From 49faec5dc19f66ea00dba665f60d87f74e21715f Mon Sep 17 00:00:00 2001 From: Peppi-Lotta Date: Wed, 24 Apr 2024 15:29:03 +0300 Subject: [PATCH] Update Kustomize depricated syntax Signed-off-by: Peppi-Lotta --- config/certmanager/certificate.yaml | 8 +- config/crd/kustomization.yaml | 42 +++--- .../cainjection_in_metal3clusters.yaml | 2 +- .../cainjection_in_metal3dataclaims.yaml | 2 +- .../patches/cainjection_in_metal3datas.yaml | 2 +- .../cainjection_in_metal3datatemplates.yaml | 2 +- .../cainjection_in_metal3machines.yaml | 2 +- ...cainjection_in_metal3machinetemplates.yaml | 2 +- .../cainjection_in_metal3remediations.yaml | 2 +- ...jection_in_metal3remediationtemplates.yaml | 2 +- config/default/capm3/kustomization.yaml | 138 +++++++++++++----- .../default/capm3/manager_webhook_patch.yaml | 2 +- .../capm3/webhookcainjection_patch.yaml | 6 +- config/default/kustomization.yaml | 9 +- config/ipam/kustomization.yaml | 6 +- config/manager/kustomization.yaml | 8 +- config/webhook/kustomization.yaml | 6 +- .../provider-components/kustomization.yaml | 6 +- .../centos-kubeadm-config/kustomization.yaml | 4 +- .../ubuntu-kubeadm-config/kustomization.yaml | 4 +- .../kustomization.yaml | 2 +- 21 files changed, 166 insertions(+), 91 deletions(-) diff --git a/config/certmanager/certificate.yaml b/config/certmanager/certificate.yaml index abf6713a78..f26adf2920 100644 --- a/config/certmanager/certificate.yaml +++ b/config/certmanager/certificate.yaml @@ -14,11 +14,11 @@ metadata: name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml namespace: system spec: - # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize + # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize dnsNames: - - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc - - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local + - SERVICE_NAME.SERVICE_NAMESPACE.svc + - SERVICE_NAME.SERVICE_NAMESPACE.svc.cluster.local issuerRef: kind: Issuer name: selfsigned-issuer - secretName: $(SERVICE_NAME)-cert # this secret will not be prefixed, since it's not managed by kustomize + secretName: capm3-webhook-service-cert # this secret will not be prefixed, since it's not managed by kustomize diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml index 085d1581f2..1bd738cf70 100644 --- a/config/crd/kustomization.yaml +++ b/config/crd/kustomization.yaml @@ -4,8 +4,10 @@ kind: Kustomization # since it depends on service name and namespace that are out of this kustomize package. # It should be run by config/default -commonLabels: - cluster.x-k8s.io/v1beta1: v1beta1 +labels: +- includeSelectors: true + pairs: + cluster.x-k8s.io/v1beta1: v1beta1 resources: - bases/infrastructure.cluster.x-k8s.io_metal3clusters.yaml @@ -18,34 +20,34 @@ resources: - bases/infrastructure.cluster.x-k8s.io_metal3remediationtemplates.yaml # +kubebuilder:scaffold:crdkustomizeresource -patchesStrategicMerge: +patches: # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. # patches here are for enabling the conversion webhook for each CRD -- patches/webhook_in_metal3machines.yaml -- patches/webhook_in_metal3clusters.yaml -- patches/webhook_in_metal3machinetemplates.yaml -- patches/webhook_in_metal3datatemplates.yaml -- patches/webhook_in_metal3datas.yaml -- patches/webhook_in_metal3dataclaims.yaml -- patches/webhook_in_metal3remediations.yaml -- patches/webhook_in_metal3remediationtemplates.yaml +- path: patches/webhook_in_metal3machines.yaml +- path: patches/webhook_in_metal3clusters.yaml +- path: patches/webhook_in_metal3machinetemplates.yaml +- path: patches/webhook_in_metal3datatemplates.yaml +- path: patches/webhook_in_metal3datas.yaml +- path: patches/webhook_in_metal3dataclaims.yaml +- path: patches/webhook_in_metal3remediations.yaml +- path: patches/webhook_in_metal3remediationtemplates.yaml # +kubebuilder:scaffold:crdkustomizewebhookpatch # [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix. # patches here are for enabling the CA injection for each CRD -- patches/cainjection_in_metal3machines.yaml -- patches/cainjection_in_metal3clusters.yaml -- patches/cainjection_in_metal3machinetemplates.yaml -- patches/cainjection_in_metal3datatemplates.yaml -- patches/cainjection_in_metal3datas.yaml -- patches/cainjection_in_metal3dataclaims.yaml -- patches/cainjection_in_metal3remediations.yaml -- patches/cainjection_in_metal3remediationtemplates.yaml +- path: patches/cainjection_in_metal3machines.yaml +- path: patches/cainjection_in_metal3clusters.yaml +- path: patches/cainjection_in_metal3machinetemplates.yaml +- path: patches/cainjection_in_metal3datatemplates.yaml +- path: patches/cainjection_in_metal3datas.yaml +- path: patches/cainjection_in_metal3dataclaims.yaml +- path: patches/cainjection_in_metal3remediations.yaml +- path: patches/cainjection_in_metal3remediationtemplates.yaml # +kubebuilder:scaffold:crdkustomizecainjectionpatch # [ANNOTATION] To add CRD name check skip, uncomment the section with [ANNOTATION] prefix. # patch here is for adding an annotation for specific CRD (Metal3Data) -- patches/skipcrdnamecheck_in_metal3datas.yaml +- path: patches/skipcrdnamecheck_in_metal3datas.yaml # the following config is for teaching kustomize how to do kustomization for CRDs. configurations: diff --git a/config/crd/patches/cainjection_in_metal3clusters.yaml b/config/crd/patches/cainjection_in_metal3clusters.yaml index f6d17861b6..010433c119 100644 --- a/config/crd/patches/cainjection_in_metal3clusters.yaml +++ b/config/crd/patches/cainjection_in_metal3clusters.yaml @@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) + cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME name: metal3clusters.infrastructure.cluster.x-k8s.io diff --git a/config/crd/patches/cainjection_in_metal3dataclaims.yaml b/config/crd/patches/cainjection_in_metal3dataclaims.yaml index 7faf0132a8..a7671758c3 100644 --- a/config/crd/patches/cainjection_in_metal3dataclaims.yaml +++ b/config/crd/patches/cainjection_in_metal3dataclaims.yaml @@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) + cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME name: metal3dataclaims.infrastructure.cluster.x-k8s.io diff --git a/config/crd/patches/cainjection_in_metal3datas.yaml b/config/crd/patches/cainjection_in_metal3datas.yaml index 3dc0ef85d3..e8909ad988 100644 --- a/config/crd/patches/cainjection_in_metal3datas.yaml +++ b/config/crd/patches/cainjection_in_metal3datas.yaml @@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) + cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE)/CERTIFICATE_NAME name: metal3datas.infrastructure.cluster.x-k8s.io diff --git a/config/crd/patches/cainjection_in_metal3datatemplates.yaml b/config/crd/patches/cainjection_in_metal3datatemplates.yaml index 025377e9e4..60aec8d555 100644 --- a/config/crd/patches/cainjection_in_metal3datatemplates.yaml +++ b/config/crd/patches/cainjection_in_metal3datatemplates.yaml @@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) + cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME name: metal3datatemplates.infrastructure.cluster.x-k8s.io diff --git a/config/crd/patches/cainjection_in_metal3machines.yaml b/config/crd/patches/cainjection_in_metal3machines.yaml index 5e0641cee8..dc16e8a392 100644 --- a/config/crd/patches/cainjection_in_metal3machines.yaml +++ b/config/crd/patches/cainjection_in_metal3machines.yaml @@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) + cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE)/CERTIFICATE_NAME name: metal3machines.infrastructure.cluster.x-k8s.io diff --git a/config/crd/patches/cainjection_in_metal3machinetemplates.yaml b/config/crd/patches/cainjection_in_metal3machinetemplates.yaml index b4ebc7ebfe..6ded53220c 100644 --- a/config/crd/patches/cainjection_in_metal3machinetemplates.yaml +++ b/config/crd/patches/cainjection_in_metal3machinetemplates.yaml @@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) + cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME name: metal3machinetemplates.infrastructure.cluster.x-k8s.io diff --git a/config/crd/patches/cainjection_in_metal3remediations.yaml b/config/crd/patches/cainjection_in_metal3remediations.yaml index 8bac76d49c..a1d6de29ab 100644 --- a/config/crd/patches/cainjection_in_metal3remediations.yaml +++ b/config/crd/patches/cainjection_in_metal3remediations.yaml @@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) + cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME name: metal3remediations.infrastructure.cluster.x-k8s.io diff --git a/config/crd/patches/cainjection_in_metal3remediationtemplates.yaml b/config/crd/patches/cainjection_in_metal3remediationtemplates.yaml index e7caa6dcad..40a8292468 100644 --- a/config/crd/patches/cainjection_in_metal3remediationtemplates.yaml +++ b/config/crd/patches/cainjection_in_metal3remediationtemplates.yaml @@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) + cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME name: metal3remediationtemplates.infrastructure.cluster.x-k8s.io diff --git a/config/default/capm3/kustomization.yaml b/config/default/capm3/kustomization.yaml index a302e95154..84633c57b3 100644 --- a/config/default/capm3/kustomization.yaml +++ b/config/default/capm3/kustomization.yaml @@ -3,48 +3,120 @@ namespace: capm3-system namePrefix: capm3- resources: - - namespace.yaml +- namespace.yaml +- ../../crd +- ../../rbac +- ../../manager +- ../../webhook +- ../../certmanager -bases: - - ../../crd - - ../../rbac - - ../../manager - - ../../webhook - - ../../certmanager +patches: +- path: manager_image_patch.yaml +- path: manager_pull_policy_patch.yaml +- path: manager_webhook_patch.yaml +- path: webhookcainjection_patch.yaml -patchesStrategicMerge: - - manager_image_patch.yaml - - manager_pull_policy_patch.yaml - - manager_webhook_patch.yaml - - webhookcainjection_patch.yaml - -vars: -- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR - objref: - kind: Certificate +replacements: +- source: + fieldPath: .metadata.namespace group: cert-manager.io - version: v1 - name: serving-cert # this name should match the one in certificate.yaml - fieldref: - fieldpath: metadata.namespace -- name: CERTIFICATE_NAME - objref: kind: Certificate + name: serving-cert + version: v1 + targets: + - fieldPaths: + - .metadata.annotations.[cert-manager.io/inject-ca-from] + options: + create: true + delimiter: / + select: + kind: ValidatingWebhookConfiguration + - fieldPaths: + - .metadata.annotations.[cert-manager.io/inject-ca-from] + options: + create: true + delimiter: / + select: + kind: MutatingWebhookConfiguration + - fieldPaths: + - .metadata.annotations.[cert-manager.io/inject-ca-from] + options: + create: true + delimiter: / + select: + kind: CustomResourceDefinition + reject: + - name: ipaddressclaims.ipam.cluster.x-k8s.io + - name: ipaddresses.ipam.cluster.x-k8s.io + - name: extensionconfigs.runtime.cluster.x-k8s.io +- source: + fieldPath: .metadata.name group: cert-manager.io + kind: Certificate + name: serving-cert version: v1 - name: serving-cert # this name should match the one in certificate.yaml -- name: SERVICE_NAMESPACE # namespace of the service - objref: + targets: + - fieldPaths: + - .metadata.annotations.[cert-manager.io/inject-ca-from] + options: + create: true + delimiter: / + index: 1 + select: + kind: ValidatingWebhookConfiguration + - fieldPaths: + - .metadata.annotations.[cert-manager.io/inject-ca-from] + options: + create: true + delimiter: / + index: 1 + select: + kind: MutatingWebhookConfiguration + - fieldPaths: + - .metadata.annotations.[cert-manager.io/inject-ca-from] + options: + create: true + delimiter: / + index: 1 + select: + kind: CustomResourceDefinition + reject: + - name: ipaddressclaims.ipam.cluster.x-k8s.io + - name: ipaddresses.ipam.cluster.x-k8s.io + - name: extensionconfigs.runtime.cluster.x-k8s.io +- source: + fieldPath: .metadata.name kind: Service - version: v1 name: webhook-service - fieldref: - fieldpath: metadata.namespace -- name: SERVICE_NAME - objref: - kind: Service version: v1 + targets: + - fieldPaths: + - .spec.dnsNames.0 + - .spec.dnsNames.1 + options: + create: true + delimiter: . + select: + group: cert-manager.io + kind: Certificate + version: v1 +- source: + fieldPath: .metadata.namespace + kind: Service name: webhook-service + version: v1 + targets: + - fieldPaths: + - .spec.dnsNames.0 + - .spec.dnsNames.1 + options: + create: true + delimiter: . + index: 1 + select: + group: cert-manager.io + kind: Certificate + version: v1 configurations: - - kustomizeconfig.yaml +- kustomizeconfig.yaml diff --git a/config/default/capm3/manager_webhook_patch.yaml b/config/default/capm3/manager_webhook_patch.yaml index b387eb0eae..2f3750179a 100644 --- a/config/default/capm3/manager_webhook_patch.yaml +++ b/config/default/capm3/manager_webhook_patch.yaml @@ -20,4 +20,4 @@ spec: - name: cert secret: defaultMode: 420 - secretName: $(SERVICE_NAME)-cert + secretName: capm3-webhook-service-cert diff --git a/config/default/capm3/webhookcainjection_patch.yaml b/config/default/capm3/webhookcainjection_patch.yaml index 02ab515d42..ead37fab51 100644 --- a/config/default/capm3/webhookcainjection_patch.yaml +++ b/config/default/capm3/webhookcainjection_patch.yaml @@ -1,15 +1,15 @@ # This patch add annotation to admission webhook config and -# the variables $(CERTIFICATE_NAMESPACE) and $(CERTIFICATE_NAME) will be substituted by kustomize. +# the variables CERTIFICATE_NAMESPACE and CERTIFICATE_NAME will be substituted by kustomize. apiVersion: admissionregistration.k8s.io/v1 kind: MutatingWebhookConfiguration metadata: name: mutating-webhook-configuration annotations: - cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) + cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME --- apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: name: validating-webhook-configuration annotations: - cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) + cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml index d3193e3b47..c0a9a59d18 100644 --- a/config/default/kustomization.yaml +++ b/config/default/kustomization.yaml @@ -1,7 +1,8 @@ - -commonLabels: - cluster.x-k8s.io/provider: "infrastructure-metal3" +labels: +- includeSelectors: true + pairs: + cluster.x-k8s.io/provider: infrastructure-metal3 resources: - capm3 -- ../ipam \ No newline at end of file +- ../ipam diff --git a/config/ipam/kustomization.yaml b/config/ipam/kustomization.yaml index 1905eff8e6..b5e97f6829 100644 --- a/config/ipam/kustomization.yaml +++ b/config/ipam/kustomization.yaml @@ -5,6 +5,6 @@ kind: Kustomization resources: - https://github.com/metal3-io/ip-address-manager/releases/download/v1.7.0-beta.0/ipam-components.yaml -patchesStrategicMerge: - - image_patch.yaml - - pull_policy_patch.yaml +patches: +- path: image_patch.yaml +- path: pull_policy_patch.yaml diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index 28acfccce3..0ab56f5b75 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -2,12 +2,12 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - manager.yaml +- manager.yaml configMapGenerator: -- name: capm3fasttrack-configmap - literals: +- literals: - CAPM3_FAST_TRACK=${CAPM3_FAST_TRACK:='false'} + name: capm3fasttrack-configmap generatorOptions: - disableNameSuffixHash: true + disableNameSuffixHash: true diff --git a/config/webhook/kustomization.yaml b/config/webhook/kustomization.yaml index fbd74f3492..9cf26134e4 100644 --- a/config/webhook/kustomization.yaml +++ b/config/webhook/kustomization.yaml @@ -1,6 +1,6 @@ resources: - - manifests.yaml - - service.yaml +- manifests.yaml +- service.yaml configurations: - - kustomizeconfig.yaml \ No newline at end of file +- kustomizeconfig.yaml diff --git a/examples/provider-components/kustomization.yaml b/examples/provider-components/kustomization.yaml index 08b48db57c..da857b3f74 100644 --- a/examples/provider-components/kustomization.yaml +++ b/examples/provider-components/kustomization.yaml @@ -5,6 +5,6 @@ resources: - bootstrap-components.yaml - ctlplane-components.yaml - infrastructure-components.yaml -patchesStrategicMerge: -- manager_tolerations_patch.yaml -- image_versions_patch.yaml +patches: +- path: manager_tolerations_patch.yaml +- path: image_versions_patch.yaml diff --git a/test/e2e/data/infrastructure-metal3/bases/centos-kubeadm-config/kustomization.yaml b/test/e2e/data/infrastructure-metal3/bases/centos-kubeadm-config/kustomization.yaml index f12a8312fa..2db39cd2ab 100644 --- a/test/e2e/data/infrastructure-metal3/bases/centos-kubeadm-config/kustomization.yaml +++ b/test/e2e/data/infrastructure-metal3/bases/centos-kubeadm-config/kustomization.yaml @@ -1,4 +1,4 @@ resources: - ../cluster -patchesStrategicMerge: - - centos-kubeadm-config.yaml \ No newline at end of file +patches: +- path: centos-kubeadm-config.yaml diff --git a/test/e2e/data/infrastructure-metal3/bases/ubuntu-kubeadm-config/kustomization.yaml b/test/e2e/data/infrastructure-metal3/bases/ubuntu-kubeadm-config/kustomization.yaml index e918c4bc91..c5b32e2845 100644 --- a/test/e2e/data/infrastructure-metal3/bases/ubuntu-kubeadm-config/kustomization.yaml +++ b/test/e2e/data/infrastructure-metal3/bases/ubuntu-kubeadm-config/kustomization.yaml @@ -1,5 +1,5 @@ resources: - ../cluster -patchesStrategicMerge: - - ubuntu-kubeadm-config.yaml \ No newline at end of file +patches: +- path: ubuntu-kubeadm-config.yaml diff --git a/test/e2e/data/infrastructure-metal3/cluster-template-ubuntu/kustomization.yaml b/test/e2e/data/infrastructure-metal3/cluster-template-ubuntu/kustomization.yaml index 944b06a702..8efc4f4af4 100644 --- a/test/e2e/data/infrastructure-metal3/cluster-template-ubuntu/kustomization.yaml +++ b/test/e2e/data/infrastructure-metal3/cluster-template-ubuntu/kustomization.yaml @@ -1,3 +1,3 @@ resources: - ../bases/ippool -- ../bases/ubuntu-kubeadm-config \ No newline at end of file +- ../bases/ubuntu-kubeadm-config