Skip to content

Commit

Permalink
Merge pull request #365 from kubesphere/sync/ks-core
Browse files Browse the repository at this point in the history
Update ks-core helm chart
  • Loading branch information
wansir authored Mar 6, 2024
2 parents 4a0ebc4 + 0afa5f1 commit b3eccb4
Show file tree
Hide file tree
Showing 10 changed files with 117 additions and 11 deletions.
2 changes: 1 addition & 1 deletion src/test/ks-core/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.6.6
version: 0.6.7

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
Expand Down
13 changes: 13 additions & 0 deletions src/test/ks-core/crds/application.kubesphere.io_applications.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,19 @@ spec:
type: array
icon:
type: string
resources:
items:
properties:
Group:
type: string
Kind:
type: string
Resource:
type: string
Version:
type: string
type: object
type: array
type: object
status:
description: ApplicationStatus defines the observed state of Application
Expand Down
7 changes: 2 additions & 5 deletions src/test/ks-core/crds/application.kubesphere.io_repos.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,6 @@ spec:
description: RepoSpec defines the desired state of Repo
properties:
credential:
description: ' repo credential'
properties:
caFile:
description: verify certificates of HTTPS-enabled servers using
Expand All @@ -80,14 +79,12 @@ spec:
type: string
type: object
description:
description: chart repo description from frontend
type: string
global:
type: boolean
syncPeriod:
description: sync period in seconds, no sync when SyncPeriod=0, the
minimum SyncPeriod is 180s
type: integer
url:
description: ' repo url'
type: string
required:
- url
Expand Down
5 changes: 5 additions & 0 deletions src/test/ks-core/crds/cluster.kubesphere.io_clusters.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,11 @@ spec:
type: object
spec:
properties:
config:
description: Config represents the custom helm chart values used when
installing the cluster
format: byte
type: string
connection:
description: Connection holds info to connect to the member cluster
properties:
Expand Down
45 changes: 45 additions & 0 deletions src/test/ks-core/templates/customresourcefilters.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
apiVersion: v1
stringData:
configuration.yaml: |
resource:
group: "kubesphere.io"
version: "v1alpha1"
kind: "Extension"
regoPolicy: |
package filter
import rego.v1
default match := false
match if {
not listAvailableExtension
}
match if {
listAvailableExtension
isSubscribed
}
match if {
listAvailableExtension
isInstalled
}
match if {
listAvailableExtension
not hasExtensionID
}
listAvailableExtension if ["available"][_] == input.filter.field
isSubscribed if input.object.metadata.labels["marketplace.kubesphere.io/subscribed"] == "true"
isInstalled if input.object.status.state != ""
hasExtensionID if input.object.metadata.labels["marketplace.kubesphere.io/extension-id"] != ""
kind: Secret
metadata:
name: extensions.customresourcefilters.kubesphere
namespace: kubesphere-system
type: config.kubesphere.io/custom-resource-filter
13 changes: 13 additions & 0 deletions src/test/ks-core/templates/globalroles.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -155,6 +155,19 @@ metadata:
annotations:
kubesphere.io/creator: admin
kubesphere.io/description: '{"zh": "管理 KubeSphere 平台上的所有资源。", "en": "Manage all resources on the KubeSphere platform."}'
iam.kubesphere.io/rego-override: >-
package authz
default allow = false
allow = true {
allowedScopes := ["Workspace","Namespace","Cluster"]
allowedScopes[_] == input.ResourceScope
allowedVerbs := ["get","list","watch"]
allowedVerbs[_] == input.Verb
}
allow = true {
allowedScopes := ["Workspace","Namespace","Cluster"]
allowedScopes[_] == input.ResourceScope
}
labels:
iam.kubesphere.io/auto-aggregate: "true"
name: platform-admin
Expand Down
12 changes: 8 additions & 4 deletions src/test/ks-core/templates/marketplace-config.yaml
Original file line number Diff line number Diff line change
@@ -1,8 +1,9 @@
{{ if eq .Values.role "host" }}
{{- if eq .Values.role "host" }}
{{- if .Values.cloud.enabled }}
apiVersion: v1
stringData:
configuration.yaml: |
{{- if .Values.devMode }}
{{- if eq .Values.cloud.env "clouddev.kubesphere.io" }}
url: https://clouddev.kubesphere.io
oauth:
clientID: "client-a5cdf64c-7f84-415e-a6b1-8dfbfad493c3"
Expand All @@ -13,7 +14,7 @@ stringData:
url: https://app.clouddev.kubesphere.io
repoName: marketplace
syncPeriod: 60m
{{- else }}
{{- else if eq .Values.cloud.env "kubesphere.cloud" }}
url: https://kubesphere.cloud
oauth:
clientID: "client-a5cdf64c-7f84-415e-a6b1-8dfbfad493c3"
Expand All @@ -24,6 +25,8 @@ stringData:
url: https://app.kubesphere.cloud
repoName: marketplace
syncPeriod: 60m
{{- else if .Values.cloud.customEnv }}
{{- toYaml .Values.cloud.customEnv | nindent 4 }}
{{- end }}
kind: Secret
metadata:
Expand All @@ -32,4 +35,5 @@ metadata:
labels:
config.kubesphere.io/type: marketplace
type: config.kubesphere.io/marketplace
{{ end }}
{{- end }}
{{- end }}
16 changes: 16 additions & 0 deletions src/test/ks-core/templates/roletemplates.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -195,6 +195,15 @@ kind: RoleTemplate
metadata:
annotations:
iam.kubesphere.io/role-template-rules: '{"clusters": "view"}'
iam.kubesphere.io/rego-override: |-
package authz
default allow = false
allow = true {
allowedScopes := ["Workspace","Namespace","Cluster"]
allowedScopes[_] == input.ResourceScope
allowedVerbs := ["get","list","watch"]
allowedVerbs[_] == input.Verb
}
labels:
iam.kubesphere.io/category: global-cluster-management
iam.kubesphere.io/scope: "global"
Expand Down Expand Up @@ -266,6 +275,13 @@ metadata:
iam.kubesphere.io/dependencies: '["global-view-clusters"]'
iam.kubesphere.io/role-template-rules: '{"clusters": "manage"}'
kubesphere.io/description: '{"zh":"创建集群、删除集群和管理集群中的所有资源。"}'
iam.kubesphere.io/rego-override: |-
package authz
default allow = false
allow = true {
allowedScopes := ["Workspace","Namespace","Cluster"]
allowedScopes[_] == input.ResourceScope
}
labels:
iam.kubesphere.io/category: global-cluster-management
iam.kubesphere.io/scope: "global"
Expand Down
1 change: 1 addition & 0 deletions src/test/ks-core/templates/user.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ metadata:
annotations:
iam.kubesphere.io/uninitialized: "true"
iam.kubesphere.io/globalrole: "platform-admin"
kubesphere.io/creator: "system"
spec:
email: [email protected]
password: {{ include "getOrDefaultPass" . | quote }}
Expand Down
14 changes: 13 additions & 1 deletion src/test/ks-core/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -287,6 +287,18 @@ nodeShell:
tag: "3.18.4"
pullPolicy: IfNotPresent

cloud:
enabled: true
## kubesphere.cloud or clouddev.kubesphere.io
env: "kubesphere.cloud"
customEnv:
# url: https://kubesphere.cloud
# subscription:
# syncPeriod: 60m
# repository:
# url: https://app.kubesphere.cloud
# repoName: marketplace
# syncPeriod: 60m

extension:
imageRegistry: ""
Expand Down Expand Up @@ -363,7 +375,7 @@ upgrade:
- amd64
overrides:
k: v
dynamicOptions: { }
dynamicOptions: {}
devops:
disabled: false
priority: 100
Expand Down

0 comments on commit b3eccb4

Please sign in to comment.