diff --git a/charts/devspace-operator/.helmignore b/charts/devspace-operator/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/charts/devspace-operator/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/devspace-operator/Chart.yaml b/charts/devspace-operator/Chart.yaml new file mode 100644 index 0000000..63983d6 --- /dev/null +++ b/charts/devspace-operator/Chart.yaml @@ -0,0 +1,21 @@ +apiVersion: v2 +name: devspace-operator +description: A Helm chart for Kubernetes +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0-alpha.1 +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "v0.1.0-alpha.1" diff --git a/charts/devspace-operator/templates/_helpers.tpl b/charts/devspace-operator/templates/_helpers.tpl new file mode 100644 index 0000000..99395e2 --- /dev/null +++ b/charts/devspace-operator/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "devspace-operator.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "devspace-operator.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "devspace-operator.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "devspace-operator.labels" -}} +helm.sh/chart: {{ include "devspace-operator.chart" . }} +{{ include "devspace-operator.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "devspace-operator.selectorLabels" -}} +app.kubernetes.io/name: {{ include "devspace-operator.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "devspace-operator.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "devspace-operator.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/charts/devspace-operator/templates/deployment.yaml b/charts/devspace-operator/templates/deployment.yaml new file mode 100644 index 0000000..f3b617e --- /dev/null +++ b/charts/devspace-operator/templates/deployment.yaml @@ -0,0 +1,109 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "devspace-operator.fullname" . }}-controller-manager + labels: + app.kuberentes.io/instance: controller-manager + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: devspace-operator + app.kubernetes.io/part-of: devspace-operator + {{- include "devspace-operator.labels" . | nindent 4 }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "devspace-operator.fullname" . }}-controller-manager + labels: + app.kubernetes.io/component: manager + app.kubernetes.io/created-by: devspace-operator + app.kubernetes.io/part-of: devspace-operator + control-plane: controller-manager + {{- include "devspace-operator.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.controllerManager.replicas }} + selector: + matchLabels: + control-plane: controller-manager + {{- include "devspace-operator.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + control-plane: controller-manager + {{- include "devspace-operator.selectorLabels" . | nindent 8 }} + annotations: + kubectl.kubernetes.io/default-container: manager + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/arch + operator: In + values: + - amd64 + - arm64 + - ppc64le + - s390x + - key: kubernetes.io/os + operator: In + values: + - linux + containers: + - args: {{- toYaml .Values.controllerManager.kubeRbacProxy.args | nindent 8 }} + env: + - name: KUBERNETES_CLUSTER_DOMAIN + value: {{ quote .Values.kubernetesClusterDomain }} + image: {{ .Values.controllerManager.kubeRbacProxy.image.repository }}:{{ .Values.controllerManager.kubeRbacProxy.image.tag + | default .Chart.AppVersion }} + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + protocol: TCP + resources: {{- toYaml .Values.controllerManager.kubeRbacProxy.resources | nindent + 10 }} + securityContext: {{- toYaml .Values.controllerManager.kubeRbacProxy.containerSecurityContext + | nindent 10 }} + - args: {{- toYaml .Values.controllerManager.manager.args | nindent 8 }} + command: + - /manager + env: + - name: KUBERNETES_CLUSTER_DOMAIN + value: {{ quote .Values.kubernetesClusterDomain }} + image: {{ .Values.controllerManager.manager.image.repository }}:{{ .Values.controllerManager.manager.image.tag + | default .Chart.AppVersion }} + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: {{- toYaml .Values.controllerManager.manager.resources | nindent 10 + }} + securityContext: {{- toYaml .Values.controllerManager.manager.containerSecurityContext + | nindent 10 }} + volumeMounts: + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true + securityContext: + runAsNonRoot: true + serviceAccountName: {{ include "devspace-operator.fullname" . }}-controller-manager + terminationGracePeriodSeconds: 10 + volumes: + - name: cert + secret: + defaultMode: 420 + secretName: webhook-server-cert \ No newline at end of file diff --git a/charts/devspace-operator/templates/devspace-crd.yaml b/charts/devspace-operator/templates/devspace-crd.yaml new file mode 100644 index 0000000..3190138 --- /dev/null +++ b/charts/devspace-operator/templates/devspace-crd.yaml @@ -0,0 +1,1211 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: devspaces.dev.roboscale.io + annotations: + cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "devspace-operator.fullname" + . }}-serving-cert' + controller-gen.kubebuilder.io/version: v0.9.2 + labels: + {{- include "devspace-operator.labels" . | nindent 4 }} +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: '{{ include "devspace-operator.fullname" . }}-webhook-service' + namespace: '{{ .Release.Namespace }}' + path: /convert + conversionReviewVersions: + - v1 + group: dev.roboscale.io + names: + kind: DevSpace + listKind: DevSpaceList + plural: devspaces + singular: devspace + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.environment.domain + name: Domain + type: string + - jsonPath: .spec.environment.application.name + name: App + type: string + - jsonPath: .spec.environment.application.version + name: Version + type: string + - jsonPath: .spec.environment.devspace.ubuntuDistro + name: Ubuntu + type: string + - jsonPath: .spec.environment.devspace.desktop + name: Desktop + type: string + - jsonPath: .spec.environment.devspace.version + name: DevSpace + type: string + - jsonPath: .status.phase + name: Phase + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: DevSpace is the custom resource that contains ROS 2 components + (Workloads, Cloud VDI, Cloud IDE, ROS Bridge, Configurational Resources), + robolaunch DevSpace instances can be decomposed and distributed to both cloud + instances and physical instances using federation. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of the desired behavior of the DevSpace. + properties: + devSuiteTemplate: + description: DevSpace development suite template + properties: + devSpaceIDETemplate: + description: Configurational parameters of DevSpaceIDE. Applied + if `.spec.ideEnabled` is set to `true`. + properties: + display: + description: Cloud IDE connects an X11 socket if it's set to + `true` and a target DevSpaceVDI resource is set in labels + with key `robolaunch.io/target-vdi`. Applications that requires + GUI can be executed such as rViz. + type: boolean + ingress: + description: '[*alpha*] DevSpaceIDE will create an Ingress resource + if `true`.' + type: boolean + privileged: + description: If `true`, containers of DevSpaceIDE will be privileged + containers. It can be used in physical instances where it's + necessary to access I/O devices on the host machine. Not recommended + to activate this field on cloud instances. + type: boolean + resources: + description: Resource limitations of Cloud IDE. + properties: + cpu: + description: CPU resource limit. + pattern: ^([0-9])+(m)$ + type: string + gpuCore: + description: GPU core number that will be allocated. + type: integer + memory: + description: Memory resource limit. + pattern: ^([0-9])+(Mi|Gi)$ + type: string + type: object + serviceType: + default: NodePort + description: Service type of Cloud IDE. `ClusterIP` and `NodePort` + is supported. + enum: + - ClusterIP + - NodePort + type: string + type: object + devSpaceVDITemplate: + description: Configurational parameters of DevSpaceVDI. Applied + if `.spec.vdiEnabled` is set to `true`. + properties: + ingress: + description: '[*alpha*] DevSpaceIDE will create an Ingress resource + if `true`.' + type: boolean + nat1to1: + description: NAT1TO1 option for Cloud VDI. + type: string + privileged: + description: If `true`, containers of DevSpaceIDE will be privileged + containers. It can be used in physical instances where it's + necessary to access I/O devices on the host machine. Not recommended + to activate this field on cloud instances. + type: boolean + resolution: + default: 2048x1152 + description: VDI screen resolution options. Default is `2048x1152`. + enum: + - 2048x1152 + - 1920x1080 + - 1600x1200 + type: string + resources: + description: Resource limitations of Cloud IDE. + properties: + cpu: + description: CPU resource limit. + pattern: ^([0-9])+(m)$ + type: string + gpuCore: + description: GPU core number that will be allocated. + type: integer + memory: + description: Memory resource limit. + pattern: ^([0-9])+(Mi|Gi)$ + type: string + type: object + serviceType: + default: NodePort + description: Service type of Cloud IDE. `ClusterIP` and `NodePort` + is supported. + enum: + - ClusterIP + - NodePort + type: string + webrtcPortRange: + description: UDP port range to used in WebRTC connections. + pattern: ^([0-9])+-([0-9])+$ + type: string + type: object + ideEnabled: + description: If `true`, a Cloud IDE will be provisioned inside development + suite. + type: boolean + vdiEnabled: + description: If `true`, a Cloud VDI will be provisioned inside development + suite. + type: boolean + type: object + development: + description: '[*alpha*] Switch to development mode if `true`.' + type: boolean + environment: + description: Environment properties. Supported options are listed in + [robolaunch Platform Versioning Map](https://github.com/robolaunch/robolaunch/blob/main/platform.yaml). + properties: + application: + description: Application properties. + properties: + name: + description: Application name. + type: string + version: + description: Version of the application. + type: string + required: + - name + - version + type: object + devspace: + description: DevSpace image properties. + properties: + desktop: + description: Ubuntu desktop. + type: string + ubuntuDistro: + description: Ubuntu distribution of the environment. + type: string + version: + description: DevSpace image version. + type: string + required: + - desktop + - ubuntuDistro + - version + type: object + domain: + description: Domain of the environment. + type: string + required: + - application + - devspace + - domain + type: object + rootDNSConfig: + description: '[*alpha*] Root DNS configuration.' + properties: + host: + description: '[*alpha*] Root DNS name..' + type: string + required: + - host + type: object + storage: + description: Total storage amount to persist via DevSpace. Unit of measurement + is MB. (eg. `10240` corresponds 10 GB) This amount is being shared + between different components. + properties: + amount: + default: 10000 + description: Specifies how much storage will be allocated in total. + Use MB as a unit of measurement. (eg. `10240` is equal to 10 GB) + type: integer + storageClassConfig: + description: Storage class selection for devspace's volumes. + properties: + accessMode: + description: PVC access modes. Currently, only `ReadWriteOnce` + is supported. + type: string + name: + description: Storage class name. + type: string + type: object + type: object + tlsSecretRef: + description: '[*alpha*] TLS secret reference.' + properties: + name: + description: '[*alpha*] TLS secret object name.' + type: string + namespace: + description: '[*alpha*] TLS secret object namespace.' + type: string + required: + - name + - namespace + type: object + workspaceManagerTemplate: + description: Workspace manager template to configure ROS 2 workspaces. + properties: + updateNeeded: + description: WorkspaceManager is triggered if this field is set + to `true`. Then the workspaces are being configured again while + backing up the old configurations. This field is often used by + operator. + type: boolean + workspaces: + description: Workspace definitions of devspace. Multiple ROS 2 workspaces + can be configured over this field. + items: + description: Workspace description. Each devspace should contain + at least one workspace. A workspace should contain at least + one repository in it. + properties: + name: + description: Name of workspace. If a workspace's name is `my_ws`, + it's absolute path is `/home/workspaces/my_ws`. + type: string + repositories: + additionalProperties: + description: Repository description. + properties: + branch: + description: Branch of the repository to clone. + type: string + hash: + description: '[*Autofilled*] Hash of last commit' + type: string + owner: + description: '[*Autofilled*] User or organization, maintainer + of repository' + type: string + path: + description: '[*Autofilled*] Absolute path of repository' + type: string + repo: + description: '[*Autofilled*] Repository name' + type: string + url: + description: Base URL of the repository. + type: string + required: + - branch + - url + type: object + description: Repositories to clone inside workspace's `src` + directory. + type: object + required: + - name + - repositories + type: object + minItems: 1 + type: array + workspacesPath: + description: Global path of workspaces. It's fixed to `/root/workspaces` + path. + type: string + type: object + required: + - environment + type: object + status: + description: Most recently observed status of the DevSpace. + properties: + attachedDevObjects: + description: '[*alpha*] Attached dev object information.' + items: + properties: + reference: + description: Reference to the DevSuite instance. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part + of an object. TODO: this design is not final and this field + is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + status: + description: Status of attached DevSuite. + properties: + active: + description: '[*alpha*] Indicates if DevSuite is attached + to a DevSpace and actively provisioned it''s resources.' + type: boolean + devSpaceIDEStatus: + description: Status of DevSpaceIDE. + properties: + connection: + description: Address of the devspace service that can + be reached from outside. + type: string + resource: + description: Generic status for any owned resource. + properties: + created: + description: Shows if the owned resource is created. + type: boolean + phase: + description: Phase of the owned resource. + type: string + reference: + description: Reference to the owned resource. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. + For example, if the object reference is to a + container within a pod, this would take on a + value like: "spec.containers{name}" (where "name" + refers to the name of the container that triggered + the event) or if no container name is specified + "spec.containers[2]" (container with index 2 + in this pod). This syntax is chosen only to + have some well-defined way of referencing a + part of an object. TODO: this design is not + final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - created + type: object + type: object + devSpaceVDIStatus: + description: Status of DevSpaceVDI. + properties: + connection: + description: Address of the devspace service that can + be reached from outside. + type: string + resource: + description: Generic status for any owned resource. + properties: + created: + description: Shows if the owned resource is created. + type: boolean + phase: + description: Phase of the owned resource. + type: string + reference: + description: Reference to the owned resource. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. + For example, if the object reference is to a + container within a pod, this would take on a + value like: "spec.containers{name}" (where "name" + refers to the name of the container that triggered + the event) or if no container name is specified + "spec.containers[2]" (container with index 2 + in this pod). This syntax is chosen only to + have some well-defined way of referencing a + part of an object. TODO: this design is not + final and this field is subject to change in + the future.' + type: string + kind: + description: 'Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - created + type: object + type: object + phase: + description: Phase of DevSuite. + type: string + type: object + type: object + type: array + devSuiteStatus: + description: DevSpace development suite instance status. + properties: + resource: + description: Generic status for any owned resource. + properties: + created: + description: Shows if the owned resource is created. + type: boolean + phase: + description: Phase of the owned resource. + type: string + reference: + description: Reference to the owned resource. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this pod). + This syntax is chosen only to have some well-defined way + of referencing a part of an object. TODO: this design + is not final and this field is subject to change in the + future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - created + type: object + status: + description: Status of the DevSuite instance. + properties: + active: + description: '[*alpha*] Indicates if DevSuite is attached to + a DevSpace and actively provisioned it''s resources.' + type: boolean + devSpaceIDEStatus: + description: Status of DevSpaceIDE. + properties: + connection: + description: Address of the devspace service that can be + reached from outside. + type: string + resource: + description: Generic status for any owned resource. + properties: + created: + description: Shows if the owned resource is created. + type: boolean + phase: + description: Phase of the owned resource. + type: string + reference: + description: Reference to the owned resource. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to + the name of the container that triggered the event) + or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax + is chosen only to have some well-defined way of + referencing a part of an object. TODO: this design + is not final and this field is subject to change + in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - created + type: object + type: object + devSpaceVDIStatus: + description: Status of DevSpaceVDI. + properties: + connection: + description: Address of the devspace service that can be + reached from outside. + type: string + resource: + description: Generic status for any owned resource. + properties: + created: + description: Shows if the owned resource is created. + type: boolean + phase: + description: Phase of the owned resource. + type: string + reference: + description: Reference to the owned resource. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object + instead of an entire object, this string should + contain a valid JSON/Go field access statement, + such as desiredState.manifest.containers[2]. For + example, if the object reference is to a container + within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to + the name of the container that triggered the event) + or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax + is chosen only to have some well-defined way of + referencing a part of an object. TODO: this design + is not final and this field is subject to change + in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which + this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - created + type: object + type: object + phase: + description: Phase of DevSuite. + type: string + type: object + type: object + image: + description: Main image of DevSpace. It is derived either from the specifications + or determined directly over labels. + type: string + loaderJobStatus: + description: Status of loader job that configures environment. + properties: + created: + description: Shows if the owned resource is created. + type: boolean + phase: + description: Phase of the owned resource. + type: string + reference: + description: Reference to the owned resource. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - created + type: object + nodeName: + description: Node that DevSpace uses. It is selected via tenancy labels. + type: string + phase: + description: Phase of DevSpace. It sums the general status of DevSpace. + type: string + volumeStatuses: + description: DevSpace persists some of the directories of underlying + OS inside persistent volumes. This field exposes persistent volume + claims that dynamically provision PVs. + properties: + etcDir: + description: Holds PVC status of the `/etc` directory of underlying + OS. + properties: + created: + description: Shows if the owned resource is created. + type: boolean + phase: + description: Phase of the owned resource. + type: string + reference: + description: Reference to the owned resource. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this pod). + This syntax is chosen only to have some well-defined way + of referencing a part of an object. TODO: this design + is not final and this field is subject to change in the + future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - created + type: object + optDir: + description: Holds PVC status of the `/opt` directory of underlying + OS. + properties: + created: + description: Shows if the owned resource is created. + type: boolean + phase: + description: Phase of the owned resource. + type: string + reference: + description: Reference to the owned resource. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this pod). + This syntax is chosen only to have some well-defined way + of referencing a part of an object. TODO: this design + is not final and this field is subject to change in the + future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - created + type: object + usrDir: + description: Holds PVC status of the `/usr` directory of underlying + OS. + properties: + created: + description: Shows if the owned resource is created. + type: boolean + phase: + description: Phase of the owned resource. + type: string + reference: + description: Reference to the owned resource. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this pod). + This syntax is chosen only to have some well-defined way + of referencing a part of an object. TODO: this design + is not final and this field is subject to change in the + future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - created + type: object + varDir: + description: Holds PVC status of the `/var` directory of underlying + OS. + properties: + created: + description: Shows if the owned resource is created. + type: boolean + phase: + description: Phase of the owned resource. + type: string + reference: + description: Reference to the owned resource. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this pod). + This syntax is chosen only to have some well-defined way + of referencing a part of an object. TODO: this design + is not final and this field is subject to change in the + future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - created + type: object + workspaceDir: + description: Holds PVC status of the workspaces directory of underlying + OS. + properties: + created: + description: Shows if the owned resource is created. + type: boolean + phase: + description: Phase of the owned resource. + type: string + reference: + description: Reference to the owned resource. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this pod). + This syntax is chosen only to have some well-defined way + of referencing a part of an object. TODO: this design + is not final and this field is subject to change in the + future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - created + type: object + type: object + workspaceManagerStatus: + description: Workspace manager instance status if exists. + properties: + resource: + description: Generic status for any owned resource. + properties: + created: + description: Shows if the owned resource is created. + type: boolean + phase: + description: Phase of the owned resource. + type: string + reference: + description: Reference to the owned resource. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this pod). + This syntax is chosen only to have some well-defined way + of referencing a part of an object. TODO: this design + is not final and this field is subject to change in the + future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - created + type: object + status: + description: Status of the WorkspaceManager instance. + properties: + cleanupJobStatus: + description: Status of cleanup jobs that runs while reconfiguring + workspaces. + properties: + created: + description: Shows if the owned resource is created. + type: boolean + phase: + description: Phase of the owned resource. + type: string + reference: + description: Reference to the owned resource. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a + valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to + have some well-defined way of referencing a part of + an object. TODO: this design is not final and this + field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - created + type: object + clonerJobStatus: + description: Status of cloner job. + properties: + created: + description: Shows if the owned resource is created. + type: boolean + phase: + description: Phase of the owned resource. + type: string + reference: + description: Reference to the owned resource. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a + valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to + have some well-defined way of referencing a part of + an object. TODO: this design is not final and this + field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - created + type: object + phase: + description: Phase of WorkspaceManager. + type: string + version: + description: Incremental version of workspace configuration + map. Used to determine changes in configuration. + type: integer + type: object + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] \ No newline at end of file diff --git a/charts/devspace-operator/templates/devspaceide-crd.yaml b/charts/devspace-operator/templates/devspaceide-crd.yaml new file mode 100644 index 0000000..ba19cb2 --- /dev/null +++ b/charts/devspace-operator/templates/devspaceide-crd.yaml @@ -0,0 +1,257 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: devspaceides.dev.roboscale.io + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + labels: + {{- include "devspace-operator.labels" . | nindent 4 }} +spec: + group: dev.roboscale.io + names: + kind: DevSpaceIDE + listKind: DevSpaceIDEList + plural: devspaceides + singular: devspaceide + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: DevSpaceIDE creates and manages Cloud IDE resources and workloads. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of the desired behavior of the DevSpaceIDE. + properties: + display: + description: Cloud IDE connects an X11 socket if it's set to `true` + and a target DevSpaceVDI resource is set in labels with key `robolaunch.io/target-vdi`. + Applications that requires GUI can be executed such as rViz. + type: boolean + ingress: + description: '[*alpha*] DevSpaceIDE will create an Ingress resource + if `true`.' + type: boolean + privileged: + description: If `true`, containers of DevSpaceIDE will be privileged + containers. It can be used in physical instances where it's necessary + to access I/O devices on the host machine. Not recommended to activate + this field on cloud instances. + type: boolean + resources: + description: Resource limitations of Cloud IDE. + properties: + cpu: + description: CPU resource limit. + pattern: ^([0-9])+(m)$ + type: string + gpuCore: + description: GPU core number that will be allocated. + type: integer + memory: + description: Memory resource limit. + pattern: ^([0-9])+(Mi|Gi)$ + type: string + type: object + serviceType: + default: NodePort + description: Service type of Cloud IDE. `ClusterIP` and `NodePort` is + supported. + enum: + - ClusterIP + - NodePort + type: string + type: object + status: + description: Most recently observed status of the DevSpaceIDE. + properties: + ingressStatus: + description: Status of Cloud IDE Ingress. + properties: + created: + description: Shows if the owned resource is created. + type: boolean + phase: + description: Phase of the owned resource. + type: string + reference: + description: Reference to the owned resource. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - created + type: object + phase: + description: Phase of DevSpaceIDE. + type: string + podStatus: + description: Status of Cloud IDE pod. + properties: + ip: + description: IP of the pod. + type: string + resource: + description: Generic status for any owned resource. + properties: + created: + description: Shows if the owned resource is created. + type: boolean + phase: + description: Phase of the owned resource. + type: string + reference: + description: Reference to the owned resource. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this pod). + This syntax is chosen only to have some well-defined way + of referencing a part of an object. TODO: this design + is not final and this field is subject to change in the + future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - created + type: object + type: object + serviceStatus: + description: Status of Cloud IDE service. + properties: + resource: + description: Generic status for any owned resource. + properties: + created: + description: Shows if the owned resource is created. + type: boolean + phase: + description: Phase of the owned resource. + type: string + reference: + description: Reference to the owned resource. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this pod). + This syntax is chosen only to have some well-defined way + of referencing a part of an object. TODO: this design + is not final and this field is subject to change in the + future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - created + type: object + url: + description: Connection URL. + type: string + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] \ No newline at end of file diff --git a/charts/devspace-operator/templates/devspacevdi-crd.yaml b/charts/devspace-operator/templates/devspacevdi-crd.yaml new file mode 100644 index 0000000..b4c8bca --- /dev/null +++ b/charts/devspace-operator/templates/devspacevdi-crd.yaml @@ -0,0 +1,379 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: devspacevdis.dev.roboscale.io + annotations: + cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "devspace-operator.fullname" + . }}-serving-cert' + controller-gen.kubebuilder.io/version: v0.9.2 + labels: + {{- include "devspace-operator.labels" . | nindent 4 }} +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: '{{ include "devspace-operator.fullname" . }}-webhook-service' + namespace: '{{ .Release.Namespace }}' + path: /convert + conversionReviewVersions: + - v1 + group: dev.roboscale.io + names: + kind: DevSpaceVDI + listKind: DevSpaceVDIList + plural: devspacevdis + singular: devspacevdi + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: DevSpaceVDI creates and manages Cloud VDI resources and workloads. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of the desired behavior of the DevSpaceVDI. + properties: + ingress: + description: '[*alpha*] DevSpaceIDE will create an Ingress resource + if `true`.' + type: boolean + nat1to1: + description: NAT1TO1 option for Cloud VDI. + type: string + privileged: + description: If `true`, containers of DevSpaceIDE will be privileged + containers. It can be used in physical instances where it's necessary + to access I/O devices on the host machine. Not recommended to activate + this field on cloud instances. + type: boolean + resolution: + default: 2048x1152 + description: VDI screen resolution options. Default is `2048x1152`. + enum: + - 2048x1152 + - 1920x1080 + - 1600x1200 + type: string + resources: + description: Resource limitations of Cloud IDE. + properties: + cpu: + description: CPU resource limit. + pattern: ^([0-9])+(m)$ + type: string + gpuCore: + description: GPU core number that will be allocated. + type: integer + memory: + description: Memory resource limit. + pattern: ^([0-9])+(Mi|Gi)$ + type: string + type: object + serviceType: + default: NodePort + description: Service type of Cloud IDE. `ClusterIP` and `NodePort` is + supported. + enum: + - ClusterIP + - NodePort + type: string + webrtcPortRange: + description: UDP port range to used in WebRTC connections. + pattern: ^([0-9])+-([0-9])+$ + type: string + type: object + status: + description: Most recently observed status of the DevSpaceVDI. + properties: + ingressStatus: + description: Status of Cloud VDI Ingress. + properties: + created: + description: Shows if the owned resource is created. + type: boolean + phase: + description: Phase of the owned resource. + type: string + reference: + description: Reference to the owned resource. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - created + type: object + phase: + description: Phase of DevSpaceVDI. + type: string + podStatus: + description: Status of Cloud VDI pod. + properties: + ip: + description: IP of the pod. + type: string + resource: + description: Generic status for any owned resource. + properties: + created: + description: Shows if the owned resource is created. + type: boolean + phase: + description: Phase of the owned resource. + type: string + reference: + description: Reference to the owned resource. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this pod). + This syntax is chosen only to have some well-defined way + of referencing a part of an object. TODO: this design + is not final and this field is subject to change in the + future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - created + type: object + type: object + pvcStatus: + description: Status of Cloud VDI persistent volume claim. This PVC dynamically + provisions a volume that is a shared between DevSpaceVDI workloads + and other workloads that requests display. + properties: + created: + description: Shows if the owned resource is created. + type: boolean + phase: + description: Phase of the owned resource. + type: string + reference: + description: Reference to the owned resource. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - created + type: object + serviceTCPStatus: + description: Status of Cloud VDI TCP service. + properties: + resource: + description: Generic status for any owned resource. + properties: + created: + description: Shows if the owned resource is created. + type: boolean + phase: + description: Phase of the owned resource. + type: string + reference: + description: Reference to the owned resource. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this pod). + This syntax is chosen only to have some well-defined way + of referencing a part of an object. TODO: this design + is not final and this field is subject to change in the + future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - created + type: object + url: + description: Connection URL. + type: string + type: object + serviceUDPStatus: + description: Status of Cloud VDI UDP service. + properties: + created: + description: Shows if the owned resource is created. + type: boolean + phase: + description: Phase of the owned resource. + type: string + reference: + description: Reference to the owned resource. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - created + type: object + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] \ No newline at end of file diff --git a/charts/devspace-operator/templates/devsuite-crd.yaml b/charts/devspace-operator/templates/devsuite-crd.yaml new file mode 100644 index 0000000..f0fdb71 --- /dev/null +++ b/charts/devspace-operator/templates/devsuite-crd.yaml @@ -0,0 +1,281 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: devsuites.dev.roboscale.io + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + labels: + {{- include "devspace-operator.labels" . | nindent 4 }} +spec: + group: dev.roboscale.io + names: + kind: DevSuite + listKind: DevSuiteList + plural: devsuites + singular: devsuite + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: DevSuite is a custom resource that creates dynamically configured + development environments for devspaces. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of the desired behavior of the DevSuite. + properties: + devSpaceIDETemplate: + description: Configurational parameters of DevSpaceIDE. Applied if `.spec.ideEnabled` + is set to `true`. + properties: + display: + description: Cloud IDE connects an X11 socket if it's set to `true` + and a target DevSpaceVDI resource is set in labels with key `robolaunch.io/target-vdi`. + Applications that requires GUI can be executed such as rViz. + type: boolean + ingress: + description: '[*alpha*] DevSpaceIDE will create an Ingress resource + if `true`.' + type: boolean + privileged: + description: If `true`, containers of DevSpaceIDE will be privileged + containers. It can be used in physical instances where it's necessary + to access I/O devices on the host machine. Not recommended to + activate this field on cloud instances. + type: boolean + resources: + description: Resource limitations of Cloud IDE. + properties: + cpu: + description: CPU resource limit. + pattern: ^([0-9])+(m)$ + type: string + gpuCore: + description: GPU core number that will be allocated. + type: integer + memory: + description: Memory resource limit. + pattern: ^([0-9])+(Mi|Gi)$ + type: string + type: object + serviceType: + default: NodePort + description: Service type of Cloud IDE. `ClusterIP` and `NodePort` + is supported. + enum: + - ClusterIP + - NodePort + type: string + type: object + devSpaceVDITemplate: + description: Configurational parameters of DevSpaceVDI. Applied if `.spec.vdiEnabled` + is set to `true`. + properties: + ingress: + description: '[*alpha*] DevSpaceIDE will create an Ingress resource + if `true`.' + type: boolean + nat1to1: + description: NAT1TO1 option for Cloud VDI. + type: string + privileged: + description: If `true`, containers of DevSpaceIDE will be privileged + containers. It can be used in physical instances where it's necessary + to access I/O devices on the host machine. Not recommended to + activate this field on cloud instances. + type: boolean + resolution: + default: 2048x1152 + description: VDI screen resolution options. Default is `2048x1152`. + enum: + - 2048x1152 + - 1920x1080 + - 1600x1200 + type: string + resources: + description: Resource limitations of Cloud IDE. + properties: + cpu: + description: CPU resource limit. + pattern: ^([0-9])+(m)$ + type: string + gpuCore: + description: GPU core number that will be allocated. + type: integer + memory: + description: Memory resource limit. + pattern: ^([0-9])+(Mi|Gi)$ + type: string + type: object + serviceType: + default: NodePort + description: Service type of Cloud IDE. `ClusterIP` and `NodePort` + is supported. + enum: + - ClusterIP + - NodePort + type: string + webrtcPortRange: + description: UDP port range to used in WebRTC connections. + pattern: ^([0-9])+-([0-9])+$ + type: string + type: object + ideEnabled: + description: If `true`, a Cloud IDE will be provisioned inside development + suite. + type: boolean + vdiEnabled: + description: If `true`, a Cloud VDI will be provisioned inside development + suite. + type: boolean + type: object + status: + description: Most recently observed status of the DevSuite. + properties: + active: + description: '[*alpha*] Indicates if DevSuite is attached to a DevSpace + and actively provisioned it''s resources.' + type: boolean + devSpaceIDEStatus: + description: Status of DevSpaceIDE. + properties: + connection: + description: Address of the devspace service that can be reached + from outside. + type: string + resource: + description: Generic status for any owned resource. + properties: + created: + description: Shows if the owned resource is created. + type: boolean + phase: + description: Phase of the owned resource. + type: string + reference: + description: Reference to the owned resource. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this pod). + This syntax is chosen only to have some well-defined way + of referencing a part of an object. TODO: this design + is not final and this field is subject to change in the + future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - created + type: object + type: object + devSpaceVDIStatus: + description: Status of DevSpaceVDI. + properties: + connection: + description: Address of the devspace service that can be reached + from outside. + type: string + resource: + description: Generic status for any owned resource. + properties: + created: + description: Shows if the owned resource is created. + type: boolean + phase: + description: Phase of the owned resource. + type: string + reference: + description: Reference to the owned resource. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a valid + JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that + triggered the event) or if no container name is specified + "spec.containers[2]" (container with index 2 in this pod). + This syntax is chosen only to have some well-defined way + of referencing a part of an object. TODO: this design + is not final and this field is subject to change in the + future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - created + type: object + type: object + phase: + description: Phase of DevSuite. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] \ No newline at end of file diff --git a/charts/devspace-operator/templates/leader-election-rbac.yaml b/charts/devspace-operator/templates/leader-election-rbac.yaml new file mode 100644 index 0000000..de31883 --- /dev/null +++ b/charts/devspace-operator/templates/leader-election-rbac.yaml @@ -0,0 +1,59 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "devspace-operator.fullname" . }}-leader-election-role + labels: + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: devspace-operator + app.kubernetes.io/part-of: devspace-operator + {{- include "devspace-operator.labels" . | nindent 4 }} +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "devspace-operator.fullname" . }}-leader-election-rolebinding + labels: + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: devspace-operator + app.kubernetes.io/part-of: devspace-operator + {{- include "devspace-operator.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: '{{ include "devspace-operator.fullname" . }}-leader-election-role' +subjects: +- kind: ServiceAccount + name: '{{ include "devspace-operator.fullname" . }}-controller-manager' + namespace: '{{ .Release.Namespace }}' \ No newline at end of file diff --git a/charts/devspace-operator/templates/manager-rbac.yaml b/charts/devspace-operator/templates/manager-rbac.yaml new file mode 100644 index 0000000..2480306 --- /dev/null +++ b/charts/devspace-operator/templates/manager-rbac.yaml @@ -0,0 +1,227 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "devspace-operator.fullname" . }}-manager-role + labels: + {{- include "devspace-operator.labels" . | nindent 4 }} +rules: +- apiGroups: + - batch + resources: + - jobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - nodes + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - dev.roboscale.io + resources: + - devspaceides + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - dev.roboscale.io + resources: + - devspaceides/finalizers + verbs: + - update +- apiGroups: + - dev.roboscale.io + resources: + - devspaceides/status + verbs: + - get + - patch + - update +- apiGroups: + - dev.roboscale.io + resources: + - devspaces + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - dev.roboscale.io + resources: + - devspaces/finalizers + verbs: + - update +- apiGroups: + - dev.roboscale.io + resources: + - devspaces/status + verbs: + - get + - patch + - update +- apiGroups: + - dev.roboscale.io + resources: + - devspacevdis + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - dev.roboscale.io + resources: + - devspacevdis/finalizers + verbs: + - update +- apiGroups: + - dev.roboscale.io + resources: + - devspacevdis/status + verbs: + - get + - patch + - update +- apiGroups: + - dev.roboscale.io + resources: + - devsuites + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - dev.roboscale.io + resources: + - devsuites/finalizers + verbs: + - update +- apiGroups: + - dev.roboscale.io + resources: + - devsuites/status + verbs: + - get + - patch + - update +- apiGroups: + - dev.roboscale.io + resources: + - workspacemanagers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - dev.roboscale.io + resources: + - workspacemanagers/finalizers + verbs: + - update +- apiGroups: + - dev.roboscale.io + resources: + - workspacemanagers/status + verbs: + - get + - patch + - update +- apiGroups: + - networking.k8s.io + resources: + - ingresses + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "devspace-operator.fullname" . }}-manager-rolebinding + labels: + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: devspace-operator + app.kubernetes.io/part-of: devspace-operator + {{- include "devspace-operator.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: '{{ include "devspace-operator.fullname" . }}-manager-role' +subjects: +- kind: ServiceAccount + name: '{{ include "devspace-operator.fullname" . }}-controller-manager' + namespace: '{{ .Release.Namespace }}' \ No newline at end of file diff --git a/charts/devspace-operator/templates/metrics-reader-rbac.yaml b/charts/devspace-operator/templates/metrics-reader-rbac.yaml new file mode 100644 index 0000000..1c22bd9 --- /dev/null +++ b/charts/devspace-operator/templates/metrics-reader-rbac.yaml @@ -0,0 +1,14 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "devspace-operator.fullname" . }}-metrics-reader + labels: + app.kubernetes.io/component: kube-rbac-proxy + app.kubernetes.io/created-by: devspace-operator + app.kubernetes.io/part-of: devspace-operator + {{- include "devspace-operator.labels" . | nindent 4 }} +rules: +- nonResourceURLs: + - /metrics + verbs: + - get \ No newline at end of file diff --git a/charts/devspace-operator/templates/metrics-service.yaml b/charts/devspace-operator/templates/metrics-service.yaml new file mode 100644 index 0000000..b8cfdbe --- /dev/null +++ b/charts/devspace-operator/templates/metrics-service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "devspace-operator.fullname" . }}-controller-manager-metrics-service + labels: + app.kubernetes.io/component: kube-rbac-proxy + app.kubernetes.io/created-by: devspace-operator + app.kubernetes.io/part-of: devspace-operator + control-plane: controller-manager + {{- include "devspace-operator.labels" . | nindent 4 }} +spec: + type: {{ .Values.metricsService.type }} + selector: + control-plane: controller-manager + {{- include "devspace-operator.selectorLabels" . | nindent 4 }} + ports: + {{- .Values.metricsService.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/charts/devspace-operator/templates/mutating-webhook-configuration.yaml b/charts/devspace-operator/templates/mutating-webhook-configuration.yaml new file mode 100644 index 0000000..b40b9f6 --- /dev/null +++ b/charts/devspace-operator/templates/mutating-webhook-configuration.yaml @@ -0,0 +1,89 @@ +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + name: {{ include "devspace-operator.fullname" . }}-mutating-webhook-configuration + annotations: + cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ include "devspace-operator.fullname" . }}-serving-cert + labels: + {{- include "devspace-operator.labels" . | nindent 4 }} +webhooks: +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: '{{ include "devspace-operator.fullname" . }}-webhook-service' + namespace: '{{ .Release.Namespace }}' + path: /mutate-dev-roboscale-io-v1alpha1-devspace + failurePolicy: Fail + name: mdevspace.kb.io + rules: + - apiGroups: + - dev.roboscale.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - devspaces + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: '{{ include "devspace-operator.fullname" . }}-webhook-service' + namespace: '{{ .Release.Namespace }}' + path: /mutate-dev-roboscale-io-v1alpha1-workspacemanager + failurePolicy: Fail + name: mworkspacemanager.kb.io + rules: + - apiGroups: + - dev.roboscale.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - workspacemanagers + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: '{{ include "devspace-operator.fullname" . }}-webhook-service' + namespace: '{{ .Release.Namespace }}' + path: /mutate-dev-roboscale-io-v1alpha1-devspaceide + failurePolicy: Fail + name: mdevspaceide.kb.io + rules: + - apiGroups: + - dev.roboscale.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - devspaceides + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: '{{ include "devspace-operator.fullname" . }}-webhook-service' + namespace: '{{ .Release.Namespace }}' + path: /mutate-dev-roboscale-io-v1alpha1-devspacevdi + failurePolicy: Fail + name: mdevspacevdi.kb.io + rules: + - apiGroups: + - dev.roboscale.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - devspacevdis + sideEffects: None \ No newline at end of file diff --git a/charts/devspace-operator/templates/proxy-rbac.yaml b/charts/devspace-operator/templates/proxy-rbac.yaml new file mode 100644 index 0000000..410faa6 --- /dev/null +++ b/charts/devspace-operator/templates/proxy-rbac.yaml @@ -0,0 +1,40 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "devspace-operator.fullname" . }}-proxy-role + labels: + app.kubernetes.io/component: kube-rbac-proxy + app.kubernetes.io/created-by: devspace-operator + app.kubernetes.io/part-of: devspace-operator + {{- include "devspace-operator.labels" . | nindent 4 }} +rules: +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "devspace-operator.fullname" . }}-proxy-rolebinding + labels: + app.kubernetes.io/component: kube-rbac-proxy + app.kubernetes.io/created-by: devspace-operator + app.kubernetes.io/part-of: devspace-operator + {{- include "devspace-operator.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: '{{ include "devspace-operator.fullname" . }}-proxy-role' +subjects: +- kind: ServiceAccount + name: '{{ include "devspace-operator.fullname" . }}-controller-manager' + namespace: '{{ .Release.Namespace }}' \ No newline at end of file diff --git a/charts/devspace-operator/templates/selfsigned-issuer.yaml b/charts/devspace-operator/templates/selfsigned-issuer.yaml new file mode 100644 index 0000000..1e24e36 --- /dev/null +++ b/charts/devspace-operator/templates/selfsigned-issuer.yaml @@ -0,0 +1,8 @@ +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: {{ include "devspace-operator.fullname" . }}-selfsigned-issuer + labels: + {{- include "devspace-operator.labels" . | nindent 4 }} +spec: + selfSigned: {} \ No newline at end of file diff --git a/charts/devspace-operator/templates/serving-cert.yaml b/charts/devspace-operator/templates/serving-cert.yaml new file mode 100644 index 0000000..dab3470 --- /dev/null +++ b/charts/devspace-operator/templates/serving-cert.yaml @@ -0,0 +1,16 @@ +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: {{ include "devspace-operator.fullname" . }}-serving-cert + labels: + {{- include "devspace-operator.labels" . | nindent 4 }} +spec: + dnsNames: + - '{{ include "devspace-operator.fullname" . }}-webhook-service.{{ .Release.Namespace + }}.svc' + - '{{ include "devspace-operator.fullname" . }}-webhook-service.{{ .Release.Namespace + }}.svc.{{ .Values.kubernetesClusterDomain }}' + issuerRef: + kind: Issuer + name: '{{ include "devspace-operator.fullname" . }}-selfsigned-issuer' + secretName: webhook-server-cert \ No newline at end of file diff --git a/charts/devspace-operator/templates/validating-webhook-configuration.yaml b/charts/devspace-operator/templates/validating-webhook-configuration.yaml new file mode 100644 index 0000000..10ee6cf --- /dev/null +++ b/charts/devspace-operator/templates/validating-webhook-configuration.yaml @@ -0,0 +1,89 @@ +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + name: {{ include "devspace-operator.fullname" . }}-validating-webhook-configuration + annotations: + cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ include "devspace-operator.fullname" . }}-serving-cert + labels: + {{- include "devspace-operator.labels" . | nindent 4 }} +webhooks: +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: '{{ include "devspace-operator.fullname" . }}-webhook-service' + namespace: '{{ .Release.Namespace }}' + path: /validate-dev-roboscale-io-v1alpha1-devspace + failurePolicy: Fail + name: vdevspace.kb.io + rules: + - apiGroups: + - dev.roboscale.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - devspaces + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: '{{ include "devspace-operator.fullname" . }}-webhook-service' + namespace: '{{ .Release.Namespace }}' + path: /validate-dev-roboscale-io-v1alpha1-workspacemanager + failurePolicy: Fail + name: vworkspacemanager.kb.io + rules: + - apiGroups: + - dev.roboscale.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - workspacemanagers + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: '{{ include "devspace-operator.fullname" . }}-webhook-service' + namespace: '{{ .Release.Namespace }}' + path: /validate-dev-roboscale-io-v1alpha1-devspaceide + failurePolicy: Fail + name: vdevspaceide.kb.io + rules: + - apiGroups: + - dev.roboscale.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - devspaceides + sideEffects: None +- admissionReviewVersions: + - v1 + clientConfig: + service: + name: '{{ include "devspace-operator.fullname" . }}-webhook-service' + namespace: '{{ .Release.Namespace }}' + path: /validate-dev-roboscale-io-v1alpha1-devspacevdi + failurePolicy: Fail + name: vdevspacevdi.kb.io + rules: + - apiGroups: + - dev.roboscale.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - devspacevdis + sideEffects: None \ No newline at end of file diff --git a/charts/devspace-operator/templates/webhook-service.yaml b/charts/devspace-operator/templates/webhook-service.yaml new file mode 100644 index 0000000..3b1b99b --- /dev/null +++ b/charts/devspace-operator/templates/webhook-service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "devspace-operator.fullname" . }}-webhook-service + labels: + app.kubernetes.io/component: webhook + app.kubernetes.io/created-by: devspace-operator + app.kubernetes.io/part-of: devspace-operator + {{- include "devspace-operator.labels" . | nindent 4 }} +spec: + type: {{ .Values.webhookService.type }} + selector: + control-plane: controller-manager + {{- include "devspace-operator.selectorLabels" . | nindent 4 }} + ports: + {{- .Values.webhookService.ports | toYaml | nindent 2 -}} \ No newline at end of file diff --git a/charts/devspace-operator/templates/workspacemanager-crd.yaml b/charts/devspace-operator/templates/workspacemanager-crd.yaml new file mode 100644 index 0000000..3abb302 --- /dev/null +++ b/charts/devspace-operator/templates/workspacemanager-crd.yaml @@ -0,0 +1,227 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: workspacemanagers.dev.roboscale.io + annotations: + cert-manager.io/inject-ca-from: '{{ .Release.Namespace }}/{{ include "devspace-operator.fullname" + . }}-serving-cert' + controller-gen.kubebuilder.io/version: v0.9.2 + labels: + {{- include "devspace-operator.labels" . | nindent 4 }} +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: '{{ include "devspace-operator.fullname" . }}-webhook-service' + namespace: '{{ .Release.Namespace }}' + path: /convert + conversionReviewVersions: + - v1 + group: dev.roboscale.io + names: + kind: WorkspaceManager + listKind: WorkspaceManagerList + plural: workspacemanagers + singular: workspacemanager + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: WorkspaceManager configures the ROS 2 workspaces and repositories + by executing Kubernetes jobs. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of the desired behavior of the WorkspaceManager. + properties: + updateNeeded: + description: WorkspaceManager is triggered if this field is set to `true`. + Then the workspaces are being configured again while backing up the + old configurations. This field is often used by operator. + type: boolean + workspaces: + description: Workspace definitions of devspace. Multiple ROS 2 workspaces + can be configured over this field. + items: + description: Workspace description. Each devspace should contain at + least one workspace. A workspace should contain at least one repository + in it. + properties: + name: + description: Name of workspace. If a workspace's name is `my_ws`, + it's absolute path is `/home/workspaces/my_ws`. + type: string + repositories: + additionalProperties: + description: Repository description. + properties: + branch: + description: Branch of the repository to clone. + type: string + hash: + description: '[*Autofilled*] Hash of last commit' + type: string + owner: + description: '[*Autofilled*] User or organization, maintainer + of repository' + type: string + path: + description: '[*Autofilled*] Absolute path of repository' + type: string + repo: + description: '[*Autofilled*] Repository name' + type: string + url: + description: Base URL of the repository. + type: string + required: + - branch + - url + type: object + description: Repositories to clone inside workspace's `src` directory. + type: object + required: + - name + - repositories + type: object + minItems: 1 + type: array + workspacesPath: + description: Global path of workspaces. It's fixed to `/root/workspaces` + path. + type: string + type: object + status: + description: Most recently observed status of the WorkspaceManager. + properties: + cleanupJobStatus: + description: Status of cleanup jobs that runs while reconfiguring workspaces. + properties: + created: + description: Shows if the owned resource is created. + type: boolean + phase: + description: Phase of the owned resource. + type: string + reference: + description: Reference to the owned resource. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - created + type: object + clonerJobStatus: + description: Status of cloner job. + properties: + created: + description: Shows if the owned resource is created. + type: boolean + phase: + description: Phase of the owned resource. + type: string + reference: + description: Reference to the owned resource. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead of + an entire object, this string should contain a valid JSON/Go + field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container within + a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container that triggered + the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen + only to have some well-defined way of referencing a part of + an object. TODO: this design is not final and this field is + subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this reference + is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + x-kubernetes-map-type: atomic + required: + - created + type: object + phase: + description: Phase of WorkspaceManager. + type: string + version: + description: Incremental version of workspace configuration map. Used + to determine changes in configuration. + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] \ No newline at end of file diff --git a/charts/devspace-operator/values.yaml b/charts/devspace-operator/values.yaml new file mode 100644 index 0000000..298f4c3 --- /dev/null +++ b/charts/devspace-operator/values.yaml @@ -0,0 +1,57 @@ +controllerManager: + kubeRbacProxy: + args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=0 + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + image: + repository: gcr.io/kubebuilder/kube-rbac-proxy + tag: v0.13.0 + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi + manager: + args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + image: + repository: robolaunchio/devspace-controller-manager + tag: v0.1.0-alpha.1 + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi + replicas: 1 +kubernetesClusterDomain: cluster.local +metricsService: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + type: ClusterIP +webhookService: + ports: + - port: 443 + protocol: TCP + targetPort: 9443 + type: ClusterIP