From 7b3be34d53b19f8ed161fa566f0d6601dbf4657e Mon Sep 17 00:00:00 2001 From: Andy Sadler Date: Wed, 1 Nov 2023 08:29:56 -0500 Subject: [PATCH] SBO v1.4.1 Signed-off-by: Andy Sadler --- ...ng.operators.coreos.com_bindablekinds.yaml | 58 ++ ....operators.coreos.com_servicebindings.yaml | 317 +++++++++ ...c.authorization.k8s.io_v1_clusterrole.yaml | 16 + ...rization.k8s.io_v1_clusterrolebinding.yaml | 13 + ...c.authorization.k8s.io_v1_clusterrole.yaml | 15 + ...c.authorization.k8s.io_v1_clusterrole.yaml | 16 + ...rization.k8s.io_v1_clusterrolebinding.yaml | 13 + ...c.authorization.k8s.io_v1_clusterrole.yaml | 10 + ...rization.k8s.io_v1_clusterrolebinding.yaml | 19 + ...c.authorization.k8s.io_v1_clusterrole.yaml | 15 + ...c.authorization.k8s.io_v1_clusterrole.yaml | 28 + ...e-binding-manager-config_v1_configmap.yaml | 17 + ...inding-operator.clusterserviceversion.yaml | 600 ++++++++++++++++++ ...c.authorization.k8s.io_v1_clusterrole.yaml | 15 + ...c.authorization.k8s.io_v1_clusterrole.yaml | 17 + ...c.authorization.k8s.io_v1_clusterrole.yaml | 15 + ...c.authorization.k8s.io_v1_clusterrole.yaml | 15 + ...c.authorization.k8s.io_v1_clusterrole.yaml | 24 + ...ce-binding-webhook-service_v1_service.yaml | 14 + ...ng.io_clusterworkloadresourcemappings.yaml | 221 +++++++ .../servicebinding.io_servicebindings.yaml | 511 +++++++++++++++ .../1.4.1/metadata/annotations.yaml | 14 + .../1.4.1/tests/scorecard/config.yaml | 70 ++ 23 files changed, 2053 insertions(+) create mode 100644 operators/service-binding-operator/1.4.1/manifests/binding.operators.coreos.com_bindablekinds.yaml create mode 100644 operators/service-binding-operator/1.4.1/manifests/binding.operators.coreos.com_servicebindings.yaml create mode 100644 operators/service-binding-operator/1.4.1/manifests/service-binding-bindablekinds-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml create mode 100644 operators/service-binding-operator/1.4.1/manifests/service-binding-bindablekinds-viewer-rolebinding_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml create mode 100644 operators/service-binding-operator/1.4.1/manifests/service-binding-cloud-native-postgres-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml create mode 100644 operators/service-binding-operator/1.4.1/manifests/service-binding-clusterworkloadresourcemappings-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml create mode 100644 operators/service-binding-operator/1.4.1/manifests/service-binding-clusterworkloadresourcemappings-viewer-rolebinding_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml create mode 100644 operators/service-binding-operator/1.4.1/manifests/service-binding-controller-role_rbac.authorization.k8s.io_v1_clusterrole.yaml create mode 100644 operators/service-binding-operator/1.4.1/manifests/service-binding-controller-rolebinding_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml create mode 100644 operators/service-binding-operator/1.4.1/manifests/service-binding-crunchy-postgres-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml create mode 100644 operators/service-binding-operator/1.4.1/manifests/service-binding-editor-role_rbac.authorization.k8s.io_v1_clusterrole.yaml create mode 100644 operators/service-binding-operator/1.4.1/manifests/service-binding-manager-config_v1_configmap.yaml create mode 100644 operators/service-binding-operator/1.4.1/manifests/service-binding-operator.clusterserviceversion.yaml create mode 100644 operators/service-binding-operator/1.4.1/manifests/service-binding-opstree-redis-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml create mode 100644 operators/service-binding-operator/1.4.1/manifests/service-binding-percona-mongodb-view_rbac.authorization.k8s.io_v1_clusterrole.yaml create mode 100644 operators/service-binding-operator/1.4.1/manifests/service-binding-percona-mysql-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml create mode 100644 operators/service-binding-operator/1.4.1/manifests/service-binding-rabbitmq-operator-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml create mode 100644 operators/service-binding-operator/1.4.1/manifests/service-binding-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml create mode 100644 operators/service-binding-operator/1.4.1/manifests/service-binding-webhook-service_v1_service.yaml create mode 100644 operators/service-binding-operator/1.4.1/manifests/servicebinding.io_clusterworkloadresourcemappings.yaml create mode 100644 operators/service-binding-operator/1.4.1/manifests/servicebinding.io_servicebindings.yaml create mode 100644 operators/service-binding-operator/1.4.1/metadata/annotations.yaml create mode 100644 operators/service-binding-operator/1.4.1/tests/scorecard/config.yaml diff --git a/operators/service-binding-operator/1.4.1/manifests/binding.operators.coreos.com_bindablekinds.yaml b/operators/service-binding-operator/1.4.1/manifests/binding.operators.coreos.com_bindablekinds.yaml new file mode 100644 index 00000000000..a7ebb60e77b --- /dev/null +++ b/operators/service-binding-operator/1.4.1/manifests/binding.operators.coreos.com_bindablekinds.yaml @@ -0,0 +1,58 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: bindablekinds.binding.operators.coreos.com +spec: + group: binding.operators.coreos.com + names: + kind: BindableKinds + listKind: BindableKindsList + plural: bindablekinds + singular: bindablekinds + scope: Cluster + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: BindableKinds is the Schema for the bindablekinds API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + status: + items: + description: BindableKindsStatus defines the observed state of BindableKinds + properties: + group: + type: string + kind: + type: string + version: + type: string + required: + - group + - kind + - version + type: object + type: array + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/operators/service-binding-operator/1.4.1/manifests/binding.operators.coreos.com_servicebindings.yaml b/operators/service-binding-operator/1.4.1/manifests/binding.operators.coreos.com_servicebindings.yaml new file mode 100644 index 00000000000..7d4db41c6dd --- /dev/null +++ b/operators/service-binding-operator/1.4.1/manifests/binding.operators.coreos.com_servicebindings.yaml @@ -0,0 +1,317 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: service-binding-operator/service-binding-service-cert + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: servicebindings.binding.operators.coreos.com +spec: + group: binding.operators.coreos.com + names: + kind: ServiceBinding + listKind: ServiceBindingList + plural: servicebindings + shortNames: + - sbr + - sbrs + singular: servicebinding + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].reason + name: Reason + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ServiceBindingSpec defines the desired state of ServiceBinding. + properties: + application: + description: Application identifies the application connecting to + the backing service. + properties: + bindingPath: + description: BindingPath refers to the paths in the application + workload's schema where the binding workload would be referenced. If + BindingPath is not specified, then the default path locations + are used. The default location for ContainersPath is "spec.template.spec.containers". If + SecretPath is not specified, then the name of the secret object + does not need to be specified. + properties: + containersPath: + description: ContainersPath defines the path to the corev1.Containers + reference. If BindingPath is not specified, the default + location is "spec.template.spec.containers". + type: string + secretPath: + description: 'SecretPath defines the path to a string field + where the name of the secret object is going to be assigned. Note: + The name of the secret object is same as that of the name + of service binding custom resource (metadata.name).' + type: string + type: object + group: + description: Group of the referent. + type: string + kind: + description: Kind of the referent. + type: string + labelSelector: + description: A label selector is a label query over a set of resources. + The result of matchLabels and matchExpressions are ANDed. An + empty label selector matches all objects. A null label selector + matches no objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + name: + description: Name of the referent. + type: string + resource: + description: Resource of the referent. + type: string + version: + description: Version of the referent. + type: string + required: + - group + - version + type: object + bindAsFiles: + default: true + description: BindAsFiles makes the binding values available as files + in the application's container. By default, values are mounted + under the path "/bindings"; this can be changed by setting the SERVICE_BINDING_ROOT + environment variable. + type: boolean + detectBindingResources: + description: DetectBindingResources is a flag that, when set to true, + will cause SBO to search for binding information in the owned resources + of the specified services. If this binding information exists, + then the application is bound to these subresources. + type: boolean + mappings: + description: Mappings specifies custom mappings. + items: + description: ServiceBindingMapping defines a new binding from a + set of existing bindings. + properties: + name: + description: Name is the name of new binding. + type: string + value: + description: Value specificies a go template that will be rendered + and injected into the application. + type: string + required: + - name + - value + type: object + type: array + name: + description: Name is the name of the service as projected into the + workload container. Defaults to .metadata.name. + maxLength: 253 + pattern: ^[a-z0-9\-\.]*$ + type: string + namingStrategy: + description: 'NamingStrategy defines custom string template for preparing + binding names. It can be set to pre-defined strategies: `none`, + `lowercase`, or `uppercase`. Otherwise, it is treated as a custom + go template, and it is handled accordingly.' + type: string + services: + description: Services indicates the backing services to be connected + to by an application. At least one service must be specified. + items: + description: Service defines the selector based on resource name, + version, and resource kind. + properties: + group: + description: Group of the referent. + type: string + id: + type: string + kind: + description: Kind of the referent. + type: string + name: + description: Name of the referent. + type: string + namespace: + description: Namespace of the referent. If unspecified, assumes + the same namespace as ServiceBinding. + type: string + resource: + description: Resource of the referent. + type: string + version: + description: Version of the referent. + type: string + required: + - group + - version + type: object + minItems: 1 + type: array + required: + - application + - services + type: object + status: + description: ServiceBindingStatus defines the observed state of ServiceBinding. + properties: + conditions: + description: Conditions describes the state of the operator's reconciliation + functionality. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n \ttype FooStatus struct{ \t // Represents the observations + of a foo's current state. \t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\" \t // + +patchMergeKey=type \t // +patchStrategy=merge \t // +listType=map + \t // +listMapKey=type \t Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n \t // other fields + \t}" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + secret: + description: Secret indicates the name of the binding secret. + type: string + required: + - secret + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/operators/service-binding-operator/1.4.1/manifests/service-binding-bindablekinds-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml b/operators/service-binding-operator/1.4.1/manifests/service-binding-bindablekinds-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml new file mode 100644 index 00000000000..116f2a74135 --- /dev/null +++ b/operators/service-binding-operator/1.4.1/manifests/service-binding-bindablekinds-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -0,0 +1,16 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + rbac.authorization.k8s.io/aggregate-to-view: "true" + name: service-binding-bindablekinds-viewer-role +rules: +- apiGroups: + - binding.operators.coreos.com + resources: + - bindablekinds + verbs: + - get + - list + - watch diff --git a/operators/service-binding-operator/1.4.1/manifests/service-binding-bindablekinds-viewer-rolebinding_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml b/operators/service-binding-operator/1.4.1/manifests/service-binding-bindablekinds-viewer-rolebinding_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml new file mode 100644 index 00000000000..ccdb929393c --- /dev/null +++ b/operators/service-binding-operator/1.4.1/manifests/service-binding-bindablekinds-viewer-rolebinding_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml @@ -0,0 +1,13 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + creationTimestamp: null + name: service-binding-bindablekinds-viewer-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: service-binding-bindablekinds-viewer-role +subjects: +- apiGroup: rbac.authorization.k8s.io + kind: Group + name: system:authenticated diff --git a/operators/service-binding-operator/1.4.1/manifests/service-binding-cloud-native-postgres-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml b/operators/service-binding-operator/1.4.1/manifests/service-binding-cloud-native-postgres-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml new file mode 100644 index 00000000000..6a4abf70863 --- /dev/null +++ b/operators/service-binding-operator/1.4.1/manifests/service-binding-cloud-native-postgres-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -0,0 +1,15 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + servicebinding.io/controller: "true" + name: service-binding-cloud-native-postgres-viewer-role +rules: +- apiGroups: + - postgresql.k8s.enterprisedb.io + resources: + - clusters + verbs: + - get + - list diff --git a/operators/service-binding-operator/1.4.1/manifests/service-binding-clusterworkloadresourcemappings-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml b/operators/service-binding-operator/1.4.1/manifests/service-binding-clusterworkloadresourcemappings-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml new file mode 100644 index 00000000000..859935bb633 --- /dev/null +++ b/operators/service-binding-operator/1.4.1/manifests/service-binding-clusterworkloadresourcemappings-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -0,0 +1,16 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + rbac.authorization.k8s.io/aggregate-to-view: "true" + name: service-binding-clusterworkloadresourcemappings-viewer-role +rules: +- apiGroups: + - servicebinding.io + resources: + - clusterworkloadresourcemappings + verbs: + - get + - list + - watch diff --git a/operators/service-binding-operator/1.4.1/manifests/service-binding-clusterworkloadresourcemappings-viewer-rolebinding_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml b/operators/service-binding-operator/1.4.1/manifests/service-binding-clusterworkloadresourcemappings-viewer-rolebinding_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml new file mode 100644 index 00000000000..96be07e12fb --- /dev/null +++ b/operators/service-binding-operator/1.4.1/manifests/service-binding-clusterworkloadresourcemappings-viewer-rolebinding_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml @@ -0,0 +1,13 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + creationTimestamp: null + name: service-binding-clusterworkloadresourcemappings-viewer-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: service-binding-clusterworkloadresourcemappings-viewer-role +subjects: +- apiGroup: rbac.authorization.k8s.io + kind: Group + name: system:authenticated diff --git a/operators/service-binding-operator/1.4.1/manifests/service-binding-controller-role_rbac.authorization.k8s.io_v1_clusterrole.yaml b/operators/service-binding-operator/1.4.1/manifests/service-binding-controller-role_rbac.authorization.k8s.io_v1_clusterrole.yaml new file mode 100644 index 00000000000..0886c00131c --- /dev/null +++ b/operators/service-binding-operator/1.4.1/manifests/service-binding-controller-role_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -0,0 +1,10 @@ +aggregationRule: + clusterRoleSelectors: + - matchLabels: + servicebinding.io/controller: "true" +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: service-binding-controller-role +rules: [] + diff --git a/operators/service-binding-operator/1.4.1/manifests/service-binding-controller-rolebinding_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml b/operators/service-binding-operator/1.4.1/manifests/service-binding-controller-rolebinding_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml new file mode 100644 index 00000000000..bb6c46dd16e --- /dev/null +++ b/operators/service-binding-operator/1.4.1/manifests/service-binding-controller-rolebinding_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml @@ -0,0 +1,19 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: service-binding-controller-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: service-binding-controller-role +subjects: + - kind: ServiceAccount + name: service-binding-operator + namespace: operators + - kind: ServiceAccount + name: service-binding-operator + namespace: openshift-operators + - kind: ServiceAccount + name: service-binding-operator + namespace: service-binding-operator + diff --git a/operators/service-binding-operator/1.4.1/manifests/service-binding-crunchy-postgres-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml b/operators/service-binding-operator/1.4.1/manifests/service-binding-crunchy-postgres-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml new file mode 100644 index 00000000000..df9c76d445b --- /dev/null +++ b/operators/service-binding-operator/1.4.1/manifests/service-binding-crunchy-postgres-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -0,0 +1,15 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + servicebinding.io/controller: "true" + name: service-binding-crunchy-postgres-viewer-role +rules: +- apiGroups: + - postgres-operator.crunchydata.com + resources: + - postgresclusters + verbs: + - get + - list diff --git a/operators/service-binding-operator/1.4.1/manifests/service-binding-editor-role_rbac.authorization.k8s.io_v1_clusterrole.yaml b/operators/service-binding-operator/1.4.1/manifests/service-binding-editor-role_rbac.authorization.k8s.io_v1_clusterrole.yaml new file mode 100644 index 00000000000..f8e19907568 --- /dev/null +++ b/operators/service-binding-operator/1.4.1/manifests/service-binding-editor-role_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -0,0 +1,28 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + rbac.authorization.k8s.io/aggregate-to-edit: "true" + name: service-binding-editor-role +rules: +- apiGroups: + - binding.operators.coreos.com + - servicebinding.io + resources: + - servicebindings + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - binding.operators.coreos.com + - servicebinding.io + resources: + - servicebindings/status + verbs: + - get diff --git a/operators/service-binding-operator/1.4.1/manifests/service-binding-manager-config_v1_configmap.yaml b/operators/service-binding-operator/1.4.1/manifests/service-binding-manager-config_v1_configmap.yaml new file mode 100644 index 00000000000..c813264029b --- /dev/null +++ b/operators/service-binding-operator/1.4.1/manifests/service-binding-manager-config_v1_configmap.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +data: + controller_manager_config.yaml: | + apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 + kind: ControllerManagerConfig + health: + healthProbeBindAddress: :8081 + metrics: + bindAddress: 127.0.0.1:8080 + webhook: + port: 9443 + leaderElection: + leaderElect: true + resourceName: 8fa65150.coreos.com +kind: ConfigMap +metadata: + name: service-binding-manager-config diff --git a/operators/service-binding-operator/1.4.1/manifests/service-binding-operator.clusterserviceversion.yaml b/operators/service-binding-operator/1.4.1/manifests/service-binding-operator.clusterserviceversion.yaml new file mode 100644 index 00000000000..a66334585b2 --- /dev/null +++ b/operators/service-binding-operator/1.4.1/manifests/service-binding-operator.clusterserviceversion.yaml @@ -0,0 +1,600 @@ +apiVersion: binding.operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "binding.operators.coreos.com/v1alpha1", + "kind": "BindableKinds", + "metadata": { + "name": "bindable-kinds" + }, + "spec": {} + }, + { + "apiVersion": "binding.operators.coreos.com/v1alpha1", + "kind": "ServiceBinding", + "metadata": { + "name": "example-servicebinding" + }, + "spec": { + "application": { + "group": "apps", + "name": "nodejs-rest-http-crud", + "resource": "deployments", + "version": "v1" + }, + "services": [ + { + "group": "postgresql.example.dev", + "kind": "Database", + "name": "pg-instance", + "version": "v1alpha1" + } + ] + } + }, + { + "apiVersion": "servicebinding.io/v1alpha3", + "kind": "ClusterWorkloadResourceMapping", + "metadata": { + "name": "cronjobs.batch" + }, + "spec": { + "versions": [ + { + "containers": [ + { + "path": ".spec.jobTemplate.spec.template.spec.containers[*]" + }, + { + "path": ".spec.jobTemplate.spec.template.spec.initContainers[*]" + } + ], + "version": "*", + "volumes": ".spec.jobTemplate.spec.template.spec.volumes" + } + ] + } + }, + { + "apiVersion": "servicebinding.io/v1alpha3", + "kind": "ServiceBinding", + "metadata": { + "name": "servicebinding-sample" + }, + "spec": { + "application": { + "apiVersion": "apps/v1", + "kind": "Deployment", + "name": "nodejs-rest-http-crud" + }, + "service": { + "apiVersion": "postgresql.example.dev/v1alpha1", + "kind": "Database", + "name": "pg-instance" + } + } + }, + { + "apiVersion": "servicebinding.io/v1beta1", + "kind": "ClusterWorkloadResourceMapping", + "metadata": { + "name": "cronjobs.batch" + }, + "spec": { + "versions": [ + { + "containers": [ + { + "path": ".spec.jobTemplate.spec.template.spec.containers[*]" + }, + { + "path": ".spec.jobTemplate.spec.template.spec.initContainers[*]" + } + ], + "version": "*", + "volumes": ".spec.jobTemplate.spec.template.spec.volumes" + } + ] + } + }, + { + "apiVersion": "servicebinding.io/v1beta1", + "kind": "ServiceBinding", + "metadata": { + "name": "servicebinding-sample" + }, + "spec": { + "service": { + "apiVersion": "postgresql.example.dev/v1alpha1", + "kind": "Database", + "name": "pg-instance" + }, + "type": "postgres", + "workload": { + "apiVersion": "apps/v1", + "kind": "Deployment", + "name": "nodejs-rest-http-crud" + } + } + } + ] + capabilities: Basic Install + categories: Developer Tools, OpenShift Optional, Integration & Delivery + containerImage: "quay.io/redhat-developer/servicebinding-operator@sha256:16286ac84ddd521897d92472dae857a4c18479f255b725dfb683bc72df6e0865" + description: An operator to support binding capabilities between imported apps and operator backed services + operators.openshift.io/infrastructure-features: '["disconnected"]' + operators.operatorframework.io/builder: operator-sdk-v1.24.0 + operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 + repository: https://github.com/redhat-developer/service-binding-operator + support: Service Binding Operator Community + name: service-binding-operator.v1.4.1 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: BindableKinds contains a list of bindable type (group, version, kind) found in the cluster. It is cluster-scoped and there is only single instance named 'bindable-kinds'. + displayName: Bindable Kinds + kind: BindableKinds + name: bindablekinds.binding.operators.coreos.com + version: v1alpha1 + - description: Cluster Workload Resource Mapping defines the mapping for a specific version of an workload resource to a logical PodTemplateSpec-like structure. It provides a way to define exactly where binding data needs to be projected. Use this method when you are not able to configure custom path locations correctly by any other methods. + displayName: Cluster Workload Resource Mapping + kind: ClusterWorkloadResourceMapping + name: clusterworkloadresourcemappings.servicebinding.io + version: v1alpha3 + - description: Cluster Workload Resource Mapping defines the mapping for a specific version of an workload resource to a logical PodTemplateSpec-like structure. It provides a way to define exactly where binding data needs to be projected. Use this method when you are not able to configure custom path locations correctly by any other methods. + displayName: Cluster Workload Resource Mapping + kind: ClusterWorkloadResourceMapping + name: clusterworkloadresourcemappings.servicebinding.io + version: v1beta1 + - description: Service Binding expresses intent to bind a backing service with an application workload. + displayName: Service Binding + kind: ServiceBinding + name: servicebindings.binding.operators.coreos.com + version: v1alpha1 + - description: (Tech Preview) Service Binding implementing community specification (https://github.com/k8s-service-bindings/spec) describing the connection between a backing service and an application workload. Available as tech preview but subjected to change in near future. + displayName: Service Binding (Spec API Tech Preview) + kind: ServiceBinding + name: servicebindings.servicebinding.io + version: v1alpha3 + - description: Service Binding implementing community specification (https://github.com/k8s-service-bindings/spec) describing the connection between a backing service and an application workload. + displayName: Service Binding (Spec API) + kind: ServiceBinding + name: servicebindings.servicebinding.io + version: v1beta1 + description: | + The Service Binding Operator manages the data plane for applications and backing services. It enables developers to connect their + applications to backing services (REST API, databases, event buses and others) with a consistent and predictable + experience. The operator reads data made available by the control plane of backing services and projects the bindings + data to applications either as accessible files mounted into the application’s container or environment variables. + + In Kubernetes, each service suggests a different way to access their secrets and developers will consume them in their + application in a custom way. While this provides a good deal of flexibility, it also creates discrepancies and + complexity dealing with each specific services, which leads large development teams to lose overall velocity. + + Service Binding Operator removes the error-prone manual configuration of binding information, provides service operators + a low-touch administrative experience to provision and manage access to services and enriches development lifecycle. + + For additional details refer to the project [documentation](https://redhat-developer.github.io/service-binding-operator). + + Get Started with Service Binding Operator + * Find out about SBO’s [prerequisites](https://redhat-developer.github.io/service-binding-operator/userguide/getting-started/installing-service-binding.html). + * Refer to the [Quick Start Guide](https://redhat-developer.github.io/service-binding-operator/userguide/getting-started/quick-start.html) to see SBO in action in a simple scenario. + + Need Help + * Raise a ticket for bugs, features and enhancement [here](https://github.com/redhat-developer/service-binding-operator/) + + Licence + * Service Binding Operator is licensed under [Apache License 2.0](https://github.com/redhat-developer/service-binding-operator/blob/master/LICENSE) + + Service Binding Operator is providing and supporting two different APIs. + * `binding.operators.coreos.com/v1alpha1`: This API is compliant with the Service Binding specification. It is fully supported and considered as the mature API. It’s the API we recommend in production environments. + * `servicebinding.io/v1beta1`: This API is the one defined in the Service Binding specification. It is available in Service Binding Operator 1.x. + + We’ll consider supporting only the API from the specification, once the Service Binding specification will be officially GA. Of course, that will be a breaking change and handle in a safe way for you. + displayName: Service Binding Operator + icon: + - base64data: PHN2ZyB3aWR0aD0iMzIuODgybW0iIGhlaWdodD0iMjIuNjI3bW0iIHZlcnNpb249IjEuMSIgdmlld0JveD0iMCAwIDMyLjg4MiAyMi42MjciIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyI+PGcgdHJhbnNmb3JtPSJtYXRyaXgoLS4xNzE4OSAwIDAgLS4xNzE4OSAzNC40OSAyNS43NzMpIj48ZyBmaWxsPSIjODhkNjVkIj48cGF0aCB0cmFuc2Zvcm09Im1hdHJpeCgtMS41MzkyIDAgMCAtMS41MzkyIDM3Ny4zOSAzMTEuMykiIGQ9Im0yMDEuNzcgMTA0LjczYy0xMC4wNjQgMC0xOC4xNjYgOC4xMDIyLTE4LjE2NiAxOC4xNjZ2NDguOTUzYzAgMTAuMDY0IDguMTAyMiAxOC4xNjYgMTguMTY2IDE4LjE2NmgxOS4xN2MxMC4wNjQgMCAxOC4xNjYtOC4xMDIyIDE4LjE2Ni0xOC4xNjZ2LTQ4Ljk1M2MwLTEwLjA2NC04LjEwMjItMTguMTY2LTE4LjE2Ni0xOC4xNjZ6bS01LjQzMTYgMTIuOTNjMy44MjAyIDAuMTY0NjcgNi43ODY0IDMuMzkwMyA2LjYzMDkgNy4yMTA5LTAuMTU1MzUgMy44MjA4LTMuMzc0MSA2Ljc5NS03LjE5NTMgNi42NDg0LTMuODIxNS0wLjE0NzAzLTYuODAyOC0zLjM1OTgtNi42NjQxLTcuMTgxNmwyZS0zIC0wLjA2MDVjMC4xNzE4OS0zLjgyMTIgMy40MDUxLTYuNzgxNyA3LjIyNjYtNi42MTcyem0wIDI0LjU1N2MzLjgyMDIgMC4xNjQ2NyA2Ljc4NjQgMy4zOTAzIDYuNjMwOSA3LjIxMDktMC4xNTUzNSAzLjgyMDgtMy4zNzQxIDYuNzk1LTcuMTk1MyA2LjY0ODQtMy44MjE1LTAuMTQ3MDMtNi44MDI4LTMuMzU5OC02LjY2NDEtNy4xODE2bDJlLTMgLTAuMDYwNWMwLjE3MTg5LTMuODIxMiAzLjQwNTEtNi43ODE3IDcuMjI2Ni02LjYxNzJ6bTAgMjQuNTU3YzMuODIwMiAwLjE2NDY3IDYuNzg2NCAzLjM5MDMgNi42MzA5IDcuMjEwOS0wLjE1NTM0IDMuODIwOC0zLjM3NDEgNi43OTUtNy4xOTUzIDYuNjQ4NC0zLjgyMTUtMC4xNDcwMy02LjgwMjgtMy4zNTk4LTYuNjY0MS03LjE4MTZsMmUtMyAtMC4wNjA1YzAuMTcxODktMy44MjEyIDMuNDA1MS02Ljc4MTcgNy4yMjY2LTYuNjE3MnoiLz48cGF0aCB0cmFuc2Zvcm09Im1hdHJpeCgtMS41MzkyIDAgMCAtMS41MzkyIDM3Ny4zOSAzMTEuMykiIGQ9Im0xMTQuODMgMTA1LjIxdjg1LjAzOWg1NS4yNTR2LTg1LjAzOXptNDMuMTE1IDEyLjQ1MWMzLjgyMSAwLjE2MzYzIDYuNzg4MyAzLjM4OTYgNi42MzI4IDcuMjEwOS0wLjE1NTM0IDMuODIxNi0zLjM3NTMgNi43OTYxLTcuMTk3MyA2LjY0ODQtMy44MjE1LTAuMTQ3MDMtNi44MDI4LTMuMzU5OC02LjY2NDEtNy4xODE2bDRlLTMgLTAuMDYwNWMwLjE3MTktMy44MjA0IDMuNDAzOS02Ljc4MDYgNy4yMjQ2LTYuNjE3MnptMCAyNC41NTdjMy44MjEgMC4xNjM2MyA2Ljc4ODMgMy4zODk2IDYuNjMyOCA3LjIxMDktMC4xNTUzNCAzLjgyMTYtMy4zNzUzIDYuNzk2MS03LjE5NzMgNi42NDg0LTMuODIxNS0wLjE0NzAzLTYuODAyOC0zLjM1OTgtNi42NjQxLTcuMTgxNmw0ZS0zIC0wLjA2MDVjMC4xNzE5LTMuODIwNCAzLjQwMzktNi43ODA2IDcuMjI0Ni02LjYxNzJ6bTAgMjQuNTU3YzMuODIxIDAuMTYzNjMgNi43ODgzIDMuMzg5NiA2LjYzMjggNy4yMTA5LTAuMTU1MzMgMy44MjE2LTMuMzc1MyA2Ljc5NjEtNy4xOTczIDYuNjQ4NC0zLjgyMTUtMC4xNDcwMy02LjgwMjgtMy4zNTk4LTYuNjY0MS03LjE4MTZsNGUtMyAtMC4wNjA1YzAuMTcxOS0zLjgyMDQgMy40MDM5LTYuNzgwNiA3LjIyNDYtNi42MTcyeiIvPjwvZz48ZyBmaWxsPSIjNjJiYjJmIj48cmVjdCB4PSI3NS4wMzIiIHk9IjExNS4yMyIgd2lkdGg9IjU5LjkzNSIgaGVpZ2h0PSI4LjU3NDQiLz48cmVjdCB4PSI3NS4wMzIiIHk9Ijc3LjQzNiIgd2lkdGg9IjU5LjkzNSIgaGVpZ2h0PSI4LjU3NDQiLz48cmVjdCB4PSI3NS4wMzIiIHk9IjM5LjYzOCIgd2lkdGg9IjU5LjkzNSIgaGVpZ2h0PSI4LjU3NDQiLz48L2c+PC9nPjwvc3ZnPgo= + mediatype: image/svg+xml + install: + spec: + clusterPermissions: + - rules: + - apiGroups: + - "" + resources: + - configmaps + - endpoints + - pods + - secrets + - services + verbs: + - get + - list + - apiGroups: + - "" + resources: + - pods + - secrets + verbs: + - patch + - update + - apiGroups: + - "" + resources: + - secrets + verbs: + - create + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - list + - patch + - update + - watch + - apiGroups: + - apps + resources: + - daemonsets + - deployments + - replicasets + - statefulsets + verbs: + - get + - list + - patch + - update + - apiGroups: + - apps.openshift.io + resources: + - deploymentconfigs + verbs: + - get + - list + - patch + - update + - apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create + - apiGroups: + - authorization.k8s.io + resources: + - selfsubjectaccessreviews + verbs: + - create + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + - apiGroups: + - binding.operators.coreos.com + resources: + - bindablekinds + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - binding.operators.coreos.com + resources: + - bindablekinds/finalizers + verbs: + - update + - apiGroups: + - binding.operators.coreos.com + resources: + - bindablekinds/status + verbs: + - get + - patch + - update + - apiGroups: + - binding.operators.coreos.com + resources: + - servicebindings + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - binding.operators.coreos.com + resources: + - servicebindings/finalizers + verbs: + - update + - apiGroups: + - binding.operators.coreos.com + resources: + - servicebindings/status + verbs: + - get + - patch + - update + - apiGroups: + - operators.coreos.com + resources: + - clusterserviceversions + verbs: + - get + - list + - apiGroups: + - route.openshift.io + resources: + - routes + verbs: + - get + - list + - apiGroups: + - servicebinding.io + resources: + - clusterworkloadresourcemappings + verbs: + - get + - apiGroups: + - servicebinding.io + resources: + - servicebindings + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - servicebinding.io + resources: + - servicebindings/finalizers + verbs: + - update + - apiGroups: + - servicebinding.io + resources: + - servicebindings/status + verbs: + - get + - patch + - update + serviceAccountName: service-binding-operator + deployments: + - label: + control-plane: service-binding-controller-manager + name: service-binding-operator + spec: + replicas: 1 + selector: + matchLabels: + control-plane: service-binding-controller-manager + strategy: {} + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: manager + labels: + control-plane: service-binding-controller-manager + spec: + containers: + - args: + - --leader-elect + - --zap-encoder=json + - --zap-log-level=info + command: + - /manager + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.annotations['olm.targetNamespaces'] + image: quay.io/redhat-developer/servicebinding-operator@sha256:16286ac84ddd521897d92472dae857a4c18479f255b725dfb683bc72df6e0865 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: {} + volumeMounts: + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true + serviceAccountName: service-binding-operator + terminationGracePeriodSeconds: 10 + volumes: + - name: cert + secret: + defaultMode: 420 + secretName: service-binding-operator-service-cert + permissions: + - rules: + - apiGroups: + - "" + resources: + - configmaps + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + serviceAccountName: service-binding-operator + strategy: deployment + installModes: + - supported: true + type: OwnNamespace + - supported: true + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: true + type: AllNamespaces + keywords: + - "" + links: + - name: Documentation + url: https://redhat-developer.github.io/service-binding-operator + maintainers: + - email: service-binding-support@redhat.com + name: Openshift Application Services + maturity: candidate + minKubeVersion: 1.16.0 + provider: + name: Red Hat + url: redhat.com + replaces: 1.4.0 + version: 1.4.1 + webhookdefinitions: + - admissionReviewVersions: + - v1 + containerPort: 443 + deploymentName: service-binding-operator + failurePolicy: Fail + generateName: mservicebinding.kb.io + rules: + - apiGroups: + - binding.operators.coreos.com + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - servicebindings + sideEffects: None + targetPort: 9443 + type: MutatingAdmissionWebhook + webhookPath: /mutate-servicebinding + - admissionReviewVersions: + - v1 + containerPort: 443 + deploymentName: service-binding-operator + failurePolicy: Fail + generateName: mspec-servicebinding.kb.io + rules: + - apiGroups: + - servicebinding.io + apiVersions: + - v1alpha3 + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - servicebindings + sideEffects: None + targetPort: 9443 + type: MutatingAdmissionWebhook + webhookPath: /mutate-servicebinding + - admissionReviewVersions: + - v1 + containerPort: 443 + deploymentName: service-binding-operator + failurePolicy: Fail + generateName: vclusterworkloadresourcemapping.kb.io + rules: + - apiGroups: + - servicebinding.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - clusterworkloadresourcemappings + sideEffects: None + targetPort: 9443 + type: ValidatingAdmissionWebhook + webhookPath: /validate-servicebinding-io-v1beta1-clusterworkloadresourcemapping + - admissionReviewVersions: + - v1 + containerPort: 443 + deploymentName: service-binding-operator + failurePolicy: Fail + generateName: vservicebinding.kb.io + rules: + - apiGroups: + - binding.operators.coreos.com + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - servicebindings + sideEffects: None + targetPort: 9443 + type: ValidatingAdmissionWebhook + webhookPath: /validate-binding-operators-coreos-com-v1alpha1-servicebinding + - admissionReviewVersions: + - v1 + containerPort: 443 + deploymentName: service-binding-operator + failurePolicy: Fail + generateName: vspecservicebinding.kb.io + rules: + - apiGroups: + - servicebinding.io + apiVersions: + - v1beta1 + operations: + - CREATE + - UPDATE + resources: + - servicebindings + sideEffects: None + targetPort: 9443 + type: ValidatingAdmissionWebhook + webhookPath: /validate-servicebinding-io-v1beta1-servicebinding diff --git a/operators/service-binding-operator/1.4.1/manifests/service-binding-opstree-redis-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml b/operators/service-binding-operator/1.4.1/manifests/service-binding-opstree-redis-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml new file mode 100644 index 00000000000..08c8d072740 --- /dev/null +++ b/operators/service-binding-operator/1.4.1/manifests/service-binding-opstree-redis-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -0,0 +1,15 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + servicebinding.io/controller: "true" + name: service-binding-opstree-redis-viewer-role +rules: +- apiGroups: + - redis.redis.opstreelabs.in + resources: + - redis + verbs: + - get + - list diff --git a/operators/service-binding-operator/1.4.1/manifests/service-binding-percona-mongodb-view_rbac.authorization.k8s.io_v1_clusterrole.yaml b/operators/service-binding-operator/1.4.1/manifests/service-binding-percona-mongodb-view_rbac.authorization.k8s.io_v1_clusterrole.yaml new file mode 100644 index 00000000000..6cc2d6510c2 --- /dev/null +++ b/operators/service-binding-operator/1.4.1/manifests/service-binding-percona-mongodb-view_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -0,0 +1,17 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + servicebinding.io/controller: "true" + name: service-binding-percona-mongodb-view +rules: +- apiGroups: + - psmdb.percona.com + resources: + - perconaservermongodbs + - perconaservermongodbs/status + verbs: + - get + - watch + - list diff --git a/operators/service-binding-operator/1.4.1/manifests/service-binding-percona-mysql-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml b/operators/service-binding-operator/1.4.1/manifests/service-binding-percona-mysql-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml new file mode 100644 index 00000000000..107598f45ef --- /dev/null +++ b/operators/service-binding-operator/1.4.1/manifests/service-binding-percona-mysql-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -0,0 +1,15 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + servicebinding.io/controller: "true" + name: service-binding-percona-mysql-viewer-role +rules: +- apiGroups: + - pxc.percona.com + resources: + - perconaxtradbclusters + verbs: + - get + - list diff --git a/operators/service-binding-operator/1.4.1/manifests/service-binding-rabbitmq-operator-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml b/operators/service-binding-operator/1.4.1/manifests/service-binding-rabbitmq-operator-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml new file mode 100644 index 00000000000..5dec814c70c --- /dev/null +++ b/operators/service-binding-operator/1.4.1/manifests/service-binding-rabbitmq-operator-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -0,0 +1,15 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + servicebinding.io/controller: "true" + name: service-binding-rabbitmq-operator-viewer-role +rules: +- apiGroups: + - rabbitmq.com + resources: + - rabbitmqclusters + verbs: + - get + - list diff --git a/operators/service-binding-operator/1.4.1/manifests/service-binding-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml b/operators/service-binding-operator/1.4.1/manifests/service-binding-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml new file mode 100644 index 00000000000..426562828d6 --- /dev/null +++ b/operators/service-binding-operator/1.4.1/manifests/service-binding-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -0,0 +1,24 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + rbac.authorization.k8s.io/aggregate-to-view: "true" + name: service-binding-viewer-role +rules: +- apiGroups: + - binding.operators.coreos.com + - servicebinding.io + resources: + - servicebindings + verbs: + - get + - list + - watch +- apiGroups: + - binding.operators.coreos.com + - servicebinding.io + resources: + - servicebindings/status + verbs: + - get diff --git a/operators/service-binding-operator/1.4.1/manifests/service-binding-webhook-service_v1_service.yaml b/operators/service-binding-operator/1.4.1/manifests/service-binding-webhook-service_v1_service.yaml new file mode 100644 index 00000000000..e95d608fcd0 --- /dev/null +++ b/operators/service-binding-operator/1.4.1/manifests/service-binding-webhook-service_v1_service.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + name: service-binding-webhook-service +spec: + ports: + - port: 443 + protocol: TCP + targetPort: 9443 + selector: + control-plane: service-binding-controller-manager +status: + loadBalancer: {} diff --git a/operators/service-binding-operator/1.4.1/manifests/servicebinding.io_clusterworkloadresourcemappings.yaml b/operators/service-binding-operator/1.4.1/manifests/servicebinding.io_clusterworkloadresourcemappings.yaml new file mode 100644 index 00000000000..dbc5fe5f4be --- /dev/null +++ b/operators/service-binding-operator/1.4.1/manifests/servicebinding.io_clusterworkloadresourcemappings.yaml @@ -0,0 +1,221 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: clusterworkloadresourcemappings.servicebinding.io +spec: + group: servicebinding.io + names: + kind: ClusterWorkloadResourceMapping + listKind: ClusterWorkloadResourceMappingList + plural: clusterworkloadresourcemappings + singular: clusterworkloadresourcemapping + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: ClusterWorkloadResourceMapping is the Schema for the clusterworkloadresourcemappings + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterWorkloadResourceMappingSpec defines the desired state + of ClusterWorkloadResourceMapping + properties: + versions: + description: Versions is the collection of versions for a given resource, + with mappings. + items: + description: ClusterWorkloadResourceMappingTemplate defines the + mapping for a specific version of an workload resource to a logical + PodTemplateSpec-like structure. + properties: + annotations: + description: Annotations is a Restricted JSONPath that references + the annotations map within the workload resource. These annotations + must end up in the resulting Pod, and are generally not the + workload resource's annotations. Defaults to `.spec.template.metadata.annotations`. + type: string + containers: + description: Containers is the collection of mappings to container-like + fragments of the workload resource. Defaults to mappings appropriate + for a PodSpecable resource. + items: + description: "ClusterWorkloadResourceMappingContainer defines + the mapping for a specific fragment of an workload resource + to a Container-like structure. \n Each mapping defines exactly + one path that may match multiple container-like fragments + within the workload resource. For each object matching the + path the name, env and volumeMounts expressions are resolved + to find those structures." + properties: + env: + description: Env is a Restricted JSONPath that references + the slice of environment variables for the container + with the container-like workload resource fragment. + The referenced location is created if it does not exist. + Defaults to `.envs`. + type: string + name: + description: Name is a Restricted JSONPath that references + the name of the container with the container-like workload + resource fragment. If not defined, container name filtering + is ignored. + type: string + path: + description: Path is the JSONPath within the workload + resource that matches an existing fragment that is container-like. + type: string + volumeMounts: + description: VolumeMounts is a Restricted JSONPath that + references the slice of volume mounts for the container + with the container-like workload resource fragment. + The referenced location is created if it does not exist. + Defaults to `.volumeMounts`. + type: string + required: + - path + type: object + type: array + version: + description: Version is the version of the workload resource + that this mapping is for. + type: string + volumes: + description: Volumes is a Restricted JSONPath that references + the slice of volumes within the workload resource. Defaults + to `.spec.template.spec.volumes`. + type: string + required: + - version + type: object + type: array + type: object + type: object + served: true + storage: false + subresources: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: ClusterWorkloadResourceMapping is the Schema for the clusterworkloadresourcemappings + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClusterWorkloadResourceMappingSpec defines the desired state + of ClusterWorkloadResourceMapping + properties: + versions: + description: Versions is the collection of versions for a given resource, + with mappings. + items: + description: ClusterWorkloadResourceMappingTemplate defines the + mapping for a specific version of an workload resource to a logical + PodTemplateSpec-like structure. + properties: + annotations: + description: Annotations is a Restricted JSONPath that references + the annotations map within the workload resource. These annotations + must end up in the resulting Pod, and are generally not the + workload resource's annotations. Defaults to `.spec.template.metadata.annotations`. + type: string + containers: + description: Containers is the collection of mappings to container-like + fragments of the workload resource. Defaults to mappings appropriate + for a PodSpecable resource. + items: + description: "ClusterWorkloadResourceMappingContainer defines + the mapping for a specific fragment of an workload resource + to a Container-like structure. \n Each mapping defines exactly + one path that may match multiple container-like fragments + within the workload resource. For each object matching the + path the name, env and volumeMounts expressions are resolved + to find those structures." + properties: + env: + description: Env is a Restricted JSONPath that references + the slice of environment variables for the container + with the container-like workload resource fragment. + The referenced location is created if it does not exist. + Defaults to `.envs`. + type: string + name: + description: Name is a Restricted JSONPath that references + the name of the container with the container-like workload + resource fragment. If not defined, container name filtering + is ignored. + type: string + path: + description: Path is the JSONPath within the workload + resource that matches an existing fragment that is container-like. + type: string + volumeMounts: + description: VolumeMounts is a Restricted JSONPath that + references the slice of volume mounts for the container + with the container-like workload resource fragment. + The referenced location is created if it does not exist. + Defaults to `.volumeMounts`. + type: string + required: + - path + type: object + type: array + version: + description: Version is the version of the workload resource + that this mapping is for. + type: string + volumes: + description: Volumes is a Restricted JSONPath that references + the slice of volumes within the workload resource. Defaults + to `.spec.template.spec.volumes`. + type: string + required: + - version + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/operators/service-binding-operator/1.4.1/manifests/servicebinding.io_servicebindings.yaml b/operators/service-binding-operator/1.4.1/manifests/servicebinding.io_servicebindings.yaml new file mode 100644 index 00000000000..3b9d5e867c1 --- /dev/null +++ b/operators/service-binding-operator/1.4.1/manifests/servicebinding.io_servicebindings.yaml @@ -0,0 +1,511 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: servicebindings.servicebinding.io +spec: + group: servicebinding.io + names: + kind: ServiceBinding + listKind: ServiceBindingList + plural: servicebindings + singular: servicebinding + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].reason + name: Reason + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + deprecated: true + name: v1alpha3 + schema: + openAPIV3Schema: + description: ServiceBinding is the Schema for the servicebindings API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ServiceBindingSpec defines the desired state of ServiceBinding + properties: + env: + description: Env is the collection of mappings from Secret entries + to environment variables + items: + description: EnvMapping defines a mapping from the value of a Secret + entry to an environment variable + properties: + key: + description: Key is the key in the Secret that will be exposed + type: string + name: + description: Name is the name of the environment variable + type: string + required: + - key + - name + type: object + type: array + name: + description: Name is the name of the service as projected into the + workload container. Defaults to .metadata.name. + maxLength: 253 + pattern: ^[a-z0-9\-\.]*$ + type: string + provider: + description: Provider is the provider of the service as projected + into the workload container + type: string + service: + description: Service is a reference to an object that fulfills the + ProvisionedService duck type + properties: + apiVersion: + description: API version of the referent. + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + required: + - apiVersion + - kind + - name + type: object + type: + description: Type is the type of the service as projected into the + workload container + type: string + workload: + description: Workload is a reference to an object + properties: + apiVersion: + description: API version of the referent. + type: string + containers: + description: Containers describes which containers in a Pod should + be bound to + items: + type: string + type: array + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + selector: + description: Selector is a query that selects the workload or + workloads to bind the service to + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + required: + - apiVersion + - kind + type: object + required: + - service + - workload + type: object + status: + description: ServiceBindingStatus defines the observed state of ServiceBinding + properties: + binding: + description: Binding exposes the projected secret for this ServiceBinding + properties: + name: + description: 'Name of the referent secret. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + required: + - name + type: object + conditions: + description: Conditions are the conditions of this ServiceBinding + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n \ttype FooStatus struct{ \t // Represents the observations + of a foo's current state. \t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\" \t // + +patchMergeKey=type \t // +patchStrategy=merge \t // +listType=map + \t // +listMapKey=type \t Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n \t // other fields + \t}" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + observedGeneration: + description: ObservedGeneration is the 'Generation' of the ServiceBinding + that was last processed by the controller. + format: int64 + type: integer + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].reason + name: Reason + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: ServiceBinding is the Schema for the servicebindings API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ServiceBindingSpec defines the desired state of ServiceBinding + properties: + env: + description: Env is the collection of mappings from Secret entries + to environment variables + items: + description: EnvMapping defines a mapping from the value of a Secret + entry to an environment variable + properties: + key: + description: Key is the key in the Secret that will be exposed + type: string + name: + description: Name is the name of the environment variable + type: string + required: + - key + - name + type: object + type: array + name: + description: Name is the name of the service as projected into the + workload container. Defaults to .metadata.name. + type: string + provider: + description: Provider is the provider of the service as projected + into the workload container + type: string + service: + description: Service is a reference to an object that fulfills the + ProvisionedService duck type + properties: + apiVersion: + description: API version of the referent. + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + required: + - apiVersion + - kind + - name + type: object + type: + description: Type is the type of the service as projected into the + workload container + type: string + workload: + description: Workload is a reference to an object + properties: + apiVersion: + description: API version of the referent. + type: string + containers: + description: Containers describes which containers in a Pod should + be bound to + items: + type: string + type: array + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + selector: + description: Selector is a query that selects the workload or + workloads to bind the service to + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A + single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is "key", + the operator is "In", and the values array contains only + "value". The requirements are ANDed. + type: object + type: object + required: + - apiVersion + - kind + type: object + required: + - service + - workload + type: object + status: + description: ServiceBindingStatus defines the observed state of ServiceBinding + properties: + binding: + description: Binding exposes the projected secret for this ServiceBinding + properties: + name: + description: 'Name of the referent secret. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + required: + - name + type: object + conditions: + description: Conditions are the conditions of this ServiceBinding + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n \ttype FooStatus struct{ \t // Represents the observations + of a foo's current state. \t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\" \t // + +patchMergeKey=type \t // +patchStrategy=merge \t // +listType=map + \t // +listMapKey=type \t Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n \t // other fields + \t}" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + observedGeneration: + description: ObservedGeneration is the 'Generation' of the ServiceBinding + that was last processed by the controller. + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/operators/service-binding-operator/1.4.1/metadata/annotations.yaml b/operators/service-binding-operator/1.4.1/metadata/annotations.yaml new file mode 100644 index 00000000000..f7a46b0ae96 --- /dev/null +++ b/operators/service-binding-operator/1.4.1/metadata/annotations.yaml @@ -0,0 +1,14 @@ +annotations: + # Core bundle annotations. + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: service-binding-operator + operators.operatorframework.io.bundle.channels.v1: stable + operators.operatorframework.io.bundle.channel.default.v1: stable + operators.operatorframework.io.metrics.builder: operator-sdk-v1.24.0 + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: go.kubebuilder.io/v3 + # Annotations for testing. + operators.operatorframework.io.test.mediatype.v1: scorecard+v1 + operators.operatorframework.io.test.config.v1: tests/scorecard/ diff --git a/operators/service-binding-operator/1.4.1/tests/scorecard/config.yaml b/operators/service-binding-operator/1.4.1/tests/scorecard/config.yaml new file mode 100644 index 00000000000..2795e3db458 --- /dev/null +++ b/operators/service-binding-operator/1.4.1/tests/scorecard/config.yaml @@ -0,0 +1,70 @@ +apiVersion: scorecard.operatorframework.io/v1alpha3 +kind: Configuration +metadata: + name: config +stages: +- parallel: true + tests: + - entrypoint: + - scorecard-test + - basic-check-spec + image: quay.io/operator-framework/scorecard-test:v1.3.0 + labels: + suite: basic + test: basic-check-spec-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-bundle-validation + image: quay.io/operator-framework/scorecard-test:v1.3.0 + labels: + suite: olm + test: olm-bundle-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-validation + image: quay.io/operator-framework/scorecard-test:v1.3.0 + labels: + suite: olm + test: olm-crds-have-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-resources + image: quay.io/operator-framework/scorecard-test:v1.3.0 + labels: + suite: olm + test: olm-crds-have-resources-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-spec-descriptors + image: quay.io/operator-framework/scorecard-test:v1.3.0 + labels: + suite: olm + test: olm-spec-descriptors-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-status-descriptors + image: quay.io/operator-framework/scorecard-test:v1.3.0 + labels: + suite: olm + test: olm-status-descriptors-test + storage: + spec: + mountPath: {} +storage: + spec: + mountPath: {}