Skip to content

Commit

Permalink
custom operator namespace for helm install
Browse files Browse the repository at this point in the history
Removes the creation of the `authorino-operator` namespace from the chart to let it be handled by Helm instead.

Signed-off-by: Guilherme Cassolato <[email protected]>
  • Loading branch information
guicassolato committed Sep 30, 2024
1 parent 67174c9 commit 109c4ba
Show file tree
Hide file tree
Showing 8 changed files with 41 additions and 100 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,7 @@ metadata:
capabilities: Basic Install
categories: Integration & Delivery
containerImage: quay.io/kuadrant/authorino-operator:latest
createdAt: "2024-09-25T08:04:12Z"
createdAt: "2024-09-25T08:34:20Z"
operators.operatorframework.io/builder: operator-sdk-v1.32.0
operators.operatorframework.io/project_layout: go.kubebuilder.io/v3
repository: https://github.com/Kuadrant/authorino-operator
Expand Down
43 changes: 18 additions & 25 deletions charts/authorino-operator/templates/manifests.yaml
Original file line number Diff line number Diff line change
@@ -1,15 +1,8 @@
apiVersion: v1
kind: Namespace
metadata:
labels:
control-plane: authorino-operator
name: authorino-operator
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cert-manager.io/inject-ca-from: authorino-operator/authorino-webhook-server-cert
cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/authorino-webhook-server-cert'
controller-gen.kubebuilder.io/version: v0.15.0
name: authconfigs.authorino.kuadrant.io
spec:
Expand All @@ -19,7 +12,7 @@ spec:
clientConfig:
service:
name: authorino-webhooks
namespace: authorino-operator
namespace: '{{ .Release.Namespace }}'
path: /convert
conversionReviewVersions:
- v1beta1
Expand Down Expand Up @@ -5251,13 +5244,13 @@ apiVersion: v1
kind: ServiceAccount
metadata:
name: authorino-operator
namespace: authorino-operator
namespace: '{{ .Release.Namespace }}'
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: authorino-operator-leader-election
namespace: authorino-operator
namespace: '{{ .Release.Namespace }}'
rules:
- apiGroups:
- ""
Expand Down Expand Up @@ -5628,15 +5621,15 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: authorino-operator-leader-election
namespace: authorino-operator
namespace: '{{ .Release.Namespace }}'
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: authorino-operator-leader-election
subjects:
- kind: ServiceAccount
name: authorino-operator
namespace: authorino-operator
namespace: '{{ .Release.Namespace }}'
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
Expand All @@ -5645,15 +5638,15 @@ metadata:
app: authorino
authorino-component: authorino-webhooks
name: authorino-webhooks-manager
namespace: authorino-operator
namespace: '{{ .Release.Namespace }}'
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: authorino-webhooks-manager-role
subjects:
- kind: ServiceAccount
name: default
namespace: authorino-operator
namespace: '{{ .Release.Namespace }}'
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
Expand All @@ -5666,7 +5659,7 @@ roleRef:
subjects:
- kind: ServiceAccount
name: authorino-operator
namespace: authorino-operator
namespace: '{{ .Release.Namespace }}'
---
apiVersion: v1
data:
Expand All @@ -5685,15 +5678,15 @@ data:
kind: ConfigMap
metadata:
name: manager-config
namespace: authorino-operator
namespace: '{{ .Release.Namespace }}'
---
apiVersion: v1
kind: Service
metadata:
labels:
control-plane: authorino-operator
name: authorino-operator-metrics
namespace: authorino-operator
namespace: '{{ .Release.Namespace }}'
spec:
ports:
- name: metrics
Expand All @@ -5709,7 +5702,7 @@ metadata:
app: authorino
authorino-component: authorino-webhooks
name: authorino-webhooks
namespace: authorino-operator
namespace: '{{ .Release.Namespace }}'
spec:
ports:
- port: 443
Expand All @@ -5725,7 +5718,7 @@ metadata:
labels:
control-plane: authorino-operator
name: authorino-operator
namespace: authorino-operator
namespace: '{{ .Release.Namespace }}'
spec:
replicas: 1
selector:
Expand Down Expand Up @@ -5785,7 +5778,7 @@ metadata:
app: authorino
authorino-component: authorino-webhooks
name: authorino-webhooks
namespace: authorino-operator
namespace: '{{ .Release.Namespace }}'
spec:
selector:
matchLabels:
Expand Down Expand Up @@ -5828,11 +5821,11 @@ metadata:
app: authorino
authorino-component: authorino-webhooks
name: authorino-webhook-server-cert
namespace: authorino-operator
namespace: '{{ .Release.Namespace }}'
spec:
dnsNames:
- authorino-webhooks.authorino-operator.svc
- authorino-webhooks.authorino-operator.svc.cluster.local
- authorino-webhooks.{{ .Release.Namespace }}.svc
- authorino-webhooks.{{ .Release.Namespace }}.svc.cluster.local
issuerRef:
kind: Issuer
name: authorino-webhooks-ca
Expand All @@ -5845,6 +5838,6 @@ metadata:
app: authorino
authorino-component: authorino-webhooks
name: authorino-webhooks-ca
namespace: authorino-operator
namespace: '{{ .Release.Namespace }}'
spec:
selfSigned: {}
68 changes: 3 additions & 65 deletions config/default/kustomization.yaml
Original file line number Diff line number Diff line change
@@ -1,69 +1,7 @@
# Adds namespace to all resources.
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: authorino-operator

# Value of this field is prepended to the
# names of all resources, e.g. a deployment named
# "wordpress" becomes "alices-wordpress".
# Note that it should also match with the prefix (text before '-') of the namespace
# field above.
#namePrefix: authorino-operator-

# Labels to add to all resources and selectors.
#commonLabels:
# someName: someValue

bases:
resources:
- ../crd
- ../rbac
- ../manager
# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in
# crd/kustomization.yaml
#- ../webhook
# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required.
#- ../certmanager
# [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'.
#- ../prometheus

patchesStrategicMerge:
# Mount the controller config file for loading manager configurations
# through a ComponentConfig type
#- manager_config_patch.yaml

# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in
# crd/kustomization.yaml
#- manager_webhook_patch.yaml

# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'.
# Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks.
# 'CERTMANAGER' needs to be enabled to use ca injection
#- webhookcainjection_patch.yaml

# the following config is for teaching kustomize how to do var substitution
vars:
# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix.
#- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR
# objref:
# kind: Certificate
# group: cert-manager.io
# version: v1
# name: serving-cert # this name should match the one in certificate.yaml
# fieldref:
# fieldpath: metadata.namespace
#- name: CERTIFICATE_NAME
# objref:
# kind: Certificate
# group: cert-manager.io
# version: v1
# name: serving-cert # this name should match the one in certificate.yaml
#- name: SERVICE_NAMESPACE # namespace of the service
# objref:
# kind: Service
# version: v1
# name: webhook-service
# fieldref:
# fieldpath: metadata.namespace
#- name: SERVICE_NAME
# objref:
# kind: Service
# version: v1
# name: webhook-service
4 changes: 4 additions & 0 deletions config/deploy/kustomization.yaml
Original file line number Diff line number Diff line change
@@ -1,3 +1,7 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: authorino-operator
resources:
- namespace.yaml
- ../authorino
- ../default
6 changes: 6 additions & 0 deletions config/deploy/namespace.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
apiVersion: v1
kind: Namespace
metadata:
labels:
control-plane: authorino-operator
name: system
7 changes: 5 additions & 2 deletions config/helm/kustomization.yaml
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: authorino-operator
resources:
- ../authorino
- ../default
- ../authorino
- ../default
7 changes: 0 additions & 7 deletions config/manager/manager.yaml
Original file line number Diff line number Diff line change
@@ -1,10 +1,3 @@
apiVersion: v1
kind: Namespace
metadata:
labels:
control-plane: authorino-operator
name: system
---
apiVersion: apps/v1
kind: Deployment
metadata:
Expand Down
4 changes: 4 additions & 0 deletions make/helm.mk
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,16 @@
.PHONY: helm-build
helm-build: $(YQ) kustomize manifests ## Build the helm chart from kustomize manifests
# Replace the controller image
cd config/helm && $(KUSTOMIZE) edit set namespace "{{ .Release.Namespace }}"
cd config/authorino/webhook && $(KUSTOMIZE) edit set namespace "{{ .Release.Namespace }}"
cd config/manager && $(KUSTOMIZE) edit set image controller=$(OPERATOR_IMAGE)
# Build the helm chart templates from kustomize manifests
$(KUSTOMIZE) build config/helm > charts/authorino-operator/templates/manifests.yaml
V="$(BUNDLE_VERSION)" $(YQ) -i e '.version = strenv(V)' charts/authorino-operator/Chart.yaml
# Roll back edit
cd config/manager && $(KUSTOMIZE) edit set image controller=${DEFAULT_OPERATOR_IMAGE}
cd config/helm && $(KUSTOMIZE) edit set namespace authorino-operator
cd config/authorino/webhook && $(KUSTOMIZE) edit set namespace authorino-operator

.PHONY: helm-install
helm-install: $(HELM) ## Install the helm chart
Expand Down

0 comments on commit 109c4ba

Please sign in to comment.