From bc7187801fdfebb06b00fc2876f8d5161f7d88bf Mon Sep 17 00:00:00 2001 From: thepetk Date: Thu, 29 Aug 2024 11:58:46 +0100 Subject: [PATCH] operator [CI] registry-operator (0.3.0) Signed-off-by: thepetk --- .../registry-operator/0.3.0/bundle.Dockerfile | 20 + ...er-manager-metrics-service_v1_service.yaml | 23 + ...-operator-manager-config_v1_configmap.yaml | 17 + ...c.authorization.k8s.io_v1_clusterrole.yaml | 17 + ...y-operator-webhook-service_v1_service.yaml | 13 + ...gistry-operator.clusterserviceversion.yaml | 717 ++++++++++++++++++ ...file.io_clusterdevfileregistrieslists.yaml | 166 ++++ ...registry.devfile.io_devfileregistries.yaml | 267 +++++++ ...try.devfile.io_devfileregistrieslists.yaml | 166 ++++ .../0.3.0/metadata/annotations.yaml | 14 + .../0.3.0/tests/scorecard/config.yaml | 70 ++ 11 files changed, 1490 insertions(+) create mode 100644 operators/registry-operator/0.3.0/bundle.Dockerfile create mode 100644 operators/registry-operator/0.3.0/manifests/registry-operator-controller-manager-metrics-service_v1_service.yaml create mode 100644 operators/registry-operator/0.3.0/manifests/registry-operator-manager-config_v1_configmap.yaml create mode 100644 operators/registry-operator/0.3.0/manifests/registry-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml create mode 100644 operators/registry-operator/0.3.0/manifests/registry-operator-webhook-service_v1_service.yaml create mode 100644 operators/registry-operator/0.3.0/manifests/registry-operator.clusterserviceversion.yaml create mode 100644 operators/registry-operator/0.3.0/manifests/registry.devfile.io_clusterdevfileregistrieslists.yaml create mode 100644 operators/registry-operator/0.3.0/manifests/registry.devfile.io_devfileregistries.yaml create mode 100644 operators/registry-operator/0.3.0/manifests/registry.devfile.io_devfileregistrieslists.yaml create mode 100644 operators/registry-operator/0.3.0/metadata/annotations.yaml create mode 100644 operators/registry-operator/0.3.0/tests/scorecard/config.yaml diff --git a/operators/registry-operator/0.3.0/bundle.Dockerfile b/operators/registry-operator/0.3.0/bundle.Dockerfile new file mode 100644 index 00000000000..97dd2208bd6 --- /dev/null +++ b/operators/registry-operator/0.3.0/bundle.Dockerfile @@ -0,0 +1,20 @@ +FROM scratch + +# Core bundle labels. +LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1 +LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ +LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ +LABEL operators.operatorframework.io.bundle.package.v1=registry-operator +LABEL operators.operatorframework.io.bundle.channels.v1=beta +LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.36.0 +LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1 +LABEL operators.operatorframework.io.metrics.project_layout=go.kubebuilder.io/v3 + +# Labels for testing. +LABEL operators.operatorframework.io.test.mediatype.v1=scorecard+v1 +LABEL operators.operatorframework.io.test.config.v1=tests/scorecard/ + +# Copy files to locations specified by labels. +COPY bundle/manifests /manifests/ +COPY bundle/metadata /metadata/ +COPY bundle/tests/scorecard /tests/scorecard/ diff --git a/operators/registry-operator/0.3.0/manifests/registry-operator-controller-manager-metrics-service_v1_service.yaml b/operators/registry-operator/0.3.0/manifests/registry-operator-controller-manager-metrics-service_v1_service.yaml new file mode 100644 index 00000000000..7bce52e6f83 --- /dev/null +++ b/operators/registry-operator/0.3.0/manifests/registry-operator-controller-manager-metrics-service_v1_service.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: kube-rbac-proxy + app.kubernetes.io/created-by: devfileregistry-operator + app.kubernetes.io/instance: controller-manager-metrics-service + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: service + app.kubernetes.io/part-of: devfileregistry-operator + control-plane: controller-manager + name: registry-operator-controller-manager-metrics-service +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + control-plane: controller-manager +status: + loadBalancer: {} diff --git a/operators/registry-operator/0.3.0/manifests/registry-operator-manager-config_v1_configmap.yaml b/operators/registry-operator/0.3.0/manifests/registry-operator-manager-config_v1_configmap.yaml new file mode 100644 index 00000000000..c4a19fa9e0b --- /dev/null +++ b/operators/registry-operator/0.3.0/manifests/registry-operator-manager-config_v1_configmap.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +data: + controller_manager_config.yaml: | + apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 + kind: ControllerManagerConfig + health: + healthProbeBindAddress: :8081 + metrics: + bindAddress: 127.0.0.1:8080 + webhook: + port: 9443 + leaderElection: + leaderElect: true + resourceName: 1984829e.devfile.io +kind: ConfigMap +metadata: + name: registry-operator-manager-config diff --git a/operators/registry-operator/0.3.0/manifests/registry-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml b/operators/registry-operator/0.3.0/manifests/registry-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml new file mode 100644 index 00000000000..76f067eff7d --- /dev/null +++ b/operators/registry-operator/0.3.0/manifests/registry-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -0,0 +1,17 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: kube-rbac-proxy + app.kubernetes.io/created-by: devfileregistry-operator + app.kubernetes.io/instance: metrics-reader + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: clusterrole + app.kubernetes.io/part-of: devfileregistry-operator + name: registry-operator-metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get diff --git a/operators/registry-operator/0.3.0/manifests/registry-operator-webhook-service_v1_service.yaml b/operators/registry-operator/0.3.0/manifests/registry-operator-webhook-service_v1_service.yaml new file mode 100644 index 00000000000..1de304c2e14 --- /dev/null +++ b/operators/registry-operator/0.3.0/manifests/registry-operator-webhook-service_v1_service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + name: registry-operator-webhook-service +spec: + ports: + - port: 443 + targetPort: 9443 + selector: + control-plane: controller-manager +status: + loadBalancer: {} diff --git a/operators/registry-operator/0.3.0/manifests/registry-operator.clusterserviceversion.yaml b/operators/registry-operator/0.3.0/manifests/registry-operator.clusterserviceversion.yaml new file mode 100644 index 00000000000..67ae764e6b3 --- /dev/null +++ b/operators/registry-operator/0.3.0/manifests/registry-operator.clusterserviceversion.yaml @@ -0,0 +1,717 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "registry.devfile.io/v1alpha1", + "kind": "DevfileRegistry", + "metadata": { + "name": "sample-devfileregistry" + }, + "spec": { + "devfileIndex": { + "image": "quay.io/devfile/devfile-index:next" + } + } + }, + { + "apiVersion": "registry.devfile.io/v1alpha1", + "kind": "DevfileRegistriesList", + "metadata": { + "name": "sample-devfileregistrieslist" + }, + "spec": { + "devfileRegistries": [ + { + "name": "devfile-staging", + "url": "https://registry.stage.devfile.io" + } + ] + } + }, + { + "apiVersion": "registry.devfile.io/v1alpha1", + "kind": "ClusterDevfileRegistriesList", + "metadata": { + "name": "sample-clusterdevfileregistrieslist" + }, + "spec": { + "devfileRegistries": [ + { + "name": "devfile-staging", + "url": "https://registry.stage.devfile.io" + } + ] + } + } + ] + capabilities: Basic Install + categories: OpenShift Optional,Developer Tools + containerImage: quay.io/devfile/registry-operator:v0.3.0 + createdAt: "2024-08-20T09:11:27Z" + description: Deploy and manage Devfile Registries on Kubernetes and OpenShift + with the Devfile Registry operator. + operators.operatorframework.io/builder: operator-sdk-v1.36.0 + operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 + repository: https://github.com/devfile/registry-operator + support: Red Hat + name: registry-operator.v0.3.0 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: |- + ClusterDevfileRegistriesList is a custom resource where cluster admins can add a list of Devfile Registries to allow devfiles to be visible + at the cluster level. In order to be added to the list, the Devfile Registries must be reachable, supports the Devfile v2.0 spec and above, + and is not using the default namespace. + displayName: Cluster Devfile Registries List + kind: ClusterDevfileRegistriesList + name: clusterdevfileregistrieslists.registry.devfile.io + resources: + - kind: Deployment + name: clusterdevfileregistrieslist-deployment + version: v1 + specDescriptors: + - description: DevfileRegistries is a list of devfile registry services + displayName: Devfile Registries + path: devfileRegistries + - description: Name is the unique Name of the devfile registry. + displayName: Name + path: devfileRegistries[0].name + - description: SkipTLSVerify defaults to false. Set to true in a non-production + environment to bypass certificate checking + displayName: Skip TLSVerify + path: devfileRegistries[0].skipTLSVerify + - description: URL is the unique URL of the devfile registry. + displayName: URL + path: devfileRegistries[0].url + statusDescriptors: + - description: Conditions shows the state of this CR's devfile registry list. If + registries are no longer reachable, they will be listed here + displayName: Conditions + path: conditions + version: v1alpha1 + - description: |- + DevfileRegistry is a custom resource allows you to create and manage your own index server and registry viewer. + In order to be added, the Devfile Registry must be reachable, supports the Devfile v2.0 spec and above, and is + not using the default namespace. + displayName: Devfile Registry + kind: DevfileRegistry + name: devfileregistries.registry.devfile.io + resources: + - kind: Deployment + name: devfileregistry-deployment + version: v1 + specDescriptors: + - description: Sets the devfile index container spec to be deployed on the Devfile + Registry + displayName: Devfile Index + path: devfileIndex + - description: Sets the container image + displayName: Image + path: devfileIndex.image + - description: Sets the image pull policy for the container + displayName: Image Pull Policy + path: devfileIndex.imagePullPolicy + - description: Sets the memory limit for the container + displayName: Memory Limit + path: devfileIndex.memoryLimit + - description: Sets the container image containing devfile stacks to be deployed + on the Devfile Registry + displayName: Devfile Index Image + path: devfileIndexImage + - description: Overrides the fully qualified app name of the devfile registry + displayName: Fullname Override + path: fullnameOverride + - description: Sets the registry server deployment to run under headless mode + displayName: Headless + path: headless + - description: Overrides the entire hostname and domain of the devfile registry + ingress + displayName: Hostname Override + path: hostnameOverride + - displayName: K8s + path: k8s + - description: Ingress class for a Kubernetes cluster. Defaults to nginx. + displayName: Ingress Class + path: k8s.ingressClass + - description: Ingress domain for a Kubernetes cluster. This MUST be explicitly + specified on Kubernetes. There are no defaults + displayName: Ingress Domain + path: k8s.ingressDomain + - description: Overrides the app name of the devfile registry + displayName: Name Override + path: nameOverride + - description: Sets the OCI registry container spec to be deployed on the Devfile + Registry + displayName: Oci Registry + path: ociRegistry + - description: Sets the container image + displayName: Image + path: ociRegistry.image + - description: Sets the image pull policy for the container + displayName: Image Pull Policy + path: ociRegistry.imagePullPolicy + - description: Sets the memory limit for the container + displayName: Memory Limit + path: ociRegistry.memoryLimit + - description: |- + Overrides the container image used for the OCI registry. + Recommended to leave blank and default to the image specified by the operator. + displayName: Oci Registry Image + path: ociRegistryImage + - description: Sets the registry viewer container spec to be deployed on the + Devfile Registry + displayName: Registry Viewer + path: registryViewer + - description: Sets the container image + displayName: Image + path: registryViewer.image + - description: Sets the image pull policy for the container + displayName: Image Pull Policy + path: registryViewer.imagePullPolicy + - description: Sets the memory limit for the container + displayName: Memory Limit + path: registryViewer.memoryLimit + - description: Overrides the container image used for the registry viewer. + displayName: Registry Viewer Image + path: registryViewerImage + - displayName: Storage + path: storage + - description: |- + Instructs the operator to deploy the DevfileRegistry with persistent storage + Disabled by default. + displayName: Enabled + path: storage.enabled + - description: |- + Configures the size of the devfile registry's persistent volume, if enabled. + Defaults to 1Gi. + displayName: Registry Volume Size + path: storage.registryVolumeSize + - displayName: Telemetry + path: telemetry + - description: |- + Specify a telemetry key to allow devfile specific data to be sent to a client's own Segment analytics source. + If the write key is specified then telemetry will be enabled + displayName: Key + path: telemetry.key + - description: The registry name (can be any string) that is used as identifier + for devfile telemetry. + displayName: Registry Name + path: telemetry.registryName + - description: |- + Specify a telemetry write key for the registry viewer component to allow data to be sent to a client's own Segment analytics source. + If the write key is specified then telemetry for the registry viewer component will be enabled + displayName: Registry Viewer Write Key + path: telemetry.registryViewerWriteKey + - displayName: TLS + path: tls + - description: |- + Instructs the operator to deploy the DevfileRegistry with TLS enabled. + Enabled by default. Disabling is only recommended for development or test. + displayName: Enabled + path: tls.enabled + - description: Name of an optional, pre-existing TLS secret to use for TLS termination + on ingress/route resources. + displayName: Secret Name + path: tls.secretName + statusDescriptors: + - description: Conditions shows the state devfile registries. + displayName: Conditions + path: conditions + - description: URL is the exposed URL for the Devfile Registry, and is set in + the status after the registry has become available. + displayName: URL + path: url + version: v1alpha1 + - description: |- + DevfileRegistriesList is a custom resource where namespace users can add a list of Devfile Registries to allow devfiles to be visible + at the namespace level. In order to be added to the list, the Devfile Registries must be reachable, supports the Devfile v2.0 spec + and above, and is not using the default namespace. + displayName: Devfile Registries List + kind: DevfileRegistriesList + name: devfileregistrieslists.registry.devfile.io + resources: + - kind: Deployment + name: devfileregistrieslist-deployment + version: v1 + specDescriptors: + - description: DevfileRegistries is a list of devfile registry services + displayName: Devfile Registries + path: devfileRegistries + - description: Name is the unique Name of the devfile registry. + displayName: Name + path: devfileRegistries[0].name + - description: SkipTLSVerify defaults to false. Set to true in a non-production + environment to bypass certificate checking + displayName: Skip TLSVerify + path: devfileRegistries[0].skipTLSVerify + - description: URL is the unique URL of the devfile registry. + displayName: URL + path: devfileRegistries[0].url + statusDescriptors: + - description: Conditions shows the state of this CR's devfile registry list. If + registries are no longer reachable, they will be listed here + displayName: Conditions + path: conditions + version: v1alpha1 + description: "A devfile registry is a service that stores and provides devfile stacks + to Kubernetes developer tools like `odo`, Eclipse Che, and the OpenShift Developer + Console. Using this\noperator you can deploy and manage devfile registries on + Kubernetes and OpenShift.\n\nBasic usage:\n```\napiVersion: registry.devfile.io/v1alpha1\n + \ kind: DevfileRegistry\nmetadata:\n name: sample-devfileregistry\nspec:\n devfileIndex: + \n image: quay.io/devfile/devfile-index:next\n```\n\nFor more on setup and + usage see our [README](https://github.com/devfile/registry-operator/blob/main/README.md)." + displayName: Devfile Registry Operator + icon: + - base64data:  + mediatype: image/png + install: + spec: + clusterPermissions: + - rules: + - apiGroups: + - apps + resources: + - deployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - configmaps + - persistentvolumeclaims + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - pods + verbs: + - get + - list + - apiGroups: + - networking.k8s.io + resources: + - ingresses + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - registry.devfile.io + resources: + - clusterdevfileregistrieslists + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - registry.devfile.io + resources: + - clusterdevfileregistrieslists/finalizers + verbs: + - update + - apiGroups: + - registry.devfile.io + resources: + - clusterdevfileregistrieslists/status + verbs: + - get + - patch + - update + - apiGroups: + - registry.devfile.io + resources: + - devfileregistries + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - registry.devfile.io + resources: + - devfileregistries/finalizers + - devfileregistries/status + verbs: + - get + - patch + - update + - apiGroups: + - registry.devfile.io + resources: + - devfileregistrieslists + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - registry.devfile.io + resources: + - devfileregistrieslists/finalizers + verbs: + - update + - apiGroups: + - registry.devfile.io + resources: + - devfileregistrieslists/status + verbs: + - get + - patch + - update + - apiGroups: + - route.openshift.io + resources: + - routes + - routes/custom-host + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + serviceAccountName: registry-operator-service-account + deployments: + - label: + app.kubernetes.io/name: devfileregistry-operator + control-plane: controller-manager + name: registry-operator-controller-manager + spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: devfileregistry-operator + control-plane: controller-manager + strategy: {} + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: manager + labels: + app.kubernetes.io/name: devfileregistry-operator + control-plane: controller-manager + spec: + containers: + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=10 + - --http2-disable=true + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.15.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + protocol: TCP + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + - args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + command: + - /manager + image: quay.io/devfile/registry-operator:v0.3.0 + imagePullPolicy: Always + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 100m + memory: 20Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + volumeMounts: + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true + securityContext: + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + serviceAccountName: registry-operator-service-account + terminationGracePeriodSeconds: 10 + volumes: + - name: cert + secret: + defaultMode: 420 + secretName: webhook-server-cert + permissions: + - rules: + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + serviceAccountName: registry-operator-service-account + strategy: deployment + installModes: + - supported: false + type: OwnNamespace + - supported: false + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: true + type: AllNamespaces + keywords: + - devfile + - devfiles + - registry + - cloud-native + - stack + - odo + - che + - openshift + - microservice + links: + - name: Devfile + url: https://devfile.io + - name: Devfile Registry Operator GitHub + url: https://github.com/devfile/registry-operator + - name: Devfile Registry Support Services GitHub + url: https://github.com/devfile/registry-support + - name: Devfile Community Registry GitHub + url: https://github.com/devfile/registry + maintainers: + - email: mvaldron@redhat.com + name: Michael Valdron + - email: jcollier@redhat.com + name: John Collier + - email: tpetkos@redhat.com + name: Theofanis Petkos + - email: jdubrick@redhat.com + name: Jordan Dubrick + maturity: beta + minKubeVersion: 1.25.0 + provider: + name: Red Hat + url: https://redhat.com + version: 0.3.0 + webhookdefinitions: + - admissionReviewVersions: + - v1 + containerPort: 443 + deploymentName: registry-operator-controller-manager + failurePolicy: Fail + generateName: mclusterdevfileregistrieslist.kb.io + rules: + - apiGroups: + - registry.devfile.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - clusterdevfileregistrieslists + sideEffects: None + targetPort: 9443 + type: MutatingAdmissionWebhook + webhookPath: /mutate-registry-devfile-io-v1alpha1-clusterdevfileregistrieslist + - admissionReviewVersions: + - v1 + containerPort: 443 + deploymentName: registry-operator-controller-manager + failurePolicy: Fail + generateName: mdevfileregistrieslist.kb.io + rules: + - apiGroups: + - registry.devfile.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - devfileregistrieslists + sideEffects: None + targetPort: 9443 + type: MutatingAdmissionWebhook + webhookPath: /mutate-registry-devfile-io-v1alpha1-devfileregistrieslist + - admissionReviewVersions: + - v1 + containerPort: 443 + deploymentName: registry-operator-controller-manager + failurePolicy: Fail + generateName: mdevfileregistry.kb.io + rules: + - apiGroups: + - registry.devfile.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - devfileregistries + sideEffects: None + targetPort: 9443 + type: MutatingAdmissionWebhook + webhookPath: /mutate-registry-devfile-io-v1alpha1-devfileregistry + - admissionReviewVersions: + - v1 + containerPort: 443 + deploymentName: registry-operator-controller-manager + failurePolicy: Fail + generateName: vclusterdevfileregistrieslist.kb.io + rules: + - apiGroups: + - registry.devfile.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - clusterdevfileregistrieslists + sideEffects: None + targetPort: 9443 + type: ValidatingAdmissionWebhook + webhookPath: /validate-registry-devfile-io-v1alpha1-clusterdevfileregistrieslist + - admissionReviewVersions: + - v1 + containerPort: 443 + deploymentName: registry-operator-controller-manager + failurePolicy: Fail + generateName: vdevfileregistrieslist.kb.io + rules: + - apiGroups: + - registry.devfile.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - devfileregistrieslists + sideEffects: None + targetPort: 9443 + type: ValidatingAdmissionWebhook + webhookPath: /validate-registry-devfile-io-v1alpha1-devfileregistrieslist + - admissionReviewVersions: + - v1 + containerPort: 443 + deploymentName: registry-operator-controller-manager + failurePolicy: Fail + generateName: vdevfileregistry.kb.io + rules: + - apiGroups: + - registry.devfile.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - devfileregistries + sideEffects: None + targetPort: 9443 + type: ValidatingAdmissionWebhook + webhookPath: /validate-registry-devfile-io-v1alpha1-devfileregistry diff --git a/operators/registry-operator/0.3.0/manifests/registry.devfile.io_clusterdevfileregistrieslists.yaml b/operators/registry-operator/0.3.0/manifests/registry.devfile.io_clusterdevfileregistrieslists.yaml new file mode 100644 index 00000000000..b86c06ef428 --- /dev/null +++ b/operators/registry-operator/0.3.0/manifests/registry.devfile.io_clusterdevfileregistrieslists.yaml @@ -0,0 +1,166 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: registry-operator-system/registry-operator-serving-cert + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + name: clusterdevfileregistrieslists.registry.devfile.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: webhook-service + namespace: system + path: /convert + port: 443 + conversionReviewVersions: + - v1 + group: registry.devfile.io + names: + kind: ClusterDevfileRegistriesList + listKind: ClusterDevfileRegistriesListList + plural: clusterdevfileregistrieslists + singular: clusterdevfileregistrieslist + scope: Cluster + versions: + - additionalPrinterColumns: + - description: The status for the Cluster Devfile Registries List + jsonPath: .status.status + name: Status + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ClusterDevfileRegistriesList is a custom resource where cluster + admins can add a list of Devfile Registries to allow devfiles to be visible + at the cluster level. In order to be added to the list, the Devfile Registries + must be reachable, supports the Devfile v2.0 spec and above, and is not + using the default namespace. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DevfileRegistriesListSpec defines the desired state of DevfileRegistriesList + properties: + devfileRegistries: + description: DevfileRegistries is a list of devfile registry services + items: + description: DevfileRegistryService represents the properties used + to identify a devfile registry service. + properties: + name: + description: Name is the unique Name of the devfile registry. + type: string + skipTLSVerify: + description: SkipTLSVerify defaults to false. Set to true in + a non-production environment to bypass certificate checking + type: boolean + url: + description: URL is the unique URL of the devfile registry. + type: string + required: + - name + - url + type: object + type: array + type: object + status: + description: DevfileRegistriesListStatus defines the observed state of + DevfileRegistriesList + properties: + conditions: + description: Conditions shows the state of this CR's devfile registry + list. If registries are no longer reachable, they will be listed + here + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/registry-operator/0.3.0/manifests/registry.devfile.io_devfileregistries.yaml b/operators/registry-operator/0.3.0/manifests/registry.devfile.io_devfileregistries.yaml new file mode 100644 index 00000000000..1a81267dbd4 --- /dev/null +++ b/operators/registry-operator/0.3.0/manifests/registry.devfile.io_devfileregistries.yaml @@ -0,0 +1,267 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + name: devfileregistries.registry.devfile.io +spec: + group: registry.devfile.io + names: + kind: DevfileRegistry + listKind: DevfileRegistryList + plural: devfileregistries + shortNames: + - devreg + - dr + singular: devfileregistry + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The URL for the Devfile Registry + jsonPath: .status.url + name: URL + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: DevfileRegistry is a custom resource allows you to create and + manage your own index server and registry viewer. In order to be added, + the Devfile Registry must be reachable, supports the Devfile v2.0 spec and + above, and is not using the default namespace. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DevfileRegistrySpec defines the desired state of DevfileRegistry + properties: + devfileIndex: + description: Sets the devfile index container spec to be deployed + on the Devfile Registry + properties: + image: + description: Sets the container image + type: string + imagePullPolicy: + description: Sets the image pull policy for the container + type: string + memoryLimit: + description: Sets the memory limit for the container + type: string + type: object + devfileIndexImage: + description: Sets the container image containing devfile stacks to + be deployed on the Devfile Registry + type: string + fullnameOverride: + description: Overrides the fully qualified app name of the devfile + registry + type: string + headless: + description: Sets the registry server deployment to run under headless + mode + type: boolean + hostnameOverride: + description: Overrides the entire hostname and domain of the devfile + registry ingress + type: string + k8s: + description: DevfileRegistrySpecK8sOnly defines the desired state + of the kubernetes-only fields of the DevfileRegistry + properties: + ingressClass: + description: Ingress class for a Kubernetes cluster. Defaults + to nginx. + type: string + ingressDomain: + description: Ingress domain for a Kubernetes cluster. This MUST + be explicitly specified on Kubernetes. There are no defaults + type: string + type: object + nameOverride: + description: Overrides the app name of the devfile registry + type: string + ociRegistry: + description: Sets the OCI registry container spec to be deployed on + the Devfile Registry + properties: + image: + description: Sets the container image + type: string + imagePullPolicy: + description: Sets the image pull policy for the container + type: string + memoryLimit: + description: Sets the memory limit for the container + type: string + type: object + ociRegistryImage: + description: Overrides the container image used for the OCI registry. + Recommended to leave blank and default to the image specified by + the operator. + type: string + registryViewer: + description: Sets the registry viewer container spec to be deployed + on the Devfile Registry + properties: + image: + description: Sets the container image + type: string + imagePullPolicy: + description: Sets the image pull policy for the container + type: string + memoryLimit: + description: Sets the memory limit for the container + type: string + type: object + registryViewerImage: + description: Overrides the container image used for the registry viewer. + type: string + storage: + description: DevfileRegistrySpecStorage defines the desired state + of the storage for the DevfileRegistry + properties: + enabled: + description: Instructs the operator to deploy the DevfileRegistry + with persistent storage Disabled by default. + type: boolean + registryVolumeSize: + description: Configures the size of the devfile registry's persistent + volume, if enabled. Defaults to 1Gi. + type: string + type: object + telemetry: + description: Telemetry defines the desired state for telemetry in + the DevfileRegistry + properties: + key: + description: Specify a telemetry key to allow devfile specific + data to be sent to a client's own Segment analytics source. + If the write key is specified then telemetry will be enabled + type: string + registryName: + description: The registry name (can be any string) that is used + as identifier for devfile telemetry. + type: string + registryViewerWriteKey: + description: Specify a telemetry write key for the registry viewer + component to allow data to be sent to a client's own Segment + analytics source. If the write key is specified then telemetry + for the registry viewer component will be enabled + type: string + type: object + tls: + description: DevfileRegistrySpecTLS defines the desired state for + TLS in the DevfileRegistry + properties: + enabled: + description: Instructs the operator to deploy the DevfileRegistry + with TLS enabled. Enabled by default. Disabling is only recommended + for development or test. + type: boolean + secretName: + description: Name of an optional, pre-existing TLS secret to use + for TLS termination on ingress/route resources. + type: string + type: object + type: object + status: + description: DevfileRegistryStatus defines the observed state of DevfileRegistry + properties: + conditions: + description: Conditions shows the state devfile registries. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + url: + description: URL is the exposed URL for the Devfile Registry, and + is set in the status after the registry has become available. + type: string + required: + - url + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/registry-operator/0.3.0/manifests/registry.devfile.io_devfileregistrieslists.yaml b/operators/registry-operator/0.3.0/manifests/registry.devfile.io_devfileregistrieslists.yaml new file mode 100644 index 00000000000..c5ae6c51055 --- /dev/null +++ b/operators/registry-operator/0.3.0/manifests/registry.devfile.io_devfileregistrieslists.yaml @@ -0,0 +1,166 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: registry-operator-system/registry-operator-serving-cert + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + name: devfileregistrieslists.registry.devfile.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: webhook-service + namespace: system + path: /convert + port: 443 + conversionReviewVersions: + - v1 + group: registry.devfile.io + names: + kind: DevfileRegistriesList + listKind: DevfileRegistriesListList + plural: devfileregistrieslists + singular: devfileregistrieslist + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The status for the Devfile Registries List + jsonPath: .status.status + name: Status + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: DevfileRegistriesList is a custom resource where namespace users + can add a list of Devfile Registries to allow devfiles to be visible at + the namespace level. In order to be added to the list, the Devfile Registries + must be reachable, supports the Devfile v2.0 spec and above, and is not + using the default namespace. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DevfileRegistriesListSpec defines the desired state of DevfileRegistriesList + properties: + devfileRegistries: + description: DevfileRegistries is a list of devfile registry services + items: + description: DevfileRegistryService represents the properties used + to identify a devfile registry service. + properties: + name: + description: Name is the unique Name of the devfile registry. + type: string + skipTLSVerify: + description: SkipTLSVerify defaults to false. Set to true in + a non-production environment to bypass certificate checking + type: boolean + url: + description: URL is the unique URL of the devfile registry. + type: string + required: + - name + - url + type: object + type: array + type: object + status: + description: DevfileRegistriesListStatus defines the observed state of + DevfileRegistriesList + properties: + conditions: + description: Conditions shows the state of this CR's devfile registry + list. If registries are no longer reachable, they will be listed + here + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/registry-operator/0.3.0/metadata/annotations.yaml b/operators/registry-operator/0.3.0/metadata/annotations.yaml new file mode 100644 index 00000000000..ca8dbd5fd60 --- /dev/null +++ b/operators/registry-operator/0.3.0/metadata/annotations.yaml @@ -0,0 +1,14 @@ +annotations: + # Core bundle annotations. + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: registry-operator + operators.operatorframework.io.bundle.channels.v1: beta + operators.operatorframework.io.metrics.builder: operator-sdk-v1.36.0 + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: go.kubebuilder.io/v3 + + # Annotations for testing. + operators.operatorframework.io.test.mediatype.v1: scorecard+v1 + operators.operatorframework.io.test.config.v1: tests/scorecard/ diff --git a/operators/registry-operator/0.3.0/tests/scorecard/config.yaml b/operators/registry-operator/0.3.0/tests/scorecard/config.yaml new file mode 100644 index 00000000000..c0ffb5abfff --- /dev/null +++ b/operators/registry-operator/0.3.0/tests/scorecard/config.yaml @@ -0,0 +1,70 @@ +apiVersion: scorecard.operatorframework.io/v1alpha3 +kind: Configuration +metadata: + name: config +stages: +- parallel: true + tests: + - entrypoint: + - scorecard-test + - basic-check-spec + image: quay.io/operator-framework/scorecard-test:v1.28.0 + labels: + suite: basic + test: basic-check-spec-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-bundle-validation + image: quay.io/operator-framework/scorecard-test:v1.28.0 + labels: + suite: olm + test: olm-bundle-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-validation + image: quay.io/operator-framework/scorecard-test:v1.28.0 + labels: + suite: olm + test: olm-crds-have-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-resources + image: quay.io/operator-framework/scorecard-test:v1.28.0 + labels: + suite: olm + test: olm-crds-have-resources-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-spec-descriptors + image: quay.io/operator-framework/scorecard-test:v1.28.0 + labels: + suite: olm + test: olm-spec-descriptors-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-status-descriptors + image: quay.io/operator-framework/scorecard-test:v1.28.0 + labels: + suite: olm + test: olm-status-descriptors-test + storage: + spec: + mountPath: {} +storage: + spec: + mountPath: {}