From c155e910a59239d8f1b86b66b2045d6aed649fa8 Mon Sep 17 00:00:00 2001 From: obaydullahmhs Date: Thu, 11 Jan 2024 18:54:52 +0600 Subject: [PATCH] Add kafka webhook yaml to the chart Signed-off-by: obaydullahmhs --- charts/kubedb-crd-manager/values.yaml | 6 ++-- charts/kubedb-provisioner/values.yaml | 6 ++-- .../templates/apiregistration.yaml | 34 +++++++++++++++++++ .../templates/cluster-role.yaml | 1 + .../provisioner/mutating-webhook.yaml | 15 ++++++++ .../provisioner/validating-webhook.yaml | 15 ++++++++ charts/kubedb-webhook-server/values.yaml | 6 ++-- 7 files changed, 74 insertions(+), 9 deletions(-) diff --git a/charts/kubedb-crd-manager/values.yaml b/charts/kubedb-crd-manager/values.yaml index a5c36acbd..18ff30463 100644 --- a/charts/kubedb-crd-manager/values.yaml +++ b/charts/kubedb-crd-manager/values.yaml @@ -1,15 +1,15 @@ # Docker registry fqdn used to pull app related images. # Set this to use docker registry hosted at ${registryFQDN}/${registry}/${image} -registryFQDN: "" +registryFQDN: ghcr.io # Docker registry containing app images image: # Docker registry used to pull app container image - registry: raihankhanraka + registry: kubedb # App container image repository: kubedb-crd-manager # Overrides the image tag whose default is the chart appVersion. - tag: "1.0" + tag: "" # Specify an array of imagePullSecrets. # Secrets must be manually created in the namespace. diff --git a/charts/kubedb-provisioner/values.yaml b/charts/kubedb-provisioner/values.yaml index 71548b012..35ab02e79 100644 --- a/charts/kubedb-provisioner/values.yaml +++ b/charts/kubedb-provisioner/values.yaml @@ -22,7 +22,7 @@ license: "" licenseSecretName: "" # Docker registry fqdn used to pull KubeDB related images # Set this to use docker registry hosted at ${registryFQDN}/${registry}/${image} -registryFQDN: "" +registryFQDN: ghcr.io # Specify an array of insecure registries. # # Example: @@ -33,11 +33,11 @@ insecureRegistries: [] # Docker registry containing KubeDB images operator: # Docker registry used to pull KubeDB operator image - registry: raihankhanraka + registry: kubedb # KubeDB operator container image repository: kubedb-provisioner # KubeDB operator container image tag - tag: "1.0" + tag: "" # Security options this container should run with securityContext: # +doc-gen:break allowPrivilegeEscalation: false diff --git a/charts/kubedb-webhook-server/templates/apiregistration.yaml b/charts/kubedb-webhook-server/templates/apiregistration.yaml index d6774099c..4e4357968 100644 --- a/charts/kubedb-webhook-server/templates/apiregistration.yaml +++ b/charts/kubedb-webhook-server/templates/apiregistration.yaml @@ -64,6 +64,40 @@ spec: caBundle: {{ $caCrt }} groupPriorityMinimum: {{ .Values.apiserver.groupPriorityMinimum }} versionPriority: {{ .Values.apiserver.versionPriority }} +--- +apiVersion: apiregistration.k8s.io/v1 +kind: APIService +metadata: + name: v1alpha1.validators.kafka.kubedb.com + labels: + app.kubernetes.io/component: kubedb-provisioner + {{- include "kubedb-webhook-server.labels" . | nindent 4 }} +spec: + group: validators.kafka.kubedb.com + version: v1alpha1 + service: + namespace: {{ .Release.Namespace }} + name: {{ include "kubedb-webhook-server.fullname" . }} + caBundle: {{ $caCrt }} + groupPriorityMinimum: {{ .Values.apiserver.groupPriorityMinimum }} + versionPriority: {{ .Values.apiserver.versionPriority }} +--- +apiVersion: apiregistration.k8s.io/v1 +kind: APIService +metadata: + name: v1alpha1.mutators.kafka.kubedb.com + labels: + app.kubernetes.io/component: kubedb-provisioner + {{- include "kubedb-webhook-server.labels" . | nindent 4 }} +spec: + group: mutators.kafka.kubedb.com + version: v1alpha1 + service: + namespace: {{ .Release.Namespace }} + name: {{ include "kubedb-webhook-server.fullname" . }} + caBundle: {{ $caCrt }} + groupPriorityMinimum: {{ .Values.apiserver.groupPriorityMinimum }} + versionPriority: {{ .Values.apiserver.versionPriority }} {{- end }} {{- if list "kubedb-webhook-server" "kubedb-ops-manager" | has .Values.server.repository }} --- diff --git a/charts/kubedb-webhook-server/templates/cluster-role.yaml b/charts/kubedb-webhook-server/templates/cluster-role.yaml index df3733563..716d356e5 100644 --- a/charts/kubedb-webhook-server/templates/cluster-role.yaml +++ b/charts/kubedb-webhook-server/templates/cluster-role.yaml @@ -47,6 +47,7 @@ rules: - dashboard.kubedb.com - schema.kubedb.com - archiver.kubedb.com + - kafka.kubedb.com resources: - "*" verbs: ["get", "list", "watch"] diff --git a/charts/kubedb-webhook-server/templates/provisioner/mutating-webhook.yaml b/charts/kubedb-webhook-server/templates/provisioner/mutating-webhook.yaml index 1c2461bcd..b17c1f6ee 100644 --- a/charts/kubedb-webhook-server/templates/provisioner/mutating-webhook.yaml +++ b/charts/kubedb-webhook-server/templates/provisioner/mutating-webhook.yaml @@ -234,6 +234,21 @@ webhooks: admissionReviewVersions: [ "v1beta1" ] failurePolicy: {{ .Values.apiserver.webhook.failurePolicy }} sideEffects: None +- name: connectclusterwebhook.mutators.kafka.kubedb.com + clientConfig: + service: + namespace: default + name: kubernetes + path: /apis/mutators.kafka.kubedb.com/v1alpha1/connectclusterwebhooks + caBundle: {{ $caCrt }} + rules: + - apiGroups: [ "kafka.kubedb.com" ] + apiVersions: [ "*" ] + resources: [ "connectclusters" ] + operations: [ "CREATE", "UPDATE" ] + admissionReviewVersions: [ "v1beta1" ] + failurePolicy: {{ .Values.apiserver.webhook.failurePolicy }} + sideEffects: None {{- end }} {{- end }} {{- end }} diff --git a/charts/kubedb-webhook-server/templates/provisioner/validating-webhook.yaml b/charts/kubedb-webhook-server/templates/provisioner/validating-webhook.yaml index e4e959deb..3f8ca74c3 100644 --- a/charts/kubedb-webhook-server/templates/provisioner/validating-webhook.yaml +++ b/charts/kubedb-webhook-server/templates/provisioner/validating-webhook.yaml @@ -249,6 +249,21 @@ webhooks: admissionReviewVersions: ["v1beta1"] failurePolicy: {{ .Values.apiserver.webhook.failurePolicy }} sideEffects: None +- name: connectclusterwebhook.validators.kafka.kubedb.com + clientConfig: + service: + namespace: default + name: kubernetes + path: /apis/validators.kafka.kubedb.com/v1alpha1/connectclusterwebhooks + caBundle: {{ $caCrt }} + rules: + - apiGroups: ["kafka.kubedb.com"] + apiVersions: ["*"] + resources: ["connectclusters"] + operations: ["CREATE", "UPDATE", "DELETE"] + admissionReviewVersions: ["v1beta1"] + failurePolicy: {{ .Values.apiserver.webhook.failurePolicy }} + sideEffects: None {{- end }} {{- end }} {{- end }} diff --git a/charts/kubedb-webhook-server/values.yaml b/charts/kubedb-webhook-server/values.yaml index 4f15dbf9a..12a429b95 100644 --- a/charts/kubedb-webhook-server/values.yaml +++ b/charts/kubedb-webhook-server/values.yaml @@ -22,15 +22,15 @@ license: "" licenseSecretName: "" # Docker registry fqdn used to pull KubeDB related images # Set this to use docker registry hosted at ${registryFQDN}/${registry}/${image} -registryFQDN: "" +registryFQDN: ghcr.io # Docker registry containing KubeDB images server: # Docker registry used to pull KubeDB webhook server image - registry: raihankhanraka + registry: kubedb # KubeDB webhook server container image repository: kubedb-webhook-server # KubeDB webhook server container image tag - tag: "1.0" + tag: "" # Security options this container should run with securityContext: # +doc-gen:break allowPrivilegeEscalation: false