diff --git a/test/testdata/generate.sh b/test/testdata/generate.sh index 949099010f8..804aa2c77fc 100755 --- a/test/testdata/generate.sh +++ b/test/testdata/generate.sh @@ -116,15 +116,7 @@ function scaffold_test_project { fi make generate manifests - # TODO fix the error with multigroup layout and allow it be generated - # with this one. - # Error: trouble configuring builtin PatchTransformer with config: ` - # path: patches/webhook_in_sea-creatures_krakens.yaml - # `: failed to get the patch file from path(patches/webhook_in_sea-creatures_krakens.yaml): evalsymlink failure on '/Users/camiladeomacedo/go/src/sigs.k8s.io/kubebuilder/testdata/project-v4-multigroup/config/crd/patches/webhook_in_sea-creatures_krakens.yaml' : lstat go/src/sigs.k8s.io/kubebuilder/testdata/project-v4-multigroup/config/crd/patches/webhook_in_sea-creatures_krakens.yaml: no such file or directory - if [[ $project =~ v4 && ! $project =~ multigroup ]]; then - make build-installer - fi - + rm -f go.sum go mod tidy popd diff --git a/testdata/project-v4-with-deploy-image/config/manager/kustomization.yaml b/testdata/project-v4-with-deploy-image/config/manager/kustomization.yaml index ad13e96b3fc..5c5f0b84cba 100644 --- a/testdata/project-v4-with-deploy-image/config/manager/kustomization.yaml +++ b/testdata/project-v4-with-deploy-image/config/manager/kustomization.yaml @@ -1,8 +1,2 @@ resources: - manager.yaml -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -images: -- name: controller - newName: controller - newTag: latest diff --git a/testdata/project-v4-with-deploy-image/dist/install.yaml b/testdata/project-v4-with-deploy-image/dist/install.yaml deleted file mode 100644 index a1e47f88dfb..00000000000 --- a/testdata/project-v4-with-deploy-image/dist/install.yaml +++ /dev/null @@ -1,695 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - labels: - app.kubernetes.io/component: manager - app.kubernetes.io/created-by: project-v4-with-deploy-image - app.kubernetes.io/instance: system - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: namespace - app.kubernetes.io/part-of: project-v4-with-deploy-image - control-plane: controller-manager - name: project-v4-with-deploy-image-system ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: busyboxes.example.com.testproject.org -spec: - group: example.com.testproject.org - names: - kind: Busybox - listKind: BusyboxList - plural: busyboxes - singular: busybox - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Busybox is the Schema for the busyboxes API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: BusyboxSpec defines the desired state of Busybox - properties: - size: - description: |- - Size defines the number of Busybox instances - The following markers will use OpenAPI v3 schema to validate the value - More info: https://book.kubebuilder.io/reference/markers/crd-validation.html - format: int32 - maximum: 3 - minimum: 1 - type: integer - type: object - status: - description: BusyboxStatus defines the observed state of Busybox - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: memcacheds.example.com.testproject.org -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - service: - name: project-v4-with-deploy-image-webhook-service - namespace: project-v4-with-deploy-image-system - path: /convert - conversionReviewVersions: - - v1 - group: example.com.testproject.org - names: - kind: Memcached - listKind: MemcachedList - plural: memcacheds - singular: memcached - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Memcached is the Schema for the memcacheds API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: MemcachedSpec defines the desired state of Memcached - properties: - containerPort: - description: Port defines the port that will be used to init the container - with the image - format: int32 - type: integer - size: - description: |- - Size defines the number of Memcached instances - The following markers will use OpenAPI v3 schema to validate the value - More info: https://book.kubebuilder.io/reference/markers/crd-validation.html - format: int32 - maximum: 3 - minimum: 1 - type: integer - type: object - status: - description: MemcachedStatus defines the observed state of Memcached - properties: - conditions: - items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: project-v4-with-deploy-image - name: project-v4-with-deploy-image-controller-manager - namespace: project-v4-with-deploy-image-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: project-v4-with-deploy-image - app.kubernetes.io/instance: leader-election-role - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: role - app.kubernetes.io/part-of: project-v4-with-deploy-image - name: project-v4-with-deploy-image-leader-election-role - namespace: project-v4-with-deploy-image-system -rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: project-v4-with-deploy-image-manager-role -rules: -- apiGroups: - - apps - resources: - - deployments - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch -- apiGroups: - - example.com.testproject.org - resources: - - busyboxes - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - example.com.testproject.org - resources: - - busyboxes/finalizers - verbs: - - update -- apiGroups: - - example.com.testproject.org - resources: - - busyboxes/status - verbs: - - get - - patch - - update -- apiGroups: - - example.com.testproject.org - resources: - - memcacheds - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - example.com.testproject.org - resources: - - memcacheds/finalizers - verbs: - - update -- apiGroups: - - example.com.testproject.org - resources: - - memcacheds/status - verbs: - - get - - patch - - update ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: project-v4-with-deploy-image - app.kubernetes.io/instance: metrics-reader - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: clusterrole - app.kubernetes.io/part-of: project-v4-with-deploy-image - name: project-v4-with-deploy-image-metrics-reader -rules: -- nonResourceURLs: - - /metrics - verbs: - - get ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: project-v4-with-deploy-image - app.kubernetes.io/instance: proxy-role - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: clusterrole - app.kubernetes.io/part-of: project-v4-with-deploy-image - name: project-v4-with-deploy-image-proxy-role -rules: -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: project-v4-with-deploy-image - app.kubernetes.io/instance: leader-election-rolebinding - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: rolebinding - app.kubernetes.io/part-of: project-v4-with-deploy-image - name: project-v4-with-deploy-image-leader-election-rolebinding - namespace: project-v4-with-deploy-image-system -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: project-v4-with-deploy-image-leader-election-role -subjects: -- kind: ServiceAccount - name: project-v4-with-deploy-image-controller-manager - namespace: project-v4-with-deploy-image-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: project-v4-with-deploy-image - app.kubernetes.io/instance: manager-rolebinding - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: clusterrolebinding - app.kubernetes.io/part-of: project-v4-with-deploy-image - name: project-v4-with-deploy-image-manager-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: project-v4-with-deploy-image-manager-role -subjects: -- kind: ServiceAccount - name: project-v4-with-deploy-image-controller-manager - namespace: project-v4-with-deploy-image-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: project-v4-with-deploy-image - app.kubernetes.io/instance: proxy-rolebinding - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: clusterrolebinding - app.kubernetes.io/part-of: project-v4-with-deploy-image - name: project-v4-with-deploy-image-proxy-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: project-v4-with-deploy-image-proxy-role -subjects: -- kind: ServiceAccount - name: project-v4-with-deploy-image-controller-manager - namespace: project-v4-with-deploy-image-system ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: project-v4-with-deploy-image - app.kubernetes.io/instance: controller-manager-metrics-service - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: service - app.kubernetes.io/part-of: project-v4-with-deploy-image - control-plane: controller-manager - name: project-v4-with-deploy-image-controller-manager-metrics-service - namespace: project-v4-with-deploy-image-system -spec: - ports: - - name: https - port: 8443 - protocol: TCP - targetPort: https - selector: - control-plane: controller-manager ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: project-v4-with-deploy-image - name: project-v4-with-deploy-image-webhook-service - namespace: project-v4-with-deploy-image-system -spec: - ports: - - port: 443 - protocol: TCP - targetPort: 9443 - selector: - control-plane: controller-manager ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: manager - app.kubernetes.io/created-by: project-v4-with-deploy-image - app.kubernetes.io/instance: controller-manager - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: deployment - app.kubernetes.io/part-of: project-v4-with-deploy-image - control-plane: controller-manager - name: project-v4-with-deploy-image-controller-manager - namespace: project-v4-with-deploy-image-system -spec: - replicas: 1 - selector: - matchLabels: - control-plane: controller-manager - template: - metadata: - annotations: - kubectl.kubernetes.io/default-container: manager - labels: - control-plane: controller-manager - spec: - containers: - - args: - - --health-probe-bind-address=:8081 - - --metrics-bind-address=127.0.0.1:8080 - - --leader-elect - command: - - /manager - env: - - name: BUSYBOX_IMAGE - value: busybox:1.28 - - name: MEMCACHED_IMAGE - value: memcached:1.4.36-alpine - image: controller:latest - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 - name: manager - ports: - - containerPort: 9443 - name: webhook-server - protocol: TCP - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 10m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - volumeMounts: - - mountPath: /tmp/k8s-webhook-server/serving-certs - name: cert - readOnly: true - - args: - - --secure-listen-address=0.0.0.0:8443 - - --upstream=http://127.0.0.1:8080/ - - --logtostderr=true - - --v=0 - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.15.0 - name: kube-rbac-proxy - ports: - - containerPort: 8443 - name: https - protocol: TCP - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 5m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - securityContext: - runAsNonRoot: true - serviceAccountName: project-v4-with-deploy-image-controller-manager - terminationGracePeriodSeconds: 10 - volumes: - - name: cert - secret: - defaultMode: 420 - secretName: webhook-server-cert ---- -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: project-v4-with-deploy-image-validating-webhook-configuration -webhooks: -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: project-v4-with-deploy-image-webhook-service - namespace: project-v4-with-deploy-image-system - path: /validate-example-com-testproject-org-v1alpha1-memcached - failurePolicy: Fail - name: vmemcached.kb.io - rules: - - apiGroups: - - example.com.testproject.org - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - memcacheds - sideEffects: None diff --git a/testdata/project-v4-with-grafana/config/manager/kustomization.yaml b/testdata/project-v4-with-grafana/config/manager/kustomization.yaml index ad13e96b3fc..5c5f0b84cba 100644 --- a/testdata/project-v4-with-grafana/config/manager/kustomization.yaml +++ b/testdata/project-v4-with-grafana/config/manager/kustomization.yaml @@ -1,8 +1,2 @@ resources: - manager.yaml -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -images: -- name: controller - newName: controller - newTag: latest diff --git a/testdata/project-v4-with-grafana/dist/install.yaml b/testdata/project-v4-with-grafana/dist/install.yaml deleted file mode 100644 index 6918162db14..00000000000 --- a/testdata/project-v4-with-grafana/dist/install.yaml +++ /dev/null @@ -1,298 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - labels: - app.kubernetes.io/component: manager - app.kubernetes.io/created-by: project-v4-with-grafana - app.kubernetes.io/instance: system - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: namespace - app.kubernetes.io/part-of: project-v4-with-grafana - control-plane: controller-manager - name: project-v4-with-grafana-system ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: project-v4-with-grafana - name: project-v4-with-grafana-controller-manager - namespace: project-v4-with-grafana-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: project-v4-with-grafana - app.kubernetes.io/instance: leader-election-role - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: role - app.kubernetes.io/part-of: project-v4-with-grafana - name: project-v4-with-grafana-leader-election-role - namespace: project-v4-with-grafana-system -rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: project-v4-with-grafana - app.kubernetes.io/instance: manager-role - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: clusterrole - app.kubernetes.io/part-of: project-v4-with-grafana - name: project-v4-with-grafana-manager-role -rules: -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: project-v4-with-grafana - app.kubernetes.io/instance: metrics-reader - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: clusterrole - app.kubernetes.io/part-of: project-v4-with-grafana - name: project-v4-with-grafana-metrics-reader -rules: -- nonResourceURLs: - - /metrics - verbs: - - get ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: project-v4-with-grafana - app.kubernetes.io/instance: proxy-role - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: clusterrole - app.kubernetes.io/part-of: project-v4-with-grafana - name: project-v4-with-grafana-proxy-role -rules: -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: project-v4-with-grafana - app.kubernetes.io/instance: leader-election-rolebinding - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: rolebinding - app.kubernetes.io/part-of: project-v4-with-grafana - name: project-v4-with-grafana-leader-election-rolebinding - namespace: project-v4-with-grafana-system -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: project-v4-with-grafana-leader-election-role -subjects: -- kind: ServiceAccount - name: project-v4-with-grafana-controller-manager - namespace: project-v4-with-grafana-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: project-v4-with-grafana - app.kubernetes.io/instance: manager-rolebinding - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: clusterrolebinding - app.kubernetes.io/part-of: project-v4-with-grafana - name: project-v4-with-grafana-manager-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: project-v4-with-grafana-manager-role -subjects: -- kind: ServiceAccount - name: project-v4-with-grafana-controller-manager - namespace: project-v4-with-grafana-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: project-v4-with-grafana - app.kubernetes.io/instance: proxy-rolebinding - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: clusterrolebinding - app.kubernetes.io/part-of: project-v4-with-grafana - name: project-v4-with-grafana-proxy-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: project-v4-with-grafana-proxy-role -subjects: -- kind: ServiceAccount - name: project-v4-with-grafana-controller-manager - namespace: project-v4-with-grafana-system ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: project-v4-with-grafana - app.kubernetes.io/instance: controller-manager-metrics-service - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: service - app.kubernetes.io/part-of: project-v4-with-grafana - control-plane: controller-manager - name: project-v4-with-grafana-controller-manager-metrics-service - namespace: project-v4-with-grafana-system -spec: - ports: - - name: https - port: 8443 - protocol: TCP - targetPort: https - selector: - control-plane: controller-manager ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: manager - app.kubernetes.io/created-by: project-v4-with-grafana - app.kubernetes.io/instance: controller-manager - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: deployment - app.kubernetes.io/part-of: project-v4-with-grafana - control-plane: controller-manager - name: project-v4-with-grafana-controller-manager - namespace: project-v4-with-grafana-system -spec: - replicas: 1 - selector: - matchLabels: - control-plane: controller-manager - template: - metadata: - annotations: - kubectl.kubernetes.io/default-container: manager - labels: - control-plane: controller-manager - spec: - containers: - - args: - - --secure-listen-address=0.0.0.0:8443 - - --upstream=http://127.0.0.1:8080/ - - --logtostderr=true - - --v=0 - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.15.0 - name: kube-rbac-proxy - ports: - - containerPort: 8443 - name: https - protocol: TCP - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 5m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - - args: - - --health-probe-bind-address=:8081 - - --metrics-bind-address=127.0.0.1:8080 - - --leader-elect - command: - - /manager - image: controller:latest - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 - name: manager - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 10m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - securityContext: - runAsNonRoot: true - serviceAccountName: project-v4-with-grafana-controller-manager - terminationGracePeriodSeconds: 10 diff --git a/testdata/project-v4/config/manager/kustomization.yaml b/testdata/project-v4/config/manager/kustomization.yaml index ad13e96b3fc..5c5f0b84cba 100644 --- a/testdata/project-v4/config/manager/kustomization.yaml +++ b/testdata/project-v4/config/manager/kustomization.yaml @@ -1,8 +1,2 @@ resources: - manager.yaml -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization -images: -- name: controller - newName: controller - newTag: latest diff --git a/testdata/project-v4/dist/install.yaml b/testdata/project-v4/dist/install.yaml deleted file mode 100644 index d465fe6fbe4..00000000000 --- a/testdata/project-v4/dist/install.yaml +++ /dev/null @@ -1,680 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - labels: - app.kubernetes.io/component: manager - app.kubernetes.io/created-by: project-v4 - app.kubernetes.io/instance: system - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: namespace - app.kubernetes.io/part-of: project-v4 - control-plane: controller-manager - name: project-v4-system ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: admirales.crew.testproject.org -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - service: - name: project-v4-webhook-service - namespace: project-v4-system - path: /convert - conversionReviewVersions: - - v1 - group: crew.testproject.org - names: - kind: Admiral - listKind: AdmiralList - plural: admirales - singular: admiral - scope: Cluster - versions: - - name: v1 - schema: - openAPIV3Schema: - description: Admiral is the Schema for the admirales API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: AdmiralSpec defines the desired state of Admiral - properties: - foo: - description: Foo is an example field of Admiral. Edit admiral_types.go - to remove/update - type: string - type: object - status: - description: AdmiralStatus defines the observed state of Admiral - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: captains.crew.testproject.org -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - service: - name: project-v4-webhook-service - namespace: project-v4-system - path: /convert - conversionReviewVersions: - - v1 - group: crew.testproject.org - names: - kind: Captain - listKind: CaptainList - plural: captains - singular: captain - scope: Namespaced - versions: - - name: v1 - schema: - openAPIV3Schema: - description: Captain is the Schema for the captains API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: CaptainSpec defines the desired state of Captain - properties: - foo: - description: Foo is an example field of Captain. Edit captain_types.go - to remove/update - type: string - type: object - status: - description: CaptainStatus defines the observed state of Captain - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: firstmates.crew.testproject.org -spec: - conversion: - strategy: Webhook - webhook: - clientConfig: - service: - name: project-v4-webhook-service - namespace: project-v4-system - path: /convert - conversionReviewVersions: - - v1 - group: crew.testproject.org - names: - kind: FirstMate - listKind: FirstMateList - plural: firstmates - singular: firstmate - scope: Namespaced - versions: - - name: v1 - schema: - openAPIV3Schema: - description: FirstMate is the Schema for the firstmates API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: FirstMateSpec defines the desired state of FirstMate - properties: - foo: - description: Foo is an example field of FirstMate. Edit firstmate_types.go - to remove/update - type: string - type: object - status: - description: FirstMateStatus defines the observed state of FirstMate - type: object - type: object - served: true - storage: true - subresources: - status: {} ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: project-v4 - name: project-v4-controller-manager - namespace: project-v4-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: project-v4 - app.kubernetes.io/instance: leader-election-role - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: role - app.kubernetes.io/part-of: project-v4 - name: project-v4-leader-election-role - namespace: project-v4-system -rules: -- apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - "" - resources: - - events - verbs: - - create - - patch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: project-v4-manager-role -rules: -- apiGroups: - - crew.testproject.org - resources: - - admirales - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - crew.testproject.org - resources: - - admirales/finalizers - verbs: - - update -- apiGroups: - - crew.testproject.org - resources: - - admirales/status - verbs: - - get - - patch - - update -- apiGroups: - - crew.testproject.org - resources: - - captains - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - crew.testproject.org - resources: - - captains/finalizers - verbs: - - update -- apiGroups: - - crew.testproject.org - resources: - - captains/status - verbs: - - get - - patch - - update -- apiGroups: - - crew.testproject.org - resources: - - firstmates - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - crew.testproject.org - resources: - - firstmates/finalizers - verbs: - - update -- apiGroups: - - crew.testproject.org - resources: - - firstmates/status - verbs: - - get - - patch - - update -- apiGroups: - - crew.testproject.org - resources: - - lakers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - crew.testproject.org - resources: - - lakers/finalizers - verbs: - - update -- apiGroups: - - crew.testproject.org - resources: - - lakers/status - verbs: - - get - - patch - - update ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: project-v4 - app.kubernetes.io/instance: metrics-reader - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: clusterrole - app.kubernetes.io/part-of: project-v4 - name: project-v4-metrics-reader -rules: -- nonResourceURLs: - - /metrics - verbs: - - get ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: project-v4 - app.kubernetes.io/instance: proxy-role - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: clusterrole - app.kubernetes.io/part-of: project-v4 - name: project-v4-proxy-role -rules: -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: project-v4 - app.kubernetes.io/instance: leader-election-rolebinding - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: rolebinding - app.kubernetes.io/part-of: project-v4 - name: project-v4-leader-election-rolebinding - namespace: project-v4-system -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: project-v4-leader-election-role -subjects: -- kind: ServiceAccount - name: project-v4-controller-manager - namespace: project-v4-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: project-v4 - app.kubernetes.io/instance: manager-rolebinding - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: clusterrolebinding - app.kubernetes.io/part-of: project-v4 - name: project-v4-manager-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: project-v4-manager-role -subjects: -- kind: ServiceAccount - name: project-v4-controller-manager - namespace: project-v4-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: project-v4 - app.kubernetes.io/instance: proxy-rolebinding - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: clusterrolebinding - app.kubernetes.io/part-of: project-v4 - name: project-v4-proxy-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: project-v4-proxy-role -subjects: -- kind: ServiceAccount - name: project-v4-controller-manager - namespace: project-v4-system ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: project-v4 - app.kubernetes.io/instance: controller-manager-metrics-service - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: service - app.kubernetes.io/part-of: project-v4 - control-plane: controller-manager - name: project-v4-controller-manager-metrics-service - namespace: project-v4-system -spec: - ports: - - name: https - port: 8443 - protocol: TCP - targetPort: https - selector: - control-plane: controller-manager ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: project-v4 - name: project-v4-webhook-service - namespace: project-v4-system -spec: - ports: - - port: 443 - protocol: TCP - targetPort: 9443 - selector: - control-plane: controller-manager ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app.kubernetes.io/component: manager - app.kubernetes.io/created-by: project-v4 - app.kubernetes.io/instance: controller-manager - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: deployment - app.kubernetes.io/part-of: project-v4 - control-plane: controller-manager - name: project-v4-controller-manager - namespace: project-v4-system -spec: - replicas: 1 - selector: - matchLabels: - control-plane: controller-manager - template: - metadata: - annotations: - kubectl.kubernetes.io/default-container: manager - labels: - control-plane: controller-manager - spec: - containers: - - args: - - --health-probe-bind-address=:8081 - - --metrics-bind-address=127.0.0.1:8080 - - --leader-elect - command: - - /manager - image: controller:latest - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 - name: manager - ports: - - containerPort: 9443 - name: webhook-server - protocol: TCP - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 10m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - volumeMounts: - - mountPath: /tmp/k8s-webhook-server/serving-certs - name: cert - readOnly: true - - args: - - --secure-listen-address=0.0.0.0:8443 - - --upstream=http://127.0.0.1:8080/ - - --logtostderr=true - - --v=0 - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.15.0 - name: kube-rbac-proxy - ports: - - containerPort: 8443 - name: https - protocol: TCP - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 5m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - securityContext: - runAsNonRoot: true - serviceAccountName: project-v4-controller-manager - terminationGracePeriodSeconds: 10 - volumes: - - name: cert - secret: - defaultMode: 420 - secretName: webhook-server-cert ---- -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: project-v4-mutating-webhook-configuration -webhooks: -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: project-v4-webhook-service - namespace: project-v4-system - path: /mutate-crew-testproject-org-v1-admiral - failurePolicy: Fail - name: madmiral.kb.io - rules: - - apiGroups: - - crew.testproject.org - apiVersions: - - v1 - operations: - - CREATE - - UPDATE - resources: - - admirales - sideEffects: None -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: project-v4-webhook-service - namespace: project-v4-system - path: /mutate-crew-testproject-org-v1-captain - failurePolicy: Fail - name: mcaptain.kb.io - rules: - - apiGroups: - - crew.testproject.org - apiVersions: - - v1 - operations: - - CREATE - - UPDATE - resources: - - captains - sideEffects: None ---- -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: project-v4-validating-webhook-configuration -webhooks: -- admissionReviewVersions: - - v1 - clientConfig: - service: - name: project-v4-webhook-service - namespace: project-v4-system - path: /validate-crew-testproject-org-v1-captain - failurePolicy: Fail - name: vcaptain.kb.io - rules: - - apiGroups: - - crew.testproject.org - apiVersions: - - v1 - operations: - - CREATE - - UPDATE - resources: - - captains - sideEffects: None