diff --git a/.gitattributes b/.gitattributes index 9113a887..5c703514 100644 --- a/.gitattributes +++ b/.gitattributes @@ -7,6 +7,6 @@ PROJECT linguist-generated=true api/v1alpha1/zz_generated.deepcopy.go linguist-generated=true # These files are generated by kubebuilder. See Makefile for details. -helm/ingress-controller/templates/crds/** linguist-generated=true -helm/ingress-controller/templates/rbac/role.yaml linguist-generated=true +helm/ngrok-operator/templates/crds/** linguist-generated=true +helm/ngrok-operator/templates/rbac/role.yaml linguist-generated=true manifest-bundle.yaml linguist-generated=true diff --git a/.github/ISSUE_TEMPLATE/controller_bug_report.yaml b/.github/ISSUE_TEMPLATE/controller_bug_report.yaml index 81fe44bc..9a881553 100644 --- a/.github/ISSUE_TEMPLATE/controller_bug_report.yaml +++ b/.github/ISSUE_TEMPLATE/controller_bug_report.yaml @@ -9,7 +9,7 @@ body: Thanks for taking the time to fill out this bug report! Note, you do not need to create an issue if you have a change ready to submit. - You can open a [pull request](https://github.com/ngrok/kubernetes-ingress-controller/pulls) immediately instead. + You can open a [pull request](https://github.com/ngrok/ngrok-operator/pulls) immediately instead. - type: input attributes: label: Kubernetes Version @@ -41,7 +41,7 @@ body: label: Kubernetes Logs description: We want to see relevant kubernetes logs showing error messages or helpful debugging information placeholder: > - Run `kubectl logs -l app.kubernetes.io/name=kubernetes-ingress-controller` and copy the output here. + Run `kubectl logs -l app.kubernetes.io/name=ngrok-operator` and copy the output here. validations: required: true - type: textarea diff --git a/.github/ISSUE_TEMPLATE/helm_bug_report.yaml b/.github/ISSUE_TEMPLATE/helm_bug_report.yaml index 8088cb5f..e65b92a5 100644 --- a/.github/ISSUE_TEMPLATE/helm_bug_report.yaml +++ b/.github/ISSUE_TEMPLATE/helm_bug_report.yaml @@ -9,7 +9,7 @@ body: Thanks for taking the time to fill out this bug report! Note, you do not need to create an issue if you have a change ready to submit. - You can open a [pull request](https://github.com/ngrok/kubernetes-ingress-controller/pulls) immediately instead. + You can open a [pull request](https://github.com/ngrok/ngrok-operator/pulls) immediately instead. - type: input attributes: label: Kubernetes Version diff --git a/.github/labeler.yml b/.github/labeler.yml index 9831cf76..8288ddec 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -11,7 +11,7 @@ area/helm-chart: area/release: - docs/releases.md - VERSION -- helm/ingress-controller/Chart.yaml +- helm/ngrok-operator/Chart.yaml documentation: - docs/**/* diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index ea022a3e..1f0251af 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -29,9 +29,9 @@ jobs: with: filters: | chartyaml: - - 'helm/ingress-controller/Chart.yaml' + - 'helm/ngrok-operator/Chart.yaml' charts: - - 'helm/ingress-controller/**' + - 'helm/ngrok-operator/**' - 'scripts/e2e.sh' go: - '**.go' @@ -86,7 +86,7 @@ jobs: context: . platforms: ${{ steps.buildx-setup.outputs.platforms }} push: false - tags: ngrok/kubernetes-ingress-controller:latest + tags: ngrok/ngrok-operator:latest go-mod-tidy: name: Go Mod Tidy Check diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml index 84170c1f..074144c6 100644 --- a/.github/workflows/docker.yaml +++ b/.github/workflows/docker.yaml @@ -18,7 +18,7 @@ jobs: permissions: contents: read pull-requests: read - if: github.repository == 'ngrok/kubernetes-ingress-controller' + if: github.repository == 'ngrok/ngrok-operator' steps: - name: Checkout repo uses: actions/checkout@v3 @@ -39,7 +39,7 @@ jobs: needs: - changes if: | - github.repository == 'ngrok/kubernetes-ingress-controller' && + github.repository == 'ngrok/ngrok-operator' && github.event_name == 'push' && github.ref == 'refs/heads/main' steps: @@ -67,7 +67,7 @@ jobs: context: . platforms: ${{ steps.buildx-setup.outputs.platforms }} push: true - tags: ngrok/kubernetes-ingress-controller:latest + tags: ngrok/ngrok-operator:latest - name: Build and push tag'd docker image uses: docker/build-push-action@v3 if: ${{ needs.changes.outputs.tag == 'true' }} @@ -75,7 +75,7 @@ jobs: context: . platforms: ${{ steps.buildx-setup.outputs.platforms }} push: true - tags: ngrok/kubernetes-ingress-controller:${{ steps.extract_tag.outputs.tag }} + tags: ngrok/ngrok-operator:${{ steps.extract_tag.outputs.tag }} - name: Create GitHub Release uses: actions/github-script@v6 if: ${{ needs.changes.outputs.tag == 'true' }} @@ -86,8 +86,8 @@ jobs: const release = await github.rest.repos.createRelease({ owner: context.repo.owner, repo: context.repo.repo, - tag_name: `kubernetes-ingress-controller-${tag}`, - name: `kubernetes-ingress-controller-${tag}`, + tag_name: `ngrok-operator-${tag}`, + name: `ngrok-operator-${tag}`, body: `${tag}`, draft: false, prerelease: false diff --git a/.github/workflows/generate-chart-readme.yaml b/.github/workflows/generate-chart-readme.yaml index bfae8720..6e659e65 100644 --- a/.github/workflows/generate-chart-readme.yaml +++ b/.github/workflows/generate-chart-readme.yaml @@ -23,13 +23,8 @@ jobs: repository: ${{github.event.pull_request.head.repo.full_name}} token: ${{ secrets.GITHUB_TOKEN }} - name: Execute readme-generator-for-helm - working-directory: helm/ingress-controller + working-directory: helm/ngrok-operator run: | - # Using the Github API to detect the files changed as git merge-base stops working when the branch is behind - # and jitterbit/get-changed-files does not support pull_request_target - URL="https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/files" - files_changed_data=$(curl -s --header 'authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' -X GET -G "$URL") - files_changed="$(echo $files_changed_data | jq -r '.[] | .filename')" readme-generator --values "values.yaml" --readme "README.md" --schema "/tmp/schema.json" - name: Push changes uses: stefanzweifel/git-auto-commit-action@v4 diff --git a/.github/workflows/generate-full-install-manifests.yaml b/.github/workflows/generate-full-install-manifests.yaml index 44c31c5c..47b4843f 100644 --- a/.github/workflows/generate-full-install-manifests.yaml +++ b/.github/workflows/generate-full-install-manifests.yaml @@ -2,6 +2,8 @@ name: 'Generate full install manifests' on: push: + # TODO(operator-rename): Change this to main at some point so that we update the manifest bundle. + # This will need to be run post-release. branches: - alex/single-manifest-file # paths: @@ -31,9 +33,9 @@ jobs: token: ${{ secrets.GITHUB_TOKEN }} - name: Run helm template run: | - helm template ingress-controller helm/ingress-controller \ - -n ngrok-ingress-controller \ - --set credentials.secret.name="ngrok-ingress-controller-credentials" > manifest-bundle.yaml + helm template ngrok-operator helm/ngrok-operator \ + -n ngrok-operator \ + --set credentials.secret.name="ngrok-operator-credentials" > manifest-bundle.yaml - name: Push changes uses: stefanzweifel/git-auto-commit-action@v4 with: diff --git a/.github/workflows/helm_release.yaml b/.github/workflows/helm_release.yaml index b55d51f9..65e299be 100644 --- a/.github/workflows/helm_release.yaml +++ b/.github/workflows/helm_release.yaml @@ -5,7 +5,7 @@ on: branches: - main paths: - - 'helm/ingress-controller/Chart.yaml' + - 'helm/ngrok-operator/Chart.yaml' jobs: changes: @@ -17,6 +17,7 @@ jobs: permissions: contents: read pull-requests: read + # TODO(operator-rename): Change this to ngrok/ngrok-operator when we are ready to release the helm chart if: github.repository == 'ngrok/kubernetes-ingress-controller' steps: - name: Checkout repo @@ -27,7 +28,7 @@ jobs: with: filters: | charts: - - 'helm/ingress-controller/Chart.yaml' + - 'helm/ngrok-operator/Chart.yaml' chart: name: Release Chart @@ -36,6 +37,7 @@ jobs: permissions: contents: write # need to write releases needs: [changes] + # TODO(operator-rename): Change this to ngrok/ngrok-operator when we are ready to release the helm chart if: | (github.repository == 'ngrok/kubernetes-ingress-controller') && (needs.changes.outputs.charts == 'true') diff --git a/.github/workflows/install-relased-helm.yaml b/.github/workflows/install-relased-helm.yaml index 2c874143..72da8e7d 100644 --- a/.github/workflows/install-relased-helm.yaml +++ b/.github/workflows/install-relased-helm.yaml @@ -18,7 +18,7 @@ jobs: k8s_version: [ 'v1.28.13', 'v1.29.8', 'v1.30.4', 'v1.31.0' ] max-parallel: 2 env: - NAMESPACE: ngrok-ingress-controller + NAMESPACE: ngrok-operator steps: - uses: actions/checkout@v4 - name: Install Helm @@ -42,8 +42,9 @@ jobs: NGROK_AUTHTOKEN: "SOME_AUTHTOKEN" # For now, these don't matter, mainly testing that it pulls the image and can get the CRDs NGROK_API_KEY: "SOME_API_KEY" timeout-minutes: 10 + # TODO(operator-rename): Change this to ngrok/ngrok-operator when we are ready to release the helm chart run: | - helm install ngrok-ingress-controller ngrok/kubernetes-ingress-controller \ + helm install ngrok-operator ngrok/ngrok-operator \ --namespace $NAMESPACE \ --create-namespace \ --set credentials.apiKey=$NGROK_API_KEY \ @@ -51,7 +52,7 @@ jobs: --version ${{ inputs.chart_version }} - name: Sleep for 30 seconds for startup run: sleep 30 - - name: Report pods # Expected to see the ingress-controller crashlooping. See above comment. + - name: Report pods # Expected to see the operator crashlooping. See above comment. run: kubectl get pods --all-namespaces - name: Try to list CRs of the CRDs we installed run: | @@ -60,7 +61,7 @@ jobs: kubectl get httpsedges.ingress.k8s.ngrok.com kubectl get tlsedges.ingress.k8s.ngrok.com kubectl get tcpedges.ingress.k8s.ngrok.com - - name: Show logs of the ingress-controller + - name: Show logs of the ngrok-operator continue-on-error: true run: | kubectl -n $NAMESPACE logs --selector='app.kubernetes.io/component=controller' --tail=100 diff --git a/.github/workflows/pr-comments.yaml b/.github/workflows/pr-comments.yaml index fb6de5a2..64b4f1cb 100644 --- a/.github/workflows/pr-comments.yaml +++ b/.github/workflows/pr-comments.yaml @@ -27,9 +27,9 @@ jobs: with: filters: | chartyaml: - - 'helm/ingress-controller/Chart.yaml' + - 'helm/ngrok-operator/Chart.yaml' charts: - - 'helm/ingress-controller/**' + - 'helm/ngrok-operator/**' - 'scripts/e2e.sh' go: - '**.go' diff --git a/CHANGELOG.md b/CHANGELOG.md index 04d7b240..f2dc684f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,80 +6,80 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## 0.12.2 -**Full Changelog**: https://github.com/ngrok/kubernetes-ingress-controller/compare/kubernetes-ingress-controller-0.12.1...kubernetes-ingress-controller-0.12.2 +**Full Changelog**: https://github.com/ngrok/ngrok-operator/compare/kubernetes-ingress-controller-0.12.1...kubernetes-ingress-controller-0.12.2 ### Added -- feat: Ability to specify cluster domain [#339](https://github.com/ngrok/kubernetes-ingress-controller/pull/339). Thank you, @fr6nco ! -- feat: Support for wildcard domains [#412](https://github.com/ngrok/kubernetes-ingress-controller/pull/412) +- feat: Ability to specify cluster domain [#339](https://github.com/ngrok/ngrok-operator/pull/339). Thank you, @fr6nco ! +- feat: Support for wildcard domains [#412](https://github.com/ngrok/ngrok-operator/pull/412) ### Changed -- chore: Clean up predicate filters [#409](https://github.com/ngrok/kubernetes-ingress-controller/pull/409) -- refactor: Easier to read driver seed [#411](https://github.com/ngrok/kubernetes-ingress-controller/pull/411) +- chore: Clean up predicate filters [#409](https://github.com/ngrok/ngrok-operator/pull/409) +- refactor: Easier to read driver seed [#411](https://github.com/ngrok/ngrok-operator/pull/411) ### Fixed -- fix(store): Multiple ingress rules per ingress not working [#413](https://github.com/ngrok/kubernetes-ingress-controller/pull/413) +- fix(store): Multiple ingress rules per ingress not working [#413](https://github.com/ngrok/ngrok-operator/pull/413) ## 0.12.1 -**Full Changelog**: https://github.com/ngrok/kubernetes-ingress-controller/compare/kubernetes-ingress-controller-0.12.0...kubernetes-ingress-controller-0.12.1 +**Full Changelog**: https://github.com/ngrok/ngrok-operator/compare/kubernetes-ingress-controller-0.12.0...kubernetes-ingress-controller-0.12.1 ### Fixed -- fix(service-controller): Updates not working [#406](https://github.com/ngrok/kubernetes-ingress-controller/pull/406) -- fix: Deleting ngrok LoadBalancer services hanging [#404](https://github.com/ngrok/kubernetes-ingress-controller/pull/404) +- fix(service-controller): Updates not working [#406](https://github.com/ngrok/ngrok-operator/pull/406) +- fix: Deleting ngrok LoadBalancer services hanging [#404](https://github.com/ngrok/ngrok-operator/pull/404) ## 0.12.0 -**Full Changelog**: https://github.com/ngrok/kubernetes-ingress-controller/compare/kubernetes-ingress-controller-0.11.0...kubernetes-ingress-controller-0.12.0 +**Full Changelog**: https://github.com/ngrok/ngrok-operator/compare/kubernetes-ingress-controller-0.11.0...kubernetes-ingress-controller-0.12.0 ### Added -- feat: Auto-provision domain for TLS Edges [#386](https://github.com/ngrok/kubernetes-ingress-controller/pull/386) -- feat: Support for Load Balancer services [#387](https://github.com/ngrok/kubernetes-ingress-controller/pull/387) -- feat: Support TLS termination in modulesets for Load Balancer Services [388](https://github.com/ngrok/kubernetes-ingress-controller/pull/388) +- feat: Auto-provision domain for TLS Edges [#386](https://github.com/ngrok/ngrok-operator/pull/386) +- feat: Support for Load Balancer services [#387](https://github.com/ngrok/ngrok-operator/pull/387) +- feat: Support TLS termination in modulesets for Load Balancer Services [388](https://github.com/ngrok/ngrok-operator/pull/388) ### Changed -- Switching over README to Operator [#351](https://github.com/ngrok/kubernetes-ingress-controller/pull/351) -- chore: Remove custom code for non leader-elected controllers [#383](https://github.com/ngrok/kubernetes-ingress-controller/pull/383) -- refactor: annotations parsers to handle client.Object instead of just networking.Ingress by [#384](https://github.com/ngrok/kubernetes-ingress-controller/pull/384) -- chore: Turn on golangci-lint [#385](https://github.com/ngrok/kubernetes-ingress-controller/pull/385) +- Switching over README to Operator [#351](https://github.com/ngrok/ngrok-operator/pull/351) +- chore: Remove custom code for non leader-elected controllers [#383](https://github.com/ngrok/ngrok-operator/pull/383) +- refactor: annotations parsers to handle client.Object instead of just networking.Ingress by [#384](https://github.com/ngrok/ngrok-operator/pull/384) +- chore: Turn on golangci-lint [#385](https://github.com/ngrok/ngrok-operator/pull/385) ### Fixed -- fix: TLSEdge not reconciling changes to hostports [#390](https://github.com/ngrok/kubernetes-ingress-controller/pull/390) -- assign tunnel group lable by httproute namespace [#393](https://github.com/ngrok/kubernetes-ingress-controller/pull/393) +- fix: TLSEdge not reconciling changes to hostports [#390](https://github.com/ngrok/ngrok-operator/pull/390) +- assign tunnel group lable by httproute namespace [#393](https://github.com/ngrok/ngrok-operator/pull/393) ## 0.11.0 -**Full Changelog**: https://github.com/ngrok/kubernetes-ingress-controller/compare/kubernetes-ingress-controller-0.10.4...kubernetes-ingress-controller-0.11.0 +**Full Changelog**: https://github.com/ngrok/ngrok-operator/compare/kubernetes-ingress-controller-0.10.4...kubernetes-ingress-controller-0.11.0 ### Added -- create policy kind [#361](https://github.com/ngrok/kubernetes-ingress-controller/pull/361) -- initial policy controller update [#364](https://github.com/ngrok/kubernetes-ingress-controller/pull/364) -- root-cas setting [#371](https://github.com/ngrok/kubernetes-ingress-controller/pull/371) +- create policy kind [#361](https://github.com/ngrok/ngrok-operator/pull/361) +- initial policy controller update [#364](https://github.com/ngrok/ngrok-operator/pull/364) +- root-cas setting [#371](https://github.com/ngrok/ngrok-operator/pull/371) Takes an install option for --set rootCAs=host and plumb the isHostCA check into the caCerts for it to just get the host certs. -- feat: Add support for mutualTLS [#373](https://github.com/ngrok/kubernetes-ingress-controller/pull/373) -- Add GatewayClass to cachestore [#376](https://github.com/ngrok/kubernetes-ingress-controller/pull/376) -- Add extensionRef support for policy crd inclusion [#377](https://github.com/ngrok/kubernetes-ingress-controller/pull/377 +- feat: Add support for mutualTLS [#373](https://github.com/ngrok/ngrok-operator/pull/373) +- Add GatewayClass to cachestore [#376](https://github.com/ngrok/ngrok-operator/pull/376) +- Add extensionRef support for policy crd inclusion [#377](https://github.com/ngrok/ngrok-operator/pull/377 ) ### Changed -- ngrok client api update [#367](https://github.com/ngrok/kubernetes-ingress-controller/pull/367) -- switch edge kinds to raw json policy [#368](https://github.com/ngrok/kubernetes-ingress-controller/pull/368) -- modules to traffic policy [#370](https://github.com/ngrok/kubernetes-ingress-controller/pull/370) -- Update nix flake, go version, and Makefile dep versions [#379](https://github.com/ngrok/kubernetes-ingress-controller/pull/379) +- ngrok client api update [#367](https://github.com/ngrok/ngrok-operator/pull/367) +- switch edge kinds to raw json policy [#368](https://github.com/ngrok/ngrok-operator/pull/368) +- modules to traffic policy [#370](https://github.com/ngrok/ngrok-operator/pull/370) +- Update nix flake, go version, and Makefile dep versions [#379](https://github.com/ngrok/ngrok-operator/pull/379) ### Fixes -- fix: panics in oauth providers [#374](https://github.com/ngrok/kubernetes-ingress-controller/pull/374) -- Handle non-existent backend IDs more gracefully [#380](https://github.com/ngrok/kubernetes-ingress-controller/pull/380) -- Fixes not all reserved addrs being returned while iterating [#381](https://github.com/ngrok/kubernetes-ingress-controller/pull/381) +- fix: panics in oauth providers [#374](https://github.com/ngrok/ngrok-operator/pull/374) +- Handle non-existent backend IDs more gracefully [#380](https://github.com/ngrok/ngrok-operator/pull/380) +- Fixes not all reserved addrs being returned while iterating [#381](https://github.com/ngrok/ngrok-operator/pull/381) ## 0.10.4 @@ -113,149 +113,149 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Added -- Support for [Traffic Policies](https://ngrok.com/docs/http/traffic-policy/) [#334](https://github.com/ngrok/kubernetes-ingress-controller/pull/334) -- Support for [Application protocol](https://kubernetes.io/docs/concepts/services-networking/service/#application-protocol) on target services to support HTTP/2. [#323](https://github.com/ngrok/kubernetes-ingress-controller/pull/323) +- Support for [Traffic Policies](https://ngrok.com/docs/http/traffic-policy/) [#334](https://github.com/ngrok/ngrok-operator/pull/334) +- Support for [Application protocol](https://kubernetes.io/docs/concepts/services-networking/service/#application-protocol) on target services to support HTTP/2. [#323](https://github.com/ngrok/ngrok-operator/pull/323) ### Fixed -- The `Status.LoadBalancer[].Hostname` field is now propagated from `Domain` CNAME status updates. [#342](https://github.com/ngrok/kubernetes-ingress-controller/pull/342) +- The `Status.LoadBalancer[].Hostname` field is now propagated from `Domain` CNAME status updates. [#342](https://github.com/ngrok/ngrok-operator/pull/342) ## 0.10.1 ### Fixed -- IPPolicy controller wasn't applying the attached rules, leaving the IP policy in its current state [#315](https://github.com/ngrok/kubernetes-ingress-controller/pull/315) +- IPPolicy controller wasn't applying the attached rules, leaving the IP policy in its current state [#315](https://github.com/ngrok/ngrok-operator/pull/315) ## 0.10.0 ### Added -- TLSEdge CRD, see the [TCP and TLS Edges Guide](https://github.com/ngrok/kubernetes-ingress-controller/blob/main/docs/user-guide/tcp-tls-edges.md) for more details. +- TLSEdge CRD, see the [TCP and TLS Edges Guide](https://github.com/ngrok/ngrok-operator/blob/main/docs/user-guide/tcp-tls-edges.md) for more details. ### Fixed -- Added support for TLS Renegotiation for backends that use it [#314](https://github.com/ngrok/kubernetes-ingress-controller/pull/314) +- Added support for TLS Renegotiation for backends that use it [#314](https://github.com/ngrok/ngrok-operator/pull/314) ## 0.9.1 ### Fixed -- Send FQDN in SNI when using backend https [#304](https://github.com/ngrok/kubernetes-ingress-controller/pull/304) +- Send FQDN in SNI when using backend https [#304](https://github.com/ngrok/ngrok-operator/pull/304) ## 0.9.0 ### Changed -- Update ngrok-go to 1.4.0 [#298](https://github.com/ngrok/kubernetes-ingress-controller/pull/298) -- Tunnels are now unique in their respective namespace, not across the cluster [#281](https://github.com/ngrok/kubernetes-ingress-controller/pull/281) -- The CRs that ingress controller creates are uniquely marked and managed by it. Other CRs created manually are no longer deleted when the ingress controller is not using them [#267](https://github.com/ngrok/kubernetes-ingress-controller/issues/267); fixed for tunnel in [#285](https://github.com/ngrok/kubernetes-ingress-controller/pull/285) and for https edges in [#286](https://github.com/ngrok/kubernetes-ingress-controller/pull/286) -- Better error handling and retry, specifically for the case where we try to create an https edge for a domain which is not created yet [#283](https://github.com/ngrok/kubernetes-ingress-controller/issues/283); fixed in [#288](https://github.com/ngrok/kubernetes-ingress-controller/pull/288) -- Watch and apply ngrok module set CR changes [#287](https://github.com/ngrok/kubernetes-ingress-controller/issues/287); fixed in [#290](https://github.com/ngrok/kubernetes-ingress-controller/pull/290) -- Label https edges and tunnels with service UID to make them more unique within ngrok [#291](https://github.com/ngrok/kubernetes-ingress-controller/issues/291); fixed in [#293](https://github.com/ngrok/kubernetes-ingress-controller/pull/293) and [#302](https://github.com/ngrok/kubernetes-ingress-controller/pull/302) +- Update ngrok-go to 1.4.0 [#298](https://github.com/ngrok/ngrok-operator/pull/298) +- Tunnels are now unique in their respective namespace, not across the cluster [#281](https://github.com/ngrok/ngrok-operator/pull/281) +- The CRs that ingress controller creates are uniquely marked and managed by it. Other CRs created manually are no longer deleted when the ingress controller is not using them [#267](https://github.com/ngrok/ngrok-operator/issues/267); fixed for tunnel in [#285](https://github.com/ngrok/ngrok-operator/pull/285) and for https edges in [#286](https://github.com/ngrok/ngrok-operator/pull/286) +- Better error handling and retry, specifically for the case where we try to create an https edge for a domain which is not created yet [#283](https://github.com/ngrok/ngrok-operator/issues/283); fixed in [#288](https://github.com/ngrok/ngrok-operator/pull/288) +- Watch and apply ngrok module set CR changes [#287](https://github.com/ngrok/ngrok-operator/issues/287); fixed in [#290](https://github.com/ngrok/ngrok-operator/pull/290) +- Label https edges and tunnels with service UID to make them more unique within ngrok [#291](https://github.com/ngrok/ngrok-operator/issues/291); fixed in [#293](https://github.com/ngrok/ngrok-operator/pull/293) and [#302](https://github.com/ngrok/ngrok-operator/pull/302) ### Fixed -- The controller stopping at the first resource create [#270](https://github.com/ngrok/kubernetes-ingress-controller/pull/270) -- Using `make deploy` now requires `NGROK_AUTHTOKEN` and `NGROK_API_KEY` to be set [#292](https://github.com/ngrok/kubernetes-ingress-controller/pull/292) +- The controller stopping at the first resource create [#270](https://github.com/ngrok/ngrok-operator/pull/270) +- Using `make deploy` now requires `NGROK_AUTHTOKEN` and `NGROK_API_KEY` to be set [#292](https://github.com/ngrok/ngrok-operator/pull/292) ## 0.8.1 ### Fixed -- Handle special case for changing auth types that causes an error during state transition [#259](https://github.com/ngrok/kubernetes-ingress-controller/pull/259) -- Handle IP Policy CRD state transitions in a safer way [#260](https://github.com/ngrok/kubernetes-ingress-controller/pull/260) -- Better handling when changing pathType between 'Exact' and 'Prefix' [#262](https://github.com/ngrok/kubernetes-ingress-controller/pull/262) +- Handle special case for changing auth types that causes an error during state transition [#259](https://github.com/ngrok/ngrok-operator/pull/259) +- Handle IP Policy CRD state transitions in a safer way [#260](https://github.com/ngrok/ngrok-operator/pull/260) +- Better handling when changing pathType between 'Exact' and 'Prefix' [#262](https://github.com/ngrok/ngrok-operator/pull/262) ## 0.8.0 ### Changed -- tunneldriver: plumb the version through ngrok-go [#228](https://github.com/ngrok/kubernetes-ingress-controller/pull/228) -- Support HTTPS backends via service annotation [#238](https://github.com/ngrok/kubernetes-ingress-controller/pull/238) +- tunneldriver: plumb the version through ngrok-go [#228](https://github.com/ngrok/ngrok-operator/pull/228) +- Support HTTPS backends via service annotation [#238](https://github.com/ngrok/ngrok-operator/pull/238) ### Fixed -- Initialize route backends after module updates [#243](https://github.com/ngrok/kubernetes-ingress-controller/pull/243) -- validate ip restriction rules, before creating the route [#241](https://github.com/ngrok/kubernetes-ingress-controller/pull/241) -- Don't shadow remoteIPPolicies [#230](https://github.com/ngrok/kubernetes-ingress-controller/pull/230) -- resolve some linter warnings [#229](https://github.com/ngrok/kubernetes-ingress-controller/pull/229) +- Initialize route backends after module updates [#243](https://github.com/ngrok/ngrok-operator/pull/243) +- validate ip restriction rules, before creating the route [#241](https://github.com/ngrok/ngrok-operator/pull/241) +- Don't shadow remoteIPPolicies [#230](https://github.com/ngrok/ngrok-operator/pull/230) +- resolve some linter warnings [#229](https://github.com/ngrok/ngrok-operator/pull/229) ### Documentation -- Use direnv layout feature [#248](https://github.com/ngrok/kubernetes-ingress-controller/pull/248) -- chore(readme): improve structure and content [#246](https://github.com/ngrok/kubernetes-ingress-controller/pull/246) -- Added direnv and a nix devshell [#227](https://github.com/ngrok/kubernetes-ingress-controller/pull/227) +- Use direnv layout feature [#248](https://github.com/ngrok/ngrok-operator/pull/248) +- chore(readme): improve structure and content [#246](https://github.com/ngrok/ngrok-operator/pull/246) +- Added direnv and a nix devshell [#227](https://github.com/ngrok/ngrok-operator/pull/227) ### Testing Improvements -- fix route modules, using ngrokmoduleset instead [#239](https://github.com/ngrok/kubernetes-ingress-controller/pull/239) -- Use raw yq output, split e2e runner from deployment [#235](https://github.com/ngrok/kubernetes-ingress-controller/pull/235) -- Added e2e config init script [#234](https://github.com/ngrok/kubernetes-ingress-controller/pull/234) -- Some updates to handle different cases for e2e run [#226](https://github.com/ngrok/kubernetes-ingress-controller/pull/226). +- fix route modules, using ngrokmoduleset instead [#239](https://github.com/ngrok/ngrok-operator/pull/239) +- Use raw yq output, split e2e runner from deployment [#235](https://github.com/ngrok/ngrok-operator/pull/235) +- Added e2e config init script [#234](https://github.com/ngrok/ngrok-operator/pull/234) +- Some updates to handle different cases for e2e run [#226](https://github.com/ngrok/ngrok-operator/pull/226). ## 0.7.0 ### Changed -- Don't log errors on normal connection closing [#206](https://github.com/ngrok/kubernetes-ingress-controller/pull/206). -- Updated `golang.org/x/net` to `0.9.0` [#215](https://github.com/ngrok/kubernetes-ingress-controller/pull/215). +- Don't log errors on normal connection closing [#206](https://github.com/ngrok/ngrok-operator/pull/206). +- Updated `golang.org/x/net` to `0.9.0` [#215](https://github.com/ngrok/ngrok-operator/pull/215). ### Fixed -- Add support for named service ports [#222](https://github.com/ngrok/kubernetes-ingress-controller/pull/222). +- Add support for named service ports [#222](https://github.com/ngrok/ngrok-operator/pull/222). ## 0.6.0 ### Changed -- Added Ingress controller version to user-agent [#198](https://github.com/ngrok/kubernetes-ingress-controller/pull/198). -- Don't default to development mode for logging [#199](https://github.com/ngrok/kubernetes-ingress-controller/pull/199). +- Added Ingress controller version to user-agent [#198](https://github.com/ngrok/ngrok-operator/pull/198). +- Don't default to development mode for logging [#199](https://github.com/ngrok/ngrok-operator/pull/199). ### Fixed -- Leaking TCP connections for every tunnel dial [#203](https://github.com/ngrok/kubernetes-ingress-controller/pull/203). +- Leaking TCP connections for every tunnel dial [#203](https://github.com/ngrok/ngrok-operator/pull/203). ## 0.5.0 ### Changed -- Bumped go version to 1.20 [#167](https://github.com/ngrok/kubernetes-ingress-controller/pull/167) -- Refactored Route Module Updates to be lazy [#168](https://github.com/ngrok/kubernetes-ingress-controller/pull/168) -- Annotations for configuration have been removed in favor of grouping module configurations together in `NgrokModuleSet` custom resources [#170](https://github.com/ngrok/kubernetes-ingress-controller/pull/170) +- Bumped go version to 1.20 [#167](https://github.com/ngrok/ngrok-operator/pull/167) +- Refactored Route Module Updates to be lazy [#168](https://github.com/ngrok/ngrok-operator/pull/168) +- Annotations for configuration have been removed in favor of grouping module configurations together in `NgrokModuleSet` custom resources [#170](https://github.com/ngrok/ngrok-operator/pull/170) ### Added -- Ran go mod tidy and added check to make sure its tidy before merge [#166](https://github.com/ngrok/kubernetes-ingress-controller/pull/166) -- Added `NgrokModuleSet` CRD [#170](https://github.com/ngrok/kubernetes-ingress-controller/pull/170) -- Added support for Circuit Breaker route module [#171](https://github.com/ngrok/kubernetes-ingress-controller/pull/171) -- Added support for OIDC route module [#173](https://github.com/ngrok/kubernetes-ingress-controller/pull/173) -- Added support for SAML route module [#186](https://github.com/ngrok/kubernetes-ingress-controller/pull/186) -- Added support for OAuth route module [#192](https://github.com/ngrok/kubernetes-ingress-controller/pull/192) +- Ran go mod tidy and added check to make sure its tidy before merge [#166](https://github.com/ngrok/ngrok-operator/pull/166) +- Added `NgrokModuleSet` CRD [#170](https://github.com/ngrok/ngrok-operator/pull/170) +- Added support for Circuit Breaker route module [#171](https://github.com/ngrok/ngrok-operator/pull/171) +- Added support for OIDC route module [#173](https://github.com/ngrok/ngrok-operator/pull/173) +- Added support for SAML route module [#186](https://github.com/ngrok/ngrok-operator/pull/186) +- Added support for OAuth route module [#192](https://github.com/ngrok/ngrok-operator/pull/192) ## 0.4.0 ### Changed -- When no region override is passed to helm, the controller now does not default to the US and instead uses the closes geographic edge servers [#160](https://github.com/ngrok/kubernetes-ingress-controller/pull/160) -- Ingress Class has Default set to false [#109](https://github.com/ngrok/kubernetes-ingress-controller/pull/109) +- When no region override is passed to helm, the controller now does not default to the US and instead uses the closes geographic edge servers [#160](https://github.com/ngrok/ngrok-operator/pull/160) +- Ingress Class has Default set to false [#109](https://github.com/ngrok/ngrok-operator/pull/109) ### Added -- Allow controller name to be configured to support multiple ngrok ingress classes [#159](https://github.com/ngrok/kubernetes-ingress-controller/pull/159) -- Allow the controller to be configured to only watch a single namespace [#157](https://github.com/ngrok/kubernetes-ingress-controller/pull/157) -- Pass key/value pairs to helm that get added as json string metadata in ngrok api resources [#156](https://github.com/ngrok/kubernetes-ingress-controller/pull/156) -- merge all ingress objects into a single store to derive Edges. [#129](https://github.com/ngrok/kubernetes-ingress-controller/pull/129), [#10](https://github.com/ngrok/kubernetes-ingress-controller/pull/10), [#131](https://github.com/ngrok/kubernetes-ingress-controller/pull/131), [#137](https://github.com/ngrok/kubernetes-ingress-controller/pull/137) -- Minimum TLS Version Route Module [#125](https://github.com/ngrok/kubernetes-ingress-controller/pull/125) -- Webhook Verification Route Module [#122](https://github.com/ngrok/kubernetes-ingress-controller/pull/122) -- Add/Remove Header Route Module [#121](https://github.com/ngrok/kubernetes-ingress-controller/pull/121) -- Add IP Policy CRD and IP Policy Route Module [#120](https://github.com/ngrok/kubernetes-ingress-controller/pull/120) -- Load certs from the directory `"/etc/ssl/certs/ngrok/"` for ngrok-go if present [#111](https://github.com/ngrok/kubernetes-ingress-controller/pull/111) +- Allow controller name to be configured to support multiple ngrok ingress classes [#159](https://github.com/ngrok/ngrok-operator/pull/159) +- Allow the controller to be configured to only watch a single namespace [#157](https://github.com/ngrok/ngrok-operator/pull/157) +- Pass key/value pairs to helm that get added as json string metadata in ngrok api resources [#156](https://github.com/ngrok/ngrok-operator/pull/156) +- merge all ingress objects into a single store to derive Edges. [#129](https://github.com/ngrok/ngrok-operator/pull/129), [#10](https://github.com/ngrok/ngrok-operator/pull/10), [#131](https://github.com/ngrok/ngrok-operator/pull/131), [#137](https://github.com/ngrok/ngrok-operator/pull/137) +- Minimum TLS Version Route Module [#125](https://github.com/ngrok/ngrok-operator/pull/125) +- Webhook Verification Route Module [#122](https://github.com/ngrok/ngrok-operator/pull/122) +- Add/Remove Header Route Module [#121](https://github.com/ngrok/ngrok-operator/pull/121) +- Add IP Policy CRD and IP Policy Route Module [#120](https://github.com/ngrok/ngrok-operator/pull/120) +- Load certs from the directory `"/etc/ssl/certs/ngrok/"` for ngrok-go if present [#111](https://github.com/ngrok/ngrok-operator/pull/111) ### Fixed -- Fix bug from Driver and Store refactor so ingress status has CNAME Targets for custom domains updated correctly [#162](https://github.com/ngrok/kubernetes-ingress-controller/pull/162) -- Reduce domain controller reconcile counts by not updating domains if they didn't change [#140](https://github.com/ngrok/kubernetes-ingress-controller/pull/140) -- Remove routes from remote API when they are removed from the ingress object [#124](https://github.com/ngrok/kubernetes-ingress-controller/pull/124) +- Fix bug from Driver and Store refactor so ingress status has CNAME Targets for custom domains updated correctly [#162](https://github.com/ngrok/ngrok-operator/pull/162) +- Reduce domain controller reconcile counts by not updating domains if they didn't change [#140](https://github.com/ngrok/ngrok-operator/pull/140) +- Remove routes from remote API when they are removed from the ingress object [#124](https://github.com/ngrok/ngrok-operator/pull/124) ## 0.3.0 diff --git a/Makefile b/Makefile index 8403c663..daf395d9 100644 --- a/Makefile +++ b/Makefile @@ -1,11 +1,11 @@ # Image URL to use all building/pushing image targets -IMG ?= kubernetes-ingress-controller +IMG ?= ngrok-operator # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary. ENVTEST_K8S_VERSION = 1.29.0 -REPO_URL = github.com/ngrok/kubernetes-ingress-controller +REPO_URL = github.com/ngrok/ngrok-operator # Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set) ifeq (,$(shell go env GOBIN)) @@ -25,7 +25,7 @@ VERSION = $(shell cat VERSION) # Tools -HELM_CHART_DIR = ./helm/ingress-controller +HELM_CHART_DIR = ./helm/ngrok-operator HELM_TEMPLATES_DIR = $(HELM_CHART_DIR)/templates # Targets @@ -58,7 +58,7 @@ preflight: ## Verifies required things like the go version .PHONY: manifests manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects. - $(CONTROLLER_GEN) rbac:roleName=ngrok-ingress-controller-manager-role crd webhook paths="{./api/ingress/v1alpha1/, ./api/ngrok/v1alpha1, ./internal/controller/ingress/, ./internal/controller/ngrok/, ./internal/controller/gateway/}" \ + $(CONTROLLER_GEN) rbac:roleName=ngrok-operator-manager-role crd webhook paths="{./api/ingress/v1alpha1/, ./api/ngrok/v1alpha1, ./internal/controller/ingress/, ./internal/controller/ngrok/, ./internal/controller/gateway/}" \ output:crd:artifacts:config=$(HELM_TEMPLATES_DIR)/crds \ output:rbac:artifacts:config=$(HELM_TEMPLATES_DIR)/rbac @@ -115,10 +115,14 @@ ifndef ignore-not-found ignore-not-found = false endif +KUBE_NAMESPACE ?= ngrok-operator +HELM_RELEASE_NAME ?= ngrok-operator +KUBE_DEPLOYMENT_NAME ?= ngrok-operator-manager + .PHONY: deploy deploy: _deploy-check-env-vars docker-build manifests kustomize _helm_setup ## Deploy controller to the K8s cluster specified in ~/.kube/config. - helm upgrade ngrok-ingress-controller $(HELM_CHART_DIR) --install \ - --namespace ngrok-ingress-controller \ + helm upgrade $(HELM_RELEASE_NAME) $(HELM_CHART_DIR) --install \ + --namespace $(KUBE_NAMESPACE) \ --create-namespace \ --set image.repository=$(IMG) \ --set image.tag="latest" \ @@ -129,12 +133,12 @@ deploy: _deploy-check-env-vars docker-build manifests kustomize _helm_setup ## D --set log.level=debug \ --set log.stacktraceLevel=panic \ --set metaData.env=local,metaData.from=makefile &&\ - kubectl rollout restart deployment ngrok-ingress-controller-kubernetes-ingress-controller-manager -n ngrok-ingress-controller + kubectl rollout restart deployment $(KUBE_DEPLOYMENT_NAME) -n $(KUBE_NAMESPACE) .PHONY: deploy_gateway deploy_gateway: _deploy-check-env-vars docker-build manifests kustomize _helm_setup ## Deploy controller to the K8s cluster specified in ~/.kube/config. - helm upgrade ngrok-ingress-controller $(HELM_CHART_DIR) --install \ - --namespace ngrok-ingress-controller \ + helm upgrade $(HELM_RELEASE_NAME) $(HELM_CHART_DIR) --install \ + --namespace $(KUBE_NAMESPACE) \ --create-namespace \ --set image.repository=$(IMG) \ --set image.tag="latest" \ @@ -146,12 +150,12 @@ deploy_gateway: _deploy-check-env-vars docker-build manifests kustomize _helm_se --set log.stacktraceLevel=panic \ --set metaData.env=local,metaData.from=makefile \ --set useExperimentalGatewayApi=true &&\ - kubectl rollout restart deployment ngrok-ingress-controller-kubernetes-ingress-controller-manager -n ngrok-ingress-controller + kubectl rollout restart deployment $(KUBE_DEPLOYMENT_NAME) -n $(KUBE_NAMESPACE) .PHONY: deploy_with_bindings deploy_with_bindings: _deploy-check-env-vars docker-build manifests kustomize _helm_setup ## Deploy controller to the K8s cluster specified in ~/.kube/config. - helm upgrade ngrok-ingress-controller $(HELM_CHART_DIR) --install \ - --namespace ngrok-ingress-controller \ + helm upgrade $(HELM_RELEASE_NAME) $(HELM_CHART_DIR) --install \ + --namespace $(KUBE_NAMESPACE) \ --create-namespace \ --set image.repository=$(IMG) \ --set image.tag="latest" \ @@ -163,7 +167,7 @@ deploy_with_bindings: _deploy-check-env-vars docker-build manifests kustomize _h --set log.stacktraceLevel=panic \ --set metaData.env=local,metaData.from=makefile \ --set enable-feature-bindings=true &&\ - kubectl rollout restart deployment ngrok-ingress-controller-kubernetes-ingress-controller-manager -n ngrok-ingress-controller + kubectl rollout restart deployment $(KUBE_DEPLOYMENT_NAME) -n $(KUBE_NAMESPACE) .PHONY: _deploy-check-env-vars _deploy-check-env-vars: @@ -176,7 +180,7 @@ endif .PHONY: undeploy undeploy: ## Undeploy controller from the K8s cluster specified in ~/.kube/config. - helm uninstall ngrok-ingress-controller + helm uninstall ngrok-operator ##@ Build Dependencies diff --git a/PROJECT b/PROJECT index ff9e3c08..274fcc6c 100644 --- a/PROJECT +++ b/PROJECT @@ -6,8 +6,8 @@ domain: k8s.ngrok.com layout: - go.kubebuilder.io/v4 multigroup: true -projectName: kubernetes-ingress-controller -repo: github.com/ngrok/kubernetes-ingress-controller +projectName: ngrok-operator +repo: github.com/ngrok/ngrok-operator resources: - api: crdVersion: v1 @@ -16,7 +16,7 @@ resources: domain: k8s.ngrok.com group: ingress kind: Domain - path: github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1 + path: github.com/ngrok/ngrok-operator/api/ingress/v1alpha1 version: v1alpha1 - api: crdVersion: v1 @@ -25,7 +25,7 @@ resources: domain: k8s.ngrok.com group: ingress kind: Tunnel - path: github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1 + path: github.com/ngrok/ngrok-operator/api/ingress/v1alpha1 version: v1alpha1 - api: crdVersion: v1 @@ -34,7 +34,7 @@ resources: domain: k8s.ngrok.com group: ingress kind: TCPEdge - path: github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1 + path: github.com/ngrok/ngrok-operator/api/ingress/v1alpha1 version: v1alpha1 - api: crdVersion: v1 @@ -43,7 +43,7 @@ resources: domain: k8s.ngrok.com group: ingress kind: HTTPSEdge - path: github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1 + path: github.com/ngrok/ngrok-operator/api/ingress/v1alpha1 version: v1alpha1 - api: crdVersion: v1 @@ -52,7 +52,7 @@ resources: domain: k8s.ngrok.com group: ingress kind: IPPolicy - path: github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1 + path: github.com/ngrok/ngrok-operator/api/ingress/v1alpha1 version: v1alpha1 - api: crdVersion: v1 @@ -60,7 +60,7 @@ resources: domain: k8s.ngrok.com group: ingress kind: NgrokModule - path: github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1 + path: github.com/ngrok/ngrok-operator/api/ingress/v1alpha1 version: v1alpha1 - api: crdVersion: v1 @@ -68,7 +68,7 @@ resources: domain: k8s.ngrok.com group: ingress kind: NgrokModuleSet - path: github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1 + path: github.com/ngrok/ngrok-operator/api/ingress/v1alpha1 version: v1alpha1 - controller: true domain: k8s.ngrok.com @@ -87,6 +87,6 @@ resources: domain: k8s.ngrok.com group: ngrok kind: NgrokTrafficPolicy - path: github.com/ngrok/kubernetes-ingress-controller/api/ngrok/v1alpha1 + path: github.com/ngrok/ngrok-operator/api/ngrok/v1alpha1 version: v1alpha1 version: "3" diff --git a/README.md b/README.md index bd78ee1f..b17b88f8 100644 --- a/README.md +++ b/README.md @@ -8,10 +8,10 @@

- - CI Status + + CI Status - + License @@ -34,7 +34,7 @@ Leverage [ngrok](https://ngrok.com/) for your ingress in your Kubernetes cluster. Instantly add load balancing, authentication, and observability to your services via ngrok Cloud Edge modules using Custom Resource Definitions (CRDs) and Kubernetes-native tooling. This repo contains both our [Kubernetes Ingress Controller](https://kubernetes.io/docs/concepts/services-networking/ingress/) and the [Kubernetes Gateway API](https://gateway-api.sigs.k8s.io/) -[Installation](#installation) | [Getting Started](https://ngrok.com/docs/using-ngrok-with/k8s/) | [Documentation](#documentation) | [Developer Guide](https://github.com/ngrok/kubernetes-ingress-controller/blob/main/docs/developer-guide/README.md) | [Known Issues](#known-issues) +[Installation](#installation) | [Getting Started](https://ngrok.com/docs/using-ngrok-with/k8s/) | [Documentation](#documentation) | [Developer Guide](https://github.com/ngrok/ngrok-operator/blob/main/docs/developer-guide/README.md) | [Known Issues](#known-issues) ## Installation @@ -55,7 +55,7 @@ export NAMESPACE=[YOUR_K8S_NAMESPACE] export NGROK_AUTHTOKEN=[AUTHTOKEN] export NGROK_API_KEY=[API_KEY] -helm install ngrok-ingress-controller ngrok/kubernetes-ingress-controller \ +helm install ngrok-operator ngrok/ngrok-operator \ --namespace $NAMESPACE \ --create-namespace \ --set credentials.apiKey=$NGROK_API_KEY \ @@ -78,7 +78,7 @@ kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/downloa Then, during the helm install set the experimental gateway flag. ```sh -helm install ngrok-ingress-controller ngrok/kubernetes-ingress-controller \ +helm install ngrok-operator ngrok/ngrok-operator \ --namespace $NAMESPACE \ --create-namespace \ --set credentials.apiKey=$NGROK_API_KEY \ @@ -90,15 +90,15 @@ helm install ngrok-ingress-controller ngrok/kubernetes-ingress-controller \ Apply the [sample combined manifest](manifest-bundle.yaml) from our repo: ```sh -kubectl apply -n ngrok-ingress-controller \ - -f https://raw.githubusercontent.com/ngrok/kubernetes-ingress-controller/main/manifest-bundle.yaml +kubectl apply -n ngrok-operator \ + -f https://raw.githubusercontent.com/ngrok/ngrok-operator/main/manifest-bundle.yaml ``` For a more in-depth installation guide follow our step-by-step [Getting Started](https://ngrok.com/docs/using-ngrok-with/k8s/) guide. ## Documentation -The full documentation for the ngrok Ingress Controller can be found on our [k8s docs](https://ngrok.com/docs/k8s/) +The full documentation for the ngrok Kubernetes Operator can be found on our [k8s docs](https://ngrok.com/docs/k8s/) ## Known Issues @@ -106,7 +106,7 @@ The full documentation for the ngrok Ingress Controller can be found on our [k8s > > This project is currently in beta as we continue testing and receiving feedback. The functionality and CRD contracts may change. It is currently used internally at ngrok for providing ingress to some of our production workloads. -1. Current issues can be found in the GitHub issues. [Known/suspected bugs](https://github.com/ngrok/kubernetes-ingress-controller/issues?q=is%3Aopen+is%3Aissue+label%3Abug) are labeled as `bug`. +1. Current issues can be found in the GitHub issues. [Known/suspected bugs](https://github.com/ngrok/ngrok-operator/issues?q=is%3Aopen+is%3Aissue+label%3Abug) are labeled as `bug`. ## Support @@ -114,6 +114,6 @@ The best place to get support using the ngrok Kubernetes Operator is through the ## License -The ngrok ingress controller is licensed under the terms of the MIT license. +The ngrok Kubernetes Operator is licensed under the terms of the MIT license. See [LICENSE](./LICENSE.txt) for details. diff --git a/cmd/main.go b/cmd/main.go index c5510800..3a657a7d 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -46,16 +46,16 @@ import ( "github.com/ngrok/ngrok-api-go/v5" - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" - ngrokv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ngrok/v1alpha1" - "github.com/ngrok/kubernetes-ingress-controller/internal/annotations" - gatewaycontroller "github.com/ngrok/kubernetes-ingress-controller/internal/controller/gateway" - controllers "github.com/ngrok/kubernetes-ingress-controller/internal/controller/ingress" - ngrokctr "github.com/ngrok/kubernetes-ingress-controller/internal/controller/ngrok" - "github.com/ngrok/kubernetes-ingress-controller/internal/ngrokapi" - "github.com/ngrok/kubernetes-ingress-controller/internal/store" - "github.com/ngrok/kubernetes-ingress-controller/internal/version" - "github.com/ngrok/kubernetes-ingress-controller/pkg/tunneldriver" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" + ngrokv1alpha1 "github.com/ngrok/ngrok-operator/api/ngrok/v1alpha1" + "github.com/ngrok/ngrok-operator/internal/annotations" + gatewaycontroller "github.com/ngrok/ngrok-operator/internal/controller/gateway" + controllers "github.com/ngrok/ngrok-operator/internal/controller/ingress" + ngrokctr "github.com/ngrok/ngrok-operator/internal/controller/ngrok" + "github.com/ngrok/ngrok-operator/internal/ngrokapi" + "github.com/ngrok/ngrok-operator/internal/store" + "github.com/ngrok/ngrok-operator/internal/version" + "github.com/ngrok/ngrok-operator/pkg/tunneldriver" //+kubebuilder:scaffold:imports ) @@ -118,13 +118,15 @@ func cmd() *cobra.Command { c.Flags().StringVar(&opts.metricsAddr, "metrics-bind-address", ":8080", "The address the metric endpoint binds to") c.Flags().StringVar(&opts.probeAddr, "health-probe-bind-address", ":8081", "The address the probe endpoint binds to.") - c.Flags().StringVar(&opts.electionID, "election-id", "ngrok-ingress-controller-leader", "The name of the configmap that is used for holding the leader lock") + c.Flags().StringVar(&opts.electionID, "election-id", "ngrok-operator-leader", "The name of the configmap that is used for holding the leader lock") c.Flags().StringVar(&opts.metaData, "metadata", "", "A comma separated list of key value pairs such as 'key1=value1,key2=value2' to be added to ngrok api resources as labels") c.Flags().StringVar(&opts.region, "region", "", "The region to use for ngrok tunnels") c.Flags().StringVar(&opts.serverAddr, "server-addr", "", "The address of the ngrok server to use for tunnels") c.Flags().StringVar(&opts.apiURL, "api-url", "", "The base URL to use for the ngrok api") + // TODO(operator-rename): This probably needs to be on a per controller basis. Each of the controllers will have their own value or we migrate this to k8s.ngrok.com/ngrok-operator. c.Flags().StringVar(&opts.controllerName, "controller-name", "k8s.ngrok.com/ingress-controller", "The name of the controller to use for matching ingresses classes") c.Flags().StringVar(&opts.watchNamespace, "watch-namespace", "", "Namespace to watch for Kubernetes resources. Defaults to all namespaces.") + // TODO(operator-rename): Same as above, but for the manager name. c.Flags().StringVar(&opts.managerName, "manager-name", "ngrok-ingress-controller-manager", "Manager name to identify unique ngrok ingress controller instances") c.Flags().BoolVar(&opts.useExperimentalGatewayAPI, "use-experimental-gateway-api", false, "sets up experemental gatewayAPI") c.Flags().StringVar(&opts.clusterDomain, "cluster-domain", "svc.cluster.local", "Cluster domain used in the cluster") diff --git a/docs/CONTRIBUTING.md b/docs/CONTRIBUTING.md index e0ba17e2..05361ec5 100644 --- a/docs/CONTRIBUTING.md +++ b/docs/CONTRIBUTING.md @@ -4,7 +4,7 @@ Thank you for deciding to contribute! ## Reporting a bug -To report a bug, please use the [issue template](https://github.com/ngrok/kubernetes-ingress-controller/issues/new/choose) that best matches your issue. +To report a bug, please use the [issue template](https://github.com/ngrok/ngrok-operator/issues/new/choose) that best matches your issue. We will triage and investigate these issues at a regular interval. @@ -12,7 +12,7 @@ We will triage and investigate these issues at a regular interval. Bugfixes and small improvements are always appreciated! -For any larger changes or features, please [open a new issue](https://github.com/ngrok/kubernetes-ingress-controller/issues/new/choose) +For any larger changes or features, please [open a new issue](https://github.com/ngrok/ngrok-operator/issues/new/choose) first to discuss whether the change makes sense. When in doubt, it's always okay to open an issue first. ## Local development diff --git a/docs/README.md b/docs/README.md index 583499b1..fea313aa 100644 --- a/docs/README.md +++ b/docs/README.md @@ -7,7 +7,7 @@

-# ngrok Kubernetes Ingress Controller Documentation +# ngrok Kubernetes Operator Documentation This is the ngrok ingress controller. It can be deployed and operated to a cluster and operated by a team allowing others to create ingress objects to dynamically self service ingress to their apps and services using a shared ngrok account. This is a great way to get started with ngrok and Kubernetes. diff --git a/docs/developer-guide/README.md b/docs/developer-guide/README.md index 087933f8..6f113c87 100644 --- a/docs/developer-guide/README.md +++ b/docs/developer-guide/README.md @@ -22,18 +22,18 @@ Both of these can be obtained via [nix-direnv](https://github.com/nix-community/ export NGROK_API_KEY= export NGROK_AUTHTOKEN= # kubectl can connect to your cluster and images built locally are available to the cluster -kubectl create namespace ngrok-ingress-controller -kubectl config set-context --current --namespace=ngrok-ingress-controller +kubectl create namespace ngrok-operator +kubectl config set-context --current --namespace=ngrok-operator make deploy ``` > Note: You may also need to load the image into your cluster. -> For example with `kind` this is done with `kind load docker-image kubernetes-ingress-controller` +> For example with `kind` this is done with `kind load docker-image ngrok-operator` ### Using the E2E Fixtures -Several examples are provided in the [`e2e-fixtures` folder](https://github.com/ngrok/kubernetes-ingress-controller/tree/main/e2e-fixtures). To use an example, make a copy of the included `EXAMPLE*config.yaml` in the same directory, like this: +Several examples are provided in the [`e2e-fixtures` folder](https://github.com/ngrok/ngrok-operator/tree/main/e2e-fixtures). To use an example, make a copy of the included `EXAMPLE*config.yaml` in the same directory, like this: - `cp e2e-fixtures/hello-world-ingress/EXAMPLE-config.yaml e2e-fixtures/hello-world-ingress/config.yaml` - `cp e2e-fixtures/ingress-class/EXAMPLE-config-different.yaml e2e-fixtures/ingress-class/config-different.yaml` diff --git a/docs/developer-guide/architecture.md b/docs/developer-guide/architecture.md index 2deff3a2..c188679b 100644 --- a/docs/developer-guide/architecture.md +++ b/docs/developer-guide/architecture.md @@ -18,9 +18,9 @@ Individual controllers and the overall Manager are built using the kubernetes co ## Controllers -Internally, the ngrok Kubernetes Ingress Controller is made up of multiple controllers working in concert with each other, communicating via the Kubernetes API to interpret Ingress objects and convert them into managed ngrok Edges and other resources. +Internally, the ngrok Kubernetes Operator is made up of multiple controllers working in concert with each other, communicating via the Kubernetes API to interpret Ingress objects and convert them into managed ngrok Edges and other resources. -Each of these controllers uses the same basic workflow to manage its resources. This will be dried up and documented as a part of [this issue](https://github.com/ngrok/kubernetes-ingress-controller/issues/118) +Each of these controllers uses the same basic workflow to manage its resources. This will be dried up and documented as a part of [this issue](https://github.com/ngrok/ngrok-operator/issues/118) The following controllers for the most part manage a single resource and reflect those changes in the ngrok API. - [IP Policy Controller](../../internal/controllers/ippolicy_controller.go): It simply watches these CRDs and reflects the changes in the ngrok API. diff --git a/docs/developer-guide/releasing.md b/docs/developer-guide/releasing.md index 4cab5048..3c61013a 100644 --- a/docs/developer-guide/releasing.md +++ b/docs/developer-guide/releasing.md @@ -18,13 +18,13 @@ docker image can be used to run the Ingress Controller in a Kubernetes cluster w ### Docker Image The Docker image contains the ngrok Ingress Controller binary and is available on -Docker Hub [here](https://hub.docker.com/r/ngrok/kubernetes-ingress-controller). We currently +Docker Hub [here](https://hub.docker.com/r/ngrok/ngrok-operator). We currently support `amd64` and `arm64` architectures, with future plans to build for other architectures. ### Helm Chart The helm chart is packaged and published to its own [helm repository](https://charts.ngrok.com/index.yaml) -and can be installed by following the instructions in the chart's [README](../helm/ingress-controller/README.md). +and can be installed by following the instructions in the chart's [README](../helm/ingress-operator/README.md). ## Semantic Versioning @@ -62,15 +62,15 @@ to the semantic versioning spec as described above. #### Controller -Releases of the controller will be tagged with a prefix of `kubernetes-ingress-controller-`. For example, -version `1.2.0` of the docker image will have a git tag of `kubernetes-ingress-controller-1.2.0` which -contains the code used to build the docker image `ngrok/kubernetes-ingress-controller:1.2.0`. +Releases of the controller will be tagged with a prefix of `ngrok-operator-`. For example, +version `1.2.0` of the docker image will have a git tag of `ngrok-oeprator-1.2.0` which +contains the code used to build the docker image `ngrok/ngrok-operator:1.2.0`. When changes that would affect the controller's docker image are pushed to `main`, a github workflow -will trigger. The workflow will build and publish the `ngrok/kubernetes-ingress-controller:latest` docker +will trigger. The workflow will build and publish the `ngrok/ngrok-operator:latest` docker image. If the `VERSION` file at the root of the repo is changed, the workflow will also create a git tag for the controller as described above and publish a tagged docker image. For instance when the -`VERSION` is changed to `1.2.0`, the workflow will create a git tag of `kubernetes-ingress-controller-1.2.0` -and publish the docker image `ngrok/kubernetes-ingress-controller:1.2.0`. +`VERSION` is changed to `1.2.0`, the workflow will create a git tag of `ngrok-operator-1.2.0` +and publish the docker image `ngrok/ngrok-operator:1.2.0`. diff --git a/docs/examples/consul/README.md b/docs/examples/consul/README.md index e85b6679..2c99123b 100644 --- a/docs/examples/consul/README.md +++ b/docs/examples/consul/README.md @@ -1,6 +1,6 @@ # Ingress into Consul Service Mesh on Minikube -This tutorial will guide you through the process of installing the ngrok Kubernetes Ingress Controller into a local Minikube cluster running a Consul Service Mesh. We will first follow the Consul Minikube setup guide, and then install the ngrok Kubernetes Ingress Controller to provide ingress to the Demo Counter Application. +This tutorial will guide you through the process of installing the ngrok Kubernetes Operator into a local Minikube cluster running a Consul Service Mesh. We will first follow the Consul Minikube setup guide, and then install the ngrok Kubernetes Operator to provide ingress to the Demo Counter Application. ## Prerequisites - your api key and authtoken from your ngrok account @@ -35,7 +35,7 @@ Next we'll export our credentials as environment variables and install the contr export NGROK_API_KEY= export NGROK_AUTHTOKEN= -helm install ngrok-ingress-controller ngrok/kubernetes-ingress-controller --version 0.6.0 \ +helm install ngrok-operator ngrok/ngrok-operator --version 0.6.0 \ --namespace default \ --set credentials.apiKey=$NGROK_API_KEY \ --set credentials.authtoken=$NGROK_AUTHTOKEN @@ -49,10 +49,10 @@ At this point, the ngrok ingress controller pods may not be running yet. This is apiVersion: v1 kind: Service metadata: - name: ngrok-ingress-controller-kubernetes-ingress-controller + name: ngrok-operator namespace: default labels: - app: ngrok-ingress-controller-kubernetes-ingress-controller + app: ngrok-operator spec: ports: - name: http @@ -60,16 +60,16 @@ spec: protocol: TCP targetPort: 80 selector: - app.kubernetes.io/name: kubernetes-ingress-controller + app.kubernetes.io/name: ngrok-operator ``` Now we can verify the controller is running and healthy: ```bash -kubectl get pods -l 'app.kubernetes.io/name=kubernetes-ingress-controller' -n default +kubectl get pods -l 'app.kubernetes.io/name=ngrok-operator' -n default NAME READY STATUS RESTARTS AGE -ngrok-ingress-controller-kubernetes-ingress-controller-manqwlhz 2/2 Running 2 (93s ago) 2m17s +ngrok-operator-ngrok-operator-manager-qwlhz 2/2 Running 2 (93s ago) 2m17s ``` Setting Up Ingress for the Demo Counter Application @@ -80,14 +80,14 @@ With the controller running, we can set up ingress for the Demo Counter Applicat apiVersion: consul.hashicorp.com/v1alpha1 kind: ServiceIntentions metadata: - name: ngrok-ingress-controller-kubernetes-ingress-controller + name: ngrok-operator namespace: default spec: destination: name: dashboard sources: - action: allow - name: ngrok-ingress-controller-kubernetes-ingress-controller + name: ngrok-operator ``` diff --git a/docs/examples/hello-world/README.md b/docs/examples/hello-world/README.md index 4ec146e4..590b4f51 100644 --- a/docs/examples/hello-world/README.md +++ b/docs/examples/hello-world/README.md @@ -15,9 +15,8 @@ First we need to install the controller in the cluster. We'll export our credent export NGROK_API_KEY= export NGROK_AUTHTOKEN= helm repo add ngrok https://charts.ngrok.com -helm install ngrok-ingress-controller ngrok/kubernetes-ingress-controller --version 0.8.0 \ - --set image.tag=0.4.0 \ - --namespace ngrok-ingress-controller \ +helm install ngrok-operator ngrok/ngrok-operator + --namespace ngrok-operator \ --create-namespace \ --set credentials.apiKey=$NGROK_API_KEY \ --set credentials.authtoken=$NGROK_AUTHTOKEN @@ -26,13 +25,13 @@ helm install ngrok-ingress-controller ngrok/kubernetes-ingress-controller --vers Verify the controller is running and healthy: ```bash -kubectl get pods -n ngrok-ingress-controller +kubectl get pods -n ngrok-operator ``` You should see something like this: ```bash NAME READY STATUS RESTARTS AGE -ngrok-ingress-controller-kubernetes-ingress-controller-mank8zgx 1/1 Running 0 104s +ngrok-operator-ngrok-operator-manager-k8zgx 1/1 Running 0 104s ``` ## Setup Ingress for a Service diff --git a/go.mod b/go.mod index 923f96a3..2f738359 100644 --- a/go.mod +++ b/go.mod @@ -1,4 +1,4 @@ -module github.com/ngrok/kubernetes-ingress-controller +module github.com/ngrok/ngrok-operator go 1.22 diff --git a/helm/ingress-controller/.gitignore b/helm/ngrok-operator/.gitignore similarity index 100% rename from helm/ingress-controller/.gitignore rename to helm/ngrok-operator/.gitignore diff --git a/helm/ingress-controller/.helmignore b/helm/ngrok-operator/.helmignore similarity index 100% rename from helm/ingress-controller/.helmignore rename to helm/ngrok-operator/.helmignore diff --git a/helm/ingress-controller/CHANGELOG.md b/helm/ngrok-operator/CHANGELOG.md similarity index 61% rename from helm/ingress-controller/CHANGELOG.md rename to helm/ngrok-operator/CHANGELOG.md index 63149f57..8aa3e815 100644 --- a/helm/ingress-controller/CHANGELOG.md +++ b/helm/ngrok-operator/CHANGELOG.md @@ -9,7 +9,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### DEPRECATION ANNOUNCEMENT / ACTION REQUIRED -See Full Announcement: https://github.com/ngrok/kubernetes-ingress-controller/discussions +See Full Announcement: https://github.com/ngrok/ngrok-operator/discussions On Wednesday September 11th, 2024 this Helm Chart will be renamed to ngrok/ngrok-operator. @@ -23,7 +23,7 @@ Please update your Helm repo with the following commands: If you need additional help, please reach out to our support team at https://ngrok.com/support ## 0.14.3 -**Full Changelog**: https://github.com/ngrok/kubernetes-ingress-controller/compare/helm-chart-0.14.2...helm-chart-0.14.3 +**Full Changelog**: https://github.com/ngrok/ngrok-operator/compare/helm-chart-0.14.2...helm-chart-0.14.3 ### Changed @@ -31,35 +31,35 @@ If you need additional help, please reach out to our support team at https://ngr ## 0.14.2 -**Full Changelog**: https://github.com/ngrok/kubernetes-ingress-controller/compare/helm-chart-0.14.1...helm-chart-0.14.2 +**Full Changelog**: https://github.com/ngrok/ngrok-operator/compare/helm-chart-0.14.1...helm-chart-0.14.2 ### Added -- feat: Ability to specify cluster domain [#339](https://github.com/ngrok/kubernetes-ingress-controller/pull/339). Thank you, @fr6nco ! +- feat: Ability to specify cluster domain [#339](https://github.com/ngrok/ngrok-operator/pull/339). Thank you, @fr6nco ! ### Changed - Bump image version from `0.12.1` to `0.12.2` ## 0.14.1 -**Full Changelog**: https://github.com/ngrok/kubernetes-ingress-controller/compare/helm-chart-0.14.0...helm-chart-0.14.1 +**Full Changelog**: https://github.com/ngrok/ngrok-operator/compare/helm-chart-0.14.0...helm-chart-0.14.1 ### Changed - Bump image version from `0.12.0` to `0.12.1` ## 0.14.0 -**Full Changelog**: https://github.com/ngrok/kubernetes-ingress-controller/compare/helm-chart-0.13.0...helm-chart-0.14.0 +**Full Changelog**: https://github.com/ngrok/ngrok-operator/compare/helm-chart-0.13.0...helm-chart-0.14.0 ### Added -- feat: Auto-provision domain for TLS Edges [#386]( https://github.com/ngrok/kubernetes-ingress-controller/pull/386) -- feat: Support for Load Balancer services [#387](https://github.com/ngrok/kubernetes-ingress-controller/pull/387) -- feat: Support TLS termination in modulesets for Load Balancer Services [388](https://github.com/ngrok/kubernetes-ingress-controller/pull/388) +- feat: Auto-provision domain for TLS Edges [#386]( https://github.com/ngrok/ngrok-operator/pull/386) +- feat: Support for Load Balancer services [#387](https://github.com/ngrok/ngrok-operator/pull/387) +- feat: Support TLS termination in modulesets for Load Balancer Services [388](https://github.com/ngrok/ngrok-operator/pull/388) ## 0.13.0 -**Full Changelog**: https://github.com/ngrok/kubernetes-ingress-controller/compare/helm-chart-0.12.4...helm-chart-0.13.0 +**Full Changelog**: https://github.com/ngrok/ngrok-operator/compare/helm-chart-0.12.4...helm-chart-0.13.0 **Important**: If you are upgrading from a previous version and are using `helm install` or `helm upgrade`, you will need to manually apply the changes to the CRDs. This is because the CRDs are not [updated automatically when the chart is updated](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). To do this, apply the contents of the `crds` directory in the chart to your cluster. @@ -70,13 +70,13 @@ kubectl apply -f ./helm/ingress-controller/templates/crds/ ### Added -- root-cas setting [#371](https://github.com/ngrok/kubernetes-ingress-controller/pull/371) +- root-cas setting [#371](https://github.com/ngrok/ngrok-operator/pull/371) Takes an install option for `--set rootCAs=host` and plumb the isHostCA check into the caCerts for it to just get the host certs. -- feat: Add support for mutualTLS [#373](https://github.com/ngrok/kubernetes-ingress-controller/pull/373) +- feat: Add support for mutualTLS [#373](https://github.com/ngrok/ngrok-operator/pull/373) ### Changed -- Update nix flake, go version, and Makefile dep versions [#379](https://github.com/ngrok/kubernetes-ingress-controller/pull/379) +- Update nix flake, go version, and Makefile dep versions [#379](https://github.com/ngrok/ngrok-operator/pull/379) ## 0.12.4 @@ -90,12 +90,12 @@ kubectl apply -f ./helm/ingress-controller/templates/crds/ ## 0.12.1 - Update to version 0.10.1 of the ingress controller, which includes: - - IPPolicy controller wasn't applying the attached rules, leaving the IP policy in its current state [#315](https://github.com/ngrok/kubernetes-ingress-controller/pull/315) + - IPPolicy controller wasn't applying the attached rules, leaving the IP policy in its current state [#315](https://github.com/ngrok/ngrok-operator/pull/315) ## 0.12.0 - Update to version 0.10.0 of the ingress controller, this includes: - - TLSEdge support - see the [TCP and TLS Edges Guide](https://github.com/ngrok/kubernetes-ingress-controller/blob/main/docs/user-guide/tcp-tls-edges.md) for more details. + - TLSEdge support - see the [TCP and TLS Edges Guide](https://github.com/ngrok/ngrok-operator/blob/main/docs/user-guide/tcp-tls-edges.md) for more details. - A fix for renegotiating TLS backends ## 0.11.0 @@ -103,45 +103,45 @@ kubectl apply -f ./helm/ingress-controller/templates/crds/ ** Important ** This version of the controller changes the ownership model for https edge and tunnel CRs. To ease out the transition to the new ownership, make sure to run `migrate-edges.sh` and `migrate-tunnels.sh` scripts before installing the new version. ### Changed -- Specify IPPolicyRule action as an enum of (allow,deny) as part of [#260](https://github.com/ngrok/kubernetes-ingress-controller/pull/260) -- Handle special case for changing auth types that causes an error during state transition [#259](https://github.com/ngrok/kubernetes-ingress-controller/pull/259) -- Better handling when changing pathType between 'Exact' and 'Prefix' [#262](https://github.com/ngrok/kubernetes-ingress-controller/pull/262) -- Update ngrok-go to 1.4.0 [#298](https://github.com/ngrok/kubernetes-ingress-controller/pull/298) -- Tunnels are now unique in their respective namespace, not across the cluster [#281](https://github.com/ngrok/kubernetes-ingress-controller/pull/281) -- The CRs that ingress controller creates are uniquely marked and managed by it. Other CRs created manually are no longer deleted when the ingress controller is not using them [#267](https://github.com/ngrok/kubernetes-ingress-controller/issues/267); fixed for tunnel in [#285](https://github.com/ngrok/kubernetes-ingress-controller/pull/285) and for https edges in [#286](https://github.com/ngrok/kubernetes-ingress-controller/pull/286) -- Better error handling and retry, specifically for the case where we try to create an https edge for a domain which is not created yet [#283](https://github.com/ngrok/kubernetes-ingress-controller/issues/283); fixed in [#288](https://github.com/ngrok/kubernetes-ingress-controller/pull/288) -- Watch and apply ngrok module set CR changes [#287](https://github.com/ngrok/kubernetes-ingress-controller/issues/287); fixed in [#290](https://github.com/ngrok/kubernetes-ingress-controller/pull/290) -- Label https edges and tunnels with service UID to make them more unique within ngrok [#291](https://github.com/ngrok/kubernetes-ingress-controller/issues/291); fixed in [#293](https://github.com/ngrok/kubernetes-ingress-controller/pull/293) and [#302](https://github.com/ngrok/kubernetes-ingress-controller/pull/302) +- Specify IPPolicyRule action as an enum of (allow,deny) as part of [#260](https://github.com/ngrok/ngrok-operator/pull/260) +- Handle special case for changing auth types that causes an error during state transition [#259](https://github.com/ngrok/ngrok-operator/pull/259) +- Better handling when changing pathType between 'Exact' and 'Prefix' [#262](https://github.com/ngrok/ngrok-operator/pull/262) +- Update ngrok-go to 1.4.0 [#298](https://github.com/ngrok/ngrok-operator/pull/298) +- Tunnels are now unique in their respective namespace, not across the cluster [#281](https://github.com/ngrok/ngrok-operator/pull/281) +- The CRs that ingress controller creates are uniquely marked and managed by it. Other CRs created manually are no longer deleted when the ingress controller is not using them [#267](https://github.com/ngrok/ngrok-operator/issues/267); fixed for tunnel in [#285](https://github.com/ngrok/ngrok-operator/pull/285) and for https edges in [#286](https://github.com/ngrok/ngrok-operator/pull/286) +- Better error handling and retry, specifically for the case where we try to create an https edge for a domain which is not created yet [#283](https://github.com/ngrok/ngrok-operator/issues/283); fixed in [#288](https://github.com/ngrok/ngrok-operator/pull/288) +- Watch and apply ngrok module set CR changes [#287](https://github.com/ngrok/ngrok-operator/issues/287); fixed in [#290](https://github.com/ngrok/ngrok-operator/pull/290) +- Label https edges and tunnels with service UID to make them more unique within ngrok [#291](https://github.com/ngrok/ngrok-operator/issues/291); fixed in [#293](https://github.com/ngrok/ngrok-operator/pull/293) and [#302](https://github.com/ngrok/ngrok-operator/pull/302) ### Added -- Add support for configuring pod affinities, pod disruption budget, and priorityClassName [#258](https://github.com/ngrok/kubernetes-ingress-controller/pull/258) -- The controller stopping at the first resource create [#270](https://github.com/ngrok/kubernetes-ingress-controller/pull/270) -- Using `make deploy` now requires `NGROK_AUTHTOKEN` and `NGROK_API_KEY` to be set [#292](https://github.com/ngrok/kubernetes-ingress-controller/pull/292) +- Add support for configuring pod affinities, pod disruption budget, and priorityClassName [#258](https://github.com/ngrok/ngrok-operator/pull/258) +- The controller stopping at the first resource create [#270](https://github.com/ngrok/ngrok-operator/pull/270) +- Using `make deploy` now requires `NGROK_AUTHTOKEN` and `NGROK_API_KEY` to be set [#292](https://github.com/ngrok/ngrok-operator/pull/292) ## 0.10.0 ### Added -- Support HTTPS backends via service annotation [#238](https://github.com/ngrok/kubernetes-ingress-controller/pull/238) +- Support HTTPS backends via service annotation [#238](https://github.com/ngrok/ngrok-operator/pull/238) ### Changed -- Normalize all ngrok `.io` TLD to `.app` TLD [#240](https://github.com/ngrok/kubernetes-ingress-controller/pull/240) +- Normalize all ngrok `.io` TLD to `.app` TLD [#240](https://github.com/ngrok/ngrok-operator/pull/240) - Chart Icon ### Fixed -- Add namespace to secret [#244](https://github.com/ngrok/kubernetes-ingress-controller/pull/244). Thank you for the contribution, @vincetse! +- Add namespace to secret [#244](https://github.com/ngrok/ngrok-operator/pull/244). Thank you for the contribution, @vincetse! ## 0.9.0 ### Added -- Add a 'podLabels' option to the helm chart [#212](https://github.com/ngrok/kubernetes-ingress-controller/pull/212). -- Permission to `get`,`list`, and `watch` `services` [#222](https://github.com/ngrok-kubernetes-ingress-controller/pull/222). +- Add a 'podLabels' option to the helm chart [#212](https://github.com/ngrok/ngrok-operator/pull/212). +- Permission to `get`,`list`, and `watch` `services` [#222](https://github.com/ngrok/ngrok-operator/pull/222). ## 0.8.0 ### Changed -- Log Level configuration to helm chart [#199](https://github.com/ngrok/kubernetes-ingress-controller/pull/199). -- Bump default controller image to use `0.6.0` release [#204](https://github.com/ngrok/kubernetes-ingress-controller/pull/204). +- Log Level configuration to helm chart [#199](https://github.com/ngrok/ngrok-operator/pull/199). +- Bump default controller image to use `0.6.0` release [#204](https://github.com/ngrok/ngrok-operator/pull/204). ### Fixed -- update default-container annotation so logs work correctly [#197](https://github.com/ngrok/kubernetes-ingress-controller/pull/197) +- update default-container annotation so logs work correctly [#197](https://github.com/ngrok/ngrok-operator/pull/197) ## 0.7.0 @@ -157,18 +157,18 @@ kubectl apply -f ./helm/ingress-controller/templates/crds/ ## 0.6.0 ### Changed -- Ingress Class has Default set to false [#109](https://github.com/ngrok/kubernetes-ingress-controller/pull/109) +- Ingress Class has Default set to false [#109](https://github.com/ngrok/ngrok-operator/pull/109) ### Added -- Allow controller name to be configured to support multiple ngrok ingress classes [#159](https://github.com/ngrok/kubernetes-ingress-controller/pull/159) -- Allow the controller to be configured to only watch a single namespace [#157](https://github.com/ngrok/kubernetes-ingress-controller/pull/157) -- Pass key/value pairs to helm that get added as json string metadata in ngrok api resources [#156](https://github.com/ngrok/kubernetes-ingress-controller/pull/156) -- Add IP Policy CRD and IP Policy Route Module [#120](https://github.com/ngrok/kubernetes-ingress-controller/pull/120) -- Load certs from the directory `"/etc/ssl/certs/ngrok/"` for ngrok-go if present [#111](https://github.com/ngrok/kubernetes-ingress-controller/pull/111) +- Allow controller name to be configured to support multiple ngrok ingress classes [#159](https://github.com/ngrok/ngrok-operator/pull/159) +- Allow the controller to be configured to only watch a single namespace [#157](https://github.com/ngrok/ngrok-operator/pull/157) +- Pass key/value pairs to helm that get added as json string metadata in ngrok api resources [#156](https://github.com/ngrok/ngrok-operator/pull/156) +- Add IP Policy CRD and IP Policy Route Module [#120](https://github.com/ngrok/ngrok-operator/pull/120) +- Load certs from the directory `"/etc/ssl/certs/ngrok/"` for ngrok-go if present [#111](https://github.com/ngrok/ngrok-operator/pull/111) ## 0.5.0 ### Changed -- Renamed chart from `ngrok-ingress-controller` to `kubernetes-ingress-controller`. +- Renamed chart from `ngrok-operator` to `kubernetes-ingress-controller`. - Added CRDs for `domains`, `tcpedges`, and `httpsedges`. ## 0.4.0 diff --git a/helm/ingress-controller/Chart.lock b/helm/ngrok-operator/Chart.lock similarity index 100% rename from helm/ingress-controller/Chart.lock rename to helm/ngrok-operator/Chart.lock diff --git a/helm/ingress-controller/Chart.yaml b/helm/ngrok-operator/Chart.yaml similarity index 68% rename from helm/ingress-controller/Chart.yaml rename to helm/ngrok-operator/Chart.yaml index dd8821da..be08d4c3 100644 --- a/helm/ingress-controller/Chart.yaml +++ b/helm/ngrok-operator/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 -name: kubernetes-ingress-controller -description: A Kubernetes ingress controller built using ngrok. +name: ngrok-operator +description: The official ngrok Kubernetes Operator. version: 0.15.0 appVersion: 0.12.2 keywords: @@ -11,7 +11,7 @@ keywords: - api gateway home: https://ngrok.com sources: - - https://github.com/ngrok/kubernetes-ingress-controller + - https://github.com/ngrok/ngrok-operator icon: https://charts.ngrok.com/assets/ngrok-favicon.svg dependencies: - name: common diff --git a/helm/ingress-controller/README.md b/helm/ngrok-operator/README.md similarity index 87% rename from helm/ingress-controller/README.md rename to helm/ngrok-operator/README.md index e3d9ce31..085e40af 100644 --- a/helm/ingress-controller/README.md +++ b/helm/ngrok-operator/README.md @@ -6,7 +6,7 @@ This is the helm chart to install the ngrok ingress controller ## Prerequisites -The cluster Must be setup with a secret named `ngrok-ingress-controller-credentials` with the following keys: +The cluster Must be setup with a secret named `ngrok-operator-credentials` with the following keys: * AUTHTOKEN * API\_KEY @@ -22,13 +22,13 @@ Once Helm has been set up correctly, add the repo as follows: If you had already added this repo earlier, run `helm repo update` to retrieve the latest versions of the packages. You can then run `helm search repo ngrok` to see the charts. -To install the ngrok-ingress-controller chart: +To install the ngrok-operator chart: -`helm install my-ngrok-ingress-controller ngrok/kubernetes-ingress-controller` +`helm install my-ngrok-operator ngrok/ngrok-operator` To uninstall the chart: -`helm delete my-ngrok-ingress-controller` +`helm delete my-ngrok-operator` ## Parameters @@ -45,51 +45,51 @@ To uninstall the chart: ### Controller parameters -| Name | Description | Value | -| ------------------------------------ | --------------------------------------------------------------------------------------------------------------------- | ------------------------------------- | -| `podAnnotations` | Used to apply custom annotations to the ingress pods. | `{}` | -| `podLabels` | Used to apply custom labels to the ingress pods. | `{}` | -| `replicaCount` | The number of controllers to run. | `1` | -| `image.registry` | The ngrok ingress controller image registry. | `docker.io` | -| `image.repository` | The ngrok ingress controller image repository. | `ngrok/kubernetes-ingress-controller` | -| `image.tag` | The ngrok ingress controller image tag. Defaults to the chart's appVersion if not specified | `""` | -| `image.pullPolicy` | The ngrok ingress controller image pull policy. | `IfNotPresent` | -| `image.pullSecrets` | An array of imagePullSecrets to be used when pulling the image. | `[]` | -| `ingressClass.name` | The name of the ingress class to use. | `ngrok` | -| `ingressClass.create` | Whether to create the ingress class. | `true` | -| `ingressClass.default` | Whether to set the ingress class as default. | `false` | -| `controllerName` | The name of the controller to look for matching ingress classes | `k8s.ngrok.com/ingress-controller` | -| `watchNamespace` | The namespace to watch for ingress resources. Defaults to all | `""` | -| `credentials.secret.name` | The name of the secret the credentials are in. If not provided, one will be generated using the helm release name. | `""` | -| `credentials.apiKey` | Your ngrok API key. If provided, it will be will be written to the secret and the authtoken must be provided as well. | `""` | -| `credentials.authtoken` | Your ngrok authtoken. If provided, it will be will be written to the secret and the apiKey must be provided as well. | `""` | -| `region` | ngrok region to create tunnels in. Defaults to connect to the closest geographical region. | `""` | -| `rootCAs` | Set to "trusted" for the ngrok agent CA or "host" to trust the host's CA. Defaults to "trusted". | `""` | -| `serverAddr` | This is the address of the ngrok server to connect to. You should set this if you are using a custom ingress address. | `""` | -| `clusterDomain` | Injects the cluster domain name for service discovery. | `svc.cluster.local` | -| `apiURL` | This is the URL of the ngrok API. You should set this if you are using a custom API URL. | `""` | -| `metaData` | This is a map of key/value pairs that will be added as meta data to all ngrok api resources created | `{}` | -| `affinity` | Affinity for the controller pod assignment | `{}` | -| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set. | `""` | -| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | -| `priorityClassName` | Priority class for pod scheduling | `""` | -| `podDisruptionBudget.create` | Enable a Pod Disruption Budget creation | `false` | -| `podDisruptionBudget.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `""` | -| `podDisruptionBudget.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `1` | -| `resources.limits` | The resources limits for the container | `{}` | -| `resources.requests` | The requested resources for the container | `{}` | -| `extraVolumes` | An array of extra volumes to add to the controller. | `[]` | -| `extraVolumeMounts` | An array of extra volume mounts to add to the controller. | `[]` | -| `extraEnv` | an object of extra environment variables to add to the controller. | `{}` | -| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `serviceAccount.name` | The name of the ServiceAccount to use. | `""` | -| `serviceAccount.annotations` | Additional annotations to add to the ServiceAccount | `{}` | -| `log.level` | The level to log at. One of 'debug', 'info', or 'error'. | `info` | -| `log.stacktraceLevel` | The level to report stacktrace logs one of 'info' or 'error'. | `error` | -| `log.format` | The log format to use. One of console, json. | `json` | -| `lifecycle` | an object containing lifecycle configuration | `{}` | -| `bindings.enabled` | Whether to enable the Endpoint Bindings feature | `false` | +| Name | Description | Value | +| ------------------------------------ | --------------------------------------------------------------------------------------------------------------------- | ---------------------------------- | +| `podAnnotations` | Used to apply custom annotations to the ingress pods. | `{}` | +| `podLabels` | Used to apply custom labels to the ingress pods. | `{}` | +| `replicaCount` | The number of controllers to run. | `1` | +| `image.registry` | The ngrok operator image registry. | `docker.io` | +| `image.repository` | The ngrok operator image repository. | `ngrok/ngrok-operator` | +| `image.tag` | The ngrok operator image tag. Defaults to the chart's appVersion if not specified | `""` | +| `image.pullPolicy` | The ngrok operator image pull policy. | `IfNotPresent` | +| `image.pullSecrets` | An array of imagePullSecrets to be used when pulling the image. | `[]` | +| `ingressClass.name` | The name of the ingress class to use. | `ngrok` | +| `ingressClass.create` | Whether to create the ingress class. | `true` | +| `ingressClass.default` | Whether to set the ingress class as default. | `false` | +| `controllerName` | The name of the controller to look for matching ingress classes | `k8s.ngrok.com/ingress-controller` | +| `watchNamespace` | The namespace to watch for ingress resources. Defaults to all | `""` | +| `credentials.secret.name` | The name of the secret the credentials are in. If not provided, one will be generated using the helm release name. | `""` | +| `credentials.apiKey` | Your ngrok API key. If provided, it will be will be written to the secret and the authtoken must be provided as well. | `""` | +| `credentials.authtoken` | Your ngrok authtoken. If provided, it will be will be written to the secret and the apiKey must be provided as well. | `""` | +| `region` | ngrok region to create tunnels in. Defaults to connect to the closest geographical region. | `""` | +| `rootCAs` | Set to "trusted" for the ngrok agent CA or "host" to trust the host's CA. Defaults to "trusted". | `""` | +| `serverAddr` | This is the address of the ngrok server to connect to. You should set this if you are using a custom ingress address. | `""` | +| `clusterDomain` | Injects the cluster domain name for service discovery. | `svc.cluster.local` | +| `apiURL` | This is the URL of the ngrok API. You should set this if you are using a custom API URL. | `""` | +| `metaData` | This is a map of key/value pairs that will be added as meta data to all ngrok api resources created | `{}` | +| `affinity` | Affinity for the controller pod assignment | `{}` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match. Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `priorityClassName` | Priority class for pod scheduling | `""` | +| `podDisruptionBudget.create` | Enable a Pod Disruption Budget creation | `false` | +| `podDisruptionBudget.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `""` | +| `podDisruptionBudget.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `1` | +| `resources.limits` | The resources limits for the container | `{}` | +| `resources.requests` | The requested resources for the container | `{}` | +| `extraVolumes` | An array of extra volumes to add to the controller. | `[]` | +| `extraVolumeMounts` | An array of extra volume mounts to add to the controller. | `[]` | +| `extraEnv` | an object of extra environment variables to add to the controller. | `{}` | +| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `serviceAccount.name` | The name of the ServiceAccount to use. | `""` | +| `serviceAccount.annotations` | Additional annotations to add to the ServiceAccount | `{}` | +| `log.level` | The level to log at. One of 'debug', 'info', or 'error'. | `info` | +| `log.stacktraceLevel` | The level to report stacktrace logs one of 'info' or 'error'. | `error` | +| `log.format` | The log format to use. One of console, json. | `json` | +| `lifecycle` | an object containing lifecycle configuration | `{}` | +| `bindings.enabled` | Whether to enable the Endpoint Bindings feature | `false` | diff --git a/helm/ingress-controller/templates/NOTES.txt b/helm/ngrok-operator/templates/NOTES.txt similarity index 96% rename from helm/ingress-controller/templates/NOTES.txt rename to helm/ngrok-operator/templates/NOTES.txt index 5bd07dc8..ac35595e 100644 --- a/helm/ingress-controller/templates/NOTES.txt +++ b/helm/ngrok-operator/templates/NOTES.txt @@ -1,6 +1,6 @@ === DEPRECATION ANNOUNCEMENT / ACTION REQUIRED ================================= -See Full Announcement: https://github.com/ngrok/kubernetes-ingress-controller/discussions +See Full Announcement: https://github.com/ngrok/ngrok-operator/discussions On Wednesday September 11th, 2024 this Helm Chart will be renamed to ngrok/ngrok-operator. diff --git a/helm/ingress-controller/templates/_helpers.tpl b/helm/ngrok-operator/templates/_helpers.tpl similarity index 65% rename from helm/ingress-controller/templates/_helpers.tpl rename to helm/ngrok-operator/templates/_helpers.tpl index c5be41cb..d29cb8ab 100644 --- a/helm/ingress-controller/templates/_helpers.tpl +++ b/helm/ngrok-operator/templates/_helpers.tpl @@ -2,14 +2,14 @@ {{/* Expand the name of the chart. */}} -{{- define "kubernetes-ingress-controller.name" -}} +{{- define "ngrok-operator.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} {{- end -}} {{/* Create chart name and version as used by the chart label. */}} -{{- define "kubernetes-ingress-controller.chart" -}} +{{- define "ngrok-operator.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} @@ -17,7 +17,7 @@ Create chart name and version as used by the chart label. Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). */}} -{{- define "kubernetes-ingress-controller.fullname" -}} +{{- define "ngrok-operator.fullname" -}} {{- if .Values.fullnameOverride -}} {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} {{- else -}} @@ -33,24 +33,24 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this {{/* Create a default name for the credentials secret name using the helm release */}} -{{- define "kubernetes-ingress-controller.credentialsSecretName" -}} +{{- define "ngrok-operator.credentialsSecretName" -}} {{- if .Values.credentials.secret.name -}} {{- .Values.credentials.secret.name -}} {{- else -}} -{{- printf "%s-credentials" (include "kubernetes-ingress-controller.fullname" .) -}} +{{- printf "%s-credentials" (include "ngrok-operator.fullname" .) -}} {{- end -}} {{- end -}} {{/* Common labels */}} -{{- define "kubernetes-ingress-controller.labels" -}} -helm.sh/chart: {{ include "kubernetes-ingress-controller.chart" . }} -{{ include "kubernetes-ingress-controller.selectorLabels" . }} +{{- define "ngrok-operator.labels" -}} +helm.sh/chart: {{ include "ngrok-operator.chart" . }} +{{ include "ngrok-operator.selectorLabels" . }} {{- if .Chart.AppVersion }} app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} {{- end }} -app.kubernetes.io/part-of: {{ template "kubernetes-ingress-controller.name" . }} +app.kubernetes.io/part-of: {{ template "ngrok-operator.name" . }} app.kubernetes.io/managed-by: {{ .Release.Service }} {{- if .Values.commonLabels}} {{ toYaml .Values.commonLabels }} @@ -60,26 +60,26 @@ app.kubernetes.io/managed-by: {{ .Release.Service }} {{/* Selector labels */}} -{{- define "kubernetes-ingress-controller.selectorLabels" -}} -app.kubernetes.io/name: {{ include "kubernetes-ingress-controller.name" . }} +{{- define "ngrok-operator.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ngrok-operator.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end -}} {{/* Create the name of the controller service account to use */}} -{{- define "kubernetes-ingress-controller.serviceAccountName" -}} +{{- define "ngrok-operator.serviceAccountName" -}} {{- if .Values.serviceAccount.create -}} - {{ default (include "kubernetes-ingress-controller.fullname" .) .Values.serviceAccount.name }} + {{ default (include "ngrok-operator.fullname" .) .Values.serviceAccount.name }} {{- else -}} {{ default "default" .Values.serviceAccount.name }} {{- end -}} {{- end -}} {{/* -Return the ngrok/ingress-controller image name +Return the ngrok operator image name */}} -{{- define "kubernetes-ingress-controller.image" -}} +{{- define "ngrok-operator.image" -}} {{- $registryName := .Values.image.registry -}} {{- $repositoryName := .Values.image.repository -}} {{- $tag := .Values.image.tag | default .Chart.AppVersion | toString -}} diff --git a/helm/ingress-controller/templates/controller-cm.yaml b/helm/ngrok-operator/templates/controller-cm.yaml similarity index 68% rename from helm/ingress-controller/templates/controller-cm.yaml rename to helm/ngrok-operator/templates/controller-cm.yaml index 88728341..c6d81dca 100644 --- a/helm/ingress-controller/templates/controller-cm.yaml +++ b/helm/ngrok-operator/templates/controller-cm.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "kubernetes-ingress-controller.fullname" . }}-manager-config + name: {{ include "ngrok-operator.fullname" . }}-manager-config namespace: {{ .Release.Namespace }} data: controller_manager_config.yaml: | @@ -13,4 +13,4 @@ data: bindAddress: 127.0.0.1:8080 leaderElection: leaderElect: true - resourceName: {{ include "kubernetes-ingress-controller.fullname" . }}-leader + resourceName: {{ include "ngrok-operator.fullname" . }}-leader diff --git a/helm/ingress-controller/templates/controller-deployment.yaml b/helm/ngrok-operator/templates/controller-deployment.yaml similarity index 85% rename from helm/ingress-controller/templates/controller-deployment.yaml rename to helm/ngrok-operator/templates/controller-deployment.yaml index 508a228f..ccc3c418 100644 --- a/helm/ingress-controller/templates/controller-deployment.yaml +++ b/helm/ngrok-operator/templates/controller-deployment.yaml @@ -3,9 +3,9 @@ apiVersion: apps/v1 kind: Deployment metadata: labels: - {{- include "kubernetes-ingress-controller.labels" . | nindent 4 }} + {{- include "ngrok-operator.labels" . | nindent 4 }} app.kubernetes.io/component: {{ $component }} - name: {{ include "kubernetes-ingress-controller.fullname" . }}-manager + name: {{ include "ngrok-operator.fullname" . }}-manager namespace: {{ .Release.Namespace }} annotations: checksum/controller-role: {{ include (print $.Template.BasePath "/rbac/role.yaml") . | sha256sum }} @@ -14,7 +14,7 @@ spec: replicas: {{.Values.replicaCount}} selector: matchLabels: - {{- include "kubernetes-ingress-controller.selectorLabels" . | nindent 6 }} + {{- include "ngrok-operator.selectorLabels" . | nindent 6 }} {{- if .Values.podLabels }} {{- toYaml .Values.podLabels | nindent 6 }} {{- end }} @@ -32,7 +32,7 @@ spec: checksum/rbac: {{ include (print $.Template.BasePath "/controller-rbac.yaml") . | sha256sum }} checksum/secret: {{ include (print $.Template.BasePath "/credentials-secret.yaml") . | sha256sum }} labels: - {{- include "kubernetes-ingress-controller.selectorLabels" . | nindent 8 }} + {{- include "ngrok-operator.selectorLabels" . | nindent 8 }} {{- if .Values.podLabels }} {{- toYaml .Values.podLabels | nindent 8 }} {{- end }} @@ -49,14 +49,14 @@ spec: podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "component" $component "context" $) | nindent 10 }} nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }} {{- end }} - serviceAccountName: {{ template "kubernetes-ingress-controller.serviceAccountName" . }} + serviceAccountName: {{ template "ngrok-operator.serviceAccountName" . }} {{- if .Values.image.pullSecrets }} imagePullSecrets: {{- toYaml .Values.image.pullSecrets | nindent 8 }} {{- end }} containers: - - name: ngrok-ingress-controller - image: {{ include "kubernetes-ingress-controller.image" . }} + - name: ngrok-operator + image: {{ include "ngrok-operator.image" . }} imagePullPolicy: {{ .Values.image.pullPolicy }} command: - /manager @@ -95,8 +95,8 @@ spec: - --zap-encoder={{ .Values.log.format }} - --health-probe-bind-address=:8081 - --metrics-bind-address=:8080 - - --election-id={{ include "kubernetes-ingress-controller.fullname" . }}-leader - - --manager-name={{ include "kubernetes-ingress-controller.fullname" . }}-manager + - --election-id={{ include "ngrok-operator.fullname" . }}-leader + - --manager-name={{ include "ngrok-operator.fullname" . }}-manager {{- if .Values.clusterDomain }} - --cluster-domain={{ .Values.clusterDomain }} {{- end }} @@ -107,12 +107,12 @@ spec: valueFrom: secretKeyRef: key: API_KEY - name: {{ include "kubernetes-ingress-controller.credentialsSecretName" . }} + name: {{ include "ngrok-operator.credentialsSecretName" . }} - name: NGROK_AUTHTOKEN valueFrom: secretKeyRef: key: AUTHTOKEN - name: {{ include "kubernetes-ingress-controller.credentialsSecretName" . }} + name: {{ include "ngrok-operator.credentialsSecretName" . }} - name: POD_NAMESPACE valueFrom: fieldRef: diff --git a/helm/ingress-controller/templates/controller-pdb.yaml b/helm/ngrok-operator/templates/controller-pdb.yaml similarity index 75% rename from helm/ingress-controller/templates/controller-pdb.yaml rename to helm/ngrok-operator/templates/controller-pdb.yaml index 7046631a..8a9eac5e 100644 --- a/helm/ingress-controller/templates/controller-pdb.yaml +++ b/helm/ngrok-operator/templates/controller-pdb.yaml @@ -4,10 +4,10 @@ apiVersion: policy/v1 kind: PodDisruptionBudget metadata: - name: {{ include "kubernetes-ingress-controller.fullname" . }}-controller-pdb + name: {{ include "ngrok-operator.fullname" . }}-controller-pdb namespace: {{ .Release.Namespace | quote }} labels: - {{- include "kubernetes-ingress-controller.labels" . | nindent 4 }} + {{- include "ngrok-operator.labels" . | nindent 4 }} app.kubernetes.io/component: {{ $component }} spec: {{- if .Values.podDisruptionBudget.minAvailable }} @@ -18,7 +18,7 @@ spec: {{- end }} selector: matchLabels: - {{- include "kubernetes-ingress-controller.selectorLabels" . | nindent 6 }} + {{- include "ngrok-operator.selectorLabels" . | nindent 6 }} {{- if .Values.podLabels }} {{- toYaml .Values.podLabels | nindent 6 }} {{- end }} diff --git a/helm/ingress-controller/templates/controller-rbac.yaml b/helm/ngrok-operator/templates/controller-rbac.yaml similarity index 68% rename from helm/ingress-controller/templates/controller-rbac.yaml rename to helm/ngrok-operator/templates/controller-rbac.yaml index 82fade5c..903948e3 100644 --- a/helm/ingress-controller/templates/controller-rbac.yaml +++ b/helm/ngrok-operator/templates/controller-rbac.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: ngrok-ingress-controller-leader-election-role + name: ngrok-operator-leader-election-role namespace: {{ .Release.Namespace }} rules: - apiGroups: @@ -40,7 +40,7 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: ngrok-ingress-controller-proxy-role + name: ngrok-operator-proxy-role rules: - apiGroups: - authentication.k8s.io @@ -58,39 +58,39 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: ngrok-ingress-controller-leader-election-rolebinding + name: ngrok-operator-leader-election-rolebinding namespace: {{ .Release.Namespace }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: ngrok-ingress-controller-leader-election-role + name: ngrok-operator-leader-election-role subjects: - kind: ServiceAccount - name: {{ template "kubernetes-ingress-controller.serviceAccountName" . }} + name: {{ template "ngrok-operator.serviceAccountName" . }} namespace: {{ .Release.Namespace }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: ngrok-ingress-controller-manager-rolebinding + name: ngrok-operator-manager-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: ngrok-ingress-controller-manager-role + name: ngrok-operator-manager-role subjects: - kind: ServiceAccount - name: {{ template "kubernetes-ingress-controller.serviceAccountName" . }} + name: {{ template "ngrok-operator.serviceAccountName" . }} namespace: {{ .Release.Namespace }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: ngrok-ingress-controller-proxy-rolebinding + name: ngrok-operator-proxy-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: ngrok-ingress-controller-proxy-role + name: ngrok-operator-proxy-role subjects: - kind: ServiceAccount - name: {{ template "kubernetes-ingress-controller.serviceAccountName" . }} + name: {{ template "ngrok-operator.serviceAccountName" . }} namespace: {{ .Release.Namespace }} diff --git a/helm/ingress-controller/templates/controller-serviceaccount.yaml b/helm/ngrok-operator/templates/controller-serviceaccount.yaml similarity index 69% rename from helm/ingress-controller/templates/controller-serviceaccount.yaml rename to helm/ngrok-operator/templates/controller-serviceaccount.yaml index d80a5d8c..ffa5f161 100644 --- a/helm/ingress-controller/templates/controller-serviceaccount.yaml +++ b/helm/ngrok-operator/templates/controller-serviceaccount.yaml @@ -3,10 +3,10 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: {{ template "kubernetes-ingress-controller.serviceAccountName" . }} + name: {{ template "ngrok-operator.serviceAccountName" . }} namespace: {{ .Release.Namespace }} labels: - {{- include "kubernetes-ingress-controller.labels" . | nindent 4 }} + {{- include "ngrok-operator.labels" . | nindent 4 }} app.kubernetes.io/component: controller {{- if .Values.serviceAccount.annotations }} annotations: diff --git a/helm/ingress-controller/templates/crds/ingress.k8s.ngrok.com_domains.yaml b/helm/ngrok-operator/templates/crds/ingress.k8s.ngrok.com_domains.yaml similarity index 100% rename from helm/ingress-controller/templates/crds/ingress.k8s.ngrok.com_domains.yaml rename to helm/ngrok-operator/templates/crds/ingress.k8s.ngrok.com_domains.yaml diff --git a/helm/ingress-controller/templates/crds/ingress.k8s.ngrok.com_httpsedges.yaml b/helm/ngrok-operator/templates/crds/ingress.k8s.ngrok.com_httpsedges.yaml similarity index 100% rename from helm/ingress-controller/templates/crds/ingress.k8s.ngrok.com_httpsedges.yaml rename to helm/ngrok-operator/templates/crds/ingress.k8s.ngrok.com_httpsedges.yaml diff --git a/helm/ingress-controller/templates/crds/ingress.k8s.ngrok.com_ippolicies.yaml b/helm/ngrok-operator/templates/crds/ingress.k8s.ngrok.com_ippolicies.yaml similarity index 100% rename from helm/ingress-controller/templates/crds/ingress.k8s.ngrok.com_ippolicies.yaml rename to helm/ngrok-operator/templates/crds/ingress.k8s.ngrok.com_ippolicies.yaml diff --git a/helm/ingress-controller/templates/crds/ingress.k8s.ngrok.com_ngrokmodulesets.yaml b/helm/ngrok-operator/templates/crds/ingress.k8s.ngrok.com_ngrokmodulesets.yaml similarity index 100% rename from helm/ingress-controller/templates/crds/ingress.k8s.ngrok.com_ngrokmodulesets.yaml rename to helm/ngrok-operator/templates/crds/ingress.k8s.ngrok.com_ngrokmodulesets.yaml diff --git a/helm/ingress-controller/templates/crds/ingress.k8s.ngrok.com_tcpedges.yaml b/helm/ngrok-operator/templates/crds/ingress.k8s.ngrok.com_tcpedges.yaml similarity index 100% rename from helm/ingress-controller/templates/crds/ingress.k8s.ngrok.com_tcpedges.yaml rename to helm/ngrok-operator/templates/crds/ingress.k8s.ngrok.com_tcpedges.yaml diff --git a/helm/ingress-controller/templates/crds/ingress.k8s.ngrok.com_tlsedges.yaml b/helm/ngrok-operator/templates/crds/ingress.k8s.ngrok.com_tlsedges.yaml similarity index 100% rename from helm/ingress-controller/templates/crds/ingress.k8s.ngrok.com_tlsedges.yaml rename to helm/ngrok-operator/templates/crds/ingress.k8s.ngrok.com_tlsedges.yaml diff --git a/helm/ingress-controller/templates/crds/ingress.k8s.ngrok.com_tunnels.yaml b/helm/ngrok-operator/templates/crds/ingress.k8s.ngrok.com_tunnels.yaml similarity index 100% rename from helm/ingress-controller/templates/crds/ingress.k8s.ngrok.com_tunnels.yaml rename to helm/ngrok-operator/templates/crds/ingress.k8s.ngrok.com_tunnels.yaml diff --git a/helm/ingress-controller/templates/crds/ngrok.k8s.ngrok.com_ngroktrafficpolicies.yaml b/helm/ngrok-operator/templates/crds/ngrok.k8s.ngrok.com_ngroktrafficpolicies.yaml similarity index 100% rename from helm/ingress-controller/templates/crds/ngrok.k8s.ngrok.com_ngroktrafficpolicies.yaml rename to helm/ngrok-operator/templates/crds/ngrok.k8s.ngrok.com_ngroktrafficpolicies.yaml diff --git a/helm/ingress-controller/templates/credentials-secret.yaml b/helm/ngrok-operator/templates/credentials-secret.yaml similarity index 83% rename from helm/ingress-controller/templates/credentials-secret.yaml rename to helm/ngrok-operator/templates/credentials-secret.yaml index c6c7286e..73615691 100644 --- a/helm/ingress-controller/templates/credentials-secret.yaml +++ b/helm/ngrok-operator/templates/credentials-secret.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ include "kubernetes-ingress-controller.credentialsSecretName" .}} + name: {{ include "ngrok-operator.credentialsSecretName" .}} namespace: {{ .Release.Namespace }} type: Opaque data: diff --git a/helm/ingress-controller/templates/ingress-class.yaml b/helm/ngrok-operator/templates/ingress-class.yaml similarity index 84% rename from helm/ingress-controller/templates/ingress-class.yaml rename to helm/ngrok-operator/templates/ingress-class.yaml index 0932b470..8d966b0a 100644 --- a/helm/ingress-controller/templates/ingress-class.yaml +++ b/helm/ngrok-operator/templates/ingress-class.yaml @@ -3,7 +3,7 @@ apiVersion: networking.k8s.io/v1 kind: IngressClass metadata: labels: - {{- include "kubernetes-ingress-controller.labels" . | nindent 4 }} + {{- include "ngrok-operator.labels" . | nindent 4 }} app.kubernetes.io/component: controller name: {{ .Values.ingressClass.name }} {{- if .Values.ingressClass.default }} diff --git a/helm/ingress-controller/templates/rbac/domain_editor_role.yaml b/helm/ngrok-operator/templates/rbac/domain_editor_role.yaml similarity index 71% rename from helm/ingress-controller/templates/rbac/domain_editor_role.yaml rename to helm/ngrok-operator/templates/rbac/domain_editor_role.yaml index 88e527a3..bed78abf 100644 --- a/helm/ingress-controller/templates/rbac/domain_editor_role.yaml +++ b/helm/ngrok-operator/templates/rbac/domain_editor_role.yaml @@ -3,9 +3,9 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: - {{- include "kubernetes-ingress-controller.labels" . | nindent 4 }} + {{- include "ngrok-operator.labels" . | nindent 4 }} app.kubernetes.io/component: rbac - name: {{ include "kubernetes-ingress-controller.fullname" . }}-domain-editor-role + name: {{ include "ngrok-operator.fullname" . }}-domain-editor-role rules: - apiGroups: - ingress.k8s.ngrok.com diff --git a/helm/ingress-controller/templates/rbac/domain_viewer_role.yaml b/helm/ngrok-operator/templates/rbac/domain_viewer_role.yaml similarity index 69% rename from helm/ingress-controller/templates/rbac/domain_viewer_role.yaml rename to helm/ngrok-operator/templates/rbac/domain_viewer_role.yaml index bf5f5196..66810d4b 100644 --- a/helm/ingress-controller/templates/rbac/domain_viewer_role.yaml +++ b/helm/ngrok-operator/templates/rbac/domain_viewer_role.yaml @@ -3,9 +3,9 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: - {{- include "kubernetes-ingress-controller.labels" . | nindent 4 }} + {{- include "ngrok-operator.labels" . | nindent 4 }} app.kubernetes.io/component: rbac - name: {{ include "kubernetes-ingress-controller.fullname" . }}-domain-viewer-role + name: {{ include "ngrok-operator.fullname" . }}-domain-viewer-role rules: - apiGroups: - ingress.k8s.ngrok.com diff --git a/helm/ingress-controller/templates/rbac/httpsedge_editor_role.yaml b/helm/ngrok-operator/templates/rbac/httpsedge_editor_role.yaml similarity index 83% rename from helm/ingress-controller/templates/rbac/httpsedge_editor_role.yaml rename to helm/ngrok-operator/templates/rbac/httpsedge_editor_role.yaml index d4d38315..0cf97aa7 100644 --- a/helm/ingress-controller/templates/rbac/httpsedge_editor_role.yaml +++ b/helm/ngrok-operator/templates/rbac/httpsedge_editor_role.yaml @@ -6,8 +6,8 @@ metadata: app.kubernetes.io/name: clusterrole app.kubernetes.io/instance: httpsedge-editor-role app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: ngrok-ingress-controller - app.kubernetes.io/part-of: ngrok-ingress-controller + app.kubernetes.io/created-by: ngrok-operator + app.kubernetes.io/part-of: ngrok-operator app.kubernetes.io/managed-by: kustomize name: httpsedge-editor-role rules: diff --git a/helm/ingress-controller/templates/rbac/httpsedge_viewer_role.yaml b/helm/ngrok-operator/templates/rbac/httpsedge_viewer_role.yaml similarity index 82% rename from helm/ingress-controller/templates/rbac/httpsedge_viewer_role.yaml rename to helm/ngrok-operator/templates/rbac/httpsedge_viewer_role.yaml index 8d01cd72..eed2aee7 100644 --- a/helm/ingress-controller/templates/rbac/httpsedge_viewer_role.yaml +++ b/helm/ngrok-operator/templates/rbac/httpsedge_viewer_role.yaml @@ -6,8 +6,8 @@ metadata: app.kubernetes.io/name: clusterrole app.kubernetes.io/instance: httpsedge-viewer-role app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: ngrok-ingress-controller - app.kubernetes.io/part-of: ngrok-ingress-controller + app.kubernetes.io/created-by: ngrok-operator + app.kubernetes.io/part-of: ngrok-operator app.kubernetes.io/managed-by: kustomize name: httpsedge-viewer-role rules: diff --git a/helm/ingress-controller/templates/rbac/ippolicy_editor_role.yaml b/helm/ngrok-operator/templates/rbac/ippolicy_editor_role.yaml similarity index 83% rename from helm/ingress-controller/templates/rbac/ippolicy_editor_role.yaml rename to helm/ngrok-operator/templates/rbac/ippolicy_editor_role.yaml index a8aa5ebe..2a900a06 100644 --- a/helm/ingress-controller/templates/rbac/ippolicy_editor_role.yaml +++ b/helm/ngrok-operator/templates/rbac/ippolicy_editor_role.yaml @@ -6,8 +6,8 @@ metadata: app.kubernetes.io/name: clusterrole app.kubernetes.io/instance: ippolicy-editor-role app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: ngrok-ingress-controller - app.kubernetes.io/part-of: ngrok-ingress-controller + app.kubernetes.io/created-by: ngrok-operator + app.kubernetes.io/part-of: ngrok-operator app.kubernetes.io/managed-by: kustomize name: ippolicy-editor-role rules: diff --git a/helm/ingress-controller/templates/rbac/ippolicy_viewer_role.yaml b/helm/ngrok-operator/templates/rbac/ippolicy_viewer_role.yaml similarity index 82% rename from helm/ingress-controller/templates/rbac/ippolicy_viewer_role.yaml rename to helm/ngrok-operator/templates/rbac/ippolicy_viewer_role.yaml index a83a34ab..5233d51c 100644 --- a/helm/ingress-controller/templates/rbac/ippolicy_viewer_role.yaml +++ b/helm/ngrok-operator/templates/rbac/ippolicy_viewer_role.yaml @@ -6,8 +6,8 @@ metadata: app.kubernetes.io/name: clusterrole app.kubernetes.io/instance: ippolicy-viewer-role app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: ngrok-ingress-controller - app.kubernetes.io/part-of: ngrok-ingress-controller + app.kubernetes.io/created-by: ngrok-operator + app.kubernetes.io/part-of: ngrok-operator app.kubernetes.io/managed-by: kustomize name: ippolicy-viewer-role rules: diff --git a/helm/ingress-controller/templates/rbac/ngrokmoduleset_editor_role.yaml b/helm/ngrok-operator/templates/rbac/ngrokmoduleset_editor_role.yaml similarity index 82% rename from helm/ingress-controller/templates/rbac/ngrokmoduleset_editor_role.yaml rename to helm/ngrok-operator/templates/rbac/ngrokmoduleset_editor_role.yaml index c8d5f163..b04f1661 100644 --- a/helm/ingress-controller/templates/rbac/ngrokmoduleset_editor_role.yaml +++ b/helm/ngrok-operator/templates/rbac/ngrokmoduleset_editor_role.yaml @@ -6,8 +6,8 @@ metadata: app.kubernetes.io/name: clusterrole app.kubernetes.io/instance: ngrokmoduleset-editor-role app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: kubernetes-ingress-controller - app.kubernetes.io/part-of: kubernetes-ingress-controller + app.kubernetes.io/created-by: ngrok-operator + app.kubernetes.io/part-of: ngrok-operator app.kubernetes.io/managed-by: kustomize name: ngrokmoduleset-editor-role rules: diff --git a/helm/ingress-controller/templates/rbac/ngrokmoduleset_viewer_role.yaml b/helm/ngrok-operator/templates/rbac/ngrokmoduleset_viewer_role.yaml similarity index 81% rename from helm/ingress-controller/templates/rbac/ngrokmoduleset_viewer_role.yaml rename to helm/ngrok-operator/templates/rbac/ngrokmoduleset_viewer_role.yaml index a9948ad4..be9de07a 100644 --- a/helm/ingress-controller/templates/rbac/ngrokmoduleset_viewer_role.yaml +++ b/helm/ngrok-operator/templates/rbac/ngrokmoduleset_viewer_role.yaml @@ -6,8 +6,8 @@ metadata: app.kubernetes.io/name: clusterrole app.kubernetes.io/instance: ngrokmoduleset-viewer-role app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: kubernetes-ingress-controller - app.kubernetes.io/part-of: kubernetes-ingress-controller + app.kubernetes.io/created-by: ngrok-operator + app.kubernetes.io/part-of: ngrok-operator app.kubernetes.io/managed-by: kustomize name: ngrokmoduleset-viewer-role rules: diff --git a/helm/ingress-controller/templates/rbac/role.yaml b/helm/ngrok-operator/templates/rbac/role.yaml similarity index 98% rename from helm/ingress-controller/templates/rbac/role.yaml rename to helm/ngrok-operator/templates/rbac/role.yaml index 4b05ac60..5ca5ab48 100644 --- a/helm/ingress-controller/templates/rbac/role.yaml +++ b/helm/ngrok-operator/templates/rbac/role.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: ngrok-ingress-controller-manager-role + name: ngrok-operator-manager-role rules: - apiGroups: - "" diff --git a/helm/ingress-controller/templates/rbac/tcpedge_editor_role.yaml b/helm/ngrok-operator/templates/rbac/tcpedge_editor_role.yaml similarity index 83% rename from helm/ingress-controller/templates/rbac/tcpedge_editor_role.yaml rename to helm/ngrok-operator/templates/rbac/tcpedge_editor_role.yaml index 2e49847f..45de0523 100644 --- a/helm/ingress-controller/templates/rbac/tcpedge_editor_role.yaml +++ b/helm/ngrok-operator/templates/rbac/tcpedge_editor_role.yaml @@ -6,8 +6,8 @@ metadata: app.kubernetes.io/name: clusterrole app.kubernetes.io/instance: tcpedge-editor-role app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: ngrok-ingress-controller - app.kubernetes.io/part-of: ngrok-ingress-controller + app.kubernetes.io/created-by: ngrok-operator + app.kubernetes.io/part-of: ngrok-operator app.kubernetes.io/managed-by: kustomize name: tcpedge-editor-role rules: diff --git a/helm/ingress-controller/templates/rbac/tcpedge_viewer_role.yaml b/helm/ngrok-operator/templates/rbac/tcpedge_viewer_role.yaml similarity index 82% rename from helm/ingress-controller/templates/rbac/tcpedge_viewer_role.yaml rename to helm/ngrok-operator/templates/rbac/tcpedge_viewer_role.yaml index b8eb5ef1..461e457b 100644 --- a/helm/ingress-controller/templates/rbac/tcpedge_viewer_role.yaml +++ b/helm/ngrok-operator/templates/rbac/tcpedge_viewer_role.yaml @@ -6,8 +6,8 @@ metadata: app.kubernetes.io/name: clusterrole app.kubernetes.io/instance: tcpedge-viewer-role app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: ngrok-ingress-controller - app.kubernetes.io/part-of: ngrok-ingress-controller + app.kubernetes.io/created-by: ngrok-operator + app.kubernetes.io/part-of: ngrok-operator app.kubernetes.io/managed-by: kustomize name: tcpedge-viewer-role rules: diff --git a/helm/ingress-controller/templates/rbac/tlsedge_editor_role.yaml b/helm/ngrok-operator/templates/rbac/tlsedge_editor_role.yaml similarity index 83% rename from helm/ingress-controller/templates/rbac/tlsedge_editor_role.yaml rename to helm/ngrok-operator/templates/rbac/tlsedge_editor_role.yaml index 9d052319..6d85acca 100644 --- a/helm/ingress-controller/templates/rbac/tlsedge_editor_role.yaml +++ b/helm/ngrok-operator/templates/rbac/tlsedge_editor_role.yaml @@ -6,8 +6,8 @@ metadata: app.kubernetes.io/name: clusterrole app.kubernetes.io/instance: tlsedge-editor-role app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: ngrok-ingress-controller - app.kubernetes.io/part-of: ngrok-ingress-controller + app.kubernetes.io/created-by: ngrok-operator + app.kubernetes.io/part-of: ngrok-operator app.kubernetes.io/managed-by: kustomize name: tlsedge-editor-role rules: diff --git a/helm/ingress-controller/templates/rbac/tlsedge_viewer_role.yaml b/helm/ngrok-operator/templates/rbac/tlsedge_viewer_role.yaml similarity index 82% rename from helm/ingress-controller/templates/rbac/tlsedge_viewer_role.yaml rename to helm/ngrok-operator/templates/rbac/tlsedge_viewer_role.yaml index a9eb99d9..0d5998df 100644 --- a/helm/ingress-controller/templates/rbac/tlsedge_viewer_role.yaml +++ b/helm/ngrok-operator/templates/rbac/tlsedge_viewer_role.yaml @@ -6,8 +6,8 @@ metadata: app.kubernetes.io/name: clusterrole app.kubernetes.io/instance: tlsedge-viewer-role app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: ngrok-ingress-controller - app.kubernetes.io/part-of: ngrok-ingress-controller + app.kubernetes.io/created-by: ngrok-operator + app.kubernetes.io/part-of: ngrok-operator app.kubernetes.io/managed-by: kustomize name: tlsedge-viewer-role rules: diff --git a/helm/ingress-controller/templates/rbac/tunnel_editor_role.yaml b/helm/ngrok-operator/templates/rbac/tunnel_editor_role.yaml similarity index 71% rename from helm/ingress-controller/templates/rbac/tunnel_editor_role.yaml rename to helm/ngrok-operator/templates/rbac/tunnel_editor_role.yaml index ab727516..2e8d8801 100644 --- a/helm/ingress-controller/templates/rbac/tunnel_editor_role.yaml +++ b/helm/ngrok-operator/templates/rbac/tunnel_editor_role.yaml @@ -3,9 +3,9 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: - {{- include "kubernetes-ingress-controller.labels" . | nindent 4 }} + {{- include "ngrok-operator.labels" . | nindent 4 }} app.kubernetes.io/component: rbac - name: {{ include "kubernetes-ingress-controller.fullname" . }}-tunnel-editor-role + name: {{ include "ngrok-operator.fullname" . }}-tunnel-editor-role rules: - apiGroups: - ingress.k8s.ngrok.com diff --git a/helm/ingress-controller/templates/rbac/tunnel_viewer_role.yaml b/helm/ngrok-operator/templates/rbac/tunnel_viewer_role.yaml similarity index 69% rename from helm/ingress-controller/templates/rbac/tunnel_viewer_role.yaml rename to helm/ngrok-operator/templates/rbac/tunnel_viewer_role.yaml index dfdb4b6f..3710735a 100644 --- a/helm/ingress-controller/templates/rbac/tunnel_viewer_role.yaml +++ b/helm/ngrok-operator/templates/rbac/tunnel_viewer_role.yaml @@ -3,9 +3,9 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: - {{- include "kubernetes-ingress-controller.labels" . | nindent 4 }} + {{- include "ngrok-operator.labels" . | nindent 4 }} app.kubernetes.io/component: rbac - name: {{ include "kubernetes-ingress-controller.fullname" . }}-tunnel-viewer-role + name: {{ include "ngrok-operator.fullname" . }}-tunnel-viewer-role rules: - apiGroups: - ingress.k8s.ngrok.com diff --git a/helm/ingress-controller/tests/__snapshot__/agent-config-cm_test.yaml.snap b/helm/ngrok-operator/tests/__snapshot__/agent-config-cm_test.yaml.snap similarity index 74% rename from helm/ingress-controller/tests/__snapshot__/agent-config-cm_test.yaml.snap rename to helm/ngrok-operator/tests/__snapshot__/agent-config-cm_test.yaml.snap index 81f0388d..22fa9cb9 100644 --- a/helm/ingress-controller/tests/__snapshot__/agent-config-cm_test.yaml.snap +++ b/helm/ngrok-operator/tests/__snapshot__/agent-config-cm_test.yaml.snap @@ -7,5 +7,5 @@ Should match snapshot: REMOTE_MANAGEMENT: "" kind: ConfigMap metadata: - name: RELEASE-NAME-kubernetes-ingress-controller-agent-cm + name: RELEASE-NAME-ngrok-operator-agent-cm namespace: NAMESPACE diff --git a/helm/ingress-controller/tests/__snapshot__/controller-cm_test.yaml.snap b/helm/ngrok-operator/tests/__snapshot__/controller-cm_test.yaml.snap similarity index 74% rename from helm/ingress-controller/tests/__snapshot__/controller-cm_test.yaml.snap rename to helm/ngrok-operator/tests/__snapshot__/controller-cm_test.yaml.snap index e55b1ddc..ecb3b41b 100644 --- a/helm/ingress-controller/tests/__snapshot__/controller-cm_test.yaml.snap +++ b/helm/ngrok-operator/tests/__snapshot__/controller-cm_test.yaml.snap @@ -11,8 +11,8 @@ should match snapshot: bindAddress: 127.0.0.1:8080 leaderElection: leaderElect: true - resourceName: test-release-kubernetes-ingress-controller-leader + resourceName: test-release-ngrok-operator-leader kind: ConfigMap metadata: - name: test-release-kubernetes-ingress-controller-manager-config + name: test-release-ngrok-operator-manager-config namespace: test-namespace diff --git a/helm/ingress-controller/tests/__snapshot__/controller-deployment_test.yaml.snap b/helm/ngrok-operator/tests/__snapshot__/controller-deployment_test.yaml.snap similarity index 85% rename from helm/ingress-controller/tests/__snapshot__/controller-deployment_test.yaml.snap rename to helm/ngrok-operator/tests/__snapshot__/controller-deployment_test.yaml.snap index b45b21a8..a6143973 100644 --- a/helm/ingress-controller/tests/__snapshot__/controller-deployment_test.yaml.snap +++ b/helm/ngrok-operator/tests/__snapshot__/controller-deployment_test.yaml.snap @@ -4,17 +4,17 @@ Should match all-options snapshot: kind: Deployment metadata: annotations: - checksum/controller-role: 7a410be28b1592797fe68e262cc5a7c24a8c3c6aaff67b396203315b701818e7 - checksum/rbac: d31fdcb337a6f1ee71323040c2cbc4d5580d73ae5f7623cd19be57db97f748c1 + checksum/controller-role: ed37888050e245ffd6475cd4ffdb4f441de1c6be6c4f398ca6cc7f67b77cf8c3 + checksum/rbac: 5d27f1783f54a2ab8e69f9bfce35eef2348fda3f6455526619973781d9549322 labels: app.kubernetes.io/component: controller app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: kubernetes-ingress-controller - app.kubernetes.io/part-of: kubernetes-ingress-controller + app.kubernetes.io/name: ngrok-operator + app.kubernetes.io/part-of: ngrok-operator app.kubernetes.io/version: 0.12.2 - helm.sh/chart: kubernetes-ingress-controller-0.15.0 - name: RELEASE-NAME-kubernetes-ingress-controller-manager + helm.sh/chart: ngrok-operator-0.15.0 + name: RELEASE-NAME-ngrok-operator-manager namespace: NAMESPACE spec: replicas: 1 @@ -22,12 +22,12 @@ Should match all-options snapshot: matchLabels: app.kubernetes.io/component: controller app.kubernetes.io/instance: RELEASE-NAME - app.kubernetes.io/name: kubernetes-ingress-controller + app.kubernetes.io/name: ngrok-operator template: metadata: annotations: - checksum/controller-role: 7a410be28b1592797fe68e262cc5a7c24a8c3c6aaff67b396203315b701818e7 - checksum/rbac: d31fdcb337a6f1ee71323040c2cbc4d5580d73ae5f7623cd19be57db97f748c1 + checksum/controller-role: ed37888050e245ffd6475cd4ffdb4f441de1c6be6c4f398ca6cc7f67b77cf8c3 + checksum/rbac: 5d27f1783f54a2ab8e69f9bfce35eef2348fda3f6455526619973781d9549322 checksum/secret: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b prometheus.io/path: /metrics prometheus.io/port: "8080" @@ -35,7 +35,7 @@ Should match all-options snapshot: labels: app.kubernetes.io/component: controller app.kubernetes.io/instance: RELEASE-NAME - app.kubernetes.io/name: kubernetes-ingress-controller + app.kubernetes.io/name: ngrok-operator spec: affinity: nodeAffinity: null @@ -47,7 +47,7 @@ Should match all-options snapshot: matchLabels: app.kubernetes.io/component: controller app.kubernetes.io/instance: RELEASE-NAME - app.kubernetes.io/name: kubernetes-ingress-controller + app.kubernetes.io/name: ngrok-operator topologyKey: kubernetes.io/hostname weight: 1 containers: @@ -58,8 +58,8 @@ Should match all-options snapshot: - --zap-encoder=json - --health-probe-bind-address=:8081 - --metrics-bind-address=:8080 - - --election-id=RELEASE-NAME-kubernetes-ingress-controller-leader - - --manager-name=RELEASE-NAME-kubernetes-ingress-controller-manager + - --election-id=RELEASE-NAME-ngrok-operator-leader + - --manager-name=RELEASE-NAME-ngrok-operator-manager - --cluster-domain=svc.cluster.local command: - /manager @@ -68,12 +68,12 @@ Should match all-options snapshot: valueFrom: secretKeyRef: key: API_KEY - name: RELEASE-NAME-kubernetes-ingress-controller-credentials + name: RELEASE-NAME-ngrok-operator-credentials - name: NGROK_AUTHTOKEN valueFrom: secretKeyRef: key: AUTHTOKEN - name: RELEASE-NAME-kubernetes-ingress-controller-credentials + name: RELEASE-NAME-ngrok-operator-credentials - name: POD_NAMESPACE valueFrom: fieldRef: @@ -85,7 +85,7 @@ Should match all-options snapshot: value: test-value - name: TEST_ENV_VAR value: test - image: docker.io/ngrok/kubernetes-ingress-controller:0.12.2 + image: docker.io/ngrok/ngrok-operator:0.12.2 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -93,7 +93,7 @@ Should match all-options snapshot: port: 8081 initialDelaySeconds: 15 periodSeconds: 20 - name: ngrok-ingress-controller + name: ngrok-operator readinessProbe: httpGet: path: /readyz @@ -108,7 +108,7 @@ Should match all-options snapshot: volumeMounts: - mountPath: /test-volume name: test-volume - serviceAccountName: RELEASE-NAME-kubernetes-ingress-controller + serviceAccountName: RELEASE-NAME-ngrok-operator volumes: - emptyDir: {} name: test-volume @@ -116,7 +116,7 @@ Should match all-options snapshot: apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: ngrok-ingress-controller-leader-election-role + name: ngrok-operator-leader-election-role namespace: NAMESPACE rules: - apiGroups: @@ -154,7 +154,7 @@ Should match all-options snapshot: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: ngrok-ingress-controller-proxy-role + name: ngrok-operator-proxy-role rules: - apiGroups: - authentication.k8s.io @@ -172,47 +172,47 @@ Should match all-options snapshot: apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: ngrok-ingress-controller-leader-election-rolebinding + name: ngrok-operator-leader-election-rolebinding namespace: NAMESPACE roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: ngrok-ingress-controller-leader-election-role + name: ngrok-operator-leader-election-role subjects: - kind: ServiceAccount - name: RELEASE-NAME-kubernetes-ingress-controller + name: RELEASE-NAME-ngrok-operator namespace: NAMESPACE 5: | apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: ngrok-ingress-controller-manager-rolebinding + name: ngrok-operator-manager-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: ngrok-ingress-controller-manager-role + name: ngrok-operator-manager-role subjects: - kind: ServiceAccount - name: RELEASE-NAME-kubernetes-ingress-controller + name: RELEASE-NAME-ngrok-operator namespace: NAMESPACE 6: | apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: ngrok-ingress-controller-proxy-rolebinding + name: ngrok-operator-proxy-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: ngrok-ingress-controller-proxy-role + name: ngrok-operator-proxy-role subjects: - kind: ServiceAccount - name: RELEASE-NAME-kubernetes-ingress-controller + name: RELEASE-NAME-ngrok-operator namespace: NAMESPACE 7: | apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: ngrok-ingress-controller-manager-role + name: ngrok-operator-manager-role rules: - apiGroups: - "" @@ -544,17 +544,17 @@ Should match default snapshot: kind: Deployment metadata: annotations: - checksum/controller-role: 7a410be28b1592797fe68e262cc5a7c24a8c3c6aaff67b396203315b701818e7 - checksum/rbac: d31fdcb337a6f1ee71323040c2cbc4d5580d73ae5f7623cd19be57db97f748c1 + checksum/controller-role: ed37888050e245ffd6475cd4ffdb4f441de1c6be6c4f398ca6cc7f67b77cf8c3 + checksum/rbac: 5d27f1783f54a2ab8e69f9bfce35eef2348fda3f6455526619973781d9549322 labels: app.kubernetes.io/component: controller app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: kubernetes-ingress-controller - app.kubernetes.io/part-of: kubernetes-ingress-controller + app.kubernetes.io/name: ngrok-operator + app.kubernetes.io/part-of: ngrok-operator app.kubernetes.io/version: 0.12.2 - helm.sh/chart: kubernetes-ingress-controller-0.15.0 - name: RELEASE-NAME-kubernetes-ingress-controller-manager + helm.sh/chart: ngrok-operator-0.15.0 + name: RELEASE-NAME-ngrok-operator-manager namespace: NAMESPACE spec: replicas: 1 @@ -562,12 +562,12 @@ Should match default snapshot: matchLabels: app.kubernetes.io/component: controller app.kubernetes.io/instance: RELEASE-NAME - app.kubernetes.io/name: kubernetes-ingress-controller + app.kubernetes.io/name: ngrok-operator template: metadata: annotations: - checksum/controller-role: 7a410be28b1592797fe68e262cc5a7c24a8c3c6aaff67b396203315b701818e7 - checksum/rbac: d31fdcb337a6f1ee71323040c2cbc4d5580d73ae5f7623cd19be57db97f748c1 + checksum/controller-role: ed37888050e245ffd6475cd4ffdb4f441de1c6be6c4f398ca6cc7f67b77cf8c3 + checksum/rbac: 5d27f1783f54a2ab8e69f9bfce35eef2348fda3f6455526619973781d9549322 checksum/secret: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b prometheus.io/path: /metrics prometheus.io/port: "8080" @@ -575,7 +575,7 @@ Should match default snapshot: labels: app.kubernetes.io/component: controller app.kubernetes.io/instance: RELEASE-NAME - app.kubernetes.io/name: kubernetes-ingress-controller + app.kubernetes.io/name: ngrok-operator spec: affinity: nodeAffinity: null @@ -587,7 +587,7 @@ Should match default snapshot: matchLabels: app.kubernetes.io/component: controller app.kubernetes.io/instance: RELEASE-NAME - app.kubernetes.io/name: kubernetes-ingress-controller + app.kubernetes.io/name: ngrok-operator topologyKey: kubernetes.io/hostname weight: 1 containers: @@ -598,8 +598,8 @@ Should match default snapshot: - --zap-encoder=json - --health-probe-bind-address=:8081 - --metrics-bind-address=:8080 - - --election-id=RELEASE-NAME-kubernetes-ingress-controller-leader - - --manager-name=RELEASE-NAME-kubernetes-ingress-controller-manager + - --election-id=RELEASE-NAME-ngrok-operator-leader + - --manager-name=RELEASE-NAME-ngrok-operator-manager - --cluster-domain=svc.cluster.local command: - /manager @@ -608,17 +608,17 @@ Should match default snapshot: valueFrom: secretKeyRef: key: API_KEY - name: RELEASE-NAME-kubernetes-ingress-controller-credentials + name: RELEASE-NAME-ngrok-operator-credentials - name: NGROK_AUTHTOKEN valueFrom: secretKeyRef: key: AUTHTOKEN - name: RELEASE-NAME-kubernetes-ingress-controller-credentials + name: RELEASE-NAME-ngrok-operator-credentials - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - image: docker.io/ngrok/kubernetes-ingress-controller:0.12.2 + image: docker.io/ngrok/ngrok-operator:0.12.2 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -626,7 +626,7 @@ Should match default snapshot: port: 8081 initialDelaySeconds: 15 periodSeconds: 20 - name: ngrok-ingress-controller + name: ngrok-operator readinessProbe: httpGet: path: /readyz @@ -638,12 +638,12 @@ Should match default snapshot: requests: {} securityContext: allowPrivilegeEscalation: false - serviceAccountName: RELEASE-NAME-kubernetes-ingress-controller + serviceAccountName: RELEASE-NAME-ngrok-operator 2: | apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: ngrok-ingress-controller-leader-election-role + name: ngrok-operator-leader-election-role namespace: NAMESPACE rules: - apiGroups: @@ -681,7 +681,7 @@ Should match default snapshot: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: ngrok-ingress-controller-proxy-role + name: ngrok-operator-proxy-role rules: - apiGroups: - authentication.k8s.io @@ -699,47 +699,47 @@ Should match default snapshot: apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: ngrok-ingress-controller-leader-election-rolebinding + name: ngrok-operator-leader-election-rolebinding namespace: NAMESPACE roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: ngrok-ingress-controller-leader-election-role + name: ngrok-operator-leader-election-role subjects: - kind: ServiceAccount - name: RELEASE-NAME-kubernetes-ingress-controller + name: RELEASE-NAME-ngrok-operator namespace: NAMESPACE 5: | apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: ngrok-ingress-controller-manager-rolebinding + name: ngrok-operator-manager-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: ngrok-ingress-controller-manager-role + name: ngrok-operator-manager-role subjects: - kind: ServiceAccount - name: RELEASE-NAME-kubernetes-ingress-controller + name: RELEASE-NAME-ngrok-operator namespace: NAMESPACE 6: | apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: ngrok-ingress-controller-proxy-rolebinding + name: ngrok-operator-proxy-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: ngrok-ingress-controller-proxy-role + name: ngrok-operator-proxy-role subjects: - kind: ServiceAccount - name: RELEASE-NAME-kubernetes-ingress-controller + name: RELEASE-NAME-ngrok-operator namespace: NAMESPACE 7: | apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: ngrok-ingress-controller-manager-role + name: ngrok-operator-manager-role rules: - apiGroups: - "" diff --git a/helm/ingress-controller/tests/__snapshot__/controller-pdb_test.yaml.snap b/helm/ngrok-operator/tests/__snapshot__/controller-pdb_test.yaml.snap similarity index 60% rename from helm/ingress-controller/tests/__snapshot__/controller-pdb_test.yaml.snap rename to helm/ngrok-operator/tests/__snapshot__/controller-pdb_test.yaml.snap index 4b2e0224..cd0a0155 100644 --- a/helm/ingress-controller/tests/__snapshot__/controller-pdb_test.yaml.snap +++ b/helm/ngrok-operator/tests/__snapshot__/controller-pdb_test.yaml.snap @@ -7,11 +7,11 @@ should match snapshot: app.kubernetes.io/component: controller app.kubernetes.io/instance: test-release app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: kubernetes-ingress-controller - app.kubernetes.io/part-of: kubernetes-ingress-controller + app.kubernetes.io/name: ngrok-operator + app.kubernetes.io/part-of: ngrok-operator app.kubernetes.io/version: 0.12.2 - helm.sh/chart: kubernetes-ingress-controller-0.15.0 - name: test-release-kubernetes-ingress-controller-controller-pdb + helm.sh/chart: ngrok-operator-0.15.0 + name: test-release-ngrok-operator-controller-pdb namespace: test-namespace spec: maxUnavailable: 1 @@ -19,4 +19,4 @@ should match snapshot: matchLabels: app.kubernetes.io/component: controller app.kubernetes.io/instance: test-release - app.kubernetes.io/name: kubernetes-ingress-controller + app.kubernetes.io/name: ngrok-operator diff --git a/helm/ingress-controller/tests/__snapshot__/controller-rbac_test.yaml.snap b/helm/ngrok-operator/tests/__snapshot__/controller-rbac_test.yaml.snap similarity index 75% rename from helm/ingress-controller/tests/__snapshot__/controller-rbac_test.yaml.snap rename to helm/ngrok-operator/tests/__snapshot__/controller-rbac_test.yaml.snap index e236be78..393afcfa 100644 --- a/helm/ingress-controller/tests/__snapshot__/controller-rbac_test.yaml.snap +++ b/helm/ngrok-operator/tests/__snapshot__/controller-rbac_test.yaml.snap @@ -3,7 +3,7 @@ Should match snapshot: apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: ngrok-ingress-controller-leader-election-role + name: ngrok-operator-leader-election-role namespace: NAMESPACE rules: - apiGroups: @@ -41,7 +41,7 @@ Should match snapshot: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: ngrok-ingress-controller-proxy-role + name: ngrok-operator-proxy-role rules: - apiGroups: - authentication.k8s.io @@ -59,39 +59,39 @@ Should match snapshot: apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: ngrok-ingress-controller-leader-election-rolebinding + name: ngrok-operator-leader-election-rolebinding namespace: NAMESPACE roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: ngrok-ingress-controller-leader-election-role + name: ngrok-operator-leader-election-role subjects: - kind: ServiceAccount - name: RELEASE-NAME-kubernetes-ingress-controller + name: RELEASE-NAME-ngrok-operator namespace: NAMESPACE 4: | apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: ngrok-ingress-controller-manager-rolebinding + name: ngrok-operator-manager-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: ngrok-ingress-controller-manager-role + name: ngrok-operator-manager-role subjects: - kind: ServiceAccount - name: RELEASE-NAME-kubernetes-ingress-controller + name: RELEASE-NAME-ngrok-operator namespace: NAMESPACE 5: | apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: ngrok-ingress-controller-proxy-rolebinding + name: ngrok-operator-proxy-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: ngrok-ingress-controller-proxy-role + name: ngrok-operator-proxy-role subjects: - kind: ServiceAccount - name: RELEASE-NAME-kubernetes-ingress-controller + name: RELEASE-NAME-ngrok-operator namespace: NAMESPACE diff --git a/helm/ingress-controller/tests/__snapshot__/controller-serviceaccount_test.yaml.snap b/helm/ngrok-operator/tests/__snapshot__/controller-serviceaccount_test.yaml.snap similarity index 56% rename from helm/ingress-controller/tests/__snapshot__/controller-serviceaccount_test.yaml.snap rename to helm/ngrok-operator/tests/__snapshot__/controller-serviceaccount_test.yaml.snap index 4c0d7ff7..47513b2b 100644 --- a/helm/ingress-controller/tests/__snapshot__/controller-serviceaccount_test.yaml.snap +++ b/helm/ngrok-operator/tests/__snapshot__/controller-serviceaccount_test.yaml.snap @@ -7,9 +7,9 @@ Should match the snapshot: app.kubernetes.io/component: controller app.kubernetes.io/instance: test-release app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: kubernetes-ingress-controller - app.kubernetes.io/part-of: kubernetes-ingress-controller + app.kubernetes.io/name: ngrok-operator + app.kubernetes.io/part-of: ngrok-operator app.kubernetes.io/version: 0.12.2 - helm.sh/chart: kubernetes-ingress-controller-0.15.0 - name: test-release-kubernetes-ingress-controller + helm.sh/chart: ngrok-operator-0.15.0 + name: test-release-ngrok-operator namespace: test-namespace diff --git a/helm/ingress-controller/tests/__snapshot__/credentials-secret_test.yaml.snap b/helm/ngrok-operator/tests/__snapshot__/credentials-secret_test.yaml.snap similarity index 75% rename from helm/ingress-controller/tests/__snapshot__/credentials-secret_test.yaml.snap rename to helm/ngrok-operator/tests/__snapshot__/credentials-secret_test.yaml.snap index f75123de..6619843a 100644 --- a/helm/ingress-controller/tests/__snapshot__/credentials-secret_test.yaml.snap +++ b/helm/ngrok-operator/tests/__snapshot__/credentials-secret_test.yaml.snap @@ -6,6 +6,6 @@ Should match snapshot: AUTHTOKEN: dGVzdC1hdXRodG9rZW4= kind: Secret metadata: - name: RELEASE-NAME-kubernetes-ingress-controller-credentials + name: RELEASE-NAME-ngrok-operator-credentials namespace: NAMESPACE type: Opaque diff --git a/helm/ingress-controller/tests/__snapshot__/ingress-class_test.yaml.snap b/helm/ngrok-operator/tests/__snapshot__/ingress-class_test.yaml.snap similarity index 66% rename from helm/ingress-controller/tests/__snapshot__/ingress-class_test.yaml.snap rename to helm/ngrok-operator/tests/__snapshot__/ingress-class_test.yaml.snap index 84b6a201..1eaed97e 100644 --- a/helm/ingress-controller/tests/__snapshot__/ingress-class_test.yaml.snap +++ b/helm/ngrok-operator/tests/__snapshot__/ingress-class_test.yaml.snap @@ -7,10 +7,10 @@ Should match snapshot: app.kubernetes.io/component: controller app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: kubernetes-ingress-controller - app.kubernetes.io/part-of: kubernetes-ingress-controller + app.kubernetes.io/name: ngrok-operator + app.kubernetes.io/part-of: ngrok-operator app.kubernetes.io/version: 0.12.2 - helm.sh/chart: kubernetes-ingress-controller-0.15.0 + helm.sh/chart: ngrok-operator-0.15.0 name: ngrok spec: controller: k8s.ngrok.com/ingress-controller diff --git a/helm/ingress-controller/tests/controller-cm_test.yaml b/helm/ngrok-operator/tests/controller-cm_test.yaml similarity index 91% rename from helm/ingress-controller/tests/controller-cm_test.yaml rename to helm/ngrok-operator/tests/controller-cm_test.yaml index be83fd98..c0d77700 100644 --- a/helm/ingress-controller/tests/controller-cm_test.yaml +++ b/helm/ngrok-operator/tests/controller-cm_test.yaml @@ -27,7 +27,7 @@ tests: asserts: - equal: path: metadata.name - value: test-release-kubernetes-ingress-controller-manager-config + value: test-release-ngrok-operator-manager-config - it: Works when fullname is supplied set: fullnameOverride: fno diff --git a/helm/ingress-controller/tests/controller-deployment_test.yaml b/helm/ngrok-operator/tests/controller-deployment_test.yaml similarity index 98% rename from helm/ingress-controller/tests/controller-deployment_test.yaml rename to helm/ngrok-operator/tests/controller-deployment_test.yaml index aa4fc575..1780eba2 100644 --- a/helm/ingress-controller/tests/controller-deployment_test.yaml +++ b/helm/ngrok-operator/tests/controller-deployment_test.yaml @@ -138,7 +138,7 @@ tests: matchLabels: app.kubernetes.io/component: controller app.kubernetes.io/instance: RELEASE-NAME - app.kubernetes.io/name: kubernetes-ingress-controller + app.kubernetes.io/name: ngrok-operator topologyKey: kubernetes.io/hostname weight: 1 - it: Easily allows for setting a "hard" pod anti-affinity @@ -155,7 +155,7 @@ tests: matchLabels: app.kubernetes.io/component: controller app.kubernetes.io/instance: RELEASE-NAME - app.kubernetes.io/name: kubernetes-ingress-controller + app.kubernetes.io/name: ngrok-operator topologyKey: kubernetes.io/hostname - it: Allows overriding the full affinity template: controller-deployment.yaml diff --git a/helm/ingress-controller/tests/controller-pdb_test.yaml b/helm/ngrok-operator/tests/controller-pdb_test.yaml similarity index 100% rename from helm/ingress-controller/tests/controller-pdb_test.yaml rename to helm/ngrok-operator/tests/controller-pdb_test.yaml diff --git a/helm/ingress-controller/tests/controller-rbac_test.yaml b/helm/ngrok-operator/tests/controller-rbac_test.yaml similarity index 100% rename from helm/ingress-controller/tests/controller-rbac_test.yaml rename to helm/ngrok-operator/tests/controller-rbac_test.yaml diff --git a/helm/ingress-controller/tests/controller-serviceaccount_test.yaml b/helm/ngrok-operator/tests/controller-serviceaccount_test.yaml similarity index 100% rename from helm/ingress-controller/tests/controller-serviceaccount_test.yaml rename to helm/ngrok-operator/tests/controller-serviceaccount_test.yaml diff --git a/helm/ingress-controller/tests/credentials-secret_test.yaml b/helm/ngrok-operator/tests/credentials-secret_test.yaml similarity index 100% rename from helm/ingress-controller/tests/credentials-secret_test.yaml rename to helm/ngrok-operator/tests/credentials-secret_test.yaml diff --git a/helm/ingress-controller/tests/ingress-class_test.yaml b/helm/ngrok-operator/tests/ingress-class_test.yaml similarity index 100% rename from helm/ingress-controller/tests/ingress-class_test.yaml rename to helm/ngrok-operator/tests/ingress-class_test.yaml diff --git a/helm/ingress-controller/values.yaml b/helm/ngrok-operator/values.yaml similarity index 95% rename from helm/ingress-controller/values.yaml rename to helm/ngrok-operator/values.yaml index ba2ce840..19db0b5a 100644 --- a/helm/ingress-controller/values.yaml +++ b/helm/ngrok-operator/values.yaml @@ -25,14 +25,14 @@ podLabels: {} ## replicaCount: 1 -## @param image.registry The ngrok ingress controller image registry. -## @param image.repository The ngrok ingress controller image repository. -## @param image.tag The ngrok ingress controller image tag. Defaults to the chart's appVersion if not specified -## @param image.pullPolicy The ngrok ingress controller image pull policy. +## @param image.registry The ngrok operator image registry. +## @param image.repository The ngrok operator image repository. +## @param image.tag The ngrok operator image tag. Defaults to the chart's appVersion if not specified +## @param image.pullPolicy The ngrok operator image pull policy. ## @param image.pullSecrets An array of imagePullSecrets to be used when pulling the image. image: registry: docker.io - repository: ngrok/kubernetes-ingress-controller + repository: ngrok/ngrok-operator tag: "" pullPolicy: IfNotPresent ## Example diff --git a/internal/annotations/annotations.go b/internal/annotations/annotations.go index e927f233..3e4b6950 100644 --- a/internal/annotations/annotations.go +++ b/internal/annotations/annotations.go @@ -20,14 +20,14 @@ import ( "fmt" "github.com/imdario/mergo" - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" - "github.com/ngrok/kubernetes-ingress-controller/internal/annotations/compression" - "github.com/ngrok/kubernetes-ingress-controller/internal/annotations/headers" - "github.com/ngrok/kubernetes-ingress-controller/internal/annotations/ip_policies" - "github.com/ngrok/kubernetes-ingress-controller/internal/annotations/parser" - "github.com/ngrok/kubernetes-ingress-controller/internal/annotations/tls" - "github.com/ngrok/kubernetes-ingress-controller/internal/annotations/webhook_verification" - "github.com/ngrok/kubernetes-ingress-controller/internal/errors" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" + "github.com/ngrok/ngrok-operator/internal/annotations/compression" + "github.com/ngrok/ngrok-operator/internal/annotations/headers" + "github.com/ngrok/ngrok-operator/internal/annotations/ip_policies" + "github.com/ngrok/ngrok-operator/internal/annotations/parser" + "github.com/ngrok/ngrok-operator/internal/annotations/tls" + "github.com/ngrok/ngrok-operator/internal/annotations/webhook_verification" + "github.com/ngrok/ngrok-operator/internal/errors" networking "k8s.io/api/networking/v1" "k8s.io/klog/v2" "sigs.k8s.io/controller-runtime/pkg/client" diff --git a/internal/annotations/compression/compression.go b/internal/annotations/compression/compression.go index cbeea63d..a6c20c84 100644 --- a/internal/annotations/compression/compression.go +++ b/internal/annotations/compression/compression.go @@ -1,8 +1,8 @@ package compression import ( - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" - "github.com/ngrok/kubernetes-ingress-controller/internal/annotations/parser" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" + "github.com/ngrok/ngrok-operator/internal/annotations/parser" "sigs.k8s.io/controller-runtime/pkg/client" ) diff --git a/internal/annotations/compression/compression_test.go b/internal/annotations/compression/compression_test.go index cfae5ed5..90fe0cb7 100644 --- a/internal/annotations/compression/compression_test.go +++ b/internal/annotations/compression/compression_test.go @@ -3,10 +3,10 @@ package compression import ( "testing" - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" - "github.com/ngrok/kubernetes-ingress-controller/internal/annotations/parser" - "github.com/ngrok/kubernetes-ingress-controller/internal/annotations/testutil" - "github.com/ngrok/kubernetes-ingress-controller/internal/errors" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" + "github.com/ngrok/ngrok-operator/internal/annotations/parser" + "github.com/ngrok/ngrok-operator/internal/annotations/testutil" + "github.com/ngrok/ngrok-operator/internal/errors" "github.com/stretchr/testify/assert" ) diff --git a/internal/annotations/headers/headers.go b/internal/annotations/headers/headers.go index a1c0ac88..895f1369 100644 --- a/internal/annotations/headers/headers.go +++ b/internal/annotations/headers/headers.go @@ -1,9 +1,9 @@ package headers import ( - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" - "github.com/ngrok/kubernetes-ingress-controller/internal/annotations/parser" - "github.com/ngrok/kubernetes-ingress-controller/internal/errors" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" + "github.com/ngrok/ngrok-operator/internal/annotations/parser" + "github.com/ngrok/ngrok-operator/internal/errors" "sigs.k8s.io/controller-runtime/pkg/client" ) diff --git a/internal/annotations/headers/headers_test.go b/internal/annotations/headers/headers_test.go index 55a22ee6..17f9a906 100644 --- a/internal/annotations/headers/headers_test.go +++ b/internal/annotations/headers/headers_test.go @@ -3,9 +3,9 @@ package headers import ( "testing" - "github.com/ngrok/kubernetes-ingress-controller/internal/annotations/parser" - "github.com/ngrok/kubernetes-ingress-controller/internal/annotations/testutil" - "github.com/ngrok/kubernetes-ingress-controller/internal/errors" + "github.com/ngrok/ngrok-operator/internal/annotations/parser" + "github.com/ngrok/ngrok-operator/internal/annotations/testutil" + "github.com/ngrok/ngrok-operator/internal/errors" "github.com/stretchr/testify/assert" ) diff --git a/internal/annotations/ip_policies/ip_policy.go b/internal/annotations/ip_policies/ip_policy.go index cb5e0652..6d1747c9 100644 --- a/internal/annotations/ip_policies/ip_policy.go +++ b/internal/annotations/ip_policies/ip_policy.go @@ -1,8 +1,8 @@ package ip_policies import ( - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" - "github.com/ngrok/kubernetes-ingress-controller/internal/annotations/parser" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" + "github.com/ngrok/ngrok-operator/internal/annotations/parser" "sigs.k8s.io/controller-runtime/pkg/client" ) diff --git a/internal/annotations/ip_policies/ip_policy_test.go b/internal/annotations/ip_policies/ip_policy_test.go index 9a08ad72..fb85ff46 100644 --- a/internal/annotations/ip_policies/ip_policy_test.go +++ b/internal/annotations/ip_policies/ip_policy_test.go @@ -3,9 +3,9 @@ package ip_policies import ( "testing" - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" - "github.com/ngrok/kubernetes-ingress-controller/internal/annotations/parser" - "github.com/ngrok/kubernetes-ingress-controller/internal/annotations/testutil" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" + "github.com/ngrok/ngrok-operator/internal/annotations/parser" + "github.com/ngrok/ngrok-operator/internal/annotations/testutil" "github.com/stretchr/testify/assert" ) diff --git a/internal/annotations/parser/parser.go b/internal/annotations/parser/parser.go index f66ea0ee..c08c39a1 100644 --- a/internal/annotations/parser/parser.go +++ b/internal/annotations/parser/parser.go @@ -23,7 +23,7 @@ import ( "strconv" "strings" - "github.com/ngrok/kubernetes-ingress-controller/internal/errors" + "github.com/ngrok/ngrok-operator/internal/errors" "k8s.io/apimachinery/pkg/util/sets" "sigs.k8s.io/controller-runtime/pkg/client" ) diff --git a/internal/annotations/tls/tls.go b/internal/annotations/tls/tls.go index 92ef2eeb..6fd316f8 100644 --- a/internal/annotations/tls/tls.go +++ b/internal/annotations/tls/tls.go @@ -1,8 +1,8 @@ package tls import ( - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" - "github.com/ngrok/kubernetes-ingress-controller/internal/annotations/parser" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" + "github.com/ngrok/ngrok-operator/internal/annotations/parser" "sigs.k8s.io/controller-runtime/pkg/client" ) diff --git a/internal/annotations/tls/tls_test.go b/internal/annotations/tls/tls_test.go index 478260a2..ba9edaf2 100644 --- a/internal/annotations/tls/tls_test.go +++ b/internal/annotations/tls/tls_test.go @@ -3,9 +3,9 @@ package tls import ( "testing" - "github.com/ngrok/kubernetes-ingress-controller/internal/annotations/parser" - "github.com/ngrok/kubernetes-ingress-controller/internal/annotations/testutil" - "github.com/ngrok/kubernetes-ingress-controller/internal/errors" + "github.com/ngrok/ngrok-operator/internal/annotations/parser" + "github.com/ngrok/ngrok-operator/internal/annotations/testutil" + "github.com/ngrok/ngrok-operator/internal/errors" "github.com/stretchr/testify/assert" ) diff --git a/internal/annotations/webhook_verification/webhook_verification.go b/internal/annotations/webhook_verification/webhook_verification.go index d83db1b0..5313e861 100644 --- a/internal/annotations/webhook_verification/webhook_verification.go +++ b/internal/annotations/webhook_verification/webhook_verification.go @@ -1,8 +1,8 @@ package webhook_verification import ( - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" - "github.com/ngrok/kubernetes-ingress-controller/internal/annotations/parser" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" + "github.com/ngrok/ngrok-operator/internal/annotations/parser" "sigs.k8s.io/controller-runtime/pkg/client" ) diff --git a/internal/annotations/webhook_verification/webhook_verification_test.go b/internal/annotations/webhook_verification/webhook_verification_test.go index 017cb2c3..38b45a60 100644 --- a/internal/annotations/webhook_verification/webhook_verification_test.go +++ b/internal/annotations/webhook_verification/webhook_verification_test.go @@ -3,10 +3,10 @@ package webhook_verification import ( "testing" - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" - "github.com/ngrok/kubernetes-ingress-controller/internal/annotations/parser" - "github.com/ngrok/kubernetes-ingress-controller/internal/annotations/testutil" - "github.com/ngrok/kubernetes-ingress-controller/internal/errors" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" + "github.com/ngrok/ngrok-operator/internal/annotations/parser" + "github.com/ngrok/ngrok-operator/internal/annotations/testutil" + "github.com/ngrok/ngrok-operator/internal/errors" "github.com/stretchr/testify/assert" ) diff --git a/internal/controller/controllers/resolvers.go b/internal/controller/controllers/resolvers.go index 52ca4d27..caa3e138 100644 --- a/internal/controller/controllers/resolvers.go +++ b/internal/controller/controllers/resolvers.go @@ -5,7 +5,7 @@ import ( "fmt" "strings" - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/types" "sigs.k8s.io/controller-runtime/pkg/client" diff --git a/internal/controller/gateway/gateway_controller.go b/internal/controller/gateway/gateway_controller.go index 662c3294..01fc7811 100644 --- a/internal/controller/gateway/gateway_controller.go +++ b/internal/controller/gateway/gateway_controller.go @@ -34,9 +34,9 @@ import ( gatewayv1 "sigs.k8s.io/gateway-api/apis/v1" "github.com/go-logr/logr" - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" - "github.com/ngrok/kubernetes-ingress-controller/internal/controller/controllers" - "github.com/ngrok/kubernetes-ingress-controller/internal/store" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" + "github.com/ngrok/ngrok-operator/internal/controller/controllers" + "github.com/ngrok/ngrok-operator/internal/store" ) const ( diff --git a/internal/controller/gateway/httproute_controller.go b/internal/controller/gateway/httproute_controller.go index 16ad9543..1376f9cb 100644 --- a/internal/controller/gateway/httproute_controller.go +++ b/internal/controller/gateway/httproute_controller.go @@ -35,9 +35,9 @@ import ( gatewayv1 "sigs.k8s.io/gateway-api/apis/v1" "github.com/go-logr/logr" - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" - "github.com/ngrok/kubernetes-ingress-controller/internal/controller/controllers" - "github.com/ngrok/kubernetes-ingress-controller/internal/store" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" + "github.com/ngrok/ngrok-operator/internal/controller/controllers" + "github.com/ngrok/ngrok-operator/internal/store" ) // HTTPRouteReconciler reconciles a HTTPRoute object diff --git a/internal/controller/ingress/base_controller.go b/internal/controller/ingress/base_controller.go index 0d917848..8afc4e26 100644 --- a/internal/controller/ingress/base_controller.go +++ b/internal/controller/ingress/base_controller.go @@ -8,8 +8,8 @@ import ( "time" "github.com/go-logr/logr" - "github.com/ngrok/kubernetes-ingress-controller/internal/controller/controllers" "github.com/ngrok/ngrok-api-go/v5" + "github.com/ngrok/ngrok-operator/internal/controller/controllers" v1 "k8s.io/api/core/v1" "k8s.io/client-go/tools/record" ctrl "sigs.k8s.io/controller-runtime" diff --git a/internal/controller/ingress/domain_controller.go b/internal/controller/ingress/domain_controller.go index 9f14a9ce..5a822bbf 100644 --- a/internal/controller/ingress/domain_controller.go +++ b/internal/controller/ingress/domain_controller.go @@ -37,9 +37,9 @@ import ( "sigs.k8s.io/controller-runtime/pkg/reconcile" "github.com/go-logr/logr" - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" "github.com/ngrok/ngrok-api-go/v5" "github.com/ngrok/ngrok-api-go/v5/reserved_domains" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" ) // DomainReconciler reconciles a Domain object diff --git a/internal/controller/ingress/httpsedge_controller.go b/internal/controller/ingress/httpsedge_controller.go index 685a4c83..b55c89da 100644 --- a/internal/controller/ingress/httpsedge_controller.go +++ b/internal/controller/ingress/httpsedge_controller.go @@ -44,12 +44,12 @@ import ( "sigs.k8s.io/controller-runtime/pkg/reconcile" "github.com/go-logr/logr" - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" - "github.com/ngrok/kubernetes-ingress-controller/internal/controller/controllers" - ierr "github.com/ngrok/kubernetes-ingress-controller/internal/errors" - "github.com/ngrok/kubernetes-ingress-controller/internal/ngrokapi" "github.com/ngrok/ngrok-api-go/v5" "github.com/ngrok/ngrok-api-go/v5/backends/tunnel_group" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" + "github.com/ngrok/ngrok-operator/internal/controller/controllers" + ierr "github.com/ngrok/ngrok-operator/internal/errors" + "github.com/ngrok/ngrok-operator/internal/ngrokapi" ) type routeModuleComparision string @@ -227,7 +227,7 @@ func (r *HTTPSEdgeReconciler) reconcileRoutes(ctx context.Context, edge *ingress // It's important to note here that we are intentionally ommiting the `route.Backend` for new routes. // The success or failure of applying a route's modules is then strongly linked the state of its backend. // Thus, any route with a backend is considered properly configured. - // See https://github.com/ngrok/kubernetes-ingress-controller/issues/208 for additional context. + // See https://github.com/ngrok/ngrok-operator/issues/208 for additional context. if match == nil { routeLog.Info("Creating new route") req := &ngrok.HTTPSEdgeRouteCreate{ diff --git a/internal/controller/ingress/httpsedge_controller_test.go b/internal/controller/ingress/httpsedge_controller_test.go index b2a4263f..e7df0def 100644 --- a/internal/controller/ingress/httpsedge_controller_test.go +++ b/internal/controller/ingress/httpsedge_controller_test.go @@ -3,8 +3,8 @@ package controllers import ( "testing" - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" "github.com/ngrok/ngrok-api-go/v5" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" ) diff --git a/internal/controller/ingress/ingress_controller.go b/internal/controller/ingress/ingress_controller.go index 88c4dfcd..1ed04b8a 100644 --- a/internal/controller/ingress/ingress_controller.go +++ b/internal/controller/ingress/ingress_controller.go @@ -4,12 +4,12 @@ import ( "context" "github.com/go-logr/logr" - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" - ngrokv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ngrok/v1alpha1" - "github.com/ngrok/kubernetes-ingress-controller/internal/annotations" - "github.com/ngrok/kubernetes-ingress-controller/internal/controller/controllers" - internalerrors "github.com/ngrok/kubernetes-ingress-controller/internal/errors" - "github.com/ngrok/kubernetes-ingress-controller/internal/store" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" + ngrokv1alpha1 "github.com/ngrok/ngrok-operator/api/ngrok/v1alpha1" + "github.com/ngrok/ngrok-operator/internal/annotations" + "github.com/ngrok/ngrok-operator/internal/controller/controllers" + internalerrors "github.com/ngrok/ngrok-operator/internal/errors" + "github.com/ngrok/ngrok-operator/internal/store" corev1 "k8s.io/api/core/v1" netv1 "k8s.io/api/networking/v1" "k8s.io/apimachinery/pkg/runtime" diff --git a/internal/controller/ingress/ippolicy_controller.go b/internal/controller/ingress/ippolicy_controller.go index 5e5d5709..550eb418 100644 --- a/internal/controller/ingress/ippolicy_controller.go +++ b/internal/controller/ingress/ippolicy_controller.go @@ -36,10 +36,10 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" "github.com/go-logr/logr" - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" "github.com/ngrok/ngrok-api-go/v5" "github.com/ngrok/ngrok-api-go/v5/ip_policies" "github.com/ngrok/ngrok-api-go/v5/ip_policy_rules" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" ) const ( diff --git a/internal/controller/ingress/ippolicy_controllers_test.go b/internal/controller/ingress/ippolicy_controllers_test.go index 4bc7c695..c0bbfb5b 100644 --- a/internal/controller/ingress/ippolicy_controllers_test.go +++ b/internal/controller/ingress/ippolicy_controllers_test.go @@ -3,8 +3,8 @@ package controllers import ( "testing" - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" "github.com/ngrok/ngrok-api-go/v5" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" "github.com/stretchr/testify/assert" "k8s.io/utils/ptr" ) diff --git a/internal/controller/ingress/moduleset_controller.go b/internal/controller/ingress/moduleset_controller.go index 19e0ce7e..18906dce 100644 --- a/internal/controller/ingress/moduleset_controller.go +++ b/internal/controller/ingress/moduleset_controller.go @@ -4,8 +4,8 @@ import ( "context" "github.com/go-logr/logr" - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" - "github.com/ngrok/kubernetes-ingress-controller/internal/store" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" + "github.com/ngrok/ngrok-operator/internal/store" "k8s.io/apimachinery/pkg/runtime" "k8s.io/client-go/tools/record" ctrl "sigs.k8s.io/controller-runtime" diff --git a/internal/controller/ingress/service_controller.go b/internal/controller/ingress/service_controller.go index 18b48ebe..11841d51 100644 --- a/internal/controller/ingress/service_controller.go +++ b/internal/controller/ingress/service_controller.go @@ -31,13 +31,13 @@ import ( "time" "github.com/go-logr/logr" - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" - ngrokv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ngrok/v1alpha1" - "github.com/ngrok/kubernetes-ingress-controller/internal/annotations" - "github.com/ngrok/kubernetes-ingress-controller/internal/annotations/parser" - "github.com/ngrok/kubernetes-ingress-controller/internal/controller/controllers" - "github.com/ngrok/kubernetes-ingress-controller/internal/errors" - "github.com/ngrok/kubernetes-ingress-controller/internal/store" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" + ngrokv1alpha1 "github.com/ngrok/ngrok-operator/api/ngrok/v1alpha1" + "github.com/ngrok/ngrok-operator/internal/annotations" + "github.com/ngrok/ngrok-operator/internal/annotations/parser" + "github.com/ngrok/ngrok-operator/internal/controller/controllers" + "github.com/ngrok/ngrok-operator/internal/errors" + "github.com/ngrok/ngrok-operator/internal/store" "golang.org/x/sync/errgroup" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/internal/controller/ingress/tcpedge_controller.go b/internal/controller/ingress/tcpedge_controller.go index 72f95252..44a6bcab 100644 --- a/internal/controller/ingress/tcpedge_controller.go +++ b/internal/controller/ingress/tcpedge_controller.go @@ -43,10 +43,10 @@ import ( "sigs.k8s.io/controller-runtime/pkg/reconcile" "github.com/go-logr/logr" - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" - "github.com/ngrok/kubernetes-ingress-controller/internal/controller/controllers" - "github.com/ngrok/kubernetes-ingress-controller/internal/ngrokapi" "github.com/ngrok/ngrok-api-go/v5" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" + "github.com/ngrok/ngrok-operator/internal/controller/controllers" + "github.com/ngrok/ngrok-operator/internal/ngrokapi" ) // TCPEdgeReconciler reconciles a TCPEdge object diff --git a/internal/controller/ingress/tlsedge_controller.go b/internal/controller/ingress/tlsedge_controller.go index e04b42bd..f80f2371 100644 --- a/internal/controller/ingress/tlsedge_controller.go +++ b/internal/controller/ingress/tlsedge_controller.go @@ -44,11 +44,11 @@ import ( "sigs.k8s.io/controller-runtime/pkg/reconcile" "github.com/go-logr/logr" - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" - "github.com/ngrok/kubernetes-ingress-controller/internal/controller/controllers" - ierr "github.com/ngrok/kubernetes-ingress-controller/internal/errors" - "github.com/ngrok/kubernetes-ingress-controller/internal/ngrokapi" "github.com/ngrok/ngrok-api-go/v5" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" + "github.com/ngrok/ngrok-operator/internal/controller/controllers" + ierr "github.com/ngrok/ngrok-operator/internal/errors" + "github.com/ngrok/ngrok-operator/internal/ngrokapi" ) // TLSEdgeReconciler reconciles a TLSEdge object diff --git a/internal/controller/ingress/tunnel_controller.go b/internal/controller/ingress/tunnel_controller.go index 82de3af6..998badd0 100644 --- a/internal/controller/ingress/tunnel_controller.go +++ b/internal/controller/ingress/tunnel_controller.go @@ -29,8 +29,8 @@ import ( "fmt" "github.com/go-logr/logr" - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" - "github.com/ngrok/kubernetes-ingress-controller/pkg/tunneldriver" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" + "github.com/ngrok/ngrok-operator/pkg/tunneldriver" "k8s.io/apimachinery/pkg/runtime" "k8s.io/client-go/tools/record" "k8s.io/utils/ptr" diff --git a/internal/controller/ngrok/ngroktrafficpolicy_controller.go b/internal/controller/ngrok/ngroktrafficpolicy_controller.go index 78b337ba..30ead09e 100644 --- a/internal/controller/ngrok/ngroktrafficpolicy_controller.go +++ b/internal/controller/ngrok/ngroktrafficpolicy_controller.go @@ -28,8 +28,8 @@ import ( "context" "github.com/go-logr/logr" - ngrokv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ngrok/v1alpha1" - "github.com/ngrok/kubernetes-ingress-controller/internal/store" + ngrokv1alpha1 "github.com/ngrok/ngrok-operator/api/ngrok/v1alpha1" + "github.com/ngrok/ngrok-operator/internal/store" "k8s.io/apimachinery/pkg/runtime" "k8s.io/client-go/tools/record" ctrl "sigs.k8s.io/controller-runtime" diff --git a/internal/mocks/dialer.go b/internal/mocks/dialer.go index 155f7c62..d80a1564 100644 --- a/internal/mocks/dialer.go +++ b/internal/mocks/dialer.go @@ -1,5 +1,5 @@ // Code generated by MockGen. DO NOT EDIT. -// Source: github.com/ngrok/kubernetes-ingress-controller/pkg/tunneldriver (interfaces: Dialer) +// Source: github.com/ngrok/ngrok-operator/pkg/tunneldriver (interfaces: Dialer) // Package mocks is a generated GoMock package. package mocks diff --git a/internal/mocks/gen.go b/internal/mocks/gen.go index 29a772ca..8c1cbe0f 100644 --- a/internal/mocks/gen.go +++ b/internal/mocks/gen.go @@ -4,4 +4,4 @@ package mocks //go:generate go run github.com/golang/mock/mockgen -package mocks -destination tunnel.go golang.ngrok.com/ngrok Tunnel -//go:generate go run github.com/golang/mock/mockgen -package mocks -destination dialer.go github.com/ngrok/kubernetes-ingress-controller/pkg/tunneldriver Dialer +//go:generate go run github.com/golang/mock/mockgen -package mocks -destination dialer.go github.com/ngrok/ngrok-operator/pkg/tunneldriver Dialer diff --git a/internal/store/cachestores.go b/internal/store/cachestores.go index fd5d226a..50c18a7f 100644 --- a/internal/store/cachestores.go +++ b/internal/store/cachestores.go @@ -19,8 +19,8 @@ import ( "sync" "github.com/go-logr/logr" - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" - ngrokv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ngrok/v1alpha1" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" + ngrokv1alpha1 "github.com/ngrok/ngrok-operator/api/ngrok/v1alpha1" corev1 "k8s.io/api/core/v1" netv1 "k8s.io/api/networking/v1" "k8s.io/apimachinery/pkg/runtime" diff --git a/internal/store/driver.go b/internal/store/driver.go index c7aa0d7d..4c6ece1d 100644 --- a/internal/store/driver.go +++ b/internal/store/driver.go @@ -20,12 +20,12 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" gatewayv1 "sigs.k8s.io/gateway-api/apis/v1" - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" - ngrokv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ngrok/v1alpha1" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" + ngrokv1alpha1 "github.com/ngrok/ngrok-operator/api/ngrok/v1alpha1" - "github.com/ngrok/kubernetes-ingress-controller/internal/annotations" - "github.com/ngrok/kubernetes-ingress-controller/internal/errors" - "github.com/ngrok/kubernetes-ingress-controller/internal/util" + "github.com/ngrok/ngrok-operator/internal/annotations" + "github.com/ngrok/ngrok-operator/internal/errors" + "github.com/ngrok/ngrok-operator/internal/util" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/internal/store/driver_test.go b/internal/store/driver_test.go index 766c5aa9..f7e9cdaf 100644 --- a/internal/store/driver_test.go +++ b/internal/store/driver_test.go @@ -17,8 +17,8 @@ import ( clientgoscheme "k8s.io/client-go/kubernetes/scheme" gatewayv1 "sigs.k8s.io/gateway-api/apis/v1" - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" - ngrokv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ngrok/v1alpha1" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" + ngrokv1alpha1 "github.com/ngrok/ngrok-operator/api/ngrok/v1alpha1" ) const defaultManagerName = "ngrok-ingress-controller" diff --git a/internal/store/store.go b/internal/store/store.go index 40862c83..0011b0b3 100644 --- a/internal/store/store.go +++ b/internal/store/store.go @@ -18,10 +18,10 @@ import ( "sort" "strings" - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" - ngrokv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ngrok/v1alpha1" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" + ngrokv1alpha1 "github.com/ngrok/ngrok-operator/api/ngrok/v1alpha1" - "github.com/ngrok/kubernetes-ingress-controller/internal/errors" + "github.com/ngrok/ngrok-operator/internal/errors" corev1 "k8s.io/api/core/v1" netv1 "k8s.io/api/networking/v1" diff --git a/internal/store/store_test.go b/internal/store/store_test.go index 0ba88dd1..5e8692a9 100644 --- a/internal/store/store_test.go +++ b/internal/store/store_test.go @@ -5,7 +5,7 @@ import ( "testing" "github.com/go-logr/logr" - "github.com/ngrok/kubernetes-ingress-controller/internal/errors" + "github.com/ngrok/ngrok-operator/internal/errors" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" netv1 "k8s.io/api/networking/v1" diff --git a/internal/store/testutility.go b/internal/store/testutility.go index 691094e1..26907356 100644 --- a/internal/store/testutility.go +++ b/internal/store/testutility.go @@ -3,8 +3,8 @@ package store import ( "encoding/json" - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" - ngrokv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ngrok/v1alpha1" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" + ngrokv1alpha1 "github.com/ngrok/ngrok-operator/api/ngrok/v1alpha1" corev1 "k8s.io/api/core/v1" netv1 "k8s.io/api/networking/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/internal/util/k8s_test.go b/internal/util/k8s_test.go index e88b5310..32b4b391 100644 --- a/internal/util/k8s_test.go +++ b/internal/util/k8s_test.go @@ -3,7 +3,7 @@ package util import ( "testing" - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" "github.com/stretchr/testify/assert" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/internal/version/version.go b/internal/version/version.go index f6f7700b..1e5fe066 100644 --- a/internal/version/version.go +++ b/internal/version/version.go @@ -6,7 +6,7 @@ import ( ) var ( - // version of the ngrok kubernetes-ingress-controller. + // version of the ngrok-operator. // Injected at build time via LDFlags. version = "0.0.0" @@ -32,7 +32,7 @@ func GetVersion() string { // GetUserAgent returns a user agent to use func GetUserAgent() string { - return fmt.Sprintf("ngrok-ingress-controller/%s", GetVersion()) + return fmt.Sprintf("ngrok-operator/%s", GetVersion()) } // Get returns build info diff --git a/manifest-bundle.yaml b/manifest-bundle.yaml index 93cd8c4a..94cbfbb0 100644 --- a/manifest-bundle.yaml +++ b/manifest-bundle.yaml @@ -1,36 +1,25 @@ --- -# Source: kubernetes-ingress-controller/templates/controller-serviceaccount.yaml +# Source: ngrok-operator/templates/controller-serviceaccount.yaml apiVersion: v1 kind: ServiceAccount metadata: - name: ingress-controller-kubernetes-ingress-controller - namespace: ngrok-ingress-controller + name: ngrok-operator + namespace: ngrok-operator labels: - helm.sh/chart: kubernetes-ingress-controller-0.5.0 - app.kubernetes.io/name: kubernetes-ingress-controller - app.kubernetes.io/instance: ingress-controller - app.kubernetes.io/version: "0.3.0" - app.kubernetes.io/part-of: kubernetes-ingress-controller + helm.sh/chart: ngrok-operator-0.15.0 + app.kubernetes.io/name: ngrok-operator + app.kubernetes.io/instance: ngrok-operator + app.kubernetes.io/version: "0.12.2" + app.kubernetes.io/part-of: ngrok-operator app.kubernetes.io/managed-by: Helm app.kubernetes.io/component: controller --- -# Source: kubernetes-ingress-controller/templates/agent-config-cm.yaml +# Source: ngrok-operator/templates/controller-cm.yaml apiVersion: v1 kind: ConfigMap metadata: - name: ingress-controller-kubernetes-ingress-controller-agent-cm - namespace: ngrok-ingress-controller -data: - METADATA: "" - REGION: "" - REMOTE_MANAGEMENT: "" ---- -# Source: kubernetes-ingress-controller/templates/controller-cm.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: ingress-controller-kubernetes-ingress-controller-manager-config - namespace: ngrok-ingress-controller + name: ngrok-operator-manager-config + namespace: ngrok-operator data: controller_manager_config.yaml: | apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 @@ -41,15 +30,14 @@ data: bindAddress: 127.0.0.1:8080 leaderElection: leaderElect: true - resourceName: ingress-controller-kubernetes-ingress-controller-leader + resourceName: ngrok-operator-leader --- -# Source: kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_domains.yaml +# Source: ngrok-operator/templates/crds/ingress.k8s.ngrok.com_domains.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.9.2 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: domains.ingress.k8s.ngrok.com spec: group: ingress.k8s.ngrok.com @@ -87,14 +75,19 @@ spec: description: Domain is the Schema for the domains API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -145,13 +138,12 @@ spec: subresources: status: {} --- -# Source: kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_httpsedges.yaml +# Source: ngrok-operator/templates/crds/ingress.k8s.ngrok.com_httpsedges.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.9.2 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: httpsedges.ingress.k8s.ngrok.com spec: group: ingress.k8s.ngrok.com @@ -168,14 +160,19 @@ spec: description: HTTPSEdge is the Schema for the httpsedges API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -197,13 +194,24 @@ spec: description: Metadata is a string of arbitrary data associated with the object in the ngrok API/Dashboard type: string + mutualTLS: + properties: + certificateAuthorities: + description: |- + List of CA IDs that will be used to validate incoming connections to the + edge. + items: + type: string + type: array + type: object routes: description: Routes is a list of routes served by this edge items: properties: backend: - description: Backend is the definition for the tunnel group - backend that serves traffic for this edge + description: |- + Backend is the definition for the tunnel group backend + that serves traffic for this edge properties: description: default: Created by kubernetes-ingress-controller @@ -221,6 +229,42 @@ spec: with the object in the ngrok API/Dashboard type: string type: object + circuitBreaker: + description: CircuitBreaker is a circuit breaker configuration + to apply to this route + properties: + errorThresholdPercentage: + anyOf: + - type: integer + - type: string + description: Error threshold percentage should be between + 0 - 1.0, not 0-100.0 + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + numBuckets: + description: Integer number of buckets into which metrics + are retained. Max 128. + format: int32 + maximum: 128 + minimum: 1 + type: integer + rollingWindow: + description: Statistical rolling window duration that metrics + are retained for. + format: duration + type: string + trippedDuration: + description: Duration after which the circuit is tripped + to wait before re-evaluating upstream health + format: duration + type: string + volumeThreshold: + description: |- + Integer number of requests in a rolling window that will trip the circuit. + Helpful if traffic volume is low. + format: int32 + type: integer + type: object compression: description: Compression is whether or not to enable compression for this route @@ -246,14 +290,14 @@ spec: add: additionalProperties: type: string - description: a map of header key to header value that - will be injected into the HTTP Request before being - sent to the upstream application server + description: |- + a map of header key to header value that will be injected into the HTTP Request + before being sent to the upstream application server type: object remove: - description: a list of header names that will be removed - from the HTTP Request before being sent to the upstream - application server + description: |- + a list of header names that will be removed from the HTTP Request before being + sent to the upstream application server items: type: string type: array @@ -265,13 +309,14 @@ spec: add: additionalProperties: type: string - description: a map of header key to header value that - will be injected into the HTTP Response returned to - the HTTP client + description: |- + a map of header key to header value that will be injected into the HTTP Response + returned to the HTTP client type: object remove: - description: a list of header names that will be removed - from the HTTP Response returned to the HTTP client + description: |- + a list of header names that will be removed from the HTTP Response returned to + the HTTP client items: type: string type: array @@ -302,19 +347,796 @@ spec: description: Metadata is a string of arbitrary data associated with the object in the ngrok API/Dashboard type: string + oauth: + description: OAuth configuration to apply to this route + properties: + amazon: + description: configuration for using amazon as the identity + provider + properties: + authCheckInterval: + description: |- + Duration after which ngrok guarantees it will refresh user + state from the identity provider and recheck whether the user is still + authorized to access the endpoint. This is the preferred tunable to use to + enforce a minimum amount of time after which a revoked user will no longer be + able to access the resource. + format: duration + type: string + clientId: + description: |- + the OAuth app client ID. retrieve it from the identity provider's dashboard + where you created your own OAuth app. optional. if unspecified, ngrok will use + its own managed oauth application which has additional restrictions. see the + OAuth module docs for more details. if present, clientSecret must be present as + well. + type: string + clientSecret: + description: |- + the OAuth app client secret. retrieve if from the identity provider's dashboard + where you created your own OAuth app. optional, see all of the caveats in the + docs for clientId. + properties: + key: + description: Key in the secret to use + type: string + name: + description: Name of the Kubernetes secret + type: string + type: object + cookiePrefix: + description: |- + the prefix of the session cookie that ngrok sets on the http client to cache + authentication. default is 'ngrok.' + type: string + emailAddresses: + description: |- + a list of email addresses of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + emailDomains: + description: |- + a list of email domains of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + inactivityTimeout: + description: |- + Duration of inactivity after which if the user has not accessed + the endpoint, their session will time out and they will be forced to + reauthenticate. + format: duration + type: string + maximumDuration: + description: |- + Integer number of seconds of the maximum duration of an authenticated session. + After this period is exceeded, a user must reauthenticate. + format: duration + type: string + optionsPassthrough: + description: |- + Do not enforce authentication on HTTP OPTIONS requests. necessary if you are + supporting CORS. + type: boolean + scopes: + description: |- + a list of provider-specific OAuth scopes with the permissions your OAuth app + would like to ask for. these may not be set if you are using the ngrok-managed + oauth app (i.e. you must pass both client_id and client_secret to set scopes) + items: + type: string + type: array + type: object + facebook: + description: configuration for using facebook as the identity + provider + properties: + authCheckInterval: + description: |- + Duration after which ngrok guarantees it will refresh user + state from the identity provider and recheck whether the user is still + authorized to access the endpoint. This is the preferred tunable to use to + enforce a minimum amount of time after which a revoked user will no longer be + able to access the resource. + format: duration + type: string + clientId: + description: |- + the OAuth app client ID. retrieve it from the identity provider's dashboard + where you created your own OAuth app. optional. if unspecified, ngrok will use + its own managed oauth application which has additional restrictions. see the + OAuth module docs for more details. if present, clientSecret must be present as + well. + type: string + clientSecret: + description: |- + the OAuth app client secret. retrieve if from the identity provider's dashboard + where you created your own OAuth app. optional, see all of the caveats in the + docs for clientId. + properties: + key: + description: Key in the secret to use + type: string + name: + description: Name of the Kubernetes secret + type: string + type: object + cookiePrefix: + description: |- + the prefix of the session cookie that ngrok sets on the http client to cache + authentication. default is 'ngrok.' + type: string + emailAddresses: + description: |- + a list of email addresses of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + emailDomains: + description: |- + a list of email domains of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + inactivityTimeout: + description: |- + Duration of inactivity after which if the user has not accessed + the endpoint, their session will time out and they will be forced to + reauthenticate. + format: duration + type: string + maximumDuration: + description: |- + Integer number of seconds of the maximum duration of an authenticated session. + After this period is exceeded, a user must reauthenticate. + format: duration + type: string + optionsPassthrough: + description: |- + Do not enforce authentication on HTTP OPTIONS requests. necessary if you are + supporting CORS. + type: boolean + scopes: + description: |- + a list of provider-specific OAuth scopes with the permissions your OAuth app + would like to ask for. these may not be set if you are using the ngrok-managed + oauth app (i.e. you must pass both client_id and client_secret to set scopes) + items: + type: string + type: array + type: object + github: + description: configuration for using github as the identity + provider + properties: + authCheckInterval: + description: |- + Duration after which ngrok guarantees it will refresh user + state from the identity provider and recheck whether the user is still + authorized to access the endpoint. This is the preferred tunable to use to + enforce a minimum amount of time after which a revoked user will no longer be + able to access the resource. + format: duration + type: string + clientId: + description: |- + the OAuth app client ID. retrieve it from the identity provider's dashboard + where you created your own OAuth app. optional. if unspecified, ngrok will use + its own managed oauth application which has additional restrictions. see the + OAuth module docs for more details. if present, clientSecret must be present as + well. + type: string + clientSecret: + description: |- + the OAuth app client secret. retrieve if from the identity provider's dashboard + where you created your own OAuth app. optional, see all of the caveats in the + docs for clientId. + properties: + key: + description: Key in the secret to use + type: string + name: + description: Name of the Kubernetes secret + type: string + type: object + cookiePrefix: + description: |- + the prefix of the session cookie that ngrok sets on the http client to cache + authentication. default is 'ngrok.' + type: string + emailAddresses: + description: |- + a list of email addresses of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + emailDomains: + description: |- + a list of email domains of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + inactivityTimeout: + description: |- + Duration of inactivity after which if the user has not accessed + the endpoint, their session will time out and they will be forced to + reauthenticate. + format: duration + type: string + maximumDuration: + description: |- + Integer number of seconds of the maximum duration of an authenticated session. + After this period is exceeded, a user must reauthenticate. + format: duration + type: string + optionsPassthrough: + description: |- + Do not enforce authentication on HTTP OPTIONS requests. necessary if you are + supporting CORS. + type: boolean + organizations: + description: |- + a list of github org identifiers. users who are members of any of the listed + organizations will be allowed access. identifiers should be the organization's + 'slug' + items: + type: string + type: array + scopes: + description: |- + a list of provider-specific OAuth scopes with the permissions your OAuth app + would like to ask for. these may not be set if you are using the ngrok-managed + oauth app (i.e. you must pass both client_id and client_secret to set scopes) + items: + type: string + type: array + teams: + description: |- + a list of github teams identifiers. users will be allowed access to the endpoint + if they are a member of any of these teams. identifiers should be in the 'slug' + format qualified with the org name, e.g. org-name/team-name + items: + type: string + type: array + type: object + gitlab: + description: configuration for using gitlab as the identity + provider + properties: + authCheckInterval: + description: |- + Duration after which ngrok guarantees it will refresh user + state from the identity provider and recheck whether the user is still + authorized to access the endpoint. This is the preferred tunable to use to + enforce a minimum amount of time after which a revoked user will no longer be + able to access the resource. + format: duration + type: string + clientId: + description: |- + the OAuth app client ID. retrieve it from the identity provider's dashboard + where you created your own OAuth app. optional. if unspecified, ngrok will use + its own managed oauth application which has additional restrictions. see the + OAuth module docs for more details. if present, clientSecret must be present as + well. + type: string + clientSecret: + description: |- + the OAuth app client secret. retrieve if from the identity provider's dashboard + where you created your own OAuth app. optional, see all of the caveats in the + docs for clientId. + properties: + key: + description: Key in the secret to use + type: string + name: + description: Name of the Kubernetes secret + type: string + type: object + cookiePrefix: + description: |- + the prefix of the session cookie that ngrok sets on the http client to cache + authentication. default is 'ngrok.' + type: string + emailAddresses: + description: |- + a list of email addresses of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + emailDomains: + description: |- + a list of email domains of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + inactivityTimeout: + description: |- + Duration of inactivity after which if the user has not accessed + the endpoint, their session will time out and they will be forced to + reauthenticate. + format: duration + type: string + maximumDuration: + description: |- + Integer number of seconds of the maximum duration of an authenticated session. + After this period is exceeded, a user must reauthenticate. + format: duration + type: string + optionsPassthrough: + description: |- + Do not enforce authentication on HTTP OPTIONS requests. necessary if you are + supporting CORS. + type: boolean + scopes: + description: |- + a list of provider-specific OAuth scopes with the permissions your OAuth app + would like to ask for. these may not be set if you are using the ngrok-managed + oauth app (i.e. you must pass both client_id and client_secret to set scopes) + items: + type: string + type: array + type: object + google: + description: configuration for using google as the identity + provider + properties: + authCheckInterval: + description: |- + Duration after which ngrok guarantees it will refresh user + state from the identity provider and recheck whether the user is still + authorized to access the endpoint. This is the preferred tunable to use to + enforce a minimum amount of time after which a revoked user will no longer be + able to access the resource. + format: duration + type: string + clientId: + description: |- + the OAuth app client ID. retrieve it from the identity provider's dashboard + where you created your own OAuth app. optional. if unspecified, ngrok will use + its own managed oauth application which has additional restrictions. see the + OAuth module docs for more details. if present, clientSecret must be present as + well. + type: string + clientSecret: + description: |- + the OAuth app client secret. retrieve if from the identity provider's dashboard + where you created your own OAuth app. optional, see all of the caveats in the + docs for clientId. + properties: + key: + description: Key in the secret to use + type: string + name: + description: Name of the Kubernetes secret + type: string + type: object + cookiePrefix: + description: |- + the prefix of the session cookie that ngrok sets on the http client to cache + authentication. default is 'ngrok.' + type: string + emailAddresses: + description: |- + a list of email addresses of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + emailDomains: + description: |- + a list of email domains of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + inactivityTimeout: + description: |- + Duration of inactivity after which if the user has not accessed + the endpoint, their session will time out and they will be forced to + reauthenticate. + format: duration + type: string + maximumDuration: + description: |- + Integer number of seconds of the maximum duration of an authenticated session. + After this period is exceeded, a user must reauthenticate. + format: duration + type: string + optionsPassthrough: + description: |- + Do not enforce authentication on HTTP OPTIONS requests. necessary if you are + supporting CORS. + type: boolean + scopes: + description: |- + a list of provider-specific OAuth scopes with the permissions your OAuth app + would like to ask for. these may not be set if you are using the ngrok-managed + oauth app (i.e. you must pass both client_id and client_secret to set scopes) + items: + type: string + type: array + type: object + linkedin: + description: configuration for using linkedin as the identity + provider + properties: + authCheckInterval: + description: |- + Duration after which ngrok guarantees it will refresh user + state from the identity provider and recheck whether the user is still + authorized to access the endpoint. This is the preferred tunable to use to + enforce a minimum amount of time after which a revoked user will no longer be + able to access the resource. + format: duration + type: string + clientId: + description: |- + the OAuth app client ID. retrieve it from the identity provider's dashboard + where you created your own OAuth app. optional. if unspecified, ngrok will use + its own managed oauth application which has additional restrictions. see the + OAuth module docs for more details. if present, clientSecret must be present as + well. + type: string + clientSecret: + description: |- + the OAuth app client secret. retrieve if from the identity provider's dashboard + where you created your own OAuth app. optional, see all of the caveats in the + docs for clientId. + properties: + key: + description: Key in the secret to use + type: string + name: + description: Name of the Kubernetes secret + type: string + type: object + cookiePrefix: + description: |- + the prefix of the session cookie that ngrok sets on the http client to cache + authentication. default is 'ngrok.' + type: string + emailAddresses: + description: |- + a list of email addresses of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + emailDomains: + description: |- + a list of email domains of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + inactivityTimeout: + description: |- + Duration of inactivity after which if the user has not accessed + the endpoint, their session will time out and they will be forced to + reauthenticate. + format: duration + type: string + maximumDuration: + description: |- + Integer number of seconds of the maximum duration of an authenticated session. + After this period is exceeded, a user must reauthenticate. + format: duration + type: string + optionsPassthrough: + description: |- + Do not enforce authentication on HTTP OPTIONS requests. necessary if you are + supporting CORS. + type: boolean + scopes: + description: |- + a list of provider-specific OAuth scopes with the permissions your OAuth app + would like to ask for. these may not be set if you are using the ngrok-managed + oauth app (i.e. you must pass both client_id and client_secret to set scopes) + items: + type: string + type: array + type: object + microsoft: + description: configuration for using microsoft as the identity + provider + properties: + authCheckInterval: + description: |- + Duration after which ngrok guarantees it will refresh user + state from the identity provider and recheck whether the user is still + authorized to access the endpoint. This is the preferred tunable to use to + enforce a minimum amount of time after which a revoked user will no longer be + able to access the resource. + format: duration + type: string + clientId: + description: |- + the OAuth app client ID. retrieve it from the identity provider's dashboard + where you created your own OAuth app. optional. if unspecified, ngrok will use + its own managed oauth application which has additional restrictions. see the + OAuth module docs for more details. if present, clientSecret must be present as + well. + type: string + clientSecret: + description: |- + the OAuth app client secret. retrieve if from the identity provider's dashboard + where you created your own OAuth app. optional, see all of the caveats in the + docs for clientId. + properties: + key: + description: Key in the secret to use + type: string + name: + description: Name of the Kubernetes secret + type: string + type: object + cookiePrefix: + description: |- + the prefix of the session cookie that ngrok sets on the http client to cache + authentication. default is 'ngrok.' + type: string + emailAddresses: + description: |- + a list of email addresses of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + emailDomains: + description: |- + a list of email domains of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + inactivityTimeout: + description: |- + Duration of inactivity after which if the user has not accessed + the endpoint, their session will time out and they will be forced to + reauthenticate. + format: duration + type: string + maximumDuration: + description: |- + Integer number of seconds of the maximum duration of an authenticated session. + After this period is exceeded, a user must reauthenticate. + format: duration + type: string + optionsPassthrough: + description: |- + Do not enforce authentication on HTTP OPTIONS requests. necessary if you are + supporting CORS. + type: boolean + scopes: + description: |- + a list of provider-specific OAuth scopes with the permissions your OAuth app + would like to ask for. these may not be set if you are using the ngrok-managed + oauth app (i.e. you must pass both client_id and client_secret to set scopes) + items: + type: string + type: array + type: object + twitch: + description: configuration for using twitch as the identity + provider + properties: + authCheckInterval: + description: |- + Duration after which ngrok guarantees it will refresh user + state from the identity provider and recheck whether the user is still + authorized to access the endpoint. This is the preferred tunable to use to + enforce a minimum amount of time after which a revoked user will no longer be + able to access the resource. + format: duration + type: string + clientId: + description: |- + the OAuth app client ID. retrieve it from the identity provider's dashboard + where you created your own OAuth app. optional. if unspecified, ngrok will use + its own managed oauth application which has additional restrictions. see the + OAuth module docs for more details. if present, clientSecret must be present as + well. + type: string + clientSecret: + description: |- + the OAuth app client secret. retrieve if from the identity provider's dashboard + where you created your own OAuth app. optional, see all of the caveats in the + docs for clientId. + properties: + key: + description: Key in the secret to use + type: string + name: + description: Name of the Kubernetes secret + type: string + type: object + cookiePrefix: + description: |- + the prefix of the session cookie that ngrok sets on the http client to cache + authentication. default is 'ngrok.' + type: string + emailAddresses: + description: |- + a list of email addresses of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + emailDomains: + description: |- + a list of email domains of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + inactivityTimeout: + description: |- + Duration of inactivity after which if the user has not accessed + the endpoint, their session will time out and they will be forced to + reauthenticate. + format: duration + type: string + maximumDuration: + description: |- + Integer number of seconds of the maximum duration of an authenticated session. + After this period is exceeded, a user must reauthenticate. + format: duration + type: string + optionsPassthrough: + description: |- + Do not enforce authentication on HTTP OPTIONS requests. necessary if you are + supporting CORS. + type: boolean + scopes: + description: |- + a list of provider-specific OAuth scopes with the permissions your OAuth app + would like to ask for. these may not be set if you are using the ngrok-managed + oauth app (i.e. you must pass both client_id and client_secret to set scopes) + items: + type: string + type: array + type: object + type: object + oidc: + description: OIDC is the OpenID Connect configuration to apply + to this route + properties: + clientId: + description: The OIDC app's client ID and OIDC audience. + type: string + clientSecret: + description: The OIDC app's client secret. + properties: + key: + description: Key in the secret to use + type: string + name: + description: Name of the Kubernetes secret + type: string + type: object + cookiePrefix: + description: |- + the prefix of the session cookie that ngrok sets on the http client to cache + authentication. default is 'ngrok.' + type: string + inactivityTimeout: + description: |- + Duration of inactivity after which if the user has not accessed + the endpoint, their session will time out and they will be forced to + reauthenticate. + format: duration + type: string + issuer: + description: URL of the OIDC "OpenID provider". This is + the base URL used for discovery. + type: string + maximumDuration: + description: |- + The maximum duration of an authenticated session. + After this period is exceeded, a user must reauthenticate. + format: duration + type: string + optionsPassthrough: + description: |- + Do not enforce authentication on HTTP OPTIONS requests. necessary if you are + supporting CORS. + type: boolean + scopes: + description: The set of scopes to request from the OIDC + identity provider. + items: + type: string + type: array + type: object + policy: + description: raw json policy string that was applied to the + ngrok API + type: object + x-kubernetes-preserve-unknown-fields: true + saml: + description: SAML is the SAML configuration to apply to this + route + properties: + allowIdpInitiated: + description: |- + If true, the IdP may initiate a login directly (e.g. the user does not need to + visit the endpoint first and then be redirected). The IdP should set the + RelayState parameter to the target URL of the resource they want the user to be + redirected to after the SAML login assertion has been processed. + type: boolean + authorizedGroups: + description: |- + If present, only users who are a member of one of the listed groups may access + the target endpoint. + items: + type: string + type: array + cookiePrefix: + description: |- + the prefix of the session cookie that ngrok sets on the http client to cache + authentication. default is 'ngrok.' + type: string + forceAuthn: + description: |- + If true, indicates that whenever we redirect a user to the IdP for + authentication that the IdP must prompt the user for authentication credentials + even if the user already has a valid session with the IdP. + type: boolean + idpMetadata: + description: |- + The full XML IdP EntityDescriptor. Your IdP may provide this to you as a a file + to download or as a URL. + type: string + inactivityTimeout: + description: |- + Duration of inactivity after which if the user has not accessed + the endpoint, their session will time out and they will be forced to + reauthenticate. + format: duration + type: string + maximumDuration: + description: |- + The maximum duration of an authenticated session. + After this period is exceeded, a user must reauthenticate. + format: duration + type: string + nameidFormat: + description: |- + Defines the name identifier format the SP expects the IdP to use in its + assertions to identify subjects. If unspecified, a default value of + urn:oasis:names:tc:SAML:2.0:nameid-format:persistent will be used. A subset of + the allowed values enumerated by the SAML specification are supported. + type: string + optionsPassthrough: + description: |- + Do not enforce authentication on HTTP OPTIONS requests. necessary if you are + supporting CORS. + type: boolean + type: object webhookVerification: description: WebhookVerification is webhook verification configuration to apply to this route properties: provider: - description: a string indicating which webhook provider - will be sending webhooks to this endpoint. Value must - be one of the supported providers defined at https://ngrok.com/docs/http/webhook-verification/#supported-providers + description: |- + a string indicating which webhook provider will be sending webhooks to this + endpoint. Value must be one of the supported providers defined at + https://ngrok.com/docs/http/webhook-verification/#supported-providers type: string secret: - description: SecretRef is a reference to a secret containing - the secret used to validate requests from the given provider. - All providers except AWS SNS require a secret + description: |- + SecretRef is a reference to a secret containing the secret used to validate + requests from the given provider. All providers except AWS SNS require a secret properties: key: description: Key in the secret to use @@ -349,7 +1171,8 @@ spec: items: properties: backend: - description: Backend stores the status of the tunnel group backend, + description: |- + Backend stores the status of the tunnel group backend, mainly the ID of the backend properties: id: @@ -378,13 +1201,12 @@ spec: subresources: status: {} --- -# Source: kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_ippolicies.yaml +# Source: ngrok-operator/templates/crds/ingress.k8s.ngrok.com_ippolicies.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.9.2 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: ippolicies.ingress.k8s.ngrok.com spec: group: ingress.k8s.ngrok.com @@ -410,14 +1232,19 @@ spec: description: IPPolicy is the Schema for the ippolicies API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -439,6 +1266,9 @@ spec: items: properties: action: + enum: + - allow + - deny type: string cidr: type: string @@ -459,9 +1289,9 @@ spec: description: IPPolicyStatus defines the observed state of IPPolicy properties: id: - description: 'INSERT ADDITIONAL STATUS FIELD - define observed state - of cluster Important: Run "make" to regenerate code after modifying - this file' + description: |- + INSERT ADDITIONAL STATUS FIELD - define observed state of cluster + Important: Run "make" to regenerate code after modifying this file type: string rules: items: @@ -481,13 +1311,1021 @@ spec: subresources: status: {} --- -# Source: kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_tcpedges.yaml +# Source: ngrok-operator/templates/crds/ingress.k8s.ngrok.com_ngrokmodulesets.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.14.0 + name: ngrokmodulesets.ingress.k8s.ngrok.com +spec: + group: ingress.k8s.ngrok.com + names: + kind: NgrokModuleSet + listKind: NgrokModuleSetList + plural: ngrokmodulesets + singular: ngrokmoduleset + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: NgrokModuleSet is the Schema for the ngrokmodules API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + modules: + properties: + circuitBreaker: + description: CircuitBreaker configuration for this module set + properties: + errorThresholdPercentage: + anyOf: + - type: integer + - type: string + description: Error threshold percentage should be between 0 - + 1.0, not 0-100.0 + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + numBuckets: + description: Integer number of buckets into which metrics are + retained. Max 128. + format: int32 + maximum: 128 + minimum: 1 + type: integer + rollingWindow: + description: Statistical rolling window duration that metrics + are retained for. + format: duration + type: string + trippedDuration: + description: Duration after which the circuit is tripped to wait + before re-evaluating upstream health + format: duration + type: string + volumeThreshold: + description: |- + Integer number of requests in a rolling window that will trip the circuit. + Helpful if traffic volume is low. + format: int32 + type: integer + type: object + compression: + description: Compression configuration for this module set + properties: + enabled: + description: Enabled is whether or not to enable compression for + this endpoint + type: boolean + type: object + headers: + description: Header configuration for this module set + properties: + request: + description: Request headers are the request headers module configuration + or null + properties: + add: + additionalProperties: + type: string + description: |- + a map of header key to header value that will be injected into the HTTP Request + before being sent to the upstream application server + type: object + remove: + description: |- + a list of header names that will be removed from the HTTP Request before being + sent to the upstream application server + items: + type: string + type: array + type: object + response: + description: Response headers are the response headers module + configuration or null + properties: + add: + additionalProperties: + type: string + description: |- + a map of header key to header value that will be injected into the HTTP Response + returned to the HTTP client + type: object + remove: + description: |- + a list of header names that will be removed from the HTTP Response returned to + the HTTP client + items: + type: string + type: array + type: object + type: object + ipRestriction: + description: IPRestriction configuration for this module set + properties: + policies: + items: + type: string + type: array + type: object + mutualTLS: + description: MutualTLS configuration for this module set + properties: + certificateAuthorities: + description: |- + List of CA IDs that will be used to validate incoming connections to the + edge. + items: + type: string + type: array + type: object + oauth: + description: OAuth configuration for this module set + properties: + amazon: + description: configuration for using amazon as the identity provider + properties: + authCheckInterval: + description: |- + Duration after which ngrok guarantees it will refresh user + state from the identity provider and recheck whether the user is still + authorized to access the endpoint. This is the preferred tunable to use to + enforce a minimum amount of time after which a revoked user will no longer be + able to access the resource. + format: duration + type: string + clientId: + description: |- + the OAuth app client ID. retrieve it from the identity provider's dashboard + where you created your own OAuth app. optional. if unspecified, ngrok will use + its own managed oauth application which has additional restrictions. see the + OAuth module docs for more details. if present, clientSecret must be present as + well. + type: string + clientSecret: + description: |- + the OAuth app client secret. retrieve if from the identity provider's dashboard + where you created your own OAuth app. optional, see all of the caveats in the + docs for clientId. + properties: + key: + description: Key in the secret to use + type: string + name: + description: Name of the Kubernetes secret + type: string + type: object + cookiePrefix: + description: |- + the prefix of the session cookie that ngrok sets on the http client to cache + authentication. default is 'ngrok.' + type: string + emailAddresses: + description: |- + a list of email addresses of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + emailDomains: + description: |- + a list of email domains of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + inactivityTimeout: + description: |- + Duration of inactivity after which if the user has not accessed + the endpoint, their session will time out and they will be forced to + reauthenticate. + format: duration + type: string + maximumDuration: + description: |- + Integer number of seconds of the maximum duration of an authenticated session. + After this period is exceeded, a user must reauthenticate. + format: duration + type: string + optionsPassthrough: + description: |- + Do not enforce authentication on HTTP OPTIONS requests. necessary if you are + supporting CORS. + type: boolean + scopes: + description: |- + a list of provider-specific OAuth scopes with the permissions your OAuth app + would like to ask for. these may not be set if you are using the ngrok-managed + oauth app (i.e. you must pass both client_id and client_secret to set scopes) + items: + type: string + type: array + type: object + facebook: + description: configuration for using facebook as the identity + provider + properties: + authCheckInterval: + description: |- + Duration after which ngrok guarantees it will refresh user + state from the identity provider and recheck whether the user is still + authorized to access the endpoint. This is the preferred tunable to use to + enforce a minimum amount of time after which a revoked user will no longer be + able to access the resource. + format: duration + type: string + clientId: + description: |- + the OAuth app client ID. retrieve it from the identity provider's dashboard + where you created your own OAuth app. optional. if unspecified, ngrok will use + its own managed oauth application which has additional restrictions. see the + OAuth module docs for more details. if present, clientSecret must be present as + well. + type: string + clientSecret: + description: |- + the OAuth app client secret. retrieve if from the identity provider's dashboard + where you created your own OAuth app. optional, see all of the caveats in the + docs for clientId. + properties: + key: + description: Key in the secret to use + type: string + name: + description: Name of the Kubernetes secret + type: string + type: object + cookiePrefix: + description: |- + the prefix of the session cookie that ngrok sets on the http client to cache + authentication. default is 'ngrok.' + type: string + emailAddresses: + description: |- + a list of email addresses of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + emailDomains: + description: |- + a list of email domains of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + inactivityTimeout: + description: |- + Duration of inactivity after which if the user has not accessed + the endpoint, their session will time out and they will be forced to + reauthenticate. + format: duration + type: string + maximumDuration: + description: |- + Integer number of seconds of the maximum duration of an authenticated session. + After this period is exceeded, a user must reauthenticate. + format: duration + type: string + optionsPassthrough: + description: |- + Do not enforce authentication on HTTP OPTIONS requests. necessary if you are + supporting CORS. + type: boolean + scopes: + description: |- + a list of provider-specific OAuth scopes with the permissions your OAuth app + would like to ask for. these may not be set if you are using the ngrok-managed + oauth app (i.e. you must pass both client_id and client_secret to set scopes) + items: + type: string + type: array + type: object + github: + description: configuration for using github as the identity provider + properties: + authCheckInterval: + description: |- + Duration after which ngrok guarantees it will refresh user + state from the identity provider and recheck whether the user is still + authorized to access the endpoint. This is the preferred tunable to use to + enforce a minimum amount of time after which a revoked user will no longer be + able to access the resource. + format: duration + type: string + clientId: + description: |- + the OAuth app client ID. retrieve it from the identity provider's dashboard + where you created your own OAuth app. optional. if unspecified, ngrok will use + its own managed oauth application which has additional restrictions. see the + OAuth module docs for more details. if present, clientSecret must be present as + well. + type: string + clientSecret: + description: |- + the OAuth app client secret. retrieve if from the identity provider's dashboard + where you created your own OAuth app. optional, see all of the caveats in the + docs for clientId. + properties: + key: + description: Key in the secret to use + type: string + name: + description: Name of the Kubernetes secret + type: string + type: object + cookiePrefix: + description: |- + the prefix of the session cookie that ngrok sets on the http client to cache + authentication. default is 'ngrok.' + type: string + emailAddresses: + description: |- + a list of email addresses of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + emailDomains: + description: |- + a list of email domains of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + inactivityTimeout: + description: |- + Duration of inactivity after which if the user has not accessed + the endpoint, their session will time out and they will be forced to + reauthenticate. + format: duration + type: string + maximumDuration: + description: |- + Integer number of seconds of the maximum duration of an authenticated session. + After this period is exceeded, a user must reauthenticate. + format: duration + type: string + optionsPassthrough: + description: |- + Do not enforce authentication on HTTP OPTIONS requests. necessary if you are + supporting CORS. + type: boolean + organizations: + description: |- + a list of github org identifiers. users who are members of any of the listed + organizations will be allowed access. identifiers should be the organization's + 'slug' + items: + type: string + type: array + scopes: + description: |- + a list of provider-specific OAuth scopes with the permissions your OAuth app + would like to ask for. these may not be set if you are using the ngrok-managed + oauth app (i.e. you must pass both client_id and client_secret to set scopes) + items: + type: string + type: array + teams: + description: |- + a list of github teams identifiers. users will be allowed access to the endpoint + if they are a member of any of these teams. identifiers should be in the 'slug' + format qualified with the org name, e.g. org-name/team-name + items: + type: string + type: array + type: object + gitlab: + description: configuration for using gitlab as the identity provider + properties: + authCheckInterval: + description: |- + Duration after which ngrok guarantees it will refresh user + state from the identity provider and recheck whether the user is still + authorized to access the endpoint. This is the preferred tunable to use to + enforce a minimum amount of time after which a revoked user will no longer be + able to access the resource. + format: duration + type: string + clientId: + description: |- + the OAuth app client ID. retrieve it from the identity provider's dashboard + where you created your own OAuth app. optional. if unspecified, ngrok will use + its own managed oauth application which has additional restrictions. see the + OAuth module docs for more details. if present, clientSecret must be present as + well. + type: string + clientSecret: + description: |- + the OAuth app client secret. retrieve if from the identity provider's dashboard + where you created your own OAuth app. optional, see all of the caveats in the + docs for clientId. + properties: + key: + description: Key in the secret to use + type: string + name: + description: Name of the Kubernetes secret + type: string + type: object + cookiePrefix: + description: |- + the prefix of the session cookie that ngrok sets on the http client to cache + authentication. default is 'ngrok.' + type: string + emailAddresses: + description: |- + a list of email addresses of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + emailDomains: + description: |- + a list of email domains of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + inactivityTimeout: + description: |- + Duration of inactivity after which if the user has not accessed + the endpoint, their session will time out and they will be forced to + reauthenticate. + format: duration + type: string + maximumDuration: + description: |- + Integer number of seconds of the maximum duration of an authenticated session. + After this period is exceeded, a user must reauthenticate. + format: duration + type: string + optionsPassthrough: + description: |- + Do not enforce authentication on HTTP OPTIONS requests. necessary if you are + supporting CORS. + type: boolean + scopes: + description: |- + a list of provider-specific OAuth scopes with the permissions your OAuth app + would like to ask for. these may not be set if you are using the ngrok-managed + oauth app (i.e. you must pass both client_id and client_secret to set scopes) + items: + type: string + type: array + type: object + google: + description: configuration for using google as the identity provider + properties: + authCheckInterval: + description: |- + Duration after which ngrok guarantees it will refresh user + state from the identity provider and recheck whether the user is still + authorized to access the endpoint. This is the preferred tunable to use to + enforce a minimum amount of time after which a revoked user will no longer be + able to access the resource. + format: duration + type: string + clientId: + description: |- + the OAuth app client ID. retrieve it from the identity provider's dashboard + where you created your own OAuth app. optional. if unspecified, ngrok will use + its own managed oauth application which has additional restrictions. see the + OAuth module docs for more details. if present, clientSecret must be present as + well. + type: string + clientSecret: + description: |- + the OAuth app client secret. retrieve if from the identity provider's dashboard + where you created your own OAuth app. optional, see all of the caveats in the + docs for clientId. + properties: + key: + description: Key in the secret to use + type: string + name: + description: Name of the Kubernetes secret + type: string + type: object + cookiePrefix: + description: |- + the prefix of the session cookie that ngrok sets on the http client to cache + authentication. default is 'ngrok.' + type: string + emailAddresses: + description: |- + a list of email addresses of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + emailDomains: + description: |- + a list of email domains of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + inactivityTimeout: + description: |- + Duration of inactivity after which if the user has not accessed + the endpoint, their session will time out and they will be forced to + reauthenticate. + format: duration + type: string + maximumDuration: + description: |- + Integer number of seconds of the maximum duration of an authenticated session. + After this period is exceeded, a user must reauthenticate. + format: duration + type: string + optionsPassthrough: + description: |- + Do not enforce authentication on HTTP OPTIONS requests. necessary if you are + supporting CORS. + type: boolean + scopes: + description: |- + a list of provider-specific OAuth scopes with the permissions your OAuth app + would like to ask for. these may not be set if you are using the ngrok-managed + oauth app (i.e. you must pass both client_id and client_secret to set scopes) + items: + type: string + type: array + type: object + linkedin: + description: configuration for using linkedin as the identity + provider + properties: + authCheckInterval: + description: |- + Duration after which ngrok guarantees it will refresh user + state from the identity provider and recheck whether the user is still + authorized to access the endpoint. This is the preferred tunable to use to + enforce a minimum amount of time after which a revoked user will no longer be + able to access the resource. + format: duration + type: string + clientId: + description: |- + the OAuth app client ID. retrieve it from the identity provider's dashboard + where you created your own OAuth app. optional. if unspecified, ngrok will use + its own managed oauth application which has additional restrictions. see the + OAuth module docs for more details. if present, clientSecret must be present as + well. + type: string + clientSecret: + description: |- + the OAuth app client secret. retrieve if from the identity provider's dashboard + where you created your own OAuth app. optional, see all of the caveats in the + docs for clientId. + properties: + key: + description: Key in the secret to use + type: string + name: + description: Name of the Kubernetes secret + type: string + type: object + cookiePrefix: + description: |- + the prefix of the session cookie that ngrok sets on the http client to cache + authentication. default is 'ngrok.' + type: string + emailAddresses: + description: |- + a list of email addresses of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + emailDomains: + description: |- + a list of email domains of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + inactivityTimeout: + description: |- + Duration of inactivity after which if the user has not accessed + the endpoint, their session will time out and they will be forced to + reauthenticate. + format: duration + type: string + maximumDuration: + description: |- + Integer number of seconds of the maximum duration of an authenticated session. + After this period is exceeded, a user must reauthenticate. + format: duration + type: string + optionsPassthrough: + description: |- + Do not enforce authentication on HTTP OPTIONS requests. necessary if you are + supporting CORS. + type: boolean + scopes: + description: |- + a list of provider-specific OAuth scopes with the permissions your OAuth app + would like to ask for. these may not be set if you are using the ngrok-managed + oauth app (i.e. you must pass both client_id and client_secret to set scopes) + items: + type: string + type: array + type: object + microsoft: + description: configuration for using microsoft as the identity + provider + properties: + authCheckInterval: + description: |- + Duration after which ngrok guarantees it will refresh user + state from the identity provider and recheck whether the user is still + authorized to access the endpoint. This is the preferred tunable to use to + enforce a minimum amount of time after which a revoked user will no longer be + able to access the resource. + format: duration + type: string + clientId: + description: |- + the OAuth app client ID. retrieve it from the identity provider's dashboard + where you created your own OAuth app. optional. if unspecified, ngrok will use + its own managed oauth application which has additional restrictions. see the + OAuth module docs for more details. if present, clientSecret must be present as + well. + type: string + clientSecret: + description: |- + the OAuth app client secret. retrieve if from the identity provider's dashboard + where you created your own OAuth app. optional, see all of the caveats in the + docs for clientId. + properties: + key: + description: Key in the secret to use + type: string + name: + description: Name of the Kubernetes secret + type: string + type: object + cookiePrefix: + description: |- + the prefix of the session cookie that ngrok sets on the http client to cache + authentication. default is 'ngrok.' + type: string + emailAddresses: + description: |- + a list of email addresses of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + emailDomains: + description: |- + a list of email domains of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + inactivityTimeout: + description: |- + Duration of inactivity after which if the user has not accessed + the endpoint, their session will time out and they will be forced to + reauthenticate. + format: duration + type: string + maximumDuration: + description: |- + Integer number of seconds of the maximum duration of an authenticated session. + After this period is exceeded, a user must reauthenticate. + format: duration + type: string + optionsPassthrough: + description: |- + Do not enforce authentication on HTTP OPTIONS requests. necessary if you are + supporting CORS. + type: boolean + scopes: + description: |- + a list of provider-specific OAuth scopes with the permissions your OAuth app + would like to ask for. these may not be set if you are using the ngrok-managed + oauth app (i.e. you must pass both client_id and client_secret to set scopes) + items: + type: string + type: array + type: object + twitch: + description: configuration for using twitch as the identity provider + properties: + authCheckInterval: + description: |- + Duration after which ngrok guarantees it will refresh user + state from the identity provider and recheck whether the user is still + authorized to access the endpoint. This is the preferred tunable to use to + enforce a minimum amount of time after which a revoked user will no longer be + able to access the resource. + format: duration + type: string + clientId: + description: |- + the OAuth app client ID. retrieve it from the identity provider's dashboard + where you created your own OAuth app. optional. if unspecified, ngrok will use + its own managed oauth application which has additional restrictions. see the + OAuth module docs for more details. if present, clientSecret must be present as + well. + type: string + clientSecret: + description: |- + the OAuth app client secret. retrieve if from the identity provider's dashboard + where you created your own OAuth app. optional, see all of the caveats in the + docs for clientId. + properties: + key: + description: Key in the secret to use + type: string + name: + description: Name of the Kubernetes secret + type: string + type: object + cookiePrefix: + description: |- + the prefix of the session cookie that ngrok sets on the http client to cache + authentication. default is 'ngrok.' + type: string + emailAddresses: + description: |- + a list of email addresses of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + emailDomains: + description: |- + a list of email domains of users authenticated by identity provider who are + allowed access to the endpoint + items: + type: string + type: array + inactivityTimeout: + description: |- + Duration of inactivity after which if the user has not accessed + the endpoint, their session will time out and they will be forced to + reauthenticate. + format: duration + type: string + maximumDuration: + description: |- + Integer number of seconds of the maximum duration of an authenticated session. + After this period is exceeded, a user must reauthenticate. + format: duration + type: string + optionsPassthrough: + description: |- + Do not enforce authentication on HTTP OPTIONS requests. necessary if you are + supporting CORS. + type: boolean + scopes: + description: |- + a list of provider-specific OAuth scopes with the permissions your OAuth app + would like to ask for. these may not be set if you are using the ngrok-managed + oauth app (i.e. you must pass both client_id and client_secret to set scopes) + items: + type: string + type: array + type: object + type: object + oidc: + description: OIDC configuration for this module set + properties: + clientId: + description: The OIDC app's client ID and OIDC audience. + type: string + clientSecret: + description: The OIDC app's client secret. + properties: + key: + description: Key in the secret to use + type: string + name: + description: Name of the Kubernetes secret + type: string + type: object + cookiePrefix: + description: |- + the prefix of the session cookie that ngrok sets on the http client to cache + authentication. default is 'ngrok.' + type: string + inactivityTimeout: + description: |- + Duration of inactivity after which if the user has not accessed + the endpoint, their session will time out and they will be forced to + reauthenticate. + format: duration + type: string + issuer: + description: URL of the OIDC "OpenID provider". This is the base + URL used for discovery. + type: string + maximumDuration: + description: |- + The maximum duration of an authenticated session. + After this period is exceeded, a user must reauthenticate. + format: duration + type: string + optionsPassthrough: + description: |- + Do not enforce authentication on HTTP OPTIONS requests. necessary if you are + supporting CORS. + type: boolean + scopes: + description: The set of scopes to request from the OIDC identity + provider. + items: + type: string + type: array + type: object + policy: + description: Policy configuration for this module set + properties: + enabled: + description: Determines if the rule will be applied to traffic + type: boolean + inbound: + description: Inbound traffic rule + items: + properties: + actions: + description: Actions + items: + properties: + config: + type: object + x-kubernetes-preserve-unknown-fields: true + type: + type: string + type: object + type: array + expressions: + description: Expressions + items: + type: string + type: array + name: + description: Name + type: string + type: object + type: array + outbound: + description: Outbound traffic rule + items: + properties: + actions: + description: Actions + items: + properties: + config: + type: object + x-kubernetes-preserve-unknown-fields: true + type: + type: string + type: object + type: array + expressions: + description: Expressions + items: + type: string + type: array + name: + description: Name + type: string + type: object + type: array + type: object + saml: + description: SAML configuration for this module set + properties: + allowIdpInitiated: + description: |- + If true, the IdP may initiate a login directly (e.g. the user does not need to + visit the endpoint first and then be redirected). The IdP should set the + RelayState parameter to the target URL of the resource they want the user to be + redirected to after the SAML login assertion has been processed. + type: boolean + authorizedGroups: + description: |- + If present, only users who are a member of one of the listed groups may access + the target endpoint. + items: + type: string + type: array + cookiePrefix: + description: |- + the prefix of the session cookie that ngrok sets on the http client to cache + authentication. default is 'ngrok.' + type: string + forceAuthn: + description: |- + If true, indicates that whenever we redirect a user to the IdP for + authentication that the IdP must prompt the user for authentication credentials + even if the user already has a valid session with the IdP. + type: boolean + idpMetadata: + description: |- + The full XML IdP EntityDescriptor. Your IdP may provide this to you as a a file + to download or as a URL. + type: string + inactivityTimeout: + description: |- + Duration of inactivity after which if the user has not accessed + the endpoint, their session will time out and they will be forced to + reauthenticate. + format: duration + type: string + maximumDuration: + description: |- + The maximum duration of an authenticated session. + After this period is exceeded, a user must reauthenticate. + format: duration + type: string + nameidFormat: + description: |- + Defines the name identifier format the SP expects the IdP to use in its + assertions to identify subjects. If unspecified, a default value of + urn:oasis:names:tc:SAML:2.0:nameid-format:persistent will be used. A subset of + the allowed values enumerated by the SAML specification are supported. + type: string + optionsPassthrough: + description: |- + Do not enforce authentication on HTTP OPTIONS requests. necessary if you are + supporting CORS. + type: boolean + type: object + tlsTermination: + description: TLSTermination configuration for this module set + properties: + minVersion: + description: MinVersion is the minimum TLS version to allow for + connections to the edge + type: string + terminateAt: + description: |- + TerminateAt determines where the TLS connection should be terminated. + "edge" if the ngrok edge should terminate TLS traffic, "upstream" if TLS + traffic should be passed through to the upstream ngrok agent / + application server for termination. + type: string + type: object + webhookVerification: + description: WebhookVerification configuration for this module set + properties: + provider: + description: |- + a string indicating which webhook provider will be sending webhooks to this + endpoint. Value must be one of the supported providers defined at + https://ngrok.com/docs/http/webhook-verification/#supported-providers + type: string + secret: + description: |- + SecretRef is a reference to a secret containing the secret used to validate + requests from the given provider. All providers except AWS SNS require a secret + properties: + key: + description: Key in the secret to use + type: string + name: + description: Name of the Kubernetes secret + type: string + type: object + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +# Source: ngrok-operator/templates/crds/ingress.k8s.ngrok.com_tcpedges.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.9.2 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: tcpedges.ingress.k8s.ngrok.com spec: group: ingress.k8s.ngrok.com @@ -521,14 +2359,19 @@ spec: description: TCPEdge is the Schema for the tcpedges API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -536,7 +2379,8 @@ spec: description: TCPEdgeSpec defines the desired state of TCPEdge properties: backend: - description: Backend is the definition for the tunnel group backend + description: |- + Backend is the definition for the tunnel group backend that serves traffic for this edge properties: description: @@ -561,7 +2405,7 @@ spec: in the ngrok API/Dashboard type: string ipRestriction: - description: IPRestriction is an IPRestriction to apply to this route + description: IPRestriction is an IPRestriction to apply to this edge properties: policies: items: @@ -573,18 +2417,191 @@ spec: description: Metadata is a string of arbitrary data associated with the object in the ngrok API/Dashboard type: string + policy: + description: raw json policy string that was applied to the ngrok + API + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + status: + description: TCPEdgeStatus defines the observed state of TCPEdge + properties: + backend: + description: |- + Backend stores the status of the tunnel group backend, + mainly the ID of the backend + properties: + id: + description: ID is the unique identifier for this backend + type: string + type: object + hostports: + description: Hostports served by this edge + items: + type: string + type: array + id: + description: ID is the unique identifier for this edge + type: string + uri: + description: URI is the URI of the edge + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +# Source: ngrok-operator/templates/crds/ingress.k8s.ngrok.com_tlsedges.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.14.0 + name: tlsedges.ingress.k8s.ngrok.com +spec: + group: ingress.k8s.ngrok.com + names: + kind: TLSEdge + listKind: TLSEdgeList + plural: tlsedges + singular: tlsedge + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Domain ID + jsonPath: .status.id + name: ID + type: string + - description: Hostports + jsonPath: .status.hostports + name: Hostports + type: string + - description: Tunnel Group Backend ID + jsonPath: .status.backend.id + name: Backend ID + type: string + - description: Age + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: TLSEdge is the Schema for the tlsedges API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: TLSEdgeSpec defines the desired state of TLSEdge + properties: + backend: + description: |- + Backend is the definition for the tunnel group backend + that serves traffic for this edge + properties: + description: + default: Created by kubernetes-ingress-controller + description: Description is a human-readable description of the + object in the ngrok API/Dashboard + type: string + labels: + additionalProperties: + type: string + description: Labels to watch for tunnels on this backend + type: object + metadata: + default: '{"owned-by":"kubernetes-ingress-controller"}' + description: Metadata is a string of arbitrary data associated + with the object in the ngrok API/Dashboard + type: string + type: object + description: + default: Created by kubernetes-ingress-controller + description: Description is a human-readable description of the object + in the ngrok API/Dashboard + type: string + hostports: + description: Hostports is a list of hostports served by this edge + items: + type: string + type: array + ipRestriction: + description: IPRestriction is an IPRestriction to apply to this edge + properties: + policies: + items: + type: string + type: array + type: object + metadata: + default: '{"owned-by":"kubernetes-ingress-controller"}' + description: Metadata is a string of arbitrary data associated with + the object in the ngrok API/Dashboard + type: string + mutualTls: + properties: + certificateAuthorities: + description: |- + List of CA IDs that will be used to validate incoming connections to the + edge. + items: + type: string + type: array + type: object + policy: + description: raw json policy string that was applied to the ngrok + API + type: object + x-kubernetes-preserve-unknown-fields: true + tlsTermination: + properties: + minVersion: + description: MinVersion is the minimum TLS version to allow for + connections to the edge + type: string + terminateAt: + description: |- + TerminateAt determines where the TLS connection should be terminated. + "edge" if the ngrok edge should terminate TLS traffic, "upstream" if TLS + traffic should be passed through to the upstream ngrok agent / + application server for termination. + type: string + type: object type: object status: - description: TCPEdgeStatus defines the observed state of TCPEdge + description: TLSEdgeStatus defines the observed state of TLSEdge properties: backend: - description: Backend stores the status of the tunnel group backend, + description: |- + Backend stores the status of the tunnel group backend, mainly the ID of the backend properties: id: description: ID is the unique identifier for this backend type: string type: object + cnameTargets: + additionalProperties: + type: string + description: Map of hostports to the ngrok assigned CNAME targets + type: object hostports: description: Hostports served by this edge items: @@ -603,13 +2620,12 @@ spec: subresources: status: {} --- -# Source: kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_tunnels.yaml +# Source: ngrok-operator/templates/crds/ingress.k8s.ngrok.com_tunnels.yaml apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.9.2 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: tunnels.ingress.k8s.ngrok.com spec: group: ingress.k8s.ngrok.com @@ -635,20 +2651,35 @@ spec: description: Tunnel is the Schema for the tunnels API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: TunnelSpec defines the desired state of Tunnel properties: + appProtocol: + description: The appProtocol for the backend. Currently only supports + `http2` + type: string + backend: + description: The configuration for backend connections to services + properties: + protocol: + type: string + type: object forwardsTo: description: ForwardsTo is the name and port of the service to forward traffic to @@ -668,7 +2699,70 @@ spec: subresources: status: {} --- -# Source: kubernetes-ingress-controller/templates/controller-rbac.yaml +# Source: ngrok-operator/templates/crds/ngrok.k8s.ngrok.com_ngroktrafficpolicies.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.14.0 + name: ngroktrafficpolicies.ngrok.k8s.ngrok.com +spec: + group: ngrok.k8s.ngrok.com + names: + kind: NgrokTrafficPolicy + listKind: NgrokTrafficPolicyList + plural: ngroktrafficpolicies + singular: ngroktrafficpolicy + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: NgrokTrafficPolicy is the Schema for the ngroktrafficpolicies + API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: NgrokTrafficPolicySpec defines the desired state of NgrokTrafficPolicy + properties: + policy: + description: The raw json encoded policy that was applied to the ngrok + API + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + status: + description: NgrokTrafficPolicyStatus defines the observed state of NgrokTrafficPolicy + properties: + policy: + description: The raw json encoded policy that was applied to the ngrok + API + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +# Source: ngrok-operator/templates/controller-rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: @@ -687,20 +2781,20 @@ rules: verbs: - create --- -# Source: kubernetes-ingress-controller/templates/rbac/domain_editor_role.yaml +# Source: ngrok-operator/templates/rbac/domain_editor_role.yaml # permissions for end users to edit domains. apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: - helm.sh/chart: kubernetes-ingress-controller-0.5.0 - app.kubernetes.io/name: kubernetes-ingress-controller - app.kubernetes.io/instance: ingress-controller - app.kubernetes.io/version: "0.3.0" - app.kubernetes.io/part-of: kubernetes-ingress-controller + helm.sh/chart: ngrok-operator-0.15.0 + app.kubernetes.io/name: ngrok-operator + app.kubernetes.io/instance: ngrok-operator + app.kubernetes.io/version: "0.12.2" + app.kubernetes.io/part-of: ngrok-operator app.kubernetes.io/managed-by: Helm app.kubernetes.io/component: rbac - name: ingress-controller-kubernetes-ingress-controller-domain-editor-role + name: ngrok-operator-domain-editor-role rules: - apiGroups: - ingress.k8s.ngrok.com @@ -721,20 +2815,20 @@ rules: verbs: - get --- -# Source: kubernetes-ingress-controller/templates/rbac/domain_viewer_role.yaml +# Source: ngrok-operator/templates/rbac/domain_viewer_role.yaml # permissions for end users to view domains. apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: - helm.sh/chart: kubernetes-ingress-controller-0.5.0 - app.kubernetes.io/name: kubernetes-ingress-controller - app.kubernetes.io/instance: ingress-controller - app.kubernetes.io/version: "0.3.0" - app.kubernetes.io/part-of: kubernetes-ingress-controller + helm.sh/chart: ngrok-operator-0.15.0 + app.kubernetes.io/name: ngrok-operator + app.kubernetes.io/instance: ngrok-operator + app.kubernetes.io/version: "0.12.2" + app.kubernetes.io/part-of: ngrok-operator app.kubernetes.io/managed-by: Helm app.kubernetes.io/component: rbac - name: ingress-controller-kubernetes-ingress-controller-domain-viewer-role + name: ngrok-operator-domain-viewer-role rules: - apiGroups: - ingress.k8s.ngrok.com @@ -751,7 +2845,7 @@ rules: verbs: - get --- -# Source: kubernetes-ingress-controller/templates/rbac/httpsedge_editor_role.yaml +# Source: ngrok-operator/templates/rbac/httpsedge_editor_role.yaml # permissions for end users to edit httpsedges. apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -784,7 +2878,7 @@ rules: verbs: - get --- -# Source: kubernetes-ingress-controller/templates/rbac/httpsedge_viewer_role.yaml +# Source: ngrok-operator/templates/rbac/httpsedge_viewer_role.yaml # permissions for end users to view httpsedges. apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -813,7 +2907,7 @@ rules: verbs: - get --- -# Source: kubernetes-ingress-controller/templates/rbac/ippolicy_editor_role.yaml +# Source: ngrok-operator/templates/rbac/ippolicy_editor_role.yaml # permissions for end users to edit ippolicies. apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -846,7 +2940,7 @@ rules: verbs: - get --- -# Source: kubernetes-ingress-controller/templates/rbac/ippolicy_viewer_role.yaml +# Source: ngrok-operator/templates/rbac/ippolicy_viewer_role.yaml # permissions for end users to view ippolicies. apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -875,12 +2969,73 @@ rules: verbs: - get --- -# Source: kubernetes-ingress-controller/templates/rbac/role.yaml +# Source: ngrok-operator/templates/rbac/ngrokmoduleset_editor_role.yaml +# permissions for end users to edit ngrokmodulesets. apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - creationTimestamp: null - name: ngrok-ingress-controller-manager-role + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: ngrokmoduleset-editor-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: ngrok-operator + app.kubernetes.io/part-of: ngrok-operator + app.kubernetes.io/managed-by: kustomize + name: ngrokmoduleset-editor-role +rules: +- apiGroups: + - ingress.k8s.ngrok.com + resources: + - ngrokmodulesets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - ingress.k8s.ngrok.com + resources: + - ngrokmodulesets/status + verbs: + - get +--- +# Source: ngrok-operator/templates/rbac/ngrokmoduleset_viewer_role.yaml +# permissions for end users to view ngrokmodulesets. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: ngrokmoduleset-viewer-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: ngrok-operator + app.kubernetes.io/part-of: ngrok-operator + app.kubernetes.io/managed-by: kustomize + name: ngrokmoduleset-viewer-role +rules: +- apiGroups: + - ingress.k8s.ngrok.com + resources: + - ngrokmodulesets + verbs: + - get + - list + - watch +- apiGroups: + - ingress.k8s.ngrok.com + resources: + - ngrokmodulesets/status + verbs: + - get +--- +# Source: ngrok-operator/templates/rbac/role.yaml +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: ngrok-operator-manager-role rules: - apiGroups: - "" @@ -900,6 +3055,15 @@ rules: verbs: - create - patch +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - update + - watch - apiGroups: - "" resources: @@ -908,6 +3072,79 @@ rules: - get - list - watch +- apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - update + - watch +- apiGroups: + - "" + resources: + - services/status + verbs: + - get + - list + - patch + - update + - watch +- apiGroups: + - gateway.networking.k8s.io + resources: + - gatewayclasses + verbs: + - get + - list + - update + - watch +- apiGroups: + - gateway.networking.k8s.io + resources: + - gatewayclasses/status + verbs: + - get + - list + - update + - watch +- apiGroups: + - gateway.networking.k8s.io + resources: + - gateways + verbs: + - get + - list + - update + - watch +- apiGroups: + - gateway.networking.k8s.io + resources: + - gateways/status + verbs: + - get + - list + - update + - watch +- apiGroups: + - gateway.networking.k8s.io + resources: + - httproutes + verbs: + - get + - list + - update + - watch +- apiGroups: + - gateway.networking.k8s.io + resources: + - httproutes/status + verbs: + - get + - list + - update + - watch - apiGroups: - ingress.k8s.ngrok.com resources: @@ -986,6 +3223,14 @@ rules: - get - patch - update +- apiGroups: + - ingress.k8s.ngrok.com + resources: + - ngrokmodulesets + verbs: + - get + - list + - watch - apiGroups: - ingress.k8s.ngrok.com resources: @@ -1012,6 +3257,32 @@ rules: - get - patch - update +- apiGroups: + - ingress.k8s.ngrok.com + resources: + - tlsedges + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - ingress.k8s.ngrok.com + resources: + - tlsedges/finalizers + verbs: + - update +- apiGroups: + - ingress.k8s.ngrok.com + resources: + - tlsedges/status + verbs: + - get + - patch + - update - apiGroups: - ingress.k8s.ngrok.com resources: @@ -1064,8 +3335,34 @@ rules: - list - update - watch +- apiGroups: + - ngrok.k8s.ngrok.com + resources: + - ngroktrafficpolicies + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - ngrok.k8s.ngrok.com + resources: + - ngroktrafficpolicies/finalizers + verbs: + - update +- apiGroups: + - ngrok.k8s.ngrok.com + resources: + - ngroktrafficpolicies/status + verbs: + - get + - patch + - update --- -# Source: kubernetes-ingress-controller/templates/rbac/tcpedge_editor_role.yaml +# Source: ngrok-operator/templates/rbac/tcpedge_editor_role.yaml # permissions for end users to edit tcpedges. apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -1098,7 +3395,7 @@ rules: verbs: - get --- -# Source: kubernetes-ingress-controller/templates/rbac/tcpedge_viewer_role.yaml +# Source: ngrok-operator/templates/rbac/tcpedge_viewer_role.yaml # permissions for end users to view tcpedges. apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -1127,20 +3424,82 @@ rules: verbs: - get --- -# Source: kubernetes-ingress-controller/templates/rbac/tunnel_editor_role.yaml +# Source: ngrok-operator/templates/rbac/tlsedge_editor_role.yaml +# permissions for end users to edit tlsedges. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: tlsedge-editor-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: ngrok-ingress-controller + app.kubernetes.io/part-of: ngrok-ingress-controller + app.kubernetes.io/managed-by: kustomize + name: tlsedge-editor-role +rules: +- apiGroups: + - ingress.k8s.ngrok.com + resources: + - tlsedges + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - ingress.k8s.ngrok.com + resources: + - tlsedges/status + verbs: + - get +--- +# Source: ngrok-operator/templates/rbac/tlsedge_viewer_role.yaml +# permissions for end users to view tlsedges. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: tlsedge-viewer-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: ngrok-ingress-controller + app.kubernetes.io/part-of: ngrok-ingress-controller + app.kubernetes.io/managed-by: kustomize + name: tlsedge-viewer-role +rules: +- apiGroups: + - ingress.k8s.ngrok.com + resources: + - tlsedges + verbs: + - get + - list + - watch +- apiGroups: + - ingress.k8s.ngrok.com + resources: + - tlsedges/status + verbs: + - get +--- +# Source: ngrok-operator/templates/rbac/tunnel_editor_role.yaml # permissions for end users to edit tunnels. apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: - helm.sh/chart: kubernetes-ingress-controller-0.5.0 - app.kubernetes.io/name: kubernetes-ingress-controller - app.kubernetes.io/instance: ingress-controller - app.kubernetes.io/version: "0.3.0" - app.kubernetes.io/part-of: kubernetes-ingress-controller + helm.sh/chart: ngrok-operator-0.15.0 + app.kubernetes.io/name: ngrok-operator + app.kubernetes.io/instance: ngrok-operator + app.kubernetes.io/version: "0.12.2" + app.kubernetes.io/part-of: ngrok-operator app.kubernetes.io/managed-by: Helm app.kubernetes.io/component: rbac - name: ingress-controller-kubernetes-ingress-controller-tunnel-editor-role + name: ngrok-operator-tunnel-editor-role rules: - apiGroups: - ingress.k8s.ngrok.com @@ -1161,20 +3520,20 @@ rules: verbs: - get --- -# Source: kubernetes-ingress-controller/templates/rbac/tunnel_viewer_role.yaml +# Source: ngrok-operator/templates/rbac/tunnel_viewer_role.yaml # permissions for end users to view tunnels. apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: - helm.sh/chart: kubernetes-ingress-controller-0.5.0 - app.kubernetes.io/name: kubernetes-ingress-controller - app.kubernetes.io/instance: ingress-controller - app.kubernetes.io/version: "0.3.0" - app.kubernetes.io/part-of: kubernetes-ingress-controller + helm.sh/chart: ngrok-operator-0.15.0 + app.kubernetes.io/name: ngrok-operator + app.kubernetes.io/instance: ngrok-operator + app.kubernetes.io/version: "0.12.2" + app.kubernetes.io/part-of: ngrok-operator app.kubernetes.io/managed-by: Helm app.kubernetes.io/component: rbac - name: ingress-controller-kubernetes-ingress-controller-tunnel-viewer-role + name: ngrok-operator-tunnel-viewer-role rules: - apiGroups: - ingress.k8s.ngrok.com @@ -1191,7 +3550,7 @@ rules: verbs: - get --- -# Source: kubernetes-ingress-controller/templates/controller-rbac.yaml +# Source: ngrok-operator/templates/controller-rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: @@ -1202,10 +3561,10 @@ roleRef: name: ngrok-ingress-controller-manager-role subjects: - kind: ServiceAccount - name: ingress-controller-kubernetes-ingress-controller - namespace: ngrok-ingress-controller + name: ngrok-operator + namespace: ngrok-operator --- -# Source: kubernetes-ingress-controller/templates/controller-rbac.yaml +# Source: ngrok-operator/templates/controller-rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: @@ -1216,15 +3575,15 @@ roleRef: name: ngrok-ingress-controller-proxy-role subjects: - kind: ServiceAccount - name: ingress-controller-kubernetes-ingress-controller - namespace: ngrok-ingress-controller + name: ngrok-operator + namespace: ngrok-operator --- -# Source: kubernetes-ingress-controller/templates/controller-rbac.yaml +# Source: ngrok-operator/templates/controller-rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: ngrok-ingress-controller-leader-election-role - namespace: ngrok-ingress-controller + namespace: ngrok-operator rules: - apiGroups: - "" @@ -1258,69 +3617,91 @@ rules: - create - patch --- -# Source: kubernetes-ingress-controller/templates/controller-rbac.yaml +# Source: ngrok-operator/templates/controller-rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: ngrok-ingress-controller-leader-election-rolebinding - namespace: ngrok-ingress-controller + namespace: ngrok-operator roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: ngrok-ingress-controller-leader-election-role subjects: - kind: ServiceAccount - name: ingress-controller-kubernetes-ingress-controller - namespace: ngrok-ingress-controller + name: ngrok-operator + namespace: ngrok-operator --- -# Source: kubernetes-ingress-controller/templates/controller-deployment.yaml +# Source: ngrok-operator/templates/controller-deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: labels: - helm.sh/chart: kubernetes-ingress-controller-0.5.0 - app.kubernetes.io/name: kubernetes-ingress-controller - app.kubernetes.io/instance: ingress-controller - app.kubernetes.io/version: "0.3.0" - app.kubernetes.io/part-of: kubernetes-ingress-controller + helm.sh/chart: ngrok-operator-0.15.0 + app.kubernetes.io/name: ngrok-operator + app.kubernetes.io/instance: ngrok-operator + app.kubernetes.io/version: "0.12.2" + app.kubernetes.io/part-of: ngrok-operator app.kubernetes.io/managed-by: Helm app.kubernetes.io/component: controller - name: ingress-controller-kubernetes-ingress-controller-manager - namespace: ngrok-ingress-controller + name: ngrok-operator-manager + namespace: ngrok-operator annotations: - checksum/agent-config: 1012a0f3f4132751a558b1db2df58aab89fc9cf8a7f75a51ab84ffecf7ec9d71 - checksum/controller-role: e82dcab3ad4d03739f251c7b07a2af02c401d664726314ec52eefc966f8d7c60 - checksum/rbac: ab5761a6b6e49df659299bec762a096c25634370afc20485d4b5f4befcda2504 + checksum/controller-role: ed37888050e245ffd6475cd4ffdb4f441de1c6be6c4f398ca6cc7f67b77cf8c3 + checksum/rbac: 23ce04dfd4dc3a00a0ffdf26cde962c673175d116e34684e09fae5cc12bae4e6 spec: replicas: 1 selector: matchLabels: - app.kubernetes.io/name: kubernetes-ingress-controller - app.kubernetes.io/instance: ingress-controller + app.kubernetes.io/name: ngrok-operator + app.kubernetes.io/instance: ngrok-operator app.kubernetes.io/component: controller template: metadata: annotations: - kubectl.kubernetes.io/default-container: manager prometheus.io/path: /metrics prometheus.io/port: '8080' prometheus.io/scrape: 'true' + checksum/controller-role: ed37888050e245ffd6475cd4ffdb4f441de1c6be6c4f398ca6cc7f67b77cf8c3 + checksum/rbac: 23ce04dfd4dc3a00a0ffdf26cde962c673175d116e34684e09fae5cc12bae4e6 + checksum/secret: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b labels: - app.kubernetes.io/name: kubernetes-ingress-controller - app.kubernetes.io/instance: ingress-controller + app.kubernetes.io/name: ngrok-operator + app.kubernetes.io/instance: ngrok-operator app.kubernetes.io/component: controller spec: - serviceAccountName: ingress-controller-kubernetes-ingress-controller + affinity: + podAffinity: + + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/instance: ngrok-operator + app.kubernetes.io/name: ngrok-operator + app.kubernetes.io/component: controller + topologyKey: kubernetes.io/hostname + weight: 1 + nodeAffinity: + + serviceAccountName: ngrok-operator containers: - name: ngrok-ingress-controller - image: docker.io/ngrok/kubernetes-ingress-controller:latest + image: docker.io/ngrok/ngrok-operator:0.12.2 imagePullPolicy: IfNotPresent command: - /manager args: + - --controller-name=k8s.ngrok.com/ingress-controller + - --zap-log-level=info + - --zap-stacktrace-level=error + - --zap-encoder=json - --health-probe-bind-address=:8081 - --metrics-bind-address=:8080 - - --election-id=ingress-controller-kubernetes-ingress-controller-leader + - --election-id=ngrok-operator-leader + - --manager-name=ngrok-operator-manager + - --cluster-domain=svc.cluster.local securityContext: allowPrivilegeEscalation: false env: @@ -1328,12 +3709,12 @@ spec: valueFrom: secretKeyRef: key: API_KEY - name: ngrok-ingress-controller-credentials + name: ngrok-operator-credentials - name: NGROK_AUTHTOKEN valueFrom: secretKeyRef: key: AUTHTOKEN - name: ngrok-ingress-controller-credentials + name: ngrok-operator-credentials - name: POD_NAMESPACE valueFrom: fieldRef: @@ -1354,16 +3735,16 @@ spec: limits: {} requests: {} --- -# Source: kubernetes-ingress-controller/templates/ingress-class.yaml +# Source: ngrok-operator/templates/ingress-class.yaml apiVersion: networking.k8s.io/v1 kind: IngressClass metadata: labels: - helm.sh/chart: kubernetes-ingress-controller-0.5.0 - app.kubernetes.io/name: kubernetes-ingress-controller - app.kubernetes.io/instance: ingress-controller - app.kubernetes.io/version: "0.3.0" - app.kubernetes.io/part-of: kubernetes-ingress-controller + helm.sh/chart: ngrok-operator-0.15.0 + app.kubernetes.io/name: ngrok-operator + app.kubernetes.io/instance: ngrok-operator + app.kubernetes.io/version: "0.12.2" + app.kubernetes.io/part-of: ngrok-operator app.kubernetes.io/managed-by: Helm app.kubernetes.io/component: controller name: ngrok diff --git a/pkg/tunneldriver/driver.go b/pkg/tunneldriver/driver.go index 4ea2f6b2..cc32bae9 100644 --- a/pkg/tunneldriver/driver.go +++ b/pkg/tunneldriver/driver.go @@ -15,8 +15,8 @@ import ( "sync/atomic" "github.com/go-logr/logr" - ingressv1alpha1 "github.com/ngrok/kubernetes-ingress-controller/api/ingress/v1alpha1" - "github.com/ngrok/kubernetes-ingress-controller/internal/version" + ingressv1alpha1 "github.com/ngrok/ngrok-operator/api/ingress/v1alpha1" + "github.com/ngrok/ngrok-operator/internal/version" "golang.org/x/exp/maps" "golang.org/x/sync/errgroup" "sigs.k8s.io/controller-runtime/pkg/log" @@ -87,7 +87,7 @@ func New(ctx context.Context, logger logr.Logger, opts TunnelDriverOpts) (*Tunne } } connOpts := []ngrok.ConnectOption{ - ngrok.WithClientInfo("ngrok-ingress-controller", version.GetVersion(), comments...), + ngrok.WithClientInfo("ngrok-operator", version.GetVersion(), comments...), ngrok.WithAuthtokenFromEnv(), ngrok.WithLogger(k8sLogger{logger}), } diff --git a/pkg/tunneldriver/driver_test.go b/pkg/tunneldriver/driver_test.go index 21c21405..4c9037bd 100644 --- a/pkg/tunneldriver/driver_test.go +++ b/pkg/tunneldriver/driver_test.go @@ -8,7 +8,7 @@ import ( "testing" "github.com/golang/mock/gomock" - "github.com/ngrok/kubernetes-ingress-controller/internal/mocks" + "github.com/ngrok/ngrok-operator/internal/mocks" ) func TestConnectionIsClosed(t *testing.T) { diff --git a/scripts/e2e.sh b/scripts/e2e.sh index 3c40aabc..0c345bd6 100755 --- a/scripts/e2e.sh +++ b/scripts/e2e.sh @@ -2,7 +2,7 @@ set -eu -o pipefail -namespace='ngrok-ingress-controller' +namespace='ngrok-operator' kubectl config set-context --current --namespace=$namespace # TODO: Use ngrok cli api to delete all edges owned by the ingress controller @@ -20,12 +20,12 @@ done ./scripts/cleanup-fixtures.sh -echo "~~~ Cleaning up previous deploy of ngrok-ingress-controller" +echo "~~~ Cleaning up previous deploy of ngrok-operator" make undeploy || true ./scripts/remove-finalizers.sh -echo "--- Deploying ngrok-ingress-controller" +echo "--- Deploying ngrok-operator" make deploy ./scripts/create-fixtures.sh diff --git a/scripts/postflight.sh b/scripts/postflight.sh index f831493f..0d153040 100755 --- a/scripts/postflight.sh +++ b/scripts/postflight.sh @@ -2,7 +2,7 @@ set -eu -o pipefail -namespace='ngrok-ingress-controller' +namespace='ngrok-operator' kubectl config set-context --current --namespace=$namespace # Run tests