djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add supervisor package, schema, metadata files

Browse Source
This commit is contained in:
Benjamin A. Petersen 2023-08-21 16:19:06 -04:00
parent 5d1320dd2a
commit a1c3766fca
No known key found for this signature in database
GPG Key ID: EF6EF83523A4BE46
4 changed files with 201 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
deploy_carvel/supervisor/build.yaml Normal file
View File

@ -0,0 +1,19 @@
apiVersion: kbld.k14s.io/v1alpha1
kind: Config
minimumRequiredVersion: 0.31.0 # minimum version of kbld. We probably don't need to specify.
overrides:
#! TODO: in the pinniped yamls, this is provided by values.yaml, not declared in the deployment.
#! we should assess if we want to leave it there or move it to this form of configuration.
- image: projects.registry.vmware.com/pinniped/pinniped-server:latest
newImage: ""
#! I don't think we need any of these (until we need them 😊). IE, don't use prematurely.
#! searchRules: ... # for searching input files to find container images
#! overrides: ... # overrides to apply to container images before resolving or building
#! sources: ... # source/content of a container image
#! destinations: ... # where to push built images
#!
#!
#! source: TODO: we may need this at least to specify that we want kbld to build
#! a set of container images that are found in our package config yaml files.

10
deploy_carvel/supervisor/metadata.yml Normal file
View File

@ -0,0 +1,10 @@
apiVersion: data.packaging.carvel.dev/v1alpha1
kind: PackageMetadata
metadata:
name: supervisor.pinniped.dev
spec:
displayName: "Pinniped Supervisor"
longDescription: "Pinniped supervisor allows seamless login across one or many Kubernetes clusters including AKS, EKS and GKE"
shortDescription: "Pinniped supervisor provides login capabilities"
categories:
- auth

31
deploy_carvel/supervisor/package.yml Normal file
View File

@ -0,0 +1,31 @@
#@ load("@ytt:data", "data") # for reading data values (generated via ytt's data-values-schema-inspect mode).
#@ load("@ytt:yaml", "yaml") # for dynamically decoding the output of ytt's data-values-schema-inspect
---
apiVersion: data.packaging.carvel.dev/v1alpha1
kind: Package
metadata:
name: #@ "supervisor.pinniped.dev." + data.values.version
spec:
refName: supervisor.pinniped.dev
version: #@ data.values.version
releaseNotes: |
Initial release of the pinniped supervisor package, TODO: AUTOMATE THIS??
valuesSchema:
openAPIv3: #@ yaml.decode(data.values.openapi)["components"]["schemas"]["dataValues"]
template:
spec:
fetch:
- imgpkgBundle:
#! TODO: we will need a place to host this.
#! this package image needs to be built and deployed so it can then be installed.
image: #@ "${REPO_HOST}/packages/pinniped-supervisor:" + data.values.version
template:
- ytt:
paths:
- "config/"
- kbld:
paths:
- ".imgpkg/images.yml"
- "-"
deploy:
- kapp: {}

141
deploy_carvel/supervisor/schema-openapi.yml Normal file
View File

@ -0,0 +1,141 @@
openapi: 3.0.0
info:
version: 0.1.0
title: Schema for data values, generated by ytt
paths: {}
components:
schemas:
dataValues:
type: object
additionalProperties: false
properties:
app_name:
type: string
description: Namespace of pinniped-supervisor
default: pinniped-supervisor
namespace:
type: string
description: Creates a new namespace statically in yaml with the given name and installs the app into that namespace.
default: pinniped-supervisor
into_namespace:
type: string
nullable: true
description: Overrides namespace. This is actually confusingly worded.
default: null
custom_labels:
type: object
additionalProperties: false
properties: {}
replicas:
type: integer
default: 2
image_repo:
type: string
default: projects.registry.vmware.com/pinniped/pinniped-server
image_digest:
type: string
nullable: true
default: null
image_tag:
type: string
default: latest
image_pull_dockerconfigjson:
type: object
additionalProperties: false
nullable: true
properties:
auths:
type: object
additionalProperties: false
properties:
https://registry.example.com:
type: object
additionalProperties: false
properties:
username:
type: string
default: USERNAME
password:
type: string
default: PASSWORD
auth:
type: string
default: BASE64_ENCODED_USERNAME_COLON_PASSWORD
deprecated_service_http_nodeport_port:
type: integer
nullable: true
default: null
deprecated_service_http_nodeport_nodeport:
type: integer
nullable: true
default: null
deprecated_service_http_loadbalancer_port:
type: integer
nullable: true
default: null
deprecated_service_http_clusterip_port:
type: integer
nullable: true
default: null
service_https_nodeport_port:
type: integer
nullable: true
default: null
service_https_nodeport_nodeport:
type: integer
nullable: true
default: null
service_https_loadbalancer_port:
type: integer
nullable: true
default: null
service_https_clusterip_port:
type: integer
nullable: true
default: null
service_loadbalancer_ip:
type: string
nullable: true
default: null
log_level:
type: string
nullable: true
default: null
deprecated_log_format:
type: string
nullable: true
default: null
run_as_user:
type: integer
default: 65532
run_as_group:
type: integer
default: 65532
api_group_suffix:
type: string
default: pinniped.dev
https_proxy:
type: string
nullable: true
default: null
no_proxy:
type: string
default: $(KUBERNETES_SERVICE_HOST),169.254.169.254,127.0.0.1,localhost,.svc,.cluster.local
endpoints:
type: object
additionalProperties: false
nullable: true
properties:
https:
type: object
additionalProperties: false
properties:
network:
type: string
default: tcp | unix | disabled
address:
type: string
default: host:port when network=tcp or /pinniped_socket/socketfile.sock when network=unix
deprecated_insecure_accept_external_unencrypted_http_requests:
type: boolean
default: false