From c77b028e08a5de2395dfbae61d0624edc2a20147 Mon Sep 17 00:00:00 2001 From: Erik Godding Boye Date: Sat, 29 Jun 2024 20:36:21 +0200 Subject: [PATCH] chore: migrate use of deprecated kustomize features --- config/crd/kustomization.yaml | 8 +- config/default/kustomization.yaml | 112 ++++++++++++++---- .../common-labels/kustomization.yaml | 13 +- .../common-labels/label-transformer.yaml | 12 -- .../overlays/crds/kustomization.yaml | 4 +- .../overlays/templates/kustomization.yaml | 4 +- config/manager/kustomization.yaml | 4 +- config/rbac/kustomization.yaml | 4 +- 8 files changed, 112 insertions(+), 49 deletions(-) delete mode 100644 config/kustomize-to-helm/components/common-labels/label-transformer.yaml diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml index 6c2cb71..46e381a 100644 --- a/config/crd/kustomization.yaml +++ b/config/crd/kustomization.yaml @@ -5,10 +5,10 @@ resources: - bases/accurate.cybozu.com_subnamespaces.yaml #+kubebuilder:scaffold:crdkustomizeresource -patchesStrategicMerge: -- patches/cainjection_in_subnamespaces.yaml -- patches/fix-crd.yaml -- patches/webhook_in_subnamespaces.yaml +patches: +- path: patches/cainjection_in_subnamespaces.yaml +- path: patches/fix-crd.yaml +- path: patches/webhook_in_subnamespaces.yaml # the following config is for teaching kustomize how to do kustomization for CRDs. configurations: diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml index 4e40cef..7377b8a 100644 --- a/config/default/kustomization.yaml +++ b/config/default/kustomization.yaml @@ -9,45 +9,117 @@ namespace: accurate namePrefix: accurate- # Labels to add to all resources and selectors. -commonLabels: - app.kubernetes.io/name: accurate +labels: + - includeSelectors: true + pairs: + app.kubernetes.io/name: accurate -bases: +resources: - ../crd - ../rbac - ../manager - ../webhook - ../certmanager -patchesStrategicMerge: -- manager_webhook_patch.yaml -- webhookcainjection_patch.yaml +patches: +- path: manager_webhook_patch.yaml +- path: webhookcainjection_patch.yaml -# the following config is for teaching kustomize how to do var substitution -vars: -- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR - objref: + +replacements: +- source: # Add cert-manager annotation to ValidatingWebhookConfiguration, MutatingWebhookConfiguration and CRDs kind: Certificate group: cert-manager.io version: v1 name: serving-cert # this name should match the one in certificate.yaml - fieldref: - fieldpath: metadata.namespace -- name: CERTIFICATE_NAME - objref: + fieldPath: .metadata.namespace # namespace of the certificate CR + targets: + - select: + kind: ValidatingWebhookConfiguration + fieldPaths: + - .metadata.annotations.[cert-manager.io/inject-ca-from] + options: + delimiter: '/' + index: 0 + create: true + - select: + kind: MutatingWebhookConfiguration + fieldPaths: + - .metadata.annotations.[cert-manager.io/inject-ca-from] + options: + delimiter: '/' + index: 0 + create: true + - select: + kind: CustomResourceDefinition + fieldPaths: + - .metadata.annotations.[cert-manager.io/inject-ca-from] + options: + delimiter: '/' + index: 0 + create: true +- source: kind: Certificate group: cert-manager.io version: v1 name: serving-cert # this name should match the one in certificate.yaml -- name: SERVICE_NAMESPACE # namespace of the service - objref: + fieldPath: .metadata.name + targets: + - select: + kind: ValidatingWebhookConfiguration + fieldPaths: + - .metadata.annotations.[cert-manager.io/inject-ca-from] + options: + delimiter: '/' + index: 1 + create: true + - select: + kind: MutatingWebhookConfiguration + fieldPaths: + - .metadata.annotations.[cert-manager.io/inject-ca-from] + options: + delimiter: '/' + index: 1 + create: true + - select: + kind: CustomResourceDefinition + fieldPaths: + - .metadata.annotations.[cert-manager.io/inject-ca-from] + options: + delimiter: '/' + index: 1 + create: true +- source: # Add cert-manager annotation to the webhook Service kind: Service version: v1 name: webhook-service - fieldref: - fieldpath: metadata.namespace -- name: SERVICE_NAME - objref: + fieldPath: .metadata.name # namespace of the service + targets: + - select: + kind: Certificate + group: cert-manager.io + version: v1 + fieldPaths: + - .spec.dnsNames.0 + - .spec.dnsNames.1 + options: + delimiter: '.' + index: 0 + create: true +- source: kind: Service version: v1 name: webhook-service + fieldPath: .metadata.namespace # namespace of the service + targets: + - select: + kind: Certificate + group: cert-manager.io + version: v1 + fieldPaths: + - .spec.dnsNames.0 + - .spec.dnsNames.1 + options: + delimiter: '.' + index: 1 + create: true diff --git a/config/kustomize-to-helm/components/common-labels/kustomization.yaml b/config/kustomize-to-helm/components/common-labels/kustomization.yaml index f37f1d6..af4a190 100644 --- a/config/kustomize-to-helm/components/common-labels/kustomization.yaml +++ b/config/kustomize-to-helm/components/common-labels/kustomization.yaml @@ -1,8 +1,11 @@ apiVersion: kustomize.config.k8s.io/v1alpha1 kind: Component -commonLabels: - app.kubernetes.io/name: '{{ include "accurate.name" . }}' - -transformers: - - label-transformer.yaml +labels: + - includeSelectors: true + pairs: + app.kubernetes.io/name: '{{ include "accurate.name" . }}' + - pairs: + app.kubernetes.io/version: '{{ .Chart.AppVersion }}' + app.kubernetes.io/managed-by: '{{ .Release.Service }}' + helm.sh/chart: '{{ include "accurate.chart" . }}' diff --git a/config/kustomize-to-helm/components/common-labels/label-transformer.yaml b/config/kustomize-to-helm/components/common-labels/label-transformer.yaml deleted file mode 100644 index 28006ef..0000000 --- a/config/kustomize-to-helm/components/common-labels/label-transformer.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: builtin -kind: LabelTransformer -metadata: - name: helm-metadata-labels -labels: - helm.sh/chart: '{{ include "accurate.chart" . }}' - app.kubernetes.io/name: '{{ include "accurate.name" . }}' - app.kubernetes.io/version: '{{ .Chart.AppVersion }}' - app.kubernetes.io/managed-by: '{{ .Release.Service }}' -fieldSpecs: - - path: metadata/labels - create: true diff --git a/config/kustomize-to-helm/overlays/crds/kustomization.yaml b/config/kustomize-to-helm/overlays/crds/kustomization.yaml index d06365a..aec8fb3 100644 --- a/config/kustomize-to-helm/overlays/crds/kustomization.yaml +++ b/config/kustomize-to-helm/overlays/crds/kustomization.yaml @@ -1,8 +1,8 @@ resources: - ../../../crd -patchesStrategicMerge: - - crd_conversion_patch.yaml +patches: + - path: crd_conversion_patch.yaml components: - ../../components/common-labels diff --git a/config/kustomize-to-helm/overlays/templates/kustomization.yaml b/config/kustomize-to-helm/overlays/templates/kustomization.yaml index a503044..bc2a146 100644 --- a/config/kustomize-to-helm/overlays/templates/kustomization.yaml +++ b/config/kustomize-to-helm/overlays/templates/kustomization.yaml @@ -6,8 +6,8 @@ namespace: '{{ .Release.Namespace }}' namePrefix: '{{ template "accurate.fullname" . }}-' -patchesStrategicMerge: - - webhookcainjection_patch.yaml +patches: + - path: webhookcainjection_patch.yaml components: - ../../components/common-labels diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index ba6746c..d85751c 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -1,5 +1,5 @@ resources: - manager.yaml -patchesStrategicMerge: -- config_patch.yaml +patches: +- path: config_patch.yaml diff --git a/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml index 34c2b12..5eebd7d 100644 --- a/config/rbac/kustomization.yaml +++ b/config/rbac/kustomization.yaml @@ -12,5 +12,5 @@ resources: - subnamespace_editor_role.yaml - subnamespace_viewer_role.yaml -patchesStrategicMerge: -- role_patch.yaml +patches: +- path: role_patch.yaml