Merge branch 'dev' into main

Dockerfile

@@ -14,4 +14,6 @@ ADD entrypoint.sh /
 
 ADD ./src/*.py /src/
 
+ADD ./src/templates /src/templates
+
 CMD /entrypoint.sh

init/peering.yaml

@@ -1,13 +1,11 @@
-# This file is for Kubernetes >= 1.16.
-# For Kubernetes <= 1.15, use peering-v1beta1.yaml.
 ---
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
-  name: clusterkopfpeerings.zalando.org
+  name: clusterkopfpeerings.kopf.dev
 spec:
   scope: Cluster
-  group: zalando.org
+  group: kopf.dev
   names:
     kind: ClusterKopfPeering
     plural: clusterkopfpeerings
@@ -27,10 +25,10 @@ spec:
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
-  name: kopfpeerings.zalando.org
+  name: kopfpeerings.kopf.dev
 spec:
   scope: Namespaced
-  group: zalando.org
+  group: kopf.dev
   names:
     kind: KopfPeering
     plural: kopfpeerings
@@ -47,14 +45,14 @@ spec:
               type: object
               x-kubernetes-preserve-unknown-fields: true
 ---
-apiVersion: zalando.org/v1
+apiVersion: kopf.dev/v1
 kind: ClusterKopfPeering
 metadata:
   name: default
 ---
-apiVersion: zalando.org/v1
+apiVersion: kopf.dev/v1
 kind: KopfPeering
 metadata:
   namespace: default
   name: default
----
+---

manifests/dev/deployment.yaml

@@ -17,7 +17,7 @@ spec:
       serviceAccountName: enonic-op-dev-account
       containers:
       - name: operator
-        image: "localhost:5000/enonic-op:latest"
+        image: daviptrs/enonic-operator-k8s:dev
         imagePullPolicy: Always
         env:
           - name: DEBUG

manifests/dev/rbac.yaml

@@ -12,31 +12,47 @@ metadata:
 rules:
 
   # Framework: knowing which other operators are running (i.e. peering).
-  - apiGroups: [zalando.org]
+  - apiGroups: [kopf.dev]
     resources: [clusterkopfpeerings]
     verbs: [list, watch, patch, get]
+
+  # Framework: runtime observation of namespaces & CRDs (addition/deletion).
   - apiGroups: [apiextensions.k8s.io]
     resources: [customresourcedefinitions]
-    verbs: [list, get]
+    verbs: [list, watch]
+  - apiGroups: [""]
+    resources: [namespaces]
+    verbs: [list, watch]
 
   # Framework: posting the events about the handlers progress/errors.
-  - apiGroups: [events.k8s.io]
-    resources: [events]
-    verbs: [create]
-  - apiGroups: [""]
+  - apiGroups: ["", "events.k8s.io"]
     resources: [events]
     verbs: [create]
 
-  # Application: read-only access for watching cluster-wide.
+  # Framework: admission webhook configuration management.
+  - apiGroups: [admissionregistration.k8s.io/v1, admissionregistration.k8s.io/v1beta1]
+    resources: [validatingwebhookconfigurations, mutatingwebhookconfigurations]
+    verbs: [create, patch]
+
   - apiGroups: [""]
     resources: ["pods"]
-    verbs: [list, watch, patch, create, delete, update]
+    verbs: [get, list, watch, create, delete]
+
+  - apiGroups: ["kopf.enonic"]
+    resources: ["enonicxpapps"]
+    verbs: [get, list, watch, patch, update]
+
+  - apiGroups: ["batch", "extensions"]
+    resources: ["jobs"]
+    verbs: [get, list, watch, patch, create, delete, update]
+
   - apiGroups: ["apps"]
     resources: ["statefulsets"]
-    verbs: [get, list, watch, patch, create, delete, update]
+    verbs: [get, list, watch, patch]
+
   - apiGroups: ["apps"]
     resources: ["statefulsets/status"]
-    verbs: [get, list, watch, patch, update, create, delete]
+    verbs: [get, list, watch, patch]
 ---
 apiVersion: rbac.authorization.k8s.io/v1beta1
 kind: ClusterRoleBinding

manifests/manifest.yaml

@@ -3,35 +3,54 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
   namespace: default
-  name: enonic-operator-account
+  name: enonic-op-account
 
 ---
 apiVersion: rbac.authorization.k8s.io/v1beta1
 kind: ClusterRole
 metadata:
-  name: enonic-operator-clusterrole
+  name: enonic-op-role-cluster
 rules:
 
   # Framework: knowing which other operators are running (i.e. peering).
-  - apiGroups: [zalando.org]
+  - apiGroups: [kopf.dev]
     resources: [clusterkopfpeerings]
     verbs: [list, watch, patch, get]
+
+  # Framework: runtime observation of namespaces & CRDs (addition/deletion).
   - apiGroups: [apiextensions.k8s.io]
     resources: [customresourcedefinitions]
-    verbs: [list, get]
+    verbs: [list, watch]
+  - apiGroups: [""]
+    resources: [namespaces]
+    verbs: [list, watch]
 
   # Framework: posting the events about the handlers progress/errors.
-  - apiGroups: [events.k8s.io]
+  - apiGroups: ["", "events.k8s.io"]
     resources: [events]
     verbs: [create]
+
+  # Framework: admission webhook configuration management.
+  - apiGroups: [admissionregistration.k8s.io/v1, admissionregistration.k8s.io/v1beta1]
+    resources: [validatingwebhookconfigurations, mutatingwebhookconfigurations]
+    verbs: [create, patch]
+
   - apiGroups: [""]
-    resources: [events]
-    verbs: [create]
+    resources: ["pods"]
+    verbs: [get, list, watch, create, delete]
+
+  - apiGroups: ["kopf.enonic"]
+    resources: ["enonicxpapps"]
+    verbs: [get, list, watch, patch, update]
+
+  - apiGroups: ["batch", "extensions"]
+    resources: ["jobs"]
+    verbs: [get, list, watch, patch, create, delete, update]
 
-  # Application: access for management cluster-wide.
   - apiGroups: ["apps"]
     resources: ["statefulsets"]
     verbs: [get, list, watch, patch]
+
   - apiGroups: ["apps"]
     resources: ["statefulsets/status"]
     verbs: [get, list, watch, patch]
@@ -40,16 +59,59 @@ rules:
 apiVersion: rbac.authorization.k8s.io/v1beta1
 kind: ClusterRoleBinding
 metadata:
-  name: enonic-operator-bind
+  name: enonic-op-rolebinding-cluster
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
-  name: enonic-operator-clusterrole
+  name: enonic-op-role-cluster
 subjects:
   - kind: ServiceAccount
-    name: enonic-operator-account
+    name: enonic-op-account
     namespace: default
 
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: enonicxpapps.kopf.enonic
+spec:
+  scope: Namespaced
+  group: kopf.enonic
+  names:
+    kind: EnonicXpApp
+    plural: enonicxpapps
+    singular: enonicxpapp
+    shortNames:
+      - xpapp
+      - xpapps
+      - exas
+      - exa
+      - xapp
+      - xapps
+  versions:
+    - name: v1
+      served: true
+      storage: true
+      schema:
+        openAPIV3Schema:
+          type: object
+          properties:
+            spec:
+              type: object
+              x-kubernetes-preserve-unknown-fields: true
+            status:
+              type: object
+              x-kubernetes-preserve-unknown-fields: true
+      additionalPrinterColumns:
+        - name: Latest Jar
+          type: string
+          jsonPath: .spec.object.name
+          description: Latest jar file that was tried to be installed.
+        - name: Status
+          type: string
+          jsonPath: .status.xp_app_handler/spec
+          description: Jar latest installation status
+
 ---
 apiVersion: apps/v1
 kind: Deployment

push_dev

@@ -1,6 +1,6 @@
 #!/bin/bash
 
-docker build . -f Dockerfile -t localhost:5000/enonic-op:latest
-docker push localhost:5000/enonic-op:latest
+docker build . -f Dockerfile -t daviptrs/enonic-operator-k8s:dev --build-arg VERSION_TAG=dev
+docker push daviptrs/enonic-operator-k8s:dev
 
 kubectl rollout restart deployment enonic-op-dev