├── .gitattributes
├── .github
    ├── ISSUE_TEMPLATE
    │   ├── bug_report.yaml
    │   ├── config.yml
    │   └── feature_request.yaml
    ├── PULL_REQUEST_TEMPLATE.md
    ├── SECURITY.md
    ├── dependabot.yml
    └── workflows
    │   ├── apidiff.yml
    │   ├── codeql.yml
    │   ├── external-plugin.yml
    │   ├── legacy-webhook-path.yml
    │   ├── lint-sample.yml
    │   ├── lint.yml
    │   ├── release.yml
    │   ├── spaces.yml
    │   ├── test-alpha-generate.yml
    │   ├── test-devcontainer.yml
    │   ├── test-e2e-book.yml
    │   ├── test-e2e-samples.yml
    │   ├── test-helm-book.yml
    │   ├── test-helm-samples.yml
    │   ├── testdata.yml
    │   ├── unit-tests.yml
    │   └── verify.yml
├── .gitignore
├── .golangci.yml
├── BUILD.bazel
├── CONTRIBUTING.md
├── DESIGN.md
├── LICENSE
├── Makefile
├── OWNERS
├── OWNERS_ALIASES
├── README.md
├── RELEASE.md
├── SECURITY_CONTACTS
├── VERSIONING.md
├── build
    └── .goreleaser.yml
├── cmd
    ├── cmd.go
    └── version.go
├── code-of-conduct.md
├── designs
    ├── README.md
    ├── assets
    │   └── version_diagram.png
    ├── code-generate-image-plugin.md
    ├── crd_version_conversion.md
    ├── discontinue_usage_of_kube_rbac_proxy.md
    ├── extensible-cli-and-scaffolding-plugins-phase-1-5.md
    ├── extensible-cli-and-scaffolding-plugins-phase-1.md
    ├── extensible-cli-and-scaffolding-plugins-phase-2.md
    ├── helm-chart-autogenerate-plugin.md
    ├── helper_to_upgrade_projects_by_rescaffolding.md
    ├── integrating-kubebuilder-and-osdk.md
    ├── simplified-scaffolding.md
    └── template.md
├── docs
    ├── CONTRIBUTING-ROLES.md
    ├── README.md
    ├── book
    │   ├── .firebaserc
    │   ├── book.toml
    │   ├── functions
    │   │   └── handle-version.js
    │   ├── install-and-build.sh
    │   ├── litgo.sh
    │   ├── markerdocs.sh
    │   ├── src
    │   │   ├── SUMMARY.md
    │   │   ├── TODO.md
    │   │   ├── architecture.md
    │   │   ├── cronjob-tutorial
    │   │   │   ├── api-design.md
    │   │   │   ├── basic-project.md
    │   │   │   ├── cert-manager.md
    │   │   │   ├── controller-implementation.md
    │   │   │   ├── controller-overview.md
    │   │   │   ├── cronjob-tutorial.md
    │   │   │   ├── empty-main.md
    │   │   │   ├── epilogue.md
    │   │   │   ├── gvks.md
    │   │   │   ├── main-revisited.md
    │   │   │   ├── new-api.md
    │   │   │   ├── other-api-files.md
    │   │   │   ├── running-webhook.md
    │   │   │   ├── running.md
    │   │   │   ├── testdata
    │   │   │   │   ├── emptyapi.go
    │   │   │   │   ├── emptycontroller.go
    │   │   │   │   ├── emptymain.go
    │   │   │   │   ├── finalizer_example.go
    │   │   │   │   ├── generate_cronjob.sh
    │   │   │   │   └── project
    │   │   │   │   │   ├── .devcontainer
    │   │   │   │   │       ├── devcontainer.json
    │   │   │   │   │       └── post-install.sh
    │   │   │   │   │   ├── .dockerignore
    │   │   │   │   │   ├── .github
    │   │   │   │   │       └── workflows
    │   │   │   │   │       │   ├── lint.yml
    │   │   │   │   │       │   ├── test-chart.yml
    │   │   │   │   │       │   ├── test-e2e.yml
    │   │   │   │   │       │   └── test.yml
    │   │   │   │   │   ├── .gitignore
    │   │   │   │   │   ├── .golangci.yml
    │   │   │   │   │   ├── Dockerfile
    │   │   │   │   │   ├── Makefile
    │   │   │   │   │   ├── PROJECT
    │   │   │   │   │   ├── README.md
    │   │   │   │   │   ├── api
    │   │   │   │   │       └── v1
    │   │   │   │   │       │   ├── cronjob_types.go
    │   │   │   │   │       │   ├── groupversion_info.go
    │   │   │   │   │       │   └── zz_generated.deepcopy.go
    │   │   │   │   │   ├── cmd
    │   │   │   │   │       └── main.go
    │   │   │   │   │   ├── config
    │   │   │   │   │       ├── certmanager
    │   │   │   │   │       │   ├── certificate-metrics.yaml
    │   │   │   │   │       │   ├── certificate-webhook.yaml
    │   │   │   │   │       │   ├── issuer.yaml
    │   │   │   │   │       │   ├── kustomization.yaml
    │   │   │   │   │       │   └── kustomizeconfig.yaml
    │   │   │   │   │       ├── crd
    │   │   │   │   │       │   ├── bases
    │   │   │   │   │       │   │   └── batch.tutorial.kubebuilder.io_cronjobs.yaml
    │   │   │   │   │       │   ├── kustomization.yaml
    │   │   │   │   │       │   └── kustomizeconfig.yaml
    │   │   │   │   │       ├── default
    │   │   │   │   │       │   ├── cert_metrics_manager_patch.yaml
    │   │   │   │   │       │   ├── kustomization.yaml
    │   │   │   │   │       │   ├── manager_metrics_patch.yaml
    │   │   │   │   │       │   ├── manager_webhook_patch.yaml
    │   │   │   │   │       │   └── metrics_service.yaml
    │   │   │   │   │       ├── manager
    │   │   │   │   │       │   ├── kustomization.yaml
    │   │   │   │   │       │   └── manager.yaml
    │   │   │   │   │       ├── network-policy
    │   │   │   │   │       │   ├── allow-metrics-traffic.yaml
    │   │   │   │   │       │   ├── allow-webhook-traffic.yaml
    │   │   │   │   │       │   └── kustomization.yaml
    │   │   │   │   │       ├── prometheus
    │   │   │   │   │       │   ├── kustomization.yaml
    │   │   │   │   │       │   ├── monitor.yaml
    │   │   │   │   │       │   └── monitor_tls_patch.yaml
    │   │   │   │   │       ├── rbac
    │   │   │   │   │       │   ├── cronjob_admin_role.yaml
    │   │   │   │   │       │   ├── cronjob_editor_role.yaml
    │   │   │   │   │       │   ├── cronjob_viewer_role.yaml
    │   │   │   │   │       │   ├── kustomization.yaml
    │   │   │   │   │       │   ├── leader_election_role.yaml
    │   │   │   │   │       │   ├── leader_election_role_binding.yaml
    │   │   │   │   │       │   ├── metrics_auth_role.yaml
    │   │   │   │   │       │   ├── metrics_auth_role_binding.yaml
    │   │   │   │   │       │   ├── metrics_reader_role.yaml
    │   │   │   │   │       │   ├── role.yaml
    │   │   │   │   │       │   ├── role_binding.yaml
    │   │   │   │   │       │   └── service_account.yaml
    │   │   │   │   │       ├── samples
    │   │   │   │   │       │   ├── batch_v1_cronjob.yaml
    │   │   │   │   │       │   └── kustomization.yaml
    │   │   │   │   │       └── webhook
    │   │   │   │   │       │   ├── kustomization.yaml
    │   │   │   │   │       │   ├── kustomizeconfig.yaml
    │   │   │   │   │       │   ├── manifests.yaml
    │   │   │   │   │       │   └── service.yaml
    │   │   │   │   │   ├── dist
    │   │   │   │   │       ├── chart
    │   │   │   │   │       │   ├── .helmignore
    │   │   │   │   │       │   ├── Chart.yaml
    │   │   │   │   │       │   ├── templates
    │   │   │   │   │       │   │   ├── _helpers.tpl
    │   │   │   │   │       │   │   ├── certmanager
    │   │   │   │   │       │   │   │   └── certificate.yaml
    │   │   │   │   │       │   │   ├── crd
    │   │   │   │   │       │   │   │   └── batch.tutorial.kubebuilder.io_cronjobs.yaml
    │   │   │   │   │       │   │   ├── manager
    │   │   │   │   │       │   │   │   └── manager.yaml
    │   │   │   │   │       │   │   ├── metrics
    │   │   │   │   │       │   │   │   └── metrics-service.yaml
    │   │   │   │   │       │   │   ├── network-policy
    │   │   │   │   │       │   │   │   ├── allow-metrics-traffic.yaml
    │   │   │   │   │       │   │   │   └── allow-webhook-traffic.yaml
    │   │   │   │   │       │   │   ├── prometheus
    │   │   │   │   │       │   │   │   └── monitor.yaml
    │   │   │   │   │       │   │   ├── rbac
    │   │   │   │   │       │   │   │   ├── cronjob_admin_role.yaml
    │   │   │   │   │       │   │   │   ├── cronjob_editor_role.yaml
    │   │   │   │   │       │   │   │   ├── cronjob_viewer_role.yaml
    │   │   │   │   │       │   │   │   ├── leader_election_role.yaml
    │   │   │   │   │       │   │   │   ├── leader_election_role_binding.yaml
    │   │   │   │   │       │   │   │   ├── metrics_auth_role.yaml
    │   │   │   │   │       │   │   │   ├── metrics_auth_role_binding.yaml
    │   │   │   │   │       │   │   │   ├── metrics_reader_role.yaml
    │   │   │   │   │       │   │   │   ├── role.yaml
    │   │   │   │   │       │   │   │   ├── role_binding.yaml
    │   │   │   │   │       │   │   │   └── service_account.yaml
    │   │   │   │   │       │   │   └── webhook
    │   │   │   │   │       │   │   │   ├── service.yaml
    │   │   │   │   │       │   │   │   └── webhooks.yaml
    │   │   │   │   │       │   └── values.yaml
    │   │   │   │   │       └── install.yaml
    │   │   │   │   │   ├── go.mod
    │   │   │   │   │   ├── go.sum
    │   │   │   │   │   ├── hack
    │   │   │   │   │       └── boilerplate.go.txt
    │   │   │   │   │   ├── internal
    │   │   │   │   │       ├── controller
    │   │   │   │   │       │   ├── cronjob_controller.go
    │   │   │   │   │       │   ├── cronjob_controller_test.go
    │   │   │   │   │       │   └── suite_test.go
    │   │   │   │   │       └── webhook
    │   │   │   │   │       │   └── v1
    │   │   │   │   │       │       ├── cronjob_webhook.go
    │   │   │   │   │       │       ├── cronjob_webhook_test.go
    │   │   │   │   │       │       └── webhook_suite_test.go
    │   │   │   │   │   └── test
    │   │   │   │   │       ├── e2e
    │   │   │   │   │           ├── e2e_suite_test.go
    │   │   │   │   │           └── e2e_test.go
    │   │   │   │   │       └── utils
    │   │   │   │   │           └── utils.go
    │   │   │   ├── webhook-implementation.md
    │   │   │   └── writing-tests.md
    │   │   ├── faq.md
    │   │   ├── getting-started.md
    │   │   ├── getting-started
    │   │   │   └── testdata
    │   │   │   │   └── project
    │   │   │   │       ├── .devcontainer
    │   │   │   │           ├── devcontainer.json
    │   │   │   │           └── post-install.sh
    │   │   │   │       ├── .dockerignore
    │   │   │   │       ├── .github
    │   │   │   │           └── workflows
    │   │   │   │           │   ├── lint.yml
    │   │   │   │           │   ├── test-chart.yml
    │   │   │   │           │   ├── test-e2e.yml
    │   │   │   │           │   └── test.yml
    │   │   │   │       ├── .gitignore
    │   │   │   │       ├── .golangci.yml
    │   │   │   │       ├── Dockerfile
    │   │   │   │       ├── Makefile
    │   │   │   │       ├── PROJECT
    │   │   │   │       ├── README.md
    │   │   │   │       ├── api
    │   │   │   │           └── v1alpha1
    │   │   │   │           │   ├── groupversion_info.go
    │   │   │   │           │   ├── memcached_types.go
    │   │   │   │           │   └── zz_generated.deepcopy.go
    │   │   │   │       ├── cmd
    │   │   │   │           └── main.go
    │   │   │   │       ├── config
    │   │   │   │           ├── crd
    │   │   │   │           │   ├── bases
    │   │   │   │           │   │   └── cache.example.com_memcacheds.yaml
    │   │   │   │           │   ├── kustomization.yaml
    │   │   │   │           │   └── kustomizeconfig.yaml
    │   │   │   │           ├── default
    │   │   │   │           │   ├── cert_metrics_manager_patch.yaml
    │   │   │   │           │   ├── kustomization.yaml
    │   │   │   │           │   ├── manager_metrics_patch.yaml
    │   │   │   │           │   └── metrics_service.yaml
    │   │   │   │           ├── manager
    │   │   │   │           │   ├── kustomization.yaml
    │   │   │   │           │   └── manager.yaml
    │   │   │   │           ├── network-policy
    │   │   │   │           │   ├── allow-metrics-traffic.yaml
    │   │   │   │           │   └── kustomization.yaml
    │   │   │   │           ├── prometheus
    │   │   │   │           │   ├── kustomization.yaml
    │   │   │   │           │   ├── monitor.yaml
    │   │   │   │           │   └── monitor_tls_patch.yaml
    │   │   │   │           ├── rbac
    │   │   │   │           │   ├── kustomization.yaml
    │   │   │   │           │   ├── leader_election_role.yaml
    │   │   │   │           │   ├── leader_election_role_binding.yaml
    │   │   │   │           │   ├── memcached_admin_role.yaml
    │   │   │   │           │   ├── memcached_editor_role.yaml
    │   │   │   │           │   ├── memcached_viewer_role.yaml
    │   │   │   │           │   ├── metrics_auth_role.yaml
    │   │   │   │           │   ├── metrics_auth_role_binding.yaml
    │   │   │   │           │   ├── metrics_reader_role.yaml
    │   │   │   │           │   ├── role.yaml
    │   │   │   │           │   ├── role_binding.yaml
    │   │   │   │           │   └── service_account.yaml
    │   │   │   │           └── samples
    │   │   │   │           │   ├── cache_v1alpha1_memcached.yaml
    │   │   │   │           │   └── kustomization.yaml
    │   │   │   │       ├── dist
    │   │   │   │           ├── chart
    │   │   │   │           │   ├── .helmignore
    │   │   │   │           │   ├── Chart.yaml
    │   │   │   │           │   ├── templates
    │   │   │   │           │   │   ├── _helpers.tpl
    │   │   │   │           │   │   ├── certmanager
    │   │   │   │           │   │   │   └── certificate.yaml
    │   │   │   │           │   │   ├── crd
    │   │   │   │           │   │   │   └── cache.example.com_memcacheds.yaml
    │   │   │   │           │   │   ├── manager
    │   │   │   │           │   │   │   └── manager.yaml
    │   │   │   │           │   │   ├── metrics
    │   │   │   │           │   │   │   └── metrics-service.yaml
    │   │   │   │           │   │   ├── network-policy
    │   │   │   │           │   │   │   └── allow-metrics-traffic.yaml
    │   │   │   │           │   │   ├── prometheus
    │   │   │   │           │   │   │   └── monitor.yaml
    │   │   │   │           │   │   └── rbac
    │   │   │   │           │   │   │   ├── leader_election_role.yaml
    │   │   │   │           │   │   │   ├── leader_election_role_binding.yaml
    │   │   │   │           │   │   │   ├── memcached_admin_role.yaml
    │   │   │   │           │   │   │   ├── memcached_editor_role.yaml
    │   │   │   │           │   │   │   ├── memcached_viewer_role.yaml
    │   │   │   │           │   │   │   ├── metrics_auth_role.yaml
    │   │   │   │           │   │   │   ├── metrics_auth_role_binding.yaml
    │   │   │   │           │   │   │   ├── metrics_reader_role.yaml
    │   │   │   │           │   │   │   ├── role.yaml
    │   │   │   │           │   │   │   ├── role_binding.yaml
    │   │   │   │           │   │   │   └── service_account.yaml
    │   │   │   │           │   └── values.yaml
    │   │   │   │           └── install.yaml
    │   │   │   │       ├── go.mod
    │   │   │   │       ├── go.sum
    │   │   │   │       ├── hack
    │   │   │   │           └── boilerplate.go.txt
    │   │   │   │       ├── internal
    │   │   │   │           └── controller
    │   │   │   │           │   ├── memcached_controller.go
    │   │   │   │           │   ├── memcached_controller_test.go
    │   │   │   │           │   └── suite_test.go
    │   │   │   │       └── test
    │   │   │   │           ├── e2e
    │   │   │   │               ├── e2e_suite_test.go
    │   │   │   │               └── e2e_test.go
    │   │   │   │           └── utils
    │   │   │   │               └── utils.go
    │   │   ├── introduction.md
    │   │   ├── kb_concept_diagram.svg
    │   │   ├── logos
    │   │   │   ├── README.md
    │   │   │   ├── favicon.png
    │   │   │   └── logo-single-line.png
    │   │   ├── migration
    │   │   │   ├── legacy.md
    │   │   │   ├── legacy
    │   │   │   │   ├── manually_migration_guide_v2_v3.md
    │   │   │   │   ├── migration_guide_v1tov2.md
    │   │   │   │   ├── migration_guide_v2tov3.md
    │   │   │   │   ├── v1vsv2.md
    │   │   │   │   └── v2vsv3.md
    │   │   │   ├── manually_migration_guide_gov3_to_gov4.md
    │   │   │   ├── migration_guide_gov3_to_gov4.md
    │   │   │   ├── multi-group.md
    │   │   │   ├── v3-plugins.md
    │   │   │   └── v3vsv4.md
    │   │   ├── migrations.md
    │   │   ├── multiversion-tutorial
    │   │   │   ├── api-changes.md
    │   │   │   ├── complete-graph-8.svg
    │   │   │   ├── conversion-concepts.md
    │   │   │   ├── conversion-diagram.svg
    │   │   │   ├── conversion.md
    │   │   │   ├── deployment.md
    │   │   │   ├── hub-spoke-graph.svg
    │   │   │   ├── testdata
    │   │   │   │   └── project
    │   │   │   │   │   ├── .devcontainer
    │   │   │   │   │       ├── devcontainer.json
    │   │   │   │   │       └── post-install.sh
    │   │   │   │   │   ├── .dockerignore
    │   │   │   │   │   ├── .github
    │   │   │   │   │       └── workflows
    │   │   │   │   │       │   ├── lint.yml
    │   │   │   │   │       │   ├── test-chart.yml
    │   │   │   │   │       │   ├── test-e2e.yml
    │   │   │   │   │       │   └── test.yml
    │   │   │   │   │   ├── .gitignore
    │   │   │   │   │   ├── .golangci.yml
    │   │   │   │   │   ├── Dockerfile
    │   │   │   │   │   ├── Makefile
    │   │   │   │   │   ├── PROJECT
    │   │   │   │   │   ├── README.md
    │   │   │   │   │   ├── api
    │   │   │   │   │       ├── v1
    │   │   │   │   │       │   ├── cronjob_conversion.go
    │   │   │   │   │       │   ├── cronjob_types.go
    │   │   │   │   │       │   ├── groupversion_info.go
    │   │   │   │   │       │   └── zz_generated.deepcopy.go
    │   │   │   │   │       └── v2
    │   │   │   │   │       │   ├── cronjob_conversion.go
    │   │   │   │   │       │   ├── cronjob_types.go
    │   │   │   │   │       │   ├── groupversion_info.go
    │   │   │   │   │       │   └── zz_generated.deepcopy.go
    │   │   │   │   │   ├── cmd
    │   │   │   │   │       └── main.go
    │   │   │   │   │   ├── config
    │   │   │   │   │       ├── certmanager
    │   │   │   │   │       │   ├── certificate-metrics.yaml
    │   │   │   │   │       │   ├── certificate-webhook.yaml
    │   │   │   │   │       │   ├── issuer.yaml
    │   │   │   │   │       │   ├── kustomization.yaml
    │   │   │   │   │       │   └── kustomizeconfig.yaml
    │   │   │   │   │       ├── crd
    │   │   │   │   │       │   ├── bases
    │   │   │   │   │       │   │   └── batch.tutorial.kubebuilder.io_cronjobs.yaml
    │   │   │   │   │       │   ├── kustomization.yaml
    │   │   │   │   │       │   ├── kustomizeconfig.yaml
    │   │   │   │   │       │   └── patches
    │   │   │   │   │       │   │   └── webhook_in_cronjobs.yaml
    │   │   │   │   │       ├── default
    │   │   │   │   │       │   ├── cert_metrics_manager_patch.yaml
    │   │   │   │   │       │   ├── kustomization.yaml
    │   │   │   │   │       │   ├── manager_metrics_patch.yaml
    │   │   │   │   │       │   ├── manager_webhook_patch.yaml
    │   │   │   │   │       │   └── metrics_service.yaml
    │   │   │   │   │       ├── manager
    │   │   │   │   │       │   ├── kustomization.yaml
    │   │   │   │   │       │   └── manager.yaml
    │   │   │   │   │       ├── network-policy
    │   │   │   │   │       │   ├── allow-metrics-traffic.yaml
    │   │   │   │   │       │   ├── allow-webhook-traffic.yaml
    │   │   │   │   │       │   └── kustomization.yaml
    │   │   │   │   │       ├── prometheus
    │   │   │   │   │       │   ├── kustomization.yaml
    │   │   │   │   │       │   ├── monitor.yaml
    │   │   │   │   │       │   └── monitor_tls_patch.yaml
    │   │   │   │   │       ├── rbac
    │   │   │   │   │       │   ├── cronjob_admin_role.yaml
    │   │   │   │   │       │   ├── cronjob_editor_role.yaml
    │   │   │   │   │       │   ├── cronjob_viewer_role.yaml
    │   │   │   │   │       │   ├── kustomization.yaml
    │   │   │   │   │       │   ├── leader_election_role.yaml
    │   │   │   │   │       │   ├── leader_election_role_binding.yaml
    │   │   │   │   │       │   ├── metrics_auth_role.yaml
    │   │   │   │   │       │   ├── metrics_auth_role_binding.yaml
    │   │   │   │   │       │   ├── metrics_reader_role.yaml
    │   │   │   │   │       │   ├── role.yaml
    │   │   │   │   │       │   ├── role_binding.yaml
    │   │   │   │   │       │   └── service_account.yaml
    │   │   │   │   │       ├── samples
    │   │   │   │   │       │   ├── batch_v1_cronjob.yaml
    │   │   │   │   │       │   ├── batch_v2_cronjob.yaml
    │   │   │   │   │       │   └── kustomization.yaml
    │   │   │   │   │       └── webhook
    │   │   │   │   │       │   ├── kustomization.yaml
    │   │   │   │   │       │   ├── kustomizeconfig.yaml
    │   │   │   │   │       │   ├── manifests.yaml
    │   │   │   │   │       │   └── service.yaml
    │   │   │   │   │   ├── dist
    │   │   │   │   │       ├── chart
    │   │   │   │   │       │   ├── .helmignore
    │   │   │   │   │       │   ├── Chart.yaml
    │   │   │   │   │       │   ├── templates
    │   │   │   │   │       │   │   ├── _helpers.tpl
    │   │   │   │   │       │   │   ├── certmanager
    │   │   │   │   │       │   │   │   └── certificate.yaml
    │   │   │   │   │       │   │   ├── crd
    │   │   │   │   │       │   │   │   └── batch.tutorial.kubebuilder.io_cronjobs.yaml
    │   │   │   │   │       │   │   ├── manager
    │   │   │   │   │       │   │   │   └── manager.yaml
    │   │   │   │   │       │   │   ├── metrics
    │   │   │   │   │       │   │   │   └── metrics-service.yaml
    │   │   │   │   │       │   │   ├── network-policy
    │   │   │   │   │       │   │   │   ├── allow-metrics-traffic.yaml
    │   │   │   │   │       │   │   │   └── allow-webhook-traffic.yaml
    │   │   │   │   │       │   │   ├── prometheus
    │   │   │   │   │       │   │   │   └── monitor.yaml
    │   │   │   │   │       │   │   ├── rbac
    │   │   │   │   │       │   │   │   ├── cronjob_admin_role.yaml
    │   │   │   │   │       │   │   │   ├── cronjob_editor_role.yaml
    │   │   │   │   │       │   │   │   ├── cronjob_viewer_role.yaml
    │   │   │   │   │       │   │   │   ├── leader_election_role.yaml
    │   │   │   │   │       │   │   │   ├── leader_election_role_binding.yaml
    │   │   │   │   │       │   │   │   ├── metrics_auth_role.yaml
    │   │   │   │   │       │   │   │   ├── metrics_auth_role_binding.yaml
    │   │   │   │   │       │   │   │   ├── metrics_reader_role.yaml
    │   │   │   │   │       │   │   │   ├── role.yaml
    │   │   │   │   │       │   │   │   ├── role_binding.yaml
    │   │   │   │   │       │   │   │   └── service_account.yaml
    │   │   │   │   │       │   │   └── webhook
    │   │   │   │   │       │   │   │   ├── service.yaml
    │   │   │   │   │       │   │   │   └── webhooks.yaml
    │   │   │   │   │       │   └── values.yaml
    │   │   │   │   │       └── install.yaml
    │   │   │   │   │   ├── go.mod
    │   │   │   │   │   ├── go.sum
    │   │   │   │   │   ├── hack
    │   │   │   │   │       └── boilerplate.go.txt
    │   │   │   │   │   ├── internal
    │   │   │   │   │       ├── controller
    │   │   │   │   │       │   ├── cronjob_controller.go
    │   │   │   │   │       │   ├── cronjob_controller_test.go
    │   │   │   │   │       │   └── suite_test.go
    │   │   │   │   │       └── webhook
    │   │   │   │   │       │   ├── v1
    │   │   │   │   │       │       ├── cronjob_webhook.go
    │   │   │   │   │       │       ├── cronjob_webhook_test.go
    │   │   │   │   │       │       └── webhook_suite_test.go
    │   │   │   │   │       │   └── v2
    │   │   │   │   │       │       ├── cronjob_webhook.go
    │   │   │   │   │       │       ├── cronjob_webhook_test.go
    │   │   │   │   │       │       └── webhook_suite_test.go
    │   │   │   │   │   └── test
    │   │   │   │   │       ├── e2e
    │   │   │   │   │           ├── e2e_suite_test.go
    │   │   │   │   │           └── e2e_test.go
    │   │   │   │   │       └── utils
    │   │   │   │   │           └── utils.go
    │   │   │   ├── tutorial.md
    │   │   │   └── webhooks.md
    │   │   ├── plugins
    │   │   │   ├── available-plugins.md
    │   │   │   ├── available
    │   │   │   │   ├── deploy-image-plugin-v1-alpha.md
    │   │   │   │   ├── go-v4-plugin.md
    │   │   │   │   ├── grafana-v1-alpha.md
    │   │   │   │   ├── helm-v1-alpha.md
    │   │   │   │   └── kustomize-v2.md
    │   │   │   ├── extending.md
    │   │   │   ├── extending
    │   │   │   │   ├── extending_cli_features_and_plugins.md
    │   │   │   │   ├── external-plugins.md
    │   │   │   │   └── testing-plugins.md
    │   │   │   ├── kustomize-v2.md
    │   │   │   ├── plugins-versioning.md
    │   │   │   ├── plugins.md
    │   │   │   ├── to-add-optional-features.md
    │   │   │   ├── to-be-extended.md
    │   │   │   └── to-scaffold-project.md
    │   │   ├── quick-start.md
    │   │   ├── reference
    │   │   │   ├── admission-webhook.md
    │   │   │   ├── artifacts.md
    │   │   │   ├── completion.md
    │   │   │   ├── controller-gen.md
    │   │   │   ├── envtest.md
    │   │   │   ├── generating-crd.md
    │   │   │   ├── good-practices.md
    │   │   │   ├── images
    │   │   │   │   └── pprof-result-visualization.png
    │   │   │   ├── kind-config.yaml
    │   │   │   ├── kind.md
    │   │   │   ├── markers.md
    │   │   │   ├── markers
    │   │   │   │   ├── crd-processing.md
    │   │   │   │   ├── crd-validation.md
    │   │   │   │   ├── crd.md
    │   │   │   │   ├── object.md
    │   │   │   │   ├── rbac.md
    │   │   │   │   ├── scaffold.md
    │   │   │   │   └── webhook.md
    │   │   │   ├── metrics-reference.md
    │   │   │   ├── metrics.md
    │   │   │   ├── platform.md
    │   │   │   ├── pprof-tutorial.md
    │   │   │   ├── project-config.md
    │   │   │   ├── raising-events.md
    │   │   │   ├── reference.md
    │   │   │   ├── rescaffold.md
    │   │   │   ├── scopes.md
    │   │   │   ├── submodule-layouts.md
    │   │   │   ├── using-finalizers.md
    │   │   │   ├── using_an_external_resource.md
    │   │   │   ├── watching-resources.md
    │   │   │   ├── watching-resources
    │   │   │   │   ├── predicates-with-watch.md
    │   │   │   │   ├── secondary-owned-resources.md
    │   │   │   │   └── secondary-resources-not-owned.md
    │   │   │   └── webhook-overview.md
    │   │   ├── simple-external-plugin-tutorial
    │   │   │   └── testdata
    │   │   │   │   └── sampleexternalplugin
    │   │   │   │       └── v1
    │   │   │   │           ├── Makefile
    │   │   │   │           ├── cmd
    │   │   │   │               ├── cmd.go
    │   │   │   │               ├── flags.go
    │   │   │   │               ├── helpers.go
    │   │   │   │               └── metadata.go
    │   │   │   │           ├── go.mod
    │   │   │   │           ├── go.sum
    │   │   │   │           ├── install.sh
    │   │   │   │           ├── main.go
    │   │   │   │           ├── scaffolds
    │   │   │   │               ├── api.go
    │   │   │   │               ├── init.go
    │   │   │   │               ├── internal
    │   │   │   │               │   └── templates
    │   │   │   │               │   │   ├── api
    │   │   │   │               │   │       └── apiFile.go
    │   │   │   │               │   │   ├── initFile.go
    │   │   │   │               │   │   └── webhook
    │   │   │   │               │   │       └── webhookFile.go
    │   │   │   │               └── webhook.go
    │   │   │   │           ├── test
    │   │   │   │               └── test.sh
    │   │   │   │           └── testdata
    │   │   │   │               └── testplugin
    │   │   │   │                   ├── PROJECT
    │   │   │   │                   ├── apiFile.txt
    │   │   │   │                   └── initFile.txt
    │   │   └── versions_compatibility_supportability.md
    │   ├── theme
    │   │   ├── css
    │   │   │   ├── custom.css
    │   │   │   ├── markers.css
    │   │   │   └── version-dropdown.css
    │   │   └── index.hbs
    │   └── utils
    │   │   ├── go.mod
    │   │   ├── go.sum
    │   │   ├── litgo
    │   │       └── literate.go
    │   │   ├── markerdocs
    │   │       ├── doctypes.go
    │   │       ├── html.go
    │   │       └── main.go
    │   │   └── plugin
    │   │       ├── input.go
    │   │       ├── plugin.go
    │   │       └── utils.go
    ├── gif
    │   ├── implementapi.gif
    │   ├── kb-demo.v3.11.1.svg
    │   ├── quickstart-1.0.0.gif
    │   └── quickstart.gif
    ├── kubebuilder_annotation.md
    ├── kubebuilder_v0_v1_difference.md
    ├── migration_guide.md
    └── testing
    │   ├── e2e.md
    │   └── integration.md
├── go.mod
├── go.sum
├── hack
    └── docs
    │   ├── check.sh
    │   ├── generate.sh
    │   ├── generate_samples.go
    │   ├── internal
    │       ├── cronjob-tutorial
    │       │   ├── api_design.go
    │       │   ├── controller_implementation.go
    │       │   ├── e2e_implementation.go
    │       │   ├── generate_cronjob.go
    │       │   ├── main_revisited.go
    │       │   ├── other_api_files.go
    │       │   ├── sample.go
    │       │   ├── webhook_implementation.go
    │       │   ├── writing_tests_controller.go
    │       │   └── writing_tests_env.go
    │       ├── getting-started
    │       │   └── generate_getting_started.go
    │       └── multiversion-tutorial
    │       │   ├── cronjob_v1.go
    │       │   ├── cronjob_v2.go
    │       │   ├── generate_multiversion.go
    │       │   ├── hub.go
    │       │   ├── kustomize.go
    │       │   ├── samples.go
    │       │   └── webhook_v2_implementaton.go
    │   └── utils
    │       └── utils.go
├── main.go
├── netlify.toml
├── pkg
    ├── cli
    │   ├── alpha.go
    │   ├── alpha
    │   │   ├── command.go
    │   │   └── internal
    │   │   │   └── generate.go
    │   ├── api.go
    │   ├── cli.go
    │   ├── cli_test.go
    │   ├── cmd_helpers.go
    │   ├── completion.go
    │   ├── completion_test.go
    │   ├── create.go
    │   ├── doc.go
    │   ├── edit.go
    │   ├── init.go
    │   ├── options.go
    │   ├── options_test.go
    │   ├── resource.go
    │   ├── resource_test.go
    │   ├── root.go
    │   ├── suite_test.go
    │   ├── version.go
    │   ├── version_test.go
    │   └── webhook.go
    ├── config
    │   ├── errors.go
    │   ├── errors_test.go
    │   ├── interface.go
    │   ├── registry.go
    │   ├── registry_test.go
    │   ├── store
    │   │   ├── errors.go
    │   │   ├── errors_test.go
    │   │   ├── interface.go
    │   │   └── yaml
    │   │   │   ├── store.go
    │   │   │   └── store_test.go
    │   ├── suite_test.go
    │   ├── v3
    │   │   ├── config.go
    │   │   └── config_test.go
    │   ├── version.go
    │   └── version_test.go
    ├── internal
    │   └── validation
    │   │   ├── dns.go
    │   │   └── dns_test.go
    ├── machinery
    │   ├── errors.go
    │   ├── errors_test.go
    │   ├── file.go
    │   ├── filesystem.go
    │   ├── funcmap.go
    │   ├── funcmap_test.go
    │   ├── injector.go
    │   ├── injector_test.go
    │   ├── interfaces.go
    │   ├── machinery_suite_test.go
    │   ├── marker.go
    │   ├── marker_test.go
    │   ├── mixins.go
    │   ├── mixins_test.go
    │   ├── scaffold.go
    │   └── scaffold_test.go
    ├── model
    │   ├── resource
    │   │   ├── api.go
    │   │   ├── api_test.go
    │   │   ├── gvk.go
    │   │   ├── gvk_test.go
    │   │   ├── resource.go
    │   │   ├── resource_test.go
    │   │   ├── suite_test.go
    │   │   ├── utils.go
    │   │   ├── utils_test.go
    │   │   ├── webhooks.go
    │   │   └── webhooks_test.go
    │   └── stage
    │   │   ├── stage.go
    │   │   └── stage_test.go
    ├── plugin
    │   ├── bundle.go
    │   ├── bundle_test.go
    │   ├── errors.go
    │   ├── errors_test.go
    │   ├── external
    │   │   └── types.go
    │   ├── filter.go
    │   ├── filter_test.go
    │   ├── helpers.go
    │   ├── helpers_test.go
    │   ├── metadata.go
    │   ├── plugin.go
    │   ├── subcommand.go
    │   ├── suite_test.go
    │   ├── util
    │   │   ├── exec.go
    │   │   ├── exec_test.go
    │   │   ├── stdin.go
    │   │   ├── suite_test.go
    │   │   ├── util.go
    │   │   └── util_test.go
    │   ├── version.go
    │   └── version_test.go
    └── plugins
    │   ├── common
    │       └── kustomize
    │       │   └── v2
    │       │       ├── api.go
    │       │       ├── create.go
    │       │       ├── init.go
    │       │       ├── plugin.go
    │       │       ├── scaffolds
    │       │           ├── api.go
    │       │           ├── init.go
    │       │           ├── internal
    │       │           │   └── templates
    │       │           │   │   └── config
    │       │           │   │       ├── certmanager
    │       │           │   │           ├── certificate_metrics.go
    │       │           │   │           ├── certificate_webhook.go
    │       │           │   │           ├── issuer.go
    │       │           │   │           ├── kustomization.go
    │       │           │   │           └── kustomizeconfig.go
    │       │           │   │       ├── crd
    │       │           │   │           ├── kustomization.go
    │       │           │   │           ├── kustomizeconfig.go
    │       │           │   │           └── patches
    │       │           │   │           │   ├── enablecainjection_patch.go
    │       │           │   │           │   └── enablewebhook_patch.go
    │       │           │   │       ├── kdefault
    │       │           │   │           ├── cert_metrics_manager_patch.go
    │       │           │   │           ├── kustomization.go
    │       │           │   │           ├── kustomization_conversion_updater.go
    │       │           │   │           ├── manager_metrics_patch.go
    │       │           │   │           ├── metrics_service.go
    │       │           │   │           └── webhook_manager_patch.go
    │       │           │   │       ├── manager
    │       │           │   │           ├── config.go
    │       │           │   │           └── kustomization.go
    │       │           │   │       ├── network-policy
    │       │           │   │           ├── allow-metrics-traffic.go
    │       │           │   │           ├── allow-webhook-traffic.go
    │       │           │   │           └── kustomization.go
    │       │           │   │       ├── prometheus
    │       │           │   │           ├── kustomization.go
    │       │           │   │           ├── monitor.go
    │       │           │   │           └── monitor_tls_patch.go
    │       │           │   │       ├── rbac
    │       │           │   │           ├── crd_admin_role.go
    │       │           │   │           ├── crd_editor_role.go
    │       │           │   │           ├── crd_viewer_role.go
    │       │           │   │           ├── kustomization.go
    │       │           │   │           ├── leader_election_role.go
    │       │           │   │           ├── leader_election_role_binding.go
    │       │           │   │           ├── metrics_auth_role.go
    │       │           │   │           ├── metrics_auth_role_binding.go
    │       │           │   │           ├── metrics_reader_role.go
    │       │           │   │           ├── role.go
    │       │           │   │           ├── role_binding.go
    │       │           │   │           └── service_account.go
    │       │           │   │       ├── samples
    │       │           │   │           ├── crd_sample.go
    │       │           │   │           └── kustomization.go
    │       │           │   │       └── webhook
    │       │           │   │           ├── kustomization.go
    │       │           │   │           ├── kustomizeconfig.go
    │       │           │   │           └── service.go
    │       │           └── webhook.go
    │       │       └── webhook.go
    │   ├── domain.go
    │   ├── external
    │       ├── api.go
    │       ├── edit.go
    │       ├── external_test.go
    │       ├── helpers.go
    │       ├── init.go
    │       ├── plugin.go
    │       └── webhook.go
    │   ├── golang
    │       ├── deploy-image
    │       │   └── v1alpha1
    │       │   │   ├── api.go
    │       │   │   ├── plugin.go
    │       │   │   └── scaffolds
    │       │   │       ├── api.go
    │       │   │       └── internal
    │       │   │           └── templates
    │       │   │               ├── api
    │       │   │                   └── types.go
    │       │   │               ├── config
    │       │   │                   └── samples
    │       │   │                   │   └── crd_sample.go
    │       │   │               └── controllers
    │       │   │                   ├── controller-test.go
    │       │   │                   └── controller.go
    │       ├── domain.go
    │       ├── go_version.go
    │       ├── go_version_test.go
    │       ├── options.go
    │       ├── options_test.go
    │       ├── repository.go
    │       ├── suite_test.go
    │       └── v4
    │       │   ├── api.go
    │       │   ├── edit.go
    │       │   ├── init.go
    │       │   ├── plugin.go
    │       │   ├── scaffolds
    │       │       ├── api.go
    │       │       ├── doc.go
    │       │       ├── edit.go
    │       │       ├── init.go
    │       │       ├── internal
    │       │       │   └── templates
    │       │       │   │   ├── api
    │       │       │   │       ├── group.go
    │       │       │   │       ├── hub.go
    │       │       │   │       ├── spoke.go
    │       │       │   │       └── types.go
    │       │       │   │   ├── cmd
    │       │       │   │       └── main.go
    │       │       │   │   ├── controllers
    │       │       │   │       ├── controller.go
    │       │       │   │       ├── controller_suitetest.go
    │       │       │   │       └── controller_test_template.go
    │       │       │   │   ├── devcontainer.go
    │       │       │   │   ├── dockerfile.go
    │       │       │   │   ├── dockerignore.go
    │       │       │   │   ├── github
    │       │       │   │       ├── lint.go
    │       │       │   │       ├── test-e2e.go
    │       │       │   │       └── test.go
    │       │       │   │   ├── gitignore.go
    │       │       │   │   ├── golangci.go
    │       │       │   │   ├── gomod.go
    │       │       │   │   ├── hack
    │       │       │   │       └── boilerplate.go
    │       │       │   │   ├── makefile.go
    │       │       │   │   ├── readme.go
    │       │       │   │   ├── test
    │       │       │   │       ├── e2e
    │       │       │   │       │   ├── suite.go
    │       │       │   │       │   └── test.go
    │       │       │   │       └── utils
    │       │       │   │       │   └── utils.go
    │       │       │   │   └── webhooks
    │       │       │   │       ├── webhook.go
    │       │       │   │       ├── webhook_suitetest.go
    │       │       │   │       └── webhook_test_template.go
    │       │       └── webhook.go
    │       │   └── webhook.go
    │   ├── optional
    │       ├── grafana
    │       │   └── v1alpha
    │       │   │   ├── commons.go
    │       │   │   ├── constants.go
    │       │   │   ├── edit.go
    │       │   │   ├── init.go
    │       │   │   ├── plugin.go
    │       │   │   └── scaffolds
    │       │   │       ├── edit.go
    │       │   │       ├── init.go
    │       │   │       └── internal
    │       │   │           └── templates
    │       │   │               ├── custom.go
    │       │   │               ├── custom_metrics.go
    │       │   │               ├── resources.go
    │       │   │               └── runtime.go
    │       └── helm
    │       │   └── v1alpha
    │       │       ├── commons.go
    │       │       ├── edit.go
    │       │       ├── init.go
    │       │       ├── plugin.go
    │       │       └── scaffolds
    │       │           ├── init.go
    │       │           └── internal
    │       │               └── templates
    │       │                   ├── chart-templates
    │       │                       ├── cert-manager
    │       │                       │   └── certificate.go
    │       │                       ├── helpers_tpl.go
    │       │                       ├── manager
    │       │                       │   └── manager.go
    │       │                       ├── metrics
    │       │                       │   └── metrics_service.go
    │       │                       ├── prometheus
    │       │                       │   └── monitor.go
    │       │                       └── webhook
    │       │                       │   ├── service.go
    │       │                       │   └── webhook.go
    │       │                   ├── chart.go
    │       │                   ├── github
    │       │                       └── test_chart.go
    │       │                   ├── helmignore.go
    │       │                   └── values.go
    │   └── scaffolder.go
├── roadmap
    ├── README.md
    ├── roadmap_2024.md
    └── roadmap_2025.md
├── scripts
    └── demo
    │   ├── README.md
    │   ├── run.sh
    │   └── util.sh
├── test.sh
├── test
    ├── check-docs-only.sh
    ├── check-license.sh
    ├── check_spaces.sh
    ├── common.sh
    ├── e2e
    │   ├── alphagenerate
    │   │   ├── e2e_suite_test.go
    │   │   ├── generate_test.go
    │   │   ├── generate_v4_multigroup_test.go
    │   │   ├── generate_v4_test.go
    │   │   └── generate_v4_with_plugins_test.go
    │   ├── ci.sh
    │   ├── deployimage
    │   │   ├── e2e_suite_test.go
    │   │   ├── generate_test.go
    │   │   └── plugin_cluster_test.go
    │   ├── grafana
    │   │   ├── e2e_suite_test.go
    │   │   └── generate_test.go
    │   ├── kind-config.yaml
    │   ├── local.sh
    │   ├── setup.sh
    │   ├── utils
    │   │   ├── kubectl.go
    │   │   ├── kubectl_test.go
    │   │   ├── suite_test.go
    │   │   ├── test_context.go
    │   │   └── webhooks.go
    │   └── v4
    │   │   ├── e2e_suite_test.go
    │   │   ├── generate_test.go
    │   │   └── plugin_cluster_test.go
    ├── integration.sh
    └── testdata
    │   ├── check.sh
    │   ├── generate.sh
    │   ├── legacy-webhook-path.sh
    │   ├── test.sh
    │   └── test_legacy.sh
├── test_e2e.sh
└── testdata
    ├── project-v4-multigroup
        ├── .devcontainer
        │   ├── devcontainer.json
        │   └── post-install.sh
        ├── .dockerignore
        ├── .github
        │   └── workflows
        │   │   ├── lint.yml
        │   │   ├── test-e2e.yml
        │   │   └── test.yml
        ├── .gitignore
        ├── .golangci.yml
        ├── Dockerfile
        ├── Makefile
        ├── PROJECT
        ├── README.md
        ├── api
        │   ├── crew
        │   │   └── v1
        │   │   │   ├── captain_types.go
        │   │   │   ├── groupversion_info.go
        │   │   │   └── zz_generated.deepcopy.go
        │   ├── example.com
        │   │   ├── v1
        │   │   │   ├── groupversion_info.go
        │   │   │   ├── wordpress_conversion.go
        │   │   │   ├── wordpress_types.go
        │   │   │   └── zz_generated.deepcopy.go
        │   │   ├── v1alpha1
        │   │   │   ├── busybox_types.go
        │   │   │   ├── groupversion_info.go
        │   │   │   ├── memcached_types.go
        │   │   │   └── zz_generated.deepcopy.go
        │   │   └── v2
        │   │   │   ├── groupversion_info.go
        │   │   │   ├── wordpress_conversion.go
        │   │   │   ├── wordpress_types.go
        │   │   │   └── zz_generated.deepcopy.go
        │   ├── fiz
        │   │   └── v1
        │   │   │   ├── bar_types.go
        │   │   │   ├── groupversion_info.go
        │   │   │   └── zz_generated.deepcopy.go
        │   ├── foo.policy
        │   │   └── v1
        │   │   │   ├── groupversion_info.go
        │   │   │   ├── healthcheckpolicy_types.go
        │   │   │   └── zz_generated.deepcopy.go
        │   ├── foo
        │   │   └── v1
        │   │   │   ├── bar_types.go
        │   │   │   ├── groupversion_info.go
        │   │   │   └── zz_generated.deepcopy.go
        │   ├── sea-creatures
        │   │   ├── v1beta1
        │   │   │   ├── groupversion_info.go
        │   │   │   ├── kraken_types.go
        │   │   │   └── zz_generated.deepcopy.go
        │   │   └── v1beta2
        │   │   │   ├── groupversion_info.go
        │   │   │   ├── leviathan_types.go
        │   │   │   └── zz_generated.deepcopy.go
        │   └── ship
        │   │   ├── v1
        │   │       ├── destroyer_types.go
        │   │       ├── groupversion_info.go
        │   │       └── zz_generated.deepcopy.go
        │   │   ├── v1beta1
        │   │       ├── frigate_types.go
        │   │       ├── groupversion_info.go
        │   │       └── zz_generated.deepcopy.go
        │   │   └── v2alpha1
        │   │       ├── cruiser_types.go
        │   │       ├── groupversion_info.go
        │   │       └── zz_generated.deepcopy.go
        ├── cmd
        │   └── main.go
        ├── config
        │   ├── certmanager
        │   │   ├── certificate-metrics.yaml
        │   │   ├── certificate-webhook.yaml
        │   │   ├── issuer.yaml
        │   │   ├── kustomization.yaml
        │   │   └── kustomizeconfig.yaml
        │   ├── crd
        │   │   ├── bases
        │   │   │   ├── crew.testproject.org_captains.yaml
        │   │   │   ├── example.com.testproject.org_busyboxes.yaml
        │   │   │   ├── example.com.testproject.org_memcacheds.yaml
        │   │   │   ├── example.com.testproject.org_wordpresses.yaml
        │   │   │   ├── fiz.testproject.org_bars.yaml
        │   │   │   ├── foo.policy.testproject.org_healthcheckpolicies.yaml
        │   │   │   ├── foo.testproject.org_bars.yaml
        │   │   │   ├── sea-creatures.testproject.org_krakens.yaml
        │   │   │   ├── sea-creatures.testproject.org_leviathans.yaml
        │   │   │   ├── ship.testproject.org_cruisers.yaml
        │   │   │   ├── ship.testproject.org_destroyers.yaml
        │   │   │   └── ship.testproject.org_frigates.yaml
        │   │   ├── kustomization.yaml
        │   │   ├── kustomizeconfig.yaml
        │   │   └── patches
        │   │   │   └── webhook_in_example.com_wordpresses.yaml
        │   ├── default
        │   │   ├── cert_metrics_manager_patch.yaml
        │   │   ├── kustomization.yaml
        │   │   ├── manager_metrics_patch.yaml
        │   │   ├── manager_webhook_patch.yaml
        │   │   └── metrics_service.yaml
        │   ├── manager
        │   │   ├── kustomization.yaml
        │   │   └── manager.yaml
        │   ├── network-policy
        │   │   ├── allow-metrics-traffic.yaml
        │   │   ├── allow-webhook-traffic.yaml
        │   │   └── kustomization.yaml
        │   ├── prometheus
        │   │   ├── kustomization.yaml
        │   │   ├── monitor.yaml
        │   │   └── monitor_tls_patch.yaml
        │   ├── rbac
        │   │   ├── crew_captain_admin_role.yaml
        │   │   ├── crew_captain_editor_role.yaml
        │   │   ├── crew_captain_viewer_role.yaml
        │   │   ├── example.com_busybox_admin_role.yaml
        │   │   ├── example.com_busybox_editor_role.yaml
        │   │   ├── example.com_busybox_viewer_role.yaml
        │   │   ├── example.com_memcached_admin_role.yaml
        │   │   ├── example.com_memcached_editor_role.yaml
        │   │   ├── example.com_memcached_viewer_role.yaml
        │   │   ├── example.com_wordpress_admin_role.yaml
        │   │   ├── example.com_wordpress_editor_role.yaml
        │   │   ├── example.com_wordpress_viewer_role.yaml
        │   │   ├── fiz_bar_admin_role.yaml
        │   │   ├── fiz_bar_editor_role.yaml
        │   │   ├── fiz_bar_viewer_role.yaml
        │   │   ├── foo.policy_healthcheckpolicy_admin_role.yaml
        │   │   ├── foo.policy_healthcheckpolicy_editor_role.yaml
        │   │   ├── foo.policy_healthcheckpolicy_viewer_role.yaml
        │   │   ├── foo_bar_admin_role.yaml
        │   │   ├── foo_bar_editor_role.yaml
        │   │   ├── foo_bar_viewer_role.yaml
        │   │   ├── kustomization.yaml
        │   │   ├── leader_election_role.yaml
        │   │   ├── leader_election_role_binding.yaml
        │   │   ├── metrics_auth_role.yaml
        │   │   ├── metrics_auth_role_binding.yaml
        │   │   ├── metrics_reader_role.yaml
        │   │   ├── role.yaml
        │   │   ├── role_binding.yaml
        │   │   ├── sea-creatures_kraken_admin_role.yaml
        │   │   ├── sea-creatures_kraken_editor_role.yaml
        │   │   ├── sea-creatures_kraken_viewer_role.yaml
        │   │   ├── sea-creatures_leviathan_admin_role.yaml
        │   │   ├── sea-creatures_leviathan_editor_role.yaml
        │   │   ├── sea-creatures_leviathan_viewer_role.yaml
        │   │   ├── service_account.yaml
        │   │   ├── ship_cruiser_admin_role.yaml
        │   │   ├── ship_cruiser_editor_role.yaml
        │   │   ├── ship_cruiser_viewer_role.yaml
        │   │   ├── ship_destroyer_admin_role.yaml
        │   │   ├── ship_destroyer_editor_role.yaml
        │   │   ├── ship_destroyer_viewer_role.yaml
        │   │   ├── ship_frigate_admin_role.yaml
        │   │   ├── ship_frigate_editor_role.yaml
        │   │   └── ship_frigate_viewer_role.yaml
        │   ├── samples
        │   │   ├── crew_v1_captain.yaml
        │   │   ├── example.com_v1_wordpress.yaml
        │   │   ├── example.com_v1alpha1_busybox.yaml
        │   │   ├── example.com_v1alpha1_memcached.yaml
        │   │   ├── example.com_v2_wordpress.yaml
        │   │   ├── fiz_v1_bar.yaml
        │   │   ├── foo.policy_v1_healthcheckpolicy.yaml
        │   │   ├── foo_v1_bar.yaml
        │   │   ├── kustomization.yaml
        │   │   ├── sea-creatures_v1beta1_kraken.yaml
        │   │   ├── sea-creatures_v1beta2_leviathan.yaml
        │   │   ├── ship_v1_destroyer.yaml
        │   │   ├── ship_v1beta1_frigate.yaml
        │   │   └── ship_v2alpha1_cruiser.yaml
        │   └── webhook
        │   │   ├── kustomization.yaml
        │   │   ├── kustomizeconfig.yaml
        │   │   ├── manifests.yaml
        │   │   └── service.yaml
        ├── dist
        │   └── install.yaml
        ├── go.mod
        ├── grafana
        │   ├── controller-resources-metrics.json
        │   ├── controller-runtime-metrics.json
        │   └── custom-metrics
        │   │   └── config.yaml
        ├── hack
        │   └── boilerplate.go.txt
        ├── internal
        │   ├── controller
        │   │   ├── apps
        │   │   │   ├── deployment_controller.go
        │   │   │   ├── deployment_controller_test.go
        │   │   │   └── suite_test.go
        │   │   ├── cert-manager
        │   │   │   ├── certificate_controller.go
        │   │   │   ├── certificate_controller_test.go
        │   │   │   └── suite_test.go
        │   │   ├── crew
        │   │   │   ├── captain_controller.go
        │   │   │   ├── captain_controller_test.go
        │   │   │   └── suite_test.go
        │   │   ├── example.com
        │   │   │   ├── busybox_controller.go
        │   │   │   ├── busybox_controller_test.go
        │   │   │   ├── memcached_controller.go
        │   │   │   ├── memcached_controller_test.go
        │   │   │   ├── suite_test.go
        │   │   │   ├── wordpress_controller.go
        │   │   │   └── wordpress_controller_test.go
        │   │   ├── fiz
        │   │   │   ├── bar_controller.go
        │   │   │   ├── bar_controller_test.go
        │   │   │   └── suite_test.go
        │   │   ├── foo.policy
        │   │   │   ├── healthcheckpolicy_controller.go
        │   │   │   ├── healthcheckpolicy_controller_test.go
        │   │   │   └── suite_test.go
        │   │   ├── foo
        │   │   │   ├── bar_controller.go
        │   │   │   ├── bar_controller_test.go
        │   │   │   └── suite_test.go
        │   │   ├── sea-creatures
        │   │   │   ├── kraken_controller.go
        │   │   │   ├── kraken_controller_test.go
        │   │   │   ├── leviathan_controller.go
        │   │   │   ├── leviathan_controller_test.go
        │   │   │   └── suite_test.go
        │   │   └── ship
        │   │   │   ├── cruiser_controller.go
        │   │   │   ├── cruiser_controller_test.go
        │   │   │   ├── destroyer_controller.go
        │   │   │   ├── destroyer_controller_test.go
        │   │   │   ├── frigate_controller.go
        │   │   │   ├── frigate_controller_test.go
        │   │   │   └── suite_test.go
        │   └── webhook
        │   │   ├── apps
        │   │       └── v1
        │   │       │   ├── deployment_webhook.go
        │   │       │   ├── deployment_webhook_test.go
        │   │       │   └── webhook_suite_test.go
        │   │   ├── cert-manager
        │   │       └── v1
        │   │       │   ├── issuer_webhook.go
        │   │       │   ├── issuer_webhook_test.go
        │   │       │   └── webhook_suite_test.go
        │   │   ├── core
        │   │       └── v1
        │   │       │   ├── pod_webhook.go
        │   │       │   ├── pod_webhook_test.go
        │   │       │   └── webhook_suite_test.go
        │   │   ├── crew
        │   │       └── v1
        │   │       │   ├── captain_webhook.go
        │   │       │   ├── captain_webhook_test.go
        │   │       │   └── webhook_suite_test.go
        │   │   ├── example.com
        │   │       ├── v1
        │   │       │   ├── wordpress_webhook.go
        │   │       │   └── wordpress_webhook_test.go
        │   │       └── v1alpha1
        │   │       │   ├── memcached_webhook.go
        │   │       │   ├── memcached_webhook_test.go
        │   │       │   └── webhook_suite_test.go
        │   │   └── ship
        │   │       ├── v1
        │   │           ├── destroyer_webhook.go
        │   │           ├── destroyer_webhook_test.go
        │   │           └── webhook_suite_test.go
        │   │       └── v2alpha1
        │   │           ├── cruiser_webhook.go
        │   │           ├── cruiser_webhook_test.go
        │   │           └── webhook_suite_test.go
        └── test
        │   ├── e2e
        │       ├── e2e_suite_test.go
        │       └── e2e_test.go
        │   └── utils
        │       └── utils.go
    ├── project-v4-with-plugins
        ├── .devcontainer
        │   ├── devcontainer.json
        │   └── post-install.sh
        ├── .dockerignore
        ├── .github
        │   └── workflows
        │   │   ├── lint.yml
        │   │   ├── test-chart.yml
        │   │   ├── test-e2e.yml
        │   │   └── test.yml
        ├── .gitignore
        ├── .golangci.yml
        ├── Dockerfile
        ├── Makefile
        ├── PROJECT
        ├── README.md
        ├── api
        │   ├── v1
        │   │   ├── groupversion_info.go
        │   │   ├── wordpress_conversion.go
        │   │   ├── wordpress_types.go
        │   │   └── zz_generated.deepcopy.go
        │   ├── v1alpha1
        │   │   ├── busybox_types.go
        │   │   ├── groupversion_info.go
        │   │   ├── memcached_types.go
        │   │   └── zz_generated.deepcopy.go
        │   └── v2
        │   │   ├── groupversion_info.go
        │   │   ├── wordpress_conversion.go
        │   │   ├── wordpress_types.go
        │   │   └── zz_generated.deepcopy.go
        ├── cmd
        │   └── main.go
        ├── config
        │   ├── certmanager
        │   │   ├── certificate-metrics.yaml
        │   │   ├── certificate-webhook.yaml
        │   │   ├── issuer.yaml
        │   │   ├── kustomization.yaml
        │   │   └── kustomizeconfig.yaml
        │   ├── crd
        │   │   ├── bases
        │   │   │   ├── example.com.testproject.org_busyboxes.yaml
        │   │   │   ├── example.com.testproject.org_memcacheds.yaml
        │   │   │   └── example.com.testproject.org_wordpresses.yaml
        │   │   ├── kustomization.yaml
        │   │   ├── kustomizeconfig.yaml
        │   │   └── patches
        │   │   │   └── webhook_in_wordpresses.yaml
        │   ├── default
        │   │   ├── cert_metrics_manager_patch.yaml
        │   │   ├── kustomization.yaml
        │   │   ├── manager_metrics_patch.yaml
        │   │   ├── manager_webhook_patch.yaml
        │   │   └── metrics_service.yaml
        │   ├── manager
        │   │   ├── kustomization.yaml
        │   │   └── manager.yaml
        │   ├── network-policy
        │   │   ├── allow-metrics-traffic.yaml
        │   │   ├── allow-webhook-traffic.yaml
        │   │   └── kustomization.yaml
        │   ├── prometheus
        │   │   ├── kustomization.yaml
        │   │   ├── monitor.yaml
        │   │   └── monitor_tls_patch.yaml
        │   ├── rbac
        │   │   ├── busybox_admin_role.yaml
        │   │   ├── busybox_editor_role.yaml
        │   │   ├── busybox_viewer_role.yaml
        │   │   ├── kustomization.yaml
        │   │   ├── leader_election_role.yaml
        │   │   ├── leader_election_role_binding.yaml
        │   │   ├── memcached_admin_role.yaml
        │   │   ├── memcached_editor_role.yaml
        │   │   ├── memcached_viewer_role.yaml
        │   │   ├── metrics_auth_role.yaml
        │   │   ├── metrics_auth_role_binding.yaml
        │   │   ├── metrics_reader_role.yaml
        │   │   ├── role.yaml
        │   │   ├── role_binding.yaml
        │   │   ├── service_account.yaml
        │   │   ├── wordpress_admin_role.yaml
        │   │   ├── wordpress_editor_role.yaml
        │   │   └── wordpress_viewer_role.yaml
        │   ├── samples
        │   │   ├── example.com_v1_wordpress.yaml
        │   │   ├── example.com_v1alpha1_busybox.yaml
        │   │   ├── example.com_v1alpha1_memcached.yaml
        │   │   ├── example.com_v2_wordpress.yaml
        │   │   └── kustomization.yaml
        │   └── webhook
        │   │   ├── kustomization.yaml
        │   │   ├── kustomizeconfig.yaml
        │   │   ├── manifests.yaml
        │   │   └── service.yaml
        ├── dist
        │   ├── chart
        │   │   ├── .helmignore
        │   │   ├── Chart.yaml
        │   │   ├── templates
        │   │   │   ├── _helpers.tpl
        │   │   │   ├── certmanager
        │   │   │   │   └── certificate.yaml
        │   │   │   ├── crd
        │   │   │   │   ├── example.com.testproject.org_busyboxes.yaml
        │   │   │   │   ├── example.com.testproject.org_memcacheds.yaml
        │   │   │   │   └── example.com.testproject.org_wordpresses.yaml
        │   │   │   ├── manager
        │   │   │   │   └── manager.yaml
        │   │   │   ├── metrics
        │   │   │   │   └── metrics-service.yaml
        │   │   │   ├── network-policy
        │   │   │   │   ├── allow-metrics-traffic.yaml
        │   │   │   │   └── allow-webhook-traffic.yaml
        │   │   │   ├── prometheus
        │   │   │   │   └── monitor.yaml
        │   │   │   ├── rbac
        │   │   │   │   ├── busybox_admin_role.yaml
        │   │   │   │   ├── busybox_editor_role.yaml
        │   │   │   │   ├── busybox_viewer_role.yaml
        │   │   │   │   ├── leader_election_role.yaml
        │   │   │   │   ├── leader_election_role_binding.yaml
        │   │   │   │   ├── memcached_admin_role.yaml
        │   │   │   │   ├── memcached_editor_role.yaml
        │   │   │   │   ├── memcached_viewer_role.yaml
        │   │   │   │   ├── metrics_auth_role.yaml
        │   │   │   │   ├── metrics_auth_role_binding.yaml
        │   │   │   │   ├── metrics_reader_role.yaml
        │   │   │   │   ├── role.yaml
        │   │   │   │   ├── role_binding.yaml
        │   │   │   │   ├── service_account.yaml
        │   │   │   │   ├── wordpress_admin_role.yaml
        │   │   │   │   ├── wordpress_editor_role.yaml
        │   │   │   │   └── wordpress_viewer_role.yaml
        │   │   │   └── webhook
        │   │   │   │   ├── service.yaml
        │   │   │   │   └── webhooks.yaml
        │   │   └── values.yaml
        │   └── install.yaml
        ├── go.mod
        ├── grafana
        │   ├── controller-resources-metrics.json
        │   ├── controller-runtime-metrics.json
        │   └── custom-metrics
        │   │   └── config.yaml
        ├── hack
        │   └── boilerplate.go.txt
        ├── internal
        │   ├── controller
        │   │   ├── busybox_controller.go
        │   │   ├── busybox_controller_test.go
        │   │   ├── memcached_controller.go
        │   │   ├── memcached_controller_test.go
        │   │   ├── suite_test.go
        │   │   ├── wordpress_controller.go
        │   │   └── wordpress_controller_test.go
        │   └── webhook
        │   │   ├── v1
        │   │       ├── wordpress_webhook.go
        │   │       └── wordpress_webhook_test.go
        │   │   └── v1alpha1
        │   │       ├── memcached_webhook.go
        │   │       ├── memcached_webhook_test.go
        │   │       └── webhook_suite_test.go
        └── test
        │   ├── e2e
        │       ├── e2e_suite_test.go
        │       └── e2e_test.go
        │   └── utils
        │       └── utils.go
    └── project-v4
        ├── .devcontainer
            ├── devcontainer.json
            └── post-install.sh
        ├── .dockerignore
        ├── .github
            └── workflows
            │   ├── lint.yml
            │   ├── test-e2e.yml
            │   └── test.yml
        ├── .gitignore
        ├── .golangci.yml
        ├── Dockerfile
        ├── Makefile
        ├── PROJECT
        ├── README.md
        ├── api
            ├── v1
            │   ├── admiral_types.go
            │   ├── captain_types.go
            │   ├── firstmate_conversion.go
            │   ├── firstmate_types.go
            │   ├── groupversion_info.go
            │   └── zz_generated.deepcopy.go
            └── v2
            │   ├── firstmate_conversion.go
            │   ├── firstmate_types.go
            │   ├── groupversion_info.go
            │   └── zz_generated.deepcopy.go
        ├── cmd
            └── main.go
        ├── config
            ├── certmanager
            │   ├── certificate-metrics.yaml
            │   ├── certificate-webhook.yaml
            │   ├── issuer.yaml
            │   ├── kustomization.yaml
            │   └── kustomizeconfig.yaml
            ├── crd
            │   ├── bases
            │   │   ├── crew.testproject.org_admirales.yaml
            │   │   ├── crew.testproject.org_captains.yaml
            │   │   └── crew.testproject.org_firstmates.yaml
            │   ├── kustomization.yaml
            │   ├── kustomizeconfig.yaml
            │   └── patches
            │   │   └── webhook_in_firstmates.yaml
            ├── default
            │   ├── cert_metrics_manager_patch.yaml
            │   ├── kustomization.yaml
            │   ├── manager_metrics_patch.yaml
            │   ├── manager_webhook_patch.yaml
            │   └── metrics_service.yaml
            ├── manager
            │   ├── kustomization.yaml
            │   └── manager.yaml
            ├── network-policy
            │   ├── allow-metrics-traffic.yaml
            │   ├── allow-webhook-traffic.yaml
            │   └── kustomization.yaml
            ├── prometheus
            │   ├── kustomization.yaml
            │   ├── monitor.yaml
            │   └── monitor_tls_patch.yaml
            ├── rbac
            │   ├── admiral_admin_role.yaml
            │   ├── admiral_editor_role.yaml
            │   ├── admiral_viewer_role.yaml
            │   ├── captain_admin_role.yaml
            │   ├── captain_editor_role.yaml
            │   ├── captain_viewer_role.yaml
            │   ├── firstmate_admin_role.yaml
            │   ├── firstmate_editor_role.yaml
            │   ├── firstmate_viewer_role.yaml
            │   ├── kustomization.yaml
            │   ├── leader_election_role.yaml
            │   ├── leader_election_role_binding.yaml
            │   ├── metrics_auth_role.yaml
            │   ├── metrics_auth_role_binding.yaml
            │   ├── metrics_reader_role.yaml
            │   ├── role.yaml
            │   ├── role_binding.yaml
            │   └── service_account.yaml
            ├── samples
            │   ├── crew_v1_admiral.yaml
            │   ├── crew_v1_captain.yaml
            │   ├── crew_v1_firstmate.yaml
            │   ├── crew_v2_firstmate.yaml
            │   └── kustomization.yaml
            └── webhook
            │   ├── kustomization.yaml
            │   ├── kustomizeconfig.yaml
            │   ├── manifests.yaml
            │   └── service.yaml
        ├── dist
            └── install.yaml
        ├── go.mod
        ├── hack
            └── boilerplate.go.txt
        ├── internal
            ├── controller
            │   ├── admiral_controller.go
            │   ├── admiral_controller_test.go
            │   ├── captain_controller.go
            │   ├── captain_controller_test.go
            │   ├── certificate_controller.go
            │   ├── certificate_controller_test.go
            │   ├── firstmate_controller.go
            │   ├── firstmate_controller_test.go
            │   └── suite_test.go
            └── webhook
            │   └── v1
            │       ├── admiral_webhook.go
            │       ├── admiral_webhook_test.go
            │       ├── captain_webhook.go
            │       ├── captain_webhook_test.go
            │       ├── deployment_webhook.go
            │       ├── deployment_webhook_test.go
            │       ├── firstmate_webhook.go
            │       ├── firstmate_webhook_test.go
            │       ├── issuer_webhook.go
            │       ├── issuer_webhook_test.go
            │       ├── pod_webhook.go
            │       ├── pod_webhook_test.go
            │       └── webhook_suite_test.go
        └── test
            ├── e2e
                ├── e2e_suite_test.go
                └── e2e_test.go
            └── utils
                └── utils.go


/.gitattributes:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/kubebuilder/59fbd4cb6af729ec78b3730d396ff4dfd6acb3a4/.gitattributes


--------------------------------------------------------------------------------
/.github/ISSUE_TEMPLATE/config.yml:
--------------------------------------------------------------------------------
 1 | # allow free form issues as an escape hatch.  This can be taken away if people abuse it ;-)
 2 | blank_issues_enabled: true
 3 | 
 4 | # link to CR and CT for easier access
 5 | contact_links:
 6 | - name: Runtime Issues
 7 |   url: https://github.com/kubernetes-sigs/controller-runtime/issues/new
 8 |   about: Runtime issues generally belong in the controller-runtime repository
 9 | 
10 | - name: CRD/Webhook/Deepcopy Generation Issues
11 |   url: https://github.com/kubernetes-sigs/controller-tools/issues/new
12 |   about: YAML & Go generation issues generally belong in the controller-tools repository
13 | 
14 | - name: Support Questions
15 |   url: https://github.com/kubernetes-sigs/kubebuilder/discussions/new
16 |   about: Need support & not sure if this a bug?  You can ask questions in Slack or GitHub discussions.
17 | 


--------------------------------------------------------------------------------
/.github/workflows/apidiff.yml:
--------------------------------------------------------------------------------
 1 | name: APIDiff
 2 | 
 3 | on:
 4 |   push:
 5 |     paths-ignore:
 6 |       - '**/*.md'
 7 |   pull_request:
 8 |     paths-ignore:
 9 |       - '**/*.md'
10 | 
11 | jobs:
12 |   go-apidiff:
13 |     name: Verify API differences
14 |     runs-on: ubuntu-latest
15 |     # Pull requests from different repository only trigger this checks
16 |     if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository)
17 |     steps:
18 |       - name: Clone the code
19 |         uses: actions/checkout@v4
20 |         with:
21 |           fetch-depth: 0
22 |       - name: Setup Go
23 |         uses: actions/setup-go@v5
24 |         with:
25 |           go-version-file: go.mod
26 |       - name: Execute go-apidiff
27 |         uses: joelanford/go-apidiff@v0.8.3
28 |         with:
29 |           compare-imports: true
30 |           print-compatible: true
31 | 


--------------------------------------------------------------------------------
/.github/workflows/spaces.yml:
--------------------------------------------------------------------------------
 1 | name: Trailing
 2 | 
 3 | on:
 4 |   push:
 5 |     paths:
 6 |       - '**/*.md'
 7 |   pull_request:
 8 |     paths:
 9 |       - '**/*.md'
10 | 
11 | jobs:
12 |   lint:
13 |     name: "Check Trailing"
14 |     runs-on: ubuntu-latest
15 |     # Pull requests from the same repository won't trigger this checks as they were already triggered by the push
16 |     if: (github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository)
17 |     steps:
18 |       - name: Clone the code
19 |         uses: actions/checkout@v4
20 |       - name: Run check
21 |         run: make test-spaces
22 | 


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
 1 | .idea/
 2 | .vscode/
 3 | WORKSPACE
 4 | .DS_Store
 5 | # don't check in the build output of the book
 6 | docs/book/book/
 7 | 
 8 | # ignore auto-generated dir by `mdbook serve`
 9 | docs/book/src/docs
10 | 
11 | # Editor temp files
12 | *~
13 | \#*#
14 | *.swp
15 | 
16 | # Skip bazel dirs
17 | /bazel-*
18 | 
19 | # skip bin dirs
20 | **/bin
21 | **/testbin
22 | 
23 | # skip .out files (coverage tests)
24 | *.out
25 | 
26 | # skip testdata go.sum, since it may have
27 | # different result depending on go version
28 | /testdata/**/go.sum
29 | /docs/book/src/simple-external-plugin-tutorial/testdata/sampleexternalplugin/v1/bin
30 | /testdata/**legacy**
31 | 


--------------------------------------------------------------------------------
/OWNERS:
--------------------------------------------------------------------------------
 1 | # See the OWNERS docs: https://git.k8s.io/community/contributors/guide/owners.md
 2 | 
 3 | approvers:
 4 |   - kubebuilder-admins
 5 |   - kubebuilder-approvers
 6 | reviewers:
 7 |   - kubebuilder-admins
 8 |   - kubebuilder-reviewers
 9 |   - kubebuilder-approvers
10 | 


--------------------------------------------------------------------------------
/SECURITY_CONTACTS:
--------------------------------------------------------------------------------
 1 | # Defined below are the security contacts for this repo.
 2 | #
 3 | # They are the contact point for the Product Security Team to reach out
 4 | # to for triaging and handling of incoming issues.
 5 | #
 6 | # The below names agree to abide by the
 7 | # [Embargo Policy](https://github.com/kubernetes/sig-release/blob/master/security-release-process-documentation/security-release-process.md#embargo-policy)
 8 | # and will be removed and replaced if they violate that agreement.
 9 | #
10 | # DO NOT REPORT SECURITY VULNERABILITIES DIRECTLY TO THESE NAMES, FOLLOW THE
11 | # INSTRUCTIONS AT https://kubernetes.io/security/
12 | 
13 | camilamacedo86
14 | varshaprasad96
15 | 


--------------------------------------------------------------------------------
/code-of-conduct.md:
--------------------------------------------------------------------------------
1 | # Kubernetes Community Code of Conduct
2 | 
3 | Please refer to our [Kubernetes Community Code of Conduct](https://git.k8s.io/community/code-of-conduct.md)


--------------------------------------------------------------------------------
/designs/assets/version_diagram.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/kubebuilder/59fbd4cb6af729ec78b3730d396ff4dfd6acb3a4/designs/assets/version_diagram.png


--------------------------------------------------------------------------------
/docs/README.md:
--------------------------------------------------------------------------------
 1 | # Running mdBook
 2 | 
 3 | The kubebuilder book is served using [mdBook](https://github.com/rust-lang-nursery/mdBook). If you want to test changes to the book locally, follow these directions:
 4 | 
 5 | 1. Follow the instructions at [https://rust-lang.github.io/mdBook/guide/installation.html](https://rust-lang.github.io/mdBook/guide/installation.html) to
 6 |    install mdBook.
 7 | 2. Make sure [controller-gen](https://pkg.go.dev/sigs.k8s.io/controller-tools/cmd/controller-gen) is installed in `$GOPATH`.
 8 | 3. cd into the `docs/book` directory
 9 | 4. Run `mdbook serve`
10 | 5. Visit [http://localhost:3000](http://localhost:3000)
11 | 
12 | # Steps to deploy
13 | 
14 | There are no manual steps needed to deploy the website.
15 | 
16 | Kubebuilder book website is deployed on Netlify.
17 | There is a preview of the website for each PR.
18 | As soon as the PR is merged, the website will be built and deployed on Netlify.
19 | 


--------------------------------------------------------------------------------
/docs/book/.firebaserc:
--------------------------------------------------------------------------------
1 | {}
2 | 


--------------------------------------------------------------------------------
/docs/book/book.toml:
--------------------------------------------------------------------------------
 1 | [book]
 2 | authors = ["The Kubebuilder Maintainers"]
 3 | multilingual = false
 4 | src = "src"
 5 | title = "The Kubebuilder Book"
 6 | 
 7 | [output.html]
 8 | smart-punctuation = true
 9 | additional-css = ["theme/css/markers.css", "theme/css/custom.css", "theme/css/version-dropdown.css"]
10 | git-repository-url = "https://github.com/kubernetes-sigs/kubebuilder"
11 | edit-url-template = "https://github.com/kubernetes-sigs/kubebuilder/edit/master/docs/book/{path}"
12 | 
13 | [preprocessor.literatego]
14 | command = "./litgo.sh"
15 | 
16 | [preprocessor.markerdocs]
17 | command = "./markerdocs.sh"
18 | 
19 | [context.environment]
20 |   environment = { GO_VERSION = "1.23" }
21 | 
22 | [context.deploy-preview.environment]
23 |   environment = { GO_VERSION = "1.23" }
24 | 
25 | 


--------------------------------------------------------------------------------
/docs/book/litgo.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | #  Copyright 2020 The Kubernetes Authors.
 4 | #
 5 | #  Licensed under the Apache License, Version 2.0 (the "License");
 6 | #  you may not use this file except in compliance with the License.
 7 | #  You may obtain a copy of the License at
 8 | #
 9 | #      http://www.apache.org/licenses/LICENSE-2.0
10 | #
11 | #  Unless required by applicable law or agreed to in writing, software
12 | #  distributed under the License is distributed on an "AS IS" BASIS,
13 | #  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | #  See the License for the specific language governing permissions and
15 | #  limitations under the License.
16 | 
17 | set -ex
18 | 
19 | (
20 |     pushd ./utils
21 |     go build -o ../../../bin/literate-go ./litgo
22 |     popd
23 | ) &>/dev/null
24 | 
25 | ../../bin/literate-go "$@"
26 | 


--------------------------------------------------------------------------------
/docs/book/markerdocs.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | #  Copyright 2020 The Kubernetes Authors.
 4 | #
 5 | #  Licensed under the Apache License, Version 2.0 (the "License");
 6 | #  you may not use this file except in compliance with the License.
 7 | #  You may obtain a copy of the License at
 8 | #
 9 | #      http://www.apache.org/licenses/LICENSE-2.0
10 | #
11 | #  Unless required by applicable law or agreed to in writing, software
12 | #  distributed under the License is distributed on an "AS IS" BASIS,
13 | #  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | #  See the License for the specific language governing permissions and
15 | #  limitations under the License.
16 | 
17 | set -ex
18 | 
19 | (
20 |     pushd ./utils
21 |     go build -o ../../../bin/marker-docs ./markerdocs
22 |     popd
23 | ) &>/dev/null
24 | 
25 | ../../bin/marker-docs "$@"
26 | 


--------------------------------------------------------------------------------
/docs/book/src/TODO.md:
--------------------------------------------------------------------------------
 1 | # Page Not Found
 2 | 
 3 | The page you are looking for could not be found. This might be because:
 4 | 
 5 | 1. The page has been moved or renamed
 6 | 2. The page is no longer available
 7 | 3. The URL was entered incorrectly
 8 | 
 9 | Please try:
10 | 
11 | - Going back to the [home page](https://book.kubebuilder.io/)
12 | - Using the search function
13 | - Suggest an edit [documentation index](https://github.com/kubernetes-sigs/kubebuilder/tree/master/docs/book/src)
14 | 
15 | Check out if someone is working on your issue [report an issue](https://github.com/kubernetes-sigs/kubebuilder/issues)
16 | If you believe this is an error, please [report an issue](https://github.com/kubernetes-sigs/kubebuilder/issues/new?template=BLANK_ISSUE)
17 | Reach out to us on [Slack](https://kubernetes.slack.com/messages/kubebuilder)


--------------------------------------------------------------------------------
/docs/book/src/architecture.md:
--------------------------------------------------------------------------------
1 | # Architecture Concept Diagram
2 | 
3 | The following diagram will help you get a better idea over the Kubebuilder concepts and architecture.
4 | 
5 | <!-- include these inline so we can style an match variables -->
6 | {{#include ./kb_concept_diagram.svg}}
7 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/controller-implementation.md:
--------------------------------------------------------------------------------
 1 | # Implementing a controller
 2 | 
 3 | The basic logic of our CronJob controller is this:
 4 | 
 5 | 1. Load the named CronJob
 6 | 
 7 | 2. List all active jobs, and update the status
 8 | 
 9 | 3. Clean up old jobs according to the history limits
10 | 
11 | 4. Check if we're suspended (and don't do anything else if we are)
12 | 
13 | 5. Get the next scheduled run
14 | 
15 | 6. Run a new job if it's on schedule, not past the deadline, and not
16 |    blocked by our concurrency policy
17 | 
18 | 7. Requeue when we either see a running job (done automatically) or it's
19 |    time for the next scheduled run.
20 | 
21 | {{#literatego ./testdata/project/internal/controller/cronjob_controller.go}}
22 | 
23 | That was a doozy, but now we've got a working controller.  Let's test
24 | against the cluster, then, if we don't have any issues, deploy it!
25 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/empty-main.md:
--------------------------------------------------------------------------------
1 | # Every journey needs a start, every program needs a main
2 | 
3 | {{#literatego ./testdata/emptymain.go}}
4 | 
5 | With that out of the way, we can get on to scaffolding our API!
6 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/epilogue.md:
--------------------------------------------------------------------------------
 1 | # Epilogue
 2 | 
 3 | By this point, we've got a pretty full-featured implementation of the
 4 | CronJob controller, made use of most of the features of
 5 | Kubebuilder, and written tests for the controller using envtest.
 6 | 
 7 | If you want more, head over to the [Multi-Version
 8 | Tutorial](/multiversion-tutorial/tutorial.md) to learn how to add new API
 9 | versions to a project.
10 | 
11 | Additionally, you can try the following steps on your own -- we'll have
12 | a tutorial section on them Soon™:
13 | 
14 | - adding [additional printer columns][printer-columns] `kubectl get`
15 | 
16 | [printer-columns]: /reference/generating-crd.md#additional-printer-columns
17 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/main-revisited.md:
--------------------------------------------------------------------------------
 1 | # You said something about main?
 2 | 
 3 | But first, remember how we said we'd [come back to `main.go`
 4 | again](/cronjob-tutorial/empty-main.md)? Let's take a look and see what's
 5 | changed, and what we need to add.
 6 | 
 7 | {{#literatego ./testdata/project/cmd/main.go}}
 8 | 
 9 | *Now* we can implement our controller.
10 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/.devcontainer/devcontainer.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "name": "Kubebuilder DevContainer",
 3 |   "image": "golang:1.24",
 4 |   "features": {
 5 |     "ghcr.io/devcontainers/features/docker-in-docker:2": {},
 6 |     "ghcr.io/devcontainers/features/git:1": {}
 7 |   },
 8 | 
 9 |   "runArgs": ["--network=host"],
10 | 
11 |   "customizations": {
12 |     "vscode": {
13 |       "settings": {
14 |         "terminal.integrated.shell.linux": "/bin/bash"
15 |       },
16 |       "extensions": [
17 |         "ms-kubernetes-tools.vscode-kubernetes-tools",
18 |         "ms-azuretools.vscode-docker"
19 |       ]
20 |     }
21 |   },
22 | 
23 |   "onCreateCommand": "bash .devcontainer/post-install.sh"
24 | }
25 | 
26 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/.devcontainer/post-install.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | set -x
 3 | 
 4 | curl -Lo ./kind https://kind.sigs.k8s.io/dl/latest/kind-linux-amd64
 5 | chmod +x ./kind
 6 | mv ./kind /usr/local/bin/kind
 7 | 
 8 | curl -L -o kubebuilder https://go.kubebuilder.io/dl/latest/linux/amd64
 9 | chmod +x kubebuilder
10 | mv kubebuilder /usr/local/bin/
11 | 
12 | KUBECTL_VERSION=$(curl -L -s https://dl.k8s.io/release/stable.txt)
13 | curl -LO "https://dl.k8s.io/release/$KUBECTL_VERSION/bin/linux/amd64/kubectl"
14 | chmod +x kubectl
15 | mv kubectl /usr/local/bin/kubectl
16 | 
17 | docker network create -d=bridge --subnet=172.19.0.0/24 kind
18 | 
19 | kind version
20 | kubebuilder version
21 | docker --version
22 | go version
23 | kubectl version --client
24 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/.dockerignore:
--------------------------------------------------------------------------------
1 | # More info: https://docs.docker.com/engine/reference/builder/#dockerignore-file
2 | # Ignore build and test binaries.
3 | bin/
4 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/.github/workflows/lint.yml:
--------------------------------------------------------------------------------
 1 | name: Lint
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 | 
 7 | jobs:
 8 |   lint:
 9 |     name: Run on Ubuntu
10 |     runs-on: ubuntu-latest
11 |     steps:
12 |       - name: Clone the code
13 |         uses: actions/checkout@v4
14 | 
15 |       - name: Setup Go
16 |         uses: actions/setup-go@v5
17 |         with:
18 |           go-version-file: go.mod
19 | 
20 |       - name: Run linter
21 |         uses: golangci/golangci-lint-action@v8
22 |         with:
23 |           version: v2.1.0
24 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/.github/workflows/test-e2e.yml:
--------------------------------------------------------------------------------
 1 | name: E2E Tests
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 | 
 7 | jobs:
 8 |   test-e2e:
 9 |     name: Run on Ubuntu
10 |     runs-on: ubuntu-latest
11 |     steps:
12 |       - name: Clone the code
13 |         uses: actions/checkout@v4
14 | 
15 |       - name: Setup Go
16 |         uses: actions/setup-go@v5
17 |         with:
18 |           go-version-file: go.mod
19 | 
20 |       - name: Install the latest version of kind
21 |         run: |
22 |           curl -Lo ./kind https://kind.sigs.k8s.io/dl/latest/kind-linux-amd64
23 |           chmod +x ./kind
24 |           sudo mv ./kind /usr/local/bin/kind
25 | 
26 |       - name: Verify kind installation
27 |         run: kind version
28 | 
29 |       - name: Running Test e2e
30 |         run: |
31 |           go mod tidy
32 |           make test-e2e
33 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/.github/workflows/test.yml:
--------------------------------------------------------------------------------
 1 | name: Tests
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 | 
 7 | jobs:
 8 |   test:
 9 |     name: Run on Ubuntu
10 |     runs-on: ubuntu-latest
11 |     steps:
12 |       - name: Clone the code
13 |         uses: actions/checkout@v4
14 | 
15 |       - name: Setup Go
16 |         uses: actions/setup-go@v5
17 |         with:
18 |           go-version-file: go.mod
19 | 
20 |       - name: Running Tests
21 |         run: |
22 |           go mod tidy
23 |           make test
24 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/.gitignore:
--------------------------------------------------------------------------------
 1 | # Binaries for programs and plugins
 2 | *.exe
 3 | *.exe~
 4 | *.dll
 5 | *.so
 6 | *.dylib
 7 | bin/*
 8 | Dockerfile.cross
 9 | 
10 | # Test binary, built with `go test -c`
11 | *.test
12 | 
13 | # Output of the go coverage tool, specifically when used with LiteIDE
14 | *.out
15 | 
16 | # Go workspace file
17 | go.work
18 | 
19 | # Kubernetes Generated files - skip generated files, except for vendored files
20 | !vendor/**/zz_generated.*
21 | 
22 | # editor and IDE paraphernalia
23 | .idea
24 | .vscode
25 | *.swp
26 | *.swo
27 | *~
28 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/PROJECT:
--------------------------------------------------------------------------------
 1 | # Code generated by tool. DO NOT EDIT.
 2 | # This file is used to track the info used to scaffold your project
 3 | # and allow the plugins properly work.
 4 | # More info: https://book.kubebuilder.io/reference/project-config.html
 5 | cliVersion: (devel)
 6 | domain: tutorial.kubebuilder.io
 7 | layout:
 8 | - go.kubebuilder.io/v4
 9 | plugins:
10 |   helm.kubebuilder.io/v1-alpha: {}
11 | projectName: project
12 | repo: tutorial.kubebuilder.io/project
13 | resources:
14 | - api:
15 |     crdVersion: v1
16 |     namespaced: true
17 |   controller: true
18 |   domain: tutorial.kubebuilder.io
19 |   group: batch
20 |   kind: CronJob
21 |   path: tutorial.kubebuilder.io/project/api/v1
22 |   version: v1
23 |   webhooks:
24 |     defaulting: true
25 |     validation: true
26 |     webhookVersion: v1
27 | version: "3"
28 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/config/certmanager/certificate-metrics.yaml:
--------------------------------------------------------------------------------
 1 | # The following manifests contain a self-signed issuer CR and a metrics certificate CR.
 2 | # More document can be found at https://docs.cert-manager.io
 3 | apiVersion: cert-manager.io/v1
 4 | kind: Certificate
 5 | metadata:
 6 |   labels:
 7 |     app.kubernetes.io/name: project
 8 |     app.kubernetes.io/managed-by: kustomize
 9 |   name: metrics-certs  # this name should match the one appeared in kustomizeconfig.yaml
10 |   namespace: system
11 | spec:
12 |   dnsNames:
13 |   # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
14 |   # replacements in the config/default/kustomization.yaml file.
15 |   - SERVICE_NAME.SERVICE_NAMESPACE.svc
16 |   - SERVICE_NAME.SERVICE_NAMESPACE.svc.cluster.local
17 |   issuerRef:
18 |     kind: Issuer
19 |     name: selfsigned-issuer
20 |   secretName: metrics-server-cert
21 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/config/certmanager/certificate-webhook.yaml:
--------------------------------------------------------------------------------
 1 | # The following manifests contain a self-signed issuer CR and a certificate CR.
 2 | # More document can be found at https://docs.cert-manager.io
 3 | apiVersion: cert-manager.io/v1
 4 | kind: Certificate
 5 | metadata:
 6 |   labels:
 7 |     app.kubernetes.io/name: project
 8 |     app.kubernetes.io/managed-by: kustomize
 9 |   name: serving-cert  # this name should match the one appeared in kustomizeconfig.yaml
10 |   namespace: system
11 | spec:
12 |   # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
13 |   # replacements in the config/default/kustomization.yaml file.
14 |   dnsNames:
15 |   - SERVICE_NAME.SERVICE_NAMESPACE.svc
16 |   - SERVICE_NAME.SERVICE_NAMESPACE.svc.cluster.local
17 |   issuerRef:
18 |     kind: Issuer
19 |     name: selfsigned-issuer
20 |   secretName: webhook-server-cert
21 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/config/certmanager/issuer.yaml:
--------------------------------------------------------------------------------
 1 | # The following manifest contains a self-signed issuer CR.
 2 | # More information can be found at https://docs.cert-manager.io
 3 | # WARNING: Targets CertManager v1.0. Check https://cert-manager.io/docs/installation/upgrading/ for breaking changes.
 4 | apiVersion: cert-manager.io/v1
 5 | kind: Issuer
 6 | metadata:
 7 |   labels:
 8 |     app.kubernetes.io/name: project
 9 |     app.kubernetes.io/managed-by: kustomize
10 |   name: selfsigned-issuer
11 |   namespace: system
12 | spec:
13 |   selfSigned: {}
14 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/config/certmanager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - issuer.yaml
3 | - certificate-webhook.yaml
4 | - certificate-metrics.yaml
5 | 
6 | configurations:
7 | - kustomizeconfig.yaml
8 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/config/certmanager/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # This configuration is for teaching kustomize how to update name ref substitution
2 | nameReference:
3 | - kind: Issuer
4 |   group: cert-manager.io
5 |   fieldSpecs:
6 |   - kind: Certificate
7 |     group: cert-manager.io
8 |     path: spec/issuerRef/name
9 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/config/crd/kustomization.yaml:
--------------------------------------------------------------------------------
 1 | # This kustomization.yaml is not intended to be run by itself,
 2 | # since it depends on service name and namespace that are out of this kustomize package.
 3 | # It should be run by config/default
 4 | resources:
 5 | - bases/batch.tutorial.kubebuilder.io_cronjobs.yaml
 6 | # +kubebuilder:scaffold:crdkustomizeresource
 7 | 
 8 | patches:
 9 | # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
10 | # patches here are for enabling the conversion webhook for each CRD
11 | # +kubebuilder:scaffold:crdkustomizewebhookpatch
12 | 
13 | # [WEBHOOK] To enable webhook, uncomment the following section
14 | # the following config is for teaching kustomize how to do kustomization for CRDs.
15 | #configurations:
16 | #- kustomizeconfig.yaml
17 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/config/crd/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
 1 | # This file is for teaching kustomize how to substitute name and namespace reference in CRD
 2 | nameReference:
 3 | - kind: Service
 4 |   version: v1
 5 |   fieldSpecs:
 6 |   - kind: CustomResourceDefinition
 7 |     version: v1
 8 |     group: apiextensions.k8s.io
 9 |     path: spec/conversion/webhook/clientConfig/service/name
10 | 
11 | namespace:
12 | - kind: CustomResourceDefinition
13 |   version: v1
14 |   group: apiextensions.k8s.io
15 |   path: spec/conversion/webhook/clientConfig/service/namespace
16 |   create: false
17 | 
18 | varReference:
19 | - path: metadata/annotations
20 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/config/default/manager_metrics_patch.yaml:
--------------------------------------------------------------------------------
1 | # This patch adds the args to allow exposing the metrics endpoint using HTTPS
2 | - op: add
3 |   path: /spec/template/spec/containers/0/args/0
4 |   value: --metrics-bind-address=:8443
5 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/config/default/metrics_service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     control-plane: controller-manager
 6 |     app.kubernetes.io/name: project
 7 |     app.kubernetes.io/managed-by: kustomize
 8 |   name: controller-manager-metrics-service
 9 |   namespace: system
10 | spec:
11 |   ports:
12 |   - name: https
13 |     port: 8443
14 |     protocol: TCP
15 |     targetPort: 8443
16 |   selector:
17 |     control-plane: controller-manager
18 |     app.kubernetes.io/name: project
19 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/config/manager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manager.yaml
3 | apiVersion: kustomize.config.k8s.io/v1beta1
4 | kind: Kustomization
5 | images:
6 | - name: controller
7 |   newName: controller
8 |   newTag: latest
9 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/config/network-policy/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - allow-webhook-traffic.yaml
3 | - allow-metrics-traffic.yaml
4 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/config/prometheus/kustomization.yaml:
--------------------------------------------------------------------------------
 1 | resources:
 2 | - monitor.yaml
 3 | 
 4 | # [PROMETHEUS-WITH-CERTS] The following patch configures the ServiceMonitor in ../prometheus
 5 | # to securely reference certificates created and managed by cert-manager.
 6 | # Additionally, ensure that you uncomment the [METRICS WITH CERTMANAGER] patch under config/default/kustomization.yaml
 7 | # to mount the "metrics-server-cert" secret in the Manager Deployment.
 8 | patches:
 9 |   - path: monitor_tls_patch.yaml
10 |     target:
11 |       kind: ServiceMonitor
12 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/config/prometheus/monitor_tls_patch.yaml:
--------------------------------------------------------------------------------
 1 | # Patch for Prometheus ServiceMonitor to enable secure TLS configuration
 2 | # using certificates managed by cert-manager
 3 | - op: replace
 4 |   path: /spec/endpoints/0/tlsConfig
 5 |   value:
 6 |     # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
 7 |     serverName: SERVICE_NAME.SERVICE_NAMESPACE.svc
 8 |     insecureSkipVerify: false
 9 |     ca:
10 |       secret:
11 |         name: metrics-server-cert
12 |         key: ca.crt
13 |     cert:
14 |       secret:
15 |         name: metrics-server-cert
16 |         key: tls.crt
17 |     keySecret:
18 |       name: metrics-server-cert
19 |       key: tls.key
20 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/config/rbac/leader_election_role.yaml:
--------------------------------------------------------------------------------
 1 | # permissions to do leader election.
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: Role
 4 | metadata:
 5 |   labels:
 6 |     app.kubernetes.io/name: project
 7 |     app.kubernetes.io/managed-by: kustomize
 8 |   name: leader-election-role
 9 | rules:
10 | - apiGroups:
11 |   - ""
12 |   resources:
13 |   - configmaps
14 |   verbs:
15 |   - get
16 |   - list
17 |   - watch
18 |   - create
19 |   - update
20 |   - patch
21 |   - delete
22 | - apiGroups:
23 |   - coordination.k8s.io
24 |   resources:
25 |   - leases
26 |   verbs:
27 |   - get
28 |   - list
29 |   - watch
30 |   - create
31 |   - update
32 |   - patch
33 |   - delete
34 | - apiGroups:
35 |   - ""
36 |   resources:
37 |   - events
38 |   verbs:
39 |   - create
40 |   - patch
41 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/config/rbac/leader_election_role_binding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: RoleBinding
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: leader-election-rolebinding
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: Role
11 |   name: leader-election-role
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: controller-manager
15 |   namespace: system
16 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/config/rbac/metrics_auth_role.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRole
 3 | metadata:
 4 |   name: metrics-auth-role
 5 | rules:
 6 | - apiGroups:
 7 |   - authentication.k8s.io
 8 |   resources:
 9 |   - tokenreviews
10 |   verbs:
11 |   - create
12 | - apiGroups:
13 |   - authorization.k8s.io
14 |   resources:
15 |   - subjectaccessreviews
16 |   verbs:
17 |   - create
18 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/config/rbac/metrics_auth_role_binding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRoleBinding
 3 | metadata:
 4 |   name: metrics-auth-rolebinding
 5 | roleRef:
 6 |   apiGroup: rbac.authorization.k8s.io
 7 |   kind: ClusterRole
 8 |   name: metrics-auth-role
 9 | subjects:
10 | - kind: ServiceAccount
11 |   name: controller-manager
12 |   namespace: system
13 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/config/rbac/metrics_reader_role.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRole
 3 | metadata:
 4 |   name: metrics-reader
 5 | rules:
 6 | - nonResourceURLs:
 7 |   - "/metrics"
 8 |   verbs:
 9 |   - get
10 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/config/rbac/role_binding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRoleBinding
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: manager-rolebinding
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: ClusterRole
11 |   name: manager-role
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: controller-manager
15 |   namespace: system
16 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/config/rbac/service_account.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 |   labels:
5 |     app.kubernetes.io/name: project
6 |     app.kubernetes.io/managed-by: kustomize
7 |   name: controller-manager
8 |   namespace: system
9 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/config/samples/batch_v1_cronjob.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: batch.tutorial.kubebuilder.io/v1
 2 | kind: CronJob
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: cronjob-sample
 8 | spec:
 9 |   schedule: "*/1 * * * *"
10 |   startingDeadlineSeconds: 60
11 |   concurrencyPolicy: Allow # explicitly specify, but Allow is also default.
12 |   jobTemplate:
13 |     spec:
14 |       template:
15 |         spec:
16 |           containers:
17 |           - name: hello
18 |             image: busybox
19 |             args:
20 |             - /bin/sh
21 |             - -c
22 |             - date; echo Hello from the Kubernetes cluster
23 |           restartPolicy: OnFailure
24 |   
25 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/config/samples/kustomization.yaml:
--------------------------------------------------------------------------------
1 | ## Append samples of your project ##
2 | resources:
3 | - batch_v1_cronjob.yaml
4 | # +kubebuilder:scaffold:manifestskustomizesamples
5 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/config/webhook/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manifests.yaml
3 | - service.yaml
4 | 
5 | configurations:
6 | - kustomizeconfig.yaml
7 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/config/webhook/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
 1 | # the following config is for teaching kustomize where to look at when substituting nameReference.
 2 | # It requires kustomize v2.1.0 or newer to work properly.
 3 | nameReference:
 4 | - kind: Service
 5 |   version: v1
 6 |   fieldSpecs:
 7 |   - kind: MutatingWebhookConfiguration
 8 |     group: admissionregistration.k8s.io
 9 |     path: webhooks/clientConfig/service/name
10 |   - kind: ValidatingWebhookConfiguration
11 |     group: admissionregistration.k8s.io
12 |     path: webhooks/clientConfig/service/name
13 | 
14 | namespace:
15 | - kind: MutatingWebhookConfiguration
16 |   group: admissionregistration.k8s.io
17 |   path: webhooks/clientConfig/service/namespace
18 |   create: true
19 | - kind: ValidatingWebhookConfiguration
20 |   group: admissionregistration.k8s.io
21 |   path: webhooks/clientConfig/service/namespace
22 |   create: true
23 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/config/webhook/service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: webhook-service
 8 |   namespace: system
 9 | spec:
10 |   ports:
11 |     - port: 443
12 |       protocol: TCP
13 |       targetPort: 9443
14 |   selector:
15 |     control-plane: controller-manager
16 |     app.kubernetes.io/name: project
17 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/dist/chart/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building Helm packages.
 2 | # Operating system files
 3 | .DS_Store
 4 | 
 5 | # Version control directories
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .hg/
10 | .hgignore
11 | .svn/
12 | 
13 | # Backup and temporary files
14 | *.swp
15 | *.tmp
16 | *.bak
17 | *.orig
18 | *~
19 | 
20 | # IDE and editor-related files
21 | .idea/
22 | .vscode/
23 | 
24 | # Helm chart artifacts
25 | dist/chart/*.tgz
26 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/dist/chart/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v2
2 | name: project
3 | description: A Helm chart to distribute the project project
4 | type: application
5 | version: 0.1.0
6 | appVersion: "0.1.0"
7 | icon: "https://example.com/icon.png"
8 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/dist/chart/templates/metrics/metrics-service.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.metrics.enable }}
 2 | apiVersion: v1
 3 | kind: Service
 4 | metadata:
 5 |   name: project-controller-manager-metrics-service
 6 |   namespace: {{ .Release.Namespace }}
 7 |   labels:
 8 |     {{- include "chart.labels" . | nindent 4 }}
 9 |     control-plane: controller-manager
10 | spec:
11 |   ports:
12 |     - port: 8443
13 |       targetPort: 8443
14 |       protocol: TCP
15 |       name: https
16 |   selector:
17 |     control-plane: controller-manager
18 | {{- end }}
19 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/dist/chart/templates/rbac/leader_election_role.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enable }}
 2 | # permissions to do leader election.
 3 | apiVersion: rbac.authorization.k8s.io/v1
 4 | kind: Role
 5 | metadata:
 6 |   labels:
 7 |     {{- include "chart.labels" . | nindent 4 }}
 8 |   namespace: {{ .Release.Namespace }}
 9 |   name: project-leader-election-role
10 | rules:
11 | - apiGroups:
12 |   - ""
13 |   resources:
14 |   - configmaps
15 |   verbs:
16 |   - get
17 |   - list
18 |   - watch
19 |   - create
20 |   - update
21 |   - patch
22 |   - delete
23 | - apiGroups:
24 |   - coordination.k8s.io
25 |   resources:
26 |   - leases
27 |   verbs:
28 |   - get
29 |   - list
30 |   - watch
31 |   - create
32 |   - update
33 |   - patch
34 |   - delete
35 | - apiGroups:
36 |   - ""
37 |   resources:
38 |   - events
39 |   verbs:
40 |   - create
41 |   - patch
42 | {{- end -}}
43 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/dist/chart/templates/rbac/leader_election_role_binding.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enable }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: RoleBinding
 4 | metadata:
 5 |   labels:
 6 |     {{- include "chart.labels" . | nindent 4 }}
 7 |   namespace: {{ .Release.Namespace }}
 8 |   name: project-leader-election-rolebinding
 9 | roleRef:
10 |   apiGroup: rbac.authorization.k8s.io
11 |   kind: Role
12 |   name: project-leader-election-role
13 | subjects:
14 | - kind: ServiceAccount
15 |   name: {{ .Values.controllerManager.serviceAccountName }}
16 |   namespace: {{ .Release.Namespace }}
17 | {{- end -}}
18 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/dist/chart/templates/rbac/metrics_auth_role.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.rbac.enable .Values.metrics.enable }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRole
 4 | metadata:
 5 |   labels:
 6 |     {{- include "chart.labels" . | nindent 4 }}
 7 |   name: project-metrics-auth-role
 8 | rules:
 9 | - apiGroups:
10 |   - authentication.k8s.io
11 |   resources:
12 |   - tokenreviews
13 |   verbs:
14 |   - create
15 | - apiGroups:
16 |   - authorization.k8s.io
17 |   resources:
18 |   - subjectaccessreviews
19 |   verbs:
20 |   - create
21 | {{- end -}}
22 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/dist/chart/templates/rbac/metrics_auth_role_binding.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.rbac.enable .Values.metrics.enable }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRoleBinding
 4 | metadata:
 5 |   labels:
 6 |     {{- include "chart.labels" . | nindent 4 }}
 7 |   name: project-metrics-auth-rolebinding
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: ClusterRole
11 |   name: project-metrics-auth-role
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: {{ .Values.controllerManager.serviceAccountName }}
15 |   namespace: {{ .Release.Namespace }}
16 | {{- end -}}
17 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/dist/chart/templates/rbac/metrics_reader_role.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.rbac.enable .Values.metrics.enable }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRole
 4 | metadata:
 5 |   labels:
 6 |     {{- include "chart.labels" . | nindent 4 }}
 7 |   name: project-metrics-reader
 8 | rules:
 9 | - nonResourceURLs:
10 |   - "/metrics"
11 |   verbs:
12 |   - get
13 | {{- end -}}
14 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/dist/chart/templates/rbac/role_binding.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enable }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRoleBinding
 4 | metadata:
 5 |   labels:
 6 |     {{- include "chart.labels" . | nindent 4 }}
 7 |   name: project-manager-rolebinding
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: ClusterRole
11 |   name: project-manager-role
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: {{ .Values.controllerManager.serviceAccountName }}
15 |   namespace: {{ .Release.Namespace }}
16 | {{- end -}}
17 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/dist/chart/templates/rbac/service_account.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enable }}
 2 | apiVersion: v1
 3 | kind: ServiceAccount
 4 | metadata:
 5 |   labels:
 6 |     {{- include "chart.labels" . | nindent 4 }}
 7 |   {{- if and .Values.controllerManager.serviceAccount .Values.controllerManager.serviceAccount.annotations }}
 8 |   annotations:
 9 |     {{- range $key, $value := .Values.controllerManager.serviceAccount.annotations }}
10 |     {{ $key }}: {{ $value }}
11 |     {{- end }}
12 |   {{- end }}
13 |   name: {{ .Values.controllerManager.serviceAccountName }}
14 |   namespace: {{ .Release.Namespace }}
15 | {{- end -}}
16 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/dist/chart/templates/webhook/service.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.webhook.enable }}
 2 | apiVersion: v1
 3 | kind: Service
 4 | metadata:
 5 |   name: project-webhook-service
 6 |   namespace: {{ .Release.Namespace }}
 7 |   labels:
 8 |     {{- include "chart.labels" . | nindent 4 }}
 9 | spec:
10 |   ports:
11 |     - port: 443
12 |       protocol: TCP
13 |       targetPort: 9443
14 |   selector:
15 |     control-plane: controller-manager
16 | {{- end }}
17 | 


--------------------------------------------------------------------------------
/docs/book/src/cronjob-tutorial/testdata/project/hack/boilerplate.go.txt:
--------------------------------------------------------------------------------
 1 | /*
 2 | Copyright 2025 The Kubernetes authors.
 3 | 
 4 | Licensed under the Apache License, Version 2.0 (the "License");
 5 | you may not use this file except in compliance with the License.
 6 | You may obtain a copy of the License at
 7 | 
 8 |     http://www.apache.org/licenses/LICENSE-2.0
 9 | 
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/.devcontainer/devcontainer.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "name": "Kubebuilder DevContainer",
 3 |   "image": "golang:1.24",
 4 |   "features": {
 5 |     "ghcr.io/devcontainers/features/docker-in-docker:2": {},
 6 |     "ghcr.io/devcontainers/features/git:1": {}
 7 |   },
 8 | 
 9 |   "runArgs": ["--network=host"],
10 | 
11 |   "customizations": {
12 |     "vscode": {
13 |       "settings": {
14 |         "terminal.integrated.shell.linux": "/bin/bash"
15 |       },
16 |       "extensions": [
17 |         "ms-kubernetes-tools.vscode-kubernetes-tools",
18 |         "ms-azuretools.vscode-docker"
19 |       ]
20 |     }
21 |   },
22 | 
23 |   "onCreateCommand": "bash .devcontainer/post-install.sh"
24 | }
25 | 
26 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/.devcontainer/post-install.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | set -x
 3 | 
 4 | curl -Lo ./kind https://kind.sigs.k8s.io/dl/latest/kind-linux-amd64
 5 | chmod +x ./kind
 6 | mv ./kind /usr/local/bin/kind
 7 | 
 8 | curl -L -o kubebuilder https://go.kubebuilder.io/dl/latest/linux/amd64
 9 | chmod +x kubebuilder
10 | mv kubebuilder /usr/local/bin/
11 | 
12 | KUBECTL_VERSION=$(curl -L -s https://dl.k8s.io/release/stable.txt)
13 | curl -LO "https://dl.k8s.io/release/$KUBECTL_VERSION/bin/linux/amd64/kubectl"
14 | chmod +x kubectl
15 | mv kubectl /usr/local/bin/kubectl
16 | 
17 | docker network create -d=bridge --subnet=172.19.0.0/24 kind
18 | 
19 | kind version
20 | kubebuilder version
21 | docker --version
22 | go version
23 | kubectl version --client
24 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/.dockerignore:
--------------------------------------------------------------------------------
1 | # More info: https://docs.docker.com/engine/reference/builder/#dockerignore-file
2 | # Ignore build and test binaries.
3 | bin/
4 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/.github/workflows/lint.yml:
--------------------------------------------------------------------------------
 1 | name: Lint
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 | 
 7 | jobs:
 8 |   lint:
 9 |     name: Run on Ubuntu
10 |     runs-on: ubuntu-latest
11 |     steps:
12 |       - name: Clone the code
13 |         uses: actions/checkout@v4
14 | 
15 |       - name: Setup Go
16 |         uses: actions/setup-go@v5
17 |         with:
18 |           go-version-file: go.mod
19 | 
20 |       - name: Run linter
21 |         uses: golangci/golangci-lint-action@v8
22 |         with:
23 |           version: v2.1.0
24 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/.github/workflows/test-e2e.yml:
--------------------------------------------------------------------------------
 1 | name: E2E Tests
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 | 
 7 | jobs:
 8 |   test-e2e:
 9 |     name: Run on Ubuntu
10 |     runs-on: ubuntu-latest
11 |     steps:
12 |       - name: Clone the code
13 |         uses: actions/checkout@v4
14 | 
15 |       - name: Setup Go
16 |         uses: actions/setup-go@v5
17 |         with:
18 |           go-version-file: go.mod
19 | 
20 |       - name: Install the latest version of kind
21 |         run: |
22 |           curl -Lo ./kind https://kind.sigs.k8s.io/dl/latest/kind-linux-amd64
23 |           chmod +x ./kind
24 |           sudo mv ./kind /usr/local/bin/kind
25 | 
26 |       - name: Verify kind installation
27 |         run: kind version
28 | 
29 |       - name: Running Test e2e
30 |         run: |
31 |           go mod tidy
32 |           make test-e2e
33 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/.github/workflows/test.yml:
--------------------------------------------------------------------------------
 1 | name: Tests
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 | 
 7 | jobs:
 8 |   test:
 9 |     name: Run on Ubuntu
10 |     runs-on: ubuntu-latest
11 |     steps:
12 |       - name: Clone the code
13 |         uses: actions/checkout@v4
14 | 
15 |       - name: Setup Go
16 |         uses: actions/setup-go@v5
17 |         with:
18 |           go-version-file: go.mod
19 | 
20 |       - name: Running Tests
21 |         run: |
22 |           go mod tidy
23 |           make test
24 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/.gitignore:
--------------------------------------------------------------------------------
 1 | # Binaries for programs and plugins
 2 | *.exe
 3 | *.exe~
 4 | *.dll
 5 | *.so
 6 | *.dylib
 7 | bin/*
 8 | Dockerfile.cross
 9 | 
10 | # Test binary, built with `go test -c`
11 | *.test
12 | 
13 | # Output of the go coverage tool, specifically when used with LiteIDE
14 | *.out
15 | 
16 | # Go workspace file
17 | go.work
18 | 
19 | # Kubernetes Generated files - skip generated files, except for vendored files
20 | !vendor/**/zz_generated.*
21 | 
22 | # editor and IDE paraphernalia
23 | .idea
24 | .vscode
25 | *.swp
26 | *.swo
27 | *~
28 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/PROJECT:
--------------------------------------------------------------------------------
 1 | # Code generated by tool. DO NOT EDIT.
 2 | # This file is used to track the info used to scaffold your project
 3 | # and allow the plugins properly work.
 4 | # More info: https://book.kubebuilder.io/reference/project-config.html
 5 | cliVersion: (devel)
 6 | domain: example.com
 7 | layout:
 8 | - go.kubebuilder.io/v4
 9 | plugins:
10 |   helm.kubebuilder.io/v1-alpha: {}
11 | projectName: project
12 | repo: example.com/memcached
13 | resources:
14 | - api:
15 |     crdVersion: v1
16 |     namespaced: true
17 |   controller: true
18 |   domain: example.com
19 |   group: cache
20 |   kind: Memcached
21 |   path: example.com/memcached/api/v1alpha1
22 |   version: v1alpha1
23 | version: "3"
24 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/config/crd/kustomization.yaml:
--------------------------------------------------------------------------------
 1 | # This kustomization.yaml is not intended to be run by itself,
 2 | # since it depends on service name and namespace that are out of this kustomize package.
 3 | # It should be run by config/default
 4 | resources:
 5 | - bases/cache.example.com_memcacheds.yaml
 6 | # +kubebuilder:scaffold:crdkustomizeresource
 7 | 
 8 | patches:
 9 | # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
10 | # patches here are for enabling the conversion webhook for each CRD
11 | # +kubebuilder:scaffold:crdkustomizewebhookpatch
12 | 
13 | # [WEBHOOK] To enable webhook, uncomment the following section
14 | # the following config is for teaching kustomize how to do kustomization for CRDs.
15 | #configurations:
16 | #- kustomizeconfig.yaml
17 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/config/crd/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
 1 | # This file is for teaching kustomize how to substitute name and namespace reference in CRD
 2 | nameReference:
 3 | - kind: Service
 4 |   version: v1
 5 |   fieldSpecs:
 6 |   - kind: CustomResourceDefinition
 7 |     version: v1
 8 |     group: apiextensions.k8s.io
 9 |     path: spec/conversion/webhook/clientConfig/service/name
10 | 
11 | namespace:
12 | - kind: CustomResourceDefinition
13 |   version: v1
14 |   group: apiextensions.k8s.io
15 |   path: spec/conversion/webhook/clientConfig/service/namespace
16 |   create: false
17 | 
18 | varReference:
19 | - path: metadata/annotations
20 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/config/default/manager_metrics_patch.yaml:
--------------------------------------------------------------------------------
1 | # This patch adds the args to allow exposing the metrics endpoint using HTTPS
2 | - op: add
3 |   path: /spec/template/spec/containers/0/args/0
4 |   value: --metrics-bind-address=:8443
5 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/config/default/metrics_service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     control-plane: controller-manager
 6 |     app.kubernetes.io/name: project
 7 |     app.kubernetes.io/managed-by: kustomize
 8 |   name: controller-manager-metrics-service
 9 |   namespace: system
10 | spec:
11 |   ports:
12 |   - name: https
13 |     port: 8443
14 |     protocol: TCP
15 |     targetPort: 8443
16 |   selector:
17 |     control-plane: controller-manager
18 |     app.kubernetes.io/name: project
19 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/config/manager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manager.yaml
3 | apiVersion: kustomize.config.k8s.io/v1beta1
4 | kind: Kustomization
5 | images:
6 | - name: controller
7 |   newName: controller
8 |   newTag: latest
9 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/config/network-policy/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - allow-metrics-traffic.yaml
3 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/config/prometheus/kustomization.yaml:
--------------------------------------------------------------------------------
 1 | resources:
 2 | - monitor.yaml
 3 | 
 4 | # [PROMETHEUS-WITH-CERTS] The following patch configures the ServiceMonitor in ../prometheus
 5 | # to securely reference certificates created and managed by cert-manager.
 6 | # Additionally, ensure that you uncomment the [METRICS WITH CERTMANAGER] patch under config/default/kustomization.yaml
 7 | # to mount the "metrics-server-cert" secret in the Manager Deployment.
 8 | #patches:
 9 | #  - path: monitor_tls_patch.yaml
10 | #    target:
11 | #      kind: ServiceMonitor
12 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/config/prometheus/monitor_tls_patch.yaml:
--------------------------------------------------------------------------------
 1 | # Patch for Prometheus ServiceMonitor to enable secure TLS configuration
 2 | # using certificates managed by cert-manager
 3 | - op: replace
 4 |   path: /spec/endpoints/0/tlsConfig
 5 |   value:
 6 |     # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
 7 |     serverName: SERVICE_NAME.SERVICE_NAMESPACE.svc
 8 |     insecureSkipVerify: false
 9 |     ca:
10 |       secret:
11 |         name: metrics-server-cert
12 |         key: ca.crt
13 |     cert:
14 |       secret:
15 |         name: metrics-server-cert
16 |         key: tls.crt
17 |     keySecret:
18 |       name: metrics-server-cert
19 |       key: tls.key
20 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/config/rbac/leader_election_role.yaml:
--------------------------------------------------------------------------------
 1 | # permissions to do leader election.
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: Role
 4 | metadata:
 5 |   labels:
 6 |     app.kubernetes.io/name: project
 7 |     app.kubernetes.io/managed-by: kustomize
 8 |   name: leader-election-role
 9 | rules:
10 | - apiGroups:
11 |   - ""
12 |   resources:
13 |   - configmaps
14 |   verbs:
15 |   - get
16 |   - list
17 |   - watch
18 |   - create
19 |   - update
20 |   - patch
21 |   - delete
22 | - apiGroups:
23 |   - coordination.k8s.io
24 |   resources:
25 |   - leases
26 |   verbs:
27 |   - get
28 |   - list
29 |   - watch
30 |   - create
31 |   - update
32 |   - patch
33 |   - delete
34 | - apiGroups:
35 |   - ""
36 |   resources:
37 |   - events
38 |   verbs:
39 |   - create
40 |   - patch
41 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/config/rbac/leader_election_role_binding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: RoleBinding
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: leader-election-rolebinding
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: Role
11 |   name: leader-election-role
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: controller-manager
15 |   namespace: system
16 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/config/rbac/memcached_admin_role.yaml:
--------------------------------------------------------------------------------
 1 | # This rule is not used by the project project itself.
 2 | # It is provided to allow the cluster admin to help manage permissions for users.
 3 | #
 4 | # Grants full permissions ('*') over cache.example.com.
 5 | # This role is intended for users authorized to modify roles and bindings within the cluster,
 6 | # enabling them to delegate specific permissions to other users or groups as needed.
 7 | 
 8 | apiVersion: rbac.authorization.k8s.io/v1
 9 | kind: ClusterRole
10 | metadata:
11 |   labels:
12 |     app.kubernetes.io/name: project
13 |     app.kubernetes.io/managed-by: kustomize
14 |   name: memcached-admin-role
15 | rules:
16 | - apiGroups:
17 |   - cache.example.com
18 |   resources:
19 |   - memcacheds
20 |   verbs:
21 |   - '*'
22 | - apiGroups:
23 |   - cache.example.com
24 |   resources:
25 |   - memcacheds/status
26 |   verbs:
27 |   - get
28 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/config/rbac/metrics_auth_role.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRole
 3 | metadata:
 4 |   name: metrics-auth-role
 5 | rules:
 6 | - apiGroups:
 7 |   - authentication.k8s.io
 8 |   resources:
 9 |   - tokenreviews
10 |   verbs:
11 |   - create
12 | - apiGroups:
13 |   - authorization.k8s.io
14 |   resources:
15 |   - subjectaccessreviews
16 |   verbs:
17 |   - create
18 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/config/rbac/metrics_auth_role_binding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRoleBinding
 3 | metadata:
 4 |   name: metrics-auth-rolebinding
 5 | roleRef:
 6 |   apiGroup: rbac.authorization.k8s.io
 7 |   kind: ClusterRole
 8 |   name: metrics-auth-role
 9 | subjects:
10 | - kind: ServiceAccount
11 |   name: controller-manager
12 |   namespace: system
13 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/config/rbac/metrics_reader_role.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRole
 3 | metadata:
 4 |   name: metrics-reader
 5 | rules:
 6 | - nonResourceURLs:
 7 |   - "/metrics"
 8 |   verbs:
 9 |   - get
10 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/config/rbac/role_binding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRoleBinding
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: manager-rolebinding
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: ClusterRole
11 |   name: manager-role
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: controller-manager
15 |   namespace: system
16 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/config/rbac/service_account.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 |   labels:
5 |     app.kubernetes.io/name: project
6 |     app.kubernetes.io/managed-by: kustomize
7 |   name: controller-manager
8 |   namespace: system
9 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/config/samples/cache_v1alpha1_memcached.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: cache.example.com/v1alpha1
 2 | kind: Memcached
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: memcached-sample
 8 | spec:
 9 |   # TODO(user): edit the following value to ensure the number
10 |   # of Pods/Instances your Operand must have on cluster
11 |   size: 1
12 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/config/samples/kustomization.yaml:
--------------------------------------------------------------------------------
1 | ## Append samples of your project ##
2 | resources:
3 | - cache_v1alpha1_memcached.yaml
4 | # +kubebuilder:scaffold:manifestskustomizesamples
5 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/dist/chart/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building Helm packages.
 2 | # Operating system files
 3 | .DS_Store
 4 | 
 5 | # Version control directories
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .hg/
10 | .hgignore
11 | .svn/
12 | 
13 | # Backup and temporary files
14 | *.swp
15 | *.tmp
16 | *.bak
17 | *.orig
18 | *~
19 | 
20 | # IDE and editor-related files
21 | .idea/
22 | .vscode/
23 | 
24 | # Helm chart artifacts
25 | dist/chart/*.tgz
26 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/dist/chart/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v2
2 | name: project
3 | description: A Helm chart to distribute the project project
4 | type: application
5 | version: 0.1.0
6 | appVersion: "0.1.0"
7 | icon: "https://example.com/icon.png"
8 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/dist/chart/templates/metrics/metrics-service.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.metrics.enable }}
 2 | apiVersion: v1
 3 | kind: Service
 4 | metadata:
 5 |   name: project-controller-manager-metrics-service
 6 |   namespace: {{ .Release.Namespace }}
 7 |   labels:
 8 |     {{- include "chart.labels" . | nindent 4 }}
 9 |     control-plane: controller-manager
10 | spec:
11 |   ports:
12 |     - port: 8443
13 |       targetPort: 8443
14 |       protocol: TCP
15 |       name: https
16 |   selector:
17 |     control-plane: controller-manager
18 | {{- end }}
19 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/dist/chart/templates/rbac/leader_election_role.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enable }}
 2 | # permissions to do leader election.
 3 | apiVersion: rbac.authorization.k8s.io/v1
 4 | kind: Role
 5 | metadata:
 6 |   labels:
 7 |     {{- include "chart.labels" . | nindent 4 }}
 8 |   namespace: {{ .Release.Namespace }}
 9 |   name: project-leader-election-role
10 | rules:
11 | - apiGroups:
12 |   - ""
13 |   resources:
14 |   - configmaps
15 |   verbs:
16 |   - get
17 |   - list
18 |   - watch
19 |   - create
20 |   - update
21 |   - patch
22 |   - delete
23 | - apiGroups:
24 |   - coordination.k8s.io
25 |   resources:
26 |   - leases
27 |   verbs:
28 |   - get
29 |   - list
30 |   - watch
31 |   - create
32 |   - update
33 |   - patch
34 |   - delete
35 | - apiGroups:
36 |   - ""
37 |   resources:
38 |   - events
39 |   verbs:
40 |   - create
41 |   - patch
42 | {{- end -}}
43 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/dist/chart/templates/rbac/leader_election_role_binding.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enable }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: RoleBinding
 4 | metadata:
 5 |   labels:
 6 |     {{- include "chart.labels" . | nindent 4 }}
 7 |   namespace: {{ .Release.Namespace }}
 8 |   name: project-leader-election-rolebinding
 9 | roleRef:
10 |   apiGroup: rbac.authorization.k8s.io
11 |   kind: Role
12 |   name: project-leader-election-role
13 | subjects:
14 | - kind: ServiceAccount
15 |   name: {{ .Values.controllerManager.serviceAccountName }}
16 |   namespace: {{ .Release.Namespace }}
17 | {{- end -}}
18 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/dist/chart/templates/rbac/metrics_auth_role.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.rbac.enable .Values.metrics.enable }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRole
 4 | metadata:
 5 |   labels:
 6 |     {{- include "chart.labels" . | nindent 4 }}
 7 |   name: project-metrics-auth-role
 8 | rules:
 9 | - apiGroups:
10 |   - authentication.k8s.io
11 |   resources:
12 |   - tokenreviews
13 |   verbs:
14 |   - create
15 | - apiGroups:
16 |   - authorization.k8s.io
17 |   resources:
18 |   - subjectaccessreviews
19 |   verbs:
20 |   - create
21 | {{- end -}}
22 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/dist/chart/templates/rbac/metrics_auth_role_binding.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.rbac.enable .Values.metrics.enable }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRoleBinding
 4 | metadata:
 5 |   labels:
 6 |     {{- include "chart.labels" . | nindent 4 }}
 7 |   name: project-metrics-auth-rolebinding
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: ClusterRole
11 |   name: project-metrics-auth-role
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: {{ .Values.controllerManager.serviceAccountName }}
15 |   namespace: {{ .Release.Namespace }}
16 | {{- end -}}
17 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/dist/chart/templates/rbac/metrics_reader_role.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.rbac.enable .Values.metrics.enable }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRole
 4 | metadata:
 5 |   labels:
 6 |     {{- include "chart.labels" . | nindent 4 }}
 7 |   name: project-metrics-reader
 8 | rules:
 9 | - nonResourceURLs:
10 |   - "/metrics"
11 |   verbs:
12 |   - get
13 | {{- end -}}
14 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/dist/chart/templates/rbac/role_binding.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enable }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRoleBinding
 4 | metadata:
 5 |   labels:
 6 |     {{- include "chart.labels" . | nindent 4 }}
 7 |   name: project-manager-rolebinding
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: ClusterRole
11 |   name: project-manager-role
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: {{ .Values.controllerManager.serviceAccountName }}
15 |   namespace: {{ .Release.Namespace }}
16 | {{- end -}}
17 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/dist/chart/templates/rbac/service_account.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enable }}
 2 | apiVersion: v1
 3 | kind: ServiceAccount
 4 | metadata:
 5 |   labels:
 6 |     {{- include "chart.labels" . | nindent 4 }}
 7 |   {{- if and .Values.controllerManager.serviceAccount .Values.controllerManager.serviceAccount.annotations }}
 8 |   annotations:
 9 |     {{- range $key, $value := .Values.controllerManager.serviceAccount.annotations }}
10 |     {{ $key }}: {{ $value }}
11 |     {{- end }}
12 |   {{- end }}
13 |   name: {{ .Values.controllerManager.serviceAccountName }}
14 |   namespace: {{ .Release.Namespace }}
15 | {{- end -}}
16 | 


--------------------------------------------------------------------------------
/docs/book/src/getting-started/testdata/project/hack/boilerplate.go.txt:
--------------------------------------------------------------------------------
 1 | /*
 2 | Copyright 2025 The Kubernetes authors.
 3 | 
 4 | Licensed under the Apache License, Version 2.0 (the "License");
 5 | you may not use this file except in compliance with the License.
 6 | You may obtain a copy of the License at
 7 | 
 8 |     http://www.apache.org/licenses/LICENSE-2.0
 9 | 
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */


--------------------------------------------------------------------------------
/docs/book/src/logos/README.md:
--------------------------------------------------------------------------------
 1 | # Kubebuilder Logos
 2 | 
 3 | The official location for the logos is in a [public GCS
 4 | bucket][kb-logos-gcs] (or if you like GCS XML listings,
 5 | [here][kb-logos-gcs-direct]).
 6 | 
 7 | These logos are copies used in the book, resized to their appropriate
 8 | sizes.
 9 | 
10 | [kb-logos-gcs]: https://console.cloud.google.com/storage/browser/kubebuilder-logos
11 | 
12 | [kb-logos-gcs-direct]: https://storage.googleapis.com/kubebuilder-logos
13 | 


--------------------------------------------------------------------------------
/docs/book/src/logos/favicon.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/kubebuilder/59fbd4cb6af729ec78b3730d396ff4dfd6acb3a4/docs/book/src/logos/favicon.png


--------------------------------------------------------------------------------
/docs/book/src/logos/logo-single-line.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/kubebuilder/59fbd4cb6af729ec78b3730d396ff4dfd6acb3a4/docs/book/src/logos/logo-single-line.png


--------------------------------------------------------------------------------
/docs/book/src/migration/v3-plugins.md:
--------------------------------------------------------------------------------
1 | # V3 - Plugins Layout Migration Guides
2 | 
3 | Following the migration guides from the plugins versions. Note that the plugins ecosystem
4 | was introduced with Kubebuilder v3.0.0 release where the go/v3 version is the default layout
5 | since `28 Apr 2021`.
6 | 
7 | Therefore, you can check here how to migrate the projects built from Kubebuilder 3.x with
8 | the plugin go/v3 to the latest.
9 | 


--------------------------------------------------------------------------------
/docs/book/src/migrations.md:
--------------------------------------------------------------------------------
1 | # Migrations
2 | 
3 | Migrating between project structures in Kubebuilder generally involves
4 | a bit of manual work.
5 | 
6 | This section details what's required to migrate, between different
7 | versions of Kubebuilder scaffolding, as well as to more complex project
8 | layout structures.
9 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/.devcontainer/devcontainer.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "name": "Kubebuilder DevContainer",
 3 |   "image": "golang:1.24",
 4 |   "features": {
 5 |     "ghcr.io/devcontainers/features/docker-in-docker:2": {},
 6 |     "ghcr.io/devcontainers/features/git:1": {}
 7 |   },
 8 | 
 9 |   "runArgs": ["--network=host"],
10 | 
11 |   "customizations": {
12 |     "vscode": {
13 |       "settings": {
14 |         "terminal.integrated.shell.linux": "/bin/bash"
15 |       },
16 |       "extensions": [
17 |         "ms-kubernetes-tools.vscode-kubernetes-tools",
18 |         "ms-azuretools.vscode-docker"
19 |       ]
20 |     }
21 |   },
22 | 
23 |   "onCreateCommand": "bash .devcontainer/post-install.sh"
24 | }
25 | 
26 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/.devcontainer/post-install.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | set -x
 3 | 
 4 | curl -Lo ./kind https://kind.sigs.k8s.io/dl/latest/kind-linux-amd64
 5 | chmod +x ./kind
 6 | mv ./kind /usr/local/bin/kind
 7 | 
 8 | curl -L -o kubebuilder https://go.kubebuilder.io/dl/latest/linux/amd64
 9 | chmod +x kubebuilder
10 | mv kubebuilder /usr/local/bin/
11 | 
12 | KUBECTL_VERSION=$(curl -L -s https://dl.k8s.io/release/stable.txt)
13 | curl -LO "https://dl.k8s.io/release/$KUBECTL_VERSION/bin/linux/amd64/kubectl"
14 | chmod +x kubectl
15 | mv kubectl /usr/local/bin/kubectl
16 | 
17 | docker network create -d=bridge --subnet=172.19.0.0/24 kind
18 | 
19 | kind version
20 | kubebuilder version
21 | docker --version
22 | go version
23 | kubectl version --client
24 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/.dockerignore:
--------------------------------------------------------------------------------
1 | # More info: https://docs.docker.com/engine/reference/builder/#dockerignore-file
2 | # Ignore build and test binaries.
3 | bin/
4 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/.github/workflows/lint.yml:
--------------------------------------------------------------------------------
 1 | name: Lint
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 | 
 7 | jobs:
 8 |   lint:
 9 |     name: Run on Ubuntu
10 |     runs-on: ubuntu-latest
11 |     steps:
12 |       - name: Clone the code
13 |         uses: actions/checkout@v4
14 | 
15 |       - name: Setup Go
16 |         uses: actions/setup-go@v5
17 |         with:
18 |           go-version-file: go.mod
19 | 
20 |       - name: Run linter
21 |         uses: golangci/golangci-lint-action@v8
22 |         with:
23 |           version: v2.1.0
24 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/.github/workflows/test-e2e.yml:
--------------------------------------------------------------------------------
 1 | name: E2E Tests
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 | 
 7 | jobs:
 8 |   test-e2e:
 9 |     name: Run on Ubuntu
10 |     runs-on: ubuntu-latest
11 |     steps:
12 |       - name: Clone the code
13 |         uses: actions/checkout@v4
14 | 
15 |       - name: Setup Go
16 |         uses: actions/setup-go@v5
17 |         with:
18 |           go-version-file: go.mod
19 | 
20 |       - name: Install the latest version of kind
21 |         run: |
22 |           curl -Lo ./kind https://kind.sigs.k8s.io/dl/latest/kind-linux-amd64
23 |           chmod +x ./kind
24 |           sudo mv ./kind /usr/local/bin/kind
25 | 
26 |       - name: Verify kind installation
27 |         run: kind version
28 | 
29 |       - name: Running Test e2e
30 |         run: |
31 |           go mod tidy
32 |           make test-e2e
33 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/.github/workflows/test.yml:
--------------------------------------------------------------------------------
 1 | name: Tests
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 | 
 7 | jobs:
 8 |   test:
 9 |     name: Run on Ubuntu
10 |     runs-on: ubuntu-latest
11 |     steps:
12 |       - name: Clone the code
13 |         uses: actions/checkout@v4
14 | 
15 |       - name: Setup Go
16 |         uses: actions/setup-go@v5
17 |         with:
18 |           go-version-file: go.mod
19 | 
20 |       - name: Running Tests
21 |         run: |
22 |           go mod tidy
23 |           make test
24 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/.gitignore:
--------------------------------------------------------------------------------
 1 | # Binaries for programs and plugins
 2 | *.exe
 3 | *.exe~
 4 | *.dll
 5 | *.so
 6 | *.dylib
 7 | bin/*
 8 | Dockerfile.cross
 9 | 
10 | # Test binary, built with `go test -c`
11 | *.test
12 | 
13 | # Output of the go coverage tool, specifically when used with LiteIDE
14 | *.out
15 | 
16 | # Go workspace file
17 | go.work
18 | 
19 | # Kubernetes Generated files - skip generated files, except for vendored files
20 | !vendor/**/zz_generated.*
21 | 
22 | # editor and IDE paraphernalia
23 | .idea
24 | .vscode
25 | *.swp
26 | *.swo
27 | *~
28 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/certmanager/certificate-metrics.yaml:
--------------------------------------------------------------------------------
 1 | # The following manifests contain a self-signed issuer CR and a metrics certificate CR.
 2 | # More document can be found at https://docs.cert-manager.io
 3 | apiVersion: cert-manager.io/v1
 4 | kind: Certificate
 5 | metadata:
 6 |   labels:
 7 |     app.kubernetes.io/name: project
 8 |     app.kubernetes.io/managed-by: kustomize
 9 |   name: metrics-certs  # this name should match the one appeared in kustomizeconfig.yaml
10 |   namespace: system
11 | spec:
12 |   dnsNames:
13 |   # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
14 |   # replacements in the config/default/kustomization.yaml file.
15 |   - SERVICE_NAME.SERVICE_NAMESPACE.svc
16 |   - SERVICE_NAME.SERVICE_NAMESPACE.svc.cluster.local
17 |   issuerRef:
18 |     kind: Issuer
19 |     name: selfsigned-issuer
20 |   secretName: metrics-server-cert
21 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/certmanager/certificate-webhook.yaml:
--------------------------------------------------------------------------------
 1 | # The following manifests contain a self-signed issuer CR and a certificate CR.
 2 | # More document can be found at https://docs.cert-manager.io
 3 | apiVersion: cert-manager.io/v1
 4 | kind: Certificate
 5 | metadata:
 6 |   labels:
 7 |     app.kubernetes.io/name: project
 8 |     app.kubernetes.io/managed-by: kustomize
 9 |   name: serving-cert  # this name should match the one appeared in kustomizeconfig.yaml
10 |   namespace: system
11 | spec:
12 |   # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
13 |   # replacements in the config/default/kustomization.yaml file.
14 |   dnsNames:
15 |   - SERVICE_NAME.SERVICE_NAMESPACE.svc
16 |   - SERVICE_NAME.SERVICE_NAMESPACE.svc.cluster.local
17 |   issuerRef:
18 |     kind: Issuer
19 |     name: selfsigned-issuer
20 |   secretName: webhook-server-cert
21 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/certmanager/issuer.yaml:
--------------------------------------------------------------------------------
 1 | # The following manifest contains a self-signed issuer CR.
 2 | # More information can be found at https://docs.cert-manager.io
 3 | # WARNING: Targets CertManager v1.0. Check https://cert-manager.io/docs/installation/upgrading/ for breaking changes.
 4 | apiVersion: cert-manager.io/v1
 5 | kind: Issuer
 6 | metadata:
 7 |   labels:
 8 |     app.kubernetes.io/name: project
 9 |     app.kubernetes.io/managed-by: kustomize
10 |   name: selfsigned-issuer
11 |   namespace: system
12 | spec:
13 |   selfSigned: {}
14 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/certmanager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - issuer.yaml
3 | - certificate-webhook.yaml
4 | - certificate-metrics.yaml
5 | 
6 | configurations:
7 | - kustomizeconfig.yaml
8 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/certmanager/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # This configuration is for teaching kustomize how to update name ref substitution
2 | nameReference:
3 | - kind: Issuer
4 |   group: cert-manager.io
5 |   fieldSpecs:
6 |   - kind: Certificate
7 |     group: cert-manager.io
8 |     path: spec/issuerRef/name
9 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/crd/kustomization.yaml:
--------------------------------------------------------------------------------
 1 | # This kustomization.yaml is not intended to be run by itself,
 2 | # since it depends on service name and namespace that are out of this kustomize package.
 3 | # It should be run by config/default
 4 | resources:
 5 | - bases/batch.tutorial.kubebuilder.io_cronjobs.yaml
 6 | # +kubebuilder:scaffold:crdkustomizeresource
 7 | 
 8 | patches:
 9 | # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
10 | # patches here are for enabling the conversion webhook for each CRD
11 | - path: patches/webhook_in_cronjobs.yaml
12 | # +kubebuilder:scaffold:crdkustomizewebhookpatch
13 | 
14 | # [WEBHOOK] To enable webhook, uncomment the following section
15 | # the following config is for teaching kustomize how to do kustomization for CRDs.
16 | configurations:
17 | - kustomizeconfig.yaml
18 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/crd/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
 1 | # This file is for teaching kustomize how to substitute name and namespace reference in CRD
 2 | nameReference:
 3 | - kind: Service
 4 |   version: v1
 5 |   fieldSpecs:
 6 |   - kind: CustomResourceDefinition
 7 |     version: v1
 8 |     group: apiextensions.k8s.io
 9 |     path: spec/conversion/webhook/clientConfig/service/name
10 | 
11 | namespace:
12 | - kind: CustomResourceDefinition
13 |   version: v1
14 |   group: apiextensions.k8s.io
15 |   path: spec/conversion/webhook/clientConfig/service/namespace
16 |   create: false
17 | 
18 | varReference:
19 | - path: metadata/annotations
20 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/crd/patches/webhook_in_cronjobs.yaml:
--------------------------------------------------------------------------------
 1 | # The following patch enables a conversion webhook for the CRD
 2 | apiVersion: apiextensions.k8s.io/v1
 3 | kind: CustomResourceDefinition
 4 | metadata:
 5 |   name: cronjobs.batch.tutorial.kubebuilder.io
 6 | spec:
 7 |   conversion:
 8 |     strategy: Webhook
 9 |     webhook:
10 |       clientConfig:
11 |         service:
12 |           namespace: system
13 |           name: webhook-service
14 |           path: /convert
15 |       conversionReviewVersions:
16 |       - v1
17 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/default/manager_metrics_patch.yaml:
--------------------------------------------------------------------------------
1 | # This patch adds the args to allow exposing the metrics endpoint using HTTPS
2 | - op: add
3 |   path: /spec/template/spec/containers/0/args/0
4 |   value: --metrics-bind-address=:8443
5 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/default/metrics_service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     control-plane: controller-manager
 6 |     app.kubernetes.io/name: project
 7 |     app.kubernetes.io/managed-by: kustomize
 8 |   name: controller-manager-metrics-service
 9 |   namespace: system
10 | spec:
11 |   ports:
12 |   - name: https
13 |     port: 8443
14 |     protocol: TCP
15 |     targetPort: 8443
16 |   selector:
17 |     control-plane: controller-manager
18 |     app.kubernetes.io/name: project
19 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/manager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manager.yaml
3 | apiVersion: kustomize.config.k8s.io/v1beta1
4 | kind: Kustomization
5 | images:
6 | - name: controller
7 |   newName: controller
8 |   newTag: latest
9 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/network-policy/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - allow-webhook-traffic.yaml
3 | - allow-metrics-traffic.yaml
4 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/prometheus/kustomization.yaml:
--------------------------------------------------------------------------------
 1 | resources:
 2 | - monitor.yaml
 3 | 
 4 | # [PROMETHEUS-WITH-CERTS] The following patch configures the ServiceMonitor in ../prometheus
 5 | # to securely reference certificates created and managed by cert-manager.
 6 | # Additionally, ensure that you uncomment the [METRICS WITH CERTMANAGER] patch under config/default/kustomization.yaml
 7 | # to mount the "metrics-server-cert" secret in the Manager Deployment.
 8 | patches:
 9 |   - path: monitor_tls_patch.yaml
10 |     target:
11 |       kind: ServiceMonitor
12 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/prometheus/monitor_tls_patch.yaml:
--------------------------------------------------------------------------------
 1 | # Patch for Prometheus ServiceMonitor to enable secure TLS configuration
 2 | # using certificates managed by cert-manager
 3 | - op: replace
 4 |   path: /spec/endpoints/0/tlsConfig
 5 |   value:
 6 |     # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
 7 |     serverName: SERVICE_NAME.SERVICE_NAMESPACE.svc
 8 |     insecureSkipVerify: false
 9 |     ca:
10 |       secret:
11 |         name: metrics-server-cert
12 |         key: ca.crt
13 |     cert:
14 |       secret:
15 |         name: metrics-server-cert
16 |         key: tls.crt
17 |     keySecret:
18 |       name: metrics-server-cert
19 |       key: tls.key
20 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/rbac/leader_election_role.yaml:
--------------------------------------------------------------------------------
 1 | # permissions to do leader election.
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: Role
 4 | metadata:
 5 |   labels:
 6 |     app.kubernetes.io/name: project
 7 |     app.kubernetes.io/managed-by: kustomize
 8 |   name: leader-election-role
 9 | rules:
10 | - apiGroups:
11 |   - ""
12 |   resources:
13 |   - configmaps
14 |   verbs:
15 |   - get
16 |   - list
17 |   - watch
18 |   - create
19 |   - update
20 |   - patch
21 |   - delete
22 | - apiGroups:
23 |   - coordination.k8s.io
24 |   resources:
25 |   - leases
26 |   verbs:
27 |   - get
28 |   - list
29 |   - watch
30 |   - create
31 |   - update
32 |   - patch
33 |   - delete
34 | - apiGroups:
35 |   - ""
36 |   resources:
37 |   - events
38 |   verbs:
39 |   - create
40 |   - patch
41 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/rbac/leader_election_role_binding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: RoleBinding
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: leader-election-rolebinding
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: Role
11 |   name: leader-election-role
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: controller-manager
15 |   namespace: system
16 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/rbac/metrics_auth_role.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRole
 3 | metadata:
 4 |   name: metrics-auth-role
 5 | rules:
 6 | - apiGroups:
 7 |   - authentication.k8s.io
 8 |   resources:
 9 |   - tokenreviews
10 |   verbs:
11 |   - create
12 | - apiGroups:
13 |   - authorization.k8s.io
14 |   resources:
15 |   - subjectaccessreviews
16 |   verbs:
17 |   - create
18 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/rbac/metrics_auth_role_binding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRoleBinding
 3 | metadata:
 4 |   name: metrics-auth-rolebinding
 5 | roleRef:
 6 |   apiGroup: rbac.authorization.k8s.io
 7 |   kind: ClusterRole
 8 |   name: metrics-auth-role
 9 | subjects:
10 | - kind: ServiceAccount
11 |   name: controller-manager
12 |   namespace: system
13 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/rbac/metrics_reader_role.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRole
 3 | metadata:
 4 |   name: metrics-reader
 5 | rules:
 6 | - nonResourceURLs:
 7 |   - "/metrics"
 8 |   verbs:
 9 |   - get
10 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/rbac/role_binding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRoleBinding
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: manager-rolebinding
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: ClusterRole
11 |   name: manager-role
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: controller-manager
15 |   namespace: system
16 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/rbac/service_account.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 |   labels:
5 |     app.kubernetes.io/name: project
6 |     app.kubernetes.io/managed-by: kustomize
7 |   name: controller-manager
8 |   namespace: system
9 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/samples/batch_v1_cronjob.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: batch.tutorial.kubebuilder.io/v1
 2 | kind: CronJob
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: cronjob-sample
 8 | spec:
 9 |   schedule: "*/1 * * * *"
10 |   startingDeadlineSeconds: 60
11 |   concurrencyPolicy: Allow # explicitly specify, but Allow is also default.
12 |   jobTemplate:
13 |     spec:
14 |       template:
15 |         spec:
16 |           containers:
17 |           - name: hello
18 |             image: busybox
19 |             args:
20 |             - /bin/sh
21 |             - -c
22 |             - date; echo Hello from the Kubernetes cluster
23 |           restartPolicy: OnFailure
24 |   
25 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/samples/batch_v2_cronjob.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: batch.tutorial.kubebuilder.io/v2
 2 | kind: CronJob
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: cronjob-sample
 8 | spec:
 9 |   schedule:
10 |     minute: "*/1"
11 |   startingDeadlineSeconds: 60
12 |   concurrencyPolicy: Allow # explicitly specify, but Allow is also default.
13 |   jobTemplate:
14 |     spec:
15 |       template:
16 |         spec:
17 |           containers:
18 |           - name: hello
19 |             image: busybox
20 |             args:
21 |             - /bin/sh
22 |             - -c
23 |             - date; echo Hello from the Kubernetes cluster
24 |           restartPolicy: OnFailure
25 | 
26 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/samples/kustomization.yaml:
--------------------------------------------------------------------------------
1 | ## Append samples of your project ##
2 | resources:
3 | - batch_v1_cronjob.yaml
4 | - batch_v2_cronjob.yaml
5 | # +kubebuilder:scaffold:manifestskustomizesamples
6 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/webhook/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manifests.yaml
3 | - service.yaml
4 | 
5 | configurations:
6 | - kustomizeconfig.yaml
7 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/webhook/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
 1 | # the following config is for teaching kustomize where to look at when substituting nameReference.
 2 | # It requires kustomize v2.1.0 or newer to work properly.
 3 | nameReference:
 4 | - kind: Service
 5 |   version: v1
 6 |   fieldSpecs:
 7 |   - kind: MutatingWebhookConfiguration
 8 |     group: admissionregistration.k8s.io
 9 |     path: webhooks/clientConfig/service/name
10 |   - kind: ValidatingWebhookConfiguration
11 |     group: admissionregistration.k8s.io
12 |     path: webhooks/clientConfig/service/name
13 | 
14 | namespace:
15 | - kind: MutatingWebhookConfiguration
16 |   group: admissionregistration.k8s.io
17 |   path: webhooks/clientConfig/service/namespace
18 |   create: true
19 | - kind: ValidatingWebhookConfiguration
20 |   group: admissionregistration.k8s.io
21 |   path: webhooks/clientConfig/service/namespace
22 |   create: true
23 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/config/webhook/service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: webhook-service
 8 |   namespace: system
 9 | spec:
10 |   ports:
11 |     - port: 443
12 |       protocol: TCP
13 |       targetPort: 9443
14 |   selector:
15 |     control-plane: controller-manager
16 |     app.kubernetes.io/name: project
17 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/dist/chart/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building Helm packages.
 2 | # Operating system files
 3 | .DS_Store
 4 | 
 5 | # Version control directories
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .hg/
10 | .hgignore
11 | .svn/
12 | 
13 | # Backup and temporary files
14 | *.swp
15 | *.tmp
16 | *.bak
17 | *.orig
18 | *~
19 | 
20 | # IDE and editor-related files
21 | .idea/
22 | .vscode/
23 | 
24 | # Helm chart artifacts
25 | dist/chart/*.tgz
26 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/dist/chart/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v2
2 | name: project
3 | description: A Helm chart to distribute the project project
4 | type: application
5 | version: 0.1.0
6 | appVersion: "0.1.0"
7 | icon: "https://example.com/icon.png"
8 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/dist/chart/templates/metrics/metrics-service.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.metrics.enable }}
 2 | apiVersion: v1
 3 | kind: Service
 4 | metadata:
 5 |   name: project-controller-manager-metrics-service
 6 |   namespace: {{ .Release.Namespace }}
 7 |   labels:
 8 |     {{- include "chart.labels" . | nindent 4 }}
 9 |     control-plane: controller-manager
10 | spec:
11 |   ports:
12 |     - port: 8443
13 |       targetPort: 8443
14 |       protocol: TCP
15 |       name: https
16 |   selector:
17 |     control-plane: controller-manager
18 | {{- end }}
19 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/dist/chart/templates/rbac/leader_election_role.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enable }}
 2 | # permissions to do leader election.
 3 | apiVersion: rbac.authorization.k8s.io/v1
 4 | kind: Role
 5 | metadata:
 6 |   labels:
 7 |     {{- include "chart.labels" . | nindent 4 }}
 8 |   namespace: {{ .Release.Namespace }}
 9 |   name: project-leader-election-role
10 | rules:
11 | - apiGroups:
12 |   - ""
13 |   resources:
14 |   - configmaps
15 |   verbs:
16 |   - get
17 |   - list
18 |   - watch
19 |   - create
20 |   - update
21 |   - patch
22 |   - delete
23 | - apiGroups:
24 |   - coordination.k8s.io
25 |   resources:
26 |   - leases
27 |   verbs:
28 |   - get
29 |   - list
30 |   - watch
31 |   - create
32 |   - update
33 |   - patch
34 |   - delete
35 | - apiGroups:
36 |   - ""
37 |   resources:
38 |   - events
39 |   verbs:
40 |   - create
41 |   - patch
42 | {{- end -}}
43 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/dist/chart/templates/rbac/leader_election_role_binding.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enable }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: RoleBinding
 4 | metadata:
 5 |   labels:
 6 |     {{- include "chart.labels" . | nindent 4 }}
 7 |   namespace: {{ .Release.Namespace }}
 8 |   name: project-leader-election-rolebinding
 9 | roleRef:
10 |   apiGroup: rbac.authorization.k8s.io
11 |   kind: Role
12 |   name: project-leader-election-role
13 | subjects:
14 | - kind: ServiceAccount
15 |   name: {{ .Values.controllerManager.serviceAccountName }}
16 |   namespace: {{ .Release.Namespace }}
17 | {{- end -}}
18 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/dist/chart/templates/rbac/metrics_auth_role.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.rbac.enable .Values.metrics.enable }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRole
 4 | metadata:
 5 |   labels:
 6 |     {{- include "chart.labels" . | nindent 4 }}
 7 |   name: project-metrics-auth-role
 8 | rules:
 9 | - apiGroups:
10 |   - authentication.k8s.io
11 |   resources:
12 |   - tokenreviews
13 |   verbs:
14 |   - create
15 | - apiGroups:
16 |   - authorization.k8s.io
17 |   resources:
18 |   - subjectaccessreviews
19 |   verbs:
20 |   - create
21 | {{- end -}}
22 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/dist/chart/templates/rbac/metrics_auth_role_binding.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.rbac.enable .Values.metrics.enable }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRoleBinding
 4 | metadata:
 5 |   labels:
 6 |     {{- include "chart.labels" . | nindent 4 }}
 7 |   name: project-metrics-auth-rolebinding
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: ClusterRole
11 |   name: project-metrics-auth-role
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: {{ .Values.controllerManager.serviceAccountName }}
15 |   namespace: {{ .Release.Namespace }}
16 | {{- end -}}
17 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/dist/chart/templates/rbac/metrics_reader_role.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.rbac.enable .Values.metrics.enable }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRole
 4 | metadata:
 5 |   labels:
 6 |     {{- include "chart.labels" . | nindent 4 }}
 7 |   name: project-metrics-reader
 8 | rules:
 9 | - nonResourceURLs:
10 |   - "/metrics"
11 |   verbs:
12 |   - get
13 | {{- end -}}
14 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/dist/chart/templates/rbac/role_binding.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enable }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRoleBinding
 4 | metadata:
 5 |   labels:
 6 |     {{- include "chart.labels" . | nindent 4 }}
 7 |   name: project-manager-rolebinding
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: ClusterRole
11 |   name: project-manager-role
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: {{ .Values.controllerManager.serviceAccountName }}
15 |   namespace: {{ .Release.Namespace }}
16 | {{- end -}}
17 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/dist/chart/templates/rbac/service_account.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enable }}
 2 | apiVersion: v1
 3 | kind: ServiceAccount
 4 | metadata:
 5 |   labels:
 6 |     {{- include "chart.labels" . | nindent 4 }}
 7 |   {{- if and .Values.controllerManager.serviceAccount .Values.controllerManager.serviceAccount.annotations }}
 8 |   annotations:
 9 |     {{- range $key, $value := .Values.controllerManager.serviceAccount.annotations }}
10 |     {{ $key }}: {{ $value }}
11 |     {{- end }}
12 |   {{- end }}
13 |   name: {{ .Values.controllerManager.serviceAccountName }}
14 |   namespace: {{ .Release.Namespace }}
15 | {{- end -}}
16 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/dist/chart/templates/webhook/service.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.webhook.enable }}
 2 | apiVersion: v1
 3 | kind: Service
 4 | metadata:
 5 |   name: project-webhook-service
 6 |   namespace: {{ .Release.Namespace }}
 7 |   labels:
 8 |     {{- include "chart.labels" . | nindent 4 }}
 9 | spec:
10 |   ports:
11 |     - port: 443
12 |       protocol: TCP
13 |       targetPort: 9443
14 |   selector:
15 |     control-plane: controller-manager
16 | {{- end }}
17 | 


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/testdata/project/hack/boilerplate.go.txt:
--------------------------------------------------------------------------------
 1 | /*
 2 | Copyright 2025 The Kubernetes authors.
 3 | 
 4 | Licensed under the Apache License, Version 2.0 (the "License");
 5 | you may not use this file except in compliance with the License.
 6 | You may obtain a copy of the License at
 7 | 
 8 |     http://www.apache.org/licenses/LICENSE-2.0
 9 | 
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */


--------------------------------------------------------------------------------
/docs/book/src/multiversion-tutorial/webhooks.md:
--------------------------------------------------------------------------------
 1 | # Setting up the webhooks
 2 | 
 3 | Our conversion is in place, so all that's left is to tell
 4 | controller-runtime about our conversion.
 5 | 
 6 | ## Webhook setup...
 7 | 
 8 | {{#literatego ./testdata/project/internal/webhook/v1/cronjob_webhook.go}}
 9 | 
10 | ## ...and `main.go`
11 | 
12 | Similarly, our existing main file is sufficient:
13 | 
14 | {{#literatego ./testdata/project/cmd/main.go}}
15 | 
16 | Everything's set up and ready to go!  All that's left now is to test out
17 | our webhooks.
18 | 


--------------------------------------------------------------------------------
/docs/book/src/plugins/available-plugins.md:
--------------------------------------------------------------------------------
1 | # Available plugins
2 | 
3 | This section describes the plugins supported and shipped in with the Kubebuilder project.
4 | 
5 | {{#include to-scaffold-project.md }}
6 | {{#include to-add-optional-features.md }}
7 | {{#include to-be-extended.md }}
8 | 
9 | [plugin-versions]: plugins-versioning.md


--------------------------------------------------------------------------------
/docs/book/src/reference/images/pprof-result-visualization.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/kubebuilder/59fbd4cb6af729ec78b3730d396ff4dfd6acb3a4/docs/book/src/reference/images/pprof-result-visualization.png


--------------------------------------------------------------------------------
/docs/book/src/reference/kind-config.yaml:
--------------------------------------------------------------------------------
1 | kind: Cluster
2 | apiVersion: kind.x-k8s.io/v1alpha4
3 | nodes:
4 |   - role: control-plane
5 |   - role: worker
6 |   - role: worker
7 |   - role: worker
8 | 


--------------------------------------------------------------------------------
/docs/book/src/reference/markers/crd-processing.md:
--------------------------------------------------------------------------------
1 | # CRD Processing
2 | 
3 | These markers help control how the Kubernetes API server processes API
4 | requests involving your custom resources.
5 | 
6 | See [Generating CRDs](/reference/generating-crd.md) for examples.
7 | 
8 | {{#markerdocs CRD processing}}
9 | 


--------------------------------------------------------------------------------
/docs/book/src/reference/markers/crd-validation.md:
--------------------------------------------------------------------------------
 1 | # CRD Validation
 2 | 
 3 | These markers modify how the CRD validation schema is produced for the
 4 | types and fields they modify.  Each corresponds roughly to an OpenAPI/JSON
 5 | schema option.
 6 | 
 7 | See [Generating CRDs](/reference/generating-crd.md) for examples.
 8 | 
 9 | <aside class="note">
10 | <h1>Understanding Marker Grouping in Documentation</h1>
11 | 
12 | Certain markers may seem duplicated. However, these markers are grouped based on their context of use
13 | — such as fields, types, or arrays. For instance, a marker like `+kubebuilder:validation:Enum` can be applied to
14 | individual fields or array items, and this flexibility is reflected in the documentation.
15 | 
16 | The grouping ensures clarity by showing how the same marker can be reused for different purposes.
17 | 
18 | </aside>
19 | 
20 | 
21 | {{#markerdocs CRD validation}}
22 | 


--------------------------------------------------------------------------------
/docs/book/src/reference/markers/crd.md:
--------------------------------------------------------------------------------
 1 | # CRD Generation
 2 | 
 3 | These markers describe how to construct a custom resource definition from
 4 | a series of Go types and packages.  Generation of the actual validation
 5 | schema is described by the [validation markers](./crd-validation.md).
 6 | 
 7 | See [Generating CRDs](../generating-crd.md) for examples.
 8 | 
 9 | {{#markerdocs CRD}}
10 | 


--------------------------------------------------------------------------------
/docs/book/src/reference/markers/object.md:
--------------------------------------------------------------------------------
1 | # Object/DeepCopy
2 | 
3 | These markers control when `DeepCopy` and `runtime.Object` implementation
4 | methods are generated.
5 | 
6 | {{#markerdocs object}}
7 | 


--------------------------------------------------------------------------------
/docs/book/src/reference/markers/rbac.md:
--------------------------------------------------------------------------------
 1 | # RBAC
 2 | 
 3 | These markers cause an [RBAC
 4 | ClusterRole](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#role-and-clusterrole)
 5 | to be generated.  This allows you to describe the permissions that your
 6 | controller requires alongside the code that makes use of those
 7 | permissions.
 8 | 
 9 | {{#markerdocs RBAC}}
10 | 


--------------------------------------------------------------------------------
/docs/book/src/reference/markers/webhook.md:
--------------------------------------------------------------------------------
1 | # Webhook
2 | 
3 | These markers describe how [webhook configuration](../webhook-overview.md) is generated.
4 | Use these to keep the description of your webhooks close to the code that
5 | implements them.
6 | 
7 | {{#markerdocs Webhook}}
8 | 


--------------------------------------------------------------------------------
/docs/book/src/simple-external-plugin-tutorial/testdata/sampleexternalplugin/v1/go.mod:
--------------------------------------------------------------------------------
 1 | module v1
 2 | 
 3 | go 1.24.0
 4 | 
 5 | require (
 6 | 	github.com/spf13/pflag v1.0.6
 7 | 	sigs.k8s.io/kubebuilder/v4 v4.6.0
 8 | )
 9 | 
10 | require (
11 | 	github.com/gobuffalo/flect v1.0.3 // indirect
12 | 	github.com/spf13/afero v1.14.0 // indirect
13 | 	golang.org/x/mod v0.24.0 // indirect
14 | 	golang.org/x/sync v0.14.0 // indirect
15 | 	golang.org/x/text v0.25.0 // indirect
16 | 	golang.org/x/tools v0.33.0 // indirect
17 | )
18 | 


--------------------------------------------------------------------------------
/docs/book/src/simple-external-plugin-tutorial/testdata/sampleexternalplugin/v1/main.go:
--------------------------------------------------------------------------------
 1 | /*
 2 | Copyright 2022 The Kubernetes Authors.
 3 | 
 4 | Licensed under the Apache License, Version 2.0 (the "License");
 5 | you may not use this file except in compliance with the License.
 6 | You may obtain a copy of the License at
 7 | 
 8 |     http://www.apache.org/licenses/LICENSE-2.0
 9 | 
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | 
17 | package main
18 | 
19 | import (
20 | 	"v1/cmd"
21 | )
22 | 
23 | func main() {
24 | 	cmd.Run()
25 | }
26 | 


--------------------------------------------------------------------------------
/docs/book/src/simple-external-plugin-tutorial/testdata/sampleexternalplugin/v1/testdata/testplugin/PROJECT:
--------------------------------------------------------------------------------
1 | # Code generated by tool. DO NOT EDIT.
2 | # This file is used to track the info used to scaffold your project
3 | # and allow the plugins properly work.
4 | # More info: https://book.kubebuilder.io/reference/project-config.html
5 | cliVersion: 4.6.0
6 | layout:
7 | - sampleexternalplugin/v1
8 | version: "3"
9 | 


--------------------------------------------------------------------------------
/docs/book/src/simple-external-plugin-tutorial/testdata/sampleexternalplugin/v1/testdata/testplugin/apiFile.txt:
--------------------------------------------------------------------------------
1 | A simple text file created with the create api subcommand
2 | NUMBER: 2
3 | GROUP: samplegroup
4 | VERSION: v1
5 | KIND: SampleKind


--------------------------------------------------------------------------------
/docs/book/src/simple-external-plugin-tutorial/testdata/sampleexternalplugin/v1/testdata/testplugin/initFile.txt:
--------------------------------------------------------------------------------
1 | A simple text file created with the `init` subcommand
2 | DOMAIN: sample.domain.com


--------------------------------------------------------------------------------
/docs/book/theme/css/custom.css:
--------------------------------------------------------------------------------
1 | .menu-title img {
2 |     vertical-align: bottom;
3 | }
4 | 
5 | #sidebar-toggle-anchor:checked .page-wrapper {
6 |     margin-inline-start: calc(var(--sidebar-width) + var(--sidebar-resize-indicator-width));
7 | }
8 | 


--------------------------------------------------------------------------------
/docs/book/theme/css/version-dropdown.css:
--------------------------------------------------------------------------------
 1 | .version-dropdown-content {
 2 |     display: none;
 3 |     position: absolute;
 4 |     background-color: #f9f9f9;
 5 |     min-width: 90px;
 6 |     box-shadow: 0px 8px 16px 0px rgba(0, 0, 0, 0.2);
 7 |     z-index: 1;
 8 |   }
 9 |   
10 |   .version-dropdown-content a {
11 |     color: black;
12 |     padding: 12px 16px;
13 |     text-decoration: none;
14 |     display: block;
15 |   }
16 |   
17 |   .version-dropdown-content a:hover {
18 |     background-color: #f1f1f1;
19 |   }
20 |   
21 |   .version-dropdown:hover .version-dropdown-content {
22 |     display: block;
23 |   }


--------------------------------------------------------------------------------
/docs/book/utils/go.mod:
--------------------------------------------------------------------------------
1 | module sigs.k8s.io/kubebuilder/docs/book/utils
2 | 
3 | go 1.19
4 | 


--------------------------------------------------------------------------------
/docs/book/utils/go.sum:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/kubebuilder/59fbd4cb6af729ec78b3730d396ff4dfd6acb3a4/docs/book/utils/go.sum


--------------------------------------------------------------------------------
/docs/gif/implementapi.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/kubebuilder/59fbd4cb6af729ec78b3730d396ff4dfd6acb3a4/docs/gif/implementapi.gif


--------------------------------------------------------------------------------
/docs/gif/quickstart-1.0.0.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/kubebuilder/59fbd4cb6af729ec78b3730d396ff4dfd6acb3a4/docs/gif/quickstart-1.0.0.gif


--------------------------------------------------------------------------------
/docs/gif/quickstart.gif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/kubernetes-sigs/kubebuilder/59fbd4cb6af729ec78b3730d396ff4dfd6acb3a4/docs/gif/quickstart.gif


--------------------------------------------------------------------------------
/main.go:
--------------------------------------------------------------------------------
 1 | /*
 2 | Copyright 2020 The Kubernetes Authors.
 3 | 
 4 | Licensed under the Apache License, Version 2.0 (the "License");
 5 | you may not use this file except in compliance with the License.
 6 | You may obtain a copy of the License at
 7 | 
 8 |     http://www.apache.org/licenses/LICENSE-2.0
 9 | 
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | 
17 | package main
18 | 
19 | import "sigs.k8s.io/kubebuilder/v4/cmd"
20 | 
21 | func main() {
22 | 	cmd.Run()
23 | }
24 | 


--------------------------------------------------------------------------------
/pkg/cli/doc.go:
--------------------------------------------------------------------------------
 1 | /*
 2 | Copyright 2020 The Kubernetes Authors.
 3 | 
 4 | Licensed under the Apache License, Version 2.0 (the "License");
 5 | you may not use this file except in compliance with the License.
 6 | You may obtain a copy of the License at
 7 | 
 8 |     http://www.apache.org/licenses/LICENSE-2.0
 9 | 
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | 
17 | // Package cli provides the required tools to build a CLI utility that creates
18 | // scaffolds for operator projects.
19 | //
20 | // It is the entrypoint for any CLI that wants to use kubebuilder's scaffolding
21 | // capabilities.
22 | package cli
23 | 


--------------------------------------------------------------------------------
/pkg/config/suite_test.go:
--------------------------------------------------------------------------------
 1 | /*
 2 | Copyright 2022 The Kubernetes Authors.
 3 | 
 4 | Licensed under the Apache License, Version 2.0 (the "License");
 5 | you may not use this file except in compliance with the License.
 6 | You may obtain a copy of the License at
 7 | 
 8 |     http://www.apache.org/licenses/LICENSE-2.0
 9 | 
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | 
17 | package config
18 | 
19 | import (
20 | 	"testing"
21 | 
22 | 	. "github.com/onsi/ginkgo/v2"
23 | 	. "github.com/onsi/gomega"
24 | )
25 | 
26 | func TestConfig(t *testing.T) {
27 | 	RegisterFailHandler(Fail)
28 | 	RunSpecs(t, "Config Suite")
29 | }
30 | 


--------------------------------------------------------------------------------
/pkg/machinery/filesystem.go:
--------------------------------------------------------------------------------
 1 | /*
 2 | Copyright 2022 The Kubernetes Authors.
 3 | 
 4 | Licensed under the Apache License, Version 2.0 (the "License");
 5 | you may not use this file except in compliance with the License.
 6 | You may obtain a copy of the License at
 7 | 
 8 |     http://www.apache.org/licenses/LICENSE-2.0
 9 | 
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | 
17 | package machinery
18 | 
19 | import (
20 | 	"github.com/spf13/afero"
21 | )
22 | 
23 | // Filesystem abstracts the underlying disk for scaffolding
24 | type Filesystem struct {
25 | 	FS afero.Fs
26 | }
27 | 


--------------------------------------------------------------------------------
/pkg/machinery/machinery_suite_test.go:
--------------------------------------------------------------------------------
 1 | /*
 2 | Copyright 2022 The Kubernetes Authors.
 3 | 
 4 | Licensed under the Apache License, Version 2.0 (the "License");
 5 | you may not use this file except in compliance with the License.
 6 | You may obtain a copy of the License at
 7 | 
 8 |     http://www.apache.org/licenses/LICENSE-2.0
 9 | 
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | 
17 | package machinery
18 | 
19 | import (
20 | 	"testing"
21 | 
22 | 	. "github.com/onsi/ginkgo/v2"
23 | 	. "github.com/onsi/gomega"
24 | )
25 | 
26 | func TestMachinery(t *testing.T) {
27 | 	RegisterFailHandler(Fail)
28 | 	RunSpecs(t, "Machinery suite")
29 | }
30 | 


--------------------------------------------------------------------------------
/pkg/model/resource/suite_test.go:
--------------------------------------------------------------------------------
 1 | /*
 2 | Copyright 2020 The Kubernetes Authors.
 3 | 
 4 | Licensed under the Apache License, Version 2.0 (the "License");
 5 | you may not use this file except in compliance with the License.
 6 | You may obtain a copy of the License at
 7 | 
 8 |     http://www.apache.org/licenses/LICENSE-2.0
 9 | 
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | 
17 | package resource
18 | 
19 | import (
20 | 	"testing"
21 | 
22 | 	. "github.com/onsi/ginkgo/v2"
23 | 	. "github.com/onsi/gomega"
24 | )
25 | 
26 | const v1 = "v1"
27 | 
28 | func TestResource(t *testing.T) {
29 | 	RegisterFailHandler(Fail)
30 | 	RunSpecs(t, "Resource Suite")
31 | }
32 | 


--------------------------------------------------------------------------------
/pkg/plugin/util/suite_test.go:
--------------------------------------------------------------------------------
 1 | /*
 2 | Copyright 2024 The Kubernetes Authors.
 3 | 
 4 | Licensed under the Apache License, Version 2.0 (the "License");
 5 | you may not use this file except in compliance with the License.
 6 | You may obtain a copy of the License at
 7 | 
 8 |     http://www.apache.org/licenses/LICENSE-2.0
 9 | 
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | 
17 | package util
18 | 
19 | import (
20 | 	"testing"
21 | 
22 | 	. "github.com/onsi/ginkgo/v2"
23 | 	. "github.com/onsi/gomega"
24 | )
25 | 
26 | func TestStage(t *testing.T) {
27 | 	RegisterFailHandler(Fail)
28 | 	RunSpecs(t, "Utils Suite")
29 | }
30 | 


--------------------------------------------------------------------------------
/pkg/plugins/domain.go:
--------------------------------------------------------------------------------
 1 | /*
 2 | Copyright 2020 The Kubernetes Authors.
 3 | 
 4 | Licensed under the Apache License, Version 2.0 (the "License");
 5 | you may not use this file except in compliance with the License.
 6 | You may obtain a copy of the License at
 7 | 
 8 |     http://www.apache.org/licenses/LICENSE-2.0
 9 | 
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | 
17 | package plugins
18 | 
19 | // DefaultNameQualifier is the suffix appended to all kubebuilder plugin names.
20 | const DefaultNameQualifier = "kubebuilder.io"
21 | 


--------------------------------------------------------------------------------
/pkg/plugins/golang/domain.go:
--------------------------------------------------------------------------------
 1 | /*
 2 | Copyright 2020 The Kubernetes Authors.
 3 | 
 4 | Licensed under the Apache License, Version 2.0 (the "License");
 5 | you may not use this file except in compliance with the License.
 6 | You may obtain a copy of the License at
 7 | 
 8 |     http://www.apache.org/licenses/LICENSE-2.0
 9 | 
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | 
17 | package golang
18 | 
19 | import "sigs.k8s.io/kubebuilder/v4/pkg/plugins"
20 | 
21 | // DefaultNameQualifier is the suffix appended to all kubebuilder plugin names for Golang operators.
22 | const DefaultNameQualifier = "go." + plugins.DefaultNameQualifier
23 | 


--------------------------------------------------------------------------------
/pkg/plugins/golang/suite_test.go:
--------------------------------------------------------------------------------
 1 | /*
 2 | Copyright 2022 The Kubernetes Authors.
 3 | 
 4 | Licensed under the Apache License, Version 2.0 (the "License");
 5 | you may not use this file except in compliance with the License.
 6 | You may obtain a copy of the License at
 7 | 
 8 |     http://www.apache.org/licenses/LICENSE-2.0
 9 | 
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | 
17 | package golang
18 | 
19 | import (
20 | 	"testing"
21 | 
22 | 	. "github.com/onsi/ginkgo/v2"
23 | 	. "github.com/onsi/gomega"
24 | )
25 | 
26 | func TestGoPlugin(t *testing.T) {
27 | 	RegisterFailHandler(Fail)
28 | 	RunSpecs(t, "Go Plugin Suite")
29 | }
30 | 


--------------------------------------------------------------------------------
/pkg/plugins/golang/v4/scaffolds/doc.go:
--------------------------------------------------------------------------------
 1 | /*
 2 | Copyright 2022 The Kubernetes Authors.
 3 | 
 4 | Licensed under the Apache License, Version 2.0 (the "License");
 5 | you may not use this file except in compliance with the License.
 6 | You may obtain a copy of the License at
 7 | 
 8 |     http://www.apache.org/licenses/LICENSE-2.0
 9 | 
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | 
17 | // Package scaffolds contains libraries for scaffolding code to use with controller-runtime
18 | package scaffolds
19 | 


--------------------------------------------------------------------------------
/scripts/demo/README.md:
--------------------------------------------------------------------------------
 1 | This directory contains scripts to run a quick demo of Kubebuilder.
 2 | 
 3 | Steps to run demo:
 4 | 
 5 | ```sh
 6 | mkdir /tmp/kb-demo
 7 | cd /tmp/kb-demo
 8 | DEMO_AUTO_RUN=1 ./run.sh
 9 | 
10 | ```
11 | 
12 | Instructions for producing the demo movie:
13 | 
14 | ```sh
15 | 
16 | # Create temporary directory
17 | mkdir /tmp/kb-demo
18 | cd /tmp/kb-demo
19 | 
20 | asciinema rec
21 | <path-to-KB-repo>/scripts/demo/run.sh
22 | 
23 | # After each step, press <Enter> to proceed to the next step
24 | 
25 | <CTRL-C> to terminate the script
26 | <CTRL-D> to terminate the asciinema recording
27 | <CTRL-C> to save the recording locally
28 | 
29 | # Edit the recorded file by editing the controller-gen path
30 | # Once you are happy with the recording, use svg-term program to generate the svg
31 | 
32 | svg-term --in=<cast-file-path> --out demo.svg --window
33 | ```
34 | 


--------------------------------------------------------------------------------
/test.sh:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | 
 3 | # Copyright 2018 The Kubernetes Authors.
 4 | #
 5 | # Licensed under the Apache License, Version 2.0 (the "License");
 6 | # you may not use this file except in compliance with the License.
 7 | # You may obtain a copy of the License at
 8 | #
 9 | #     http://www.apache.org/licenses/LICENSE-2.0
10 | #
11 | # Unless required by applicable law or agreed to in writing, software
12 | # distributed under the License is distributed on an "AS IS" BASIS,
13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | # See the License for the specific language governing permissions and
15 | # limitations under the License.
16 | 
17 | # prow calls this file currently, but we can just use `make test` to test
18 | # the set of things we want.
19 | make test
20 | 


--------------------------------------------------------------------------------
/test/check_spaces.sh:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | 
 3 | # Copyright 2024 The Kubernetes Authors.
 4 | #
 5 | # Licensed under the Apache License, Version 2.0 (the "License");
 6 | # you may not use this file except in compliance with the License.
 7 | # You may obtain a copy of the License at
 8 | #
 9 | #     http://www.apache.org/licenses/LICENSE-2.0
10 | #
11 | # Unless required by applicable law or agreed to in writing, software
12 | # distributed under the License is distributed on an "AS IS" BASIS,
13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | # See the License for the specific language governing permissions and
15 | # limitations under the License.
16 | 
17 | function validate_docs_trailing_spaces {
18 |   if find . -type f -name "*.md" -exec grep -Hn '[[:space:]]$' {} +; then
19 |       echo "Trailing spaces were found in docs files"
20 |       exit 1
21 |   fi
22 | 
23 | }
24 | 
25 | validate_docs_trailing_spaces
26 | 


--------------------------------------------------------------------------------
/test/e2e/ci.sh:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | 
 3 | # Copyright 2018 The Kubernetes Authors.
 4 | #
 5 | # Licensed under the Apache License, Version 2.0 (the "License");
 6 | # you may not use this file except in compliance with the License.
 7 | # You may obtain a copy of the License at
 8 | #
 9 | #     http://www.apache.org/licenses/LICENSE-2.0
10 | #
11 | # Unless required by applicable law or agreed to in writing, software
12 | # distributed under the License is distributed on an "AS IS" BASIS,
13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | # See the License for the specific language governing permissions and
15 | # limitations under the License.
16 | 
17 | source "$(dirname "$0")/../common.sh"
18 | source "$(dirname "$0")/setup.sh"
19 | 
20 | export KIND_CLUSTER="kind"
21 | create_cluster ${KIND_K8S_VERSION}
22 | trap delete_cluster EXIT
23 | 
24 | test_cluster -v -ginkgo.vv
25 | 


--------------------------------------------------------------------------------
/test/e2e/kind-config.yaml:
--------------------------------------------------------------------------------
 1 | #  Copyright 2020 The Kubernetes Authors.
 2 | #
 3 | #  Licensed under the Apache License, Version 2.0 (the "License");
 4 | #  you may not use this file except in compliance with the License.
 5 | #  You may obtain a copy of the License at
 6 | #
 7 | #      http://www.apache.org/licenses/LICENSE-2.0
 8 | #
 9 | #  Unless required by applicable law or agreed to in writing, software
10 | #  distributed under the License is distributed on an "AS IS" BASIS,
11 | #  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | #  See the License for the specific language governing permissions and
13 | #  limitations under the License.
14 | 
15 | kind: Cluster
16 | apiVersion: kind.x-k8s.io/v1alpha4
17 | networking:
18 |   disableDefaultCNI: false # Let it use default CNI so we can test NetworkPolicies
19 | nodes:
20 |   - role: control-plane
21 | 


--------------------------------------------------------------------------------
/test/e2e/utils/suite_test.go:
--------------------------------------------------------------------------------
 1 | /*
 2 | Copyright 2022 The Kubernetes Authors.
 3 | 
 4 | Licensed under the Apache License, Version 2.0 (the "License");
 5 | you may not use this file except in compliance with the License.
 6 | You may obtain a copy of the License at
 7 | 
 8 |     http://www.apache.org/licenses/LICENSE-2.0
 9 | 
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | 
17 | package utils
18 | 
19 | import (
20 | 	"testing"
21 | 
22 | 	. "github.com/onsi/ginkgo/v2"
23 | 	. "github.com/onsi/gomega"
24 | )
25 | 
26 | func TestUtils(t *testing.T) {
27 | 	RegisterFailHandler(Fail)
28 | 	RunSpecs(t, "Utils Suite")
29 | }
30 | 


--------------------------------------------------------------------------------
/test_e2e.sh:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | 
 3 | # Copyright 2018 The Kubernetes Authors.
 4 | #
 5 | # Licensed under the Apache License, Version 2.0 (the "License");
 6 | # you may not use this file except in compliance with the License.
 7 | # You may obtain a copy of the License at
 8 | #
 9 | #     http://www.apache.org/licenses/LICENSE-2.0
10 | #
11 | # Unless required by applicable law or agreed to in writing, software
12 | # distributed under the License is distributed on an "AS IS" BASIS,
13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | # See the License for the specific language governing permissions and
15 | # limitations under the License.
16 | 
17 | ./test/e2e/ci.sh
18 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/.devcontainer/devcontainer.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "name": "Kubebuilder DevContainer",
 3 |   "image": "golang:1.24",
 4 |   "features": {
 5 |     "ghcr.io/devcontainers/features/docker-in-docker:2": {},
 6 |     "ghcr.io/devcontainers/features/git:1": {}
 7 |   },
 8 | 
 9 |   "runArgs": ["--network=host"],
10 | 
11 |   "customizations": {
12 |     "vscode": {
13 |       "settings": {
14 |         "terminal.integrated.shell.linux": "/bin/bash"
15 |       },
16 |       "extensions": [
17 |         "ms-kubernetes-tools.vscode-kubernetes-tools",
18 |         "ms-azuretools.vscode-docker"
19 |       ]
20 |     }
21 |   },
22 | 
23 |   "onCreateCommand": "bash .devcontainer/post-install.sh"
24 | }
25 | 
26 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/.devcontainer/post-install.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | set -x
 3 | 
 4 | curl -Lo ./kind https://kind.sigs.k8s.io/dl/latest/kind-linux-amd64
 5 | chmod +x ./kind
 6 | mv ./kind /usr/local/bin/kind
 7 | 
 8 | curl -L -o kubebuilder https://go.kubebuilder.io/dl/latest/linux/amd64
 9 | chmod +x kubebuilder
10 | mv kubebuilder /usr/local/bin/
11 | 
12 | KUBECTL_VERSION=$(curl -L -s https://dl.k8s.io/release/stable.txt)
13 | curl -LO "https://dl.k8s.io/release/$KUBECTL_VERSION/bin/linux/amd64/kubectl"
14 | chmod +x kubectl
15 | mv kubectl /usr/local/bin/kubectl
16 | 
17 | docker network create -d=bridge --subnet=172.19.0.0/24 kind
18 | 
19 | kind version
20 | kubebuilder version
21 | docker --version
22 | go version
23 | kubectl version --client
24 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/.dockerignore:
--------------------------------------------------------------------------------
1 | # More info: https://docs.docker.com/engine/reference/builder/#dockerignore-file
2 | # Ignore build and test binaries.
3 | bin/
4 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/.github/workflows/lint.yml:
--------------------------------------------------------------------------------
 1 | name: Lint
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 | 
 7 | jobs:
 8 |   lint:
 9 |     name: Run on Ubuntu
10 |     runs-on: ubuntu-latest
11 |     steps:
12 |       - name: Clone the code
13 |         uses: actions/checkout@v4
14 | 
15 |       - name: Setup Go
16 |         uses: actions/setup-go@v5
17 |         with:
18 |           go-version-file: go.mod
19 | 
20 |       - name: Run linter
21 |         uses: golangci/golangci-lint-action@v8
22 |         with:
23 |           version: v2.1.0
24 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/.github/workflows/test-e2e.yml:
--------------------------------------------------------------------------------
 1 | name: E2E Tests
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 | 
 7 | jobs:
 8 |   test-e2e:
 9 |     name: Run on Ubuntu
10 |     runs-on: ubuntu-latest
11 |     steps:
12 |       - name: Clone the code
13 |         uses: actions/checkout@v4
14 | 
15 |       - name: Setup Go
16 |         uses: actions/setup-go@v5
17 |         with:
18 |           go-version-file: go.mod
19 | 
20 |       - name: Install the latest version of kind
21 |         run: |
22 |           curl -Lo ./kind https://kind.sigs.k8s.io/dl/latest/kind-linux-amd64
23 |           chmod +x ./kind
24 |           sudo mv ./kind /usr/local/bin/kind
25 | 
26 |       - name: Verify kind installation
27 |         run: kind version
28 | 
29 |       - name: Running Test e2e
30 |         run: |
31 |           go mod tidy
32 |           make test-e2e
33 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/.github/workflows/test.yml:
--------------------------------------------------------------------------------
 1 | name: Tests
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 | 
 7 | jobs:
 8 |   test:
 9 |     name: Run on Ubuntu
10 |     runs-on: ubuntu-latest
11 |     steps:
12 |       - name: Clone the code
13 |         uses: actions/checkout@v4
14 | 
15 |       - name: Setup Go
16 |         uses: actions/setup-go@v5
17 |         with:
18 |           go-version-file: go.mod
19 | 
20 |       - name: Running Tests
21 |         run: |
22 |           go mod tidy
23 |           make test
24 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/.gitignore:
--------------------------------------------------------------------------------
 1 | # Binaries for programs and plugins
 2 | *.exe
 3 | *.exe~
 4 | *.dll
 5 | *.so
 6 | *.dylib
 7 | bin/*
 8 | Dockerfile.cross
 9 | 
10 | # Test binary, built with `go test -c`
11 | *.test
12 | 
13 | # Output of the go coverage tool, specifically when used with LiteIDE
14 | *.out
15 | 
16 | # Go workspace file
17 | go.work
18 | 
19 | # Kubernetes Generated files - skip generated files, except for vendored files
20 | !vendor/**/zz_generated.*
21 | 
22 | # editor and IDE paraphernalia
23 | .idea
24 | .vscode
25 | *.swp
26 | *.swo
27 | *~
28 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/api/example.com/v1/wordpress_conversion.go:
--------------------------------------------------------------------------------
 1 | /*
 2 | Copyright 2025 The Kubernetes authors.
 3 | 
 4 | Licensed under the Apache License, Version 2.0 (the "License");
 5 | you may not use this file except in compliance with the License.
 6 | You may obtain a copy of the License at
 7 | 
 8 |     http://www.apache.org/licenses/LICENSE-2.0
 9 | 
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | 
17 | package v1
18 | 
19 | // EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
20 | 
21 | // Hub marks this type as a conversion hub.
22 | func (*Wordpress) Hub() {}
23 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/certmanager/certificate-metrics.yaml:
--------------------------------------------------------------------------------
 1 | # The following manifests contain a self-signed issuer CR and a metrics certificate CR.
 2 | # More document can be found at https://docs.cert-manager.io
 3 | apiVersion: cert-manager.io/v1
 4 | kind: Certificate
 5 | metadata:
 6 |   labels:
 7 |     app.kubernetes.io/name: project-v4-multigroup
 8 |     app.kubernetes.io/managed-by: kustomize
 9 |   name: metrics-certs  # this name should match the one appeared in kustomizeconfig.yaml
10 |   namespace: system
11 | spec:
12 |   dnsNames:
13 |   # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
14 |   # replacements in the config/default/kustomization.yaml file.
15 |   - SERVICE_NAME.SERVICE_NAMESPACE.svc
16 |   - SERVICE_NAME.SERVICE_NAMESPACE.svc.cluster.local
17 |   issuerRef:
18 |     kind: Issuer
19 |     name: selfsigned-issuer
20 |   secretName: metrics-server-cert
21 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/certmanager/certificate-webhook.yaml:
--------------------------------------------------------------------------------
 1 | # The following manifests contain a self-signed issuer CR and a certificate CR.
 2 | # More document can be found at https://docs.cert-manager.io
 3 | apiVersion: cert-manager.io/v1
 4 | kind: Certificate
 5 | metadata:
 6 |   labels:
 7 |     app.kubernetes.io/name: project-v4-multigroup
 8 |     app.kubernetes.io/managed-by: kustomize
 9 |   name: serving-cert  # this name should match the one appeared in kustomizeconfig.yaml
10 |   namespace: system
11 | spec:
12 |   # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
13 |   # replacements in the config/default/kustomization.yaml file.
14 |   dnsNames:
15 |   - SERVICE_NAME.SERVICE_NAMESPACE.svc
16 |   - SERVICE_NAME.SERVICE_NAMESPACE.svc.cluster.local
17 |   issuerRef:
18 |     kind: Issuer
19 |     name: selfsigned-issuer
20 |   secretName: webhook-server-cert
21 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/certmanager/issuer.yaml:
--------------------------------------------------------------------------------
 1 | # The following manifest contains a self-signed issuer CR.
 2 | # More information can be found at https://docs.cert-manager.io
 3 | # WARNING: Targets CertManager v1.0. Check https://cert-manager.io/docs/installation/upgrading/ for breaking changes.
 4 | apiVersion: cert-manager.io/v1
 5 | kind: Issuer
 6 | metadata:
 7 |   labels:
 8 |     app.kubernetes.io/name: project-v4-multigroup
 9 |     app.kubernetes.io/managed-by: kustomize
10 |   name: selfsigned-issuer
11 |   namespace: system
12 | spec:
13 |   selfSigned: {}
14 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/certmanager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - issuer.yaml
3 | - certificate-webhook.yaml
4 | - certificate-metrics.yaml
5 | 
6 | configurations:
7 | - kustomizeconfig.yaml
8 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/certmanager/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # This configuration is for teaching kustomize how to update name ref substitution
2 | nameReference:
3 | - kind: Issuer
4 |   group: cert-manager.io
5 |   fieldSpecs:
6 |   - kind: Certificate
7 |     group: cert-manager.io
8 |     path: spec/issuerRef/name
9 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/crd/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
 1 | # This file is for teaching kustomize how to substitute name and namespace reference in CRD
 2 | nameReference:
 3 | - kind: Service
 4 |   version: v1
 5 |   fieldSpecs:
 6 |   - kind: CustomResourceDefinition
 7 |     version: v1
 8 |     group: apiextensions.k8s.io
 9 |     path: spec/conversion/webhook/clientConfig/service/name
10 | 
11 | namespace:
12 | - kind: CustomResourceDefinition
13 |   version: v1
14 |   group: apiextensions.k8s.io
15 |   path: spec/conversion/webhook/clientConfig/service/namespace
16 |   create: false
17 | 
18 | varReference:
19 | - path: metadata/annotations
20 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/crd/patches/webhook_in_example.com_wordpresses.yaml:
--------------------------------------------------------------------------------
 1 | # The following patch enables a conversion webhook for the CRD
 2 | apiVersion: apiextensions.k8s.io/v1
 3 | kind: CustomResourceDefinition
 4 | metadata:
 5 |   name: wordpresses.example.com.testproject.org
 6 | spec:
 7 |   conversion:
 8 |     strategy: Webhook
 9 |     webhook:
10 |       clientConfig:
11 |         service:
12 |           namespace: system
13 |           name: webhook-service
14 |           path: /convert
15 |       conversionReviewVersions:
16 |       - v1
17 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/default/manager_metrics_patch.yaml:
--------------------------------------------------------------------------------
1 | # This patch adds the args to allow exposing the metrics endpoint using HTTPS
2 | - op: add
3 |   path: /spec/template/spec/containers/0/args/0
4 |   value: --metrics-bind-address=:8443
5 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/default/metrics_service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     control-plane: controller-manager
 6 |     app.kubernetes.io/name: project-v4-multigroup
 7 |     app.kubernetes.io/managed-by: kustomize
 8 |   name: controller-manager-metrics-service
 9 |   namespace: system
10 | spec:
11 |   ports:
12 |   - name: https
13 |     port: 8443
14 |     protocol: TCP
15 |     targetPort: 8443
16 |   selector:
17 |     control-plane: controller-manager
18 |     app.kubernetes.io/name: project-v4-multigroup
19 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/manager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manager.yaml
3 | apiVersion: kustomize.config.k8s.io/v1beta1
4 | kind: Kustomization
5 | images:
6 | - name: controller
7 |   newName: controller
8 |   newTag: latest
9 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/network-policy/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - allow-webhook-traffic.yaml
3 | - allow-metrics-traffic.yaml
4 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/prometheus/kustomization.yaml:
--------------------------------------------------------------------------------
 1 | resources:
 2 | - monitor.yaml
 3 | 
 4 | # [PROMETHEUS-WITH-CERTS] The following patch configures the ServiceMonitor in ../prometheus
 5 | # to securely reference certificates created and managed by cert-manager.
 6 | # Additionally, ensure that you uncomment the [METRICS WITH CERTMANAGER] patch under config/default/kustomization.yaml
 7 | # to mount the "metrics-server-cert" secret in the Manager Deployment.
 8 | #patches:
 9 | #  - path: monitor_tls_patch.yaml
10 | #    target:
11 | #      kind: ServiceMonitor
12 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/prometheus/monitor_tls_patch.yaml:
--------------------------------------------------------------------------------
 1 | # Patch for Prometheus ServiceMonitor to enable secure TLS configuration
 2 | # using certificates managed by cert-manager
 3 | - op: replace
 4 |   path: /spec/endpoints/0/tlsConfig
 5 |   value:
 6 |     # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
 7 |     serverName: SERVICE_NAME.SERVICE_NAMESPACE.svc
 8 |     insecureSkipVerify: false
 9 |     ca:
10 |       secret:
11 |         name: metrics-server-cert
12 |         key: ca.crt
13 |     cert:
14 |       secret:
15 |         name: metrics-server-cert
16 |         key: tls.crt
17 |     keySecret:
18 |       name: metrics-server-cert
19 |       key: tls.key
20 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/rbac/crew_captain_admin_role.yaml:
--------------------------------------------------------------------------------
 1 | # This rule is not used by the project project-v4-multigroup itself.
 2 | # It is provided to allow the cluster admin to help manage permissions for users.
 3 | #
 4 | # Grants full permissions ('*') over crew.testproject.org.
 5 | # This role is intended for users authorized to modify roles and bindings within the cluster,
 6 | # enabling them to delegate specific permissions to other users or groups as needed.
 7 | 
 8 | apiVersion: rbac.authorization.k8s.io/v1
 9 | kind: ClusterRole
10 | metadata:
11 |   labels:
12 |     app.kubernetes.io/name: project-v4-multigroup
13 |     app.kubernetes.io/managed-by: kustomize
14 |   name: crew-captain-admin-role
15 | rules:
16 | - apiGroups:
17 |   - crew.testproject.org
18 |   resources:
19 |   - captains
20 |   verbs:
21 |   - '*'
22 | - apiGroups:
23 |   - crew.testproject.org
24 |   resources:
25 |   - captains/status
26 |   verbs:
27 |   - get
28 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/rbac/fiz_bar_admin_role.yaml:
--------------------------------------------------------------------------------
 1 | # This rule is not used by the project project-v4-multigroup itself.
 2 | # It is provided to allow the cluster admin to help manage permissions for users.
 3 | #
 4 | # Grants full permissions ('*') over fiz.testproject.org.
 5 | # This role is intended for users authorized to modify roles and bindings within the cluster,
 6 | # enabling them to delegate specific permissions to other users or groups as needed.
 7 | 
 8 | apiVersion: rbac.authorization.k8s.io/v1
 9 | kind: ClusterRole
10 | metadata:
11 |   labels:
12 |     app.kubernetes.io/name: project-v4-multigroup
13 |     app.kubernetes.io/managed-by: kustomize
14 |   name: fiz-bar-admin-role
15 | rules:
16 | - apiGroups:
17 |   - fiz.testproject.org
18 |   resources:
19 |   - bars
20 |   verbs:
21 |   - '*'
22 | - apiGroups:
23 |   - fiz.testproject.org
24 |   resources:
25 |   - bars/status
26 |   verbs:
27 |   - get
28 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/rbac/foo_bar_admin_role.yaml:
--------------------------------------------------------------------------------
 1 | # This rule is not used by the project project-v4-multigroup itself.
 2 | # It is provided to allow the cluster admin to help manage permissions for users.
 3 | #
 4 | # Grants full permissions ('*') over foo.testproject.org.
 5 | # This role is intended for users authorized to modify roles and bindings within the cluster,
 6 | # enabling them to delegate specific permissions to other users or groups as needed.
 7 | 
 8 | apiVersion: rbac.authorization.k8s.io/v1
 9 | kind: ClusterRole
10 | metadata:
11 |   labels:
12 |     app.kubernetes.io/name: project-v4-multigroup
13 |     app.kubernetes.io/managed-by: kustomize
14 |   name: foo-bar-admin-role
15 | rules:
16 | - apiGroups:
17 |   - foo.testproject.org
18 |   resources:
19 |   - bars
20 |   verbs:
21 |   - '*'
22 | - apiGroups:
23 |   - foo.testproject.org
24 |   resources:
25 |   - bars/status
26 |   verbs:
27 |   - get
28 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/rbac/leader_election_role.yaml:
--------------------------------------------------------------------------------
 1 | # permissions to do leader election.
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: Role
 4 | metadata:
 5 |   labels:
 6 |     app.kubernetes.io/name: project-v4-multigroup
 7 |     app.kubernetes.io/managed-by: kustomize
 8 |   name: leader-election-role
 9 | rules:
10 | - apiGroups:
11 |   - ""
12 |   resources:
13 |   - configmaps
14 |   verbs:
15 |   - get
16 |   - list
17 |   - watch
18 |   - create
19 |   - update
20 |   - patch
21 |   - delete
22 | - apiGroups:
23 |   - coordination.k8s.io
24 |   resources:
25 |   - leases
26 |   verbs:
27 |   - get
28 |   - list
29 |   - watch
30 |   - create
31 |   - update
32 |   - patch
33 |   - delete
34 | - apiGroups:
35 |   - ""
36 |   resources:
37 |   - events
38 |   verbs:
39 |   - create
40 |   - patch
41 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/rbac/leader_election_role_binding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: RoleBinding
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4-multigroup
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: leader-election-rolebinding
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: Role
11 |   name: leader-election-role
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: controller-manager
15 |   namespace: system
16 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/rbac/metrics_auth_role.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRole
 3 | metadata:
 4 |   name: metrics-auth-role
 5 | rules:
 6 | - apiGroups:
 7 |   - authentication.k8s.io
 8 |   resources:
 9 |   - tokenreviews
10 |   verbs:
11 |   - create
12 | - apiGroups:
13 |   - authorization.k8s.io
14 |   resources:
15 |   - subjectaccessreviews
16 |   verbs:
17 |   - create
18 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/rbac/metrics_auth_role_binding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRoleBinding
 3 | metadata:
 4 |   name: metrics-auth-rolebinding
 5 | roleRef:
 6 |   apiGroup: rbac.authorization.k8s.io
 7 |   kind: ClusterRole
 8 |   name: metrics-auth-role
 9 | subjects:
10 | - kind: ServiceAccount
11 |   name: controller-manager
12 |   namespace: system
13 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/rbac/metrics_reader_role.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRole
 3 | metadata:
 4 |   name: metrics-reader
 5 | rules:
 6 | - nonResourceURLs:
 7 |   - "/metrics"
 8 |   verbs:
 9 |   - get
10 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/rbac/role_binding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRoleBinding
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4-multigroup
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: manager-rolebinding
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: ClusterRole
11 |   name: manager-role
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: controller-manager
15 |   namespace: system
16 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/rbac/service_account.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 |   labels:
5 |     app.kubernetes.io/name: project-v4-multigroup
6 |     app.kubernetes.io/managed-by: kustomize
7 |   name: controller-manager
8 |   namespace: system
9 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/rbac/ship_cruiser_admin_role.yaml:
--------------------------------------------------------------------------------
 1 | # This rule is not used by the project project-v4-multigroup itself.
 2 | # It is provided to allow the cluster admin to help manage permissions for users.
 3 | #
 4 | # Grants full permissions ('*') over ship.testproject.org.
 5 | # This role is intended for users authorized to modify roles and bindings within the cluster,
 6 | # enabling them to delegate specific permissions to other users or groups as needed.
 7 | 
 8 | apiVersion: rbac.authorization.k8s.io/v1
 9 | kind: ClusterRole
10 | metadata:
11 |   labels:
12 |     app.kubernetes.io/name: project-v4-multigroup
13 |     app.kubernetes.io/managed-by: kustomize
14 |   name: ship-cruiser-admin-role
15 | rules:
16 | - apiGroups:
17 |   - ship.testproject.org
18 |   resources:
19 |   - cruisers
20 |   verbs:
21 |   - '*'
22 | - apiGroups:
23 |   - ship.testproject.org
24 |   resources:
25 |   - cruisers/status
26 |   verbs:
27 |   - get
28 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/samples/crew_v1_captain.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: crew.testproject.org/v1
 2 | kind: Captain
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4-multigroup
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: captain-sample
 8 | spec:
 9 |   # TODO(user): Add fields here
10 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/samples/example.com_v1_wordpress.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: example.com.testproject.org/v1
 2 | kind: Wordpress
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4-multigroup
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: wordpress-sample
 8 | spec:
 9 |   # TODO(user): Add fields here
10 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/samples/example.com_v1alpha1_busybox.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: example.com.testproject.org/v1alpha1
 2 | kind: Busybox
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4-multigroup
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: busybox-sample
 8 | spec:
 9 |   # TODO(user): edit the following value to ensure the number
10 |   # of Pods/Instances your Operand must have on cluster
11 |   size: 1
12 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/samples/example.com_v1alpha1_memcached.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: example.com.testproject.org/v1alpha1
 2 | kind: Memcached
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4-multigroup
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: memcached-sample
 8 | spec:
 9 |   # TODO(user): edit the following value to ensure the number
10 |   # of Pods/Instances your Operand must have on cluster
11 |   size: 1
12 | 
13 |   # TODO(user): edit the following value to ensure the container has the right port to be initialized
14 |   containerPort: 11211
15 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/samples/example.com_v2_wordpress.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: example.com.testproject.org/v2
 2 | kind: Wordpress
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4-multigroup
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: wordpress-sample
 8 | spec:
 9 |   # TODO(user): Add fields here
10 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/samples/fiz_v1_bar.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: fiz.testproject.org/v1
 2 | kind: Bar
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4-multigroup
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: bar-sample
 8 | spec:
 9 |   # TODO(user): Add fields here
10 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/samples/foo.policy_v1_healthcheckpolicy.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: foo.policy.testproject.org/v1
 2 | kind: HealthCheckPolicy
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4-multigroup
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: healthcheckpolicy-sample
 8 | spec:
 9 |   # TODO(user): Add fields here
10 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/samples/foo_v1_bar.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: foo.testproject.org/v1
 2 | kind: Bar
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4-multigroup
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: bar-sample
 8 | spec:
 9 |   # TODO(user): Add fields here
10 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/samples/kustomization.yaml:
--------------------------------------------------------------------------------
 1 | ## Append samples of your project ##
 2 | resources:
 3 | - crew_v1_captain.yaml
 4 | - ship_v1beta1_frigate.yaml
 5 | - ship_v1_destroyer.yaml
 6 | - ship_v2alpha1_cruiser.yaml
 7 | - sea-creatures_v1beta1_kraken.yaml
 8 | - sea-creatures_v1beta2_leviathan.yaml
 9 | - foo.policy_v1_healthcheckpolicy.yaml
10 | - foo_v1_bar.yaml
11 | - fiz_v1_bar.yaml
12 | - example.com_v1alpha1_memcached.yaml
13 | - example.com_v1alpha1_busybox.yaml
14 | - example.com_v1_wordpress.yaml
15 | - example.com_v2_wordpress.yaml
16 | # +kubebuilder:scaffold:manifestskustomizesamples
17 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/samples/sea-creatures_v1beta1_kraken.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: sea-creatures.testproject.org/v1beta1
 2 | kind: Kraken
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4-multigroup
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: kraken-sample
 8 | spec:
 9 |   # TODO(user): Add fields here
10 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/samples/sea-creatures_v1beta2_leviathan.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: sea-creatures.testproject.org/v1beta2
 2 | kind: Leviathan
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4-multigroup
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: leviathan-sample
 8 | spec:
 9 |   # TODO(user): Add fields here
10 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/samples/ship_v1_destroyer.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: ship.testproject.org/v1
 2 | kind: Destroyer
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4-multigroup
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: destroyer-sample
 8 | spec:
 9 |   # TODO(user): Add fields here
10 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/samples/ship_v1beta1_frigate.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: ship.testproject.org/v1beta1
 2 | kind: Frigate
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4-multigroup
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: frigate-sample
 8 | spec:
 9 |   # TODO(user): Add fields here
10 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/samples/ship_v2alpha1_cruiser.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: ship.testproject.org/v2alpha1
 2 | kind: Cruiser
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4-multigroup
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: cruiser-sample
 8 | spec:
 9 |   # TODO(user): Add fields here
10 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/webhook/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manifests.yaml
3 | - service.yaml
4 | 
5 | configurations:
6 | - kustomizeconfig.yaml
7 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/webhook/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
 1 | # the following config is for teaching kustomize where to look at when substituting nameReference.
 2 | # It requires kustomize v2.1.0 or newer to work properly.
 3 | nameReference:
 4 | - kind: Service
 5 |   version: v1
 6 |   fieldSpecs:
 7 |   - kind: MutatingWebhookConfiguration
 8 |     group: admissionregistration.k8s.io
 9 |     path: webhooks/clientConfig/service/name
10 |   - kind: ValidatingWebhookConfiguration
11 |     group: admissionregistration.k8s.io
12 |     path: webhooks/clientConfig/service/name
13 | 
14 | namespace:
15 | - kind: MutatingWebhookConfiguration
16 |   group: admissionregistration.k8s.io
17 |   path: webhooks/clientConfig/service/namespace
18 |   create: true
19 | - kind: ValidatingWebhookConfiguration
20 |   group: admissionregistration.k8s.io
21 |   path: webhooks/clientConfig/service/namespace
22 |   create: true
23 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/config/webhook/service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4-multigroup
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: webhook-service
 8 |   namespace: system
 9 | spec:
10 |   ports:
11 |     - port: 443
12 |       protocol: TCP
13 |       targetPort: 9443
14 |   selector:
15 |     control-plane: controller-manager
16 |     app.kubernetes.io/name: project-v4-multigroup
17 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/grafana/custom-metrics/config.yaml:
--------------------------------------------------------------------------------
 1 | ---
 2 | customMetrics:
 3 | #  - metric: # Raw custom metric (required)
 4 | #    type:   # Metric type: counter/gauge/histogram (required)
 5 | #    expr:   # Prom_ql for the metric (optional)
 6 | #    unit:   # Unit of measurement, examples: s,none,bytes,percent,etc. (optional)
 7 | #
 8 | #
 9 | # Example:
10 | # ---
11 | # customMetrics:
12 | #   - metric: foo_bar
13 | #     unit: none
14 | #     type: histogram
15 | #   	expr: histogram_quantile(0.90, sum by(instance, le) (rate(foo_bar{job=\"$job\", namespace=\"$namespace\"}[5m])))
16 | 


--------------------------------------------------------------------------------
/testdata/project-v4-multigroup/hack/boilerplate.go.txt:
--------------------------------------------------------------------------------
 1 | /*
 2 | Copyright 2025 The Kubernetes authors.
 3 | 
 4 | Licensed under the Apache License, Version 2.0 (the "License");
 5 | you may not use this file except in compliance with the License.
 6 | You may obtain a copy of the License at
 7 | 
 8 |     http://www.apache.org/licenses/LICENSE-2.0
 9 | 
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/.devcontainer/devcontainer.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "name": "Kubebuilder DevContainer",
 3 |   "image": "golang:1.24",
 4 |   "features": {
 5 |     "ghcr.io/devcontainers/features/docker-in-docker:2": {},
 6 |     "ghcr.io/devcontainers/features/git:1": {}
 7 |   },
 8 | 
 9 |   "runArgs": ["--network=host"],
10 | 
11 |   "customizations": {
12 |     "vscode": {
13 |       "settings": {
14 |         "terminal.integrated.shell.linux": "/bin/bash"
15 |       },
16 |       "extensions": [
17 |         "ms-kubernetes-tools.vscode-kubernetes-tools",
18 |         "ms-azuretools.vscode-docker"
19 |       ]
20 |     }
21 |   },
22 | 
23 |   "onCreateCommand": "bash .devcontainer/post-install.sh"
24 | }
25 | 
26 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/.devcontainer/post-install.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | set -x
 3 | 
 4 | curl -Lo ./kind https://kind.sigs.k8s.io/dl/latest/kind-linux-amd64
 5 | chmod +x ./kind
 6 | mv ./kind /usr/local/bin/kind
 7 | 
 8 | curl -L -o kubebuilder https://go.kubebuilder.io/dl/latest/linux/amd64
 9 | chmod +x kubebuilder
10 | mv kubebuilder /usr/local/bin/
11 | 
12 | KUBECTL_VERSION=$(curl -L -s https://dl.k8s.io/release/stable.txt)
13 | curl -LO "https://dl.k8s.io/release/$KUBECTL_VERSION/bin/linux/amd64/kubectl"
14 | chmod +x kubectl
15 | mv kubectl /usr/local/bin/kubectl
16 | 
17 | docker network create -d=bridge --subnet=172.19.0.0/24 kind
18 | 
19 | kind version
20 | kubebuilder version
21 | docker --version
22 | go version
23 | kubectl version --client
24 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/.dockerignore:
--------------------------------------------------------------------------------
1 | # More info: https://docs.docker.com/engine/reference/builder/#dockerignore-file
2 | # Ignore build and test binaries.
3 | bin/
4 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/.github/workflows/lint.yml:
--------------------------------------------------------------------------------
 1 | name: Lint
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 | 
 7 | jobs:
 8 |   lint:
 9 |     name: Run on Ubuntu
10 |     runs-on: ubuntu-latest
11 |     steps:
12 |       - name: Clone the code
13 |         uses: actions/checkout@v4
14 | 
15 |       - name: Setup Go
16 |         uses: actions/setup-go@v5
17 |         with:
18 |           go-version-file: go.mod
19 | 
20 |       - name: Run linter
21 |         uses: golangci/golangci-lint-action@v8
22 |         with:
23 |           version: v2.1.0
24 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/.github/workflows/test-e2e.yml:
--------------------------------------------------------------------------------
 1 | name: E2E Tests
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 | 
 7 | jobs:
 8 |   test-e2e:
 9 |     name: Run on Ubuntu
10 |     runs-on: ubuntu-latest
11 |     steps:
12 |       - name: Clone the code
13 |         uses: actions/checkout@v4
14 | 
15 |       - name: Setup Go
16 |         uses: actions/setup-go@v5
17 |         with:
18 |           go-version-file: go.mod
19 | 
20 |       - name: Install the latest version of kind
21 |         run: |
22 |           curl -Lo ./kind https://kind.sigs.k8s.io/dl/latest/kind-linux-amd64
23 |           chmod +x ./kind
24 |           sudo mv ./kind /usr/local/bin/kind
25 | 
26 |       - name: Verify kind installation
27 |         run: kind version
28 | 
29 |       - name: Running Test e2e
30 |         run: |
31 |           go mod tidy
32 |           make test-e2e
33 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/.github/workflows/test.yml:
--------------------------------------------------------------------------------
 1 | name: Tests
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 | 
 7 | jobs:
 8 |   test:
 9 |     name: Run on Ubuntu
10 |     runs-on: ubuntu-latest
11 |     steps:
12 |       - name: Clone the code
13 |         uses: actions/checkout@v4
14 | 
15 |       - name: Setup Go
16 |         uses: actions/setup-go@v5
17 |         with:
18 |           go-version-file: go.mod
19 | 
20 |       - name: Running Tests
21 |         run: |
22 |           go mod tidy
23 |           make test
24 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/.gitignore:
--------------------------------------------------------------------------------
 1 | # Binaries for programs and plugins
 2 | *.exe
 3 | *.exe~
 4 | *.dll
 5 | *.so
 6 | *.dylib
 7 | bin/*
 8 | Dockerfile.cross
 9 | 
10 | # Test binary, built with `go test -c`
11 | *.test
12 | 
13 | # Output of the go coverage tool, specifically when used with LiteIDE
14 | *.out
15 | 
16 | # Go workspace file
17 | go.work
18 | 
19 | # Kubernetes Generated files - skip generated files, except for vendored files
20 | !vendor/**/zz_generated.*
21 | 
22 | # editor and IDE paraphernalia
23 | .idea
24 | .vscode
25 | *.swp
26 | *.swo
27 | *~
28 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/api/v1/wordpress_conversion.go:
--------------------------------------------------------------------------------
 1 | /*
 2 | Copyright 2025 The Kubernetes authors.
 3 | 
 4 | Licensed under the Apache License, Version 2.0 (the "License");
 5 | you may not use this file except in compliance with the License.
 6 | You may obtain a copy of the License at
 7 | 
 8 |     http://www.apache.org/licenses/LICENSE-2.0
 9 | 
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | 
17 | package v1
18 | 
19 | // EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
20 | 
21 | // Hub marks this type as a conversion hub.
22 | func (*Wordpress) Hub() {}
23 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/certmanager/certificate-metrics.yaml:
--------------------------------------------------------------------------------
 1 | # The following manifests contain a self-signed issuer CR and a metrics certificate CR.
 2 | # More document can be found at https://docs.cert-manager.io
 3 | apiVersion: cert-manager.io/v1
 4 | kind: Certificate
 5 | metadata:
 6 |   labels:
 7 |     app.kubernetes.io/name: project-v4-with-plugins
 8 |     app.kubernetes.io/managed-by: kustomize
 9 |   name: metrics-certs  # this name should match the one appeared in kustomizeconfig.yaml
10 |   namespace: system
11 | spec:
12 |   dnsNames:
13 |   # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
14 |   # replacements in the config/default/kustomization.yaml file.
15 |   - SERVICE_NAME.SERVICE_NAMESPACE.svc
16 |   - SERVICE_NAME.SERVICE_NAMESPACE.svc.cluster.local
17 |   issuerRef:
18 |     kind: Issuer
19 |     name: selfsigned-issuer
20 |   secretName: metrics-server-cert
21 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/certmanager/certificate-webhook.yaml:
--------------------------------------------------------------------------------
 1 | # The following manifests contain a self-signed issuer CR and a certificate CR.
 2 | # More document can be found at https://docs.cert-manager.io
 3 | apiVersion: cert-manager.io/v1
 4 | kind: Certificate
 5 | metadata:
 6 |   labels:
 7 |     app.kubernetes.io/name: project-v4-with-plugins
 8 |     app.kubernetes.io/managed-by: kustomize
 9 |   name: serving-cert  # this name should match the one appeared in kustomizeconfig.yaml
10 |   namespace: system
11 | spec:
12 |   # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
13 |   # replacements in the config/default/kustomization.yaml file.
14 |   dnsNames:
15 |   - SERVICE_NAME.SERVICE_NAMESPACE.svc
16 |   - SERVICE_NAME.SERVICE_NAMESPACE.svc.cluster.local
17 |   issuerRef:
18 |     kind: Issuer
19 |     name: selfsigned-issuer
20 |   secretName: webhook-server-cert
21 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/certmanager/issuer.yaml:
--------------------------------------------------------------------------------
 1 | # The following manifest contains a self-signed issuer CR.
 2 | # More information can be found at https://docs.cert-manager.io
 3 | # WARNING: Targets CertManager v1.0. Check https://cert-manager.io/docs/installation/upgrading/ for breaking changes.
 4 | apiVersion: cert-manager.io/v1
 5 | kind: Issuer
 6 | metadata:
 7 |   labels:
 8 |     app.kubernetes.io/name: project-v4-with-plugins
 9 |     app.kubernetes.io/managed-by: kustomize
10 |   name: selfsigned-issuer
11 |   namespace: system
12 | spec:
13 |   selfSigned: {}
14 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/certmanager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - issuer.yaml
3 | - certificate-webhook.yaml
4 | - certificate-metrics.yaml
5 | 
6 | configurations:
7 | - kustomizeconfig.yaml
8 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/certmanager/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # This configuration is for teaching kustomize how to update name ref substitution
2 | nameReference:
3 | - kind: Issuer
4 |   group: cert-manager.io
5 |   fieldSpecs:
6 |   - kind: Certificate
7 |     group: cert-manager.io
8 |     path: spec/issuerRef/name
9 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/crd/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
 1 | # This file is for teaching kustomize how to substitute name and namespace reference in CRD
 2 | nameReference:
 3 | - kind: Service
 4 |   version: v1
 5 |   fieldSpecs:
 6 |   - kind: CustomResourceDefinition
 7 |     version: v1
 8 |     group: apiextensions.k8s.io
 9 |     path: spec/conversion/webhook/clientConfig/service/name
10 | 
11 | namespace:
12 | - kind: CustomResourceDefinition
13 |   version: v1
14 |   group: apiextensions.k8s.io
15 |   path: spec/conversion/webhook/clientConfig/service/namespace
16 |   create: false
17 | 
18 | varReference:
19 | - path: metadata/annotations
20 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/crd/patches/webhook_in_wordpresses.yaml:
--------------------------------------------------------------------------------
 1 | # The following patch enables a conversion webhook for the CRD
 2 | apiVersion: apiextensions.k8s.io/v1
 3 | kind: CustomResourceDefinition
 4 | metadata:
 5 |   name: wordpresses.example.com.testproject.org
 6 | spec:
 7 |   conversion:
 8 |     strategy: Webhook
 9 |     webhook:
10 |       clientConfig:
11 |         service:
12 |           namespace: system
13 |           name: webhook-service
14 |           path: /convert
15 |       conversionReviewVersions:
16 |       - v1
17 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/default/manager_metrics_patch.yaml:
--------------------------------------------------------------------------------
1 | # This patch adds the args to allow exposing the metrics endpoint using HTTPS
2 | - op: add
3 |   path: /spec/template/spec/containers/0/args/0
4 |   value: --metrics-bind-address=:8443
5 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/default/metrics_service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     control-plane: controller-manager
 6 |     app.kubernetes.io/name: project-v4-with-plugins
 7 |     app.kubernetes.io/managed-by: kustomize
 8 |   name: controller-manager-metrics-service
 9 |   namespace: system
10 | spec:
11 |   ports:
12 |   - name: https
13 |     port: 8443
14 |     protocol: TCP
15 |     targetPort: 8443
16 |   selector:
17 |     control-plane: controller-manager
18 |     app.kubernetes.io/name: project-v4-with-plugins
19 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/manager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manager.yaml
3 | apiVersion: kustomize.config.k8s.io/v1beta1
4 | kind: Kustomization
5 | images:
6 | - name: controller
7 |   newName: controller
8 |   newTag: latest
9 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/network-policy/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - allow-webhook-traffic.yaml
3 | - allow-metrics-traffic.yaml
4 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/prometheus/kustomization.yaml:
--------------------------------------------------------------------------------
 1 | resources:
 2 | - monitor.yaml
 3 | 
 4 | # [PROMETHEUS-WITH-CERTS] The following patch configures the ServiceMonitor in ../prometheus
 5 | # to securely reference certificates created and managed by cert-manager.
 6 | # Additionally, ensure that you uncomment the [METRICS WITH CERTMANAGER] patch under config/default/kustomization.yaml
 7 | # to mount the "metrics-server-cert" secret in the Manager Deployment.
 8 | #patches:
 9 | #  - path: monitor_tls_patch.yaml
10 | #    target:
11 | #      kind: ServiceMonitor
12 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/prometheus/monitor_tls_patch.yaml:
--------------------------------------------------------------------------------
 1 | # Patch for Prometheus ServiceMonitor to enable secure TLS configuration
 2 | # using certificates managed by cert-manager
 3 | - op: replace
 4 |   path: /spec/endpoints/0/tlsConfig
 5 |   value:
 6 |     # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
 7 |     serverName: SERVICE_NAME.SERVICE_NAMESPACE.svc
 8 |     insecureSkipVerify: false
 9 |     ca:
10 |       secret:
11 |         name: metrics-server-cert
12 |         key: ca.crt
13 |     cert:
14 |       secret:
15 |         name: metrics-server-cert
16 |         key: tls.crt
17 |     keySecret:
18 |       name: metrics-server-cert
19 |       key: tls.key
20 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/rbac/leader_election_role.yaml:
--------------------------------------------------------------------------------
 1 | # permissions to do leader election.
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: Role
 4 | metadata:
 5 |   labels:
 6 |     app.kubernetes.io/name: project-v4-with-plugins
 7 |     app.kubernetes.io/managed-by: kustomize
 8 |   name: leader-election-role
 9 | rules:
10 | - apiGroups:
11 |   - ""
12 |   resources:
13 |   - configmaps
14 |   verbs:
15 |   - get
16 |   - list
17 |   - watch
18 |   - create
19 |   - update
20 |   - patch
21 |   - delete
22 | - apiGroups:
23 |   - coordination.k8s.io
24 |   resources:
25 |   - leases
26 |   verbs:
27 |   - get
28 |   - list
29 |   - watch
30 |   - create
31 |   - update
32 |   - patch
33 |   - delete
34 | - apiGroups:
35 |   - ""
36 |   resources:
37 |   - events
38 |   verbs:
39 |   - create
40 |   - patch
41 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/rbac/leader_election_role_binding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: RoleBinding
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4-with-plugins
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: leader-election-rolebinding
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: Role
11 |   name: leader-election-role
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: controller-manager
15 |   namespace: system
16 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/rbac/metrics_auth_role.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRole
 3 | metadata:
 4 |   name: metrics-auth-role
 5 | rules:
 6 | - apiGroups:
 7 |   - authentication.k8s.io
 8 |   resources:
 9 |   - tokenreviews
10 |   verbs:
11 |   - create
12 | - apiGroups:
13 |   - authorization.k8s.io
14 |   resources:
15 |   - subjectaccessreviews
16 |   verbs:
17 |   - create
18 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/rbac/metrics_auth_role_binding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRoleBinding
 3 | metadata:
 4 |   name: metrics-auth-rolebinding
 5 | roleRef:
 6 |   apiGroup: rbac.authorization.k8s.io
 7 |   kind: ClusterRole
 8 |   name: metrics-auth-role
 9 | subjects:
10 | - kind: ServiceAccount
11 |   name: controller-manager
12 |   namespace: system
13 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/rbac/metrics_reader_role.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRole
 3 | metadata:
 4 |   name: metrics-reader
 5 | rules:
 6 | - nonResourceURLs:
 7 |   - "/metrics"
 8 |   verbs:
 9 |   - get
10 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/rbac/role_binding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRoleBinding
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4-with-plugins
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: manager-rolebinding
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: ClusterRole
11 |   name: manager-role
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: controller-manager
15 |   namespace: system
16 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/rbac/service_account.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 |   labels:
5 |     app.kubernetes.io/name: project-v4-with-plugins
6 |     app.kubernetes.io/managed-by: kustomize
7 |   name: controller-manager
8 |   namespace: system
9 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/samples/example.com_v1_wordpress.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: example.com.testproject.org/v1
 2 | kind: Wordpress
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4-with-plugins
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: wordpress-sample
 8 | spec:
 9 |   # TODO(user): Add fields here
10 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/samples/example.com_v1alpha1_busybox.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: example.com.testproject.org/v1alpha1
 2 | kind: Busybox
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4-with-plugins
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: busybox-sample
 8 | spec:
 9 |   # TODO(user): edit the following value to ensure the number
10 |   # of Pods/Instances your Operand must have on cluster
11 |   size: 1
12 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/samples/example.com_v1alpha1_memcached.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: example.com.testproject.org/v1alpha1
 2 | kind: Memcached
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4-with-plugins
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: memcached-sample
 8 | spec:
 9 |   # TODO(user): edit the following value to ensure the number
10 |   # of Pods/Instances your Operand must have on cluster
11 |   size: 1
12 | 
13 |   # TODO(user): edit the following value to ensure the container has the right port to be initialized
14 |   containerPort: 11211
15 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/samples/example.com_v2_wordpress.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: example.com.testproject.org/v2
 2 | kind: Wordpress
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4-with-plugins
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: wordpress-sample
 8 | spec:
 9 |   # TODO(user): Add fields here
10 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/samples/kustomization.yaml:
--------------------------------------------------------------------------------
1 | ## Append samples of your project ##
2 | resources:
3 | - example.com_v1alpha1_memcached.yaml
4 | - example.com_v1alpha1_busybox.yaml
5 | - example.com_v1_wordpress.yaml
6 | - example.com_v2_wordpress.yaml
7 | # +kubebuilder:scaffold:manifestskustomizesamples
8 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/webhook/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manifests.yaml
3 | - service.yaml
4 | 
5 | configurations:
6 | - kustomizeconfig.yaml
7 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/webhook/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
 1 | # the following config is for teaching kustomize where to look at when substituting nameReference.
 2 | # It requires kustomize v2.1.0 or newer to work properly.
 3 | nameReference:
 4 | - kind: Service
 5 |   version: v1
 6 |   fieldSpecs:
 7 |   - kind: MutatingWebhookConfiguration
 8 |     group: admissionregistration.k8s.io
 9 |     path: webhooks/clientConfig/service/name
10 |   - kind: ValidatingWebhookConfiguration
11 |     group: admissionregistration.k8s.io
12 |     path: webhooks/clientConfig/service/name
13 | 
14 | namespace:
15 | - kind: MutatingWebhookConfiguration
16 |   group: admissionregistration.k8s.io
17 |   path: webhooks/clientConfig/service/namespace
18 |   create: true
19 | - kind: ValidatingWebhookConfiguration
20 |   group: admissionregistration.k8s.io
21 |   path: webhooks/clientConfig/service/namespace
22 |   create: true
23 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/webhook/manifests.yaml:
--------------------------------------------------------------------------------
 1 | ---
 2 | apiVersion: admissionregistration.k8s.io/v1
 3 | kind: ValidatingWebhookConfiguration
 4 | metadata:
 5 |   name: validating-webhook-configuration
 6 | webhooks:
 7 | - admissionReviewVersions:
 8 |   - v1
 9 |   clientConfig:
10 |     service:
11 |       name: webhook-service
12 |       namespace: system
13 |       path: /validate-example-com-testproject-org-v1alpha1-memcached
14 |   failurePolicy: Fail
15 |   name: vmemcached-v1alpha1.kb.io
16 |   rules:
17 |   - apiGroups:
18 |     - example.com.testproject.org
19 |     apiVersions:
20 |     - v1alpha1
21 |     operations:
22 |     - CREATE
23 |     - UPDATE
24 |     resources:
25 |     - memcacheds
26 |   sideEffects: None
27 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/config/webhook/service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4-with-plugins
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: webhook-service
 8 |   namespace: system
 9 | spec:
10 |   ports:
11 |     - port: 443
12 |       protocol: TCP
13 |       targetPort: 9443
14 |   selector:
15 |     control-plane: controller-manager
16 |     app.kubernetes.io/name: project-v4-with-plugins
17 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/dist/chart/.helmignore:
--------------------------------------------------------------------------------
 1 | # Patterns to ignore when building Helm packages.
 2 | # Operating system files
 3 | .DS_Store
 4 | 
 5 | # Version control directories
 6 | .git/
 7 | .gitignore
 8 | .bzr/
 9 | .hg/
10 | .hgignore
11 | .svn/
12 | 
13 | # Backup and temporary files
14 | *.swp
15 | *.tmp
16 | *.bak
17 | *.orig
18 | *~
19 | 
20 | # IDE and editor-related files
21 | .idea/
22 | .vscode/
23 | 
24 | # Helm chart artifacts
25 | dist/chart/*.tgz
26 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/dist/chart/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v2
2 | name: project-v4-with-plugins
3 | description: A Helm chart to distribute the project project-v4-with-plugins
4 | type: application
5 | version: 0.1.0
6 | appVersion: "0.1.0"
7 | icon: "https://example.com/icon.png"
8 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/dist/chart/templates/metrics/metrics-service.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.metrics.enable }}
 2 | apiVersion: v1
 3 | kind: Service
 4 | metadata:
 5 |   name: project-v4-with-plugins-controller-manager-metrics-service
 6 |   namespace: {{ .Release.Namespace }}
 7 |   labels:
 8 |     {{- include "chart.labels" . | nindent 4 }}
 9 |     control-plane: controller-manager
10 | spec:
11 |   ports:
12 |     - port: 8443
13 |       targetPort: 8443
14 |       protocol: TCP
15 |       name: https
16 |   selector:
17 |     control-plane: controller-manager
18 | {{- end }}
19 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/dist/chart/templates/rbac/leader_election_role.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enable }}
 2 | # permissions to do leader election.
 3 | apiVersion: rbac.authorization.k8s.io/v1
 4 | kind: Role
 5 | metadata:
 6 |   labels:
 7 |     {{- include "chart.labels" . | nindent 4 }}
 8 |   namespace: {{ .Release.Namespace }}
 9 |   name: project-v4-with-plugins-leader-election-role
10 | rules:
11 | - apiGroups:
12 |   - ""
13 |   resources:
14 |   - configmaps
15 |   verbs:
16 |   - get
17 |   - list
18 |   - watch
19 |   - create
20 |   - update
21 |   - patch
22 |   - delete
23 | - apiGroups:
24 |   - coordination.k8s.io
25 |   resources:
26 |   - leases
27 |   verbs:
28 |   - get
29 |   - list
30 |   - watch
31 |   - create
32 |   - update
33 |   - patch
34 |   - delete
35 | - apiGroups:
36 |   - ""
37 |   resources:
38 |   - events
39 |   verbs:
40 |   - create
41 |   - patch
42 | {{- end -}}
43 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/dist/chart/templates/rbac/leader_election_role_binding.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enable }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: RoleBinding
 4 | metadata:
 5 |   labels:
 6 |     {{- include "chart.labels" . | nindent 4 }}
 7 |   namespace: {{ .Release.Namespace }}
 8 |   name: project-v4-with-plugins-leader-election-rolebinding
 9 | roleRef:
10 |   apiGroup: rbac.authorization.k8s.io
11 |   kind: Role
12 |   name: project-v4-with-plugins-leader-election-role
13 | subjects:
14 | - kind: ServiceAccount
15 |   name: {{ .Values.controllerManager.serviceAccountName }}
16 |   namespace: {{ .Release.Namespace }}
17 | {{- end -}}
18 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/dist/chart/templates/rbac/metrics_auth_role.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.rbac.enable .Values.metrics.enable }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRole
 4 | metadata:
 5 |   labels:
 6 |     {{- include "chart.labels" . | nindent 4 }}
 7 |   name: project-v4-with-plugins-metrics-auth-role
 8 | rules:
 9 | - apiGroups:
10 |   - authentication.k8s.io
11 |   resources:
12 |   - tokenreviews
13 |   verbs:
14 |   - create
15 | - apiGroups:
16 |   - authorization.k8s.io
17 |   resources:
18 |   - subjectaccessreviews
19 |   verbs:
20 |   - create
21 | {{- end -}}
22 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/dist/chart/templates/rbac/metrics_auth_role_binding.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.rbac.enable .Values.metrics.enable }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRoleBinding
 4 | metadata:
 5 |   labels:
 6 |     {{- include "chart.labels" . | nindent 4 }}
 7 |   name: project-v4-with-plugins-metrics-auth-rolebinding
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: ClusterRole
11 |   name: project-v4-with-plugins-metrics-auth-role
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: {{ .Values.controllerManager.serviceAccountName }}
15 |   namespace: {{ .Release.Namespace }}
16 | {{- end -}}
17 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/dist/chart/templates/rbac/metrics_reader_role.yaml:
--------------------------------------------------------------------------------
 1 | {{- if and .Values.rbac.enable .Values.metrics.enable }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRole
 4 | metadata:
 5 |   labels:
 6 |     {{- include "chart.labels" . | nindent 4 }}
 7 |   name: project-v4-with-plugins-metrics-reader
 8 | rules:
 9 | - nonResourceURLs:
10 |   - "/metrics"
11 |   verbs:
12 |   - get
13 | {{- end -}}
14 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/dist/chart/templates/rbac/role_binding.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enable }}
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: ClusterRoleBinding
 4 | metadata:
 5 |   labels:
 6 |     {{- include "chart.labels" . | nindent 4 }}
 7 |   name: project-v4-with-plugins-manager-rolebinding
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: ClusterRole
11 |   name: project-v4-with-plugins-manager-role
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: {{ .Values.controllerManager.serviceAccountName }}
15 |   namespace: {{ .Release.Namespace }}
16 | {{- end -}}
17 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/dist/chart/templates/rbac/service_account.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.rbac.enable }}
 2 | apiVersion: v1
 3 | kind: ServiceAccount
 4 | metadata:
 5 |   labels:
 6 |     {{- include "chart.labels" . | nindent 4 }}
 7 |   {{- if and .Values.controllerManager.serviceAccount .Values.controllerManager.serviceAccount.annotations }}
 8 |   annotations:
 9 |     {{- range $key, $value := .Values.controllerManager.serviceAccount.annotations }}
10 |     {{ $key }}: {{ $value }}
11 |     {{- end }}
12 |   {{- end }}
13 |   name: {{ .Values.controllerManager.serviceAccountName }}
14 |   namespace: {{ .Release.Namespace }}
15 | {{- end -}}
16 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/dist/chart/templates/webhook/service.yaml:
--------------------------------------------------------------------------------
 1 | {{- if .Values.webhook.enable }}
 2 | apiVersion: v1
 3 | kind: Service
 4 | metadata:
 5 |   name: project-v4-with-plugins-webhook-service
 6 |   namespace: {{ .Release.Namespace }}
 7 |   labels:
 8 |     {{- include "chart.labels" . | nindent 4 }}
 9 | spec:
10 |   ports:
11 |     - port: 443
12 |       protocol: TCP
13 |       targetPort: 9443
14 |   selector:
15 |     control-plane: controller-manager
16 | {{- end }}
17 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/grafana/custom-metrics/config.yaml:
--------------------------------------------------------------------------------
 1 | ---
 2 | customMetrics:
 3 | #  - metric: # Raw custom metric (required)
 4 | #    type:   # Metric type: counter/gauge/histogram (required)
 5 | #    expr:   # Prom_ql for the metric (optional)
 6 | #    unit:   # Unit of measurement, examples: s,none,bytes,percent,etc. (optional)
 7 | #
 8 | #
 9 | # Example:
10 | # ---
11 | # customMetrics:
12 | #   - metric: foo_bar
13 | #     unit: none
14 | #     type: histogram
15 | #   	expr: histogram_quantile(0.90, sum by(instance, le) (rate(foo_bar{job=\"$job\", namespace=\"$namespace\"}[5m])))
16 | 


--------------------------------------------------------------------------------
/testdata/project-v4-with-plugins/hack/boilerplate.go.txt:
--------------------------------------------------------------------------------
 1 | /*
 2 | Copyright 2025 The Kubernetes authors.
 3 | 
 4 | Licensed under the Apache License, Version 2.0 (the "License");
 5 | you may not use this file except in compliance with the License.
 6 | You may obtain a copy of the License at
 7 | 
 8 |     http://www.apache.org/licenses/LICENSE-2.0
 9 | 
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */


--------------------------------------------------------------------------------
/testdata/project-v4/.devcontainer/devcontainer.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "name": "Kubebuilder DevContainer",
 3 |   "image": "golang:1.24",
 4 |   "features": {
 5 |     "ghcr.io/devcontainers/features/docker-in-docker:2": {},
 6 |     "ghcr.io/devcontainers/features/git:1": {}
 7 |   },
 8 | 
 9 |   "runArgs": ["--network=host"],
10 | 
11 |   "customizations": {
12 |     "vscode": {
13 |       "settings": {
14 |         "terminal.integrated.shell.linux": "/bin/bash"
15 |       },
16 |       "extensions": [
17 |         "ms-kubernetes-tools.vscode-kubernetes-tools",
18 |         "ms-azuretools.vscode-docker"
19 |       ]
20 |     }
21 |   },
22 | 
23 |   "onCreateCommand": "bash .devcontainer/post-install.sh"
24 | }
25 | 
26 | 


--------------------------------------------------------------------------------
/testdata/project-v4/.devcontainer/post-install.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | set -x
 3 | 
 4 | curl -Lo ./kind https://kind.sigs.k8s.io/dl/latest/kind-linux-amd64
 5 | chmod +x ./kind
 6 | mv ./kind /usr/local/bin/kind
 7 | 
 8 | curl -L -o kubebuilder https://go.kubebuilder.io/dl/latest/linux/amd64
 9 | chmod +x kubebuilder
10 | mv kubebuilder /usr/local/bin/
11 | 
12 | KUBECTL_VERSION=$(curl -L -s https://dl.k8s.io/release/stable.txt)
13 | curl -LO "https://dl.k8s.io/release/$KUBECTL_VERSION/bin/linux/amd64/kubectl"
14 | chmod +x kubectl
15 | mv kubectl /usr/local/bin/kubectl
16 | 
17 | docker network create -d=bridge --subnet=172.19.0.0/24 kind
18 | 
19 | kind version
20 | kubebuilder version
21 | docker --version
22 | go version
23 | kubectl version --client
24 | 


--------------------------------------------------------------------------------
/testdata/project-v4/.dockerignore:
--------------------------------------------------------------------------------
1 | # More info: https://docs.docker.com/engine/reference/builder/#dockerignore-file
2 | # Ignore build and test binaries.
3 | bin/
4 | 


--------------------------------------------------------------------------------
/testdata/project-v4/.github/workflows/lint.yml:
--------------------------------------------------------------------------------
 1 | name: Lint
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 | 
 7 | jobs:
 8 |   lint:
 9 |     name: Run on Ubuntu
10 |     runs-on: ubuntu-latest
11 |     steps:
12 |       - name: Clone the code
13 |         uses: actions/checkout@v4
14 | 
15 |       - name: Setup Go
16 |         uses: actions/setup-go@v5
17 |         with:
18 |           go-version-file: go.mod
19 | 
20 |       - name: Run linter
21 |         uses: golangci/golangci-lint-action@v8
22 |         with:
23 |           version: v2.1.0
24 | 


--------------------------------------------------------------------------------
/testdata/project-v4/.github/workflows/test-e2e.yml:
--------------------------------------------------------------------------------
 1 | name: E2E Tests
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 | 
 7 | jobs:
 8 |   test-e2e:
 9 |     name: Run on Ubuntu
10 |     runs-on: ubuntu-latest
11 |     steps:
12 |       - name: Clone the code
13 |         uses: actions/checkout@v4
14 | 
15 |       - name: Setup Go
16 |         uses: actions/setup-go@v5
17 |         with:
18 |           go-version-file: go.mod
19 | 
20 |       - name: Install the latest version of kind
21 |         run: |
22 |           curl -Lo ./kind https://kind.sigs.k8s.io/dl/latest/kind-linux-amd64
23 |           chmod +x ./kind
24 |           sudo mv ./kind /usr/local/bin/kind
25 | 
26 |       - name: Verify kind installation
27 |         run: kind version
28 | 
29 |       - name: Running Test e2e
30 |         run: |
31 |           go mod tidy
32 |           make test-e2e
33 | 


--------------------------------------------------------------------------------
/testdata/project-v4/.github/workflows/test.yml:
--------------------------------------------------------------------------------
 1 | name: Tests
 2 | 
 3 | on:
 4 |   push:
 5 |   pull_request:
 6 | 
 7 | jobs:
 8 |   test:
 9 |     name: Run on Ubuntu
10 |     runs-on: ubuntu-latest
11 |     steps:
12 |       - name: Clone the code
13 |         uses: actions/checkout@v4
14 | 
15 |       - name: Setup Go
16 |         uses: actions/setup-go@v5
17 |         with:
18 |           go-version-file: go.mod
19 | 
20 |       - name: Running Tests
21 |         run: |
22 |           go mod tidy
23 |           make test
24 | 


--------------------------------------------------------------------------------
/testdata/project-v4/.gitignore:
--------------------------------------------------------------------------------
 1 | # Binaries for programs and plugins
 2 | *.exe
 3 | *.exe~
 4 | *.dll
 5 | *.so
 6 | *.dylib
 7 | bin/*
 8 | Dockerfile.cross
 9 | 
10 | # Test binary, built with `go test -c`
11 | *.test
12 | 
13 | # Output of the go coverage tool, specifically when used with LiteIDE
14 | *.out
15 | 
16 | # Go workspace file
17 | go.work
18 | 
19 | # Kubernetes Generated files - skip generated files, except for vendored files
20 | !vendor/**/zz_generated.*
21 | 
22 | # editor and IDE paraphernalia
23 | .idea
24 | .vscode
25 | *.swp
26 | *.swo
27 | *~
28 | 


--------------------------------------------------------------------------------
/testdata/project-v4/api/v1/firstmate_conversion.go:
--------------------------------------------------------------------------------
 1 | /*
 2 | Copyright 2025 The Kubernetes authors.
 3 | 
 4 | Licensed under the Apache License, Version 2.0 (the "License");
 5 | you may not use this file except in compliance with the License.
 6 | You may obtain a copy of the License at
 7 | 
 8 |     http://www.apache.org/licenses/LICENSE-2.0
 9 | 
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | 
17 | package v1
18 | 
19 | // EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
20 | 
21 | // Hub marks this type as a conversion hub.
22 | func (*FirstMate) Hub() {}
23 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/certmanager/certificate-metrics.yaml:
--------------------------------------------------------------------------------
 1 | # The following manifests contain a self-signed issuer CR and a metrics certificate CR.
 2 | # More document can be found at https://docs.cert-manager.io
 3 | apiVersion: cert-manager.io/v1
 4 | kind: Certificate
 5 | metadata:
 6 |   labels:
 7 |     app.kubernetes.io/name: project-v4
 8 |     app.kubernetes.io/managed-by: kustomize
 9 |   name: metrics-certs  # this name should match the one appeared in kustomizeconfig.yaml
10 |   namespace: system
11 | spec:
12 |   dnsNames:
13 |   # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
14 |   # replacements in the config/default/kustomization.yaml file.
15 |   - SERVICE_NAME.SERVICE_NAMESPACE.svc
16 |   - SERVICE_NAME.SERVICE_NAMESPACE.svc.cluster.local
17 |   issuerRef:
18 |     kind: Issuer
19 |     name: selfsigned-issuer
20 |   secretName: metrics-server-cert
21 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/certmanager/certificate-webhook.yaml:
--------------------------------------------------------------------------------
 1 | # The following manifests contain a self-signed issuer CR and a certificate CR.
 2 | # More document can be found at https://docs.cert-manager.io
 3 | apiVersion: cert-manager.io/v1
 4 | kind: Certificate
 5 | metadata:
 6 |   labels:
 7 |     app.kubernetes.io/name: project-v4
 8 |     app.kubernetes.io/managed-by: kustomize
 9 |   name: serving-cert  # this name should match the one appeared in kustomizeconfig.yaml
10 |   namespace: system
11 | spec:
12 |   # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
13 |   # replacements in the config/default/kustomization.yaml file.
14 |   dnsNames:
15 |   - SERVICE_NAME.SERVICE_NAMESPACE.svc
16 |   - SERVICE_NAME.SERVICE_NAMESPACE.svc.cluster.local
17 |   issuerRef:
18 |     kind: Issuer
19 |     name: selfsigned-issuer
20 |   secretName: webhook-server-cert
21 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/certmanager/issuer.yaml:
--------------------------------------------------------------------------------
 1 | # The following manifest contains a self-signed issuer CR.
 2 | # More information can be found at https://docs.cert-manager.io
 3 | # WARNING: Targets CertManager v1.0. Check https://cert-manager.io/docs/installation/upgrading/ for breaking changes.
 4 | apiVersion: cert-manager.io/v1
 5 | kind: Issuer
 6 | metadata:
 7 |   labels:
 8 |     app.kubernetes.io/name: project-v4
 9 |     app.kubernetes.io/managed-by: kustomize
10 |   name: selfsigned-issuer
11 |   namespace: system
12 | spec:
13 |   selfSigned: {}
14 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/certmanager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - issuer.yaml
3 | - certificate-webhook.yaml
4 | - certificate-metrics.yaml
5 | 
6 | configurations:
7 | - kustomizeconfig.yaml
8 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/certmanager/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # This configuration is for teaching kustomize how to update name ref substitution
2 | nameReference:
3 | - kind: Issuer
4 |   group: cert-manager.io
5 |   fieldSpecs:
6 |   - kind: Certificate
7 |     group: cert-manager.io
8 |     path: spec/issuerRef/name
9 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/crd/kustomization.yaml:
--------------------------------------------------------------------------------
 1 | # This kustomization.yaml is not intended to be run by itself,
 2 | # since it depends on service name and namespace that are out of this kustomize package.
 3 | # It should be run by config/default
 4 | resources:
 5 | - bases/crew.testproject.org_captains.yaml
 6 | - bases/crew.testproject.org_firstmates.yaml
 7 | - bases/crew.testproject.org_admirales.yaml
 8 | # +kubebuilder:scaffold:crdkustomizeresource
 9 | 
10 | patches:
11 | # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
12 | # patches here are for enabling the conversion webhook for each CRD
13 | - path: patches/webhook_in_firstmates.yaml
14 | # +kubebuilder:scaffold:crdkustomizewebhookpatch
15 | 
16 | # [WEBHOOK] To enable webhook, uncomment the following section
17 | # the following config is for teaching kustomize how to do kustomization for CRDs.
18 | configurations:
19 | - kustomizeconfig.yaml
20 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/crd/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
 1 | # This file is for teaching kustomize how to substitute name and namespace reference in CRD
 2 | nameReference:
 3 | - kind: Service
 4 |   version: v1
 5 |   fieldSpecs:
 6 |   - kind: CustomResourceDefinition
 7 |     version: v1
 8 |     group: apiextensions.k8s.io
 9 |     path: spec/conversion/webhook/clientConfig/service/name
10 | 
11 | namespace:
12 | - kind: CustomResourceDefinition
13 |   version: v1
14 |   group: apiextensions.k8s.io
15 |   path: spec/conversion/webhook/clientConfig/service/namespace
16 |   create: false
17 | 
18 | varReference:
19 | - path: metadata/annotations
20 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/crd/patches/webhook_in_firstmates.yaml:
--------------------------------------------------------------------------------
 1 | # The following patch enables a conversion webhook for the CRD
 2 | apiVersion: apiextensions.k8s.io/v1
 3 | kind: CustomResourceDefinition
 4 | metadata:
 5 |   name: firstmates.crew.testproject.org
 6 | spec:
 7 |   conversion:
 8 |     strategy: Webhook
 9 |     webhook:
10 |       clientConfig:
11 |         service:
12 |           namespace: system
13 |           name: webhook-service
14 |           path: /convert
15 |       conversionReviewVersions:
16 |       - v1
17 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/default/manager_metrics_patch.yaml:
--------------------------------------------------------------------------------
1 | # This patch adds the args to allow exposing the metrics endpoint using HTTPS
2 | - op: add
3 |   path: /spec/template/spec/containers/0/args/0
4 |   value: --metrics-bind-address=:8443
5 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/default/metrics_service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     control-plane: controller-manager
 6 |     app.kubernetes.io/name: project-v4
 7 |     app.kubernetes.io/managed-by: kustomize
 8 |   name: controller-manager-metrics-service
 9 |   namespace: system
10 | spec:
11 |   ports:
12 |   - name: https
13 |     port: 8443
14 |     protocol: TCP
15 |     targetPort: 8443
16 |   selector:
17 |     control-plane: controller-manager
18 |     app.kubernetes.io/name: project-v4
19 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/manager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manager.yaml
3 | apiVersion: kustomize.config.k8s.io/v1beta1
4 | kind: Kustomization
5 | images:
6 | - name: controller
7 |   newName: controller
8 |   newTag: latest
9 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/network-policy/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - allow-webhook-traffic.yaml
3 | - allow-metrics-traffic.yaml
4 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/prometheus/kustomization.yaml:
--------------------------------------------------------------------------------
 1 | resources:
 2 | - monitor.yaml
 3 | 
 4 | # [PROMETHEUS-WITH-CERTS] The following patch configures the ServiceMonitor in ../prometheus
 5 | # to securely reference certificates created and managed by cert-manager.
 6 | # Additionally, ensure that you uncomment the [METRICS WITH CERTMANAGER] patch under config/default/kustomization.yaml
 7 | # to mount the "metrics-server-cert" secret in the Manager Deployment.
 8 | #patches:
 9 | #  - path: monitor_tls_patch.yaml
10 | #    target:
11 | #      kind: ServiceMonitor
12 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/prometheus/monitor_tls_patch.yaml:
--------------------------------------------------------------------------------
 1 | # Patch for Prometheus ServiceMonitor to enable secure TLS configuration
 2 | # using certificates managed by cert-manager
 3 | - op: replace
 4 |   path: /spec/endpoints/0/tlsConfig
 5 |   value:
 6 |     # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
 7 |     serverName: SERVICE_NAME.SERVICE_NAMESPACE.svc
 8 |     insecureSkipVerify: false
 9 |     ca:
10 |       secret:
11 |         name: metrics-server-cert
12 |         key: ca.crt
13 |     cert:
14 |       secret:
15 |         name: metrics-server-cert
16 |         key: tls.crt
17 |     keySecret:
18 |       name: metrics-server-cert
19 |       key: tls.key
20 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/rbac/admiral_admin_role.yaml:
--------------------------------------------------------------------------------
 1 | # This rule is not used by the project project-v4 itself.
 2 | # It is provided to allow the cluster admin to help manage permissions for users.
 3 | #
 4 | # Grants full permissions ('*') over crew.testproject.org.
 5 | # This role is intended for users authorized to modify roles and bindings within the cluster,
 6 | # enabling them to delegate specific permissions to other users or groups as needed.
 7 | 
 8 | apiVersion: rbac.authorization.k8s.io/v1
 9 | kind: ClusterRole
10 | metadata:
11 |   labels:
12 |     app.kubernetes.io/name: project-v4
13 |     app.kubernetes.io/managed-by: kustomize
14 |   name: admiral-admin-role
15 | rules:
16 | - apiGroups:
17 |   - crew.testproject.org
18 |   resources:
19 |   - admirales
20 |   verbs:
21 |   - '*'
22 | - apiGroups:
23 |   - crew.testproject.org
24 |   resources:
25 |   - admirales/status
26 |   verbs:
27 |   - get
28 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/rbac/admiral_viewer_role.yaml:
--------------------------------------------------------------------------------
 1 | # This rule is not used by the project project-v4 itself.
 2 | # It is provided to allow the cluster admin to help manage permissions for users.
 3 | #
 4 | # Grants read-only access to crew.testproject.org resources.
 5 | # This role is intended for users who need visibility into these resources
 6 | # without permissions to modify them. It is ideal for monitoring purposes and limited-access viewing.
 7 | 
 8 | apiVersion: rbac.authorization.k8s.io/v1
 9 | kind: ClusterRole
10 | metadata:
11 |   labels:
12 |     app.kubernetes.io/name: project-v4
13 |     app.kubernetes.io/managed-by: kustomize
14 |   name: admiral-viewer-role
15 | rules:
16 | - apiGroups:
17 |   - crew.testproject.org
18 |   resources:
19 |   - admirales
20 |   verbs:
21 |   - get
22 |   - list
23 |   - watch
24 | - apiGroups:
25 |   - crew.testproject.org
26 |   resources:
27 |   - admirales/status
28 |   verbs:
29 |   - get
30 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/rbac/captain_admin_role.yaml:
--------------------------------------------------------------------------------
 1 | # This rule is not used by the project project-v4 itself.
 2 | # It is provided to allow the cluster admin to help manage permissions for users.
 3 | #
 4 | # Grants full permissions ('*') over crew.testproject.org.
 5 | # This role is intended for users authorized to modify roles and bindings within the cluster,
 6 | # enabling them to delegate specific permissions to other users or groups as needed.
 7 | 
 8 | apiVersion: rbac.authorization.k8s.io/v1
 9 | kind: ClusterRole
10 | metadata:
11 |   labels:
12 |     app.kubernetes.io/name: project-v4
13 |     app.kubernetes.io/managed-by: kustomize
14 |   name: captain-admin-role
15 | rules:
16 | - apiGroups:
17 |   - crew.testproject.org
18 |   resources:
19 |   - captains
20 |   verbs:
21 |   - '*'
22 | - apiGroups:
23 |   - crew.testproject.org
24 |   resources:
25 |   - captains/status
26 |   verbs:
27 |   - get
28 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/rbac/captain_viewer_role.yaml:
--------------------------------------------------------------------------------
 1 | # This rule is not used by the project project-v4 itself.
 2 | # It is provided to allow the cluster admin to help manage permissions for users.
 3 | #
 4 | # Grants read-only access to crew.testproject.org resources.
 5 | # This role is intended for users who need visibility into these resources
 6 | # without permissions to modify them. It is ideal for monitoring purposes and limited-access viewing.
 7 | 
 8 | apiVersion: rbac.authorization.k8s.io/v1
 9 | kind: ClusterRole
10 | metadata:
11 |   labels:
12 |     app.kubernetes.io/name: project-v4
13 |     app.kubernetes.io/managed-by: kustomize
14 |   name: captain-viewer-role
15 | rules:
16 | - apiGroups:
17 |   - crew.testproject.org
18 |   resources:
19 |   - captains
20 |   verbs:
21 |   - get
22 |   - list
23 |   - watch
24 | - apiGroups:
25 |   - crew.testproject.org
26 |   resources:
27 |   - captains/status
28 |   verbs:
29 |   - get
30 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/rbac/firstmate_admin_role.yaml:
--------------------------------------------------------------------------------
 1 | # This rule is not used by the project project-v4 itself.
 2 | # It is provided to allow the cluster admin to help manage permissions for users.
 3 | #
 4 | # Grants full permissions ('*') over crew.testproject.org.
 5 | # This role is intended for users authorized to modify roles and bindings within the cluster,
 6 | # enabling them to delegate specific permissions to other users or groups as needed.
 7 | 
 8 | apiVersion: rbac.authorization.k8s.io/v1
 9 | kind: ClusterRole
10 | metadata:
11 |   labels:
12 |     app.kubernetes.io/name: project-v4
13 |     app.kubernetes.io/managed-by: kustomize
14 |   name: firstmate-admin-role
15 | rules:
16 | - apiGroups:
17 |   - crew.testproject.org
18 |   resources:
19 |   - firstmates
20 |   verbs:
21 |   - '*'
22 | - apiGroups:
23 |   - crew.testproject.org
24 |   resources:
25 |   - firstmates/status
26 |   verbs:
27 |   - get
28 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/rbac/firstmate_viewer_role.yaml:
--------------------------------------------------------------------------------
 1 | # This rule is not used by the project project-v4 itself.
 2 | # It is provided to allow the cluster admin to help manage permissions for users.
 3 | #
 4 | # Grants read-only access to crew.testproject.org resources.
 5 | # This role is intended for users who need visibility into these resources
 6 | # without permissions to modify them. It is ideal for monitoring purposes and limited-access viewing.
 7 | 
 8 | apiVersion: rbac.authorization.k8s.io/v1
 9 | kind: ClusterRole
10 | metadata:
11 |   labels:
12 |     app.kubernetes.io/name: project-v4
13 |     app.kubernetes.io/managed-by: kustomize
14 |   name: firstmate-viewer-role
15 | rules:
16 | - apiGroups:
17 |   - crew.testproject.org
18 |   resources:
19 |   - firstmates
20 |   verbs:
21 |   - get
22 |   - list
23 |   - watch
24 | - apiGroups:
25 |   - crew.testproject.org
26 |   resources:
27 |   - firstmates/status
28 |   verbs:
29 |   - get
30 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/rbac/leader_election_role.yaml:
--------------------------------------------------------------------------------
 1 | # permissions to do leader election.
 2 | apiVersion: rbac.authorization.k8s.io/v1
 3 | kind: Role
 4 | metadata:
 5 |   labels:
 6 |     app.kubernetes.io/name: project-v4
 7 |     app.kubernetes.io/managed-by: kustomize
 8 |   name: leader-election-role
 9 | rules:
10 | - apiGroups:
11 |   - ""
12 |   resources:
13 |   - configmaps
14 |   verbs:
15 |   - get
16 |   - list
17 |   - watch
18 |   - create
19 |   - update
20 |   - patch
21 |   - delete
22 | - apiGroups:
23 |   - coordination.k8s.io
24 |   resources:
25 |   - leases
26 |   verbs:
27 |   - get
28 |   - list
29 |   - watch
30 |   - create
31 |   - update
32 |   - patch
33 |   - delete
34 | - apiGroups:
35 |   - ""
36 |   resources:
37 |   - events
38 |   verbs:
39 |   - create
40 |   - patch
41 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/rbac/leader_election_role_binding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: RoleBinding
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: leader-election-rolebinding
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: Role
11 |   name: leader-election-role
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: controller-manager
15 |   namespace: system
16 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/rbac/metrics_auth_role.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRole
 3 | metadata:
 4 |   name: metrics-auth-role
 5 | rules:
 6 | - apiGroups:
 7 |   - authentication.k8s.io
 8 |   resources:
 9 |   - tokenreviews
10 |   verbs:
11 |   - create
12 | - apiGroups:
13 |   - authorization.k8s.io
14 |   resources:
15 |   - subjectaccessreviews
16 |   verbs:
17 |   - create
18 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/rbac/metrics_auth_role_binding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRoleBinding
 3 | metadata:
 4 |   name: metrics-auth-rolebinding
 5 | roleRef:
 6 |   apiGroup: rbac.authorization.k8s.io
 7 |   kind: ClusterRole
 8 |   name: metrics-auth-role
 9 | subjects:
10 | - kind: ServiceAccount
11 |   name: controller-manager
12 |   namespace: system
13 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/rbac/metrics_reader_role.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRole
 3 | metadata:
 4 |   name: metrics-reader
 5 | rules:
 6 | - nonResourceURLs:
 7 |   - "/metrics"
 8 |   verbs:
 9 |   - get
10 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/rbac/role_binding.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: rbac.authorization.k8s.io/v1
 2 | kind: ClusterRoleBinding
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: manager-rolebinding
 8 | roleRef:
 9 |   apiGroup: rbac.authorization.k8s.io
10 |   kind: ClusterRole
11 |   name: manager-role
12 | subjects:
13 | - kind: ServiceAccount
14 |   name: controller-manager
15 |   namespace: system
16 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/rbac/service_account.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 |   labels:
5 |     app.kubernetes.io/name: project-v4
6 |     app.kubernetes.io/managed-by: kustomize
7 |   name: controller-manager
8 |   namespace: system
9 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/samples/crew_v1_admiral.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: crew.testproject.org/v1
 2 | kind: Admiral
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: admiral-sample
 8 | spec:
 9 |   # TODO(user): Add fields here
10 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/samples/crew_v1_captain.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: crew.testproject.org/v1
 2 | kind: Captain
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: captain-sample
 8 | spec:
 9 |   # TODO(user): Add fields here
10 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/samples/crew_v1_firstmate.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: crew.testproject.org/v1
 2 | kind: FirstMate
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: firstmate-sample
 8 | spec:
 9 |   # TODO(user): Add fields here
10 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/samples/crew_v2_firstmate.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: crew.testproject.org/v2
 2 | kind: FirstMate
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: firstmate-sample
 8 | spec:
 9 |   # TODO(user): Add fields here
10 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/samples/kustomization.yaml:
--------------------------------------------------------------------------------
1 | ## Append samples of your project ##
2 | resources:
3 | - crew_v1_captain.yaml
4 | - crew_v1_firstmate.yaml
5 | - crew_v2_firstmate.yaml
6 | - crew_v1_admiral.yaml
7 | # +kubebuilder:scaffold:manifestskustomizesamples
8 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/webhook/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manifests.yaml
3 | - service.yaml
4 | 
5 | configurations:
6 | - kustomizeconfig.yaml
7 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/webhook/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
 1 | # the following config is for teaching kustomize where to look at when substituting nameReference.
 2 | # It requires kustomize v2.1.0 or newer to work properly.
 3 | nameReference:
 4 | - kind: Service
 5 |   version: v1
 6 |   fieldSpecs:
 7 |   - kind: MutatingWebhookConfiguration
 8 |     group: admissionregistration.k8s.io
 9 |     path: webhooks/clientConfig/service/name
10 |   - kind: ValidatingWebhookConfiguration
11 |     group: admissionregistration.k8s.io
12 |     path: webhooks/clientConfig/service/name
13 | 
14 | namespace:
15 | - kind: MutatingWebhookConfiguration
16 |   group: admissionregistration.k8s.io
17 |   path: webhooks/clientConfig/service/namespace
18 |   create: true
19 | - kind: ValidatingWebhookConfiguration
20 |   group: admissionregistration.k8s.io
21 |   path: webhooks/clientConfig/service/namespace
22 |   create: true
23 | 


--------------------------------------------------------------------------------
/testdata/project-v4/config/webhook/service.yaml:
--------------------------------------------------------------------------------
 1 | apiVersion: v1
 2 | kind: Service
 3 | metadata:
 4 |   labels:
 5 |     app.kubernetes.io/name: project-v4
 6 |     app.kubernetes.io/managed-by: kustomize
 7 |   name: webhook-service
 8 |   namespace: system
 9 | spec:
10 |   ports:
11 |     - port: 443
12 |       protocol: TCP
13 |       targetPort: 9443
14 |   selector:
15 |     control-plane: controller-manager
16 |     app.kubernetes.io/name: project-v4
17 | 


--------------------------------------------------------------------------------
/testdata/project-v4/hack/boilerplate.go.txt:
--------------------------------------------------------------------------------
 1 | /*
 2 | Copyright 2025 The Kubernetes authors.
 3 | 
 4 | Licensed under the Apache License, Version 2.0 (the "License");
 5 | you may not use this file except in compliance with the License.
 6 | You may obtain a copy of the License at
 7 | 
 8 |     http://www.apache.org/licenses/LICENSE-2.0
 9 | 
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */


--------------------------------------------------------------------------------