diff --git a/Makefile b/Makefile new file mode 100644 index 00000000000..44ceb78ed2f --- /dev/null +++ b/Makefile @@ -0,0 +1,52 @@ +#This makefile is used by ci-operator + +CGO_ENABLED=0 +GOOS=linux +CORE_IMAGES=$(shell find ./cmd -name main.go ! -path "./cmd/broker/*" ! -path "./cmd/mtbroker/*" | sed 's/main.go//') +TEST_IMAGES=$(shell find ./test/test_images -mindepth 1 -maxdepth 1 -type d) + +# Guess location of openshift/release repo. NOTE: override this if it is not correct. +OPENSHIFT=${CURDIR}/../../github.com/openshift/release + +install: + go install $(CORE_IMAGES) + go build -o $(GOPATH)/bin/broker_ingress ./cmd/broker/ingress/ + go build -o $(GOPATH)/bin/broker_filter ./cmd/broker/filter/ + go build -o $(GOPATH)/bin/mtbroker_ingress ./cmd/mtbroker/ingress/ + go build -o $(GOPATH)/bin/mtbroker_filter ./cmd/mtbroker/filter/ +.PHONY: install + +test-install: + go install $(TEST_IMAGES) +.PHONY: test-install + +test-e2e: + sh openshift/e2e-tests-openshift.sh +.PHONY: test-e2e + +test-origin-conformance: + sh TEST_ORIGIN_CONFORMANCE=true openshift/e2e-tests-openshift.sh +.PHONY: test-origin-conformance + +# Generate Dockerfiles used by ci-operator. The files need to be committed manually. +generate-dockerfiles: + rm -rf openshift/ci-operator/knative-images/* + ./openshift/ci-operator/generate-dockerfiles.sh openshift/ci-operator/knative-images $(CORE_IMAGES) + ./openshift/ci-operator/generate-dockerfiles.sh openshift/ci-operator/knative-images broker_ingress + ./openshift/ci-operator/generate-dockerfiles.sh openshift/ci-operator/knative-images broker_filter + ./openshift/ci-operator/generate-dockerfiles.sh openshift/ci-operator/knative-images mtbroker_ingress + ./openshift/ci-operator/generate-dockerfiles.sh openshift/ci-operator/knative-images mtbroker_filter + rm -rf openshift/ci-operator/knative-test-images/* + ./openshift/ci-operator/generate-dockerfiles.sh openshift/ci-operator/knative-test-images $(TEST_IMAGES) +.PHONY: generate-dockerfiles + +# Generate an aggregated knative yaml file with replaced image references +generate-release: + ./openshift/release/generate-release.sh $(RELEASE) +.PHONY: generate-release + +# Update CI configuration in the $(OPENSHIFT) directory. +# NOTE: Makes changes outside this repository. +update-ci: + sh ./openshift/ci-operator/update-ci.sh $(OPENSHIFT) $(CORE_IMAGES) +.PHONY: update-ci diff --git a/OWNERS b/OWNERS index 3286f67c17a..e0466c2e970 100644 --- a/OWNERS +++ b/OWNERS @@ -1,30 +1,8 @@ -# Approvers in this repo should also be added to the eventing-contrib -# approvers list. +# The OWNERS file is used by prow to automatically merge approved PRs. + approvers: -- evankanderson -- grantr -- Harwayne -- vaikas -- n3wscott -- matzew -- nachocano -- lionelvillard -- slinkydeveloper +- eventing-approvers -# Reviewers are suggested from the reviewers list first, then the approvers -# list. To add reviewers while spreading the load among existing approvers, -# copy the approvers to the reviewers list too. reviewers: -- evankanderson -- grantr -- Harwayne -- vaikas -- n3wscott -- matzew -- nachocano -- lionelvillard -# Add reviewers below -- liu-cong -- yolocs -- aslom -- lberk +- eventing-reviewers + diff --git a/OWNERS_ALIASES b/OWNERS_ALIASES index 131917ba13c..70aeee517de 100644 --- a/OWNERS_ALIASES +++ b/OWNERS_ALIASES @@ -1,24 +1,25 @@ aliases: - # These aliases are for OWNERS of the various Channel implementations. These - # Are in addition to the repo level OWNERS. - - performance-approvers: - - chaodaiG - - chizhg - - slinkydeveloper - performance-reviewers: - - chaodaiG - - chizhg - - slinkydeveloper - - productivity-approvers: - - chaodaiG - - chizhg - productivity-reviewers: - - chaodaiG - - chizhg - - steuhs - - yt3liu - - channel-reviewers: - - slinkydeveloper + eventing-approvers: + - alanfx + - mgencur + - mvinkler + - jcrossley3 + - bobmcwhirter + - markusthoemmes + - evanchooly + - arilivigni + - matzew + - lberk + - aliok + eventing-reviewers: + - alanfx + - mgencur + - mvinkler + - jcrossley3 + - bobmcwhirter + - markusthoemmes + - evanchooly + - arilivigni + - matzew + - lberk + - aliok diff --git a/ci b/ci new file mode 100644 index 00000000000..e4a91f055f1 --- /dev/null +++ b/ci @@ -0,0 +1 @@ +Wed May 13 00:03:54 UTC 2020 diff --git a/openshift/ci-operator/Dockerfile.in b/openshift/ci-operator/Dockerfile.in new file mode 100644 index 00000000000..9e1ef71ca17 --- /dev/null +++ b/openshift/ci-operator/Dockerfile.in @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD ${bin} /usr/bin/${bin} +ENTRYPOINT ["/usr/bin/${bin}"] diff --git a/openshift/ci-operator/build-image/Dockerfile b/openshift/ci-operator/build-image/Dockerfile new file mode 100644 index 00000000000..5b4a5da33f1 --- /dev/null +++ b/openshift/ci-operator/build-image/Dockerfile @@ -0,0 +1,11 @@ +# Dockerfile to bootstrap build and test in openshift-ci + +FROM openshift/origin-release:golang-1.13 + +# Add kubernetes repository +ADD openshift/ci-operator/build-image/kubernetes.repo /etc/yum.repos.d/ + +RUN yum install -y kubectl ansible + +# Allow runtime users to add entries to /etc/passwd +RUN chmod g+rw /etc/passwd diff --git a/openshift/ci-operator/build-image/kubernetes.repo b/openshift/ci-operator/build-image/kubernetes.repo new file mode 100644 index 00000000000..65eda50b5bf --- /dev/null +++ b/openshift/ci-operator/build-image/kubernetes.repo @@ -0,0 +1,7 @@ +[kubernetes] +name=Kubernetes +baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 +enabled=1 +gpgcheck=1 +repo_gpgcheck=1 +gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg diff --git a/openshift/ci-operator/generate-ci-config.sh b/openshift/ci-operator/generate-ci-config.sh new file mode 100755 index 00000000000..c098b655e51 --- /dev/null +++ b/openshift/ci-operator/generate-ci-config.sh @@ -0,0 +1,78 @@ +#!/bin/bash + +branch=${1-'knative-v0.6.0'} +openshift=${2-'4.2'} + +cat < $target_dir/$image_base/Dockerfile + done +} + +generate_dockefiles $@ diff --git a/openshift/ci-operator/knative-images/apiserver_receive_adapter/Dockerfile b/openshift/ci-operator/knative-images/apiserver_receive_adapter/Dockerfile new file mode 100644 index 00000000000..13577301648 --- /dev/null +++ b/openshift/ci-operator/knative-images/apiserver_receive_adapter/Dockerfile @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD apiserver_receive_adapter /usr/bin/apiserver_receive_adapter +ENTRYPOINT ["/usr/bin/apiserver_receive_adapter"] diff --git a/openshift/ci-operator/knative-images/broker_filter/Dockerfile b/openshift/ci-operator/knative-images/broker_filter/Dockerfile new file mode 100644 index 00000000000..aee47d96115 --- /dev/null +++ b/openshift/ci-operator/knative-images/broker_filter/Dockerfile @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD broker_filter /usr/bin/broker_filter +ENTRYPOINT ["/usr/bin/broker_filter"] diff --git a/openshift/ci-operator/knative-images/broker_ingress/Dockerfile b/openshift/ci-operator/knative-images/broker_ingress/Dockerfile new file mode 100644 index 00000000000..c70d35c9fa8 --- /dev/null +++ b/openshift/ci-operator/knative-images/broker_ingress/Dockerfile @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD broker_ingress /usr/bin/broker_ingress +ENTRYPOINT ["/usr/bin/broker_ingress"] diff --git a/openshift/ci-operator/knative-images/channel_broker/Dockerfile b/openshift/ci-operator/knative-images/channel_broker/Dockerfile new file mode 100644 index 00000000000..973d904d295 --- /dev/null +++ b/openshift/ci-operator/knative-images/channel_broker/Dockerfile @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD channel_broker /usr/bin/channel_broker +ENTRYPOINT ["/usr/bin/channel_broker"] diff --git a/openshift/ci-operator/knative-images/channel_controller/Dockerfile b/openshift/ci-operator/knative-images/channel_controller/Dockerfile new file mode 100644 index 00000000000..761239d8cb3 --- /dev/null +++ b/openshift/ci-operator/knative-images/channel_controller/Dockerfile @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD channel_controller /usr/bin/channel_controller +ENTRYPOINT ["/usr/bin/channel_controller"] diff --git a/openshift/ci-operator/knative-images/channel_dispatcher/Dockerfile b/openshift/ci-operator/knative-images/channel_dispatcher/Dockerfile new file mode 100644 index 00000000000..e442f3c4c87 --- /dev/null +++ b/openshift/ci-operator/knative-images/channel_dispatcher/Dockerfile @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD channel_dispatcher /usr/bin/channel_dispatcher +ENTRYPOINT ["/usr/bin/channel_dispatcher"] diff --git a/openshift/ci-operator/knative-images/controller/Dockerfile b/openshift/ci-operator/knative-images/controller/Dockerfile new file mode 100644 index 00000000000..41cdd592d73 --- /dev/null +++ b/openshift/ci-operator/knative-images/controller/Dockerfile @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD controller /usr/bin/controller +ENTRYPOINT ["/usr/bin/controller"] diff --git a/openshift/ci-operator/knative-images/mtbroker_filter/Dockerfile b/openshift/ci-operator/knative-images/mtbroker_filter/Dockerfile new file mode 100644 index 00000000000..737bef337e3 --- /dev/null +++ b/openshift/ci-operator/knative-images/mtbroker_filter/Dockerfile @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD mtbroker_filter /usr/bin/mtbroker_filter +ENTRYPOINT ["/usr/bin/mtbroker_filter"] diff --git a/openshift/ci-operator/knative-images/mtbroker_ingress/Dockerfile b/openshift/ci-operator/knative-images/mtbroker_ingress/Dockerfile new file mode 100644 index 00000000000..05dc6d9c215 --- /dev/null +++ b/openshift/ci-operator/knative-images/mtbroker_ingress/Dockerfile @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD mtbroker_ingress /usr/bin/mtbroker_ingress +ENTRYPOINT ["/usr/bin/mtbroker_ingress"] diff --git a/openshift/ci-operator/knative-images/mtchannel_broker/Dockerfile b/openshift/ci-operator/knative-images/mtchannel_broker/Dockerfile new file mode 100644 index 00000000000..040be2f362e --- /dev/null +++ b/openshift/ci-operator/knative-images/mtchannel_broker/Dockerfile @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD mtchannel_broker /usr/bin/mtchannel_broker +ENTRYPOINT ["/usr/bin/mtchannel_broker"] diff --git a/openshift/ci-operator/knative-images/mtping/Dockerfile b/openshift/ci-operator/knative-images/mtping/Dockerfile new file mode 100644 index 00000000000..c2c082b1ea0 --- /dev/null +++ b/openshift/ci-operator/knative-images/mtping/Dockerfile @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD mtping /usr/bin/mtping +ENTRYPOINT ["/usr/bin/mtping"] diff --git a/openshift/ci-operator/knative-images/ping/Dockerfile b/openshift/ci-operator/knative-images/ping/Dockerfile new file mode 100644 index 00000000000..e1a73ca3303 --- /dev/null +++ b/openshift/ci-operator/knative-images/ping/Dockerfile @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD ping /usr/bin/ping +ENTRYPOINT ["/usr/bin/ping"] diff --git a/openshift/ci-operator/knative-images/pong/Dockerfile b/openshift/ci-operator/knative-images/pong/Dockerfile new file mode 100644 index 00000000000..48b82678585 --- /dev/null +++ b/openshift/ci-operator/knative-images/pong/Dockerfile @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD pong /usr/bin/pong +ENTRYPOINT ["/usr/bin/pong"] diff --git a/openshift/ci-operator/knative-images/sendevent/Dockerfile b/openshift/ci-operator/knative-images/sendevent/Dockerfile new file mode 100644 index 00000000000..6ea273a2ae7 --- /dev/null +++ b/openshift/ci-operator/knative-images/sendevent/Dockerfile @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD sendevent /usr/bin/sendevent +ENTRYPOINT ["/usr/bin/sendevent"] diff --git a/openshift/ci-operator/knative-images/v0.14.0/Dockerfile b/openshift/ci-operator/knative-images/v0.14.0/Dockerfile new file mode 100644 index 00000000000..ed1e776f154 --- /dev/null +++ b/openshift/ci-operator/knative-images/v0.14.0/Dockerfile @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD v0.14.0 /usr/bin/v0.14.0 +ENTRYPOINT ["/usr/bin/v0.14.0"] diff --git a/openshift/ci-operator/knative-images/webhook/Dockerfile b/openshift/ci-operator/knative-images/webhook/Dockerfile new file mode 100644 index 00000000000..a2a1000d057 --- /dev/null +++ b/openshift/ci-operator/knative-images/webhook/Dockerfile @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD webhook /usr/bin/webhook +ENTRYPOINT ["/usr/bin/webhook"] diff --git a/openshift/ci-operator/knative-test-images/eventdetails/Dockerfile b/openshift/ci-operator/knative-test-images/eventdetails/Dockerfile new file mode 100644 index 00000000000..b5553b9e268 --- /dev/null +++ b/openshift/ci-operator/knative-test-images/eventdetails/Dockerfile @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD eventdetails /usr/bin/eventdetails +ENTRYPOINT ["/usr/bin/eventdetails"] diff --git a/openshift/ci-operator/knative-test-images/filterevents/Dockerfile b/openshift/ci-operator/knative-test-images/filterevents/Dockerfile new file mode 100644 index 00000000000..f4107e7f753 --- /dev/null +++ b/openshift/ci-operator/knative-test-images/filterevents/Dockerfile @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD filterevents /usr/bin/filterevents +ENTRYPOINT ["/usr/bin/filterevents"] diff --git a/openshift/ci-operator/knative-test-images/heartbeats/Dockerfile b/openshift/ci-operator/knative-test-images/heartbeats/Dockerfile new file mode 100644 index 00000000000..26e419912e0 --- /dev/null +++ b/openshift/ci-operator/knative-test-images/heartbeats/Dockerfile @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD heartbeats /usr/bin/heartbeats +ENTRYPOINT ["/usr/bin/heartbeats"] diff --git a/openshift/ci-operator/knative-test-images/logevents/Dockerfile b/openshift/ci-operator/knative-test-images/logevents/Dockerfile new file mode 100644 index 00000000000..99e00e9102b --- /dev/null +++ b/openshift/ci-operator/knative-test-images/logevents/Dockerfile @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD logevents /usr/bin/logevents +ENTRYPOINT ["/usr/bin/logevents"] diff --git a/openshift/ci-operator/knative-test-images/performance/Dockerfile b/openshift/ci-operator/knative-test-images/performance/Dockerfile new file mode 100644 index 00000000000..e9f24436add --- /dev/null +++ b/openshift/ci-operator/knative-test-images/performance/Dockerfile @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD performance /usr/bin/performance +ENTRYPOINT ["/usr/bin/performance"] diff --git a/openshift/ci-operator/knative-test-images/print/Dockerfile b/openshift/ci-operator/knative-test-images/print/Dockerfile new file mode 100644 index 00000000000..b7b1f9cf7bc --- /dev/null +++ b/openshift/ci-operator/knative-test-images/print/Dockerfile @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD print /usr/bin/print +ENTRYPOINT ["/usr/bin/print"] diff --git a/openshift/ci-operator/knative-test-images/recordevents/Dockerfile b/openshift/ci-operator/knative-test-images/recordevents/Dockerfile new file mode 100644 index 00000000000..2599ee16b49 --- /dev/null +++ b/openshift/ci-operator/knative-test-images/recordevents/Dockerfile @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD recordevents /usr/bin/recordevents +ENTRYPOINT ["/usr/bin/recordevents"] diff --git a/openshift/ci-operator/knative-test-images/sendevents/Dockerfile b/openshift/ci-operator/knative-test-images/sendevents/Dockerfile new file mode 100644 index 00000000000..077e69e5a87 --- /dev/null +++ b/openshift/ci-operator/knative-test-images/sendevents/Dockerfile @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD sendevents /usr/bin/sendevents +ENTRYPOINT ["/usr/bin/sendevents"] diff --git a/openshift/ci-operator/knative-test-images/sequencestepper/Dockerfile b/openshift/ci-operator/knative-test-images/sequencestepper/Dockerfile new file mode 100644 index 00000000000..53a3837a99e --- /dev/null +++ b/openshift/ci-operator/knative-test-images/sequencestepper/Dockerfile @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD sequencestepper /usr/bin/sequencestepper +ENTRYPOINT ["/usr/bin/sequencestepper"] diff --git a/openshift/ci-operator/knative-test-images/transformevents/Dockerfile b/openshift/ci-operator/knative-test-images/transformevents/Dockerfile new file mode 100644 index 00000000000..94dbe1bb42e --- /dev/null +++ b/openshift/ci-operator/knative-test-images/transformevents/Dockerfile @@ -0,0 +1,5 @@ +# Do not edit! This file was generated via Makefile +FROM openshift/origin-base + +ADD transformevents /usr/bin/transformevents +ENTRYPOINT ["/usr/bin/transformevents"] diff --git a/openshift/ci-operator/update-ci.sh b/openshift/ci-operator/update-ci.sh new file mode 100755 index 00000000000..57d0ff46d98 --- /dev/null +++ b/openshift/ci-operator/update-ci.sh @@ -0,0 +1,48 @@ +#!/bin/bash +# A script that will update the mapping file in github.com/openshift/release + +set -e + +fail() { echo; echo "$*"; exit 1; } + +# Deduce branch name and X.Y.Z version. +BRANCH=$(git rev-parse --abbrev-ref HEAD) +VERSION=$(echo $BRANCH | sed -E 's/^.*([0-9]+\.[0-9]+\.[0-9]+)|.*/\1/') +test -n "$VERSION" || fail "'$BRANCH' is not a release branch" +VER=$(echo $VERSION | sed 's/\./_/;s/\.[0-9]\+$//') # X_Y form of version + +# Set up variables for important locations in the openshift/release repo. +OPENSHIFT=$(realpath "$1"); shift +test -d "$OPENSHIFT/.git" || fail "'$OPENSHIFT' is not a git repo" +MIRROR="$OPENSHIFT/core-services/image-mirroring/knative/mapping_knative_v${VER}_quay" +CONFIGDIR=$OPENSHIFT/ci-operator/config/openshift/knative-eventing +test -d "$CONFIGDIR" || fail "'$CONFIGDIR' is not a directory" + +# Generate CI config files +CONFIG=$CONFIGDIR/openshift-knative-eventing-release-v$VERSION +CURDIR=$(dirname $0) +$CURDIR/generate-ci-config.sh knative-v$VERSION 4.3 > ${CONFIG}.yaml +$CURDIR/generate-ci-config.sh knative-v$VERSION 4.4 > ${CONFIG}__4.5.yaml +$CURDIR/generate-ci-config.sh knative-v$VERSION 4.5 > ${CONFIG}__4.5.yaml + +# Append missing lines to the mirror file. +[ -n "$(tail -c1 $MIRROR)" ] && echo >> $MIRROR # Make sure there's a newline +for IMAGE in $*; do + NAME=knative-eventing-$(basename $IMAGE | sed 's/_/-/' | sed 's/_/-/') + echo "Adding $NAME to mirror file" + LINE="registry.svc.ci.openshift.org/openshift/knative-v$VERSION:$NAME quay.io/openshift-knative/$NAME:v$VERSION" + # Add $LINE if not already present + grep -q "^$LINE\$" $MIRROR || echo "$LINE" >> $MIRROR +done + +# Switch to openshift/release to generate PROW files +cd $OPENSHIFT +echo "Generating PROW files in $OPENSHIFT" +which docker 2> /dev/null || alias docker=podman # Use docker or podman +docker pull registry.svc.ci.openshift.org/ci/ci-operator-prowgen:latest +docker run -it -v "${PWD}/ci-operator:/ci-operator" registry.svc.ci.openshift.org/ci/ci-operator-prowgen:latest --from-dir /ci-operator/config --to-dir /ci-operator/jobs + +echo "==== Changes made to $OPENSHIFT ====" +git status +echo "==== Commit changes to $OPENSHIFT and create a PR" + diff --git a/openshift/e2e-tests-openshift.sh b/openshift/e2e-tests-openshift.sh new file mode 100644 index 00000000000..b0a40584fb9 --- /dev/null +++ b/openshift/e2e-tests-openshift.sh @@ -0,0 +1,139 @@ +#!/bin/sh + +source "$(dirname $0)/../vendor/knative.dev/test-infra/scripts/e2e-tests.sh" +source "$(dirname "$0")/release/resolve.sh" + +set -x + +readonly EVENTING_NAMESPACE=knative-eventing + +env + +function scale_up_workers(){ + local cluster_api_ns="openshift-machine-api" + + oc get machineset -n ${cluster_api_ns} --show-labels + + # Get the name of the first machineset that has at least 1 replica + local machineset + machineset=$(oc get machineset -n ${cluster_api_ns} -o custom-columns="name:{.metadata.name},replicas:{.spec.replicas}" | grep " 1" | head -n 1 | awk '{print $1}') + # Bump the number of replicas to 6 (+ 1 + 1 == 8 workers) + oc patch machineset -n ${cluster_api_ns} "${machineset}" -p '{"spec":{"replicas":6}}' --type=merge + wait_until_machineset_scales_up ${cluster_api_ns} "${machineset}" 6 +} + +# Loops until duration (car) is exceeded or command (cdr) returns non-zero +function timeout_non_zero() { + SECONDS=0; TIMEOUT=$1; shift + while eval $*; do + sleep 5 + [[ $SECONDS -gt $TIMEOUT ]] && echo "ERROR: Timed out" && return 1 + done + return 0 +} + +function install_strimzi(){ + strimzi_version=`curl https://github.com/strimzi/strimzi-kafka-operator/releases/latest | awk -F 'tag/' '{print $2}' | awk -F '"' '{print $1}' 2>/dev/null` + header_text "Strimzi install" + kubectl create namespace kafka + curl -L "https://github.com/strimzi/strimzi-kafka-operator/releases/download/${strimzi_version}/strimzi-cluster-operator-${strimzi_version}.yaml" \ + | sed 's/namespace: .*/namespace: kafka/' \ + | kubectl -n kafka apply -f - + + header_text "Applying Strimzi Cluster file" + kubectl -n kafka apply -f "https://raw.githubusercontent.com/strimzi/strimzi-kafka-operator/${strimzi_version}/examples/kafka/kafka-persistent-single.yaml" + + header_text "Waiting for Strimzi to become ready" + sleep 5; while echo && kubectl get pods -n kafka | grep -v -E "(Running|Completed|STATUS)"; do sleep 5; done +} + +function install_serverless(){ + header "Installing Serverless Operator" + git clone --branch eventing-014-again https://github.com/aliok/serverless-operator.git /tmp/serverless-operator + #cp openshift/olm/serverless-operator.v1.7.0.clusterserviceversion.yaml /tmp/serverless-operator/olm-catalog/serverless-operator/1.7.0/serverless-operator.v1.7.0.clusterserviceversion.yaml + # unset OPENSHIFT_BUILD_NAMESPACE as its used in serverless-operator's CI environment as a switch + # to use CI built images, we want pre-built images of k-s-o and k-o-i + unset OPENSHIFT_BUILD_NAMESPACE + /tmp/serverless-operator/hack/install.sh || return 1 + header "Serverless Operator installed successfully" +} + +function run_e2e_tests(){ + header "Running tests with Channel Based Broker" + go_test_e2e -timeout=90m -parallel=12 ./test/e2e -brokerclass=ChannelBasedBroker -channels=messaging.knative.dev/v1alpha1:InMemoryChannel,messaging.knative.dev/v1alpha1:Channel,messaging.knative.dev/v1beta1:InMemoryChannel \ + --kubeconfig "$KUBECONFIG" \ + --dockerrepo "quay.io/openshift-knative" \ + ${options} || failed=1 + + header "Running tests with Multi TenantChannel Based Broker" + oc apply -f test/config/mt-channel-broker.yaml || return 1 + oc -n knative-eventing set env deployment/mt-broker-controller BROKER_INJECTION_DEFAULT=true || return 1 + wait_until_pods_running $EVENTING_NAMESPACE || return 1 + + go_test_e2e -timeout=90m -parallel=12 ./test/e2e -brokerclass=MTChannelBasedBroker -channels=messaging.knative.dev/v1alpha1:InMemoryChannel,messaging.knative.dev/v1alpha1:Channel,messaging.knative.dev/v1beta1:InMemoryChannel \ + --kubeconfig "$KUBECONFIG" \ + --dockerrepo "quay.io/openshift-knative" \ + ${options} || failed=1 +} + +function run_origin_e2e() { + local param_file=e2e-origin-params.txt + ( + echo "NAMESPACE=$EVENTING_NAMESPACE" + echo "IMAGE_TESTS=registry.svc.ci.openshift.org/openshift/origin-v4.0:tests" + echo "TEST_COMMAND=TEST_SUITE=openshift/conformance/parallel run-tests" + ) > $param_file + + oc -n $EVENTING_NAMESPACE create configmap kubeconfig --from-file=kubeconfig=$KUBECONFIG + oc -n $EVENTING_NAMESPACE new-app -f ./openshift/origin-e2e-job.yaml --param-file=$param_file + + timeout 240 "oc get pods -n $EVENTING_NAMESPACE | grep e2e-origin-testsuite | grep -E 'Running'" + e2e_origin_pod=$(oc get pods -n $EVENTING_NAMESPACE | grep e2e-origin-testsuite | grep -E 'Running' | awk '{print $1}') + timeout 3600 "oc -n $EVENTING_NAMESPACE exec $e2e_origin_pod -c e2e-test-origin ls /tmp/artifacts/e2e-origin/test_logs.tar" + oc cp ${EVENTING_NAMESPACE}/${e2e_origin_pod}:/tmp/artifacts/e2e-origin/test_logs.tar . + tar xvf test_logs.tar -C /tmp/artifacts + mkdir -p /tmp/artifacts/junit + mv $(find /tmp/artifacts -name "junit_e2e_*.xml") /tmp/artifacts/junit + mv /tmp/artifacts/tmp/artifacts/e2e-origin/e2e-origin.log /tmp/artifacts +} + +# Waits until the machineset in the given namespaces scales up to the +# desired number of replicas +# Parameters: $1 - namespace +# $2 - machineset name +# $3 - desired number of replicas +function wait_until_machineset_scales_up() { + echo -n "Waiting until machineset $2 in namespace $1 scales up to $3 replicas" + for _ in {1..150}; do # timeout after 15 minutes + local available + available=$(oc get machineset -n "$1" "$2" -o jsonpath="{.status.availableReplicas}") + if [[ ${available} -eq $3 ]]; then + echo -e "\nMachineSet $2 in namespace $1 successfully scaled up to $3 replicas" + return 0 + fi + echo -n "." + sleep 6 + done + echo - "Error: timeout waiting for machineset $2 in namespace $1 to scale up to $3 replicas" + return 1 +} + +scale_up_workers || exit 1 + +failed=0 + +(( !failed )) && install_strimzi || failed=1 + +(( !failed )) && install_serverless || failed=1 + +if [[ $TEST_ORIGIN_CONFORMANCE == true ]]; then + (( !failed )) && run_origin_e2e || failed=1 +fi + +(( !failed )) && run_e2e_tests || failed=1 + +(( failed )) && dump_cluster_state + +(( failed )) && exit 1 + +success diff --git a/openshift/olm/README.md b/openshift/olm/README.md new file mode 100644 index 00000000000..395d62c3bda --- /dev/null +++ b/openshift/olm/README.md @@ -0,0 +1,41 @@ + +This is the `CatalogSource` for the +[knative-eventing-operator](https://github.com/openshift-knative/knative-eventing-operator). + +WARNING: The `knative-eventing` operator requires a CRD provided by the +`knative-serving` `CatalogSource`, so install it first. + +To install this `CatalogSource`: + + OLM=$(kubectl get pods --all-namespaces | grep olm-operator | head -1 | awk '{print $1}') + kubectl apply -n $OLM -f https://raw.githubusercontent.com/openshift/knative-eventing/release-v0.5.0/openshift/olm/knative-eventing.catalogsource.yaml + +To subscribe to it (which will trigger the installation of +knative-eventing), either use the console, or apply the following: + + --- + apiVersion: v1 + kind: Namespace + metadata: + name: knative-eventing + labels: + istio-injection: enabled + --- + apiVersion: operators.coreos.com/v1 + kind: OperatorGroup + metadata: + name: knative-eventing + namespace: knative-eventing + --- + apiVersion: operators.coreos.com/v1alpha1 + kind: Subscription + metadata: + name: knative-eventing-operator-sub + generateName: knative-eventing-operator- + namespace: knative-eventing + spec: + source: knative-eventing-operator + sourceNamespace: olm + name: knative-eventing-operator + startingCSV: knative-eventing-operator.v0.5.0 + channel: alpha diff --git a/openshift/olm/serverless-operator.v1.7.0.clusterserviceversion.yaml b/openshift/olm/serverless-operator.v1.7.0.clusterserviceversion.yaml new file mode 100644 index 00000000000..a2c00da5a6c --- /dev/null +++ b/openshift/olm/serverless-operator.v1.7.0.clusterserviceversion.yaml @@ -0,0 +1,556 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "operator.knative.dev/v1alpha1", + "kind": "KnativeServing", + "metadata": { + "name": "knative-serving" + }, + "spec": { + } + }, + { + "apiVersion": "operator.knative.dev/v1alpha1", + "kind": "KnativeEventing", + "metadata": { + "name": "knative-eventing" + }, + "spec": { + } + } + ] + capabilities: Full Lifecycle + categories: Networking,Integration & Delivery,Cloud Provider,Developer Tools + certified: "false" + createdAt: "2020-04-20T17:00:00Z" + description: |- + Provides a collection of API's based on Knative to support deploying and serving + of serverless applications and functions. + repository: https://github.com/openshift-knative/serverless-operator + support: Red Hat, Inc. + name: serverless-operator.v1.7.0 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: Represents an installation of a particular version of Knative Serving + displayName: Knative Serving + kind: KnativeServing + name: knativeservings.operator.knative.dev + statusDescriptors: + - description: The version of Knative Serving installed + displayName: Version + path: version + - description: Conditions of Knative Serving installed + displayName: Conditions + path: conditions + x-descriptors: + - 'urn:alm:descriptor:io.kubernetes.conditions' + version: v1alpha1 + - description: Represents an installation of a particular version of Knative Eventing + displayName: Knative Eventing + kind: KnativeEventing + name: knativeeventings.operator.knative.dev + statusDescriptors: + - description: The version of Knative Eventing installed + displayName: Version + path: version + version: v1alpha1 + minKubeVersion: 1.15.0 + description: |- + The Red Hat OpenShift Serverless operator provides a collection of APIs that + enables containers, microservices and functions to run "serverless". + Serverless applications can scale up and down (to zero) on demand and be triggered by a + number of event sources. OpenShift Serverless integrates with a number of + platform services, such as Metering and Monitoring and it is based on the open + source project Knative. + + # Prerequisites + The components provided with the OpenShift Serverless operator require minimum cluster sizes on + OpenShift Container Platform. For more information, see the documentation on [Getting started + with OpenShift Serverless](https://access.redhat.com/documentation/en-us/openshift_container_platform/4.3/html-single/serverless_applications/index#serverless-getting-started). + + # Supported Features + - **Easy to get started:** Provides a simplified developer experience to deploy + and run cloud native applications on Kubernetes, providing powerful + abstractions. + - **Immutable Revisions:** Deploy new features performing canary, A/B or + blue-green testing with gradual traffic rollout following best practices. + - **Use any programming language or runtime of choice:** From Java, Python, Go + and JavaScript to Quarkus, SpringBoot or Node.js. + - **Automatic scaling:** Removes the requirement to configure numbers of replicas + or idling behavior. Applications automatically scale to zero when not in use, + or scale up to meet demand, with built in reliability and fault tolerance. + - **Event Driven Applications:** You can build loosely coupled, distributed applications + that can be connected to a variety of either built in or third party event sources, + powered by operators. + - **Ready for the hybrid cloud:** Provides true, portable serverless functionality, + that can run anywhere OpenShift Container Platform runs. You can leverage data + locality and SaaS as you need it. + + # Components & APIs + This operator provides the following components: + + ## Knative Serving + Knative Serving builds on Kubernetes to support deploying and serving of + applications and functions as serverless containers. Serving is easy to get + started with and scales to support advanced scenarios. Other features + includes: + - Rapid deployment of serverless containers + - Automatic scaling up and down to zero + - Routing and network programming + - Point-in-time snapshots of deployed code and configurations + ![](https://i.imgur.com/vqL48B8.png) + + ## Knative Eventing + + Knative Eventing is a **[Technology Preview feature](https://access.redhat.com/support/offerings/techpreview)!** + + Knative Eventing is a system that is designed to address a common need for cloud native + development and provides composable primitives to enable late-binding event sources and + event consumers. + Knative Eventing is designed to address a common need for cloud + native development: + - Services are loosely coupled during development and deployed independently + - A producer can generate events before a consumer is listening, and a consumer + can express an interest in an event or class of events that is not yet being + produced. + - Services can be connected to create new applications + * without modifying producer or consumer, and + * with the ability to select a specific subset of events from a particular + producer. + + ## Knative Client - `kn` + The Knative client `kn` is your door to the Knative world. It allows you to + create Knative resources interactively from the command line or from within + Shell scripts. + + `kn` offers you: + - Full support for managing all features of Knative Serving (services, + revisions, traffic splits) + - Growing support Knative eventing, closely following its development + (managing of sources & triggers) + - A plugin architecture similar to that of kubectl plugins + - A thin client-specific API in golang which helps in tasks like synchronously + waiting on Knative service write operations. + - An easy integration of Knative into Tekton Pipelines by using kn in a Tekton + Task. + + # Further Information + For documentation on OpenShift Serverless, see: + - [Installation + Guide](https://access.redhat.com/documentation/en-us/openshift_container_platform/4.3/html/serverless_applications/installing-openshift-serverless-1) + - [Getting + started](https://access.redhat.com/documentation/en-us/openshift_container_platform/4.3/html/serverless_applications/serverless-getting-started) + displayName: OpenShift Serverless Operator + icon: + - base64data: PHN2ZyBpZD0iTGF5ZXJfMSIgZGF0YS1uYW1lPSJMYXllciAxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZpZXdCb3g9IjAgMCAxMDAgMTAwIj48ZGVmcz48c3R5bGU+LmNscy0xe2ZpbGw6I2UwMzQwMDt9LmNscy0ye2ZpbGw6I2NlMmUwMDt9LmNscy0ze2ZpbGw6bm9uZTt9LmNscy00e2ZpbGw6I2ZmZjt9LmNscy01e2ZpbGw6I2RjZGNkYzt9LmNscy02e2ZpbGw6I2FhYTt9PC9zdHlsZT48L2RlZnM+PHRpdGxlPlJlZF9IYXQtT3BlbnNoaWZ0NC1DYXRhbG9nX0ljb25zLVNlcnZlcmxlc3M8L3RpdGxlPjxjaXJjbGUgY2xhc3M9ImNscy0xIiBjeD0iNTAiIGN5PSI1MCIgcj0iNTAiLz48cGF0aCBjbGFzcz0iY2xzLTIiIGQ9Ik04NS4zNiwxNC42NEE1MCw1MCwwLDAsMSwxNC42NCw4NS4zNloiLz48cGF0aCBjbGFzcz0iY2xzLTMiIGQ9Ik00MC41Nyw0Ny40MmEzLjg5LDMuODksMCwxLDAsMy44OCwzLjg4QTMuODksMy44OSwwLDAsMCw0MC41Nyw0Ny40MloiLz48cGF0aCBjbGFzcz0iY2xzLTMiIGQ9Ik0yMS40Miw0Ny40MkEzLjg5LDMuODksMCwxLDAsMjUuMyw1MS4zLDMuODksMy44OSwwLDAsMCwyMS40Miw0Ny40MloiLz48cGF0aCBjbGFzcz0iY2xzLTQiIGQ9Ik01MC4wOSw0OC44NmgtLjE4YTQuMTEsNC4xMSwwLDAsMS0zLjI2LTEuNjMsNy42OSw3LjY5LDAsMCwwLTEyLjE2LDAsNC4xMyw0LjEzLDAsMCwxLTMuMjYsMS42M0gzMWE0LjA5LDQuMDksMCwwLDEtMy4yNS0xLjYzQTcuNjksNy42OSwwLDAsMCwxNCw1MS45M2gwVjY0LjZhMi43OSwyLjc5LDAsMCwwLDIuNzksMi43OWgxNS44TDUxLjM0LDQ4LjY2QTQsNCwwLDAsMSw1MC4wOSw0OC44NloiLz48cGF0aCBjbGFzcz0iY2xzLTUiIGQ9Ik03OC4wNSw0NC4yNWE3LjY1LDcuNjUsMCwwLDAtNS44NSwzQTQuMSw0LjEsMCwwLDEsNjksNDguODZoLS4xOWE0LjEzLDQuMTMsMCwwLDEtMy4yNi0xLjYzLDcuNjksNy42OSwwLDAsMC0xMi4xNiwwLDQuMTYsNC4xNiwwLDAsMS0yLDEuNDNMMzIuNjEsNjcuMzlIODMuMTlBMi43OSwyLjc5LDAsMCwwLDg2LDY0LjZWNTIuMDdBNy43Nyw3Ljc3LDAsMCwwLDc4LjA1LDQ0LjI1WiIvPjxwYXRoIGNsYXNzPSJjbHMtNiIgZD0iTTIxLjEsNjNoMTBhMS44MywxLjgzLDAsMSwwLDAtMy42NmgtMTBhMS44MywxLjgzLDAsMCwwLDAsMy42NloiLz48Y2lyY2xlIGNsYXNzPSJjbHMtNCIgY3g9IjQwLjU3IiBjeT0iMzcuNzMiIHI9IjIuMTUiLz48Y2lyY2xlIGNsYXNzPSJjbHMtNCIgY3g9IjQwLjU3IiBjeT0iMjguMjMiIHI9IjEuMzUiLz48Y2lyY2xlIGNsYXNzPSJjbHMtNCIgY3g9IjU5LjcyIiBjeT0iMjguMjMiIHI9IjEuMzUiLz48Y2lyY2xlIGNsYXNzPSJjbHMtNCIgY3g9IjIxLjQyIiBjeT0iMzcuNzMiIHI9IjIuMTUiLz48Y2lyY2xlIGNsYXNzPSJjbHMtNCIgY3g9IjUwIiBjeT0iNDMuNDUiIHI9IjIuOTMiLz48Y2lyY2xlIGNsYXNzPSJjbHMtNCIgY3g9IjY4Ljg5IiBjeT0iNDMuNDUiIHI9IjIuOTMiLz48Y2lyY2xlIGNsYXNzPSJjbHMtNCIgY3g9IjMxLjA5IiBjeT0iNDMuNDUiIHI9IjIuOTMiLz48Y2lyY2xlIGNsYXNzPSJjbHMtNiIgY3g9Ijc3Ljk0IiBjeT0iNTQuMzEiIHI9IjIuMTUiLz48Y2lyY2xlIGNsYXNzPSJjbHMtNiIgY3g9IjY4LjkxIiBjeT0iNTQuMzEiIHI9IjIuMTUiLz48Y2lyY2xlIGNsYXNzPSJjbHMtNCIgY3g9Ijc3Ljk0IiBjeT0iMzcuNzMiIHI9IjIuMTUiLz48Y2lyY2xlIGNsYXNzPSJjbHMtNCIgY3g9IjU5LjcyIiBjeT0iMzcuNzMiIHI9IjIuMTUiLz48Y2lyY2xlIGNsYXNzPSJjbHMtNCIgY3g9IjUwIiBjeT0iMzMuMSIgcj0iMy4wMSIvPjxjaXJjbGUgY2xhc3M9ImNscy00IiBjeD0iMzEuMDkiIGN5PSIzMy4xIiByPSIzLjAxIi8+PGNpcmNsZSBjbGFzcz0iY2xzLTQiIGN4PSI2OC44OSIgY3k9IjMzLjEiIHI9IjMuMDEiLz48L3N2Zz4= + mediatype: image/svg+xml + install: + spec: + clusterPermissions: + - rules: + - apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' + serviceAccountName: knative-serving-operator + - rules: + - apiGroups: + - "" + resources: + - pods + - services + - events + - configmaps + verbs: + - "*" + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - apiGroups: + - apps + resources: + - deployments + - replicasets + verbs: + - "*" + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - "*" + - apiGroups: + - networking.k8s.io + resources: + - networkpolicies + verbs: + - "*" + - apiGroups: + - monitoring.coreos.com + resources: + - servicemonitors + verbs: + - get + - create + - apiGroups: + - networking.internal.knative.dev + resources: + - clusteringresses + - clusteringresses/status + - clusteringresses/finalizers + - ingresses + - ingresses/status + - ingresses/finalizers + verbs: + - "*" + - apiGroups: + - route.openshift.io + resources: + - routes + - routes/custom-host + - routes/status + - routes/finalizers + verbs: + - "*" + - apiGroups: + - operator.knative.dev + resources: + - knativeservings + - knativeservings/finalizers + verbs: + - '*' + serviceAccountName: knative-openshift-ingress + deployments: + - name: knative-serving-operator + spec: + replicas: 1 + selector: + matchLabels: + name: knative-serving-operator + template: + metadata: + annotations: + sidecar.istio.io/inject: "false" + labels: + name: knative-serving-operator + spec: + containers: + - env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAME + value: knative-serving-operator + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: METRICS_DOMAIN + value: knative.dev/serving-operator + image: registry.svc.ci.openshift.org/openshift/knative-v0.13.2:knative-serving-operator + imagePullPolicy: IfNotPresent + name: knative-serving-operator + ports: + - containerPort: 9090 + name: metrics + serviceAccountName: knative-serving-operator + - name: knative-eventing-operator + spec: + replicas: 1 + selector: + matchLabels: + name: knative-eventing-operator + template: + metadata: + annotations: + sidecar.istio.io/inject: "false" + labels: + name: knative-eventing-operator + spec: + containers: + - env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAME + value: knative-eventing-operator + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: METRICS_DOMAIN + value: knative.dev/eventing-operator + image: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-operator + imagePullPolicy: IfNotPresent + name: knative-eventing-operator + ports: + - containerPort: 9090 + name: metrics + serviceAccountName: knative-serving-operator + - name: knative-openshift + spec: + replicas: 1 + selector: + matchLabels: + name: knative-openshift + template: + metadata: + labels: + name: knative-openshift + app: openshift-admission-server + spec: + serviceAccountName: knative-serving-operator + containers: + - name: knative-openshift + image: $IMAGE_KNATIVE_OPERATOR + command: + - knative-openshift + imagePullPolicy: Always + env: + - name: WATCH_NAMESPACE + value: "" + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAME + value: "knative-openshift" + - name: MIN_OPENSHIFT_VERSION + value: "4.3.0-0" + - name: REQUIRED_SERVING_NAMESPACE + value: "knative-serving" + - name: REQUIRED_EVENTING_NAMESPACE + value: "knative-eventing" + - name: KOURIER_MANIFEST_PATH + value: deploy/resources/kourier/kourier-latest.yaml + - name: CONSOLECLIDOWNLOAD_MANIFEST_PATH + value: deploy/resources/console_cli_download_kn_resources.yaml + - name: IMAGE_queue-proxy + value: registry.svc.ci.openshift.org/openshift/knative-v0.13.2:knative-serving-queue + - name: IMAGE_activator + value: registry.svc.ci.openshift.org/openshift/knative-v0.13.2:knative-serving-activator + - name: IMAGE_autoscaler + value: registry.svc.ci.openshift.org/openshift/knative-v0.13.2:knative-serving-autoscaler + - name: IMAGE_autoscaler-hpa + value: registry.svc.ci.openshift.org/openshift/knative-v0.13.2:knative-serving-autoscaler-hpa + - name: IMAGE_controller + value: registry.svc.ci.openshift.org/openshift/knative-v0.13.2:knative-serving-controller + - name: IMAGE_webhook + value: registry.svc.ci.openshift.org/openshift/knative-v0.13.2:knative-serving-webhook + - name: IMAGE_3scale-kourier-gateway + value: docker.io/maistra/proxyv2-ubi8:1.0.8 + - name: IMAGE_3scale-kourier-control + value: quay.io/3scale/kourier:fix_duplication + - name: IMAGE_eventing-controller_eventing-controller + value: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-controller + - name: IMAGE_eventing-webhook_eventing-webhook + value: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-webhook + - name: IMAGE_broker-controller_eventing-controller + value: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-channel-broker + - name: IMAGE_broker-filter_filter + value: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-mtbroker-filter + - name: IMAGE_broker-ingress_ingress + value: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-mtbroker-ingress + - name: IMAGE_mt-broker-controller_eventing-controller + value: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-mtchannel-broker + - name: IMAGE_imc-controller_controller + value: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-channel-controller + - name: IMAGE_imc-dispatcher_dispatcher + value: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-channel-dispatcher + - name: IMAGE_v0.14.0-upgrade_upgrade-brokers + value: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-upgrade-v0-14-0 + - name: IMAGE_PING_IMAGE + value: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-ping + - name: IMAGE_JOB_RUNNER_IMAGE + value: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-jobrunner + - name: IMAGE_APISERVER_RA_IMAGE + value: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-apiserver-receive-adapter + - name: IMAGE_BROKER_INGRESS_IMAGE + value: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-ingress + - name: IMAGE_BROKER_FILTER_IMAGE + value: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-filter + - name: IMAGE_DISPATCHER_IMAGE + value: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-channel-dispatcher + - name: IMAGE_KN_CLI_ARTIFACTS + value: registry.svc.ci.openshift.org/openshift/knative-v0.13.2:kn-cli-artifacts + - name: knative-openshift-ingress + spec: + replicas: 1 + selector: + matchLabels: + name: knative-openshift-ingress + template: + metadata: + labels: + name: knative-openshift-ingress + spec: + serviceAccountName: knative-openshift-ingress + containers: + - name: knative-openshift-ingress + image: $IMAGE_KNATIVE_OPENSHIFT_INGRESS + command: + - knative-openshift-ingress + imagePullPolicy: Always + env: + - name: WATCH_NAMESPACE + value: "" # watch all namespaces for ClusterIngress + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAME + value: "knative-openshift-ingress" + permissions: + - rules: + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + verbs: + - '*' + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - apiGroups: + - apps + resources: + - deployments + - daemonsets + - replicasets + - statefulsets + verbs: + - '*' + - apiGroups: + - monitoring.coreos.com + resources: + - servicemonitors + verbs: + - get + - create + - apiGroups: + - apps + resourceNames: + - knative-serving-operator + - knative-eventing-operator + resources: + - deployments/finalizers + verbs: + - update + - apiGroups: + - operator.knative.dev + resources: + - '*' + verbs: + - '*' + serviceAccountName: knative-serving-operator + strategy: deployment + installModes: + - supported: false + type: OwnNamespace + - supported: false + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: true + type: AllNamespaces + keywords: + - serverless + - FaaS + - microservices + - scale to zero + - knative + - serving + - eventing + links: + - name: Documentation + url: https://access.redhat.com/documentation/en-us/openshift_container_platform/4.3/html/serverless_applications/index + - name: Source Repository + url: https://github.com/openshift-knative/serverless-operator + maintainers: + - email: serverless-support@redhat.com + name: Serverless Team + maturity: stable + provider: + name: Red Hat, Inc. + relatedImages: + - name: IMAGE_QUEUE + image: registry.svc.ci.openshift.org/openshift/knative-v0.13.2:knative-serving-queue + - name: IMAGE_activator + image: registry.svc.ci.openshift.org/openshift/knative-v0.13.2:knative-serving-activator + - name: IMAGE_autoscaler + image: registry.svc.ci.openshift.org/openshift/knative-v0.13.2:knative-serving-autoscaler + - name: IMAGE_autoscaler-hpa + image: registry.svc.ci.openshift.org/openshift/knative-v0.13.2:knative-serving-autoscaler-hpa + - name: IMAGE_controller + image: registry.svc.ci.openshift.org/openshift/knative-v0.13.2:knative-serving-controller + - name: IMAGE_webhook + image: registry.svc.ci.openshift.org/openshift/knative-v0.13.2:knative-serving-webhook + - name: IMAGE_3scale-kourier-control + image: registry.svc.ci.openshift.org/openshift/knative-v0.13.2:kourier + - name: IMAGE_3scale-kourier-gateway + image: docker.io/maistra/proxyv2-ubi8:1.0.8 + - name: knative-serving-operator + image: registry.svc.ci.openshift.org/openshift/knative-v0.13.2:knative-serving-operator + - name: knative-operator + image: $IMAGE_KNATIVE_OPERATOR + - name: knative-openshift-ingress + image: $IMAGE_KNATIVE_OPENSHIFT_INGRESS + - name: knative-eventing-operator + image: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-operator + - name: IMAGE_eventing-controller_eventing-controller + image: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-controller + - name: IMAGE_eventing-webhook_eventing-webhook + image: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-webhook + - name: IMAGE_broker-controller_eventing-controller + image: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-channel-broker + - name: IMAGE_broker-filter_filter + image: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-mtbroker-filter + - name: IMAGE_broker-ingress_ingress + image: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-mtbroker-ingress + - name: IMAGE_mt-broker-controller_eventing-controller + image: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-mtchannel-broker + - name: IMAGE_imc-controller_controller + image: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-channel-controller + - name: IMAGE_imc-dispatcher_dispatcher + image: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-channel-dispatcher + - name: IMAGE_v0.14.0-upgrade_upgrade-brokers + image: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-upgrade-v0-14-0 + - name: IMAGE_PING_IMAGE + image: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-ping + - name: IMAGE_JOB_RUNNER_IMAGE + image: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-jobrunner + - name: IMAGE_APISERVER_RA_IMAGE + image: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-apiserver-receive-adapter + - name: IMAGE_BROKER_INGRESS_IMAGE + image: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-ingress + - name: IMAGE_BROKER_FILTER_IMAGE + image: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-filter + - name: IMAGE_DISPATCHER_IMAGE + image: registry.svc.ci.openshift.org/openshift/knative-v0.14.0:knative-eventing-channel-dispatcher + - name: IMAGE_KN_CLI_ARTIFACTS + image: registry.svc.ci.openshift.org/openshift/knative-v0.13.2:kn-cli-artifacts + replaces: serverless-operator.v1.6.0 + version: 1.7.0 diff --git a/openshift/origin-e2e-job.yaml b/openshift/origin-e2e-job.yaml new file mode 100644 index 00000000000..ef3ffa26a03 --- /dev/null +++ b/openshift/origin-e2e-job.yaml @@ -0,0 +1,83 @@ +kind: Template +apiVersion: template.openshift.io/v1 + +metadata: + name: e2e-origin-testsuite + +parameters: +- name: NAMESPACE + required: true +- name: IMAGE_TESTS + required: true +- name: TEST_COMMAND + required: true + +objects: + +- kind: Job + apiVersion: batch/v1 + metadata: + name: e2e-origin-testsuite + namespace: ${NAMESPACE} + spec: + parallelism: 1 + completions: 1 + backoffLimit: 1 + template: + spec: + restartPolicy: Never + volumes: + - name: kubeconfig + configMap: + name: kubeconfig #this config map is created externally before deploying the template + containers: + - name: e2e-test-origin + image: ${IMAGE_TESTS} + terminationMessagePolicy: FallbackToLogsOnError + resources: + requests: + cpu: 500m + memory: 300Mi + limits: + memory: 3Gi + volumeMounts: + - name: kubeconfig + mountPath: /tmp/kubeconfig + env: + - name: KUBECONFIG + value: /tmp/kubeconfig/kubeconfig + command: + - /bin/bash + - -c + - | + #!/bin/bash + set -x + + set -uo pipefail + + export PATH=/usr/libexec/origin:$PATH + + trap 'kill $(jobs -p); exit 0' TERM + + mkdir -p "${HOME}" + + export PROVIDER_ARGS="-provider=aws -gce-zone=us-east-1" + export TEST_PROVIDER='{"type":"aws","region":"us-east-1","zone":"us-east-1a","multizone":true,"multimaster":true}' + export KUBE_SSH_USER=core + + mkdir -p /tmp/artifacts/e2e-origin + + function run-tests() { + openshift-tests run "${TEST_SUITE}" \ + --provider "${TEST_PROVIDER:-}" -o /tmp/artifacts/e2e-origin/e2e-origin.log \ + --junit-dir /tmp/artifacts/e2e-origin/junit + + junit_file=$(find /tmp/artifacts/e2e-origin -name "junit_e2e_*.xml") + tar -cvf /tmp/artifacts/e2e-origin/test_logs.tar /tmp/artifacts/e2e-origin/e2e-origin.log $junit_file + + sleep 60 #wait so that the e2e test pod can download the tar file + + exit 0 + } + + ${TEST_COMMAND} \ No newline at end of file diff --git a/openshift/release/README.md b/openshift/release/README.md new file mode 100644 index 00000000000..c23e991455d --- /dev/null +++ b/openshift/release/README.md @@ -0,0 +1,72 @@ +# Release creation + +**Note 1** Run all scripts from the root of the repository. + +**Note 2** The master branch in this repo is used as a stash for +openshift-specific files needed for CI. Those files are copied to release +branches which is where CI operates. + +## Setting up your clone + +**Note** Your clone must be in `$GOPATH/src/knative.dev/eventing` *not* +`github.com/knative/eventing` or `openshift/knative-eventing` + +You must have remotes named "upstream" and "openshift" for the scripts +in this repo to work, like this: + +``` +git remote add openshift git@github.com:openshift/knative-eventing.git +git remote add upstream git@github.com:knative/eventing.git +``` + +## Branching +**On the master branch** create a release branch and then push it upstream: + +```bash +./openshift/release/create-release-branch.sh vX.Y.Z release-vX.Y.Z +git push -v openshift refs/heads/release-vX.Y.Z\:refs/heads/release-vX.Y.Z +``` + +This creates and checks out "release-vX.Y.Z" based on tag "vX.Y.Z" and adds +OpenShift specific files that we need to run CI. + +All remaining steps must be done **on the release branch**. + +## Building image and docker files + +On the release branch, build the images and docker files. + +``` +make install && make generate-dockerfiles +``` + +If any are new/changed, check them in. + +## Update CI configuration + +To enable CI, you need to update files on the master branch of github.com/openshift/release. +This command will update the files, assuming that you have an openshift/release clone +in the same tree as this repository; if not add OPENSHIFT= + +``` +make update-ci VERSION=X.Y.Z +``` + +This creates and modifies files in the openshift/release repo, verify that those files +are as expected, commit and create a PR for them. That will start a CI job. + +## Update this README + +If you find that any of the steps are incorrect or out of date. + +# Updating a branch that follow upstream's HEAD + +This is done via the nightly Jenkins job to create the release-next branch: + +```bash +./openshift/release/update-to-head.sh release-vX.Y.Z +``` + +This pulls the latest master from upstream, rebase the current fixes on the +release-vX.Y.Z branch and updates the Openshift specific files if necessary. + diff --git a/openshift/release/create-release-branch.sh b/openshift/release/create-release-branch.sh new file mode 100755 index 00000000000..61c7bc7860d --- /dev/null +++ b/openshift/release/create-release-branch.sh @@ -0,0 +1,20 @@ +#!/bin/bash + +# Usage: create-release-branch.sh v0.4.1 release-0.4 + +set -e # Exit immediately on error. + +release=$1 +target=$2 + +# Fetch the latest tags and checkout a new branch from the wanted tag. +git fetch upstream --tags +git checkout -b "$target" "$release" + +# Copy the openshift extra files from the OPENSHIFT/master branch. +git fetch openshift master +git checkout openshift/master -- openshift OWNERS_ALIASES OWNERS Makefile +make generate-dockerfiles +make RELEASE=$release generate-release +git add openshift OWNERS_ALIASES OWNERS Makefile +git commit -m "Add openshift specific files." diff --git a/openshift/release/generate-release.sh b/openshift/release/generate-release.sh new file mode 100755 index 00000000000..837bad58ad3 --- /dev/null +++ b/openshift/release/generate-release.sh @@ -0,0 +1,34 @@ +#!/usr/bin/env bash + +source $(dirname $0)/resolve.sh + +release=$1 + +output_file="openshift/release/knative-eventing-${release}.yaml" +image_prefix="quay.io/openshift-knative/knative-eventing-" + +if [ $release = "ci" ]; then + tag="latest" +else + tag=$release +fi + +# the core parts +resolve_resources config/ $output_file $image_prefix $tag + +# InMemoryChannel CRD +resolve_resources config/channels/in-memory-channel/ crd-channel-resolved.yaml $image_prefix $tag +cat crd-channel-resolved.yaml >> $output_file +rm crd-channel-resolved.yaml + +# the Channel Broker: +output_file="openshift/release/knative-eventing-channelbroker-${release}.yaml" +resolve_resources config/brokers/channel-broker/ channelbroker-resolved.yaml $image_prefix $tag +cat channelbroker-resolved.yaml >> $output_file +rm channelbroker-resolved.yaml + +# the MT Broker: +output_file="openshift/release/knative-eventing-mtbroker-${release}.yaml" +resolve_resources config/brokers/mt-channel-broker/ mtbroker-resolved.yaml $image_prefix $tag +cat mtbroker-resolved.yaml >> $output_file +rm mtbroker-resolved.yaml diff --git a/openshift/release/knative-eventing-channelbroker-ci.yaml b/openshift/release/knative-eventing-channelbroker-ci.yaml new file mode 100644 index 00000000000..766aaa6fbef --- /dev/null +++ b/openshift/release/knative-eventing-channelbroker-ci.yaml @@ -0,0 +1,324 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: eventing-channel-broker-controller + labels: + eventing.knative.dev/release: devel +subjects: + - kind: ServiceAccount + name: eventing-controller + namespace: knative-eventing +roleRef: + kind: ClusterRole + name: knative-eventing-channel-broker-controller + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: knative-eventing-channel-broker-controller + labels: + eventing.knative.dev/release: devel +rules: + - apiGroups: + - "configs.internal.knative.dev" + resources: + - "configmappropagations" + - "configmappropagations/status" + verbs: + - "get" + - "list" + - "create" + - "update" + - "delete" + - "patch" + - "watch" + - apiGroups: + - "configs.internal.knative.dev" + resources: + - "configmappropagations/finalizers" + verbs: + - "update" + - apiGroups: + - "" + resources: + - "namespaces/finalizers" + verbs: + - "update" + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - "get" + - "list" + - "create" + - "update" + - "delete" + - "patch" + - "watch" +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: configmappropagations.configs.internal.knative.dev + labels: + eventing.knative.dev/release: devel + knative.dev/crd-install: "true" +spec: + group: configs.internal.knative.dev + versions: + - name: v1alpha1 + served: true + storage: true + names: + kind: ConfigMapPropagation + plural: configmappropagations + singular: configmappropagation + categories: + - knative-internal + shortNames: + - kcmp + - cmp + scope: Namespaced + subresources: + status: {} + additionalPrinterColumns: + - name: Ready + type: string + JSONPath: ".status.conditions[?(@.type==\"Ready\")].status" + - name: Reason + type: string + JSONPath: ".status.conditions[?(@.type==\"Ready\")].reason" + - name: OriginalNamespace + type: string + JSONPath: ".spec.originalNamespace" + validation: + openAPIV3Schema: + properties: + spec: + required: + - originalNamespace + properties: + originalNamespace: + type: string + description: "The namespace where original ConfigMaps exist in." +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: broker-controller + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +spec: + replicas: 1 + selector: + matchLabels: + app: broker-controller + template: + metadata: + labels: + app: broker-controller + eventing.knative.dev/release: devel + spec: + serviceAccountName: eventing-controller + containers: + - name: broker-controller + terminationMessagePolicy: FallbackToLogsOnError + image: quay.io/openshift-knative/knative-eventing-channel-broker:latest + resources: + requests: + cpu: 100m + memory: 100Mi + env: + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CONFIG_LOGGING_NAME + value: config-logging + - name: CONFIG_OBSERVABILITY_NAME + value: config-observability + - name: METRICS_DOMAIN + value: knative.dev/eventing + - name: BROKER_INGRESS_IMAGE + value: quay.io/openshift-knative/knative-eventing-ingress:latest + - name: BROKER_INGRESS_SERVICE_ACCOUNT + value: eventing-broker-ingress + - name: BROKER_FILTER_IMAGE + value: quay.io/openshift-knative/knative-eventing-filter:latest + - name: BROKER_FILTER_SERVICE_ACCOUNT + value: eventing-broker-filter + - name: BROKER_IMAGE_PULL_SECRET_NAME + value: + securityContext: + allowPrivilegeEscalation: false + ports: + - name: metrics + containerPort: 9090 + - name: profiling + containerPort: 8008 +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: eventing-channel-broker-controller + labels: + eventing.knative.dev/release: devel +subjects: + - kind: ServiceAccount + name: eventing-controller + namespace: knative-eventing +roleRef: + kind: ClusterRole + name: knative-eventing-channel-broker-controller + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: knative-eventing-channel-broker-controller + labels: + eventing.knative.dev/release: devel +rules: + - apiGroups: + - "configs.internal.knative.dev" + resources: + - "configmappropagations" + - "configmappropagations/status" + verbs: + - "get" + - "list" + - "create" + - "update" + - "delete" + - "patch" + - "watch" + - apiGroups: + - "configs.internal.knative.dev" + resources: + - "configmappropagations/finalizers" + verbs: + - "update" + - apiGroups: + - "" + resources: + - "namespaces/finalizers" + verbs: + - "update" + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - "get" + - "list" + - "create" + - "update" + - "delete" + - "patch" + - "watch" +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: configmappropagations.configs.internal.knative.dev + labels: + eventing.knative.dev/release: devel + knative.dev/crd-install: "true" +spec: + group: configs.internal.knative.dev + versions: + - name: v1alpha1 + served: true + storage: true + names: + kind: ConfigMapPropagation + plural: configmappropagations + singular: configmappropagation + categories: + - knative-internal + shortNames: + - kcmp + - cmp + scope: Namespaced + subresources: + status: {} + additionalPrinterColumns: + - name: Ready + type: string + JSONPath: ".status.conditions[?(@.type==\"Ready\")].status" + - name: Reason + type: string + JSONPath: ".status.conditions[?(@.type==\"Ready\")].reason" + - name: OriginalNamespace + type: string + JSONPath: ".spec.originalNamespace" + validation: + openAPIV3Schema: + properties: + spec: + required: + - originalNamespace + properties: + originalNamespace: + type: string + description: "The namespace where original ConfigMaps exist in." +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: broker-controller + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +spec: + replicas: 1 + selector: + matchLabels: + app: broker-controller + template: + metadata: + labels: + app: broker-controller + eventing.knative.dev/release: devel + spec: + serviceAccountName: eventing-controller + containers: + - name: broker-controller + terminationMessagePolicy: FallbackToLogsOnError + image: quay.io/openshift-knative/knative-eventing-channel-broker:latest + resources: + requests: + cpu: 100m + memory: 100Mi + env: + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CONFIG_LOGGING_NAME + value: config-logging + - name: CONFIG_OBSERVABILITY_NAME + value: config-observability + - name: METRICS_DOMAIN + value: knative.dev/eventing + - name: BROKER_INGRESS_IMAGE + value: quay.io/openshift-knative/knative-eventing-ingress:latest + - name: BROKER_INGRESS_SERVICE_ACCOUNT + value: eventing-broker-ingress + - name: BROKER_FILTER_IMAGE + value: quay.io/openshift-knative/knative-eventing-filter:latest + - name: BROKER_FILTER_SERVICE_ACCOUNT + value: eventing-broker-filter + - name: BROKER_IMAGE_PULL_SECRET_NAME + value: + securityContext: + allowPrivilegeEscalation: false + ports: + - name: metrics + containerPort: 9090 + - name: profiling + containerPort: 8008 diff --git a/openshift/release/knative-eventing-ci.yaml b/openshift/release/knative-eventing-ci.yaml new file mode 100644 index 00000000000..6ecb0f65552 --- /dev/null +++ b/openshift/release/knative-eventing-ci.yaml @@ -0,0 +1,2397 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: knative-eventing + labels: + eventing.knative.dev/release: devel +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: addressable-resolver + labels: + eventing.knative.dev/release: devel +aggregationRule: + clusterRoleSelectors: + - matchLabels: + duck.knative.dev/addressable: "true" +rules: [] # Rules are automatically filled in by the controller manager. +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: service-addressable-resolver + labels: + eventing.knative.dev/release: devel + duck.knative.dev/addressable: "true" +rules: +- apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: serving-addressable-resolver + labels: + eventing.knative.dev/release: devel + duck.knative.dev/addressable: "true" +rules: +- apiGroups: + - serving.knative.dev + resources: + - routes + - routes/status + - services + - services/status + verbs: + - get + - list + - watch +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: channel-addressable-resolver + labels: + eventing.knative.dev/release: devel + duck.knative.dev/addressable: "true" +rules: +- apiGroups: + - messaging.knative.dev + resources: + - channels + - channels/status + verbs: + - get + - list + - watch +- apiGroups: + - messaging.knative.dev + resources: + - channels/finalizers + verbs: + - update +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: broker-addressable-resolver + labels: + eventing.knative.dev/release: devel + duck.knative.dev/addressable: "true" +rules: +- apiGroups: + - eventing.knative.dev + resources: + - brokers + - brokers/status + verbs: + - get + - list + - watch +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: messaging-addressable-resolver + labels: + eventing.knative.dev/release: devel + duck.knative.dev/addressable: "true" +rules: +- apiGroups: + - messaging.knative.dev + resources: + - sequences + - sequences/status + - parallels + - parallels/status + verbs: + - get + - list + - watch +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: flows-addressable-resolver + labels: + eventing.knative.dev/release: devel + duck.knative.dev/addressable: "true" +rules: +- apiGroups: + - flows.knative.dev + resources: + - sequences + - sequences/status + - parallels + - parallels/status + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: eventing-broker-filter + labels: + eventing.knative.dev/release: devel +rules: + - apiGroups: + - "" + resources: + - "configmaps" + verbs: + - "get" + - "list" + - "watch" + - apiGroups: + - "eventing.knative.dev" + resources: + - "triggers" + - "triggers/status" + verbs: + - "get" + - "list" + - "watch" +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: eventing-broker-ingress + labels: + eventing.knative.dev/release: devel +rules: + - apiGroups: + - "" + resources: + - "configmaps" + verbs: + - "get" + - "list" + - "watch" +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: eventing-config-reader + labels: + eventing.knative.dev/release: devel +rules: + - apiGroups: + - "" + resources: + - "configmaps" + verbs: + - "get" + - "list" + - "watch" +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: channelable-manipulator + labels: + eventing.knative.dev/release: devel +aggregationRule: + clusterRoleSelectors: + - matchLabels: + duck.knative.dev/channelable: "true" +rules: [] # Rules are automatically filled in by the controller manager. +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: meta-channelable-manipulator + labels: + eventing.knative.dev/release: devel + duck.knative.dev/channelable: "true" +rules: +- apiGroups: + - messaging.knative.dev + resources: + - channels + - channels/status + verbs: + - create + - get + - list + - watch + - update + - patch +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: knative-eventing-namespaced-admin + labels: + eventing.knative.dev/release: devel + rbac.authorization.k8s.io/aggregate-to-admin: "true" +rules: + - apiGroups: ["eventing.knative.dev"] + resources: ["*"] + verbs: ["*"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: knative-messaging-namespaced-admin + labels: + eventing.knative.dev/release: devel + rbac.authorization.k8s.io/aggregate-to-admin: "true" +rules: + - apiGroups: ["messaging.knative.dev"] + resources: ["*"] + verbs: ["*"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: knative-flows-namespaced-admin + labels: + eventing.knative.dev/release: devel + rbac.authorization.k8s.io/aggregate-to-admin: "true" +rules: + - apiGroups: ["flows.knative.dev"] + resources: ["*"] + verbs: ["*"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: knative-sources-namespaced-admin + labels: + eventing.knative.dev/release: devel + rbac.authorization.k8s.io/aggregate-to-admin: "true" +rules: + - apiGroups: ["sources.knative.dev"] + resources: ["*"] + verbs: ["*"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: knative-eventing-namespaced-edit + labels: + rbac.authorization.k8s.io/aggregate-to-edit: "true" + eventing.knative.dev/release: devel +rules: + - apiGroups: ["eventing.knative.dev", "messaging.knative.dev", "flows.knative.dev"] + resources: ["*"] + verbs: ["create", "update", "patch", "delete"] +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: knative-eventing-namespaced-view + labels: + rbac.authorization.k8s.io/aggregate-to-view: "true" + eventing.knative.dev/release: devel +rules: + - apiGroups: ["eventing.knative.dev", "messaging.knative.dev", "sources.knative.dev", flows.knative.dev] + resources: ["*"] + verbs: ["get", "list", "watch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: knative-eventing-controller + labels: + eventing.knative.dev/release: devel +rules: + - apiGroups: + - "" + resources: + - "namespaces" + - "secrets" + - "configmaps" + - "services" + - "endpoints" + - "events" + - "serviceaccounts" + verbs: &everything + - "get" + - "list" + - "create" + - "update" + - "delete" + - "patch" + - "watch" + - apiGroups: + - "apps" + resources: + - "deployments" + verbs: *everything + - apiGroups: + - "apps" + resources: + - "deployments/finalizers" + verbs: + - "update" + - apiGroups: + - "rbac.authorization.k8s.io" + resources: + - "rolebindings" + verbs: *everything + - apiGroups: + - "eventing.knative.dev" + resources: + - "brokers" + - "brokers/status" + - "triggers" + - "triggers/status" + - "eventtypes" + - "eventtypes/status" + verbs: *everything + - apiGroups: + - "eventing.knative.dev" + resources: + - "brokers/finalizers" + - "triggers/finalizers" + verbs: + - "update" + - apiGroups: + - "messaging.knative.dev" + resources: + - "sequences" + - "sequences/status" + - "channels" + - "channels/status" + - "parallels" + - "parallels/status" + - "subscriptions" + - "subscriptions/status" + verbs: *everything + - apiGroups: + - "flows.knative.dev" + resources: + - "sequences" + - "sequences/status" + - "parallels" + - "parallels/status" + verbs: *everything + - apiGroups: + - "messaging.knative.dev" + resources: + - "sequences/finalizers" + - "parallels/finalizers" + - "channels/finalizers" + verbs: + - "update" + - apiGroups: + - "flows.knative.dev" + resources: + - "sequences/finalizers" + - "parallels/finalizers" + verbs: + - "update" + - apiGroups: + - "apiextensions.k8s.io" + resources: + - "customresourcedefinitions" + verbs: + - "get" + - "list" + - "watch" +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: knative-eventing-pingsource-mt-adapter + labels: + eventing.knative.dev/release: devel +rules: + - apiGroups: + - "" + resources: + - "configmaps" + verbs: + - "get" + - "list" + - "watch" + - apiGroups: + - sources.knative.dev + resources: + - pingsources + - pingsources/status + verbs: + - get + - list + - watch + - patch + - apiGroups: + - sources.knative.dev + resources: + - pingsources/finalizers + verbs: + - "patch" + - apiGroups: + - "" + resources: + - events + verbs: + - "create" + - "patch" +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: podspecable-binding + labels: + eventing.knative.dev/release: devel +aggregationRule: + clusterRoleSelectors: + - matchLabels: + duck.knative.dev/podspecable: "true" +rules: [] # Rules are automatically filled in by the controller manager. +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: builtin-podspecable-binding + labels: + eventing.knative.dev/release: devel + duck.knative.dev/podspecable: "true" +rules: + - apiGroups: + - "apps" + resources: + - "deployments" + - "daemonsets" + - "statefulsets" + - "replicasets" + verbs: + - "list" + - "watch" + - "patch" + - apiGroups: + - "batch" + resources: + - "jobs" + verbs: + - "list" + - "watch" + - "patch" +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: source-observer + labels: + eventing.knative.dev/release: devel +aggregationRule: + clusterRoleSelectors: + - matchLabels: + duck.knative.dev/source: "true" +rules: [] # Rules are automatically filled in by the controller manager. +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: eventing-sources-source-observer + labels: + eventing.knative.dev/release: devel + duck.knative.dev/source: "true" +rules: + - apiGroups: + - sources.knative.dev + resources: + - apiserversources + - pingsources + - sinkbindings + - containersources + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: knative-eventing-sources-controller + labels: + eventing.knative.dev/release: devel +rules: + - apiGroups: + - "" + resources: + - "secrets" + - "configmaps" + - "services" + verbs: &everything + - "get" + - "list" + - "create" + - "update" + - "delete" + - "patch" + - "watch" + - apiGroups: + - "apps" + resources: + - "deployments" + verbs: *everything + - apiGroups: + - "sources.knative.dev" + resources: + - "sinkbindings" + - "sinkbindings/status" + - "sinkbindings/finalizers" + - "apiserversources" + - "apiserversources/status" + - "apiserversources/finalizers" + - "pingsources" + - "pingsources/status" + - "pingsources/finalizers" + - "containersources" + - "containersources/status" + - "containersources/finalizers" + verbs: *everything + - apiGroups: + - serving.knative.dev + resources: + - services + verbs: *everything + - apiGroups: + - eventing.knative.dev + resources: + - eventtypes + verbs: *everything + - apiGroups: + - "" + resources: + - events + verbs: *everything + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: knative-eventing-webhook + labels: + eventing.knative.dev/release: devel +rules: + - apiGroups: + - "" + resources: + - "configmaps" + verbs: + - "get" + - "list" + - "watch" + - apiGroups: + - "" + resources: + - "secrets" + - "namespaces" + verbs: + - "get" + - "create" + - "update" + - "list" + - "watch" + - "patch" + - apiGroups: + - "apps" + resources: + - "deployments" + verbs: + - "get" + - apiGroups: + - "apps" + resources: + - "deployments/finalizers" + verbs: + - update + - apiGroups: + - "admissionregistration.k8s.io" + resources: + - "mutatingwebhookconfigurations" + - "validatingwebhookconfigurations" + verbs: &everything + - "get" + - "list" + - "create" + - "update" + - "delete" + - "patch" + - "watch" + - apiGroups: + - "sources.knative.dev" + resources: + - "sinkbindings" + - "sinkbindings/status" + - "sinkbindings/finalizers" + verbs: *everything + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "create", "update", "delete", "patch", "watch"] +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: eventing-controller + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: eventing-controller + labels: + eventing.knative.dev/release: devel +subjects: + - kind: ServiceAccount + name: eventing-controller + namespace: knative-eventing +roleRef: + kind: ClusterRole + name: knative-eventing-controller + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: eventing-controller-resolver + labels: + eventing.knative.dev/release: devel +subjects: + - kind: ServiceAccount + name: eventing-controller + namespace: knative-eventing +roleRef: + kind: ClusterRole + name: addressable-resolver + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: eventing-controller-source-observer + labels: + eventing.knative.dev/release: devel +subjects: + - kind: ServiceAccount + name: eventing-controller + namespace: knative-eventing +roleRef: + kind: ClusterRole + name: source-observer + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: eventing-controller-sources-controller + labels: + eventing.knative.dev/release: devel +subjects: + - kind: ServiceAccount + name: eventing-controller + namespace: knative-eventing +roleRef: + kind: ClusterRole + name: knative-eventing-sources-controller + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: eventing-controller-manipulator + labels: + eventing.knative.dev/release: devel +subjects: + - kind: ServiceAccount + name: eventing-controller + namespace: knative-eventing +roleRef: + kind: ClusterRole + name: channelable-manipulator + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pingsource-mt-adapter + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: knative-eventing-pingsource-mt-adapter + labels: + eventing.knative.dev/release: devel +subjects: + - kind: ServiceAccount + name: pingsource-mt-adapter + namespace: knative-eventing +roleRef: + kind: ClusterRole + name: knative-eventing-pingsource-mt-adapter + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: eventing-webhook + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: eventing-webhook + labels: + eventing.knative.dev/release: devel +subjects: + - kind: ServiceAccount + name: eventing-webhook + namespace: knative-eventing +roleRef: + kind: ClusterRole + name: knative-eventing-webhook + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: eventing-webhook-resolver + labels: + eventing.knative.dev/release: devel +subjects: + - kind: ServiceAccount + name: eventing-webhook + namespace: knative-eventing +roleRef: + kind: ClusterRole + name: addressable-resolver + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: eventing-webhook-podspecable-binding + labels: + eventing.knative.dev/release: devel +subjects: + - kind: ServiceAccount + name: eventing-webhook + namespace: knative-eventing +roleRef: + kind: ClusterRole + name: podspecable-binding + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + labels: + eventing.knative.dev/release: devel + eventing.knative.dev/source: "true" + duck.knative.dev/source: "true" + knative.dev/crd-install: "true" + annotations: + registry.knative.dev/eventTypes: | + [ + { "type": "dev.knative.apiserver.resource.add" }, + { "type": "dev.knative.apiserver.resource.delete" }, + { "type": "dev.knative.apiserver.resource.update" }, + { "type": "dev.knative.apiserver.ref.add" }, + { "type": "dev.knative.apiserver.ref.delete" }, + { "type": "dev.knative.apiserver.ref.update" } + ] + name: apiserversources.sources.knative.dev +spec: + group: sources.knative.dev + names: + categories: + - all + - knative + - eventing + - sources + kind: ApiServerSource + plural: apiserversources + scope: Namespaced + subresources: + status: {} + preserveUnknownFields: false + validation: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + conversion: + strategy: Webhook + webhookClientConfig: + service: + name: eventing-webhook + namespace: knative-eventing + additionalPrinterColumns: + - name: Ready + type: string + JSONPath: ".status.conditions[?(@.type==\"Ready\")].status" + - name: Reason + type: string + JSONPath: ".status.conditions[?(@.type=='Ready')].reason" + - name: Sink + type: string + JSONPath: ".status.sinkUri" + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + versions: + - name: v1alpha1 + served: true + storage: true + - name: v1alpha2 + served: true + storage: false +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: brokers.eventing.knative.dev + labels: + eventing.knative.dev/release: devel + knative.dev/crd-install: "true" + duck.knative.dev/addressable: "true" +spec: + group: eventing.knative.dev + preserveUnknownFields: false + validation: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + names: + kind: Broker + plural: brokers + singular: broker + categories: + - all + - knative + - eventing + scope: Namespaced + subresources: + status: {} + conversion: + strategy: Webhook + webhookClientConfig: + service: + name: eventing-webhook + namespace: knative-eventing + additionalPrinterColumns: + - name: Ready + type: string + JSONPath: ".status.conditions[?(@.type==\"Ready\")].status" + - name: Reason + type: string + JSONPath: ".status.conditions[?(@.type==\"Ready\")].reason" + - name: URL + type: string + JSONPath: .status.address.url + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + versions: + - name: v1alpha1 + served: true + storage: true + - name: v1beta1 + served: true + storage: false +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: channels.messaging.knative.dev + labels: + eventing.knative.dev/release: devel + knative.dev/crd-install: "true" + messaging.knative.dev/subscribable: "true" + duck.knative.dev/addressable: "true" +spec: + group: messaging.knative.dev + preserveUnknownFields: false + names: + kind: Channel + plural: channels + singular: channel + categories: + - all + - knative + - messaging + - channel + shortNames: + - ch + scope: Namespaced + subresources: + status: {} + conversion: + strategy: Webhook + webhookClientConfig: + service: + name: eventing-webhook + namespace: knative-eventing + additionalPrinterColumns: + - name: Ready + type: string + JSONPath: ".status.conditions[?(@.type==\"Ready\")].status" + - name: Reason + type: string + JSONPath: ".status.conditions[?(@.type==\"Ready\")].reason" + - name: URL + type: string + JSONPath: .status.address.url + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + versions: + - name: v1alpha1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + channelTemplate: + description: "Channel implementation which dictates the durability guarantees of events. If not specified then the default channel is used. More information: https://knative.dev/docs/eventing/channels/default-channels." + type: object + properties: + apiVersion: + type: string + description: "API version of the channel implementation." + minLength: 1 + kind: + type: string + description: "Kind of the channel implementation to use (InMemoryChannel, KafkaChannel, etc.)." + minLength: 1 + spec: + type: object + required: + - apiVersion + - kind + subscribable: + type: object + properties: + subscribers: + type: array + description: "Events received on the channel are forwarded to its subscribers." + items: + type: object + x-kubernetes-preserve-unknown-fields: true + required: + - uid + properties: + ref: + type: object + description: "a reference to a Kubernetes object from which to retrieve the target URI." + x-kubernetes-preserve-unknown-fields: true + required: + - namespace + - name + - uid + properties: + apiVersion: + type: string + kind: + type: string + name: + type: string + minLength: 1 + namespace: + type: string + minLength: 1 + uid: + type: string + minLength: 1 + uid: + type: string + description: "Used to understand the origin of the subscriber." + minLength: 1 + subscriberURI: + type: string + description: "Endpoint for the subscriber." + minLength: 1 + replyURI: + type: string + description: "Endpoint for the reply." + minLength: 1 + status: + type: object + x-kubernetes-preserve-unknown-fields: true + - name: v1beta1 + served: true + storage: false + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + x-kubernetes-preserve-unknown-fields: true + status: + type: object + x-kubernetes-preserve-unknown-fields: true +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + labels: + eventing.knative.dev/release: devel + eventing.knative.dev/source: "true" + duck.knative.dev/source: "true" + knative.dev/crd-install: "true" + name: containersources.sources.knative.dev +spec: + group: sources.knative.dev + names: + categories: + - all + - knative + - eventing + - sources + kind: ContainerSource + plural: containersources + scope: Namespaced + subresources: + status: {} + preserveUnknownFields: false + validation: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + additionalPrinterColumns: + - name: Ready + type: string + JSONPath: ".status.conditions[?(@.type==\"Ready\")].status" + - name: Reason + type: string + JSONPath: ".status.conditions[?(@.type=='Ready')].reason" + - name: Sink + type: string + JSONPath: ".status.sinkUri" + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + versions: + - name: v1alpha2 + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: eventtypes.eventing.knative.dev + labels: + eventing.knative.dev/release: devel + knative.dev/crd-install: "true" +spec: + group: eventing.knative.dev + names: + kind: EventType + plural: eventtypes + singular: eventtype + categories: + - all + - knative + - eventing + scope: Namespaced + subresources: + status: {} + conversion: + strategy: Webhook + webhookClientConfig: + service: + name: eventing-webhook + namespace: knative-eventing + preserveUnknownFields: false + validation: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + additionalPrinterColumns: + - name: Type + type: string + JSONPath: ".spec.type" + - name: Source + type: string + JSONPath: ".spec.source" + - name: Schema + type: string + JSONPath: ".spec.schema" + - name: Broker + type: string + JSONPath: ".spec.broker" + - name: Description + type: string + JSONPath: ".spec.description" + - name: Ready + type: string + JSONPath: ".status.conditions[?(@.type==\"Ready\")].status" + - name: Reason + type: string + JSONPath: ".status.conditions[?(@.type==\"Ready\")].reason" + versions: + - name: v1alpha1 + served: true + storage: true + - name: v1beta1 + served: true + storage: false +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: parallels.flows.knative.dev + labels: + eventing.knative.dev/release: devel + knative.dev/crd-install: "true" + duck.knative.dev/addressable: "true" +spec: + group: flows.knative.dev + preserveUnknownFields: false + validation: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + names: + kind: Parallel + plural: parallels + singular: parallel + categories: + - all + - knative + - eventing + - flows + scope: Namespaced + subresources: + status: {} + conversion: + strategy: Webhook + webhookClientConfig: + service: + name: eventing-webhook + namespace: knative-eventing + additionalPrinterColumns: + - name: Ready + type: string + JSONPath: ".status.conditions[?(@.type==\"Ready\")].status" + - name: Reason + type: string + JSONPath: ".status.conditions[?(@.type==\"Ready\")].reason" + - name: URL + type: string + JSONPath: .status.address.url + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + versions: + - name: v1alpha1 + served: true + storage: true + - name: v1beta1 + served: true + storage: false +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + labels: + eventing.knative.dev/release: devel + eventing.knative.dev/source: "true" + duck.knative.dev/source: "true" + knative.dev/crd-install: "true" + annotations: + registry.knative.dev/eventTypes: | + [ + { "type": "dev.knative.sources.ping" } + ] + name: pingsources.sources.knative.dev +spec: + group: sources.knative.dev + names: + categories: + - all + - knative + - eventing + - sources + kind: PingSource + plural: pingsources + scope: Namespaced + subresources: + status: {} + preserveUnknownFields: false + validation: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + conversion: + strategy: Webhook + webhookClientConfig: + service: + name: eventing-webhook + namespace: knative-eventing + additionalPrinterColumns: + - name: Ready + type: string + JSONPath: ".status.conditions[?(@.type=='Ready')].status" + - name: Reason + type: string + JSONPath: ".status.conditions[?(@.type=='Ready')].reason" + - name: Sink + type: string + JSONPath: .status.sinkUri + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + versions: + - name: v1alpha1 + served: true + storage: true + - name: v1alpha2 + served: true + storage: false +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: sequences.flows.knative.dev + labels: + eventing.knative.dev/release: devel + knative.dev/crd-install: "true" + duck.knative.dev/addressable: "true" +spec: + group: flows.knative.dev + preserveUnknownFields: false + validation: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + names: + kind: Sequence + plural: sequences + singular: sequence + categories: + - all + - knative + - eventing + - flows + scope: Namespaced + subresources: + status: {} + conversion: + strategy: Webhook + webhookClientConfig: + service: + name: eventing-webhook + namespace: knative-eventing + additionalPrinterColumns: + - name: Ready + type: string + JSONPath: ".status.conditions[?(@.type==\"Ready\")].status" + - name: Reason + type: string + JSONPath: ".status.conditions[?(@.type==\"Ready\")].reason" + - name: URL + type: string + JSONPath: .status.address.url + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + versions: + - name: v1alpha1 + served: true + storage: true + - name: v1beta1 + served: true + storage: false +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + labels: + eventing.knative.dev/release: devel + eventing.knative.dev/source: "true" + duck.knative.dev/source: "true" + duck.knative.dev/binding: "true" + knative.dev/crd-install: "true" + name: sinkbindings.sources.knative.dev +spec: + group: sources.knative.dev + names: + categories: + - all + - knative + - eventing + - sources + - bindings + kind: SinkBinding + plural: sinkbindings + scope: Namespaced + subresources: + status: {} + preserveUnknownFields: false + validation: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + conversion: + strategy: Webhook + webhookClientConfig: + service: + name: eventing-webhook + namespace: knative-eventing + additionalPrinterColumns: + - name: Ready + type: string + JSONPath: ".status.conditions[?(@.type=='Ready')].status" + - name: Reason + type: string + JSONPath: ".status.conditions[?(@.type=='Ready')].reason" + - name: Sink + type: string + JSONPath: ".status.sinkUri" + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + versions: + - name: v1alpha1 + served: true + storage: true + - name: v1alpha2 + served: true + storage: false +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: subscriptions.messaging.knative.dev + labels: + eventing.knative.dev/release: devel + knative.dev/crd-install: "true" +spec: + group: messaging.knative.dev + preserveUnknownFields: false + names: + kind: Subscription + plural: subscriptions + singular: subscription + categories: + - all + - knative + - eventing + shortNames: + - sub + scope: Namespaced + subresources: + status: {} + conversion: + strategy: None + additionalPrinterColumns: + - name: Ready + type: string + JSONPath: ".status.conditions[?(@.type==\"Ready\")].status" + - name: Reason + type: string + JSONPath: ".status.conditions[?(@.type==\"Ready\")].reason" + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + validation: + openAPIV3Schema: + type: object + properties: + spec: + required: + - channel + type: object + properties: + channel: + type: object + description: "Channel that forwards incoming events to the subscription." + required: + - apiVersion + - kind + - name + properties: + apiVersion: + type: string + minLength: 1 + kind: + type: string + name: + type: string + minLength: 1 + subscriber: + type: object + description: "the subscriber that (optionally) processes events." + properties: + uri: + type: string + description: "the target URI or, if ref is provided, a relative URI reference that will be combined with ref to produce a target URI." + minLength: 1 + ref: + type: object + description: "a reference to a Kubernetes object from which to retrieve the target URI." + required: + - apiVersion + - kind + - name + properties: + apiVersion: + type: string + minLength: 1 + kind: + type: string + minLength: 1 + name: + type: string + minLength: 1 + namespace: + type: string + minLength: 1 + reply: + type: object + description: "the destination that (optionally) receive events." + properties: + uri: + type: string + description: "the target URI or, if ref is provided, a relative URI reference that will be combined with ref to produce a target URI." + minLength: 1 + ref: + type: object + description: "a reference to a Kubernetes object from which to retrieve the target URI." + required: + - apiVersion + - kind + - name + properties: + apiVersion: + type: string + minLength: 1 + kind: + type: string + minLength: 1 + name: + type: string + minLength: 1 + namespace: + type: string + minLength: 1 + delivery: + description: "Subscription delivery options. More information: https://knative.dev/docs/eventing/event-delivery." + type: object + x-kubernetes-preserve-unknown-fields: true + status: + type: object + x-kubernetes-preserve-unknown-fields: true + versions: + - name: v1alpha1 + served: true + storage: true + - name: v1beta1 + served: true + storage: false +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: triggers.eventing.knative.dev + labels: + eventing.knative.dev/release: devel + knative.dev/crd-install: "true" +spec: + group: eventing.knative.dev + preserveUnknownFields: false + names: + kind: Trigger + plural: triggers + singular: trigger + categories: + - all + - knative + - eventing + scope: Namespaced + subresources: + status: {} + conversion: + strategy: Webhook + webhookClientConfig: + service: + name: eventing-webhook + namespace: knative-eventing + additionalPrinterColumns: + - name: Ready + type: string + JSONPath: ".status.conditions[?(@.type==\"Ready\")].status" + - name: Reason + type: string + JSONPath: ".status.conditions[?(@.type==\"Ready\")].reason" + - name: Broker + type: string + JSONPath: .spec.broker + - name: Subscriber_URI + type: string + JSONPath: .status.subscriberUri + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + versions: + - name: v1alpha1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + spec: + required: + - subscriber + type: object + properties: + broker: + type: string + description: "Broker that this trigger receives events from. If not specified, will default to 'default'." + filter: + type: object + properties: + sourceAndType: + type: object + properties: + type: + type: string + source: + type: string + attributes: + type: object + description: "Map of CloudEvents attributes used for filtering events." + additionalProperties: + type: string + subscriber: + type: object + description: "the destination that should receive events." + properties: + ref: + type: object + description: "a reference to a Kubernetes object from which to retrieve the target URI." + required: + - apiVersion + - kind + - name + properties: + apiVersion: + type: string + minLength: 1 + kind: + type: string + minLength: 1 + namespace: + type: string + minLength: 1 + name: + type: string + minLength: 1 + uri: + type: string + description: "the target URI or, if ref is provided, a relative URI reference that will be combined with ref to produce a target URI." + status: + type: object + x-kubernetes-preserve-unknown-fields: true + - name: v1beta1 + served: true + storage: false + schema: + openAPIV3Schema: + type: object + properties: + spec: + required: + - subscriber + type: object + properties: + broker: + type: string + description: "Broker that this trigger receives events from. If not specified, will default to 'default'." + filter: + type: object + properties: + attributes: + type: object + description: "Map of CloudEvents attributes used for filtering events." + additionalProperties: + type: string + subscriber: + type: object + description: "the destination that should receive events." + properties: + ref: + type: object + description: "a reference to a Kubernetes object from which to retrieve the target URI." + required: + - apiVersion + - kind + - name + properties: + apiVersion: + type: string + minLength: 1 + kind: + type: string + minLength: 1 + namespace: + type: string + minLength: 1 + name: + type: string + minLength: 1 + uri: + type: string + description: "the target URI or, if ref is provided, a relative URI reference that will be combined with ref to produce a target URI." + status: + type: object + x-kubernetes-preserve-unknown-fields: true +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: config-br-default-channel + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +data: + channelTemplateSpec: | + apiVersion: messaging.knative.dev/v1beta1 + kind: InMemoryChannel +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: config-br-defaults + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +data: + default-br-config: | + clusterDefault: + brokerClass: ChannelBasedBroker + apiVersion: v1 + kind: ConfigMap + name: config-br-default-channel + namespace: knative-eventing +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: default-ch-webhook + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +data: + default-ch-config: | + clusterDefault: + apiVersion: messaging.knative.dev/v1beta1 + kind: InMemoryChannel + namespaceDefaults: + some-namespace: + apiVersion: messaging.knative.dev/v1beta1 + kind: InMemoryChannel +--- +apiVersion: v1 +kind: Secret +metadata: + name: eventing-webhook-certs + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: eventing-controller + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +spec: + replicas: 1 + selector: + matchLabels: + app: eventing-controller + template: + metadata: + labels: + app: eventing-controller + eventing.knative.dev/release: devel + spec: + serviceAccountName: eventing-controller + containers: + - name: eventing-controller + terminationMessagePolicy: FallbackToLogsOnError + image: quay.io/openshift-knative/knative-eventing-controller:latest + resources: + requests: + cpu: 100m + memory: 100Mi + env: + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CONFIG_LOGGING_NAME + value: config-logging + - name: CONFIG_OBSERVABILITY_NAME + value: config-observability + - name: METRICS_DOMAIN + value: knative.dev/eventing + - name: PING_IMAGE + value: quay.io/openshift-knative/knative-eventing-ping:latest + - name: MT_PING_IMAGE + value: quay.io/openshift-knative/knative-eventing-mtping:latest + - name: APISERVER_RA_IMAGE + value: quay.io/openshift-knative/knative-eventing-apiserver-receive-adapter:latest + securityContext: + allowPrivilegeEscalation: false + ports: + - name: metrics + containerPort: 9090 + - name: profiling + containerPort: 8008 +--- +apiVersion: admissionregistration.k8s.io/v1beta1 +kind: ValidatingWebhookConfiguration +metadata: + name: config.webhook.eventing.knative.dev + labels: + eventing.knative.dev/release: devel +webhooks: +- admissionReviewVersions: + - v1beta1 + clientConfig: + service: + name: eventing-webhook + namespace: knative-eventing + sideEffects: None + failurePolicy: Fail + name: config.webhook.eventing.knative.dev + namespaceSelector: + matchExpressions: + - key: eventing.knative.dev/release + operator: Exists +--- +apiVersion: admissionregistration.k8s.io/v1beta1 +kind: MutatingWebhookConfiguration +metadata: + name: webhook.eventing.knative.dev + labels: + eventing.knative.dev/release: devel +webhooks: +- admissionReviewVersions: + - v1beta1 + clientConfig: + service: + name: eventing-webhook + namespace: knative-eventing + sideEffects: None + failurePolicy: Fail + name: webhook.eventing.knative.dev +--- +apiVersion: admissionregistration.k8s.io/v1beta1 +kind: ValidatingWebhookConfiguration +metadata: + name: validation.webhook.eventing.knative.dev + labels: + eventing.knative.dev/release: devel +webhooks: +- admissionReviewVersions: + - v1beta1 + clientConfig: + service: + name: eventing-webhook + namespace: knative-eventing + sideEffects: None + failurePolicy: Fail + name: validation.webhook.eventing.knative.dev +--- +apiVersion: v1 +kind: Secret +metadata: + name: eventing-webhook-certs + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +--- +apiVersion: admissionregistration.k8s.io/v1beta1 +kind: MutatingWebhookConfiguration +metadata: + name: sinkbindings.webhook.sources.knative.dev + labels: + eventing.knative.dev/release: devel +webhooks: +- admissionReviewVersions: + - v1beta1 + clientConfig: + service: + name: eventing-webhook + namespace: knative-eventing + failurePolicy: Fail + sideEffects: None + name: sinkbindings.webhook.sources.knative.dev +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: eventing-webhook + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +spec: + replicas: 1 + selector: + matchLabels: &labels + app: eventing-webhook + role: eventing-webhook + template: + metadata: + labels: *labels + spec: + serviceAccountName: eventing-webhook + containers: + - name: eventing-webhook + terminationMessagePolicy: FallbackToLogsOnError + image: quay.io/openshift-knative/knative-eventing-webhook:latest + resources: + requests: + cpu: 20m + memory: 20Mi + limits: + cpu: 200m + memory: 200Mi + env: + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CONFIG_LOGGING_NAME + value: config-logging + - name: METRICS_DOMAIN + value: knative.dev/eventing + - name: WEBHOOK_NAME + value: eventing-webhook + - name: SINK_BINDING_SELECTION_MODE + value: "exclusion" + securityContext: + allowPrivilegeEscalation: false + ports: + - name: https-webhook + containerPort: 8443 + - name: metrics + containerPort: 9090 + - name: profiling + containerPort: 8008 + readinessProbe: &probe + periodSeconds: 1 + httpGet: + scheme: HTTPS + port: 8443 + httpHeaders: + - name: k-kubelet-probe + value: "webhook" + livenessProbe: *probe +--- +apiVersion: v1 +kind: Service +metadata: + labels: + eventing.knative.dev/release: devel + role: eventing-webhook + name: eventing-webhook + namespace: knative-eventing +spec: + ports: + - name: https-webhook + port: 443 + targetPort: 8443 + selector: + role: eventing-webhook +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: config-leader-election + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +data: + _example: | + resourceLock: "leases" + leaseDuration: "15s" + renewDeadline: "10s" + retryPeriod: "2s" + enabledComponents: "controller,broker-controller,inmemorychannel-dispatcher,inmemorychannel-controller" +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: config-logging + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel + knative.dev/config-propagation: original + knative.dev/config-category: eventing +data: + zap-logger-config: | + { + "level": "info", + "development": false, + "outputPaths": ["stdout"], + "errorOutputPaths": ["stderr"], + "encoding": "json", + "encoderConfig": { + "timeKey": "ts", + "levelKey": "level", + "nameKey": "logger", + "callerKey": "caller", + "messageKey": "msg", + "stacktraceKey": "stacktrace", + "lineEnding": "", + "levelEncoder": "", + "timeEncoder": "iso8601", + "durationEncoder": "", + "callerEncoder": "" + } + } + loglevel.controller: "info" + loglevel.webhook: "info" +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: config-observability + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel + knative.dev/config-propagation: original + knative.dev/config-category: eventing +data: + _example: | + metrics.backend-destination: prometheus + metrics.request-metrics-backend-destination: prometheus + metrics.stackdriver-project-id: "" + metrics.allow-stackdriver-custom-metrics: "false" + profiling.enable: "false" +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: config-tracing + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel + knative.dev/config-propagation: original + knative.dev/config-category: eventing +data: + _example: | + backend: "none" + zipkin-endpoint: "http://zipkin.istio-system.svc.cluster.local:9411/api/v2/spans" + stackdriver-project-id: "my-project" + debug: "false" + sample-rate: "0.1" +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: config-imc-event-dispatcher + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +data: + MaxIdleConnections: "1000" + MaxIdleConnectionsPerHost: "100" +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: imc-addressable-resolver + labels: + eventing.knative.dev/release: devel + duck.knative.dev/addressable: "true" +rules: + - apiGroups: + - messaging.knative.dev + resources: + - inmemorychannels + - inmemorychannels/status + verbs: + - get + - list + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: imc-channelable-manipulator + labels: + eventing.knative.dev/release: devel + duck.knative.dev/channelable: "true" +rules: + - apiGroups: + - messaging.knative.dev + resources: + - inmemorychannels + - inmemorychannels/status + verbs: + - create + - get + - list + - watch + - update + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: imc-controller + labels: + eventing.knative.dev/release: devel +rules: + - apiGroups: + - messaging.knative.dev + resources: + - inmemorychannels + - inmemorychannels/status + verbs: + - get + - list + - watch + - update + - apiGroups: + - messaging.knative.dev + resources: + - inmemorychannels/finalizers + verbs: + - update + - apiGroups: + - "" + resources: + - services + - serviceaccounts + verbs: &everything + - get + - list + - watch + - create + - update + - patch + - apiGroups: + - "" + resources: + - endpoints + verbs: + - get + - list + - watch + - apiGroups: + - "rbac.authorization.k8s.io" + resources: + - rolebindings + verbs: *everything + - apiGroups: + - apps + resources: + - deployments + verbs: *everything + - apiGroups: + - apps + resources: + - deployments/status + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: *everything +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: imc-dispatcher + labels: + eventing.knative.dev/release: devel +rules: + - apiGroups: + - messaging.knative.dev + resources: + - inmemorychannels + - inmemorychannels/status + verbs: + - get + - list + - watch + - apiGroups: + - "" # Core API group. + resources: + - configmaps + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - apiGroups: + - messaging.knative.dev + resources: + - inmemorychannels/status + verbs: + - update + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: imc-dispatcher + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +--- +apiVersion: v1 +kind: Service +metadata: + name: imc-dispatcher + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel + messaging.knative.dev/channel: in-memory-channel + messaging.knative.dev/role: dispatcher +spec: + selector: + messaging.knative.dev/channel: in-memory-channel + messaging.knative.dev/role: dispatcher + ports: + - name: http-dispatcher + port: 80 + protocol: TCP + targetPort: 8080 +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: imc-controller + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: imc-controller + labels: + eventing.knative.dev/release: devel +subjects: + - kind: ServiceAccount + name: imc-controller + namespace: knative-eventing +roleRef: + kind: ClusterRole + name: imc-controller + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: imc-dispatcher + labels: + eventing.knative.dev/release: devel +subjects: + - kind: ServiceAccount + name: imc-dispatcher + namespace: knative-eventing +roleRef: + kind: ClusterRole + name: imc-dispatcher + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: inmemorychannels.messaging.knative.dev + labels: + eventing.knative.dev/release: devel + knative.dev/crd-install: "true" + messaging.knative.dev/subscribable: "true" + duck.knative.dev/addressable: "true" +spec: + group: messaging.knative.dev + preserveUnknownFields: false + validation: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + names: + kind: InMemoryChannel + plural: inmemorychannels + singular: inmemorychannel + categories: + - all + - knative + - messaging + - channel + shortNames: + - imc + scope: Namespaced + subresources: + status: {} + conversion: + strategy: Webhook + webhookClientConfig: + service: + name: eventing-webhook + namespace: knative-eventing + additionalPrinterColumns: + - name: Ready + type: string + JSONPath: ".status.conditions[?(@.type==\"Ready\")].status" + - name: Reason + type: string + JSONPath: ".status.conditions[?(@.type==\"Ready\")].reason" + - name: URL + type: string + JSONPath: .status.address.url + - name: Age + type: date + JSONPath: .metadata.creationTimestamp + versions: + - name: v1alpha1 + served: true + storage: true + - name: v1beta1 + served: true + storage: false +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: imc-controller + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +spec: + replicas: 1 + selector: + matchLabels: &labels + messaging.knative.dev/channel: in-memory-channel + messaging.knative.dev/role: controller + template: + metadata: + labels: *labels + spec: + serviceAccountName: imc-controller + containers: + - name: controller + image: quay.io/openshift-knative/knative-eventing-channel-controller:latest + env: + - name: CONFIG_LOGGING_NAME + value: config-logging + - name: CONFIG_OBSERVABILITY_NAME + value: config-observability + - name: METRICS_DOMAIN + value: knative.dev/inmemorychannel-controller + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: DISPATCHER_IMAGE + value: quay.io/openshift-knative/knative-eventing-channel-dispatcher:latest + securityContext: + allowPrivilegeEscalation: false + ports: + - name: metrics + containerPort: 9090 + - name: profiling + containerPort: 8008 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: imc-dispatcher + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +spec: + replicas: 1 + selector: + matchLabels: &labels + messaging.knative.dev/channel: in-memory-channel + messaging.knative.dev/role: dispatcher + template: + metadata: + labels: *labels + spec: + serviceAccountName: imc-dispatcher + containers: + - name: dispatcher + image: quay.io/openshift-knative/knative-eventing-channel-dispatcher:latest + env: + - name: CONFIG_LOGGING_NAME + value: config-logging + - name: CONFIG_OBSERVABILITY_NAME + value: config-observability + - name: METRICS_DOMAIN + value: knative.dev/inmemorychannel-dispatcher + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 9090 + name: metrics diff --git a/openshift/release/knative-eventing-mtbroker-ci.yaml b/openshift/release/knative-eventing-mtbroker-ci.yaml new file mode 100644 index 00000000000..b27f5070fab --- /dev/null +++ b/openshift/release/knative-eventing-mtbroker-ci.yaml @@ -0,0 +1,804 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: knative-eventing-mt-channel-broker-controller + labels: + eventing.knative.dev/release: devel +rules: + - apiGroups: + - "" + resources: + - "namespaces/finalizers" + verbs: + - "update" + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - "get" + - "list" + - "create" + - "update" + - "delete" + - "patch" + - "watch" +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: knative-eventing-mt-broker-filter + labels: + eventing.knative.dev/release: devel +rules: + - apiGroups: + - eventing.knative.dev + resources: + - triggers + - triggers/status + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - "configmaps" + verbs: + - get + - list + - watch +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: mt-broker-filter + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: knative-eventing-mt-broker-ingress + labels: + eventing.knative.dev/release: devel +rules: + - apiGroups: + - "" + resources: + - "configmaps" + verbs: + - get + - list + - watch +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: mt-broker-ingress + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: eventing-mt-channel-broker-controller + labels: + eventing.knative.dev/release: devel +subjects: + - kind: ServiceAccount + name: eventing-controller + namespace: knative-eventing +roleRef: + kind: ClusterRole + name: knative-eventing-mt-channel-broker-controller + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: knative-eventing-mt-broker-filter + labels: + eventing.knative.dev/release: devel +subjects: + - kind: ServiceAccount + name: mt-broker-filter + namespace: knative-eventing +roleRef: + kind: ClusterRole + name: knative-eventing-mt-broker-filter + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: knative-eventing-mt-broker-ingress + labels: + eventing.knative.dev/release: devel +subjects: + - kind: ServiceAccount + name: mt-broker-ingress + namespace: knative-eventing +roleRef: + kind: ClusterRole + name: knative-eventing-mt-broker-ingress + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: broker-filter + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +spec: + selector: + matchLabels: + eventing.knative.dev/brokerRole: filter + template: + metadata: + labels: + eventing.knative.dev/brokerRole: filter + eventing.knative.dev/release: devel + spec: + serviceAccountName: mt-broker-filter + containers: + - name: filter + terminationMessagePolicy: FallbackToLogsOnError + image: quay.io/openshift-knative/knative-eventing-mtbroker-filter:latest + livenessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: 8080 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 2 + successThreshold: 1 + timeoutSeconds: 1 + resources: + requests: + cpu: 100m + memory: 100Mi + ports: + - containerPort: 8080 + name: http + protocol: TCP + - containerPort: 9090 + name: metrics + protocol: TCP + terminationMessagePath: /dev/termination-log + env: + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: CONTAINER_NAME + value: filter + - name: CONFIG_LOGGING_NAME + value: config-logging + - name: CONFIG_OBSERVABILITY_NAME + value: config-observability + - name: METRICS_DOMAIN + value: knative.dev/internal/eventing + - name: FILTER_PORT + value: "8080" + securityContext: + allowPrivilegeEscalation: false +--- +apiVersion: v1 +kind: Service +metadata: + labels: + eventing.knative.dev/brokerRole: filter + eventing.knative.dev/release: devel + name: broker-filter + namespace: knative-eventing +spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: 8080 + - name: http-metrics + port: 9090 + protocol: TCP + targetPort: 9090 + selector: + eventing.knative.dev/brokerRole: filter +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: broker-ingress + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +spec: + selector: + matchLabels: + eventing.knative.dev/brokerRole: ingress + template: + metadata: + labels: + eventing.knative.dev/brokerRole: ingress + eventing.knative.dev/release: devel + spec: + serviceAccountName: mt-broker-ingress + containers: + - name: ingress + terminationMessagePolicy: FallbackToLogsOnError + image: quay.io/openshift-knative/knative-eventing-mtbroker-ingress:latest + livenessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: 8080 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 2 + successThreshold: 1 + timeoutSeconds: 1 + resources: + requests: + cpu: 100m + memory: 100Mi + ports: + - containerPort: 8080 + name: http + protocol: TCP + - containerPort: 9090 + name: metrics + protocol: TCP + terminationMessagePath: /dev/termination-log + env: + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: CONTAINER_NAME + value: ingress + - name: CONFIG_LOGGING_NAME + value: config-logging + - name: CONFIG_OBSERVABILITY_NAME + value: config-observability + - name: METRICS_DOMAIN + value: knative.dev/internal/eventing + - name: INGRESS_PORT + value: "8080" + securityContext: + allowPrivilegeEscalation: false +--- +apiVersion: v1 +kind: Service +metadata: + labels: + eventing.knative.dev/brokerRole: ingress + eventing.knative.dev/release: devel + name: broker-ingress + namespace: knative-eventing +spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: 8080 + - name: http-metrics + port: 9090 + protocol: TCP + targetPort: 9090 + selector: + eventing.knative.dev/brokerRole: ingress +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: mt-broker-controller + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +spec: + replicas: 1 + selector: + matchLabels: + app: mt-broker-controller + template: + metadata: + labels: + app: mt-broker-controller + eventing.knative.dev/release: devel + spec: + serviceAccountName: eventing-controller + containers: + - name: mt-broker-controller + terminationMessagePolicy: FallbackToLogsOnError + image: quay.io/openshift-knative/knative-eventing-mtchannel-broker:latest + resources: + requests: + cpu: 100m + memory: 100Mi + env: + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CONFIG_LOGGING_NAME + value: config-logging + - name: CONFIG_OBSERVABILITY_NAME + value: config-observability + - name: METRICS_DOMAIN + value: knative.dev/eventing + - name: BROKER_INJECTION_DEFAULT + value: "false" + securityContext: + allowPrivilegeEscalation: false + ports: + - name: metrics + containerPort: 9090 + - name: profiling + containerPort: 8008 +--- +apiVersion: autoscaling/v2beta2 +kind: HorizontalPodAutoscaler +metadata: + name: broker-ingress-hpa + namespace: knative-eventing +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: broker-ingress + minReplicas: 1 + maxReplicas: 10 + metrics: + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: 70 +--- +apiVersion: autoscaling/v2beta2 +kind: HorizontalPodAutoscaler +metadata: + name: broker-filter-hpa + namespace: knative-eventing +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: broker-filter + minReplicas: 1 + maxReplicas: 10 + metrics: + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: 70 +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: knative-eventing-mt-channel-broker-controller + labels: + eventing.knative.dev/release: devel +rules: + - apiGroups: + - "" + resources: + - "namespaces/finalizers" + verbs: + - "update" + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - "get" + - "list" + - "create" + - "update" + - "delete" + - "patch" + - "watch" +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: knative-eventing-mt-broker-filter + labels: + eventing.knative.dev/release: devel +rules: + - apiGroups: + - eventing.knative.dev + resources: + - triggers + - triggers/status + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - "configmaps" + verbs: + - get + - list + - watch +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: mt-broker-filter + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: knative-eventing-mt-broker-ingress + labels: + eventing.knative.dev/release: devel +rules: + - apiGroups: + - "" + resources: + - "configmaps" + verbs: + - get + - list + - watch +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: mt-broker-ingress + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: eventing-mt-channel-broker-controller + labels: + eventing.knative.dev/release: devel +subjects: + - kind: ServiceAccount + name: eventing-controller + namespace: knative-eventing +roleRef: + kind: ClusterRole + name: knative-eventing-mt-channel-broker-controller + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: knative-eventing-mt-broker-filter + labels: + eventing.knative.dev/release: devel +subjects: + - kind: ServiceAccount + name: mt-broker-filter + namespace: knative-eventing +roleRef: + kind: ClusterRole + name: knative-eventing-mt-broker-filter + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: knative-eventing-mt-broker-ingress + labels: + eventing.knative.dev/release: devel +subjects: + - kind: ServiceAccount + name: mt-broker-ingress + namespace: knative-eventing +roleRef: + kind: ClusterRole + name: knative-eventing-mt-broker-ingress + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: broker-filter + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +spec: + selector: + matchLabels: + eventing.knative.dev/brokerRole: filter + template: + metadata: + labels: + eventing.knative.dev/brokerRole: filter + eventing.knative.dev/release: devel + spec: + serviceAccountName: mt-broker-filter + containers: + - name: filter + terminationMessagePolicy: FallbackToLogsOnError + image: quay.io/openshift-knative/knative-eventing-mtbroker-filter:latest + livenessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: 8080 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 2 + successThreshold: 1 + timeoutSeconds: 1 + resources: + requests: + cpu: 100m + memory: 100Mi + ports: + - containerPort: 8080 + name: http + protocol: TCP + - containerPort: 9090 + name: metrics + protocol: TCP + terminationMessagePath: /dev/termination-log + env: + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: CONTAINER_NAME + value: filter + - name: CONFIG_LOGGING_NAME + value: config-logging + - name: CONFIG_OBSERVABILITY_NAME + value: config-observability + - name: METRICS_DOMAIN + value: knative.dev/internal/eventing + - name: FILTER_PORT + value: "8080" + securityContext: + allowPrivilegeEscalation: false +--- +apiVersion: v1 +kind: Service +metadata: + labels: + eventing.knative.dev/brokerRole: filter + eventing.knative.dev/release: devel + name: broker-filter + namespace: knative-eventing +spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: 8080 + - name: http-metrics + port: 9090 + protocol: TCP + targetPort: 9090 + selector: + eventing.knative.dev/brokerRole: filter +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: broker-ingress + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +spec: + selector: + matchLabels: + eventing.knative.dev/brokerRole: ingress + template: + metadata: + labels: + eventing.knative.dev/brokerRole: ingress + eventing.knative.dev/release: devel + spec: + serviceAccountName: mt-broker-ingress + containers: + - name: ingress + terminationMessagePolicy: FallbackToLogsOnError + image: quay.io/openshift-knative/knative-eventing-mtbroker-ingress:latest + livenessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: 8080 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 2 + successThreshold: 1 + timeoutSeconds: 1 + resources: + requests: + cpu: 100m + memory: 100Mi + ports: + - containerPort: 8080 + name: http + protocol: TCP + - containerPort: 9090 + name: metrics + protocol: TCP + terminationMessagePath: /dev/termination-log + env: + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: CONTAINER_NAME + value: ingress + - name: CONFIG_LOGGING_NAME + value: config-logging + - name: CONFIG_OBSERVABILITY_NAME + value: config-observability + - name: METRICS_DOMAIN + value: knative.dev/internal/eventing + - name: INGRESS_PORT + value: "8080" + securityContext: + allowPrivilegeEscalation: false +--- +apiVersion: v1 +kind: Service +metadata: + labels: + eventing.knative.dev/brokerRole: ingress + eventing.knative.dev/release: devel + name: broker-ingress + namespace: knative-eventing +spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: 8080 + - name: http-metrics + port: 9090 + protocol: TCP + targetPort: 9090 + selector: + eventing.knative.dev/brokerRole: ingress +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: mt-broker-controller + namespace: knative-eventing + labels: + eventing.knative.dev/release: devel +spec: + replicas: 1 + selector: + matchLabels: + app: mt-broker-controller + template: + metadata: + labels: + app: mt-broker-controller + eventing.knative.dev/release: devel + spec: + serviceAccountName: eventing-controller + containers: + - name: mt-broker-controller + terminationMessagePolicy: FallbackToLogsOnError + image: quay.io/openshift-knative/knative-eventing-mtchannel-broker:latest + resources: + requests: + cpu: 100m + memory: 100Mi + env: + - name: SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: CONFIG_LOGGING_NAME + value: config-logging + - name: CONFIG_OBSERVABILITY_NAME + value: config-observability + - name: METRICS_DOMAIN + value: knative.dev/eventing + - name: BROKER_INJECTION_DEFAULT + value: "false" + securityContext: + allowPrivilegeEscalation: false + ports: + - name: metrics + containerPort: 9090 + - name: profiling + containerPort: 8008 +--- +apiVersion: autoscaling/v2beta2 +kind: HorizontalPodAutoscaler +metadata: + name: broker-ingress-hpa + namespace: knative-eventing +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: broker-ingress + minReplicas: 1 + maxReplicas: 10 + metrics: + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: 70 +--- +apiVersion: autoscaling/v2beta2 +kind: HorizontalPodAutoscaler +metadata: + name: broker-filter-hpa + namespace: knative-eventing +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: broker-filter + minReplicas: 1 + maxReplicas: 10 + metrics: + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: 70 diff --git a/openshift/release/resolve.sh b/openshift/release/resolve.sh new file mode 100755 index 00000000000..3cef11e0169 --- /dev/null +++ b/openshift/release/resolve.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env bash + +function resolve_resources(){ + local dir=$1 + local resolved_file_name=$2 + local image_prefix=$3 + local image_tag=$4 + + [[ -n $image_tag ]] && image_tag=":$image_tag" + + echo "Writing resolved yaml to $resolved_file_name" + + > $resolved_file_name + + for yaml in "$dir"/*.yaml; do + echo "---" >> $resolved_file_name + # 1. Prefix test image references with test- + # 2. Rewrite image references + # 3. Remove comment lines + # 4. Remove empty lines + sed -e "s+\(.* image: \)\(knative.dev\)\(.*/\)\(test/\)\(.*\)+\1\2 \3\4test-\5+g" \ + -e "s+ko://++" \ + -e "s+knative.dev/eventing/cmd/broker/ingress+${image_prefix}ingress${image_tag}+" \ + -e "s+knative.dev/eventing/cmd/broker/filter+${image_prefix}filter${image_tag}+" \ + -e "s+knative.dev/eventing/cmd/mtbroker/ingress+${image_prefix}mtbroker-ingress${image_tag}+" \ + -e "s+knative.dev/eventing/cmd/mtbroker/filter+${image_prefix}mtbroker-filter${image_tag}+" \ + -e "s+knative.dev/eventing/cmd/channel_broker+${image_prefix}channel-broker${image_tag}+" \ + -e "s+knative.dev/eventing/cmd/mtchannel_broker+${image_prefix}mtchannel-broker${image_tag}+" \ + -e "s+knative.dev/eventing/cmd/in_memory/channel_controller+${image_prefix}channel-controller${image_tag}+" \ + -e "s+knative.dev/eventing/cmd/in_memory/channel_dispatcher+${image_prefix}channel-dispatcher${image_tag}+" \ + -e "s+knative.dev/eventing/cmd/ping+${image_prefix}ping${image_tag}+" \ + -e "s+knative.dev/eventing/cmd/mtping+${image_prefix}mtping${image_tag}+" \ + -e "s+knative.dev/eventing/cmd/apiserver_receive_adapter+${image_prefix}apiserver-receive-adapter${image_tag}+" \ + -e "s+\(.* image: \)\(knative.dev\)\(.*/\)\(.*\)+\1${image_prefix}\4${image_tag}+g" \ + -e '/^[ \t]*#/d' \ + -e '/^[ \t]*$/d' \ + "$yaml" >> $resolved_file_name + done +} diff --git a/openshift/release/update-to-head.sh b/openshift/release/update-to-head.sh new file mode 100755 index 00000000000..b01540d440a --- /dev/null +++ b/openshift/release/update-to-head.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env bash + +# Synchs the release-next branch to master and then triggers CI +# Usage: update-to-head.sh + +set -e +REPO_NAME=`basename $(git rev-parse --show-toplevel)` + +# Reset release-next to upstream/master. +git fetch upstream master +git checkout upstream/master -B release-next + +# Update openshift's master and take all needed files from there. +git fetch openshift master +git checkout openshift/master openshift OWNERS_ALIASES OWNERS Makefile +make generate-dockerfiles +make RELEASE=ci generate-release +git add openshift OWNERS_ALIASES OWNERS Makefile +git commit -m ":open_file_folder: Update openshift specific files." + +# Apply patches . +# git apply openshift/patches/* +make RELEASE=ci generate-release +git commit -am ":fire: Apply carried patches." + +git push -f openshift release-next + +# Trigger CI +git checkout release-next -B release-next-ci +date > ci +git add ci +git commit -m ":robot: Triggering CI on branch 'release-next' after synching to upstream/master" +git push -f openshift release-next-ci + +if hash hub 2>/dev/null; then + hub pull-request --no-edit -l "kind/sync-fork-to-upstream" -b openshift/${REPO_NAME}:release-next -h openshift/${REPO_NAME}:release-next-ci +else + echo "hub (https://github.com/github/hub) is not installed, so you'll need to create a PR manually." +fi