diff --git a/operator/Makefile b/operator/Makefile index 17b5b417..fbc75106 100644 --- a/operator/Makefile +++ b/operator/Makefile @@ -1,4 +1,4 @@ -VERSION ?= 1.3.0 +VERSION ?= 1.4.0 BUILD_VERSION = $(VERSION)+$(shell git rev-parse --short HEAD) BUILD_TIME = $(shell date +%FT%T%z) @@ -163,12 +163,12 @@ docker-buildx: ## Build and push docker image for the manager for cross-platform build-installer: require-img manifests generate kustomize ## Generate a consolidated YAML with CRDs and deployment. mkdir -p dist cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG} - $(KUSTOMIZE) build config/default > dist/install.yaml + $(KUSTOMIZE) build config/default > dist/ais-operator.yaml .PHONY: build-installer-helm build-installer-helm: require-img helm helmify build-installer mkdir -p dist/charts/ - cat dist/install.yaml | $(HELMIFY) dist/charts/ais-operator + cat dist/ais-operator.yaml | $(HELMIFY) dist/charts/ais-operator $(HELM) package dist/charts/ais-operator -d dist/ $(HELM) repo index --url $(REPO)/releases/download/$(VERSION) dist diff --git a/operator/config/crd/kustomization.yaml b/operator/config/crd/kustomization.yaml index 83f54c41..383a98e3 100644 --- a/operator/config/crd/kustomization.yaml +++ b/operator/config/crd/kustomization.yaml @@ -5,16 +5,18 @@ resources: - bases/ais.nvidia.com_aistores.yaml # +kubebuilder:scaffold:crdkustomizeresource -patchesStrategicMerge: +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +patches: +# [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix. +# patches here are for enabling the CA injection for each CRD + - path: patches/cainjection_in_aistores.yaml # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. # patches here are for enabling the conversion webhook for each CRD -#- patches/webhook_in_aistores.yaml -# +kubebuilder:scaffold:crdkustomizewebhookpatch +# - path: patches/webhook_in_aistores.yaml -# [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix. -# patches here are for enabling the CA injection for each CRD -- patches/cainjection_in_aistores.yaml # +kubebuilder:scaffold:crdkustomizecainjectionpatch +# +kubebuilder:scaffold:crdkustomizewebhookpatch # the following config is for teaching kustomize how to do kustomization for CRDs. configurations: diff --git a/operator/config/default/kustomization.yaml b/operator/config/default/kustomization.yaml index 45ae2b8d..a8ee7672 100644 --- a/operator/config/default/kustomization.yaml +++ b/operator/config/default/kustomization.yaml @@ -8,67 +8,58 @@ namespace: ais-operator-system # field above. namePrefix: ais-operator- -# Labels to add to all resources and selectors. -#commonLabels: -# someName: someValue - -bases: -- ../crd -- ../rbac -- ../manager -# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in -# crd/kustomization.yaml -- ../webhook -# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required. -- ../certmanager -# [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. -#- ../prometheus - -patchesStrategicMerge: -# Protect the /metrics endpoint by putting it behind auth. -# If you want your controller-manager to expose the /metrics -# endpoint w/o any authn/z, please comment the following line. -- manager_auth_proxy_patch.yaml - -# Mount the controller config file for loading manager configurations -# through a ComponentConfig type -# - manager_config_patch.yaml - -# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in -# crd/kustomization.yaml -- manager_webhook_patch.yaml - -# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. -# Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks. -# 'CERTMANAGER' needs to be enabled to use ca injection -- webhookcainjection_patch.yaml - -# the following config is for teaching kustomize how to do var substitution vars: -# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix. -- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR +- fieldref: + fieldPath: metadata.namespace + # namespace of the certificate CR + name: CERTIFICATE_NAMESPACE objref: - kind: Certificate - group: cert-manager.io - version: v1 - name: serving-cert # this name should match the one in certificate.yaml - fieldref: - fieldpath: metadata.namespace -- name: CERTIFICATE_NAME + group: cert-manager.io + kind: Certificate + # this name should match the one in certificate.yaml + name: serving-cert + version: v1 +- fieldref: {} + name: CERTIFICATE_NAME objref: - kind: Certificate - group: cert-manager.io - version: v1 - name: serving-cert # this name should match the one in certificate.yaml -- name: SERVICE_NAMESPACE # namespace of the service + group: cert-manager.io + kind: Certificate + # this name should match the one in certificate.yaml + name: serving-cert + version: v1 +- fieldref: + fieldPath: metadata.namespace + name: SERVICE_NAMESPACE objref: kind: Service - version: v1 name: webhook-service - fieldref: - fieldpath: metadata.namespace -- name: SERVICE_NAME + version: v1 +- fieldref: {} + name: SERVICE_NAME objref: kind: Service - version: v1 name: webhook-service + version: v1 +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- ../crd +- ../rbac +- ../manager +# [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. + #- ../prometheus +# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in + # crd/kustomization.yaml +- ../webhook +# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required. +# Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks. +# 'CERTMANAGER' needs to be enabled to use ca injection +- ../certmanager +patches: + # Protect the /metrics endpoint by putting it behind auth. +- path: manager_auth_proxy_patch.yaml +- path: manager_webhook_patch.yaml +- path: webhookcainjection_patch.yaml +# Mount the controller config file for loading manager configurations +# through a ComponentConfig type +# - path: manager_config_patch.yaml