diff --git a/groups/restrictions.yaml b/groups/restrictions.yaml index 891b0391db9..1262d71083f 100644 --- a/groups/restrictions.yaml +++ b/groups/restrictions.yaml @@ -22,6 +22,7 @@ restrictions: - "^k8s-infra-staging-etcd@kubernetes.io$" - "^k8s-infra-staging-storage-migrator@kubernetes.io$" - "^sig-api-machinery-cel-dev@kubernetes.io$" + - "^k8s-infra-staging-kubebuilder@kubernetes.io$" - path: "sig-apps/groups.yaml" allowedGroups: - "^k8s-infra-staging-examples@kubernetes.io$" diff --git a/groups/sig-api-machinery/groups.yaml b/groups/sig-api-machinery/groups.yaml index 529b8cdd949..f74a4bc429a 100644 --- a/groups/sig-api-machinery/groups.yaml +++ b/groups/sig-api-machinery/groups.yaml @@ -75,6 +75,16 @@ groups: - wenjiazhang@google.com - jingyih@google.com - yczhou@google.com + + - email-id: k8s-infra-staging-kubebuilder@kubernetes.io + name: k8s-infra-staging-kubebuilder + description: |- + ACL for pushing kubebuilder artifacts + settings: + ReconcileMembers: "true" + members: + - camilamacedo86@gmail.com + # # k8s-infra gcs write access # diff --git a/infra/gcp/infra.yaml b/infra/gcp/infra.yaml index 4e83f8afee4..a4c0d381f5d 100644 --- a/infra/gcp/infra.yaml +++ b/infra/gcp/infra.yaml @@ -306,6 +306,7 @@ infra: k8s-staging-krm-functions: k8s-staging-kube-state-metrics: k8s-staging-kubeadm: + k8s-staging-kubebuilder: k8s-staging-kueue: k8s-staging-kubernetes: k8s-staging-kubetest2: diff --git a/k8s.gcr.io/images/k8s-staging-kubebuilder/OWNERS b/k8s.gcr.io/images/k8s-staging-kubebuilder/OWNERS new file mode 100644 index 00000000000..be9de6a833d --- /dev/null +++ b/k8s.gcr.io/images/k8s-staging-kubebuilder/OWNERS @@ -0,0 +1,10 @@ +# See the OWNERS file documentation: +# https://github.com/kubernetes/community/blob/master/contributors/devel/owners.md + +approvers: +- pwittrock +- camilamacedo86 +- varshaprasad96 + +labels: +- sig/api-machinery diff --git a/k8s.gcr.io/images/k8s-staging-kubebuilder/images.yaml b/k8s.gcr.io/images/k8s-staging-kubebuilder/images.yaml new file mode 100644 index 00000000000..b90d6e9f574 --- /dev/null +++ b/k8s.gcr.io/images/k8s-staging-kubebuilder/images.yaml @@ -0,0 +1,5 @@ +# kube-rbac-proxy images +# https://github.com/kubernetes-sigs/kubebuilder/tree/kube-rbac-proxy-releases/build +#- name: kube-rbac-proxy +# dmap: +# "sha256:56633bd00dab33d92ba14c6e709126a762d54a75a6e72437adefeaaca0abb069": ["v0.34.0"] #<- should be the sha image from cloudbuild and the release version diff --git a/k8s.gcr.io/manifests/k8s-staging-kubebuilder/promoter-manifest.yaml b/k8s.gcr.io/manifests/k8s-staging-kubebuilder/promoter-manifest.yaml new file mode 100644 index 00000000000..11ccdf84ba9 --- /dev/null +++ b/k8s.gcr.io/manifests/k8s-staging-kubebuilder/promoter-manifest.yaml @@ -0,0 +1,50 @@ +# google group for gcr.io/k8s-staging-kubebuilder is k8s-infra-staging-kubebuilder@kubernetes.io +registries: + - name: gcr.io/k8s-staging-kubebuilder + src: true + - name: us.gcr.io/k8s-artifacts-prod/kubebuilder + service-account: k8s-infra-gcr-promoter@k8s-artifacts-prod.iam.gserviceaccount.com + - name: eu.gcr.io/k8s-artifacts-prod/kubebuilder + service-account: k8s-infra-gcr-promoter@k8s-artifacts-prod.iam.gserviceaccount.com + - name: asia.gcr.io/k8s-artifacts-prod/kubebuilder + service-account: k8s-infra-gcr-promoter@k8s-artifacts-prod.iam.gserviceaccount.com + - name: asia-east1-docker.pkg.dev/k8s-artifacts-prod/images/kubebuilder + service-account: k8s-infra-gcr-promoter@k8s-artifacts-prod.iam.gserviceaccount.com + - name: asia-south1-docker.pkg.dev/k8s-artifacts-prod/images/kubebuilder + service-account: k8s-infra-gcr-promoter@k8s-artifacts-prod.iam.gserviceaccount.com + - name: asia-northeast1-docker.pkg.dev/k8s-artifacts-prod/images/kubebuilder + service-account: k8s-infra-gcr-promoter@k8s-artifacts-prod.iam.gserviceaccount.com + - name: asia-northeast2-docker.pkg.dev/k8s-artifacts-prod/images/kubebuilder + service-account: k8s-infra-gcr-promoter@k8s-artifacts-prod.iam.gserviceaccount.com + - name: australia-southeast1-docker.pkg.dev/k8s-artifacts-prod/images/kubebuilder + service-account: k8s-infra-gcr-promoter@k8s-artifacts-prod.iam.gserviceaccount.com + - name: europe-north1-docker.pkg.dev/k8s-artifacts-prod/images/kubebuilder + service-account: k8s-infra-gcr-promoter@k8s-artifacts-prod.iam.gserviceaccount.com + - name: europe-southwest1-docker.pkg.dev/k8s-artifacts-prod/images/kubebuilder + service-account: k8s-infra-gcr-promoter@k8s-artifacts-prod.iam.gserviceaccount.com + - name: europe-west1-docker.pkg.dev/k8s-artifacts-prod/images/kubebuilder + service-account: k8s-infra-gcr-promoter@k8s-artifacts-prod.iam.gserviceaccount.com + - name: europe-west2-docker.pkg.dev/k8s-artifacts-prod/images/kubebuilder + service-account: k8s-infra-gcr-promoter@k8s-artifacts-prod.iam.gserviceaccount.com + - name: europe-west4-docker.pkg.dev/k8s-artifacts-prod/images/kubebuilder + service-account: k8s-infra-gcr-promoter@k8s-artifacts-prod.iam.gserviceaccount.com + - name: europe-west8-docker.pkg.dev/k8s-artifacts-prod/images/kubebuilder + service-account: k8s-infra-gcr-promoter@k8s-artifacts-prod.iam.gserviceaccount.com + - name: europe-west9-docker.pkg.dev/k8s-artifacts-prod/images/kubebuilder + service-account: k8s-infra-gcr-promoter@k8s-artifacts-prod.iam.gserviceaccount.com + - name: southamerica-west1-docker.pkg.dev/k8s-artifacts-prod/images/kubebuilder + service-account: k8s-infra-gcr-promoter@k8s-artifacts-prod.iam.gserviceaccount.com + - name: us-central1-docker.pkg.dev/k8s-artifacts-prod/images/kubebuilder + service-account: k8s-infra-gcr-promoter@k8s-artifacts-prod.iam.gserviceaccount.com + - name: us-east1-docker.pkg.dev/k8s-artifacts-prod/images/kubebuilder + service-account: k8s-infra-gcr-promoter@k8s-artifacts-prod.iam.gserviceaccount.com + - name: us-east4-docker.pkg.dev/k8s-artifacts-prod/images/kubebuilder + service-account: k8s-infra-gcr-promoter@k8s-artifacts-prod.iam.gserviceaccount.com + - name: us-east5-docker.pkg.dev/k8s-artifacts-prod/images/kubebuilder + service-account: k8s-infra-gcr-promoter@k8s-artifacts-prod.iam.gserviceaccount.com + - name: us-south1-docker.pkg.dev/k8s-artifacts-prod/images/kubebuilder + service-account: k8s-infra-gcr-promoter@k8s-artifacts-prod.iam.gserviceaccount.com + - name: us-west1-docker.pkg.dev/k8s-artifacts-prod/images/kubebuilder + service-account: k8s-infra-gcr-promoter@k8s-artifacts-prod.iam.gserviceaccount.com + - name: us-west2-docker.pkg.dev/k8s-artifacts-prod/images/kubebuilder + service-account: k8s-infra-gcr-promoter@k8s-artifacts-prod.iam.gserviceaccount.com