forked from plexsystems/sandbox-operator
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbundle.yaml
201 lines (201 loc) · 4.27 KB
/
bundle.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: sandboxes.operators.plex.dev
spec:
group: operators.plex.dev
names:
kind: Sandbox
listKind: SandboxList
plural: sandboxes
singular: sandbox
scope: Cluster
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
type: object
status:
type: object
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/name: sandbox-operator
app.kubernetes.io/part-of: sandbox-operator
name: sandbox-operator-sa
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/name: sandbox-operator
app.kubernetes.io/part-of: sandbox-operator
name: sandbox-operator
rules:
- apiGroups:
- ""
resources:
- pods
- services
- services/finalizers
- endpoints
- persistentvolumeclaims
- events
- configmaps
- secrets
- namespaces
- resourcequotas
verbs:
- '*'
- apiGroups:
- apps
resources:
- deployments
- daemonsets
- replicasets
- statefulsets
verbs:
- '*'
- apiGroups:
- monitoring.coreos.com
resources:
- servicemonitors
verbs:
- get
- create
- apiGroups:
- apps
resourceNames:
- sanbox-operator
resources:
- deployments/finalizers
verbs:
- update
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- apiGroups:
- apps
resources:
- replicasets
verbs:
- get
- apiGroups:
- operators.plex.dev
resources:
- '*'
verbs:
- '*'
- apiGroups:
- rbac.authorization.k8s.io
resources:
- '*'
verbs:
- '*'
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/name: sandbox-operator
app.kubernetes.io/part-of: sandbox-operator
name: sandbox-users
rules:
- apiGroups:
- operators.plex.dev
resources:
- sandboxes
verbs:
- create
- list
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/name: sandbox-operator
app.kubernetes.io/part-of: sandbox-operator
name: sandbox-operator
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: sandbox-operator
subjects:
- kind: ServiceAccount
name: sandbox-operator-sa
namespace: default
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/name: sandbox-operator
app.kubernetes.io/part-of: sandbox-operator
name: sandbox-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: sandbox-users
subjects:
- kind: Group
name: system:authenticated
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/name: sandbox-operator
app.kubernetes.io/version: v0.10.0
name: sandbox-operator
spec:
selector:
matchLabels:
name: sandbox-operator
template:
metadata:
labels:
name: sandbox-operator
spec:
containers:
- command:
- sandbox-operator
env:
- name: OPERATOR_NAME
value: sandbox-operator
- name: WATCH_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
image: plexsystems/sandbox-operator:v0.10.0
imagePullPolicy: IfNotPresent
name: sandbox-operator
serviceAccountName: sandbox-operator-sa