diff --git a/bootstrap/config/kfctl_basic_auth.yaml b/bootstrap/config/kfctl_basic_auth.yaml index 9d7b908f6a7..cc3eba8f869 100644 --- a/bootstrap/config/kfctl_basic_auth.yaml +++ b/bootstrap/config/kfctl_basic_auth.yaml @@ -30,6 +30,7 @@ components: - centraldashboard - cert-manager - cloud-endpoints + - gcp-credentials-admission-webhook - gpu-driver - jupyter-web-app - katib diff --git a/bootstrap/config/kfctl_iap.yaml b/bootstrap/config/kfctl_iap.yaml index 918659d7042..5988fb43100 100644 --- a/bootstrap/config/kfctl_iap.yaml +++ b/bootstrap/config/kfctl_iap.yaml @@ -28,6 +28,7 @@ components: - centraldashboard - cert-manager - cloud-endpoints + - gcp-credentials-admission-webhook - gpu-driver - iap-ingress - jupyter-web-app diff --git a/components/gcp-admission-webhook/README.md b/components/gcp-admission-webhook/README.md index 4d516e0b45d..8424d14d460 100644 --- a/components/gcp-admission-webhook/README.md +++ b/components/gcp-admission-webhook/README.md @@ -56,3 +56,5 @@ If yes, it will add volume, volumeMount, and environment variable to the pod. 1. https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/ 1. https://github.com/kubernetes/kubernetes/tree/v1.13.0/test/images/webhook 1. https://github.com/morvencao/kube-mutating-webhook-tutorial +1. How to self sign: [link](https://github.com/kubernetes/kubectl/issues/86) +1. What to put for caBundle: [issue](https://github.com/kubernetes/kubernetes/issues/61171) diff --git a/kubeflow/credentials-admission-webhook/README.md b/kubeflow/credentials-admission-webhook/README.md deleted file mode 100644 index f44d44734a9..00000000000 --- a/kubeflow/credentials-admission-webhook/README.md +++ /dev/null @@ -1,11 +0,0 @@ -# Admission Webhook component - -This is for inserting GCP credentials to pods. -See more detail [here](https://github.com/kubeflow/kubeflow/tree/master/components/gcp-admission-webhook). - -We deploy a Job to provision a self signed cert. -See `create_ca.sh`. - -## Reference: -1. How to self sign: [link](https://github.com/kubernetes/kubectl/issues/86) -1. What to put for caBundle: [issue](https://github.com/kubernetes/kubernetes/issues/61171) diff --git a/kubeflow/credentials-admission-webhook/parts.yaml b/kubeflow/credentials-admission-webhook/parts.yaml deleted file mode 100644 index 87f5d5f8970..00000000000 --- a/kubeflow/credentials-admission-webhook/parts.yaml +++ /dev/null @@ -1,22 +0,0 @@ -{ - "name": "credentials-admission-webhook", - "apiVersion": "0.0.1", - "kind": "ksonnet.io/parts", - "description": "This package contains Kubernetes MutatingAdmissionWebhook for injecting credentials into Pods..\n", - "author": "kubeflow-team ", - "contributors": [ - ], - "repository": { - "type": "git", - "url": "https://github.com/kubeflow/kubeflow" - }, - "bugs": { - "url": "https://github.com/kubeflow/kubeflow/issues" - }, - "keywords": [ - "kubernetes", - "kubeflow", - "machine learning" - ], - "license": "Apache 2.0", -} diff --git a/kubeflow/credentials-admission-webhook/create_ca.sh b/kubeflow/gcp/create_ca.sh similarity index 100% rename from kubeflow/credentials-admission-webhook/create_ca.sh rename to kubeflow/gcp/create_ca.sh diff --git a/kubeflow/credentials-admission-webhook/prototypes/webhook.jsonnet b/kubeflow/gcp/prototypes/webhook.jsonnet similarity index 89% rename from kubeflow/credentials-admission-webhook/prototypes/webhook.jsonnet rename to kubeflow/gcp/prototypes/webhook.jsonnet index 7c6a52ef6d4..2d460d63075 100644 --- a/kubeflow/credentials-admission-webhook/prototypes/webhook.jsonnet +++ b/kubeflow/gcp/prototypes/webhook.jsonnet @@ -6,6 +6,6 @@ // @optionalParam image string gcr.io/kubeflow-images-public/gcp-admission-webhook:v20190316-v0.4.0-rc.1-227-gac45af55-dirty-3f9236 The image for the webhook. // @optionalParam webhookSetupImage string gcr.io/kubeflow-images-public/ingress-setup:latest The image for setting up ingress. -local webhook = import "kubeflow/credentials-admission-webhook/webhook.libsonnet"; +local webhook = import "kubeflow/gcp/webhook.libsonnet"; local instance = webhook.new(env, params); instance.list(instance.all) diff --git a/kubeflow/credentials-admission-webhook/webhook.libsonnet b/kubeflow/gcp/webhook.libsonnet similarity index 100% rename from kubeflow/credentials-admission-webhook/webhook.libsonnet rename to kubeflow/gcp/webhook.libsonnet