├── .codecov.yml ├── .gitattributes ├── .github ├── dependabot.yml └── workflows │ ├── acceptance.sh │ ├── ci.yaml │ ├── cleanup-runtime.sh │ ├── fats-fetch.sh │ ├── install-runtime.sh │ ├── projects.yaml │ ├── publish.sh │ └── stage.sh ├── .gitignore ├── .ko.yaml ├── CODE_OF_CONDUCT.adoc ├── LICENSE ├── Makefile ├── PROJECT ├── README.md ├── VERSION ├── cmd └── managers │ ├── build │ └── main.go │ ├── core │ └── main.go │ ├── knative │ └── main.go │ └── streaming │ └── main.go ├── config ├── build │ ├── certmanager │ │ ├── certificate.yaml │ │ ├── kustomization.yaml │ │ └── kustomizeconfig.yaml │ ├── crd │ │ ├── bases │ │ │ ├── build.projectriff.io_applications.yaml │ │ │ ├── build.projectriff.io_containers.yaml │ │ │ └── build.projectriff.io_functions.yaml │ │ ├── kustomization.yaml │ │ ├── kustomizeconfig.yaml │ │ └── patches │ │ │ ├── cainjection_in_applications.yaml │ │ │ ├── cainjection_in_containers.yaml │ │ │ ├── cainjection_in_functions.yaml │ │ │ ├── webhook_in_applications.yaml │ │ │ ├── webhook_in_containers.yaml │ │ │ └── webhook_in_functions.yaml │ ├── default │ │ ├── kustomization.yaml │ │ ├── manager_auth_proxy_patch.yaml │ │ ├── manager_prometheus_metrics_patch.yaml │ │ ├── manager_webhook_patch.yaml │ │ └── webhookcainjection_patch.yaml │ ├── manager │ │ ├── kustomization.yaml │ │ └── manager.yaml │ ├── rbac │ │ ├── aggregated_roles.yaml │ │ ├── auth_proxy_role.yaml │ │ ├── auth_proxy_role_binding.yaml │ │ ├── auth_proxy_service.yaml │ │ ├── kustomization.yaml │ │ ├── leader_election_role.yaml │ │ ├── leader_election_role_binding.yaml │ │ ├── public_builders_role.yaml │ │ ├── public_builders_role_binding.yaml │ │ ├── role.yaml │ │ └── role_binding.yaml │ ├── samples │ │ ├── build_v1alpha1_application.yaml │ │ ├── build_v1alpha1_container.yaml │ │ └── build_v1alpha1_function.yaml │ └── webhook │ │ ├── kustomization.yaml │ │ ├── kustomizeconfig.yaml │ │ ├── manifests.yaml │ │ └── service.yaml ├── core │ ├── certmanager │ │ ├── certificate.yaml │ │ ├── kustomization.yaml │ │ └── kustomizeconfig.yaml │ ├── config │ │ ├── kustomization.yaml │ │ └── settings.yaml │ ├── crd │ │ ├── bases │ │ │ └── core.projectriff.io_deployers.yaml │ │ ├── kustomization.yaml │ │ ├── kustomizeconfig.yaml │ │ └── patches │ │ │ ├── cainjection_in_deployers.yaml │ │ │ └── webhook_in_deployers.yaml │ ├── default │ │ ├── kustomization.yaml │ │ ├── manager_auth_proxy_patch.yaml │ │ ├── manager_prometheus_metrics_patch.yaml │ │ ├── manager_webhook_patch.yaml │ │ └── webhookcainjection_patch.yaml │ ├── manager │ │ ├── kustomization.yaml │ │ └── manager.yaml │ ├── rbac │ │ ├── aggregated_roles.yaml │ │ ├── auth_proxy_role.yaml │ │ ├── auth_proxy_role_binding.yaml │ │ ├── auth_proxy_service.yaml │ │ ├── kustomization.yaml │ │ ├── leader_election_role.yaml │ │ ├── leader_election_role_binding.yaml │ │ ├── role.yaml │ │ └── role_binding.yaml │ ├── samples │ │ └── core_v1alpha1_deployer.yaml │ └── webhook │ │ ├── kustomization.yaml │ │ ├── kustomizeconfig.yaml │ │ ├── manifests.yaml │ │ └── service.yaml ├── knative │ ├── certmanager │ │ ├── certificate.yaml │ │ ├── kustomization.yaml │ │ └── kustomizeconfig.yaml │ ├── crd │ │ ├── bases │ │ │ ├── knative.projectriff.io_adapters.yaml │ │ │ └── knative.projectriff.io_deployers.yaml │ │ ├── kustomization.yaml │ │ ├── kustomizeconfig.yaml │ │ └── patches │ │ │ ├── cainjection_in_adapters.yaml │ │ │ ├── cainjection_in_deployers.yaml │ │ │ ├── webhook_in_adapters.yaml │ │ │ └── webhook_in_deployers.yaml │ ├── default │ │ ├── kustomization.yaml │ │ ├── manager_auth_proxy_patch.yaml │ │ ├── manager_prometheus_metrics_patch.yaml │ │ ├── manager_webhook_patch.yaml │ │ └── webhookcainjection_patch.yaml │ ├── manager │ │ ├── kustomization.yaml │ │ └── manager.yaml │ ├── rbac │ │ ├── aggregated_roles.yaml │ │ ├── auth_proxy_role.yaml │ │ ├── auth_proxy_role_binding.yaml │ │ ├── auth_proxy_service.yaml │ │ ├── kustomization.yaml │ │ ├── leader_election_role.yaml │ │ ├── leader_election_role_binding.yaml │ │ ├── role.yaml │ │ └── role_binding.yaml │ ├── samples │ │ ├── knative_v1alpha1_adapter.yaml │ │ └── knative_v1alpha1_deployer.yaml │ └── webhook │ │ ├── kustomization.yaml │ │ ├── kustomizeconfig.yaml │ │ ├── manifests.yaml │ │ └── service.yaml ├── riff-build.yaml ├── riff-core.yaml ├── riff-knative.yaml ├── riff-streaming.yaml └── streaming │ ├── certmanager │ ├── certificate.yaml │ ├── kustomization.yaml │ └── kustomizeconfig.yaml │ ├── config │ ├── bases │ │ ├── inmemory-gateway.yaml │ │ ├── inmemory-gateway.yaml.tpl │ │ ├── kafka-gateway.yaml │ │ ├── kafka-gateway.yaml.tpl │ │ ├── processor.yaml │ │ ├── processor.yaml.tpl │ │ ├── pulsar-gateway.yaml │ │ └── pulsar-gateway.yaml.tpl │ └── kustomization.yaml │ ├── crd │ ├── bases │ │ ├── streaming.projectriff.io_gateways.yaml │ │ ├── streaming.projectriff.io_inmemorygateways.yaml │ │ ├── streaming.projectriff.io_kafkagateways.yaml │ │ ├── streaming.projectriff.io_processors.yaml │ │ ├── streaming.projectriff.io_pulsargateways.yaml │ │ └── streaming.projectriff.io_streams.yaml │ ├── kustomization.yaml │ ├── kustomizeconfig.yaml │ └── patches │ │ ├── cainjection_in_gateways.yaml │ │ ├── cainjection_in_inmemorygateways.yaml │ │ ├── cainjection_in_kafkagateways.yaml │ │ ├── cainjection_in_processors.yaml │ │ ├── cainjection_in_pulsargateways.yaml │ │ ├── cainjection_in_streams.yaml │ │ ├── webhook_in_gateways.yaml │ │ ├── webhook_in_inmemorygateways.yaml │ │ ├── webhook_in_kafkagateways.yaml │ │ ├── webhook_in_processors.yaml │ │ ├── webhook_in_pulsargateways.yaml │ │ └── webhook_in_streams.yaml │ ├── default │ ├── kustomization.yaml │ ├── manager_auth_proxy_patch.yaml │ ├── manager_prometheus_metrics_patch.yaml │ ├── manager_webhook_patch.yaml │ └── webhookcainjection_patch.yaml │ ├── manager │ ├── kustomization.yaml │ └── manager.yaml │ ├── rbac │ ├── aggregated_roles.yaml │ ├── auth_proxy_role.yaml │ ├── auth_proxy_role_binding.yaml │ ├── auth_proxy_service.yaml │ ├── kustomization.yaml │ ├── leader_election_role.yaml │ ├── leader_election_role_binding.yaml │ ├── role.yaml │ └── role_binding.yaml │ ├── samples │ ├── streaming_v1alpha1_inmemorygateway.yaml │ ├── streaming_v1alpha1_kafkagateway.yaml │ ├── streaming_v1alpha1_processor.yaml │ ├── streaming_v1alpha1_pulsargateway.yaml │ └── streaming_v1alpha1_stream.yaml │ └── webhook │ ├── kustomization.yaml │ ├── kustomizeconfig.yaml │ ├── manifests.yaml │ └── service.yaml ├── go.mod ├── go.sum ├── hack ├── apply-template.sh ├── boilerplate.go.txt ├── go.mod ├── go.sum ├── ko │ ├── go.mod │ ├── go.sum │ └── tools.go ├── tools.go └── update-codegen.sh └── pkg ├── apis ├── bindings │ └── v1alpha1 │ │ ├── doc.go │ │ ├── groupversion_info.go │ │ ├── image_binding_types.go │ │ ├── service_binding_types.go │ │ ├── shared_types.go │ │ └── zz_generated.deepcopy.go ├── build │ └── v1alpha1 │ │ ├── aliases.go │ │ ├── application_defaults.go │ │ ├── application_defaults_test.go │ │ ├── application_lifecycle.go │ │ ├── application_types.go │ │ ├── application_validation.go │ │ ├── application_validation_test.go │ │ ├── container_defaults.go │ │ ├── container_defaults_test.go │ │ ├── container_lifecycle.go │ │ ├── container_types.go │ │ ├── container_validation.go │ │ ├── container_validation_test.go │ │ ├── doc.go │ │ ├── function_defaults.go │ │ ├── function_defaults_test.go │ │ ├── function_lifecycle.go │ │ ├── function_types.go │ │ ├── function_validation.go │ │ ├── function_validation_test.go │ │ ├── groupversion_info.go │ │ ├── shared_types.go │ │ └── zz_generated.deepcopy.go ├── core │ └── v1alpha1 │ │ ├── deployer_defaults.go │ │ ├── deployer_defaults_test.go │ │ ├── deployer_lifecycle.go │ │ ├── deployer_types.go │ │ ├── deployer_validation.go │ │ ├── deployer_validation_test.go │ │ ├── doc.go │ │ ├── groupversion_info.go │ │ └── zz_generated.deepcopy.go ├── duck │ └── v1 │ │ ├── addressable_types.go │ │ └── zz_generated.deepcopy.go ├── interfaces.go ├── knative │ └── v1alpha1 │ │ ├── adapter_defaults.go │ │ ├── adapter_defaults_test.go │ │ ├── adapter_lifecycle.go │ │ ├── adapter_types.go │ │ ├── adapter_validation.go │ │ ├── adapter_validation_test.go │ │ ├── deployer_defaults.go │ │ ├── deployer_defaults_test.go │ │ ├── deployer_lifecycle.go │ │ ├── deployer_types.go │ │ ├── deployer_validation.go │ │ ├── deployer_validation_test.go │ │ ├── doc.go │ │ ├── groupversion_info.go │ │ ├── shared_types.go │ │ ├── shared_validation.go │ │ └── zz_generated.deepcopy.go ├── streaming │ └── v1alpha1 │ │ ├── doc.go │ │ ├── gateway_defaults.go │ │ ├── gateway_lifecycle.go │ │ ├── gateway_types.go │ │ ├── gateway_validation.go │ │ ├── groupversion_info.go │ │ ├── inmemorygateway_defaults.go │ │ ├── inmemorygateway_lifecycle.go │ │ ├── inmemorygateway_types.go │ │ ├── inmemorygateway_validation.go │ │ ├── inmemorygateway_validation_test.go │ │ ├── kafkagateway_defaults.go │ │ ├── kafkagateway_lifecycle.go │ │ ├── kafkagateway_types.go │ │ ├── kafkagateway_validation.go │ │ ├── kafkagateway_validation_test.go │ │ ├── processor_defaults.go │ │ ├── processor_defaults_test.go │ │ ├── processor_lifecycle.go │ │ ├── processor_types.go │ │ ├── processor_validation.go │ │ ├── processor_validation_test.go │ │ ├── pulsargateway_defaults.go │ │ ├── pulsargateway_lifecycle.go │ │ ├── pulsargateway_types.go │ │ ├── pulsargateway_validation.go │ │ ├── pulsargateway_validation_test.go │ │ ├── stream_defaults.go │ │ ├── stream_defaults_test.go │ │ ├── stream_lifecycle.go │ │ ├── stream_types.go │ │ ├── stream_validation.go │ │ ├── stream_validation_test.go │ │ └── zz_generated.deepcopy.go └── thirdparty │ ├── keda │ └── v1alpha1 │ │ ├── groupversion_info.go │ │ ├── scaled_object_types.go │ │ ├── triggerauthentication_types.go │ │ └── zz_generated.deepcopy.go │ ├── knative │ └── serving │ │ └── v1 │ │ ├── configuration_types.go │ │ ├── groupversion_info.go │ │ ├── revision_types.go │ │ ├── route_types.go │ │ ├── service_types.go │ │ └── zz_generated.deepcopy.go │ └── kpack │ └── build │ └── v1alpha1 │ ├── build_types.go │ ├── builder_types.go │ ├── buildpack_metadata.go │ ├── cluster_builder_types.go │ ├── groupversion_info.go │ ├── image_types.go │ ├── shared_validation.go │ ├── source_resolver_types.go │ ├── source_types.go │ └── zz_generated.deepcopy.go ├── authn ├── secrets_keychain.go └── secrets_keychain_test.go ├── client └── clientset │ └── versioned │ ├── clientset.go │ ├── doc.go │ ├── fake │ ├── clientset_generated.go │ ├── doc.go │ └── register.go │ ├── scheme │ ├── doc.go │ └── register.go │ └── typed │ ├── bindings │ └── v1alpha1 │ │ ├── bindings_client.go │ │ ├── doc.go │ │ ├── fake │ │ ├── doc.go │ │ ├── fake_bindings_client.go │ │ ├── fake_imagebinding.go │ │ └── fake_servicebinding.go │ │ ├── generated_expansion.go │ │ ├── imagebinding.go │ │ └── servicebinding.go │ ├── build │ └── v1alpha1 │ │ ├── application.go │ │ ├── build_client.go │ │ ├── container.go │ │ ├── doc.go │ │ ├── fake │ │ ├── doc.go │ │ ├── fake_application.go │ │ ├── fake_build_client.go │ │ ├── fake_container.go │ │ └── fake_function.go │ │ ├── function.go │ │ └── generated_expansion.go │ ├── core │ └── v1alpha1 │ │ ├── core_client.go │ │ ├── deployer.go │ │ ├── doc.go │ │ ├── fake │ │ ├── doc.go │ │ ├── fake_core_client.go │ │ └── fake_deployer.go │ │ └── generated_expansion.go │ ├── knative │ └── v1alpha1 │ │ ├── adapter.go │ │ ├── deployer.go │ │ ├── doc.go │ │ ├── fake │ │ ├── doc.go │ │ ├── fake_adapter.go │ │ ├── fake_deployer.go │ │ └── fake_knative_client.go │ │ ├── generated_expansion.go │ │ └── knative_client.go │ └── streaming │ └── v1alpha1 │ ├── doc.go │ ├── fake │ ├── doc.go │ ├── fake_gateway.go │ ├── fake_inmemorygateway.go │ ├── fake_kafkagateway.go │ ├── fake_processor.go │ ├── fake_pulsargateway.go │ ├── fake_stream.go │ └── fake_streaming_client.go │ ├── gateway.go │ ├── generated_expansion.go │ ├── inmemorygateway.go │ ├── kafkagateway.go │ ├── processor.go │ ├── pulsargateway.go │ ├── stream.go │ └── streaming_client.go ├── controllers ├── build │ ├── application_reconciler.go │ ├── application_reconciler_test.go │ ├── clusterbuilder_reconciler.go │ ├── clusterbuilder_reconciler_test.go │ ├── common.go │ ├── container_reconciler.go │ ├── container_reconciler_test.go │ ├── credential_controller.go │ ├── credential_reconciler_test.go │ ├── function_reconciler.go │ └── function_reconciler_test.go ├── core │ ├── config.go │ ├── deployer_reconciler.go │ └── deployer_reconciler_test.go ├── knative │ ├── adapter_reconciler.go │ ├── adapter_reconciler_test.go │ ├── deployer_reconciler.go │ └── deployer_reconciler_test.go ├── streaming │ ├── config.go │ ├── gateway_reconciler.go │ ├── gateway_reconciler_test.go │ ├── inmemorygateway_reconciler.go │ ├── inmemorygateway_reconciler_test.go │ ├── kafkagateway_reconciler.go │ ├── kafkagateway_reconciler_test.go │ ├── mock_stream_provisioner_client.go │ ├── processor_reconciler.go │ ├── processor_reconciler_test.go │ ├── pulsargateway_reconciler.go │ ├── pulsargateway_reconciler_test.go │ ├── stream_provisioner_client.go │ ├── stream_reconciler.go │ └── stream_reconciler_test.go └── testing │ └── factories │ ├── adapter_knative.go │ ├── aliases.go │ ├── application.go │ ├── container.go │ ├── deployer_core.go │ ├── deployer_knative.go │ ├── function.go │ ├── gateway.go │ ├── inmemorygateway.go │ ├── kafkagateway.go │ ├── keda_scaledobject.go │ ├── knative_configuration.go │ ├── knative_route.go │ ├── knative_service.go │ ├── kpack_clusterbuilder.go │ ├── kpack_image.go │ ├── processor.go │ ├── pulsargateway.go │ └── stream.go └── refs ├── aliases.go └── typed.go /.codecov.yml: -------------------------------------------------------------------------------- 1 | ignore: 2 | - pkg/client 3 | - vendor 4 | -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- 1 | # This file is documented at https://git-scm.com/docs/gitattributes. 2 | # Linguist-specific attributes are documented at 3 | # https://github.com/github/linguist. 4 | 5 | **/zz_generated.*.go linguist-generated=true 6 | /pkg/client/** linguist-generated=true 7 | 8 | # coverage-excluded is an attribute used to explicitly exclude a path from being included in code 9 | # coverage. If a path is marked as linguist-generated already, it will be implicitly excluded and 10 | # there is no need to add the coverage-excluded attribute 11 | /pkg/**/testing/** coverage-excluded=true 12 | /vendor/** coverage-excluded=true 13 | /cmd/**/main.go coverage-excluded=true 14 | -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | updates: 3 | - package-ecosystem: gomod 4 | directory: "/" 5 | schedule: 6 | interval: daily 7 | open-pull-requests-limit: 10 8 | reviewers: 9 | - scothis 10 | ignore: 11 | - dependency-name: k8s.io/api 12 | versions: 13 | - ">= 0.18.a, < 0.19" 14 | - dependency-name: k8s.io/apimachinery 15 | versions: 16 | - ">= 0.18.a, < 0.19" 17 | - dependency-name: k8s.io/client-go 18 | versions: 19 | - ">= 0.18.a, < 0.19" 20 | - dependency-name: k8s.io/code-generator 21 | versions: 22 | - ">= 0.18.a, < 0.19" 23 | - package-ecosystem: gomod 24 | directory: "/hack" 25 | schedule: 26 | interval: daily 27 | open-pull-requests-limit: 10 28 | - package-ecosystem: github-actions 29 | directory: "/" 30 | schedule: 31 | interval: daily 32 | open-pull-requests-limit: 10 33 | -------------------------------------------------------------------------------- /.github/workflows/cleanup-runtime.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -o nounset 4 | 5 | source $FATS_DIR/macros/cleanup-user-resources.sh 6 | 7 | if [ $RUNTIME = "core" ]; then 8 | echo "Cleanup riff Core Runtime" 9 | kapp delete -n apps -a riff-core-runtime -y 10 | fi 11 | 12 | if [ $RUNTIME = "knative" ]; then 13 | echo "Cleanup riff Knative Runtime" 14 | kapp delete -n apps -a riff-knative-runtime -y 15 | 16 | echo "Cleanup Knative Serving" 17 | kapp delete -n apps -a knative -y 18 | fi 19 | 20 | if [ $RUNTIME = "streaming" ]; then 21 | echo "Cleanup Kafka" 22 | kapp delete -n apps -a internal-only-kafka -y 23 | 24 | echo "Cleanup riff Streaming Runtime" 25 | kapp delete -n apps -a riff-streaming-runtime -y 26 | 27 | echo "Cleanup KEDA" 28 | kapp delete -n apps -a keda -y 29 | 30 | if [ $GATEWAY = "kafka" ]; then 31 | echo "Cleanup Kafka" 32 | kapp delete -n apps -a internal-only-kafka -y 33 | fi 34 | if [ $GATEWAY = "pulsar" ]; then 35 | echo "Cleanup Pulsar" 36 | kapp delete -n apps -a internal-only-pulsar -y 37 | fi 38 | fi 39 | 40 | echo "Cleanup Contour" 41 | kapp delete -n apps -a contour -y 42 | 43 | echo "Cleanup riff Build" 44 | kapp delete -n apps -a riff-build -y 45 | kapp delete -n apps -a riff-builders -y 46 | 47 | echo "Cleanup kpack" 48 | kapp delete -n apps -a kpack -y 49 | 50 | echo "Cleanup Cert Manager" 51 | kapp delete -n apps -a cert-manager -y 52 | -------------------------------------------------------------------------------- /.github/workflows/fats-fetch.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -o errexit 4 | set -o nounset 5 | set -o pipefail 6 | 7 | dir=${1} 8 | refspec=${2:-main} 9 | repo=${3:-projectriff/fats} 10 | 11 | if [ ! -f $dir ]; then 12 | mkdir -p $dir 13 | curl -L https://github.com/${repo}/archive/${refspec}.tar.gz | \ 14 | tar xz -C $dir --strip-components 1 15 | fi 16 | -------------------------------------------------------------------------------- /.github/workflows/projects.yaml: -------------------------------------------------------------------------------- 1 | 2 | name: Add issues to project boards 3 | on: 4 | issues: 5 | types: 6 | - opened 7 | - labeled 8 | - milestoned 9 | jobs: 10 | one: 11 | runs-on: ubuntu-latest 12 | steps: 13 | - uses: konradpabjan/move-labeled-or-milestoned-issue@v2.0 14 | with: 15 | action-token: "${{ secrets.GITHUB_PROJECT_TOKEN }}" 16 | milestone-name: "v0.5.0" 17 | project-url: "https://github.com/orgs/projectriff/projects/6" # "v0.5.0" project 18 | column-name: "To do" 19 | columns-to-ignore: "*" 20 | - uses: konradpabjan/move-labeled-or-milestoned-issue@v2.0 21 | with: 22 | action-token: "${{ secrets.GITHUB_PROJECT_TOKEN }}" 23 | label-name: "build" 24 | project-url: "https://github.com/orgs/projectriff/projects/10" # "invokers" project 25 | column-name: "To do" 26 | columns-to-ignore: "*" 27 | - uses: konradpabjan/move-labeled-or-milestoned-issue@v2.0 28 | with: 29 | action-token: "${{ secrets.GITHUB_PROJECT_TOKEN }}" 30 | label-name: "core-runtime" 31 | project-url: "https://github.com/orgs/projectriff/projects/8" # "core runtime" project 32 | column-name: "To do" 33 | columns-to-ignore: "*" 34 | - uses: konradpabjan/move-labeled-or-milestoned-issue@v2.0 35 | with: 36 | action-token: "${{ secrets.GITHUB_PROJECT_TOKEN }}" 37 | label-name: "knative-runtime" 38 | project-url: "https://github.com/orgs/projectriff/projects/7" # "knative runtime" project 39 | column-name: "To do" 40 | columns-to-ignore: "*" 41 | - uses: konradpabjan/move-labeled-or-milestoned-issue@v2.0 42 | with: 43 | action-token: "${{ secrets.GITHUB_PROJECT_TOKEN }}" 44 | label-name: "streaming-runtime" 45 | project-url: "https://github.com/orgs/projectriff/projects/9" # "streaming runtime" project 46 | column-name: "To do" 47 | columns-to-ignore: "*" 48 | -------------------------------------------------------------------------------- /.github/workflows/publish.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -o errexit 4 | set -o nounset 5 | set -o pipefail 6 | 7 | readonly version=$(cat VERSION) 8 | readonly git_sha=$(git rev-parse HEAD) 9 | readonly git_timestamp=$(TZ=UTC git show --quiet --date='format-local:%Y%m%d%H%M%S' --format="%cd") 10 | readonly slug=${version}-${git_timestamp}-${git_sha:0:16} 11 | readonly git_branch=${1:11} # drop 'refs/head/' prefix 12 | 13 | publishComponent() { 14 | local component=$1 15 | 16 | gsutil cp gs://projectriff/riff-system/snapshots/riff-${component}-${slug}.yaml gs://projectriff/riff-system/riff-${component}-${version}.yaml 17 | } 18 | 19 | echo "Publishing riff System" 20 | publishComponent build 21 | publishComponent core 22 | publishComponent knative 23 | publishComponent streaming 24 | 25 | echo "Publishing version references" 26 | echo "${slug}" > slug.txt 27 | gsutil -h 'Content-Type: text/plain' -h 'Cache-Control: private' cp slug.txt gs://projectriff/riff-system/snapshots/versions/${git_branch} 28 | gsutil -h 'Content-Type: text/plain' -h 'Cache-Control: private' cp slug.txt gs://projectriff/riff-system/snapshots/versions/${version} 29 | if [[ ${version} != *"-snapshot" ]] ; then 30 | gsutil -h 'Content-Type: text/plain' -h 'Cache-Control: private' cp slug.txt gs://projectriff/riff-system/versions/releases/${git_branch} 31 | fi 32 | -------------------------------------------------------------------------------- /.github/workflows/stage.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -o errexit 4 | set -o nounset 5 | set -o pipefail 6 | 7 | readonly version=$(cat VERSION) 8 | readonly git_sha=$(git rev-parse HEAD) 9 | readonly git_timestamp=$(TZ=UTC git show --quiet --date='format-local:%Y%m%d%H%M%S' --format="%cd") 10 | readonly slug=${version}-${git_timestamp}-${git_sha:0:16} 11 | 12 | stageComponent() { 13 | local component=$1 14 | 15 | echo "" 16 | echo "# Stage riff System: ${component}" 17 | echo "" 18 | ko resolve -P -t ${slug} -f config/riff-${component}.yaml > bin/riff-${component}.yaml 19 | gsutil cp bin/riff-${component}.yaml gs://projectriff/riff-system/snapshots/riff-${component}-${slug}.yaml 20 | } 21 | 22 | mkdir bin 23 | 24 | stageComponent build 25 | stageComponent core 26 | stageComponent knative 27 | stageComponent streaming 28 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | 2 | # Binaries for programs and plugins 3 | *.exe 4 | *.exe~ 5 | *.dll 6 | *.so 7 | *.dylib 8 | bin 9 | 10 | # Test binary, build with `go test -c` 11 | *.test 12 | 13 | # Output of the go coverage tool, specifically when used with LiteIDE 14 | *.out 15 | 16 | # Kubernetes Generated files - skip generated files, except for vendored files 17 | 18 | !vendor/**/zz_generated.* 19 | 20 | # editor and IDE paraphernalia 21 | .idea 22 | *.swp 23 | *.swo 24 | *~ 25 | -------------------------------------------------------------------------------- /.ko.yaml: -------------------------------------------------------------------------------- 1 | defaultBaseImage: cloudfoundry/run:tiny 2 | -------------------------------------------------------------------------------- /PROJECT: -------------------------------------------------------------------------------- 1 | version: "2" 2 | domain: projectriff.io 3 | repo: github.com/projectriff/system 4 | multigroup: true 5 | resources: 6 | - group: build 7 | version: v1alpha1 8 | kind: Application 9 | - group: build 10 | version: v1alpha1 11 | kind: Container 12 | - group: build 13 | version: v1alpha1 14 | kind: Function 15 | - group: core 16 | version: v1alpha1 17 | kind: Deployer 18 | - group: knative 19 | version: v1alpha1 20 | kind: Adapter 21 | - group: knative 22 | version: v1alpha1 23 | kind: Deployer 24 | - group: streaming 25 | version: v1alpha1 26 | kind: Stream 27 | - group: streaming 28 | version: v1alpha1 29 | kind: Processor 30 | - group: streaming 31 | version: v1alpha1 32 | kind: Gateway 33 | - group: streaming 34 | version: v1alpha1 35 | kind: KafkaGateway 36 | - group: streaming 37 | version: v1alpha1 38 | kind: InMemoryGateway 39 | - group: streaming 40 | version: v1alpha1 41 | kind: PulsarGateway 42 | -------------------------------------------------------------------------------- /VERSION: -------------------------------------------------------------------------------- 1 | 0.6.0-snapshot -------------------------------------------------------------------------------- /config/build/certmanager/certificate.yaml: -------------------------------------------------------------------------------- 1 | # The following manifests contain a self-signed issuer CR and a certificate CR. 2 | # More document can be found at https://docs.cert-manager.io 3 | apiVersion: cert-manager.io/v1alpha2 4 | kind: Issuer 5 | metadata: 6 | name: selfsigned-issuer 7 | namespace: system 8 | spec: 9 | selfSigned: {} 10 | --- 11 | apiVersion: cert-manager.io/v1alpha2 12 | kind: Certificate 13 | metadata: 14 | name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml 15 | namespace: system 16 | spec: 17 | # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize 18 | commonName: $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc 19 | dnsNames: 20 | - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc 21 | - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local 22 | issuerRef: 23 | kind: Issuer 24 | name: selfsigned-issuer 25 | secretName: riff-build-webhook-server-cert # this secret is manually prefixed, since it's not managed by kustomize 26 | -------------------------------------------------------------------------------- /config/build/certmanager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - certificate.yaml 3 | 4 | configurations: 5 | - kustomizeconfig.yaml 6 | -------------------------------------------------------------------------------- /config/build/certmanager/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # This configuration is for teaching kustomize how to update name ref and var substitution 2 | nameReference: 3 | - kind: Issuer 4 | group: cert-manager.io 5 | fieldSpecs: 6 | - kind: Certificate 7 | group: cert-manager.io 8 | path: spec/issuerRef/name 9 | 10 | varReference: 11 | - kind: Certificate 12 | group: cert-manager.io 13 | path: spec/commonName 14 | - kind: Certificate 15 | group: cert-manager.io 16 | path: spec/dnsNames 17 | -------------------------------------------------------------------------------- /config/build/crd/kustomization.yaml: -------------------------------------------------------------------------------- 1 | # This kustomization.yaml is not intended to be run by itself, 2 | # since it depends on service name and namespace that are out of this kustomize package. 3 | # It should be run by config/default 4 | resources: 5 | - bases/build.projectriff.io_applications.yaml 6 | - bases/build.projectriff.io_containers.yaml 7 | - bases/build.projectriff.io_functions.yaml 8 | # +kubebuilder:scaffold:crdkustomizeresource 9 | 10 | patchesStrategicMerge: 11 | # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. 12 | # patches here are for enabling the conversion webhook for each CRD 13 | #- patches/webhook_in_applications.yaml 14 | #- patches/webhook_in_containers.yaml 15 | #- patches/webhook_in_functions.yaml 16 | # +kubebuilder:scaffold:crdkustomizewebhookpatch 17 | 18 | # [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix. 19 | # patches here are for enabling the CA injection for each CRD 20 | #- patches/cainjection_in_applications.yaml 21 | #- patches/cainjection_in_containers.yaml 22 | #- patches/cainjection_in_functions.yaml 23 | # +kubebuilder:scaffold:crdkustomizecainjectionpatch 24 | 25 | # the following config is for teaching kustomize how to do kustomization for CRDs. 26 | configurations: 27 | - kustomizeconfig.yaml 28 | -------------------------------------------------------------------------------- /config/build/crd/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # This file is for teaching kustomize how to substitute name and namespace reference in CRD 2 | nameReference: 3 | - kind: Service 4 | version: v1 5 | fieldSpecs: 6 | - kind: CustomResourceDefinition 7 | group: apiextensions.k8s.io 8 | path: spec/conversion/webhookClientConfig/service/name 9 | 10 | namespace: 11 | - kind: CustomResourceDefinition 12 | group: apiextensions.k8s.io 13 | path: spec/conversion/webhookClientConfig/service/namespace 14 | create: false 15 | 16 | varReference: 17 | - path: metadata/annotations 18 | -------------------------------------------------------------------------------- /config/build/crd/patches/cainjection_in_applications.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: applications.build.projectriff.io 9 | -------------------------------------------------------------------------------- /config/build/crd/patches/cainjection_in_containers.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: containers.build.projectriff.io 9 | -------------------------------------------------------------------------------- /config/build/crd/patches/cainjection_in_functions.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: functions.build.projectriff.io 9 | -------------------------------------------------------------------------------- /config/build/crd/patches/webhook_in_applications.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: applications.build.projectriff.io 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/build/crd/patches/webhook_in_containers.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: containers.build.projectriff.io 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/build/crd/patches/webhook_in_functions.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: functions.build.projectriff.io 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/build/default/manager_auth_proxy_patch.yaml: -------------------------------------------------------------------------------- 1 | # This patch inject a sidecar container which is a HTTP proxy for the controller manager, 2 | # it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews. 3 | apiVersion: apps/v1 4 | kind: Deployment 5 | metadata: 6 | name: controller-manager 7 | namespace: system 8 | spec: 9 | template: 10 | spec: 11 | containers: 12 | - name: kube-rbac-proxy 13 | image: gcr.io/kubebuilder/kube-rbac-proxy:v0.4.0 14 | args: 15 | - "--secure-listen-address=0.0.0.0:8443" 16 | - "--upstream=http://127.0.0.1:8080/" 17 | - "--logtostderr=true" 18 | - "--v=10" 19 | ports: 20 | - containerPort: 8443 21 | name: https 22 | - name: manager 23 | args: 24 | - "--metrics-addr=127.0.0.1:8080" 25 | - "--enable-leader-election" 26 | -------------------------------------------------------------------------------- /config/build/default/manager_prometheus_metrics_patch.yaml: -------------------------------------------------------------------------------- 1 | # This patch enables Prometheus scraping for the manager pod. 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: controller-manager 6 | namespace: system 7 | spec: 8 | template: 9 | metadata: 10 | annotations: 11 | prometheus.io/scrape: 'true' 12 | spec: 13 | containers: 14 | # Expose the prometheus metrics on default port 15 | - name: manager 16 | ports: 17 | - containerPort: 8080 18 | name: metrics 19 | protocol: TCP 20 | -------------------------------------------------------------------------------- /config/build/default/manager_webhook_patch.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: controller-manager 5 | namespace: system 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: manager 11 | ports: 12 | - containerPort: 443 13 | name: webhook-server 14 | protocol: TCP 15 | readinessProbe: 16 | httpGet: 17 | port: 8081 18 | path: /readyz 19 | livenessProbe: 20 | httpGet: 21 | port: 8081 22 | path: /healthz 23 | volumeMounts: 24 | - mountPath: /tmp/k8s-webhook-server/serving-certs 25 | name: cert 26 | readOnly: true 27 | volumes: 28 | - name: cert 29 | secret: 30 | defaultMode: 420 31 | secretName: riff-build-webhook-server-cert 32 | -------------------------------------------------------------------------------- /config/build/default/webhookcainjection_patch.yaml: -------------------------------------------------------------------------------- 1 | # This patch add annotation to admission webhook config and 2 | # the variables $(CERTIFICATE_NAMESPACE) and $(CERTIFICATE_NAME) will be substituted by kustomize. 3 | apiVersion: admissionregistration.k8s.io/v1 4 | kind: MutatingWebhookConfiguration 5 | metadata: 6 | name: mutating-webhook-configuration 7 | annotations: 8 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 9 | --- 10 | apiVersion: admissionregistration.k8s.io/v1 11 | kind: ValidatingWebhookConfiguration 12 | metadata: 13 | name: validating-webhook-configuration 14 | annotations: 15 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 16 | -------------------------------------------------------------------------------- /config/build/manager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - manager.yaml 3 | -------------------------------------------------------------------------------- /config/build/manager/manager.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | labels: 5 | control-plane: controller-manager 6 | name: system 7 | --- 8 | apiVersion: apps/v1 9 | kind: Deployment 10 | metadata: 11 | name: controller-manager 12 | namespace: system 13 | labels: 14 | control-plane: controller-manager 15 | spec: 16 | selector: 17 | matchLabels: 18 | control-plane: controller-manager 19 | replicas: 1 20 | template: 21 | metadata: 22 | labels: 23 | control-plane: controller-manager 24 | spec: 25 | containers: 26 | - args: 27 | - --enable-leader-election 28 | env: 29 | - name: SYSTEM_NAMESPACE 30 | valueFrom: 31 | fieldRef: 32 | fieldPath: metadata.namespace 33 | image: ko://github.com/projectriff/system/cmd/managers/build 34 | name: manager 35 | resources: 36 | limits: 37 | cpu: 100m 38 | memory: 30Mi 39 | requests: 40 | cpu: 100m 41 | memory: 20Mi 42 | terminationGracePeriodSeconds: 10 43 | -------------------------------------------------------------------------------- /config/build/rbac/aggregated_roles.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: role 6 | labels: 7 | # Add these permissions to the "admin" and "edit" default roles. 8 | rbac.authorization.k8s.io/aggregate-to-admin: "true" 9 | rbac.authorization.k8s.io/aggregate-to-edit: "true" 10 | rules: 11 | - apiGroups: 12 | - build.projectriff.io 13 | resources: 14 | - "*" 15 | verbs: 16 | - create 17 | - delete 18 | - get 19 | - list 20 | - patch 21 | - update 22 | - watch 23 | 24 | --- 25 | apiVersion: rbac.authorization.k8s.io/v1 26 | kind: ClusterRole 27 | metadata: 28 | name: readonly-role 29 | labels: 30 | # Add these permissions to the "view" default role. 31 | rbac.authorization.k8s.io/aggregate-to-view: "true" 32 | rules: 33 | - apiGroups: 34 | - build.projectriff.io 35 | resources: 36 | - "*" 37 | verbs: 38 | - get 39 | - list 40 | - watch 41 | -------------------------------------------------------------------------------- /config/build/rbac/auth_proxy_role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: proxy-role 5 | rules: 6 | - apiGroups: ["authentication.k8s.io"] 7 | resources: 8 | - tokenreviews 9 | verbs: ["create"] 10 | - apiGroups: ["authorization.k8s.io"] 11 | resources: 12 | - subjectaccessreviews 13 | verbs: ["create"] 14 | -------------------------------------------------------------------------------- /config/build/rbac/auth_proxy_role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: proxy-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: proxy-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: default 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/build/rbac/auth_proxy_service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | annotations: 5 | prometheus.io/port: "8443" 6 | prometheus.io/scheme: https 7 | prometheus.io/scrape: "true" 8 | labels: 9 | control-plane: controller-manager 10 | name: controller-manager-metrics-service 11 | namespace: system 12 | spec: 13 | ports: 14 | - name: https 15 | port: 8443 16 | targetPort: https 17 | selector: 18 | control-plane: controller-manager 19 | -------------------------------------------------------------------------------- /config/build/rbac/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - role.yaml 3 | - role_binding.yaml 4 | - public_builders_role.yaml 5 | - public_builders_role_binding.yaml 6 | - aggregated_roles.yaml 7 | - leader_election_role.yaml 8 | - leader_election_role_binding.yaml 9 | # Comment the following 3 lines if you want to disable 10 | # the auth proxy (https://github.com/brancz/kube-rbac-proxy) 11 | # which protects your /metrics endpoint. 12 | - auth_proxy_service.yaml 13 | - auth_proxy_role.yaml 14 | - auth_proxy_role_binding.yaml 15 | -------------------------------------------------------------------------------- /config/build/rbac/leader_election_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions to do leader election. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | name: leader-election-role 6 | rules: 7 | - apiGroups: 8 | - coordination.k8s.io 9 | resources: 10 | - leases 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - create 16 | - update 17 | - patch 18 | - delete 19 | - apiGroups: 20 | - "" 21 | resources: 22 | - leases/status 23 | verbs: 24 | - get 25 | - update 26 | - patch 27 | - apiGroups: 28 | - "" 29 | resources: 30 | - events 31 | verbs: 32 | - create 33 | -------------------------------------------------------------------------------- /config/build/rbac/leader_election_role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | name: leader-election-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: Role 8 | name: leader-election-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: default 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/build/rbac/public_builders_role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: Role 3 | metadata: 4 | name: public-builders-role 5 | rules: 6 | - apiGroups: 7 | - "" 8 | resources: 9 | - configmaps 10 | resourceNames: 11 | - builders 12 | verbs: 13 | - get 14 | -------------------------------------------------------------------------------- /config/build/rbac/public_builders_role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | name: public-builders-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: Role 8 | name: public-builders-role 9 | subjects: 10 | - kind: Group 11 | name: system:authenticated 12 | apiGroup: rbac.authorization.k8s.io 13 | -------------------------------------------------------------------------------- /config/build/rbac/role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: manager-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: manager-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: default 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/build/samples/build_v1alpha1_application.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: build.projectriff.io/v1alpha1 2 | kind: Application 3 | metadata: 4 | name: application-sample 5 | spec: 6 | # Add fields here 7 | foo: bar 8 | -------------------------------------------------------------------------------- /config/build/samples/build_v1alpha1_container.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: build.projectriff.io/v1alpha1 2 | kind: Container 3 | metadata: 4 | name: container-sample 5 | spec: 6 | # Add fields here 7 | foo: bar 8 | -------------------------------------------------------------------------------- /config/build/samples/build_v1alpha1_function.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: build.projectriff.io/v1alpha1 2 | kind: Function 3 | metadata: 4 | name: function-sample 5 | spec: 6 | # Add fields here 7 | foo: bar 8 | -------------------------------------------------------------------------------- /config/build/webhook/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - manifests.yaml 3 | - service.yaml 4 | 5 | configurations: 6 | - kustomizeconfig.yaml 7 | -------------------------------------------------------------------------------- /config/build/webhook/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # the following config is for teaching kustomize where to look at when substituting vars. 2 | # It requires kustomize v2.1.0 or newer to work properly. 3 | nameReference: 4 | - kind: Service 5 | version: v1 6 | fieldSpecs: 7 | - kind: MutatingWebhookConfiguration 8 | group: admissionregistration.k8s.io 9 | path: webhooks/clientConfig/service/name 10 | - kind: ValidatingWebhookConfiguration 11 | group: admissionregistration.k8s.io 12 | path: webhooks/clientConfig/service/name 13 | 14 | namespace: 15 | - kind: MutatingWebhookConfiguration 16 | group: admissionregistration.k8s.io 17 | path: webhooks/clientConfig/service/namespace 18 | create: true 19 | - kind: ValidatingWebhookConfiguration 20 | group: admissionregistration.k8s.io 21 | path: webhooks/clientConfig/service/namespace 22 | create: true 23 | 24 | varReference: 25 | - path: metadata/annotations 26 | -------------------------------------------------------------------------------- /config/build/webhook/service.yaml: -------------------------------------------------------------------------------- 1 | 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: webhook-service 6 | namespace: system 7 | spec: 8 | ports: 9 | - port: 443 10 | targetPort: 9443 11 | selector: 12 | control-plane: controller-manager 13 | -------------------------------------------------------------------------------- /config/core/certmanager/certificate.yaml: -------------------------------------------------------------------------------- 1 | # The following manifests contain a self-signed issuer CR and a certificate CR. 2 | # More document can be found at https://docs.cert-manager.io 3 | apiVersion: cert-manager.io/v1alpha2 4 | kind: Issuer 5 | metadata: 6 | name: selfsigned-issuer 7 | namespace: system 8 | spec: 9 | selfSigned: {} 10 | --- 11 | apiVersion: cert-manager.io/v1alpha2 12 | kind: Certificate 13 | metadata: 14 | name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml 15 | namespace: system 16 | spec: 17 | # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize 18 | commonName: $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc 19 | dnsNames: 20 | - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc 21 | - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local 22 | issuerRef: 23 | kind: Issuer 24 | name: selfsigned-issuer 25 | secretName: riff-core-webhook-server-cert # this secret is manually prefixed, since it's not managed by kustomize 26 | -------------------------------------------------------------------------------- /config/core/certmanager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - certificate.yaml 3 | 4 | configurations: 5 | - kustomizeconfig.yaml 6 | -------------------------------------------------------------------------------- /config/core/certmanager/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # This configuration is for teaching kustomize how to update name ref and var substitution 2 | nameReference: 3 | - kind: Issuer 4 | group: cert-manager.io 5 | fieldSpecs: 6 | - kind: Certificate 7 | group: cert-manager.io 8 | path: spec/issuerRef/name 9 | 10 | varReference: 11 | - kind: Certificate 12 | group: cert-manager.io 13 | path: spec/commonName 14 | - kind: Certificate 15 | group: cert-manager.io 16 | path: spec/dnsNames 17 | -------------------------------------------------------------------------------- /config/core/config/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - settings.yaml 3 | -------------------------------------------------------------------------------- /config/core/config/settings.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: settings 5 | data: 6 | defaultDomain: example.com -------------------------------------------------------------------------------- /config/core/crd/kustomization.yaml: -------------------------------------------------------------------------------- 1 | # This kustomization.yaml is not intended to be run by itself, 2 | # since it depends on service name and namespace that are out of this kustomize package. 3 | # It should be run by config/default 4 | resources: 5 | - bases/core.projectriff.io_deployers.yaml 6 | # +kubebuilder:scaffold:crdkustomizeresource 7 | 8 | patchesStrategicMerge: 9 | # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. 10 | # patches here are for enabling the conversion webhook for each CRD 11 | #- patches/webhook_in_deployers.yaml 12 | # +kubebuilder:scaffold:crdkustomizewebhookpatch 13 | 14 | # [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix. 15 | # patches here are for enabling the CA injection for each CRD 16 | #- patches/cainjection_in_deployers.yaml 17 | # +kubebuilder:scaffold:crdkustomizecainjectionpatch 18 | 19 | # the following config is for teaching kustomize how to do kustomization for CRDs. 20 | configurations: 21 | - kustomizeconfig.yaml 22 | -------------------------------------------------------------------------------- /config/core/crd/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # This file is for teaching kustomize how to substitute name and namespace reference in CRD 2 | nameReference: 3 | - kind: Service 4 | version: v1 5 | fieldSpecs: 6 | - kind: CustomResourceDefinition 7 | group: apiextensions.k8s.io 8 | path: spec/conversion/webhookClientConfig/service/name 9 | 10 | namespace: 11 | - kind: CustomResourceDefinition 12 | group: apiextensions.k8s.io 13 | path: spec/conversion/webhookClientConfig/service/namespace 14 | create: false 15 | 16 | varReference: 17 | - path: metadata/annotations 18 | -------------------------------------------------------------------------------- /config/core/crd/patches/cainjection_in_deployers.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: deployers.core.projectriff.io 9 | -------------------------------------------------------------------------------- /config/core/crd/patches/webhook_in_deployers.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: deployers.core.projectriff.io 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/core/default/manager_auth_proxy_patch.yaml: -------------------------------------------------------------------------------- 1 | # This patch inject a sidecar container which is a HTTP proxy for the controller manager, 2 | # it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews. 3 | apiVersion: apps/v1 4 | kind: Deployment 5 | metadata: 6 | name: controller-manager 7 | namespace: system 8 | spec: 9 | template: 10 | spec: 11 | containers: 12 | - name: kube-rbac-proxy 13 | image: gcr.io/kubebuilder/kube-rbac-proxy:v0.4.0 14 | args: 15 | - "--secure-listen-address=0.0.0.0:8443" 16 | - "--upstream=http://127.0.0.1:8080/" 17 | - "--logtostderr=true" 18 | - "--v=10" 19 | ports: 20 | - containerPort: 8443 21 | name: https 22 | - name: manager 23 | args: 24 | - "--metrics-addr=127.0.0.1:8080" 25 | - "--enable-leader-election" 26 | -------------------------------------------------------------------------------- /config/core/default/manager_prometheus_metrics_patch.yaml: -------------------------------------------------------------------------------- 1 | # This patch enables Prometheus scraping for the manager pod. 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: controller-manager 6 | namespace: system 7 | spec: 8 | template: 9 | metadata: 10 | annotations: 11 | prometheus.io/scrape: 'true' 12 | spec: 13 | containers: 14 | # Expose the prometheus metrics on default port 15 | - name: manager 16 | ports: 17 | - containerPort: 8080 18 | name: metrics 19 | protocol: TCP 20 | -------------------------------------------------------------------------------- /config/core/default/manager_webhook_patch.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: controller-manager 5 | namespace: system 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: manager 11 | ports: 12 | - containerPort: 443 13 | name: webhook-server 14 | protocol: TCP 15 | readinessProbe: 16 | httpGet: 17 | port: 8081 18 | path: /readyz 19 | livenessProbe: 20 | httpGet: 21 | port: 8081 22 | path: /healthz 23 | volumeMounts: 24 | - mountPath: /tmp/k8s-webhook-server/serving-certs 25 | name: cert 26 | readOnly: true 27 | volumes: 28 | - name: cert 29 | secret: 30 | defaultMode: 420 31 | secretName: riff-core-webhook-server-cert 32 | -------------------------------------------------------------------------------- /config/core/default/webhookcainjection_patch.yaml: -------------------------------------------------------------------------------- 1 | # This patch add annotation to admission webhook config and 2 | # the variables $(CERTIFICATE_NAMESPACE) and $(CERTIFICATE_NAME) will be substituted by kustomize. 3 | apiVersion: admissionregistration.k8s.io/v1 4 | kind: MutatingWebhookConfiguration 5 | metadata: 6 | name: mutating-webhook-configuration 7 | annotations: 8 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 9 | --- 10 | apiVersion: admissionregistration.k8s.io/v1 11 | kind: ValidatingWebhookConfiguration 12 | metadata: 13 | name: validating-webhook-configuration 14 | annotations: 15 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 16 | -------------------------------------------------------------------------------- /config/core/manager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - manager.yaml 3 | -------------------------------------------------------------------------------- /config/core/manager/manager.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: controller-manager 5 | namespace: system 6 | labels: 7 | control-plane: controller-manager 8 | spec: 9 | selector: 10 | matchLabels: 11 | control-plane: controller-manager 12 | replicas: 1 13 | template: 14 | metadata: 15 | labels: 16 | control-plane: controller-manager 17 | spec: 18 | containers: 19 | - args: 20 | - --enable-leader-election 21 | image: ko://github.com/projectriff/system/cmd/managers/core 22 | name: manager 23 | resources: 24 | limits: 25 | cpu: 100m 26 | memory: 30Mi 27 | requests: 28 | cpu: 100m 29 | memory: 20Mi 30 | terminationGracePeriodSeconds: 10 31 | -------------------------------------------------------------------------------- /config/core/rbac/aggregated_roles.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: role 6 | labels: 7 | # Add these permissions to the "admin" and "edit" default roles. 8 | rbac.authorization.k8s.io/aggregate-to-admin: "true" 9 | rbac.authorization.k8s.io/aggregate-to-edit: "true" 10 | rules: 11 | - apiGroups: 12 | - core.projectriff.io 13 | resources: 14 | - "*" 15 | verbs: 16 | - create 17 | - delete 18 | - get 19 | - list 20 | - patch 21 | - update 22 | - watch 23 | 24 | --- 25 | apiVersion: rbac.authorization.k8s.io/v1 26 | kind: ClusterRole 27 | metadata: 28 | name: readonly-role 29 | labels: 30 | # Add these permissions to the "view" default role. 31 | rbac.authorization.k8s.io/aggregate-to-view: "true" 32 | rules: 33 | - apiGroups: 34 | - core.projectriff.io 35 | resources: 36 | - "*" 37 | verbs: 38 | - get 39 | - list 40 | - watch 41 | -------------------------------------------------------------------------------- /config/core/rbac/auth_proxy_role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: proxy-role 5 | rules: 6 | - apiGroups: ["authentication.k8s.io"] 7 | resources: 8 | - tokenreviews 9 | verbs: ["create"] 10 | - apiGroups: ["authorization.k8s.io"] 11 | resources: 12 | - subjectaccessreviews 13 | verbs: ["create"] 14 | -------------------------------------------------------------------------------- /config/core/rbac/auth_proxy_role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: proxy-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: proxy-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: default 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/core/rbac/auth_proxy_service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | annotations: 5 | prometheus.io/port: "8443" 6 | prometheus.io/scheme: https 7 | prometheus.io/scrape: "true" 8 | labels: 9 | control-plane: controller-manager 10 | name: controller-manager-metrics-service 11 | namespace: system 12 | spec: 13 | ports: 14 | - name: https 15 | port: 8443 16 | targetPort: https 17 | selector: 18 | control-plane: controller-manager 19 | -------------------------------------------------------------------------------- /config/core/rbac/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - role.yaml 3 | - role_binding.yaml 4 | - aggregated_roles.yaml 5 | - leader_election_role.yaml 6 | - leader_election_role_binding.yaml 7 | # Comment the following 3 lines if you want to disable 8 | # the auth proxy (https://github.com/brancz/kube-rbac-proxy) 9 | # which protects your /metrics endpoint. 10 | - auth_proxy_service.yaml 11 | - auth_proxy_role.yaml 12 | - auth_proxy_role_binding.yaml 13 | -------------------------------------------------------------------------------- /config/core/rbac/leader_election_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions to do leader election. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | name: leader-election-role 6 | rules: 7 | - apiGroups: 8 | - coordination.k8s.io 9 | resources: 10 | - leases 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - create 16 | - update 17 | - patch 18 | - delete 19 | - apiGroups: 20 | - "" 21 | resources: 22 | - leases/status 23 | verbs: 24 | - get 25 | - update 26 | - patch 27 | - apiGroups: 28 | - "" 29 | resources: 30 | - events 31 | verbs: 32 | - create 33 | -------------------------------------------------------------------------------- /config/core/rbac/leader_election_role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | name: leader-election-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: Role 8 | name: leader-election-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: default 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/core/rbac/role.yaml: -------------------------------------------------------------------------------- 1 | 2 | --- 3 | apiVersion: rbac.authorization.k8s.io/v1 4 | kind: ClusterRole 5 | metadata: 6 | creationTimestamp: null 7 | name: manager-role 8 | rules: 9 | - apiGroups: 10 | - apps 11 | resources: 12 | - deployments 13 | verbs: 14 | - create 15 | - delete 16 | - get 17 | - list 18 | - patch 19 | - update 20 | - watch 21 | - apiGroups: 22 | - build.projectriff.io 23 | resources: 24 | - applications 25 | - containers 26 | - functions 27 | verbs: 28 | - get 29 | - list 30 | - watch 31 | - apiGroups: 32 | - "" 33 | resources: 34 | - events 35 | verbs: 36 | - create 37 | - delete 38 | - get 39 | - list 40 | - patch 41 | - update 42 | - watch 43 | - apiGroups: 44 | - "" 45 | resources: 46 | - services 47 | verbs: 48 | - create 49 | - delete 50 | - get 51 | - list 52 | - patch 53 | - update 54 | - watch 55 | - apiGroups: 56 | - core.projectriff.io 57 | resources: 58 | - deployers 59 | verbs: 60 | - create 61 | - delete 62 | - get 63 | - list 64 | - patch 65 | - update 66 | - watch 67 | - apiGroups: 68 | - core.projectriff.io 69 | resources: 70 | - deployers/status 71 | verbs: 72 | - get 73 | - patch 74 | - update 75 | - apiGroups: 76 | - networking.k8s.io 77 | resources: 78 | - ingresses 79 | verbs: 80 | - create 81 | - delete 82 | - get 83 | - list 84 | - patch 85 | - update 86 | - watch 87 | -------------------------------------------------------------------------------- /config/core/rbac/role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: manager-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: manager-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: default 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/core/samples/core_v1alpha1_deployer.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: core.projectriff.io/v1alpha1 2 | kind: Deployer 3 | metadata: 4 | name: deployer-sample 5 | spec: 6 | # Add fields here 7 | foo: bar 8 | -------------------------------------------------------------------------------- /config/core/webhook/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - manifests.yaml 3 | - service.yaml 4 | 5 | configurations: 6 | - kustomizeconfig.yaml 7 | -------------------------------------------------------------------------------- /config/core/webhook/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # the following config is for teaching kustomize where to look at when substituting vars. 2 | # It requires kustomize v2.1.0 or newer to work properly. 3 | nameReference: 4 | - kind: Service 5 | version: v1 6 | fieldSpecs: 7 | - kind: MutatingWebhookConfiguration 8 | group: admissionregistration.k8s.io 9 | path: webhooks/clientConfig/service/name 10 | - kind: ValidatingWebhookConfiguration 11 | group: admissionregistration.k8s.io 12 | path: webhooks/clientConfig/service/name 13 | 14 | namespace: 15 | - kind: MutatingWebhookConfiguration 16 | group: admissionregistration.k8s.io 17 | path: webhooks/clientConfig/service/namespace 18 | create: true 19 | - kind: ValidatingWebhookConfiguration 20 | group: admissionregistration.k8s.io 21 | path: webhooks/clientConfig/service/namespace 22 | create: true 23 | 24 | varReference: 25 | - path: metadata/annotations 26 | -------------------------------------------------------------------------------- /config/core/webhook/manifests.yaml: -------------------------------------------------------------------------------- 1 | 2 | --- 3 | apiVersion: admissionregistration.k8s.io/v1 4 | kind: MutatingWebhookConfiguration 5 | metadata: 6 | creationTimestamp: null 7 | name: mutating-webhook-configuration 8 | webhooks: 9 | - admissionReviewVersions: 10 | - v1beta1 11 | clientConfig: 12 | service: 13 | name: webhook-service 14 | namespace: system 15 | path: /mutate-core-projectriff-io-v1alpha1-deployer 16 | failurePolicy: Fail 17 | name: deployers.core.projectriff.io 18 | rules: 19 | - apiGroups: 20 | - core.projectriff.io 21 | apiVersions: 22 | - v1alpha1 23 | operations: 24 | - CREATE 25 | - UPDATE 26 | resources: 27 | - deployers 28 | sideEffects: None 29 | 30 | --- 31 | apiVersion: admissionregistration.k8s.io/v1 32 | kind: ValidatingWebhookConfiguration 33 | metadata: 34 | creationTimestamp: null 35 | name: validating-webhook-configuration 36 | webhooks: 37 | - admissionReviewVersions: 38 | - v1beta1 39 | clientConfig: 40 | service: 41 | name: webhook-service 42 | namespace: system 43 | path: /validate-core-projectriff-io-v1alpha1-deployer 44 | failurePolicy: Fail 45 | name: deployers.core.projectriff.io 46 | rules: 47 | - apiGroups: 48 | - core.projectriff.io 49 | apiVersions: 50 | - v1alpha1 51 | operations: 52 | - CREATE 53 | - UPDATE 54 | resources: 55 | - deployers 56 | sideEffects: None 57 | -------------------------------------------------------------------------------- /config/core/webhook/service.yaml: -------------------------------------------------------------------------------- 1 | 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: webhook-service 6 | namespace: system 7 | spec: 8 | ports: 9 | - port: 443 10 | targetPort: 9443 11 | selector: 12 | control-plane: controller-manager 13 | -------------------------------------------------------------------------------- /config/knative/certmanager/certificate.yaml: -------------------------------------------------------------------------------- 1 | # The following manifests contain a self-signed issuer CR and a certificate CR. 2 | # More document can be found at https://docs.cert-manager.io 3 | apiVersion: cert-manager.io/v1alpha2 4 | kind: Issuer 5 | metadata: 6 | name: selfsigned-issuer 7 | namespace: system 8 | spec: 9 | selfSigned: {} 10 | --- 11 | apiVersion: cert-manager.io/v1alpha2 12 | kind: Certificate 13 | metadata: 14 | name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml 15 | namespace: system 16 | spec: 17 | # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize 18 | commonName: $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc 19 | dnsNames: 20 | - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc 21 | - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local 22 | issuerRef: 23 | kind: Issuer 24 | name: selfsigned-issuer 25 | secretName: riff-knative-webhook-server-cert # this secret is manually prefixed, since it's not managed by kustomize 26 | -------------------------------------------------------------------------------- /config/knative/certmanager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - certificate.yaml 3 | 4 | configurations: 5 | - kustomizeconfig.yaml 6 | -------------------------------------------------------------------------------- /config/knative/certmanager/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # This configuration is for teaching kustomize how to update name ref and var substitution 2 | nameReference: 3 | - kind: Issuer 4 | group: cert-manager.io 5 | fieldSpecs: 6 | - kind: Certificate 7 | group: cert-manager.io 8 | path: spec/issuerRef/name 9 | 10 | varReference: 11 | - kind: Certificate 12 | group: cert-manager.io 13 | path: spec/commonName 14 | - kind: Certificate 15 | group: cert-manager.io 16 | path: spec/dnsNames 17 | -------------------------------------------------------------------------------- /config/knative/crd/kustomization.yaml: -------------------------------------------------------------------------------- 1 | # This kustomization.yaml is not intended to be run by itself, 2 | # since it depends on service name and namespace that are out of this kustomize package. 3 | # It should be run by config/default 4 | resources: 5 | - bases/knative.projectriff.io_adapters.yaml 6 | - bases/knative.projectriff.io_deployers.yaml 7 | # +kubebuilder:scaffold:crdkustomizeresource 8 | 9 | patchesStrategicMerge: 10 | # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. 11 | # patches here are for enabling the conversion webhook for each CRD 12 | #- patches/webhook_in_adapters.yaml 13 | #- patches/webhook_in_deployers.yaml 14 | # +kubebuilder:scaffold:crdkustomizewebhookpatch 15 | 16 | # [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix. 17 | # patches here are for enabling the CA injection for each CRD 18 | #- patches/cainjection_in_adapters.yaml 19 | #- patches/cainjection_in_deployers.yaml 20 | # +kubebuilder:scaffold:crdkustomizecainjectionpatch 21 | 22 | # the following config is for teaching kustomize how to do kustomization for CRDs. 23 | configurations: 24 | - kustomizeconfig.yaml 25 | -------------------------------------------------------------------------------- /config/knative/crd/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # This file is for teaching kustomize how to substitute name and namespace reference in CRD 2 | nameReference: 3 | - kind: Service 4 | version: v1 5 | fieldSpecs: 6 | - kind: CustomResourceDefinition 7 | group: apiextensions.k8s.io 8 | path: spec/conversion/webhookClientConfig/service/name 9 | 10 | namespace: 11 | - kind: CustomResourceDefinition 12 | group: apiextensions.k8s.io 13 | path: spec/conversion/webhookClientConfig/service/namespace 14 | create: false 15 | 16 | varReference: 17 | - path: metadata/annotations 18 | -------------------------------------------------------------------------------- /config/knative/crd/patches/cainjection_in_adapters.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: adapters.knative.projectriff.io 9 | -------------------------------------------------------------------------------- /config/knative/crd/patches/cainjection_in_deployers.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: deployers.knative.projectriff.io 9 | -------------------------------------------------------------------------------- /config/knative/crd/patches/webhook_in_adapters.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: adapters.knative.projectriff.io 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/knative/crd/patches/webhook_in_deployers.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: deployers.knative.projectriff.io 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/knative/default/manager_auth_proxy_patch.yaml: -------------------------------------------------------------------------------- 1 | # This patch inject a sidecar container which is a HTTP proxy for the controller manager, 2 | # it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews. 3 | apiVersion: apps/v1 4 | kind: Deployment 5 | metadata: 6 | name: controller-manager 7 | namespace: system 8 | spec: 9 | template: 10 | spec: 11 | containers: 12 | - name: kube-rbac-proxy 13 | image: gcr.io/kubebuilder/kube-rbac-proxy:v0.4.0 14 | args: 15 | - "--secure-listen-address=0.0.0.0:8443" 16 | - "--upstream=http://127.0.0.1:8080/" 17 | - "--logtostderr=true" 18 | - "--v=10" 19 | ports: 20 | - containerPort: 8443 21 | name: https 22 | - name: manager 23 | args: 24 | - "--metrics-addr=127.0.0.1:8080" 25 | - "--enable-leader-election" 26 | -------------------------------------------------------------------------------- /config/knative/default/manager_prometheus_metrics_patch.yaml: -------------------------------------------------------------------------------- 1 | # This patch enables Prometheus scraping for the manager pod. 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: controller-manager 6 | namespace: system 7 | spec: 8 | template: 9 | metadata: 10 | annotations: 11 | prometheus.io/scrape: 'true' 12 | spec: 13 | containers: 14 | # Expose the prometheus metrics on default port 15 | - name: manager 16 | ports: 17 | - containerPort: 8080 18 | name: metrics 19 | protocol: TCP 20 | -------------------------------------------------------------------------------- /config/knative/default/manager_webhook_patch.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: controller-manager 5 | namespace: system 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: manager 11 | ports: 12 | - containerPort: 443 13 | name: webhook-server 14 | protocol: TCP 15 | readinessProbe: 16 | httpGet: 17 | port: 8081 18 | path: /readyz 19 | livenessProbe: 20 | httpGet: 21 | port: 8081 22 | path: /healthz 23 | volumeMounts: 24 | - mountPath: /tmp/k8s-webhook-server/serving-certs 25 | name: cert 26 | readOnly: true 27 | volumes: 28 | - name: cert 29 | secret: 30 | defaultMode: 420 31 | secretName: riff-knative-webhook-server-cert 32 | -------------------------------------------------------------------------------- /config/knative/default/webhookcainjection_patch.yaml: -------------------------------------------------------------------------------- 1 | # This patch add annotation to admission webhook config and 2 | # the variables $(CERTIFICATE_NAMESPACE) and $(CERTIFICATE_NAME) will be substituted by kustomize. 3 | apiVersion: admissionregistration.k8s.io/v1 4 | kind: MutatingWebhookConfiguration 5 | metadata: 6 | name: mutating-webhook-configuration 7 | annotations: 8 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 9 | --- 10 | apiVersion: admissionregistration.k8s.io/v1 11 | kind: ValidatingWebhookConfiguration 12 | metadata: 13 | name: validating-webhook-configuration 14 | annotations: 15 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 16 | -------------------------------------------------------------------------------- /config/knative/manager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - manager.yaml 3 | -------------------------------------------------------------------------------- /config/knative/manager/manager.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: controller-manager 5 | namespace: system 6 | labels: 7 | control-plane: controller-manager 8 | spec: 9 | selector: 10 | matchLabels: 11 | control-plane: controller-manager 12 | replicas: 1 13 | template: 14 | metadata: 15 | labels: 16 | control-plane: controller-manager 17 | spec: 18 | containers: 19 | - args: 20 | - --enable-leader-election 21 | image: ko://github.com/projectriff/system/cmd/managers/knative 22 | name: manager 23 | resources: 24 | limits: 25 | cpu: 100m 26 | memory: 30Mi 27 | requests: 28 | cpu: 100m 29 | memory: 20Mi 30 | terminationGracePeriodSeconds: 10 31 | -------------------------------------------------------------------------------- /config/knative/rbac/aggregated_roles.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: role 6 | labels: 7 | # Add these permissions to the "admin" and "edit" default roles. 8 | rbac.authorization.k8s.io/aggregate-to-admin: "true" 9 | rbac.authorization.k8s.io/aggregate-to-edit: "true" 10 | rules: 11 | - apiGroups: 12 | - knative.projectriff.io 13 | resources: 14 | - "*" 15 | verbs: 16 | - create 17 | - delete 18 | - get 19 | - list 20 | - patch 21 | - update 22 | - watch 23 | 24 | --- 25 | apiVersion: rbac.authorization.k8s.io/v1 26 | kind: ClusterRole 27 | metadata: 28 | name: readonly-role 29 | labels: 30 | # Add these permissions to the "view" default role. 31 | rbac.authorization.k8s.io/aggregate-to-view: "true" 32 | rules: 33 | - apiGroups: 34 | - knative.projectriff.io 35 | resources: 36 | - "*" 37 | verbs: 38 | - get 39 | - list 40 | - watch 41 | -------------------------------------------------------------------------------- /config/knative/rbac/auth_proxy_role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: proxy-role 5 | rules: 6 | - apiGroups: ["authentication.k8s.io"] 7 | resources: 8 | - tokenreviews 9 | verbs: ["create"] 10 | - apiGroups: ["authorization.k8s.io"] 11 | resources: 12 | - subjectaccessreviews 13 | verbs: ["create"] 14 | -------------------------------------------------------------------------------- /config/knative/rbac/auth_proxy_role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: proxy-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: proxy-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: default 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/knative/rbac/auth_proxy_service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | annotations: 5 | prometheus.io/port: "8443" 6 | prometheus.io/scheme: https 7 | prometheus.io/scrape: "true" 8 | labels: 9 | control-plane: controller-manager 10 | name: controller-manager-metrics-service 11 | namespace: system 12 | spec: 13 | ports: 14 | - name: https 15 | port: 8443 16 | targetPort: https 17 | selector: 18 | control-plane: controller-manager 19 | -------------------------------------------------------------------------------- /config/knative/rbac/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - role.yaml 3 | - role_binding.yaml 4 | - aggregated_roles.yaml 5 | - leader_election_role.yaml 6 | - leader_election_role_binding.yaml 7 | # Comment the following 3 lines if you want to disable 8 | # the auth proxy (https://github.com/brancz/kube-rbac-proxy) 9 | # which protects your /metrics endpoint. 10 | - auth_proxy_service.yaml 11 | - auth_proxy_role.yaml 12 | - auth_proxy_role_binding.yaml 13 | -------------------------------------------------------------------------------- /config/knative/rbac/leader_election_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions to do leader election. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | name: leader-election-role 6 | rules: 7 | - apiGroups: 8 | - coordination.k8s.io 9 | resources: 10 | - leases 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - create 16 | - update 17 | - patch 18 | - delete 19 | - apiGroups: 20 | - "" 21 | resources: 22 | - leases/status 23 | verbs: 24 | - get 25 | - update 26 | - patch 27 | - apiGroups: 28 | - "" 29 | resources: 30 | - events 31 | verbs: 32 | - create 33 | -------------------------------------------------------------------------------- /config/knative/rbac/leader_election_role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | name: leader-election-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: Role 8 | name: leader-election-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: default 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/knative/rbac/role.yaml: -------------------------------------------------------------------------------- 1 | 2 | --- 3 | apiVersion: rbac.authorization.k8s.io/v1 4 | kind: ClusterRole 5 | metadata: 6 | creationTimestamp: null 7 | name: manager-role 8 | rules: 9 | - apiGroups: 10 | - build.projectriff.io 11 | resources: 12 | - applications 13 | - containers 14 | - functions 15 | verbs: 16 | - get 17 | - list 18 | - watch 19 | - apiGroups: 20 | - "" 21 | resources: 22 | - events 23 | verbs: 24 | - create 25 | - delete 26 | - get 27 | - list 28 | - patch 29 | - update 30 | - watch 31 | - apiGroups: 32 | - knative.projectriff.io 33 | resources: 34 | - adapters 35 | verbs: 36 | - create 37 | - delete 38 | - get 39 | - list 40 | - patch 41 | - update 42 | - watch 43 | - apiGroups: 44 | - knative.projectriff.io 45 | resources: 46 | - adapters/status 47 | verbs: 48 | - get 49 | - patch 50 | - update 51 | - apiGroups: 52 | - knative.projectriff.io 53 | resources: 54 | - deployers 55 | verbs: 56 | - create 57 | - delete 58 | - get 59 | - list 60 | - patch 61 | - update 62 | - watch 63 | - apiGroups: 64 | - knative.projectriff.io 65 | resources: 66 | - deployers/status 67 | verbs: 68 | - get 69 | - patch 70 | - update 71 | - apiGroups: 72 | - serving.knative.dev 73 | resources: 74 | - configurations 75 | - routes 76 | verbs: 77 | - create 78 | - delete 79 | - get 80 | - list 81 | - patch 82 | - update 83 | - watch 84 | - apiGroups: 85 | - serving.knative.dev 86 | resources: 87 | - configurations 88 | - services 89 | verbs: 90 | - create 91 | - delete 92 | - get 93 | - list 94 | - patch 95 | - update 96 | - watch 97 | -------------------------------------------------------------------------------- /config/knative/rbac/role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: manager-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: manager-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: default 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/knative/samples/knative_v1alpha1_adapter.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: knative.projectriff.io/v1alpha1 2 | kind: Adapter 3 | metadata: 4 | name: adapter-sample 5 | spec: 6 | # Add fields here 7 | foo: bar 8 | -------------------------------------------------------------------------------- /config/knative/samples/knative_v1alpha1_deployer.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: knative.projectriff.io/v1alpha1 2 | kind: Deployer 3 | metadata: 4 | name: deployer-sample 5 | spec: 6 | # Add fields here 7 | foo: bar 8 | -------------------------------------------------------------------------------- /config/knative/webhook/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - manifests.yaml 3 | - service.yaml 4 | 5 | configurations: 6 | - kustomizeconfig.yaml 7 | -------------------------------------------------------------------------------- /config/knative/webhook/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # the following config is for teaching kustomize where to look at when substituting vars. 2 | # It requires kustomize v2.1.0 or newer to work properly. 3 | nameReference: 4 | - kind: Service 5 | version: v1 6 | fieldSpecs: 7 | - kind: MutatingWebhookConfiguration 8 | group: admissionregistration.k8s.io 9 | path: webhooks/clientConfig/service/name 10 | - kind: ValidatingWebhookConfiguration 11 | group: admissionregistration.k8s.io 12 | path: webhooks/clientConfig/service/name 13 | 14 | namespace: 15 | - kind: MutatingWebhookConfiguration 16 | group: admissionregistration.k8s.io 17 | path: webhooks/clientConfig/service/namespace 18 | create: true 19 | - kind: ValidatingWebhookConfiguration 20 | group: admissionregistration.k8s.io 21 | path: webhooks/clientConfig/service/namespace 22 | create: true 23 | 24 | varReference: 25 | - path: metadata/annotations 26 | -------------------------------------------------------------------------------- /config/knative/webhook/manifests.yaml: -------------------------------------------------------------------------------- 1 | 2 | --- 3 | apiVersion: admissionregistration.k8s.io/v1 4 | kind: MutatingWebhookConfiguration 5 | metadata: 6 | creationTimestamp: null 7 | name: mutating-webhook-configuration 8 | webhooks: 9 | - admissionReviewVersions: 10 | - v1beta1 11 | clientConfig: 12 | service: 13 | name: webhook-service 14 | namespace: system 15 | path: /mutate-knative-projectriff-io-v1alpha1-adapter 16 | failurePolicy: Fail 17 | name: adapters.knative.projectriff.io 18 | rules: 19 | - apiGroups: 20 | - knative.projectriff.io 21 | apiVersions: 22 | - v1alpha1 23 | operations: 24 | - CREATE 25 | - UPDATE 26 | resources: 27 | - adapters 28 | sideEffects: None 29 | - admissionReviewVersions: 30 | - v1beta1 31 | clientConfig: 32 | service: 33 | name: webhook-service 34 | namespace: system 35 | path: /mutate-knative-projectriff-io-v1alpha1-deployer 36 | failurePolicy: Fail 37 | name: deployers.knative.projectriff.io 38 | rules: 39 | - apiGroups: 40 | - knative.projectriff.io 41 | apiVersions: 42 | - v1alpha1 43 | operations: 44 | - CREATE 45 | - UPDATE 46 | resources: 47 | - deployers 48 | sideEffects: None 49 | 50 | --- 51 | apiVersion: admissionregistration.k8s.io/v1 52 | kind: ValidatingWebhookConfiguration 53 | metadata: 54 | creationTimestamp: null 55 | name: validating-webhook-configuration 56 | webhooks: 57 | - admissionReviewVersions: 58 | - v1beta1 59 | clientConfig: 60 | service: 61 | name: webhook-service 62 | namespace: system 63 | path: /validate-knative-projectriff-io-v1alpha1-adapter 64 | failurePolicy: Fail 65 | name: adapters.knative.projectriff.io 66 | rules: 67 | - apiGroups: 68 | - knative.projectriff.io 69 | apiVersions: 70 | - v1alpha1 71 | operations: 72 | - CREATE 73 | - UPDATE 74 | resources: 75 | - adapters 76 | sideEffects: None 77 | - admissionReviewVersions: 78 | - v1beta1 79 | clientConfig: 80 | service: 81 | name: webhook-service 82 | namespace: system 83 | path: /validate-knative-projectriff-io-v1alpha1-deployer 84 | failurePolicy: Fail 85 | name: deployers.knative.projectriff.io 86 | rules: 87 | - apiGroups: 88 | - knative.projectriff.io 89 | apiVersions: 90 | - v1alpha1 91 | operations: 92 | - CREATE 93 | - UPDATE 94 | resources: 95 | - deployers 96 | sideEffects: None 97 | -------------------------------------------------------------------------------- /config/knative/webhook/service.yaml: -------------------------------------------------------------------------------- 1 | 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: webhook-service 6 | namespace: system 7 | spec: 8 | ports: 9 | - port: 443 10 | targetPort: 9443 11 | selector: 12 | control-plane: controller-manager 13 | -------------------------------------------------------------------------------- /config/streaming/certmanager/certificate.yaml: -------------------------------------------------------------------------------- 1 | # The following manifests contain a self-signed issuer CR and a certificate CR. 2 | # More document can be found at https://docs.cert-manager.io 3 | apiVersion: cert-manager.io/v1alpha2 4 | kind: Issuer 5 | metadata: 6 | name: selfsigned-issuer 7 | namespace: system 8 | spec: 9 | selfSigned: {} 10 | --- 11 | apiVersion: cert-manager.io/v1alpha2 12 | kind: Certificate 13 | metadata: 14 | name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml 15 | namespace: system 16 | spec: 17 | # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize 18 | commonName: $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc 19 | dnsNames: 20 | - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc 21 | - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local 22 | issuerRef: 23 | kind: Issuer 24 | name: selfsigned-issuer 25 | secretName: riff-streaming-webhook-server-cert # this secret is manually prefixed, since it's not managed by kustomize 26 | -------------------------------------------------------------------------------- /config/streaming/certmanager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - certificate.yaml 3 | 4 | configurations: 5 | - kustomizeconfig.yaml 6 | -------------------------------------------------------------------------------- /config/streaming/certmanager/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # This configuration is for teaching kustomize how to update name ref and var substitution 2 | nameReference: 3 | - kind: Issuer 4 | group: cert-manager.io 5 | fieldSpecs: 6 | - kind: Certificate 7 | group: cert-manager.io 8 | path: spec/issuerRef/name 9 | 10 | varReference: 11 | - kind: Certificate 12 | group: cert-manager.io 13 | path: spec/commonName 14 | - kind: Certificate 15 | group: cert-manager.io 16 | path: spec/dnsNames 17 | -------------------------------------------------------------------------------- /config/streaming/config/bases/inmemory-gateway.yaml: -------------------------------------------------------------------------------- 1 | # DO NOT EDIT - this file is the output of the 'config/streaming/config/bases/inmemory-gateway.yaml.tpl' template 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: inmemory-gateway 6 | data: 7 | gatewayImage: bsideup/liiklus:0.10.0-rc1 8 | provisionerImage: gcr.io/projectriff/nop-provisioner/provisioner@sha256:4bfa270f904a979c858d50267bb5e99df3b4ec44babe993f949193404f58f64b 9 | -------------------------------------------------------------------------------- /config/streaming/config/bases/inmemory-gateway.yaml.tpl: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: inmemory-gateway 5 | data: 6 | gatewayImage: bsideup/liiklus:0.10.0-rc1 7 | provisionerImage: {{ gcloud container images describe gcr.io/projectriff/nop-provisioner/provisioner:0.6.0-snapshot --format="value(image_summary.fully_qualified_digest)" }} 8 | -------------------------------------------------------------------------------- /config/streaming/config/bases/kafka-gateway.yaml: -------------------------------------------------------------------------------- 1 | # DO NOT EDIT - this file is the output of the 'config/streaming/config/bases/kafka-gateway.yaml.tpl' template 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: kafka-gateway 6 | data: 7 | gatewayImage: bsideup/liiklus:0.10.0-rc1 8 | provisionerImage: gcr.io/projectriff/kafka-provisioner/provisioner@sha256:c5917a348faae5ababb7371be200c933d50f12f2698d6635d138f047300d68a6 9 | 10 | -------------------------------------------------------------------------------- /config/streaming/config/bases/kafka-gateway.yaml.tpl: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: kafka-gateway 5 | data: 6 | gatewayImage: bsideup/liiklus:0.10.0-rc1 7 | provisionerImage: {{ gcloud container images describe gcr.io/projectriff/kafka-provisioner/provisioner:0.6.0-snapshot --format="value(image_summary.fully_qualified_digest)" }} 8 | 9 | -------------------------------------------------------------------------------- /config/streaming/config/bases/processor.yaml: -------------------------------------------------------------------------------- 1 | # DO NOT EDIT - this file is the output of the 'config/streaming/config/bases/processor.yaml.tpl' template 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: processor 6 | data: 7 | processorImage: gcr.io/projectriff/streaming-processor/processor-native@sha256:968cf9c0b3bc17d2298c0287f3caa9460e289e2fd6363685c229ef7acafacaf8 8 | -------------------------------------------------------------------------------- /config/streaming/config/bases/processor.yaml.tpl: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: processor 5 | data: 6 | processorImage: {{ gcloud container images describe gcr.io/projectriff/streaming-processor/processor-native:0.6.0-SNAPSHOT --format="value(image_summary.fully_qualified_digest)" }} 7 | -------------------------------------------------------------------------------- /config/streaming/config/bases/pulsar-gateway.yaml: -------------------------------------------------------------------------------- 1 | # DO NOT EDIT - this file is the output of the 'config/streaming/config/bases/pulsar-gateway.yaml.tpl' template 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: pulsar-gateway 6 | data: 7 | gatewayImage: bsideup/liiklus:0.10.0-rc1 8 | provisionerImage: gcr.io/projectriff/pulsar-provisioner/provisioner@sha256:028ec53ad146efe05f7f6122b89d97ee189f396780b744a1e348ee0fcee35ff2 9 | -------------------------------------------------------------------------------- /config/streaming/config/bases/pulsar-gateway.yaml.tpl: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: pulsar-gateway 5 | data: 6 | gatewayImage: bsideup/liiklus:0.10.0-rc1 7 | provisionerImage: {{ gcloud container images describe gcr.io/projectriff/pulsar-provisioner/provisioner:0.6.0-snapshot --format="value(image_summary.fully_qualified_digest)" }} 8 | -------------------------------------------------------------------------------- /config/streaming/config/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - bases/processor.yaml 3 | - bases/kafka-gateway.yaml 4 | - bases/inmemory-gateway.yaml 5 | - bases/pulsar-gateway.yaml 6 | -------------------------------------------------------------------------------- /config/streaming/crd/kustomization.yaml: -------------------------------------------------------------------------------- 1 | # This kustomization.yaml is not intended to be run by itself, 2 | # since it depends on service name and namespace that are out of this kustomize package. 3 | # It should be run by config/default 4 | resources: 5 | - bases/streaming.projectriff.io_streams.yaml 6 | - bases/streaming.projectriff.io_processors.yaml 7 | # gateways 8 | - bases/streaming.projectriff.io_gateways.yaml 9 | - bases/streaming.projectriff.io_inmemorygateways.yaml 10 | - bases/streaming.projectriff.io_kafkagateways.yaml 11 | - bases/streaming.projectriff.io_pulsargateways.yaml 12 | # +kubebuilder:scaffold:crdkustomizeresource 13 | 14 | patchesStrategicMerge: 15 | # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. 16 | # patches here are for enabling the conversion webhook for each CRD 17 | #- patches/webhook_in_streams.yaml 18 | #- patches/webhook_in_processors.yaml 19 | #- patches/webhook_in_gateways.yaml 20 | #- patches/webhook_in_inmemorygateways.yaml 21 | #- patches/webhook_in_kafkagateways.yaml 22 | #- patches/webhook_in_pulsargateways.yaml 23 | # +kubebuilder:scaffold:crdkustomizewebhookpatch 24 | 25 | # [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix. 26 | # patches here are for enabling the CA injection for each CRD 27 | #- patches/cainjection_in_streams.yaml 28 | #- patches/cainjection_in_processors.yaml 29 | #- patches/cainjection_in_gateways.yaml 30 | #- patches/cainjection_in_inmemorygateways.yaml 31 | #- patches/cainjection_in_kafkagateways.yaml 32 | #- patches/cainjection_in_pulsargateways.yaml 33 | # +kubebuilder:scaffold:crdkustomizecainjectionpatch 34 | 35 | # the following config is for teaching kustomize how to do kustomization for CRDs. 36 | configurations: 37 | - kustomizeconfig.yaml 38 | -------------------------------------------------------------------------------- /config/streaming/crd/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # This file is for teaching kustomize how to substitute name and namespace reference in CRD 2 | nameReference: 3 | - kind: Service 4 | version: v1 5 | fieldSpecs: 6 | - kind: CustomResourceDefinition 7 | group: apiextensions.k8s.io 8 | path: spec/conversion/webhookClientConfig/service/name 9 | 10 | namespace: 11 | - kind: CustomResourceDefinition 12 | group: apiextensions.k8s.io 13 | path: spec/conversion/webhookClientConfig/service/namespace 14 | create: false 15 | 16 | varReference: 17 | - path: metadata/annotations 18 | -------------------------------------------------------------------------------- /config/streaming/crd/patches/cainjection_in_gateways.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: gateways.streaming.projectriff.io 9 | -------------------------------------------------------------------------------- /config/streaming/crd/patches/cainjection_in_inmemorygateways.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: inmemorygateways.streaming.projectriff.io 9 | -------------------------------------------------------------------------------- /config/streaming/crd/patches/cainjection_in_kafkagateways.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: kafkagateways.streaming.projectriff.io 9 | -------------------------------------------------------------------------------- /config/streaming/crd/patches/cainjection_in_processors.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: processors.streaming.projectriff.io 9 | -------------------------------------------------------------------------------- /config/streaming/crd/patches/cainjection_in_pulsargateways.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: pulsargateways.streaming.projectriff.io 9 | -------------------------------------------------------------------------------- /config/streaming/crd/patches/cainjection_in_streams.yaml: -------------------------------------------------------------------------------- 1 | # The following patch adds a directive for certmanager to inject CA into the CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | annotations: 7 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 8 | name: streams.streaming.projectriff.io 9 | -------------------------------------------------------------------------------- /config/streaming/crd/patches/webhook_in_gateways.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: gateways.streaming.projectriff.io 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/streaming/crd/patches/webhook_in_inmemorygateways.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: inmemorygateways.streaming.projectriff.io 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/streaming/crd/patches/webhook_in_kafkagateways.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: kafkagateways.streaming.projectriff.io 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/streaming/crd/patches/webhook_in_processors.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: processors.streaming.projectriff.io 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/streaming/crd/patches/webhook_in_pulsargateways.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: pulsargateways.streaming.projectriff.io 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/streaming/crd/patches/webhook_in_streams.yaml: -------------------------------------------------------------------------------- 1 | # The following patch enables conversion webhook for CRD 2 | # CRD conversion requires k8s 1.13 or later. 3 | apiVersion: apiextensions.k8s.io/v1beta1 4 | kind: CustomResourceDefinition 5 | metadata: 6 | name: streams.streaming.projectriff.io 7 | spec: 8 | conversion: 9 | strategy: Webhook 10 | webhookClientConfig: 11 | # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, 12 | # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) 13 | caBundle: Cg== 14 | service: 15 | namespace: system 16 | name: webhook-service 17 | path: /convert 18 | -------------------------------------------------------------------------------- /config/streaming/default/manager_auth_proxy_patch.yaml: -------------------------------------------------------------------------------- 1 | # This patch inject a sidecar container which is a HTTP proxy for the controller manager, 2 | # it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews. 3 | apiVersion: apps/v1 4 | kind: Deployment 5 | metadata: 6 | name: controller-manager 7 | namespace: system 8 | spec: 9 | template: 10 | spec: 11 | containers: 12 | - name: kube-rbac-proxy 13 | image: gcr.io/kubebuilder/kube-rbac-proxy:v0.4.0 14 | args: 15 | - "--secure-listen-address=0.0.0.0:8443" 16 | - "--upstream=http://127.0.0.1:8080/" 17 | - "--logtostderr=true" 18 | - "--v=10" 19 | ports: 20 | - containerPort: 8443 21 | name: https 22 | - name: manager 23 | args: 24 | - "--metrics-addr=127.0.0.1:8080" 25 | - "--enable-leader-election" 26 | -------------------------------------------------------------------------------- /config/streaming/default/manager_prometheus_metrics_patch.yaml: -------------------------------------------------------------------------------- 1 | # This patch enables Prometheus scraping for the manager pod. 2 | apiVersion: apps/v1 3 | kind: Deployment 4 | metadata: 5 | name: controller-manager 6 | namespace: system 7 | spec: 8 | template: 9 | metadata: 10 | annotations: 11 | prometheus.io/scrape: 'true' 12 | spec: 13 | containers: 14 | # Expose the prometheus metrics on default port 15 | - name: manager 16 | ports: 17 | - containerPort: 8080 18 | name: metrics 19 | protocol: TCP 20 | -------------------------------------------------------------------------------- /config/streaming/default/manager_webhook_patch.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: controller-manager 5 | namespace: system 6 | spec: 7 | template: 8 | spec: 9 | containers: 10 | - name: manager 11 | ports: 12 | - containerPort: 443 13 | name: webhook-server 14 | protocol: TCP 15 | readinessProbe: 16 | httpGet: 17 | port: 8081 18 | path: /readyz 19 | livenessProbe: 20 | httpGet: 21 | port: 8081 22 | path: /healthz 23 | volumeMounts: 24 | - mountPath: /tmp/k8s-webhook-server/serving-certs 25 | name: cert 26 | readOnly: true 27 | volumes: 28 | - name: cert 29 | secret: 30 | defaultMode: 420 31 | secretName: riff-streaming-webhook-server-cert 32 | -------------------------------------------------------------------------------- /config/streaming/default/webhookcainjection_patch.yaml: -------------------------------------------------------------------------------- 1 | # This patch add annotation to admission webhook config and 2 | # the variables $(CERTIFICATE_NAMESPACE) and $(CERTIFICATE_NAME) will be substituted by kustomize. 3 | apiVersion: admissionregistration.k8s.io/v1 4 | kind: MutatingWebhookConfiguration 5 | metadata: 6 | name: mutating-webhook-configuration 7 | annotations: 8 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 9 | --- 10 | apiVersion: admissionregistration.k8s.io/v1 11 | kind: ValidatingWebhookConfiguration 12 | metadata: 13 | name: validating-webhook-configuration 14 | annotations: 15 | cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) 16 | -------------------------------------------------------------------------------- /config/streaming/manager/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - manager.yaml 3 | -------------------------------------------------------------------------------- /config/streaming/manager/manager.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: controller-manager 5 | namespace: system 6 | labels: 7 | control-plane: controller-manager 8 | spec: 9 | selector: 10 | matchLabels: 11 | control-plane: controller-manager 12 | replicas: 1 13 | template: 14 | metadata: 15 | labels: 16 | control-plane: controller-manager 17 | spec: 18 | containers: 19 | - args: 20 | - --enable-leader-election 21 | env: 22 | - name: SYSTEM_NAMESPACE 23 | valueFrom: 24 | fieldRef: 25 | fieldPath: metadata.namespace 26 | image: ko://github.com/projectriff/system/cmd/managers/streaming 27 | name: manager 28 | resources: 29 | limits: 30 | cpu: 100m 31 | memory: 30Mi 32 | requests: 33 | cpu: 100m 34 | memory: 20Mi 35 | terminationGracePeriodSeconds: 10 36 | -------------------------------------------------------------------------------- /config/streaming/rbac/aggregated_roles.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: role 6 | labels: 7 | # Add these permissions to the "admin" and "edit" default roles. 8 | rbac.authorization.k8s.io/aggregate-to-admin: "true" 9 | rbac.authorization.k8s.io/aggregate-to-edit: "true" 10 | rules: 11 | - apiGroups: 12 | - streaming.projectriff.io 13 | resources: 14 | - "*" 15 | verbs: 16 | - create 17 | - delete 18 | - get 19 | - list 20 | - patch 21 | - update 22 | - watch 23 | 24 | --- 25 | apiVersion: rbac.authorization.k8s.io/v1 26 | kind: ClusterRole 27 | metadata: 28 | name: readonly-role 29 | labels: 30 | # Add these permissions to the "view" default role. 31 | rbac.authorization.k8s.io/aggregate-to-view: "true" 32 | rules: 33 | - apiGroups: 34 | - streaming.projectriff.io 35 | resources: 36 | - "*" 37 | verbs: 38 | - get 39 | - list 40 | - watch 41 | -------------------------------------------------------------------------------- /config/streaming/rbac/auth_proxy_role.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRole 3 | metadata: 4 | name: proxy-role 5 | rules: 6 | - apiGroups: ["authentication.k8s.io"] 7 | resources: 8 | - tokenreviews 9 | verbs: ["create"] 10 | - apiGroups: ["authorization.k8s.io"] 11 | resources: 12 | - subjectaccessreviews 13 | verbs: ["create"] 14 | -------------------------------------------------------------------------------- /config/streaming/rbac/auth_proxy_role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: proxy-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: proxy-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: default 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/streaming/rbac/auth_proxy_service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | annotations: 5 | prometheus.io/port: "8443" 6 | prometheus.io/scheme: https 7 | prometheus.io/scrape: "true" 8 | labels: 9 | control-plane: controller-manager 10 | name: controller-manager-metrics-service 11 | namespace: system 12 | spec: 13 | ports: 14 | - name: https 15 | port: 8443 16 | targetPort: https 17 | selector: 18 | control-plane: controller-manager 19 | -------------------------------------------------------------------------------- /config/streaming/rbac/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - role.yaml 3 | - role_binding.yaml 4 | - aggregated_roles.yaml 5 | - leader_election_role.yaml 6 | - leader_election_role_binding.yaml 7 | # Comment the following 3 lines if you want to disable 8 | # the auth proxy (https://github.com/brancz/kube-rbac-proxy) 9 | # which protects your /metrics endpoint. 10 | - auth_proxy_service.yaml 11 | - auth_proxy_role.yaml 12 | - auth_proxy_role_binding.yaml 13 | -------------------------------------------------------------------------------- /config/streaming/rbac/leader_election_role.yaml: -------------------------------------------------------------------------------- 1 | # permissions to do leader election. 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | name: leader-election-role 6 | rules: 7 | - apiGroups: 8 | - coordination.k8s.io 9 | resources: 10 | - leases 11 | verbs: 12 | - get 13 | - list 14 | - watch 15 | - create 16 | - update 17 | - patch 18 | - delete 19 | - apiGroups: 20 | - "" 21 | resources: 22 | - leases/status 23 | verbs: 24 | - get 25 | - update 26 | - patch 27 | - apiGroups: 28 | - "" 29 | resources: 30 | - events 31 | verbs: 32 | - create 33 | -------------------------------------------------------------------------------- /config/streaming/rbac/leader_election_role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: RoleBinding 3 | metadata: 4 | name: leader-election-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: Role 8 | name: leader-election-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: default 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/streaming/rbac/role_binding.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: manager-rolebinding 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: manager-role 9 | subjects: 10 | - kind: ServiceAccount 11 | name: default 12 | namespace: system 13 | -------------------------------------------------------------------------------- /config/streaming/samples/streaming_v1alpha1_inmemorygateway.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: streaming.projectriff.io/v1alpha1 2 | kind: InMemoryGateway 3 | metadata: 4 | name: dory 5 | spec: {} 6 | -------------------------------------------------------------------------------- /config/streaming/samples/streaming_v1alpha1_kafkagateway.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: streaming.projectriff.io/v1alpha1 2 | kind: KafkaGateway 3 | metadata: 4 | name: franz 5 | spec: 6 | bootstrapServers: kafkabroker:9092 7 | -------------------------------------------------------------------------------- /config/streaming/samples/streaming_v1alpha1_processor.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: streaming.projectriff.io/v1alpha1 2 | kind: Processor 3 | metadata: 4 | name: processor-sample 5 | spec: 6 | # Add fields here 7 | foo: bar 8 | -------------------------------------------------------------------------------- /config/streaming/samples/streaming_v1alpha1_pulsargateway.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: streaming.projectriff.io/v1alpha1 2 | kind: PulsarGateway 3 | metadata: 4 | name: jocelyn 5 | spec: 6 | serviceURL: pulsar://localhost:6650 7 | -------------------------------------------------------------------------------- /config/streaming/samples/streaming_v1alpha1_stream.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: streaming.projectriff.io/v1alpha1 2 | kind: Stream 3 | metadata: 4 | name: in 5 | spec: 6 | contentType: application/json 7 | gateway: 8 | name: dory 9 | -------------------------------------------------------------------------------- /config/streaming/webhook/kustomization.yaml: -------------------------------------------------------------------------------- 1 | resources: 2 | - manifests.yaml 3 | - service.yaml 4 | 5 | configurations: 6 | - kustomizeconfig.yaml 7 | -------------------------------------------------------------------------------- /config/streaming/webhook/kustomizeconfig.yaml: -------------------------------------------------------------------------------- 1 | # the following config is for teaching kustomize where to look at when substituting vars. 2 | # It requires kustomize v2.1.0 or newer to work properly. 3 | nameReference: 4 | - kind: Service 5 | version: v1 6 | fieldSpecs: 7 | - kind: MutatingWebhookConfiguration 8 | group: admissionregistration.k8s.io 9 | path: webhooks/clientConfig/service/name 10 | - kind: ValidatingWebhookConfiguration 11 | group: admissionregistration.k8s.io 12 | path: webhooks/clientConfig/service/name 13 | 14 | namespace: 15 | - kind: MutatingWebhookConfiguration 16 | group: admissionregistration.k8s.io 17 | path: webhooks/clientConfig/service/namespace 18 | create: true 19 | - kind: ValidatingWebhookConfiguration 20 | group: admissionregistration.k8s.io 21 | path: webhooks/clientConfig/service/namespace 22 | create: true 23 | 24 | varReference: 25 | - path: metadata/annotations 26 | -------------------------------------------------------------------------------- /config/streaming/webhook/service.yaml: -------------------------------------------------------------------------------- 1 | 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: webhook-service 6 | namespace: system 7 | spec: 8 | ports: 9 | - port: 443 10 | targetPort: 9443 11 | selector: 12 | control-plane: controller-manager 13 | -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- 1 | module github.com/projectriff/system 2 | 3 | go 1.14 4 | 5 | require ( 6 | github.com/go-logr/logr v0.3.0 7 | github.com/go-logr/zapr v0.3.0 // indirect 8 | github.com/google/go-cmp v0.5.4 9 | github.com/google/go-containerregistry v0.4.0 10 | github.com/stretchr/testify v1.7.0 11 | github.com/vmware-labs/reconciler-runtime v0.2.1-0.20201213193933-5ad8e546c9fa 12 | k8s.io/api v0.20.2 13 | k8s.io/apimachinery v0.20.2 14 | k8s.io/client-go v0.20.2 15 | sigs.k8s.io/controller-runtime v0.7.0 16 | ) 17 | -------------------------------------------------------------------------------- /hack/apply-template.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -o errexit 4 | set -o nounset 5 | set -o pipefail 6 | 7 | template=${1} 8 | comment=${2:-#} 9 | 10 | if [ -f $template ] ; then 11 | echo "${comment} DO NOT EDIT - this file is the output of the '$template' template " 12 | while IFS= read -r line 13 | do 14 | expressions=$(echo $line | grep -oE '\{\{[^}]+\}\}') || true 15 | while read -r expression; do 16 | if [[ $expression == "{{tpl_escape"* ]]; then 17 | output=$(echo $expression | sed -e 's/^{{tpl_escape/{{/') 18 | else 19 | output=$(eval $(echo $expression | sed -e 's/^{{//g' | sed -e 's/}}$//g')) 20 | fi 21 | line=${line//$expression/$output} 22 | done <<< "$expressions" 23 | echo "$line" 24 | done < "$template" 25 | fi 26 | -------------------------------------------------------------------------------- /hack/boilerplate.go.txt: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ -------------------------------------------------------------------------------- /hack/go.mod: -------------------------------------------------------------------------------- 1 | module github.com/projectriff/system/tools 2 | 3 | go 1.14 4 | 5 | require ( 6 | github.com/vektra/mockery v1.1.2 7 | // branch release-branch.go1.14 8 | golang.org/x/tools v0.0.0-20200924205911-8a9a89368bd3 9 | k8s.io/code-generator v0.20.2 10 | sigs.k8s.io/controller-tools v0.4.1 11 | ) 12 | -------------------------------------------------------------------------------- /hack/ko/go.mod: -------------------------------------------------------------------------------- 1 | module github.com/projectriff/system/tools 2 | 3 | go 1.14 4 | 5 | require github.com/google/ko v0.6.2 6 | -------------------------------------------------------------------------------- /hack/ko/tools.go: -------------------------------------------------------------------------------- 1 | // +build tools 2 | 3 | // This package imports things required by build scripts, to force `go mod` to see them as dependencies 4 | package tools 5 | 6 | import ( 7 | _ "github.com/google/ko/pkg" 8 | ) 9 | -------------------------------------------------------------------------------- /hack/tools.go: -------------------------------------------------------------------------------- 1 | // +build tools 2 | 3 | // This package imports things required by build scripts, to force `go mod` to see them as dependencies 4 | package tools 5 | 6 | import ( 7 | _ "github.com/vektra/mockery" 8 | _ "golang.org/x/tools/imports" 9 | _ "k8s.io/code-generator/pkg/util" 10 | _ "sigs.k8s.io/controller-tools/pkg/version" 11 | ) 12 | -------------------------------------------------------------------------------- /hack/update-codegen.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -o errexit 4 | set -o nounset 5 | set -o pipefail 6 | 7 | SCRIPT_ROOT=$(cd $(dirname "${BASH_SOURCE[0]}")/.. && pwd) 8 | 9 | CODEGEN_PKG=${CODEGEN_PKG:-$(go mod download -modfile hack/go.mod -json 2>/dev/null | jq -r 'select(.Path == "k8s.io/code-generator").Dir')} 10 | 11 | TMP_DIR="$(mktemp -d)" 12 | trap 'rm -rf ${TMP_DIR}' EXIT 13 | export GOPATH=${GOPATH:-${TMP_DIR}} 14 | 15 | TMP_REPO_PATH="${TMP_DIR}/src/github.com/projectriff/system" 16 | mkdir -p "$(dirname "${TMP_REPO_PATH}")" && ln -s "${SCRIPT_ROOT}" "${TMP_REPO_PATH}" 17 | 18 | bash "${CODEGEN_PKG}"/generate-groups.sh "client" \ 19 | github.com/projectriff/system/pkg/client github.com/projectriff/system/pkg/apis \ 20 | "bindings:v1alpha1 build:v1alpha1 core:v1alpha1 knative:v1alpha1 streaming:v1alpha1" \ 21 | --output-base "${TMP_DIR}/src" \ 22 | --go-header-file "${SCRIPT_ROOT}"/hack/boilerplate.go.txt 23 | 24 | # refine generated files 25 | 26 | patchClient() { 27 | local find="$1" 28 | local replace="$2" 29 | 30 | find pkg/client -type f -name "*.go" -print0 | xargs -0 sed -i '' -e "s|${find}|${replace}|g" 31 | } 32 | 33 | # the fake client uses a naive GVK to GVR transform which doesn't use the correct pluralization. I feel bad, you should feel bad too. 34 | 35 | patchClient \ 36 | 'schema.GroupVersionResource{Group: "streaming.projectriff.io", Version: "v1alpha1", Resource: "gateways"}' \ 37 | 'schema.GroupVersionResource{Group: "streaming.projectriff.io", Version: "v1alpha1", Resource: "gatewaies"}' 38 | patchClient \ 39 | 'schema.GroupVersionResource{Group: "streaming.projectriff.io", Version: "v1alpha1", Resource: "inmemorygateways"}' \ 40 | 'schema.GroupVersionResource{Group: "streaming.projectriff.io", Version: "v1alpha1", Resource: "inmemorygatewaies"}' 41 | patchClient \ 42 | 'schema.GroupVersionResource{Group: "streaming.projectriff.io", Version: "v1alpha1", Resource: "kafkagateways"}' \ 43 | 'schema.GroupVersionResource{Group: "streaming.projectriff.io", Version: "v1alpha1", Resource: "kafkagatewaies"}' 44 | patchClient \ 45 | 'schema.GroupVersionResource{Group: "streaming.projectriff.io", Version: "v1alpha1", Resource: "pulsargateways"}' \ 46 | 'schema.GroupVersionResource{Group: "streaming.projectriff.io", Version: "v1alpha1", Resource: "pulsargatewaies"}' 47 | 48 | make fmt 49 | -------------------------------------------------------------------------------- /pkg/apis/bindings/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2020 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // NOTE: this package mirrors the types from github.com/projectriff/bindings for 18 | // client compatibility. It is not an authoritative source for these resources. 19 | 20 | // +groupName=bindings.projectriff.io 21 | package v1alpha1 22 | -------------------------------------------------------------------------------- /pkg/apis/bindings/v1alpha1/groupversion_info.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2020 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // +kubebuilder:object:generate=true 18 | // +groupName=bindings.projectriff.io 19 | package v1alpha1 20 | 21 | import ( 22 | "k8s.io/apimachinery/pkg/runtime/schema" 23 | "sigs.k8s.io/controller-runtime/pkg/scheme" 24 | ) 25 | 26 | var ( 27 | // GroupVersion is group version used to register these objects 28 | GroupVersion = schema.GroupVersion{Group: "bindings.projectriff.io", Version: "v1alpha1"} 29 | 30 | // SchemeBuilder is used to add go types to the GroupVersionKind scheme 31 | SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} 32 | 33 | // AddToScheme adds the types in this group-version to the given scheme. 34 | AddToScheme = SchemeBuilder.AddToScheme 35 | ) 36 | 37 | // compatibility with k8s.io/code-generator 38 | var SchemeGroupVersion = GroupVersion 39 | -------------------------------------------------------------------------------- /pkg/apis/bindings/v1alpha1/image_binding_types.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2020 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1alpha1 18 | 19 | import ( 20 | "github.com/vmware-labs/reconciler-runtime/apis" 21 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 22 | ) 23 | 24 | // +kubebuilder:object:root=true 25 | // +genclient 26 | 27 | type ImageBinding struct { 28 | metav1.TypeMeta `json:",inline"` 29 | metav1.ObjectMeta `json:"metadata,omitempty"` 30 | 31 | Spec ImageBindingSpec `json:"spec"` 32 | Status ImageBindingStatus `json:"status"` 33 | } 34 | 35 | type ImageBindingSpec struct { 36 | Subject *Reference `json:"subject,omitempty"` 37 | Provider *Reference `json:"provider,omitempty"` 38 | ContainerName string `json:"containerName,omitempty"` 39 | } 40 | 41 | type ImageBindingStatus struct { 42 | apis.Status `json:",inline"` 43 | } 44 | 45 | // +kubebuilder:object:root=true 46 | 47 | type ImageBindingList struct { 48 | metav1.TypeMeta `json:",inline"` 49 | metav1.ListMeta `json:"metadata"` 50 | 51 | Items []ImageBinding `json:"items"` 52 | } 53 | 54 | func init() { 55 | SchemeBuilder.Register(&ImageBinding{}, &ImageBindingList{}) 56 | } 57 | -------------------------------------------------------------------------------- /pkg/apis/bindings/v1alpha1/service_binding_types.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2020 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1alpha1 18 | 19 | import ( 20 | "github.com/vmware-labs/reconciler-runtime/apis" 21 | corev1 "k8s.io/api/core/v1" 22 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 23 | ) 24 | 25 | // +kubebuilder:object:root=true 26 | // +genclient 27 | 28 | type ServiceBinding struct { 29 | metav1.TypeMeta `json:",inline"` 30 | metav1.ObjectMeta `json:"metadata,omitempty"` 31 | 32 | Spec ServiceBindingSpec `json:"spec"` 33 | Status ServiceBindingStatus `json:"status"` 34 | } 35 | 36 | type ServiceBindingSpec struct { 37 | Subject *Reference `json:"subject,omitempty"` 38 | Providers []ServiceCredentialProvider `json:"providers,omitempty"` 39 | } 40 | 41 | type ServiceCredentialProvider struct { 42 | Ref ServiceCredentialReference `json:"ref,omitempty"` 43 | Name string `json:"name"` 44 | ContainerName string `json:"containerName,omitempty"` 45 | BindingMode ServiceBindingMode `json:"bindingMode,omitempty"` 46 | } 47 | 48 | type ServiceCredentialReference struct { 49 | Metadata corev1.LocalObjectReference `json:"metadata"` 50 | Secret corev1.LocalObjectReference `json:"secret"` 51 | } 52 | 53 | type ServiceBindingMode string 54 | 55 | const ( 56 | MetadataServiceBinding ServiceBindingMode = "Metadata" 57 | SecretServiceBinding ServiceBindingMode = "Secret" 58 | ) 59 | 60 | type ServiceBindingStatus struct { 61 | apis.Status `json:",inline"` 62 | } 63 | 64 | // +kubebuilder:object:root=true 65 | 66 | type ServiceBindingList struct { 67 | metav1.TypeMeta `json:",inline"` 68 | metav1.ListMeta `json:"metadata"` 69 | 70 | Items []ServiceBinding `json:"items"` 71 | } 72 | 73 | func init() { 74 | SchemeBuilder.Register(&ServiceBinding{}, &ServiceBindingList{}) 75 | } 76 | -------------------------------------------------------------------------------- /pkg/apis/bindings/v1alpha1/shared_types.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1alpha1 18 | 19 | import ( 20 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 21 | ) 22 | 23 | type Reference struct { 24 | APIVersion string `json:"apiVersion,omitempty"` 25 | Kind string `json:"kind,omitempty"` 26 | Namespace string `json:"namespace,omitempty"` 27 | Name string `json:"name,omitempty"` 28 | Selector *metav1.LabelSelector `json:"selector,omitempty"` 29 | } 30 | -------------------------------------------------------------------------------- /pkg/apis/build/v1alpha1/aliases.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1alpha1 18 | 19 | import ( 20 | kpackv1alpha1 "github.com/projectriff/system/pkg/apis/thirdparty/kpack/build/v1alpha1" 21 | ) 22 | 23 | // +k8s:deepcopy-gen=false 24 | type Source = kpackv1alpha1.SourceConfig 25 | 26 | // +k8s:deepcopy-gen=false 27 | type Git = kpackv1alpha1.Git 28 | 29 | // +k8s:deepcopy-gen=false 30 | type Blob = kpackv1alpha1.Blob 31 | 32 | // +k8s:deepcopy-gen=false 33 | type Registry = kpackv1alpha1.Registry 34 | 35 | type ImageTaggingStrategy = kpackv1alpha1.ImageTaggingStrategy 36 | 37 | const None = kpackv1alpha1.None 38 | const BuildNumber = kpackv1alpha1.BuildNumber 39 | 40 | // +k8s:deepcopy-gen=false 41 | type ImageBuild = kpackv1alpha1.ImageBuild 42 | -------------------------------------------------------------------------------- /pkg/apis/build/v1alpha1/application_defaults.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1alpha1 18 | 19 | import "sigs.k8s.io/controller-runtime/pkg/webhook" 20 | 21 | // +kubebuilder:webhook:path=/mutate-build-projectriff-io-v1alpha1-application,mutating=true,failurePolicy=fail,sideEffects=none,admissionReviewVersions=v1beta1,groups=build.projectriff.io,resources=applications,verbs=create;update,versions=v1alpha1,name=applications.build.projectriff.io 22 | 23 | var _ webhook.Defaulter = &Application{} 24 | 25 | // Default implements webhook.Defaulter so a webhook will be registered for the type 26 | func (r *Application) Default() { 27 | r.Spec.Default() 28 | } 29 | 30 | func (s *ApplicationSpec) Default() { 31 | if s.Image == "" { 32 | s.Image = "_" 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /pkg/apis/build/v1alpha1/application_defaults_test.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1alpha1 18 | 19 | import ( 20 | "testing" 21 | 22 | "github.com/google/go-cmp/cmp" 23 | ) 24 | 25 | func TestApplicationDefault(t *testing.T) { 26 | tests := []struct { 27 | name string 28 | in *Application 29 | want *Application 30 | }{{ 31 | name: "empty", 32 | in: &Application{}, 33 | want: &Application{ 34 | Spec: ApplicationSpec{ 35 | Image: "_", 36 | }, 37 | }, 38 | }} 39 | 40 | for _, test := range tests { 41 | t.Run(test.name, func(t *testing.T) { 42 | got := test.in 43 | got.Default() 44 | if diff := cmp.Diff(test.want, got); diff != "" { 45 | t.Errorf("Default (-want, +got) = %v", diff) 46 | } 47 | }) 48 | } 49 | } 50 | -------------------------------------------------------------------------------- /pkg/apis/build/v1alpha1/container_defaults.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1alpha1 18 | 19 | import "sigs.k8s.io/controller-runtime/pkg/webhook" 20 | 21 | // +kubebuilder:webhook:path=/mutate-build-projectriff-io-v1alpha1-container,mutating=true,failurePolicy=fail,sideEffects=none,admissionReviewVersions=v1beta1,groups=build.projectriff.io,resources=containers,verbs=create;update,versions=v1alpha1,name=containers.build.projectriff.io 22 | 23 | var _ webhook.Defaulter = &Container{} 24 | 25 | // Default implements webhook.Defaulter so a webhook will be registered for the type 26 | func (r *Container) Default() { 27 | r.Spec.Default() 28 | } 29 | 30 | func (s *ContainerSpec) Default() { 31 | if s.Image == "" { 32 | s.Image = "_" 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /pkg/apis/build/v1alpha1/container_defaults_test.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1alpha1 18 | 19 | import ( 20 | "testing" 21 | 22 | "github.com/google/go-cmp/cmp" 23 | ) 24 | 25 | func TestContainerDefault(t *testing.T) { 26 | tests := []struct { 27 | name string 28 | in *Container 29 | want *Container 30 | }{{ 31 | name: "empty", 32 | in: &Container{}, 33 | want: &Container{ 34 | Spec: ContainerSpec{ 35 | Image: "_", 36 | }, 37 | }, 38 | }} 39 | 40 | for _, test := range tests { 41 | t.Run(test.name, func(t *testing.T) { 42 | got := test.in 43 | got.Default() 44 | if diff := cmp.Diff(test.want, got); diff != "" { 45 | t.Errorf("Default (-want, +got) = %v", diff) 46 | } 47 | }) 48 | } 49 | } 50 | -------------------------------------------------------------------------------- /pkg/apis/build/v1alpha1/container_lifecycle.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1alpha1 18 | 19 | import ( 20 | "github.com/vmware-labs/reconciler-runtime/apis" 21 | ) 22 | 23 | const ( 24 | ContainerConditionReady = apis.ConditionReady 25 | ContainerConditionImageResolved apis.ConditionType = "ImageResolved" 26 | ) 27 | 28 | var containerCondSet = apis.NewLivingConditionSet( 29 | ContainerConditionImageResolved, 30 | ) 31 | 32 | func (cs *ContainerStatus) GetObservedGeneration() int64 { 33 | return cs.ObservedGeneration 34 | } 35 | 36 | func (cs *ContainerStatus) IsReady() bool { 37 | return containerCondSet.Manage(cs).IsHappy() 38 | } 39 | 40 | func (*ContainerStatus) GetReadyConditionType() apis.ConditionType { 41 | return ContainerConditionReady 42 | } 43 | 44 | func (cs *ContainerStatus) GetCondition(t apis.ConditionType) *apis.Condition { 45 | return containerCondSet.Manage(cs).GetCondition(t) 46 | } 47 | 48 | func (cs *ContainerStatus) InitializeConditions() { 49 | containerCondSet.Manage(cs).InitializeConditions() 50 | } 51 | 52 | func (cs *ContainerStatus) MarkImageDefaultPrefixMissing(message string) { 53 | containerCondSet.Manage(cs).MarkFalse(ContainerConditionImageResolved, "DefaultImagePrefixMissing", message) 54 | } 55 | 56 | func (cs *ContainerStatus) MarkImageInvalid(message string) { 57 | containerCondSet.Manage(cs).MarkFalse(ContainerConditionImageResolved, "ImageInvalid", message) 58 | } 59 | 60 | func (cs *ContainerStatus) MarkImageResolved() { 61 | containerCondSet.Manage(cs).MarkTrue(ContainerConditionImageResolved) 62 | } 63 | -------------------------------------------------------------------------------- /pkg/apis/build/v1alpha1/container_validation_test.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1alpha1 18 | 19 | import ( 20 | "testing" 21 | 22 | "github.com/google/go-cmp/cmp" 23 | "github.com/vmware-labs/reconciler-runtime/validation" 24 | ) 25 | 26 | func TestValidateContainer(t *testing.T) { 27 | for _, c := range []struct { 28 | name string 29 | target *Container 30 | expected validation.FieldErrors 31 | }{{ 32 | name: "empty", 33 | target: &Container{}, 34 | expected: validation.ErrMissingField("spec"), 35 | }, { 36 | name: "valid", 37 | target: &Container{ 38 | Spec: ContainerSpec{ 39 | Image: "test-image", 40 | }, 41 | }, 42 | expected: validation.FieldErrors{}, 43 | }} { 44 | t.Run(c.name, func(t *testing.T) { 45 | actual := c.target.Validate() 46 | if diff := cmp.Diff(c.expected, actual); diff != "" { 47 | t.Errorf("validateContainer(%s) (-expected, +actual) = %v", c.name, diff) 48 | } 49 | }) 50 | } 51 | } 52 | 53 | func TestValidateContainerSpec(t *testing.T) { 54 | for _, c := range []struct { 55 | name string 56 | target *ContainerSpec 57 | expected validation.FieldErrors 58 | }{{ 59 | name: "empty", 60 | target: &ContainerSpec{}, 61 | expected: validation.ErrMissingField(validation.CurrentField), 62 | }, { 63 | name: "valid", 64 | target: &ContainerSpec{ 65 | Image: "test-image", 66 | }, 67 | expected: validation.FieldErrors{}, 68 | }} { 69 | t.Run(c.name, func(t *testing.T) { 70 | actual := c.target.Validate() 71 | if diff := cmp.Diff(c.expected, actual); diff != "" { 72 | t.Errorf("validateContainerSpec(%s) (-expected, +actual) = %v", c.name, diff) 73 | } 74 | }) 75 | } 76 | } 77 | -------------------------------------------------------------------------------- /pkg/apis/build/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // +groupName=build.projectriff.io 18 | package v1alpha1 19 | -------------------------------------------------------------------------------- /pkg/apis/build/v1alpha1/function_defaults.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1alpha1 18 | 19 | import "sigs.k8s.io/controller-runtime/pkg/webhook" 20 | 21 | // +kubebuilder:webhook:path=/mutate-build-projectriff-io-v1alpha1-function,mutating=true,failurePolicy=fail,sideEffects=none,admissionReviewVersions=v1beta1,groups=build.projectriff.io,resources=functions,verbs=create;update,versions=v1alpha1,name=functions.build.projectriff.io 22 | 23 | var _ webhook.Defaulter = &Function{} 24 | 25 | // Default implements webhook.Defaulter so a webhook will be registered for the type 26 | func (r *Function) Default() { 27 | r.Spec.Default() 28 | } 29 | 30 | func (s *FunctionSpec) Default() { 31 | if s.Image == "" { 32 | s.Image = "_" 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /pkg/apis/build/v1alpha1/function_defaults_test.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1alpha1 18 | 19 | import ( 20 | "testing" 21 | 22 | "github.com/google/go-cmp/cmp" 23 | ) 24 | 25 | func TestFunctionDefault(t *testing.T) { 26 | tests := []struct { 27 | name string 28 | in *Function 29 | want *Function 30 | }{{ 31 | name: "empty", 32 | in: &Function{}, 33 | want: &Function{ 34 | Spec: FunctionSpec{ 35 | Image: "_", 36 | }, 37 | }, 38 | }} 39 | 40 | for _, test := range tests { 41 | t.Run(test.name, func(t *testing.T) { 42 | got := test.in 43 | got.Default() 44 | if diff := cmp.Diff(test.want, got); diff != "" { 45 | t.Errorf("Default (-want, +got) = %v", diff) 46 | } 47 | }) 48 | } 49 | } 50 | -------------------------------------------------------------------------------- /pkg/apis/build/v1alpha1/groupversion_info.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package v1alpha1 contains API Schema definitions for the build v1alpha1 API group 18 | // +kubebuilder:object:generate=true 19 | package v1alpha1 20 | 21 | import ( 22 | "k8s.io/apimachinery/pkg/runtime/schema" 23 | "sigs.k8s.io/controller-runtime/pkg/scheme" 24 | ) 25 | 26 | var ( 27 | // GroupVersion is group version used to register these objects 28 | GroupVersion = schema.GroupVersion{Group: "build.projectriff.io", Version: "v1alpha1"} 29 | 30 | // SchemeBuilder is used to add go types to the GroupVersionKind scheme 31 | SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} 32 | 33 | // AddToScheme adds the types in this group-version to the given scheme. 34 | AddToScheme = SchemeBuilder.AddToScheme 35 | ) 36 | 37 | // compatibility with k8s.io/code-generator 38 | var SchemeGroupVersion = GroupVersion 39 | -------------------------------------------------------------------------------- /pkg/apis/core/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // +groupName=core.projectriff.io 18 | package v1alpha1 19 | -------------------------------------------------------------------------------- /pkg/apis/core/v1alpha1/groupversion_info.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package v1alpha1 contains API Schema definitions for the core v1alpha1 API group 18 | // +kubebuilder:object:generate=true 19 | package v1alpha1 20 | 21 | import ( 22 | "k8s.io/apimachinery/pkg/runtime/schema" 23 | "sigs.k8s.io/controller-runtime/pkg/scheme" 24 | ) 25 | 26 | var ( 27 | // GroupVersion is group version used to register these objects 28 | GroupVersion = schema.GroupVersion{Group: "core.projectriff.io", Version: "v1alpha1"} 29 | 30 | // SchemeBuilder is used to add go types to the GroupVersionKind scheme 31 | SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} 32 | 33 | // AddToScheme adds the types in this group-version to the given scheme. 34 | AddToScheme = SchemeBuilder.AddToScheme 35 | ) 36 | 37 | // compatibility with k8s.io/code-generator 38 | var SchemeGroupVersion = GroupVersion 39 | -------------------------------------------------------------------------------- /pkg/apis/duck/v1/addressable_types.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 The Knative Authors 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1 18 | 19 | import "net/url" 20 | 21 | // Addressable provides a generic mechanism for a custom resource 22 | // definition to indicate a destination for message delivery. 23 | 24 | // Addressable is the schema for the destination information. This is 25 | // typically stored in the object's `status`, as this information may 26 | // be generated by the controller. 27 | // +k8s:deepcopy-gen=true 28 | type Addressable struct { 29 | URL string `json:"url,omitempty"` 30 | } 31 | 32 | func (a *Addressable) Parse() (*url.URL, error) { 33 | return url.Parse(a.URL) 34 | } 35 | -------------------------------------------------------------------------------- /pkg/apis/duck/v1/zz_generated.deepcopy.go: -------------------------------------------------------------------------------- 1 | // +build !ignore_autogenerated 2 | 3 | /* 4 | Copyright 2019 the original author or authors. 5 | 6 | Licensed under the Apache License, Version 2.0 (the "License"); 7 | you may not use this file except in compliance with the License. 8 | You may obtain a copy of the License at 9 | 10 | http://www.apache.org/licenses/LICENSE-2.0 11 | 12 | Unless required by applicable law or agreed to in writing, software 13 | distributed under the License is distributed on an "AS IS" BASIS, 14 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | See the License for the specific language governing permissions and 16 | limitations under the License. 17 | */ 18 | 19 | // Code generated by controller-gen. DO NOT EDIT. 20 | 21 | package v1 22 | 23 | // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. 24 | func (in *Addressable) DeepCopyInto(out *Addressable) { 25 | *out = *in 26 | } 27 | 28 | // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Addressable. 29 | func (in *Addressable) DeepCopy() *Addressable { 30 | if in == nil { 31 | return nil 32 | } 33 | out := new(Addressable) 34 | in.DeepCopyInto(out) 35 | return out 36 | } 37 | -------------------------------------------------------------------------------- /pkg/apis/interfaces.go: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2019 The original author or authors 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | package apis 18 | 19 | import ( 20 | "github.com/vmware-labs/reconciler-runtime/apis" 21 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 22 | "k8s.io/apimachinery/pkg/runtime/schema" 23 | ) 24 | 25 | type Resource interface { 26 | GetGroupVersionKind() schema.GroupVersionKind 27 | GetObjectMeta() metav1.Object 28 | GetStatus() ResourceStatus 29 | } 30 | 31 | type ResourceStatus interface { 32 | IsReady() bool 33 | GetCondition(t apis.ConditionType) *apis.Condition 34 | GetReadyConditionType() apis.ConditionType 35 | GetObservedGeneration() int64 36 | } 37 | -------------------------------------------------------------------------------- /pkg/apis/knative/v1alpha1/adapter_defaults.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1alpha1 18 | 19 | import "sigs.k8s.io/controller-runtime/pkg/webhook" 20 | 21 | // +kubebuilder:webhook:path=/mutate-knative-projectriff-io-v1alpha1-adapter,mutating=true,failurePolicy=fail,sideEffects=none,admissionReviewVersions=v1beta1,groups=knative.projectriff.io,resources=adapters,verbs=create;update,versions=v1alpha1,name=adapters.knative.projectriff.io 22 | 23 | var _ webhook.Defaulter = &Adapter{} 24 | 25 | // Default implements webhook.Defaulter so a webhook will be registered for the type 26 | func (r *Adapter) Default() { 27 | r.Spec.Default() 28 | } 29 | 30 | func (s *AdapterSpec) Default() { 31 | // nothing to do 32 | } 33 | -------------------------------------------------------------------------------- /pkg/apis/knative/v1alpha1/adapter_defaults_test.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1alpha1 18 | 19 | import ( 20 | "testing" 21 | 22 | "github.com/google/go-cmp/cmp" 23 | ) 24 | 25 | func TestAdapterDefault(t *testing.T) { 26 | tests := []struct { 27 | name string 28 | in *Adapter 29 | want *Adapter 30 | }{{ 31 | name: "empty", 32 | in: &Adapter{}, 33 | want: &Adapter{}, 34 | }} 35 | 36 | for _, test := range tests { 37 | t.Run(test.name, func(t *testing.T) { 38 | got := test.in 39 | got.Default() 40 | if diff := cmp.Diff(test.want, got); diff != "" { 41 | t.Errorf("Default (-want, +got) = %v", diff) 42 | } 43 | }) 44 | } 45 | } 46 | 47 | func TestAdapterSpecDefault(t *testing.T) { 48 | tests := []struct { 49 | name string 50 | in *AdapterSpec 51 | want *AdapterSpec 52 | }{{ 53 | name: "empty", 54 | in: &AdapterSpec{}, 55 | want: &AdapterSpec{}, 56 | }} 57 | 58 | for _, test := range tests { 59 | t.Run(test.name, func(t *testing.T) { 60 | got := test.in 61 | got.Default() 62 | if diff := cmp.Diff(test.want, got); diff != "" { 63 | t.Errorf("Default (-want, +got) = %v", diff) 64 | } 65 | }) 66 | } 67 | } 68 | -------------------------------------------------------------------------------- /pkg/apis/knative/v1alpha1/deployer_defaults.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1alpha1 18 | 19 | import ( 20 | corev1 "k8s.io/api/core/v1" 21 | "sigs.k8s.io/controller-runtime/pkg/webhook" 22 | ) 23 | 24 | // +kubebuilder:webhook:path=/mutate-knative-projectriff-io-v1alpha1-deployer,mutating=true,failurePolicy=fail,sideEffects=none,admissionReviewVersions=v1beta1,groups=knative.projectriff.io,resources=deployers,verbs=create;update,versions=v1alpha1,name=deployers.knative.projectriff.io 25 | 26 | var _ webhook.Defaulter = &Deployer{} 27 | 28 | // Default implements webhook.Defaulter so a webhook will be registered for the type 29 | func (r *Deployer) Default() { 30 | r.Spec.Default() 31 | } 32 | 33 | func (s *DeployerSpec) Default() { 34 | if s.Template == nil { 35 | s.Template = &corev1.PodTemplateSpec{} 36 | } 37 | if s.Template.ObjectMeta.Annotations == nil { 38 | s.Template.ObjectMeta.Annotations = map[string]string{} 39 | } 40 | if s.Template.ObjectMeta.Labels == nil { 41 | s.Template.ObjectMeta.Labels = map[string]string{} 42 | } 43 | if len(s.Template.Spec.Containers) == 0 { 44 | s.Template.Spec.Containers = append(s.Template.Spec.Containers, corev1.Container{}) 45 | } 46 | if s.IngressPolicy == "" { 47 | s.IngressPolicy = IngressPolicyClusterLocal 48 | } 49 | } 50 | -------------------------------------------------------------------------------- /pkg/apis/knative/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // +groupName=knative.projectriff.io 18 | package v1alpha1 19 | -------------------------------------------------------------------------------- /pkg/apis/knative/v1alpha1/groupversion_info.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package v1alpha1 contains API Schema definitions for the knative v1alpha1 API group 18 | // +kubebuilder:object:generate=true 19 | package v1alpha1 20 | 21 | import ( 22 | "k8s.io/apimachinery/pkg/runtime/schema" 23 | "sigs.k8s.io/controller-runtime/pkg/scheme" 24 | ) 25 | 26 | var ( 27 | // GroupVersion is group version used to register these objects 28 | GroupVersion = schema.GroupVersion{Group: "knative.projectriff.io", Version: "v1alpha1"} 29 | 30 | // SchemeBuilder is used to add go types to the GroupVersionKind scheme 31 | SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} 32 | 33 | // AddToScheme adds the types in this group-version to the given scheme. 34 | AddToScheme = SchemeBuilder.AddToScheme 35 | ) 36 | 37 | // compatibility with k8s.io/code-generator 38 | var SchemeGroupVersion = GroupVersion 39 | -------------------------------------------------------------------------------- /pkg/apis/knative/v1alpha1/shared_types.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1alpha1 18 | 19 | type Build struct { 20 | // ApplicationRef references an application in this namespace. 21 | ApplicationRef string `json:"applicationRef,omitempty"` 22 | 23 | // ContainerRef references a container in this namespace. 24 | ContainerRef string `json:"containerRef,omitempty"` 25 | 26 | // FunctionRef references an application in this namespace. 27 | FunctionRef string `json:"functionRef,omitempty"` 28 | } 29 | -------------------------------------------------------------------------------- /pkg/apis/knative/v1alpha1/shared_validation.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1alpha1 18 | 19 | import ( 20 | "github.com/vmware-labs/reconciler-runtime/validation" 21 | "k8s.io/apimachinery/pkg/api/equality" 22 | ) 23 | 24 | func (b *Build) Validate() validation.FieldErrors { 25 | if equality.Semantic.DeepEqual(b, &Build{}) { 26 | return validation.ErrMissingField(validation.CurrentField) 27 | } 28 | 29 | errs := validation.FieldErrors{} 30 | used := []string{} 31 | unused := []string{} 32 | 33 | if b.ApplicationRef != "" { 34 | used = append(used, "applicationRef") 35 | } else { 36 | unused = append(unused, "applicationRef") 37 | } 38 | 39 | if b.ContainerRef != "" { 40 | used = append(used, "containerRef") 41 | } else { 42 | unused = append(unused, "containerRef") 43 | } 44 | 45 | if b.FunctionRef != "" { 46 | used = append(used, "functionRef") 47 | } else { 48 | unused = append(unused, "functionRef") 49 | } 50 | 51 | if len(used) == 0 { 52 | errs = errs.Also(validation.ErrMissingOneOf(unused...)) 53 | } else if len(used) > 1 { 54 | errs = errs.Also(validation.ErrMultipleOneOf(used...)) 55 | } 56 | 57 | return errs 58 | } 59 | -------------------------------------------------------------------------------- /pkg/apis/streaming/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // +groupName=streaming.projectriff.io 18 | package v1alpha1 19 | -------------------------------------------------------------------------------- /pkg/apis/streaming/v1alpha1/gateway_defaults.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2020 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | package v1alpha1 17 | 18 | import "sigs.k8s.io/controller-runtime/pkg/webhook" 19 | 20 | // +kubebuilder:webhook:path=/mutate-streaming-projectriff-io-v1alpha1-gateway,mutating=true,failurePolicy=fail,sideEffects=none,admissionReviewVersions=v1beta1,groups=streaming.projectriff.io,resources=gateway,verbs=create;update,versions=v1alpha1,name=gateways.streaming.projectriff.io 21 | 22 | var _ webhook.Defaulter = &Gateway{} 23 | 24 | // Default implements webhook.Defaulter so a webhook will be registered for the type 25 | func (r *Gateway) Default() { 26 | r.Spec.Default() 27 | } 28 | 29 | func (s *GatewaySpec) Default() { 30 | } 31 | -------------------------------------------------------------------------------- /pkg/apis/streaming/v1alpha1/gateway_validation.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2020 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1alpha1 18 | 19 | import ( 20 | "github.com/vmware-labs/reconciler-runtime/validation" 21 | "k8s.io/apimachinery/pkg/api/equality" 22 | runtime "k8s.io/apimachinery/pkg/runtime" 23 | "sigs.k8s.io/controller-runtime/pkg/webhook" 24 | ) 25 | 26 | // +kubebuilder:webhook:path=/validate-streaming-projectriff-io-v1alpha1-gateway,mutating=false,failurePolicy=fail,sideEffects=none,admissionReviewVersions=v1beta1,groups=streaming.projectriff.io,resources=gateway,verbs=create;update,versions=v1alpha1,name=gateways.streaming.projectriff.io 27 | 28 | var ( 29 | _ webhook.Validator = &Gateway{} 30 | _ validation.FieldValidator = &Gateway{} 31 | ) 32 | 33 | // ValidateCreate implements webhook.Validator so a webhook will be registered for the type 34 | func (r *Gateway) ValidateCreate() error { 35 | return r.Validate().ToAggregate() 36 | } 37 | 38 | // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type 39 | func (r *Gateway) ValidateUpdate(old runtime.Object) error { 40 | // TODO check for immutable fields 41 | return r.Validate().ToAggregate() 42 | } 43 | 44 | // ValidateDelete implements webhook.Validator so a webhook will be registered for the type 45 | func (r *Gateway) ValidateDelete() error { 46 | return nil 47 | } 48 | 49 | func (r *Gateway) Validate() validation.FieldErrors { 50 | errs := validation.FieldErrors{} 51 | 52 | errs = errs.Also(r.Spec.Validate().ViaField("spec")) 53 | 54 | return errs 55 | } 56 | 57 | func (s *GatewaySpec) Validate() validation.FieldErrors { 58 | if equality.Semantic.DeepEqual(s, &GatewaySpec{}) { 59 | return validation.ErrMissingField(validation.CurrentField) 60 | } 61 | 62 | errs := validation.FieldErrors{} 63 | 64 | // TODO validate 65 | 66 | return errs 67 | } 68 | -------------------------------------------------------------------------------- /pkg/apis/streaming/v1alpha1/groupversion_info.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package v1alpha1 contains API Schema definitions for the streaming v1alpha1 API group 18 | // +kubebuilder:object:generate=true 19 | package v1alpha1 20 | 21 | import ( 22 | "k8s.io/apimachinery/pkg/runtime/schema" 23 | "sigs.k8s.io/controller-runtime/pkg/scheme" 24 | ) 25 | 26 | var ( 27 | // GroupVersion is group version used to register these objects 28 | GroupVersion = schema.GroupVersion{Group: "streaming.projectriff.io", Version: "v1alpha1"} 29 | 30 | // SchemeBuilder is used to add go types to the GroupVersionKind scheme 31 | SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} 32 | 33 | // AddToScheme adds the types in this group-version to the given scheme. 34 | AddToScheme = SchemeBuilder.AddToScheme 35 | ) 36 | 37 | // compatibility with k8s.io/code-generator 38 | var SchemeGroupVersion = GroupVersion 39 | -------------------------------------------------------------------------------- /pkg/apis/streaming/v1alpha1/inmemorygateway_defaults.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | package v1alpha1 17 | 18 | import "sigs.k8s.io/controller-runtime/pkg/webhook" 19 | 20 | // +kubebuilder:webhook:path=/mutate-streaming-projectriff-io-v1alpha1-inmemorygateway,mutating=true,failurePolicy=fail,sideEffects=none,admissionReviewVersions=v1beta1,groups=streaming.projectriff.io,resources=inmemorygateways,verbs=create;update,versions=v1alpha1,name=inmemorygateways.streaming.projectriff.io 21 | 22 | var _ webhook.Defaulter = &InMemoryGateway{} 23 | 24 | // Default implements webhook.Defaulter so a webhook will be registered for the type 25 | func (r *InMemoryGateway) Default() { 26 | r.Spec.Default() 27 | } 28 | 29 | func (s *InMemoryGatewaySpec) Default() { 30 | } 31 | -------------------------------------------------------------------------------- /pkg/apis/streaming/v1alpha1/inmemorygateway_validation_test.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1alpha1 18 | 19 | import ( 20 | "testing" 21 | 22 | "github.com/google/go-cmp/cmp" 23 | "github.com/vmware-labs/reconciler-runtime/validation" 24 | ) 25 | 26 | func TestValidateInMemoryGateway(t *testing.T) { 27 | for _, c := range []struct { 28 | name string 29 | target *InMemoryGateway 30 | expected validation.FieldErrors 31 | }{{ 32 | name: "empty", 33 | target: &InMemoryGateway{}, 34 | expected: validation.FieldErrors{}, 35 | }} { 36 | t.Run(c.name, func(t *testing.T) { 37 | actual := c.target.Validate() 38 | if diff := cmp.Diff(c.expected, actual); diff != "" { 39 | t.Errorf("validateInMemoryGateway(%s) (-expected, +actual) = %v", c.name, diff) 40 | } 41 | }) 42 | } 43 | } 44 | 45 | func TestValidateInMemoryGatewaySpec(t *testing.T) { 46 | for _, c := range []struct { 47 | name string 48 | target *InMemoryGatewaySpec 49 | expected validation.FieldErrors 50 | }{{ 51 | name: "empty", 52 | target: &InMemoryGatewaySpec{}, 53 | expected: validation.FieldErrors{}, 54 | }} { 55 | t.Run(c.name, func(t *testing.T) { 56 | actual := c.target.Validate() 57 | if diff := cmp.Diff(c.expected, actual); diff != "" { 58 | t.Errorf("validateInMemoryGatewaySpec(%s) (-expected, +actual) = %v", c.name, diff) 59 | } 60 | }) 61 | } 62 | } 63 | -------------------------------------------------------------------------------- /pkg/apis/streaming/v1alpha1/kafkagateway_defaults.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | package v1alpha1 17 | 18 | import "sigs.k8s.io/controller-runtime/pkg/webhook" 19 | 20 | // +kubebuilder:webhook:path=/mutate-streaming-projectriff-io-v1alpha1-kafkagateway,mutating=true,failurePolicy=fail,sideEffects=none,admissionReviewVersions=v1beta1,groups=streaming.projectriff.io,resources=kafkagateways,verbs=create;update,versions=v1alpha1,name=kafkagateways.streaming.projectriff.io 21 | 22 | var _ webhook.Defaulter = &KafkaGateway{} 23 | 24 | // Default implements webhook.Defaulter so a webhook will be registered for the type 25 | func (r *KafkaGateway) Default() { 26 | r.Spec.Default() 27 | } 28 | 29 | func (s *KafkaGatewaySpec) Default() { 30 | } 31 | -------------------------------------------------------------------------------- /pkg/apis/streaming/v1alpha1/kafkagateway_validation_test.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1alpha1 18 | 19 | import ( 20 | "testing" 21 | 22 | "github.com/google/go-cmp/cmp" 23 | "github.com/vmware-labs/reconciler-runtime/validation" 24 | ) 25 | 26 | func TestValidateKafkaGateway(t *testing.T) { 27 | for _, c := range []struct { 28 | name string 29 | target *KafkaGateway 30 | expected validation.FieldErrors 31 | }{{ 32 | name: "empty", 33 | target: &KafkaGateway{}, 34 | expected: validation.ErrMissingField("spec"), 35 | }, { 36 | name: "valid", 37 | target: &KafkaGateway{ 38 | Spec: KafkaGatewaySpec{ 39 | BootstrapServers: "localhost:9092", 40 | }, 41 | }, 42 | expected: validation.FieldErrors{}, 43 | }} { 44 | t.Run(c.name, func(t *testing.T) { 45 | actual := c.target.Validate() 46 | if diff := cmp.Diff(c.expected, actual); diff != "" { 47 | t.Errorf("validateKafkaGateway(%s) (-expected, +actual) = %v", c.name, diff) 48 | } 49 | }) 50 | } 51 | } 52 | 53 | func TestValidateKafkaGatewaySpec(t *testing.T) { 54 | for _, c := range []struct { 55 | name string 56 | target *KafkaGatewaySpec 57 | expected validation.FieldErrors 58 | }{{ 59 | name: "empty", 60 | target: &KafkaGatewaySpec{}, 61 | expected: validation.ErrMissingField(validation.CurrentField), 62 | }, { 63 | name: "valid", 64 | target: &KafkaGatewaySpec{ 65 | BootstrapServers: "localhost:9092", 66 | }, 67 | expected: validation.FieldErrors{}, 68 | }} { 69 | t.Run(c.name, func(t *testing.T) { 70 | actual := c.target.Validate() 71 | if diff := cmp.Diff(c.expected, actual); diff != "" { 72 | t.Errorf("validateKafkaGatewaySpec(%s) (-expected, +actual) = %v", c.name, diff) 73 | } 74 | }) 75 | } 76 | } 77 | -------------------------------------------------------------------------------- /pkg/apis/streaming/v1alpha1/pulsargateway_defaults.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | package v1alpha1 17 | 18 | import "sigs.k8s.io/controller-runtime/pkg/webhook" 19 | 20 | // +kubebuilder:webhook:path=/mutate-streaming-projectriff-io-v1alpha1-pulsargateway,mutating=true,failurePolicy=fail,sideEffects=none,admissionReviewVersions=v1beta1,groups=streaming.projectriff.io,resources=pulsargateways,verbs=create;update,versions=v1alpha1,name=pulsargateways.streaming.projectriff.io 21 | 22 | var _ webhook.Defaulter = &PulsarGateway{} 23 | 24 | // Default implements webhook.Defaulter so a webhook will be registered for the type 25 | func (r *PulsarGateway) Default() { 26 | r.Spec.Default() 27 | } 28 | 29 | func (s *PulsarGatewaySpec) Default() { 30 | } 31 | -------------------------------------------------------------------------------- /pkg/apis/streaming/v1alpha1/stream_defaults.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1alpha1 18 | 19 | import ( 20 | "sigs.k8s.io/controller-runtime/pkg/webhook" 21 | ) 22 | 23 | // +kubebuilder:webhook:path=/mutate-streaming-projectriff-io-v1alpha1-stream,mutating=true,failurePolicy=fail,sideEffects=none,admissionReviewVersions=v1beta1,groups=streaming.projectriff.io,resources=streams,verbs=create;update,versions=v1alpha1,name=streams.streaming.projectriff.io 24 | 25 | var _ webhook.Defaulter = &Stream{} 26 | 27 | // Default implements webhook.Defaulter so a webhook will be registered for the type 28 | func (r *Stream) Default() { 29 | r.Spec.Default() 30 | } 31 | 32 | func (s *StreamSpec) Default() { 33 | if s.ContentType == "" { 34 | s.ContentType = "application/octet-stream" 35 | } 36 | } 37 | -------------------------------------------------------------------------------- /pkg/apis/streaming/v1alpha1/stream_defaults_test.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1alpha1 18 | 19 | import ( 20 | "testing" 21 | 22 | "github.com/google/go-cmp/cmp" 23 | ) 24 | 25 | func TestStreamDefault(t *testing.T) { 26 | tests := []struct { 27 | name string 28 | in *Stream 29 | want *Stream 30 | }{{ 31 | name: "empty", 32 | in: &Stream{}, 33 | want: &Stream{ 34 | Spec: StreamSpec{ 35 | ContentType: "application/octet-stream", 36 | }, 37 | }, 38 | }} 39 | 40 | for _, test := range tests { 41 | t.Run(test.name, func(t *testing.T) { 42 | got := test.in 43 | got.Default() 44 | if diff := cmp.Diff(test.want, got); diff != "" { 45 | t.Errorf("Default (-want, +got) = %v", diff) 46 | } 47 | }) 48 | } 49 | } 50 | 51 | func TestStreamSpecDefault(t *testing.T) { 52 | tests := []struct { 53 | name string 54 | in *StreamSpec 55 | want *StreamSpec 56 | }{{ 57 | name: "content type is defaulted", 58 | in: &StreamSpec{}, 59 | want: &StreamSpec{ 60 | ContentType: "application/octet-stream", 61 | }, 62 | }, { 63 | name: "content type is not overwritten", 64 | in: &StreamSpec{ 65 | ContentType: "application/x-doom", 66 | }, 67 | want: &StreamSpec{ 68 | ContentType: "application/x-doom", 69 | }, 70 | }} 71 | 72 | for _, test := range tests { 73 | t.Run(test.name, func(t *testing.T) { 74 | got := test.in 75 | got.Default() 76 | if diff := cmp.Diff(test.want, got); diff != "" { 77 | t.Errorf("Default (-want, +got) = %v", diff) 78 | } 79 | }) 80 | } 81 | } 82 | -------------------------------------------------------------------------------- /pkg/apis/streaming/v1alpha1/stream_lifecycle.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1alpha1 18 | 19 | import ( 20 | "github.com/vmware-labs/reconciler-runtime/apis" 21 | ) 22 | 23 | const ( 24 | StreamConditionReady = apis.ConditionReady 25 | StreamConditionResourceAvailable apis.ConditionType = "ResourceAvailable" 26 | StreamConditionBindingReady apis.ConditionType = "BindingReady" 27 | ) 28 | 29 | var streamCondSet = apis.NewLivingConditionSet( 30 | StreamConditionResourceAvailable, 31 | StreamConditionBindingReady, 32 | ) 33 | 34 | func (ss *StreamStatus) GetObservedGeneration() int64 { 35 | return ss.ObservedGeneration 36 | } 37 | 38 | func (ss *StreamStatus) IsReady() bool { 39 | return streamCondSet.Manage(ss).IsHappy() 40 | } 41 | 42 | func (*StreamStatus) GetReadyConditionType() apis.ConditionType { 43 | return StreamConditionReady 44 | } 45 | 46 | func (ss *StreamStatus) GetCondition(t apis.ConditionType) *apis.Condition { 47 | return streamCondSet.Manage(ss).GetCondition(t) 48 | } 49 | 50 | func (ss *StreamStatus) InitializeConditions() { 51 | streamCondSet.Manage(ss).InitializeConditions() 52 | } 53 | 54 | func (ss *StreamStatus) MarkStreamProvisioned() { 55 | streamCondSet.Manage(ss).MarkTrue(StreamConditionResourceAvailable) 56 | } 57 | 58 | func (ss *StreamStatus) MarkStreamProvisionFailed(message string) { 59 | streamCondSet.Manage(ss).MarkFalse(StreamConditionResourceAvailable, "ProvisionFailed", message) 60 | } 61 | 62 | func (ss *StreamStatus) MarkBindingReady() { 63 | streamCondSet.Manage(ss).MarkTrue(StreamConditionBindingReady) 64 | } 65 | 66 | func (ss *StreamStatus) MarkBindingNotReady(message string, a ...interface{}) { 67 | streamCondSet.Manage(ss).MarkFalse(StreamConditionBindingReady, "BindingFailed", message, a...) 68 | } 69 | -------------------------------------------------------------------------------- /pkg/apis/thirdparty/keda/v1alpha1/groupversion_info.go: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2019 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | // +kubebuilder:object:generate=true 18 | // +groupName=keda.k8s.io 19 | package v1alpha1 20 | 21 | import ( 22 | "k8s.io/apimachinery/pkg/runtime/schema" 23 | "sigs.k8s.io/controller-runtime/pkg/scheme" 24 | ) 25 | 26 | var ( 27 | // GroupVersion is group version used to register these objects 28 | GroupVersion = schema.GroupVersion{Group: "keda.k8s.io", Version: "v1alpha1"} 29 | 30 | // SchemeBuilder is used to add go types to the GroupVersionKind scheme 31 | SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} 32 | 33 | // AddToScheme adds the types in this group-version to the given scheme. 34 | AddToScheme = SchemeBuilder.AddToScheme 35 | ) 36 | -------------------------------------------------------------------------------- /pkg/apis/thirdparty/knative/serving/v1/groupversion_info.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package v1 contains API Schema definitions for the Knative Serving v1 API group 18 | // 19 | // This API group is a forked subset of https://github.com/knative/serving/tree/master/pkg/apis/serving/v1 20 | // focusing only of the types with no runtime behavior. It is indended to enable 21 | // interaction with the Knative Serving API without including unnecessary dependencies. 22 | 23 | // +kubebuilder:object:generate=true 24 | // +groupName=serving.knative.dev 25 | package v1 26 | 27 | import ( 28 | "k8s.io/apimachinery/pkg/runtime/schema" 29 | "sigs.k8s.io/controller-runtime/pkg/scheme" 30 | ) 31 | 32 | var ( 33 | // GroupVersion is group version used to register these objects 34 | GroupVersion = schema.GroupVersion{Group: "serving.knative.dev", Version: "v1"} 35 | 36 | // SchemeBuilder is used to add go types to the GroupVersionKind scheme 37 | SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} 38 | 39 | // AddToScheme adds the types in this group-version to the given scheme. 40 | AddToScheme = SchemeBuilder.AddToScheme 41 | ) 42 | -------------------------------------------------------------------------------- /pkg/apis/thirdparty/kpack/build/v1alpha1/buildpack_metadata.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 The original author or authors 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1alpha1 18 | 19 | type BuildpackMetadataList []BuildpackMetadata 20 | 21 | type BuildpackMetadata struct { 22 | ID string `json:"key"` 23 | Version string `json:"version"` 24 | } 25 | -------------------------------------------------------------------------------- /pkg/apis/thirdparty/kpack/build/v1alpha1/cluster_builder_types.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 The original author or authors 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1alpha1 18 | 19 | import ( 20 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 21 | ) 22 | 23 | // EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! 24 | // NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. 25 | 26 | // +kubebuilder:object:root=true 27 | 28 | type ClusterBuilder struct { 29 | metav1.TypeMeta `json:",inline"` 30 | metav1.ObjectMeta `json:"metadata,omitempty"` 31 | 32 | Spec BuilderSpec `json:"spec,omitempty"` 33 | Status BuilderStatus `json:"status,omitempty"` 34 | } 35 | 36 | // +kubebuilder:object:root=true 37 | 38 | // ClusterBuilderList contains a list of ClusterBuilder 39 | type ClusterBuilderList struct { 40 | metav1.TypeMeta `json:",inline"` 41 | metav1.ListMeta `json:"metadata,omitempty"` 42 | Items []ClusterBuilder `json:"items"` 43 | } 44 | 45 | func init() { 46 | SchemeBuilder.Register(&ClusterBuilder{}, &ClusterBuilderList{}) 47 | } 48 | -------------------------------------------------------------------------------- /pkg/apis/thirdparty/kpack/build/v1alpha1/groupversion_info.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | // Package v1 contains API Schema definitions for the kpack v1alpha1 API group 18 | // 19 | // This API group is a forked subset of https://github.com/pivotal/kpack/tree/master/pkg/apis/build/v1alpha1 20 | // focusing only of the types with no runtime behavior. It is indended to enable 21 | // interaction with the kpack API without including unnecessary dependencies. 22 | 23 | // +kubebuilder:object:generate=true 24 | // +groupName=build.pivotal.io 25 | package v1alpha1 26 | 27 | import ( 28 | "k8s.io/apimachinery/pkg/runtime/schema" 29 | "sigs.k8s.io/controller-runtime/pkg/scheme" 30 | ) 31 | 32 | var ( 33 | // GroupVersion is group version used to register these objects 34 | GroupVersion = schema.GroupVersion{Group: "build.pivotal.io", Version: "v1alpha1"} 35 | 36 | // SchemeBuilder is used to add go types to the GroupVersionKind scheme 37 | SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} 38 | 39 | // AddToScheme adds the types in this group-version to the given scheme. 40 | AddToScheme = SchemeBuilder.AddToScheme 41 | ) 42 | -------------------------------------------------------------------------------- /pkg/apis/thirdparty/kpack/build/v1alpha1/source_resolver_types.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 The original author or authors 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package v1alpha1 18 | 19 | import ( 20 | "github.com/vmware-labs/reconciler-runtime/apis" 21 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 22 | ) 23 | 24 | // EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! 25 | // NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. 26 | 27 | // SourceResolverSpec is the spec for a SourceResolver resource. 28 | type SourceResolverSpec struct { 29 | // INSERT ADDITIONAL SPEC FIELDS - desired state of cluster 30 | // Important: Run "make" to regenerate code after modifying this file 31 | 32 | ServiceAccount string `json:"serviceAccount"` 33 | Source SourceConfig `json:"source"` 34 | } 35 | 36 | // SourceResolverStatus is the status for a SourceResolver resource 37 | type SourceResolverStatus struct { 38 | // INSERT ADDITIONAL STATUS FIELD - define observed state of cluster 39 | // Important: Run "make" to regenerate code after modifying this file 40 | 41 | apis.Status `json:",inline"` 42 | Source ResolvedSourceConfig `json:"source"` 43 | } 44 | 45 | // +kubebuilder:object:root=true 46 | 47 | type SourceResolver struct { 48 | metav1.TypeMeta `json:",inline"` 49 | metav1.ObjectMeta `json:"metadata,omitempty"` 50 | 51 | Spec SourceResolverSpec `json:"spec,omitempty"` 52 | Status SourceResolverStatus `json:"status,omitempty"` 53 | } 54 | 55 | // +kubebuilder:object:root=true 56 | 57 | // SourceResolverList contains a list of SourceResolver 58 | type SourceResolverList struct { 59 | metav1.TypeMeta `json:",inline"` 60 | metav1.ListMeta `json:"metadata,omitempty"` 61 | Items []SourceResolver `json:"items"` 62 | } 63 | 64 | func init() { 65 | SchemeBuilder.Register(&SourceResolver{}, &SourceResolverList{}) 66 | } 67 | -------------------------------------------------------------------------------- /pkg/authn/secrets_keychain.go: -------------------------------------------------------------------------------- 1 | package authn 2 | 3 | import ( 4 | "fmt" 5 | "strings" 6 | 7 | ggcrauthn "github.com/google/go-containerregistry/pkg/authn" 8 | corev1 "k8s.io/api/core/v1" 9 | ) 10 | 11 | type DockerSecretsKeychain struct { 12 | regAuths map[string]*ggcrauthn.Basic 13 | } 14 | 15 | const DockerSecretAnnotation = "build.pivotal.io/docker" 16 | 17 | func NewSecretsKeychain(secrets []corev1.Secret) ggcrauthn.Keychain { 18 | k := &DockerSecretsKeychain{ 19 | regAuths: map[string]*ggcrauthn.Basic{}, 20 | } 21 | for _, secret := range secrets { 22 | if secret.Annotations[DockerSecretAnnotation] == "" { 23 | continue 24 | } 25 | if secret.Type != corev1.SecretTypeBasicAuth { 26 | continue 27 | } 28 | k.regAuths[trimReg(secret.Annotations[DockerSecretAnnotation])] = &ggcrauthn.Basic{ 29 | Username: string(secret.Data[corev1.BasicAuthUsernameKey]), 30 | Password: string(secret.Data[corev1.BasicAuthPasswordKey]), 31 | } 32 | } 33 | return k 34 | } 35 | 36 | func (k *DockerSecretsKeychain) Resolve(resource ggcrauthn.Resource) (ggcrauthn.Authenticator, error) { 37 | for reg, auth := range k.regAuths { 38 | if reg == trimReg(resource.RegistryStr()) { 39 | if auth.Username == "" { 40 | return nil, fmt.Errorf("invalid auth: missing username") 41 | } 42 | if auth.Password == "" { 43 | return nil, fmt.Errorf("invalid auth: missing password") 44 | } 45 | return auth, nil 46 | } 47 | } 48 | return ggcrauthn.Anonymous, nil 49 | } 50 | 51 | func trimReg(reg string) string { 52 | reg = strings.TrimPrefix(reg, "http://") 53 | reg = strings.TrimPrefix(reg, "https://") 54 | reg = strings.TrimRight(reg, "/") 55 | return reg 56 | } 57 | -------------------------------------------------------------------------------- /pkg/client/clientset/versioned/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | // This package has the automatically generated clientset. 19 | package versioned 20 | -------------------------------------------------------------------------------- /pkg/client/clientset/versioned/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | // This package has the automatically generated fake clientset. 19 | package fake 20 | -------------------------------------------------------------------------------- /pkg/client/clientset/versioned/scheme/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | // This package contains the scheme of the automatically generated clientset. 19 | package scheme 20 | -------------------------------------------------------------------------------- /pkg/client/clientset/versioned/typed/bindings/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | // This package has the automatically generated typed clients. 19 | package v1alpha1 20 | -------------------------------------------------------------------------------- /pkg/client/clientset/versioned/typed/bindings/v1alpha1/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | // Package fake has the automatically generated clients. 19 | package fake 20 | -------------------------------------------------------------------------------- /pkg/client/clientset/versioned/typed/bindings/v1alpha1/fake/fake_bindings_client.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | package fake 19 | 20 | import ( 21 | rest "k8s.io/client-go/rest" 22 | testing "k8s.io/client-go/testing" 23 | 24 | v1alpha1 "github.com/projectriff/system/pkg/client/clientset/versioned/typed/bindings/v1alpha1" 25 | ) 26 | 27 | type FakeBindingsV1alpha1 struct { 28 | *testing.Fake 29 | } 30 | 31 | func (c *FakeBindingsV1alpha1) ImageBindings(namespace string) v1alpha1.ImageBindingInterface { 32 | return &FakeImageBindings{c, namespace} 33 | } 34 | 35 | func (c *FakeBindingsV1alpha1) ServiceBindings(namespace string) v1alpha1.ServiceBindingInterface { 36 | return &FakeServiceBindings{c, namespace} 37 | } 38 | 39 | // RESTClient returns a RESTClient that is used to communicate 40 | // with API server by this client implementation. 41 | func (c *FakeBindingsV1alpha1) RESTClient() rest.Interface { 42 | var ret *rest.RESTClient 43 | return ret 44 | } 45 | -------------------------------------------------------------------------------- /pkg/client/clientset/versioned/typed/bindings/v1alpha1/generated_expansion.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | package v1alpha1 19 | 20 | type ImageBindingExpansion interface{} 21 | 22 | type ServiceBindingExpansion interface{} 23 | -------------------------------------------------------------------------------- /pkg/client/clientset/versioned/typed/build/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | // This package has the automatically generated typed clients. 19 | package v1alpha1 20 | -------------------------------------------------------------------------------- /pkg/client/clientset/versioned/typed/build/v1alpha1/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | // Package fake has the automatically generated clients. 19 | package fake 20 | -------------------------------------------------------------------------------- /pkg/client/clientset/versioned/typed/build/v1alpha1/fake/fake_build_client.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | package fake 19 | 20 | import ( 21 | rest "k8s.io/client-go/rest" 22 | testing "k8s.io/client-go/testing" 23 | 24 | v1alpha1 "github.com/projectriff/system/pkg/client/clientset/versioned/typed/build/v1alpha1" 25 | ) 26 | 27 | type FakeBuildV1alpha1 struct { 28 | *testing.Fake 29 | } 30 | 31 | func (c *FakeBuildV1alpha1) Applications(namespace string) v1alpha1.ApplicationInterface { 32 | return &FakeApplications{c, namespace} 33 | } 34 | 35 | func (c *FakeBuildV1alpha1) Containers(namespace string) v1alpha1.ContainerInterface { 36 | return &FakeContainers{c, namespace} 37 | } 38 | 39 | func (c *FakeBuildV1alpha1) Functions(namespace string) v1alpha1.FunctionInterface { 40 | return &FakeFunctions{c, namespace} 41 | } 42 | 43 | // RESTClient returns a RESTClient that is used to communicate 44 | // with API server by this client implementation. 45 | func (c *FakeBuildV1alpha1) RESTClient() rest.Interface { 46 | var ret *rest.RESTClient 47 | return ret 48 | } 49 | -------------------------------------------------------------------------------- /pkg/client/clientset/versioned/typed/build/v1alpha1/generated_expansion.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | package v1alpha1 19 | 20 | type ApplicationExpansion interface{} 21 | 22 | type ContainerExpansion interface{} 23 | 24 | type FunctionExpansion interface{} 25 | -------------------------------------------------------------------------------- /pkg/client/clientset/versioned/typed/core/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | // This package has the automatically generated typed clients. 19 | package v1alpha1 20 | -------------------------------------------------------------------------------- /pkg/client/clientset/versioned/typed/core/v1alpha1/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | // Package fake has the automatically generated clients. 19 | package fake 20 | -------------------------------------------------------------------------------- /pkg/client/clientset/versioned/typed/core/v1alpha1/fake/fake_core_client.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | package fake 19 | 20 | import ( 21 | rest "k8s.io/client-go/rest" 22 | testing "k8s.io/client-go/testing" 23 | 24 | v1alpha1 "github.com/projectriff/system/pkg/client/clientset/versioned/typed/core/v1alpha1" 25 | ) 26 | 27 | type FakeCoreV1alpha1 struct { 28 | *testing.Fake 29 | } 30 | 31 | func (c *FakeCoreV1alpha1) Deployers(namespace string) v1alpha1.DeployerInterface { 32 | return &FakeDeployers{c, namespace} 33 | } 34 | 35 | // RESTClient returns a RESTClient that is used to communicate 36 | // with API server by this client implementation. 37 | func (c *FakeCoreV1alpha1) RESTClient() rest.Interface { 38 | var ret *rest.RESTClient 39 | return ret 40 | } 41 | -------------------------------------------------------------------------------- /pkg/client/clientset/versioned/typed/core/v1alpha1/generated_expansion.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | package v1alpha1 19 | 20 | type DeployerExpansion interface{} 21 | -------------------------------------------------------------------------------- /pkg/client/clientset/versioned/typed/knative/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | // This package has the automatically generated typed clients. 19 | package v1alpha1 20 | -------------------------------------------------------------------------------- /pkg/client/clientset/versioned/typed/knative/v1alpha1/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | // Package fake has the automatically generated clients. 19 | package fake 20 | -------------------------------------------------------------------------------- /pkg/client/clientset/versioned/typed/knative/v1alpha1/fake/fake_knative_client.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | package fake 19 | 20 | import ( 21 | rest "k8s.io/client-go/rest" 22 | testing "k8s.io/client-go/testing" 23 | 24 | v1alpha1 "github.com/projectriff/system/pkg/client/clientset/versioned/typed/knative/v1alpha1" 25 | ) 26 | 27 | type FakeKnativeV1alpha1 struct { 28 | *testing.Fake 29 | } 30 | 31 | func (c *FakeKnativeV1alpha1) Adapters(namespace string) v1alpha1.AdapterInterface { 32 | return &FakeAdapters{c, namespace} 33 | } 34 | 35 | func (c *FakeKnativeV1alpha1) Deployers(namespace string) v1alpha1.DeployerInterface { 36 | return &FakeDeployers{c, namespace} 37 | } 38 | 39 | // RESTClient returns a RESTClient that is used to communicate 40 | // with API server by this client implementation. 41 | func (c *FakeKnativeV1alpha1) RESTClient() rest.Interface { 42 | var ret *rest.RESTClient 43 | return ret 44 | } 45 | -------------------------------------------------------------------------------- /pkg/client/clientset/versioned/typed/knative/v1alpha1/generated_expansion.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | package v1alpha1 19 | 20 | type AdapterExpansion interface{} 21 | 22 | type DeployerExpansion interface{} 23 | -------------------------------------------------------------------------------- /pkg/client/clientset/versioned/typed/streaming/v1alpha1/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | // This package has the automatically generated typed clients. 19 | package v1alpha1 20 | -------------------------------------------------------------------------------- /pkg/client/clientset/versioned/typed/streaming/v1alpha1/fake/doc.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | // Package fake has the automatically generated clients. 19 | package fake 20 | -------------------------------------------------------------------------------- /pkg/client/clientset/versioned/typed/streaming/v1alpha1/fake/fake_streaming_client.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | package fake 19 | 20 | import ( 21 | rest "k8s.io/client-go/rest" 22 | testing "k8s.io/client-go/testing" 23 | 24 | v1alpha1 "github.com/projectriff/system/pkg/client/clientset/versioned/typed/streaming/v1alpha1" 25 | ) 26 | 27 | type FakeStreamingV1alpha1 struct { 28 | *testing.Fake 29 | } 30 | 31 | func (c *FakeStreamingV1alpha1) Gateways(namespace string) v1alpha1.GatewayInterface { 32 | return &FakeGateways{c, namespace} 33 | } 34 | 35 | func (c *FakeStreamingV1alpha1) InMemoryGateways(namespace string) v1alpha1.InMemoryGatewayInterface { 36 | return &FakeInMemoryGateways{c, namespace} 37 | } 38 | 39 | func (c *FakeStreamingV1alpha1) KafkaGateways(namespace string) v1alpha1.KafkaGatewayInterface { 40 | return &FakeKafkaGateways{c, namespace} 41 | } 42 | 43 | func (c *FakeStreamingV1alpha1) Processors(namespace string) v1alpha1.ProcessorInterface { 44 | return &FakeProcessors{c, namespace} 45 | } 46 | 47 | func (c *FakeStreamingV1alpha1) PulsarGateways(namespace string) v1alpha1.PulsarGatewayInterface { 48 | return &FakePulsarGateways{c, namespace} 49 | } 50 | 51 | func (c *FakeStreamingV1alpha1) Streams(namespace string) v1alpha1.StreamInterface { 52 | return &FakeStreams{c, namespace} 53 | } 54 | 55 | // RESTClient returns a RESTClient that is used to communicate 56 | // with API server by this client implementation. 57 | func (c *FakeStreamingV1alpha1) RESTClient() rest.Interface { 58 | var ret *rest.RESTClient 59 | return ret 60 | } 61 | -------------------------------------------------------------------------------- /pkg/client/clientset/versioned/typed/streaming/v1alpha1/generated_expansion.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | // Code generated by client-gen. DO NOT EDIT. 17 | 18 | package v1alpha1 19 | 20 | type GatewayExpansion interface{} 21 | 22 | type InMemoryGatewayExpansion interface{} 23 | 24 | type KafkaGatewayExpansion interface{} 25 | 26 | type ProcessorExpansion interface{} 27 | 28 | type PulsarGatewayExpansion interface{} 29 | 30 | type StreamExpansion interface{} 31 | -------------------------------------------------------------------------------- /pkg/controllers/build/common.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package build 18 | 19 | import ( 20 | "context" 21 | "fmt" 22 | "strings" 23 | 24 | corev1 "k8s.io/api/core/v1" 25 | apierrs "k8s.io/apimachinery/pkg/api/errors" 26 | "k8s.io/apimachinery/pkg/types" 27 | "sigs.k8s.io/controller-runtime/pkg/client" 28 | 29 | buildv1alpha1 "github.com/projectriff/system/pkg/apis/build/v1alpha1" 30 | ) 31 | 32 | const riffBuildServiceAccount = "riff-build" 33 | 34 | var errMissingDefaultPrefix = fmt.Errorf("missing default image prefix") 35 | 36 | // +kubebuilder:rbac:groups=core,resources=configmaps,verbs=get;list;watch 37 | 38 | func resolveTargetImage(ctx context.Context, client client.Client, build buildv1alpha1.ImageResource) (string, error) { 39 | if !strings.HasPrefix(build.GetImage(), "_") { 40 | return build.GetImage(), nil 41 | } 42 | 43 | var riffBuildConfig corev1.ConfigMap 44 | if err := client.Get(ctx, types.NamespacedName{Namespace: build.GetNamespace(), Name: riffBuildServiceAccount}, &riffBuildConfig); err != nil { 45 | if apierrs.IsNotFound(err) { 46 | return "", errMissingDefaultPrefix 47 | } 48 | return "", err 49 | } 50 | defaultPrefix := riffBuildConfig.Data["default-image-prefix"] 51 | if defaultPrefix == "" { 52 | return "", errMissingDefaultPrefix 53 | } 54 | image, err := buildv1alpha1.ResolveDefaultImage(build, defaultPrefix) 55 | if err != nil { 56 | return "", err 57 | } 58 | return image, nil 59 | } 60 | -------------------------------------------------------------------------------- /pkg/controllers/core/config.go: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2019 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | package core 18 | 19 | const ( 20 | kustomizePrefix = "riff-core" // kustomize adds this prefix to all our resource names 21 | 22 | systemNamespace = "riff-system" 23 | 24 | settingsConfigMapName = kustomizePrefix + "-settings" 25 | defaultDomainKey = "defaultDomain" 26 | defaultDomain = "example.com" 27 | ) 28 | -------------------------------------------------------------------------------- /pkg/controllers/streaming/config.go: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2019 the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | 17 | package streaming 18 | 19 | const ( 20 | kustomizePrefix = "riff-streaming" // kustomize adds this prefix to all our resource names 21 | 22 | kafkaGatewayImages = kustomizePrefix + "-kafka-gateway" // contains image names for the kafka gateway 23 | inmemoryGatewayImages = kustomizePrefix + "-inmemory-gateway" // contains image names for the inmemory gateway 24 | pulsarGatewayImages = kustomizePrefix + "-pulsar-gateway" // contains image names for the pulsar gateway 25 | gatewayImageKey = "gatewayImage" 26 | provisionerImageKey = "provisionerImage" 27 | 28 | processorImages = kustomizePrefix + "-processor" // contains image names for the streaming processor 29 | processorImageKey = "processorImage" 30 | ) 31 | -------------------------------------------------------------------------------- /pkg/controllers/streaming/mock_stream_provisioner_client.go: -------------------------------------------------------------------------------- 1 | // Code generated by mockery v1.0.0. DO NOT EDIT. 2 | 3 | package streaming 4 | 5 | import ( 6 | mock "github.com/stretchr/testify/mock" 7 | 8 | v1alpha1 "github.com/projectriff/system/pkg/apis/streaming/v1alpha1" 9 | ) 10 | 11 | // MockStreamProvisionerClient is an autogenerated mock type for the StreamProvisionerClient type 12 | type MockStreamProvisionerClient struct { 13 | mock.Mock 14 | } 15 | 16 | // ProvisionStream provides a mock function with given fields: stream, provisionerURL 17 | func (_m *MockStreamProvisionerClient) ProvisionStream(stream *v1alpha1.Stream, provisionerURL string) (*StreamAddress, error) { 18 | ret := _m.Called(stream, provisionerURL) 19 | 20 | var r0 *StreamAddress 21 | if rf, ok := ret.Get(0).(func(*v1alpha1.Stream, string) *StreamAddress); ok { 22 | r0 = rf(stream, provisionerURL) 23 | } else { 24 | if ret.Get(0) != nil { 25 | r0 = ret.Get(0).(*StreamAddress) 26 | } 27 | } 28 | 29 | var r1 error 30 | if rf, ok := ret.Get(1).(func(*v1alpha1.Stream, string) error); ok { 31 | r1 = rf(stream, provisionerURL) 32 | } else { 33 | r1 = ret.Error(1) 34 | } 35 | 36 | return r0, r1 37 | } 38 | -------------------------------------------------------------------------------- /pkg/controllers/testing/factories/aliases.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package factories 18 | 19 | import ( 20 | "github.com/vmware-labs/reconciler-runtime/testing/factories" 21 | ) 22 | 23 | type ConditionFactory = factories.ConditionFactory 24 | type ObjectMeta = factories.ObjectMeta 25 | type PodTemplateSpec = factories.PodTemplateSpec 26 | 27 | var ( 28 | Condition = factories.Condition 29 | ObjectMetaFactory = factories.ObjectMetaFactory 30 | PodTemplateSpecFactory = factories.PodTemplateSpecFactory 31 | ) 32 | 33 | var ( 34 | ConfigMap = factories.ConfigMap 35 | Deployment = factories.Deployment 36 | Ingress = factories.Ingress 37 | Secret = factories.Secret 38 | Service = factories.Service 39 | ServiceAccount = factories.ServiceAccount 40 | ) 41 | -------------------------------------------------------------------------------- /pkg/refs/aliases.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package refs 18 | 19 | // TODO restore corev1.TypedLocalObjectReference 20 | // HACK this version supports nullable APIGroup, until controller-gen supports *string 21 | 22 | // TypedLocalObjectReference contains enough information to let you locate the 23 | // typed referenced object inside the same namespace. 24 | type TypedLocalObjectReference struct { 25 | // APIGroup is the group for the resource being referenced. 26 | // If APIGroup is not specified, the specified Kind must be in the core API group. 27 | // For any other third-party types, APIGroup is required. 28 | // +optional 29 | // +nullable 30 | APIGroup *string `json:"apiGroup" protobuf:"bytes,1,opt,name=apiGroup"` 31 | // Kind is the type of resource being referenced 32 | Kind string `json:"kind" protobuf:"bytes,2,opt,name=kind"` 33 | // Name is the name of resource being referenced 34 | Name string `json:"name" protobuf:"bytes,3,opt,name=name"` 35 | } 36 | 37 | // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. 38 | func (in *TypedLocalObjectReference) DeepCopyInto(out *TypedLocalObjectReference) { 39 | *out = *in 40 | if in.APIGroup != nil { 41 | in, out := &in.APIGroup, &out.APIGroup 42 | *out = new(string) 43 | **out = **in 44 | } 45 | return 46 | } 47 | 48 | // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TypedLocalObjectReference. 49 | func (in *TypedLocalObjectReference) DeepCopy() *TypedLocalObjectReference { 50 | if in == nil { 51 | return nil 52 | } 53 | out := new(TypedLocalObjectReference) 54 | in.DeepCopyInto(out) 55 | return out 56 | } 57 | 58 | // END HACK 59 | -------------------------------------------------------------------------------- /pkg/refs/typed.go: -------------------------------------------------------------------------------- 1 | /* 2 | Copyright 2019 the original author or authors. 3 | 4 | Licensed under the Apache License, Version 2.0 (the "License"); 5 | you may not use this file except in compliance with the License. 6 | You may obtain a copy of the License at 7 | 8 | http://www.apache.org/licenses/LICENSE-2.0 9 | 10 | Unless required by applicable law or agreed to in writing, software 11 | distributed under the License is distributed on an "AS IS" BASIS, 12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | See the License for the specific language governing permissions and 14 | limitations under the License. 15 | */ 16 | 17 | package refs 18 | 19 | import ( 20 | "fmt" 21 | 22 | "k8s.io/apimachinery/pkg/runtime" 23 | "k8s.io/apimachinery/pkg/runtime/schema" 24 | "sigs.k8s.io/controller-runtime/pkg/client" 25 | ) 26 | 27 | func NewTypedLocalObjectReference(name string, gk schema.GroupKind) *TypedLocalObjectReference { 28 | if name == "" || gk.Empty() { 29 | return nil 30 | } 31 | 32 | ref := &TypedLocalObjectReference{ 33 | Kind: gk.Kind, 34 | Name: name, 35 | } 36 | if gk.Group != "" && gk.Group != "core" { 37 | ref.APIGroup = &gk.Group 38 | } 39 | return ref 40 | } 41 | 42 | func NewTypedLocalObjectReferenceForObject(obj client.Object, scheme *runtime.Scheme) *TypedLocalObjectReference { 43 | if obj == nil { 44 | return nil 45 | } 46 | 47 | gvks, _, err := scheme.ObjectKinds(obj) 48 | if err != nil || len(gvks) == 0 { 49 | panic(fmt.Errorf("Unregistered runtime object: %v", err)) 50 | } 51 | return NewTypedLocalObjectReference(obj.GetName(), gvks[0].GroupKind()) 52 | } 53 | --------------------------------------------------------------------------------