Skip to content

Commit

Permalink
support for OSSMC in the Kiali Operator
Browse files Browse the repository at this point in the history
  • Loading branch information
jmazzitelli committed Oct 13, 2023
1 parent 544472b commit 60a3cce
Show file tree
Hide file tree
Showing 4 changed files with 56 additions and 0 deletions.
24 changes: 24 additions & 0 deletions kiali-operator/crds/crds.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -22,3 +22,27 @@ spec:
type: object
x-kubernetes-preserve-unknown-fields: true
...
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: ossmconsoles.kiali.io
spec:
group: kiali.io
names:
kind: OSSMConsole
listKind: OSSMConsoleList
plural: ossmconsoles
singular: ossmconsole
scope: Namespaced
versions:
- name: v1alpha1
served: true
storage: true
subresources:
status: {}
schema:
openAPIV3Schema:
type: object
x-kubernetes-preserve-unknown-fields: true
...
21 changes: 21 additions & 0 deletions kiali-operator/templates/clusterrole.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -192,6 +192,27 @@ rules:
- patch
- update
- watch
# The permissions below are for OSSMC operator capabilities
- apiGroups: ["console.openshift.io"]
resources:
- consoleplugins
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups: ["operator.openshift.io"]
resources:
- consoles
verbs:
- get
- list
- patch
- update
- watch
# The permissions below are for Kiali itself; operator needs these so it can escalate when creating Kiali's roles
- apiGroups: [""]
resources:
Expand Down
4 changes: 4 additions & 0 deletions kiali-operator/templates/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,8 @@ spec:
value: {{ .Values.allowAdHocKialiNamespace | quote }}
- name: ALLOW_AD_HOC_KIALI_IMAGE
value: {{ .Values.allowAdHocKialiImage | quote }}
- name: ALLOW_AD_HOC_OSSMCONSOLE_IMAGE
value: {{ .Values.allowAdHocOSSMConsoleImage | quote }}
- name: ALLOW_SECURITY_CONTEXT_OVERRIDE
value: {{ .Values.allowSecurityContextOverride | quote }}
- name: ALLOW_ALL_ACCESSIBLE_NAMESPACES
Expand All @@ -90,6 +92,8 @@ spec:
value: {{ .Values.debug.enabled | quote }}
- name: ANSIBLE_VERBOSITY_KIALI_KIALI_IO
value: {{ .Values.debug.verbosity | quote }}
- name: ANSIBLE_VERBOSITY_OSSMCONSOLE_KIALI_IO
value: {{ .Values.debug.verbosity | quote }}
- name: ANSIBLE_CONFIG
{{- if .Values.debug.enableProfiler }}
value: "/opt/ansible/ansible-profiler.cfg"
Expand Down
7 changes: 7 additions & 0 deletions kiali-operator/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,13 @@ allowAdHocKialiNamespace: true
# You may want to disable this if you do not want users to install their own Kiali images.
allowAdHocKialiImage: false

# allowAdHocOSSMConsoleImage tells the operator to allow a user to be able to install a custom OSSMC image as opposed
# to the image the operator will install by default. In other words, it will allow the
# OSSMConsole CR spec.deployment.imageName and spec.deployment.imageVersion to be configured by the user.
# You may want to disable this if you do not want users to install their own OSSMC images.
# This is only applicable when running on OpenShift.
allowAdHocOSSMConsoleImage: false

# allowSecurityContextOverride tells the operator to allow a user to be able to fully override the Kiali
# container securityContext. If this is false, certain securityContext settings must exist on the Kiali
# container and any attempt to override them will be ignored.
Expand Down

0 comments on commit 60a3cce

Please sign in to comment.