diff --git a/internal/constellation/helm/BUILD.bazel b/internal/constellation/helm/BUILD.bazel index 35a45b7ee36..e7035b90530 100644 --- a/internal/constellation/helm/BUILD.bazel +++ b/internal/constellation/helm/BUILD.bazel @@ -253,11 +253,6 @@ go_library( "charts/edgeless/operators/Chart.yaml", "charts/edgeless/operators/charts/constellation-operator/.helmignore", "charts/edgeless/operators/charts/constellation-operator/Chart.yaml", - "charts/edgeless/operators/charts/constellation-operator/crds/autoscalingstrategy-crd.yaml", - "charts/edgeless/operators/charts/constellation-operator/crds/joiningnode-crd.yaml", - "charts/edgeless/operators/charts/constellation-operator/crds/nodeversion-crd.yaml", - "charts/edgeless/operators/charts/constellation-operator/crds/pendingnode-crd.yaml", - "charts/edgeless/operators/charts/constellation-operator/crds/scalinggroup-crd.yaml", "charts/edgeless/operators/charts/constellation-operator/templates/_helpers.tpl", "charts/edgeless/operators/charts/constellation-operator/templates/deployment.yaml", "charts/edgeless/operators/charts/constellation-operator/templates/leader-election-rbac.yaml", @@ -452,6 +447,11 @@ go_library( "charts/cert-manager/templates/webhook-poddisruptionbudget.yaml", "charts/edgeless/constellation-services/charts/autoscaler/templates/coredns-pdb.yaml", "charts/cilium/templates/cilium-flowlog-configmap.yaml", + "charts/edgeless/operators/charts/constellation-operator/crds/update.edgeless.systems_autoscalingstrategies.yaml", + "charts/edgeless/operators/charts/constellation-operator/crds/update.edgeless.systems_joiningnodes.yaml", + "charts/edgeless/operators/charts/constellation-operator/crds/update.edgeless.systems_nodeversions.yaml", + "charts/edgeless/operators/charts/constellation-operator/crds/update.edgeless.systems_pendingnodes.yaml", + "charts/edgeless/operators/charts/constellation-operator/crds/update.edgeless.systems_scalinggroups.yaml", ], importpath = "github.com/edgelesssys/constellation/v2/internal/constellation/helm", visibility = ["//:__subpackages__"], diff --git a/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/autoscalingstrategy-crd.yaml b/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/update.edgeless.systems_autoscalingstrategies.yaml similarity index 92% rename from internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/autoscalingstrategy-crd.yaml rename to internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/update.edgeless.systems_autoscalingstrategies.yaml index 18dce5e376e..752862fa8cf 100644 --- a/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/autoscalingstrategy-crd.yaml +++ b/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/update.edgeless.systems_autoscalingstrategies.yaml @@ -1,9 +1,10 @@ +--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: - name: autoscalingstrategies.update.edgeless.systems annotations: - controller-gen.kubebuilder.io/version: v0.9.0 + controller-gen.kubebuilder.io/version: v0.13.0 + name: autoscalingstrategies.update.edgeless.systems spec: group: update.edgeless.systems names: @@ -48,8 +49,8 @@ spec: deployment. type: string enabled: - description: Enabled defines whether cluster autoscaling should be enabled - or not. + description: Enabled defines whether cluster autoscaling should be + enabled or not. type: boolean required: - deploymentName @@ -64,7 +65,8 @@ spec: enabled or not. type: boolean replicas: - description: Replicas is the number of replicas for the autoscaler deployment. + description: Replicas is the number of replicas for the autoscaler + deployment. format: int32 type: integer type: object @@ -73,9 +75,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/joiningnode-crd.yaml b/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/update.edgeless.systems_joiningnodes.yaml similarity index 94% rename from internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/joiningnode-crd.yaml rename to internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/update.edgeless.systems_joiningnodes.yaml index 88fb65ae81c..b5a21665595 100644 --- a/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/joiningnode-crd.yaml +++ b/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/update.edgeless.systems_joiningnodes.yaml @@ -1,9 +1,10 @@ +--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: - name: joiningnodes.update.edgeless.systems annotations: - controller-gen.kubebuilder.io/version: v0.9.0 + controller-gen.kubebuilder.io/version: v0.13.0 + name: joiningnodes.update.edgeless.systems spec: group: update.edgeless.systems names: @@ -59,9 +60,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] \ No newline at end of file diff --git a/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/nodeversion-crd.yaml b/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/update.edgeless.systems_nodeversions.yaml similarity index 98% rename from internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/nodeversion-crd.yaml rename to internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/update.edgeless.systems_nodeversions.yaml index 9c46b695cd5..32f4570646d 100644 --- a/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/nodeversion-crd.yaml +++ b/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/update.edgeless.systems_nodeversions.yaml @@ -1,9 +1,10 @@ +--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: - name: nodeversions.update.edgeless.systems annotations: - controller-gen.kubebuilder.io/version: v0.9.0 + controller-gen.kubebuilder.io/version: v0.13.0 + name: nodeversions.update.edgeless.systems spec: group: update.edgeless.systems names: @@ -119,6 +120,7 @@ spec: description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string type: object + x-kubernetes-map-type: atomic type: array budget: description: Budget is the amount of extra nodes that can be created @@ -258,6 +260,7 @@ spec: description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string type: object + x-kubernetes-map-type: atomic type: array heirs: description: Heirs is a list of nodes using the latest image that @@ -322,6 +325,7 @@ spec: description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string type: object + x-kubernetes-map-type: atomic type: array invalid: description: Invalid is a list of invalid nodes (nodes that cannot @@ -387,6 +391,7 @@ spec: description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string type: object + x-kubernetes-map-type: atomic type: array mints: description: Mints is a list of up to date nodes that will become @@ -451,6 +456,7 @@ spec: description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string type: object + x-kubernetes-map-type: atomic type: array obsolete: description: Obsolete is a list of obsolete nodes (nodes that have @@ -515,6 +521,7 @@ spec: description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string type: object + x-kubernetes-map-type: atomic type: array outdated: description: Outdated is a list of nodes that are using an outdated @@ -579,6 +586,7 @@ spec: description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string type: object + x-kubernetes-map-type: atomic type: array pending: description: Pending is a list of pending nodes (joining or leaving @@ -643,6 +651,7 @@ spec: description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string type: object + x-kubernetes-map-type: atomic type: array upToDate: description: UpToDate is a list of nodes that are using the latest @@ -707,8 +716,10 @@ spec: description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' type: string type: object + x-kubernetes-map-type: atomic type: array required: + - activeclusterversionupgrade - budget - conditions type: object diff --git a/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/pendingnode-crd.yaml b/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/update.edgeless.systems_pendingnodes.yaml similarity index 85% rename from internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/pendingnode-crd.yaml rename to internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/update.edgeless.systems_pendingnodes.yaml index 41b5a4cd725..7dcef714618 100644 --- a/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/pendingnode-crd.yaml +++ b/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/update.edgeless.systems_pendingnodes.yaml @@ -1,9 +1,10 @@ +--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: - name: pendingnodes.update.edgeless.systems annotations: - controller-gen.kubebuilder.io/version: v0.9.0 + controller-gen.kubebuilder.io/version: v0.13.0 + name: pendingnodes.update.edgeless.systems spec: group: update.edgeless.systems names: @@ -34,10 +35,10 @@ spec: description: PendingNodeSpec defines the desired state of PendingNode. properties: deadline: - description: Deadline is the deadline for reaching the goal state. Joining - nodes will be terminated if the deadline is exceeded. Leaving nodes - will remain as unschedulable to prevent data loss. If not specified, - the node may remain in the pending state indefinitely. + description: Deadline is the deadline for reaching the goal state. + Joining nodes will be terminated if the deadline is exceeded. Leaving + nodes will remain as unschedulable to prevent data loss. If not + specified, the node may remain in the pending state indefinitely. format: date-time type: string goal: @@ -47,8 +48,8 @@ spec: - Leave type: string groupID: - description: ScalingGroupID is the ID of the group that this node shall - be part of. + description: ScalingGroupID is the ID of the group that this node + shall be part of. type: string nodeName: description: NodeName is the kubernetes internal name of the node. @@ -72,7 +73,8 @@ spec: - Failed type: string reachedGoal: - description: ReachedGoal is true if the node has reached the goal state. + description: ReachedGoal is true if the node has reached the goal + state. type: boolean type: object type: object @@ -80,9 +82,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/scalinggroup-crd.yaml b/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/update.edgeless.systems_scalinggroups.yaml similarity index 85% rename from internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/scalinggroup-crd.yaml rename to internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/update.edgeless.systems_scalinggroups.yaml index 0e334ae297f..7d949301d5c 100644 --- a/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/scalinggroup-crd.yaml +++ b/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds/update.edgeless.systems_scalinggroups.yaml @@ -1,9 +1,10 @@ +--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: - name: scalinggroups.update.edgeless.systems annotations: - controller-gen.kubebuilder.io/version: v0.9.0 + controller-gen.kubebuilder.io/version: v0.13.0 + name: scalinggroups.update.edgeless.systems spec: group: update.edgeless.systems names: @@ -37,16 +38,16 @@ spec: description: AutoscalerGroupName is name that is expected by the autoscaler. type: string autoscaling: - description: Autoscaling specifies wether the scaling group should automatically - scale using the cluster-autoscaler. + description: Autoscaling specifies wether the scaling group should + automatically scale using the cluster-autoscaler. type: boolean groupId: - description: GroupID is the CSP specific, canonical identifier of a - scaling group. + description: GroupID is the CSP specific, canonical identifier of + a scaling group. type: string max: - description: Max is the maximum number of autoscaled nodes in the scaling - group (used by cluster-autoscaler). + description: Max is the maximum number of autoscaled nodes in the + scaling group (used by cluster-autoscaler). format: int32 type: integer min: @@ -55,11 +56,11 @@ spec: format: int32 type: integer nodeGroupName: - description: NodeGroupName is the human friendly name of the node group - as defined in the Constellation configuration. + description: NodeGroupName is the human friendly name of the node + group as defined in the Constellation configuration. type: string nodeImage: - description: NodeImage is the name of the NodeImage resource. + description: NodeVersion is the name of the NodeVersion resource. type: string role: description: Role is the role of the nodes in the scaling group. @@ -78,8 +79,8 @@ spec: description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a foo's - current state. // Known .status.conditions.type are: \"Available\", + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" @@ -93,8 +94,8 @@ spec: format: date-time type: string message: - description: message is a human readable message indicating details - about the transition. This may be an empty string. + description: message is a human readable message indicating + details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: @@ -108,11 +109,11 @@ spec: type: integer reason: description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers of - specific condition types may define expected values and meanings - for this field, and whether the values are considered a guaranteed - API. The value should be a CamelCase string. This field may - not be empty. + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ @@ -142,8 +143,8 @@ spec: type: object type: array imageReference: - description: ImageReference is the image currently used for newly created - nodes in this scaling group. + description: ImageReference is the image currently used for newly + created nodes in this scaling group. type: string required: - conditions @@ -153,9 +154,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/templates/manager-rbac.yaml b/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/templates/role.yaml similarity index 83% rename from internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/templates/manager-rbac.yaml rename to internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/templates/role.yaml index 45dddbdd925..56f50a6caff 100644 --- a/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/templates/manager-rbac.yaml +++ b/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/templates/role.yaml @@ -1,10 +1,8 @@ +--- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: constellation-operator-manager-role - namespace: {{ .Release.Namespace }} - labels: - {{- include "chart.labels" . | nindent 4 }} rules: - apiGroups: - "" @@ -198,19 +196,3 @@ rules: - get - patch - update ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: constellation-operator-manager-rolebinding - namespace: {{ .Release.Namespace }} - labels: - {{- include "chart.labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: 'constellation-operator-manager-role' -subjects: -- kind: ServiceAccount - name: 'constellation-operator-controller-manager' - namespace: '{{ .Release.Namespace }}' diff --git a/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/templates/rolebinding.yaml b/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/templates/rolebinding.yaml new file mode 100644 index 00000000000..95348fda057 --- /dev/null +++ b/internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/templates/rolebinding.yaml @@ -0,0 +1,14 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: constellation-operator-manager-rolebinding + labels: + {{- include "chart.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: 'constellation-operator-manager-role' +subjects: +- kind: ServiceAccount + name: 'constellation-operator-controller-manager' + namespace: '{{ .Release.Namespace }}' diff --git a/operators/constellation-node-operator/api/v1alpha1/groupversion_info.go b/operators/constellation-node-operator/api/v1alpha1/groupversion_info.go index fd9f3a6df7a..b4218400ea3 100644 --- a/operators/constellation-node-operator/api/v1alpha1/groupversion_info.go +++ b/operators/constellation-node-operator/api/v1alpha1/groupversion_info.go @@ -6,6 +6,7 @@ SPDX-License-Identifier: AGPL-3.0-only //go:generate controller-gen object paths=. //go:generate controller-gen crd paths=. output:crd:dir=../../config/crd/bases +//go:generate controller-gen crd paths=. output:crd:dir=../../../../internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/crds // Package v1alpha1 contains API Schema definitions for the update v1alpha1 API group // +kubebuilder:object:generate=true diff --git a/operators/constellation-node-operator/cmd/main.go b/operators/constellation-node-operator/cmd/main.go index cc2f2292bbc..d94e8cb8ee8 100644 --- a/operators/constellation-node-operator/cmd/main.go +++ b/operators/constellation-node-operator/cmd/main.go @@ -5,6 +5,7 @@ SPDX-License-Identifier: AGPL-3.0-only */ //go:generate controller-gen rbac:roleName=manager-role paths="../..." output:rbac:dir=../config/rbac +//go:generate controller-gen rbac:roleName=constellation-operator-manager-role paths="../..." output:rbac:dir=../../../internal/constellation/helm/charts/edgeless/operators/charts/constellation-operator/templates package main