Skip to content

Commit

Permalink
Merge pull request #99 from awslabs/change/static-variable
Browse files Browse the repository at this point in the history 
Change static variable starting field to `schema`
  • Loading branch information
@a-hilaly
a-hilaly authored Nov 9, 2024
2 parents b4cb7c2 + 50dcb66 commit 298fbf9
Show file tree
Hide file tree
Showing 39 changed files with 463 additions and 458 deletions.
1 change: 0 additions & 1 deletion api/v1alpha1/groupversion_info.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,6 @@
package v1alpha1

import (

"k8s.io/apimachinery/pkg/runtime/schema"
"sigs.k8s.io/controller-runtime/pkg/scheme"
)
Expand Down
74 changes: 37 additions & 37 deletions examples/ack-controller/ec2-controller/ec2-controller.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,31 +42,31 @@ spec:
apiVersion: kro.run/v1alpha1
kind: EC2CRDGroup
metadata:
name: ${spec.name}-crd-group
name: ${schema.spec.name}-crd-group
spec:
name: ${spec.name}-crd-group
name: ${schema.spec.name}-crd-group
- name: ec2ControllerIamRole
template:
apiVersion: iam.services.k8s.aws/v1alpha1
kind: Role
metadata:
name: ${spec.name}-iam-role
namespace: ${spec.namespace}
name: ${schema.spec.name}-iam-role
namespace: ${schema.spec.namespace}
spec:
name: ${spec.name}-iam-role
description: ${spec.values.iamRole.roleDescription}
maxSessionDuration: ${spec.values.iamRole.maxSessionDuration}
name: ${schema.spec.name}-iam-role
description: ${schema.spec.values.iamRole.roleDescription}
maxSessionDuration: ${schema.spec.values.iamRole.maxSessionDuration}
policies:
- arn:aws:iam::aws:policy/AmazonEC2FullAccess
assumeRolePolicyDocument: >
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Principal": {"Federated": "arn:aws:iam::${spec.values.aws.accountID}:oidc-provider/${spec.values.iamRole.oidcProvider}"},
"Principal": {"Federated": "arn:aws:iam::${schema.spec.values.aws.accountID}:oidc-provider/${schema.spec.values.iamRole.oidcProvider}"},
"Action": "sts:AssumeRoleWithWebIdentity",
"Condition": {
"StringEquals": {"${spec.values.iamRole.oidcProvider}:sub": "system:serviceaccount:${spec.namespace}:${spec.values.serviceAccount.name}"}
"StringEquals": {"${schema.spec.values.iamRole.oidcProvider}:sub": "system:serviceaccount:${schema.spec.namespace}:${schema.spec.values.serviceAccount.name}"}
}
}]
}
Expand All @@ -75,75 +75,75 @@ spec:
apiVersion: v1
kind: ServiceAccount
metadata:
name: ${spec.values.serviceAccount.name}
namespace: ${spec.namespace}
name: ${schema.spec.values.serviceAccount.name}
namespace: ${schema.spec.namespace}
annotations:
eks.amazonaws.com/role-arn: ${ec2ControllerIamRole.status.ackResourceMetadata.arn}
- name: deployment
template:
apiVersion: apps/v1
kind: Deployment
metadata:
name: ${spec.name}-deployment
namespace: ${spec.namespace}
name: ${schema.spec.name}-deployment
namespace: ${schema.spec.namespace}
labels:
app.kubernetes.io.name: ${spec.name}-deployment
app.kubernetes.io.instance: ${spec.name}
app.kubernetes.io.name: ${schema.spec.name}-deployment
app.kubernetes.io.instance: ${schema.spec.name}
spec:
replicas: ${spec.values.deployment.replicas}
replicas: ${schema.spec.values.deployment.replicas}
selector:
matchLabels:
app.kubernetes.io.name: ${spec.name}-deployment
app.kubernetes.io.instance: ${spec.name}
app.kubernetes.io.name: ${schema.spec.name}-deployment
app.kubernetes.io.instance: ${schema.spec.name}
template:
metadata:
labels:
app.kubernetes.io.name: ${spec.name}-deployment
app.kubernetes.io.instance: ${spec.name}
app.kubernetes.io.name: ${schema.spec.name}-deployment
app.kubernetes.io.instance: ${schema.spec.name}
spec:
serviceAccountName: ${serviceAccount.metadata.name}
containers:
- command:
- ./bin/controller
args:
- --aws-region
- ${spec.values.aws.region}
- --enable-development-logging=${spec.values.log.enabled}
- ${schema.spec.values.aws.region}
- --enable-development-logging=${schema.spec.values.log.enabled}
- --log-level
- ${spec.values.log.level}
- ${schema.spec.values.log.level}
- --deletion-policy
- ${spec.values.image.deletePolicy}
- ${schema.spec.values.image.deletePolicy}
- --watch-namespace
- ${spec.namespace}
image: ${spec.values.image.repository}:${spec.values.image.tag}
- ${schema.spec.namespace}
image: ${schema.spec.values.image.repository}:${schema.spec.values.image.tag}
name: controller
ports:
- name: http
containerPort: ${spec.values.deployment.containerPort}
containerPort: ${schema.spec.values.deployment.containerPort}
resources:
requests:
memory: ${spec.values.image.resources.requests.memory}
cpu: ${spec.values.image.resources.requests.cpu}
memory: ${schema.spec.values.image.resources.requests.memory}
cpu: ${schema.spec.values.image.resources.requests.cpu}
limits:
memory: ${spec.values.image.resources.limits.memory}
cpu: ${spec.values.image.resources.limits.cpu}
memory: ${schema.spec.values.image.resources.limits.memory}
cpu: ${schema.spec.values.image.resources.limits.cpu}
env:
- name: ACK_SYSTEM_NAMESPACE
value: ${spec.namespace}
value: ${schema.spec.namespace}
- name: AWS_REGION
value: ${spec.values.aws.region}
value: ${schema.spec.values.aws.region}
- name: DELETE_POLICY
value: ${spec.values.image.deletePolicy}
value: ${schema.spec.values.image.deletePolicy}
- name: ACK_LOG_LEVEL
value: ${spec.values.log.level}
value: ${schema.spec.values.log.level}
ports:
- containerPort: 80
- name: clusterRoleBinding
template:
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: ${spec.name}-clusterrolebinding
name: ${schema.spec.name}-clusterrolebinding
roleRef:
kind: ClusterRole
apiGroup: rbac.authorization.k8s.io
Expand All @@ -157,7 +157,7 @@ spec:
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: ${spec.name}-clusterrole
name: ${schema.spec.name}-clusterrole
rules:
- apiGroups:
- ""
Expand Down
80 changes: 40 additions & 40 deletions examples/ack-controller/eks-controller/eks-controller.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,18 +45,18 @@ spec:
apiVersion: kro.run/v1alpha1
kind: EKSCRDGroup
metadata:
name: ${spec.name}-crd-group
name: ${schema.spec.name}-crd-group
spec:
name: ${spec.name}-crd-group
name: ${schema.spec.name}-crd-group
- name: eksControllerIamPolicy
template:
apiVersion: iam.services.k8s.aws/v1alpha1
kind: Policy
metadata:
name: ${spec.name}-iam-policy
name: ${schema.spec.name}-iam-policy
spec:
name: ${spec.name}-iam-policy
description: ${spec.values.iamPolicy.description}
name: ${schema.spec.name}-iam-policy
description: ${schema.spec.values.iamPolicy.description}
policyDocument: >
{
"Version": "2012-10-17",
Expand All @@ -80,23 +80,23 @@ spec:
apiVersion: iam.services.k8s.aws/v1alpha1
kind: Role
metadata:
name: ${spec.name}-iam-role
namespace: ${spec.namespace}
name: ${schema.spec.name}-iam-role
namespace: ${schema.spec.namespace}
spec:
name: ${spec.name}-iam-role
description: ${spec.values.iamRole.roleDescription}
maxSessionDuration: ${spec.values.iamRole.maxSessionDuration}
name: ${schema.spec.name}-iam-role
description: ${schema.spec.values.iamRole.roleDescription}
maxSessionDuration: ${schema.spec.values.iamRole.maxSessionDuration}
policies:
- ${eksControllerIamPolicy.status.ackResourceMetadata.arn}
assumeRolePolicyDocument: >
{
"Version":"2012-10-17",
"Statement": [{
"Effect":"Allow",
"Principal": {"Federated": "arn:aws:iam::${spec.values.aws.accountID}:oidc-provider/${spec.values.iamRole.oidcProvider}"},
"Principal": {"Federated": "arn:aws:iam::${schema.spec.values.aws.accountID}:oidc-provider/${schema.spec.values.iamRole.oidcProvider}"},
"Action": ["sts:AssumeRoleWithWebIdentity"],
"Condition": {
"StringEquals": {"${spec.values.iamRole.oidcProvider}:sub": "system:serviceaccount:${spec.namespace}:${spec.values.serviceAccount.name}"}
"StringEquals": {"${schema.spec.values.iamRole.oidcProvider}:sub": "system:serviceaccount:${schema.spec.namespace}:${schema.spec.values.serviceAccount.name}"}
}
}]
}
Expand All @@ -105,75 +105,75 @@ spec:
apiVersion: v1
kind: ServiceAccount
metadata:
name: ${spec.values.serviceAccount.name}
namespace: ${spec.namespace}
name: ${schema.spec.values.serviceAccount.name}
namespace: ${schema.spec.namespace}
annotations:
eks.amazonaws.com/role-arn : ${eksControllerIamRole.status.ackResourceMetadata.arn}
- name: deployment
template:
apiVersion: apps/v1
kind: Deployment
metadata:
name: ${spec.name}-deployment
namespace: ${spec.namespace}
name: ${schema.spec.name}-deployment
namespace: ${schema.spec.namespace}
labels:
app.kubernetes.io.name: ${spec.name}-deployment
app.kubernetes.io.instance: ${spec.name}
app.kubernetes.io.name: ${schema.spec.name}-deployment
app.kubernetes.io.instance: ${schema.spec.name}
spec:
replicas: ${spec.values.deployment.replicas}
replicas: ${schema.spec.values.deployment.replicas}
selector:
matchLabels:
app.kubernetes.io.name: ${spec.name}-deployment
app.kubernetes.io.instance: ${spec.name}
app.kubernetes.io.name: ${schema.spec.name}-deployment
app.kubernetes.io.instance: ${schema.spec.name}
template:
metadata:
labels:
app.kubernetes.io.name: ${spec.name}-deployment
app.kubernetes.io.instance: ${spec.name}
app.kubernetes.io.name: ${schema.spec.name}-deployment
app.kubernetes.io.instance: ${schema.spec.name}
spec:
serviceAccountName: ${serviceAccount.metadata.name}
containers:
- command:
- ./bin/controller
args:
- --aws-region
- ${spec.values.aws.region}
- --enable-development-logging=${spec.values.log.enabled}
- ${schema.spec.values.aws.region}
- --enable-development-logging=${schema.spec.values.log.enabled}
- --log-level
- ${spec.values.log.level}
- ${schema.spec.values.log.level}
- --deletion-policy
- ${spec.values.image.deletePolicy}
- ${schema.spec.values.image.deletePolicy}
- --watch-namespace
- ${spec.namespace}
image: ${spec.values.image.repository}:${spec.values.image.tag}
- ${schema.spec.namespace}
image: ${schema.spec.values.image.repository}:${schema.spec.values.image.tag}
name: controller
ports:
- name: http
containerPort: ${spec.values.deployment.containerPort}
containerPort: ${schema.spec.values.deployment.containerPort}
resources:
requests:
memory: ${spec.values.image.resources.requests.memory}
cpu: ${spec.values.image.resources.requests.cpu}
memory: ${schema.spec.values.image.resources.requests.memory}
cpu: ${schema.spec.values.image.resources.requests.cpu}
limits:
memory: ${spec.values.image.resources.limits.memory}
cpu: ${spec.values.image.resources.limits.cpu}
memory: ${schema.spec.values.image.resources.limits.memory}
cpu: ${schema.spec.values.image.resources.limits.cpu}
env:
- name: ACK_SYSTEM_NAMESPACE
value: ${spec.namespace}
value: ${schema.spec.namespace}
- name: AWS_REGION
value: ${spec.values.aws.region}
value: ${schema.spec.values.aws.region}
- name: DELETE_POLICY
value: ${spec.values.image.deletePolicy}
value: ${schema.spec.values.image.deletePolicy}
- name: ACK_LOG_LEVEL
value: ${spec.values.log.level}
value: ${schema.spec.values.log.level}
ports:
- containerPort: 80
- name: clusterRoleBinding
template:
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: ${spec.name}-clusterrolebinding
name: ${schema.spec.name}-clusterrolebinding
roleRef:
kind: ClusterRole
apiGroup: rbac.authorization.k8s.io
Expand All @@ -187,7 +187,7 @@ spec:
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: ${spec.name}-clusterrole
name: ${schema.spec.name}-clusterrole
rules:
- apiGroups:
- ""
Expand Down
Loading

0 comments on commit 298fbf9

Please sign in to comment.