From 4ab0071f1c72cdc0996b804881d1f44e1cffc521 Mon Sep 17 00:00:00 2001 From: Camila Macedo Date: Wed, 22 May 2024 20:53:01 +0100 Subject: [PATCH] fix place where metrics service is scaffolded by moving from config/rbac to config/default When we discontinued the usage of kube rbac proxy we placed the Metrics Service under rbac but that is not the best place to fit this resource. Also, within those changes we are ensuring that the metrics will only be applied if/when users enable the metrics. --- .github/workflows/test-sample-go.yml | 6 +- .../project/config/default/kustomization.yaml | 3 + .../{rbac => default}/metrics_service.yaml | 0 .../project/config/rbac/kustomization.yaml | 1 - .../project/config/default/kustomization.yaml | 5 +- .../{rbac => default}/metrics_service.yaml | 0 .../project/config/rbac/kustomization.yaml | 1 - docs/book/src/reference/metrics.md | 9 +- .../common/kustomize/v2/scaffolds/init.go | 2 +- .../config/kdefault/kustomization.go | 5 +- .../{rbac => kdefault}/metrics_service.go | 4 +- .../templates/config/rbac/kustomization.go | 1 - .../common/kustomize/v2/scaffolds/webhook.go | 9 ++ test/e2e/v4/generate_test.go | 9 ++ test/e2e/v4/plugin_cluster_test.go | 109 +++++++++--------- .../config/default/kustomization.yaml | 3 + .../{rbac => default}/metrics_service.yaml | 0 .../config/rbac/kustomization.yaml | 1 - .../dist/install.yaml | 18 --- .../config/default/kustomization.yaml | 3 + .../{rbac => default}/metrics_service.yaml | 0 .../config/rbac/kustomization.yaml | 1 - .../project-v4-multigroup/dist/install.yaml | 18 --- .../config/default/kustomization.yaml | 3 + .../{rbac => default}/metrics_service.yaml | 0 .../config/rbac/kustomization.yaml | 1 - .../dist/install.yaml | 18 --- .../config/default/kustomization.yaml | 5 +- .../{rbac => default}/metrics_service.yaml | 0 .../config/rbac/kustomization.yaml | 1 - .../project-v4-with-grafana/dist/install.yaml | 18 --- .../config/default/kustomization.yaml | 3 + .../{rbac => default}/metrics_service.yaml | 0 .../project-v4/config/rbac/kustomization.yaml | 1 - testdata/project-v4/dist/install.yaml | 18 --- 35 files changed, 110 insertions(+), 166 deletions(-) rename docs/book/src/cronjob-tutorial/testdata/project/config/{rbac => default}/metrics_service.yaml (100%) rename docs/book/src/getting-started/testdata/project/config/{rbac => default}/metrics_service.yaml (100%) rename pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/{rbac => kdefault}/metrics_service.go (94%) rename testdata/project-v4-multigroup-with-deploy-image/config/{rbac => default}/metrics_service.yaml (100%) rename testdata/project-v4-multigroup/config/{rbac => default}/metrics_service.yaml (100%) rename testdata/project-v4-with-deploy-image/config/{rbac => default}/metrics_service.yaml (100%) rename testdata/project-v4-with-grafana/config/{rbac => default}/metrics_service.yaml (100%) rename testdata/project-v4/config/{rbac => default}/metrics_service.yaml (100%) diff --git a/.github/workflows/test-sample-go.yml b/.github/workflows/test-sample-go.yml index a33f6b0f8eb..2fc2024e200 100644 --- a/.github/workflows/test-sample-go.yml +++ b/.github/workflows/test-sample-go.yml @@ -24,9 +24,9 @@ jobs: run: | KUSTOMIZATION_FILE_PATH="testdata/project-v4/config/default/kustomization.yaml" sed -i '25s/^#//' $KUSTOMIZATION_FILE_PATH - sed -i '39s/^#//' $KUSTOMIZATION_FILE_PATH - sed -i '44s/^#//' $KUSTOMIZATION_FILE_PATH - sed -i '48,144s/^#//' $KUSTOMIZATION_FILE_PATH + sed -i '32s/^#//' $KUSTOMIZATION_FILE_PATH + sed -i '47s/^#//' $KUSTOMIZATION_FILE_PATH + sed -i '51,147s/^#//' $KUSTOMIZATION_FILE_PATH - name: Test run: | diff --git a/docs/book/src/cronjob-tutorial/testdata/project/config/default/kustomization.yaml b/docs/book/src/cronjob-tutorial/testdata/project/config/default/kustomization.yaml index e0c1e50e0ce..c70440ce666 100644 --- a/docs/book/src/cronjob-tutorial/testdata/project/config/default/kustomization.yaml +++ b/docs/book/src/cronjob-tutorial/testdata/project/config/default/kustomization.yaml @@ -25,7 +25,10 @@ resources: - ../certmanager # [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. - ../prometheus +# [METRICS] To enable the controller manager metrics service, uncomment the following line. +#- metrics_service.yaml +# Uncomment the patches line if you enable Metrics, and/or are using webhooks and cert-manager patches: # [METRICS] The following patch will enable the metrics endpoint. Ensure that you also protect this endpoint. # More info: https://book.kubebuilder.io/reference/metrics diff --git a/docs/book/src/cronjob-tutorial/testdata/project/config/rbac/metrics_service.yaml b/docs/book/src/cronjob-tutorial/testdata/project/config/default/metrics_service.yaml similarity index 100% rename from docs/book/src/cronjob-tutorial/testdata/project/config/rbac/metrics_service.yaml rename to docs/book/src/cronjob-tutorial/testdata/project/config/default/metrics_service.yaml diff --git a/docs/book/src/cronjob-tutorial/testdata/project/config/rbac/kustomization.yaml b/docs/book/src/cronjob-tutorial/testdata/project/config/rbac/kustomization.yaml index 09d2ee4d606..46cb71e7bf1 100644 --- a/docs/book/src/cronjob-tutorial/testdata/project/config/rbac/kustomization.yaml +++ b/docs/book/src/cronjob-tutorial/testdata/project/config/rbac/kustomization.yaml @@ -9,7 +9,6 @@ resources: - role_binding.yaml - leader_election_role.yaml - leader_election_role_binding.yaml -- metrics_service.yaml # For each CRD, "Editor" and "Viewer" roles are scaffolded by # default, aiding admins in cluster management. Those roles are # not used by the Project itself. You can comment the following lines diff --git a/docs/book/src/getting-started/testdata/project/config/default/kustomization.yaml b/docs/book/src/getting-started/testdata/project/config/default/kustomization.yaml index 8b3fe2ba35c..7042e87ebde 100644 --- a/docs/book/src/getting-started/testdata/project/config/default/kustomization.yaml +++ b/docs/book/src/getting-started/testdata/project/config/default/kustomization.yaml @@ -25,8 +25,11 @@ resources: #- ../certmanager # [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. #- ../prometheus +# [METRICS] To enable the controller manager metrics service, uncomment the following line. +#- metrics_service.yaml -patches: +# Uncomment the patches line if you enable Metrics, and/or are using webhooks and cert-manager +#patches: # [METRICS] The following patch will enable the metrics endpoint. Ensure that you also protect this endpoint. # More info: https://book.kubebuilder.io/reference/metrics # If you want to expose the metric endpoint of your controller-manager uncomment the following line. diff --git a/docs/book/src/getting-started/testdata/project/config/rbac/metrics_service.yaml b/docs/book/src/getting-started/testdata/project/config/default/metrics_service.yaml similarity index 100% rename from docs/book/src/getting-started/testdata/project/config/rbac/metrics_service.yaml rename to docs/book/src/getting-started/testdata/project/config/default/metrics_service.yaml diff --git a/docs/book/src/getting-started/testdata/project/config/rbac/kustomization.yaml b/docs/book/src/getting-started/testdata/project/config/rbac/kustomization.yaml index a8f1075285b..75c7d0c2b48 100644 --- a/docs/book/src/getting-started/testdata/project/config/rbac/kustomization.yaml +++ b/docs/book/src/getting-started/testdata/project/config/rbac/kustomization.yaml @@ -9,7 +9,6 @@ resources: - role_binding.yaml - leader_election_role.yaml - leader_election_role_binding.yaml -- metrics_service.yaml # For each CRD, "Editor" and "Viewer" roles are scaffolded by # default, aiding admins in cluster management. Those roles are # not used by the Project itself. You can comment the following lines diff --git a/docs/book/src/reference/metrics.md b/docs/book/src/reference/metrics.md index 32aa09610c7..4d8fd0e95dd 100644 --- a/docs/book/src/reference/metrics.md +++ b/docs/book/src/reference/metrics.md @@ -45,7 +45,12 @@ Further information can be found bellow in this document. First, you will need enable the Metrics by uncommenting the following line in the file `config/default/kustomization.yaml`, see: -```sh +```yaml +# [METRICS] To enable the Controller Manager Metrics Service, uncomment the following line. +#- metrics_service.yaml +``` + +```yaml # [METRICS] The following patch will enable the metrics endpoint. Ensure that you also protect this endpoint. # More info: https://book.kubebuilder.io/reference/metrics # If you want to expose the metric endpoint of your controller-manager uncomment the following line. @@ -79,7 +84,7 @@ Integrating `cert-manager` with your metrics service can secure the endpoint via To modify your project setup to expose metrics using HTTPS with the help of cert-manager, you'll need to change the configuration of both -the `Service` under `config/rbac/metrics_service.yaml` and +the `Service` under `config/default/metrics_service.yaml` and the `ServiceMonitor` under `config/prometheus/monitor.yaml` to use a secure HTTPS port and ensure the necessary certificate is applied. diff --git a/pkg/plugins/common/kustomize/v2/scaffolds/init.go b/pkg/plugins/common/kustomize/v2/scaffolds/init.go index b3a5c1a72f4..cac7231885a 100644 --- a/pkg/plugins/common/kustomize/v2/scaffolds/init.go +++ b/pkg/plugins/common/kustomize/v2/scaffolds/init.go @@ -64,7 +64,7 @@ func (s *initScaffolder) Scaffold() error { templates := []machinery.Builder{ &rbac.Kustomization{}, - &rbac.MetricsService{}, + &kdefault.MetricsService{}, &rbac.RoleBinding{}, // We need to create a Role because if the project // has not CRD define the controller-gen will not generate this file diff --git a/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/kdefault/kustomization.go b/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/kdefault/kustomization.go index 2a7368840ff..94ebda6d043 100644 --- a/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/kdefault/kustomization.go +++ b/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/kdefault/kustomization.go @@ -70,8 +70,11 @@ resources: #- ../certmanager # [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. #- ../prometheus +# [METRICS] To enable the controller manager metrics service, uncomment the following line. +#- metrics_service.yaml -patches: +# Uncomment the patches line if you enable Metrics, and/or are using webhooks and cert-manager +#patches: # [METRICS] The following patch will enable the metrics endpoint. Ensure that you also protect this endpoint. # More info: https://book.kubebuilder.io/reference/metrics # If you want to expose the metric endpoint of your controller-manager uncomment the following line. diff --git a/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/rbac/metrics_service.go b/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/kdefault/metrics_service.go similarity index 94% rename from pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/rbac/metrics_service.go rename to pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/kdefault/metrics_service.go index 7a0619cf6a5..7b6b40b564b 100644 --- a/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/rbac/metrics_service.go +++ b/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/kdefault/metrics_service.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package rbac +package kdefault import ( "path/filepath" @@ -33,7 +33,7 @@ type MetricsService struct { // SetTemplateDefaults implements file.Template func (f *MetricsService) SetTemplateDefaults() error { if f.Path == "" { - f.Path = filepath.Join("config", "rbac", "metrics_service.yaml") + f.Path = filepath.Join("config", "default", "metrics_service.yaml") } f.TemplateBody = metricsServiceTemplate diff --git a/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/rbac/kustomization.go b/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/rbac/kustomization.go index 92859d83b8f..099c099ea58 100644 --- a/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/rbac/kustomization.go +++ b/pkg/plugins/common/kustomize/v2/scaffolds/internal/templates/config/rbac/kustomization.go @@ -53,5 +53,4 @@ const kustomizeRBACTemplate = `resources: - role_binding.yaml - leader_election_role.yaml - leader_election_role_binding.yaml -- metrics_service.yaml ` diff --git a/pkg/plugins/common/kustomize/v2/scaffolds/webhook.go b/pkg/plugins/common/kustomize/v2/scaffolds/webhook.go index e451b7b9090..bdb2b00b8e8 100644 --- a/pkg/plugins/common/kustomize/v2/scaffolds/webhook.go +++ b/pkg/plugins/common/kustomize/v2/scaffolds/webhook.go @@ -98,6 +98,15 @@ func (s *webhookScaffolder) Scaffold() error { } } + err = pluginutil.UncommentCode(kustomizeFilePath, "#patches:", `#`) + if err != nil { + hasWebHookUncommented, err := pluginutil.HasFragment(kustomizeFilePath, "patches:") + if !hasWebHookUncommented || err != nil { + log.Errorf("Unable to find the line '#patches:' to uncomment in the file "+ + "%s.", kustomizeFilePath) + } + } + err = pluginutil.UncommentCode(kustomizeFilePath, "#- path: manager_webhook_patch.yaml", `#`) if err != nil { hasWebHookUncommented, err := pluginutil.HasFragment(kustomizeFilePath, "- path: manager_webhook_patch.yaml") diff --git a/test/e2e/v4/generate_test.go b/test/e2e/v4/generate_test.go index 651977d6d92..bd010acf036 100644 --- a/test/e2e/v4/generate_test.go +++ b/test/e2e/v4/generate_test.go @@ -63,6 +63,9 @@ func GenerateV4(kbc *utils.TestContext) { ExpectWithOffset(1, pluginutil.UncommentCode( filepath.Join(kbc.Dir, "config", "default", "kustomization.yaml"), "#- path: webhookcainjection_patch.yaml", "#")).To(Succeed()) + ExpectWithOffset(1, pluginutil.UncommentCode( + filepath.Join(kbc.Dir, "config", "default", "kustomization.yaml"), + "#- metrics_service.yaml", "#")).To(Succeed()) ExpectWithOffset(1, pluginutil.UncommentCode( filepath.Join(kbc.Dir, "config", "default", "kustomization.yaml"), metricsTarget, "#")).To(Succeed()) @@ -120,9 +123,15 @@ func GenerateV4WithoutWebhooks(kbc *utils.TestContext) { initingTheProject(kbc) creatingAPI(kbc) + ExpectWithOffset(1, pluginutil.UncommentCode( + filepath.Join(kbc.Dir, "config", "default", "kustomization.yaml"), + "#patches:", "#")).To(Succeed()) ExpectWithOffset(1, pluginutil.UncommentCode( filepath.Join(kbc.Dir, "config", "default", "kustomization.yaml"), "#- ../prometheus", "#")).To(Succeed()) + ExpectWithOffset(1, pluginutil.UncommentCode( + filepath.Join(kbc.Dir, "config", "default", "kustomization.yaml"), + "#- metrics_service.yaml", "#")).To(Succeed()) ExpectWithOffset(1, pluginutil.UncommentCode( filepath.Join(kbc.Dir, "config", "default", "kustomization.yaml"), metricsTarget, "#")).To(Succeed()) diff --git a/test/e2e/v4/plugin_cluster_test.go b/test/e2e/v4/plugin_cluster_test.go index 71c2d36fa50..4a2d1a109c4 100644 --- a/test/e2e/v4/plugin_cluster_test.go +++ b/test/e2e/v4/plugin_cluster_test.go @@ -278,66 +278,47 @@ func Run(kbc *utils.TestContext, hasWebhook, isToUseInstaller, hasMetrics bool) // curlMetrics curl's the /metrics endpoint, returning all logs once a 200 status is returned. func curlMetrics(kbc *utils.TestContext, hasMetrics bool) string { - By("validating that the controller-manager service is available") - _, err := kbc.Kubectl.Get( - true, - "service", fmt.Sprintf("e2e-%s-controller-manager-metrics-service", kbc.TestSuffix), - ) - ExpectWithOffset(2, err).NotTo(HaveOccurred(), "Controller-manager service should exist") - - By("validating that the controller-manager deployment is ready") - verifyDeploymentReady := func() error { - output, err := kbc.Kubectl.Get( + var metricsOutput string + if hasMetrics { + By("validating that the controller-manager service is available") + _, err := kbc.Kubectl.Get( true, - "deployment", fmt.Sprintf("e2e-%s-controller-manager", kbc.TestSuffix), - "-o", "jsonpath={.status.readyReplicas}", + "service", fmt.Sprintf("e2e-%s-controller-manager-metrics-service", kbc.TestSuffix), ) - if err != nil { - return err - } - readyReplicas, _ := strconv.Atoi(output) - if readyReplicas < 1 { - return fmt.Errorf("expected at least 1 ready replica, got %d", readyReplicas) - } - return nil - } - EventuallyWithOffset(2, verifyDeploymentReady, 240*time.Second, time.Second).Should(Succeed(), - "Deployment is not ready") + ExpectWithOffset(2, err).NotTo(HaveOccurred(), "Controller-manager service should exist") - By("ensuring the service endpoint is ready") - eventuallyCheckServiceEndpoint := func() error { - output, err := kbc.Kubectl.Get( - true, - "endpoints", fmt.Sprintf("e2e-%s-controller-manager-metrics-service", kbc.TestSuffix), - "-o", "jsonpath={.subsets[*].addresses[*].ip}", - ) - if err != nil { - return err + By("ensuring the service endpoint is ready") + eventuallyCheckServiceEndpoint := func() error { + output, err := kbc.Kubectl.Get( + true, + "endpoints", fmt.Sprintf("e2e-%s-controller-manager-metrics-service", kbc.TestSuffix), + "-o", "jsonpath={.subsets[*].addresses[*].ip}", + ) + if err != nil { + return err + } + if output == "" { + return fmt.Errorf("no endpoints found") + } + return nil } - if output == "" { - return fmt.Errorf("no endpoints found") + EventuallyWithOffset(2, eventuallyCheckServiceEndpoint, 2*time.Minute, time.Second).Should(Succeed(), + "Service endpoint should be ready") + + By("creating a curl pod to access the metrics endpoint") + // nolint:lll + cmdOpts := []string{ + "run", "curl", + "--restart=Never", + "--namespace", kbc.Kubectl.Namespace, + "--image=curlimages/curl:7.78.0", + "--", + "/bin/sh", "-c", fmt.Sprintf("curl -v -k http://e2e-%s-controller-manager-metrics-service.%s.svc.cluster.local:8080/metrics", + kbc.TestSuffix, kbc.Kubectl.Namespace), } - return nil - } - EventuallyWithOffset(2, eventuallyCheckServiceEndpoint, 2*time.Minute, time.Second).Should(Succeed(), - "Service endpoint should be ready") - - By("creating a curl pod to access the metrics endpoint") - // nolint:lll - cmdOpts := []string{ - "run", "curl", - "--restart=Never", - "--namespace", kbc.Kubectl.Namespace, - "--image=curlimages/curl:7.78.0", - "--", - "/bin/sh", "-c", fmt.Sprintf("curl -v -k http://e2e-%s-controller-manager-metrics-service.%s.svc.cluster.local:8080/metrics", - kbc.TestSuffix, kbc.Kubectl.Namespace), - } - _, err = kbc.Kubectl.CommandInNamespace(cmdOpts...) - ExpectWithOffset(2, err).NotTo(HaveOccurred()) + _, err = kbc.Kubectl.CommandInNamespace(cmdOpts...) + ExpectWithOffset(2, err).NotTo(HaveOccurred()) - var metricsOutput string - if hasMetrics { By("validating that the curl pod is running as expected") verifyCurlUp := func() error { status, err := kbc.Kubectl.Get( @@ -359,6 +340,20 @@ func curlMetrics(kbc *utils.TestContext, hasMetrics bool) string { } EventuallyWithOffset(2, getCurlLogs, 10*time.Second, time.Second).Should(ContainSubstring("< HTTP/1.1 200 OK")) } else { + By("creating a curl pod to access the metrics endpoint") + // nolint:lll + cmdOpts := []string{ + "run", "curl", + "--restart=Never", + "--namespace", kbc.Kubectl.Namespace, + "--image=curlimages/curl:7.78.0", + "--", + "/bin/sh", "-c", fmt.Sprintf("curl -v -k http://e2e-%s-controller-manager-metrics-service.%s.svc.cluster.local:8080/metrics", + kbc.TestSuffix, kbc.Kubectl.Namespace), + } + _, err := kbc.Kubectl.CommandInNamespace(cmdOpts...) + ExpectWithOffset(2, err).NotTo(HaveOccurred()) + By("validating that the curl pod fail as expected") verifyCurlUp := func() error { status, err := kbc.Kubectl.Get( @@ -375,14 +370,14 @@ func curlMetrics(kbc *utils.TestContext, hasMetrics bool) string { By("validating that the metrics endpoint is not working as expected") getCurlLogs := func() string { - metricsOutput, err = kbc.Kubectl.Logs("curl") + metricsOutput, err := kbc.Kubectl.Logs("curl") ExpectWithOffset(3, err).NotTo(HaveOccurred()) return metricsOutput } - EventuallyWithOffset(2, getCurlLogs, 10*time.Second, time.Second).Should(ContainSubstring("Connection refused")) + EventuallyWithOffset(2, getCurlLogs, 10*time.Second, time.Second).Should(ContainSubstring("Could not resolve host")) } By("cleaning up the curl pod") - _, err = kbc.Kubectl.Delete(true, "pods/curl") + _, err := kbc.Kubectl.Delete(true, "pods/curl") ExpectWithOffset(3, err).NotTo(HaveOccurred()) return metricsOutput diff --git a/testdata/project-v4-multigroup-with-deploy-image/config/default/kustomization.yaml b/testdata/project-v4-multigroup-with-deploy-image/config/default/kustomization.yaml index 0191923a08c..b81da332f7b 100644 --- a/testdata/project-v4-multigroup-with-deploy-image/config/default/kustomization.yaml +++ b/testdata/project-v4-multigroup-with-deploy-image/config/default/kustomization.yaml @@ -25,7 +25,10 @@ resources: #- ../certmanager # [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. #- ../prometheus +# [METRICS] To enable the controller manager metrics service, uncomment the following line. +#- metrics_service.yaml +# Uncomment the patches line if you enable Metrics, and/or are using webhooks and cert-manager patches: # [METRICS] The following patch will enable the metrics endpoint. Ensure that you also protect this endpoint. # More info: https://book.kubebuilder.io/reference/metrics diff --git a/testdata/project-v4-multigroup-with-deploy-image/config/rbac/metrics_service.yaml b/testdata/project-v4-multigroup-with-deploy-image/config/default/metrics_service.yaml similarity index 100% rename from testdata/project-v4-multigroup-with-deploy-image/config/rbac/metrics_service.yaml rename to testdata/project-v4-multigroup-with-deploy-image/config/default/metrics_service.yaml diff --git a/testdata/project-v4-multigroup-with-deploy-image/config/rbac/kustomization.yaml b/testdata/project-v4-multigroup-with-deploy-image/config/rbac/kustomization.yaml index 51bf3b2bea4..a2f9efd10a3 100644 --- a/testdata/project-v4-multigroup-with-deploy-image/config/rbac/kustomization.yaml +++ b/testdata/project-v4-multigroup-with-deploy-image/config/rbac/kustomization.yaml @@ -9,7 +9,6 @@ resources: - role_binding.yaml - leader_election_role.yaml - leader_election_role_binding.yaml -- metrics_service.yaml # For each CRD, "Editor" and "Viewer" roles are scaffolded by # default, aiding admins in cluster management. Those roles are # not used by the Project itself. You can comment the following lines diff --git a/testdata/project-v4-multigroup-with-deploy-image/dist/install.yaml b/testdata/project-v4-multigroup-with-deploy-image/dist/install.yaml index a9d09c8aebb..9a4abb101e0 100644 --- a/testdata/project-v4-multigroup-with-deploy-image/dist/install.yaml +++ b/testdata/project-v4-multigroup-with-deploy-image/dist/install.yaml @@ -1474,24 +1474,6 @@ subjects: --- apiVersion: v1 kind: Service -metadata: - labels: - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: project-v4-multigroup-with-deploy-image - control-plane: controller-manager - name: project-v4-multigroup-with-deploy-image-controller-manager-metrics-service - namespace: project-v4-multigroup-with-deploy-image-system -spec: - ports: - - name: http - port: 8080 - protocol: TCP - targetPort: 8080 - selector: - control-plane: controller-manager ---- -apiVersion: v1 -kind: Service metadata: labels: app.kubernetes.io/managed-by: kustomize diff --git a/testdata/project-v4-multigroup/config/default/kustomization.yaml b/testdata/project-v4-multigroup/config/default/kustomization.yaml index ffb90673bac..fd22f14ceb3 100644 --- a/testdata/project-v4-multigroup/config/default/kustomization.yaml +++ b/testdata/project-v4-multigroup/config/default/kustomization.yaml @@ -25,7 +25,10 @@ resources: #- ../certmanager # [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. #- ../prometheus +# [METRICS] To enable the controller manager metrics service, uncomment the following line. +#- metrics_service.yaml +# Uncomment the patches line if you enable Metrics, and/or are using webhooks and cert-manager patches: # [METRICS] The following patch will enable the metrics endpoint. Ensure that you also protect this endpoint. # More info: https://book.kubebuilder.io/reference/metrics diff --git a/testdata/project-v4-multigroup/config/rbac/metrics_service.yaml b/testdata/project-v4-multigroup/config/default/metrics_service.yaml similarity index 100% rename from testdata/project-v4-multigroup/config/rbac/metrics_service.yaml rename to testdata/project-v4-multigroup/config/default/metrics_service.yaml diff --git a/testdata/project-v4-multigroup/config/rbac/kustomization.yaml b/testdata/project-v4-multigroup/config/rbac/kustomization.yaml index 51bf3b2bea4..a2f9efd10a3 100644 --- a/testdata/project-v4-multigroup/config/rbac/kustomization.yaml +++ b/testdata/project-v4-multigroup/config/rbac/kustomization.yaml @@ -9,7 +9,6 @@ resources: - role_binding.yaml - leader_election_role.yaml - leader_election_role_binding.yaml -- metrics_service.yaml # For each CRD, "Editor" and "Viewer" roles are scaffolded by # default, aiding admins in cluster management. Those roles are # not used by the Project itself. You can comment the following lines diff --git a/testdata/project-v4-multigroup/dist/install.yaml b/testdata/project-v4-multigroup/dist/install.yaml index 4d4a95129c3..1694d276d0f 100644 --- a/testdata/project-v4-multigroup/dist/install.yaml +++ b/testdata/project-v4-multigroup/dist/install.yaml @@ -1474,24 +1474,6 @@ subjects: --- apiVersion: v1 kind: Service -metadata: - labels: - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: project-v4-multigroup - control-plane: controller-manager - name: project-v4-multigroup-controller-manager-metrics-service - namespace: project-v4-multigroup-system -spec: - ports: - - name: http - port: 8080 - protocol: TCP - targetPort: 8080 - selector: - control-plane: controller-manager ---- -apiVersion: v1 -kind: Service metadata: labels: app.kubernetes.io/managed-by: kustomize diff --git a/testdata/project-v4-with-deploy-image/config/default/kustomization.yaml b/testdata/project-v4-with-deploy-image/config/default/kustomization.yaml index d299940c871..a446d6d4a0a 100644 --- a/testdata/project-v4-with-deploy-image/config/default/kustomization.yaml +++ b/testdata/project-v4-with-deploy-image/config/default/kustomization.yaml @@ -25,7 +25,10 @@ resources: #- ../certmanager # [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. #- ../prometheus +# [METRICS] To enable the controller manager metrics service, uncomment the following line. +#- metrics_service.yaml +# Uncomment the patches line if you enable Metrics, and/or are using webhooks and cert-manager patches: # [METRICS] The following patch will enable the metrics endpoint. Ensure that you also protect this endpoint. # More info: https://book.kubebuilder.io/reference/metrics diff --git a/testdata/project-v4-with-deploy-image/config/rbac/metrics_service.yaml b/testdata/project-v4-with-deploy-image/config/default/metrics_service.yaml similarity index 100% rename from testdata/project-v4-with-deploy-image/config/rbac/metrics_service.yaml rename to testdata/project-v4-with-deploy-image/config/default/metrics_service.yaml diff --git a/testdata/project-v4-with-deploy-image/config/rbac/kustomization.yaml b/testdata/project-v4-with-deploy-image/config/rbac/kustomization.yaml index 234947b0ce5..1a988b476a3 100644 --- a/testdata/project-v4-with-deploy-image/config/rbac/kustomization.yaml +++ b/testdata/project-v4-with-deploy-image/config/rbac/kustomization.yaml @@ -9,7 +9,6 @@ resources: - role_binding.yaml - leader_election_role.yaml - leader_election_role_binding.yaml -- metrics_service.yaml # For each CRD, "Editor" and "Viewer" roles are scaffolded by # default, aiding admins in cluster management. Those roles are # not used by the Project itself. You can comment the following lines diff --git a/testdata/project-v4-with-deploy-image/dist/install.yaml b/testdata/project-v4-with-deploy-image/dist/install.yaml index a2ac764e08c..6a99fdc2f2e 100644 --- a/testdata/project-v4-with-deploy-image/dist/install.yaml +++ b/testdata/project-v4-with-deploy-image/dist/install.yaml @@ -550,24 +550,6 @@ subjects: --- apiVersion: v1 kind: Service -metadata: - labels: - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: project-v4-with-deploy-image - control-plane: controller-manager - name: project-v4-with-deploy-image-controller-manager-metrics-service - namespace: project-v4-with-deploy-image-system -spec: - ports: - - name: http - port: 8080 - protocol: TCP - targetPort: 8080 - selector: - control-plane: controller-manager ---- -apiVersion: v1 -kind: Service metadata: labels: app.kubernetes.io/managed-by: kustomize diff --git a/testdata/project-v4-with-grafana/config/default/kustomization.yaml b/testdata/project-v4-with-grafana/config/default/kustomization.yaml index a76c38189c9..d17c01b9af8 100644 --- a/testdata/project-v4-with-grafana/config/default/kustomization.yaml +++ b/testdata/project-v4-with-grafana/config/default/kustomization.yaml @@ -25,8 +25,11 @@ resources: #- ../certmanager # [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. #- ../prometheus +# [METRICS] To enable the controller manager metrics service, uncomment the following line. +#- metrics_service.yaml -patches: +# Uncomment the patches line if you enable Metrics, and/or are using webhooks and cert-manager +#patches: # [METRICS] The following patch will enable the metrics endpoint. Ensure that you also protect this endpoint. # More info: https://book.kubebuilder.io/reference/metrics # If you want to expose the metric endpoint of your controller-manager uncomment the following line. diff --git a/testdata/project-v4-with-grafana/config/rbac/metrics_service.yaml b/testdata/project-v4-with-grafana/config/default/metrics_service.yaml similarity index 100% rename from testdata/project-v4-with-grafana/config/rbac/metrics_service.yaml rename to testdata/project-v4-with-grafana/config/default/metrics_service.yaml diff --git a/testdata/project-v4-with-grafana/config/rbac/kustomization.yaml b/testdata/project-v4-with-grafana/config/rbac/kustomization.yaml index cb51d20d1cf..166fe79868f 100644 --- a/testdata/project-v4-with-grafana/config/rbac/kustomization.yaml +++ b/testdata/project-v4-with-grafana/config/rbac/kustomization.yaml @@ -9,4 +9,3 @@ resources: - role_binding.yaml - leader_election_role.yaml - leader_election_role_binding.yaml -- metrics_service.yaml diff --git a/testdata/project-v4-with-grafana/dist/install.yaml b/testdata/project-v4-with-grafana/dist/install.yaml index 144e0d4f7d2..6831125a6a1 100644 --- a/testdata/project-v4-with-grafana/dist/install.yaml +++ b/testdata/project-v4-with-grafana/dist/install.yaml @@ -107,24 +107,6 @@ subjects: name: project-v4-with-grafana-controller-manager namespace: project-v4-with-grafana-system --- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: project-v4-with-grafana - control-plane: controller-manager - name: project-v4-with-grafana-controller-manager-metrics-service - namespace: project-v4-with-grafana-system -spec: - ports: - - name: http - port: 8080 - protocol: TCP - targetPort: 8080 - selector: - control-plane: controller-manager ---- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/testdata/project-v4/config/default/kustomization.yaml b/testdata/project-v4/config/default/kustomization.yaml index 848efcedaaa..9bb07eabee4 100644 --- a/testdata/project-v4/config/default/kustomization.yaml +++ b/testdata/project-v4/config/default/kustomization.yaml @@ -25,7 +25,10 @@ resources: #- ../certmanager # [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. #- ../prometheus +# [METRICS] To enable the controller manager metrics service, uncomment the following line. +#- metrics_service.yaml +# Uncomment the patches line if you enable Metrics, and/or are using webhooks and cert-manager patches: # [METRICS] The following patch will enable the metrics endpoint. Ensure that you also protect this endpoint. # More info: https://book.kubebuilder.io/reference/metrics diff --git a/testdata/project-v4/config/rbac/metrics_service.yaml b/testdata/project-v4/config/default/metrics_service.yaml similarity index 100% rename from testdata/project-v4/config/rbac/metrics_service.yaml rename to testdata/project-v4/config/default/metrics_service.yaml diff --git a/testdata/project-v4/config/rbac/kustomization.yaml b/testdata/project-v4/config/rbac/kustomization.yaml index 6dd56c7db27..2a7debcd3a1 100644 --- a/testdata/project-v4/config/rbac/kustomization.yaml +++ b/testdata/project-v4/config/rbac/kustomization.yaml @@ -9,7 +9,6 @@ resources: - role_binding.yaml - leader_election_role.yaml - leader_election_role_binding.yaml -- metrics_service.yaml # For each CRD, "Editor" and "Viewer" roles are scaffolded by # default, aiding admins in cluster management. Those roles are # not used by the Project itself. You can comment the following lines diff --git a/testdata/project-v4/dist/install.yaml b/testdata/project-v4/dist/install.yaml index ada9cb0e05d..4144d2f3017 100644 --- a/testdata/project-v4/dist/install.yaml +++ b/testdata/project-v4/dist/install.yaml @@ -544,24 +544,6 @@ subjects: --- apiVersion: v1 kind: Service -metadata: - labels: - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: project-v4 - control-plane: controller-manager - name: project-v4-controller-manager-metrics-service - namespace: project-v4-system -spec: - ports: - - name: http - port: 8080 - protocol: TCP - targetPort: 8080 - selector: - control-plane: controller-manager ---- -apiVersion: v1 -kind: Service metadata: labels: app.kubernetes.io/managed-by: kustomize