From 19f5571bddc5a6d503c05e86b2c93e30729c2425 Mon Sep 17 00:00:00 2001 From: Mikita Iwanowski Date: Mon, 24 Jun 2024 12:08:15 +0200 Subject: [PATCH 1/3] release.sh --- bundle.Dockerfile | 2 +- charts/mondoo-operator/Chart.yaml | 4 +- .../mondoo-operator/templates/deployment.yaml | 2 + .../templates/deployment.yaml-z | 84 +++++++++++++++++++ .../templates/manager-rbac.yaml | 13 +-- .../templates/metrics-service.yaml | 1 + .../templates/metrics-service.yaml-z | 13 +++ charts/mondoo-operator/values.yaml | 2 +- config/manager/kustomization.yaml | 2 +- config/webhook/kustomization.yaml | 2 +- 10 files changed, 113 insertions(+), 12 deletions(-) create mode 100644 charts/mondoo-operator/templates/deployment.yaml-z create mode 100644 charts/mondoo-operator/templates/metrics-service.yaml-z diff --git a/bundle.Dockerfile b/bundle.Dockerfile index 264561ba4..1343b71fd 100644 --- a/bundle.Dockerfile +++ b/bundle.Dockerfile @@ -6,7 +6,7 @@ LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ LABEL operators.operatorframework.io.bundle.package.v1=mondoo-operator LABEL operators.operatorframework.io.bundle.channels.v1=stable-v1 -LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.34.2 +LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.35.0 LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1 LABEL operators.operatorframework.io.metrics.project_layout=go.kubebuilder.io/v4 diff --git a/charts/mondoo-operator/Chart.yaml b/charts/mondoo-operator/Chart.yaml index 321fb849b..ad10641b7 100755 --- a/charts/mondoo-operator/Chart.yaml +++ b/charts/mondoo-operator/Chart.yaml @@ -16,9 +16,9 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 11.2.2 +version: 11.3.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "11.2.2" +appVersion: "11.3.0" diff --git a/charts/mondoo-operator/templates/deployment.yaml b/charts/mondoo-operator/templates/deployment.yaml index 31b9466a7..24274d9bc 100644 --- a/charts/mondoo-operator/templates/deployment.yaml +++ b/charts/mondoo-operator/templates/deployment.yaml @@ -29,10 +29,12 @@ spec: replicas: {{ .Values.controllerManager.replicas }} selector: matchLabels: + app.kubernetes.io/name: mondoo-operator {{- include "mondoo-operator.selectorLabels" . | nindent 6 }} template: metadata: labels: + app.kubernetes.io/name: mondoo-operator {{- include "mondoo-operator.selectorLabels" . | nindent 8 }} annotations: kubectl.kubernetes.io/default-container: manager diff --git a/charts/mondoo-operator/templates/deployment.yaml-z b/charts/mondoo-operator/templates/deployment.yaml-z new file mode 100644 index 000000000..24274d9bc --- /dev/null +++ b/charts/mondoo-operator/templates/deployment.yaml-z @@ -0,0 +1,84 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "mondoo-operator.fullname" . }}-controller-manager + labels: + {{- include "mondoo-operator.labels" . | nindent 4 }} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "mondoo-operator.fullname" . }}-k8s-resources-scanning + labels: + {{- include "mondoo-operator.labels" . | nindent 4 }} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "mondoo-operator.fullname" . }}-webhook + labels: + {{- include "mondoo-operator.labels" . | nindent 4 }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "mondoo-operator.fullname" . }}-controller-manager + labels: + {{- include "mondoo-operator.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.controllerManager.replicas }} + selector: + matchLabels: + app.kubernetes.io/name: mondoo-operator + {{- include "mondoo-operator.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + app.kubernetes.io/name: mondoo-operator + {{- include "mondoo-operator.selectorLabels" . | nindent 8 }} + annotations: + kubectl.kubernetes.io/default-container: manager + spec: + containers: + - args: {{- toYaml .Values.controllerManager.manager.args | nindent 8 }} + command: + - /mondoo-operator + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: KUBERNETES_CLUSTER_DOMAIN + value: {{ quote .Values.kubernetesClusterDomain }} + image: {{ .Values.controllerManager.manager.image.repository }}:{{ .Values.controllerManager.manager.image.tag + | default .Chart.AppVersion }} + imagePullPolicy: {{ .Values.controllerManager.manager.imagePullPolicy }} + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + ports: + - containerPort: 8080 + name: metrics + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: {{- toYaml .Values.controllerManager.manager.resources | nindent 10 + }} + securityContext: {{- toYaml .Values.controllerManager.manager.containerSecurityContext + | nindent 10 }} + securityContext: + runAsNonRoot: true + serviceAccountName: {{ include "mondoo-operator.fullname" . }}-controller-manager + terminationGracePeriodSeconds: 10 \ No newline at end of file diff --git a/charts/mondoo-operator/templates/manager-rbac.yaml b/charts/mondoo-operator/templates/manager-rbac.yaml index d6b879cee..c518dd9ab 100644 --- a/charts/mondoo-operator/templates/manager-rbac.yaml +++ b/charts/mondoo-operator/templates/manager-rbac.yaml @@ -22,23 +22,24 @@ rules: resources: - daemonsets - deployments - - replicasets - - statefulsets verbs: + - create + - delete - get - list + - patch + - update - watch - apiGroups: - apps resources: + - daemonsets - deployments + - replicasets + - statefulsets verbs: - - create - - delete - get - list - - patch - - update - watch - apiGroups: - batch diff --git a/charts/mondoo-operator/templates/metrics-service.yaml b/charts/mondoo-operator/templates/metrics-service.yaml index 2ffe9f1c9..8cff6e776 100644 --- a/charts/mondoo-operator/templates/metrics-service.yaml +++ b/charts/mondoo-operator/templates/metrics-service.yaml @@ -7,6 +7,7 @@ metadata: spec: type: {{ .Values.metricsService.type }} selector: + app.kubernetes.io/name: mondoo-operator {{- include "mondoo-operator.selectorLabels" . | nindent 4 }} ports: {{- .Values.metricsService.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/charts/mondoo-operator/templates/metrics-service.yaml-z b/charts/mondoo-operator/templates/metrics-service.yaml-z new file mode 100644 index 000000000..8cff6e776 --- /dev/null +++ b/charts/mondoo-operator/templates/metrics-service.yaml-z @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "mondoo-operator.fullname" . }}-controller-manager-metrics-service + labels: + {{- include "mondoo-operator.labels" . | nindent 4 }} +spec: + type: {{ .Values.metricsService.type }} + selector: + app.kubernetes.io/name: mondoo-operator + {{- include "mondoo-operator.selectorLabels" . | nindent 4 }} + ports: + {{- .Values.metricsService.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/charts/mondoo-operator/values.yaml b/charts/mondoo-operator/values.yaml index 8012fc520..23cc76c1d 100644 --- a/charts/mondoo-operator/values.yaml +++ b/charts/mondoo-operator/values.yaml @@ -14,7 +14,7 @@ controllerManager: readOnlyRootFilesystem: true image: repository: ghcr.io/mondoohq/mondoo-operator - tag: v11.2.2 + tag: v11.3.0 imagePullPolicy: IfNotPresent resources: limits: diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index 9f50ba6e9..23991878a 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -17,4 +17,4 @@ kind: Kustomization images: - name: controller newName: ghcr.io/mondoohq/mondoo-operator - newTag: v11.2.2 + newTag: v11.3.0 diff --git a/config/webhook/kustomization.yaml b/config/webhook/kustomization.yaml index e8efb73ce..724de799c 100644 --- a/config/webhook/kustomization.yaml +++ b/config/webhook/kustomization.yaml @@ -10,7 +10,7 @@ resources: images: - name: controller newName: ghcr.io/mondoohq/mondoo-operator - newTag: v11.2.2 + newTag: v11.3.0 patchesStrategicMerge: - webhook_patch.yaml From e4b78f75af6923f95794e80adef266cbc2f8762a Mon Sep 17 00:00:00 2001 From: Mikita Iwanowski Date: Mon, 24 Jun 2024 13:31:32 +0200 Subject: [PATCH 2/3] fix: remove labels --- charts/mondoo-operator/templates/deployment.yaml | 2 -- charts/mondoo-operator/templates/metrics-service.yaml | 1 - 2 files changed, 3 deletions(-) diff --git a/charts/mondoo-operator/templates/deployment.yaml b/charts/mondoo-operator/templates/deployment.yaml index 24274d9bc..31b9466a7 100644 --- a/charts/mondoo-operator/templates/deployment.yaml +++ b/charts/mondoo-operator/templates/deployment.yaml @@ -29,12 +29,10 @@ spec: replicas: {{ .Values.controllerManager.replicas }} selector: matchLabels: - app.kubernetes.io/name: mondoo-operator {{- include "mondoo-operator.selectorLabels" . | nindent 6 }} template: metadata: labels: - app.kubernetes.io/name: mondoo-operator {{- include "mondoo-operator.selectorLabels" . | nindent 8 }} annotations: kubectl.kubernetes.io/default-container: manager diff --git a/charts/mondoo-operator/templates/metrics-service.yaml b/charts/mondoo-operator/templates/metrics-service.yaml index 8cff6e776..2ffe9f1c9 100644 --- a/charts/mondoo-operator/templates/metrics-service.yaml +++ b/charts/mondoo-operator/templates/metrics-service.yaml @@ -7,7 +7,6 @@ metadata: spec: type: {{ .Values.metricsService.type }} selector: - app.kubernetes.io/name: mondoo-operator {{- include "mondoo-operator.selectorLabels" . | nindent 4 }} ports: {{- .Values.metricsService.ports | toYaml | nindent 2 -}} \ No newline at end of file From 6a742fd7d2c0f127f2640b9a144a605df47db6dc Mon Sep 17 00:00:00 2001 From: Mikita Iwanowski Date: Mon, 24 Jun 2024 13:32:25 +0200 Subject: [PATCH 3/3] remove -z files --- .../templates/deployment.yaml-z | 84 ------------------- .../templates/metrics-service.yaml-z | 13 --- 2 files changed, 97 deletions(-) delete mode 100644 charts/mondoo-operator/templates/deployment.yaml-z delete mode 100644 charts/mondoo-operator/templates/metrics-service.yaml-z diff --git a/charts/mondoo-operator/templates/deployment.yaml-z b/charts/mondoo-operator/templates/deployment.yaml-z deleted file mode 100644 index 24274d9bc..000000000 --- a/charts/mondoo-operator/templates/deployment.yaml-z +++ /dev/null @@ -1,84 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "mondoo-operator.fullname" . }}-controller-manager - labels: - {{- include "mondoo-operator.labels" . | nindent 4 }} ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "mondoo-operator.fullname" . }}-k8s-resources-scanning - labels: - {{- include "mondoo-operator.labels" . | nindent 4 }} ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "mondoo-operator.fullname" . }}-webhook - labels: - {{- include "mondoo-operator.labels" . | nindent 4 }} ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "mondoo-operator.fullname" . }}-controller-manager - labels: - {{- include "mondoo-operator.labels" . | nindent 4 }} -spec: - replicas: {{ .Values.controllerManager.replicas }} - selector: - matchLabels: - app.kubernetes.io/name: mondoo-operator - {{- include "mondoo-operator.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - app.kubernetes.io/name: mondoo-operator - {{- include "mondoo-operator.selectorLabels" . | nindent 8 }} - annotations: - kubectl.kubernetes.io/default-container: manager - spec: - containers: - - args: {{- toYaml .Values.controllerManager.manager.args | nindent 8 }} - command: - - /mondoo-operator - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: KUBERNETES_CLUSTER_DOMAIN - value: {{ quote .Values.kubernetesClusterDomain }} - image: {{ .Values.controllerManager.manager.image.repository }}:{{ .Values.controllerManager.manager.image.tag - | default .Chart.AppVersion }} - imagePullPolicy: {{ .Values.controllerManager.manager.imagePullPolicy }} - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 - name: manager - ports: - - containerPort: 8080 - name: metrics - protocol: TCP - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - resources: {{- toYaml .Values.controllerManager.manager.resources | nindent 10 - }} - securityContext: {{- toYaml .Values.controllerManager.manager.containerSecurityContext - | nindent 10 }} - securityContext: - runAsNonRoot: true - serviceAccountName: {{ include "mondoo-operator.fullname" . }}-controller-manager - terminationGracePeriodSeconds: 10 \ No newline at end of file diff --git a/charts/mondoo-operator/templates/metrics-service.yaml-z b/charts/mondoo-operator/templates/metrics-service.yaml-z deleted file mode 100644 index 8cff6e776..000000000 --- a/charts/mondoo-operator/templates/metrics-service.yaml-z +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "mondoo-operator.fullname" . }}-controller-manager-metrics-service - labels: - {{- include "mondoo-operator.labels" . | nindent 4 }} -spec: - type: {{ .Values.metricsService.type }} - selector: - app.kubernetes.io/name: mondoo-operator - {{- include "mondoo-operator.selectorLabels" . | nindent 4 }} - ports: - {{- .Values.metricsService.ports | toYaml | nindent 2 -}} \ No newline at end of file