diff --git a/.github/workflows/test-sample-go.yml b/.github/workflows/test-sample-go.yml index a33f6b0f8eb..3b4762600c0 100644 --- a/.github/workflows/test-sample-go.yml +++ b/.github/workflows/test-sample-go.yml @@ -24,9 +24,9 @@ jobs: run: | KUSTOMIZATION_FILE_PATH="testdata/project-v4/config/default/kustomization.yaml" sed -i '25s/^#//' $KUSTOMIZATION_FILE_PATH - sed -i '39s/^#//' $KUSTOMIZATION_FILE_PATH - sed -i '44s/^#//' $KUSTOMIZATION_FILE_PATH - sed -i '48,144s/^#//' $KUSTOMIZATION_FILE_PATH + sed -i '41s/^#//' $KUSTOMIZATION_FILE_PATH + sed -i '46s/^#//' $KUSTOMIZATION_FILE_PATH + sed -i '50,146s/^#//' $KUSTOMIZATION_FILE_PATH - name: Test run: | diff --git a/docs/book/src/cronjob-tutorial/testdata/project/config/default/kustomization.yaml b/docs/book/src/cronjob-tutorial/testdata/project/config/default/kustomization.yaml index e0c1e50e0ce..d71ce202791 100644 --- a/docs/book/src/cronjob-tutorial/testdata/project/config/default/kustomization.yaml +++ b/docs/book/src/cronjob-tutorial/testdata/project/config/default/kustomization.yaml @@ -33,6 +33,8 @@ patches: #- path: manager_metrics_patch.yaml # target: # kind: Deployment +# If you want to expose the metrics endpoint without TLS/HTTP protection, uncomment the following line. +#- path: metrics_service_patch.yaml # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in # crd/kustomization.yaml diff --git a/docs/book/src/cronjob-tutorial/testdata/project/config/rbac/metrics_service.yaml b/docs/book/src/cronjob-tutorial/testdata/project/config/default/metrics_service_patch.yaml similarity index 100% rename from docs/book/src/cronjob-tutorial/testdata/project/config/rbac/metrics_service.yaml rename to docs/book/src/cronjob-tutorial/testdata/project/config/default/metrics_service_patch.yaml diff --git a/docs/book/src/cronjob-tutorial/testdata/project/config/rbac/kustomization.yaml b/docs/book/src/cronjob-tutorial/testdata/project/config/rbac/kustomization.yaml index 09d2ee4d606..46cb71e7bf1 100644 --- a/docs/book/src/cronjob-tutorial/testdata/project/config/rbac/kustomization.yaml +++ b/docs/book/src/cronjob-tutorial/testdata/project/config/rbac/kustomization.yaml @@ -9,7 +9,6 @@ resources: - role_binding.yaml - leader_election_role.yaml - leader_election_role_binding.yaml -- metrics_service.yaml # For each CRD, "Editor" and "Viewer" roles are scaffolded by # default, aiding admins in cluster management. Those roles are # not used by the Project itself. You can comment the following lines diff --git a/docs/book/src/getting-started/testdata/project/config/default/kustomization.yaml b/docs/book/src/getting-started/testdata/project/config/default/kustomization.yaml index 8b3fe2ba35c..8084e793ff1 100644 --- a/docs/book/src/getting-started/testdata/project/config/default/kustomization.yaml +++ b/docs/book/src/getting-started/testdata/project/config/default/kustomization.yaml @@ -33,6 +33,8 @@ patches: #- path: manager_metrics_patch.yaml # target: # kind: Deployment +# If you want to expose the metrics endpoint without TLS/HTTP protection, uncomment the following line. +#- path: metrics_service_patch.yaml # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in # crd/kustomization.yaml diff --git a/docs/book/src/getting-started/testdata/project/config/rbac/metrics_service.yaml b/docs/book/src/getting-started/testdata/project/config/default/metrics_service_patch.yaml similarity index 100% rename from docs/book/src/getting-started/testdata/project/config/rbac/metrics_service.yaml rename to docs/book/src/getting-started/testdata/project/config/default/metrics_service_patch.yaml diff --git a/docs/book/src/getting-started/testdata/project/config/rbac/kustomization.yaml b/docs/book/src/getting-started/testdata/project/config/rbac/kustomization.yaml index a8f1075285b..75c7d0c2b48 100644 --- a/docs/book/src/getting-started/testdata/project/config/rbac/kustomization.yaml +++ b/docs/book/src/getting-started/testdata/project/config/rbac/kustomization.yaml @@ -9,7 +9,6 @@ resources: - role_binding.yaml - leader_election_role.yaml - leader_election_role_binding.yaml -- metrics_service.yaml # For each CRD, "Editor" and "Viewer" roles are scaffolded by # default, aiding admins in cluster management. Those roles are # not used by the Project itself. You can comment the following lines diff --git a/docs/book/src/reference/metrics.md b/docs/book/src/reference/metrics.md index 32aa09610c7..597af3c1566 100644 --- a/docs/book/src/reference/metrics.md +++ b/docs/book/src/reference/metrics.md @@ -52,6 +52,8 @@ in the file `config/default/kustomization.yaml`, see: #- path: manager_metrics_patch.yaml # target: # kind: Deployment +# If you want to expose the metrics endpoint without TLS/HTTP protection, uncomment the following line. +# - path: metrics_service_patch.yaml ``` Note that projects are scaffolded by default passing the flag `--metrics-bind-address=0` diff --git a/pkg/plugins/common/kustomize/v2/scaffolds/init.go b/pkg/plugins/common/kustomize/v2/scaffolds/init.go index b3a5c1a72f4..cac7231885a 100644 --- a/pkg/plugins/common/kustomize/v2/scaffolds/init.go +++ b/pkg/plugins/common/kustomize/v2/scaffolds/init.go @@ -64,7 +64,7 @@ func (s *initScaffolder) Scaffold() error { templates := []machinery.Builder{ &rbac.Kustomization{}, - &rbac.MetricsService{}, + &kdefault.MetricsService{}, &rbac.RoleBinding{}, // We need to create a Role because if the project // has not CRD define the controller-gen will not generate this file diff --git a/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/kdefault/kustomization.go b/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/kdefault/kustomization.go index 2a7368840ff..9c4f4ff4a45 100644 --- a/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/kdefault/kustomization.go +++ b/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/kdefault/kustomization.go @@ -78,6 +78,8 @@ patches: #- path: manager_metrics_patch.yaml # target: # kind: Deployment +# If you want to expose the metrics endpoint without TLS/HTTP protection, uncomment the following line. +#- path: metrics_service_patch.yaml # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in # crd/kustomization.yaml diff --git a/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/rbac/metrics_service.go b/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/kdefault/metrics_service_patch.go similarity index 93% rename from pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/rbac/metrics_service.go rename to pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/kdefault/metrics_service_patch.go index 7a0619cf6a5..ebe00d3a698 100644 --- a/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/rbac/metrics_service.go +++ b/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/kdefault/metrics_service_patch.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package rbac +package kdefault import ( "path/filepath" @@ -33,7 +33,7 @@ type MetricsService struct { // SetTemplateDefaults implements file.Template func (f *MetricsService) SetTemplateDefaults() error { if f.Path == "" { - f.Path = filepath.Join("config", "rbac", "metrics_service.yaml") + f.Path = filepath.Join("config", "default", "metrics_service_patch.yaml") } f.TemplateBody = metricsServiceTemplate diff --git a/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/rbac/kustomization.go b/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/rbac/kustomization.go index 92859d83b8f..099c099ea58 100644 --- a/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/rbac/kustomization.go +++ b/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/rbac/kustomization.go @@ -53,5 +53,4 @@ const kustomizeRBACTemplate = `resources: - role_binding.yaml - leader_election_role.yaml - leader_election_role_binding.yaml -- metrics_service.yaml ` diff --git a/test/e2e/v4/generate_test.go b/test/e2e/v4/generate_test.go index 651977d6d92..f9fc1a8210e 100644 --- a/test/e2e/v4/generate_test.go +++ b/test/e2e/v4/generate_test.go @@ -66,6 +66,9 @@ func GenerateV4(kbc *utils.TestContext) { ExpectWithOffset(1, pluginutil.UncommentCode( filepath.Join(kbc.Dir, "config", "default", "kustomization.yaml"), metricsTarget, "#")).To(Succeed()) + ExpectWithOffset(1, pluginutil.UncommentCode( + filepath.Join(kbc.Dir, "config", "default", "kustomization.yaml"), + "#- path: metrics_service_patch.yaml", "#")).To(Succeed()) ExpectWithOffset(1, pluginutil.UncommentCode(filepath.Join(kbc.Dir, "config", "default", "kustomization.yaml"), certManagerTarget, "#")).To(Succeed()) @@ -126,6 +129,9 @@ func GenerateV4WithoutWebhooks(kbc *utils.TestContext) { ExpectWithOffset(1, pluginutil.UncommentCode( filepath.Join(kbc.Dir, "config", "default", "kustomization.yaml"), metricsTarget, "#")).To(Succeed()) + ExpectWithOffset(1, pluginutil.UncommentCode( + filepath.Join(kbc.Dir, "config", "default", "kustomization.yaml"), + "#- path: metrics_service_patch.yaml", "#")).To(Succeed()) if kbc.IsRestricted { By("uncomment kustomize files to ensure that pods are restricted") diff --git a/testdata/project-v4-multigroup-with-deploy-image/config/default/kustomization.yaml b/testdata/project-v4-multigroup-with-deploy-image/config/default/kustomization.yaml index 0191923a08c..d58611405ad 100644 --- a/testdata/project-v4-multigroup-with-deploy-image/config/default/kustomization.yaml +++ b/testdata/project-v4-multigroup-with-deploy-image/config/default/kustomization.yaml @@ -33,6 +33,8 @@ patches: #- path: manager_metrics_patch.yaml # target: # kind: Deployment +# If you want to expose the metrics endpoint without TLS/HTTP protection, uncomment the following line. +#- path: metrics_service_patch.yaml # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in # crd/kustomization.yaml diff --git a/testdata/project-v4-multigroup-with-deploy-image/config/rbac/metrics_service.yaml b/testdata/project-v4-multigroup-with-deploy-image/config/default/metrics_service_patch.yaml similarity index 100% rename from testdata/project-v4-multigroup-with-deploy-image/config/rbac/metrics_service.yaml rename to testdata/project-v4-multigroup-with-deploy-image/config/default/metrics_service_patch.yaml diff --git a/testdata/project-v4-multigroup-with-deploy-image/config/rbac/kustomization.yaml b/testdata/project-v4-multigroup-with-deploy-image/config/rbac/kustomization.yaml index 51bf3b2bea4..a2f9efd10a3 100644 --- a/testdata/project-v4-multigroup-with-deploy-image/config/rbac/kustomization.yaml +++ b/testdata/project-v4-multigroup-with-deploy-image/config/rbac/kustomization.yaml @@ -9,7 +9,6 @@ resources: - role_binding.yaml - leader_election_role.yaml - leader_election_role_binding.yaml -- metrics_service.yaml # For each CRD, "Editor" and "Viewer" roles are scaffolded by # default, aiding admins in cluster management. Those roles are # not used by the Project itself. You can comment the following lines diff --git a/testdata/project-v4-multigroup-with-deploy-image/dist/install.yaml b/testdata/project-v4-multigroup-with-deploy-image/dist/install.yaml index a9d09c8aebb..9a4abb101e0 100644 --- a/testdata/project-v4-multigroup-with-deploy-image/dist/install.yaml +++ b/testdata/project-v4-multigroup-with-deploy-image/dist/install.yaml @@ -1474,24 +1474,6 @@ subjects: --- apiVersion: v1 kind: Service -metadata: - labels: - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: project-v4-multigroup-with-deploy-image - control-plane: controller-manager - name: project-v4-multigroup-with-deploy-image-controller-manager-metrics-service - namespace: project-v4-multigroup-with-deploy-image-system -spec: - ports: - - name: http - port: 8080 - protocol: TCP - targetPort: 8080 - selector: - control-plane: controller-manager ---- -apiVersion: v1 -kind: Service metadata: labels: app.kubernetes.io/managed-by: kustomize diff --git a/testdata/project-v4-multigroup/config/default/kustomization.yaml b/testdata/project-v4-multigroup/config/default/kustomization.yaml index ffb90673bac..553b81477b9 100644 --- a/testdata/project-v4-multigroup/config/default/kustomization.yaml +++ b/testdata/project-v4-multigroup/config/default/kustomization.yaml @@ -33,6 +33,8 @@ patches: #- path: manager_metrics_patch.yaml # target: # kind: Deployment +# If you want to expose the metrics endpoint without TLS/HTTP protection, uncomment the following line. +#- path: metrics_service_patch.yaml # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in # crd/kustomization.yaml diff --git a/testdata/project-v4-multigroup/config/rbac/metrics_service.yaml b/testdata/project-v4-multigroup/config/default/metrics_service_patch.yaml similarity index 100% rename from testdata/project-v4-multigroup/config/rbac/metrics_service.yaml rename to testdata/project-v4-multigroup/config/default/metrics_service_patch.yaml diff --git a/testdata/project-v4-multigroup/config/rbac/kustomization.yaml b/testdata/project-v4-multigroup/config/rbac/kustomization.yaml index 51bf3b2bea4..a2f9efd10a3 100644 --- a/testdata/project-v4-multigroup/config/rbac/kustomization.yaml +++ b/testdata/project-v4-multigroup/config/rbac/kustomization.yaml @@ -9,7 +9,6 @@ resources: - role_binding.yaml - leader_election_role.yaml - leader_election_role_binding.yaml -- metrics_service.yaml # For each CRD, "Editor" and "Viewer" roles are scaffolded by # default, aiding admins in cluster management. Those roles are # not used by the Project itself. You can comment the following lines diff --git a/testdata/project-v4-multigroup/dist/install.yaml b/testdata/project-v4-multigroup/dist/install.yaml index 4d4a95129c3..1694d276d0f 100644 --- a/testdata/project-v4-multigroup/dist/install.yaml +++ b/testdata/project-v4-multigroup/dist/install.yaml @@ -1474,24 +1474,6 @@ subjects: --- apiVersion: v1 kind: Service -metadata: - labels: - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: project-v4-multigroup - control-plane: controller-manager - name: project-v4-multigroup-controller-manager-metrics-service - namespace: project-v4-multigroup-system -spec: - ports: - - name: http - port: 8080 - protocol: TCP - targetPort: 8080 - selector: - control-plane: controller-manager ---- -apiVersion: v1 -kind: Service metadata: labels: app.kubernetes.io/managed-by: kustomize diff --git a/testdata/project-v4-with-deploy-image/config/default/kustomization.yaml b/testdata/project-v4-with-deploy-image/config/default/kustomization.yaml index d299940c871..258a3c969ac 100644 --- a/testdata/project-v4-with-deploy-image/config/default/kustomization.yaml +++ b/testdata/project-v4-with-deploy-image/config/default/kustomization.yaml @@ -33,6 +33,8 @@ patches: #- path: manager_metrics_patch.yaml # target: # kind: Deployment +# If you want to expose the metrics endpoint without TLS/HTTP protection, uncomment the following line. +#- path: metrics_service_patch.yaml # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in # crd/kustomization.yaml diff --git a/testdata/project-v4-with-deploy-image/config/rbac/metrics_service.yaml b/testdata/project-v4-with-deploy-image/config/default/metrics_service_patch.yaml similarity index 100% rename from testdata/project-v4-with-deploy-image/config/rbac/metrics_service.yaml rename to testdata/project-v4-with-deploy-image/config/default/metrics_service_patch.yaml diff --git a/testdata/project-v4-with-deploy-image/config/rbac/kustomization.yaml b/testdata/project-v4-with-deploy-image/config/rbac/kustomization.yaml index 234947b0ce5..1a988b476a3 100644 --- a/testdata/project-v4-with-deploy-image/config/rbac/kustomization.yaml +++ b/testdata/project-v4-with-deploy-image/config/rbac/kustomization.yaml @@ -9,7 +9,6 @@ resources: - role_binding.yaml - leader_election_role.yaml - leader_election_role_binding.yaml -- metrics_service.yaml # For each CRD, "Editor" and "Viewer" roles are scaffolded by # default, aiding admins in cluster management. Those roles are # not used by the Project itself. You can comment the following lines diff --git a/testdata/project-v4-with-deploy-image/dist/install.yaml b/testdata/project-v4-with-deploy-image/dist/install.yaml index a2ac764e08c..6a99fdc2f2e 100644 --- a/testdata/project-v4-with-deploy-image/dist/install.yaml +++ b/testdata/project-v4-with-deploy-image/dist/install.yaml @@ -550,24 +550,6 @@ subjects: --- apiVersion: v1 kind: Service -metadata: - labels: - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: project-v4-with-deploy-image - control-plane: controller-manager - name: project-v4-with-deploy-image-controller-manager-metrics-service - namespace: project-v4-with-deploy-image-system -spec: - ports: - - name: http - port: 8080 - protocol: TCP - targetPort: 8080 - selector: - control-plane: controller-manager ---- -apiVersion: v1 -kind: Service metadata: labels: app.kubernetes.io/managed-by: kustomize diff --git a/testdata/project-v4-with-grafana/config/default/kustomization.yaml b/testdata/project-v4-with-grafana/config/default/kustomization.yaml index a76c38189c9..16f4ffe6c6d 100644 --- a/testdata/project-v4-with-grafana/config/default/kustomization.yaml +++ b/testdata/project-v4-with-grafana/config/default/kustomization.yaml @@ -33,6 +33,8 @@ patches: #- path: manager_metrics_patch.yaml # target: # kind: Deployment +# If you want to expose the metrics endpoint without TLS/HTTP protection, uncomment the following line. +#- path: metrics_service_patch.yaml # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in # crd/kustomization.yaml diff --git a/testdata/project-v4-with-grafana/config/rbac/metrics_service.yaml b/testdata/project-v4-with-grafana/config/default/metrics_service_patch.yaml similarity index 100% rename from testdata/project-v4-with-grafana/config/rbac/metrics_service.yaml rename to testdata/project-v4-with-grafana/config/default/metrics_service_patch.yaml diff --git a/testdata/project-v4-with-grafana/config/rbac/kustomization.yaml b/testdata/project-v4-with-grafana/config/rbac/kustomization.yaml index cb51d20d1cf..166fe79868f 100644 --- a/testdata/project-v4-with-grafana/config/rbac/kustomization.yaml +++ b/testdata/project-v4-with-grafana/config/rbac/kustomization.yaml @@ -9,4 +9,3 @@ resources: - role_binding.yaml - leader_election_role.yaml - leader_election_role_binding.yaml -- metrics_service.yaml diff --git a/testdata/project-v4-with-grafana/dist/install.yaml b/testdata/project-v4-with-grafana/dist/install.yaml index 144e0d4f7d2..6831125a6a1 100644 --- a/testdata/project-v4-with-grafana/dist/install.yaml +++ b/testdata/project-v4-with-grafana/dist/install.yaml @@ -107,24 +107,6 @@ subjects: name: project-v4-with-grafana-controller-manager namespace: project-v4-with-grafana-system --- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: project-v4-with-grafana - control-plane: controller-manager - name: project-v4-with-grafana-controller-manager-metrics-service - namespace: project-v4-with-grafana-system -spec: - ports: - - name: http - port: 8080 - protocol: TCP - targetPort: 8080 - selector: - control-plane: controller-manager ---- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/testdata/project-v4/config/default/kustomization.yaml b/testdata/project-v4/config/default/kustomization.yaml index 848efcedaaa..86e0152bd27 100644 --- a/testdata/project-v4/config/default/kustomization.yaml +++ b/testdata/project-v4/config/default/kustomization.yaml @@ -33,6 +33,8 @@ patches: #- path: manager_metrics_patch.yaml # target: # kind: Deployment +# If you want to expose the metrics endpoint without TLS/HTTP protection, uncomment the following line. +#- path: metrics_service_patch.yaml # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in # crd/kustomization.yaml diff --git a/testdata/project-v4/config/rbac/metrics_service.yaml b/testdata/project-v4/config/default/metrics_service_patch.yaml similarity index 100% rename from testdata/project-v4/config/rbac/metrics_service.yaml rename to testdata/project-v4/config/default/metrics_service_patch.yaml diff --git a/testdata/project-v4/config/rbac/kustomization.yaml b/testdata/project-v4/config/rbac/kustomization.yaml index 6dd56c7db27..2a7debcd3a1 100644 --- a/testdata/project-v4/config/rbac/kustomization.yaml +++ b/testdata/project-v4/config/rbac/kustomization.yaml @@ -9,7 +9,6 @@ resources: - role_binding.yaml - leader_election_role.yaml - leader_election_role_binding.yaml -- metrics_service.yaml # For each CRD, "Editor" and "Viewer" roles are scaffolded by # default, aiding admins in cluster management. Those roles are # not used by the Project itself. You can comment the following lines diff --git a/testdata/project-v4/dist/install.yaml b/testdata/project-v4/dist/install.yaml index ada9cb0e05d..4144d2f3017 100644 --- a/testdata/project-v4/dist/install.yaml +++ b/testdata/project-v4/dist/install.yaml @@ -544,24 +544,6 @@ subjects: --- apiVersion: v1 kind: Service -metadata: - labels: - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: project-v4 - control-plane: controller-manager - name: project-v4-controller-manager-metrics-service - namespace: project-v4-system -spec: - ports: - - name: http - port: 8080 - protocol: TCP - targetPort: 8080 - selector: - control-plane: controller-manager ---- -apiVersion: v1 -kind: Service metadata: labels: app.kubernetes.io/managed-by: kustomize