├── .bookignore
├── codes
├── 00_scaffold
│ ├── config
│ │ ├── prometheus
│ │ │ ├── kustomization.yaml
│ │ │ └── monitor.yaml
│ │ ├── certmanager
│ │ │ ├── kustomization.yaml
│ │ │ ├── kustomizeconfig.yaml
│ │ │ └── certificate.yaml
│ │ ├── webhook
│ │ │ ├── kustomization.yaml
│ │ │ ├── service.yaml
│ │ │ ├── kustomizeconfig.yaml
│ │ │ └── manifests.yaml
│ │ ├── samples
│ │ │ ├── kustomization.yaml
│ │ │ └── view_v1_markdownview.yaml
│ │ ├── manager
│ │ │ └── kustomization.yaml
│ │ ├── default
│ │ │ ├── manager_metrics_patch.yaml
│ │ │ ├── metrics_service.yaml
│ │ │ ├── manager_webhook_patch.yaml
│ │ │ └── webhookcainjection_patch.yaml
│ │ ├── rbac
│ │ │ ├── metrics_reader_role.yaml
│ │ │ ├── service_account.yaml
│ │ │ ├── metrics_auth_role_binding.yaml
│ │ │ ├── metrics_auth_role.yaml
│ │ │ ├── role_binding.yaml
│ │ │ ├── leader_election_role_binding.yaml
│ │ │ ├── markdownview_viewer_role.yaml
│ │ │ ├── role.yaml
│ │ │ ├── markdownview_editor_role.yaml
│ │ │ ├── leader_election_role.yaml
│ │ │ └── kustomization.yaml
│ │ └── crd
│ │ │ ├── patches
│ │ │ ├── cainjection_in_markdownviews.yaml
│ │ │ └── webhook_in_markdownviews.yaml
│ │ │ ├── kustomizeconfig.yaml
│ │ │ └── kustomization.yaml
│ ├── .dockerignore
│ ├── .gitignore
│ ├── hack
│ │ └── boilerplate.go.txt
│ ├── PROJECT
│ ├── test
│ │ └── e2e
│ │ │ └── e2e_suite_test.go
│ ├── .golangci.yml
│ ├── api
│ │ └── v1
│ │ │ ├── groupversion_info.go
│ │ │ └── markdownview_webhook_test.go
│ └── Dockerfile
├── 10_tilt
│ ├── config
│ │ ├── prometheus
│ │ │ ├── kustomization.yaml
│ │ │ └── monitor.yaml
│ │ ├── dev
│ │ │ ├── kustomization.yaml
│ │ │ └── manager.yaml
│ │ ├── certmanager
│ │ │ ├── kustomization.yaml
│ │ │ ├── kustomizeconfig.yaml
│ │ │ └── certificate.yaml
│ │ ├── webhook
│ │ │ ├── kustomization.yaml
│ │ │ ├── service.yaml
│ │ │ ├── kustomizeconfig.yaml
│ │ │ └── manifests.yaml
│ │ ├── samples
│ │ │ ├── kustomization.yaml
│ │ │ └── view_v1_markdownview.yaml
│ │ ├── manager
│ │ │ └── kustomization.yaml
│ │ ├── default
│ │ │ ├── manager_metrics_patch.yaml
│ │ │ ├── metrics_service.yaml
│ │ │ ├── manager_webhook_patch.yaml
│ │ │ └── webhookcainjection_patch.yaml
│ │ ├── rbac
│ │ │ ├── metrics_reader_role.yaml
│ │ │ ├── service_account.yaml
│ │ │ ├── metrics_auth_role_binding.yaml
│ │ │ ├── metrics_auth_role.yaml
│ │ │ ├── role_binding.yaml
│ │ │ ├── leader_election_role_binding.yaml
│ │ │ ├── markdownview_viewer_role.yaml
│ │ │ ├── role.yaml
│ │ │ ├── markdownview_editor_role.yaml
│ │ │ ├── leader_election_role.yaml
│ │ │ └── kustomization.yaml
│ │ └── crd
│ │ │ ├── patches
│ │ │ ├── cainjection_in_markdownviews.yaml
│ │ │ └── webhook_in_markdownviews.yaml
│ │ │ ├── kustomizeconfig.yaml
│ │ │ └── kustomization.yaml
│ ├── .dockerignore
│ ├── cluster.yaml
│ ├── aqua.yaml
│ ├── .gitignore
│ ├── hack
│ │ └── boilerplate.go.txt
│ ├── PROJECT
│ ├── test
│ │ └── e2e
│ │ │ └── e2e_suite_test.go
│ ├── .golangci.yml
│ ├── api
│ │ └── v1
│ │ │ ├── groupversion_info.go
│ │ │ └── markdownview_webhook_test.go
│ └── Dockerfile
├── 30_client
│ ├── config
│ │ ├── prometheus
│ │ │ ├── kustomization.yaml
│ │ │ └── monitor.yaml
│ │ ├── dev
│ │ │ ├── kustomization.yaml
│ │ │ └── manager.yaml
│ │ ├── certmanager
│ │ │ ├── kustomization.yaml
│ │ │ ├── kustomizeconfig.yaml
│ │ │ └── certificate.yaml
│ │ ├── webhook
│ │ │ ├── kustomization.yaml
│ │ │ ├── service.yaml
│ │ │ ├── kustomizeconfig.yaml
│ │ │ └── manifests.yaml
│ │ ├── samples
│ │ │ ├── kustomization.yaml
│ │ │ └── view_v1_markdownview.yaml
│ │ ├── manager
│ │ │ └── kustomization.yaml
│ │ ├── default
│ │ │ ├── manager_metrics_patch.yaml
│ │ │ ├── metrics_service.yaml
│ │ │ ├── manager_webhook_patch.yaml
│ │ │ └── webhookcainjection_patch.yaml
│ │ ├── rbac
│ │ │ ├── metrics_reader_role.yaml
│ │ │ ├── service_account.yaml
│ │ │ ├── metrics_auth_role_binding.yaml
│ │ │ ├── metrics_auth_role.yaml
│ │ │ ├── role_binding.yaml
│ │ │ ├── leader_election_role_binding.yaml
│ │ │ ├── markdownview_viewer_role.yaml
│ │ │ ├── markdownview_editor_role.yaml
│ │ │ ├── leader_election_role.yaml
│ │ │ ├── kustomization.yaml
│ │ │ └── role.yaml
│ │ └── crd
│ │ │ ├── patches
│ │ │ ├── cainjection_in_markdownviews.yaml
│ │ │ └── webhook_in_markdownviews.yaml
│ │ │ ├── kustomizeconfig.yaml
│ │ │ └── kustomization.yaml
│ ├── .dockerignore
│ ├── cluster.yaml
│ ├── aqua.yaml
│ ├── .gitignore
│ ├── hack
│ │ └── boilerplate.go.txt
│ ├── PROJECT
│ ├── test
│ │ └── e2e
│ │ │ └── e2e_suite_test.go
│ ├── .golangci.yml
│ ├── api
│ │ └── v1
│ │ │ ├── groupversion_info.go
│ │ │ └── markdownview_webhook_test.go
│ └── Dockerfile
├── 20_manifests
│ ├── config
│ │ ├── prometheus
│ │ │ ├── kustomization.yaml
│ │ │ └── monitor.yaml
│ │ ├── dev
│ │ │ ├── kustomization.yaml
│ │ │ └── manager.yaml
│ │ ├── certmanager
│ │ │ ├── kustomization.yaml
│ │ │ ├── kustomizeconfig.yaml
│ │ │ └── certificate.yaml
│ │ ├── webhook
│ │ │ ├── kustomization.yaml
│ │ │ ├── service.yaml
│ │ │ ├── kustomizeconfig.yaml
│ │ │ └── manifests.yaml
│ │ ├── samples
│ │ │ ├── kustomization.yaml
│ │ │ └── view_v1_markdownview.yaml
│ │ ├── manager
│ │ │ └── kustomization.yaml
│ │ ├── default
│ │ │ ├── manager_metrics_patch.yaml
│ │ │ ├── metrics_service.yaml
│ │ │ ├── manager_webhook_patch.yaml
│ │ │ └── webhookcainjection_patch.yaml
│ │ ├── rbac
│ │ │ ├── metrics_reader_role.yaml
│ │ │ ├── service_account.yaml
│ │ │ ├── metrics_auth_role_binding.yaml
│ │ │ ├── metrics_auth_role.yaml
│ │ │ ├── role_binding.yaml
│ │ │ ├── leader_election_role_binding.yaml
│ │ │ ├── markdownview_viewer_role.yaml
│ │ │ ├── markdownview_editor_role.yaml
│ │ │ ├── leader_election_role.yaml
│ │ │ ├── role.yaml
│ │ │ └── kustomization.yaml
│ │ └── crd
│ │ │ ├── patches
│ │ │ ├── cainjection_in_markdownviews.yaml
│ │ │ └── webhook_in_markdownviews.yaml
│ │ │ ├── kustomizeconfig.yaml
│ │ │ └── kustomization.yaml
│ ├── .dockerignore
│ ├── cluster.yaml
│ ├── aqua.yaml
│ ├── .gitignore
│ ├── hack
│ │ └── boilerplate.go.txt
│ ├── PROJECT
│ ├── test
│ │ └── e2e
│ │ │ └── e2e_suite_test.go
│ ├── .golangci.yml
│ ├── api
│ │ └── v1
│ │ │ ├── groupversion_info.go
│ │ │ └── markdownview_webhook_test.go
│ └── Dockerfile
├── 40_reconcile
│ ├── config
│ │ ├── prometheus
│ │ │ ├── kustomization.yaml
│ │ │ └── monitor.yaml
│ │ ├── dev
│ │ │ ├── kustomization.yaml
│ │ │ └── manager.yaml
│ │ ├── certmanager
│ │ │ ├── kustomization.yaml
│ │ │ ├── kustomizeconfig.yaml
│ │ │ └── certificate.yaml
│ │ ├── webhook
│ │ │ ├── kustomization.yaml
│ │ │ ├── service.yaml
│ │ │ ├── kustomizeconfig.yaml
│ │ │ └── manifests.yaml
│ │ ├── samples
│ │ │ ├── kustomization.yaml
│ │ │ └── view_v1_markdownview.yaml
│ │ ├── manager
│ │ │ └── kustomization.yaml
│ │ ├── default
│ │ │ ├── manager_metrics_patch.yaml
│ │ │ ├── metrics_service.yaml
│ │ │ ├── manager_webhook_patch.yaml
│ │ │ └── webhookcainjection_patch.yaml
│ │ ├── rbac
│ │ │ ├── metrics_reader_role.yaml
│ │ │ ├── service_account.yaml
│ │ │ ├── metrics_auth_role_binding.yaml
│ │ │ ├── metrics_auth_role.yaml
│ │ │ ├── role_binding.yaml
│ │ │ ├── leader_election_role_binding.yaml
│ │ │ ├── markdownview_viewer_role.yaml
│ │ │ ├── markdownview_editor_role.yaml
│ │ │ ├── leader_election_role.yaml
│ │ │ ├── role.yaml
│ │ │ └── kustomization.yaml
│ │ └── crd
│ │ │ ├── patches
│ │ │ ├── cainjection_in_markdownviews.yaml
│ │ │ └── webhook_in_markdownviews.yaml
│ │ │ ├── kustomizeconfig.yaml
│ │ │ └── kustomization.yaml
│ ├── .dockerignore
│ ├── cluster.yaml
│ ├── api
│ │ └── v1
│ │ │ ├── testdata
│ │ │ ├── mutating
│ │ │ │ ├── input.yaml
│ │ │ │ └── output.yaml
│ │ │ └── validating
│ │ │ │ ├── valid.yaml
│ │ │ │ ├── empty-markdowns.yaml
│ │ │ │ ├── without-summary.yaml
│ │ │ │ └── invalid-replicas.yaml
│ │ │ └── groupversion_info.go
│ ├── aqua.yaml
│ ├── .gitignore
│ ├── hack
│ │ └── boilerplate.go.txt
│ ├── PROJECT
│ ├── test
│ │ └── e2e
│ │ │ └── e2e_suite_test.go
│ ├── .golangci.yml
│ └── Dockerfile
└── 50_completed
│ ├── config
│ ├── prometheus
│ │ ├── kustomization.yaml
│ │ └── monitor.yaml
│ ├── dev
│ │ ├── kustomization.yaml
│ │ └── manager.yaml
│ ├── certmanager
│ │ ├── kustomization.yaml
│ │ ├── kustomizeconfig.yaml
│ │ └── certificate.yaml
│ ├── webhook
│ │ ├── kustomization.yaml
│ │ ├── service.yaml
│ │ ├── kustomizeconfig.yaml
│ │ └── manifests.yaml
│ ├── samples
│ │ ├── kustomization.yaml
│ │ └── view_v1_markdownview.yaml
│ ├── manager
│ │ └── kustomization.yaml
│ ├── default
│ │ ├── manager_metrics_patch.yaml
│ │ ├── metrics_service.yaml
│ │ ├── manager_webhook_patch.yaml
│ │ └── webhookcainjection_patch.yaml
│ ├── rbac
│ │ ├── metrics_reader_role.yaml
│ │ ├── service_account.yaml
│ │ ├── metrics_auth_role_binding.yaml
│ │ ├── prometheus_role_binding.yaml
│ │ ├── metrics_auth_role.yaml
│ │ ├── role_binding.yaml
│ │ ├── leader_election_role_binding.yaml
│ │ ├── markdownview_viewer_role.yaml
│ │ ├── markdownview_editor_role.yaml
│ │ ├── leader_election_role.yaml
│ │ ├── role.yaml
│ │ └── kustomization.yaml
│ └── crd
│ │ ├── patches
│ │ ├── cainjection_in_markdownviews.yaml
│ │ └── webhook_in_markdownviews.yaml
│ │ ├── kustomizeconfig.yaml
│ │ └── kustomization.yaml
│ ├── .dockerignore
│ ├── cluster.yaml
│ ├── api
│ └── v1
│ │ ├── testdata
│ │ ├── mutating
│ │ │ ├── input.yaml
│ │ │ └── output.yaml
│ │ └── validating
│ │ │ ├── valid.yaml
│ │ │ ├── empty-markdowns.yaml
│ │ │ ├── without-summary.yaml
│ │ │ └── invalid-replicas.yaml
│ │ └── groupversion_info.go
│ ├── aqua.yaml
│ ├── .gitignore
│ ├── internal
│ └── controller
│ │ └── metrics.go
│ ├── hack
│ └── boilerplate.go.txt
│ ├── PROJECT
│ ├── test
│ └── e2e
│ │ └── e2e_suite_test.go
│ ├── .golangci.yml
│ └── Dockerfile
├── docs
├── controller-runtime
│ ├── img
│ │ ├── cache.png
│ │ ├── grafana.png
│ │ ├── index.png
│ │ └── mdbook.png
│ ├── versioning.md
│ └── README.md
├── introduction
│ ├── img
│ │ ├── declarative.png
│ │ ├── reconcile_loop.png
│ │ ├── edge_level_trigger.png
│ │ └── markdownview_controller.png
│ ├── installation.md
│ ├── references.md
│ └── sample.md
├── styles
│ └── website.css
├── kubebuilder
│ └── release.md
└── controller-tools
│ ├── rbac.md
│ └── webhook.md
├── README.md
├── book.js
├── .gitignore
├── prh.yaml
├── template.hbs
├── .textlintrc
├── .github
└── workflows
│ └── ci.yaml
└── LICENSE
/.bookignore:
--------------------------------------------------------------------------------
1 | vendor
2 | node_modules
3 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/prometheus/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - monitor.yaml
3 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/prometheus/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - monitor.yaml
3 |
--------------------------------------------------------------------------------
/codes/30_client/config/prometheus/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - monitor.yaml
3 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/prometheus/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - monitor.yaml
3 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/prometheus/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - monitor.yaml
3 |
--------------------------------------------------------------------------------
/codes/50_completed/config/prometheus/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - monitor.yaml
3 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/dev/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - ../default
3 | patchesStrategicMerge:
4 | - manager.yaml
5 |
--------------------------------------------------------------------------------
/codes/30_client/config/dev/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - ../default
3 | patchesStrategicMerge:
4 | - manager.yaml
5 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/dev/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - ../default
3 | patchesStrategicMerge:
4 | - manager.yaml
5 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/dev/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - ../default
3 | patchesStrategicMerge:
4 | - manager.yaml
5 |
--------------------------------------------------------------------------------
/codes/50_completed/config/dev/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - ../default
3 | patchesStrategicMerge:
4 | - manager.yaml
5 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/certmanager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - certificate.yaml
3 |
4 | configurations:
5 | - kustomizeconfig.yaml
6 |
--------------------------------------------------------------------------------
/codes/30_client/config/certmanager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - certificate.yaml
3 |
4 | configurations:
5 | - kustomizeconfig.yaml
6 |
--------------------------------------------------------------------------------
/docs/controller-runtime/img/cache.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/zoetrope/kubebuilder-training/HEAD/docs/controller-runtime/img/cache.png
--------------------------------------------------------------------------------
/docs/controller-runtime/img/grafana.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/zoetrope/kubebuilder-training/HEAD/docs/controller-runtime/img/grafana.png
--------------------------------------------------------------------------------
/docs/controller-runtime/img/index.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/zoetrope/kubebuilder-training/HEAD/docs/controller-runtime/img/index.png
--------------------------------------------------------------------------------
/docs/controller-runtime/img/mdbook.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/zoetrope/kubebuilder-training/HEAD/docs/controller-runtime/img/mdbook.png
--------------------------------------------------------------------------------
/docs/introduction/img/declarative.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/zoetrope/kubebuilder-training/HEAD/docs/introduction/img/declarative.png
--------------------------------------------------------------------------------
/codes/00_scaffold/config/certmanager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - certificate.yaml
3 |
4 | configurations:
5 | - kustomizeconfig.yaml
6 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/certmanager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - certificate.yaml
3 |
4 | configurations:
5 | - kustomizeconfig.yaml
6 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/certmanager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - certificate.yaml
3 |
4 | configurations:
5 | - kustomizeconfig.yaml
6 |
--------------------------------------------------------------------------------
/codes/50_completed/config/certmanager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - certificate.yaml
3 |
4 | configurations:
5 | - kustomizeconfig.yaml
6 |
--------------------------------------------------------------------------------
/docs/introduction/img/reconcile_loop.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/zoetrope/kubebuilder-training/HEAD/docs/introduction/img/reconcile_loop.png
--------------------------------------------------------------------------------
/docs/introduction/img/edge_level_trigger.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/zoetrope/kubebuilder-training/HEAD/docs/introduction/img/edge_level_trigger.png
--------------------------------------------------------------------------------
/codes/00_scaffold/config/webhook/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manifests.yaml
3 | - service.yaml
4 |
5 | configurations:
6 | - kustomizeconfig.yaml
7 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/webhook/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manifests.yaml
3 | - service.yaml
4 |
5 | configurations:
6 | - kustomizeconfig.yaml
7 |
--------------------------------------------------------------------------------
/codes/30_client/config/webhook/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manifests.yaml
3 | - service.yaml
4 |
5 | configurations:
6 | - kustomizeconfig.yaml
7 |
--------------------------------------------------------------------------------
/codes/00_scaffold/.dockerignore:
--------------------------------------------------------------------------------
1 | # More info: https://docs.docker.com/engine/reference/builder/#dockerignore-file
2 | # Ignore build and test binaries.
3 | bin/
4 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/webhook/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manifests.yaml
3 | - service.yaml
4 |
5 | configurations:
6 | - kustomizeconfig.yaml
7 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/webhook/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manifests.yaml
3 | - service.yaml
4 |
5 | configurations:
6 | - kustomizeconfig.yaml
7 |
--------------------------------------------------------------------------------
/codes/50_completed/config/webhook/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manifests.yaml
3 | - service.yaml
4 |
5 | configurations:
6 | - kustomizeconfig.yaml
7 |
--------------------------------------------------------------------------------
/docs/introduction/img/markdownview_controller.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/zoetrope/kubebuilder-training/HEAD/docs/introduction/img/markdownview_controller.png
--------------------------------------------------------------------------------
/codes/10_tilt/.dockerignore:
--------------------------------------------------------------------------------
1 | # More info: https://docs.docker.com/engine/reference/builder/#dockerignore-file
2 | # Ignore build and test binaries.
3 | bin/
4 | !bin/manager
5 |
--------------------------------------------------------------------------------
/codes/30_client/.dockerignore:
--------------------------------------------------------------------------------
1 | # More info: https://docs.docker.com/engine/reference/builder/#dockerignore-file
2 | # Ignore build and test binaries.
3 | bin/
4 | !bin/manager
5 |
--------------------------------------------------------------------------------
/codes/20_manifests/.dockerignore:
--------------------------------------------------------------------------------
1 | # More info: https://docs.docker.com/engine/reference/builder/#dockerignore-file
2 | # Ignore build and test binaries.
3 | bin/
4 | !bin/manager
5 |
--------------------------------------------------------------------------------
/codes/40_reconcile/.dockerignore:
--------------------------------------------------------------------------------
1 | # More info: https://docs.docker.com/engine/reference/builder/#dockerignore-file
2 | # Ignore build and test binaries.
3 | bin/
4 | !bin/manager
5 |
--------------------------------------------------------------------------------
/codes/50_completed/.dockerignore:
--------------------------------------------------------------------------------
1 | # More info: https://docs.docker.com/engine/reference/builder/#dockerignore-file
2 | # Ignore build and test binaries.
3 | bin/
4 | !bin/manager
5 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/samples/kustomization.yaml:
--------------------------------------------------------------------------------
1 | ## Append samples of your project ##
2 | resources:
3 | - view_v1_markdownview.yaml
4 | # +kubebuilder:scaffold:manifestskustomizesamples
5 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/samples/kustomization.yaml:
--------------------------------------------------------------------------------
1 | ## Append samples of your project ##
2 | resources:
3 | - view_v1_markdownview.yaml
4 | # +kubebuilder:scaffold:manifestskustomizesamples
5 |
--------------------------------------------------------------------------------
/codes/30_client/config/samples/kustomization.yaml:
--------------------------------------------------------------------------------
1 | ## Append samples of your project ##
2 | resources:
3 | - view_v1_markdownview.yaml
4 | # +kubebuilder:scaffold:manifestskustomizesamples
5 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/samples/kustomization.yaml:
--------------------------------------------------------------------------------
1 | ## Append samples of your project ##
2 | resources:
3 | - view_v1_markdownview.yaml
4 | # +kubebuilder:scaffold:manifestskustomizesamples
5 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/samples/kustomization.yaml:
--------------------------------------------------------------------------------
1 | ## Append samples of your project ##
2 | resources:
3 | - view_v1_markdownview.yaml
4 | # +kubebuilder:scaffold:manifestskustomizesamples
5 |
--------------------------------------------------------------------------------
/codes/50_completed/config/samples/kustomization.yaml:
--------------------------------------------------------------------------------
1 | ## Append samples of your project ##
2 | resources:
3 | - view_v1_markdownview.yaml
4 | # +kubebuilder:scaffold:manifestskustomizesamples
5 |
--------------------------------------------------------------------------------
/docs/styles/website.css:
--------------------------------------------------------------------------------
1 | .markdown-section h1 {
2 | font-size: 2.5em;
3 | border-bottom: 1px solid #dddddf;
4 | }
5 |
6 | .markdown-section h2 {
7 | border-bottom: 1px solid #dddddf;
8 | }
9 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/manager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manager.yaml
3 | apiVersion: kustomize.config.k8s.io/v1beta1
4 | kind: Kustomization
5 | images:
6 | - name: controller
7 | newName: controller
8 | newTag: latest
9 |
--------------------------------------------------------------------------------
/codes/30_client/config/manager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manager.yaml
3 | apiVersion: kustomize.config.k8s.io/v1beta1
4 | kind: Kustomization
5 | images:
6 | - name: controller
7 | newName: controller
8 | newTag: latest
9 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/manager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manager.yaml
3 | apiVersion: kustomize.config.k8s.io/v1beta1
4 | kind: Kustomization
5 | images:
6 | - name: controller
7 | newName: controller
8 | newTag: latest
9 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/manager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manager.yaml
3 | apiVersion: kustomize.config.k8s.io/v1beta1
4 | kind: Kustomization
5 | images:
6 | - name: controller
7 | newName: controller
8 | newTag: latest
9 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/manager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manager.yaml
3 | apiVersion: kustomize.config.k8s.io/v1beta1
4 | kind: Kustomization
5 | images:
6 | - name: controller
7 | newName: controller
8 | newTag: latest
9 |
--------------------------------------------------------------------------------
/codes/50_completed/config/manager/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | - manager.yaml
3 | apiVersion: kustomize.config.k8s.io/v1beta1
4 | kind: Kustomization
5 | images:
6 | - name: controller
7 | newName: controller
8 | newTag: latest
9 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/default/manager_metrics_patch.yaml:
--------------------------------------------------------------------------------
1 | # This patch adds the args to allow exposing the metrics endpoint using HTTPS
2 | - op: add
3 | path: /spec/template/spec/containers/0/args/0
4 | value: --metrics-bind-address=:8443
5 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/rbac/metrics_reader_role.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: metrics-reader
5 | rules:
6 | - nonResourceURLs:
7 | - "/metrics"
8 | verbs:
9 | - get
10 |
--------------------------------------------------------------------------------
/codes/30_client/config/default/manager_metrics_patch.yaml:
--------------------------------------------------------------------------------
1 | # This patch adds the args to allow exposing the metrics endpoint using HTTPS
2 | - op: add
3 | path: /spec/template/spec/containers/0/args/0
4 | value: --metrics-bind-address=:8443
5 |
--------------------------------------------------------------------------------
/codes/30_client/config/rbac/metrics_reader_role.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: metrics-reader
5 | rules:
6 | - nonResourceURLs:
7 | - "/metrics"
8 | verbs:
9 | - get
10 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/default/manager_metrics_patch.yaml:
--------------------------------------------------------------------------------
1 | # This patch adds the args to allow exposing the metrics endpoint using HTTPS
2 | - op: add
3 | path: /spec/template/spec/containers/0/args/0
4 | value: --metrics-bind-address=:8443
5 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/rbac/metrics_reader_role.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: metrics-reader
5 | rules:
6 | - nonResourceURLs:
7 | - "/metrics"
8 | verbs:
9 | - get
10 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/default/manager_metrics_patch.yaml:
--------------------------------------------------------------------------------
1 | # This patch adds the args to allow exposing the metrics endpoint using HTTPS
2 | - op: add
3 | path: /spec/template/spec/containers/0/args/0
4 | value: --metrics-bind-address=:8443
5 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/rbac/metrics_reader_role.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: metrics-reader
5 | rules:
6 | - nonResourceURLs:
7 | - "/metrics"
8 | verbs:
9 | - get
10 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/default/manager_metrics_patch.yaml:
--------------------------------------------------------------------------------
1 | # This patch adds the args to allow exposing the metrics endpoint using HTTPS
2 | - op: add
3 | path: /spec/template/spec/containers/0/args/0
4 | value: --metrics-bind-address=:8443
5 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/rbac/metrics_reader_role.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: metrics-reader
5 | rules:
6 | - nonResourceURLs:
7 | - "/metrics"
8 | verbs:
9 | - get
10 |
--------------------------------------------------------------------------------
/codes/50_completed/config/default/manager_metrics_patch.yaml:
--------------------------------------------------------------------------------
1 | # This patch adds the args to allow exposing the metrics endpoint using HTTPS
2 | - op: add
3 | path: /spec/template/spec/containers/0/args/0
4 | value: --metrics-bind-address=:8443
5 |
--------------------------------------------------------------------------------
/codes/50_completed/config/rbac/metrics_reader_role.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: metrics-reader
5 | rules:
6 | - nonResourceURLs:
7 | - "/metrics"
8 | verbs:
9 | - get
10 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/rbac/service_account.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: controller-manager
8 | namespace: system
9 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/rbac/service_account.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: controller-manager
8 | namespace: system
9 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/rbac/service_account.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: controller-manager
8 | namespace: system
9 |
--------------------------------------------------------------------------------
/codes/30_client/config/rbac/service_account.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: controller-manager
8 | namespace: system
9 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/rbac/service_account.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: controller-manager
8 | namespace: system
9 |
--------------------------------------------------------------------------------
/codes/50_completed/config/rbac/service_account.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: controller-manager
8 | namespace: system
9 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # つくって学ぶKubebuilder
2 |
3 | 本資料では、カスタムコントローラーをつくりながらKubebuilderの使い方やKubernetesプログラミングを学ぶことができます。
4 |
5 | ## コンテンツ
6 | - [つくって学ぶKubebuilder](https://zoetrope.github.io/kubebuilder-training/)
7 | - [MarkdownViewコントローラー](https://github.com/zoetrope/kubebuilder-training/tree/main/codes)
8 |
--------------------------------------------------------------------------------
/codes/10_tilt/cluster.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: ctlptl.dev/v1alpha1
2 | kind: Registry
3 | name: mdview-registry
4 | port: 5000
5 | ---
6 | apiVersion: ctlptl.dev/v1alpha1
7 | kind: Cluster
8 | name: kind-mdview-dev
9 | product: kind
10 | kubernetesVersion: v1.30.0
11 | registry: mdview-registry
12 |
--------------------------------------------------------------------------------
/codes/30_client/cluster.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: ctlptl.dev/v1alpha1
2 | kind: Registry
3 | name: mdview-registry
4 | port: 5000
5 | ---
6 | apiVersion: ctlptl.dev/v1alpha1
7 | kind: Cluster
8 | name: kind-mdview-dev
9 | product: kind
10 | kubernetesVersion: v1.30.0
11 | registry: mdview-registry
12 |
--------------------------------------------------------------------------------
/codes/20_manifests/cluster.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: ctlptl.dev/v1alpha1
2 | kind: Registry
3 | name: mdview-registry
4 | port: 5000
5 | ---
6 | apiVersion: ctlptl.dev/v1alpha1
7 | kind: Cluster
8 | name: kind-mdview-dev
9 | product: kind
10 | kubernetesVersion: v1.30.0
11 | registry: mdview-registry
12 |
--------------------------------------------------------------------------------
/codes/40_reconcile/cluster.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: ctlptl.dev/v1alpha1
2 | kind: Registry
3 | name: mdview-registry
4 | port: 5000
5 | ---
6 | apiVersion: ctlptl.dev/v1alpha1
7 | kind: Cluster
8 | name: kind-mdview-dev
9 | product: kind
10 | kubernetesVersion: v1.30.0
11 | registry: mdview-registry
12 |
--------------------------------------------------------------------------------
/codes/50_completed/cluster.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: ctlptl.dev/v1alpha1
2 | kind: Registry
3 | name: mdview-registry
4 | port: 5000
5 | ---
6 | apiVersion: ctlptl.dev/v1alpha1
7 | kind: Cluster
8 | name: kind-mdview-dev
9 | product: kind
10 | kubernetesVersion: v1.30.0
11 | registry: mdview-registry
12 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/certmanager/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # This configuration is for teaching kustomize how to update name ref substitution
2 | nameReference:
3 | - kind: Issuer
4 | group: cert-manager.io
5 | fieldSpecs:
6 | - kind: Certificate
7 | group: cert-manager.io
8 | path: spec/issuerRef/name
9 |
--------------------------------------------------------------------------------
/codes/30_client/config/certmanager/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # This configuration is for teaching kustomize how to update name ref substitution
2 | nameReference:
3 | - kind: Issuer
4 | group: cert-manager.io
5 | fieldSpecs:
6 | - kind: Certificate
7 | group: cert-manager.io
8 | path: spec/issuerRef/name
9 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/certmanager/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # This configuration is for teaching kustomize how to update name ref substitution
2 | nameReference:
3 | - kind: Issuer
4 | group: cert-manager.io
5 | fieldSpecs:
6 | - kind: Certificate
7 | group: cert-manager.io
8 | path: spec/issuerRef/name
9 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/certmanager/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # This configuration is for teaching kustomize how to update name ref substitution
2 | nameReference:
3 | - kind: Issuer
4 | group: cert-manager.io
5 | fieldSpecs:
6 | - kind: Certificate
7 | group: cert-manager.io
8 | path: spec/issuerRef/name
9 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/certmanager/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # This configuration is for teaching kustomize how to update name ref substitution
2 | nameReference:
3 | - kind: Issuer
4 | group: cert-manager.io
5 | fieldSpecs:
6 | - kind: Certificate
7 | group: cert-manager.io
8 | path: spec/issuerRef/name
9 |
--------------------------------------------------------------------------------
/codes/50_completed/config/certmanager/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # This configuration is for teaching kustomize how to update name ref substitution
2 | nameReference:
3 | - kind: Issuer
4 | group: cert-manager.io
5 | fieldSpecs:
6 | - kind: Certificate
7 | group: cert-manager.io
8 | path: spec/issuerRef/name
9 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/samples/view_v1_markdownview.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: view.zoetrope.github.io/v1
2 | kind: MarkdownView
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: markdownview-sample
8 | spec:
9 | # TODO(user): Add fields here
10 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/samples/view_v1_markdownview.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: view.zoetrope.github.io/v1
2 | kind: MarkdownView
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: markdownview-sample
8 | spec:
9 | # TODO(user): Add fields here
10 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/crd/patches/cainjection_in_markdownviews.yaml:
--------------------------------------------------------------------------------
1 | # The following patch adds a directive for certmanager to inject CA into the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | annotations:
6 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
7 | name: markdownviews.view.zoetrope.github.io
8 |
--------------------------------------------------------------------------------
/codes/40_reconcile/api/v1/testdata/mutating/input.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: view.zoetrope.github.io/v1
2 | kind: MarkdownView
3 | metadata:
4 | name: mutating
5 | namespace: default
6 | spec:
7 | markdowns:
8 | SUMMARY.md: |
9 | # Summary
10 |
11 | - [Page1](page1.md)
12 | page1.md: |
13 | # Page 1
14 |
15 | 一ページ目のコンテンツです。
16 | replicas: 1
17 |
--------------------------------------------------------------------------------
/codes/50_completed/api/v1/testdata/mutating/input.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: view.zoetrope.github.io/v1
2 | kind: MarkdownView
3 | metadata:
4 | name: mutating
5 | namespace: default
6 | spec:
7 | markdowns:
8 | SUMMARY.md: |
9 | # Summary
10 |
11 | - [Page1](page1.md)
12 | page1.md: |
13 | # Page 1
14 |
15 | 一ページ目のコンテンツです。
16 | replicas: 1
17 |
--------------------------------------------------------------------------------
/book.js:
--------------------------------------------------------------------------------
1 | const path = require("path")
2 | const fs = require("fs")
3 | module.exports = {
4 | "root": "./docs",
5 | "title": "つくって学ぶKubebuilder",
6 | "plugins": [
7 | "include-codeblock"
8 | ],
9 | "pluginsConfig": {
10 | "include-codeblock": {
11 | "template": path.join(__dirname,"template.hbs")
12 | }
13 | }
14 | };
15 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/crd/patches/cainjection_in_markdownviews.yaml:
--------------------------------------------------------------------------------
1 | # The following patch adds a directive for certmanager to inject CA into the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | annotations:
6 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
7 | name: markdownviews.view.zoetrope.github.io
8 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/crd/patches/cainjection_in_markdownviews.yaml:
--------------------------------------------------------------------------------
1 | # The following patch adds a directive for certmanager to inject CA into the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | annotations:
6 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
7 | name: markdownviews.view.zoetrope.github.io
8 |
--------------------------------------------------------------------------------
/codes/30_client/config/crd/patches/cainjection_in_markdownviews.yaml:
--------------------------------------------------------------------------------
1 | # The following patch adds a directive for certmanager to inject CA into the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | annotations:
6 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
7 | name: markdownviews.view.zoetrope.github.io
8 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/crd/patches/cainjection_in_markdownviews.yaml:
--------------------------------------------------------------------------------
1 | # The following patch adds a directive for certmanager to inject CA into the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | annotations:
6 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
7 | name: markdownviews.view.zoetrope.github.io
8 |
--------------------------------------------------------------------------------
/codes/50_completed/config/crd/patches/cainjection_in_markdownviews.yaml:
--------------------------------------------------------------------------------
1 | # The following patch adds a directive for certmanager to inject CA into the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | annotations:
6 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
7 | name: markdownviews.view.zoetrope.github.io
8 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/rbac/metrics_auth_role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: metrics-auth-rolebinding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: metrics-auth-role
9 | subjects:
10 | - kind: ServiceAccount
11 | name: controller-manager
12 | namespace: system
13 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/rbac/metrics_auth_role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: metrics-auth-rolebinding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: metrics-auth-role
9 | subjects:
10 | - kind: ServiceAccount
11 | name: controller-manager
12 | namespace: system
13 |
--------------------------------------------------------------------------------
/codes/30_client/config/rbac/metrics_auth_role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: metrics-auth-rolebinding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: metrics-auth-role
9 | subjects:
10 | - kind: ServiceAccount
11 | name: controller-manager
12 | namespace: system
13 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/rbac/metrics_auth_role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: metrics-auth-rolebinding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: metrics-auth-role
9 | subjects:
10 | - kind: ServiceAccount
11 | name: controller-manager
12 | namespace: system
13 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/rbac/metrics_auth_role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: metrics-auth-rolebinding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: metrics-auth-role
9 | subjects:
10 | - kind: ServiceAccount
11 | name: controller-manager
12 | namespace: system
13 |
--------------------------------------------------------------------------------
/codes/50_completed/config/rbac/metrics_auth_role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: metrics-auth-rolebinding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: metrics-auth-role
9 | subjects:
10 | - kind: ServiceAccount
11 | name: controller-manager
12 | namespace: system
13 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | # for Hugo
2 | /_book
3 |
4 | # Binaries for programs and plugins
5 | *.exe
6 | *.exe~
7 | *.dll
8 | *.so
9 | *.dylib
10 |
11 | # Test binary, built with `go test -c`
12 | *.test
13 |
14 | # Output of the go coverage tool, specifically when used with LiteIDE
15 | *.out
16 |
17 | # Dependency directories (remove the comment below to include it)
18 | vendor/
19 | /.idea/
20 | /node_modules
21 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/rbac/metrics_auth_role.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: metrics-auth-role
5 | rules:
6 | - apiGroups:
7 | - authentication.k8s.io
8 | resources:
9 | - tokenreviews
10 | verbs:
11 | - create
12 | - apiGroups:
13 | - authorization.k8s.io
14 | resources:
15 | - subjectaccessreviews
16 | verbs:
17 | - create
18 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/webhook/service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: webhook-service
8 | namespace: system
9 | spec:
10 | ports:
11 | - port: 443
12 | protocol: TCP
13 | targetPort: 9443
14 | selector:
15 | control-plane: controller-manager
16 |
--------------------------------------------------------------------------------
/codes/30_client/config/rbac/metrics_auth_role.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: metrics-auth-role
5 | rules:
6 | - apiGroups:
7 | - authentication.k8s.io
8 | resources:
9 | - tokenreviews
10 | verbs:
11 | - create
12 | - apiGroups:
13 | - authorization.k8s.io
14 | resources:
15 | - subjectaccessreviews
16 | verbs:
17 | - create
18 |
--------------------------------------------------------------------------------
/codes/30_client/config/webhook/service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: webhook-service
8 | namespace: system
9 | spec:
10 | ports:
11 | - port: 443
12 | protocol: TCP
13 | targetPort: 9443
14 | selector:
15 | control-plane: controller-manager
16 |
--------------------------------------------------------------------------------
/codes/50_completed/config/rbac/prometheus_role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: metrics
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: markdown-view-metrics-reader
9 | subjects:
10 | - kind: ServiceAccount
11 | name: prometheus-kube-prometheus-operator
12 | namespace: prometheus
13 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/rbac/metrics_auth_role.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: metrics-auth-role
5 | rules:
6 | - apiGroups:
7 | - authentication.k8s.io
8 | resources:
9 | - tokenreviews
10 | verbs:
11 | - create
12 | - apiGroups:
13 | - authorization.k8s.io
14 | resources:
15 | - subjectaccessreviews
16 | verbs:
17 | - create
18 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/webhook/service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: webhook-service
8 | namespace: system
9 | spec:
10 | ports:
11 | - port: 443
12 | protocol: TCP
13 | targetPort: 9443
14 | selector:
15 | control-plane: controller-manager
16 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/rbac/metrics_auth_role.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: metrics-auth-role
5 | rules:
6 | - apiGroups:
7 | - authentication.k8s.io
8 | resources:
9 | - tokenreviews
10 | verbs:
11 | - create
12 | - apiGroups:
13 | - authorization.k8s.io
14 | resources:
15 | - subjectaccessreviews
16 | verbs:
17 | - create
18 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/webhook/service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: webhook-service
8 | namespace: system
9 | spec:
10 | ports:
11 | - port: 443
12 | protocol: TCP
13 | targetPort: 9443
14 | selector:
15 | control-plane: controller-manager
16 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/rbac/metrics_auth_role.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: metrics-auth-role
5 | rules:
6 | - apiGroups:
7 | - authentication.k8s.io
8 | resources:
9 | - tokenreviews
10 | verbs:
11 | - create
12 | - apiGroups:
13 | - authorization.k8s.io
14 | resources:
15 | - subjectaccessreviews
16 | verbs:
17 | - create
18 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/webhook/service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: webhook-service
8 | namespace: system
9 | spec:
10 | ports:
11 | - port: 443
12 | protocol: TCP
13 | targetPort: 9443
14 | selector:
15 | control-plane: controller-manager
16 |
--------------------------------------------------------------------------------
/codes/50_completed/config/rbac/metrics_auth_role.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: metrics-auth-role
5 | rules:
6 | - apiGroups:
7 | - authentication.k8s.io
8 | resources:
9 | - tokenreviews
10 | verbs:
11 | - create
12 | - apiGroups:
13 | - authorization.k8s.io
14 | resources:
15 | - subjectaccessreviews
16 | verbs:
17 | - create
18 |
--------------------------------------------------------------------------------
/codes/50_completed/config/webhook/service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: webhook-service
8 | namespace: system
9 | spec:
10 | ports:
11 | - port: 443
12 | protocol: TCP
13 | targetPort: 9443
14 | selector:
15 | control-plane: controller-manager
16 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/dev/manager.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: controller-manager
5 | namespace: system
6 | spec:
7 | template:
8 | spec:
9 | securityContext: null
10 | containers:
11 | - command:
12 | - /manager
13 | args: null
14 | name: manager
15 | securityContext: null
16 | resources: null
17 |
--------------------------------------------------------------------------------
/codes/30_client/config/dev/manager.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: controller-manager
5 | namespace: system
6 | spec:
7 | template:
8 | spec:
9 | securityContext: null
10 | containers:
11 | - command:
12 | - /manager
13 | args: null
14 | name: manager
15 | securityContext: null
16 | resources: null
17 |
--------------------------------------------------------------------------------
/codes/40_reconcile/api/v1/testdata/validating/valid.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: view.zoetrope.github.io/v1
2 | kind: MarkdownView
3 | metadata:
4 | name: valid
5 | namespace: default
6 | spec:
7 | markdowns:
8 | SUMMARY.md: |
9 | # Summary
10 |
11 | - [Page1](page1.md)
12 | page1.md: |
13 | # Page 1
14 |
15 | 一ページ目のコンテンツです。
16 | replicas: 1
17 | viewerImage: "peaceiris/mdbook:latest"
18 |
--------------------------------------------------------------------------------
/codes/50_completed/api/v1/testdata/validating/valid.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: view.zoetrope.github.io/v1
2 | kind: MarkdownView
3 | metadata:
4 | name: valid
5 | namespace: default
6 | spec:
7 | markdowns:
8 | SUMMARY.md: |
9 | # Summary
10 |
11 | - [Page1](page1.md)
12 | page1.md: |
13 | # Page 1
14 |
15 | 一ページ目のコンテンツです。
16 | replicas: 1
17 | viewerImage: "peaceiris/mdbook:latest"
18 |
--------------------------------------------------------------------------------
/codes/10_tilt/aqua.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | # aqua - Declarative CLI Version Manager
3 | # https://aquaproj.github.io/
4 | registries:
5 | - type: standard
6 | ref: v4.212.0 # renovate: depName=aquaproj/aqua-registry
7 | packages:
8 | - name: kubernetes/kubectl@v1.30.3
9 | - name: kubernetes-sigs/kubebuilder@v4.1.1
10 | - name: kubernetes-sigs/kind@v0.23.0
11 | - name: tilt-dev/tilt@v0.33.19
12 | - name: tilt-dev/ctlptl@v0.8.31
13 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/dev/manager.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: controller-manager
5 | namespace: system
6 | spec:
7 | template:
8 | spec:
9 | securityContext: null
10 | containers:
11 | - command:
12 | - /manager
13 | args: null
14 | name: manager
15 | securityContext: null
16 | resources: null
17 |
--------------------------------------------------------------------------------
/codes/30_client/aqua.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | # aqua - Declarative CLI Version Manager
3 | # https://aquaproj.github.io/
4 | registries:
5 | - type: standard
6 | ref: v4.212.0 # renovate: depName=aquaproj/aqua-registry
7 | packages:
8 | - name: kubernetes/kubectl@v1.30.3
9 | - name: kubernetes-sigs/kubebuilder@v4.1.1
10 | - name: kubernetes-sigs/kind@v0.23.0
11 | - name: tilt-dev/tilt@v0.33.19
12 | - name: tilt-dev/ctlptl@v0.8.31
13 |
--------------------------------------------------------------------------------
/codes/40_reconcile/api/v1/testdata/mutating/output.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: view.zoetrope.github.io/v1
2 | kind: MarkdownView
3 | metadata:
4 | name: mutating
5 | namespace: default
6 | spec:
7 | markdowns:
8 | SUMMARY.md: |
9 | # Summary
10 |
11 | - [Page1](page1.md)
12 | page1.md: |
13 | # Page 1
14 |
15 | 一ページ目のコンテンツです。
16 | replicas: 1
17 | viewerImage: "peaceiris/mdbook:latest"
18 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/dev/manager.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: controller-manager
5 | namespace: system
6 | spec:
7 | template:
8 | spec:
9 | securityContext: null
10 | containers:
11 | - command:
12 | - /manager
13 | args: null
14 | name: manager
15 | securityContext: null
16 | resources: null
17 |
--------------------------------------------------------------------------------
/codes/50_completed/api/v1/testdata/mutating/output.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: view.zoetrope.github.io/v1
2 | kind: MarkdownView
3 | metadata:
4 | name: mutating
5 | namespace: default
6 | spec:
7 | markdowns:
8 | SUMMARY.md: |
9 | # Summary
10 |
11 | - [Page1](page1.md)
12 | page1.md: |
13 | # Page 1
14 |
15 | 一ページ目のコンテンツです。
16 | replicas: 1
17 | viewerImage: "peaceiris/mdbook:latest"
18 |
--------------------------------------------------------------------------------
/codes/50_completed/config/dev/manager.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: controller-manager
5 | namespace: system
6 | spec:
7 | template:
8 | spec:
9 | securityContext: null
10 | containers:
11 | - command:
12 | - /manager
13 | args: null
14 | name: manager
15 | securityContext: null
16 | resources: null
17 |
--------------------------------------------------------------------------------
/codes/20_manifests/aqua.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | # aqua - Declarative CLI Version Manager
3 | # https://aquaproj.github.io/
4 | registries:
5 | - type: standard
6 | ref: v4.212.0 # renovate: depName=aquaproj/aqua-registry
7 | packages:
8 | - name: kubernetes/kubectl@v1.30.3
9 | - name: kubernetes-sigs/kubebuilder@v4.1.1
10 | - name: kubernetes-sigs/kind@v0.23.0
11 | - name: tilt-dev/tilt@v0.33.19
12 | - name: tilt-dev/ctlptl@v0.8.31
13 |
--------------------------------------------------------------------------------
/codes/40_reconcile/aqua.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | # aqua - Declarative CLI Version Manager
3 | # https://aquaproj.github.io/
4 | registries:
5 | - type: standard
6 | ref: v4.212.0 # renovate: depName=aquaproj/aqua-registry
7 | packages:
8 | - name: kubernetes/kubectl@v1.30.3
9 | - name: kubernetes-sigs/kubebuilder@v4.1.1
10 | - name: kubernetes-sigs/kind@v0.23.0
11 | - name: tilt-dev/tilt@v0.33.19
12 | - name: tilt-dev/ctlptl@v0.8.31
13 |
--------------------------------------------------------------------------------
/codes/50_completed/aqua.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | # aqua - Declarative CLI Version Manager
3 | # https://aquaproj.github.io/
4 | registries:
5 | - type: standard
6 | ref: v4.212.0 # renovate: depName=aquaproj/aqua-registry
7 | packages:
8 | - name: kubernetes/kubectl@v1.30.3
9 | - name: kubernetes-sigs/kubebuilder@v4.1.1
10 | - name: kubernetes-sigs/kind@v0.23.0
11 | - name: tilt-dev/tilt@v0.33.19
12 | - name: tilt-dev/ctlptl@v0.8.31
13 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/rbac/role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: manager-rolebinding
8 | roleRef:
9 | apiGroup: rbac.authorization.k8s.io
10 | kind: ClusterRole
11 | name: manager-role
12 | subjects:
13 | - kind: ServiceAccount
14 | name: controller-manager
15 | namespace: system
16 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/rbac/role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: manager-rolebinding
8 | roleRef:
9 | apiGroup: rbac.authorization.k8s.io
10 | kind: ClusterRole
11 | name: manager-role
12 | subjects:
13 | - kind: ServiceAccount
14 | name: controller-manager
15 | namespace: system
16 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/rbac/role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: manager-rolebinding
8 | roleRef:
9 | apiGroup: rbac.authorization.k8s.io
10 | kind: ClusterRole
11 | name: manager-role
12 | subjects:
13 | - kind: ServiceAccount
14 | name: controller-manager
15 | namespace: system
16 |
--------------------------------------------------------------------------------
/codes/30_client/config/rbac/role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: manager-rolebinding
8 | roleRef:
9 | apiGroup: rbac.authorization.k8s.io
10 | kind: ClusterRole
11 | name: manager-role
12 | subjects:
13 | - kind: ServiceAccount
14 | name: controller-manager
15 | namespace: system
16 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/rbac/role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: manager-rolebinding
8 | roleRef:
9 | apiGroup: rbac.authorization.k8s.io
10 | kind: ClusterRole
11 | name: manager-role
12 | subjects:
13 | - kind: ServiceAccount
14 | name: controller-manager
15 | namespace: system
16 |
--------------------------------------------------------------------------------
/codes/50_completed/config/rbac/role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: manager-rolebinding
8 | roleRef:
9 | apiGroup: rbac.authorization.k8s.io
10 | kind: ClusterRole
11 | name: manager-role
12 | subjects:
13 | - kind: ServiceAccount
14 | name: controller-manager
15 | namespace: system
16 |
--------------------------------------------------------------------------------
/docs/kubebuilder/release.md:
--------------------------------------------------------------------------------
1 | # カスタムコントローラーのリリース
2 |
3 | カスタムコントローラーを開発したら、それをリリースする必要があります。
4 |
5 | Kubebuilderが生成したプロジェクトでは、`make docker-push`でコンテナイメージをpushしたり、`make build-installer`でカスタムコントローラーをインストールするためのマニフェストを生成することができます。
6 | しかし、リリースするための手順が十分に提供されているわけではありません。
7 |
8 | GoReleaserによるコンテナイメージのリリース方法や、Chart ReleaserによるHelm Chartのリリース方法を以下の記事にまとめましたので、参考にしてみてください。
9 |
10 | - [Kubernetes カスタムコントローラー楽々メンテナンス](https://zenn.dev/zoetro/articles/kubernetes-controller-maintenance)
11 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/default/metrics_service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | control-plane: controller-manager
6 | app.kubernetes.io/name: markdown-view
7 | app.kubernetes.io/managed-by: kustomize
8 | name: controller-manager-metrics-service
9 | namespace: system
10 | spec:
11 | ports:
12 | - name: https
13 | port: 8443
14 | protocol: TCP
15 | targetPort: 8443
16 | selector:
17 | control-plane: controller-manager
18 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/rbac/leader_election_role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: RoleBinding
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: leader-election-rolebinding
8 | roleRef:
9 | apiGroup: rbac.authorization.k8s.io
10 | kind: Role
11 | name: leader-election-role
12 | subjects:
13 | - kind: ServiceAccount
14 | name: controller-manager
15 | namespace: system
16 |
--------------------------------------------------------------------------------
/codes/30_client/config/default/metrics_service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | control-plane: controller-manager
6 | app.kubernetes.io/name: markdown-view
7 | app.kubernetes.io/managed-by: kustomize
8 | name: controller-manager-metrics-service
9 | namespace: system
10 | spec:
11 | ports:
12 | - name: https
13 | port: 8443
14 | protocol: TCP
15 | targetPort: 8443
16 | selector:
17 | control-plane: controller-manager
18 |
--------------------------------------------------------------------------------
/codes/30_client/config/rbac/leader_election_role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: RoleBinding
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: leader-election-rolebinding
8 | roleRef:
9 | apiGroup: rbac.authorization.k8s.io
10 | kind: Role
11 | name: leader-election-role
12 | subjects:
13 | - kind: ServiceAccount
14 | name: controller-manager
15 | namespace: system
16 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/default/metrics_service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | control-plane: controller-manager
6 | app.kubernetes.io/name: markdown-view
7 | app.kubernetes.io/managed-by: kustomize
8 | name: controller-manager-metrics-service
9 | namespace: system
10 | spec:
11 | ports:
12 | - name: https
13 | port: 8443
14 | protocol: TCP
15 | targetPort: 8443
16 | selector:
17 | control-plane: controller-manager
18 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/rbac/leader_election_role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: RoleBinding
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: leader-election-rolebinding
8 | roleRef:
9 | apiGroup: rbac.authorization.k8s.io
10 | kind: Role
11 | name: leader-election-role
12 | subjects:
13 | - kind: ServiceAccount
14 | name: controller-manager
15 | namespace: system
16 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/default/metrics_service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | control-plane: controller-manager
6 | app.kubernetes.io/name: markdown-view
7 | app.kubernetes.io/managed-by: kustomize
8 | name: controller-manager-metrics-service
9 | namespace: system
10 | spec:
11 | ports:
12 | - name: https
13 | port: 8443
14 | protocol: TCP
15 | targetPort: 8443
16 | selector:
17 | control-plane: controller-manager
18 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/rbac/leader_election_role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: RoleBinding
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: leader-election-rolebinding
8 | roleRef:
9 | apiGroup: rbac.authorization.k8s.io
10 | kind: Role
11 | name: leader-election-role
12 | subjects:
13 | - kind: ServiceAccount
14 | name: controller-manager
15 | namespace: system
16 |
--------------------------------------------------------------------------------
/codes/40_reconcile/api/v1/testdata/validating/empty-markdowns.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: view.zoetrope.github.io/v1
2 | kind: MarkdownView
3 | metadata:
4 | name: empty-markdowns
5 | namespace: default
6 | annotations:
7 | message: 'admission webhook "vmarkdownview.kb.io" denied the request: MarkdownView.view.zoetrope.github.io "empty-markdowns" is invalid: spec.markdowns: Required value: markdowns must have SUMMARY.md.'
8 | spec:
9 | replicas: 1
10 | viewerImage: "peaceiris/mdbook:latest"
11 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/default/metrics_service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | control-plane: controller-manager
6 | app.kubernetes.io/name: markdown-view
7 | app.kubernetes.io/managed-by: kustomize
8 | name: controller-manager-metrics-service
9 | namespace: system
10 | spec:
11 | ports:
12 | - name: https
13 | port: 8443
14 | protocol: TCP
15 | targetPort: 8443
16 | selector:
17 | control-plane: controller-manager
18 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/rbac/leader_election_role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: RoleBinding
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: leader-election-rolebinding
8 | roleRef:
9 | apiGroup: rbac.authorization.k8s.io
10 | kind: Role
11 | name: leader-election-role
12 | subjects:
13 | - kind: ServiceAccount
14 | name: controller-manager
15 | namespace: system
16 |
--------------------------------------------------------------------------------
/codes/50_completed/api/v1/testdata/validating/empty-markdowns.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: view.zoetrope.github.io/v1
2 | kind: MarkdownView
3 | metadata:
4 | name: empty-markdowns
5 | namespace: default
6 | annotations:
7 | message: 'admission webhook "vmarkdownview.kb.io" denied the request: MarkdownView.view.zoetrope.github.io "empty-markdowns" is invalid: spec.markdowns: Required value: markdowns must have SUMMARY.md.'
8 | spec:
9 | replicas: 1
10 | viewerImage: "peaceiris/mdbook:latest"
11 |
--------------------------------------------------------------------------------
/codes/50_completed/config/default/metrics_service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | labels:
5 | control-plane: controller-manager
6 | app.kubernetes.io/name: markdown-view
7 | app.kubernetes.io/managed-by: kustomize
8 | name: controller-manager-metrics-service
9 | namespace: system
10 | spec:
11 | ports:
12 | - name: https
13 | port: 8443
14 | protocol: TCP
15 | targetPort: 8443
16 | selector:
17 | control-plane: controller-manager
18 |
--------------------------------------------------------------------------------
/codes/50_completed/config/rbac/leader_election_role_binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: RoleBinding
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: leader-election-rolebinding
8 | roleRef:
9 | apiGroup: rbac.authorization.k8s.io
10 | kind: Role
11 | name: leader-election-role
12 | subjects:
13 | - kind: ServiceAccount
14 | name: controller-manager
15 | namespace: system
16 |
--------------------------------------------------------------------------------
/prh.yaml:
--------------------------------------------------------------------------------
1 | version: 1
2 | rules:
3 | - expected: コントローラー
4 | pattern: /コントローラ(?!ー)/
5 | - expected: サーバー
6 | pattern: /サーバ(?!ー)/
7 | - expected: クラスター
8 | pattern: /クラスタ(?!ー)/
9 | - expected: オペレーター
10 | pattern: /オペレータ(?!ー)/
11 | - expected: kube-apiserver
12 | patterns:
13 | - /\bapi[-]server\b/i
14 | - expected: kube-apiserver
15 | patterns:
16 | - /API [Ss]erver/
17 | - /APIサーバ(?!ー)/
18 | - expected: Kubebuilder
19 | - expected: Kubernetes
20 |
--------------------------------------------------------------------------------
/codes/30_client/config/samples/view_v1_markdownview.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: view.zoetrope.github.io/v1
2 | kind: MarkdownView
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: markdownview-sample
8 | spec:
9 | markdowns:
10 | SUMMARY.md: |
11 | # Summary
12 |
13 | - [Page1](page1.md)
14 | page1.md: |
15 | # Page 1
16 |
17 | 一ページ目のコンテンツです。
18 | replicas: 1
19 | viewerImage: "peaceiris/mdbook:latest"
20 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/samples/view_v1_markdownview.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: view.zoetrope.github.io/v1
2 | kind: MarkdownView
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: markdownview-sample
8 | spec:
9 | markdowns:
10 | SUMMARY.md: |
11 | # Summary
12 |
13 | - [Page1](page1.md)
14 | page1.md: |
15 | # Page 1
16 |
17 | 一ページ目のコンテンツです。
18 | replicas: 1
19 | viewerImage: "peaceiris/mdbook:latest"
20 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/samples/view_v1_markdownview.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: view.zoetrope.github.io/v1
2 | kind: MarkdownView
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: markdownview-sample
8 | spec:
9 | markdowns:
10 | SUMMARY.md: |
11 | # Summary
12 |
13 | - [Page1](page1.md)
14 | page1.md: |
15 | # Page 1
16 |
17 | 一ページ目のコンテンツです。
18 | replicas: 1
19 | viewerImage: "peaceiris/mdbook:latest"
20 |
--------------------------------------------------------------------------------
/codes/50_completed/config/samples/view_v1_markdownview.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: view.zoetrope.github.io/v1
2 | kind: MarkdownView
3 | metadata:
4 | labels:
5 | app.kubernetes.io/name: markdown-view
6 | app.kubernetes.io/managed-by: kustomize
7 | name: markdownview-sample
8 | spec:
9 | markdowns:
10 | SUMMARY.md: |
11 | # Summary
12 |
13 | - [Page1](page1.md)
14 | page1.md: |
15 | # Page 1
16 |
17 | 一ページ目のコンテンツです。
18 | replicas: 1
19 | viewerImage: "peaceiris/mdbook:latest"
20 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/crd/patches/webhook_in_markdownviews.yaml:
--------------------------------------------------------------------------------
1 | # The following patch enables a conversion webhook for the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | name: markdownviews.view.zoetrope.github.io
6 | spec:
7 | conversion:
8 | strategy: Webhook
9 | webhook:
10 | clientConfig:
11 | service:
12 | namespace: system
13 | name: webhook-service
14 | path: /convert
15 | conversionReviewVersions:
16 | - v1
17 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/crd/patches/webhook_in_markdownviews.yaml:
--------------------------------------------------------------------------------
1 | # The following patch enables a conversion webhook for the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | name: markdownviews.view.zoetrope.github.io
6 | spec:
7 | conversion:
8 | strategy: Webhook
9 | webhook:
10 | clientConfig:
11 | service:
12 | namespace: system
13 | name: webhook-service
14 | path: /convert
15 | conversionReviewVersions:
16 | - v1
17 |
--------------------------------------------------------------------------------
/codes/30_client/config/crd/patches/webhook_in_markdownviews.yaml:
--------------------------------------------------------------------------------
1 | # The following patch enables a conversion webhook for the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | name: markdownviews.view.zoetrope.github.io
6 | spec:
7 | conversion:
8 | strategy: Webhook
9 | webhook:
10 | clientConfig:
11 | service:
12 | namespace: system
13 | name: webhook-service
14 | path: /convert
15 | conversionReviewVersions:
16 | - v1
17 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/crd/patches/webhook_in_markdownviews.yaml:
--------------------------------------------------------------------------------
1 | # The following patch enables a conversion webhook for the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | name: markdownviews.view.zoetrope.github.io
6 | spec:
7 | conversion:
8 | strategy: Webhook
9 | webhook:
10 | clientConfig:
11 | service:
12 | namespace: system
13 | name: webhook-service
14 | path: /convert
15 | conversionReviewVersions:
16 | - v1
17 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/crd/patches/webhook_in_markdownviews.yaml:
--------------------------------------------------------------------------------
1 | # The following patch enables a conversion webhook for the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | name: markdownviews.view.zoetrope.github.io
6 | spec:
7 | conversion:
8 | strategy: Webhook
9 | webhook:
10 | clientConfig:
11 | service:
12 | namespace: system
13 | name: webhook-service
14 | path: /convert
15 | conversionReviewVersions:
16 | - v1
17 |
--------------------------------------------------------------------------------
/codes/50_completed/config/crd/patches/webhook_in_markdownviews.yaml:
--------------------------------------------------------------------------------
1 | # The following patch enables a conversion webhook for the CRD
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | name: markdownviews.view.zoetrope.github.io
6 | spec:
7 | conversion:
8 | strategy: Webhook
9 | webhook:
10 | clientConfig:
11 | service:
12 | namespace: system
13 | name: webhook-service
14 | path: /convert
15 | conversionReviewVersions:
16 | - v1
17 |
--------------------------------------------------------------------------------
/docs/introduction/installation.md:
--------------------------------------------------------------------------------
1 | # インストール
2 |
3 | Kubebuilderを利用する上で下記のソフトウェアが必要になります。
4 | 手順に従ってセットアップをおこなってください。
5 |
6 | * Go 1.20.0+
7 | * [Getting Started - The Go Programming Language](https://golang.org/doc/install)
8 | * Docker Engine 17.03+
9 | * [Install Docker Engine](https://docs.docker.com/engine/install/)
10 | * kind v0.23.0
11 | * [Quick Start | kind](https://kind.sigs.k8s.io/docs/user/quick-start/)
12 | * Kubebuilder v4.1.1
13 | * [Quick Start - The Kubebuilder Book](https://book.kubebuilder.io/quick-start.html)
14 |
--------------------------------------------------------------------------------
/codes/10_tilt/.gitignore:
--------------------------------------------------------------------------------
1 | # Binaries for programs and plugins
2 | *.exe
3 | *.exe~
4 | *.dll
5 | *.so
6 | *.dylib
7 | bin/*
8 | Dockerfile.cross
9 |
10 | # Test binary, built with `go test -c`
11 | *.test
12 |
13 | # Output of the go coverage tool, specifically when used with LiteIDE
14 | *.out
15 |
16 | # Go workspace file
17 | go.work
18 |
19 | # Kubernetes Generated files - skip generated files, except for vendored files
20 | !vendor/**/zz_generated.*
21 |
22 | # editor and IDE paraphernalia
23 | .idea
24 | .vscode
25 | *.swp
26 | *.swo
27 | *~
28 |
--------------------------------------------------------------------------------
/codes/30_client/.gitignore:
--------------------------------------------------------------------------------
1 | # Binaries for programs and plugins
2 | *.exe
3 | *.exe~
4 | *.dll
5 | *.so
6 | *.dylib
7 | bin/*
8 | Dockerfile.cross
9 |
10 | # Test binary, built with `go test -c`
11 | *.test
12 |
13 | # Output of the go coverage tool, specifically when used with LiteIDE
14 | *.out
15 |
16 | # Go workspace file
17 | go.work
18 |
19 | # Kubernetes Generated files - skip generated files, except for vendored files
20 | !vendor/**/zz_generated.*
21 |
22 | # editor and IDE paraphernalia
23 | .idea
24 | .vscode
25 | *.swp
26 | *.swo
27 | *~
28 |
--------------------------------------------------------------------------------
/codes/00_scaffold/.gitignore:
--------------------------------------------------------------------------------
1 | # Binaries for programs and plugins
2 | *.exe
3 | *.exe~
4 | *.dll
5 | *.so
6 | *.dylib
7 | bin/*
8 | Dockerfile.cross
9 |
10 | # Test binary, built with `go test -c`
11 | *.test
12 |
13 | # Output of the go coverage tool, specifically when used with LiteIDE
14 | *.out
15 |
16 | # Go workspace file
17 | go.work
18 |
19 | # Kubernetes Generated files - skip generated files, except for vendored files
20 | !vendor/**/zz_generated.*
21 |
22 | # editor and IDE paraphernalia
23 | .idea
24 | .vscode
25 | *.swp
26 | *.swo
27 | *~
28 |
--------------------------------------------------------------------------------
/codes/20_manifests/.gitignore:
--------------------------------------------------------------------------------
1 | # Binaries for programs and plugins
2 | *.exe
3 | *.exe~
4 | *.dll
5 | *.so
6 | *.dylib
7 | bin/*
8 | Dockerfile.cross
9 |
10 | # Test binary, built with `go test -c`
11 | *.test
12 |
13 | # Output of the go coverage tool, specifically when used with LiteIDE
14 | *.out
15 |
16 | # Go workspace file
17 | go.work
18 |
19 | # Kubernetes Generated files - skip generated files, except for vendored files
20 | !vendor/**/zz_generated.*
21 |
22 | # editor and IDE paraphernalia
23 | .idea
24 | .vscode
25 | *.swp
26 | *.swo
27 | *~
28 |
--------------------------------------------------------------------------------
/codes/40_reconcile/.gitignore:
--------------------------------------------------------------------------------
1 | # Binaries for programs and plugins
2 | *.exe
3 | *.exe~
4 | *.dll
5 | *.so
6 | *.dylib
7 | bin/*
8 | Dockerfile.cross
9 |
10 | # Test binary, built with `go test -c`
11 | *.test
12 |
13 | # Output of the go coverage tool, specifically when used with LiteIDE
14 | *.out
15 |
16 | # Go workspace file
17 | go.work
18 |
19 | # Kubernetes Generated files - skip generated files, except for vendored files
20 | !vendor/**/zz_generated.*
21 |
22 | # editor and IDE paraphernalia
23 | .idea
24 | .vscode
25 | *.swp
26 | *.swo
27 | *~
28 |
--------------------------------------------------------------------------------
/codes/50_completed/.gitignore:
--------------------------------------------------------------------------------
1 | # Binaries for programs and plugins
2 | *.exe
3 | *.exe~
4 | *.dll
5 | *.so
6 | *.dylib
7 | bin/*
8 | Dockerfile.cross
9 |
10 | # Test binary, built with `go test -c`
11 | *.test
12 |
13 | # Output of the go coverage tool, specifically when used with LiteIDE
14 | *.out
15 |
16 | # Go workspace file
17 | go.work
18 |
19 | # Kubernetes Generated files - skip generated files, except for vendored files
20 | !vendor/**/zz_generated.*
21 |
22 | # editor and IDE paraphernalia
23 | .idea
24 | .vscode
25 | *.swp
26 | *.swo
27 | *~
28 |
--------------------------------------------------------------------------------
/codes/40_reconcile/api/v1/testdata/validating/without-summary.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: view.zoetrope.github.io/v1
2 | kind: MarkdownView
3 | metadata:
4 | name: without-summary
5 | namespace: default
6 | annotations:
7 | message: 'admission webhook "vmarkdownview.kb.io" denied the request: MarkdownView.view.zoetrope.github.io "without-summary" is invalid: spec.markdowns: Required value: markdowns must have SUMMARY.md.'
8 | spec:
9 | markdowns:
10 | page1.md: |
11 | # Page 1
12 |
13 | 一ページ目のコンテンツです。
14 | replicas: 1
15 | viewerImage: "peaceiris/mdbook:latest"
16 |
--------------------------------------------------------------------------------
/codes/50_completed/api/v1/testdata/validating/without-summary.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: view.zoetrope.github.io/v1
2 | kind: MarkdownView
3 | metadata:
4 | name: without-summary
5 | namespace: default
6 | annotations:
7 | message: 'admission webhook "vmarkdownview.kb.io" denied the request: MarkdownView.view.zoetrope.github.io "without-summary" is invalid: spec.markdowns: Required value: markdowns must have SUMMARY.md.'
8 | spec:
9 | markdowns:
10 | page1.md: |
11 | # Page 1
12 |
13 | 一ページ目のコンテンツです。
14 | replicas: 1
15 | viewerImage: "peaceiris/mdbook:latest"
16 |
--------------------------------------------------------------------------------
/template.hbs:
--------------------------------------------------------------------------------
1 | {{#if title}}
2 | {{#if id}}
3 | > {{title}}
4 | {{else}}
5 | > {{title}}
6 | {{/if}}
7 | {{else}}
8 | > {{fileName}}
9 | {{/if}}
10 |
11 | {{{backtick}}} {{lang}}
12 | {{{content}}}
13 | {{{backtick}}}
14 |
--------------------------------------------------------------------------------
/codes/50_completed/internal/controller/metrics.go:
--------------------------------------------------------------------------------
1 | package controller
2 |
3 | import (
4 | "github.com/prometheus/client_golang/prometheus"
5 | "sigs.k8s.io/controller-runtime/pkg/metrics"
6 | )
7 |
8 | const (
9 | metricsNamespace = "markdownview"
10 | )
11 |
12 | var (
13 | AvailableVec = prometheus.NewGaugeVec(prometheus.GaugeOpts{
14 | Namespace: metricsNamespace,
15 | Name: "available",
16 | Help: "The cluster status about available condition",
17 | }, []string{"name", "namespace"})
18 | )
19 |
20 | func init() {
21 | metrics.Registry.MustRegister(AvailableVec)
22 | }
23 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/rbac/markdownview_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view markdownviews.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: markdown-view
7 | app.kubernetes.io/managed-by: kustomize
8 | name: markdownview-viewer-role
9 | rules:
10 | - apiGroups:
11 | - view.zoetrope.github.io
12 | resources:
13 | - markdownviews
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - apiGroups:
19 | - view.zoetrope.github.io
20 | resources:
21 | - markdownviews/status
22 | verbs:
23 | - get
24 |
--------------------------------------------------------------------------------
/codes/30_client/config/rbac/markdownview_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view markdownviews.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: markdown-view
7 | app.kubernetes.io/managed-by: kustomize
8 | name: markdownview-viewer-role
9 | rules:
10 | - apiGroups:
11 | - view.zoetrope.github.io
12 | resources:
13 | - markdownviews
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - apiGroups:
19 | - view.zoetrope.github.io
20 | resources:
21 | - markdownviews/status
22 | verbs:
23 | - get
24 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/rbac/markdownview_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view markdownviews.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: markdown-view
7 | app.kubernetes.io/managed-by: kustomize
8 | name: markdownview-viewer-role
9 | rules:
10 | - apiGroups:
11 | - view.zoetrope.github.io
12 | resources:
13 | - markdownviews
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - apiGroups:
19 | - view.zoetrope.github.io
20 | resources:
21 | - markdownviews/status
22 | verbs:
23 | - get
24 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/rbac/markdownview_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view markdownviews.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: markdown-view
7 | app.kubernetes.io/managed-by: kustomize
8 | name: markdownview-viewer-role
9 | rules:
10 | - apiGroups:
11 | - view.zoetrope.github.io
12 | resources:
13 | - markdownviews
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - apiGroups:
19 | - view.zoetrope.github.io
20 | resources:
21 | - markdownviews/status
22 | verbs:
23 | - get
24 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/rbac/markdownview_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view markdownviews.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: markdown-view
7 | app.kubernetes.io/managed-by: kustomize
8 | name: markdownview-viewer-role
9 | rules:
10 | - apiGroups:
11 | - view.zoetrope.github.io
12 | resources:
13 | - markdownviews
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - apiGroups:
19 | - view.zoetrope.github.io
20 | resources:
21 | - markdownviews/status
22 | verbs:
23 | - get
24 |
--------------------------------------------------------------------------------
/codes/50_completed/config/rbac/markdownview_viewer_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to view markdownviews.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: markdown-view
7 | app.kubernetes.io/managed-by: kustomize
8 | name: markdownview-viewer-role
9 | rules:
10 | - apiGroups:
11 | - view.zoetrope.github.io
12 | resources:
13 | - markdownviews
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - apiGroups:
19 | - view.zoetrope.github.io
20 | resources:
21 | - markdownviews/status
22 | verbs:
23 | - get
24 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/crd/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # This file is for teaching kustomize how to substitute name and namespace reference in CRD
2 | nameReference:
3 | - kind: Service
4 | version: v1
5 | fieldSpecs:
6 | - kind: CustomResourceDefinition
7 | version: v1
8 | group: apiextensions.k8s.io
9 | path: spec/conversion/webhook/clientConfig/service/name
10 |
11 | namespace:
12 | - kind: CustomResourceDefinition
13 | version: v1
14 | group: apiextensions.k8s.io
15 | path: spec/conversion/webhook/clientConfig/service/namespace
16 | create: false
17 |
18 | varReference:
19 | - path: metadata/annotations
20 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/crd/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # This file is for teaching kustomize how to substitute name and namespace reference in CRD
2 | nameReference:
3 | - kind: Service
4 | version: v1
5 | fieldSpecs:
6 | - kind: CustomResourceDefinition
7 | version: v1
8 | group: apiextensions.k8s.io
9 | path: spec/conversion/webhook/clientConfig/service/name
10 |
11 | namespace:
12 | - kind: CustomResourceDefinition
13 | version: v1
14 | group: apiextensions.k8s.io
15 | path: spec/conversion/webhook/clientConfig/service/namespace
16 | create: false
17 |
18 | varReference:
19 | - path: metadata/annotations
20 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/crd/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # This file is for teaching kustomize how to substitute name and namespace reference in CRD
2 | nameReference:
3 | - kind: Service
4 | version: v1
5 | fieldSpecs:
6 | - kind: CustomResourceDefinition
7 | version: v1
8 | group: apiextensions.k8s.io
9 | path: spec/conversion/webhook/clientConfig/service/name
10 |
11 | namespace:
12 | - kind: CustomResourceDefinition
13 | version: v1
14 | group: apiextensions.k8s.io
15 | path: spec/conversion/webhook/clientConfig/service/namespace
16 | create: false
17 |
18 | varReference:
19 | - path: metadata/annotations
20 |
--------------------------------------------------------------------------------
/codes/30_client/config/crd/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # This file is for teaching kustomize how to substitute name and namespace reference in CRD
2 | nameReference:
3 | - kind: Service
4 | version: v1
5 | fieldSpecs:
6 | - kind: CustomResourceDefinition
7 | version: v1
8 | group: apiextensions.k8s.io
9 | path: spec/conversion/webhook/clientConfig/service/name
10 |
11 | namespace:
12 | - kind: CustomResourceDefinition
13 | version: v1
14 | group: apiextensions.k8s.io
15 | path: spec/conversion/webhook/clientConfig/service/namespace
16 | create: false
17 |
18 | varReference:
19 | - path: metadata/annotations
20 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/crd/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # This file is for teaching kustomize how to substitute name and namespace reference in CRD
2 | nameReference:
3 | - kind: Service
4 | version: v1
5 | fieldSpecs:
6 | - kind: CustomResourceDefinition
7 | version: v1
8 | group: apiextensions.k8s.io
9 | path: spec/conversion/webhook/clientConfig/service/name
10 |
11 | namespace:
12 | - kind: CustomResourceDefinition
13 | version: v1
14 | group: apiextensions.k8s.io
15 | path: spec/conversion/webhook/clientConfig/service/namespace
16 | create: false
17 |
18 | varReference:
19 | - path: metadata/annotations
20 |
--------------------------------------------------------------------------------
/codes/50_completed/config/crd/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # This file is for teaching kustomize how to substitute name and namespace reference in CRD
2 | nameReference:
3 | - kind: Service
4 | version: v1
5 | fieldSpecs:
6 | - kind: CustomResourceDefinition
7 | version: v1
8 | group: apiextensions.k8s.io
9 | path: spec/conversion/webhook/clientConfig/service/name
10 |
11 | namespace:
12 | - kind: CustomResourceDefinition
13 | version: v1
14 | group: apiextensions.k8s.io
15 | path: spec/conversion/webhook/clientConfig/service/namespace
16 | create: false
17 |
18 | varReference:
19 | - path: metadata/annotations
20 |
--------------------------------------------------------------------------------
/codes/00_scaffold/hack/boilerplate.go.txt:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
--------------------------------------------------------------------------------
/codes/10_tilt/hack/boilerplate.go.txt:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
--------------------------------------------------------------------------------
/codes/30_client/hack/boilerplate.go.txt:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
--------------------------------------------------------------------------------
/.textlintrc:
--------------------------------------------------------------------------------
1 | {
2 | "filters": {},
3 | "rules": {
4 | "@textlint-ja/no-synonyms": true,
5 | "@textlint-ja/textlint-rule-no-insert-dropping-sa": true,
6 | "ja-hiragana-fukushi": true,
7 | "ja-hiragana-hojodoushi": true,
8 | "ja-no-orthographic-variants": true,
9 | "no-mixed-zenkaku-and-hankaku-alphabet": true,
10 | "no-start-duplicated-conjunction": {
11 | "interval": 2
12 | },
13 | "prefer-tari-tari": true,
14 | "preset-ja-spacing": true,
15 | "preset-ja-technical-writing": true,
16 | "prh": {
17 | "rulePaths": [
18 | "./prh.yaml"
19 | ]
20 | }
21 | }
22 | }
23 |
--------------------------------------------------------------------------------
/codes/20_manifests/hack/boilerplate.go.txt:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
--------------------------------------------------------------------------------
/codes/40_reconcile/hack/boilerplate.go.txt:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
--------------------------------------------------------------------------------
/codes/50_completed/hack/boilerplate.go.txt:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
--------------------------------------------------------------------------------
/codes/10_tilt/config/rbac/role.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | name: manager-role
6 | rules:
7 | - apiGroups:
8 | - view.zoetrope.github.io
9 | resources:
10 | - markdownviews
11 | verbs:
12 | - create
13 | - delete
14 | - get
15 | - list
16 | - patch
17 | - update
18 | - watch
19 | - apiGroups:
20 | - view.zoetrope.github.io
21 | resources:
22 | - markdownviews/finalizers
23 | verbs:
24 | - update
25 | - apiGroups:
26 | - view.zoetrope.github.io
27 | resources:
28 | - markdownviews/status
29 | verbs:
30 | - get
31 | - patch
32 | - update
33 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/rbac/role.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | name: manager-role
6 | rules:
7 | - apiGroups:
8 | - view.zoetrope.github.io
9 | resources:
10 | - markdownviews
11 | verbs:
12 | - create
13 | - delete
14 | - get
15 | - list
16 | - patch
17 | - update
18 | - watch
19 | - apiGroups:
20 | - view.zoetrope.github.io
21 | resources:
22 | - markdownviews/finalizers
23 | verbs:
24 | - update
25 | - apiGroups:
26 | - view.zoetrope.github.io
27 | resources:
28 | - markdownviews/status
29 | verbs:
30 | - get
31 | - patch
32 | - update
33 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/rbac/markdownview_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit markdownviews.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: markdown-view
7 | app.kubernetes.io/managed-by: kustomize
8 | name: markdownview-editor-role
9 | rules:
10 | - apiGroups:
11 | - view.zoetrope.github.io
12 | resources:
13 | - markdownviews
14 | verbs:
15 | - create
16 | - delete
17 | - get
18 | - list
19 | - patch
20 | - update
21 | - watch
22 | - apiGroups:
23 | - view.zoetrope.github.io
24 | resources:
25 | - markdownviews/status
26 | verbs:
27 | - get
28 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/rbac/markdownview_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit markdownviews.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: markdown-view
7 | app.kubernetes.io/managed-by: kustomize
8 | name: markdownview-editor-role
9 | rules:
10 | - apiGroups:
11 | - view.zoetrope.github.io
12 | resources:
13 | - markdownviews
14 | verbs:
15 | - create
16 | - delete
17 | - get
18 | - list
19 | - patch
20 | - update
21 | - watch
22 | - apiGroups:
23 | - view.zoetrope.github.io
24 | resources:
25 | - markdownviews/status
26 | verbs:
27 | - get
28 |
--------------------------------------------------------------------------------
/codes/30_client/config/rbac/markdownview_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit markdownviews.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: markdown-view
7 | app.kubernetes.io/managed-by: kustomize
8 | name: markdownview-editor-role
9 | rules:
10 | - apiGroups:
11 | - view.zoetrope.github.io
12 | resources:
13 | - markdownviews
14 | verbs:
15 | - create
16 | - delete
17 | - get
18 | - list
19 | - patch
20 | - update
21 | - watch
22 | - apiGroups:
23 | - view.zoetrope.github.io
24 | resources:
25 | - markdownviews/status
26 | verbs:
27 | - get
28 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/rbac/markdownview_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit markdownviews.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: markdown-view
7 | app.kubernetes.io/managed-by: kustomize
8 | name: markdownview-editor-role
9 | rules:
10 | - apiGroups:
11 | - view.zoetrope.github.io
12 | resources:
13 | - markdownviews
14 | verbs:
15 | - create
16 | - delete
17 | - get
18 | - list
19 | - patch
20 | - update
21 | - watch
22 | - apiGroups:
23 | - view.zoetrope.github.io
24 | resources:
25 | - markdownviews/status
26 | verbs:
27 | - get
28 |
--------------------------------------------------------------------------------
/codes/40_reconcile/api/v1/testdata/validating/invalid-replicas.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: view.zoetrope.github.io/v1
2 | kind: MarkdownView
3 | metadata:
4 | name: invalid-replicas
5 | namespace: default
6 | annotations:
7 | message: 'admission webhook "vmarkdownview.kb.io" denied the request: MarkdownView.view.zoetrope.github.io "invalid-replicas" is invalid: spec.replicas: Invalid value: 100: replicas must be in the range of 1 to 5.'
8 | spec:
9 | markdowns:
10 | SUMMARY.md: |
11 | # Summary
12 |
13 | - [Page1](page1.md)
14 | page1.md: |
15 | # Page 1
16 |
17 | 一ページ目のコンテンツです。
18 | replicas: 100
19 | viewerImage: "peaceiris/mdbook:latest"
20 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/rbac/markdownview_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit markdownviews.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: markdown-view
7 | app.kubernetes.io/managed-by: kustomize
8 | name: markdownview-editor-role
9 | rules:
10 | - apiGroups:
11 | - view.zoetrope.github.io
12 | resources:
13 | - markdownviews
14 | verbs:
15 | - create
16 | - delete
17 | - get
18 | - list
19 | - patch
20 | - update
21 | - watch
22 | - apiGroups:
23 | - view.zoetrope.github.io
24 | resources:
25 | - markdownviews/status
26 | verbs:
27 | - get
28 |
--------------------------------------------------------------------------------
/codes/50_completed/api/v1/testdata/validating/invalid-replicas.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: view.zoetrope.github.io/v1
2 | kind: MarkdownView
3 | metadata:
4 | name: invalid-replicas
5 | namespace: default
6 | annotations:
7 | message: 'admission webhook "vmarkdownview.kb.io" denied the request: MarkdownView.view.zoetrope.github.io "invalid-replicas" is invalid: spec.replicas: Invalid value: 100: replicas must be in the range of 1 to 5.'
8 | spec:
9 | markdowns:
10 | SUMMARY.md: |
11 | # Summary
12 |
13 | - [Page1](page1.md)
14 | page1.md: |
15 | # Page 1
16 |
17 | 一ページ目のコンテンツです。
18 | replicas: 100
19 | viewerImage: "peaceiris/mdbook:latest"
20 |
--------------------------------------------------------------------------------
/codes/50_completed/config/rbac/markdownview_editor_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions for end users to edit markdownviews.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: markdown-view
7 | app.kubernetes.io/managed-by: kustomize
8 | name: markdownview-editor-role
9 | rules:
10 | - apiGroups:
11 | - view.zoetrope.github.io
12 | resources:
13 | - markdownviews
14 | verbs:
15 | - create
16 | - delete
17 | - get
18 | - list
19 | - patch
20 | - update
21 | - watch
22 | - apiGroups:
23 | - view.zoetrope.github.io
24 | resources:
25 | - markdownviews/status
26 | verbs:
27 | - get
28 |
--------------------------------------------------------------------------------
/codes/10_tilt/PROJECT:
--------------------------------------------------------------------------------
1 | # Code generated by tool. DO NOT EDIT.
2 | # This file is used to track the info used to scaffold your project
3 | # and allow the plugins properly work.
4 | # More info: https://book.kubebuilder.io/reference/project-config.html
5 | domain: zoetrope.github.io
6 | layout:
7 | - go.kubebuilder.io/v4
8 | projectName: markdown-view
9 | repo: github.com/zoetrope/markdown-view
10 | resources:
11 | - api:
12 | crdVersion: v1
13 | namespaced: true
14 | controller: true
15 | domain: zoetrope.github.io
16 | group: view
17 | kind: MarkdownView
18 | path: github.com/zoetrope/markdown-view/api/v1
19 | version: v1
20 | webhooks:
21 | defaulting: true
22 | validation: true
23 | webhookVersion: v1
24 | version: "3"
25 |
--------------------------------------------------------------------------------
/codes/00_scaffold/PROJECT:
--------------------------------------------------------------------------------
1 | # Code generated by tool. DO NOT EDIT.
2 | # This file is used to track the info used to scaffold your project
3 | # and allow the plugins properly work.
4 | # More info: https://book.kubebuilder.io/reference/project-config.html
5 | domain: zoetrope.github.io
6 | layout:
7 | - go.kubebuilder.io/v4
8 | projectName: markdown-view
9 | repo: github.com/zoetrope/markdown-view
10 | resources:
11 | - api:
12 | crdVersion: v1
13 | namespaced: true
14 | controller: true
15 | domain: zoetrope.github.io
16 | group: view
17 | kind: MarkdownView
18 | path: github.com/zoetrope/markdown-view/api/v1
19 | version: v1
20 | webhooks:
21 | defaulting: true
22 | validation: true
23 | webhookVersion: v1
24 | version: "3"
25 |
--------------------------------------------------------------------------------
/codes/20_manifests/PROJECT:
--------------------------------------------------------------------------------
1 | # Code generated by tool. DO NOT EDIT.
2 | # This file is used to track the info used to scaffold your project
3 | # and allow the plugins properly work.
4 | # More info: https://book.kubebuilder.io/reference/project-config.html
5 | domain: zoetrope.github.io
6 | layout:
7 | - go.kubebuilder.io/v4
8 | projectName: markdown-view
9 | repo: github.com/zoetrope/markdown-view
10 | resources:
11 | - api:
12 | crdVersion: v1
13 | namespaced: true
14 | controller: true
15 | domain: zoetrope.github.io
16 | group: view
17 | kind: MarkdownView
18 | path: github.com/zoetrope/markdown-view/api/v1
19 | version: v1
20 | webhooks:
21 | defaulting: true
22 | validation: true
23 | webhookVersion: v1
24 | version: "3"
25 |
--------------------------------------------------------------------------------
/codes/30_client/PROJECT:
--------------------------------------------------------------------------------
1 | # Code generated by tool. DO NOT EDIT.
2 | # This file is used to track the info used to scaffold your project
3 | # and allow the plugins properly work.
4 | # More info: https://book.kubebuilder.io/reference/project-config.html
5 | domain: zoetrope.github.io
6 | layout:
7 | - go.kubebuilder.io/v4
8 | projectName: markdown-view
9 | repo: github.com/zoetrope/markdown-view
10 | resources:
11 | - api:
12 | crdVersion: v1
13 | namespaced: true
14 | controller: true
15 | domain: zoetrope.github.io
16 | group: view
17 | kind: MarkdownView
18 | path: github.com/zoetrope/markdown-view/api/v1
19 | version: v1
20 | webhooks:
21 | defaulting: true
22 | validation: true
23 | webhookVersion: v1
24 | version: "3"
25 |
--------------------------------------------------------------------------------
/codes/40_reconcile/PROJECT:
--------------------------------------------------------------------------------
1 | # Code generated by tool. DO NOT EDIT.
2 | # This file is used to track the info used to scaffold your project
3 | # and allow the plugins properly work.
4 | # More info: https://book.kubebuilder.io/reference/project-config.html
5 | domain: zoetrope.github.io
6 | layout:
7 | - go.kubebuilder.io/v4
8 | projectName: markdown-view
9 | repo: github.com/zoetrope/markdown-view
10 | resources:
11 | - api:
12 | crdVersion: v1
13 | namespaced: true
14 | controller: true
15 | domain: zoetrope.github.io
16 | group: view
17 | kind: MarkdownView
18 | path: github.com/zoetrope/markdown-view/api/v1
19 | version: v1
20 | webhooks:
21 | defaulting: true
22 | validation: true
23 | webhookVersion: v1
24 | version: "3"
25 |
--------------------------------------------------------------------------------
/codes/50_completed/PROJECT:
--------------------------------------------------------------------------------
1 | # Code generated by tool. DO NOT EDIT.
2 | # This file is used to track the info used to scaffold your project
3 | # and allow the plugins properly work.
4 | # More info: https://book.kubebuilder.io/reference/project-config.html
5 | domain: zoetrope.github.io
6 | layout:
7 | - go.kubebuilder.io/v4
8 | projectName: markdown-view
9 | repo: github.com/zoetrope/markdown-view
10 | resources:
11 | - api:
12 | crdVersion: v1
13 | namespaced: true
14 | controller: true
15 | domain: zoetrope.github.io
16 | group: view
17 | kind: MarkdownView
18 | path: github.com/zoetrope/markdown-view/api/v1
19 | version: v1
20 | webhooks:
21 | defaulting: true
22 | validation: true
23 | webhookVersion: v1
24 | version: "3"
25 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/default/manager_webhook_patch.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: controller-manager
5 | namespace: system
6 | labels:
7 | app.kubernetes.io/name: markdown-view
8 | app.kubernetes.io/managed-by: kustomize
9 | spec:
10 | template:
11 | spec:
12 | containers:
13 | - name: manager
14 | ports:
15 | - containerPort: 9443
16 | name: webhook-server
17 | protocol: TCP
18 | volumeMounts:
19 | - mountPath: /tmp/k8s-webhook-server/serving-certs
20 | name: cert
21 | readOnly: true
22 | volumes:
23 | - name: cert
24 | secret:
25 | defaultMode: 420
26 | secretName: webhook-server-cert
27 |
--------------------------------------------------------------------------------
/codes/30_client/config/default/manager_webhook_patch.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: controller-manager
5 | namespace: system
6 | labels:
7 | app.kubernetes.io/name: markdown-view
8 | app.kubernetes.io/managed-by: kustomize
9 | spec:
10 | template:
11 | spec:
12 | containers:
13 | - name: manager
14 | ports:
15 | - containerPort: 9443
16 | name: webhook-server
17 | protocol: TCP
18 | volumeMounts:
19 | - mountPath: /tmp/k8s-webhook-server/serving-certs
20 | name: cert
21 | readOnly: true
22 | volumes:
23 | - name: cert
24 | secret:
25 | defaultMode: 420
26 | secretName: webhook-server-cert
27 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/default/manager_webhook_patch.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: controller-manager
5 | namespace: system
6 | labels:
7 | app.kubernetes.io/name: markdown-view
8 | app.kubernetes.io/managed-by: kustomize
9 | spec:
10 | template:
11 | spec:
12 | containers:
13 | - name: manager
14 | ports:
15 | - containerPort: 9443
16 | name: webhook-server
17 | protocol: TCP
18 | volumeMounts:
19 | - mountPath: /tmp/k8s-webhook-server/serving-certs
20 | name: cert
21 | readOnly: true
22 | volumes:
23 | - name: cert
24 | secret:
25 | defaultMode: 420
26 | secretName: webhook-server-cert
27 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/default/manager_webhook_patch.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: controller-manager
5 | namespace: system
6 | labels:
7 | app.kubernetes.io/name: markdown-view
8 | app.kubernetes.io/managed-by: kustomize
9 | spec:
10 | template:
11 | spec:
12 | containers:
13 | - name: manager
14 | ports:
15 | - containerPort: 9443
16 | name: webhook-server
17 | protocol: TCP
18 | volumeMounts:
19 | - mountPath: /tmp/k8s-webhook-server/serving-certs
20 | name: cert
21 | readOnly: true
22 | volumes:
23 | - name: cert
24 | secret:
25 | defaultMode: 420
26 | secretName: webhook-server-cert
27 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/default/manager_webhook_patch.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: controller-manager
5 | namespace: system
6 | labels:
7 | app.kubernetes.io/name: markdown-view
8 | app.kubernetes.io/managed-by: kustomize
9 | spec:
10 | template:
11 | spec:
12 | containers:
13 | - name: manager
14 | ports:
15 | - containerPort: 9443
16 | name: webhook-server
17 | protocol: TCP
18 | volumeMounts:
19 | - mountPath: /tmp/k8s-webhook-server/serving-certs
20 | name: cert
21 | readOnly: true
22 | volumes:
23 | - name: cert
24 | secret:
25 | defaultMode: 420
26 | secretName: webhook-server-cert
27 |
--------------------------------------------------------------------------------
/codes/50_completed/config/default/manager_webhook_patch.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: controller-manager
5 | namespace: system
6 | labels:
7 | app.kubernetes.io/name: markdown-view
8 | app.kubernetes.io/managed-by: kustomize
9 | spec:
10 | template:
11 | spec:
12 | containers:
13 | - name: manager
14 | ports:
15 | - containerPort: 9443
16 | name: webhook-server
17 | protocol: TCP
18 | volumeMounts:
19 | - mountPath: /tmp/k8s-webhook-server/serving-certs
20 | name: cert
21 | readOnly: true
22 | volumes:
23 | - name: cert
24 | secret:
25 | defaultMode: 420
26 | secretName: webhook-server-cert
27 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/rbac/leader_election_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions to do leader election.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: Role
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: markdown-view
7 | app.kubernetes.io/managed-by: kustomize
8 | name: leader-election-role
9 | rules:
10 | - apiGroups:
11 | - ""
12 | resources:
13 | - configmaps
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - create
19 | - update
20 | - patch
21 | - delete
22 | - apiGroups:
23 | - coordination.k8s.io
24 | resources:
25 | - leases
26 | verbs:
27 | - get
28 | - list
29 | - watch
30 | - create
31 | - update
32 | - patch
33 | - delete
34 | - apiGroups:
35 | - ""
36 | resources:
37 | - events
38 | verbs:
39 | - create
40 | - patch
41 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/rbac/leader_election_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions to do leader election.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: Role
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: markdown-view
7 | app.kubernetes.io/managed-by: kustomize
8 | name: leader-election-role
9 | rules:
10 | - apiGroups:
11 | - ""
12 | resources:
13 | - configmaps
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - create
19 | - update
20 | - patch
21 | - delete
22 | - apiGroups:
23 | - coordination.k8s.io
24 | resources:
25 | - leases
26 | verbs:
27 | - get
28 | - list
29 | - watch
30 | - create
31 | - update
32 | - patch
33 | - delete
34 | - apiGroups:
35 | - ""
36 | resources:
37 | - events
38 | verbs:
39 | - create
40 | - patch
41 |
--------------------------------------------------------------------------------
/codes/30_client/config/rbac/leader_election_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions to do leader election.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: Role
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: markdown-view
7 | app.kubernetes.io/managed-by: kustomize
8 | name: leader-election-role
9 | rules:
10 | - apiGroups:
11 | - ""
12 | resources:
13 | - configmaps
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - create
19 | - update
20 | - patch
21 | - delete
22 | - apiGroups:
23 | - coordination.k8s.io
24 | resources:
25 | - leases
26 | verbs:
27 | - get
28 | - list
29 | - watch
30 | - create
31 | - update
32 | - patch
33 | - delete
34 | - apiGroups:
35 | - ""
36 | resources:
37 | - events
38 | verbs:
39 | - create
40 | - patch
41 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/rbac/leader_election_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions to do leader election.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: Role
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: markdown-view
7 | app.kubernetes.io/managed-by: kustomize
8 | name: leader-election-role
9 | rules:
10 | - apiGroups:
11 | - ""
12 | resources:
13 | - configmaps
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - create
19 | - update
20 | - patch
21 | - delete
22 | - apiGroups:
23 | - coordination.k8s.io
24 | resources:
25 | - leases
26 | verbs:
27 | - get
28 | - list
29 | - watch
30 | - create
31 | - update
32 | - patch
33 | - delete
34 | - apiGroups:
35 | - ""
36 | resources:
37 | - events
38 | verbs:
39 | - create
40 | - patch
41 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/rbac/leader_election_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions to do leader election.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: Role
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: markdown-view
7 | app.kubernetes.io/managed-by: kustomize
8 | name: leader-election-role
9 | rules:
10 | - apiGroups:
11 | - ""
12 | resources:
13 | - configmaps
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - create
19 | - update
20 | - patch
21 | - delete
22 | - apiGroups:
23 | - coordination.k8s.io
24 | resources:
25 | - leases
26 | verbs:
27 | - get
28 | - list
29 | - watch
30 | - create
31 | - update
32 | - patch
33 | - delete
34 | - apiGroups:
35 | - ""
36 | resources:
37 | - events
38 | verbs:
39 | - create
40 | - patch
41 |
--------------------------------------------------------------------------------
/codes/50_completed/config/rbac/leader_election_role.yaml:
--------------------------------------------------------------------------------
1 | # permissions to do leader election.
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: Role
4 | metadata:
5 | labels:
6 | app.kubernetes.io/name: markdown-view
7 | app.kubernetes.io/managed-by: kustomize
8 | name: leader-election-role
9 | rules:
10 | - apiGroups:
11 | - ""
12 | resources:
13 | - configmaps
14 | verbs:
15 | - get
16 | - list
17 | - watch
18 | - create
19 | - update
20 | - patch
21 | - delete
22 | - apiGroups:
23 | - coordination.k8s.io
24 | resources:
25 | - leases
26 | verbs:
27 | - get
28 | - list
29 | - watch
30 | - create
31 | - update
32 | - patch
33 | - delete
34 | - apiGroups:
35 | - ""
36 | resources:
37 | - events
38 | verbs:
39 | - create
40 | - patch
41 |
--------------------------------------------------------------------------------
/docs/controller-runtime/versioning.md:
--------------------------------------------------------------------------------
1 | # CRDのバージョニング
2 |
3 | バージョニング難しい。
4 |
5 | 例えば、CRDを後方互換性のない形で変更してしまい、
6 | カスタムコントローラの利用ユーザーが、カスタムリソースを一旦削除しなければならない。
7 | サービスの停止、
8 | 非常に手間がかかる、
9 | コントローラの種類によってはデータが失われてしまうようなケースも発生します。
10 |
11 | 後方互換性のある形で変更しなければなりません。
12 |
13 | 本資料のなかでこれまでつくってきたカスタムリソースは以下のようなものでした。
14 |
15 | [import](../../codes/tenant/config/samples/multitenancy_v1_tenant.yaml)
16 |
17 | フィールドの追加や
18 |
19 | [import](../../codes/tenant/config/samples/multitenancy_v1_1_tenant.yaml)
20 |
21 | adminフィールドは現在ひとつの値しか指定できませんが、これを複数指定できるように
22 |
23 | [import](../../codes/tenant/config/samples/multitenancy_v1_2_tenant.yaml)
24 |
25 | adminとadminsフィールドが存在するのはユーザーにとっては利用しにくいものです。
26 | そこで、下記のようにadminsフィールドにまとめたい。
27 | この場合は互換性がなくなってしまうので、apiVersionをv2にして
28 |
29 | [import](../../codes/tenant/config/samples/multitenancy_v2_tenant.yaml)
30 |
31 | そしてconversion webhookを用意します。
32 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/webhook/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # the following config is for teaching kustomize where to look at when substituting nameReference.
2 | # It requires kustomize v2.1.0 or newer to work properly.
3 | nameReference:
4 | - kind: Service
5 | version: v1
6 | fieldSpecs:
7 | - kind: MutatingWebhookConfiguration
8 | group: admissionregistration.k8s.io
9 | path: webhooks/clientConfig/service/name
10 | - kind: ValidatingWebhookConfiguration
11 | group: admissionregistration.k8s.io
12 | path: webhooks/clientConfig/service/name
13 |
14 | namespace:
15 | - kind: MutatingWebhookConfiguration
16 | group: admissionregistration.k8s.io
17 | path: webhooks/clientConfig/service/namespace
18 | create: true
19 | - kind: ValidatingWebhookConfiguration
20 | group: admissionregistration.k8s.io
21 | path: webhooks/clientConfig/service/namespace
22 | create: true
23 |
--------------------------------------------------------------------------------
/codes/30_client/config/webhook/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # the following config is for teaching kustomize where to look at when substituting nameReference.
2 | # It requires kustomize v2.1.0 or newer to work properly.
3 | nameReference:
4 | - kind: Service
5 | version: v1
6 | fieldSpecs:
7 | - kind: MutatingWebhookConfiguration
8 | group: admissionregistration.k8s.io
9 | path: webhooks/clientConfig/service/name
10 | - kind: ValidatingWebhookConfiguration
11 | group: admissionregistration.k8s.io
12 | path: webhooks/clientConfig/service/name
13 |
14 | namespace:
15 | - kind: MutatingWebhookConfiguration
16 | group: admissionregistration.k8s.io
17 | path: webhooks/clientConfig/service/namespace
18 | create: true
19 | - kind: ValidatingWebhookConfiguration
20 | group: admissionregistration.k8s.io
21 | path: webhooks/clientConfig/service/namespace
22 | create: true
23 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/webhook/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # the following config is for teaching kustomize where to look at when substituting nameReference.
2 | # It requires kustomize v2.1.0 or newer to work properly.
3 | nameReference:
4 | - kind: Service
5 | version: v1
6 | fieldSpecs:
7 | - kind: MutatingWebhookConfiguration
8 | group: admissionregistration.k8s.io
9 | path: webhooks/clientConfig/service/name
10 | - kind: ValidatingWebhookConfiguration
11 | group: admissionregistration.k8s.io
12 | path: webhooks/clientConfig/service/name
13 |
14 | namespace:
15 | - kind: MutatingWebhookConfiguration
16 | group: admissionregistration.k8s.io
17 | path: webhooks/clientConfig/service/namespace
18 | create: true
19 | - kind: ValidatingWebhookConfiguration
20 | group: admissionregistration.k8s.io
21 | path: webhooks/clientConfig/service/namespace
22 | create: true
23 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/webhook/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # the following config is for teaching kustomize where to look at when substituting nameReference.
2 | # It requires kustomize v2.1.0 or newer to work properly.
3 | nameReference:
4 | - kind: Service
5 | version: v1
6 | fieldSpecs:
7 | - kind: MutatingWebhookConfiguration
8 | group: admissionregistration.k8s.io
9 | path: webhooks/clientConfig/service/name
10 | - kind: ValidatingWebhookConfiguration
11 | group: admissionregistration.k8s.io
12 | path: webhooks/clientConfig/service/name
13 |
14 | namespace:
15 | - kind: MutatingWebhookConfiguration
16 | group: admissionregistration.k8s.io
17 | path: webhooks/clientConfig/service/namespace
18 | create: true
19 | - kind: ValidatingWebhookConfiguration
20 | group: admissionregistration.k8s.io
21 | path: webhooks/clientConfig/service/namespace
22 | create: true
23 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/webhook/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # the following config is for teaching kustomize where to look at when substituting nameReference.
2 | # It requires kustomize v2.1.0 or newer to work properly.
3 | nameReference:
4 | - kind: Service
5 | version: v1
6 | fieldSpecs:
7 | - kind: MutatingWebhookConfiguration
8 | group: admissionregistration.k8s.io
9 | path: webhooks/clientConfig/service/name
10 | - kind: ValidatingWebhookConfiguration
11 | group: admissionregistration.k8s.io
12 | path: webhooks/clientConfig/service/name
13 |
14 | namespace:
15 | - kind: MutatingWebhookConfiguration
16 | group: admissionregistration.k8s.io
17 | path: webhooks/clientConfig/service/namespace
18 | create: true
19 | - kind: ValidatingWebhookConfiguration
20 | group: admissionregistration.k8s.io
21 | path: webhooks/clientConfig/service/namespace
22 | create: true
23 |
--------------------------------------------------------------------------------
/codes/50_completed/config/webhook/kustomizeconfig.yaml:
--------------------------------------------------------------------------------
1 | # the following config is for teaching kustomize where to look at when substituting nameReference.
2 | # It requires kustomize v2.1.0 or newer to work properly.
3 | nameReference:
4 | - kind: Service
5 | version: v1
6 | fieldSpecs:
7 | - kind: MutatingWebhookConfiguration
8 | group: admissionregistration.k8s.io
9 | path: webhooks/clientConfig/service/name
10 | - kind: ValidatingWebhookConfiguration
11 | group: admissionregistration.k8s.io
12 | path: webhooks/clientConfig/service/name
13 |
14 | namespace:
15 | - kind: MutatingWebhookConfiguration
16 | group: admissionregistration.k8s.io
17 | path: webhooks/clientConfig/service/namespace
18 | create: true
19 | - kind: ValidatingWebhookConfiguration
20 | group: admissionregistration.k8s.io
21 | path: webhooks/clientConfig/service/namespace
22 | create: true
23 |
--------------------------------------------------------------------------------
/codes/10_tilt/test/e2e/e2e_suite_test.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | package e2e
18 |
19 | import (
20 | "fmt"
21 | "testing"
22 |
23 | . "github.com/onsi/ginkgo/v2"
24 | . "github.com/onsi/gomega"
25 | )
26 |
27 | // Run e2e tests using the Ginkgo runner.
28 | func TestE2E(t *testing.T) {
29 | RegisterFailHandler(Fail)
30 | _, _ = fmt.Fprintf(GinkgoWriter, "Starting markdown-view suite\n")
31 | RunSpecs(t, "e2e suite")
32 | }
33 |
--------------------------------------------------------------------------------
/codes/30_client/test/e2e/e2e_suite_test.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | package e2e
18 |
19 | import (
20 | "fmt"
21 | "testing"
22 |
23 | . "github.com/onsi/ginkgo/v2"
24 | . "github.com/onsi/gomega"
25 | )
26 |
27 | // Run e2e tests using the Ginkgo runner.
28 | func TestE2E(t *testing.T) {
29 | RegisterFailHandler(Fail)
30 | _, _ = fmt.Fprintf(GinkgoWriter, "Starting markdown-view suite\n")
31 | RunSpecs(t, "e2e suite")
32 | }
33 |
--------------------------------------------------------------------------------
/codes/00_scaffold/test/e2e/e2e_suite_test.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | package e2e
18 |
19 | import (
20 | "fmt"
21 | "testing"
22 |
23 | . "github.com/onsi/ginkgo/v2"
24 | . "github.com/onsi/gomega"
25 | )
26 |
27 | // Run e2e tests using the Ginkgo runner.
28 | func TestE2E(t *testing.T) {
29 | RegisterFailHandler(Fail)
30 | _, _ = fmt.Fprintf(GinkgoWriter, "Starting markdown-view suite\n")
31 | RunSpecs(t, "e2e suite")
32 | }
33 |
--------------------------------------------------------------------------------
/codes/20_manifests/test/e2e/e2e_suite_test.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | package e2e
18 |
19 | import (
20 | "fmt"
21 | "testing"
22 |
23 | . "github.com/onsi/ginkgo/v2"
24 | . "github.com/onsi/gomega"
25 | )
26 |
27 | // Run e2e tests using the Ginkgo runner.
28 | func TestE2E(t *testing.T) {
29 | RegisterFailHandler(Fail)
30 | _, _ = fmt.Fprintf(GinkgoWriter, "Starting markdown-view suite\n")
31 | RunSpecs(t, "e2e suite")
32 | }
33 |
--------------------------------------------------------------------------------
/codes/40_reconcile/test/e2e/e2e_suite_test.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | package e2e
18 |
19 | import (
20 | "fmt"
21 | "testing"
22 |
23 | . "github.com/onsi/ginkgo/v2"
24 | . "github.com/onsi/gomega"
25 | )
26 |
27 | // Run e2e tests using the Ginkgo runner.
28 | func TestE2E(t *testing.T) {
29 | RegisterFailHandler(Fail)
30 | _, _ = fmt.Fprintf(GinkgoWriter, "Starting markdown-view suite\n")
31 | RunSpecs(t, "e2e suite")
32 | }
33 |
--------------------------------------------------------------------------------
/codes/50_completed/test/e2e/e2e_suite_test.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | package e2e
18 |
19 | import (
20 | "fmt"
21 | "testing"
22 |
23 | . "github.com/onsi/ginkgo/v2"
24 | . "github.com/onsi/gomega"
25 | )
26 |
27 | // Run e2e tests using the Ginkgo runner.
28 | func TestE2E(t *testing.T) {
29 | RegisterFailHandler(Fail)
30 | _, _ = fmt.Fprintf(GinkgoWriter, "Starting markdown-view suite\n")
31 | RunSpecs(t, "e2e suite")
32 | }
33 |
--------------------------------------------------------------------------------
/.github/workflows/ci.yaml:
--------------------------------------------------------------------------------
1 | name: main
2 | on:
3 | pull_request:
4 | push:
5 | branches:
6 | - 'main'
7 | tags-ignore:
8 | - '*'
9 | jobs:
10 | test:
11 | name: Test
12 | runs-on: ubuntu-20.04
13 | steps:
14 | - uses: actions/checkout@v3
15 | - uses: aquaproj/aqua-installer@v1.0.0
16 | with:
17 | working_directory: ./codes/50_completed
18 | aqua_version: v1.17.1
19 | - run: make test
20 | working-directory: ./codes/50_completed
21 | tilt:
22 | name: Run tilt ci
23 | runs-on: ubuntu-20.04
24 | steps:
25 | - uses: actions/checkout@v3
26 | - uses: aquaproj/aqua-installer@v1.0.0
27 | with:
28 | working_directory: ./codes/10_tilt
29 | aqua_version: v1.17.1
30 | - run: make controller-gen
31 | working-directory: ./codes/10_tilt
32 | - run: make start
33 | working-directory: ./codes/10_tilt
34 | - run: tilt ci
35 | working-directory: ./codes/10_tilt
36 |
--------------------------------------------------------------------------------
/codes/10_tilt/.golangci.yml:
--------------------------------------------------------------------------------
1 | run:
2 | timeout: 5m
3 | allow-parallel-runners: true
4 |
5 | issues:
6 | # don't skip warning about doc comments
7 | # don't exclude the default set of lint
8 | exclude-use-default: false
9 | # restore some of the defaults
10 | # (fill in the rest as needed)
11 | exclude-rules:
12 | - path: "api/*"
13 | linters:
14 | - lll
15 | - path: "internal/*"
16 | linters:
17 | - dupl
18 | - lll
19 | linters:
20 | disable-all: true
21 | enable:
22 | - dupl
23 | - errcheck
24 | - exportloopref
25 | - ginkgolinter
26 | - goconst
27 | - gocyclo
28 | - gofmt
29 | - goimports
30 | - gosimple
31 | - govet
32 | - ineffassign
33 | - lll
34 | - misspell
35 | - nakedret
36 | - prealloc
37 | - revive
38 | - staticcheck
39 | - typecheck
40 | - unconvert
41 | - unparam
42 | - unused
43 |
44 | linters-settings:
45 | revive:
46 | rules:
47 | - name: comment-spacings
48 |
--------------------------------------------------------------------------------
/codes/00_scaffold/.golangci.yml:
--------------------------------------------------------------------------------
1 | run:
2 | timeout: 5m
3 | allow-parallel-runners: true
4 |
5 | issues:
6 | # don't skip warning about doc comments
7 | # don't exclude the default set of lint
8 | exclude-use-default: false
9 | # restore some of the defaults
10 | # (fill in the rest as needed)
11 | exclude-rules:
12 | - path: "api/*"
13 | linters:
14 | - lll
15 | - path: "internal/*"
16 | linters:
17 | - dupl
18 | - lll
19 | linters:
20 | disable-all: true
21 | enable:
22 | - dupl
23 | - errcheck
24 | - exportloopref
25 | - ginkgolinter
26 | - goconst
27 | - gocyclo
28 | - gofmt
29 | - goimports
30 | - gosimple
31 | - govet
32 | - ineffassign
33 | - lll
34 | - misspell
35 | - nakedret
36 | - prealloc
37 | - revive
38 | - staticcheck
39 | - typecheck
40 | - unconvert
41 | - unparam
42 | - unused
43 |
44 | linters-settings:
45 | revive:
46 | rules:
47 | - name: comment-spacings
48 |
--------------------------------------------------------------------------------
/codes/20_manifests/.golangci.yml:
--------------------------------------------------------------------------------
1 | run:
2 | timeout: 5m
3 | allow-parallel-runners: true
4 |
5 | issues:
6 | # don't skip warning about doc comments
7 | # don't exclude the default set of lint
8 | exclude-use-default: false
9 | # restore some of the defaults
10 | # (fill in the rest as needed)
11 | exclude-rules:
12 | - path: "api/*"
13 | linters:
14 | - lll
15 | - path: "internal/*"
16 | linters:
17 | - dupl
18 | - lll
19 | linters:
20 | disable-all: true
21 | enable:
22 | - dupl
23 | - errcheck
24 | - exportloopref
25 | - ginkgolinter
26 | - goconst
27 | - gocyclo
28 | - gofmt
29 | - goimports
30 | - gosimple
31 | - govet
32 | - ineffassign
33 | - lll
34 | - misspell
35 | - nakedret
36 | - prealloc
37 | - revive
38 | - staticcheck
39 | - typecheck
40 | - unconvert
41 | - unparam
42 | - unused
43 |
44 | linters-settings:
45 | revive:
46 | rules:
47 | - name: comment-spacings
48 |
--------------------------------------------------------------------------------
/codes/30_client/.golangci.yml:
--------------------------------------------------------------------------------
1 | run:
2 | timeout: 5m
3 | allow-parallel-runners: true
4 |
5 | issues:
6 | # don't skip warning about doc comments
7 | # don't exclude the default set of lint
8 | exclude-use-default: false
9 | # restore some of the defaults
10 | # (fill in the rest as needed)
11 | exclude-rules:
12 | - path: "api/*"
13 | linters:
14 | - lll
15 | - path: "internal/*"
16 | linters:
17 | - dupl
18 | - lll
19 | linters:
20 | disable-all: true
21 | enable:
22 | - dupl
23 | - errcheck
24 | - exportloopref
25 | - ginkgolinter
26 | - goconst
27 | - gocyclo
28 | - gofmt
29 | - goimports
30 | - gosimple
31 | - govet
32 | - ineffassign
33 | - lll
34 | - misspell
35 | - nakedret
36 | - prealloc
37 | - revive
38 | - staticcheck
39 | - typecheck
40 | - unconvert
41 | - unparam
42 | - unused
43 |
44 | linters-settings:
45 | revive:
46 | rules:
47 | - name: comment-spacings
48 |
--------------------------------------------------------------------------------
/codes/40_reconcile/.golangci.yml:
--------------------------------------------------------------------------------
1 | run:
2 | timeout: 5m
3 | allow-parallel-runners: true
4 |
5 | issues:
6 | # don't skip warning about doc comments
7 | # don't exclude the default set of lint
8 | exclude-use-default: false
9 | # restore some of the defaults
10 | # (fill in the rest as needed)
11 | exclude-rules:
12 | - path: "api/*"
13 | linters:
14 | - lll
15 | - path: "internal/*"
16 | linters:
17 | - dupl
18 | - lll
19 | linters:
20 | disable-all: true
21 | enable:
22 | - dupl
23 | - errcheck
24 | - exportloopref
25 | - ginkgolinter
26 | - goconst
27 | - gocyclo
28 | - gofmt
29 | - goimports
30 | - gosimple
31 | - govet
32 | - ineffassign
33 | - lll
34 | - misspell
35 | - nakedret
36 | - prealloc
37 | - revive
38 | - staticcheck
39 | - typecheck
40 | - unconvert
41 | - unparam
42 | - unused
43 |
44 | linters-settings:
45 | revive:
46 | rules:
47 | - name: comment-spacings
48 |
--------------------------------------------------------------------------------
/codes/50_completed/.golangci.yml:
--------------------------------------------------------------------------------
1 | run:
2 | timeout: 5m
3 | allow-parallel-runners: true
4 |
5 | issues:
6 | # don't skip warning about doc comments
7 | # don't exclude the default set of lint
8 | exclude-use-default: false
9 | # restore some of the defaults
10 | # (fill in the rest as needed)
11 | exclude-rules:
12 | - path: "api/*"
13 | linters:
14 | - lll
15 | - path: "internal/*"
16 | linters:
17 | - dupl
18 | - lll
19 | linters:
20 | disable-all: true
21 | enable:
22 | - dupl
23 | - errcheck
24 | - exportloopref
25 | - ginkgolinter
26 | - goconst
27 | - gocyclo
28 | - gofmt
29 | - goimports
30 | - gosimple
31 | - govet
32 | - ineffassign
33 | - lll
34 | - misspell
35 | - nakedret
36 | - prealloc
37 | - revive
38 | - staticcheck
39 | - typecheck
40 | - unconvert
41 | - unparam
42 | - unused
43 |
44 | linters-settings:
45 | revive:
46 | rules:
47 | - name: comment-spacings
48 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/crd/kustomization.yaml:
--------------------------------------------------------------------------------
1 | # This kustomization.yaml is not intended to be run by itself,
2 | # since it depends on service name and namespace that are out of this kustomize package.
3 | # It should be run by config/default
4 | resources:
5 | - bases/view.zoetrope.github.io_markdownviews.yaml
6 | # +kubebuilder:scaffold:crdkustomizeresource
7 |
8 | patches:
9 | # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
10 | # patches here are for enabling the conversion webhook for each CRD
11 | - path: patches/webhook_in_markdownviews.yaml
12 | # +kubebuilder:scaffold:crdkustomizewebhookpatch
13 |
14 | # [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix.
15 | # patches here are for enabling the CA injection for each CRD
16 | #- path: patches/cainjection_in_markdownviews.yaml
17 | # +kubebuilder:scaffold:crdkustomizecainjectionpatch
18 |
19 | # [WEBHOOK] To enable webhook, uncomment the following section
20 | # the following config is for teaching kustomize how to do kustomization for CRDs.
21 |
22 | configurations:
23 | - kustomizeconfig.yaml
24 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/crd/kustomization.yaml:
--------------------------------------------------------------------------------
1 | # This kustomization.yaml is not intended to be run by itself,
2 | # since it depends on service name and namespace that are out of this kustomize package.
3 | # It should be run by config/default
4 | resources:
5 | - bases/view.zoetrope.github.io_markdownviews.yaml
6 | # +kubebuilder:scaffold:crdkustomizeresource
7 |
8 | patches:
9 | # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
10 | # patches here are for enabling the conversion webhook for each CRD
11 | - path: patches/webhook_in_markdownviews.yaml
12 | # +kubebuilder:scaffold:crdkustomizewebhookpatch
13 |
14 | # [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix.
15 | # patches here are for enabling the CA injection for each CRD
16 | #- path: patches/cainjection_in_markdownviews.yaml
17 | # +kubebuilder:scaffold:crdkustomizecainjectionpatch
18 |
19 | # [WEBHOOK] To enable webhook, uncomment the following section
20 | # the following config is for teaching kustomize how to do kustomization for CRDs.
21 |
22 | configurations:
23 | - kustomizeconfig.yaml
24 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/crd/kustomization.yaml:
--------------------------------------------------------------------------------
1 | # This kustomization.yaml is not intended to be run by itself,
2 | # since it depends on service name and namespace that are out of this kustomize package.
3 | # It should be run by config/default
4 | resources:
5 | - bases/view.zoetrope.github.io_markdownviews.yaml
6 | # +kubebuilder:scaffold:crdkustomizeresource
7 |
8 | patches:
9 | # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
10 | # patches here are for enabling the conversion webhook for each CRD
11 | - path: patches/webhook_in_markdownviews.yaml
12 | # +kubebuilder:scaffold:crdkustomizewebhookpatch
13 |
14 | # [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix.
15 | # patches here are for enabling the CA injection for each CRD
16 | #- path: patches/cainjection_in_markdownviews.yaml
17 | # +kubebuilder:scaffold:crdkustomizecainjectionpatch
18 |
19 | # [WEBHOOK] To enable webhook, uncomment the following section
20 | # the following config is for teaching kustomize how to do kustomization for CRDs.
21 |
22 | configurations:
23 | - kustomizeconfig.yaml
24 |
--------------------------------------------------------------------------------
/codes/30_client/config/crd/kustomization.yaml:
--------------------------------------------------------------------------------
1 | # This kustomization.yaml is not intended to be run by itself,
2 | # since it depends on service name and namespace that are out of this kustomize package.
3 | # It should be run by config/default
4 | resources:
5 | - bases/view.zoetrope.github.io_markdownviews.yaml
6 | # +kubebuilder:scaffold:crdkustomizeresource
7 |
8 | patches:
9 | # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
10 | # patches here are for enabling the conversion webhook for each CRD
11 | - path: patches/webhook_in_markdownviews.yaml
12 | # +kubebuilder:scaffold:crdkustomizewebhookpatch
13 |
14 | # [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix.
15 | # patches here are for enabling the CA injection for each CRD
16 | #- path: patches/cainjection_in_markdownviews.yaml
17 | # +kubebuilder:scaffold:crdkustomizecainjectionpatch
18 |
19 | # [WEBHOOK] To enable webhook, uncomment the following section
20 | # the following config is for teaching kustomize how to do kustomization for CRDs.
21 |
22 | configurations:
23 | - kustomizeconfig.yaml
24 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/crd/kustomization.yaml:
--------------------------------------------------------------------------------
1 | # This kustomization.yaml is not intended to be run by itself,
2 | # since it depends on service name and namespace that are out of this kustomize package.
3 | # It should be run by config/default
4 | resources:
5 | - bases/view.zoetrope.github.io_markdownviews.yaml
6 | # +kubebuilder:scaffold:crdkustomizeresource
7 |
8 | patches:
9 | # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
10 | # patches here are for enabling the conversion webhook for each CRD
11 | - path: patches/webhook_in_markdownviews.yaml
12 | # +kubebuilder:scaffold:crdkustomizewebhookpatch
13 |
14 | # [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix.
15 | # patches here are for enabling the CA injection for each CRD
16 | #- path: patches/cainjection_in_markdownviews.yaml
17 | # +kubebuilder:scaffold:crdkustomizecainjectionpatch
18 |
19 | # [WEBHOOK] To enable webhook, uncomment the following section
20 | # the following config is for teaching kustomize how to do kustomization for CRDs.
21 |
22 | configurations:
23 | - kustomizeconfig.yaml
24 |
--------------------------------------------------------------------------------
/codes/50_completed/config/crd/kustomization.yaml:
--------------------------------------------------------------------------------
1 | # This kustomization.yaml is not intended to be run by itself,
2 | # since it depends on service name and namespace that are out of this kustomize package.
3 | # It should be run by config/default
4 | resources:
5 | - bases/view.zoetrope.github.io_markdownviews.yaml
6 | # +kubebuilder:scaffold:crdkustomizeresource
7 |
8 | patches:
9 | # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
10 | # patches here are for enabling the conversion webhook for each CRD
11 | - path: patches/webhook_in_markdownviews.yaml
12 | # +kubebuilder:scaffold:crdkustomizewebhookpatch
13 |
14 | # [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix.
15 | # patches here are for enabling the CA injection for each CRD
16 | #- path: patches/cainjection_in_markdownviews.yaml
17 | # +kubebuilder:scaffold:crdkustomizecainjectionpatch
18 |
19 | # [WEBHOOK] To enable webhook, uncomment the following section
20 | # the following config is for teaching kustomize how to do kustomization for CRDs.
21 |
22 | configurations:
23 | - kustomizeconfig.yaml
24 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/default/webhookcainjection_patch.yaml:
--------------------------------------------------------------------------------
1 | # This patch add annotation to admission webhook config and
2 | # CERTIFICATE_NAMESPACE and CERTIFICATE_NAME will be substituted by kustomize
3 | apiVersion: admissionregistration.k8s.io/v1
4 | kind: MutatingWebhookConfiguration
5 | metadata:
6 | labels:
7 | app.kubernetes.io/name: markdown-view
8 | app.kubernetes.io/managed-by: kustomize
9 | name: mutating-webhook-configuration
10 | annotations:
11 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
12 | ---
13 | apiVersion: admissionregistration.k8s.io/v1
14 | kind: ValidatingWebhookConfiguration
15 | metadata:
16 | labels:
17 | app.kubernetes.io/name: validatingwebhookconfiguration
18 | app.kubernetes.io/instance: validating-webhook-configuration
19 | app.kubernetes.io/component: webhook
20 | app.kubernetes.io/created-by: markdown-view
21 | app.kubernetes.io/part-of: markdown-view
22 | app.kubernetes.io/managed-by: kustomize
23 | name: validating-webhook-configuration
24 | annotations:
25 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
26 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/default/webhookcainjection_patch.yaml:
--------------------------------------------------------------------------------
1 | # This patch add annotation to admission webhook config and
2 | # CERTIFICATE_NAMESPACE and CERTIFICATE_NAME will be substituted by kustomize
3 | apiVersion: admissionregistration.k8s.io/v1
4 | kind: MutatingWebhookConfiguration
5 | metadata:
6 | labels:
7 | app.kubernetes.io/name: markdown-view
8 | app.kubernetes.io/managed-by: kustomize
9 | name: mutating-webhook-configuration
10 | annotations:
11 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
12 | ---
13 | apiVersion: admissionregistration.k8s.io/v1
14 | kind: ValidatingWebhookConfiguration
15 | metadata:
16 | labels:
17 | app.kubernetes.io/name: validatingwebhookconfiguration
18 | app.kubernetes.io/instance: validating-webhook-configuration
19 | app.kubernetes.io/component: webhook
20 | app.kubernetes.io/created-by: markdown-view
21 | app.kubernetes.io/part-of: markdown-view
22 | app.kubernetes.io/managed-by: kustomize
23 | name: validating-webhook-configuration
24 | annotations:
25 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
26 |
--------------------------------------------------------------------------------
/codes/30_client/config/default/webhookcainjection_patch.yaml:
--------------------------------------------------------------------------------
1 | # This patch add annotation to admission webhook config and
2 | # CERTIFICATE_NAMESPACE and CERTIFICATE_NAME will be substituted by kustomize
3 | apiVersion: admissionregistration.k8s.io/v1
4 | kind: MutatingWebhookConfiguration
5 | metadata:
6 | labels:
7 | app.kubernetes.io/name: markdown-view
8 | app.kubernetes.io/managed-by: kustomize
9 | name: mutating-webhook-configuration
10 | annotations:
11 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
12 | ---
13 | apiVersion: admissionregistration.k8s.io/v1
14 | kind: ValidatingWebhookConfiguration
15 | metadata:
16 | labels:
17 | app.kubernetes.io/name: validatingwebhookconfiguration
18 | app.kubernetes.io/instance: validating-webhook-configuration
19 | app.kubernetes.io/component: webhook
20 | app.kubernetes.io/created-by: markdown-view
21 | app.kubernetes.io/part-of: markdown-view
22 | app.kubernetes.io/managed-by: kustomize
23 | name: validating-webhook-configuration
24 | annotations:
25 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
26 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/default/webhookcainjection_patch.yaml:
--------------------------------------------------------------------------------
1 | # This patch add annotation to admission webhook config and
2 | # CERTIFICATE_NAMESPACE and CERTIFICATE_NAME will be substituted by kustomize
3 | apiVersion: admissionregistration.k8s.io/v1
4 | kind: MutatingWebhookConfiguration
5 | metadata:
6 | labels:
7 | app.kubernetes.io/name: markdown-view
8 | app.kubernetes.io/managed-by: kustomize
9 | name: mutating-webhook-configuration
10 | annotations:
11 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
12 | ---
13 | apiVersion: admissionregistration.k8s.io/v1
14 | kind: ValidatingWebhookConfiguration
15 | metadata:
16 | labels:
17 | app.kubernetes.io/name: validatingwebhookconfiguration
18 | app.kubernetes.io/instance: validating-webhook-configuration
19 | app.kubernetes.io/component: webhook
20 | app.kubernetes.io/created-by: markdown-view
21 | app.kubernetes.io/part-of: markdown-view
22 | app.kubernetes.io/managed-by: kustomize
23 | name: validating-webhook-configuration
24 | annotations:
25 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
26 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/default/webhookcainjection_patch.yaml:
--------------------------------------------------------------------------------
1 | # This patch add annotation to admission webhook config and
2 | # CERTIFICATE_NAMESPACE and CERTIFICATE_NAME will be substituted by kustomize
3 | apiVersion: admissionregistration.k8s.io/v1
4 | kind: MutatingWebhookConfiguration
5 | metadata:
6 | labels:
7 | app.kubernetes.io/name: markdown-view
8 | app.kubernetes.io/managed-by: kustomize
9 | name: mutating-webhook-configuration
10 | annotations:
11 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
12 | ---
13 | apiVersion: admissionregistration.k8s.io/v1
14 | kind: ValidatingWebhookConfiguration
15 | metadata:
16 | labels:
17 | app.kubernetes.io/name: validatingwebhookconfiguration
18 | app.kubernetes.io/instance: validating-webhook-configuration
19 | app.kubernetes.io/component: webhook
20 | app.kubernetes.io/created-by: markdown-view
21 | app.kubernetes.io/part-of: markdown-view
22 | app.kubernetes.io/managed-by: kustomize
23 | name: validating-webhook-configuration
24 | annotations:
25 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
26 |
--------------------------------------------------------------------------------
/codes/50_completed/config/default/webhookcainjection_patch.yaml:
--------------------------------------------------------------------------------
1 | # This patch add annotation to admission webhook config and
2 | # CERTIFICATE_NAMESPACE and CERTIFICATE_NAME will be substituted by kustomize
3 | apiVersion: admissionregistration.k8s.io/v1
4 | kind: MutatingWebhookConfiguration
5 | metadata:
6 | labels:
7 | app.kubernetes.io/name: markdown-view
8 | app.kubernetes.io/managed-by: kustomize
9 | name: mutating-webhook-configuration
10 | annotations:
11 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
12 | ---
13 | apiVersion: admissionregistration.k8s.io/v1
14 | kind: ValidatingWebhookConfiguration
15 | metadata:
16 | labels:
17 | app.kubernetes.io/name: validatingwebhookconfiguration
18 | app.kubernetes.io/instance: validating-webhook-configuration
19 | app.kubernetes.io/component: webhook
20 | app.kubernetes.io/created-by: markdown-view
21 | app.kubernetes.io/part-of: markdown-view
22 | app.kubernetes.io/managed-by: kustomize
23 | name: validating-webhook-configuration
24 | annotations:
25 | cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
26 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2020 Akihiro Ikezoe
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/docs/controller-tools/rbac.md:
--------------------------------------------------------------------------------
1 | # RBACマニフェストの生成
2 |
3 | KubernetesではRBAC(Role-based access control)によりリソースへのアクセス権を制御できます。
4 | カスタムコントローラーにおいても、利用するリソースにのみアクセスできるように適切な権限を設定する必要があります。
5 |
6 | controller-genでは、Goのソースコード中に埋め込まれたマーカーを元にRBACのマニフェストを生成できます。
7 |
8 | まずはKubebuilderによって生成されたマーカーを見てみましょう。
9 |
10 | [import:"rbac"](../../codes/00_scaffold/internal/controller/markdownview_controller.go)
11 |
12 | - `groups`: 権限を与えたいリソースのAPIグループを指定します。
13 | - `resources`: 権限を与えたいリソースの種類を指定します。
14 | - `verb`: どのような権限を与えるのかを指定します。コントローラーがおこなう操作に応じた権限を指定します。
15 |
16 | MarkdownViewリソースと、そのサブリソースである`status`と`finalizer`に権限が付与されています。
17 | なお、サブリソースはlistやcreate,delete操作をおこなえないので`get;update;patch`の権限のみが付与されています。
18 |
19 | これらに加えてMarkdownViewコントローラーが作成するConfigMap, Deployment, Service, Eventリソースを操作する権限のマーカーを追加しましょう。
20 |
21 | [import:"rbac"](../../codes/20_manifests/internal/controller/markdownview_controller.go)
22 |
23 | なお、controller-runtimeの提供するClientは、Getでリソースを取得した場合も裏でListやWatchを呼び出しています。
24 | そのためgetしかしない場合でも、get, list, watchを許可しておきましょう。
25 |
26 | `make manifests`を実行すると以下のように`config/rbac/role.yaml`が更新されます。
27 |
28 | [import](../../codes/20_manifests/config/rbac/role.yaml)
29 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/rbac/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | # All RBAC will be applied under this service account in
3 | # the deployment namespace. You may comment out this resource
4 | # if your manager will use a service account that exists at
5 | # runtime. Be sure to update RoleBinding and ClusterRoleBinding
6 | # subjects if changing service account names.
7 | - service_account.yaml
8 | - role.yaml
9 | - role_binding.yaml
10 | - leader_election_role.yaml
11 | - leader_election_role_binding.yaml
12 | # The following RBAC configurations are used to protect
13 | # the metrics endpoint with authn/authz. These configurations
14 | # ensure that only authorized users and service accounts
15 | # can access the metrics endpoint. Comment the following
16 | # permissions if you want to disable this protection.
17 | # More info: https://book.kubebuilder.io/reference/metrics.html
18 | - metrics_auth_role.yaml
19 | - metrics_auth_role_binding.yaml
20 | - metrics_reader_role.yaml
21 | # For each CRD, "Editor" and "Viewer" roles are scaffolded by
22 | # default, aiding admins in cluster management. Those roles are
23 | # not used by the Project itself. You can comment the following lines
24 | # if you do not want those helpers be installed with your Project.
25 | - markdownview_editor_role.yaml
26 | - markdownview_viewer_role.yaml
27 |
28 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/rbac/role.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | name: manager-role
6 | rules:
7 | - apiGroups:
8 | - apps
9 | resources:
10 | - deployments
11 | verbs:
12 | - create
13 | - delete
14 | - get
15 | - list
16 | - patch
17 | - update
18 | - watch
19 | - apiGroups:
20 | - ""
21 | resources:
22 | - configmaps
23 | verbs:
24 | - create
25 | - delete
26 | - get
27 | - list
28 | - patch
29 | - update
30 | - watch
31 | - apiGroups:
32 | - ""
33 | resources:
34 | - events
35 | verbs:
36 | - create
37 | - patch
38 | - update
39 | - apiGroups:
40 | - ""
41 | resources:
42 | - services
43 | verbs:
44 | - create
45 | - delete
46 | - get
47 | - list
48 | - patch
49 | - update
50 | - watch
51 | - apiGroups:
52 | - view.zoetrope.github.io
53 | resources:
54 | - markdownviews
55 | verbs:
56 | - create
57 | - delete
58 | - get
59 | - list
60 | - patch
61 | - update
62 | - watch
63 | - apiGroups:
64 | - view.zoetrope.github.io
65 | resources:
66 | - markdownviews/finalizers
67 | verbs:
68 | - update
69 | - apiGroups:
70 | - view.zoetrope.github.io
71 | resources:
72 | - markdownviews/status
73 | verbs:
74 | - get
75 | - patch
76 | - update
77 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/rbac/role.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | name: manager-role
6 | rules:
7 | - apiGroups:
8 | - apps
9 | resources:
10 | - deployments
11 | verbs:
12 | - create
13 | - delete
14 | - get
15 | - list
16 | - patch
17 | - update
18 | - watch
19 | - apiGroups:
20 | - ""
21 | resources:
22 | - configmaps
23 | verbs:
24 | - create
25 | - delete
26 | - get
27 | - list
28 | - patch
29 | - update
30 | - watch
31 | - apiGroups:
32 | - ""
33 | resources:
34 | - events
35 | verbs:
36 | - create
37 | - patch
38 | - update
39 | - apiGroups:
40 | - ""
41 | resources:
42 | - services
43 | verbs:
44 | - create
45 | - delete
46 | - get
47 | - list
48 | - patch
49 | - update
50 | - watch
51 | - apiGroups:
52 | - view.zoetrope.github.io
53 | resources:
54 | - markdownviews
55 | verbs:
56 | - create
57 | - delete
58 | - get
59 | - list
60 | - patch
61 | - update
62 | - watch
63 | - apiGroups:
64 | - view.zoetrope.github.io
65 | resources:
66 | - markdownviews/finalizers
67 | verbs:
68 | - update
69 | - apiGroups:
70 | - view.zoetrope.github.io
71 | resources:
72 | - markdownviews/status
73 | verbs:
74 | - get
75 | - patch
76 | - update
77 |
--------------------------------------------------------------------------------
/codes/50_completed/config/rbac/role.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | name: manager-role
6 | rules:
7 | - apiGroups:
8 | - apps
9 | resources:
10 | - deployments
11 | verbs:
12 | - create
13 | - delete
14 | - get
15 | - list
16 | - patch
17 | - update
18 | - watch
19 | - apiGroups:
20 | - ""
21 | resources:
22 | - configmaps
23 | verbs:
24 | - create
25 | - delete
26 | - get
27 | - list
28 | - patch
29 | - update
30 | - watch
31 | - apiGroups:
32 | - ""
33 | resources:
34 | - events
35 | verbs:
36 | - create
37 | - patch
38 | - update
39 | - apiGroups:
40 | - ""
41 | resources:
42 | - services
43 | verbs:
44 | - create
45 | - delete
46 | - get
47 | - list
48 | - patch
49 | - update
50 | - watch
51 | - apiGroups:
52 | - view.zoetrope.github.io
53 | resources:
54 | - markdownviews
55 | verbs:
56 | - create
57 | - delete
58 | - get
59 | - list
60 | - patch
61 | - update
62 | - watch
63 | - apiGroups:
64 | - view.zoetrope.github.io
65 | resources:
66 | - markdownviews/finalizers
67 | verbs:
68 | - update
69 | - apiGroups:
70 | - view.zoetrope.github.io
71 | resources:
72 | - markdownviews/status
73 | verbs:
74 | - get
75 | - patch
76 | - update
77 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/rbac/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | # All RBAC will be applied under this service account in
3 | # the deployment namespace. You may comment out this resource
4 | # if your manager will use a service account that exists at
5 | # runtime. Be sure to update RoleBinding and ClusterRoleBinding
6 | # subjects if changing service account names.
7 | - service_account.yaml
8 | - role.yaml
9 | - role_binding.yaml
10 | - leader_election_role.yaml
11 | - leader_election_role_binding.yaml
12 | # The following RBAC configurations are used to protect
13 | # the metrics endpoint with authn/authz. These configurations
14 | # ensure that only authorized users and service accounts
15 | # can access the metrics endpoint. Comment the following
16 | # permissions if you want to disable this protection.
17 | # More info: https://book.kubebuilder.io/reference/metrics.html
18 | - metrics_auth_role.yaml
19 | - metrics_auth_role_binding.yaml
20 | - metrics_reader_role.yaml
21 | # For each CRD, "Editor" and "Viewer" roles are scaffolded by
22 | # default, aiding admins in cluster management. Those roles are
23 | # not used by the Project itself. You can comment the following lines
24 | # if you do not want those helpers be installed with your Project.
25 | - markdownview_editor_role.yaml
26 | - markdownview_viewer_role.yaml
27 |
28 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/rbac/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | # All RBAC will be applied under this service account in
3 | # the deployment namespace. You may comment out this resource
4 | # if your manager will use a service account that exists at
5 | # runtime. Be sure to update RoleBinding and ClusterRoleBinding
6 | # subjects if changing service account names.
7 | - service_account.yaml
8 | - role.yaml
9 | - role_binding.yaml
10 | - leader_election_role.yaml
11 | - leader_election_role_binding.yaml
12 | # The following RBAC configurations are used to protect
13 | # the metrics endpoint with authn/authz. These configurations
14 | # ensure that only authorized users and service accounts
15 | # can access the metrics endpoint. Comment the following
16 | # permissions if you want to disable this protection.
17 | # More info: https://book.kubebuilder.io/reference/metrics.html
18 | - metrics_auth_role.yaml
19 | - metrics_auth_role_binding.yaml
20 | - metrics_reader_role.yaml
21 | # For each CRD, "Editor" and "Viewer" roles are scaffolded by
22 | # default, aiding admins in cluster management. Those roles are
23 | # not used by the Project itself. You can comment the following lines
24 | # if you do not want those helpers be installed with your Project.
25 | - markdownview_editor_role.yaml
26 | - markdownview_viewer_role.yaml
27 |
28 |
--------------------------------------------------------------------------------
/codes/30_client/config/rbac/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | # All RBAC will be applied under this service account in
3 | # the deployment namespace. You may comment out this resource
4 | # if your manager will use a service account that exists at
5 | # runtime. Be sure to update RoleBinding and ClusterRoleBinding
6 | # subjects if changing service account names.
7 | - service_account.yaml
8 | - role.yaml
9 | - role_binding.yaml
10 | - leader_election_role.yaml
11 | - leader_election_role_binding.yaml
12 | # The following RBAC configurations are used to protect
13 | # the metrics endpoint with authn/authz. These configurations
14 | # ensure that only authorized users and service accounts
15 | # can access the metrics endpoint. Comment the following
16 | # permissions if you want to disable this protection.
17 | # More info: https://book.kubebuilder.io/reference/metrics.html
18 | - metrics_auth_role.yaml
19 | - metrics_auth_role_binding.yaml
20 | - metrics_reader_role.yaml
21 | # For each CRD, "Editor" and "Viewer" roles are scaffolded by
22 | # default, aiding admins in cluster management. Those roles are
23 | # not used by the Project itself. You can comment the following lines
24 | # if you do not want those helpers be installed with your Project.
25 | - markdownview_editor_role.yaml
26 | - markdownview_viewer_role.yaml
27 |
28 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/rbac/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | # All RBAC will be applied under this service account in
3 | # the deployment namespace. You may comment out this resource
4 | # if your manager will use a service account that exists at
5 | # runtime. Be sure to update RoleBinding and ClusterRoleBinding
6 | # subjects if changing service account names.
7 | - service_account.yaml
8 | - role.yaml
9 | - role_binding.yaml
10 | - leader_election_role.yaml
11 | - leader_election_role_binding.yaml
12 | # The following RBAC configurations are used to protect
13 | # the metrics endpoint with authn/authz. These configurations
14 | # ensure that only authorized users and service accounts
15 | # can access the metrics endpoint. Comment the following
16 | # permissions if you want to disable this protection.
17 | # More info: https://book.kubebuilder.io/reference/metrics.html
18 | - metrics_auth_role.yaml
19 | - metrics_auth_role_binding.yaml
20 | - metrics_reader_role.yaml
21 | # For each CRD, "Editor" and "Viewer" roles are scaffolded by
22 | # default, aiding admins in cluster management. Those roles are
23 | # not used by the Project itself. You can comment the following lines
24 | # if you do not want those helpers be installed with your Project.
25 | - markdownview_editor_role.yaml
26 | - markdownview_viewer_role.yaml
27 |
28 |
--------------------------------------------------------------------------------
/codes/50_completed/config/rbac/kustomization.yaml:
--------------------------------------------------------------------------------
1 | resources:
2 | # All RBAC will be applied under this service account in
3 | # the deployment namespace. You may comment out this resource
4 | # if your manager will use a service account that exists at
5 | # runtime. Be sure to update RoleBinding and ClusterRoleBinding
6 | # subjects if changing service account names.
7 | - service_account.yaml
8 | - role.yaml
9 | - role_binding.yaml
10 | - leader_election_role.yaml
11 | - leader_election_role_binding.yaml
12 | # The following RBAC configurations are used to protect
13 | # the metrics endpoint with authn/authz. These configurations
14 | # ensure that only authorized users and service accounts
15 | # can access the metrics endpoint. Comment the following
16 | # permissions if you want to disable this protection.
17 | # More info: https://book.kubebuilder.io/reference/metrics.html
18 | - metrics_auth_role.yaml
19 | - metrics_auth_role_binding.yaml
20 | - metrics_reader_role.yaml
21 | # For each CRD, "Editor" and "Viewer" roles are scaffolded by
22 | # default, aiding admins in cluster management. Those roles are
23 | # not used by the Project itself. You can comment the following lines
24 | # if you do not want those helpers be installed with your Project.
25 | - markdownview_editor_role.yaml
26 | - markdownview_viewer_role.yaml
27 |
28 |
--------------------------------------------------------------------------------
/codes/30_client/config/rbac/role.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | name: manager-role
6 | rules:
7 | - apiGroups:
8 | - apps
9 | resources:
10 | - deployments
11 | verbs:
12 | - create
13 | - delete
14 | - deletecollection
15 | - get
16 | - list
17 | - patch
18 | - update
19 | - watch
20 | - apiGroups:
21 | - ""
22 | resources:
23 | - configmaps
24 | verbs:
25 | - create
26 | - delete
27 | - get
28 | - list
29 | - patch
30 | - update
31 | - watch
32 | - apiGroups:
33 | - ""
34 | resources:
35 | - events
36 | verbs:
37 | - create
38 | - patch
39 | - update
40 | - apiGroups:
41 | - ""
42 | resources:
43 | - services
44 | verbs:
45 | - create
46 | - delete
47 | - get
48 | - list
49 | - patch
50 | - update
51 | - watch
52 | - apiGroups:
53 | - view.zoetrope.github.io
54 | resources:
55 | - markdownviews
56 | verbs:
57 | - create
58 | - delete
59 | - get
60 | - list
61 | - patch
62 | - update
63 | - watch
64 | - apiGroups:
65 | - view.zoetrope.github.io
66 | resources:
67 | - markdownviews/finalizers
68 | verbs:
69 | - update
70 | - apiGroups:
71 | - view.zoetrope.github.io
72 | resources:
73 | - markdownviews/status
74 | verbs:
75 | - get
76 | - patch
77 | - update
78 |
--------------------------------------------------------------------------------
/docs/introduction/references.md:
--------------------------------------------------------------------------------
1 | # 参考情報
2 |
3 | ## 参考資料
4 |
5 | 本資料では端折っている内容も多々あるので、より詳しく知りたい場合は下記の資料を参考にしてください。
6 |
7 | - [The Kubebuilder Book](https://book.kubebuilder.io/)
8 | - Kubebuilderの公式ドキュメントです。
9 | - [実践入門Kubernetesカスタムコントローラへの道](https://nextpublishing.jp/book/11389.html)
10 | - カスタムコントローラーを作成するための知識を幅広くかつ分かりやすく解説している書籍です。
11 | - client-go, Kubebuilder, Operator SDKを利用したコントローラーの実装方法が解説されています。
12 | - [Programming Kubernetes](https://learning.oreilly.com/library/view/programming-kubernetes/9781492047094/)
13 | - client-goやカスタムリソースなど、コントローラーを開発する上で必要なKubernetesの構成要素を詳細に解説している書籍です。
14 | - [Zenn - zoetroの記事一覧](https://zenn.dev/zoetro)
15 | - ReconcileループでServer Side Applyを利用する方法や、controller-runtimeのロギング機能など、本資料の補足的な内容の記事を書いています。
16 |
17 | ## 参考実装
18 |
19 | 本資料で紹介しているテクニックは下記のプロジェクトで実際に使われているものを参考にしています。
20 | 興味があればぜひコードリーディングしてみてください。
21 |
22 | - [TopoLVM](https://github.com/topolvm/topolvm)
23 | - LVMを利用したDynamic Provisioning可能なCSIプラグイン実装
24 | - [MOCO](https://github.com/cybozu-go/moco)
25 | - MySQLクラスターの構築を自動化するオペレーター
26 | - [Coil](https://github.com/cybozu-go/coil)
27 | - CNIプラグイン
28 | - [Accurate](https://github.com/cybozu-go/accurate)
29 | - Subnamespaceの管理やリソースの伝播をおこなうためのコントローラー
30 | - [Pod Security Admission](https://github.com/cybozu-go/pod-security-admission)
31 | - Podのセキュリティ関連のポリシーを適用するAdmission WebHook実装
32 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/webhook/manifests.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: admissionregistration.k8s.io/v1
3 | kind: MutatingWebhookConfiguration
4 | metadata:
5 | name: mutating-webhook-configuration
6 | webhooks:
7 | - admissionReviewVersions:
8 | - v1
9 | clientConfig:
10 | service:
11 | name: webhook-service
12 | namespace: system
13 | path: /mutate-view-zoetrope-github-io-v1-markdownview
14 | failurePolicy: Fail
15 | name: mmarkdownview.kb.io
16 | rules:
17 | - apiGroups:
18 | - view.zoetrope.github.io
19 | apiVersions:
20 | - v1
21 | operations:
22 | - CREATE
23 | - UPDATE
24 | resources:
25 | - markdownviews
26 | sideEffects: None
27 | ---
28 | apiVersion: admissionregistration.k8s.io/v1
29 | kind: ValidatingWebhookConfiguration
30 | metadata:
31 | name: validating-webhook-configuration
32 | webhooks:
33 | - admissionReviewVersions:
34 | - v1
35 | clientConfig:
36 | service:
37 | name: webhook-service
38 | namespace: system
39 | path: /validate-view-zoetrope-github-io-v1-markdownview
40 | failurePolicy: Fail
41 | name: vmarkdownview.kb.io
42 | rules:
43 | - apiGroups:
44 | - view.zoetrope.github.io
45 | apiVersions:
46 | - v1
47 | operations:
48 | - CREATE
49 | - UPDATE
50 | resources:
51 | - markdownviews
52 | sideEffects: None
53 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/webhook/manifests.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: admissionregistration.k8s.io/v1
3 | kind: MutatingWebhookConfiguration
4 | metadata:
5 | name: mutating-webhook-configuration
6 | webhooks:
7 | - admissionReviewVersions:
8 | - v1
9 | clientConfig:
10 | service:
11 | name: webhook-service
12 | namespace: system
13 | path: /mutate-view-zoetrope-github-io-v1-markdownview
14 | failurePolicy: Fail
15 | name: mmarkdownview.kb.io
16 | rules:
17 | - apiGroups:
18 | - view.zoetrope.github.io
19 | apiVersions:
20 | - v1
21 | operations:
22 | - CREATE
23 | - UPDATE
24 | resources:
25 | - markdownviews
26 | sideEffects: None
27 | ---
28 | apiVersion: admissionregistration.k8s.io/v1
29 | kind: ValidatingWebhookConfiguration
30 | metadata:
31 | name: validating-webhook-configuration
32 | webhooks:
33 | - admissionReviewVersions:
34 | - v1
35 | clientConfig:
36 | service:
37 | name: webhook-service
38 | namespace: system
39 | path: /validate-view-zoetrope-github-io-v1-markdownview
40 | failurePolicy: Fail
41 | name: vmarkdownview.kb.io
42 | rules:
43 | - apiGroups:
44 | - view.zoetrope.github.io
45 | apiVersions:
46 | - v1
47 | operations:
48 | - CREATE
49 | - UPDATE
50 | resources:
51 | - markdownviews
52 | sideEffects: None
53 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/webhook/manifests.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: admissionregistration.k8s.io/v1
3 | kind: MutatingWebhookConfiguration
4 | metadata:
5 | name: mutating-webhook-configuration
6 | webhooks:
7 | - admissionReviewVersions:
8 | - v1
9 | clientConfig:
10 | service:
11 | name: webhook-service
12 | namespace: system
13 | path: /mutate-view-zoetrope-github-io-v1-markdownview
14 | failurePolicy: Fail
15 | name: mmarkdownview.kb.io
16 | rules:
17 | - apiGroups:
18 | - view.zoetrope.github.io
19 | apiVersions:
20 | - v1
21 | operations:
22 | - CREATE
23 | - UPDATE
24 | resources:
25 | - markdownviews
26 | sideEffects: None
27 | ---
28 | apiVersion: admissionregistration.k8s.io/v1
29 | kind: ValidatingWebhookConfiguration
30 | metadata:
31 | name: validating-webhook-configuration
32 | webhooks:
33 | - admissionReviewVersions:
34 | - v1
35 | clientConfig:
36 | service:
37 | name: webhook-service
38 | namespace: system
39 | path: /validate-view-zoetrope-github-io-v1-markdownview
40 | failurePolicy: Fail
41 | name: vmarkdownview.kb.io
42 | rules:
43 | - apiGroups:
44 | - view.zoetrope.github.io
45 | apiVersions:
46 | - v1
47 | operations:
48 | - CREATE
49 | - UPDATE
50 | resources:
51 | - markdownviews
52 | sideEffects: None
53 |
--------------------------------------------------------------------------------
/codes/30_client/config/webhook/manifests.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: admissionregistration.k8s.io/v1
3 | kind: MutatingWebhookConfiguration
4 | metadata:
5 | name: mutating-webhook-configuration
6 | webhooks:
7 | - admissionReviewVersions:
8 | - v1
9 | clientConfig:
10 | service:
11 | name: webhook-service
12 | namespace: system
13 | path: /mutate-view-zoetrope-github-io-v1-markdownview
14 | failurePolicy: Fail
15 | name: mmarkdownview.kb.io
16 | rules:
17 | - apiGroups:
18 | - view.zoetrope.github.io
19 | apiVersions:
20 | - v1
21 | operations:
22 | - CREATE
23 | - UPDATE
24 | resources:
25 | - markdownviews
26 | sideEffects: None
27 | ---
28 | apiVersion: admissionregistration.k8s.io/v1
29 | kind: ValidatingWebhookConfiguration
30 | metadata:
31 | name: validating-webhook-configuration
32 | webhooks:
33 | - admissionReviewVersions:
34 | - v1
35 | clientConfig:
36 | service:
37 | name: webhook-service
38 | namespace: system
39 | path: /validate-view-zoetrope-github-io-v1-markdownview
40 | failurePolicy: Fail
41 | name: vmarkdownview.kb.io
42 | rules:
43 | - apiGroups:
44 | - view.zoetrope.github.io
45 | apiVersions:
46 | - v1
47 | operations:
48 | - CREATE
49 | - UPDATE
50 | resources:
51 | - markdownviews
52 | sideEffects: None
53 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/webhook/manifests.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: admissionregistration.k8s.io/v1
3 | kind: MutatingWebhookConfiguration
4 | metadata:
5 | name: mutating-webhook-configuration
6 | webhooks:
7 | - admissionReviewVersions:
8 | - v1
9 | clientConfig:
10 | service:
11 | name: webhook-service
12 | namespace: system
13 | path: /mutate-view-zoetrope-github-io-v1-markdownview
14 | failurePolicy: Fail
15 | name: mmarkdownview.kb.io
16 | rules:
17 | - apiGroups:
18 | - view.zoetrope.github.io
19 | apiVersions:
20 | - v1
21 | operations:
22 | - CREATE
23 | - UPDATE
24 | resources:
25 | - markdownviews
26 | sideEffects: None
27 | ---
28 | apiVersion: admissionregistration.k8s.io/v1
29 | kind: ValidatingWebhookConfiguration
30 | metadata:
31 | name: validating-webhook-configuration
32 | webhooks:
33 | - admissionReviewVersions:
34 | - v1
35 | clientConfig:
36 | service:
37 | name: webhook-service
38 | namespace: system
39 | path: /validate-view-zoetrope-github-io-v1-markdownview
40 | failurePolicy: Fail
41 | name: vmarkdownview.kb.io
42 | rules:
43 | - apiGroups:
44 | - view.zoetrope.github.io
45 | apiVersions:
46 | - v1
47 | operations:
48 | - CREATE
49 | - UPDATE
50 | resources:
51 | - markdownviews
52 | sideEffects: None
53 |
--------------------------------------------------------------------------------
/codes/50_completed/config/webhook/manifests.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: admissionregistration.k8s.io/v1
3 | kind: MutatingWebhookConfiguration
4 | metadata:
5 | name: mutating-webhook-configuration
6 | webhooks:
7 | - admissionReviewVersions:
8 | - v1
9 | clientConfig:
10 | service:
11 | name: webhook-service
12 | namespace: system
13 | path: /mutate-view-zoetrope-github-io-v1-markdownview
14 | failurePolicy: Fail
15 | name: mmarkdownview.kb.io
16 | rules:
17 | - apiGroups:
18 | - view.zoetrope.github.io
19 | apiVersions:
20 | - v1
21 | operations:
22 | - CREATE
23 | - UPDATE
24 | resources:
25 | - markdownviews
26 | sideEffects: None
27 | ---
28 | apiVersion: admissionregistration.k8s.io/v1
29 | kind: ValidatingWebhookConfiguration
30 | metadata:
31 | name: validating-webhook-configuration
32 | webhooks:
33 | - admissionReviewVersions:
34 | - v1
35 | clientConfig:
36 | service:
37 | name: webhook-service
38 | namespace: system
39 | path: /validate-view-zoetrope-github-io-v1-markdownview
40 | failurePolicy: Fail
41 | name: vmarkdownview.kb.io
42 | rules:
43 | - apiGroups:
44 | - view.zoetrope.github.io
45 | apiVersions:
46 | - v1
47 | operations:
48 | - CREATE
49 | - UPDATE
50 | resources:
51 | - markdownviews
52 | sideEffects: None
53 |
--------------------------------------------------------------------------------
/docs/introduction/sample.md:
--------------------------------------------------------------------------------
1 | # MarkdownViewコントローラー
2 |
3 | 本資料では、カスタムコントローラーの例としてMarkdownViewコントローラーを実装することとします。
4 | MarkdownViewコントローラーは、ユーザーが用意したMarkdownをレンダリングしてブラウザから閲覧できるようにサービスを提供するコントローラーです。
5 |
6 | MarkdownのレンダリングにはmdBookを利用することとします。
7 |
8 | - https://rust-lang.github.io/mdBook/
9 |
10 | MarkdownViewコントローラーの主な処理の流れは次のようになります。
11 |
12 | 
13 |
14 | - ユーザーはMarkdownViewカスタムリソースを作成します。
15 | - MarkdownViewコントローラーは、作成されたMarkdownViewリソースの内容に応じて必要な各リソースを作成します。
16 | - カスタムリソースに記述されたMarkdownをConfigMapリソースとして作成します。
17 | - MarkdownをレンダリングするためのmdBookをDeploymentリソースとして作成します。
18 | - mdBookにアクセスするためのServiceリソースを作成します。
19 | - ユーザーは、作成されたサービスを経由して、レンダリングされたMarkdownを閲覧できます。
20 |
21 | MarkdownViewカスタムリソースには、以下のようにMarkdownの内容とレンダリングに利用するmdBookのコンテナイメージおよびレプリカ数を指定できるようにします。
22 |
23 | [import](../../codes/50_completed/config/samples/view_v1_markdownview.yaml)
24 |
25 | ソースコードは以下にあるので参考にしてください。
26 |
27 | - https://github.com/zoetrope/kubebuilder-training/tree/main/codes
28 |
29 | ディレクトリ構成は以下の通りです。
30 |
31 | ```
32 | codes
33 | ├── 00_scaffold: Kubebuilderで生成したコード
34 | ├── 10_tilt: Tiltを利用した開発環境のセットアップを追加
35 | ├── 20_manifests: CRD, RBAC, Webhook用のマニフェストを生成
36 | ├── 30_client: クライアントライブラリの利用例を追加
37 | ├── 40_reconcile: Reconcile処理、およびWebhookを実装
38 | └── 50_completed: Finalizer, Recorder, モニタリングのコードを追加
39 | ```
40 |
--------------------------------------------------------------------------------
/docs/controller-runtime/README.md:
--------------------------------------------------------------------------------
1 | # controller-runtime
2 |
3 | カスタムコントローラーを開発するためには、Kubernetesが標準で提供している[client-go](https://github.com/kubernetes/client-go), [apimachinery](https://github.com/kubernetes/apimachinery), [api](https://github.com/kubernetes/api)などのパッケージを利用することになります。
4 |
5 | [controller-runtime](https://github.com/kubernetes-sigs/controller-runtime)は、これらのパッケージを抽象化・隠蔽し、より簡単にカスタムコントローラーを実装可能にしたライブラリです。
6 |
7 | 抽象化・隠蔽しているとは言っても、Kubernetesのコンセプトに準拠する形で実装されています。
8 | 必要があればオプションを指定することにより、`client-go`や`apimachinery`が提供している機能のほとんどを利用できます。
9 | controller-runtimeの設計コンセプトについて知りたい方は[KubeBuilder Design Principles](https://github.com/kubernetes-sigs/kubebuilder/blob/master/DESIGN.md#controller-runtime)を参照してください。
10 |
11 | controller-runtimeが提供する代表的なコンポーネントには以下のものがあります。
12 |
13 | - [manager.Manager](https://pkg.go.dev/sigs.k8s.io/controller-runtime/pkg/manager?tab=doc#Manager)
14 | - 複数のコントローラーをまとめて管理するためのコンポーネント。
15 | - リーダー選出やメトリクスサーバーとしての機能など、カスタムコントローラーを実装するために必要な数多くの機能を提供します。
16 | - [client.Client](https://pkg.go.dev/sigs.k8s.io/controller-runtime/pkg/client?tab=doc#Client)
17 | - Kubernetesのkube-apiserverとやり取りするためのクライアント。
18 | - 監視対象のリソースをインメモリにキャッシュする機能などを持ち、カスタムリソースも型安全に扱うことが可能なクライアントとなっている。
19 | - [reconcile.Reconciler](https://pkg.go.dev/sigs.k8s.io/controller-runtime/pkg/reconcile?tab=doc#Reconciler)
20 | - カスタムコントローラーが実装すべきインタフェース。
21 |
22 | 以降のページではこれらの機能を詳細に解説していきます。
23 |
--------------------------------------------------------------------------------
/codes/10_tilt/api/v1/groupversion_info.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Package v1 contains API Schema definitions for the view v1 API group
18 | // +kubebuilder:object:generate=true
19 | // +groupName=view.zoetrope.github.io
20 | package v1
21 |
22 | import (
23 | "k8s.io/apimachinery/pkg/runtime/schema"
24 | "sigs.k8s.io/controller-runtime/pkg/scheme"
25 | )
26 |
27 | var (
28 | // GroupVersion is group version used to register these objects
29 | GroupVersion = schema.GroupVersion{Group: "view.zoetrope.github.io", Version: "v1"}
30 |
31 | // SchemeBuilder is used to add go types to the GroupVersionKind scheme
32 | SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}
33 |
34 | // AddToScheme adds the types in this group-version to the given scheme.
35 | AddToScheme = SchemeBuilder.AddToScheme
36 | )
37 |
--------------------------------------------------------------------------------
/codes/10_tilt/api/v1/markdownview_webhook_test.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | package v1
18 |
19 | import (
20 | . "github.com/onsi/ginkgo/v2"
21 | )
22 |
23 | var _ = Describe("MarkdownView Webhook", func() {
24 |
25 | Context("When creating MarkdownView under Defaulting Webhook", func() {
26 | It("Should fill in the default value if a required field is empty", func() {
27 |
28 | // TODO(user): Add your logic here
29 |
30 | })
31 | })
32 |
33 | Context("When creating MarkdownView under Validating Webhook", func() {
34 | It("Should deny if a required field is empty", func() {
35 |
36 | // TODO(user): Add your logic here
37 |
38 | })
39 |
40 | It("Should admit if all required fields are provided", func() {
41 |
42 | // TODO(user): Add your logic here
43 |
44 | })
45 | })
46 |
47 | })
48 |
--------------------------------------------------------------------------------
/codes/00_scaffold/api/v1/groupversion_info.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Package v1 contains API Schema definitions for the view v1 API group
18 | // +kubebuilder:object:generate=true
19 | // +groupName=view.zoetrope.github.io
20 | package v1
21 |
22 | import (
23 | "k8s.io/apimachinery/pkg/runtime/schema"
24 | "sigs.k8s.io/controller-runtime/pkg/scheme"
25 | )
26 |
27 | var (
28 | // GroupVersion is group version used to register these objects
29 | GroupVersion = schema.GroupVersion{Group: "view.zoetrope.github.io", Version: "v1"}
30 |
31 | // SchemeBuilder is used to add go types to the GroupVersionKind scheme
32 | SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}
33 |
34 | // AddToScheme adds the types in this group-version to the given scheme.
35 | AddToScheme = SchemeBuilder.AddToScheme
36 | )
37 |
--------------------------------------------------------------------------------
/codes/00_scaffold/api/v1/markdownview_webhook_test.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | package v1
18 |
19 | import (
20 | . "github.com/onsi/ginkgo/v2"
21 | )
22 |
23 | var _ = Describe("MarkdownView Webhook", func() {
24 |
25 | Context("When creating MarkdownView under Defaulting Webhook", func() {
26 | It("Should fill in the default value if a required field is empty", func() {
27 |
28 | // TODO(user): Add your logic here
29 |
30 | })
31 | })
32 |
33 | Context("When creating MarkdownView under Validating Webhook", func() {
34 | It("Should deny if a required field is empty", func() {
35 |
36 | // TODO(user): Add your logic here
37 |
38 | })
39 |
40 | It("Should admit if all required fields are provided", func() {
41 |
42 | // TODO(user): Add your logic here
43 |
44 | })
45 | })
46 |
47 | })
48 |
--------------------------------------------------------------------------------
/codes/20_manifests/api/v1/groupversion_info.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Package v1 contains API Schema definitions for the view v1 API group
18 | // +kubebuilder:object:generate=true
19 | // +groupName=view.zoetrope.github.io
20 | package v1
21 |
22 | import (
23 | "k8s.io/apimachinery/pkg/runtime/schema"
24 | "sigs.k8s.io/controller-runtime/pkg/scheme"
25 | )
26 |
27 | var (
28 | // GroupVersion is group version used to register these objects
29 | GroupVersion = schema.GroupVersion{Group: "view.zoetrope.github.io", Version: "v1"}
30 |
31 | // SchemeBuilder is used to add go types to the GroupVersionKind scheme
32 | SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}
33 |
34 | // AddToScheme adds the types in this group-version to the given scheme.
35 | AddToScheme = SchemeBuilder.AddToScheme
36 | )
37 |
--------------------------------------------------------------------------------
/codes/20_manifests/api/v1/markdownview_webhook_test.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | package v1
18 |
19 | import (
20 | . "github.com/onsi/ginkgo/v2"
21 | )
22 |
23 | var _ = Describe("MarkdownView Webhook", func() {
24 |
25 | Context("When creating MarkdownView under Defaulting Webhook", func() {
26 | It("Should fill in the default value if a required field is empty", func() {
27 |
28 | // TODO(user): Add your logic here
29 |
30 | })
31 | })
32 |
33 | Context("When creating MarkdownView under Validating Webhook", func() {
34 | It("Should deny if a required field is empty", func() {
35 |
36 | // TODO(user): Add your logic here
37 |
38 | })
39 |
40 | It("Should admit if all required fields are provided", func() {
41 |
42 | // TODO(user): Add your logic here
43 |
44 | })
45 | })
46 |
47 | })
48 |
--------------------------------------------------------------------------------
/codes/30_client/api/v1/groupversion_info.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Package v1 contains API Schema definitions for the view v1 API group
18 | // +kubebuilder:object:generate=true
19 | // +groupName=view.zoetrope.github.io
20 | package v1
21 |
22 | import (
23 | "k8s.io/apimachinery/pkg/runtime/schema"
24 | "sigs.k8s.io/controller-runtime/pkg/scheme"
25 | )
26 |
27 | var (
28 | // GroupVersion is group version used to register these objects
29 | GroupVersion = schema.GroupVersion{Group: "view.zoetrope.github.io", Version: "v1"}
30 |
31 | // SchemeBuilder is used to add go types to the GroupVersionKind scheme
32 | SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}
33 |
34 | // AddToScheme adds the types in this group-version to the given scheme.
35 | AddToScheme = SchemeBuilder.AddToScheme
36 | )
37 |
--------------------------------------------------------------------------------
/codes/30_client/api/v1/markdownview_webhook_test.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | package v1
18 |
19 | import (
20 | . "github.com/onsi/ginkgo/v2"
21 | )
22 |
23 | var _ = Describe("MarkdownView Webhook", func() {
24 |
25 | Context("When creating MarkdownView under Defaulting Webhook", func() {
26 | It("Should fill in the default value if a required field is empty", func() {
27 |
28 | // TODO(user): Add your logic here
29 |
30 | })
31 | })
32 |
33 | Context("When creating MarkdownView under Validating Webhook", func() {
34 | It("Should deny if a required field is empty", func() {
35 |
36 | // TODO(user): Add your logic here
37 |
38 | })
39 |
40 | It("Should admit if all required fields are provided", func() {
41 |
42 | // TODO(user): Add your logic here
43 |
44 | })
45 | })
46 |
47 | })
48 |
--------------------------------------------------------------------------------
/codes/40_reconcile/api/v1/groupversion_info.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Package v1 contains API Schema definitions for the view v1 API group
18 | // +kubebuilder:object:generate=true
19 | // +groupName=view.zoetrope.github.io
20 | package v1
21 |
22 | import (
23 | "k8s.io/apimachinery/pkg/runtime/schema"
24 | "sigs.k8s.io/controller-runtime/pkg/scheme"
25 | )
26 |
27 | var (
28 | // GroupVersion is group version used to register these objects
29 | GroupVersion = schema.GroupVersion{Group: "view.zoetrope.github.io", Version: "v1"}
30 |
31 | // SchemeBuilder is used to add go types to the GroupVersionKind scheme
32 | SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}
33 |
34 | // AddToScheme adds the types in this group-version to the given scheme.
35 | AddToScheme = SchemeBuilder.AddToScheme
36 | )
37 |
--------------------------------------------------------------------------------
/codes/50_completed/api/v1/groupversion_info.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Package v1 contains API Schema definitions for the view v1 API group
18 | // +kubebuilder:object:generate=true
19 | // +groupName=view.zoetrope.github.io
20 | package v1
21 |
22 | import (
23 | "k8s.io/apimachinery/pkg/runtime/schema"
24 | "sigs.k8s.io/controller-runtime/pkg/scheme"
25 | )
26 |
27 | var (
28 | // GroupVersion is group version used to register these objects
29 | GroupVersion = schema.GroupVersion{Group: "view.zoetrope.github.io", Version: "v1"}
30 |
31 | // SchemeBuilder is used to add go types to the GroupVersionKind scheme
32 | SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}
33 |
34 | // AddToScheme adds the types in this group-version to the given scheme.
35 | AddToScheme = SchemeBuilder.AddToScheme
36 | )
37 |
--------------------------------------------------------------------------------
/codes/10_tilt/Dockerfile:
--------------------------------------------------------------------------------
1 | # Build the manager binary
2 | FROM golang:1.22 AS builder
3 | ARG TARGETOS
4 | ARG TARGETARCH
5 |
6 | WORKDIR /workspace
7 | # Copy the Go Modules manifests
8 | COPY go.mod go.mod
9 | COPY go.sum go.sum
10 | # cache deps before building and copying source so that we don't need to re-download as much
11 | # and so that source changes don't invalidate our downloaded layer
12 | RUN go mod download
13 |
14 | # Copy the go source
15 | COPY cmd/main.go cmd/main.go
16 | COPY api/ api/
17 | COPY internal/controller/ internal/controller/
18 |
19 | # Build
20 | # the GOARCH has not a default value to allow the binary be built according to the host where the command
21 | # was called. For example, if we call make docker-build in a local env which has the Apple Silicon M1 SO
22 | # the docker BUILDPLATFORM arg will be linux/arm64 when for Apple x86 it will be linux/amd64. Therefore,
23 | # by leaving it empty we can ensure that the container and binary shipped on it will have the same platform.
24 | RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -a -o manager cmd/main.go
25 |
26 | # Use distroless as minimal base image to package the manager binary
27 | # Refer to https://github.com/GoogleContainerTools/distroless for more details
28 | FROM gcr.io/distroless/static:nonroot
29 | WORKDIR /
30 | COPY --from=builder /workspace/manager .
31 | USER 65532:65532
32 |
33 | ENTRYPOINT ["/manager"]
34 |
--------------------------------------------------------------------------------
/codes/00_scaffold/Dockerfile:
--------------------------------------------------------------------------------
1 | # Build the manager binary
2 | FROM golang:1.22 AS builder
3 | ARG TARGETOS
4 | ARG TARGETARCH
5 |
6 | WORKDIR /workspace
7 | # Copy the Go Modules manifests
8 | COPY go.mod go.mod
9 | COPY go.sum go.sum
10 | # cache deps before building and copying source so that we don't need to re-download as much
11 | # and so that source changes don't invalidate our downloaded layer
12 | RUN go mod download
13 |
14 | # Copy the go source
15 | COPY cmd/main.go cmd/main.go
16 | COPY api/ api/
17 | COPY internal/controller/ internal/controller/
18 |
19 | # Build
20 | # the GOARCH has not a default value to allow the binary be built according to the host where the command
21 | # was called. For example, if we call make docker-build in a local env which has the Apple Silicon M1 SO
22 | # the docker BUILDPLATFORM arg will be linux/arm64 when for Apple x86 it will be linux/amd64. Therefore,
23 | # by leaving it empty we can ensure that the container and binary shipped on it will have the same platform.
24 | RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -a -o manager cmd/main.go
25 |
26 | # Use distroless as minimal base image to package the manager binary
27 | # Refer to https://github.com/GoogleContainerTools/distroless for more details
28 | FROM gcr.io/distroless/static:nonroot
29 | WORKDIR /
30 | COPY --from=builder /workspace/manager .
31 | USER 65532:65532
32 |
33 | ENTRYPOINT ["/manager"]
34 |
--------------------------------------------------------------------------------
/codes/20_manifests/Dockerfile:
--------------------------------------------------------------------------------
1 | # Build the manager binary
2 | FROM golang:1.22 AS builder
3 | ARG TARGETOS
4 | ARG TARGETARCH
5 |
6 | WORKDIR /workspace
7 | # Copy the Go Modules manifests
8 | COPY go.mod go.mod
9 | COPY go.sum go.sum
10 | # cache deps before building and copying source so that we don't need to re-download as much
11 | # and so that source changes don't invalidate our downloaded layer
12 | RUN go mod download
13 |
14 | # Copy the go source
15 | COPY cmd/main.go cmd/main.go
16 | COPY api/ api/
17 | COPY internal/controller/ internal/controller/
18 |
19 | # Build
20 | # the GOARCH has not a default value to allow the binary be built according to the host where the command
21 | # was called. For example, if we call make docker-build in a local env which has the Apple Silicon M1 SO
22 | # the docker BUILDPLATFORM arg will be linux/arm64 when for Apple x86 it will be linux/amd64. Therefore,
23 | # by leaving it empty we can ensure that the container and binary shipped on it will have the same platform.
24 | RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -a -o manager cmd/main.go
25 |
26 | # Use distroless as minimal base image to package the manager binary
27 | # Refer to https://github.com/GoogleContainerTools/distroless for more details
28 | FROM gcr.io/distroless/static:nonroot
29 | WORKDIR /
30 | COPY --from=builder /workspace/manager .
31 | USER 65532:65532
32 |
33 | ENTRYPOINT ["/manager"]
34 |
--------------------------------------------------------------------------------
/codes/30_client/Dockerfile:
--------------------------------------------------------------------------------
1 | # Build the manager binary
2 | FROM golang:1.22 AS builder
3 | ARG TARGETOS
4 | ARG TARGETARCH
5 |
6 | WORKDIR /workspace
7 | # Copy the Go Modules manifests
8 | COPY go.mod go.mod
9 | COPY go.sum go.sum
10 | # cache deps before building and copying source so that we don't need to re-download as much
11 | # and so that source changes don't invalidate our downloaded layer
12 | RUN go mod download
13 |
14 | # Copy the go source
15 | COPY cmd/main.go cmd/main.go
16 | COPY api/ api/
17 | COPY internal/controller/ internal/controller/
18 |
19 | # Build
20 | # the GOARCH has not a default value to allow the binary be built according to the host where the command
21 | # was called. For example, if we call make docker-build in a local env which has the Apple Silicon M1 SO
22 | # the docker BUILDPLATFORM arg will be linux/arm64 when for Apple x86 it will be linux/amd64. Therefore,
23 | # by leaving it empty we can ensure that the container and binary shipped on it will have the same platform.
24 | RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -a -o manager cmd/main.go
25 |
26 | # Use distroless as minimal base image to package the manager binary
27 | # Refer to https://github.com/GoogleContainerTools/distroless for more details
28 | FROM gcr.io/distroless/static:nonroot
29 | WORKDIR /
30 | COPY --from=builder /workspace/manager .
31 | USER 65532:65532
32 |
33 | ENTRYPOINT ["/manager"]
34 |
--------------------------------------------------------------------------------
/codes/40_reconcile/Dockerfile:
--------------------------------------------------------------------------------
1 | # Build the manager binary
2 | FROM golang:1.22 AS builder
3 | ARG TARGETOS
4 | ARG TARGETARCH
5 |
6 | WORKDIR /workspace
7 | # Copy the Go Modules manifests
8 | COPY go.mod go.mod
9 | COPY go.sum go.sum
10 | # cache deps before building and copying source so that we don't need to re-download as much
11 | # and so that source changes don't invalidate our downloaded layer
12 | RUN go mod download
13 |
14 | # Copy the go source
15 | COPY cmd/main.go cmd/main.go
16 | COPY api/ api/
17 | COPY internal/controller/ internal/controller/
18 |
19 | # Build
20 | # the GOARCH has not a default value to allow the binary be built according to the host where the command
21 | # was called. For example, if we call make docker-build in a local env which has the Apple Silicon M1 SO
22 | # the docker BUILDPLATFORM arg will be linux/arm64 when for Apple x86 it will be linux/amd64. Therefore,
23 | # by leaving it empty we can ensure that the container and binary shipped on it will have the same platform.
24 | RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -a -o manager cmd/main.go
25 |
26 | # Use distroless as minimal base image to package the manager binary
27 | # Refer to https://github.com/GoogleContainerTools/distroless for more details
28 | FROM gcr.io/distroless/static:nonroot
29 | WORKDIR /
30 | COPY --from=builder /workspace/manager .
31 | USER 65532:65532
32 |
33 | ENTRYPOINT ["/manager"]
34 |
--------------------------------------------------------------------------------
/codes/50_completed/Dockerfile:
--------------------------------------------------------------------------------
1 | # Build the manager binary
2 | FROM golang:1.22 AS builder
3 | ARG TARGETOS
4 | ARG TARGETARCH
5 |
6 | WORKDIR /workspace
7 | # Copy the Go Modules manifests
8 | COPY go.mod go.mod
9 | COPY go.sum go.sum
10 | # cache deps before building and copying source so that we don't need to re-download as much
11 | # and so that source changes don't invalidate our downloaded layer
12 | RUN go mod download
13 |
14 | # Copy the go source
15 | COPY cmd/main.go cmd/main.go
16 | COPY api/ api/
17 | COPY internal/controller/ internal/controller/
18 |
19 | # Build
20 | # the GOARCH has not a default value to allow the binary be built according to the host where the command
21 | # was called. For example, if we call make docker-build in a local env which has the Apple Silicon M1 SO
22 | # the docker BUILDPLATFORM arg will be linux/arm64 when for Apple x86 it will be linux/amd64. Therefore,
23 | # by leaving it empty we can ensure that the container and binary shipped on it will have the same platform.
24 | RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -a -o manager cmd/main.go
25 |
26 | # Use distroless as minimal base image to package the manager binary
27 | # Refer to https://github.com/GoogleContainerTools/distroless for more details
28 | FROM gcr.io/distroless/static:nonroot
29 | WORKDIR /
30 | COPY --from=builder /workspace/manager .
31 | USER 65532:65532
32 |
33 | ENTRYPOINT ["/manager"]
34 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/certmanager/certificate.yaml:
--------------------------------------------------------------------------------
1 | # The following manifests contain a self-signed issuer CR and a certificate CR.
2 | # More document can be found at https://docs.cert-manager.io
3 | # WARNING: Targets CertManager v1.0. Check https://cert-manager.io/docs/installation/upgrading/ for breaking changes.
4 | apiVersion: cert-manager.io/v1
5 | kind: Issuer
6 | metadata:
7 | labels:
8 | app.kubernetes.io/name: markdown-view
9 | app.kubernetes.io/managed-by: kustomize
10 | name: selfsigned-issuer
11 | namespace: system
12 | spec:
13 | selfSigned: {}
14 | ---
15 | apiVersion: cert-manager.io/v1
16 | kind: Certificate
17 | metadata:
18 | labels:
19 | app.kubernetes.io/name: certificate
20 | app.kubernetes.io/instance: serving-cert
21 | app.kubernetes.io/component: certificate
22 | app.kubernetes.io/created-by: markdown-view
23 | app.kubernetes.io/part-of: markdown-view
24 | app.kubernetes.io/managed-by: kustomize
25 | name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml
26 | namespace: system
27 | spec:
28 | # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
29 | dnsNames:
30 | - SERVICE_NAME.SERVICE_NAMESPACE.svc
31 | - SERVICE_NAME.SERVICE_NAMESPACE.svc.cluster.local
32 | issuerRef:
33 | kind: Issuer
34 | name: selfsigned-issuer
35 | secretName: webhook-server-cert # this secret will not be prefixed, since it's not managed by kustomize
36 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/certmanager/certificate.yaml:
--------------------------------------------------------------------------------
1 | # The following manifests contain a self-signed issuer CR and a certificate CR.
2 | # More document can be found at https://docs.cert-manager.io
3 | # WARNING: Targets CertManager v1.0. Check https://cert-manager.io/docs/installation/upgrading/ for breaking changes.
4 | apiVersion: cert-manager.io/v1
5 | kind: Issuer
6 | metadata:
7 | labels:
8 | app.kubernetes.io/name: markdown-view
9 | app.kubernetes.io/managed-by: kustomize
10 | name: selfsigned-issuer
11 | namespace: system
12 | spec:
13 | selfSigned: {}
14 | ---
15 | apiVersion: cert-manager.io/v1
16 | kind: Certificate
17 | metadata:
18 | labels:
19 | app.kubernetes.io/name: certificate
20 | app.kubernetes.io/instance: serving-cert
21 | app.kubernetes.io/component: certificate
22 | app.kubernetes.io/created-by: markdown-view
23 | app.kubernetes.io/part-of: markdown-view
24 | app.kubernetes.io/managed-by: kustomize
25 | name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml
26 | namespace: system
27 | spec:
28 | # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
29 | dnsNames:
30 | - SERVICE_NAME.SERVICE_NAMESPACE.svc
31 | - SERVICE_NAME.SERVICE_NAMESPACE.svc.cluster.local
32 | issuerRef:
33 | kind: Issuer
34 | name: selfsigned-issuer
35 | secretName: webhook-server-cert # this secret will not be prefixed, since it's not managed by kustomize
36 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/certmanager/certificate.yaml:
--------------------------------------------------------------------------------
1 | # The following manifests contain a self-signed issuer CR and a certificate CR.
2 | # More document can be found at https://docs.cert-manager.io
3 | # WARNING: Targets CertManager v1.0. Check https://cert-manager.io/docs/installation/upgrading/ for breaking changes.
4 | apiVersion: cert-manager.io/v1
5 | kind: Issuer
6 | metadata:
7 | labels:
8 | app.kubernetes.io/name: markdown-view
9 | app.kubernetes.io/managed-by: kustomize
10 | name: selfsigned-issuer
11 | namespace: system
12 | spec:
13 | selfSigned: {}
14 | ---
15 | apiVersion: cert-manager.io/v1
16 | kind: Certificate
17 | metadata:
18 | labels:
19 | app.kubernetes.io/name: certificate
20 | app.kubernetes.io/instance: serving-cert
21 | app.kubernetes.io/component: certificate
22 | app.kubernetes.io/created-by: markdown-view
23 | app.kubernetes.io/part-of: markdown-view
24 | app.kubernetes.io/managed-by: kustomize
25 | name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml
26 | namespace: system
27 | spec:
28 | # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
29 | dnsNames:
30 | - SERVICE_NAME.SERVICE_NAMESPACE.svc
31 | - SERVICE_NAME.SERVICE_NAMESPACE.svc.cluster.local
32 | issuerRef:
33 | kind: Issuer
34 | name: selfsigned-issuer
35 | secretName: webhook-server-cert # this secret will not be prefixed, since it's not managed by kustomize
36 |
--------------------------------------------------------------------------------
/codes/30_client/config/certmanager/certificate.yaml:
--------------------------------------------------------------------------------
1 | # The following manifests contain a self-signed issuer CR and a certificate CR.
2 | # More document can be found at https://docs.cert-manager.io
3 | # WARNING: Targets CertManager v1.0. Check https://cert-manager.io/docs/installation/upgrading/ for breaking changes.
4 | apiVersion: cert-manager.io/v1
5 | kind: Issuer
6 | metadata:
7 | labels:
8 | app.kubernetes.io/name: markdown-view
9 | app.kubernetes.io/managed-by: kustomize
10 | name: selfsigned-issuer
11 | namespace: system
12 | spec:
13 | selfSigned: {}
14 | ---
15 | apiVersion: cert-manager.io/v1
16 | kind: Certificate
17 | metadata:
18 | labels:
19 | app.kubernetes.io/name: certificate
20 | app.kubernetes.io/instance: serving-cert
21 | app.kubernetes.io/component: certificate
22 | app.kubernetes.io/created-by: markdown-view
23 | app.kubernetes.io/part-of: markdown-view
24 | app.kubernetes.io/managed-by: kustomize
25 | name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml
26 | namespace: system
27 | spec:
28 | # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
29 | dnsNames:
30 | - SERVICE_NAME.SERVICE_NAMESPACE.svc
31 | - SERVICE_NAME.SERVICE_NAMESPACE.svc.cluster.local
32 | issuerRef:
33 | kind: Issuer
34 | name: selfsigned-issuer
35 | secretName: webhook-server-cert # this secret will not be prefixed, since it's not managed by kustomize
36 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/certmanager/certificate.yaml:
--------------------------------------------------------------------------------
1 | # The following manifests contain a self-signed issuer CR and a certificate CR.
2 | # More document can be found at https://docs.cert-manager.io
3 | # WARNING: Targets CertManager v1.0. Check https://cert-manager.io/docs/installation/upgrading/ for breaking changes.
4 | apiVersion: cert-manager.io/v1
5 | kind: Issuer
6 | metadata:
7 | labels:
8 | app.kubernetes.io/name: markdown-view
9 | app.kubernetes.io/managed-by: kustomize
10 | name: selfsigned-issuer
11 | namespace: system
12 | spec:
13 | selfSigned: {}
14 | ---
15 | apiVersion: cert-manager.io/v1
16 | kind: Certificate
17 | metadata:
18 | labels:
19 | app.kubernetes.io/name: certificate
20 | app.kubernetes.io/instance: serving-cert
21 | app.kubernetes.io/component: certificate
22 | app.kubernetes.io/created-by: markdown-view
23 | app.kubernetes.io/part-of: markdown-view
24 | app.kubernetes.io/managed-by: kustomize
25 | name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml
26 | namespace: system
27 | spec:
28 | # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
29 | dnsNames:
30 | - SERVICE_NAME.SERVICE_NAMESPACE.svc
31 | - SERVICE_NAME.SERVICE_NAMESPACE.svc.cluster.local
32 | issuerRef:
33 | kind: Issuer
34 | name: selfsigned-issuer
35 | secretName: webhook-server-cert # this secret will not be prefixed, since it's not managed by kustomize
36 |
--------------------------------------------------------------------------------
/codes/50_completed/config/certmanager/certificate.yaml:
--------------------------------------------------------------------------------
1 | # The following manifests contain a self-signed issuer CR and a certificate CR.
2 | # More document can be found at https://docs.cert-manager.io
3 | # WARNING: Targets CertManager v1.0. Check https://cert-manager.io/docs/installation/upgrading/ for breaking changes.
4 | apiVersion: cert-manager.io/v1
5 | kind: Issuer
6 | metadata:
7 | labels:
8 | app.kubernetes.io/name: markdown-view
9 | app.kubernetes.io/managed-by: kustomize
10 | name: selfsigned-issuer
11 | namespace: system
12 | spec:
13 | selfSigned: {}
14 | ---
15 | apiVersion: cert-manager.io/v1
16 | kind: Certificate
17 | metadata:
18 | labels:
19 | app.kubernetes.io/name: certificate
20 | app.kubernetes.io/instance: serving-cert
21 | app.kubernetes.io/component: certificate
22 | app.kubernetes.io/created-by: markdown-view
23 | app.kubernetes.io/part-of: markdown-view
24 | app.kubernetes.io/managed-by: kustomize
25 | name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml
26 | namespace: system
27 | spec:
28 | # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
29 | dnsNames:
30 | - SERVICE_NAME.SERVICE_NAMESPACE.svc
31 | - SERVICE_NAME.SERVICE_NAMESPACE.svc.cluster.local
32 | issuerRef:
33 | kind: Issuer
34 | name: selfsigned-issuer
35 | secretName: webhook-server-cert # this secret will not be prefixed, since it's not managed by kustomize
36 |
--------------------------------------------------------------------------------
/docs/controller-tools/webhook.md:
--------------------------------------------------------------------------------
1 | # Webhookマニフェストの生成
2 |
3 | AdmissionWebhookを利用するためには、`MutatingWebhookConfiguration`や`ValidatingWebhookConfiguration`などのマニフェストを用意する必要があります。
4 | controller-genは`// +kubebuilder:webhook`マーカーの記述に基づいてマニフェストを生成できます。
5 |
6 | まずはMutating Webhookのマーカーを見てみましょう。
7 |
8 | [import:"webhook-defaulter"](../../codes/20_manifests/api/v1/markdownview_webhook.go)
9 |
10 | 同様にValidating Webhookのマーカーを確認します。
11 |
12 | [import:"webhook-validator"](../../codes/20_manifests/api/v1/markdownview_webhook.go)
13 |
14 | - `path`: Webhookのパスを指定します。これはcontroller-runtimeが自動的に生成するパスなので基本的には変更せずに利用します。
15 | - `mutating`: Webhookで値を書き換えるかどうかを指定します。Defaulterでは`true`, Validatorでは`false`を指定します。
16 | - `failurePolicy`: Webhook APIの呼び出しに失敗したときの挙動を指定します。`fail`を指定するとWebhookが呼び出せない場合はリソースの作成もできません。`ignore`を指定するとWebhookが呼び出せなくてもリソースが作成できてしまいます。
17 | - `sideEffects`: Webhook APIの呼び出しに副作用があるかどうかを指定します。これはAPIサーバーをdry-runモードで呼び出したときの挙動に影響します。副作用がない場合は`None`, ある場合は`Some`を指定します。
18 | - `groups`,`versions`,`resource`: Webhookの対象となるリソースのGVKを指定します。
19 | - `verbs`: Webhookの対象となるリソースの操作を指定できます。`create`, `update`, `delete`などを指定できます。
20 | - `name`: Webhookの名前を指定します。ドットで区切られた3つ以上のセグメントを持つドメイン名でなければなりません。
21 | - `admissionReviewVersions`: WebhookがサポートするAdmissionReviewのバージョンを指定します。Kubernetes 1.16以降の環境でしか動作させないのであれば`v1`のみで問題ありません。1.15以前の環境で動作させたい場合は`v1beta1`も指定しましょう。
22 |
23 | `make manifests`を実行すると、マーカーの内容に基づいて以下のようなマニフェストファイルが生成されます。
24 |
25 | [import](../../codes/20_manifests/config/webhook/manifests.yaml)
26 |
--------------------------------------------------------------------------------
/codes/10_tilt/config/prometheus/monitor.yaml:
--------------------------------------------------------------------------------
1 | # Prometheus Monitor Service (Metrics)
2 | apiVersion: monitoring.coreos.com/v1
3 | kind: ServiceMonitor
4 | metadata:
5 | labels:
6 | control-plane: controller-manager
7 | app.kubernetes.io/name: markdown-view
8 | app.kubernetes.io/managed-by: kustomize
9 | name: controller-manager-metrics-monitor
10 | namespace: system
11 | spec:
12 | endpoints:
13 | - path: /metrics
14 | port: https # Ensure this is the name of the port that exposes HTTPS metrics
15 | scheme: https
16 | bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
17 | tlsConfig:
18 | # TODO(user): The option insecureSkipVerify: true is not recommended for production since it disables
19 | # certificate verification. This poses a significant security risk by making the system vulnerable to
20 | # man-in-the-middle attacks, where an attacker could intercept and manipulate the communication between
21 | # Prometheus and the monitored services. This could lead to unauthorized access to sensitive metrics data,
22 | # compromising the integrity and confidentiality of the information.
23 | # Please use the following options for secure configurations:
24 | # caFile: /etc/metrics-certs/ca.crt
25 | # certFile: /etc/metrics-certs/tls.crt
26 | # keyFile: /etc/metrics-certs/tls.key
27 | insecureSkipVerify: true
28 | selector:
29 | matchLabels:
30 | control-plane: controller-manager
31 |
--------------------------------------------------------------------------------
/codes/00_scaffold/config/prometheus/monitor.yaml:
--------------------------------------------------------------------------------
1 | # Prometheus Monitor Service (Metrics)
2 | apiVersion: monitoring.coreos.com/v1
3 | kind: ServiceMonitor
4 | metadata:
5 | labels:
6 | control-plane: controller-manager
7 | app.kubernetes.io/name: markdown-view
8 | app.kubernetes.io/managed-by: kustomize
9 | name: controller-manager-metrics-monitor
10 | namespace: system
11 | spec:
12 | endpoints:
13 | - path: /metrics
14 | port: https # Ensure this is the name of the port that exposes HTTPS metrics
15 | scheme: https
16 | bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
17 | tlsConfig:
18 | # TODO(user): The option insecureSkipVerify: true is not recommended for production since it disables
19 | # certificate verification. This poses a significant security risk by making the system vulnerable to
20 | # man-in-the-middle attacks, where an attacker could intercept and manipulate the communication between
21 | # Prometheus and the monitored services. This could lead to unauthorized access to sensitive metrics data,
22 | # compromising the integrity and confidentiality of the information.
23 | # Please use the following options for secure configurations:
24 | # caFile: /etc/metrics-certs/ca.crt
25 | # certFile: /etc/metrics-certs/tls.crt
26 | # keyFile: /etc/metrics-certs/tls.key
27 | insecureSkipVerify: true
28 | selector:
29 | matchLabels:
30 | control-plane: controller-manager
31 |
--------------------------------------------------------------------------------
/codes/20_manifests/config/prometheus/monitor.yaml:
--------------------------------------------------------------------------------
1 | # Prometheus Monitor Service (Metrics)
2 | apiVersion: monitoring.coreos.com/v1
3 | kind: ServiceMonitor
4 | metadata:
5 | labels:
6 | control-plane: controller-manager
7 | app.kubernetes.io/name: markdown-view
8 | app.kubernetes.io/managed-by: kustomize
9 | name: controller-manager-metrics-monitor
10 | namespace: system
11 | spec:
12 | endpoints:
13 | - path: /metrics
14 | port: https # Ensure this is the name of the port that exposes HTTPS metrics
15 | scheme: https
16 | bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
17 | tlsConfig:
18 | # TODO(user): The option insecureSkipVerify: true is not recommended for production since it disables
19 | # certificate verification. This poses a significant security risk by making the system vulnerable to
20 | # man-in-the-middle attacks, where an attacker could intercept and manipulate the communication between
21 | # Prometheus and the monitored services. This could lead to unauthorized access to sensitive metrics data,
22 | # compromising the integrity and confidentiality of the information.
23 | # Please use the following options for secure configurations:
24 | # caFile: /etc/metrics-certs/ca.crt
25 | # certFile: /etc/metrics-certs/tls.crt
26 | # keyFile: /etc/metrics-certs/tls.key
27 | insecureSkipVerify: true
28 | selector:
29 | matchLabels:
30 | control-plane: controller-manager
31 |
--------------------------------------------------------------------------------
/codes/30_client/config/prometheus/monitor.yaml:
--------------------------------------------------------------------------------
1 | # Prometheus Monitor Service (Metrics)
2 | apiVersion: monitoring.coreos.com/v1
3 | kind: ServiceMonitor
4 | metadata:
5 | labels:
6 | control-plane: controller-manager
7 | app.kubernetes.io/name: markdown-view
8 | app.kubernetes.io/managed-by: kustomize
9 | name: controller-manager-metrics-monitor
10 | namespace: system
11 | spec:
12 | endpoints:
13 | - path: /metrics
14 | port: https # Ensure this is the name of the port that exposes HTTPS metrics
15 | scheme: https
16 | bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
17 | tlsConfig:
18 | # TODO(user): The option insecureSkipVerify: true is not recommended for production since it disables
19 | # certificate verification. This poses a significant security risk by making the system vulnerable to
20 | # man-in-the-middle attacks, where an attacker could intercept and manipulate the communication between
21 | # Prometheus and the monitored services. This could lead to unauthorized access to sensitive metrics data,
22 | # compromising the integrity and confidentiality of the information.
23 | # Please use the following options for secure configurations:
24 | # caFile: /etc/metrics-certs/ca.crt
25 | # certFile: /etc/metrics-certs/tls.crt
26 | # keyFile: /etc/metrics-certs/tls.key
27 | insecureSkipVerify: true
28 | selector:
29 | matchLabels:
30 | control-plane: controller-manager
31 |
--------------------------------------------------------------------------------
/codes/40_reconcile/config/prometheus/monitor.yaml:
--------------------------------------------------------------------------------
1 | # Prometheus Monitor Service (Metrics)
2 | apiVersion: monitoring.coreos.com/v1
3 | kind: ServiceMonitor
4 | metadata:
5 | labels:
6 | control-plane: controller-manager
7 | app.kubernetes.io/name: markdown-view
8 | app.kubernetes.io/managed-by: kustomize
9 | name: controller-manager-metrics-monitor
10 | namespace: system
11 | spec:
12 | endpoints:
13 | - path: /metrics
14 | port: https # Ensure this is the name of the port that exposes HTTPS metrics
15 | scheme: https
16 | bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
17 | tlsConfig:
18 | # TODO(user): The option insecureSkipVerify: true is not recommended for production since it disables
19 | # certificate verification. This poses a significant security risk by making the system vulnerable to
20 | # man-in-the-middle attacks, where an attacker could intercept and manipulate the communication between
21 | # Prometheus and the monitored services. This could lead to unauthorized access to sensitive metrics data,
22 | # compromising the integrity and confidentiality of the information.
23 | # Please use the following options for secure configurations:
24 | # caFile: /etc/metrics-certs/ca.crt
25 | # certFile: /etc/metrics-certs/tls.crt
26 | # keyFile: /etc/metrics-certs/tls.key
27 | insecureSkipVerify: true
28 | selector:
29 | matchLabels:
30 | control-plane: controller-manager
31 |
--------------------------------------------------------------------------------
/codes/50_completed/config/prometheus/monitor.yaml:
--------------------------------------------------------------------------------
1 | # Prometheus Monitor Service (Metrics)
2 | apiVersion: monitoring.coreos.com/v1
3 | kind: ServiceMonitor
4 | metadata:
5 | labels:
6 | control-plane: controller-manager
7 | app.kubernetes.io/name: markdown-view
8 | app.kubernetes.io/managed-by: kustomize
9 | name: controller-manager-metrics-monitor
10 | namespace: system
11 | spec:
12 | endpoints:
13 | - path: /metrics
14 | port: https # Ensure this is the name of the port that exposes HTTPS metrics
15 | scheme: https
16 | bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
17 | tlsConfig:
18 | # TODO(user): The option insecureSkipVerify: true is not recommended for production since it disables
19 | # certificate verification. This poses a significant security risk by making the system vulnerable to
20 | # man-in-the-middle attacks, where an attacker could intercept and manipulate the communication between
21 | # Prometheus and the monitored services. This could lead to unauthorized access to sensitive metrics data,
22 | # compromising the integrity and confidentiality of the information.
23 | # Please use the following options for secure configurations:
24 | # caFile: /etc/metrics-certs/ca.crt
25 | # certFile: /etc/metrics-certs/tls.crt
26 | # keyFile: /etc/metrics-certs/tls.key
27 | insecureSkipVerify: true
28 | selector:
29 | matchLabels:
30 | control-plane: controller-manager
31 |
--------------------------------------------------------------------------------