diff --git a/Makefile b/Makefile index 350856b..8eaf741 100644 --- a/Makefile +++ b/Makefile @@ -38,6 +38,10 @@ deploy: manifests cd config/manager && kustomize edit set image controller=${IMG} kustomize build config/default | kubectl apply -f - +undeploy: manifests + cd config/manager && kustomize edit set image controller=${IMG} + kustomize build config/default | kubectl delete -f - + # Generate manifests e.g. CRD, RBAC etc. manifests: controller-gen $(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role webhook paths="./..." output:crd:artifacts:config=config/crd/bases diff --git a/api/v1alpha1/backupsession_types.go b/api/v1alpha1/backupsession_types.go index 546fce8..7afd557 100644 --- a/api/v1alpha1/backupsession_types.go +++ b/api/v1alpha1/backupsession_types.go @@ -26,9 +26,9 @@ import ( type BackupSessionState string const ( - New BackupSessionState = "New" Running BackupSessionState = "Running" - Done BackupSessionState = "Done" + Success BackupSessionState = "Success" + Failure BackupSessionState = "Failure" ) type Ref struct { @@ -59,6 +59,7 @@ type BackupSessionStatus struct { } // +kubebuilder:object:root=true +// +kubebuilder:subresource:status // BackupSession is the Schema for the backupsessions API type BackupSession struct { diff --git a/api/v1alpha1/backupsession_webhook.go b/api/v1alpha1/backupsession_webhook.go index 5c1d016..43c79e8 100644 --- a/api/v1alpha1/backupsession_webhook.go +++ b/api/v1alpha1/backupsession_webhook.go @@ -27,6 +27,7 @@ import ( var backupsessionlog = logf.Log.WithName("backupsession-resource") func (r *BackupSession) SetupWebhookWithManager(mgr ctrl.Manager) error { + backupsessionlog.Info("setupWebhook", "name", r.Name) return ctrl.NewWebhookManagedBy(mgr). For(r). Complete() @@ -34,7 +35,7 @@ func (r *BackupSession) SetupWebhookWithManager(mgr ctrl.Manager) error { // EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! -// +kubebuilder:webhook:path=/mutate-formol-desmojim-fr-desmojim-fr-v1alpha1-backupsession,mutating=true,failurePolicy=fail,groups=formol.desmojim.fr.desmojim.fr,resources=backupsessions,verbs=create;update,versions=v1alpha1,name=mbackupsession.kb.io +// +kubebuilder:webhook:path=/mutate-formol-desmojim-fr-v1alpha1-backupsession,mutating=true,failurePolicy=fail,groups=formol.desmojim.fr,resources=backupsessions,verbs=create;update,versions=v1alpha1,name=mbackupsession.kb.io var _ webhook.Defaulter = &BackupSession{} @@ -43,11 +44,10 @@ func (r *BackupSession) Default() { backupsessionlog.Info("default", "name", r.Name) // TODO(user): fill in your defaulting logic. - r.Status.BackupSessionState = New } // TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation. -// +kubebuilder:webhook:verbs=create;update,path=/validate-formol-desmojim-fr-desmojim-fr-v1alpha1-backupsession,mutating=false,failurePolicy=fail,groups=formol.desmojim.fr.desmojim.fr,resources=backupsessions,versions=v1alpha1,name=vbackupsession.kb.io +// +kubebuilder:webhook:verbs=create;update,path=/validate-formol-desmojim-fr-v1alpha1-backupsession,mutating=false,failurePolicy=fail,groups=formol.desmojim.fr,resources=backupsessions,versions=v1alpha1,name=vbackupsession.kb.io var _ webhook.Validator = &BackupSession{} diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index 98cbc65..792d1fb 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -22,6 +22,7 @@ package v1alpha1 import ( "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" ) @@ -242,7 +243,8 @@ func (in *BackupSessionStatus) DeepCopyInto(out *BackupSessionStatus) { } if in.Duration != nil { in, out := &in.Duration, &out.Duration - *out = (*in).DeepCopy() + *out = new(metav1.Duration) + **out = **in } } diff --git a/config/crd/patches/webhook_in_backupsessions.yaml b/config/crd/patches/webhook_in_backupsessions.yaml index 4ddb4af..5be984f 100644 --- a/config/crd/patches/webhook_in_backupsessions.yaml +++ b/config/crd/patches/webhook_in_backupsessions.yaml @@ -5,6 +5,7 @@ kind: CustomResourceDefinition metadata: name: backupsessions.formol.desmojim.fr spec: + preserveUnknownFields: false conversion: strategy: Webhook webhookClientConfig: diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml index 4a0397f..f8cc21d 100644 --- a/config/default/kustomization.yaml +++ b/config/default/kustomization.yaml @@ -18,9 +18,9 @@ bases: - ../manager # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in # crd/kustomization.yaml -#- ../webhook +- ../webhook # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required. -#- ../certmanager +- ../certmanager # [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. #- ../prometheus @@ -32,39 +32,39 @@ patchesStrategicMerge: # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in # crd/kustomization.yaml -#- manager_webhook_patch.yaml +- manager_webhook_patch.yaml # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. # Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks. # 'CERTMANAGER' needs to be enabled to use ca injection -#- webhookcainjection_patch.yaml +- webhookcainjection_patch.yaml # the following config is for teaching kustomize how to do var substitution vars: # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix. -#- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR -# objref: -# kind: Certificate -# group: cert-manager.io -# version: v1alpha2 -# name: serving-cert # this name should match the one in certificate.yaml -# fieldref: -# fieldpath: metadata.namespace -#- name: CERTIFICATE_NAME -# objref: -# kind: Certificate -# group: cert-manager.io -# version: v1alpha2 -# name: serving-cert # this name should match the one in certificate.yaml -#- name: SERVICE_NAMESPACE # namespace of the service -# objref: -# kind: Service -# version: v1 -# name: webhook-service -# fieldref: -# fieldpath: metadata.namespace -#- name: SERVICE_NAME -# objref: -# kind: Service -# version: v1 -# name: webhook-service +- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR + objref: + kind: Certificate + group: cert-manager.io + version: v1alpha2 + name: serving-cert # this name should match the one in certificate.yaml + fieldref: + fieldpath: metadata.namespace +- name: CERTIFICATE_NAME + objref: + kind: Certificate + group: cert-manager.io + version: v1alpha2 + name: serving-cert # this name should match the one in certificate.yaml +- name: SERVICE_NAMESPACE # namespace of the service + objref: + kind: Service + version: v1 + name: webhook-service + fieldref: + fieldpath: metadata.namespace +- name: SERVICE_NAME + objref: + kind: Service + version: v1 + name: webhook-service diff --git a/config/default/manager_auth_proxy_patch.yaml b/config/default/manager_auth_proxy_patch.yaml index 77e743d..e44a8d4 100644 --- a/config/default/manager_auth_proxy_patch.yaml +++ b/config/default/manager_auth_proxy_patch.yaml @@ -10,7 +10,7 @@ spec: spec: containers: - name: kube-rbac-proxy - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.5.0 + image: quay.io/brancz/kube-rbac-proxy:v0.8.0-arm args: - "--secure-listen-address=0.0.0.0:8443" - "--upstream=http://127.0.0.1:8080/" diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index 5c5f0b8..985346c 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -1,2 +1,8 @@ resources: - manager.yaml +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +images: +- name: controller + newName: desmo999r/formolcontroller + newTag: latest diff --git a/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml index 66c2833..dbcbe1b 100644 --- a/config/rbac/kustomization.yaml +++ b/config/rbac/kustomization.yaml @@ -6,7 +6,7 @@ resources: # Comment the following 4 lines if you want to disable # the auth proxy (https://github.com/brancz/kube-rbac-proxy) # which protects your /metrics endpoint. -- auth_proxy_service.yaml -- auth_proxy_role.yaml -- auth_proxy_role_binding.yaml -- auth_proxy_client_clusterrole.yaml +#- auth_proxy_service.yaml +#- auth_proxy_role.yaml +#- auth_proxy_role_binding.yaml +#- auth_proxy_client_clusterrole.yaml diff --git a/controllers/backupconfiguration_controller.go b/controllers/backupconfiguration_controller.go index 41d8bdc..b0ff251 100644 --- a/controllers/backupconfiguration_controller.go +++ b/controllers/backupconfiguration_controller.go @@ -40,6 +40,10 @@ type BackupConfigurationReconciler struct { // +kubebuilder:rbac:groups=formol.desmojim.fr,resources=backupconfigurations,verbs=get;list;watch;create;update;patch;delete // +kubebuilder:rbac:groups=formol.desmojim.fr,resources=backupconfigurations/status,verbs=get;update;patch +// +kubebuilder:rbac:groups=formol.desmojim.fr,resources=repoes,verbs=get;list;watch +// +kubebuilder:rbac:groups=apps,resources=deployments,verbs=get;list;watch;create;update;patch;delete +// +kubebuilder:rbac:groups=batch,resources=cronjobs,verbs=get;list;watch;create;update;patch;delete +// +kubebuilder:rbac:groups=batch,resources=cronjobs/status,verbs=get func (r *BackupConfigurationReconciler) addSidecarContainer(backupConf *formolv1alpha1.BackupConfiguration) error { log := r.Log.WithValues("Repository", backupConf.Spec.Repository.Name) diff --git a/main.go b/main.go index 0cd418a..a907994 100644 --- a/main.go +++ b/main.go @@ -82,9 +82,11 @@ func main() { setupLog.Error(err, "unable to create controller", "controller", "BackupSession") os.Exit(1) } - if err = (&formolv1alpha1.BackupSession{}).SetupWebhookWithManager(mgr); err != nil { - setupLog.Error(err, "unable to create webhook", "webhook", "BackupSession") - os.Exit(1) + if os.Getenv("ENABLE_WEBHOOKS") != "false" { + if err = (&formolv1alpha1.BackupSession{}).SetupWebhookWithManager(mgr); err != nil { + setupLog.Error(err, "unable to create webhook", "webhook", "BackupSession") + os.Exit(1) + } } // +kubebuilder:scaffold:builder