Skip to content

Commit

Permalink
Merge pull request #33 from kubealex/release-0.6.1
Browse files Browse the repository at this point in the history 
prepare for 0.6.1 bump
  • Loading branch information
@kubealex
kubealex committed Oct 2, 2022
2 parents 4555839 + ea3fd72 commit 71d5740
Show file tree
Hide file tree
Showing 21 changed files with 428 additions and 371 deletions.
2 changes: 1 addition & 1 deletion Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# Build the manager binary
FROM quay.io/operator-framework/helm-operator:v1.15.0
FROM quay.io/operator-framework/helm-operator:v1.23.0

ENV HOME=/opt/helm
COPY watches.yaml ${HOME}/watches.yaml
Expand Down
4 changes: 2 additions & 2 deletions config/crd/bases/charts.kubealex.com_k8smediaservers.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: k8smediaservers.kubealex.com
name: k8smediaservers.charts.kubealex.com
spec:
group: kubealex.com
group: charts.kubealex.com
names:
kind: K8SMediaserver
listKind: K8SMediaserverList
Expand Down
44 changes: 0 additions & 44 deletions config/crd/bases/kubealex.com_k8smediaservers.yaml
View file

This file was deleted.

8 changes: 5 additions & 3 deletions config/default/kustomization.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,10 +9,12 @@ namespace: k8s-mediaserver-operator-system
namePrefix: k8s-mediaserver-operator-

# Labels to add to all resources and selectors.
#commonLabels:
# someName: someValue
#labels:
#- includeSelectors: true
# pairs:
# someName: someValue

bases:
resources:
- ../crd
- ../rbac
- ../manager
Expand Down
17 changes: 15 additions & 2 deletions config/default/manager_auth_proxy_patch.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,15 +10,28 @@ spec:
spec:
containers:
- name: kube-rbac-proxy
image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- "ALL"
image: gcr.io/kubebuilder/kube-rbac-proxy:v0.13.0
args:
- "--secure-listen-address=0.0.0.0:8443"
- "--upstream=http://127.0.0.1:8080/"
- "--logtostderr=true"
- "--v=10"
- "--v=0"
ports:
- containerPort: 8443
protocol: TCP
name: https
resources:
limits:
cpu: 500m
memory: 128Mi
requests:
cpu: 5m
memory: 64Mi
- name: manager
args:
- "--health-probe-bind-address=:8081"
Expand Down
10 changes: 10 additions & 0 deletions config/manager/controller_manager_config.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,3 +8,13 @@ metrics:
leaderElection:
leaderElect: true
resourceName: 811c9dc5.kubealex.com
# leaderElectionReleaseOnCancel defines if the leader should step down volume
# when the Manager ends. This requires the binary to immediately end when the
# Manager is stopped, otherwise, this setting is unsafe. Setting this significantly
# speeds up voluntary leader transitions as the new leader don't have to wait
# LeaseDuration time first.
# In the default scaffold provided, the program ends immediately after
# the manager stops, so would be fine to enable this option. However,
# if you are doing or is intended to do any operation such as perform cleanups
# after the manager stops then its usage might be unsafe.
# leaderElectionReleaseOnCancel: true
24 changes: 19 additions & 5 deletions config/manager/manager.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,19 +19,31 @@ spec:
replicas: 1
template:
metadata:
annotations:
kubectl.kubernetes.io/default-container: manager
labels:
control-plane: controller-manager
spec:
securityContext:
runAsNonRoot: true
# TODO(user): For common cases that do not require escalating privileges
# it is recommended to ensure that all your Pods/Containers are restrictive.
# More info: https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
# Please uncomment the following code if your project does NOT have to work on old Kubernetes
# versions < 1.19 or on vendors versions which do NOT support this field by default (i.e. Openshift < 4.11 ).
# seccompProfile:
# type: RuntimeDefault
containers:
- args:
- --leader-elect
- --leader-election-id=k8s-mediaserver-operator
image: quay.io/kubealex/k8s-mediaserver-operator:v0.5
image: controller:latest
name: manager
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- "ALL"
livenessProbe:
httpGet:
path: /healthz
Expand All @@ -44,12 +56,14 @@ spec:
port: 8081
initialDelaySeconds: 5
periodSeconds: 10
# TODO(user): Configure the resources accordingly based on the project requirements.
# More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
resources:
limits:
cpu: 100m
memory: 90Mi
cpu: 500m
memory: 128Mi
requests:
cpu: 100m
memory: 60Mi
cpu: 10m
memory: 64Mi
serviceAccountName: controller-manager
terminationGracePeriodSeconds: 10
48 changes: 0 additions & 48 deletions config/manifests/bases/k8s-mediaserver-operator.clusterserviceversion.yaml
View file

This file was deleted.

6 changes: 3 additions & 3 deletions config/manifests/kustomization.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# These resources constitute the fully configured set of manifests
# used to generate the 'manifests/' directory in a bundle.
resources:
#- bases/k8s-mediaserver-operator.clusterserviceversion.yaml
- bases/k8s-mediaserver-operator.clusterserviceversion.yaml
- ../default
#- ../samples
#- ../scorecard
- ../samples
- ../scorecard
1 change: 1 addition & 0 deletions config/rbac/auth_proxy_service.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ spec:
ports:
- name: https
port: 8443
protocol: TCP
targetPort: https
selector:
control-plane: controller-manager
4 changes: 2 additions & 2 deletions config/rbac/k8smediaserver_editor_role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
name: k8smediaserver-editor-role
rules:
- apiGroups:
- kubealex.com
- charts.kubealex.com
resources:
- k8smediaservers
verbs:
Expand All @@ -17,7 +17,7 @@ rules:
- update
- watch
- apiGroups:
- kubealex.com
- charts.kubealex.com
resources:
- k8smediaservers/status
verbs:
Expand Down
4 changes: 2 additions & 2 deletions config/rbac/k8smediaserver_viewer_role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,15 +5,15 @@ metadata:
name: k8smediaserver-viewer-role
rules:
- apiGroups:
- kubealex.com
- charts.kubealex.com
resources:
- k8smediaservers
verbs:
- get
- list
- watch
- apiGroups:
- kubealex.com
- charts.kubealex.com
resources:
- k8smediaservers/status
verbs:
Expand Down
50 changes: 32 additions & 18 deletions config/rbac/role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ rules:
## Rules for charts.kubealex.com/v1, Kind: K8SMediaserver
##
- apiGroups:
- kubealex.com
- charts.kubealex.com
resources:
- k8smediaservers
- k8smediaservers/status
Expand All @@ -45,25 +45,39 @@ rules:
- patch
- update
- watch
- verbs:
- "*"
apiGroups:
- apiGroups:
- ""
resources:
- "configmaps"
- "persistentvolumeclaims"
- "services"
- verbs:
- "*"
apiGroups:
- "apps"
resources:
- "deployments"
- verbs:
- "*"
apiGroups:
- "networking.k8s.io"
- pods
- services
- services/finalizers
- endpoints
- persistentvolumeclaims
- events
- configmaps
- secrets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps
resources:
- "ingresses"
- deployments
- daemonsets
- replicasets
- statefulsets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch

#+kubebuilder:scaffold:rules

0 comments on commit 71d5740

Please sign in to comment.