From bd493578df8825a52ec0f027583341a80b3c90f6 Mon Sep 17 00:00:00 2001 From: Giovanni Liva Date: Fri, 3 Mar 2023 12:09:57 +0100 Subject: [PATCH] feat: improve naming (#961) Co-authored-by: odubajDT Co-authored-by: Florian Bacher Co-authored-by: realanna --- .github/.kubescape/exceptions.json | 2 +- .../actions/deploy-klt-on-cluster/action.yml | 18 +- .github/workflows/CI.yaml | 16 +- .github/workflows/e2e-test.yml | 2 +- .github/workflows/golangci-lint.yml | 4 +- .github/workflows/helm-checks.yaml | 4 +- .github/workflows/release.yml | 4 +- .github/workflows/security-scans.yml | 4 +- .../en/docs/concepts/metrics/_index.md | 2 +- .../content/en/docs/snippets/tasks/install.md | 4 +- examples/Makefile | 10 +- examples/support/observability/README.md | 6 +- .../observability/config/otel-collector.yaml | 2 +- helm/chart/README.md | 236 +++++------ helm/chart/doc.yaml | 379 +++++++++--------- helm/chart/values.yaml | 205 ++++------ klt-cert-manager/Makefile | 6 +- .../config/default/kustomization.yaml | 2 +- .../config/default/manager_config_patch.yaml | 2 +- .../config/manager/kustomization.yaml | 4 +- klt-cert-manager/config/manager/manager.yaml | 16 +- .../rbac/auth_proxy_client_clusterrole.yaml | 16 - .../config/rbac/auth_proxy_role.yaml | 24 -- .../config/rbac/auth_proxy_role_binding.yaml | 19 - .../config/rbac/auth_proxy_service.yaml | 21 - .../config/rbac/extra_role_binding.yaml | 12 +- .../config/rbac/kustomization.yaml | 8 +- .../config/rbac/leader_election_role.yaml | 4 +- .../rbac/leader_election_role_binding.yaml | 10 +- klt-cert-manager/config/rbac/role.yaml | 4 +- .../config/rbac/role_binding.yaml | 12 +- .../config/rbac/service_account.yaml | 8 +- .../webhook_cert_controller_test.go | 2 +- metrics-operator/Makefile | 2 +- .../config/default/kustomization.yaml | 2 +- .../config/default/manager_config_patch.yaml | 2 +- .../config/manager/kustomization.yaml | 5 +- metrics-operator/config/manager/manager.yaml | 14 +- metrics-operator/config/manager/service.yaml | 22 + .../metrics/custom_metrics_api_service.yaml | 4 +- metrics-operator/config/metrics/role.yaml | 2 +- .../config/metrics/role_binding.yaml | 6 +- .../config/prometheus/monitor.yaml | 6 +- .../rbac/auth_proxy_client_clusterrole.yaml | 9 - .../config/rbac/auth_proxy_role.yaml | 17 - .../config/rbac/auth_proxy_role_binding.yaml | 12 - .../config/rbac/auth_proxy_service.yaml | 22 - .../config/rbac/extra_role_binding.yaml | 6 +- .../config/rbac/kustomization.yaml | 8 +- .../config/rbac/leader_election_role.yaml | 2 +- .../rbac/leader_election_role_binding.yaml | 6 +- metrics-operator/config/rbac/role.yaml | 2 +- .../config/rbac/role_binding.yaml | 6 +- .../config/rbac/service_account.yaml | 2 +- metrics-operator/config/rendered/release.yaml | 102 ++--- metrics-operator/config/webhook/service.yaml | 2 +- operator/Makefile | 4 +- operator/config/default/kustomization.yaml | 2 +- .../config/default/manager_config_patch.yaml | 6 +- .../default/webhooknamespaces_patch.yaml | 2 +- operator/config/manager/kustomization.yaml | 4 +- operator/config/manager/manager.yaml | 28 +- .../rbac/auth_proxy_client_clusterrole.yaml | 9 - operator/config/rbac/auth_proxy_role.yaml | 17 - .../config/rbac/auth_proxy_role_binding.yaml | 12 - operator/config/rbac/auth_proxy_service.yaml | 19 - operator/config/rbac/extra_role_binding.yaml | 6 +- operator/config/rbac/kustomization.yaml | 8 +- .../config/rbac/leader_election_role.yaml | 2 +- .../rbac/leader_election_role_binding.yaml | 6 +- operator/config/rbac/role.yaml | 2 +- operator/config/rbac/role_binding.yaml | 6 +- operator/config/rbac/service_account.yaml | 2 +- operator/config/webhook/service.yaml | 2 +- operator/controllers/common/otel_utils.go | 2 +- .../rbac/auth_proxy_client_clusterrole.yaml | 9 - scheduler/config/rbac/auth_proxy_role.yaml | 17 - .../config/rbac/auth_proxy_role_binding.yaml | 12 - .../rbac/leader_election_role_binding.yaml | 2 +- .../manifests/install/base/deployment.yaml | 4 +- .../charts/keptn-scheduler/values.yaml | 4 +- .../manifests/install/kustomization.yaml | 4 +- .../expose-keptn-metric/00-install.yaml | 2 +- .../expose-keptn-metric/01-install.yaml | 2 +- test/integration/keptn-config/get-logs.sh | 2 +- test/integration/metrics-provider/logs.sh | 2 +- test/load/metrics.yml | 6 +- 87 files changed, 619 insertions(+), 915 deletions(-) delete mode 100644 klt-cert-manager/config/rbac/auth_proxy_client_clusterrole.yaml delete mode 100644 klt-cert-manager/config/rbac/auth_proxy_role.yaml delete mode 100644 klt-cert-manager/config/rbac/auth_proxy_role_binding.yaml delete mode 100644 klt-cert-manager/config/rbac/auth_proxy_service.yaml create mode 100644 metrics-operator/config/manager/service.yaml delete mode 100644 metrics-operator/config/rbac/auth_proxy_client_clusterrole.yaml delete mode 100644 metrics-operator/config/rbac/auth_proxy_role.yaml delete mode 100644 metrics-operator/config/rbac/auth_proxy_role_binding.yaml delete mode 100644 metrics-operator/config/rbac/auth_proxy_service.yaml delete mode 100644 operator/config/rbac/auth_proxy_client_clusterrole.yaml delete mode 100644 operator/config/rbac/auth_proxy_role.yaml delete mode 100644 operator/config/rbac/auth_proxy_role_binding.yaml delete mode 100644 operator/config/rbac/auth_proxy_service.yaml delete mode 100644 scheduler/config/rbac/auth_proxy_client_clusterrole.yaml delete mode 100644 scheduler/config/rbac/auth_proxy_role.yaml delete mode 100644 scheduler/config/rbac/auth_proxy_role_binding.yaml diff --git a/.github/.kubescape/exceptions.json b/.github/.kubescape/exceptions.json index 384fc6546e..ec626036ef 100644 --- a/.github/.kubescape/exceptions.json +++ b/.github/.kubescape/exceptions.json @@ -10,7 +10,7 @@ "designatorType": "Attributes", "attributes": { "kind": "ServiceAccount", - "name": "klc-controller-manager" + "name": "lifecycle-operator" } } ], diff --git a/.github/actions/deploy-klt-on-cluster/action.yml b/.github/actions/deploy-klt-on-cluster/action.yml index b7299f72de..1dee18a0ed 100644 --- a/.github/actions/deploy-klt-on-cluster/action.yml +++ b/.github/actions/deploy-klt-on-cluster/action.yml @@ -62,23 +62,23 @@ runs: shell: bash run: | echo "Installing KLT using manifests" - sed -i 's/imagePullPolicy: Always/imagePullPolicy: Never/g' ~/download/artifacts/keptn-lifecycle-operator-manifest-test/release.yaml - sed -i 's/ghcr.keptn.sh\/keptn\/functions-runtime:.*/localhost:5000\/keptn\/functions-runtime:${{ inputs.functions_runtime_tag }}/g' ~/download/artifacts/keptn-lifecycle-operator-manifest-test/release.yaml + sed -i 's/imagePullPolicy: Always/imagePullPolicy: Never/g' ~/download/artifacts/lifecycle-operator-manifest-test/release.yaml + sed -i 's/ghcr.keptn.sh\/keptn\/functions-runtime:.*/localhost:5000\/keptn\/functions-runtime:${{ inputs.functions_runtime_tag }}/g' ~/download/artifacts/lifecycle-operator-manifest-test/release.yaml kubectl create namespace keptn-lifecycle-toolkit-system - kubectl apply -f ~/download/artifacts/keptn-lifecycle-operator-manifest-test + kubectl apply -f ~/download/artifacts/lifecycle-operator-manifest-test - sed -i 's/imagePullPolicy: Always/imagePullPolicy: Never/g' ~/download/artifacts/klt-cert-manager-manifest-test/release.yaml - kubectl apply -f ~/download/artifacts/klt-cert-manager-manifest-test - kubectl rollout status deployment klt-cert-manager -n keptn-lifecycle-toolkit-system -w + sed -i 's/imagePullPolicy: Always/imagePullPolicy: Never/g' ~/download/artifacts/certificate-operator-manifest-test/release.yaml + kubectl apply -f ~/download/artifacts/certificate-operator-manifest-test + kubectl rollout status deployment certificate-operator -n keptn-lifecycle-toolkit-system -w sed -i 's/imagePullPolicy: Always/imagePullPolicy: Never/g' ~/download/artifacts/metrics-operator-manifest-test/release.yaml kubectl apply -f ~/download/artifacts/metrics-operator-manifest-test - kubectl rollout status deployment metrics-operator-controller -n keptn-lifecycle-toolkit-system -w + kubectl rollout status deployment metrics-operator -n keptn-lifecycle-toolkit-system -w sed -i 's/imagePullPolicy: Always/imagePullPolicy: Never/g' ~/download/artifacts/scheduler-manifest-test/release.yaml kubectl apply -f ~/download/artifacts/scheduler-manifest-test - kubectl rollout status deployment keptn-scheduler -n keptn-lifecycle-toolkit-system -w - kubectl rollout status deployment klc-controller-manager -n keptn-lifecycle-toolkit-system -w + kubectl rollout status deployment scheduler -n keptn-lifecycle-toolkit-system -w + kubectl rollout status deployment lifecycle-operator -n keptn-lifecycle-toolkit-system -w - name: Install lifecycle-toolkit with helm if: ${{ inputs.helm-install == 'true' }} diff --git a/.github/workflows/CI.yaml b/.github/workflows/CI.yaml index 7d89280ad3..21c85e62d0 100644 --- a/.github/workflows/CI.yaml +++ b/.github/workflows/CI.yaml @@ -70,13 +70,13 @@ jobs: strategy: matrix: config: - - name: "keptn-lifecycle-operator" + - name: "lifecycle-operator" folder: "operator/" - name: "metrics-operator" folder: "metrics-operator/" - name: "scheduler" folder: "scheduler/" - - name: "klt-cert-manager" + - name: "certificate-operator" folder: "klt-cert-manager/" steps: - name: Check out code @@ -111,7 +111,7 @@ jobs: strategy: matrix: config: - - name: "keptn-lifecycle-operator" + - name: "lifecycle-operator" folder: "operator/" - name: "metrics-operator" folder: "metrics-operator/" @@ -119,7 +119,7 @@ jobs: folder: "scheduler/" - name: "functions-runtime" folder: "functions-runtime/" - - name: "klt-cert-manager" + - name: "certificate-operator" folder: "klt-cert-manager/" steps: - name: Check out code @@ -163,7 +163,7 @@ jobs: path: /tmp/${{ matrix.config.name }}-image.tar - name: Install controller-gen - if: matrix.config.name == 'keptn-lifecycle-operator' || matrix.config.name == 'metrics-operator' + if: matrix.config.name == 'lifecycle-operator' || matrix.config.name == 'metrics-operator' working-directory: ./${{ matrix.config.folder }} run: make controller-gen @@ -226,7 +226,7 @@ jobs: strategy: matrix: config: - - name: "keptn-lifecycle-operator" + - name: "lifecycle-operator" folder: "operator/" - name: "metrics-operator" folder: "metrics-operator/" @@ -234,7 +234,7 @@ jobs: folder: "scheduler/" - name: "functions-runtime" folder: "functions-runtime/" - - name: "klt-cert-manager" + - name: "certificate-operator" folder: "klt-cert-manager/" permissions: packages: write # Needed for pushing images to the registry @@ -280,7 +280,7 @@ jobs: cache-to: type=gha,scope=${{ github.ref_name }}-${{ matrix.config.name }} - name: Install controller-gen - if: matrix.config.name == 'keptn-lifecycle-operator' || matrix.config.name == 'klt-cert-manager' || matrix.config.name == 'metrics-operator' + if: matrix.config.name == 'lifecycle-operator' || matrix.config.name == 'certificate-operator' || matrix.config.name == 'metrics-operator' working-directory: ./${{ matrix.config.folder }} run: make controller-gen diff --git a/.github/workflows/e2e-test.yml b/.github/workflows/e2e-test.yml index 4de783209b..5cf09a0a01 100644 --- a/.github/workflows/e2e-test.yml +++ b/.github/workflows/e2e-test.yml @@ -19,7 +19,7 @@ jobs: strategy: matrix: config: - - name: "keptn-lifecycle-operator" + - name: "lifecycle-operator" folder: "operator/" - name: "scheduler" folder: "scheduler/" diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index f294f633c8..c4cfdc96a7 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -27,13 +27,13 @@ jobs: fail-fast: false matrix: config: - - name: "keptn-lifecycle-operator" + - name: "lifecycle-operator" folder: "operator/" - name: "metrics-operator" folder: "metrics-operator/" - name: "scheduler" folder: "scheduler/" - - name: "klt-cert-manager" + - name: "certificate-operator" folder: "klt-cert-manager/" steps: - name: Check out code diff --git a/.github/workflows/helm-checks.yaml b/.github/workflows/helm-checks.yaml index 9b4756948f..0b18f5e630 100644 --- a/.github/workflows/helm-checks.yaml +++ b/.github/workflows/helm-checks.yaml @@ -66,7 +66,7 @@ jobs: strategy: matrix: config: - - name: "keptn-lifecycle-operator" + - name: "lifecycle-operator" folder: "operator/" - name: "metrics-operator" folder: "metrics-operator/" @@ -74,7 +74,7 @@ jobs: folder: "scheduler/" - name: "functions-runtime" folder: "functions-runtime/" - - name: "klt-cert-manager" + - name: "certificate-operator" folder: "klt-cert-manager/" steps: - name: Check out code diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e5a5b88203..505bbd6951 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -43,7 +43,7 @@ jobs: strategy: matrix: config: - - name: "keptn-lifecycle-operator" + - name: "lifecycle-operator" folder: "operator/" - name: "metrics-operator" folder: "metrics-operator/" @@ -51,7 +51,7 @@ jobs: folder: "scheduler/" - name: "functions-runtime" folder: "functions-runtime/" - - name: "klt-cert-manager" + - name: "certificate-operator" folder: "klt-cert-manager/" runs-on: ubuntu-22.04 permissions: diff --git a/.github/workflows/security-scans.yml b/.github/workflows/security-scans.yml index bb4d184f33..64d20905fd 100644 --- a/.github/workflows/security-scans.yml +++ b/.github/workflows/security-scans.yml @@ -179,10 +179,10 @@ jobs: matrix: image: - "functions-runtime" - - "keptn-lifecycle-operator" + - "lifecycle-operator" - "metrics-operator" - "scheduler" - - "klt-cert-manager" + - "certificate-operator" steps: - name: Download images id: download_images diff --git a/docs/content/en/docs/concepts/metrics/_index.md b/docs/content/en/docs/concepts/metrics/_index.md index 2910b3d6e8..017436f6da 100644 --- a/docs/content/en/docs/concepts/metrics/_index.md +++ b/docs/content/en/docs/concepts/metrics/_index.md @@ -72,7 +72,7 @@ variable `EXPOSE_KEPTN_METRICS` in the metrics-operator manifest needs to be set is `true`. To access the metrics, use the following command: ```shell -kubectl port-forward deployment/metrics-operator-controller 9999 -n keptn-lifecycle-toolkit-system +kubectl port-forward deployment/metrics-operator 9999 -n keptn-lifecycle-toolkit-system ``` and access the metrics via your browser with: diff --git a/docs/content/en/docs/snippets/tasks/install.md b/docs/content/en/docs/snippets/tasks/install.md index 1ddca960b0..df8c8fc3e6 100644 --- a/docs/content/en/docs/snippets/tasks/install.md +++ b/docs/content/en/docs/snippets/tasks/install.md @@ -8,7 +8,7 @@ In version 0.6.0 and later, you can install the Lifecycle Toolkit using the curr ```shell kubectl apply -f https://github.com/keptn/lifecycle-toolkit/releases/download/v0.5.0/manifest.yaml -kubectl wait --for=condition=Available deployment/klc-controller-manager -n keptn-lifecycle-toolkit-system --timeout=120s +kubectl wait --for=condition=Available deployment/lifecycle-operator -n keptn-lifecycle-toolkit-system --timeout=120s ``` @@ -28,5 +28,5 @@ After that, you can install the Lifecycle Toolkit `` with: ```shell kubectl apply -f https://github.com/keptn/lifecycle-toolkit/releases/download//manifest.yaml -kubectl wait --for=condition=Available deployment/klc-controller-manager -n keptn-lifecycle-toolkit-system --timeout=120s +kubectl wait --for=condition=Available deployment/lifecycle-operator -n keptn-lifecycle-toolkit-system --timeout=120s ``` diff --git a/examples/Makefile b/examples/Makefile index ab91650181..004254b1e7 100644 --- a/examples/Makefile +++ b/examples/Makefile @@ -10,7 +10,7 @@ install: install-observability install-argo @echo "Create Namespace and install Keptn-lifecycle-toolkit" @echo "-----------------------------------" kubectl apply -f https://github.com/keptn/lifecycle-toolkit/releases/download/v0.5.0/manifest.yaml #x-release-please-version - kubectl wait --for=condition=available deployment/klc-controller-manager -n keptn-lifecycle-toolkit-system --timeout=300s + kubectl wait --for=condition=available deployment/lifecycle-operator -n keptn-lifecycle-toolkit-system --timeout=300s .PHONY: install-observability install-observability: @@ -75,7 +75,7 @@ restart-lifecycle-toolkit: @echo "----------------------------------" @echo "Restart Keptn Lifecycle Controller" @echo "----------------------------------" - kubectl rollout restart deployment -n "$(TOOLKIT_NAMESPACE)" klc-controller-manager - kubectl rollout status deployment -n "$(TOOLKIT_NAMESPACE)" klc-controller-manager --watch - kubectl rollout restart deployment -n "$(TOOLKIT_NAMESPACE)" keptn-scheduler -n keptn-lifecycle-toolkit-system - kubectl rollout status deployment -n "$(TOOLKIT_NAMESPACE)" keptn-scheduler --watch \ No newline at end of file + kubectl rollout restart deployment -n "$(TOOLKIT_NAMESPACE)" lifecycle-operator + kubectl rollout status deployment -n "$(TOOLKIT_NAMESPACE)" lifecycle-operator --watch + kubectl rollout restart deployment -n "$(TOOLKIT_NAMESPACE)" scheduler -n keptn-lifecycle-toolkit-system + kubectl rollout status deployment -n "$(TOOLKIT_NAMESPACE)" scheduler --watch diff --git a/examples/support/observability/README.md b/examples/support/observability/README.md index b6f3e88824..9c3369f88b 100644 --- a/examples/support/observability/README.md +++ b/examples/support/observability/README.md @@ -55,7 +55,7 @@ in the `config` directory: kubectl apply -f config/otel-collector.yaml -n keptn-lifecycle-toolkit-system ``` -Also, please ensure that the `OTEL_COLLECTOR_URL` env vars of both the `klc-controller-manager`, +Also, please ensure that the `OTEL_COLLECTOR_URL` env vars of both the `lifecycle-operator`, as well as the `keptn-scheduler` deployments are set appropriately. By default, they are set to `otel-collector:4317`, which should be the correct value for this tutorial. @@ -75,11 +75,11 @@ can edit the Collector ConfigMap with the following command: kubectl edit configmap otel-collector-conf -n keptn-lifecycle-toolkit-system ``` -When the `otel-collector` pod is up and running, restart the `keptn-scheduler` and `klc-controller-manager` so they can +When the `otel-collector` pod is up and running, restart the `keptn-scheduler` and `lifecycle-operator` so they can pick up the new configuration. ```shell -kubectl rollout restart deployment -n keptn-lifecycle-toolkit-system keptn-scheduler klc-controller-manager +kubectl rollout restart deployment -n keptn-lifecycle-toolkit-system keptn-scheduler lifecycle-operator ``` ## Seeing the OpenTelemetry Collector in action diff --git a/examples/support/observability/config/otel-collector.yaml b/examples/support/observability/config/otel-collector.yaml index ba156d9fc0..f1d06ee115 100644 --- a/examples/support/observability/config/otel-collector.yaml +++ b/examples/support/observability/config/otel-collector.yaml @@ -21,7 +21,7 @@ data: - job_name: 'otel-collector' scrape_interval: 5s static_configs: - - targets: ['klc-controller-manager-metrics-service:2222'] + - targets: ['lifecycle-operator-metrics-service:2222'] processors: extensions: health_check: {} diff --git a/helm/chart/README.md b/helm/chart/README.md index 5b9eff0f25..ae62fc6a65 100644 --- a/helm/chart/README.md +++ b/helm/chart/README.md @@ -10,155 +10,134 @@ checks | Name | Description | Value | | -------------------------------------------------------------------------------- | -------------------------------------------------------------- | ------------------------- | -| `keptnScheduler.keptnScheduler.containerSecurityContext` | Sets security context | | -| `keptnScheduler.keptnScheduler.env.otelCollectorUrl` | sets url for open telemetry collector | `otel-collector:4317` | -| `keptnScheduler.keptnScheduler.image.repository` | set image repository for scheduler | `ghcr.io/keptn/scheduler` | -| `keptnScheduler.keptnScheduler.image.tag` | set image tag for scheduler | `202302281677584335` | -| `keptnScheduler.keptnScheduler.imagePullPolicy` | set image pull policy for scheduler | `Always` | -| `keptnScheduler.keptnScheduler.livenessProbe` | customizable liveness probe for the scheduler | | -| `keptnScheduler.keptnScheduler.readinessProbe` | customizable readiness probe for the scheduler | | -| `keptnScheduler.keptnScheduler.resources` | sets cpu and memory resurces/limits for scheduler | | +| `scheduler.scheduler.containerSecurityContext` | Sets security context | | +| `scheduler.scheduler.env.otelCollectorUrl` | sets url for open telemetry collector | `otel-collector:4317` | +| `scheduler.scheduler.image.repository` | set image repository for scheduler | `ghcr.io/keptn/scheduler` | +| `scheduler.scheduler.image.tag` | set image tag for scheduler | `202303031677839700` | +| `scheduler.scheduler.imagePullPolicy` | set image pull policy for scheduler | `Always` | +| `scheduler.scheduler.livenessProbe` | customizable liveness probe for the scheduler | | +| `scheduler.scheduler.readinessProbe` | customizable readiness probe for the scheduler | | +| `scheduler.scheduler.resources` | sets cpu and memory resurces/limits for scheduler | | | `schedulerConfig.schedulerConfigYaml.leaderElection.leaderElect` | enables leader election for multiple replicas of the scheduler | `false` | | `schedulerConfig.schedulerConfigYaml.profiles[0].plugins.permit.enabled[0].name` | enables permit plugin | `KLCPermit` | | `schedulerConfig.schedulerConfigYaml.profiles[0].schedulerName` | changes scheduler name | `keptn-scheduler` | -| `keptnScheduler.nodeSelector` | adds node selectors for scheduler | `{}` | -| `keptnScheduler.replicas` | modifies replicas | `1` | -| `keptnScheduler.tolerations` | adds tolerations for scheduler | `[]` | -| `keptnScheduler.topologySpreadConstraints` | add topology constraints for scheduler | `[]` | - +| `scheduler.nodeSelector` | adds node selectors for scheduler | `{}` | +| `scheduler.replicas` | modifies replicas | `1` | +| `scheduler.tolerations` | adds tolerations for scheduler | `[]` | +| `scheduler.topologySpreadConstraints` | add topology constraints for scheduler | `[]` | ### Keptn Cert Manager common -| Name | Description | Value | -| ---------------------------------------------------------------------------- | ---------------------------------------------- | ------------------- | -| `kltCertManager.replicas` | customize number of replicas | `1` | -| `kltCertManagerMetricsService.ports[0].name` | TODO TODO TODO | `https` | -| `kltCertManagerMetricsService.ports[0].port` | TODO TODO TODO | `8443` | -| `kltCertManagerMetricsService.ports[0].protocol` | TODO TODO TODO | `TCP` | -| `kltCertManagerMetricsService.ports[0].targetPort` | TODO TODO TODO | `https` | -| `kltCertManagerMetricsService.type` | TODO TODO TODO | `ClusterIP` | -| `kltCertManager.nodeSelector` | specify custom node selectors for cert manager | `{}` | -| `kltCertManager.tolerations` | customize tolerations for cert manager | `[]` | -| `kltCertManager.topologySpreadConstraints` | add topology constraints for cert manager | `[]` | -| `klcManagerConfig.controllerManagerConfigYaml.health.healthProbeBindAddress` | TODO TODO TODO | `:8081` | -| `klcManagerConfig.controllerManagerConfigYaml.leaderElection.leaderElect` | TODO TODO TODO | `true` | -| `klcManagerConfig.controllerManagerConfigYaml.leaderElection.resourceName` | TODO TODO TODO | `6b866dd9.keptn.sh` | -| `klcManagerConfig.controllerManagerConfigYaml.metrics.bindAddress` | TODO TODO TODO | `127.0.0.1:8080` | -| `klcManagerConfig.controllerManagerConfigYaml.webhook.port` | TODO TODO TODO | `9443` | -| `klcWebhookService.ports[0].port` | TODO TODO TODO | `443` | -| `klcWebhookService.ports[0].protocol` | TODO TODO TODO | `TCP` | -| `klcWebhookService.ports[0].targetPort` | TODO TODO TODO | `9443` | -| `klcWebhookService.type` | TODO TODO TODO | `ClusterIP` | - +| Name | Description | Value | +| ---------------------------------------------------------------------------------- | ---------------------------------------------- | ------------------- | +| `certificateOperator.replicas` | customize number of replicas | `1` | +| `certificateOperator.nodeSelector` | specify custom node selectors for cert manager | `{}` | +| `certificateOperator.tolerations` | customize tolerations for cert manager | `[]` | +| `certificateOperator.topologySpreadConstraints` | add topology constraints for cert manager | `[]` | +| `lifecycleManagerConfig.controllerManagerConfigYaml.health.healthProbeBindAddress` | TODO TODO TODO | `:8081` | +| `lifecycleManagerConfig.controllerManagerConfigYaml.leaderElection.leaderElect` | TODO TODO TODO | `true` | +| `lifecycleManagerConfig.controllerManagerConfigYaml.leaderElection.resourceName` | TODO TODO TODO | `6b866dd9.keptn.sh` | +| `lifecycleManagerConfig.controllerManagerConfigYaml.metrics.bindAddress` | TODO TODO TODO | `127.0.0.1:8080` | +| `lifecycleManagerConfig.controllerManagerConfigYaml.webhook.port` | TODO TODO TODO | `9443` | ### Keptn Cert Manager controller -| Name | Description | Value | -| ------------------------------------------------- | ------------------------------------------------ | -------------------------------- | -| `kltCertManager.manager.containerSecurityContext` | Sets security context for the cert manager | | -| `kltCertManager.manager.image.repository` | specify repo for manager image | `ghcr.io/keptn/klt-cert-manager` | -| `kltCertManager.manager.image.tag` | select tag for manager container | `202302281677584335` | -| `kltCertManager.manager.imagePullPolicy` | select image pull policy for manager container | `Always` | -| `kltCertManager.manager.livenessProbe` | custom RBAC proxy liveness probe | | -| `kltCertManager.manager.readinessProbe` | custom manager readiness probe | | -| `kltCertManager.manager.resources` | custom limits and requests for manager container | | - +| Name | Description | Value | +| ------------------------------------------------------ | ------------------------------------------------ | ------------------------------------ | +| `certificateOperator.manager.containerSecurityContext` | Sets security context for the cert manager | | +| `certificateOperator.manager.image.repository` | specify repo for manager image | `ghcr.io/keptn/certificate-operator` | +| `certificateOperator.manager.image.tag` | select tag for manager container | `202303031677839700` | +| `certificateOperator.manager.imagePullPolicy` | select image pull policy for manager container | `Always` | +| `certificateOperator.manager.livenessProbe` | custom RBAC proxy liveness probe | | +| `certificateOperator.manager.readinessProbe` | custom manager readiness probe | | +| `certificateOperator.manager.resources` | custom limits and requests for manager container | | ### Keptn Lifecycle Operator common -| Name | Description | Value | -| -------------------------------------------------------- | --------------------------------------------------------- | ----------- | -| `klcControllerManager.replicas` | customize number of installed lifecycle operator replicas | `1` | -| `klcControllerManagerMetricsService.ports[0].name` | TODO TODO TODO | `https` | -| `klcControllerManagerMetricsService.ports[0].port` | TODO TODO TODO | `8443` | -| `klcControllerManagerMetricsService.ports[0].protocol` | TODO TODO TODO | `TCP` | -| `klcControllerManagerMetricsService.ports[0].targetPort` | TODO TODO TODO | `https` | -| `klcControllerManagerMetricsService.ports[1].name` | TODO TODO TODO | `metrics` | -| `klcControllerManagerMetricsService.ports[1].port` | TODO TODO TODO | `2222` | -| `klcControllerManagerMetricsService.ports[1].protocol` | TODO TODO TODO | `TCP` | -| `klcControllerManagerMetricsService.ports[1].targetPort` | TODO TODO TODO | `metrics` | -| `klcControllerManagerMetricsService.type` | TODO TODO TODO | `ClusterIP` | -| `klcControllerManager.nodeSelector` | add custom nodes selector to lifecycle operator | `{}` | -| `klcControllerManager.tolerations` | add custom tolerations to lifecycle operator | `[]` | -| `klcControllerManager.topologySpreadConstraints` | add custom topology constraints to lifecycle operator | `[]` | - +| Name | Description | Value | +| --------------------------------------------- | --------------------------------------------------------- | ----------- | +| `lifecycleOperator.replicas` | customize number of installed lifecycle operator replicas | `1` | +| `lifecycleWebhookService.ports[0].port` | TODO TODO TODO | `443` | +| `lifecycleWebhookService.ports[0].protocol` | TODO TODO TODO | `TCP` | +| `lifecycleWebhookService.ports[0].targetPort` | TODO TODO TODO | `9443` | +| `lifecycleWebhookService.type` | TODO TODO TODO | `ClusterIP` | +| `lifecycleOperator.nodeSelector` | add custom nodes selector to lifecycle operator | `{}` | +| `lifecycleOperator.tolerations` | add custom tolerations to lifecycle operator | `[]` | +| `lifecycleOperator.topologySpreadConstraints` | add custom topology constraints to lifecycle operator | `[]` | ### Keptn Lifecycle Operator controller -| Name | Description | Value | -| -------------------------------------------------------------------------------- | ------------------------------------------------------- | ---------------------------------------------- | -| `klcControllerManager.manager.containerSecurityContext` | Sets security context privileges | | -| `klcControllerManager.manager.containerSecurityContext.allowPrivilegeEscalation` | | `false` | -| `klcControllerManager.manager.containerSecurityContext.capabilities.drop` | | `["ALL"]` | -| `klcControllerManager.manager.containerSecurityContext.privileged` | | `false` | -| `klcControllerManager.manager.containerSecurityContext.runAsGroup` | | `65532` | -| `klcControllerManager.manager.containerSecurityContext.runAsNonRoot` | | `true` | -| `klcControllerManager.manager.containerSecurityContext.runAsUser` | | `65532` | -| `klcControllerManager.manager.containerSecurityContext.seccompProfile.type` | | `RuntimeDefault` | -| `klcControllerManager.manager.keptnappController.logLevel` | sets the log level of Keptn App Controller | `0` | -| `klcControllerManager.manager.keptnappversionController.logLevel` | sets the log level of Keptn AppVersion Controller | `0` | -| `klcControllerManager.manager.keptnevaluationController.logLevel` | sets the log level of Keptn Evaluation Controller | `0` | -| `klcControllerManager.manager.keptntaskController.logLevel` | sets the log level of Keptn Task Controller | `0` | -| `klcControllerManager.manager.keptntaskdefinitionController.logLevel` | sets the log level of Keptn TaskDefinition Controller | `0` | -| `klcControllerManager.manager.keptnworkloadController.logLevel` | sets the log level of Keptn Workload Controller | `0` | -| `klcControllerManager.manager.keptnworkloadinstanceController.logLevel` | sets the log level of Keptn WorkloadInstance Controller | `0` | -| `klcControllerManager.manager.optionsController.logLevel` | sets the log level of Keptn Options Controller | `0` | -| `klcControllerManager.manager.env.otelCollectorUrl` | Sets the URL for the open telemetry collector | `otel-collector:4317` | -| `klcControllerManager.manager.env.functionRunnerImage` | specify image for task runtime | `ghcr.keptn.sh/keptn/functions-runtime:v0.6.0` | -| `klcControllerManager.manager.image.repository` | specify registry for manager image | `ghcr.io/keptn/keptn-lifecycle-operator` | -| `klcControllerManager.manager.image.tag` | select tag for manager image | `202302281677584335` | -| `klcControllerManager.manager.imagePullPolicy` | specify pull policy for manager image | `Always` | -| `klcControllerManager.manager.livenessProbe` | custom livenessprobe for manager container | | -| `klcControllerManager.manager.readinessProbe` | custom readinessprobe for manager container | | -| `klcControllerManager.manager.resources` | specify limits and requests for manager container | | - +| Name | Description | Value | +| ----------------------------------------------------------------------------- | ------------------------------------------------------- | ---------------------------------------------- | +| `lifecycleOperator.manager.containerSecurityContext` | Sets security context privileges | | +| `lifecycleOperator.manager.containerSecurityContext.allowPrivilegeEscalation` | | `false` | +| `lifecycleOperator.manager.containerSecurityContext.capabilities.drop` | | `["ALL"]` | +| `lifecycleOperator.manager.containerSecurityContext.privileged` | | `false` | +| `lifecycleOperator.manager.containerSecurityContext.runAsGroup` | | `65532` | +| `lifecycleOperator.manager.containerSecurityContext.runAsNonRoot` | | `true` | +| `lifecycleOperator.manager.containerSecurityContext.runAsUser` | | `65532` | +| `lifecycleOperator.manager.containerSecurityContext.seccompProfile.type` | | `RuntimeDefault` | +| `lifecycleOperator.manager.env.keptnAppControllerLogLevel` | sets the log level of Keptn App Controller | `0` | +| `lifecycleOperator.manager.env.keptnAppVersionControllerLogLevel` | sets the log level of Keptn AppVersion Controller | `0` | +| `lifecycleOperator.manager.env.keptnEvaluationControllerLogLevel` | sets the log level of Keptn Evaluation Controller | `0` | +| `lifecycleOperator.manager.env.keptnTaskControllerLogLevel` | sets the log level of Keptn Task Controller | `0` | +| `lifecycleOperator.manager.env.keptnTaskDefinitionControllerLogLevel` | sets the log level of Keptn TaskDefinition Controller | `0` | +| `lifecycleOperator.manager.env.keptnWorkloadControllerLogLevel` | sets the log level of Keptn Workload Controller | `0` | +| `lifecycleOperator.manager.env.keptnWorkloadInstanceControllerLogLevel` | sets the log level of Keptn WorkloadInstance Controller | `0` | +| `lifecycleOperator.manager.env.optionsControllerLogLevel` | sets the log level of Keptn Options Controller | `0` | +| `lifecycleOperator.manager.env.otelCollectorUrl` | Sets the URL for the open telemetry collector | `0` | +| `lifecycleOperator.manager.env.functionRunnerImage` | specify image for task runtime | `ghcr.keptn.sh/keptn/functions-runtime:v0.6.0` | +| `lifecycleOperator.manager.image.repository` | specify registry for manager image | `ghcr.io/keptn/lifecycle-operator` | +| `lifecycleOperator.manager.image.tag` | select tag for manager image | `202303031677839700` | +| `lifecycleOperator.manager.imagePullPolicy` | specify pull policy for manager image | `Always` | +| `lifecycleOperator.manager.livenessProbe` | custom livenessprobe for manager container | | +| `lifecycleOperator.manager.readinessProbe` | custom readinessprobe for manager container | | +| `lifecycleOperator.manager.resources` | specify limits and requests for manager container | | ### Keptn Metrics Operator common -| Name | Description | Value | -| ---------------------------------------------------------------------------------------- | ------------------------------------------------------- | ------------------- | -| `metricsOperatorController.replicas` | customize number of installed metrics operator replicas | `1` | -| `metricsOperatorControllerMetricsService.ports[0].name` | | `https` | -| `metricsOperatorControllerMetricsService.ports[0].port` | | `8443` | -| `metricsOperatorControllerMetricsService.ports[0].protocol` | | `TCP` | -| `metricsOperatorControllerMetricsService.ports[0].targetPort` | | `https` | -| `metricsOperatorControllerMetricsService.ports[1].name` | | `custom-metrics` | -| `metricsOperatorControllerMetricsService.ports[1].port` | | `443` | -| `metricsOperatorControllerMetricsService.ports[1].targetPort` | | `custom-metrics` | -| `metricsOperatorControllerMetricsService.ports[2].name` | | `metrics` | -| `metricsOperatorControllerMetricsService.ports[2].port` | | `2222` | -| `metricsOperatorControllerMetricsService.ports[2].protocol` | | `TCP` | -| `metricsOperatorControllerMetricsService.ports[2].targetPort` | | `metrics` | -| `metricsOperatorControllerMetricsService.type` | | `ClusterIP` | -| `metricsOperatorManagerConfig.controllerManagerConfigYaml.health.healthProbeBindAddress` | TODO TODO TODO | `:8081` | -| `metricsOperatorManagerConfig.controllerManagerConfigYaml.leaderElection.leaderElect` | TODO TODO TODO | `true` | -| `metricsOperatorManagerConfig.controllerManagerConfigYaml.leaderElection.resourceName` | TODO TODO TODO | `3f8532ca.keptn.sh` | -| `metricsOperatorManagerConfig.controllerManagerConfigYaml.metrics.bindAddress` | TODO TODO TODO | `127.0.0.1:8080` | -| `metricsOperatorManagerConfig.controllerManagerConfigYaml.webhook.port` | TODO TODO TODO | `9443` | -| `metricsOperatorWebhookService.ports[0].port` | TODO TODO TODO | `443` | -| `metricsOperatorWebhookService.ports[0].protocol` | TODO TODO TODO | `TCP` | -| `metricsOperatorWebhookService.ports[0].targetPort` | TODO TODO TODO | `9443` | -| `metricsOperatorWebhookService.type` | TODO TODO TODO | `ClusterIP` | -| `metricsOperatorController.nodeSelector` | add custom nodes selector to metrics operator | `{}` | -| `metricsOperatorController.tolerations` | add custom tolerations to metrics operator | `[]` | -| `metricsOperatorController.topologySpreadConstraints` | add custom topology constraints to metrics operator | `[]` | - +| Name | Description | Value | +| -------------------------------------------------------------------------------- | ------------------------------------------------------- | ------------------- | +| `metricsOperator.replicas` | customize number of installed metrics operator replicas | `1` | +| `metricsOperatorService.ports[0].name` | | `https` | +| `metricsOperatorService.ports[0].port` | | `8443` | +| `metricsOperatorService.ports[0].protocol` | | `TCP` | +| `metricsOperatorService.ports[0].targetPort` | | `https` | +| `metricsOperatorService.ports[1].name` | | `custom-metrics` | +| `metricsOperatorService.ports[1].port` | | `443` | +| `metricsOperatorService.ports[1].targetPort` | | `custom-metrics` | +| `metricsOperatorService.ports[2].name` | | `metrics` | +| `metricsOperatorService.ports[2].port` | | `2222` | +| `metricsOperatorService.ports[2].protocol` | | `TCP` | +| `metricsOperatorService.ports[2].targetPort` | | `metrics` | +| `metricsOperatorService.type` | | `ClusterIP` | +| `metricsManagerConfig.controllerManagerConfigYaml.health.healthProbeBindAddress` | TODO TODO TODO | `:8081` | +| `metricsManagerConfig.controllerManagerConfigYaml.leaderElection.leaderElect` | TODO TODO TODO | `true` | +| `metricsManagerConfig.controllerManagerConfigYaml.leaderElection.resourceName` | TODO TODO TODO | `3f8532ca.keptn.sh` | +| `metricsManagerConfig.controllerManagerConfigYaml.metrics.bindAddress` | TODO TODO TODO | `127.0.0.1:8080` | +| `metricsManagerConfig.controllerManagerConfigYaml.webhook.port` | TODO TODO TODO | `9443` | +| `metricsWebhookService.ports[0].port` | TODO TODO TODO | `443` | +| `metricsWebhookService.ports[0].protocol` | TODO TODO TODO | `TCP` | +| `metricsWebhookService.ports[0].targetPort` | TODO TODO TODO | `9443` | +| `metricsWebhookService.type` | TODO TODO TODO | `ClusterIP` | +| `metricsOperator.nodeSelector` | add custom nodes selector to metrics operator | `{}` | +| `metricsOperator.tolerations` | add custom tolerations to metrics operator | `[]` | +| `metricsOperator.topologySpreadConstraints` | add custom topology constraints to metrics operator | `[]` | ### Keptn Metrics Operator controller -| Name | Description | Value | -| ------------------------------------------------------------------------------------- | ------------------------------------------------- | -------------------------------- | -| `metricsOperatorController.manager.containerSecurityContext` | Sets security context privileges | | -| `metricsOperatorController.manager.containerSecurityContext.allowPrivilegeEscalation` | | `false` | -| `metricsOperatorController.manager.containerSecurityContext.capabilities.drop` | | `["ALL"]` | -| `metricsOperatorController.manager.metricsController.logLevel` | sets the log level of Keptn Metrics Controller | `0` | -| `metricsOperatorController.manager.image.repository` | specify registry for manager image | `ghcr.io/keptn/metrics-operator` | -| `metricsOperatorController.manager.image.tag` | select tag for manager image | `202302281677584335` | -| `metricsOperatorController.manager.env.exposeKeptnMetrics` | enable metrics exporter | `true` | -| `metricsOperatorController.manager.livenessProbe` | custom livenessprobe for manager container | | -| `metricsOperatorController.manager.readinessProbe` | custom readinessprobe for manager container | | -| `metricsOperatorController.manager.resources` | specify limits and requests for manager container | | - +| Name | Description | Value | +| --------------------------------------------------------------------------- | ------------------------------------------------- | -------------------------------- | +| `metricsOperator.manager.containerSecurityContext` | Sets security context privileges | | +| `metricsOperator.manager.containerSecurityContext.allowPrivilegeEscalation` | | `false` | +| `metricsOperator.manager.containerSecurityContext.capabilities.drop` | | `["ALL"]` | +| `metricsOperator.manager.image.repository` | specify registry for manager image | `ghcr.io/keptn/metrics-operator` | +| `metricsOperator.manager.image.tag` | select tag for manager image | `202303031677839700` | +| `metricsOperator.manager.env.exposeKeptnMetrics` | enable metrics exporter | `true` | +| `metricsOperator.manager.env.metricsControllerLogLevel` | sets the log level of Metrics Controller | `0` | +| `metricsOperator.manager.livenessProbe` | custom livenessprobe for manager container | | +| `metricsOperator.manager.readinessProbe` | custom readinessprobe for manager container | | +| `metricsOperator.manager.resources` | specify limits and requests for manager container | | ### Global @@ -166,4 +145,3 @@ checks | ------------------------- | -------------------------------------- | --------------- | | `kubernetesClusterDomain` | overrides domain.local | `cluster.local` | | `imagePullSecrets` | global value for image registry secret | `[]` | - diff --git a/helm/chart/doc.yaml b/helm/chart/doc.yaml index 23f1a8016a..f2ec068d67 100644 --- a/helm/chart/doc.yaml +++ b/helm/chart/doc.yaml @@ -1,225 +1,210 @@ ## @section Keptn Scheduler -## @extra keptnScheduler.keptnScheduler.containerSecurityContext Sets security context -## @skip keptnScheduler.keptnScheduler.containerSecurityContext.allowPrivilegeEscalation -## @skip keptnScheduler.keptnScheduler.containerSecurityContext.capabilities.drop -## @skip keptnScheduler.keptnScheduler.containerSecurityContext.privileged -## @skip keptnScheduler.keptnScheduler.containerSecurityContext.readOnlyRootFilesystem -## @skip keptnScheduler.keptnScheduler.containerSecurityContext.runAsNonRoot -## @skip keptnScheduler.keptnScheduler.containerSecurityContext.runAsUser -## @skip keptnScheduler.keptnScheduler.containerSecurityContext.seccompProfile.type - -## @param keptnScheduler.keptnScheduler.env.otelCollectorUrl sets url for open telemetry collector - -## @param keptnScheduler.keptnScheduler.image.repository set image repository for scheduler -## @param keptnScheduler.keptnScheduler.image.tag set image tag for scheduler -## @param keptnScheduler.keptnScheduler.imagePullPolicy set image pull policy for scheduler - -## @extra keptnScheduler.keptnScheduler.livenessProbe customizable liveness probe for the scheduler -## @skip keptnScheduler.keptnScheduler.livenessProbe.httpGet.path -## @skip keptnScheduler.keptnScheduler.livenessProbe.httpGet.port -## @skip keptnScheduler.keptnScheduler.livenessProbe.httpGet.scheme -## @skip keptnScheduler.keptnScheduler.livenessProbe.initialDelaySeconds - -## @extra keptnScheduler.keptnScheduler.readinessProbe customizable readiness probe for the scheduler -## @skip keptnScheduler.keptnScheduler.readinessProbe.httpGet.path -## @skip keptnScheduler.keptnScheduler.readinessProbe.httpGet.port -## @skip keptnScheduler.keptnScheduler.readinessProbe.httpGet.scheme - -## @extra keptnScheduler.keptnScheduler.resources sets cpu and memory resurces/limits for scheduler -## @skip keptnScheduler.keptnScheduler.resources.limits.cpu -## @skip keptnScheduler.keptnScheduler.resources.limits.memory -## @skip keptnScheduler.keptnScheduler.resources.requests.cpu -## @skip keptnScheduler.keptnScheduler.resources.requests.memory +## @extra scheduler.scheduler.containerSecurityContext Sets security context +## @skip scheduler.scheduler.containerSecurityContext.allowPrivilegeEscalation +## @skip scheduler.scheduler.containerSecurityContext.capabilities.drop +## @skip scheduler.scheduler.containerSecurityContext.privileged +## @skip scheduler.scheduler.containerSecurityContext.readOnlyRootFilesystem +## @skip scheduler.scheduler.containerSecurityContext.runAsNonRoot +## @skip scheduler.scheduler.containerSecurityContext.runAsUser +## @skip scheduler.scheduler.containerSecurityContext.seccompProfile.type + +## @param scheduler.scheduler.env.otelCollectorUrl sets url for open telemetry collector + +## @param scheduler.scheduler.image.repository set image repository for scheduler +## @param scheduler.scheduler.image.tag set image tag for scheduler +## @param scheduler.scheduler.imagePullPolicy set image pull policy for scheduler + +## @extra scheduler.scheduler.livenessProbe customizable liveness probe for the scheduler +## @skip scheduler.scheduler.livenessProbe.httpGet.path +## @skip scheduler.scheduler.livenessProbe.httpGet.port +## @skip scheduler.scheduler.livenessProbe.httpGet.scheme +## @skip scheduler.scheduler.livenessProbe.initialDelaySeconds + +## @extra scheduler.scheduler.readinessProbe customizable readiness probe for the scheduler +## @skip scheduler.scheduler.readinessProbe.httpGet.path +## @skip scheduler.scheduler.readinessProbe.httpGet.port +## @skip scheduler.scheduler.readinessProbe.httpGet.scheme + +## @extra scheduler.scheduler.resources sets cpu and memory resurces/limits for scheduler +## @skip scheduler.scheduler.resources.limits.cpu +## @skip scheduler.scheduler.resources.limits.memory +## @skip scheduler.scheduler.resources.requests.cpu +## @skip scheduler.scheduler.resources.requests.memory ## @param schedulerConfig.schedulerConfigYaml.leaderElection.leaderElect enables leader election for multiple replicas of the scheduler ## @param schedulerConfig.schedulerConfigYaml.profiles[0].plugins.permit.enabled[0].name enables permit plugin ## @param schedulerConfig.schedulerConfigYaml.profiles[0].schedulerName changes scheduler name -## @param keptnScheduler.nodeSelector adds node selectors for scheduler -## @param keptnScheduler.replicas modifies replicas -## @param keptnScheduler.tolerations adds tolerations for scheduler -## @param keptnScheduler.topologySpreadConstraints add topology constraints for scheduler +## @param scheduler.nodeSelector adds node selectors for scheduler +## @param scheduler.replicas modifies replicas +## @param scheduler.tolerations adds tolerations for scheduler +## @param scheduler.topologySpreadConstraints add topology constraints for scheduler ## @section Keptn Cert Manager common -## @param kltCertManager.replicas customize number of replicas +## @param certificateOperator.replicas customize number of replicas -## @param kltCertManagerMetricsService.ports[0].name TODO TODO TODO -## @param kltCertManagerMetricsService.ports[0].port TODO TODO TODO -## @param kltCertManagerMetricsService.ports[0].protocol TODO TODO TODO -## @param kltCertManagerMetricsService.ports[0].targetPort TODO TODO TODO -## @param kltCertManagerMetricsService.type TODO TODO TODO +## @param certificateOperator.nodeSelector specify custom node selectors for cert manager +## @param certificateOperator.tolerations customize tolerations for cert manager +## @param certificateOperator.topologySpreadConstraints add topology constraints for cert manager -## @param kltCertManager.nodeSelector specify custom node selectors for cert manager -## @param kltCertManager.tolerations customize tolerations for cert manager -## @param kltCertManager.topologySpreadConstraints add topology constraints for cert manager +## @param lifecycleManagerConfig.controllerManagerConfigYaml.health.healthProbeBindAddress TODO TODO TODO +## @param lifecycleManagerConfig.controllerManagerConfigYaml.leaderElection.leaderElect TODO TODO TODO +## @param lifecycleManagerConfig.controllerManagerConfigYaml.leaderElection.resourceName TODO TODO TODO +## @param lifecycleManagerConfig.controllerManagerConfigYaml.metrics.bindAddress TODO TODO TODO +## @param lifecycleManagerConfig.controllerManagerConfigYaml.webhook.port TODO TODO TODO -## @param klcManagerConfig.controllerManagerConfigYaml.health.healthProbeBindAddress TODO TODO TODO -## @param klcManagerConfig.controllerManagerConfigYaml.leaderElection.leaderElect TODO TODO TODO -## @param klcManagerConfig.controllerManagerConfigYaml.leaderElection.resourceName TODO TODO TODO -## @param klcManagerConfig.controllerManagerConfigYaml.metrics.bindAddress TODO TODO TODO -## @param klcManagerConfig.controllerManagerConfigYaml.webhook.port TODO TODO TODO - -## @param klcWebhookService.ports[0].port TODO TODO TODO -## @param klcWebhookService.ports[0].protocol TODO TODO TODO -## @param klcWebhookService.ports[0].targetPort TODO TODO TODO -## @param klcWebhookService.type TODO TODO TODO ## @section Keptn Cert Manager controller -## @extra kltCertManager.manager.containerSecurityContext Sets security context for the cert manager -## @skip kltCertManager.manager.containerSecurityContext.allowPrivilegeEscalation -## @skip kltCertManager.manager.containerSecurityContext.capabilities.drop -## @skip kltCertManager.manager.containerSecurityContext.readOnlyRootFilesystem -## @skip kltCertManager.manager.containerSecurityContext.runAsGroup -## @skip kltCertManager.manager.containerSecurityContext.runAsUser -## @skip kltCertManager.manager.containerSecurityContext.seccompProfile.type - -## @param kltCertManager.manager.image.repository specify repo for manager image -## @param kltCertManager.manager.image.tag select tag for manager container -## @param kltCertManager.manager.imagePullPolicy select image pull policy for manager container - -## @extra kltCertManager.manager.livenessProbe custom RBAC proxy liveness probe -## @skip kltCertManager.manager.livenessProbe.httpGet.path -## @skip kltCertManager.manager.livenessProbe.httpGet.port -## @skip kltCertManager.manager.livenessProbe.initialDelaySeconds -## @skip kltCertManager.manager.livenessProbe.periodSeconds - -## @extra kltCertManager.manager.readinessProbe custom manager readiness probe -## @skip kltCertManager.manager.readinessProbe.httpGet.path -## @skip kltCertManager.manager.readinessProbe.httpGet.port -## @skip kltCertManager.manager.readinessProbe.initialDelaySeconds -## @skip kltCertManager.manager.readinessProbe.periodSeconds - -## @extra kltCertManager.manager.resources custom limits and requests for manager container -## @skip kltCertManager.manager.resources.limits.cpu -## @skip kltCertManager.manager.resources.limits.memory -## @skip kltCertManager.manager.resources.requests.cpu -## @skip kltCertManager.manager.resources.requests.memory +## @extra certificateOperator.manager.containerSecurityContext Sets security context for the cert manager +## @skip certificateOperator.manager.containerSecurityContext.allowPrivilegeEscalation +## @skip certificateOperator.manager.containerSecurityContext.capabilities.drop +## @skip certificateOperator.manager.containerSecurityContext.readOnlyRootFilesystem +## @skip certificateOperator.manager.containerSecurityContext.runAsGroup +## @skip certificateOperator.manager.containerSecurityContext.runAsUser +## @skip certificateOperator.manager.containerSecurityContext.seccompProfile.type + +## @param certificateOperator.manager.image.repository specify repo for manager image +## @param certificateOperator.manager.image.tag select tag for manager container +## @param certificateOperator.manager.imagePullPolicy select image pull policy for manager container + +## @extra certificateOperator.manager.livenessProbe custom RBAC proxy liveness probe +## @skip certificateOperator.manager.livenessProbe.httpGet.path +## @skip certificateOperator.manager.livenessProbe.httpGet.port +## @skip certificateOperator.manager.livenessProbe.initialDelaySeconds +## @skip certificateOperator.manager.livenessProbe.periodSeconds + +## @extra certificateOperator.manager.readinessProbe custom manager readiness probe +## @skip certificateOperator.manager.readinessProbe.httpGet.path +## @skip certificateOperator.manager.readinessProbe.httpGet.port +## @skip certificateOperator.manager.readinessProbe.initialDelaySeconds +## @skip certificateOperator.manager.readinessProbe.periodSeconds + +## @extra certificateOperator.manager.resources custom limits and requests for manager container +## @skip certificateOperator.manager.resources.limits.cpu +## @skip certificateOperator.manager.resources.limits.memory +## @skip certificateOperator.manager.resources.requests.cpu +## @skip certificateOperator.manager.resources.requests.memory ## @section Keptn Lifecycle Operator common -## @param klcControllerManager.replicas customize number of installed lifecycle operator replicas -## @param klcControllerManagerMetricsService.ports[0].name TODO TODO TODO -## @param klcControllerManagerMetricsService.ports[0].port TODO TODO TODO -## @param klcControllerManagerMetricsService.ports[0].protocol TODO TODO TODO -## @param klcControllerManagerMetricsService.ports[0].targetPort TODO TODO TODO -## @param klcControllerManagerMetricsService.ports[1].name TODO TODO TODO -## @param klcControllerManagerMetricsService.ports[1].port TODO TODO TODO -## @param klcControllerManagerMetricsService.ports[1].protocol TODO TODO TODO -## @param klcControllerManagerMetricsService.ports[1].targetPort TODO TODO TODO -## @param klcControllerManagerMetricsService.type TODO TODO TODO - -## @param klcControllerManager.nodeSelector add custom nodes selector to lifecycle operator -## @param klcControllerManager.tolerations add custom tolerations to lifecycle operator -## @param klcControllerManager.topologySpreadConstraints add custom topology constraints to lifecycle operator +## @param lifecycleOperator.replicas customize number of installed lifecycle operator replicas -## @section Keptn Lifecycle Operator controller -## @extra klcControllerManager.manager.containerSecurityContext Sets security context privileges -## @param klcControllerManager.manager.containerSecurityContext.allowPrivilegeEscalation -## @param klcControllerManager.manager.containerSecurityContext.capabilities.drop -## @param klcControllerManager.manager.containerSecurityContext.privileged -## @param klcControllerManager.manager.containerSecurityContext.runAsGroup -## @param klcControllerManager.manager.containerSecurityContext.runAsNonRoot -## @param klcControllerManager.manager.containerSecurityContext.runAsUser -## @param klcControllerManager.manager.containerSecurityContext.seccompProfile.type - -## @param klcControllerManager.manager.keptnappController.logLevel sets the log level of Keptn App Controller -## @param klcControllerManager.manager.keptnappversionController.logLevel sets the log level of Keptn AppVersion Controller -## @param klcControllerManager.manager.keptnevaluationController.logLevel sets the log level of Keptn Evaluation Controller -## @param klcControllerManager.manager.keptntaskController.logLevel sets the log level of Keptn Task Controller -## @param klcControllerManager.manager.keptntaskdefinitionController.logLevel sets the log level of Keptn TaskDefinition Controller -## @param klcControllerManager.manager.keptnworkloadController.logLevel sets the log level of Keptn Workload Controller -## @param klcControllerManager.manager.keptnworkloadinstanceController.logLevel sets the log level of Keptn WorkloadInstance Controller -## @param klcControllerManager.manager.optionsController.logLevel sets the log level of Keptn Options Controller - -## @param klcControllerManager.manager.env.otelCollectorUrl Sets the URL for the open telemetry collector -## @param klcControllerManager.manager.env.functionRunnerImage specify image for task runtime - -## @param klcControllerManager.manager.image.repository specify registry for manager image -## @param klcControllerManager.manager.image.tag select tag for manager image -## @param klcControllerManager.manager.imagePullPolicy specify pull policy for manager image - -## @extra klcControllerManager.manager.livenessProbe custom livenessprobe for manager container -## @skip klcControllerManager.manager.livenessProbe.httpGet.path -## @skip klcControllerManager.manager.livenessProbe.httpGet.port -## @skip klcControllerManager.manager.livenessProbe.initialDelaySeconds -## @skip klcControllerManager.manager.livenessProbe.periodSeconds - -## @extra klcControllerManager.manager.readinessProbe custom readinessprobe for manager container -## @skip klcControllerManager.manager.readinessProbe.httpGet.path -## @skip klcControllerManager.manager.readinessProbe.httpGet.port -## @skip klcControllerManager.manager.readinessProbe.initialDelaySeconds -## @skip klcControllerManager.manager.readinessProbe.periodSeconds - -## @extra klcControllerManager.manager.resources specify limits and requests for manager container -## @skip klcControllerManager.manager.resources.limits.cpu -## @skip klcControllerManager.manager.resources.limits.memory -## @skip klcControllerManager.manager.resources.requests.cpu -## @skip klcControllerManager.manager.resources.requests.memory +## @param lifecycleWebhookService.ports[0].port TODO TODO TODO +## @param lifecycleWebhookService.ports[0].protocol TODO TODO TODO +## @param lifecycleWebhookService.ports[0].targetPort TODO TODO TODO +## @param lifecycleWebhookService.type TODO TODO TODO +## @param lifecycleOperator.nodeSelector add custom nodes selector to lifecycle operator +## @param lifecycleOperator.tolerations add custom tolerations to lifecycle operator +## @param lifecycleOperator.topologySpreadConstraints add custom topology constraints to lifecycle operator + +## @section Keptn Lifecycle Operator controller +## @extra lifecycleOperator.manager.containerSecurityContext Sets security context privileges +## @param lifecycleOperator.manager.containerSecurityContext.allowPrivilegeEscalation +## @param lifecycleOperator.manager.containerSecurityContext.capabilities.drop +## @param lifecycleOperator.manager.containerSecurityContext.privileged +## @param lifecycleOperator.manager.containerSecurityContext.runAsGroup +## @param lifecycleOperator.manager.containerSecurityContext.runAsNonRoot +## @param lifecycleOperator.manager.containerSecurityContext.runAsUser +## @param lifecycleOperator.manager.containerSecurityContext.seccompProfile.type + +## @param lifecycleOperator.manager.env.keptnAppControllerLogLevel sets the log level of Keptn App Controller +## @param lifecycleOperator.manager.env.keptnAppVersionControllerLogLevel sets the log level of Keptn AppVersion Controller +## @param lifecycleOperator.manager.env.keptnEvaluationControllerLogLevel sets the log level of Keptn Evaluation Controller +## @param lifecycleOperator.manager.env.keptnTaskControllerLogLevel sets the log level of Keptn Task Controller +## @param lifecycleOperator.manager.env.keptnTaskDefinitionControllerLogLevel sets the log level of Keptn TaskDefinition Controller +## @param lifecycleOperator.manager.env.keptnWorkloadControllerLogLevel sets the log level of Keptn Workload Controller +## @param lifecycleOperator.manager.env.keptnWorkloadInstanceControllerLogLevel sets the log level of Keptn WorkloadInstance Controller +## @param lifecycleOperator.manager.env.optionsControllerLogLevel sets the log level of Keptn Options Controller + +## @param lifecycleOperator.manager.env.otelCollectorUrl Sets the URL for the open telemetry collector +## @param lifecycleOperator.manager.env.functionRunnerImage specify image for task runtime + +## @param lifecycleOperator.manager.image.repository specify registry for manager image +## @param lifecycleOperator.manager.image.tag select tag for manager image +## @param lifecycleOperator.manager.imagePullPolicy specify pull policy for manager image + +## @extra lifecycleOperator.manager.livenessProbe custom livenessprobe for manager container +## @skip lifecycleOperator.manager.livenessProbe.httpGet.path +## @skip lifecycleOperator.manager.livenessProbe.httpGet.port +## @skip lifecycleOperator.manager.livenessProbe.initialDelaySeconds +## @skip lifecycleOperator.manager.livenessProbe.periodSeconds + +## @extra lifecycleOperator.manager.readinessProbe custom readinessprobe for manager container +## @skip lifecycleOperator.manager.readinessProbe.httpGet.path +## @skip lifecycleOperator.manager.readinessProbe.httpGet.port +## @skip lifecycleOperator.manager.readinessProbe.initialDelaySeconds +## @skip lifecycleOperator.manager.readinessProbe.periodSeconds + +## @extra lifecycleOperator.manager.resources specify limits and requests for manager container +## @skip lifecycleOperator.manager.resources.limits.cpu +## @skip lifecycleOperator.manager.resources.limits.memory +## @skip lifecycleOperator.manager.resources.requests.cpu +## @skip lifecycleOperator.manager.resources.requests.memory ## @section Keptn Metrics Operator common -## @param metricsOperatorController.replicas customize number of installed metrics operator replicas - -## @param metricsOperatorControllerMetricsService.ports[0].name -## @param metricsOperatorControllerMetricsService.ports[0].port -## @param metricsOperatorControllerMetricsService.ports[0].protocol -## @param metricsOperatorControllerMetricsService.ports[0].targetPort -## @param metricsOperatorControllerMetricsService.ports[1].name -## @param metricsOperatorControllerMetricsService.ports[1].port -## @param metricsOperatorControllerMetricsService.ports[1].targetPort -## @param metricsOperatorControllerMetricsService.ports[2].name -## @param metricsOperatorControllerMetricsService.ports[2].port -## @param metricsOperatorControllerMetricsService.ports[2].protocol -## @param metricsOperatorControllerMetricsService.ports[2].targetPort -## @param metricsOperatorControllerMetricsService.type - -## @param metricsOperatorManagerConfig.controllerManagerConfigYaml.health.healthProbeBindAddress TODO TODO TODO -## @param metricsOperatorManagerConfig.controllerManagerConfigYaml.leaderElection.leaderElect TODO TODO TODO -## @param metricsOperatorManagerConfig.controllerManagerConfigYaml.leaderElection.resourceName TODO TODO TODO -## @param metricsOperatorManagerConfig.controllerManagerConfigYaml.metrics.bindAddress TODO TODO TODO -## @param metricsOperatorManagerConfig.controllerManagerConfigYaml.webhook.port TODO TODO TODO - -## @param metricsOperatorWebhookService.ports[0].port TODO TODO TODO -## @param metricsOperatorWebhookService.ports[0].protocol TODO TODO TODO -## @param metricsOperatorWebhookService.ports[0].targetPort TODO TODO TODO -## @param metricsOperatorWebhookService.type TODO TODO TODO - -## @param metricsOperatorController.nodeSelector add custom nodes selector to metrics operator -## @param metricsOperatorController.tolerations add custom tolerations to metrics operator -## @param metricsOperatorController.topologySpreadConstraints add custom topology constraints to metrics operator +## @param metricsOperator.replicas customize number of installed metrics operator replicas + +## @param metricsOperatorService.ports[0].name +## @param metricsOperatorService.ports[0].port +## @param metricsOperatorService.ports[0].protocol +## @param metricsOperatorService.ports[0].targetPort +## @param metricsOperatorService.ports[1].name +## @param metricsOperatorService.ports[1].port +## @param metricsOperatorService.ports[1].targetPort +## @param metricsOperatorService.ports[2].name +## @param metricsOperatorService.ports[2].port +## @param metricsOperatorService.ports[2].protocol +## @param metricsOperatorService.ports[2].targetPort +## @param metricsOperatorService.type + +## @param metricsManagerConfig.controllerManagerConfigYaml.health.healthProbeBindAddress TODO TODO TODO +## @param metricsManagerConfig.controllerManagerConfigYaml.leaderElection.leaderElect TODO TODO TODO +## @param metricsManagerConfig.controllerManagerConfigYaml.leaderElection.resourceName TODO TODO TODO +## @param metricsManagerConfig.controllerManagerConfigYaml.metrics.bindAddress TODO TODO TODO +## @param metricsManagerConfig.controllerManagerConfigYaml.webhook.port TODO TODO TODO + +## @param metricsWebhookService.ports[0].port TODO TODO TODO +## @param metricsWebhookService.ports[0].protocol TODO TODO TODO +## @param metricsWebhookService.ports[0].targetPort TODO TODO TODO +## @param metricsWebhookService.type TODO TODO TODO + +## @param metricsOperator.nodeSelector add custom nodes selector to metrics operator +## @param metricsOperator.tolerations add custom tolerations to metrics operator +## @param metricsOperator.topologySpreadConstraints add custom topology constraints to metrics operator ## @section Keptn Metrics Operator controller -## @extra metricsOperatorController.manager.containerSecurityContext Sets security context privileges -## @param metricsOperatorController.manager.containerSecurityContext.allowPrivilegeEscalation -## @param metricsOperatorController.manager.containerSecurityContext.capabilities.drop - -## @param metricsOperatorController.manager.metricsController.logLevel sets the log level of Keptn Metrics Controller - -## @param metricsOperatorController.manager.image.repository specify registry for manager image -## @param metricsOperatorController.manager.image.tag select tag for manager image - -## @param metricsOperatorController.manager.env.exposeKeptnMetrics enable metrics exporter - -## @extra metricsOperatorController.manager.livenessProbe custom livenessprobe for manager container -## @skip metricsOperatorController.manager.livenessProbe.httpGet.path -## @skip metricsOperatorController.manager.livenessProbe.httpGet.port -## @skip metricsOperatorController.manager.livenessProbe.initialDelaySeconds -## @skip metricsOperatorController.manager.livenessProbe.periodSeconds - -## @extra metricsOperatorController.manager.readinessProbe custom readinessprobe for manager container -## @skip metricsOperatorController.manager.readinessProbe.httpGet.path -## @skip metricsOperatorController.manager.readinessProbe.httpGet.port -## @skip metricsOperatorController.manager.readinessProbe.initialDelaySeconds -## @skip metricsOperatorController.manager.readinessProbe.periodSeconds - -## @extra metricsOperatorController.manager.resources specify limits and requests for manager container -## @skip metricsOperatorController.manager.resources.limits.cpu -## @skip metricsOperatorController.manager.resources.limits.memory -## @skip metricsOperatorController.manager.resources.requests.cpu -## @skip metricsOperatorController.manager.resources.requests.memory +## @extra metricsOperator.manager.containerSecurityContext Sets security context privileges +## @param metricsOperator.manager.containerSecurityContext.allowPrivilegeEscalation +## @param metricsOperator.manager.containerSecurityContext.capabilities.drop + + +## @param metricsOperator.manager.image.repository specify registry for manager image +## @param metricsOperator.manager.image.tag select tag for manager image + +## @param metricsOperator.manager.env.exposeKeptnMetrics enable metrics exporter +## @param metricsOperator.manager.env.metricsControllerLogLevel sets the log level of Metrics Controller + +## @extra metricsOperator.manager.livenessProbe custom livenessprobe for manager container +## @skip metricsOperator.manager.livenessProbe.httpGet.path +## @skip metricsOperator.manager.livenessProbe.httpGet.port +## @skip metricsOperator.manager.livenessProbe.initialDelaySeconds +## @skip metricsOperator.manager.livenessProbe.periodSeconds + +## @extra metricsOperator.manager.readinessProbe custom readinessprobe for manager container +## @skip metricsOperator.manager.readinessProbe.httpGet.path +## @skip metricsOperator.manager.readinessProbe.httpGet.port +## @skip metricsOperator.manager.readinessProbe.initialDelaySeconds +## @skip metricsOperator.manager.readinessProbe.periodSeconds + +## @extra metricsOperator.manager.resources specify limits and requests for manager container +## @skip metricsOperator.manager.resources.limits.cpu +## @skip metricsOperator.manager.resources.limits.memory +## @skip metricsOperator.manager.resources.requests.cpu +## @skip metricsOperator.manager.resources.requests.memory ## @section Global diff --git a/helm/chart/values.yaml b/helm/chart/values.yaml index 00e51b2af2..e01b3d017d 100644 --- a/helm/chart/values.yaml +++ b/helm/chart/values.yaml @@ -1,80 +1,18 @@ -imagePullSecrets: [] -keptnScheduler: - keptnScheduler: - containerSecurityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - privileged: false - readOnlyRootFilesystem: true - runAsNonRoot: true - runAsUser: 65532 - seccompProfile: - type: RuntimeDefault - env: - otelCollectorUrl: otel-collector:4317 - image: - repository: ghcr.io/keptn/scheduler - tag: "202302281677584335" - imagePullPolicy: Always - livenessProbe: - httpGet: - path: /healthz - port: 10259 - scheme: HTTPS - initialDelaySeconds: 15 - readinessProbe: - httpGet: - path: /healthz - port: 10259 - scheme: HTTPS - resources: - limits: - cpu: 300m - memory: 100Mi - requests: - cpu: 100m - memory: 20Mi - nodeSelector: {} - replicas: 1 - tolerations: [] - topologySpreadConstraints: [] -klcControllerManager: +certificateOperator: manager: - keptnappController: - logLevel: 0 - keptnappversionController: - logLevel: 0 - keptnevaluationController: - logLevel: 0 - keptntaskController: - logLevel: 0 - keptntaskdefinitionController: - logLevel: 0 - keptnworkloadController: - logLevel: 0 - keptnworkloadinstanceController: - logLevel: 0 - optionsController: - logLevel: 0 containerSecurityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL - privileged: false + readOnlyRootFilesystem: true runAsGroup: 65532 - runAsNonRoot: true runAsUser: 65532 seccompProfile: type: RuntimeDefault - env: - functionRunnerImage: ghcr.keptn.sh/keptn/functions-runtime:v0.6.0 - otelCollectorUrl: otel-collector:4317 image: - repository: ghcr.io/keptn/keptn-lifecycle-operator - tag: "202302281677584335" + repository: ghcr.io/keptn/certificate-operator + tag: "202303031677839700" imagePullPolicy: Always livenessProbe: httpGet: @@ -90,27 +28,18 @@ klcControllerManager: periodSeconds: 10 resources: limits: - cpu: 500m - memory: 128Mi + cpu: 25m + memory: 64Mi requests: cpu: 5m - memory: 64Mi + memory: 16Mi nodeSelector: {} replicas: 1 tolerations: [] topologySpreadConstraints: [] -klcControllerManagerMetricsService: - ports: - - name: https - port: 8443 - protocol: TCP - targetPort: https - - name: metrics - port: 2222 - protocol: TCP - targetPort: metrics - type: ClusterIP -klcManagerConfig: +imagePullSecrets: [] +kubernetesClusterDomain: cluster.local +lifecycleManagerConfig: controllerManagerConfigYaml: health: healthProbeBindAddress: :8081 @@ -121,27 +50,33 @@ klcManagerConfig: bindAddress: 127.0.0.1:8080 webhook: port: 9443 -klcWebhookService: - ports: - - port: 443 - protocol: TCP - targetPort: 9443 - type: ClusterIP -kltCertManager: +lifecycleOperator: manager: containerSecurityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL - readOnlyRootFilesystem: true + privileged: false runAsGroup: 65532 + runAsNonRoot: true runAsUser: 65532 seccompProfile: type: RuntimeDefault + env: + functionRunnerImage: ghcr.keptn.sh/keptn/functions-runtime:v0.6.0 + keptnAppControllerLogLevel: "0" + keptnAppVersionControllerLogLevel: "0" + keptnEvaluationControllerLogLevel: "0" + keptnTaskControllerLogLevel: "0" + keptnTaskDefinitionControllerLogLevel: "0" + keptnWorkloadControllerLogLevel: "0" + keptnWorkloadInstanceControllerLogLevel: "0" + optionsControllerLogLevel: "0" + otelCollectorUrl: "0" image: - repository: ghcr.io/keptn/klt-cert-manager - tag: "202302281677584335" + repository: ghcr.io/keptn/lifecycle-operator + tag: "202303031677839700" imagePullPolicy: Always livenessProbe: httpGet: @@ -157,27 +92,34 @@ kltCertManager: periodSeconds: 10 resources: limits: - cpu: 100m - memory: 32Mi + cpu: 500m + memory: 128Mi requests: cpu: 5m - memory: 16Mi + memory: 64Mi nodeSelector: {} replicas: 1 tolerations: [] topologySpreadConstraints: [] -kltCertManagerMetricsService: +lifecycleWebhookService: ports: - - name: https - port: 8443 + - port: 443 protocol: TCP - targetPort: https + targetPort: 9443 type: ClusterIP -kubernetesClusterDomain: cluster.local -metricsOperatorController: +metricsManagerConfig: + controllerManagerConfigYaml: + health: + healthProbeBindAddress: :8081 + leaderElection: + leaderElect: true + resourceName: 3f8532ca.keptn.sh + metrics: + bindAddress: 127.0.0.1:8080 + webhook: + port: 9443 +metricsOperator: manager: - metricsController: - logLevel: 0 containerSecurityContext: allowPrivilegeEscalation: false capabilities: @@ -185,9 +127,10 @@ metricsOperatorController: - ALL env: exposeKeptnMetrics: "true" + metricsControllerLogLevel: "0" image: repository: ghcr.io/keptn/metrics-operator - tag: "202302281677584335" + tag: "202303031677839700" livenessProbe: httpGet: path: /healthz @@ -211,7 +154,7 @@ metricsOperatorController: replicas: 1 tolerations: [] topologySpreadConstraints: [] -metricsOperatorControllerMetricsService: +metricsOperatorService: ports: - name: https port: 8443 @@ -225,23 +168,53 @@ metricsOperatorControllerMetricsService: protocol: TCP targetPort: metrics type: ClusterIP -metricsOperatorManagerConfig: - controllerManagerConfigYaml: - health: - healthProbeBindAddress: :8081 - leaderElection: - leaderElect: true - resourceName: 3f8532ca.keptn.sh - metrics: - bindAddress: 127.0.0.1:8080 - webhook: - port: 9443 -metricsOperatorWebhookService: +metricsWebhookService: ports: - port: 443 protocol: TCP targetPort: 9443 type: ClusterIP +scheduler: + nodeSelector: {} + replicas: 1 + scheduler: + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 65532 + seccompProfile: + type: RuntimeDefault + env: + otelCollectorUrl: otel-collector:4317 + image: + repository: ghcr.io/keptn/scheduler + tag: "202303031677839700" + imagePullPolicy: Always + livenessProbe: + httpGet: + path: /healthz + port: 10259 + scheme: HTTPS + initialDelaySeconds: 15 + readinessProbe: + httpGet: + path: /healthz + port: 10259 + scheme: HTTPS + resources: + limits: + cpu: 300m + memory: 100Mi + requests: + cpu: 100m + memory: 20Mi + tolerations: [] + topologySpreadConstraints: [] schedulerConfig: schedulerConfigYaml: leaderElection: diff --git a/klt-cert-manager/Makefile b/klt-cert-manager/Makefile index 62f231c802..c261dc6252 100644 --- a/klt-cert-manager/Makefile +++ b/klt-cert-manager/Makefile @@ -1,13 +1,13 @@ # Image URL to use all building/pushing image targets -IMG ?= klt-cert-manager:latest +IMG ?= certificate-operator:latest # RELEASE_REGISTRY is the container registry to push into. RELEASE_REGISTRY?=ghcr.io/keptn RELEASE_TIME=$(shell date +%Y%m%d%s) BUILD_TIME=$(shell date -u "+%F_%T") RELEASE_VERSION?=$(RELEASE_TIME)-v0.24.3#$(shell git describe --tags --match "v*") TAG?=latest -RELEASE_IMAGE:=klt-cert-manager:$(TAG) +RELEASE_IMAGE:=certificate-operator:$(TAG) ARCHS = amd64 arm64 COMMONENVVAR=GOOS=$(shell uname -s | tr A-Z a-z) @@ -59,7 +59,7 @@ help: ## Display this help. .PHONY: manifests manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects. - $(CONTROLLER_GEN) rbac:roleName=cert-manager-role crd webhook paths="./..." output:crd:artifacts:config=config/crd/bases + $(CONTROLLER_GEN) rbac:roleName=operator-role crd webhook paths="./..." output:crd:artifacts:config=config/crd/bases .PHONY: generate generate: controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations. diff --git a/klt-cert-manager/config/default/kustomization.yaml b/klt-cert-manager/config/default/kustomization.yaml index f27b009f37..573cb25566 100644 --- a/klt-cert-manager/config/default/kustomization.yaml +++ b/klt-cert-manager/config/default/kustomization.yaml @@ -6,7 +6,7 @@ namespace: keptn-lifecycle-toolkit-system # "wordpress" becomes "alices-wordpress". # Note that it should also match with the prefix (text before '-') of the namespace # field above. -namePrefix: klt- +namePrefix: certificate- # Labels to add to all resources and selectors. #commonLabels: diff --git a/klt-cert-manager/config/default/manager_config_patch.yaml b/klt-cert-manager/config/default/manager_config_patch.yaml index 7e75c81e24..301fb2e5b5 100644 --- a/klt-cert-manager/config/default/manager_config_patch.yaml +++ b/klt-cert-manager/config/default/manager_config_patch.yaml @@ -1,7 +1,7 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: cert-manager + name: operator namespace: system spec: template: diff --git a/klt-cert-manager/config/manager/kustomization.yaml b/klt-cert-manager/config/manager/kustomization.yaml index 44fef27d4b..46dc05addb 100644 --- a/klt-cert-manager/config/manager/kustomization.yaml +++ b/klt-cert-manager/config/manager/kustomization.yaml @@ -4,5 +4,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization images: - name: controller - newName: ghcr.keptn.sh/keptn/klt-cert-manager - newTag: "0.6.0-next.1" + newName: ghcr.io/keptn/certificate-operator + newTag: latest diff --git a/klt-cert-manager/config/manager/manager.yaml b/klt-cert-manager/config/manager/manager.yaml index 162b331049..90f67e8fd2 100644 --- a/klt-cert-manager/config/manager/manager.yaml +++ b/klt-cert-manager/config/manager/manager.yaml @@ -2,27 +2,27 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: cert-manager + name: operator namespace: system labels: - control-plane: klt-cert-manager + control-plane: certificate-operator app.kubernetes.io/name: deployment - app.kubernetes.io/instance: klt-cert-manager + app.kubernetes.io/instance: certificate-operator app.kubernetes.io/component: manager - app.kubernetes.io/created-by: klt-cert-manager - app.kubernetes.io/part-of: klt-cert-manager + app.kubernetes.io/created-by: certificate-operator + app.kubernetes.io/part-of: certificate-operator app.kubernetes.io/managed-by: kustomize spec: selector: matchLabels: - control-plane: klt-cert-manager + control-plane: certificate-operator replicas: 1 template: metadata: annotations: kubectl.kubernetes.io/default-container: manager labels: - control-plane: klt-cert-manager + control-plane: certificate-operator spec: securityContext: runAsNonRoot: true @@ -70,5 +70,5 @@ spec: requests: cpu: 5m memory: 16Mi - serviceAccountName: klt-cert-manager + serviceAccountName: certificate-operator terminationGracePeriodSeconds: 10 diff --git a/klt-cert-manager/config/rbac/auth_proxy_client_clusterrole.yaml b/klt-cert-manager/config/rbac/auth_proxy_client_clusterrole.yaml deleted file mode 100644 index 3591ced25f..0000000000 --- a/klt-cert-manager/config/rbac/auth_proxy_client_clusterrole.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: metrics-reader - app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: cert-manager - app.kubernetes.io/part-of: cert-manager - app.kubernetes.io/managed-by: kustomize - name: metrics-reader -rules: -- nonResourceURLs: - - "/metrics" - verbs: - - get diff --git a/klt-cert-manager/config/rbac/auth_proxy_role.yaml b/klt-cert-manager/config/rbac/auth_proxy_role.yaml deleted file mode 100644 index 264e34ee70..0000000000 --- a/klt-cert-manager/config/rbac/auth_proxy_role.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: proxy-role - app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: cert-manager - app.kubernetes.io/part-of: cert-manager - app.kubernetes.io/managed-by: kustomize - name: proxy-role -rules: -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create diff --git a/klt-cert-manager/config/rbac/auth_proxy_role_binding.yaml b/klt-cert-manager/config/rbac/auth_proxy_role_binding.yaml deleted file mode 100644 index 294b2c9c65..0000000000 --- a/klt-cert-manager/config/rbac/auth_proxy_role_binding.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/name: clusterrolebinding - app.kubernetes.io/instance: proxy-rolebinding - app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: klt-cert-manager - app.kubernetes.io/part-of: klt-cert-manager - app.kubernetes.io/managed-by: kustomize - name: proxy-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: proxy-role -subjects: -- kind: ServiceAccount - name: cert-manager - namespace: system diff --git a/klt-cert-manager/config/rbac/auth_proxy_service.yaml b/klt-cert-manager/config/rbac/auth_proxy_service.yaml deleted file mode 100644 index 8f7748b274..0000000000 --- a/klt-cert-manager/config/rbac/auth_proxy_service.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - control-plane: klt-cert-manager - app.kubernetes.io/name: service - app.kubernetes.io/instance: klt-cert-manager-metrics-service - app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: klt-cert-manager - app.kubernetes.io/part-of: klt-cert-manager - app.kubernetes.io/managed-by: kustomize - name: cert-manager-metrics-service - namespace: system -spec: - ports: - - name: https - port: 8443 - protocol: TCP - targetPort: https - selector: - control-plane: klt-cert-manager diff --git a/klt-cert-manager/config/rbac/extra_role_binding.yaml b/klt-cert-manager/config/rbac/extra_role_binding.yaml index de40a79ef5..268febd7ca 100644 --- a/klt-cert-manager/config/rbac/extra_role_binding.yaml +++ b/klt-cert-manager/config/rbac/extra_role_binding.yaml @@ -7,17 +7,17 @@ kind: RoleBinding metadata: labels: app.kubernetes.io/name: rolebinding - app.kubernetes.io/instance: klt-cert-manager-rolebinding + app.kubernetes.io/instance: certificate-operator-rolebinding app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: klt-cert-manager - app.kubernetes.io/part-of: klt-cert-manager + app.kubernetes.io/created-by: certificate-operator + app.kubernetes.io/part-of: certificate-operator app.kubernetes.io/managed-by: kustomize - name: cert-manager-role-binding + name: operator-role-binding roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: klt-cert-manager-role + name: operator-role subjects: - kind: ServiceAccount - name: cert-manager + name: operator namespace: system diff --git a/klt-cert-manager/config/rbac/kustomization.yaml b/klt-cert-manager/config/rbac/kustomization.yaml index cb0a597a69..5022dafda1 100644 --- a/klt-cert-manager/config/rbac/kustomization.yaml +++ b/klt-cert-manager/config/rbac/kustomization.yaml @@ -13,7 +13,7 @@ resources: # Comment the following 4 lines if you want to disable # the auth proxy (https://github.com/brancz/kube-rbac-proxy) # which protects your /metrics endpoint. -- auth_proxy_service.yaml -- auth_proxy_role.yaml -- auth_proxy_role_binding.yaml -- auth_proxy_client_clusterrole.yaml +#- auth_proxy_service.yaml +#- auth_proxy_role.yaml +#- auth_proxy_role_binding.yaml +#- auth_proxy_client_clusterrole.yaml diff --git a/klt-cert-manager/config/rbac/leader_election_role.yaml b/klt-cert-manager/config/rbac/leader_election_role.yaml index ed66549659..052d176f93 100644 --- a/klt-cert-manager/config/rbac/leader_election_role.yaml +++ b/klt-cert-manager/config/rbac/leader_election_role.yaml @@ -6,8 +6,8 @@ metadata: app.kubernetes.io/name: role app.kubernetes.io/instance: leader-election-role app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: cert-manager - app.kubernetes.io/part-of: cert-manager + app.kubernetes.io/created-by: certificate-operator + app.kubernetes.io/part-of: certificate-operator app.kubernetes.io/managed-by: kustomize name: leader-election-role rules: diff --git a/klt-cert-manager/config/rbac/leader_election_role_binding.yaml b/klt-cert-manager/config/rbac/leader_election_role_binding.yaml index f4accfb438..01e3419fd9 100644 --- a/klt-cert-manager/config/rbac/leader_election_role_binding.yaml +++ b/klt-cert-manager/config/rbac/leader_election_role_binding.yaml @@ -3,17 +3,17 @@ kind: RoleBinding metadata: labels: app.kubernetes.io/name: rolebinding - app.kubernetes.io/instance: leader-election-rolebinding + app.kubernetes.io/instance: certificate-operator-leader-election-rolebinding app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: klt-cert-manager - app.kubernetes.io/part-of: klt-cert-manager + app.kubernetes.io/created-by: certificate-operator + app.kubernetes.io/part-of: certificate-operator app.kubernetes.io/managed-by: kustomize - name: leader-election-rolebinding + name: operator-leader-election-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: leader-election-role subjects: - kind: ServiceAccount - name: cert-manager + name: operator namespace: system diff --git a/klt-cert-manager/config/rbac/role.yaml b/klt-cert-manager/config/rbac/role.yaml index ab94d834b3..1074f3e3a1 100644 --- a/klt-cert-manager/config/rbac/role.yaml +++ b/klt-cert-manager/config/rbac/role.yaml @@ -3,7 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: creationTimestamp: null - name: cert-manager-role + name: operator-role rules: - apiGroups: - admissionregistration.k8s.io @@ -48,7 +48,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: creationTimestamp: null - name: cert-manager-role + name: operator-role namespace: keptn-lifecycle-toolkit-system rules: - apiGroups: diff --git a/klt-cert-manager/config/rbac/role_binding.yaml b/klt-cert-manager/config/rbac/role_binding.yaml index 929de1d304..fc1eca56d7 100644 --- a/klt-cert-manager/config/rbac/role_binding.yaml +++ b/klt-cert-manager/config/rbac/role_binding.yaml @@ -3,17 +3,17 @@ kind: ClusterRoleBinding metadata: labels: app.kubernetes.io/name: clusterrolebinding - app.kubernetes.io/instance: klt-cert-manager-rolebinding + app.kubernetes.io/instance: certificate-operator-rolebinding app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: klt-cert-manager - app.kubernetes.io/part-of: klt-cert-manager + app.kubernetes.io/created-by: certificate-operator + app.kubernetes.io/part-of: certificate-operator app.kubernetes.io/managed-by: kustomize - name: cert-manager-rolebinding + name: operator-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: klt-cert-manager-role + name: operator-role subjects: - kind: ServiceAccount - name: cert-manager + name: operator namespace: system \ No newline at end of file diff --git a/klt-cert-manager/config/rbac/service_account.yaml b/klt-cert-manager/config/rbac/service_account.yaml index a485797c81..ff55b0092f 100644 --- a/klt-cert-manager/config/rbac/service_account.yaml +++ b/klt-cert-manager/config/rbac/service_account.yaml @@ -3,10 +3,10 @@ kind: ServiceAccount metadata: labels: app.kubernetes.io/name: serviceaccount - app.kuberentes.io/instance: klt-cert-manager + app.kuberentes.io/instance: certificate-operator app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: klt-cert-manager - app.kubernetes.io/part-of: klt-cert-manager + app.kubernetes.io/created-by: certificate-operator + app.kubernetes.io/part-of: certificate-operator app.kubernetes.io/managed-by: kustomize - name: cert-manager + name: operator namespace: system diff --git a/klt-cert-manager/controllers/keptnwebhookcontroller/webhook_cert_controller_test.go b/klt-cert-manager/controllers/keptnwebhookcontroller/webhook_cert_controller_test.go index 1af39cea3d..76b184d754 100644 --- a/klt-cert-manager/controllers/keptnwebhookcontroller/webhook_cert_controller_test.go +++ b/klt-cert-manager/controllers/keptnwebhookcontroller/webhook_cert_controller_test.go @@ -419,7 +419,7 @@ func prepareController(t *testing.T, clt client.Client) (*KeptnWebhookCertificat request := reconcile.Request{ NamespacedName: types.NamespacedName{ - Name: "klc-controller-manager", + Name: "lifecycle-operator", Namespace: testnamespace, }, } diff --git a/metrics-operator/Makefile b/metrics-operator/Makefile index 1780b75635..a6765f6844 100644 --- a/metrics-operator/Makefile +++ b/metrics-operator/Makefile @@ -67,7 +67,7 @@ help: ## Display this help. .PHONY: manifests manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects. - $(CONTROLLER_GEN) rbac:roleName=manager-role crd webhook paths="./..." output:crd:artifacts:config=config/crd/bases + $(CONTROLLER_GEN) rbac:roleName=operator-role crd webhook paths="./..." output:crd:artifacts:config=config/crd/bases .PHONY: generate generate: controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations. diff --git a/metrics-operator/config/default/kustomization.yaml b/metrics-operator/config/default/kustomization.yaml index bd79d28781..c8df769e88 100644 --- a/metrics-operator/config/default/kustomization.yaml +++ b/metrics-operator/config/default/kustomization.yaml @@ -6,7 +6,7 @@ namespace: keptn-lifecycle-toolkit-system # "wordpress" becomes "alices-wordpress". # Note that it should also match with the prefix (text before '-') of the namespace # field above. -namePrefix: metrics-operator- +namePrefix: metrics- # Labels to add to all resources and selectors. #commonLabels: diff --git a/metrics-operator/config/default/manager_config_patch.yaml b/metrics-operator/config/default/manager_config_patch.yaml index 0926f8b395..3102eaf512 100644 --- a/metrics-operator/config/default/manager_config_patch.yaml +++ b/metrics-operator/config/default/manager_config_patch.yaml @@ -1,7 +1,7 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: controller + name: operator namespace: system spec: template: diff --git a/metrics-operator/config/manager/kustomization.yaml b/metrics-operator/config/manager/kustomization.yaml index 6aa34f4ba4..ff07aea2f0 100644 --- a/metrics-operator/config/manager/kustomization.yaml +++ b/metrics-operator/config/manager/kustomization.yaml @@ -1,5 +1,6 @@ resources: - manager.yaml +- service.yaml generatorOptions: disableNameSuffixHash: true configMapGenerator: @@ -10,5 +11,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization images: - name: controller - newName: ghcr.keptn.sh/keptn/metrics-operator - newTag: 0.6.0-next.8 + newName: ghcr.io/keptn/metrics-operator + newTag: latest diff --git a/metrics-operator/config/manager/manager.yaml b/metrics-operator/config/manager/manager.yaml index 38b8e9d0f5..fbabc97058 100644 --- a/metrics-operator/config/manager/manager.yaml +++ b/metrics-operator/config/manager/manager.yaml @@ -2,28 +2,28 @@ apiVersion: v1 kind: Namespace metadata: labels: - control-plane: metrics-controller + control-plane: metrics-operator name: system --- apiVersion: apps/v1 kind: Deployment metadata: - name: controller + name: operator namespace: system labels: app.kubernetes.io/part-of: keptn-lifecycle-toolkit - control-plane: metrics-controller + control-plane: metrics-operator spec: selector: matchLabels: - control-plane: metrics-controller + control-plane: metrics-operator replicas: 1 template: metadata: annotations: kubectl.kubernetes.io/default-container: manager labels: - control-plane: metrics-controller + control-plane: metrics-operator spec: securityContext: runAsNonRoot: true @@ -65,6 +65,8 @@ spec: fieldPath: metadata.name - name: EXPOSE_KEPTN_METRICS value: "true" + - name: METRICS_CONTROLLER_LOG_LEVEL + value: "0" ports: - containerPort: 9443 name: webhook-server @@ -104,5 +106,5 @@ spec: mountPath: /tmp/k8s-webhook-server/serving-certs/ - name: adapter-certs-dir mountPath: /tmp/metrics-adapter/serving-certs - serviceAccountName: controller + serviceAccountName: metrics-operator terminationGracePeriodSeconds: 10 diff --git a/metrics-operator/config/manager/service.yaml b/metrics-operator/config/manager/service.yaml new file mode 100644 index 0000000000..4ee6e52799 --- /dev/null +++ b/metrics-operator/config/manager/service.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: metrics-controller + name: operator-service + namespace: system +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + - name: custom-metrics + targetPort: custom-metrics + port: 443 + - name: metrics + protocol: TCP + port: 2222 + targetPort: metrics + selector: + control-plane: metrics-operator diff --git a/metrics-operator/config/metrics/custom_metrics_api_service.yaml b/metrics-operator/config/metrics/custom_metrics_api_service.yaml index a8d600ad0e..e896d5920f 100644 --- a/metrics-operator/config/metrics/custom_metrics_api_service.yaml +++ b/metrics-operator/config/metrics/custom_metrics_api_service.yaml @@ -5,7 +5,7 @@ metadata: name: v1beta1.custom.metrics.k8s.io spec: service: - name: metrics-operator-controller-metrics-service + name: metrics-operator-service namespace: system group: custom.metrics.k8s.io version: v1beta1 @@ -19,7 +19,7 @@ metadata: name: v1beta2.custom.metrics.k8s.io spec: service: - name: metrics-operator-controller-metrics-service + name: metrics-operator-service namespace: system group: custom.metrics.k8s.io version: v1beta2 diff --git a/metrics-operator/config/metrics/role.yaml b/metrics-operator/config/metrics/role.yaml index 2b473bced3..24cb504c5a 100644 --- a/metrics-operator/config/metrics/role.yaml +++ b/metrics-operator/config/metrics/role.yaml @@ -1,7 +1,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: keptn-metrics-server-resources + name: server-resources rules: - apiGroups: - custom.metrics.k8s.io diff --git a/metrics-operator/config/metrics/role_binding.yaml b/metrics-operator/config/metrics/role_binding.yaml index ed2c735dd3..bbf9645796 100644 --- a/metrics-operator/config/metrics/role_binding.yaml +++ b/metrics-operator/config/metrics/role_binding.yaml @@ -2,14 +2,14 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: keptn-metrics-system-auth-delegator + name: system-auth-delegator roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: system:auth-delegator subjects: - kind: ServiceAccount - name: controller + name: metrics-operator namespace: system --- apiVersion: rbac.authorization.k8s.io/v1 @@ -19,7 +19,7 @@ metadata: roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: keptn-metrics-server-resources + name: server-resources subjects: - kind: ServiceAccount name: horizontal-pod-autoscaler diff --git a/metrics-operator/config/prometheus/monitor.yaml b/metrics-operator/config/prometheus/monitor.yaml index 22a486f944..efa7f10668 100644 --- a/metrics-operator/config/prometheus/monitor.yaml +++ b/metrics-operator/config/prometheus/monitor.yaml @@ -4,8 +4,8 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: labels: - control-plane: metrics-controller - name: controller-metrics-monitor + control-plane: metrics-operator + name: metrics-operator-monitor namespace: system spec: endpoints: @@ -17,4 +17,4 @@ spec: insecureSkipVerify: true selector: matchLabels: - control-plane: metrics-controller + control-plane: metrics-operator diff --git a/metrics-operator/config/rbac/auth_proxy_client_clusterrole.yaml b/metrics-operator/config/rbac/auth_proxy_client_clusterrole.yaml deleted file mode 100644 index 51a75db47a..0000000000 --- a/metrics-operator/config/rbac/auth_proxy_client_clusterrole.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: metrics-reader -rules: -- nonResourceURLs: - - "/metrics" - verbs: - - get diff --git a/metrics-operator/config/rbac/auth_proxy_role.yaml b/metrics-operator/config/rbac/auth_proxy_role.yaml deleted file mode 100644 index 80e1857c59..0000000000 --- a/metrics-operator/config/rbac/auth_proxy_role.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: proxy-role -rules: -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create diff --git a/metrics-operator/config/rbac/auth_proxy_role_binding.yaml b/metrics-operator/config/rbac/auth_proxy_role_binding.yaml deleted file mode 100644 index 14874d6fca..0000000000 --- a/metrics-operator/config/rbac/auth_proxy_role_binding.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: proxy-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: proxy-role -subjects: -- kind: ServiceAccount - name: controller - namespace: system diff --git a/metrics-operator/config/rbac/auth_proxy_service.yaml b/metrics-operator/config/rbac/auth_proxy_service.yaml deleted file mode 100644 index 0295f9a81b..0000000000 --- a/metrics-operator/config/rbac/auth_proxy_service.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - control-plane: metrics-controller - name: controller-metrics-service - namespace: system -spec: - ports: - - name: https - port: 8443 - protocol: TCP - targetPort: https - - name: custom-metrics - targetPort: custom-metrics - port: 443 - - name: metrics - protocol: TCP - port: 2222 - targetPort: metrics - selector: - control-plane: metrics-controller diff --git a/metrics-operator/config/rbac/extra_role_binding.yaml b/metrics-operator/config/rbac/extra_role_binding.yaml index 2365413e17..c373356399 100644 --- a/metrics-operator/config/rbac/extra_role_binding.yaml +++ b/metrics-operator/config/rbac/extra_role_binding.yaml @@ -2,12 +2,12 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: manager-rolebinding + name: operator-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: manager-role + name: operator-role subjects: - kind: ServiceAccount - name: controller + name: operator namespace: system diff --git a/metrics-operator/config/rbac/kustomization.yaml b/metrics-operator/config/rbac/kustomization.yaml index cb0a597a69..5022dafda1 100644 --- a/metrics-operator/config/rbac/kustomization.yaml +++ b/metrics-operator/config/rbac/kustomization.yaml @@ -13,7 +13,7 @@ resources: # Comment the following 4 lines if you want to disable # the auth proxy (https://github.com/brancz/kube-rbac-proxy) # which protects your /metrics endpoint. -- auth_proxy_service.yaml -- auth_proxy_role.yaml -- auth_proxy_role_binding.yaml -- auth_proxy_client_clusterrole.yaml +#- auth_proxy_service.yaml +#- auth_proxy_role.yaml +#- auth_proxy_role_binding.yaml +#- auth_proxy_client_clusterrole.yaml diff --git a/metrics-operator/config/rbac/leader_election_role.yaml b/metrics-operator/config/rbac/leader_election_role.yaml index 4190ec8059..d9a6db0559 100644 --- a/metrics-operator/config/rbac/leader_election_role.yaml +++ b/metrics-operator/config/rbac/leader_election_role.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: leader-election-role + name: operator-leader-election-role rules: - apiGroups: - "" diff --git a/metrics-operator/config/rbac/leader_election_role_binding.yaml b/metrics-operator/config/rbac/leader_election_role_binding.yaml index b9896dd0e1..9063330887 100644 --- a/metrics-operator/config/rbac/leader_election_role_binding.yaml +++ b/metrics-operator/config/rbac/leader_election_role_binding.yaml @@ -1,12 +1,12 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: leader-election-rolebinding + name: operator-leader-election-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: leader-election-role + name: operator-leader-election-role subjects: - kind: ServiceAccount - name: controller + name: operator namespace: system diff --git a/metrics-operator/config/rbac/role.yaml b/metrics-operator/config/rbac/role.yaml index 02d9ae4c52..6938ab5e15 100644 --- a/metrics-operator/config/rbac/role.yaml +++ b/metrics-operator/config/rbac/role.yaml @@ -3,7 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: creationTimestamp: null - name: manager-role + name: operator-role rules: - apiGroups: - "" diff --git a/metrics-operator/config/rbac/role_binding.yaml b/metrics-operator/config/rbac/role_binding.yaml index 6a4e998588..c15bde0a0e 100644 --- a/metrics-operator/config/rbac/role_binding.yaml +++ b/metrics-operator/config/rbac/role_binding.yaml @@ -1,12 +1,12 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: manager-rolebinding + name: operator-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: manager-role + name: operator-role subjects: - kind: ServiceAccount - name: controller + name: operator namespace: system diff --git a/metrics-operator/config/rbac/service_account.yaml b/metrics-operator/config/rbac/service_account.yaml index 130eeec1f6..38423bc86b 100644 --- a/metrics-operator/config/rbac/service_account.yaml +++ b/metrics-operator/config/rbac/service_account.yaml @@ -1,5 +1,5 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: controller + name: operator namespace: system diff --git a/metrics-operator/config/rendered/release.yaml b/metrics-operator/config/rendered/release.yaml index cf105a7d5b..2bd715ee04 100644 --- a/metrics-operator/config/rendered/release.yaml +++ b/metrics-operator/config/rendered/release.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Namespace metadata: labels: - control-plane: metrics-controller + control-plane: metrics-operator name: keptn-lifecycle-toolkit-system --- apiVersion: apiextensions.k8s.io/v1 @@ -10,6 +10,7 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.11.3 + creationTimestamp: null labels: app.kubernetes.io/part-of: keptn-lifecycle-toolkit crdGroup: metrics.keptn.sh @@ -20,7 +21,7 @@ spec: webhook: clientConfig: service: - name: metrics-operator-webhook-service + name: webhook-service namespace: keptn-lifecycle-toolkit-system path: /convert conversionReviewVersions: @@ -264,7 +265,7 @@ spec: apiVersion: v1 kind: ServiceAccount metadata: - name: metrics-operator-controller + name: metrics-operator namespace: keptn-lifecycle-toolkit-system --- apiVersion: rbac.authorization.k8s.io/v1 @@ -308,7 +309,7 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: metrics-operator-keptn-metrics-server-resources + name: keptn-metrics-server-resources rules: - apiGroups: - custom.metrics.k8s.io @@ -321,7 +322,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: creationTimestamp: null - name: metrics-operator-manager-role + name: manager-role rules: - apiGroups: - "" @@ -377,37 +378,9 @@ rules: - watch --- apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: metrics-operator-metrics-reader -rules: -- nonResourceURLs: - - /metrics - verbs: - - get ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: metrics-operator-proxy-role -rules: -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create ---- -apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: metrics-operator-leader-election-rolebinding + name: leader-election-rolebinding namespace: keptn-lifecycle-toolkit-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -415,31 +388,31 @@ roleRef: name: metrics-operator-leader-election-role subjects: - kind: ServiceAccount - name: metrics-operator-controller + name: metrics-operator namespace: keptn-lifecycle-toolkit-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: metrics-operator-manager-rolebinding + name: metrics-operator-rolebinding namespace: keptn-lifecycle-toolkit-system roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: manager-role + name: metrics-operator-role subjects: - kind: ServiceAccount - name: metrics-operator-controller + name: metrics-operator namespace: keptn-lifecycle-toolkit-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: metrics-operator-hpa-controller-keptn-metrics + name: hpa-controller-keptn-metrics roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: metrics-operator-keptn-metrics-server-resources + name: keptn-metrics-server-resources subjects: - kind: ServiceAccount name: horizontal-pod-autoscaler @@ -448,40 +421,27 @@ subjects: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: metrics-operator-keptn-metrics-system-auth-delegator + name: keptn-metrics-system-auth-delegator roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: system:auth-delegator subjects: - kind: ServiceAccount - name: metrics-operator-controller - namespace: keptn-lifecycle-toolkit-system ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: metrics-operator-manager-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: metrics-operator-manager-role -subjects: -- kind: ServiceAccount - name: metrics-operator-controller + name: metrics-operator namespace: keptn-lifecycle-toolkit-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: metrics-operator-proxy-rolebinding + name: metrics-operator-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: metrics-operator-proxy-role + name: metrics-operator-role subjects: - kind: ServiceAccount - name: metrics-operator-controller + name: metrics-operator namespace: keptn-lifecycle-toolkit-system --- apiVersion: v1 @@ -510,7 +470,7 @@ data: # leaderElectionReleaseOnCancel: true kind: ConfigMap metadata: - name: metrics-operator-manager-config + name: manager-config namespace: keptn-lifecycle-toolkit-system --- apiVersion: v1 @@ -518,7 +478,7 @@ kind: Service metadata: labels: control-plane: metrics-controller - name: metrics-operator-controller-metrics-service + name: metrics-operator-service namespace: keptn-lifecycle-toolkit-system spec: ports: @@ -534,12 +494,12 @@ spec: protocol: TCP targetPort: metrics selector: - control-plane: metrics-controller + control-plane: metrics-operator --- apiVersion: v1 kind: Service metadata: - name: metrics-operator-webhook-service + name: webhook-service namespace: keptn-lifecycle-toolkit-system spec: ports: @@ -547,27 +507,27 @@ spec: protocol: TCP targetPort: 9443 selector: - control-plane: metrics-controller + control-plane: metrics-operator --- apiVersion: apps/v1 kind: Deployment metadata: labels: app.kubernetes.io/part-of: keptn-lifecycle-toolkit - control-plane: metrics-controller - name: metrics-operator-controller + control-plane: metrics-operator + name: metrics-operator namespace: keptn-lifecycle-toolkit-system spec: replicas: 1 selector: matchLabels: - control-plane: metrics-controller + control-plane: metrics-operator template: metadata: annotations: kubectl.kubernetes.io/default-container: manager labels: - control-plane: metrics-controller + control-plane: metrics-operator spec: containers: - args: @@ -590,7 +550,7 @@ spec: fieldPath: metadata.name - name: EXPOSE_KEPTN_METRICS value: "true" - image: odubajdt/metrics-operator:v1alpha3 + image: ghcr.io/keptn/metrics-operator:latest livenessProbe: httpGet: path: /healthz @@ -633,7 +593,7 @@ spec: name: adapter-certs-dir securityContext: runAsNonRoot: true - serviceAccountName: metrics-operator-controller + serviceAccountName: metrics-operator terminationGracePeriodSeconds: 10 volumes: - emptyDir: {} @@ -650,7 +610,7 @@ spec: groupPriorityMinimum: 100 insecureSkipTLSVerify: true service: - name: metrics-operator-controller-metrics-service + name: metrics-operator-metrics-service namespace: keptn-lifecycle-toolkit-system version: v1beta1 versionPriority: 100 @@ -664,7 +624,7 @@ spec: groupPriorityMinimum: 100 insecureSkipTLSVerify: true service: - name: metrics-operator-controller-metrics-service + name: metrics-operator-service namespace: keptn-lifecycle-toolkit-system version: v1beta2 versionPriority: 200 diff --git a/metrics-operator/config/webhook/service.yaml b/metrics-operator/config/webhook/service.yaml index 4f680e472d..715c76393d 100644 --- a/metrics-operator/config/webhook/service.yaml +++ b/metrics-operator/config/webhook/service.yaml @@ -10,4 +10,4 @@ spec: protocol: TCP targetPort: 9443 selector: - control-plane: metrics-controller + control-plane: metrics-operator diff --git a/operator/Makefile b/operator/Makefile index 35229b81dc..d94149deeb 100644 --- a/operator/Makefile +++ b/operator/Makefile @@ -8,7 +8,7 @@ RELEASE_TIME=$(shell date +%Y%m%d%s) BUILD_TIME=$(shell date -u "+%F_%T") RELEASE_VERSION?=$(RELEASE_TIME)-v0.24.3#$(shell git describe --tags --match "v*") TAG?=latest -RELEASE_IMAGE:=keptn-lifecycle-operator:$(TAG) +RELEASE_IMAGE:=lifecycle-operator:$(TAG) ARCHS = amd64 arm64 COMMONENVVAR=GOOS=$(shell uname -s | tr A-Z a-z) @@ -67,7 +67,7 @@ help: ## Display this help. .PHONY: manifests manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects. - $(CONTROLLER_GEN) rbac:roleName=manager-role crd webhook paths="./..." output:crd:artifacts:config=config/crd/bases + $(CONTROLLER_GEN) rbac:roleName=operator-role crd webhook paths="./..." output:crd:artifacts:config=config/crd/bases .PHONY: generate generate: controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations. diff --git a/operator/config/default/kustomization.yaml b/operator/config/default/kustomization.yaml index 063bd43200..26ba7f27a5 100644 --- a/operator/config/default/kustomization.yaml +++ b/operator/config/default/kustomization.yaml @@ -1,7 +1,7 @@ # Adds namespace to all resources. namespace: keptn-lifecycle-toolkit-system -namePrefix: klc- +namePrefix: lifecycle- bases: - ../crd diff --git a/operator/config/default/manager_config_patch.yaml b/operator/config/default/manager_config_patch.yaml index 6c400155cf..cf8c2c1ca1 100644 --- a/operator/config/default/manager_config_patch.yaml +++ b/operator/config/default/manager_config_patch.yaml @@ -1,7 +1,7 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: controller-manager + name: operator namespace: system spec: template: @@ -11,10 +11,10 @@ spec: args: - "--config=controller_manager_config.yaml" volumeMounts: - - name: manager-config + - name: lifecycle-operator-manager-config mountPath: /controller_manager_config.yaml subPath: controller_manager_config.yaml volumes: - - name: manager-config + - name: lifecycle-operator-manager-config configMap: name: manager-config diff --git a/operator/config/default/webhooknamespaces_patch.yaml b/operator/config/default/webhooknamespaces_patch.yaml index 451cfb6769..e3be6439a7 100644 --- a/operator/config/default/webhooknamespaces_patch.yaml +++ b/operator/config/default/webhooknamespaces_patch.yaml @@ -13,7 +13,7 @@ webhooks: - key: control-plane operator: NotIn values: - - "controller-manager" + - "lifecycle-operator" - key: kubernetes.io/metadata.name operator: NotIn values: diff --git a/operator/config/manager/kustomization.yaml b/operator/config/manager/kustomization.yaml index 8f7b00102f..7a8e23dc55 100644 --- a/operator/config/manager/kustomization.yaml +++ b/operator/config/manager/kustomization.yaml @@ -10,5 +10,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization images: - name: controller - newName: ghcr.keptn.sh/keptn/keptn-lifecycle-operator - newTag: "0.6.0-next.1" + newName: ghcr.io/keptn/lifecycle-operator + newTag: latest diff --git a/operator/config/manager/manager.yaml b/operator/config/manager/manager.yaml index bd3f6cdd1f..3d705e5cfa 100644 --- a/operator/config/manager/manager.yaml +++ b/operator/config/manager/manager.yaml @@ -2,15 +2,15 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: controller-manager + name: operator namespace: system labels: app.kubernetes.io/part-of: keptn-lifecycle-toolkit - control-plane: controller-manager + control-plane: lifecycle-operator spec: selector: matchLabels: - control-plane: controller-manager + control-plane: lifecycle-operator replicas: 1 template: metadata: @@ -19,7 +19,7 @@ spec: metrics.dynatrace.com/scrape: 'true' metrics.dynatrace.com/port: '2222' labels: - control-plane: controller-manager + control-plane: lifecycle-operator spec: securityContext: runAsNonRoot: true @@ -71,6 +71,24 @@ spec: value: otel-collector:4317 - name: FUNCTION_RUNNER_IMAGE value: ghcr.keptn.sh/keptn/functions-runtime:v0.6.0 #x-release-please-version + - name: OTEL_COLLECTOR_URL + value: "0" + - name: KEPTN_APP_CONTROLLER_LOG_LEVEL + value: "0" + - name: KEPTN_APP_VERSION_CONTROLLER_LOG_LEVEL + value: "0" + - name: KEPTN_EVALUATION_CONTROLLER_LOG_LEVEL + value: "0" + - name: KEPTN_TASK_CONTROLLER_LOG_LEVEL + value: "0" + - name: KEPTN_TASK_DEFINITION_CONTROLLER_LOG_LEVEL + value: "0" + - name: KEPTN_WORKLOAD_CONTROLLER_LOG_LEVEL + value: "0" + - name: KEPTN_WORKLOAD_INSTANCE_CONTROLLER_LOG_LEVEL + value: "0" + - name: OPTIONS_CONTROLLER_LOG_LEVEL + value: "0" securityContext: seccompProfile: type: RuntimeDefault @@ -108,5 +126,5 @@ spec: mountPath: /tmp/k8s-webhook-server/serving-certs/ - name: adapter-certs-dir mountPath: /tmp/metrics-adapter/serving-certs - serviceAccountName: controller-manager + serviceAccountName: lifecycle-operator terminationGracePeriodSeconds: 10 diff --git a/operator/config/rbac/auth_proxy_client_clusterrole.yaml b/operator/config/rbac/auth_proxy_client_clusterrole.yaml deleted file mode 100644 index 51a75db47a..0000000000 --- a/operator/config/rbac/auth_proxy_client_clusterrole.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: metrics-reader -rules: -- nonResourceURLs: - - "/metrics" - verbs: - - get diff --git a/operator/config/rbac/auth_proxy_role.yaml b/operator/config/rbac/auth_proxy_role.yaml deleted file mode 100644 index 80e1857c59..0000000000 --- a/operator/config/rbac/auth_proxy_role.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: proxy-role -rules: -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create diff --git a/operator/config/rbac/auth_proxy_role_binding.yaml b/operator/config/rbac/auth_proxy_role_binding.yaml deleted file mode 100644 index ec7acc0a1b..0000000000 --- a/operator/config/rbac/auth_proxy_role_binding.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: proxy-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: proxy-role -subjects: -- kind: ServiceAccount - name: controller-manager - namespace: system diff --git a/operator/config/rbac/auth_proxy_service.yaml b/operator/config/rbac/auth_proxy_service.yaml deleted file mode 100644 index c09bc865d9..0000000000 --- a/operator/config/rbac/auth_proxy_service.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - control-plane: controller-manager - name: controller-manager-metrics-service - namespace: system -spec: - ports: - - name: https - port: 8443 - protocol: TCP - targetPort: https - - name: metrics - port: 2222 - protocol: TCP - targetPort: metrics - selector: - control-plane: controller-manager diff --git a/operator/config/rbac/extra_role_binding.yaml b/operator/config/rbac/extra_role_binding.yaml index c5acd3007b..c373356399 100644 --- a/operator/config/rbac/extra_role_binding.yaml +++ b/operator/config/rbac/extra_role_binding.yaml @@ -2,12 +2,12 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: manager-rolebinding + name: operator-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: manager-role + name: operator-role subjects: - kind: ServiceAccount - name: controller-manager + name: operator namespace: system diff --git a/operator/config/rbac/kustomization.yaml b/operator/config/rbac/kustomization.yaml index 3382ed8245..ae96cb0e22 100644 --- a/operator/config/rbac/kustomization.yaml +++ b/operator/config/rbac/kustomization.yaml @@ -14,7 +14,7 @@ resources: # Comment the following 4 lines if you want to disable # the auth proxy (https://github.com/brancz/kube-rbac-proxy) # which protects your /metrics endpoint. -- auth_proxy_service.yaml -- auth_proxy_role.yaml -- auth_proxy_role_binding.yaml -- auth_proxy_client_clusterrole.yaml +#- auth_proxy_service.yaml +#- auth_proxy_role.yaml +#- auth_proxy_role_binding.yaml +#- auth_proxy_client_clusterrole.yaml diff --git a/operator/config/rbac/leader_election_role.yaml b/operator/config/rbac/leader_election_role.yaml index 4190ec8059..d9a6db0559 100644 --- a/operator/config/rbac/leader_election_role.yaml +++ b/operator/config/rbac/leader_election_role.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: leader-election-role + name: operator-leader-election-role rules: - apiGroups: - "" diff --git a/operator/config/rbac/leader_election_role_binding.yaml b/operator/config/rbac/leader_election_role_binding.yaml index 1d1321ed4f..9063330887 100644 --- a/operator/config/rbac/leader_election_role_binding.yaml +++ b/operator/config/rbac/leader_election_role_binding.yaml @@ -1,12 +1,12 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: leader-election-rolebinding + name: operator-leader-election-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: leader-election-role + name: operator-leader-election-role subjects: - kind: ServiceAccount - name: controller-manager + name: operator namespace: system diff --git a/operator/config/rbac/role.yaml b/operator/config/rbac/role.yaml index e6dcf887d4..623d192283 100644 --- a/operator/config/rbac/role.yaml +++ b/operator/config/rbac/role.yaml @@ -3,7 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: creationTimestamp: null - name: manager-role + name: operator-role rules: - apiGroups: - apps diff --git a/operator/config/rbac/role_binding.yaml b/operator/config/rbac/role_binding.yaml index 2070ede446..c15bde0a0e 100644 --- a/operator/config/rbac/role_binding.yaml +++ b/operator/config/rbac/role_binding.yaml @@ -1,12 +1,12 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: manager-rolebinding + name: operator-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: manager-role + name: operator-role subjects: - kind: ServiceAccount - name: controller-manager + name: operator namespace: system diff --git a/operator/config/rbac/service_account.yaml b/operator/config/rbac/service_account.yaml index 7cd6025bfc..38423bc86b 100644 --- a/operator/config/rbac/service_account.yaml +++ b/operator/config/rbac/service_account.yaml @@ -1,5 +1,5 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: controller-manager + name: operator namespace: system diff --git a/operator/config/webhook/service.yaml b/operator/config/webhook/service.yaml index 3f638bd9c6..1a5ecc8efa 100644 --- a/operator/config/webhook/service.yaml +++ b/operator/config/webhook/service.yaml @@ -10,4 +10,4 @@ spec: protocol: TCP targetPort: 9443 selector: - control-plane: controller-manager + control-plane: lifecycle-operator diff --git a/operator/controllers/common/otel_utils.go b/operator/controllers/common/otel_utils.go index 2e7412b35f..6a6da97533 100644 --- a/operator/controllers/common/otel_utils.go +++ b/operator/controllers/common/otel_utils.go @@ -146,7 +146,7 @@ func newResource() *resource.Resource { r := resource.NewWithAttributes( semconv.SchemaURL, semconv.TelemetrySDKLanguageGo, - semconv.ServiceNameKey.String("keptn-lifecycle-operator"), + semconv.ServiceNameKey.String("lifecycle-operator"), semconv.ServiceVersionKey.String(buildVersion+"-"+gitCommit+"-"+buildTime), ) return r diff --git a/scheduler/config/rbac/auth_proxy_client_clusterrole.yaml b/scheduler/config/rbac/auth_proxy_client_clusterrole.yaml deleted file mode 100644 index 51a75db47a..0000000000 --- a/scheduler/config/rbac/auth_proxy_client_clusterrole.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: metrics-reader -rules: -- nonResourceURLs: - - "/metrics" - verbs: - - get diff --git a/scheduler/config/rbac/auth_proxy_role.yaml b/scheduler/config/rbac/auth_proxy_role.yaml deleted file mode 100644 index 80e1857c59..0000000000 --- a/scheduler/config/rbac/auth_proxy_role.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: proxy-role -rules: -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create diff --git a/scheduler/config/rbac/auth_proxy_role_binding.yaml b/scheduler/config/rbac/auth_proxy_role_binding.yaml deleted file mode 100644 index ec7acc0a1b..0000000000 --- a/scheduler/config/rbac/auth_proxy_role_binding.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: proxy-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: proxy-role -subjects: -- kind: ServiceAccount - name: controller-manager - namespace: system diff --git a/scheduler/config/rbac/leader_election_role_binding.yaml b/scheduler/config/rbac/leader_election_role_binding.yaml index 1d1321ed4f..dfca45a093 100644 --- a/scheduler/config/rbac/leader_election_role_binding.yaml +++ b/scheduler/config/rbac/leader_election_role_binding.yaml @@ -1,7 +1,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: leader-election-rolebinding + name: scheduler-leader-election-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: Role diff --git a/scheduler/manifests/install/base/deployment.yaml b/scheduler/manifests/install/base/deployment.yaml index 6b1884edd9..d0e20126ff 100644 --- a/scheduler/manifests/install/base/deployment.yaml +++ b/scheduler/manifests/install/base/deployment.yaml @@ -3,7 +3,7 @@ kind: Deployment metadata: labels: component: scheduler - name: keptn-scheduler + name: scheduler namespace: keptn-lifecycle-toolkit-system spec: selector: @@ -31,7 +31,7 @@ spec: port: 10259 scheme: HTTPS initialDelaySeconds: 15 - name: keptn-scheduler + name: scheduler readinessProbe: httpGet: path: /healthz diff --git a/scheduler/manifests/install/charts/keptn-scheduler/values.yaml b/scheduler/manifests/install/charts/keptn-scheduler/values.yaml index 8697df28de..ca0deb5946 100644 --- a/scheduler/manifests/install/charts/keptn-scheduler/values.yaml +++ b/scheduler/manifests/install/charts/keptn-scheduler/values.yaml @@ -4,7 +4,7 @@ # Declare variables to be passed into your templates. scheduler: - name: keptn-scheduler + name: scheduler image: docker.io/annadreal/kube-scheduler:202209271664295209-v0.24.3 #we still do not have a register setup, edit the Makefile to point to your own register, run 'make push-release-images' copy the resulting image here namespace: keptn-lifecycle-toolkit-system replicaCount: 1 @@ -13,7 +13,7 @@ scheduler: #controller: # name: scheduler-plugins-controller # image: k8s.gcr.io/scheduler-plugins/controller:v0.23.10 -# namespace: keptn-scheduler +# namespace: scheduler # replicaCount: 1 # LoadVariationRiskBalancing and TargetLoadPacking are not enabled by default diff --git a/scheduler/manifests/install/kustomization.yaml b/scheduler/manifests/install/kustomization.yaml index 432efe8f84..4a094f2286 100644 --- a/scheduler/manifests/install/kustomization.yaml +++ b/scheduler/manifests/install/kustomization.yaml @@ -13,5 +13,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization images: - name: scheduler - newName : ghcr.keptn.sh/keptn/scheduler - newTag: "0.6.0-next.1" + newName: ghcr.io/keptn/scheduler + newTag: "202303021677763654" diff --git a/test/integration/expose-keptn-metric/00-install.yaml b/test/integration/expose-keptn-metric/00-install.yaml index ea94a3a9ae..97ea90dc8d 100644 --- a/test/integration/expose-keptn-metric/00-install.yaml +++ b/test/integration/expose-keptn-metric/00-install.yaml @@ -13,7 +13,7 @@ spec: - /bin/sh - -ec - | - curl -s metrics-operator-controller-metrics-service.keptn-lifecycle-toolkit-system.svc.cluster.local:2222/metrics > ~/out.txt + curl -s metrics-operator-service.keptn-lifecycle-toolkit-system.svc.cluster.local:2222/metrics > ~/out.txt if grep -Fxq "# HELP keptnmetric_sample keptnmetric-sample" ~/out.txt then exit 1 diff --git a/test/integration/expose-keptn-metric/01-install.yaml b/test/integration/expose-keptn-metric/01-install.yaml index d8b7553d7b..8a991c8f1d 100644 --- a/test/integration/expose-keptn-metric/01-install.yaml +++ b/test/integration/expose-keptn-metric/01-install.yaml @@ -24,7 +24,7 @@ spec: - /bin/sh - -ec - | - curl -s metrics-operator-controller-metrics-service.keptn-lifecycle-toolkit-system.svc.cluster.local:2222/metrics > ~/out.txt + curl -s metrics-operator-service.keptn-lifecycle-toolkit-system.svc.cluster.local:2222/metrics > ~/out.txt if grep -Fxq "# HELP keptnmetric_sample keptnmetric-sample" ~/out.txt then exit 0 diff --git a/test/integration/keptn-config/get-logs.sh b/test/integration/keptn-config/get-logs.sh index f0b7079a1a..2d49bdb813 100755 --- a/test/integration/keptn-config/get-logs.sh +++ b/test/integration/keptn-config/get-logs.sh @@ -5,7 +5,7 @@ RETRY_COUNT=3 SLEEP_TIME=5 for i in $(seq 1 $RETRY_COUNT); do - VAR=$(kubectl logs -n "$NAMESPACE" deployments/klc-controller-manager | grep -c "initializing KeptnConfig since no config was there before") + VAR=$(kubectl logs -n "$NAMESPACE" deployments/lifecycle-operator | grep -c "initializing KeptnConfig since no config was there before") # shellcheck disable=SC1072 if [ "$VAR" -ge 1 ]; then echo "Controller could access secret" diff --git a/test/integration/metrics-provider/logs.sh b/test/integration/metrics-provider/logs.sh index 95a0fde0a6..0a65cf5558 100755 --- a/test/integration/metrics-provider/logs.sh +++ b/test/integration/metrics-provider/logs.sh @@ -5,7 +5,7 @@ RETRY_COUNT=3 SLEEP_TIME=5 for i in $(seq 1 $RETRY_COUNT); do - VAR=$(kubectl logs -n keptn-lifecycle-toolkit-system deployments/klc-controller-manager | grep -c "Error while parsing response") + VAR=$(kubectl logs -n keptn-lifecycle-toolkit-system deployments/lifecycle-operator | grep -c "Error while parsing response") # shellcheck disable=SC1072 if [ "$VAR" -ge 1 ]; then echo "Controller could access secret" diff --git a/test/load/metrics.yml b/test/load/metrics.yml index fee53cee95..39f4956594 100644 --- a/test/load/metrics.yml +++ b/test/load/metrics.yml @@ -1,10 +1,10 @@ -- query: (max_over_time(container_memory_working_set_bytes{container="manager", namespace="keptn-lifecycle-toolkit-system", pod=~"klc-controller-manager-.*"}[1m]))/1024/1024 +- query: (max_over_time(container_memory_working_set_bytes{container="manager", namespace="keptn-lifecycle-toolkit-system", pod=~"lifecycle-operator-.*"}[1m]))/1024/1024 metricName: MemoryUsageInMB -- query: max_over_time(irate(container_cpu_usage_seconds_total{container="manager", namespace="keptn-lifecycle-toolkit-system", pod=~"klc-controller-manager-.*"}[1m])[{{ .elapsed }}:]) +- query: max_over_time(irate(container_cpu_usage_seconds_total{container="manager", namespace="keptn-lifecycle-toolkit-system", pod=~"lifecycle-operator-.*"}[1m])[{{ .elapsed }}:]) metricName: CPUUsage -- query: irate(container_cpu_cfs_throttled_seconds_total{container="manager", namespace="keptn-lifecycle-toolkit-system", pod=~"klc-controller-manager-.*"}[1m]) +- query: irate(container_cpu_cfs_throttled_seconds_total{container="manager", namespace="keptn-lifecycle-toolkit-system", pod=~"lifecycle-operator-.*"}[1m]) metricName: CPUThrottling - query: histogram_quantile(0.99, sum(rate(apiserver_request_duration_seconds_bucket{group="metrics.keptn.sh", verb!~"WATCH", subresource!="log"}[1m])) by (verb,resource,subresource,instance,le)) > 0