infra/argo1
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

add template-operator

Browse Source
This commit is contained in:
James Andariese 2023-04-27 21:01:59 -05:00
parent 0c9e154c3c
commit ddde928e18
4 changed files with 731 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
argo1/templates/template-operator.yaml Normal file
View File

@ -0,0 +1,31 @@
# {{ if (index .Values "template-operator").enabled }}
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: {{ .Release.Name }}-template-operator
namespace: argocd
finalizers:
- resources-finalizer.argocd.argoproj.io
spec:
project: default
source:
repoURL: "{{ .Values.bootstrap.source.repoURL }}"
targetRevision: "{{ .Values.bootstrap.source.targetRevision }}"
path: {{ (index .Values "template-operator").path | default "template-operator" | quote }}
destination:
server: "https://kubernetes.default.svc"
namespace: {{ (index .Values "template-operator").namespace | default "template-operator" | quote }}
syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- CreateNamespace=true
- ServerSideApply=true
retry:
limit: 10
backoff:
duration: 5s
factor: 2
maxDuration: 3m0s
# {{- end }}

1
argo1/values.yaml
View File

@ -45,4 +45,5 @@ metallb: {enabled: true}
pgo: {enabled: true}
secrets: {enabled: true}
sealed-secrets: {enabled: true}
template-operator: {enabled: true}
trust-manager: {enabled: true}

1
template-operator/fetch.sh Normal file
View File

@ -0,0 +1 @@
curl -Ls -o operator.yaml https://github.com/flanksource/template-operator/releases/download/v0.7.0/operator.yml

698
template-operator/operator.yaml Normal file
View File

@ -0,0 +1,698 @@
apiVersion: v1
kind: Namespace
metadata:
name: template-operator
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.4.0
creationTimestamp: null
name: rests.templating.flanksource.com
spec:
group: templating.flanksource.com
names:
kind: REST
listKind: RESTList
plural: rests
singular: rest
scope: Cluster
versions:
- name: v1
schema:
openAPIV3Schema:
description: REST is the Schema for the rest API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: RESTSpec defines the desired state of REST
properties:
auth:
description: Auth may be used for http basic authentication
properties:
namespace:
description: Namespace where secret / config map is present
type: string
password:
description: Password represents the HTTP Basic Auth password
properties:
configMapKeyRef:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
secretKeyRef:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
type: object
username:
description: Username represents the HTTP Basic Auth username
properties:
configMapKeyRef:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
secretKeyRef:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
type: object
type: object
headers:
additionalProperties:
type: string
description: Headers are optional http headers to be sent on the request
type: object
remove:
description: Remove defines the payload to be sent when CRD item is
deleted
properties:
body:
description: Body represents the HTTP Request body
type: string
method:
description: 'Method represents HTTP method to be used for the
request. Example: POST'
type: string
status:
additionalProperties:
type: string
description: Status defines the status fields which will be updated
based on response status
type: object
url:
description: URL represents the URL used for the request
type: string
type: object
update:
description: Update defines the payload to be sent when CRD item is
updated
properties:
body:
description: Body represents the HTTP Request body
type: string
method:
description: 'Method represents HTTP method to be used for the
request. Example: POST'
type: string
status:
additionalProperties:
type: string
description: Status defines the status fields which will be updated
based on response status
type: object
url:
description: URL represents the URL used for the request
type: string
type: object
url:
description: URL represents the URL address used to send requests
type: string
type: object
status:
additionalProperties:
type: string
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.4.0
creationTimestamp: null
name: templates.templating.flanksource.com
spec:
group: templating.flanksource.com
names:
kind: Template
listKind: TemplateList
plural: templates
singular: template
scope: Cluster
versions:
- name: v1
schema:
openAPIV3Schema:
description: Template is the Schema for the templates API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: TemplateSpec defines the desired state of Template
properties:
copyToNamespaces:
description: Copy this object to other namespaces
properties:
namespaceSelector:
description: A label selector is a label query over a set of resources.
The result of matchLabels and matchExpressions are ANDed. An
empty label selector matches all objects. A null label selector
matches no objects.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that relates
the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In, NotIn,
Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If
the operator is In or NotIn, the values array must
be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced
during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A
single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is "key",
the operator is "In", and the values array contains only
"value". The requirements are ANDed.
type: object
type: object
namespaces:
items:
type: string
type: array
type: object
jsonPatches:
items:
properties:
object:
description: TypeMeta describes an individual object in an API
response or request with strings representing the type of
the object and its API schema version. Structures that are
versioned or persisted should inline TypeMeta.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of
this representation of an object. Servers should convert
recognized schemas to the latest internal value, and may
reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST
resource this object represents. Servers may infer this
from the endpoint the client submits requests to. Cannot
be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
type: object
patch:
type: string
type: object
type: array
onceoff:
description: Onceoff will not apply templating more than once (usually
at admission stage)
type: boolean
patchTarget:
description: Target optionally allows to lookup related resources
to patch, defaults to the source object selected
properties:
annotationSelector:
additionalProperties:
type: string
type: object
apiVersion:
type: string
fieldSelector:
type: string
gitRepository:
properties:
glob:
type: string
name:
type: string
namespace:
type: string
type: object
kind:
type: string
labelSelector:
description: A label selector is a label query over a set of resources.
The result of matchLabels and matchExpressions are ANDed. An
empty label selector matches all objects. A null label selector
matches no objects.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that relates
the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In, NotIn,
Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If
the operator is In or NotIn, the values array must
be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced
during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A
single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is "key",
the operator is "In", and the values array contains only
"value". The requirements are ANDed.
type: object
type: object
namespaceSelector:
description: A label selector is a label query over a set of resources.
The result of matchLabels and matchExpressions are ANDed. An
empty label selector matches all objects. A null label selector
matches no objects.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that relates
the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In, NotIn,
Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If
the operator is In or NotIn, the values array must
be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced
during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A
single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is "key",
the operator is "In", and the values array contains only
"value". The requirements are ANDed.
type: object
type: object
type: object
patches:
description: Patches is list of strategic merge patches to apply to
to the targets Must specify at least resources or patches or both
items:
type: string
type: array
resources:
description: Resources is a list of new resources to create for each
source object found Must specify at least resources or patches or
both
items:
type: object
x-kubernetes-preserve-unknown-fields: true
type: array
resourcesTemplate:
description: Resources template is a template of resources to be created
for each source object found
type: string
source:
description: Source selects objects on which to use as a templating
object
properties:
annotationSelector:
additionalProperties:
type: string
type: object
apiVersion:
type: string
fieldSelector:
type: string
gitRepository:
properties:
glob:
type: string
name:
type: string
namespace:
type: string
type: object
kind:
type: string
labelSelector:
description: A label selector is a label query over a set of resources.
The result of matchLabels and matchExpressions are ANDed. An
empty label selector matches all objects. A null label selector
matches no objects.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that relates
the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In, NotIn,
Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If
the operator is In or NotIn, the values array must
be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced
during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A
single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is "key",
the operator is "In", and the values array contains only
"value". The requirements are ANDed.
type: object
type: object
namespaceSelector:
description: A label selector is a label query over a set of resources.
The result of matchLabels and matchExpressions are ANDed. An
empty label selector matches all objects. A null label selector
matches no objects.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that relates
the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In, NotIn,
Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If
the operator is In or NotIn, the values array must
be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced
during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A
single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is "key",
the operator is "In", and the values array contains only
"value". The requirements are ANDed.
type: object
type: object
type: object
type: object
status:
description: TemplateStatus defines the observed state of Template
type: object
type: object
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: template-operator-manager
namespace: template-operator
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: template-operator-leader-election-role
namespace: template-operator
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- configmaps/status
verbs:
- get
- update
- patch
- apiGroups:
- ""
resources:
- events
verbs:
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
name: template-operator-manager-role
rules:
- apiGroups:
- '*'
resources:
- '*'
verbs:
- '*'
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: template-operator-leader-election-rolebinding
namespace: template-operator
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: template-operator-leader-election-role
subjects:
- kind: ServiceAccount
name: template-operator-manager
namespace: template-operator
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: template-operator-manager-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: template-operator-manager-role
subjects:
- kind: ServiceAccount
name: template-operator-manager
namespace: template-operator
---
apiVersion: v1
kind: Service
metadata:
annotations:
prometheus.io/scrape: "true"
labels:
control-plane: template-operator
name: template-operator-template-operator
namespace: template-operator
spec:
ports:
- name: prometheus
port: 8080
protocol: TCP
selector:
control-plane: template-operator
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
control-plane: template-operator
name: template-operator-controller-manager
namespace: template-operator
spec:
replicas: 1
selector:
matchLabels:
control-plane: template-operator
template:
metadata:
labels:
control-plane: template-operator
spec:
containers:
- args:
- --metrics-addr=0.0.0.0:8080
- --enable-leader-election
- --sync-period=20s
image: flanksource/template-operator:v0.7.0
name: manager
resources:
limits:
cpu: 100m
memory: 130Mi
requests:
cpu: 100m
memory: 120Mi
- args:
- --secure-listen-address=0.0.0.0:8443
- --upstream=http://127.0.0.1:8080/
- --logtostderr=true
- --v=2
image: gcr.io/kubebuilder/kube-rbac-proxy:v0.5.0
name: kube-rbac-proxy
ports:
- containerPort: 8443
name: https
serviceAccount: template-operator-manager
terminationGracePeriodSeconds: 10