Skip to content

Commit

Permalink
CAPZ v0.5.2 Uplift
Browse files Browse the repository at this point in the history 
This patchset provides the manifests supporting CAPZ v0.5.2.
It requires CAPI v1alpha4 (v0.4.2) manifests and clusterctl v0.4.2
binary to work properly.

Depends-on: https://review.opendev.org/c/airship/airshipctl/+/804834
Relates-to: #600
Change-Id: Icccaf84d8765c75fb19bb2be352086cc33647f30
  • Loading branch information
Shiba, Sidney committed Oct 1, 2021
1 parent 614f7fe commit f3ad429
Show file tree
Hide file tree
Showing 83 changed files with 12,144 additions and 1 deletion.
24 changes: 24 additions & 0 deletions manifests/function/capz/v0.5.2/certmanager/certificate.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
# The following manifests contain a self-signed issuer CR and a certificate CR.
# More document can be found at https://docs.cert-manager.io
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: selfsigned-issuer
namespace: system
spec:
selfSigned: {}
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml
namespace: system
spec:
# $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize
dnsNames:
- $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc
- $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local
issuerRef:
kind: Issuer
name: selfsigned-issuer
secretName: $(SERVICE_NAME)-cert
4 changes: 4 additions & 0 deletions manifests/function/capz/v0.5.2/certmanager/kustomization.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
resources:
- certificate.yaml
configurations:
- kustomizeconfig.yaml
19 changes: 19 additions & 0 deletions manifests/function/capz/v0.5.2/certmanager/kustomizeconfig.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
# This configuration is for teaching kustomize how to update name ref and var substitution
nameReference:
- kind: Issuer
group: cert-manager.io
fieldSpecs:
- kind: Certificate
group: cert-manager.io
path: spec/issuerRef/name

varReference:
- kind: Certificate
group: cert-manager.io
path: spec/commonName
- kind: Certificate
group: cert-manager.io
path: spec/dnsNames
- kind: Certificate
group: cert-manager.io
path: spec/secretName
321 changes: 321 additions & 0 deletions ...unction/capz/v0.5.2/crd/bases/infrastructure.cluster.x-k8s.io_azureclusteridentities.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,321 @@

---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.6.1
creationTimestamp: null
name: azureclusteridentities.infrastructure.cluster.x-k8s.io
spec:
group: infrastructure.cluster.x-k8s.io
names:
categories:
- cluster-api
kind: AzureClusterIdentity
listKind: AzureClusterIdentityList
plural: azureclusteridentities
singular: azureclusteridentity
scope: Namespaced
versions:
- name: v1alpha3
schema:
openAPIV3Schema:
description: AzureClusterIdentity is the Schema for the azureclustersidentities
API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: AzureClusterIdentitySpec defines the parameters that are
used to create an AzureIdentity.
properties:
allowedNamespaces:
description: "AllowedNamespaces is an array of namespaces that AzureClusters
can use this Identity from. \n An empty list (default) indicates
that AzureClusters can use this Identity from any namespace. This
field is intentionally not a pointer because the nil behavior (no
namespaces) is undesirable here."
items:
type: string
type: array
clientID:
description: Both User Assigned MSI and SP can use this field.
type: string
clientSecret:
description: ClientSecret is a secret reference which should contain
either a Service Principal password or certificate secret.
properties:
name:
description: Name is unique within a namespace to reference a
secret resource.
type: string
namespace:
description: Namespace defines the space within which the secret
name must be unique.
type: string
type: object
resourceID:
description: User assigned MSI resource id.
type: string
tenantID:
description: Service principal primary tenant id.
type: string
type:
description: UserAssignedMSI or Service Principal
enum:
- ServicePrincipal
- UserAssignedMSI
type: string
required:
- clientID
- tenantID
- type
type: object
status:
description: AzureClusterIdentityStatus defines the observed state of
AzureClusterIdentity.
properties:
conditions:
description: Conditions defines current service state of the AzureClusterIdentity.
items:
description: Condition defines an observation of a Cluster API resource
operational state.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another. This should be when the underlying condition changed.
If that is not known, then using the time when the API field
changed is acceptable.
format: date-time
type: string
message:
description: A human readable message indicating details about
the transition. This field may be empty.
type: string
reason:
description: The reason for the condition's last transition
in CamelCase. The specific API may choose whether or not this
field is considered a guaranteed API. This field may not be
empty.
type: string
severity:
description: Severity provides an explicit classification of
Reason code, so the users or machines can immediately understand
the current situation and act accordingly. The Severity field
MUST be set only when Status=False.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of condition in CamelCase or in foo.example.com/CamelCase.
Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important.
type: string
required:
- status
- type
type: object
type: array
type: object
type: object
served: true
storage: false
subresources:
status: {}
- name: v1alpha4
schema:
openAPIV3Schema:
description: AzureClusterIdentity is the Schema for the azureclustersidentities
API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: AzureClusterIdentitySpec defines the parameters that are
used to create an AzureIdentity.
properties:
allowedNamespaces:
description: AllowedNamespaces is used to identify the namespaces
the clusters are allowed to use the identity from. Namespaces can
be selected either using an array of namespaces or with label selector.
An empty allowedNamespaces object indicates that AzureClusters can
use this identity from any namespace. If this object is nil, no
namespaces will be allowed (default behaviour, if this field is
not provided) A namespace should be either in the NamespaceList
or match with Selector to use the identity.
nullable: true
properties:
list:
description: A nil or empty list indicates that AzureCluster cannot
use the identity from any namespace.
items:
type: string
nullable: true
type: array
selector:
description: "Selector is a selector of namespaces that AzureCluster
can use this Identity from. This is a standard Kubernetes LabelSelector,
a label query over a set of resources. The result of matchLabels
and matchExpressions are ANDed. \n A nil or empty selector indicates
that AzureCluster cannot use this AzureClusterIdentity from
any namespace."
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that relates
the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In, NotIn,
Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If
the operator is In or NotIn, the values array must
be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced
during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A
single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is "key",
the operator is "In", and the values array contains only
"value". The requirements are ANDed.
type: object
type: object
type: object
clientID:
description: Both User Assigned MSI and SP can use this field.
type: string
clientSecret:
description: ClientSecret is a secret reference which should contain
either a Service Principal password or certificate secret.
properties:
name:
description: Name is unique within a namespace to reference a
secret resource.
type: string
namespace:
description: Namespace defines the space within which the secret
name must be unique.
type: string
type: object
resourceID:
description: User assigned MSI resource id.
type: string
tenantID:
description: Service principal primary tenant id.
type: string
type:
description: UserAssignedMSI or Service Principal
enum:
- ServicePrincipal
- UserAssignedMSI
type: string
required:
- clientID
- tenantID
- type
type: object
status:
description: AzureClusterIdentityStatus defines the observed state of
AzureClusterIdentity.
properties:
conditions:
description: Conditions defines current service state of the AzureClusterIdentity.
items:
description: Condition defines an observation of a Cluster API resource
operational state.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another. This should be when the underlying condition changed.
If that is not known, then using the time when the API field
changed is acceptable.
format: date-time
type: string
message:
description: A human readable message indicating details about
the transition. This field may be empty.
type: string
reason:
description: The reason for the condition's last transition
in CamelCase. The specific API may choose whether or not this
field is considered a guaranteed API. This field may not be
empty.
type: string
severity:
description: Severity provides an explicit classification of
Reason code, so the users or machines can immediately understand
the current situation and act accordingly. The Severity field
MUST be set only when Status=False.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of condition in CamelCase or in foo.example.com/CamelCase.
Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important.
type: string
required:
- status
- type
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
Loading

0 comments on commit f3ad429

Please sign in to comment.