From d817f634160a0dca967eca573f342f72f92b6e3d Mon Sep 17 00:00:00 2001 From: Knative Automation Date: Tue, 22 Oct 2024 14:23:59 -0400 Subject: [PATCH] upgrade to latest dependencies (#1924) Signed-off-by: Knative Automation --- .../eventing-source/1.16/github/github.yaml | 1344 +++++++++++++++++ .../eventing-source/1.16/gitlab/gitlab.yaml | 982 ++++++++++++ .../1.16/redis/redis-source.yaml | 997 ++++++++++++ 3 files changed, 3323 insertions(+) create mode 100644 cmd/operator/kodata/eventing-source/1.16/github/github.yaml create mode 100644 cmd/operator/kodata/eventing-source/1.16/gitlab/gitlab.yaml create mode 100644 cmd/operator/kodata/eventing-source/1.16/redis/redis-source.yaml diff --git a/cmd/operator/kodata/eventing-source/1.16/github/github.yaml b/cmd/operator/kodata/eventing-source/1.16/github/github.yaml new file mode 100644 index 000000000..1e7655425 --- /dev/null +++ b/cmd/operator/kodata/eventing-source/1.16/github/github.yaml @@ -0,0 +1,1344 @@ +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Namespace +metadata: + name: knative-sources + labels: + contrib.eventing.knative.dev/release: "v1.16.0" + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: github-controller-manager + namespace: knative-sources + labels: + contrib.eventing.knative.dev/release: "v1.16.0" + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: github-webhook + namespace: knative-sources + labels: + contrib.eventing.knative.dev/release: "v1.16.0" + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: eventing-sources-github-controller + labels: + contrib.eventing.knative.dev/release: "v1.16.0" +rules: + # Sources admin + - apiGroups: + - sources.knative.dev + resources: + - githubsources + verbs: &everything + - get + - list + - watch + - create + - update + - patch + - delete + # Sources finalizer + - apiGroups: + - sources.knative.dev + resources: + - githubsources/finalizers + verbs: *everything + # Source statuses update + - apiGroups: + - sources.knative.dev + resources: + - githubsources/status + verbs: + - get + - update + - patch + # Deployments admin + - apiGroups: + - apps + resources: + - deployments + verbs: *everything + # Knative Services admin + - apiGroups: + - serving.knative.dev + resources: + - services + verbs: *everything + # Secrets read + - apiGroups: + - "" + resources: + - secrets + - services + verbs: + - get + - list + - watch + # Events admin + - apiGroups: + - "" + resources: + - events + - configmaps + verbs: *everything + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: *everything + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# The role is needed for the aggregated role source-observer in knative-eventing to provide readonly access to "Sources". +# Ref: https://github.com/knative/eventing/tree/master/config/core/rolessource-observer-clusterrole.yaml. +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: eventing-contrib-github-source-observer + labels: + eventing.knative.dev/release: devel + duck.knative.dev/source: "true" +rules: + - apiGroups: + - "sources.knative.dev" + resources: + - "githubsources" + verbs: + - get + - list + - watch + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: eventing-sources-github-addressable-resolver + labels: + contrib.eventing.knative.dev/release: "v1.16.0" +subjects: + - kind: ServiceAccount + name: github-controller-manager + namespace: knative-sources +# An aggregated ClusterRole for all Addressable CRDs. +# Ref: https://github.com/knative/eventing/tree/master/config/core/rolesaddressable-resolvers-clusterrole.yaml +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: addressable-resolver + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: eventing-sources-github-controller + labels: + contrib.eventing.knative.dev/release: "v1.16.0" +subjects: + - kind: ServiceAccount + name: github-controller-manager + namespace: knative-sources +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: eventing-sources-github-controller + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: eventing-sources-github-podspecable-binding + labels: + contrib.eventing.knative.dev/release: "v1.16.0" +subjects: + - kind: ServiceAccount + name: github-webhook + namespace: knative-sources +roleRef: + kind: ClusterRole + name: podspecable-binding + apiGroup: rbac.authorization.k8s.io + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: eventing-sources-github-webhook + labels: + contrib.eventing.knative.dev/release: "v1.16.0" +subjects: + - kind: ServiceAccount + name: github-webhook + namespace: knative-sources +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: github-webhook + +--- +# Copyright 2020 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: github-webhook + labels: + contrib.eventing.knative.dev/release: "v1.16.0" +rules: + # Sources admin + - apiGroups: + - sources.knative.dev + resources: + - githubsources + verbs: &everything + - get + - list + - watch + - create + - update + - patch + - delete + # Sources finalizer + - apiGroups: + - sources.knative.dev + resources: + - githubsources/finalizers + verbs: *everything + # Source statuses update + - apiGroups: + - sources.knative.dev + resources: + - githubsources/status + verbs: + - get + - update + - patch + # Deployments admin + - apiGroups: + - apps + resources: + - deployments + verbs: *everything + # Knative Services admin + - apiGroups: + - serving.knative.dev + resources: + - services + verbs: *everything + # Secrets read + - apiGroups: + - "" + resources: + - secrets + - services + verbs: + - get + - list + - watch + # Namespace labelling for webhook + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch + - patch + # Events admin + - apiGroups: + - "" + resources: + - events + - configmaps + verbs: *everything + # EventTypes admin + - apiGroups: + - eventing.knative.dev + resources: + - eventtypes + verbs: *everything + # For manipulating certs into secrets. + - apiGroups: + - "" + resources: + - "secrets" + verbs: + - "get" + - "create" + - "update" + - "list" + - "watch" + # For actually registering our webhook. + - apiGroups: + - "admissionregistration.k8s.io" + resources: + - "mutatingwebhookconfigurations" + - "validatingwebhookconfigurations" + verbs: *everything + # Bindings admin + - apiGroups: + - bindings.knative.dev + resources: + - githubbindings + verbs: &everything + - get + - list + - watch + - create + - update + - patch + - delete + # Bindings finalizer + - apiGroups: + - bindings.knative.dev + resources: + - githubbindings/finalizers + verbs: *everything + # Source statuses update + - apiGroups: + - bindings.knative.dev + resources: + - githubbindings/status + verbs: + - get + - update + - patch + # For leader election + - apiGroups: + - "coordination.k8s.io" + resources: + - "leases" + verbs: *everything + +--- +# Copyright 2020 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + contrib.eventing.knative.dev/release: "v1.16.0" + duck.knative.dev/binding: "true" + knative.dev/crd-install: "true" + name: githubbindings.bindings.knative.dev +spec: + group: bindings.knative.dev + names: + categories: + - all + - knative + - eventing + - bindings + kind: GitHubBinding + plural: githubbindings + scope: Namespaced + versions: + - name: v1alpha1 + served: true + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + additionalPrinterColumns: + - name: Ready + type: string + jsonPath: ".status.conditions[?(@.type=='Ready')].status" + - name: Reason + type: string + jsonPath: ".status.conditions[?(@.type=='Ready')].reason" + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: githubsources.sources.knative.dev + labels: + contrib.eventing.knative.dev/release: "v1.16.0" + eventing.knative.dev/source: "true" + duck.knative.dev/source: "true" + knative.dev/crd-install: "true" + annotations: + # TODO add schemas and descriptions + registry.knative.dev/eventTypes: | + [ + { "type": "dev.knative.source.github.check_suite" }, + { "type": "dev.knative.source.github.commit_comment" }, + { "type": "dev.knative.source.github.create" }, + { "type": "dev.knative.source.github.delete" }, + { "type": "dev.knative.source.github.deployment" }, + { "type": "dev.knative.source.github.deployment_status" }, + { "type": "dev.knative.source.github.fork" }, + { "type": "dev.knative.source.github.gollum" }, + { "type": "dev.knative.source.github.installation" }, + { "type": "dev.knative.source.github.integration_installation" }, + { "type": "dev.knative.source.github.issue_comment" }, + { "type": "dev.knative.source.github.issues" }, + { "type": "dev.knative.source.github.label" }, + { "type": "dev.knative.source.github.member" }, + { "type": "dev.knative.source.github.membership" }, + { "type": "dev.knative.source.github.milestone" }, + { "type": "dev.knative.source.github.organization" }, + { "type": "dev.knative.source.github.org_block" }, + { "type": "dev.knative.source.github.page_build" }, + { "type": "dev.knative.source.github.ping" }, + { "type": "dev.knative.source.github.project_card" }, + { "type": "dev.knative.source.github.project_column" }, + { "type": "dev.knative.source.github.project" }, + { "type": "dev.knative.source.github.public" }, + { "type": "dev.knative.source.github.pull_request" }, + { "type": "dev.knative.source.github.pull_request_review" }, + { "type": "dev.knative.source.github.pull_request_review_comment" }, + { "type": "dev.knative.source.github.push" }, + { "type": "dev.knative.source.github.release" }, + { "type": "dev.knative.source.github.repository" }, + { "type": "dev.knative.source.github.status" }, + { "type": "dev.knative.source.github.team" }, + { "type": "dev.knative.source.github.team_add" }, + { "type": "dev.knative.source.github.watch" } + ] +spec: + group: sources.knative.dev + names: + categories: + - all + - knative + - eventing + - sources + kind: GitHubSource + plural: githubsources + scope: Namespaced + versions: + - name: v1alpha1 + served: true + storage: true + subresources: + status: {} + additionalPrinterColumns: + - name: Ready + type: string + jsonPath: ".status.conditions[?(@.type=='Ready')].status" + - name: Reason + type: string + jsonPath: ".status.conditions[?(@.type=='Ready')].reason" + - name: Sink + type: string + jsonPath: ".status.sinkUri" + - name: Age + type: date + jsonPath: .metadata.creationTimestamp + schema: + openAPIV3Schema: + type: object + properties: + spec: + properties: + githubAPIURL: + description: URL for enterprise GitHub + type: string + ownerAndRepository: + description: Reference to the GitHub repository to receive events from, in the format user/repository. + type: string + minLength: 1 + eventTypes: + description: List of webhooks to enable on the selected GitHub repository. + type: array + items: + enum: + - check_suite + - commit_comment + - create + - delete + - deployment + - deployment_status + - fork + - gollum + - installation + - integration_installation + - issue_comment + - issues + - label + - member + - membership + - milestone + - organization + - org_block + - page_build + - ping + - project_card + - project_column + - project + - public + - pull_request + - pull_request_review + - pull_request_review_comment + - push + - release + - repository + - status + - team + - team_add + - watch + type: string + minItems: 1 + accessToken: + description: Access token for the GitHub API. + type: object + properties: + secretKeyRef: + description: A reference to a Kubernetes Secret object containing a GitHub access token. + type: object + properties: + name: + description: The name of the Kubernetes Secret object which contains the GitHub access token. + type: string + key: + description: The key which contains the GitHub access token within the Kubernetes Secret object referenced by name. + type: string + required: + - name + - key + secretToken: + description: Arbitrary token used to validate requests to webhooks. + type: object + properties: + secretKeyRef: + description: A reference to a Kubernetes Secret object containing the webhook token. + type: object + properties: + name: + description: The name of the Kubernetes Secret object which contains the webhook token. + type: string + key: + description: The key which contains the webhook token within the Kubernetes Secret object referenced by name. + type: string + required: + - name + - key + ceOverrides: + type: object + description: Defines overrides to control modifications of the event sent to the sink. + properties: + extensions: + type: object + additionalProperties: + type: string + minLength: 1 + required: + - extensions + serviceAccountName: + type: string + sink: + description: The destination of events received from webhooks. + type: object + properties: + ref: + description: Reference to an addressable Kubernetes object to be used as the destination of events. + type: object + properties: + apiVersion: + type: string + minLength: 1 + kind: + type: string + minLength: 1 + namespace: + type: string + minLength: 1 + name: + type: string + minLength: 1 + required: + - apiVersion + - kind + - name + uri: + description: URI to use as the destination of events. + type: string + format: uri + oneOf: + - required: [ref] + - required: [uri] + secure: + type: boolean + description: Secure can be set to true to configure the webhook to use https, or false to use http. Omitting it relies on the scheme of the Knative Service created. + required: + - ownerAndRepository + - eventTypes + - accessToken + - secretToken + type: object + status: + properties: + conditions: + items: + properties: + lastTransitionTime: + # we use a string in the stored object but a wrapper object + # at runtime. + type: string + message: + type: string + reason: + type: string + severity: + type: string + status: + type: string + type: + type: string + required: + - type + - status + type: object + type: array + sinkUri: + type: string + webhookIDKey: + type: string + type: object + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: github-controller + namespace: knative-sources + labels: + contrib.eventing.knative.dev/release: "v1.16.0" + control-plane: github-controller-manager +spec: + selector: + control-plane: github-controller-manager + ports: + - name: https-github + port: 443 + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: github-controller-manager + namespace: knative-sources + labels: + contrib.eventing.knative.dev/release: "v1.16.0" + control-plane: github-controller-manager +spec: + selector: + matchLabels: &labels + control-plane: github-controller-manager + serviceName: github-controller-manager + template: + metadata: + labels: *labels + spec: + serviceAccountName: github-controller-manager + containers: + - image: gcr.io/knative-releases/knative.dev/eventing-github/cmd/controller@sha256:f4877757583e45976bca956c90f55782a8c9d5e6576ced3998ad9f88723cbd1a + name: manager + env: + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CONFIG_LOGGING_NAME + value: config-logging + - name: CONFIG_OBSERVABILITY_NAME + value: config-observability + - name: CONFIG_LEADERELECTION_NAME + value: config-leader-election-github + - name: METRICS_DOMAIN + value: knative.dev/sources + - name: GH_RA_IMAGE + value: gcr.io/knative-releases/knative.dev/eventing-github/cmd/receive_adapter@sha256:04eb348151b708d5d99f95d17b3cca2a09cafec524bb629579425b6d32d4ce41 + resources: + requests: + cpu: 100m + memory: 100Mi + limits: + cpu: 1000m + memory: 1000Mi + terminationGracePeriodSeconds: 10 + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + name: defaulting.webhook.github.sources.knative.dev + labels: + contrib.eventing.knative.dev/release: "v1.16.0" +webhooks: + - admissionReviewVersions: + - v1beta1 + clientConfig: + service: + name: github-webhook + namespace: knative-sources + failurePolicy: Fail + name: defaulting.webhook.github.sources.knative.dev + sideEffects: None +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + name: validation.webhook.github.sources.knative.dev + labels: + contrib.eventing.knative.dev/release: "v1.16.0" +webhooks: + - admissionReviewVersions: + - v1beta1 + clientConfig: + service: + name: github-webhook + namespace: knative-sources + failurePolicy: Fail + name: validation.webhook.github.sources.knative.dev + sideEffects: None +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + name: githubbindings.webhook.github.sources.knative.dev + labels: + samples.knative.dev/release: devel +webhooks: + - admissionReviewVersions: + - v1beta1 + clientConfig: + service: + name: github-webhook + namespace: knative-sources + failurePolicy: Fail + name: githubbindings.webhook.github.sources.knative.dev + sideEffects: None +--- +apiVersion: v1 +kind: Secret +metadata: + name: github-webhook-certs + namespace: knative-sources + labels: + contrib.eventing.knative.dev/release: "v1.16.0" +# The data is populated at install time. + +--- +# Copyright 2020 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: github-webhook + namespace: knative-sources + labels: + contrib.eventing.knative.dev/release: "v1.16.0" +spec: + replicas: 1 + selector: + matchLabels: &labels + app: github-webhook + role: github-webhook + template: + metadata: + annotations: + sidecar.istio.io/inject: "false" + labels: *labels + spec: + serviceAccountName: github-webhook + containers: + - name: github-webhook + terminationMessagePolicy: FallbackToLogsOnError + image: gcr.io/knative-releases/knative.dev/eventing-github/cmd/webhook@sha256:d7283546e952f4870fd058e3cb69be75687efe7cdc1dec60ad7fe763b766f5da + env: + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CONFIG_LOGGING_NAME + value: config-logging + - name: METRICS_DOMAIN + value: knative.dev/eventing + - name: WEBHOOK_NAME + value: github-webhook + ports: + - containerPort: 9090 + name: metrics + # TODO set proper resource limits. + + readinessProbe: &probe + periodSeconds: 1 + httpGet: + scheme: HTTPS + port: 8443 + httpHeaders: + - name: k-kubelet-probe + value: "webhook" + livenessProbe: *probe +--- +apiVersion: v1 +kind: Service +metadata: + labels: + eventing.knative.dev/release: devel + role: github-webhook + name: github-webhook + namespace: knative-sources +spec: + ports: + - name: https-webhook + port: 443 + targetPort: 8443 + selector: + role: github-webhook + +--- +# Copyright 2020 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: config-leader-election-github + namespace: knative-sources + labels: + contrib.eventing.knative.dev/release: "v1.16.0" +data: + # An inactive but valid configuration follows; see example. + resourceLock: "leases" + leaseDuration: "15s" + renewDeadline: "10s" + retryPeriod: "2s" + _example: | + ################################ + # # + # EXAMPLE CONFIGURATION # + # # + ################################ + + # This block is not actually functional configuration, + # but serves to illustrate the available configuration + # options and document them in a way that is accessible + # to users that `kubectl edit` this config map. + # + # These sample configuration options may be copied out of + # this example block and unindented to be in the data block + # to actually change the configuration. + + # resourceLock controls which API resource is used as the basis for the + # leader election lock. Valid values are: + # + # - leases -> use the coordination API + # - configmaps -> use configmaps + # - endpoints -> use endpoints + resourceLock: "leases" + + # leaseDuration is how long non-leaders will wait to try to acquire the + # lock; 15 seconds is the value used by core kubernetes controllers. + leaseDuration: "15s" + # renewDeadline is how long a leader will try to renew the lease before + # giving up; 10 seconds is the value used by core kubernetes controllers. + renewDeadline: "10s" + # retryPeriod is how long the leader election client waits between tries of + # actions; 2 seconds is the value used by core kuberntes controllers. + retryPeriod: "2s" + # enabledComponents is a comma-delimited list of component names for which + # leader election is enabled. Valid values are: + # + # - github-controller + enabledComponents: "github-controller" + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: config-logging + namespace: knative-sources +data: + # Common configuration for all Knative codebase + zap-logger-config: | + { + "level": "info", + "development": false, + "outputPaths": ["stdout"], + "errorOutputPaths": ["stderr"], + "encoding": "json", + "encoderConfig": { + "timeKey": "ts", + "levelKey": "level", + "nameKey": "logger", + "callerKey": "caller", + "messageKey": "msg", + "stacktraceKey": "stacktrace", + "lineEnding": "", + "levelEncoder": "", + "timeEncoder": "iso8601", + "durationEncoder": "", + "callerEncoder": "" + } + } + # Log level overrides + # For all components changes are be picked up immediately. + loglevel.controller: "info" + loglevel.webhook: "info" + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: config-observability + namespace: knative-sources +data: + _example: | + ################################ + # # + # EXAMPLE CONFIGURATION # + # # + ################################ + + # This block is not actually functional configuration, + # but serves to illustrate the available configuration + # options and document them in a way that is accessible + # to users that `kubectl edit` this config map. + # + # These sample configuration options may be copied out of + # this example block and unindented to be in the data block + # to actually change the configuration. + + # logging.enable-var-log-collection defaults to false. + # A fluentd sidecar will be set up to collect var log if + # this flag is true. + logging.enable-var-log-collection: false + + # logging.fluentd-sidecar-image provides the fluentd sidecar image + # to inject as a sidecar to collect logs from /var/log. + # Must be presented if logging.enable-var-log-collection is true. + logging.fluentd-sidecar-image: registry.k8s.io/fluentd-elasticsearch:v2.0.4 + + # logging.fluentd-sidecar-output-config provides the configuration + # for the fluentd sidecar, which will be placed into a configmap and + # mounted into the fluentd sidecar image. + logging.fluentd-sidecar-output-config: | + # Parse json log before sending to Elastic Search + + @type parser + key_name log + + @type multi_format + + format json + time_key fluentd-time # fluentd-time is reserved for structured logs + time_format %Y-%m-%dT%H:%M:%S.%NZ + + + format none + message_key log + + + + # Send to Elastic Search + + @id elasticsearch + @type elasticsearch + @log_level info + include_tag_key true + # Elasticsearch service is in monitoring namespace. + host elasticsearch-logging.knative-monitoring + port 9200 + logstash_format true + + @type file + path /var/log/fluentd-buffers/kubernetes.system.buffer + flush_mode interval + retry_type exponential_backoff + flush_thread_count 2 + flush_interval 5s + retry_forever + retry_max_interval 30 + chunk_limit_size 2M + queue_limit_length 8 + overflow_action block + + + + # logging.revision-url-template provides a template to use for producing the + # logging URL that is injected into the status of each Revision. + # This value is what you might use the the Knative monitoring bundle, and provides + # access to Kibana after setting up kubectl proxy. + logging.revision-url-template: | + http://localhost:8001/api/v1/namespaces/knative-monitoring/services/kibana-logging/proxy/app/kibana#/discover?_a=(query:(match:(kubernetes.labels.knative-dev%2FrevisionUID:(query:'${REVISION_UID}',type:phrase)))) + + # If non-empty, this enables queue proxy writing request logs to stdout. + # The value determines the shape of the request logs and it must be a valid go text/template. + # It is important to keep this as a single line. Multiple lines are parsed as separate entities + # by most collection agents and will split the request logs into multiple records. + # + # The following fields and functions are available to the template: + # + # Request: An http.Request (see https://golang.org/pkg/net/http/#Request) + # representing an HTTP request received by the server. + # + # Response: + # struct { + # Code int // HTTP status code (see https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml) + # Size int // An int representing the size of the response. + # Latency float64 // A float64 representing the latency of the response in seconds. + # } + # + # Revision: + # struct { + # Name string // Knative revision name + # Namespace string // Knative revision namespace + # Service string // Knative service name + # Configuration string // Knative configuration name + # PodName string // Name of the pod hosting the revision + # PodIP string // IP of the pod hosting the revision + # } + # + logging.request-log-template: '{"httpRequest": {"requestMethod": "{{.Request.Method}}", "requestUrl": "{{js .Request.RequestURI}}", "requestSize": "{{.Request.ContentLength}}", "status": {{.Response.Code}}, "responseSize": "{{.Response.Size}}", "userAgent": "{{js .Request.UserAgent}}", "remoteIp": "{{js .Request.RemoteAddr}}", "serverIp": "{{.Revision.PodIP}}", "referer": "{{js .Request.Referer}}", "latency": "{{.Response.Latency}}s", "protocol": "{{.Request.Proto}}"}, "traceId": "{{index .Request.Header "X-B3-Traceid"}}"}' + + # metrics.backend-destination field specifies the system metrics destination. + # It supports either prometheus (the default) or stackdriver. + # Note: Using stackdriver will incur additional charges + metrics.backend-destination: prometheus + + # metrics.request-metrics-backend-destination specifies the request metrics + # destination. If non-empty, it enables queue proxy to send request metrics. + # Currently supported values: prometheus, stackdriver. + metrics.request-metrics-backend-destination: prometheus + + # metrics.stackdriver-project-id field specifies the stackdriver project ID. This + # field is optional. When running on GCE, application default credentials will be + # used if this field is not provided. + metrics.stackdriver-project-id: "" + + # metrics.allow-stackdriver-custom-metrics indicates whether it is allowed to send metrics to + # Stackdriver using "global" resource type and custom metric type if the + # metrics are not supported by "knative_revision" resource type. Setting this + # flag to "true" could cause extra Stackdriver charge. + # If metrics.backend-destination is not Stackdriver, this is ignored. + metrics.allow-stackdriver-custom-metrics: "false" + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: config-tracing + namespace: knative-sources + labels: + eventing.knative.dev/release: devel + knative.dev/config-propagation: original + knative.dev/config-category: eventing +data: + _example: | + ################################ + # # + # EXAMPLE CONFIGURATION # + # # + ################################ + # This block is not actually functional configuration, + # but serves to illustrate the available configuration + # options and document them in a way that is accessible + # to users that `kubectl edit` this config map. + # + # These sample configuration options may be copied out of + # this example block and unindented to be in the data block + # to actually change the configuration. + # + # This may be "zipkin" or "stackdriver", the default is "none" + backend: "none" + + # URL to zipkin collector where traces are sent. + # This must be specified when backend is "zipkin" + zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans" + + # The GCP project into which stackdriver metrics will be written + # when backend is "stackdriver". If unspecified, the project-id + # is read from GCP metadata when running on GCP. + stackdriver-project-id: "my-project" + + # Enable zipkin debug mode. This allows all spans to be sent to the server + # bypassing sampling. + debug: "false" + + # Percentage (0-1) of requests to trace + sample-rate: "0.1" + +--- diff --git a/cmd/operator/kodata/eventing-source/1.16/gitlab/gitlab.yaml b/cmd/operator/kodata/eventing-source/1.16/gitlab/gitlab.yaml new file mode 100644 index 000000000..aec6ad3f3 --- /dev/null +++ b/cmd/operator/kodata/eventing-source/1.16/gitlab/gitlab.yaml @@ -0,0 +1,982 @@ +# Copyright 2020 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Namespace +metadata: + name: knative-sources + labels: + contrib.eventing.knative.dev/release: "v1.16.0" + +--- +# Copyright 2020 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: gitlab-controller-manager + namespace: knative-sources + labels: + contrib.eventing.knative.dev/release: "v1.16.0" +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: gitlab-webhook + namespace: knative-sources + labels: + contrib.eventing.knative.dev/release: "v1.16.0" + +--- +# Copyright 2020 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: gitlabsource-manager-role + labels: + contrib.eventing.knative.dev/release: "v1.16.0" +rules: + - apiGroups: + - sources.knative.dev + resources: + - gitlabsources + verbs: &everything + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - sources.knative.dev + resources: + - gitlabsources/status + verbs: + - get + - update + - patch + - apiGroups: + - sources.knative.dev + resources: + - gitlabsources/finalizers + verbs: *everything + - apiGroups: + - serving.knative.dev + resources: + - services + verbs: *everything + - apiGroups: + - "" + resources: + - services + - secrets + verbs: + - get + - list + - watch + # Webhook controller needs it to update certs in secret + - update + # Deployments admin + - apiGroups: + - apps + resources: + - deployments + verbs: *everything + # Events admin + - apiGroups: + - "" + resources: + - events + - configmaps + verbs: *everything + # Acquire leases for leader election + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - create + - update +--- +# The role is needed for the aggregated role source-observer in knative-eventing to provide readonly access to "Sources". +# See https://knative.dev/eventing/blob/master/config/200-source-observer-clusterrole.yaml. +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: eventing-contrib-gitlab-source-observer + labels: + contrib.eventing.knative.dev/release: "v1.16.0" + duck.knative.dev/source: "true" +rules: + - apiGroups: + - "sources.knative.dev" + resources: + - "gitlabsources" + verbs: + - get + - list + - watch + +--- +# Copyright 2020 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: gitlabsource-manager-rolebinding + labels: + contrib.eventing.knative.dev/release: "v1.16.0" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: gitlabsource-manager-role +subjects: + - kind: ServiceAccount + name: gitlab-controller-manager + namespace: knative-sources +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: eventing-sources-gitlab-addressable-resolver + labels: + contrib.eventing.knative.dev/release: "v1.16.0" +subjects: + - kind: ServiceAccount + name: gitlab-controller-manager + namespace: knative-sources +# An aggregated ClusterRole for all Addressable CRDs. +# Ref: https://github.com/knative/eventing/tree/master/config/core/rolesaddressable-resolvers-clusterrole.yaml +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: addressable-resolver +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: eventing-sources-gitlab-webhook + labels: + contrib.eventing.knative.dev/release: "v1.16.0" +subjects: + - kind: ServiceAccount + name: gitlab-webhook + namespace: knative-sources +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: gitlab-webhook + +--- +# Copyright 2020 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: gitlab-webhook + labels: + contrib.eventing.knative.dev/release: "v1.16.0" +rules: + # Sources admin + - apiGroups: + - sources.knative.dev + resources: + - gitlabsources + verbs: &everything + - get + - list + - watch + - create + - update + - patch + - delete + # Sources finalizer + - apiGroups: + - sources.knative.dev + resources: + - gitlabsources/finalizers + verbs: *everything + # Source statuses update + - apiGroups: + - sources.knative.dev + resources: + - gitlabsources/status + verbs: + - get + - update + - patch + # Deployments admin + - apiGroups: + - apps + resources: + - deployments + verbs: *everything + # Knative Services admin + - apiGroups: + - serving.knative.dev + resources: + - services + verbs: *everything + # Secrets read + - apiGroups: + - "" + resources: + - secrets + - services + verbs: + - get + - list + - watch + # Events admin + - apiGroups: + - "" + resources: + - events + - configmaps + verbs: *everything + # EventTypes admin + - apiGroups: + - eventing.knative.dev + resources: + - eventtypes + verbs: *everything + # For manipulating certs into secrets. + - apiGroups: + - "" + resources: + - "secrets" + verbs: + - "get" + - "create" + - "update" + - "list" + - "watch" + # Namespace labelling for webhook + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - create + - update + - list + - watch + - patch + # For actually registering our webhook. + - apiGroups: + - "admissionregistration.k8s.io" + resources: + - "mutatingwebhookconfigurations" + - "validatingwebhookconfigurations" + verbs: *everything + # Bindings admin + - apiGroups: + - bindings.knative.dev + resources: + - gitlabbindings + verbs: &everything + - get + - list + - watch + - create + - update + - patch + - delete + # Bindings finalizer + - apiGroups: + - bindings.knative.dev + resources: + - gitlabbindings/finalizers + verbs: *everything + # Source statuses update + - apiGroups: + - bindings.knative.dev + resources: + - gitlabbindings/status + verbs: + - get + - update + - patch + # For leader election + - apiGroups: + - "coordination.k8s.io" + resources: + - "leases" + verbs: *everything + +--- +# Copyright 2020 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: gitlabbindings.bindings.knative.dev + labels: + contrib.eventing.knative.dev/release: "v1.16.0" + duck.knative.dev/binding: "true" + knative.dev/crd-install: "true" +spec: + group: bindings.knative.dev + scope: Namespaced + names: + kind: GitLabBinding + plural: gitlabbindings + categories: + - all + - knative + - eventing + - bindings + versions: + - name: v1alpha1 + served: true + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + accessToken: + type: object + properties: + secretKeyRef: + type: object + properties: + name: + type: string + key: + type: string + required: + - name + - key + subject: + type: object + properties: + apiVersion: + type: string + kind: + type: string + name: + type: string + selector: + type: object + properties: + matchLabels: + type: object + additionalProperties: + type: string + required: + - matchLabels + oneOf: + - required: + - apiVersion + - kind + - name + - required: + - apiVersion + - kind + - selector + status: + type: object + properties: + observedGeneration: + type: integer + format: int64 + conditions: + type: array + items: + type: object + properties: + type: + type: string + status: + type: string + enum: ['True', 'False', Unknown] + severity: + type: string + enum: [Error, Warning, Info] + reason: + type: string + message: + type: string + lastTransitionTime: + type: string + format: date-time + required: + - type + - status + additionalPrinterColumns: + - name: Ready + type: string + jsonPath: .status.conditions[?(@.type=='Ready')].status + - name: Reason + type: string + jsonPath: .status.conditions[?(@.type=='Ready')].reason + - name: Age + type: date + jsonPath: .metadata.creationTimestamp + +--- +# Copyright 2021 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: gitlabsources.sources.knative.dev + labels: + contrib.eventing.knative.dev/release: "v1.16.0" + eventing.knative.dev/source: "true" + duck.knative.dev/source: "true" + knative.dev/crd-install: "true" + annotations: + # Webhook event types as documented at https://docs.gitlab.com/ee/user/project/integrations/webhooks.html#events. + # NOTE(antoineco): GitLab doesn't currently provide schemas for those events (gitlab-org/gitlab#208924) + registry.knative.dev/eventTypes: | + [ + { + "type": "dev.knative.sources.gitlab.build", + "description": "Triggered on status change of a job." + }, + { + "type": "dev.knative.sources.gitlab.deployment", + "description": "Triggered when a deployment starts, succeeds, fails, or is cancelled." + }, + { + "type": "dev.knative.sources.gitlab.issue", + "description": "Triggered when a new issue is created or an existing issue was updated/closed/reopened." + }, + { + "type": "dev.knative.sources.gitlab.merge_request", + "description": "Triggered when a merge request is created/updated/merged/closed or a commit is added in the source branch." + }, + { + "type": "dev.knative.sources.gitlab.note", + "description": "Triggered when a new comment is made on commits, merge requests, issues, and code snippets." + }, + { + "type": "dev.knative.sources.gitlab.pipeline", + "description": "Triggered on status change of Pipeline." + }, + { + "type": "dev.knative.sources.gitlab.push", + "description": "Triggered when you push to the repository except when pushing tags." + }, + { + "type": "dev.knative.sources.gitlab.tag_push", + "description": "Triggered when you create (or delete) tags to the repository." + }, + { + "type": "dev.knative.sources.gitlab.wiki_page", + "description": "Triggered when a wiki page is created, updated or deleted." + } + ] +spec: + group: sources.knative.dev + scope: Namespaced + names: + kind: GitLabSource + plural: gitlabsources + categories: + - all + - knative + - eventing + - sources + versions: + - name: v1alpha1 + served: true + storage: true + subresources: + status: {} + schema: + openAPIV3Schema: + type: object + properties: + spec: + description: Desired state of the event source. + type: object + properties: + projectUrl: + description: URL of the GitLab project to receive events from. + type: string + format: uri + eventTypes: + description: List of webhooks to enable on the selected GitLab project. Those correspond to the attributes enumerated at https://docs.gitlab.com/ee/api/projects.html#add-project-hook + type: array + items: + type: string + enum: + - confidential_issues_events + - confidential_note_events + - deployment_events + - issues_events + - job_events + - merge_requests_events + - note_events + - pipeline_events + - push_events + - tag_push_events + - wiki_page_events + minItems: 1 + accessToken: + description: Access token for the GitLab API. + type: object + properties: + secretKeyRef: + description: A reference to a Kubernetes Secret object containing a GitLab access token. + type: object + properties: + name: + description: The name of the Kubernetes Secret object which contains the GitLab access token. + type: string + key: + description: The key which contains the GitLab access token within the Kubernetes Secret object referenced by name. + type: string + required: + - name + - key + secretToken: + description: Arbitrary token used to validate requests to webhooks. + type: object + properties: + secretKeyRef: + description: A reference to a Kubernetes Secret object containing the webhook token. + type: object + properties: + name: + description: The name of the Kubernetes Secret object which contains the webhook token. + type: string + key: + description: The key which contains the webhook token within the Kubernetes Secret object referenced by name. + type: string + required: + - name + - key + sslverify: + description: Whether requests to webhooks should be made over SSL. + type: boolean + serviceAccountName: + description: Service Account the receive adapter Pod should be using. + type: string + sink: + description: The destination of events received from webhooks. + type: object + properties: + ref: + description: Reference to an addressable Kubernetes object to be used as the destination of events. + type: object + properties: + apiVersion: + type: string + kind: + type: string + namespace: + type: string + name: + type: string + required: + - apiVersion + - kind + - name + uri: + description: URI to use as the destination of events. + type: string + format: uri + oneOf: + - required: ['ref'] + - required: ['uri'] + required: + - projectUrl + - eventTypes + - accessToken + - secretToken + - sink + status: + type: object + properties: + webhookID: + description: ID of the project hook registered with GitLab + type: integer + sinkUri: + type: string + format: uri + ceAttributes: + type: array + items: + type: object + properties: + type: + type: string + source: + type: string + required: + - type + - source + observedGeneration: + type: integer + format: int64 + conditions: + type: array + items: + type: object + properties: + type: + type: string + status: + type: string + enum: ['True', 'False', Unknown] + severity: + type: string + enum: [Error, Warning, Info] + reason: + type: string + message: + type: string + lastTransitionTime: + type: string + format: date-time + required: + - type + - status + additionalPrinterColumns: + - name: Ready + type: string + jsonPath: .status.conditions[?(@.type=='Ready')].status + - name: Reason + type: string + jsonPath: .status.conditions[?(@.type=='Ready')].reason + - name: Sink + type: string + jsonPath: .status.sinkUri + - name: Age + type: date + jsonPath: .metadata.creationTimestamp + +--- +# Copyright 2020 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + labels: + contrib.eventing.knative.dev/release: "v1.16.0" + control-plane: gitlab-controller-manager + name: gitlab-controller-manager-service + namespace: knative-sources +spec: + ports: + - name: https-gitlab + port: 443 + targetPort: 8443 + selector: + control-plane: gitlab-controller-manager +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + contrib.eventing.knative.dev/release: "v1.16.0" + control-plane: gitlab-controller-manager + name: gitlab-controller-manager + namespace: knative-sources +spec: + selector: + matchLabels: + control-plane: gitlab-controller-manager + template: + metadata: + labels: + control-plane: gitlab-controller-manager + spec: + serviceAccountName: gitlab-controller-manager + containers: + - name: manager + env: + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CONFIG_LOGGING_NAME + value: config-logging + - name: CONFIG_OBSERVABILITY_NAME + value: config-observability + - name: METRICS_DOMAIN + value: knative.dev/sources + - name: GL_RA_IMAGE + value: gcr.io/knative-releases/knative.dev/eventing-gitlab/cmd/receive_adapter@sha256:4c606e7d61f54a129fd0dcd0b64089783771bf882f6f5c5b852744073e75a94d + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + image: gcr.io/knative-releases/knative.dev/eventing-gitlab/cmd/controller@sha256:6b78e8cba027e2f41695bd2fe294e8fa51497cc2b62c6cdbbf4367e39ccc7c46 + resources: + limits: + cpu: 100m + memory: 30Mi + requests: + cpu: 100m + memory: 20Mi + terminationGracePeriodSeconds: 10 + +--- +# Copyright 2020 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + name: defaulting.webhook.gitlab.sources.knative.dev + labels: + contrib.eventing.knative.dev/release: "v1.16.0" +webhooks: + - admissionReviewVersions: + - v1beta1 + clientConfig: + service: + name: gitlab-webhook + namespace: knative-sources + sideEffects: None + failurePolicy: Fail + name: defaulting.webhook.gitlab.sources.knative.dev +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + name: validation.webhook.gitlab.sources.knative.dev + labels: + contrib.eventing.knative.dev/release: "v1.16.0" +webhooks: + - admissionReviewVersions: + - v1beta1 + clientConfig: + service: + name: gitlab-webhook + namespace: knative-sources + sideEffects: None + failurePolicy: Fail + name: validation.webhook.gitlab.sources.knative.dev +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + name: gitlabbindings.webhook.gitlab.sources.knative.dev + labels: + contrib.eventing.knative.dev/release: "v1.16.0" +webhooks: + - admissionReviewVersions: + - v1beta1 + clientConfig: + service: + name: gitlab-webhook + namespace: knative-sources + sideEffects: None + failurePolicy: Fail + name: gitlabbindings.webhook.gitlab.sources.knative.dev + +--- +# Copyright 2020 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Secret +metadata: + name: gitlab-webhook-certs + namespace: knative-sources + labels: + contrib.eventing.knative.dev/release: "v1.16.0" +# The data is populated at install time. +--- +apiVersion: v1 +kind: Service +metadata: + labels: + contrib.eventing.knative.dev/release: "v1.16.0" + role: webhook + name: gitlab-webhook + namespace: knative-sources +spec: + ports: + - name: https-webhook + port: 443 + targetPort: 8443 + selector: + role: gitlab-webhook +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: gitlab-webhook + namespace: knative-sources + labels: + contrib.eventing.knative.dev/release: "v1.16.0" +spec: + replicas: 1 + selector: + matchLabels: &labels + app: gitlab-webhook + role: gitlab-webhook + template: + metadata: + labels: *labels + spec: + serviceAccountName: gitlab-webhook + containers: + - name: gitlab-webhook + terminationMessagePolicy: FallbackToLogsOnError + image: gcr.io/knative-releases/knative.dev/eventing-gitlab/cmd/webhook@sha256:922d000bd85ccdb17b61097db5b39f9114afc628a497e97bff4d662cdc1262be + env: + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CONFIG_LOGGING_NAME + value: config-logging + - name: METRICS_DOMAIN + value: knative.dev/eventing + - name: WEBHOOK_NAME + value: gitlab-webhook + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + ports: + - containerPort: 9090 + name: metrics + # TODO set proper resource limits. + + readinessProbe: &probe + periodSeconds: 1 + httpGet: + scheme: HTTPS + port: 8443 + httpHeaders: + - name: k-kubelet-probe + value: "webhook" + livenessProbe: + !!merge <<: *probe + initialDelaySeconds: 20 + +--- diff --git a/cmd/operator/kodata/eventing-source/1.16/redis/redis-source.yaml b/cmd/operator/kodata/eventing-source/1.16/redis/redis-source.yaml new file mode 100644 index 000000000..c56a17249 --- /dev/null +++ b/cmd/operator/kodata/eventing-source/1.16/redis/redis-source.yaml @@ -0,0 +1,997 @@ +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Namespace +metadata: + name: knative-sources + +--- +# Copyright 2020 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: knative-sources-redisstream-adapter + labels: + eventing.knative.dev/release: devel +rules: [] + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: redis-controller-manager + namespace: knative-sources +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: redis-webhook + namespace: knative-sources + labels: + eventing.knative.dev/release: devel + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: redis-controller +rules: + - apiGroups: + - apps + resources: + - deployments + - statefulsets + verbs: &everything + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterroles + verbs: + - list + - apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: *everything + - apiGroups: + - "" + resources: + - events + - serviceaccounts + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - sources.knative.dev + resources: + - redisstreamsources + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - sources.knative.dev + resources: + - redisstreamsources/status + - redisstreamsources/finalizers + verbs: + - get + - update + - patch + - apiGroups: + - "" + resources: + - secrets + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: *everything +--- +# The role is needed for the aggregated role source-observer in knative-eventing to provide readonly access to "Sources". +# Ref: https://github.com/knative/eventing/tree/master/config/core/rolessource-observer-clusterrole.yaml. +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: eventing-redis-source-observer + labels: + eventing.knative.dev/release: devel + duck.knative.dev/source: "true" +rules: + - apiGroups: + - "sources.knative.dev" + resources: + - "redisstreamsources" + verbs: + - get + - list + - watch + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: redis-webhook + labels: + contrib.eventing.knative.dev/release: "v1.16.0" +rules: + # For watching logging configuration and getting certs. + - apiGroups: + - "" + resources: + - "configmaps" + verbs: + - "get" + - "list" + - "watch" + # For manipulating certs into secrets. + - apiGroups: + - "" + resources: + - "secrets" + verbs: + - "get" + - "create" + # For getting our Deployment so we can decorate with ownerref. + - apiGroups: + - "apps" + resources: + - "deployments" + verbs: + - "get" + - apiGroups: + - "apps" + resources: + - "deployments/finalizers" + verbs: + - update + # For actually registering our webhook. + - apiGroups: + - "admissionregistration.k8s.io" + resources: + - "mutatingwebhookconfigurations" + verbs: + - "get" + - "list" + - "create" + - "update" + - "delete" + - "patch" + - "watch" + # Our own resources and statuses we care about. + - apiGroups: + - "sources.knative.dev" + resources: + - "redisstreamsources" + - "redisstreamsources/status" + verbs: + - "get" + - "list" + - "watch" + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: redis-controller-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: redis-controller +subjects: + - kind: ServiceAccount + name: redis-controller-manager + namespace: knative-sources +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: eventing-sources-redis-controller-addressable-resolver +subjects: + - kind: ServiceAccount + name: redis-controller-manager + namespace: knative-sources +# An aggregated ClusterRole for all Addressable CRDs. +# Ref: https://github.com/knative/eventing/tree/master/config/core/rolesaddressable-resolvers-clusterrole.yaml +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: addressable-resolver +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: redis-webhook + labels: + eventing.knative.dev/release: devel +subjects: + - kind: ServiceAccount + name: redis-webhook + namespace: knative-sources +roleRef: + kind: ClusterRole + name: redis-webhook + apiGroup: rbac.authorization.k8s.io + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: redisstreamsources.sources.knative.dev + labels: + eventing.knative.dev/release: devel + knative.dev/crd-install: "true" + duck.knative.dev/addressable: "true" +spec: + group: sources.knative.dev + versions: + - name: v1alpha1 + served: true + storage: true + subresources: + status: {} + scale: + # specReplicasPath defines the JSONPath inside of a custom resource that corresponds to Scale.Spec.Replicas. + specReplicasPath: .spec.consumers + # statusReplicasPath defines the JSONPath inside of a custom resource that corresponds to Scale.Status.Replicas. + statusReplicasPath: .status.consumers + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + address: + description: Address is the Redis TCP address + type: string + ceOverrides: + description: CloudEventOverrides defines overrides to control the output format and modifications of the event sent to the sink. + type: object + properties: + extensions: + description: Extensions specify what attribute are added or overridden on the outbound event. Each `Extensions` key-value pair are set on the event as an attribute extension independently. + type: object + x-kubernetes-preserve-unknown-fields: true + dialOptions: + description: Options are the connection options + type: object + properties: + caCert: + description: CACert is the Kubernetes secret containing the server CA cert. + type: object + required: + - secretKeyRef + properties: + secretKeyRef: + description: The Secret key to select from. + type: object + properties: + key: + description: The key of the secret to select from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + cert: + description: Cert is the Kubernetes secret containing the client certificate. + type: object + required: + - secretKeyRef + properties: + secretKeyRef: + description: The Secret key to select from. + type: object + properties: + key: + description: The key of the secret to select from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + key: + description: Key is the Kubernetes secret containing the client key. + type: object + required: + - secretKeyRef + properties: + secretKeyRef: + description: The Secret key to select from. + type: object + properties: + key: + description: The key of the secret to select from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + password: + description: Password to use for connecting to Redis + type: object + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + skipVerify: + description: SkipVerify indicates whether to skip TLS verification or not + type: boolean + useTLS: + description: UseTLS indicates whether to use TLS or not + type: boolean + group: + description: Group is the name of the consumer group associated to this source. When left empty, a group is automatically created for this source and deleted when this source is deleted. + type: string + consumers: + description: Consumers is a pointer to the number of desired consumers running in the consumer group. + type: integer + format: int32 + sink: + description: Sink is a reference to an object that will resolve to a uri to use as the sink. + type: object + properties: + ref: + description: Ref points to an Addressable. + type: object + properties: + apiVersion: + description: API version of the referent. + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.' + type: string + uri: + description: URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref. + type: string + stream: + description: Stream is the name of the stream. + type: string + status: + type: object + properties: + annotations: + description: Annotations is additional Status fields for the Resource to save some additional State as well as convey more information to the user. This is roughly akin to Annotations on any k8s resource, just the reconciler conveying richer information outwards. + type: object + x-kubernetes-preserve-unknown-fields: true + ceAttributes: + description: CloudEventAttributes are the specific attributes that the Source uses as part of its CloudEvents. + type: array + items: + type: object + properties: + source: + description: Source is the CloudEvents source attribute. + type: string + type: + description: Type refers to the CloudEvent type attribute. + type: string + conditions: + description: Conditions the latest available observations of a resource's current state. + type: array + items: + type: object + required: + - type + - status + properties: + lastTransitionTime: + description: LastTransitionTime is the last time the condition transitioned from one status to another. We use VolatileTime in place of metav1.Time to exclude this from creating equality.Semantic differences (all other things held constant). + type: string + message: + description: A human readable message indicating details about the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + severity: + description: Severity with which to treat failures of this type of condition. When this is not specified, it defaults to Error. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition. + type: string + observedGeneration: + description: ObservedGeneration is the 'Generation' of the Service that was last processed by the controller. + type: integer + format: int64 + sinkUri: + description: SinkURI is the current active sink URI that has been configured for the Source. + type: string + consumers: + description: Consumers is the number of desired consumers running in the consumer group. + type: integer + format: int32 + additionalPrinterColumns: + - name: Sink + type: string + jsonPath: .status.sinkUri + - name: Age + type: date + jsonPath: .metadata.creationTimestamp + - name: Ready + type: string + jsonPath: ".status.conditions[?(@.type=='Ready')].status" + - name: Reason + type: string + jsonPath: ".status.conditions[?(@.type=='Ready')].reason" + names: + categories: + - all + - knative + - eventing + - sources + kind: RedisStreamSource + plural: redisstreamsources + singular: redisstreamsource + scope: Namespaced + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: redis-controller-manager + name: redis-controller-manager + namespace: knative-sources +spec: + selector: + control-plane: redis-controller-manager + ports: + - name: https-redis + port: 443 + +--- +# Copyright 2018 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + labels: + eventing.knative.dev/release: devel + role: redis-webhook + name: redis-webhook + namespace: knative-sources +spec: + ports: + - name: https-webhook + port: 443 + targetPort: 8443 + selector: + role: redis-webhook + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: redis-controller-manager + namespace: knative-sources + labels: + contrib.eventing.knative.dev/release: "v1.16.0" + control-plane: redis-controller-manager +spec: + selector: + matchLabels: &labels + control-plane: redis-controller-manager + serviceName: redis-controller-manager + template: + metadata: + labels: *labels + spec: + serviceAccountName: redis-controller-manager + containers: + - image: gcr.io/knative-releases/knative.dev/eventing-redis/cmd/source/controller@sha256:51a7b643a51a7ede3eaa6a940ceec1e2e1944a209526822b25e2a278e5b885ef + name: manager + env: + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CONFIG_LOGGING_NAME + value: config-logging + - name: CONFIG_OBSERVABILITY_NAME + value: config-observability + - name: METRICS_DOMAIN + value: knative.dev/sources + - name: CONFIG_LEADERELECTION_NAME + value: config-leader-election-redis + - name: STREAMSOURCE_RA_IMAGE + value: gcr.io/knative-releases/knative.dev/eventing-redis/cmd/source/receive_adapter@sha256:1adff71bb46e92f09f6630898d2d9bb322c77cf14a79bfb53f32150418127a37 + - name: CONFIG_REDIS_NUMCONSUMERS + value: config-redis + - name: SECRET_TLS_TLSCERTIFICATE + value: tls-secret + terminationGracePeriodSeconds: 10 + +--- +# Copyright 2020 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: config-leader-election-redis + namespace: knative-sources + labels: + contrib.eventing.knative.dev/release: "v1.16.0" +data: + # An inactive but valid configuration follows; see example. + resourceLock: "leases" + leaseDuration: "15s" + renewDeadline: "10s" + retryPeriod: "2s" + _example: | + ################################ + # # + # EXAMPLE CONFIGURATION # + # # + ################################ + + # This block is not actually functional configuration, + # but serves to illustrate the available configuration + # options and document them in a way that is accessible + # to users that `kubectl edit` this config map. + # + # These sample configuration options may be copied out of + # this example block and unindented to be in the data block + # to actually change the configuration. + + # resourceLock controls which API resource is used as the basis for the + # leader election lock. Valid values are: + # + # - leases -> use the coordination API + # - configmaps -> use configmaps + # - endpoints -> use endpoints + resourceLock: "leases" + + # leaseDuration is how long non-leaders will wait to try to acquire the + # lock; 15 seconds is the value used by core kubernetes controllers. + leaseDuration: "15s" + # renewDeadline is how long a leader will try to renew the lease before + # giving up; 10 seconds is the value used by core kubernetes controllers. + renewDeadline: "10s" + # retryPeriod is how long the leader election client waits between tries of + # actions; 2 seconds is the value used by core kuberntes controllers. + retryPeriod: "2s" + # enabledComponents is a comma-delimited list of component names for which + # leader election is enabled. Valid values are: + # + # - couchdb-controller + enabledComponents: "couchdb-controller" + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: config-logging + namespace: knative-sources +data: + # Common configuration for all Knative codebase + zap-logger-config: | + { + "level": "info", + "development": false, + "outputPaths": ["stdout"], + "errorOutputPaths": ["stderr"], + "encoding": "json", + "encoderConfig": { + "timeKey": "ts", + "levelKey": "level", + "nameKey": "logger", + "callerKey": "caller", + "messageKey": "msg", + "stacktraceKey": "stacktrace", + "lineEnding": "", + "levelEncoder": "", + "timeEncoder": "iso8601", + "durationEncoder": "", + "callerEncoder": "" + } + } + # Log level overrides + # For all components changes are be picked up immediately. + loglevel.controller: "info" + loglevel.webhook: "info" + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: config-observability + namespace: knative-sources +data: + _example: | + ################################ + # # + # EXAMPLE CONFIGURATION # + # # + ################################ + + # This block is not actually functional configuration, + # but serves to illustrate the available configuration + # options and document them in a way that is accessible + # to users that `kubectl edit` this config map. + # + # These sample configuration options may be copied out of + # this example block and unindented to be in the data block + # to actually change the configuration. + + # logging.enable-var-log-collection defaults to false. + # A fluentd sidecar will be set up to collect var log if + # this flag is true. + logging.enable-var-log-collection: false + + # logging.fluentd-sidecar-image provides the fluentd sidecar image + # to inject as a sidecar to collect logs from /var/log. + # Must be presented if logging.enable-var-log-collection is true. + logging.fluentd-sidecar-image: registry.k8s.io/fluentd-elasticsearch:v2.0.4 + + # logging.fluentd-sidecar-output-config provides the configuration + # for the fluentd sidecar, which will be placed into a configmap and + # mounted into the fluentd sidecar image. + logging.fluentd-sidecar-output-config: | + # Parse json log before sending to Elastic Search + + @type parser + key_name log + + @type multi_format + + format json + time_key fluentd-time # fluentd-time is reserved for structured logs + time_format %Y-%m-%dT%H:%M:%S.%NZ + + + format none + message_key log + + + + # Send to Elastic Search + + @id elasticsearch + @type elasticsearch + @log_level info + include_tag_key true + # Elasticsearch service is in monitoring namespace. + host elasticsearch-logging.knative-monitoring + port 9200 + logstash_format true + + @type file + path /var/log/fluentd-buffers/kubernetes.system.buffer + flush_mode interval + retry_type exponential_backoff + flush_thread_count 2 + flush_interval 5s + retry_forever + retry_max_interval 30 + chunk_limit_size 2M + queue_limit_length 8 + overflow_action block + + + + # logging.revision-url-template provides a template to use for producing the + # logging URL that is injected into the status of each Revision. + # This value is what you might use the the Knative monitoring bundle, and provides + # access to Kibana after setting up kubectl proxy. + logging.revision-url-template: | + http://localhost:8001/api/v1/namespaces/knative-monitoring/services/kibana-logging/proxy/app/kibana#/discover?_a=(query:(match:(kubernetes.labels.knative-dev%2FrevisionUID:(query:'${REVISION_UID}',type:phrase)))) + + # If non-empty, this enables queue proxy writing request logs to stdout. + # The value determines the shape of the request logs and it must be a valid go text/template. + # It is important to keep this as a single line. Multiple lines are parsed as separate entities + # by most collection agents and will split the request logs into multiple records. + # + # The following fields and functions are available to the template: + # + # Request: An http.Request (see https://golang.org/pkg/net/http/#Request) + # representing an HTTP request received by the server. + # + # Response: + # struct { + # Code int // HTTP status code (see https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml) + # Size int // An int representing the size of the response. + # Latency float64 // A float64 representing the latency of the response in seconds. + # } + # + # Revision: + # struct { + # Name string // Knative revision name + # Namespace string // Knative revision namespace + # Service string // Knative service name + # Configuration string // Knative configuration name + # PodName string // Name of the pod hosting the revision + # PodIP string // IP of the pod hosting the revision + # } + # + logging.request-log-template: '{"httpRequest": {"requestMethod": "{{.Request.Method}}", "requestUrl": "{{js .Request.RequestURI}}", "requestSize": "{{.Request.ContentLength}}", "status": {{.Response.Code}}, "responseSize": "{{.Response.Size}}", "userAgent": "{{js .Request.UserAgent}}", "remoteIp": "{{js .Request.RemoteAddr}}", "serverIp": "{{.Revision.PodIP}}", "referer": "{{js .Request.Referer}}", "latency": "{{.Response.Latency}}s", "protocol": "{{.Request.Proto}}"}, "traceId": "{{index .Request.Header "X-B3-Traceid"}}"}' + + # metrics.backend-destination field specifies the system metrics destination. + # It supports either prometheus (the default) or stackdriver. + # Note: Using stackdriver will incur additional charges + metrics.backend-destination: prometheus + + # metrics.request-metrics-backend-destination specifies the request metrics + # destination. If non-empty, it enables queue proxy to send request metrics. + # Currently supported values: prometheus, stackdriver. + metrics.request-metrics-backend-destination: prometheus + + # metrics.stackdriver-project-id field specifies the stackdriver project ID. This + # field is optional. When running on GCE, application default credentials will be + # used if this field is not provided. + metrics.stackdriver-project-id: "" + + # metrics.allow-stackdriver-custom-metrics indicates whether it is allowed to send metrics to + # Stackdriver using "global" resource type and custom metric type if the + # metrics are not supported by "knative_revision" resource type. Setting this + # flag to "true" could cause extra Stackdriver charge. + # If metrics.backend-destination is not Stackdriver, this is ignored. + metrics.allow-stackdriver-custom-metrics: "false" + +--- +# Copyright 2019 The Knative Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: config-redis + namespace: knative-sources +data: + # Configure the receive adapter with the number of consumers in a group + numConsumers: "500" + +--- +apiVersion: v1 +kind: Secret +metadata: + name: tls-secret + namespace: knative-sources +stringData: + # the data is abbreviated in this example + TLS_CERT: | + -----BEGIN CERTIFICATE----- + -----END CERTIFICATE----- + +---