From 7f7a6b6f976e443defc119c9894b6f07c5e612bd Mon Sep 17 00:00:00 2001 From: "Benjamin A. Petersen" Date: Mon, 21 Aug 2023 16:19:06 -0400 Subject: [PATCH] add supervisor package, schema, metadata files --- deploy_carvel/supervisor/build.yaml | 19 +++ deploy_carvel/supervisor/metadata.yml | 10 ++ deploy_carvel/supervisor/package.yml | 31 +++++ deploy_carvel/supervisor/schema-openapi.yml | 141 ++++++++++++++++++++ 4 files changed, 201 insertions(+) create mode 100644 deploy_carvel/supervisor/build.yaml create mode 100644 deploy_carvel/supervisor/metadata.yml create mode 100644 deploy_carvel/supervisor/package.yml create mode 100644 deploy_carvel/supervisor/schema-openapi.yml diff --git a/deploy_carvel/supervisor/build.yaml b/deploy_carvel/supervisor/build.yaml new file mode 100644 index 00000000..ef3676fd --- /dev/null +++ b/deploy_carvel/supervisor/build.yaml @@ -0,0 +1,19 @@ +apiVersion: kbld.k14s.io/v1alpha1 +kind: Config +minimumRequiredVersion: 0.31.0 # minimum version of kbld. We probably don't need to specify. +overrides: +#! TODO: in the pinniped yamls, this is provided by values.yaml, not declared in the deployment. +#! we should assess if we want to leave it there or move it to this form of configuration. +- image: projects.registry.vmware.com/pinniped/pinniped-server:latest + newImage: "" + + +#! I don't think we need any of these (until we need them 😊). IE, don't use prematurely. +#! searchRules: ... # for searching input files to find container images +#! overrides: ... # overrides to apply to container images before resolving or building +#! sources: ... # source/content of a container image +#! destinations: ... # where to push built images +#! +#! +#! source: TODO: we may need this at least to specify that we want kbld to build +#! a set of container images that are found in our package config yaml files. diff --git a/deploy_carvel/supervisor/metadata.yml b/deploy_carvel/supervisor/metadata.yml new file mode 100644 index 00000000..8a9e0e81 --- /dev/null +++ b/deploy_carvel/supervisor/metadata.yml @@ -0,0 +1,10 @@ +apiVersion: data.packaging.carvel.dev/v1alpha1 +kind: PackageMetadata +metadata: + name: supervisor.pinniped.dev +spec: + displayName: "Pinniped Supervisor" + longDescription: "Pinniped supervisor allows seamless login across one or many Kubernetes clusters including AKS, EKS and GKE" + shortDescription: "Pinniped supervisor provides login capabilities" + categories: + - auth diff --git a/deploy_carvel/supervisor/package.yml b/deploy_carvel/supervisor/package.yml new file mode 100644 index 00000000..714d214d --- /dev/null +++ b/deploy_carvel/supervisor/package.yml @@ -0,0 +1,31 @@ +#@ load("@ytt:data", "data") # for reading data values (generated via ytt's data-values-schema-inspect mode). +#@ load("@ytt:yaml", "yaml") # for dynamically decoding the output of ytt's data-values-schema-inspect +--- +apiVersion: data.packaging.carvel.dev/v1alpha1 +kind: Package +metadata: + name: #@ "supervisor.pinniped.dev." + data.values.version +spec: + refName: supervisor.pinniped.dev + version: #@ data.values.version + releaseNotes: | + Initial release of the pinniped supervisor package, TODO: AUTOMATE THIS?? + valuesSchema: + openAPIv3: #@ yaml.decode(data.values.openapi)["components"]["schemas"]["dataValues"] + template: + spec: + fetch: + - imgpkgBundle: +#! TODO: we will need a place to host this. +#! this package image needs to be built and deployed so it can then be installed. + image: #@ "${REPO_HOST}/packages/pinniped-supervisor:" + data.values.version + template: + - ytt: + paths: + - "config/" + - kbld: + paths: + - ".imgpkg/images.yml" + - "-" + deploy: + - kapp: {} diff --git a/deploy_carvel/supervisor/schema-openapi.yml b/deploy_carvel/supervisor/schema-openapi.yml new file mode 100644 index 00000000..a0f25b19 --- /dev/null +++ b/deploy_carvel/supervisor/schema-openapi.yml @@ -0,0 +1,141 @@ +openapi: 3.0.0 +info: + version: 0.1.0 + title: Schema for data values, generated by ytt +paths: {} +components: + schemas: + dataValues: + type: object + additionalProperties: false + properties: + app_name: + type: string + description: Namespace of pinniped-supervisor + default: pinniped-supervisor + namespace: + type: string + description: Creates a new namespace statically in yaml with the given name and installs the app into that namespace. + default: pinniped-supervisor + into_namespace: + type: string + nullable: true + description: Overrides namespace. This is actually confusingly worded. + default: null + custom_labels: + type: object + additionalProperties: false + properties: {} + replicas: + type: integer + default: 2 + image_repo: + type: string + default: projects.registry.vmware.com/pinniped/pinniped-server + image_digest: + type: string + nullable: true + default: null + image_tag: + type: string + default: latest + image_pull_dockerconfigjson: + type: object + additionalProperties: false + nullable: true + properties: + auths: + type: object + additionalProperties: false + properties: + https://registry.example.com: + type: object + additionalProperties: false + properties: + username: + type: string + default: USERNAME + password: + type: string + default: PASSWORD + auth: + type: string + default: BASE64_ENCODED_USERNAME_COLON_PASSWORD + deprecated_service_http_nodeport_port: + type: integer + nullable: true + default: null + deprecated_service_http_nodeport_nodeport: + type: integer + nullable: true + default: null + deprecated_service_http_loadbalancer_port: + type: integer + nullable: true + default: null + deprecated_service_http_clusterip_port: + type: integer + nullable: true + default: null + service_https_nodeport_port: + type: integer + nullable: true + default: null + service_https_nodeport_nodeport: + type: integer + nullable: true + default: null + service_https_loadbalancer_port: + type: integer + nullable: true + default: null + service_https_clusterip_port: + type: integer + nullable: true + default: null + service_loadbalancer_ip: + type: string + nullable: true + default: null + log_level: + type: string + nullable: true + default: null + deprecated_log_format: + type: string + nullable: true + default: null + run_as_user: + type: integer + default: 65532 + run_as_group: + type: integer + default: 65532 + api_group_suffix: + type: string + default: pinniped.dev + https_proxy: + type: string + nullable: true + default: null + no_proxy: + type: string + default: $(KUBERNETES_SERVICE_HOST),169.254.169.254,127.0.0.1,localhost,.svc,.cluster.local + endpoints: + type: object + additionalProperties: false + nullable: true + properties: + https: + type: object + additionalProperties: false + properties: + network: + type: string + default: tcp | unix | disabled + address: + type: string + default: host:port when network=tcp or /pinniped_socket/socketfile.sock when network=unix + deprecated_insecure_accept_external_unencrypted_http_requests: + type: boolean + default: false