Skip to content

operator kernel-module-management-hub (2.4.0) #6434

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

operator kernel-module-management-hub (2.4.0) #6434

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3,075 changes: 3,075 additions & 0 deletions ...el-module-management-hub/2.4.0/manifests/hub.kmm.sigs.x-k8s.io_managedclustermodules.yaml
View file
Open in desktop

Large diffs are not rendered by default.

449 changes: 449 additions & 0 deletions ...le-management-hub/2.4.0/manifests/kernel-module-management-hub.clusterserviceversion.yaml
View file
Open in desktop

Large diffs are not rendered by default.

23 changes: 23 additions & 0 deletions ...anagement-hub/2.4.0/manifests/kmm-operator-hub-controller-metrics-service_v1_service.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
labels:
app.kubernetes.io/component: kmm-hub
app.kubernetes.io/name: kmm-hub
app.kubernetes.io/part-of: kmm
control-plane: controller
name: kmm-operator-hub-controller-metrics-service
spec:
ports:
- name: https
port: 8443
protocol: TCP
targetPort: https
selector:
app.kubernetes.io/component: kmm-hub
app.kubernetes.io/name: kmm-hub
app.kubernetes.io/part-of: kmm
control-plane: controller
status:
loadBalancer: {}
14 changes: 14 additions & 0 deletions ...0/manifests/kmm-operator-hub-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
labels:
app.kubernetes.io/component: kmm-hub
app.kubernetes.io/name: kmm-hub
app.kubernetes.io/part-of: kmm
name: kmm-operator-hub-metrics-reader
rules:
- nonResourceURLs:
- /metrics
verbs:
- get
24 changes: 24 additions & 0 deletions ...el-module-management-hub/2.4.0/manifests/kmm-operator-hub-webhook-service_v1_service.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
apiVersion: v1
kind: Service
metadata:
creationTimestamp: null
labels:
app.kubernetes.io/component: kmm-hub
app.kubernetes.io/created-by: kernel-module-management
app.kubernetes.io/instance: webhook-service
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: kmm-hub
app.kubernetes.io/part-of: kmm
name: kmm-operator-hub-webhook-service
spec:
ports:
- port: 443
protocol: TCP
targetPort: 9443
selector:
app.kubernetes.io/component: kmm-hub
app.kubernetes.io/name: kmm-hub
app.kubernetes.io/part-of: kmm
control-plane: webhook-server
status:
loadBalancer: {}
306 changes: 306 additions & 0 deletions ...ernel-module-management-hub/2.4.0/manifests/kmm.sigs.x-k8s.io_modulebuildsignconfigs.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,306 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.16.1
creationTimestamp: null
labels:
app.kubernetes.io/component: kmm-hub
app.kubernetes.io/name: kmm-hub
app.kubernetes.io/part-of: kmm
name: modulebuildsignconfigs.kmm.sigs.x-k8s.io
spec:
group: kmm.sigs.x-k8s.io
names:
kind: ModuleBuildSignConfig
listKind: ModuleBuildSignConfigList
plural: modulebuildsignconfigs
shortNames:
- mbsc
singular: modulebuildsignconfig
scope: Namespaced
versions:
- name: v1beta1
schema:
openAPIV3Schema:
description: ModuleBuildSignConfig keeps the request for images' build/sign
for a KMM Module.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: |-
ModuleBuildSignConfigSpec describes the images that need to be built/signed
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
properties:
imageRepoSecret:
description: ImageRepoSecret contains pull secret for the image's
repo, if needed
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
type: object
x-kubernetes-map-type: atomic
images:
items:
description: ModuleBuildSignSpec describes the image whose state
needs to be queried
properties:
action:
enum:
- BuildImage
- SignImage
type: string
build:
description: Build contains build instructions, in case image
needs building
properties:
baseImageRegistryTLS:
description: BaseImageRegistryTLS contains settings determining
how to access registries of the base images in the build-process'
Dockerfile.
properties:
insecure:
description: If Insecure is true, the operator will
be able to access a registry in an insecure (plain
HTTP) protocol.
type: boolean
insecureSkipTLSVerify:
description: If InsecureSkipTLSVerify, the operator
will accept any certificate provided by the registry.
type: boolean
type: object
buildArgs:
description: BuildArgs is an array of build variables that
are provided to the image building backend.
items:
description: BuildArg represents a build argument used
when building a container image.
properties:
name:
type: string
value:
type: string
required:
- name
- value
type: object
type: array
dockerfileConfigMap:
description: ConfigMap that holds Dockerfile contents
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
type: object
x-kubernetes-map-type: atomic
kanikoParams:
description: KanikoParams is used to customize the building
process of the image.
properties:
tag:
description: Kaniko image tag to use when creating the
build Pod
type: string
type: object
secrets:
description: |-
Secrets is an optional list of secrets to be made available to the build system.
Those secrets should be used for private resources such as a private Github repo.
For container registries auth use module.spec.imagePullSecret instead.
items:
description: |-
LocalObjectReference contains enough information to let you locate the
referenced object inside the same namespace.
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
type: object
x-kubernetes-map-type: atomic
type: array
selector:
additionalProperties:
type: string
description: Selector describes on which nodes will run
the building process.
type: object
required:
- dockerfileConfigMap
type: object
image:
description: image
type: string
kernelVersion:
description: kernel version for which this image is targeted
type: string
registryTLS:
description: RegistryTLS set the TLS configs for accessing the
registry of the image.
properties:
insecure:
description: If Insecure is true, the operator will be able
to access a registry in an insecure (plain HTTP) protocol.
type: boolean
insecureSkipTLSVerify:
description: If InsecureSkipTLSVerify, the operator will
accept any certificate provided by the registry.
type: boolean
type: object
sign:
description: Sign contains sign instructions, in case image
needs signing
properties:
certSecret:
description: a secret containing the public key used to
sign kernel modules for secureboot
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
type: object
x-kubernetes-map-type: atomic
filesToSign:
description: paths inside the image for the kernel modules
to sign (if ommited all kmods are signed)
items:
type: string
type: array
keySecret:
description: a secret containing the private key used to
sign kernel modules for secureboot
properties:
name:
default: ""
description: |-
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
type: object
x-kubernetes-map-type: atomic
unsignedImage:
description: Image to sign, ignored if a Build is present,
required otherwise
type: string
unsignedImageRegistryTLS:
description: UnsignedImageRegistryTLS contains settings
determining how to access registries of the unsigned image.
properties:
insecure:
description: If Insecure is true, the operator will
be able to access a registry in an insecure (plain
HTTP) protocol.
type: boolean
insecureSkipTLSVerify:
description: If InsecureSkipTLSVerify, the operator
will accept any certificate provided by the registry.
type: boolean
type: object
required:
- certSecret
- keySecret
type: object
skipWaitMissingImage:
description: |-
SkipWaitMissingImage signals to MIC to stop waiting for image to be present
in case Build andSign not define, and report the image as DoesNotExist
type: boolean
required:
- action
- image
- kernelVersion
type: object
type: array
pushBuiltImage:
description: |-
Boolean flag that determines whether images built must also
be pushed to a defined repository
type: boolean
required:
- images
type: object
status:
description: |-
ModuleBuildSignConfigStatus describes the status of the images that needed to be built/signed
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
properties:
images:
items:
description: BuildSignImageState contains the status of the image
that was requested to be built/signed
properties:
action:
enum:
- BuildImage
- SignImage
type: string
image:
type: string
status:
enum:
- Success
- Failure
type: string
required:
- action
- image
- status
type: object
type: array
required:
- images
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: null
storedVersions: null
Loading
Loading