diff --git a/bundle/manifests/slack-operator.clusterserviceversion.yaml b/bundle/manifests/slack-operator.clusterserviceversion.yaml index 1e98568..0b37540 100644 --- a/bundle/manifests/slack-operator.clusterserviceversion.yaml +++ b/bundle/manifests/slack-operator.clusterserviceversion.yaml @@ -24,7 +24,7 @@ metadata: capabilities: Basic Install operators.operatorframework.io/builder: operator-sdk-v1.0.0 operators.operatorframework.io/project_layout: go.kubebuilder.io/v2 - name: slack-operator.v0.0.2 + name: slack-operator.v0.0.3 namespace: placeholder spec: apiservicedefinitions: {} @@ -44,6 +44,13 @@ spec: spec: clusterPermissions: - rules: + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list - apiGroups: - slack.stakater.com resources: @@ -107,8 +114,19 @@ spec: - --enable-leader-election command: - /manager - image: controller:latest + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.annotations['olm.targetNamespaces'] + - name: CONFIG_SECRET_NAME + value: slack-secret + image: stakater/slack-operator:v0.0.3 name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP resources: limits: cpu: 100m @@ -116,7 +134,16 @@ spec: requests: cpu: 100m memory: 20Mi + volumeMounts: + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true terminationGracePeriodSeconds: 10 + volumes: + - name: cert + secret: + defaultMode: 420 + secretName: webhook-server-cert permissions: - rules: - apiGroups: @@ -163,6 +190,7 @@ spec: - kubernetes - channel - stakater + - openshift links: - name: Slack Operator url: https://slack-operator.domain @@ -170,5 +198,40 @@ spec: provider: name: stakater url: https://stakater.com - replaces: slack-operator.v0.0.1 - version: 0.0.2 + replaces: slack-operator.v0.0.2 + version: 0.0.3 + webhookdefinitions: + - admissionReviewVersions: null + deploymentName: slack-operator-webhook + failurePolicy: Fail + generateName: vchannel.kb.io + rules: + - apiGroups: + - slack.stakater.com + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - channels + sideEffects: null + type: ValidatingAdmissionWebhook + webhookPath: /validate-slack-stakater-com-v1alpha1-channel + - admissionReviewVersions: null + deploymentName: slack-operator-webhook + failurePolicy: Fail + generateName: mchannel.kb.io + rules: + - apiGroups: + - slack.stakater.com + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - channels + sideEffects: null + type: MutatingAdmissionWebhook + webhookPath: /mutate-slack-stakater-com-v1alpha1-channel diff --git a/bundle/manifests/slack.stakater.com_channels.yaml b/bundle/manifests/slack.stakater.com_channels.yaml index 787fd67..7df5de4 100644 --- a/bundle/manifests/slack.stakater.com_channels.yaml +++ b/bundle/manifests/slack.stakater.com_channels.yaml @@ -2,19 +2,20 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: annotations: + cert-manager.io/inject-ca-from: slack-operator-system/slack-operator-serving-cert controller-gen.kubebuilder.io/version: v0.3.0 creationTimestamp: null name: channels.slack.stakater.com spec: conversion: - strategy: Webhook - webhookClientConfig: - caBundle: Cg== - service: - name: slack-webhook-service - namespace: slack-operator-system - path: /convert - port: 443 + strategy: Webhook + webhookClientConfig: + caBundle: Cg== + service: + name: slack-operator-webhook-service + namespace: slack-operator-system + path: /convert + port: 443 group: slack.stakater.com names: kind: Channel diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index 19fb59f..88986e7 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -5,4 +5,4 @@ kind: Kustomization images: - name: controller newName: stakater/slack-operator - newTag: v0.0.1 + newTag: v0.0.3 diff --git a/packagemanifests/0.0.3/slack-operator-metrics-reader_rbac.authorization.k8s.io_v1beta1_clusterrole.yaml b/packagemanifests/0.0.3/slack-operator-metrics-reader_rbac.authorization.k8s.io_v1beta1_clusterrole.yaml new file mode 100644 index 0000000..cff0dc8 --- /dev/null +++ b/packagemanifests/0.0.3/slack-operator-metrics-reader_rbac.authorization.k8s.io_v1beta1_clusterrole.yaml @@ -0,0 +1,10 @@ +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: slack-operator-metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get diff --git a/packagemanifests/0.0.3/slack-operator.clusterserviceversion.yaml b/packagemanifests/0.0.3/slack-operator.clusterserviceversion.yaml new file mode 100644 index 0000000..b5ef260 --- /dev/null +++ b/packagemanifests/0.0.3/slack-operator.clusterserviceversion.yaml @@ -0,0 +1,236 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "slack.stakater.com/v1alpha1", + "kind": "Channel", + "metadata": { + "name": "building-channel" + }, + "spec": { + "description": "Why is it called a 'building' if it's already built?", + "name": "building-channel", + "private": true, + "topic": "Buildings", + "users": [ + "hazim@stakater.com" + ] + } + } + ] + capabilities: Basic Install + operators.operatorframework.io/builder: operator-sdk-v1.0.0 + operators.operatorframework.io/project_layout: go.kubebuilder.io/v2 + name: slack-operator.v0.0.3 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: Channel is the Schema for the channels API + displayName: Channel + kind: Channel + name: channels.slack.stakater.com + version: v1alpha1 + description: Kubernetes operator for Slack + displayName: slack-operator + icon: + - base64data: "" + mediatype: "" + install: + spec: + clusterPermissions: + - rules: + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - apiGroups: + - slack.stakater.com + resources: + - channels + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - slack.stakater.com + resources: + - channels/status + verbs: + - get + - patch + - update + - apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + serviceAccountName: default + deployments: + - name: slack-operator-controller-manager + spec: + replicas: 1 + selector: + matchLabels: + control-plane: controller-manager + strategy: {} + template: + metadata: + labels: + control-plane: controller-manager + spec: + containers: + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=10 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.5.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + resources: {} + - args: + - --metrics-addr=127.0.0.1:8080 + - --enable-leader-election + command: + - /manager + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.annotations['olm.targetNamespaces'] + - name: CONFIG_SECRET_NAME + value: slack-secret + image: stakater/slack-operator:v0.0.3 + name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP + resources: + limits: + cpu: 100m + memory: 30Mi + requests: + cpu: 100m + memory: 20Mi + volumeMounts: + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true + terminationGracePeriodSeconds: 10 + volumes: + - name: cert + secret: + defaultMode: 420 + secretName: webhook-server-cert + permissions: + - rules: + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - configmaps/status + verbs: + - get + - update + - patch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + serviceAccountName: default + strategy: deployment + installModes: + - supported: true + type: OwnNamespace + - supported: true + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: true + type: AllNamespaces + keywords: + - operator + - slack + - kubernetes + - channel + - stakater + - openshift + links: + - name: Slack Operator + url: https://slack-operator.domain + maturity: alpha + provider: + name: stakater + url: https://stakater.com + version: 0.0.3 + webhookdefinitions: + - admissionReviewVersions: null + deploymentName: slack-operator-webhook + failurePolicy: Fail + generateName: vchannel.kb.io + rules: + - apiGroups: + - slack.stakater.com + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - channels + sideEffects: null + type: ValidatingAdmissionWebhook + webhookPath: /validate-slack-stakater-com-v1alpha1-channel + - admissionReviewVersions: null + deploymentName: slack-operator-webhook + failurePolicy: Fail + generateName: mchannel.kb.io + rules: + - apiGroups: + - slack.stakater.com + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - channels + sideEffects: null + type: MutatingAdmissionWebhook + webhookPath: /mutate-slack-stakater-com-v1alpha1-channel diff --git a/packagemanifests/0.0.3/slack.stakater.com_channels.yaml b/packagemanifests/0.0.3/slack.stakater.com_channels.yaml new file mode 100644 index 0000000..7df5de4 --- /dev/null +++ b/packagemanifests/0.0.3/slack.stakater.com_channels.yaml @@ -0,0 +1,107 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: slack-operator-system/slack-operator-serving-cert + controller-gen.kubebuilder.io/version: v0.3.0 + creationTimestamp: null + name: channels.slack.stakater.com +spec: + conversion: + strategy: Webhook + webhookClientConfig: + caBundle: Cg== + service: + name: slack-operator-webhook-service + namespace: slack-operator-system + path: /convert + port: 443 + group: slack.stakater.com + names: + kind: Channel + listKind: ChannelList + plural: channels + singular: channel + preserveUnknownFields: false + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + description: Channel is the Schema for the channels API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ChannelSpec defines the desired state of Channel + properties: + description: + description: Description of the channel + type: string + name: + description: Name of the slack channel + type: string + private: + description: Make the channel private or public + type: boolean + topic: + description: Topic of the channel + type: string + users: + description: List of user IDs of the users to invite + items: + type: string + type: array + required: + - name + type: object + status: + description: ChannelStatus defines the observed state of Channel + properties: + conditions: + description: Status conditions + items: + description: "Condition represents an observation of an object's state. Conditions are an extension mechanism intended to be used when the details of an observation are not a priori known or would not apply to all instances of a given Kind. \n Conditions should be added to explicitly convey properties that users and components care about rather than requiring those properties to be inferred from other observations. Once defined, the meaning of a Condition can not be changed arbitrarily - it becomes part of the API, and has the same backwards- and forwards-compatibility concerns of any other part of the API." + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + description: ConditionReason is intended to be a one-word, CamelCase representation of the category of cause of the current status. It is intended to be used in concise output, such as one-line kubectl get output, and in summarizing occurrences of causes. + type: string + status: + type: string + type: + description: "ConditionType is the type of the condition and is typically a CamelCased word or short phrase. \n Condition types should indicate state in the \"abnormal-true\" polarity. For example, if the condition indicates when a policy is invalid, the \"is valid\" case is probably the norm, so the condition should be called \"Invalid\"." + type: string + required: + - status + - type + type: object + type: array + id: + description: ID of the slack channel + type: string + required: + - id + type: object + type: object + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: []