apiVersion: v1 kind: Namespace metadata: name: template-operator --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.4.0 creationTimestamp: null name: rests.templating.flanksource.com spec: group: templating.flanksource.com names: kind: REST listKind: RESTList plural: rests singular: rest scope: Cluster versions: - name: v1 schema: openAPIV3Schema: description: REST is the Schema for the rest API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: RESTSpec defines the desired state of REST properties: auth: description: Auth may be used for http basic authentication properties: namespace: description: Namespace where secret / config map is present type: string password: description: Password represents the HTTP Basic Auth password properties: configMapKeyRef: properties: key: type: string name: type: string optional: type: boolean required: - key type: object secretKeyRef: properties: key: type: string name: type: string optional: type: boolean required: - key type: object type: object username: description: Username represents the HTTP Basic Auth username properties: configMapKeyRef: properties: key: type: string name: type: string optional: type: boolean required: - key type: object secretKeyRef: properties: key: type: string name: type: string optional: type: boolean required: - key type: object type: object type: object headers: additionalProperties: type: string description: Headers are optional http headers to be sent on the request type: object remove: description: Remove defines the payload to be sent when CRD item is deleted properties: body: description: Body represents the HTTP Request body type: string method: description: 'Method represents HTTP method to be used for the request. Example: POST' type: string status: additionalProperties: type: string description: Status defines the status fields which will be updated based on response status type: object url: description: URL represents the URL used for the request type: string type: object update: description: Update defines the payload to be sent when CRD item is updated properties: body: description: Body represents the HTTP Request body type: string method: description: 'Method represents HTTP method to be used for the request. Example: POST' type: string status: additionalProperties: type: string description: Status defines the status fields which will be updated based on response status type: object url: description: URL represents the URL used for the request type: string type: object url: description: URL represents the URL address used to send requests type: string type: object status: additionalProperties: type: string type: object x-kubernetes-preserve-unknown-fields: true required: - spec type: object served: true storage: true subresources: status: {} status: acceptedNames: kind: "" plural: "" conditions: [] storedVersions: [] --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.4.0 creationTimestamp: null name: templates.templating.flanksource.com spec: group: templating.flanksource.com names: kind: Template listKind: TemplateList plural: templates singular: template scope: Cluster versions: - name: v1 schema: openAPIV3Schema: description: Template is the Schema for the templates API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: TemplateSpec defines the desired state of Template properties: copyToNamespaces: description: Copy this object to other namespaces properties: namespaceSelector: description: A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object namespaces: items: type: string type: array type: object jsonPatches: items: properties: object: description: TypeMeta describes an individual object in an API response or request with strings representing the type of the object and its API schema version. Structures that are versioned or persisted should inline TypeMeta. properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string type: object patch: type: string type: object type: array onceoff: description: Onceoff will not apply templating more than once (usually at admission stage) type: boolean patchTarget: description: Target optionally allows to lookup related resources to patch, defaults to the source object selected properties: annotationSelector: additionalProperties: type: string type: object apiVersion: type: string fieldSelector: type: string gitRepository: properties: glob: type: string name: type: string namespace: type: string type: object kind: type: string labelSelector: description: A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object namespaceSelector: description: A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: object patches: description: Patches is list of strategic merge patches to apply to to the targets Must specify at least resources or patches or both items: type: string type: array resources: description: Resources is a list of new resources to create for each source object found Must specify at least resources or patches or both items: type: object x-kubernetes-preserve-unknown-fields: true type: array resourcesTemplate: description: Resources template is a template of resources to be created for each source object found type: string source: description: Source selects objects on which to use as a templating object properties: annotationSelector: additionalProperties: type: string type: object apiVersion: type: string fieldSelector: type: string gitRepository: properties: glob: type: string name: type: string namespace: type: string type: object kind: type: string labelSelector: description: A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object namespaceSelector: description: A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object type: object type: object status: description: TemplateStatus defines the observed state of Template type: object type: object served: true storage: true status: acceptedNames: kind: "" plural: "" conditions: [] storedVersions: [] --- apiVersion: v1 kind: ServiceAccount metadata: name: template-operator-manager namespace: template-operator --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: template-operator-leader-election-role namespace: template-operator rules: - apiGroups: - "" resources: - configmaps verbs: - get - list - watch - create - update - patch - delete - apiGroups: - "" resources: - configmaps/status verbs: - get - update - patch - apiGroups: - "" resources: - events verbs: - create --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: creationTimestamp: null name: template-operator-manager-role rules: - apiGroups: - '*' resources: - '*' verbs: - '*' --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: template-operator-leader-election-rolebinding namespace: template-operator roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: template-operator-leader-election-role subjects: - kind: ServiceAccount name: template-operator-manager namespace: template-operator --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: template-operator-manager-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: template-operator-manager-role subjects: - kind: ServiceAccount name: template-operator-manager namespace: template-operator --- apiVersion: v1 kind: Service metadata: annotations: prometheus.io/scrape: "true" labels: control-plane: template-operator name: template-operator-template-operator namespace: template-operator spec: ports: - name: prometheus port: 8080 protocol: TCP selector: control-plane: template-operator --- apiVersion: apps/v1 kind: Deployment metadata: labels: control-plane: template-operator name: template-operator-controller-manager namespace: template-operator spec: replicas: 1 selector: matchLabels: control-plane: template-operator template: metadata: labels: control-plane: template-operator spec: containers: - args: - --metrics-addr=0.0.0.0:8080 - --enable-leader-election - --sync-period=20s image: flanksource/template-operator:v0.7.0 name: manager resources: limits: cpu: 500m memory: 500Mi requests: cpu: 100m memory: 500Mi - args: - --secure-listen-address=0.0.0.0:8443 - --upstream=http://127.0.0.1:8080/ - --logtostderr=true - --v=2 image: gcr.io/kubebuilder/kube-rbac-proxy:v0.5.0 name: kube-rbac-proxy ports: - containerPort: 8443 name: https serviceAccount: template-operator-manager terminationGracePeriodSeconds: 10