-
Notifications
You must be signed in to change notification settings - Fork 10
/
plugin.yaml
102 lines (102 loc) · 4.36 KB
/
plugin.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
# Plugin Definition below. This is essentially a valid helm values file that will be merged
# with the other vcluster values during vcluster create or helm install.
plugin:
generic-crd-plugin:
image: ghcr.io/loft-sh/vcluster-generic-crd-plugin:latest
imagePullPolicy: IfNotPresent
rbac:
role:
extraRules:
- apiGroups: ["monitoring.coreos.com"]
resources: ["servicemonitors"]
verbs: ["create", "delete", "patch", "update", "get", "list", "watch"]
clusterRole:
extraRules:
- apiGroups: ["apiextensions.k8s.io"]
resources: ["customresourcedefinitions"]
verbs: ["get", "list", "watch"]
env:
- name: CONFIG
value: |-
version: v1beta1
mappings:
- fromVirtualCluster:
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
patches:
- op: add
path: .metadata.labels
#
# User TODO:
# Set the value below according to the .spec.serviceMonitorSelector of your Prometheus
value:
release: prometheus
- op: rewriteLabelKey
path: .spec.jobLabel
- op: rewriteLabelKey
path: .spec.targetLabels[*]
- op: rewriteLabelKey
path: .spec.podTargetLabels[*]
- op: rewriteLabelExpressionsSelector
path: .spec.selector
# TODO: Dev: add transformed namespace selectors to the label selectors (.spec.selector)
# FR - https://github.com/loft-sh/vcluster-generic-crd-sync-plugin/issues/15
- op: replace
path: .spec.namespaceSelector
value:
any: false
matchNames: []
- op: rewriteName
path: .spec.endpoints[*].tlsConfig.ca.secret
sync:
secret: true
- op: rewriteName
path: .spec.endpoints[*].tlsConfig.ca.configMap
sync:
configmap: true
- op: rewriteName
path: .spec.endpoints[*].tlsConfig.cert.secret
sync:
secret: true
- op: rewriteName
path: .spec.endpoints[*].tlsConfig.cert.configMap
sync:
configmap: true
- op: rewriteName
path: .spec.endpoints[*].tlsConfig.bearerTokenSecret.name
sync:
secret: true
- op: rewriteName
path: .spec.endpoints[*].tlsConfig.authorization.credentials.name
sync:
secret: true
- op: rewriteName
path: .spec.endpoints[*].tlsConfig.basicAuth.username.name
sync:
secret: true
- op: rewriteName
path: .spec.endpoints[*].tlsConfig.basicAuth.password.name
sync:
secret: true
- op: rewriteName
path: .spec.endpoints[*].tlsConfig.oauth2.clientId.secret
sync:
secret: true
- op: rewriteName
path: .spec.endpoints[*].tlsConfig.oauth2.clientId.configMap
sync:
configmap: true
- op: rewriteName
path: .spec.endpoints[*].tlsConfig.oauth2.clientSecret.name
sync:
secret: true
- op: rewriteName
path: .spec.endpoints[*].tlsConfig.oauth2.tokenUrl
# regex below should translate service urls only
regex: >
^http(s)?://$NAME((\.$NAMESPACE)?(\.svc(\.cluster\.local)?){1})?(/|$)
- op: rewriteName
path: .spec.endpoints[*].proxyUrl
# regex below should translate service urls only
regex: >
^http(s)?://$NAME((\.$NAMESPACE)?(\.svc(\.cluster\.local)?){1})?(/|$)