Skip to content

Commit

Permalink
update shipwright build to 0.12.0
Browse files Browse the repository at this point in the history
  • Loading branch information
jkhelil committed Oct 25, 2023
1 parent e1cb993 commit 64baf78
Show file tree
Hide file tree
Showing 12 changed files with 543 additions and 214 deletions.
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
# To re-generate a bundle for another specific version without changing the standard setup, you can:
# - use the VERSION as arg of the bundle target (e.g make bundle VERSION=0.0.2)
# - use environment variables to overwrite this value (e.g export VERSION=0.0.2)
VERSION ?= 0.11.0
VERSION ?= 0.12.0

# CHANNELS define the bundle channels used in the bundle.
# Add a new line here if you would like to change its default config. (E.g CHANNELS = "candidate,fast,stable")
Expand Down
42 changes: 11 additions & 31 deletions bundle/manifests/shipwright-operator.clusterserviceversion.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ metadata:
operators.operatorframework.io/project_layout: go.kubebuilder.io/v3
repository: https://github.com/shipwright-io/operator
support: The Shipwright Contributors
name: shipwright-operator.v0.11.0
name: shipwright-operator.v0.12.0
namespace: placeholder
spec:
apiservicedefinitions: {}
Expand Down Expand Up @@ -515,7 +515,13 @@ spec:
- apiGroups:
- ""
resources:
- configmaps
- events
- limitranges
- namespaces
- pods
- secrets
- services
verbs:
- create
- delete
Expand All @@ -527,22 +533,15 @@ spec:
- apiGroups:
- ""
resources:
- secrets
- namespaces
verbs:
- create
- delete
- get
- list
- watch
- apiGroups:
- ""
resourceNames:
- shipwright-build-webhook-cert
resources:
- secrets
verbs:
- delete
- patch
- update
- watch
- apiGroups:
- ""
resources:
Expand Down Expand Up @@ -572,25 +571,6 @@ spec:
- delete
- patch
- update
- apiGroups:
- ""
resources:
- services
verbs:
- create
- get
- list
- watch
- apiGroups:
- ""
resourceNames:
- shipwright-build-webhook
resources:
- services
verbs:
- delete
- patch
- update
- apiGroups:
- operator.shipwright.io
resources:
Expand Down Expand Up @@ -901,4 +881,4 @@ spec:
provider:
name: The Shipwright Contributors
url: https://shipwright.io
version: 0.11.0
version: 0.12.0
38 changes: 9 additions & 29 deletions config/rbac/role.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -137,7 +137,13 @@ rules:
- apiGroups:
- ""
resources:
- configmaps
- events
- limitranges
- namespaces
- pods
- secrets
- services
verbs:
- create
- delete
Expand All @@ -149,22 +155,15 @@ rules:
- apiGroups:
- ""
resources:
- secrets
- namespaces
verbs:
- create
- delete
- get
- list
- watch
- apiGroups:
- ""
resourceNames:
- shipwright-build-webhook-cert
resources:
- secrets
verbs:
- delete
- patch
- update
- watch
- apiGroups:
- ""
resources:
Expand Down Expand Up @@ -194,25 +193,6 @@ rules:
- delete
- patch
- update
- apiGroups:
- ""
resources:
- services
verbs:
- create
- get
- list
- watch
- apiGroups:
- ""
resourceNames:
- shipwright-build-webhook
resources:
- services
verbs:
- delete
- patch
- update
- apiGroups:
- operator.shipwright.io
resources:
Expand Down
2 changes: 1 addition & 1 deletion config/subscription/subscription.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,4 +9,4 @@ spec:
source: shipwright-operator
sourceNamespace: shipwright-operator
installPlanApproval: Automatic
startingCSV: shipwright-operator.v0.8.1-snapshot
startingCSV: shipwright-operator.v0.12.0
24 changes: 21 additions & 3 deletions controllers/shipwrightbuild_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,10 @@ const (

// UseManagedWebhookCerts is an env Var that controls wether we install the webhook certs
UseManagedWebhookCerts = "USE_MANAGED_WEBHOOK_CERTS"

CertManagerInjectAnnotationKey = "cert-manager.io/inject-ca-from"

CertManagerInjectAnnotationValueTemplate = "%s/shipwright-build-webhook-cert"
)

// ShipwrightBuildReconciler reconciles a ShipwrightBuild object
Expand Down Expand Up @@ -157,12 +161,26 @@ func (r *ShipwrightBuildReconciler) Reconcile(ctx context.Context, req ctrl.Requ
}
}

// filtering out namespace resource, so it does not create new namespaces accidentally, and
// transforming object to target the namespace informed on the CRD (.spec.namespace)
// Applying transformers
// image transformers: Alow to inject custom component images
// namespace transformer: Allow installing in a specific namespace
// InjetAnnotation transformer for webhook certs management via cert manager
images := common.ToLowerCaseKeys(common.ImagesFromEnv(common.ShipwrightImagePrefix))

transformerfncs := []manifestival.Transformer{}
if common.IsOpenShiftPlatform() {
transformerfncs = append(transformerfncs, manifestival.InjectNamespace(targetNamespace))
transformerfncs = append(transformerfncs, common.DeploymentImages(images))
} else {
transformerfncs = append(transformerfncs, manifestival.InjectNamespace(targetNamespace))
transformerfncs = append(transformerfncs, common.DeploymentImages(images))
transformerfncs = append(transformerfncs, common.InjectAnnotations(CertManagerInjectAnnotationKey, fmt.Sprintf(CertManagerInjectAnnotationValueTemplate, targetNamespace), common.Overwrite, "CustomResourceDefinition"))
}

manifest, err := r.Manifest.
Filter(manifestival.Not(manifestival.ByKind("Namespace"))).
Transform(manifestival.InjectNamespace(targetNamespace), common.DeploymentImages(images))
Transform(transformerfncs...)

if err != nil {
logger.Error(err, "transforming manifests, injecting namespace")
return RequeueWithError(err)
Expand Down
5 changes: 1 addition & 4 deletions controllers/shipwrightbuild_rbac.go
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,4 @@ package controllers
// +kubebuilder:rbac:groups=cert-manager.io,resources=issuers,resourceNames=selfsigned-issuer,verbs=update;patch;delete
// +kubebuilder:rbac:groups=cert-manager.io,resources=certificates,verbs=get;list;watch;create
// +kubebuilder:rbac:groups=cert-manager.io,resources=certificates,resourceNames=shipwright-build-webhook-cert,verbs=update;patch;delete
// +kubebuilder:rbac:groups=core,resources=services,verbs=get;list;watch;create
// +kubebuilder:rbac:groups=core,resources=services,resourceNames=shipwright-build-webhook,verbs=update;patch;delete
// +kubebuilder:rbac:groups=core,resources=secrets,verbs=get;list;watch;create
// +kubebuilder:rbac:groups=core,resources=secrets,resourceNames=shipwright-build-webhook-cert,verbs=update;patch;delete
// +kubebuilder:rbac:groups=core,resources=pods;events;configmaps;secrets;limitranges;namespaces;services,verbs=get;list;watch;create;update;patch;delete
2 changes: 1 addition & 1 deletion docs/shipwrightbuild.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
When the Shipwright Operator is installed with the Operator Lifecycle Manager, the
`ShipwrightBuild` [custom resource definition](https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/) is added to your cluster.
This custom resource is used to install and configure Shipwright Builds on your cluster.
The current operator will install version `0.11.0` of Builds.
The current operator will install version `0.12.0` of Builds.

## ShipwrightBuild Reference

Expand Down
3 changes: 1 addition & 2 deletions kodata/certificates.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,7 @@ metadata:
namespace: shipwright-build
spec:
dnsNames:
- shipwright-build-webhook.shipwright-build.svc
- shipwright-build-webhook.shipwright-build.svc.cluster.local
- shp-build-webhook.shipwright-build.svc
issuerRef:
kind: Issuer
name: selfsigned-issuer
Expand Down
Loading

0 comments on commit 64baf78

Please sign in to comment.