diff --git a/manifests/Makefile b/manifests/Makefile index 16178584c..ab07ab98b 100644 --- a/manifests/Makefile +++ b/manifests/Makefile @@ -138,7 +138,7 @@ ARCH = $(shell uname -m | sed 's/x86_64/amd64/') bin/kustomize: @mkdir -p bin - @curl -sSLo - https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v4.0.3/kustomize_v4.0.3_$(OS)_$(ARCH).tar.gz | tar xzf - -C bin/ && chmod +x bin/kustomize + @curl -sSLo - https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v5.0.3/kustomize_v5.0.3_$(OS)_$(ARCH).tar.gz | tar xzf - -C bin/ && chmod +x bin/kustomize bin/yq: @mkdir -p bin diff --git a/manifests/template-operator.yaml b/manifests/template-operator.yaml index 6d988bf4b..1f9ba501b 100644 --- a/manifests/template-operator.yaml +++ b/manifests/template-operator.yaml @@ -1,10 +1,5 @@ # This file was generated by running 'make template-operator.yaml' in manifests directory apiVersion: v1 -kind: Namespace -metadata: - name: platform-system ---- -apiVersion: v1 kind: ServiceAccount metadata: name: template-operator-manager @@ -16,32 +11,32 @@ metadata: name: template-operator-leader-election-role namespace: platform-system rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - "" - resources: - - configmaps/status - verbs: - - get - - update - - patch -- apiGroups: - - "" - resources: - - events - verbs: - - create + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - configmaps/status + verbs: + - get + - update + - patch + - apiGroups: + - "" + resources: + - events + verbs: + - create --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -49,12 +44,12 @@ metadata: creationTimestamp: null name: template-operator-manager-role rules: -- apiGroups: - - '*' - resources: - - '*' - verbs: - - '*' + - apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding @@ -66,9 +61,9 @@ roleRef: kind: Role name: template-operator-leader-election-role subjects: -- kind: ServiceAccount - name: template-operator-manager - namespace: platform-system + - kind: ServiceAccount + name: template-operator-manager + namespace: platform-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -79,9 +74,9 @@ roleRef: kind: ClusterRole name: template-operator-manager-role subjects: -- kind: ServiceAccount - name: template-operator-manager - namespace: platform-system + - kind: ServiceAccount + name: template-operator-manager + namespace: platform-system --- apiVersion: v1 kind: Service @@ -94,9 +89,9 @@ metadata: namespace: platform-system spec: ports: - - name: prometheus - port: 8080 - protocol: TCP + - name: prometheus + port: 8080 + protocol: TCP selector: control-plane: template-operator --- @@ -118,28 +113,28 @@ spec: control-plane: template-operator spec: containers: - - args: - - --metrics-addr=0.0.0.0:8080 - - --enable-leader-election - - --sync-period={{ .templateOperator.syncPeriod | default "5m" }} - image: docker.io/flanksource/template-operator:{{.templateOperator.version}} - name: manager - resources: - limits: - cpu: 500m - memory: 1Gi - requests: - cpu: 100m - memory: 200Mi - - args: - - --secure-listen-address=0.0.0.0:8443 - - --upstream=http://127.0.0.1:8080/ - - --logtostderr=true - - --v=2 - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.5.0 - name: kube-rbac-proxy - ports: - - containerPort: 8443 - name: https + - args: + - --metrics-addr=0.0.0.0:8080 + - --enable-leader-election + - --sync-period={{ .templateOperator.syncPeriod | default "5m" }} + image: docker.io/flanksource/template-operator:{{.templateOperator.version}} + name: manager + resources: + limits: + cpu: 500m + memory: 1Gi + requests: + cpu: 100m + memory: 200Mi + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=2 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.5.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https serviceAccount: template-operator-manager - terminationGracePeriodSeconds: 10 \ No newline at end of file + terminationGracePeriodSeconds: 10 diff --git a/manifests/upstream/template-operator/base/kustomization.yaml b/manifests/upstream/template-operator/base/kustomization.yaml index f5626af66..82786f252 100644 --- a/manifests/upstream/template-operator/base/kustomization.yaml +++ b/manifests/upstream/template-operator/base/kustomization.yaml @@ -5,26 +5,32 @@ images: - name: flanksource/template-operator newName: docker.io/flanksource/template-operator newTag: "{{.templateOperator.version}}" -patchesStrategicMerge: - - |- - apiVersion: apps/v1 - kind: Deployment - metadata: - name: template-operator-controller-manager - namespace: template-operator - spec: - template: - spec: - containers: - - name: manager - args: - - --metrics-addr=0.0.0.0:8080 - - --enable-leader-election - - "--sync-period={{ .templateOperator.syncPeriod | default \"5m\" }}" - resources: - limits: - cpu: 500m - memory: 1Gi - requests: - cpu: 100m - memory: 200Mi +patches: + - patch: |- + apiVersion: apps/v1 + kind: Deployment + metadata: + name: template-operator-controller-manager + namespace: template-operator + spec: + template: + spec: + containers: + - name: manager + args: + - --metrics-addr=0.0.0.0:8080 + - --enable-leader-election + - "--sync-period={{ .templateOperator.syncPeriod | default \"5m\" }}" + resources: + limits: + cpu: 500m + memory: 1Gi + requests: + cpu: 100m + memory: 200Mi + - patch: |- + $patch: delete + apiVersion: v1 + kind: Namespace + metadata: + name: template-operator