From 4adb979a62cb19a5c15c95c4d5a85a823d5e8c9b Mon Sep 17 00:00:00 2001 From: marcobebway Date: Wed, 17 Apr 2024 13:31:04 +0200 Subject: [PATCH] Fix generated config --- config/rbac/role.yaml | 4 +- docs/user/02-configuration.md | 123 ++++++++++++------ .../operator/eventing/controller.go | 4 +- 3 files changed, 88 insertions(+), 43 deletions(-) diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index 62bee5f7..6d43ff41 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -130,7 +130,7 @@ rules: - apiGroups: - batch resourceNames: - - '["eventing-manager-cert-handler"]' + - eventing-manager-cert-handler resources: - cronjobs verbs: @@ -138,7 +138,7 @@ rules: - apiGroups: - batch resourceNames: - - '["eventing-manager-cert-handler"]' + - eventing-manager-cert-handler resources: - jobs verbs: diff --git a/docs/user/02-configuration.md b/docs/user/02-configuration.md index 52788f49..30121e14 100644 --- a/docs/user/02-configuration.md +++ b/docs/user/02-configuration.md @@ -52,47 +52,92 @@ Use the following sample CRs as guidance. Each can be applied immediately when y **Spec:** -| Parameter | Type | Description | -|----------------------------------------------------------|-----------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| **annotations** | map\[string\]string | Annotations allows to add annotations to resources. | -| **backend** | object | Backend defines the active backend used by Eventing. | -| **backend.​config** | object | Config defines configuration for eventing backend. | -| **backend.​config.​domain** | string | Domain defines the cluster public domain used to configure the EventMesh Subscriptions and their corresponding ApiRules. | -| **backend.​config.​eventMeshSecret** | string | EventMeshSecret defines the namespaced name of K8s Secret containing EventMesh credentials. The format of name is "namespace/name". | -| **backend.​config.​eventTypePrefix** | string | | -| **backend.​config.​natsMaxMsgsPerTopic** | integer | NATSMaxMsgsPerTopic limits how many messages in the NATS stream to retain per subject. | -| **backend.​config.​natsStreamMaxSize** | \{integer or string\} | NATSStreamMaxSize defines the maximum storage size for stream data. | -| **backend.​config.​natsStreamReplicas** | integer | NATSStreamReplicas defines the number of replicas for stream. | -| **backend.​config.​natsStreamStorageType** | string | NATSStreamStorageType defines the storage type for stream data. | -| **backend.​type** (required) | string | Type defines which backend to use. The value is either `EventMesh`, or `NATS`. | -| **labels** | map\[string\]string | Labels allows to add Labels to resources. | -| **logging** | object | Logging defines the log level for eventing-manager. | -| **logging.​logLevel** | string | LogLevel defines the log level. | -| **publisher** | object | Publisher defines the configurations for eventing-publisher-proxy. | -| **publisher.​replicas** | object | Replicas defines the scaling min/max for eventing-publisher-proxy. | -| **publisher.​replicas.​max** | integer | Max defines maximum number of replicas. | -| **publisher.​replicas.​min** | integer | Min defines minimum number of replicas. | -| **publisher.​resources** | object | Resources defines resources for eventing-publisher-proxy. | -| **publisher.​resources.​claims** | \[\]object | Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. | -| **publisher.​resources.​claims.​name** (required) | string | Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container. | -| **publisher.​resources.​limits** | map\[string\]\{integer or string\} | Limits describes the maximum amount of compute resources allowed. For more information, check [Resource Management for Pods and Containers](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/). | -| **publisher.​resources.​requests** | map\[string\]\{integer or string\} | Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. For more information, check [Resource Management for Pods and Containers](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/). | +| Parameter | Type | Description | +| ---- | ----------- | ---- | +| **annotations** | map\[string\]string | Annotations allows to add annotations to resources. | +| **backend** | object | Backend defines the active backend used by Eventing. | +| **backend.​config** | object | Config defines configuration for eventing backend. | +| **backend.​config.​domain** | string | Domain defines the cluster public domain used to configure the EventMesh Subscriptions +and their corresponding ApiRules. | +| **backend.​config.​eventMeshSecret** | string | EventMeshSecret defines the namespaced name of K8s Secret containing EventMesh credentials. The format of name is "namespace/name". | +| **backend.​config.​eventTypePrefix** | string | | +| **backend.​config.​natsMaxMsgsPerTopic** | integer | NATSMaxMsgsPerTopic limits how many messages in the NATS stream to retain per subject. | +| **backend.​config.​natsStreamMaxSize** | \{integer or string\} | NATSStreamMaxSize defines the maximum storage size for stream data. | +| **backend.​config.​natsStreamReplicas** | integer | NATSStreamReplicas defines the number of replicas for stream. | +| **backend.​config.​natsStreamStorageType** | string | NATSStreamStorageType defines the storage type for stream data. | +| **backend.​type** (required) | string | Type defines which backend to use. The value is either `EventMesh`, or `NATS`. | +| **labels** | map\[string\]string | Labels allows to add Labels to resources. | +| **logging** | object | Logging defines the log level for eventing-manager. | +| **logging.​logLevel** | string | LogLevel defines the log level. | +| **publisher** | object | Publisher defines the configurations for eventing-publisher-proxy. | +| **publisher.​replicas** | object | Replicas defines the scaling min/max for eventing-publisher-proxy. | +| **publisher.​replicas.​max** | integer | Max defines maximum number of replicas. | +| **publisher.​replicas.​min** | integer | Min defines minimum number of replicas. | +| **publisher.​resources** | object | Resources defines resources for eventing-publisher-proxy. | +| **publisher.​resources.​claims** | \[\]object | Claims lists the names of resources, defined in spec.resourceClaims, +that are used by this container. + + +This is an alpha field and requires enabling the +DynamicResourceAllocation feature gate. + + +This field is immutable. It can only be set for containers. | +| **publisher.​resources.​claims.​name** (required) | string | Name must match the name of one entry in pod.spec.resourceClaims of +the Pod where this field is used. It makes that resource available +inside a container. | +| **publisher.​resources.​limits** | map\[string\]\{integer or string\} | Limits describes the maximum amount of compute resources allowed. +More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ | +| **publisher.​resources.​requests** | map\[string\]\{integer or string\} | Requests describes the minimum amount of compute resources required. +If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, +otherwise to an implementation-defined value. Requests cannot exceed Limits. +More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ | **Status:** -| Parameter | Type | Description | -|------------------------------------------------------|------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| **activeBackend** (required) | string | | -| **conditions** | \[\]object | Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: "Available", "Progressing", and "Degraded" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"` | -| // other fields } | | | -| **conditions.​lastTransitionTime** (required) | string | lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. | -| **conditions.​message** (required) | string | message is a human readable message indicating details about the transition. This may be an empty string. | -| **conditions.​observedGeneration** | integer | observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. | -| **conditions.​reason** (required) | string | reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. | -| **conditions.​status** (required) | string | status of the condition, one of `True`, `False`, `Unknown`. | -| **conditions.​type** (required) | string | type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) | -| **publisherService** | string | | -| **specHash** (required) | integer | | -| **state** (required) | string | Can have one of the following values: `Ready`, `Error`, `Processing`, `Warning`. `Ready` state is set when all the resources are deployed successfully and backend is connected. It gets `Warning` state if backend is not specified, NATS module is not installed or EventMesh Secret is missing in the cluster. `Error` state is set when there is an error not caused by a user. `Processing` state is set when eventing is initiliazed or backend is being switched. | +| Parameter | Type | Description | +| ---- | ----------- | ---- | +| **activeBackend** (required) | string | | +| **conditions** | \[\]object | Condition contains details for one aspect of the current state of this API Resource. +--- +This struct is intended for direct use as an array at the field path .status.conditions. For example, + + + type FooStatus struct{ + // Represents the observations of a foo's current state. + // Known .status.conditions.type are: "Available", "Progressing", and "Degraded" + // +patchMergeKey=type + // +patchStrategy=merge + // +listType=map + // +listMapKey=type + Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"` + + + // other fields + } | +| **conditions.​lastTransitionTime** (required) | string | lastTransitionTime is the last time the condition transitioned from one status to another. +This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. | +| **conditions.​message** (required) | string | message is a human readable message indicating details about the transition. +This may be an empty string. | +| **conditions.​observedGeneration** | integer | observedGeneration represents the .metadata.generation that the condition was set based upon. +For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date +with respect to the current state of the instance. | +| **conditions.​reason** (required) | string | reason contains a programmatic identifier indicating the reason for the condition's last transition. +Producers of specific condition types may define expected values and meanings for this field, +and whether the values are considered a guaranteed API. +The value should be a CamelCase string. +This field may not be empty. | +| **conditions.​status** (required) | string | status of the condition, one of True, False, Unknown. | +| **conditions.​type** (required) | string | type of condition in CamelCase or in foo.example.com/CamelCase. +--- +Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be +useful (see .node.status.conditions), the ability to deconflict is important. +The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) | +| **publisherService** | string | | +| **specHash** (required) | integer | | +| **state** (required) | string | Can have one of the following values: Ready, Error, Processing, Warning. Ready state is set +when all the resources are deployed successfully and backend is connected. +It gets Warning state in case backend is not specified, NATS module is not installed, or EventMesh secret is missing in the cluster. +Error state is set when there is an error. Processing state is set if recources are being created or changed. | diff --git a/internal/controller/operator/eventing/controller.go b/internal/controller/operator/eventing/controller.go index 0484fb19..ae03f123 100644 --- a/internal/controller/operator/eventing/controller.go +++ b/internal/controller/operator/eventing/controller.go @@ -172,8 +172,8 @@ func NewReconciler( // +kubebuilder:rbac:groups="eventing.kyma-project.io",resources=subscriptions,verbs=get;list;watch;update;patch;create;delete // +kubebuilder:rbac:groups=eventing.kyma-project.io,resources=subscriptions/status,verbs=get;update;patch // +kubebuilder:rbac:groups=security.istio.io,resources=peerauthentications,verbs=get;list;watch;create;update;patch;delete -// +kubebuilder:rbac:groups="batch",resources=jobs,verbs=delete,resourceNames=["eventing-manager-cert-handler"] -// +kubebuilder:rbac:groups="batch",resources=cronjobs,verbs=delete,resourceNames=["eventing-manager-cert-handler"] +// +kubebuilder:rbac:groups="batch",resources=jobs,verbs=delete,resourceNames=eventing-manager-cert-handler +// +kubebuilder:rbac:groups="batch",resources=cronjobs,verbs=delete,resourceNames=eventing-manager-cert-handler // Generate required RBAC to emit kubernetes events in the controller. // +kubebuilder:rbac:groups="",resources=events,verbs=create;patch