From 6da93b9836ded751d928ab55c238951114a342da Mon Sep 17 00:00:00 2001 From: Alejandro Escobar Date: Tue, 5 Nov 2019 14:41:58 -0800 Subject: [PATCH 1/4] first stage of the crd fix, move crds to files to be merged in later --- stable/kommander/files/crd.yaml | 63 +++++++++++++++++++ .../federated-addons.yaml | 4 +- .../federated-cluster-rolebindings.yaml | 4 +- .../federated-clusteraddons.yaml | 4 +- .../federated-customresourcedefinition.yaml | 4 +- .../federated-kubeaddons.yaml | 4 +- .../federated-rolebindings.yaml | 4 +- .../{templates => files}/federated-roles.yaml | 4 +- .../kommander/templates/federated-crds.yaml | 28 +++++++++ 9 files changed, 98 insertions(+), 21 deletions(-) create mode 100644 stable/kommander/files/crd.yaml rename stable/kommander/{templates => files}/federated-addons.yaml (97%) rename stable/kommander/{templates => files}/federated-cluster-rolebindings.yaml (97%) rename stable/kommander/{templates => files}/federated-clusteraddons.yaml (97%) rename stable/kommander/{templates => files}/federated-customresourcedefinition.yaml (97%) rename stable/kommander/{templates => files}/federated-kubeaddons.yaml (99%) rename stable/kommander/{templates => files}/federated-rolebindings.yaml (97%) rename stable/kommander/{templates => files}/federated-roles.yaml (97%) create mode 100644 stable/kommander/templates/federated-crds.yaml diff --git a/stable/kommander/files/crd.yaml b/stable/kommander/files/crd.yaml new file mode 100644 index 000000000..bb3a0490e --- /dev/null +++ b/stable/kommander/files/crd.yaml @@ -0,0 +1,63 @@ +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: observableclusters.stable.mesosphere.com + labels: + app: {{ template "kommander.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.name }}" + heritage: "{{ .Release.Service }}" + annotations: + "helm.sh/hook": crd-install +spec: + group: stable.mesosphere.com + versions: + - name: v1 + served: true + storage: true + scope: Namespaced + names: + plural: observableclusters + singular: observablecluster + kind: ObservableCluster + shortNames: + - oc + validation: + openAPIV3Schema: + properties: + spec: + properties: + apiServer: + type: string + minLength: 1 + pattern: ^https?:// + authenticationSecretName: + type: string + minLength: 1 + displayName: + type: string + minLength: 1 + maxLength: 64 + required: + - apiServer + - authenticationSecretName + - displayName + required: + - spec + additionalPrinterColumns: + - name: Display Name + type: string + description: Cluster display name + JSONPath: .spec.displayName + - name: API Server + type: string + description: The URL of the Kubernetes API server + JSONPath: .spec.apiServer + - name: Authentication Secret + type: string + description: Secret holding the data to authenticate against the Kubernetes API server + JSONPath: .spec.authenticationSecretName + - name: Age + type: date + JSONPath: .metadata.creationTimestamp \ No newline at end of file diff --git a/stable/kommander/templates/federated-addons.yaml b/stable/kommander/files/federated-addons.yaml similarity index 97% rename from stable/kommander/templates/federated-addons.yaml rename to stable/kommander/files/federated-addons.yaml index f2a78004a..c98342761 100644 --- a/stable/kommander/templates/federated-addons.yaml +++ b/stable/kommander/files/federated-addons.yaml @@ -1,4 +1,3 @@ -{{- if and .Values.federate.addons .Values.kubefed.enabled }} --- apiVersion: core.kubefed.io/v1beta1 kind: FederatedTypeConfig @@ -158,5 +157,4 @@ spec: versions: - name: v1beta1 served: true - storage: true -{{ end }} \ No newline at end of file + storage: true \ No newline at end of file diff --git a/stable/kommander/templates/federated-cluster-rolebindings.yaml b/stable/kommander/files/federated-cluster-rolebindings.yaml similarity index 97% rename from stable/kommander/templates/federated-cluster-rolebindings.yaml rename to stable/kommander/files/federated-cluster-rolebindings.yaml index 84ba5561e..8752e0f23 100644 --- a/stable/kommander/templates/federated-cluster-rolebindings.yaml +++ b/stable/kommander/files/federated-cluster-rolebindings.yaml @@ -1,4 +1,3 @@ -{{- if and .Values.federate.clusterrolebindings .Values.kubefed.enabled }} --- apiVersion: core.kubefed.io/v1beta1 kind: FederatedTypeConfig @@ -158,5 +157,4 @@ spec: versions: - name: v1beta1 served: true - storage: true -{{ end }} + storage: true \ No newline at end of file diff --git a/stable/kommander/templates/federated-clusteraddons.yaml b/stable/kommander/files/federated-clusteraddons.yaml similarity index 97% rename from stable/kommander/templates/federated-clusteraddons.yaml rename to stable/kommander/files/federated-clusteraddons.yaml index 1fadb3d86..c889c71a6 100644 --- a/stable/kommander/templates/federated-clusteraddons.yaml +++ b/stable/kommander/files/federated-clusteraddons.yaml @@ -1,4 +1,3 @@ -{{- if and .Values.federate.clusteraddons .Values.kubefed.enabled }} --- apiVersion: core.kubefed.io/v1beta1 kind: FederatedTypeConfig @@ -158,5 +157,4 @@ spec: versions: - name: v1beta1 served: true - storage: true -{{ end }} \ No newline at end of file + storage: true \ No newline at end of file diff --git a/stable/kommander/templates/federated-customresourcedefinition.yaml b/stable/kommander/files/federated-customresourcedefinition.yaml similarity index 97% rename from stable/kommander/templates/federated-customresourcedefinition.yaml rename to stable/kommander/files/federated-customresourcedefinition.yaml index 18004efa4..4f76f160f 100644 --- a/stable/kommander/templates/federated-customresourcedefinition.yaml +++ b/stable/kommander/files/federated-customresourcedefinition.yaml @@ -1,4 +1,3 @@ -{{- if and .Values.federate.customresourcedefinitions .Values.kubefed.enabled }} --- apiVersion: core.kubefed.io/v1beta1 kind: FederatedTypeConfig @@ -161,5 +160,4 @@ spec: versions: - name: v1beta1 served: true - storage: true -{{- end }} \ No newline at end of file + storage: true \ No newline at end of file diff --git a/stable/kommander/templates/federated-kubeaddons.yaml b/stable/kommander/files/federated-kubeaddons.yaml similarity index 99% rename from stable/kommander/templates/federated-kubeaddons.yaml rename to stable/kommander/files/federated-kubeaddons.yaml index 7f44b3936..a51d37d18 100644 --- a/stable/kommander/templates/federated-kubeaddons.yaml +++ b/stable/kommander/files/federated-kubeaddons.yaml @@ -1,4 +1,3 @@ -{{- if and .Values.federate.kubeaddons .Values.kubefed.enabled }} --- apiVersion: types.kubefed.io/v1beta1 kind: FederatedNamespace @@ -491,5 +490,4 @@ spec: securityContext: {} serviceAccount: kubeaddons-controller-manager serviceAccountName: kubeaddons-controller-manager - terminationGracePeriodSeconds: 10 -{{- end }} \ No newline at end of file + terminationGracePeriodSeconds: 10 \ No newline at end of file diff --git a/stable/kommander/templates/federated-rolebindings.yaml b/stable/kommander/files/federated-rolebindings.yaml similarity index 97% rename from stable/kommander/templates/federated-rolebindings.yaml rename to stable/kommander/files/federated-rolebindings.yaml index d74eeccdb..b7ccfdcb2 100644 --- a/stable/kommander/templates/federated-rolebindings.yaml +++ b/stable/kommander/files/federated-rolebindings.yaml @@ -1,4 +1,3 @@ -{{- if and .Values.federate.rolebindings .Values.kubefed.enabled }} --- apiVersion: core.kubefed.io/v1beta1 kind: FederatedTypeConfig @@ -158,5 +157,4 @@ spec: versions: - name: v1beta1 served: true - storage: true -{{ end }} \ No newline at end of file + storage: true \ No newline at end of file diff --git a/stable/kommander/templates/federated-roles.yaml b/stable/kommander/files/federated-roles.yaml similarity index 97% rename from stable/kommander/templates/federated-roles.yaml rename to stable/kommander/files/federated-roles.yaml index 021fad827..b6076c62d 100644 --- a/stable/kommander/templates/federated-roles.yaml +++ b/stable/kommander/files/federated-roles.yaml @@ -1,4 +1,3 @@ -{{- if and .Values.federate.roles .Values.kubefed.enabled }} --- apiVersion: core.kubefed.io/v1beta1 kind: FederatedTypeConfig @@ -158,5 +157,4 @@ spec: versions: - name: v1beta1 served: true - storage: true -{{ end }} \ No newline at end of file + storage: true \ No newline at end of file diff --git a/stable/kommander/templates/federated-crds.yaml b/stable/kommander/templates/federated-crds.yaml new file mode 100644 index 000000000..1cdd65f07 --- /dev/null +++ b/stable/kommander/templates/federated-crds.yaml @@ -0,0 +1,28 @@ +--- +{{- if and .Values.federate.addons .Values.kubefed.enabled }} +{{.Files.Get "files/federated-addons.yaml"}} +{{- end }} +--- +{{- if and .Values.federate.clusterrolebindings .Values.kubefed.enabled }} +{{.Files.Get "files/federated-cluster-rolebindings.yaml"}} +{{- end }} +--- +{{- if and .Values.federate.clusteraddons .Values.kubefed.enabled }} +{{.Files.Get "files/federated-clusteraddons.yaml"}} +{{- end }} +--- +{{- if and .Values.federate.customresourcedefinitions .Values.kubefed.enabled }} +{{.Files.Get "files/federated-customresourcedefinition.yaml"}} +{{- end }} +--- +{{- if and .Values.federate.kubeaddons .Values.kubefed.enabled }} +{{.Files.Get "files/federated-kubeaddons.yaml"}} +{{- end }} +--- +{{- if and .Values.federate.rolebindings .Values.kubefed.enabled }} +{{.Files.Get "files/federated-rolebindings.yaml"}} +{{- end }} +--- +{{- if and .Values.federate.roles .Values.kubefed.enabled }} +{{.Files.Get "files/federated-roles.yaml"}} +{{- end }} \ No newline at end of file From 72dbcd80506d711b80f4347baa40f2941744487f Mon Sep 17 00:00:00 2001 From: Alejandro Escobar Date: Tue, 5 Nov 2019 16:30:48 -0800 Subject: [PATCH 2/4] addititional changes to how crds are created --- stable/kommander/files/federated-addons.yaml | 23 --- .../files/federated-cluster-rolebindings.yaml | 23 --- .../files/federated-clusteraddons.yaml | 23 --- .../federated-customresourcedefinition.yaml | 23 --- .../files/federated-rolebindings.yaml | 23 --- stable/kommander/files/federated-roles.yaml | 23 --- .../kommander/templates/federated-crds.yaml | 50 +++--- .../templates/federated-install-crds.yaml | 71 ++++++++ .../federated-kubeaddons.yaml | 16 +- .../templates/federated-typeconfigs.yaml | 162 ++++++++++++++++++ 10 files changed, 278 insertions(+), 159 deletions(-) create mode 100644 stable/kommander/templates/federated-install-crds.yaml rename stable/kommander/{files => templates}/federated-kubeaddons.yaml (97%) create mode 100644 stable/kommander/templates/federated-typeconfigs.yaml diff --git a/stable/kommander/files/federated-addons.yaml b/stable/kommander/files/federated-addons.yaml index c98342761..0a3ea311a 100644 --- a/stable/kommander/files/federated-addons.yaml +++ b/stable/kommander/files/federated-addons.yaml @@ -1,27 +1,4 @@ --- -apiVersion: core.kubefed.io/v1beta1 -kind: FederatedTypeConfig -metadata: - finalizers: - - core.kubefed.io/federated-type-config - generation: 1 - name: addons.kubeaddons.mesosphere.io - namespace: {{ .Release.Namespace }} -spec: - federatedType: - group: types.kubefed.io - kind: FederatedAddon - pluralName: federatedaddons - scope: Namespaced - version: v1beta1 - propagation: Enabled - targetType: - group: kubeaddons.mesosphere.io - kind: Addon - pluralName: addons - scope: Namespaced - version: v1beta1 ---- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: diff --git a/stable/kommander/files/federated-cluster-rolebindings.yaml b/stable/kommander/files/federated-cluster-rolebindings.yaml index 8752e0f23..1f615321c 100644 --- a/stable/kommander/files/federated-cluster-rolebindings.yaml +++ b/stable/kommander/files/federated-cluster-rolebindings.yaml @@ -1,27 +1,4 @@ --- -apiVersion: core.kubefed.io/v1beta1 -kind: FederatedTypeConfig -metadata: - finalizers: - - core.kubefed.io/federated-type-config - generation: 1 - name: clusterrolebindings.rbac.authorization.k8s.io - namespace: {{ .Release.Namespace }} -spec: - federatedType: - group: types.kubefed.io - kind: FederatedClusterRoleBinding - pluralName: federatedclusterrolebindings - scope: Cluster - version: v1beta1 - propagation: Enabled - targetType: - group: rbac.authorization.k8s.io - kind: ClusterRoleBinding - pluralName: clusterrolebindings - scope: Cluster - version: v1 ---- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: diff --git a/stable/kommander/files/federated-clusteraddons.yaml b/stable/kommander/files/federated-clusteraddons.yaml index c889c71a6..dbc94e87e 100644 --- a/stable/kommander/files/federated-clusteraddons.yaml +++ b/stable/kommander/files/federated-clusteraddons.yaml @@ -1,27 +1,4 @@ --- -apiVersion: core.kubefed.io/v1beta1 -kind: FederatedTypeConfig -metadata: - finalizers: - - core.kubefed.io/federated-type-config - generation: 1 - name: clusteraddons.kubeaddons.mesosphere.io - namespace: {{ .Release.Namespace }} -spec: - federatedType: - group: types.kubefed.io - kind: FederatedClusterAddon - pluralName: federatedclusteraddons - scope: Cluster - version: v1beta1 - propagation: Enabled - targetType: - group: kubeaddons.mesosphere.io - kind: ClusterAddon - pluralName: clusteraddons - scope: Cluster - version: v1beta1 ---- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: diff --git a/stable/kommander/files/federated-customresourcedefinition.yaml b/stable/kommander/files/federated-customresourcedefinition.yaml index 4f76f160f..79ce80c0a 100644 --- a/stable/kommander/files/federated-customresourcedefinition.yaml +++ b/stable/kommander/files/federated-customresourcedefinition.yaml @@ -1,27 +1,4 @@ --- -apiVersion: core.kubefed.io/v1beta1 -kind: FederatedTypeConfig -metadata: - finalizers: - - core.kubefed.io/federated-type-config - generation: 1 - name: customresourcedefinitions.apiextensions.k8s.io - namespace: {{ .Release.Namespace }} -spec: - federatedType: - group: types.kubefed.io - kind: FederatedCustomResourceDefinition - pluralName: federatedcustomresourcedefinitions - scope: Cluster - version: v1beta1 - propagation: Enabled - targetType: - group: apiextensions.k8s.io - kind: CustomResourceDefinition - pluralName: customresourcedefinitions - scope: Cluster - version: v1beta1 ---- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: diff --git a/stable/kommander/files/federated-rolebindings.yaml b/stable/kommander/files/federated-rolebindings.yaml index b7ccfdcb2..eab39a47e 100644 --- a/stable/kommander/files/federated-rolebindings.yaml +++ b/stable/kommander/files/federated-rolebindings.yaml @@ -1,27 +1,4 @@ --- -apiVersion: core.kubefed.io/v1beta1 -kind: FederatedTypeConfig -metadata: - finalizers: - - core.kubefed.io/federated-type-config - generation: 1 - name: rolebindings.rbac.authorization.k8s.io - namespace: {{ .Release.Namespace }} -spec: - federatedType: - group: types.kubefed.io - kind: FederatedRoleBinding - pluralName: federatedrolebindings - scope: Namespaced - version: v1beta1 - propagation: Enabled - targetType: - group: rbac.authorization.k8s.io - kind: RoleBinding - pluralName: rolebindings - scope: Namespaced - version: v1 ---- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: diff --git a/stable/kommander/files/federated-roles.yaml b/stable/kommander/files/federated-roles.yaml index b6076c62d..9dd87f3bb 100644 --- a/stable/kommander/files/federated-roles.yaml +++ b/stable/kommander/files/federated-roles.yaml @@ -1,27 +1,4 @@ --- -apiVersion: core.kubefed.io/v1beta1 -kind: FederatedTypeConfig -metadata: - finalizers: - - core.kubefed.io/federated-type-config - generation: 1 - name: roles.rbac.authorization.k8s.io - namespace: {{ .Release.Namespace }} -spec: - federatedType: - group: types.kubefed.io - kind: FederatedRole - pluralName: federatedroles - scope: Namespaced - version: v1beta1 - propagation: Enabled - targetType: - group: rbac.authorization.k8s.io - kind: Role - pluralName: roles - scope: Namespaced - version: v1 ---- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: diff --git a/stable/kommander/templates/federated-crds.yaml b/stable/kommander/templates/federated-crds.yaml index 1cdd65f07..406c637b7 100644 --- a/stable/kommander/templates/federated-crds.yaml +++ b/stable/kommander/templates/federated-crds.yaml @@ -1,28 +1,38 @@ +{{- if .Values.kubefed.enabled }} --- -{{- if and .Values.federate.addons .Values.kubefed.enabled }} -{{.Files.Get "files/federated-addons.yaml"}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: federeated-crds + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": pre-install, pre-upgrade + "helm.sh/hook-weight": "-5" + labels: +{{ include "kommander.labels" . | indent 4 }} +data: +{{- if .Values.federate.addons }} + federated-addons.yaml: | +{{.Files.Get "files/federated-addons.yaml" | indent 6}} {{- end }} ---- -{{- if and .Values.federate.clusterrolebindings .Values.kubefed.enabled }} -{{.Files.Get "files/federated-cluster-rolebindings.yaml"}} +{{- if .Values.federate.clusterrolebindings }} + federated-cluster-rolebindings.yaml: | +{{.Files.Get "files/federated-cluster-rolebindings.yaml" | indent 6}} {{- end }} ---- -{{- if and .Values.federate.clusteraddons .Values.kubefed.enabled }} -{{.Files.Get "files/federated-clusteraddons.yaml"}} +{{- if .Values.federate.clusteraddons }} + federated-clusteraddons.yaml: | +{{.Files.Get "files/federated-clusteraddons.yaml" | indent 6}} {{- end }} ---- -{{- if and .Values.federate.customresourcedefinitions .Values.kubefed.enabled }} -{{.Files.Get "files/federated-customresourcedefinition.yaml"}} +{{- if .Values.federate.customresourcedefinitions }} + federated-customresourcedefinition.yaml: | +{{.Files.Get "files/federated-customresourcedefinition.yaml" | indent 6}} {{- end }} ---- -{{- if and .Values.federate.kubeaddons .Values.kubefed.enabled }} -{{.Files.Get "files/federated-kubeaddons.yaml"}} +{{- if .Values.federate.rolebindings }} + federated-rolebindings.yaml: | +{{.Files.Get "files/federated-rolebindings.yaml" | indent 6}} {{- end }} ---- -{{- if and .Values.federate.rolebindings .Values.kubefed.enabled }} -{{.Files.Get "files/federated-rolebindings.yaml"}} +{{- if .Values.federate.roles }} + federated-roles.yaml: | +{{.Files.Get "files/federated-roles.yaml" | indent 6}} {{- end }} ---- -{{- if and .Values.federate.roles .Values.kubefed.enabled }} -{{.Files.Get "files/federated-roles.yaml"}} {{- end }} \ No newline at end of file diff --git a/stable/kommander/templates/federated-install-crds.yaml b/stable/kommander/templates/federated-install-crds.yaml new file mode 100644 index 000000000..4fd26d8e8 --- /dev/null +++ b/stable/kommander/templates/federated-install-crds.yaml @@ -0,0 +1,71 @@ +{{- if .Values.kubefed.enabled }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kommander-kubefed-crds + annotations: + "helm.sh/hook": pre-install, pre-upgrade + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": hook-succeeded +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["create", "get", "list", "watch", "patch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: kommander-kubefed-crds + annotations: + "helm.sh/hook": pre-install, pre-upgrade + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": hook-succeeded +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: kubefed-crds +subjects: + - kind: ServiceAccount + name: kubefed-crds + namespace: {{ .Release.Namespace }} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: kommander-kubefed-crds + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": pre-install, pre-upgrade + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": hook-succeeded +{{- end }} + +--- +apiVersion: batch/v1 +kind: Job +metadata: + namespace: {{ .Release.Namespace }} + name: kubefed-crds + annotations: + "helm.sh/hook": pre-install, pre-upgrade + "helm.sh/hook-weight": "-4" + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + spec: + serviceAccountName: kubefed-crds + containers: + - name: kubefed-crds + image: "bitnami/kubectl:1.16.2" + volumeMounts: + - name: kubefed-crds + mountPath: /etc/kubefed-crds + readOnly: true + command: ["kubectl", "apply", "-f", "/etc/kubefed-crds"] + volumes: + - name: kubefed-crds + configMap: + name: kubefed-crds + restartPolicy: OnFailure +--- \ No newline at end of file diff --git a/stable/kommander/files/federated-kubeaddons.yaml b/stable/kommander/templates/federated-kubeaddons.yaml similarity index 97% rename from stable/kommander/files/federated-kubeaddons.yaml rename to stable/kommander/templates/federated-kubeaddons.yaml index a51d37d18..7959f50a6 100644 --- a/stable/kommander/files/federated-kubeaddons.yaml +++ b/stable/kommander/templates/federated-kubeaddons.yaml @@ -1,9 +1,12 @@ +{{- if and .Values.federate.kubeaddons .Values.kubefed.enabled }} --- apiVersion: types.kubefed.io/v1beta1 kind: FederatedNamespace metadata: name: kubeaddons namespace: kubeaddons + labels: +{{ include "kommander.labels" . | indent 4 }} spec: placement: clusterSelector: @@ -15,6 +18,8 @@ apiVersion: types.kubefed.io/v1beta1 kind: FederatedCustomResourceDefinition metadata: name: addons.kubeaddons.mesosphere.io + labels: +{{ include "kommander.labels" . | indent 4 }} spec: placement: clusterSelector: @@ -213,6 +218,8 @@ apiVersion: types.kubefed.io/v1beta1 kind: FederatedCustomResourceDefinition metadata: name: clusteraddons.kubeaddons.mesosphere.io + labels: +{{ include "kommander.labels" . | indent 4 }} spec: placement: clusterSelector: @@ -417,6 +424,8 @@ kind: FederatedServiceAccount metadata: name: kubeaddons-controller-manager namespace: kubeaddons + labels: +{{ include "kommander.labels" . | indent 4 }} spec: placement: clusterSelector: @@ -427,6 +436,8 @@ apiVersion: types.kubefed.io/v1beta1 kind: FederatedClusterRoleBinding metadata: name: kubeaddons-controller-manager-cluster-admin-binding + labels: +{{ include "kommander.labels" . | indent 4 }} spec: placement: clusterSelector: @@ -446,6 +457,8 @@ kind: FederatedDeployment metadata: name: kubeaddons-controller-manager namespace: kubeaddons + labels: +{{ include "kommander.labels" . | indent 4 }} spec: placement: clusterSelector: @@ -490,4 +503,5 @@ spec: securityContext: {} serviceAccount: kubeaddons-controller-manager serviceAccountName: kubeaddons-controller-manager - terminationGracePeriodSeconds: 10 \ No newline at end of file + terminationGracePeriodSeconds: 10 +{{- end }} \ No newline at end of file diff --git a/stable/kommander/templates/federated-typeconfigs.yaml b/stable/kommander/templates/federated-typeconfigs.yaml new file mode 100644 index 000000000..8bc0a1704 --- /dev/null +++ b/stable/kommander/templates/federated-typeconfigs.yaml @@ -0,0 +1,162 @@ +--- +{{- if and .Values.federate.addons .Values.kubefed.enabled }} +apiVersion: core.kubefed.io/v1beta1 +kind: FederatedTypeConfig +metadata: + finalizers: + - core.kubefed.io/federated-type-config + generation: 1 + name: addons.kubeaddons.mesosphere.io + namespace: {{ .Release.Namespace }} + labels: +{{ include "kommander.labels" . | indent 4 }} +spec: + federatedType: + group: types.kubefed.io + kind: FederatedAddon + pluralName: federatedaddons + scope: Namespaced + version: v1beta1 + propagation: Enabled + targetType: + group: kubeaddons.mesosphere.io + kind: Addon + pluralName: addons + scope: Namespaced + version: v1beta1 +{{- end }} +--- +{{- if and .Values.federate.clusterrolebindings .Values.kubefed.enabled }} +apiVersion: core.kubefed.io/v1beta1 +kind: FederatedTypeConfig +metadata: + finalizers: + - core.kubefed.io/federated-type-config + generation: 1 + name: clusterrolebindings.rbac.authorization.k8s.io + namespace: {{ .Release.Namespace }} + labels: +{{ include "kommander.labels" . | indent 4 }} +spec: + federatedType: + group: types.kubefed.io + kind: FederatedClusterRoleBinding + pluralName: federatedclusterrolebindings + scope: Cluster + version: v1beta1 + propagation: Enabled + targetType: + group: rbac.authorization.k8s.io + kind: ClusterRoleBinding + pluralName: clusterrolebindings + scope: Cluster + version: v1 +{{- end }} +--- +{{- if and .Values.federate.clusteraddons .Values.kubefed.enabled }} +apiVersion: core.kubefed.io/v1beta1 +kind: FederatedTypeConfig +metadata: + finalizers: + - core.kubefed.io/federated-type-config + generation: 1 + name: clusteraddons.kubeaddons.mesosphere.io + namespace: {{ .Release.Namespace }} + labels: +{{ include "kommander.labels" . | indent 4 }} +spec: + federatedType: + group: types.kubefed.io + kind: FederatedClusterAddon + pluralName: federatedclusteraddons + scope: Cluster + version: v1beta1 + propagation: Enabled + targetType: + group: kubeaddons.mesosphere.io + kind: ClusterAddon + pluralName: clusteraddons + scope: Cluster + version: v1beta1 +{{- end }} +--- +{{- if and .Values.federate.customresourcedefinitions .Values.kubefed.enabled }} +apiVersion: core.kubefed.io/v1beta1 +kind: FederatedTypeConfig +metadata: + finalizers: + - core.kubefed.io/federated-type-config + generation: 1 + name: customresourcedefinitions.apiextensions.k8s.io + namespace: {{ .Release.Namespace }} + labels: +{{ include "kommander.labels" . | indent 4 }} +spec: + federatedType: + group: types.kubefed.io + kind: FederatedCustomResourceDefinition + pluralName: federatedcustomresourcedefinitions + scope: Cluster + version: v1beta1 + propagation: Enabled + targetType: + group: apiextensions.k8s.io + kind: CustomResourceDefinition + pluralName: customresourcedefinitions + scope: Cluster + version: v1beta1 +{{- end }} +--- +{{- if and .Values.federate.rolebindings .Values.kubefed.enabled }} +apiVersion: core.kubefed.io/v1beta1 +kind: FederatedTypeConfig +metadata: + finalizers: + - core.kubefed.io/federated-type-config + generation: 1 + name: rolebindings.rbac.authorization.k8s.io + namespace: {{ .Release.Namespace }} + labels: +{{ include "kommander.labels" . | indent 4 }} +spec: + federatedType: + group: types.kubefed.io + kind: FederatedRoleBinding + pluralName: federatedrolebindings + scope: Namespaced + version: v1beta1 + propagation: Enabled + targetType: + group: rbac.authorization.k8s.io + kind: RoleBinding + pluralName: rolebindings + scope: Namespaced + version: v1 +{{- end }} +--- +{{- if and .Values.federate.roles .Values.kubefed.enabled }} +apiVersion: core.kubefed.io/v1beta1 +kind: FederatedTypeConfig +metadata: + finalizers: + - core.kubefed.io/federated-type-config + generation: 1 + name: roles.rbac.authorization.k8s.io + namespace: {{ .Release.Namespace }} + labels: +{{ include "kommander.labels" . | indent 4 }} +spec: + federatedType: + group: types.kubefed.io + kind: FederatedRole + pluralName: federatedroles + scope: Namespaced + version: v1beta1 + propagation: Enabled + targetType: + group: rbac.authorization.k8s.io + kind: Role + pluralName: roles + scope: Namespaced + version: v1 +{{- end }} \ No newline at end of file From 6ec17e8a64d67b6dda289d1a950e6eb436ee9248 Mon Sep 17 00:00:00 2001 From: Alejandro Escobar Date: Tue, 5 Nov 2019 23:05:58 -0800 Subject: [PATCH 3/4] fixed issues with process, separeted observable crd items from federated ones --- .../{crd.yaml => observableclusters-crd.yaml} | 5 - stable/kommander/templates/crd.yaml | 67 -------------- .../kommander/templates/federated-crds.yaml | 92 ++++++++++++++++++- ...-install-crds.yaml => observable-crd.yaml} | 52 +++++++---- 4 files changed, 126 insertions(+), 90 deletions(-) rename stable/kommander/files/{crd.yaml => observableclusters-crd.yaml} (86%) delete mode 100644 stable/kommander/templates/crd.yaml rename stable/kommander/templates/{federated-install-crds.yaml => observable-crd.yaml} (56%) diff --git a/stable/kommander/files/crd.yaml b/stable/kommander/files/observableclusters-crd.yaml similarity index 86% rename from stable/kommander/files/crd.yaml rename to stable/kommander/files/observableclusters-crd.yaml index bb3a0490e..b1dabd599 100644 --- a/stable/kommander/files/crd.yaml +++ b/stable/kommander/files/observableclusters-crd.yaml @@ -3,11 +3,6 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: name: observableclusters.stable.mesosphere.com - labels: - app: {{ template "kommander.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.name }}" - heritage: "{{ .Release.Service }}" annotations: "helm.sh/hook": crd-install spec: diff --git a/stable/kommander/templates/crd.yaml b/stable/kommander/templates/crd.yaml deleted file mode 100644 index 25dd98058..000000000 --- a/stable/kommander/templates/crd.yaml +++ /dev/null @@ -1,67 +0,0 @@ -{{- if .Values.createObservableClusterCRD }} -{{- if not (.Capabilities.APIVersions.Has "stable.mesosphere.com/v1") }} ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: observableclusters.stable.mesosphere.com - labels: - app: {{ template "kommander.fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.name }}" - heritage: "{{ .Release.Service }}" - annotations: - "helm.sh/hook": crd-install -spec: - group: stable.mesosphere.com - versions: - - name: v1 - served: true - storage: true - scope: Namespaced - names: - plural: observableclusters - singular: observablecluster - kind: ObservableCluster - shortNames: - - oc - validation: - openAPIV3Schema: - properties: - spec: - properties: - apiServer: - type: string - minLength: 1 - pattern: ^https?:// - authenticationSecretName: - type: string - minLength: 1 - displayName: - type: string - minLength: 1 - maxLength: 64 - required: - - apiServer - - authenticationSecretName - - displayName - required: - - spec - additionalPrinterColumns: - - name: Display Name - type: string - description: Cluster display name - JSONPath: .spec.displayName - - name: API Server - type: string - description: The URL of the Kubernetes API server - JSONPath: .spec.apiServer - - name: Authentication Secret - type: string - description: Secret holding the data to authenticate against the Kubernetes API server - JSONPath: .spec.authenticationSecretName - - name: Age - type: date - JSONPath: .metadata.creationTimestamp -{{- end }} -{{- end }} \ No newline at end of file diff --git a/stable/kommander/templates/federated-crds.yaml b/stable/kommander/templates/federated-crds.yaml index 406c637b7..461a65eda 100644 --- a/stable/kommander/templates/federated-crds.yaml +++ b/stable/kommander/templates/federated-crds.yaml @@ -1,13 +1,34 @@ {{- if .Values.kubefed.enabled }} +{{- if not (.Capabilities.APIVersions.Has "types.kubefed.io/v1beta1") }} +{{- if .Values.federate.addons }} +{{.Files.Get "files/federated-addons.yaml" }} +{{- end }} +{{- if .Values.federate.clusterrolebindings }} +{{.Files.Get "files/federated-cluster-rolebindings.yaml" }} +{{- end }} +{{- if .Values.federate.clusteraddons }} +{{.Files.Get "files/federated-clusteraddons.yaml" }} +{{- end }} +{{- if .Values.federate.customresourcedefinitions }} +{{.Files.Get "files/federated-customresourcedefinition.yaml" }} +{{- end }} +{{- if .Values.federate.rolebindings }} +{{.Files.Get "files/federated-rolebindings.yaml" }} +{{- end }} +{{- if .Values.federate.roles }} +{{.Files.Get "files/federated-roles.yaml" }} +{{- end }} +{{- end }} --- apiVersion: v1 kind: ConfigMap metadata: - name: federeated-crds + name: federated-crds namespace: {{ .Release.Namespace }} annotations: "helm.sh/hook": pre-install, pre-upgrade "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": hook-succeeded labels: {{ include "kommander.labels" . | indent 4 }} data: @@ -35,4 +56,73 @@ data: federated-roles.yaml: | {{.Files.Get "files/federated-roles.yaml" | indent 6}} {{- end }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kommander-crds + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": pre-install, pre-upgrade + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": hook-succeeded +rules: + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["create", "get", "list", "watch", "patch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: kommander-crds + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": pre-install, pre-upgrade + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": hook-succeeded +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: kommander-crds +subjects: + - kind: ServiceAccount + name: kommander-crds + namespace: {{ .Release.Namespace }} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: kommander-crds + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": pre-install, pre-upgrade + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": hook-succeeded +--- +apiVersion: batch/v1 +kind: Job +metadata: + namespace: {{ .Release.Namespace }} + name: federated-crds + annotations: + "helm.sh/hook": pre-install, pre-upgrade + "helm.sh/hook-weight": "-4" + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + spec: + serviceAccountName: kommander-crds + containers: + - name: federated-crds + image: "bitnami/kubectl:1.16.2" + volumeMounts: + - name: federated-crds + mountPath: /etc/federated-crds + readOnly: true + command: ["kubectl", "apply", "-f", "/etc/federated-crds"] + volumes: + - name: federated-crds + configMap: + name: federated-crds + restartPolicy: OnFailure {{- end }} \ No newline at end of file diff --git a/stable/kommander/templates/federated-install-crds.yaml b/stable/kommander/templates/observable-crd.yaml similarity index 56% rename from stable/kommander/templates/federated-install-crds.yaml rename to stable/kommander/templates/observable-crd.yaml index 4fd26d8e8..f6e08f435 100644 --- a/stable/kommander/templates/federated-install-crds.yaml +++ b/stable/kommander/templates/observable-crd.yaml @@ -1,9 +1,28 @@ -{{- if .Values.kubefed.enabled }} +{{- if .Values.createObservableClusterCRD }} +{{- if not (.Capabilities.APIVersions.Has "stable.mesosphere.com/v1") }} +{{.Files.Get "files/observableclusters-crd.yaml" }} +{{- end }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: observable-crds + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": pre-install, pre-upgrade + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": hook-succeeded + labels: +{{ include "kommander.labels" . | indent 4 }} +data: + observableclusters-crd.yaml: | +{{.Files.Get "files/observableclusters-crd.yaml" | indent 6}} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: kommander-kubefed-crds + name: observable-crds + namespace: {{ .Release.Namespace }} annotations: "helm.sh/hook": pre-install, pre-upgrade "helm.sh/hook-weight": "-5" @@ -16,7 +35,8 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: kommander-kubefed-crds + name: observable-crds + namespace: {{ .Release.Namespace }} annotations: "helm.sh/hook": pre-install, pre-upgrade "helm.sh/hook-weight": "-5" @@ -24,29 +44,27 @@ metadata: roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: kubefed-crds + name: observable-crds subjects: - kind: ServiceAccount - name: kubefed-crds + name: observable-crds namespace: {{ .Release.Namespace }} --- apiVersion: v1 kind: ServiceAccount metadata: - name: kommander-kubefed-crds + name: observable-crds namespace: {{ .Release.Namespace }} annotations: "helm.sh/hook": pre-install, pre-upgrade "helm.sh/hook-weight": "-5" "helm.sh/hook-delete-policy": hook-succeeded -{{- end }} - --- apiVersion: batch/v1 kind: Job metadata: namespace: {{ .Release.Namespace }} - name: kubefed-crds + name: observable-crds annotations: "helm.sh/hook": pre-install, pre-upgrade "helm.sh/hook-weight": "-4" @@ -54,18 +72,18 @@ metadata: spec: template: spec: - serviceAccountName: kubefed-crds + serviceAccountName: observable-crds containers: - - name: kubefed-crds + - name: observable-crds image: "bitnami/kubectl:1.16.2" volumeMounts: - - name: kubefed-crds - mountPath: /etc/kubefed-crds + - name: observable-crds + mountPath: /etc/observable-crds readOnly: true - command: ["kubectl", "apply", "-f", "/etc/kubefed-crds"] + command: ["kubectl", "apply", "-f", "/etc/c-crds"] volumes: - - name: kubefed-crds + - name: observable-crds configMap: - name: kubefed-crds + name: observable-crds restartPolicy: OnFailure ---- \ No newline at end of file +{{- end }} \ No newline at end of file From c72cd200d99edb3e67d7fe8cd96271d69d788256 Mon Sep 17 00:00:00 2001 From: Alejandro Escobar Date: Tue, 5 Nov 2019 23:16:43 -0800 Subject: [PATCH 4/4] chart version bump --- stable/kommander/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stable/kommander/Chart.yaml b/stable/kommander/Chart.yaml index 6ec6f1034..012916020 100644 --- a/stable/kommander/Chart.yaml +++ b/stable/kommander/Chart.yaml @@ -3,7 +3,7 @@ name: kommander home: https://github.com/mesosphere/kommander appVersion: "1.149.0" description: Kommander -version: 0.2.0 +version: 0.2.1 maintainers: - name: hectorj2f - name: alejandroEsc