconfigjson" . -}} +{{- $registryUsername := include "kubero.registryUsername" . -}} +{{- $registryPassword := include "kubero.registryPassword" . -}} +--- +{{- range .Values.phases }} +{{- if .enabled }} +{{- if and (eq $deploymentstrategy "git") (ne $registryUsername "") }} +apiVersion: v1 +kind: Secret +metadata: + name: kubero-pull-secret + namespace: {{ $name }}-{{ .name }} +type: kubernetes.io/dockerconfigjson +data: + .dockerconfigjson: {{ $dockerconfigjson | quote }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: registry-credentials + namespace: {{ $name }}-{{ .name }} + annotations: + app.kubernetes.io/comment: "required by trivy to scan the image" +type: Opaque +data: + username: {{ $registryUsername | quote }} + password: {{ $registryPassword | quote }} +--- +{{- end }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/helm-charts/kuberopipeline/values.yaml b/helm-charts/kuberopipeline/values.yaml index a73f1d8..4f4a327 100644 --- a/helm-charts/kuberopipeline/values.yaml +++ b/helm-charts/kuberopipeline/values.yaml @@ -34,10 +34,10 @@ phases: enabled: false name: review - context: "" - enabled: false + enabled: true name: test - context: "" - enabled: false + enabled: true name: stage - context: "" enabled: true