diff --git a/pkg/scaffold/project.go b/pkg/scaffold/project.go index cdcdccd4a6a..b9d741df2e1 100644 --- a/pkg/scaffold/project.go +++ b/pkg/scaffold/project.go @@ -115,7 +115,7 @@ func (p *V1Project) Scaffold() error { &scaffoldv1.KustomizeImagePatch{}, &metricsauthv1.KustomizePrometheusMetricsPatch{}, &metricsauthv1.KustomizeAuthProxyPatch{}, - &project.AuthProxyService{}, + &scaffoldv1.AuthProxyService{}, &project.AuthProxyRole{}, &project.AuthProxyRoleBinding{}, &manager.Config{Image: imgName}, @@ -184,7 +184,7 @@ func (p *V2Project) Scaffold() error { &scaffoldv2.KustomizeImagePatch{}, &metricsauthv2.KustomizePrometheusMetricsPatch{}, &metricsauthv2.KustomizeAuthProxyPatch{}, - &project.AuthProxyService{}, + &scaffoldv2.AuthProxyService{}, &project.AuthProxyRole{}, &project.AuthProxyRoleBinding{}, &managerv2.Config{Image: imgName}, diff --git a/pkg/scaffold/project/authproxyservice.go b/pkg/scaffold/v1/authproxyservice.go similarity index 94% rename from pkg/scaffold/project/authproxyservice.go rename to pkg/scaffold/v1/authproxyservice.go index f7786af5aec..9328fc95de2 100644 --- a/pkg/scaffold/project/authproxyservice.go +++ b/pkg/scaffold/v1/authproxyservice.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package project +package v1 import ( "path/filepath" @@ -24,7 +24,7 @@ import ( var _ input.File = &AuthProxyService{} -// AuthProxyService scaffolds the config/rbac/auth_proxy_role.yaml file +// AuthProxyService scaffolds the config/rbac/auth_proxy_service.yaml file type AuthProxyService struct { input.Input } diff --git a/pkg/scaffold/v1/resource/rolebinding.go b/pkg/scaffold/v1/resource/rolebinding.go deleted file mode 100644 index 78f61c0d4ba..00000000000 --- a/pkg/scaffold/v1/resource/rolebinding.go +++ /dev/null @@ -1,65 +0,0 @@ -/* -Copyright 2018 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package resource - -import ( - "fmt" - "path/filepath" - - "sigs.k8s.io/kubebuilder/pkg/scaffold/input" -) - -var _ input.File = &RoleBinding{} - -// RoleBinding scaffolds the config/manager/group_rolebinding_rbac.yaml file -type RoleBinding struct { - input.Input - - // Resource is a resource in the API group - Resource *Resource -} - -// GetInput implements input.File -func (r *RoleBinding) GetInput() (input.Input, error) { - if r.Path == "" { - r.Path = filepath.Join("config", "manager", fmt.Sprintf( - "%s_rolebinding_rbac.yaml", r.Resource.Group)) - } - r.TemplateBody = roleBindingTemplate - return r.Input, nil -} - -// Validate validates the values -func (r *RoleBinding) Validate() error { - return r.Resource.Validate() -} - -var roleBindingTemplate = `apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - controller-tools.k8s.io: "1.0" - name: {{ .Resource.Group }}-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ .Resource.Group }}-role -subjects: -- kind: ServiceAccount - name: default - namespace: system -` diff --git a/pkg/scaffold/v1/resource/role.go b/pkg/scaffold/v2/authproxyservice.go similarity index 51% rename from pkg/scaffold/v1/resource/role.go rename to pkg/scaffold/v2/authproxyservice.go index 91cb45117c4..58a42537d06 100644 --- a/pkg/scaffold/v1/resource/role.go +++ b/pkg/scaffold/v2/authproxyservice.go @@ -14,52 +14,46 @@ See the License for the specific language governing permissions and limitations under the License. */ -package resource +package v2 import ( - "fmt" "path/filepath" "sigs.k8s.io/kubebuilder/pkg/scaffold/input" ) -var _ input.File = &Role{} +var _ input.File = &AuthProxyService{} -// Role scaffolds the config/manager/group_role_rbac.yaml file -type Role struct { +// AuthProxyService scaffolds the config/rbac/auth_proxy_service.yaml file +type AuthProxyService struct { input.Input - - // Resource is a resource in the API group - Resource *Resource } // GetInput implements input.File -func (r *Role) GetInput() (input.Input, error) { +func (r *AuthProxyService) GetInput() (input.Input, error) { if r.Path == "" { - r.Path = filepath.Join("config", "manager", fmt.Sprintf( - "%s_role_rbac.yaml", r.Resource.Group)) + r.Path = filepath.Join("config", "rbac", "auth_proxy_service.yaml") } - r.TemplateBody = roleTemplate + r.TemplateBody = AuthProxyServiceTemplate return r.Input, nil } -// Validate validates the values -func (r *Role) Validate() error { - return r.Resource.Validate() -} - -var roleTemplate = `apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole +var AuthProxyServiceTemplate = `apiVersion: v1 +kind: Service metadata: + annotations: + prometheus.io/port: "8443" + prometheus.io/scheme: https + prometheus.io/scrape: "true" labels: - controller-tools.k8s.io: "1.0" - name: {{.Resource.Group}}-role -rules: -- apiGroups: - - {{ .Resource.Group }}.{{ .Domain }} - resources: - - '*' - verbs: - - '*' - + control-plane: controller-manager + name: controller-manager-metrics-service + namespace: system +spec: + ports: + - name: https + port: 8443 + targetPort: https + selector: + control-plane: controller-manager ` diff --git a/pkg/scaffold/v2/crd/enablecainjection_patch.go b/pkg/scaffold/v2/crd/enablecainjection_patch.go index d0e184dbaeb..015e3c3943b 100644 --- a/pkg/scaffold/v2/crd/enablecainjection_patch.go +++ b/pkg/scaffold/v2/crd/enablecainjection_patch.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package v2 +package crd import ( "fmt" diff --git a/pkg/scaffold/v2/crd/enablewebhook_patch.go b/pkg/scaffold/v2/crd/enablewebhook_patch.go index 9ced42190ec..1fc9a3bff14 100644 --- a/pkg/scaffold/v2/crd/enablewebhook_patch.go +++ b/pkg/scaffold/v2/crd/enablewebhook_patch.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package v2 +package crd import ( "fmt" diff --git a/pkg/scaffold/v2/crd/kustomization.go b/pkg/scaffold/v2/crd/kustomization.go index 1cd7da23bc7..d84c78159ee 100644 --- a/pkg/scaffold/v2/crd/kustomization.go +++ b/pkg/scaffold/v2/crd/kustomization.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package v2 +package crd import ( "fmt" diff --git a/pkg/scaffold/v2/crd/kustomizeconfig.go b/pkg/scaffold/v2/crd/kustomizeconfig.go index 1ea5a3ddd27..c88d75e2af1 100644 --- a/pkg/scaffold/v2/crd/kustomizeconfig.go +++ b/pkg/scaffold/v2/crd/kustomizeconfig.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package v2 +package crd import ( "path/filepath" diff --git a/pkg/scaffold/v2/manager/config.go b/pkg/scaffold/v2/manager/config.go index 09a5ba9b51c..eee4500fbc3 100644 --- a/pkg/scaffold/v2/manager/config.go +++ b/pkg/scaffold/v2/manager/config.go @@ -45,7 +45,6 @@ kind: Namespace metadata: labels: control-plane: controller-manager - controller-tools.k8s.io: "1.0" name: system --- apiVersion: apps/v1 @@ -55,18 +54,15 @@ metadata: namespace: system labels: control-plane: controller-manager - controller-tools.k8s.io: "1.0" spec: selector: matchLabels: control-plane: controller-manager - controller-tools.k8s.io: "1.0" replicas: 1 template: metadata: labels: control-plane: controller-manager - controller-tools.k8s.io: "1.0" spec: containers: - command: diff --git a/pkg/scaffold/v2/webhook/service.go b/pkg/scaffold/v2/webhook/service.go index 2d43070278a..fd754936049 100644 --- a/pkg/scaffold/v2/webhook/service.go +++ b/pkg/scaffold/v2/webhook/service.go @@ -51,5 +51,4 @@ spec: targetPort: 443 selector: control-plane: controller-manager - controller-tools.k8s.io: "1.0" ` diff --git a/testdata/project-v2/config/manager/manager.yaml b/testdata/project-v2/config/manager/manager.yaml index f2b77c74baa..00cdaeaa357 100644 --- a/testdata/project-v2/config/manager/manager.yaml +++ b/testdata/project-v2/config/manager/manager.yaml @@ -3,7 +3,6 @@ kind: Namespace metadata: labels: control-plane: controller-manager - controller-tools.k8s.io: "1.0" name: system --- apiVersion: apps/v1 @@ -13,18 +12,15 @@ metadata: namespace: system labels: control-plane: controller-manager - controller-tools.k8s.io: "1.0" spec: selector: matchLabels: control-plane: controller-manager - controller-tools.k8s.io: "1.0" replicas: 1 template: metadata: labels: control-plane: controller-manager - controller-tools.k8s.io: "1.0" spec: containers: - command: diff --git a/testdata/project-v2/config/rbac/auth_proxy_service.yaml b/testdata/project-v2/config/rbac/auth_proxy_service.yaml index 027073f9528..d61e5469fb5 100644 --- a/testdata/project-v2/config/rbac/auth_proxy_service.yaml +++ b/testdata/project-v2/config/rbac/auth_proxy_service.yaml @@ -7,7 +7,6 @@ metadata: prometheus.io/scrape: "true" labels: control-plane: controller-manager - controller-tools.k8s.io: "1.0" name: controller-manager-metrics-service namespace: system spec: @@ -17,4 +16,3 @@ spec: targetPort: https selector: control-plane: controller-manager - controller-tools.k8s.io: "1.0" diff --git a/testdata/project-v2/config/webhook/service.yaml b/testdata/project-v2/config/webhook/service.yaml index 4653ddf7f15..b4861025ab4 100644 --- a/testdata/project-v2/config/webhook/service.yaml +++ b/testdata/project-v2/config/webhook/service.yaml @@ -10,4 +10,3 @@ spec: targetPort: 443 selector: control-plane: controller-manager - controller-tools.k8s.io: "1.0"