Skip to content

Commit

Permalink
(cleanup) Kustomization (#183)
Browse files Browse the repository at this point in the history 
Closes #155, #160

Signed-off-by: Anik Bhattacharjee <anbhatta@redhat.com>
  • Loading branch information
@anik120
anik120 committed Oct 2, 2023
1 parent 7f903c6 commit 8a90d8d
Show file tree
Hide file tree
Showing 19 changed files with 68 additions and 247 deletions.
3 changes: 1 addition & 2 deletions config/default/kustomization.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,5 +15,4 @@ resources:
- ../crd
- ../rbac
- ../manager
patches:
- path: manager_auth_proxy_patch.yaml

56 changes: 0 additions & 56 deletions config/default/manager_auth_proxy_patch.yaml
View file

This file was deleted.

10 changes: 0 additions & 10 deletions config/default/manager_config_patch.yaml
View file

This file was deleted.

83 changes: 0 additions & 83 deletions config/etcd/etcd.yaml
View file

This file was deleted.

2 changes: 0 additions & 2 deletions config/etcd/kustomization.yaml
View file

This file was deleted.

3 changes: 3 additions & 0 deletions config/rbac/catalogserver_service.yaml → config/manager/catalogserver_service.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,9 @@
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/part-of: olm
app.kubernetes.io/name: catalogd
name: catalogserver
namespace: system
spec:
Expand Down
1 change: 1 addition & 0 deletions config/manager/kustomization.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
resources:
- manager.yaml
- catalogserver_service.yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
images:
Expand Down
63 changes: 47 additions & 16 deletions config/manager/manager.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,8 @@ apiVersion: v1
kind: Namespace
metadata:
labels:
control-plane: controller-manager
app.kubernetes.io/name: namespace
app.kubernetes.io/instance: system
app.kubernetes.io/component: manager
app.kubernetes.io/created-by: catalogd
app.kubernetes.io/part-of: catalogd
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/part-of: olm
app.kubernetes.io/name: catalogd
pod-security.kubernetes.io/enforce: baseline
pod-security.kubernetes.io/enforce-version: latest
name: system
Expand All @@ -19,13 +14,8 @@ metadata:
name: controller-manager
namespace: system
labels:
control-plane: controller-manager
app.kubernetes.io/name: deployment
app.kubernetes.io/instance: controller-manager
app.kubernetes.io/component: manager
app.kubernetes.io/created-by: catalogd
app.kubernetes.io/part-of: catalogd
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/part-of: olm
app.kubernetes.io/name: catalogd
spec:
selector:
matchLabels:
Expand All @@ -38,15 +28,56 @@ spec:
labels:
control-plane: controller-manager
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/arch
operator: In
values:
- amd64
- arm64
- ppc64le
- s390x
- key: kubernetes.io/os
operator: In
values:
- linux
securityContext:
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
containers:
- name: kube-rbac-proxy
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
image: gcr.io/kubebuilder/kube-rbac-proxy:v0.13.0
args:
- --secure-listen-address=0.0.0.0:8443
- --upstream=http://127.0.0.1:8080/
- --logtostderr=true
- --v=0
ports:
- containerPort: 8443
protocol: TCP
name: https
resources:
requests:
cpu: 5m
memory: 64Mi
- command:
- "./manager"
- ./manager
args:
- --leader-elect
- --health-probe-bind-address=:8081
- --metrics-bind-address=127.0.0.1:8080
- --catalogs-storage-dir=/var/cache/catalogs
- --feature-gates=HTTPServer=true
- --http-external-address=http://catalogd-catalogserver.catalogd-system.svc
image: controller:latest
name: manager
volumeMounts:
Expand All @@ -56,7 +87,7 @@ spec:
allowPrivilegeEscalation: false
capabilities:
drop:
- "ALL"
- ALL
livenessProbe:
httpGet:
path: /healthz
Expand Down
2 changes: 0 additions & 2 deletions config/prometheus/kustomization.yaml
View file

This file was deleted.

26 changes: 0 additions & 26 deletions config/prometheus/monitor.yaml
View file

This file was deleted.

8 changes: 2 additions & 6 deletions config/rbac/auth_proxy_client_clusterrole.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,8 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/name: clusterrole
app.kubernetes.io/instance: metrics-reader
app.kubernetes.io/component: kube-rbac-proxy
app.kubernetes.io/created-by: catalogd
app.kubernetes.io/part-of: catalogd
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/part-of: olm
app.kubernetes.io/name: catalogd
name: metrics-reader
rules:
- nonResourceURLs:
Expand Down
8 changes: 2 additions & 6 deletions config/rbac/auth_proxy_role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,8 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/name: clusterrole
app.kubernetes.io/instance: proxy-role
app.kubernetes.io/component: kube-rbac-proxy
app.kubernetes.io/created-by: catalogd
app.kubernetes.io/part-of: catalogd
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/part-of: olm
app.kubernetes.io/name: catalogd
name: proxy-role
rules:
- apiGroups:
Expand Down
8 changes: 2 additions & 6 deletions config/rbac/auth_proxy_role_binding.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,8 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/name: clusterrolebinding
app.kubernetes.io/instance: proxy-rolebinding
app.kubernetes.io/component: kube-rbac-proxy
app.kubernetes.io/created-by: catalogd
app.kubernetes.io/part-of: catalogd
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/part-of: olm
app.kubernetes.io/name: catalogd
name: proxy-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
Expand Down
9 changes: 2 additions & 7 deletions config/rbac/auth_proxy_service.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,13 +2,8 @@ apiVersion: v1
kind: Service
metadata:
labels:
control-plane: controller-manager
app.kubernetes.io/name: service
app.kubernetes.io/instance: controller-manager-metrics-service
app.kubernetes.io/component: kube-rbac-proxy
app.kubernetes.io/created-by: catalogd
app.kubernetes.io/part-of: catalogd
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/part-of: olm
app.kubernetes.io/name: catalogd
name: controller-manager-metrics-service
namespace: system
spec:
Expand Down
1 change: 0 additions & 1 deletion config/rbac/kustomization.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@ resources:
- role_binding.yaml
- leader_election_role.yaml
- leader_election_role_binding.yaml
- catalogserver_service.yaml
# Comment the following 4 lines if you want to disable
# the auth proxy (https://github.com/brancz/kube-rbac-proxy)
# which protects your /metrics endpoint.
Expand Down
8 changes: 2 additions & 6 deletions config/rbac/leader_election_role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,8 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
labels:
app.kubernetes.io/name: role
app.kubernetes.io/instance: leader-election-role
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: catalogd
app.kubernetes.io/part-of: catalogd
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/part-of: olm
app.kubernetes.io/name: catalogd
name: leader-election-role
rules:
- apiGroups:
Expand Down
Loading

0 comments on commit 8a90d8d

Please sign in to comment.