diff --git a/.gitignore b/.gitignore index ac840e2c2..dff5db76f 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,4 @@ # Binaries for programs and plugins -addon-manager *.exe *.dll *.so diff --git a/build/Dockerfile b/build/Dockerfile deleted file mode 100644 index de6258640..000000000 --- a/build/Dockerfile +++ /dev/null @@ -1,16 +0,0 @@ -FROM golang:1.20-bullseye AS builder -ARG OS=linux -ARG ARCH=amd64 -WORKDIR /go/src/open-cluster-management.io/addon-framework -COPY . . -ENV GO_PACKAGE open-cluster-management.io/addon-framework - -RUN GOOS=${OS} \ - GOARCH=${ARCH} \ - make build --warn-undefined-variables - -FROM registry.access.redhat.com/ubi8/ubi-minimal:latest -ENV USER_UID=10001 -COPY --from=builder /go/src/open-cluster-management.io/addon-framework/addon-manager / - -USER ${USER_UID} diff --git a/deploy/kustomization.yaml b/deploy/kustomization.yaml deleted file mode 100644 index 6839a9967..000000000 --- a/deploy/kustomization.yaml +++ /dev/null @@ -1,14 +0,0 @@ -namespace: open-cluster-management-hub - -resources: - - resources/cluster_role_binding.yaml - - resources/cluster_role.yaml - - resources/manager_deployment.yaml - - resources/service_account.yaml - -images: - - name: quay.io/open-cluster-management/addon-manager:latest - newName: quay.io/open-cluster-management/addon-manager - newTag: latest -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization diff --git a/deploy/resources/cluster_role.yaml b/deploy/resources/cluster_role.yaml deleted file mode 100644 index f88ea3651..000000000 --- a/deploy/resources/cluster_role.yaml +++ /dev/null @@ -1,58 +0,0 @@ - kind: ClusterRole - apiVersion: rbac.authorization.k8s.io/v1 - metadata: - name: addon-manager - rules: - - apiGroups: [""] - resources: ["configmaps", "events"] - verbs: ["get", "list", "watch", "create", "update", "delete", "deletecollection", "patch"] - - apiGroups: ["coordination.k8s.io"] - resources: ["leases"] - verbs: ["get", "list", "watch", "create", "update", "patch"] - - apiGroups: ["authorization.k8s.io"] - resources: ["subjectaccessreviews"] - verbs: ["get", "create"] - - apiGroups: ["cluster.open-cluster-management.io"] - resources: ["managedclusters", "placements", "placementdecisions"] - verbs: ["get", "list", "watch"] - - apiGroups: ["addon.open-cluster-management.io"] - resources: ["managedclusteraddons/finalizers"] - verbs: ["update"] - - apiGroups: [ "addon.open-cluster-management.io" ] - resources: [ "clustermanagementaddons/finalizers" ] - verbs: [ "update" ] - - apiGroups: [ "addon.open-cluster-management.io" ] - resources: [ "clustermanagementaddons/status" ] - verbs: ["update", "patch"] - - apiGroups: ["addon.open-cluster-management.io"] - resources: ["clustermanagementaddons"] - verbs: ["get", "list", "watch"] - - apiGroups: ["addon.open-cluster-management.io"] - resources: ["managedclusteraddons"] - verbs: ["get", "list", "watch", "create", "update", "delete"] - - apiGroups: ["addon.open-cluster-management.io"] - resources: ["managedclusteraddons/status"] - verbs: ["update", "patch"] - - apiGroups: ["addon.open-cluster-management.io"] - resources: ["addontemplates", "addondeploymentconfigs"] - verbs: ["get", "list", "watch"] - - apiGroups: ["work.open-cluster-management.io"] - resources: ["manifestworks"] - verbs: ["get", "list", "watch", "create", "update", "delete", "patch"] - # addon template controller needs these permissions to approve CSR - - apiGroups: ["certificates.k8s.io"] - resources: ["certificatesigningrequests"] - verbs: ["create", "get", "list", "watch"] - - apiGroups: ["certificates.k8s.io"] - resources: ["certificatesigningrequests/approval", "certificatesigningrequests/status"] - verbs: ["update"] - - apiGroups: ["certificates.k8s.io"] - resources: ["signers"] - verbs: ["approve", "sign"] - - apiGroups: ["rbac.authorization.k8s.io"] - resources: ["rolebindings"] - verbs: ["get", "list", "watch", "create", "delete"] - # addon template controller needs these permissions to sign CA - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get"] diff --git a/deploy/resources/cluster_role_binding.yaml b/deploy/resources/cluster_role_binding.yaml deleted file mode 100644 index d1bc358a3..000000000 --- a/deploy/resources/cluster_role_binding.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: addon-manager -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: addon-manager -subjects: - - kind: ServiceAccount - name: addon-manager-sa - namespace: open-cluster-management-hub diff --git a/deploy/resources/manager_deployment.yaml b/deploy/resources/manager_deployment.yaml deleted file mode 100644 index 83e31c40a..000000000 --- a/deploy/resources/manager_deployment.yaml +++ /dev/null @@ -1,31 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: addon-manager-controller - labels: - app: addon-manager-controller -spec: - replicas: 1 - selector: - matchLabels: - app: addon-manager-controller - template: - metadata: - labels: - app: addon-manager-controller - spec: - serviceAccountName: addon-manager-sa - containers: - - name: addon-manager-controller - image: quay.io/open-cluster-management/addon-manager:latest - imagePullPolicy: IfNotPresent - args: - - "/addon-manager" - - "manager" - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - privileged: false - runAsNonRoot: true \ No newline at end of file diff --git a/deploy/resources/service_account.yaml b/deploy/resources/service_account.yaml deleted file mode 100644 index bb18b4490..000000000 --- a/deploy/resources/service_account.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: addon-manager-sa