diff --git a/.ci/pipeline_definitions b/.ci/pipeline_definitions index 625e01f4c..78369cfe4 100644 --- a/.ci/pipeline_definitions +++ b/.ci/pipeline_definitions @@ -16,18 +16,18 @@ gardener-extension-provider-openstack: registry: europe-docker.pkg.dev/gardener-project/snapshots/charts/gardener/extensions mappings: - ref: ocm-resource:gardener-extension-admission-openstack.repository - attribute: global.image.repository + attribute: image.repository - ref: ocm-resource:gardener-extension-admission-openstack.tag - attribute: global.image.tag + attribute: image.tag - &admission-openstack-runtime name: admission-openstack-runtime dir: charts/gardener-extension-admission-openstack/charts/runtime registry: europe-docker.pkg.dev/gardener-project/snapshots/charts/gardener/extensions mappings: - ref: ocm-resource:gardener-extension-admission-openstack.repository - attribute: global.image.repository + attribute: image.repository - ref: ocm-resource:gardener-extension-admission-openstack.tag - attribute: global.image.tag + attribute: image.tag base_definition: traits: diff --git a/charts/gardener-extension-admission-openstack/Chart.yaml b/charts/gardener-extension-admission-openstack/Chart.yaml deleted file mode 100644 index 546b735a4..000000000 --- a/charts/gardener-extension-admission-openstack/Chart.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: v1 -appVersion: "1.0" -description: A Helm chart for the Gardener Openstack admission controller -name: gardener-extension-admission-openstack -version: 0.1.0 diff --git a/charts/gardener-extension-admission-openstack/.helmignore b/charts/gardener-extension-admission-openstack/charts/application/.helmignore similarity index 100% rename from charts/gardener-extension-admission-openstack/.helmignore rename to charts/gardener-extension-admission-openstack/charts/application/.helmignore diff --git a/charts/gardener-extension-admission-openstack/charts/application/Chart.yaml b/charts/gardener-extension-admission-openstack/charts/application/Chart.yaml index 110fb9461..b0a604729 100644 --- a/charts/gardener-extension-admission-openstack/charts/application/Chart.yaml +++ b/charts/gardener-extension-admission-openstack/charts/application/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 description: A Helm chart to deploy the gardener-extension-admission-openstack application related resources -name: application +name: admission-openstack-application version: 0.1.0 diff --git a/charts/gardener-extension-admission-openstack/charts/application/templates/_helpers.tpl b/charts/gardener-extension-admission-openstack/charts/application/templates/_helpers.tpl deleted file mode 120000 index adedeb924..000000000 --- a/charts/gardener-extension-admission-openstack/charts/application/templates/_helpers.tpl +++ /dev/null @@ -1 +0,0 @@ -../../../templates/_helpers.tpl \ No newline at end of file diff --git a/charts/gardener-extension-admission-openstack/charts/application/templates/_helpers.tpl b/charts/gardener-extension-admission-openstack/charts/application/templates/_helpers.tpl new file mode 100644 index 000000000..878767014 --- /dev/null +++ b/charts/gardener-extension-admission-openstack/charts/application/templates/_helpers.tpl @@ -0,0 +1,15 @@ +{{- define "name" -}} +gardener-extension-admission-openstack +{{- end -}} + +{{- define "labels.app.key" -}} +app.kubernetes.io/name +{{- end -}} +{{- define "labels.app.value" -}} +{{ include "name" . }} +{{- end -}} + +{{- define "labels" -}} +{{ include "labels.app.key" . }}: {{ include "labels.app.value" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} diff --git a/charts/gardener-extension-admission-openstack/charts/application/templates/rbac.yaml b/charts/gardener-extension-admission-openstack/charts/application/templates/rbac.yaml index 6179b4b6b..66c094afc 100644 --- a/charts/gardener-extension-admission-openstack/charts/application/templates/rbac.yaml +++ b/charts/gardener-extension-admission-openstack/charts/application/templates/rbac.yaml @@ -62,10 +62,10 @@ roleRef: kind: ClusterRole name: {{ include "name" . }} subjects: -{{- if and .Values.global.virtualGarden.enabled .Values.global.virtualGarden.user.name }} -- apiGroup: rbac.authorization.k8s.io - kind: User - name: {{ .Values.global.virtualGarden.user.name }} +{{- if .Values.gardener.virtualCluster.serviceAccount.name }} +- kind: ServiceAccount + name: {{ required ".Values.gardener.virtualCluster.serviceAccount.name is required" .Values.gardener.virtualCluster.serviceAccount.name }} + namespace: {{ required ".Values.gardener.virtualCluster.serviceAccount.namespace is required" .Values.gardener.virtualCluster.serviceAccount.namespace }} {{- else }} - kind: ServiceAccount name: {{ include "name" . }} diff --git a/charts/gardener-extension-admission-openstack/charts/application/templates/serviceaccount.yaml b/charts/gardener-extension-admission-openstack/charts/application/templates/serviceaccount.yaml index 3d7d77ffb..724f5a901 100644 --- a/charts/gardener-extension-admission-openstack/charts/application/templates/serviceaccount.yaml +++ b/charts/gardener-extension-admission-openstack/charts/application/templates/serviceaccount.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.global.virtualGarden.enabled ( not .Values.global.virtualGarden.user.name ) }} +{{- if not .Values.gardener.virtualCluster.serviceAccount.name }} apiVersion: v1 kind: ServiceAccount metadata: diff --git a/charts/gardener-extension-admission-openstack/charts/application/values.yaml b/charts/gardener-extension-admission-openstack/charts/application/values.yaml deleted file mode 120000 index ef36be5f3..000000000 --- a/charts/gardener-extension-admission-openstack/charts/application/values.yaml +++ /dev/null @@ -1 +0,0 @@ -../../values.yaml \ No newline at end of file diff --git a/charts/gardener-extension-admission-openstack/charts/application/values.yaml b/charts/gardener-extension-admission-openstack/charts/application/values.yaml new file mode 100644 index 000000000..a95a9c0ce --- /dev/null +++ b/charts/gardener-extension-admission-openstack/charts/application/values.yaml @@ -0,0 +1,5 @@ +gardener: + virtualCluster: + serviceAccount: {} +# name: extension-admission-provider-openstack +# namespace: kube-system diff --git a/charts/gardener-extension-admission-openstack/charts/runtime/.helmignore b/charts/gardener-extension-admission-openstack/charts/runtime/.helmignore new file mode 100644 index 000000000..f0c131944 --- /dev/null +++ b/charts/gardener-extension-admission-openstack/charts/runtime/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/gardener-extension-admission-openstack/charts/runtime/Chart.yaml b/charts/gardener-extension-admission-openstack/charts/runtime/Chart.yaml index c780effbf..bf6b55d4a 100644 --- a/charts/gardener-extension-admission-openstack/charts/runtime/Chart.yaml +++ b/charts/gardener-extension-admission-openstack/charts/runtime/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 description: A Helm chart to deploy the gardener-extension-admission-openstack runtime related resources -name: runtime +name: admission-openstack-runtime version: 0.1.0 diff --git a/charts/gardener-extension-admission-openstack/charts/runtime/templates/_helpers.tpl b/charts/gardener-extension-admission-openstack/charts/runtime/templates/_helpers.tpl deleted file mode 120000 index adedeb924..000000000 --- a/charts/gardener-extension-admission-openstack/charts/runtime/templates/_helpers.tpl +++ /dev/null @@ -1 +0,0 @@ -../../../templates/_helpers.tpl \ No newline at end of file diff --git a/charts/gardener-extension-admission-openstack/charts/runtime/templates/_helpers.tpl b/charts/gardener-extension-admission-openstack/charts/runtime/templates/_helpers.tpl new file mode 100644 index 000000000..5c78c421f --- /dev/null +++ b/charts/gardener-extension-admission-openstack/charts/runtime/templates/_helpers.tpl @@ -0,0 +1,27 @@ +{{- define "name" -}} +gardener-extension-admission-openstack +{{- end -}} + +{{- define "labels.app.key" -}} +app.kubernetes.io/name +{{- end -}} +{{- define "labels.app.value" -}} +{{ include "name" . }} +{{- end -}} + +{{- define "labels" -}} +{{ include "labels.app.key" . }}: {{ include "labels.app.value" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} + +{{- define "image" -}} + {{- if hasPrefix "sha256:" .tag }} + {{- printf "%s@%s" .repository .tag }} + {{- else }} + {{- printf "%s:%s" .repository .tag }} + {{- end }} +{{- end }} + +{{- define "leaderelectionid" -}} +gardener-extension-admission-openstack +{{- end -}} diff --git a/charts/gardener-extension-admission-openstack/charts/runtime/templates/deployment.yaml b/charts/gardener-extension-admission-openstack/charts/runtime/templates/deployment.yaml index 166671c3a..88add19fa 100644 --- a/charts/gardener-extension-admission-openstack/charts/runtime/templates/deployment.yaml +++ b/charts/gardener-extension-admission-openstack/charts/runtime/templates/deployment.yaml @@ -8,14 +8,14 @@ metadata: high-availability-config.resources.gardener.cloud/type: server spec: revisionHistoryLimit: 1 - replicas: {{ .Values.global.replicaCount }} + replicas: {{ .Values.replicaCount }} selector: matchLabels: {{ include "labels" . | indent 6 }} template: metadata: annotations: - {{- if .Values.global.kubeconfig }} + {{- if .Values.kubeconfig }} checksum/gardener-extension-admission-openstack-kubeconfig: {{ include (print $.Template.BasePath "/secret-kubeconfig.yaml") . | sha256sum }} {{- end }} labels: @@ -24,50 +24,49 @@ spec: networking.resources.gardener.cloud/to-virtual-garden-kube-apiserver-tcp-443: allowed {{ include "labels" . | indent 8 }} spec: - {{- if .Values.global.priorityClassName }} - priorityClassName: {{ .Values.global.priorityClassName }} + {{- if .Values.gardener.runtimeCluster.priorityClassName }} + priorityClassName: {{ .Values.gardener.runtimeCluster.priorityClassName }} {{- end }} serviceAccountName: {{ include "name" . }} - {{- if .Values.global.kubeconfig }} + {{- if .Values.kubeconfig }} automountServiceAccountToken: false {{- end }} containers: - name: {{ include "name" . }} - image: {{ include "image" .Values.global.image }} - imagePullPolicy: {{ .Values.global.image.pullPolicy }} + image: {{ include "image" .Values.image }} + imagePullPolicy: {{ .Values.image.pullPolicy }} command: - /gardener-extension-admission-openstack - - --webhook-config-server-port={{ .Values.global.webhookConfig.serverPort }} - {{- if .Values.global.virtualGarden.enabled }} + - --webhook-config-server-port={{ .Values.webhookConfig.serverPort }} - --webhook-config-mode=url - --webhook-config-url={{ printf "%s.%s" (include "name" .) (.Release.Namespace) }} - {{- else }} - - --webhook-config-mode=service - {{- end }} - --webhook-config-namespace={{ .Release.Namespace }} - {{- if .Values.global.kubeconfig }} + {{- if .Values.gardener.virtualCluster.namespace }} + - --webhook-config-owner-namespace={{ .Values.gardener.virtualCluster.namespace }} + {{- end }} + {{- if .Values.kubeconfig }} - --kubeconfig=/etc/gardener-extension-admission-openstack/kubeconfig/kubeconfig {{- end }} - {{- if .Values.global.projectedKubeconfig }} - - --kubeconfig={{ required ".Values.global.projectedKubeconfig.baseMountPath is required" .Values.global.projectedKubeconfig.baseMountPath }}/kubeconfig + {{- if .Values.projectedKubeconfig }} + - --kubeconfig={{ required ".Values.projectedKubeconfig.baseMountPath is required" .Values.projectedKubeconfig.baseMountPath }}/kubeconfig {{- end }} - {{- if .Values.global.metricsPort }} - - --metrics-bind-address=:{{ .Values.global.metricsPort }} + {{- if .Values.metricsPort }} + - --metrics-bind-address=:{{ .Values.metricsPort }} {{- end }} - - --health-bind-address=:{{ .Values.global.healthPort }} + - --health-bind-address=:{{ .Values.healthPort }} - --leader-election-id={{ include "leaderelectionid" . }} - - --enable-overlay-as-default-for-calico={{ .Values.global.enableOverlayAsDefaultForCalico }} - - --enable-overlay-as-default-for-cilium={{ .Values.global.enableOverlayAsDefaultForCilium }} + - --enable-overlay-as-default-for-calico={{ .Values.enableOverlayAsDefaultForCalico }} + - --enable-overlay-as-default-for-cilium={{ .Values.enableOverlayAsDefaultForCilium }} livenessProbe: httpGet: path: /healthz - port: {{ .Values.global.healthPort }} + port: {{ .Values.healthPort }} scheme: HTTP initialDelaySeconds: 10 readinessProbe: httpGet: path: /readyz - port: {{ .Values.global.healthPort }} + port: {{ .Values.healthPort }} scheme: HTTP initialDelaySeconds: 5 env: @@ -75,53 +74,35 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - {{- if .Values.global.virtualGarden.enabled }} - name: SOURCE_CLUSTER value: enabled - {{- end }} ports: - name: webhook-server - containerPort: {{ .Values.global.webhookConfig.serverPort }} + containerPort: {{ .Values.webhookConfig.serverPort }} protocol: TCP -{{- if .Values.global.resources }} +{{- if .Values.resources }} resources: -{{ toYaml .Values.global.resources | nindent 10 }} +{{ toYaml .Values.resources | nindent 10 }} {{- end }} volumeMounts: - {{- if .Values.global.kubeconfig }} + {{- if .Values.kubeconfig }} - name: gardener-extension-admission-openstack-kubeconfig mountPath: /etc/gardener-extension-admission-openstack/kubeconfig readOnly: true {{- end }} - {{- if .Values.global.serviceAccountTokenVolumeProjection.enabled }} - - name: service-account-token - mountPath: /var/run/secrets/projected/serviceaccount - readOnly: true - {{- end }} - {{- if .Values.global.projectedKubeconfig }} + {{- if .Values.projectedKubeconfig }} - name: kubeconfig - mountPath: {{ required ".Values.global.projectedKubeconfig.baseMountPath is required" .Values.global.projectedKubeconfig.baseMountPath }} + mountPath: {{ required ".Values.projectedKubeconfig.baseMountPath is required" .Values.projectedKubeconfig.baseMountPath }} readOnly: true {{- end }} volumes: - {{- if .Values.global.kubeconfig }} + {{- if .Values.kubeconfig }} - name: gardener-extension-admission-openstack-kubeconfig secret: secretName: gardener-extension-admission-openstack-kubeconfig defaultMode: 420 {{- end }} - {{- if .Values.global.serviceAccountTokenVolumeProjection.enabled }} - - name: service-account-token - projected: - sources: - - serviceAccountToken: - path: token - expirationSeconds: {{ .Values.global.serviceAccountTokenVolumeProjection.expirationSeconds }} - {{- if .Values.global.serviceAccountTokenVolumeProjection.audience }} - audience: {{ .Values.global.serviceAccountTokenVolumeProjection.audience }} - {{- end }} - {{- end }} - {{- if .Values.global.projectedKubeconfig }} + {{- if .Values.projectedKubeconfig }} - name: kubeconfig projected: defaultMode: 420 @@ -130,12 +111,12 @@ spec: items: - key: kubeconfig path: kubeconfig - name: {{ required ".Values.global.projectedKubeconfig.genericKubeconfigSecretName is required" .Values.global.projectedKubeconfig.genericKubeconfigSecretName }} + name: {{ required ".Values.projectedKubeconfig.genericKubeconfigSecretName is required" .Values.projectedKubeconfig.genericKubeconfigSecretName }} optional: false - secret: items: - key: token path: token - name: {{ required ".Values.global.projectedKubeconfig.tokenSecretName is required" .Values.global.projectedKubeconfig.tokenSecretName }} + name: {{ required ".Values.projectedKubeconfig.tokenSecretName is required" .Values.projectedKubeconfig.tokenSecretName }} optional: false {{- end }} diff --git a/charts/gardener-extension-admission-openstack/charts/runtime/templates/secret-kubeconfig.yaml b/charts/gardener-extension-admission-openstack/charts/runtime/templates/secret-kubeconfig.yaml index 5c88fd2ec..dfe4c3234 100644 --- a/charts/gardener-extension-admission-openstack/charts/runtime/templates/secret-kubeconfig.yaml +++ b/charts/gardener-extension-admission-openstack/charts/runtime/templates/secret-kubeconfig.yaml @@ -1,4 +1,4 @@ -{{- if .Values.global.kubeconfig }} +{{- if .Values.kubeconfig }} apiVersion: v1 kind: Secret metadata: @@ -10,5 +10,5 @@ metadata: heritage: "{{ .Release.Service }}" type: Opaque data: - kubeconfig: {{ .Values.global.kubeconfig | b64enc }} + kubeconfig: {{ .Values.kubeconfig | b64enc }} {{- end }} diff --git a/charts/gardener-extension-admission-openstack/charts/runtime/templates/service.yaml b/charts/gardener-extension-admission-openstack/charts/runtime/templates/service.yaml index 5b445d60f..d1f83955d 100644 --- a/charts/gardener-extension-admission-openstack/charts/runtime/templates/service.yaml +++ b/charts/gardener-extension-admission-openstack/charts/runtime/templates/service.yaml @@ -4,8 +4,8 @@ metadata: name: {{ include "name" . }} namespace: {{ .Release.Namespace }} annotations: - networking.resources.gardener.cloud/from-all-webhook-targets-allowed-ports: '[{"protocol":"TCP","port":{{ .Values.global.webhookConfig.serverPort }}}]' - {{- if .Values.global.service.topologyAwareRouting.enabled }} + networking.resources.gardener.cloud/from-all-webhook-targets-allowed-ports: '[{"protocol":"TCP","port":{{ .Values.webhookConfig.serverPort }}}]' + {{- if .Values.service.topologyAwareRouting.enabled }} {{- if semverCompare ">= 1.27-0" .Capabilities.KubeVersion.Version }} service.kubernetes.io/topology-mode: "auto" {{- else }} @@ -14,7 +14,7 @@ metadata: {{- end }} labels: {{ include "labels" . | indent 4 }} - {{- if .Values.global.service.topologyAwareRouting.enabled }} + {{- if .Values.service.topologyAwareRouting.enabled }} endpoint-slice-hints.resources.gardener.cloud/consider: "true" {{- end }} spec: @@ -24,4 +24,4 @@ spec: ports: - port: 443 protocol: TCP - targetPort: {{ .Values.global.webhookConfig.serverPort }} + targetPort: {{ .Values.webhookConfig.serverPort }} diff --git a/charts/gardener-extension-admission-openstack/charts/runtime/templates/vpa.yaml b/charts/gardener-extension-admission-openstack/charts/runtime/templates/vpa.yaml index edb93d785..413889410 100644 --- a/charts/gardener-extension-admission-openstack/charts/runtime/templates/vpa.yaml +++ b/charts/gardener-extension-admission-openstack/charts/runtime/templates/vpa.yaml @@ -1,4 +1,4 @@ -{{- if .Values.global.vpa.enabled}} +{{- if .Values.vpa.enabled}} apiVersion: "autoscaling.k8s.io/v1" kind: VerticalPodAutoscaler metadata: @@ -14,5 +14,5 @@ spec: kind: Deployment name: {{ include "name" . }} updatePolicy: - updateMode: {{ .Values.global.vpa.updatePolicy.updateMode }} + updateMode: {{ .Values.vpa.updatePolicy.updateMode }} {{- end }} diff --git a/charts/gardener-extension-admission-openstack/charts/runtime/values.yaml b/charts/gardener-extension-admission-openstack/charts/runtime/values.yaml deleted file mode 120000 index ef36be5f3..000000000 --- a/charts/gardener-extension-admission-openstack/charts/runtime/values.yaml +++ /dev/null @@ -1 +0,0 @@ -../../values.yaml \ No newline at end of file diff --git a/charts/gardener-extension-admission-openstack/charts/runtime/values.yaml b/charts/gardener-extension-admission-openstack/charts/runtime/values.yaml new file mode 100644 index 000000000..22d1434c8 --- /dev/null +++ b/charts/gardener-extension-admission-openstack/charts/runtime/values.yaml @@ -0,0 +1,37 @@ +image: + repository: europe-docker.pkg.dev/gardener-project/public/gardener/extensions/admission-openstack + tag: latest + pullPolicy: IfNotPresent + +replicaCount: 1 +resources: {} +metricsPort: 8080 +healthPort: 8081 +vpa: + enabled: true + updatePolicy: + updateMode: "Auto" +enableOverlayAsDefaultForCalico: true +enableOverlayAsDefaultForCilium: true +webhookConfig: + serverPort: 10250 + +# Kubeconfig to the target cluster. In-cluster configuration will be used if not specified. +kubeconfig: + +#projectedKubeconfig: +# baseMountPath: /var/run/secrets/gardener.cloud +# genericKubeconfigSecretName: generic-token-kubeconfig +# tokenSecretName: access-os-admission + +service: + topologyAwareRouting: + enabled: false + +gardener: + virtualCluster: + serviceAccount: {} + # name: extension-admission-provider-openstack + # namespace: kube-system + runtimeCluster: {} +# priorityClassName: gardener-garden-system-400 diff --git a/charts/gardener-extension-admission-openstack/templates/_helpers.tpl b/charts/gardener-extension-admission-openstack/templates/_helpers.tpl deleted file mode 100644 index 5c78c421f..000000000 --- a/charts/gardener-extension-admission-openstack/templates/_helpers.tpl +++ /dev/null @@ -1,27 +0,0 @@ -{{- define "name" -}} -gardener-extension-admission-openstack -{{- end -}} - -{{- define "labels.app.key" -}} -app.kubernetes.io/name -{{- end -}} -{{- define "labels.app.value" -}} -{{ include "name" . }} -{{- end -}} - -{{- define "labels" -}} -{{ include "labels.app.key" . }}: {{ include "labels.app.value" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end -}} - -{{- define "image" -}} - {{- if hasPrefix "sha256:" .tag }} - {{- printf "%s@%s" .repository .tag }} - {{- else }} - {{- printf "%s:%s" .repository .tag }} - {{- end }} -{{- end }} - -{{- define "leaderelectionid" -}} -gardener-extension-admission-openstack -{{- end -}} diff --git a/charts/gardener-extension-admission-openstack/values.yaml b/charts/gardener-extension-admission-openstack/values.yaml deleted file mode 100644 index 7db336aba..000000000 --- a/charts/gardener-extension-admission-openstack/values.yaml +++ /dev/null @@ -1,38 +0,0 @@ -global: - virtualGarden: - enabled: false - user: - name: "" - image: - repository: europe-docker.pkg.dev/gardener-project/public/gardener/extensions/admission-openstack - tag: latest - pullPolicy: IfNotPresent -# priorityClassName: gardener-garden-system-400 - replicaCount: 1 - resources: {} - metricsPort: 8080 - healthPort: 8081 - vpa: - enabled: true - updatePolicy: - updateMode: "Auto" - enableOverlayAsDefaultForCalico: true - enableOverlayAsDefaultForCilium: true - webhookConfig: - serverPort: 10250 - - # Kubeconfig to the target cluster. In-cluster configuration will be used if not specified. - kubeconfig: - -# projectedKubeconfig: -# baseMountPath: /var/run/secrets/gardener.cloud -# genericKubeconfigSecretName: generic-token-kubeconfig -# tokenSecretName: access-os-admission - - serviceAccountTokenVolumeProjection: - enabled: false - expirationSeconds: 43200 - audience: "" - service: - topologyAwareRouting: - enabled: false diff --git a/charts/gardener-extension-provider-openstack/templates/deployment.yaml b/charts/gardener-extension-provider-openstack/templates/deployment.yaml index 031108bfc..23344abf8 100644 --- a/charts/gardener-extension-provider-openstack/templates/deployment.yaml +++ b/charts/gardener-extension-provider-openstack/templates/deployment.yaml @@ -41,7 +41,11 @@ spec: networking.gardener.cloud/to-private-networks: allowed networking.resources.gardener.cloud/to-all-shoots-kube-apiserver-tcp-443: allowed spec: + {{- if .Values.gardener.runtimeCluster.enabled }} + priorityClassName: {{ .Values.gardener.runtimeCluster.priorityClassName }} + {{- else }} priorityClassName: gardener-system-900 + {{- end }} serviceAccountName: {{ include "name" . }} containers: - name: {{ include "name" . }} @@ -64,8 +68,14 @@ spec: - --webhook-config-namespace={{ .Release.Namespace }} - --webhook-config-service-port={{ .Values.webhookConfig.servicePort }} - --webhook-config-server-port={{ .Values.webhookConfig.serverPort }} + {{- if .Values.gardener.runtimeCluster.enabled }} + - --controllers=backupbucket,dnsrecord + - --disable-webhooks="*" + - --extension-class=garden + {{- else }} - --disable-controllers={{ .Values.disableControllers | join "," }} - --disable-webhooks={{ .Values.disableWebhooks | join "," }} + {{- end }} {{- if .Values.metricsPort }} - --metrics-bind-address=:{{ .Values.metricsPort }} {{- end }} diff --git a/charts/gardener-extension-provider-openstack/templates/rbac-runtime.yaml b/charts/gardener-extension-provider-openstack/templates/rbac-runtime.yaml new file mode 100644 index 000000000..762b9cf17 --- /dev/null +++ b/charts/gardener-extension-provider-openstack/templates/rbac-runtime.yaml @@ -0,0 +1,69 @@ +{{ if .Values.gardener.runtimeCluster.enabled }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "name" . }}-runtime + labels: +{{ include "labels" . | indent 4 }} +rules: + - apiGroups: + - extensions.gardener.cloud + resources: + - backupbuckets + - backupbuckets/status + - dnsrecords + - dnsrecords/status + verbs: + - get + - list + - watch + - patch + - update + - apiGroups: + - resources.gardener.cloud + resources: + - managedresources + verbs: + - "*" + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - list + - watch + - apiGroups: + - coordination.k8s.io + resources: + - leases + resourceNames: + - provider-openstack-leader-election + - gardener-extension-heartbeat + verbs: + - get + - update + - apiGroups: + - "" + resources: + - secrets + - events + verbs: + - "*" +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "name" . }}-runtime + labels: +{{ include "labels" . | indent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "name" . }}-runtime +subjects: +- kind: ServiceAccount + name: {{ include "name" . }} + namespace: {{ .Release.Namespace }} +{{- end}} \ No newline at end of file diff --git a/charts/gardener-extension-provider-openstack/templates/rbac.yaml b/charts/gardener-extension-provider-openstack/templates/rbac.yaml index a437ee4db..961f02dba 100644 --- a/charts/gardener-extension-provider-openstack/templates/rbac.yaml +++ b/charts/gardener-extension-provider-openstack/templates/rbac.yaml @@ -1,3 +1,4 @@ +{{ if not .Values.gardener.runtimeCluster.enabled }} --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -128,3 +129,4 @@ subjects: - kind: ServiceAccount name: {{ include "name" . }} namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/charts/gardener-extension-provider-openstack/values.yaml b/charts/gardener-extension-provider-openstack/values.yaml index c1eca8aa6..49d42e119 100644 --- a/charts/gardener-extension-provider-openstack/values.yaml +++ b/charts/gardener-extension-provider-openstack/values.yaml @@ -92,3 +92,6 @@ gardener: featureGates: {} seed: provider: openstack + runtimeCluster: + enabled: false + # priorityClassName: gardener-garden-system-200 \ No newline at end of file diff --git a/cmd/gardener-extension-admission-openstack/app/app.go b/cmd/gardener-extension-admission-openstack/app/app.go index 23edab686..6d2fe2895 100644 --- a/cmd/gardener-extension-admission-openstack/app/app.go +++ b/cmd/gardener-extension-admission-openstack/app/app.go @@ -83,6 +83,11 @@ func NewAdmissionCommand(ctx context.Context) *cobra.Command { RunE: func(_ *cobra.Command, _ []string) error { verflag.PrintAndExitIfRequested() + if gardenKubeconfig := os.Getenv("GARDEN_KUBECONFIG"); gardenKubeconfig != "" { + log.Info("Getting rest config for garden from GARDEN_KUBECONFIG", "path", gardenKubeconfig) + restOpts.Kubeconfig = gardenKubeconfig + } + if err := aggOption.Complete(); err != nil { return fmt.Errorf("error completing options: %w", err) } diff --git a/cmd/gardener-extension-provider-openstack/app/app.go b/cmd/gardener-extension-provider-openstack/app/app.go index 14f20fd13..5f61633bb 100644 --- a/cmd/gardener-extension-provider-openstack/app/app.go +++ b/cmd/gardener-extension-provider-openstack/app/app.go @@ -209,6 +209,9 @@ func NewControllerManagerCommand(ctx context.Context) *cobra.Command { reconcileOpts.Completed().Apply(&openstackcontrolplane.DefaultAddOptions.IgnoreOperationAnnotation, &openstackcontrolplane.DefaultAddOptions.ExtensionClass) reconcileOpts.Completed().Apply(&openstackworker.DefaultAddOptions.IgnoreOperationAnnotation, &openstackworker.DefaultAddOptions.ExtensionClass) reconcileOpts.Completed().Apply(&openstackbastion.DefaultAddOptions.IgnoreOperationAnnotation, &openstackbastion.DefaultAddOptions.ExtensionClass) + reconcileOpts.Completed().Apply(&openstackbackupbucket.DefaultAddOptions.IgnoreOperationAnnotation, &openstackbackupbucket.DefaultAddOptions.ExtensionClass) + reconcileOpts.Completed().Apply(&openstackbackupentry.DefaultAddOptions.IgnoreOperationAnnotation, &openstackbackupentry.DefaultAddOptions.ExtensionClass) + reconcileOpts.Completed().Apply(&openstackdnsrecord.DefaultAddOptions.IgnoreOperationAnnotation, &openstackdnsrecord.DefaultAddOptions.ExtensionClass) workerCtrlOpts.Completed().Apply(&openstackworker.DefaultAddOptions.Controller) openstackworker.DefaultAddOptions.GardenCluster = gardenCluster diff --git a/example/controller-registration.yaml b/example/controller-registration.yaml index 001d44247..b5d353709 100644 --- a/example/controller-registration.yaml +++ b/example/controller-registration.yaml @@ -4,7 +4,7 @@ kind: ControllerDeployment metadata: name: provider-openstack helm: - rawChart: H4sIAAAAAAAAA+09bXPbNtL9rF+BYdppmwkpyZKdnmbyzDm2m3qa2Brbl94zNzcZiIQl1BTJEqQSNe1/v10AJMEXiaKTOk0rtBNJAHaxAHYXi8UCntPYYwGLbfYuYYHgYWBHcbjiHmSFEeQk1L3rf/FBaQDp6eGh/IRU/ZTfh6Px8ODw4OgI84dP4b8vyOGHNbtbSqGHMSFfxGGYbKvXVv6ZpvlO83+yoHHirOnSv08bOMFH4/HG+T+AstL8HwyHw6MvyOBjd7Yp/c3nn0b8NYtx3idkNezRKMp/WkNnYPU8JtyYR4nMOiY/MH9JXGQHchvGJFkw8kKzELkEfrlGfiFTzUIk56peQJdsQnZit94qI2HgAA29Tz1Gf+W0m/x7oevMw/u20SL/Q1gcKvI/OHg62Mv/Q6R+n1xPT/9tf899dhJG65jPF8kNMMOEwCyMyfXxlFyfERB1Gsgf9PaW+5wmjLjhMqLBGgq8Qge4YZDEfJYmYSx6/X4vw/+Su8BMzD6Hagm/5SwGbRJRd8HsAxBxqDcPJ3NEgajFgtgusWYUvnz54vjq9Ozi7OrND8cnP745Pb/qZ/Vs2Vro+8CsMZtzkUAusLADYHUuJg758huXJsRx+vD/67Or6/PLi2/1T/aOLiOf9TehxMWPPAc0afQ8de9YMikQq+wzAFyXcoXUmkXOicI99WnAjOzTi+sr5oaxV+TZoHb5PMCxOA9uY8AUp26SxibYT2F8B8OYZ1g4imQK3+icaR3NAjrzmSClwU2jKNT6W2fyYC5VORARMzchxSCQ0iD0IhP7XjF//mk3/Z8wkA3gHXGvnUBn+x/sv6One/v/IVLX+X+zYH4E5pmTRDvvBdrW/4PRsDL/o8PB3v5/kPT+vU08dssDRiw00S1i//57bzczHWEZLP4I0TMR+XTGfOHAZsK5Y2uFUv5IZywOGPCRw8M+NlfCsQHFivqppuv9e8ID10+9nFqHaMAthNRhqwQilgnZUEO3L1uq94LjYAQuk+DOFfMZFcy5AOIaKctJ40tYRxVlhGAJvyULKqYxlL8jlljQg8OjCTT7GpuHprC+k9A5ySGimAfJLbG+Ev/8SlRrxiwKBQczbL0NBfSRNSGc3BshdNbod3VCPBb54XoJNqDe4+XMIfqw/TSG61MLxt8kddX/IB4iYTHsAeBfYfvhfA7G43bXUIv+Hw0HBxX9f3Q4Ptzr/4dIWvNkEr0MAxRxnFI3ZjDjJ2q+v1fzrYW1cBndAlSQzHjiqG+oEVdD6kegvnp3PPAmpISht2QJ9WhCJ6AvlI7Fb8RAlHFkP1lHoFUtwZhnbajjuH6YetWaytUki8wd4pIGoK4MtrY3VemJiLlIl2Zz/ArakcYC9luSFEJg3biQ7YAI6CxdgeACYcMowQ/QcrbK1nViJnNPcQgIbOoY5C9p4i4UmF5XHm+i7HE78Y97tm1/NpMkuO3FHIfJ6InRScH/BJPRROTjEpGf66ADz3Cfdhr7+ug3jv9uM3CfOajR/JlPhQhoJBZh8mdk+4y26hDvDbW/SOps/4XBLZ8vaWRL43/FXDAX7BB47G3ME9ZoCLad/42PRmX7bzQYHe79/w+SKvafnNTXclIvszklFZsP9mlaaUpeeEWjksJUiq15p97MNBpIRLRpGy2z1QYz08X1jTqi/w0y8XSBjLF2Ro5sUbwpc+iE/IZItva6jM7Y0H7qKfuo6d7y3yEaoEX+D8YHVf/feDDc7/8eJH0swc754g8VZtVKLsLSGAVjDz/NjuSM62S87OTsLRyNpGKeaYNwKJHlw6AtTDUgqToFUx4tQ2lqhK7PgWCoGoAmgXqqm0B0JT+z3qjrsgjzgbLkBqxDIccrZr+kPGYesVrwO3UEhIsc3mqjrwlekyxHOsvtSJUB2Y0cEzCn45eo66gARLd2ESBvb5bGIunYooTp1qYCKa8r2DxLXC/jDwHLEaxLxS7L9akQF5kUVppASEeDOHnNomMATkH4eLJuh9YVM/rqrC6rz+Spt6pEkvD/8YB8S71coo8a+j1TZ+VKzrIey2X5it1OSAPFJQgnq1r099anqzCW0G3AedW/3Orenrqu/4UDf3cDYPv6P4RFvxr/N8aQwP36/wDJXDazUxi1+p3mM72zFbDj2i/PwcxNxzwIY5BeEaaxmy1CNAjCRK632vkSZ+XVlVuBT4iFrgyrrFm6GBnYyILPFzZdUQ6VuA86UBs2zsbWlVtHuVlyn03MVhzH9AeOOnX9ki85LCpDWRL53KWipJV05kmYBomiRMC44XZEdV06Z17u1pUjjQBDdth8rccOrBgezP8VwSzmC8qSvvtXoPvql9eUclGhVCH/Oo3ntcoyU1XLVIWm3OAcafNUZxXTjnvQfB1bMPdOpEvDF1F4pxo3mCV+/UaecpIvnRtNqfMcOHRKkwWxdnJvWN/K8VYntECHSVtlWdtA7lYb+h7E7kSWecrDkpi7wlHRYdduDFogmJsAsAZApQVL85N6kK+GA25rA4RAnIVMZpUe4UEwTf2EaBJwsKIQu8gDI+rMjkES+JJtwI7ha5qeco+mGNdmUlWbjx0VwnfmYAQseRvGd3goVhX+MKO08LWCHvX98C3zdoP3QBK6QUTpDLSFret0ho75CkMndwLfrPVCG8BssYBVUdgVZ3PiRvZ4PCpjzlSjmk0egjitTwqDNrdDxFqACrH/MRhkZjAg5S47dl1Ujxfblx8pcMBGlAf5cQX6zVtWLZWkyJdr6SiNerVp6vvTEOahbE6riIgoLywpgnC5pIFX6D2b9HcLtCkAbFtZ0zMZgmqD6kWt4aZxDFxrxwx/cJ+JZ2WbV4uVcExop4C8XgeuMGktWmIY1XrfhiRwezvSGL9PGyLbOG7Dr9SkfQuonvVhR9JvZgOtTvuGj6GKBluOMHi3O60mdBvBoBJiGQ/cvZkctK2NBaN+spBrU/dWDOAd2omTGaOJnVuGzzYZhmQDJCBnb21YJEATUFA6SJ+3jTgF50i4cw12raBqzfBSeHX3sSjDtw2HslVRtJUvyS4Moo0NSJDLDOI4B6jifivjwbv3QMG1Uf6WzUDZ32XS1D6b26C1TrdxITfJ0tX0vlzX0ot6Gz485WxFx+ImbB4XaAgZR8qlwdLFhTtQgKHwM1gtxHpibcKl225C9JMu2oCl2VhrolsX2TOwWmzqebBci2eTjWbRNiu10AmbsanyJkLyZUxH9Zmdzi0HXWbCsmBlLodqlX55dnx6dvXm7OXZyc355cWbi+NXZ9fT45OzvCYhMibzezAKJ0YmnpUz30OfTylX56PVPMl3JE7Owffdh2T0nr86fnH2Goi9vHpz+frs6qer85sarRPSl3cmjJOofuPR1LZJ8vkKRlKIaRzOmNnHRZJEL1hS7nYk+9tXs/ZruUga0K1Ti0mAmsde/nBzMzUKeMATTv1T5tO1Vq2wwR3kNWJGPd6ZVoRaPwiphz2zAVHnwkzD6J19gS43L6dVynZRN3Irk4Ru6E/Izcm06l+Ny06QbCx15qTB01pA/EYCvXsZDhpcrJhWoZ8u2Ss0pBu6rJSpQeoSKyqxaTecPlSMNh0NNxFTEyWjHvLQZeCv89CWgqrSaOBFtgDd4QYneMewmTuuFZDcs3+aYmzkNTCal6JH5Vwuzjr77B1zU/OER3VPbi+vSw4do1fo2jl7F6GyLXtFMvA7tt4Ymp4Hr1egCFEWBrRHzoNaodRItaawsR1C4E2AJIxCP5yvf0QarXJg/CIUiWQSDaF4r7YnqzCPmx09mtTtfPKYJe1leBV6ADc+yNRSJ87cjS+709vG51to/wMCELr6/0FGwIqJU3khfJZ6c9Z+ENAW/3M0GFXjv4f7+J+HSab/P5Iui+IEYBp6p/lcP5dz/bGPArp56DMfUtVzPfxwj7lWDYItV3jcv4xoDLX/7xkZOgdH9gAATmikzgQ4qI4fQdXpcXNem3ZtGij7ZA2Ddwa7Fxy6zE907L+la3GMTrE/TTxRV/mPZ9Tt+hBIi/yPR7X4n4OnRwd7+X+IVI2VlvNL02QRxvxXden77juhIqbLsdJXoc+6qIMugh6nPloKNkb1vIjDNNLhz0YUT9kh3StZyVjV9HSKek4fpj1JzQL0VYJo13PKVaXLsfzDrKDvR+kfhtOvIceEyx131Z9mpbKvqTHPrK4cO6XvRTGouZkeKtTr0lDlQn15i9qzp+LNs2+pPDusT8mmI4L6jKj7KV6eWybCemzVkbshDAEPTD6s45XLSgWburyU94oU3SIf2kqWL9cxHZVf05g2VMcMuShhzJgc57quzZ2VzTOyadAtS37ggb3mxGyaNsqvAvCWXO4zSq86mBUibsiYUWAcChm55nUx2AeF6Fhc1scutwRE5WcfdlrU579mXAp2caClVTCYwySXGmXi61r6zFCLSh6nUPvdFy71mUYnfYnC/EHVkVJJcEE4WS0DPWLQR5Vf1KgV/RzO1BewkosvfXU7A0YrTeRTG9pP4JpBhbpNaDJcZqMnL83yolTPgTTTeLkreiJExo76sFTqUVUPmma3qS9gTMkjcnN5evlNDJoj+PWOfTshV4BhxUiy4AI2xtBtcpzOgRj5CIyzg6QuqbvgAXMEjaT4N8oQQrajAu4NceJKvFbBBDgSDnVgfLPqiofakCsbt46wYV+zWaV0UZiKJX2GYvxBa+1zxWl/2JILTWjPaTZkWyjs5TGyhjHQQo9IZz+DNpTrugK+Lh3tfpwdxac2qD6z1NX+1/qm0xagNf5/VH3/a3Q4fLq3/x8iNcb/a7n8+Jv9WvjXLrEmt7Cc4eGm79kYvyLd9eTr/7y3Mk+6NbFuTqbWEwvLrMluHvnf//t1NwpkvAtjnq1im2xgG1wkbB3kUiKsSkf5HO5JlfIutOQDbWceD92o4fKAtivO2NKpF7SqkFqdRgGWSFuuHnnLxSkwjALHoMbCeNwtyvOeYZ1EmzATcoMWi6QKreE4BDMEI/HBCIT9E2gsTz5PF4TED4M5mDUBzCBk8kC+d3abykP7wvxhS0IFEWEY4Gd+yzf78s/V0Hl6iO+0kBljARAv2dxzurGSMkLs+oDKkKkmLrsX/o/Gmffx0am4WG0enE9LHrrdQljzgzm7fgjYGihQPmWTZxVyJDsd2n1q5fwA6Z7rv9467WYGtPn/R4Pq+n84ONq///Ugadv6n9nln9Tnj9s7efRbJuomvGP4tAOFHe3fQU7/qNRZ/tUdMXnBbNdNQIv8g+hXz//Gh+O9/D9I0ude7Jd6vBaaIfkFWmIV78zmj/VtuBiY3SNU1wu82qNRWXnV2XGt8mVUeLPS6XDncff7Q8o7YwPn82AFdqxnK9eNcXuhi8LaYWAiGgOd8kEtACh+IaEIvuUyZQOKIu7noBL2IycPxxxvJbQMn1FXql20HV/LkI2zdxEN1MzJiBoVyKHdUSpMoQV3DUI6nFCJ8GVDEH0TilJt6HJ2j8Q6lbNnVR9b3D9Qs1vqqv9XEe38dyDa7L+n9fPfo/Fwr/8fIlW0FU6vVtsVpW3V3fKguS2tul9rf/w09I5zf/zur0dAszsaj8UNS6XNtfro6VisLDJTnZAUsWZ5kbo/9PXjr3tGBJcK6/bUGOBhyC/wmQiMIuxlG8c8qrjpxizm127NtkWCQQW10Jh9UDk1rYrzYlZ2inof9jrNbvKvAgbv+wdgWuR/9PSo9v73aB//8TBJ3XmTApU97zshLI1h7m0vdPFiSHQ3dzy2Ku6qAYPgQU5fXUTM8/uF86/feIktofMJkcsICkdk3KA7v70Ikym+Swdy0zOvQ2NwVz3cq7iHfDj4CgGyszzy/vceyAp2SKuxPAx4u6xZqLasXs/wh03Id4PvBr0i3lxmDKFOfuot36RpeCdVN9ozLpRgVTMCJVdZ5qUbFZdu3J3bWksUscaNNcxgky3V8liTLXWMG1/ba6lohgnRJnf9AtaEjAZYWo5b2YJURa5sqbDxglTmHujVL/BMyH/+26tcx5F5FS91huIRaQoWxjeIHpHsjbGJ/J6FDUc0FepGkVx3ZBkhCu2VIWtznizSGcZN9AuXvfl15oez/pIid/VnKfe9vkTdP5XSibcaNW5TgudujAv0PAznPntT3IhVsDZdekdjDSal0hrh33pSGflfXxo6w6Hz7vPu1bDWKxXUOTxQBY7j9HolH/Ckl985VkI/Ho90VnbnY4geyl7v0SPITTCiQ8g/pqJ1xxPCnLlDRHatfrYm0qNfhGVkWgabAiRKU+VX4jPAXIdlF/QNraLpbH5aqulhKbBUUKdipf7PIgxygyl/5Kmxhnx+aajvYuu3kYYj/Fm8VFR5p6iqd2VD9YveavNt31KRZJXy94kODl9wnVnawpbPtFzc9WY3cxo2pT9RnnwfgkoGqmEwBJRD7Ucar7npfpTZgurQQuHC7/KA6zI+P8WJIraN5p0+V3pCxCJMfY/MGMkieZhHVpySE+zZNA4lFze+bVS8bGRlr8bmrxVBTv73FyY9k3Gxqirxs/XjFpQttPsCF1W5+BHJa5NePnYeDlyxCn9qe2Of9mmf9mmf/hzpfzK2UxoAeAAA + rawChart: H4sIAAAAAAAAA+09+3PbNtL9WX8FhmmnbSakJFt2eprJN+fYbuppYmtsn3vf3NxkKBKSUFMkS5BK1LT/+y2eBB+SSCdVHuXeTUMB2MXitbtYLOC5m/g4xImN36Y4pCQK7TiJVsSHpCiGlNT17vtfvRcMAJ4eHfF/Acr/8u/h4Wh4cHRwfMzSh0/hf1+ho/erthlk0MIEoa+SKEq3lduV/5nCvNH4ny7cJHXW7jJ4SB1sgI9Ho43jfwB5hfE/GA6Hx1+hwYdubB38zcffjckdTti4j9Fq2HPjWP+0hs7A6vmYegmJU550gn7CwRJ5bDqgWZSgdIHRCzmF0BXMlxs2X9BETiGkZ1UvdJd4jBpNt95KsTBwgIfex+6jLxmarX8/8px59NA6dqz/ISiH0vofHDwddOt/H9Dvo5vJ2b/tH0mAT6N4nZD5Ir2FyTBGMAojdHMyQTfnCJa6G/If7mxGAuKmGHnRMnbDNWT4uQzwojBNyDRLo4T2+v2eov+SeDCZsH0BxVIyIzgBaRK73gLbB7DEodw8Gs8ZCUaaLpDtIWvqwsfXL06uz84vz69f/3Ry+vPrs4vrvipn89qiIIDJmuA5oSmkwhR2AK06i5GDvv7Oc1PkOH34/9359c3F1eX38id+6y7jAPc3kWTKDz0HMln8PPPucTrOCYvkc0BcF1Ipl5p5yqmgPQncEBvJZ5c319iLEj9Ps0HsknnI+uIinCVAKcm8NEtMtF+i5B66USdYrBfRBL7cOZYyGofuNMAUFTo3i+NIym+ZSMI5F+XARIK9FOWdgAqd0ItN6p1g/vyhmfxPMawNmDv0QTuB1vY/2H/HTzv7fx/QdvxfL3AQg3nmpHHjvcAu/X9wOCyN/+HRoLP/9wLv3tnIxzMSYmQxE91C9p9/9pqZ6QwXg/JnGD2TUOBOcUAd2Ew493gtSPIf2RQnIYZ55JCoz6or0NhAYuUGmeTr3TtEQi/IfM2tgyTiFkaquGUGGZUx2lBC1s9rqraCsM4IPczRnWscYJdi5xKYq+VMs0aWoEcFZwixHDJDC5dOEsh/iyy6cA+OjsdQ7R2rHqpi5Z3UnSONESckTGfI+ob+8xtaLpngOKIEzLD1NhLQRlxHcPxggtBYo93lAfFxHETrJdiAco+nJwftw/bT6K6PvTD+JtBW/sPyoClOYA8A/6V2EM3nYDxudw3tkP+Hw8FBSf4fH42OOvm/D5CSR63oZRSyJc6G1EswjPipGO8fxXjLxZq7jGaAFaZTkjrii0nE1dANYhBfvXsS+mNUoNBb4tT13dQdg7wQMpZ9IYOQmpH9dB2DVLUoxr61oYzjBVHml0sKVxPPMneISzcEcWVMa3tTkR6Nscf4ktOcfYJ0dBMK+y3OCkKgNy55PbAEZJIsgJiCsKGX4AdIOVskyzIJ5qlnrAsQbOowpC/d1FsINKlXHm/i7PFu5h/3bNv+bAaJEttPCOsmoyVGIyn5BAajjsnHBSY/106HOUMCt1XfV3u/tv+bjcBDxqDC82c+FDR0Y7qI0k9x2iveyl3cGWpfCLS2/6JwRuZLN7a58b/CHpgLdgRz7E1CUlxrCO46/xsdHxbtv8PB4VHn/98LlOw/Pqh3fFCv1Jiiks0H+zQpNPlceOXGBYEpBFv9Tr1+0kgkGrt122ieLDaYShZXN+qM/B+QyE4X0IiVVuzwGunr4gwdoz8Yka2tLpIzNrQfe8g+KDx4/beIBtix/g9GB2X/32gw7PZ/e4EPtbD1vPhLF7OoRS9hboyCscf+NRuiJ66j5rKjpzd1JJGSeSYNwiEnprtBWpiiQzJxCiY8WobQlAS9gADDUDQESQLlRDOB6VK6st5cz8MxSwfO0luwDinvrwT/lpEE+8jaQd+pEkCEanxrF391+JJl3tMqtSVXBmY7dkxEzcdvcdteAYx29TIEXd80S2jaskaO065OgVLUK6x6nHq+mh8U1BHopXyX5QUupZdqFZaqYJiORHF0ybxhgO7C4iPpeje2LKj4q051XnzKT71FIZRG/88OyLeU0yv6uKbdU3FWLtaZajFXy9d4NkY1HBcwHFU0b+8scFdRwrF3IeuiX5x23w1t9X/uwG9uAGzX/6D5j8vxf6OD0WGn//cBptpUpzBC+53pkW5sBTTU/fwczNx0zMMogdVLoyzxlBJywzBKub6VzpdE5Zc1t0AfI4u5MqyiZGljZLBKFmS+sN2VS6AQCUAGSsPG2Vi7cOsIN4v22SR4RVif/kSYTF2/JEsCSmXIc+KAeC4tSCWZeBplYSo4odBvbDsims6dMy+bNeVYEmAhO3i+ln0HVgwJ5/+KYRS1Qlm6b/8VyrYGRZ1SzMqFKqTfZMm8UpgnimJKVEjOjZnDbZ7yqDJouAfVemyBvXuaLQ1fRO6dqt1gFubrd/yUE33t3EpOnecwQyduukBWI/eG9T3vb3FCC3yYvJXU2gZ2t9rQD2C2EVvmKQ9OE+JRR0SH3XgJSIFwbiKADoBCC5zpk3pYXzUH3NYGDMpo5mtSFXrEDoLdLEiRZIF1VhyxJpLQiDqzE1gJZIk3UGfha5KfYosmLK7N5KoyHg0Fwg9mZ4Q4fRMl9+xQrLz4I8Vp7msFORoE0RvsN8P3YSW0w4izKUgLW5ZpjZ2QFQudbIS+WepFNqDZdAFakdolZ3PqxfZodFikrERjzXTUtGVfSme8nJ7G4AHvESzD9WmtIbyJTAUrJ1gMgdhQhTaR6BroLe1/DAYmujm7WAcQD594HhPll9tVJRcOMOVdEuqjFebj36FhBXDxVCwlI0qqxSZZEEwimDNF019Eb8Q6syC0ouXSDf1cRtuo3ywoKEewbWH5T3m4rA1qgkk4L0sSWGF2gtkPEmD6rGifSxFAHRPbyTFv1qFHTV7zmjCLwH1oRRx5dz184/CQOqja5G6jL0S6PQNSz/qwe+rXTwMp+vuGP6RMhtUcs0Dj9rya2LsYBvGV8Njl9tVo1F11LLAbpAuuR9vXYiA3qCdJp9hNbW3FPttkxKINmEAcv7FBoYEkcEFAMv78bcwJPIfjXUi0G4FVqYYUQsHb90URf1d3CLuaLW3h97Jz421jBRzlSmGcaIQy7Tc8dr19CwTeLs7f4Ckopnu1mnaP5jZsKdNtZnSYbMli0ocgS0kDZBc9diK7kxxOytQeqjcLQoH14zNTtj7RC7G4sgllZBT79Jn12CoUyNUAdzc9E+wUTa+Cbi3SNdkx+kFm575XClbZr2AiIuuJtYmW5rFK6BeZtYFKjcFebyzXjazMsqdgNdqu74O5RJ+NN5ql2yrN5dxmaiK/jhGtmmVU5bM6s0jmmbg4XJkqXlgeL89Pzs6vX5+/PD+9vbi6fH158ur8ZnJyeq5LIsRjYn8Eo3xsJLJYBRz4zOdWSJXpbNcy1jtCR6/Kh+4DFb8Xr05enN8Bs1fXr6/uzq9/ub64rfA6Rn1+Z8U4CezXHg1uG6SArKAnKZ0k0RSbbVykafwCp8Vmx7y9fTFqvxez+AZm59AyoKC6WCt/ur2dGBkkJClxgzMcuGupLsZoONAlEuz6pDWvDGu9F1aPemYFtDoLldSUnpWcnDaZJ2XOmohQvpVMIy8Kxuj2dFL2bydFJ5TqS5k4rvF05xh/oFDuHoeDGhc3g1UUZEv8im0OaposFITB6pIVFMtmtzH4vsto09F8HTOVpWSUY3PoKgzWOrQo56rQG+wiYciOI4yZ4J+AIjupZCB9snKWsdjUG5hofsY8Whfc4JDJ52+xl5knbKJ5fHt/U3CoGa1irrXztzETtkWvlEK/x+uNVwP05YESFkLCaoL60EVYyeQSqVIVq6zBFQQTIY3iKIjm658Zj1bxYsIioimfJBJDzL3KPrM0eTx19Gty1/jkV4H08ryKfMAbHZj75cYzs9m8bM/vrnm+hfcvMACk7fkPrFEwrJKMPwgwzfw53n0QtCv+63hwWI7/H3bxX/sB8/wn5m6g/ARoEvlneqyf87H+0EdB7U5olA+xfHIxfP8TEymaKF6uWLjHMnYTKP1/z9DQOTi2B4Bw6sbiTIiA6PoZRK3sN+fOtKuzUNhHa+i8c9gRsq5TvreT4I27pifMKfrJxJO1Xf8J7ByVz7vpCfDO+K+jSvzXqLv/sx9ga6OVR6EcXM8mhONm6SJKyO/ilYD7H6gIsS8G119HAW4eUJafALWREEkWYBkqD0y+SKIs1pcWjBCw4mkGzzeMfFHcdJHQurQ+zJw0U1naiVJNMAuCdJnqKphAFV8BoerzDRNd8js2vjN+eFvftE3nNPUtExeFfJ1eZUy4emoq8iJoEAnNca6vg8v6GsriVtnmVn+gOlUeVzb61kpFsNmAwhK47mChfXJcqkJRe2q3jeK2IbKseqYphi7REwwM0zDdMCDvt/KeQwLskf7yBQhVSQeQ6oItnPZ0qKUhIhryRbPprzBqwJctidwUTt8+jIEi9fQXe83lIfq/7UNwO/T/qBr/ffD0uIv/2gsI/R9G6SdoAzxM95dk73a9XxDHVZ2/UeOrDHZoTHBNSrEoP/st/jALyEv18odx+lqTYuIVbI56iwN2NYVDv9o0s7g4YSt859laJymtp3W4qcFj/SUVYmVIttgrpRGpsVUMJrhaLBOvtxdKdLWtYFDTtoloFcqbhd63loo90tAa2WmL1IzIpk63lE0Xq5mohmmbfgYEf0m4c7TwFJhZICbGGjMyjEgiI9V8YyBKcMROeJfVvtPamZZ+9mfQ7QH5Xc1SbTOZxpSNtF9SlpKBZnKp6ODWyu8+9dwAS3LcoKDmD1dYF4WFy4yeSsJUGFwiPS9Ryfo1moqPOPLzj7640gu9laX8fTZ5uOGZN1FknVBltFS9x19aIXmuHAPu2yHFpsiBoGo6ygg7LkdFOagaz7KAQp+iR+j26uzquwQkR/j7Pf5+jK6BwgqjdEEocmfQbHSSzYEZ/nKg02ClLl1vQULsUDfmy792DYm9yC5SMHsjNnCFuVaiBDRSAmWgf1VxMYd2EReOsSrBGmfoZpHSRmCKKRlgtoz3avV/atb+fq38j+6N2z+0tf+l6Gi1Bdjp/zssv/96eDR82tn/+4Da+59yiX14Z38l/L9JrPEMNBMLGAt8m8Uv83AB9O1/3lnqJN8aW7enE+uJxfKscbOIgD//+207Dni8M8a+LWLbbZg2TN7bMsi5wFiZj2Ic0JMy52140R1tqxMPWalx5AF1lw6DC1E3UKsgarXqBdB2NlcEuuY8sg56gbBLLbkd2OyWzwOv9SBpjYzRLTM+OFfMsE0isCjYTUyw52ArBBLL588ThxEKonAOFkoIIwiJJOTv3c4yHgiZWzJ4iVyKaBSF7F/9yov6+Odq6Dw9Yu/0oSnGITDPp7nvtJtKwp6wqx3KQ+brZtmD6H+wmfmQMzpxL0pq+gsWD5Sf0DW7wqQDg+xqENLO4MtilA9LET3ZKmjoYwvnPcAD9b/cBTUzA3ad/x8Oyvr/aHDcvf+6F9im/5WJ/VHP/NlOjYeeFZm6je4xe9rLhc3p32Gd/lXQev2LNwJ4xPcHOv+HpV+O/xkdjbr1vxeQcS/4t6r/n5kh+gEVZOV/Z0A/1rzhYQj1joQ6MSg/Gqryy36LG5HOr97VC50Wb140vz8uHC02zHwSrsCO9W3hhTFur7YRWA06JnYT4JM/qAoI+S/GKEPf8phGDYk87vig5Mvgg8f6nN1K3dF9RlkudpnteMdDRs/fxm4oRo5H9IpAUulZEmGSO2hXMLjviAkRsqy5mFhHolAamqzuEVtnfPQss+V28ftjL7FPGtrK/1Xstv47YLvsv6fV89/j0bCT//uAkrRiwyvFdkloW1UPO0huS4ruO+lan0T+iXatN481gWobGo/5CxtCmkvx0ZOx4OpmiDjsyGPddZa4k/3t4297Kt5b30PzRR+wc43f4N+UslsMPbVx1Lea6l5MYemVV1P4ln27uSwUjdkGkVKRqmxczMJOXu79/NfN1r+4sPDQPwC4K/5jODgu//2Xw6Mu/nMvIN4R4AtK/XmHMcJZAmNv+5HHLtvG93PHx6v8/j9MEHYm0xcPUej0fu7869c+DJC68zHiaoQtjth4leBidhmlE/YuMaybnvkcDgvuroZ75+/QHA2+YQjqWA69+7MHa4U1SIoxfQ1p+1qzmNiyej3DHzZGPwx+GPTy+248YQhl9AE2f5Ow5p18WWnPuOPKiprBJFpkmReZxb044z2CraVofteptoQZN7KlmA4b2VLGuEW/vZQITBgjaXJXL7WP0eGA5RZDULYQFUEoWwpsvHSu3AO96p3iMfrPf3ulG8I8reSlViQeobrLSuwNykdIvTE75t/q2lLsZlRccuZ6h+chJMheG2ttTtJFNmUhEP3cZW9+ToNo2l+6bHb1pxkJ/D4n3T/jq5O9FCFpmyt47iVMQc+jaB7g1/krIwLXdpf+8Uii8VVpHbK/9SkS9F/fHDrDofP2827VsNIqcaljeCAyHMfp9Qo+4HFPv+MiFv1odCiT1J3TIfNQ9nqPHkFqyoIzKP9jelJ2PEHYmTuIqmeVpmvEPfp5hIWSMqwqICIklX4SSSFqGaYeaDKkiuSz/mnRuodFwVJhMpUV6v9KZaRz4ZHP2hL8+c2hfPBGvo05PGQ/85cqS+9UluUur6j6mo7YfNszV4aAm+9THhy9IDKxsIUtnml5bNerbgbXbEp/cUn6YwQiGbiGzqCQD6UfSbrmpvuRsgXFoYWgxb75AddVcnHGBgrZNjPv5LnSE0QXURb4aIqRCsrBPloRF52ylk2SiM/i2rct85ctLfVXA/RrlZCi//7WuGdOXFZU5ARKf8xA2EK9L5hS5coP8bk27um+81nHmVq4GNYpSuoxE9KONXbbQ0jiQ72HdDDYi6HWQQcddNBBBx100EEHHXTQQQcddNBBBx100EEHHXTQQQcddNBBBx100EEHHZThf1iaXLIAoAAA values: image: tag: v1.44.0-dev diff --git a/pkg/controller/backupbucket/add.go b/pkg/controller/backupbucket/add.go index a4c5b045a..ff592ad22 100644 --- a/pkg/controller/backupbucket/add.go +++ b/pkg/controller/backupbucket/add.go @@ -8,6 +8,7 @@ import ( "context" "github.com/gardener/gardener/extensions/pkg/controller/backupbucket" + extensionsv1alpha1 "github.com/gardener/gardener/pkg/apis/extensions/v1alpha1" "sigs.k8s.io/controller-runtime/pkg/controller" "sigs.k8s.io/controller-runtime/pkg/manager" @@ -25,6 +26,8 @@ type AddOptions struct { Controller controller.Options // IgnoreOperationAnnotation specifies whether to ignore the operation annotation or not. IgnoreOperationAnnotation bool + // ExtensionClass defines the extension class this extension is responsible for. + ExtensionClass extensionsv1alpha1.ExtensionClass } // AddToManagerWithOptions adds a controller with the given Options to the given manager. @@ -35,6 +38,7 @@ func AddToManagerWithOptions(ctx context.Context, mgr manager.Manager, opts AddO ControllerOptions: opts.Controller, Predicates: backupbucket.DefaultPredicates(opts.IgnoreOperationAnnotation), Type: openstack.Type, + ExtensionClass: opts.ExtensionClass, }) } diff --git a/pkg/controller/backupentry/add.go b/pkg/controller/backupentry/add.go index f31d2d7b8..e5905dd50 100644 --- a/pkg/controller/backupentry/add.go +++ b/pkg/controller/backupentry/add.go @@ -9,6 +9,7 @@ import ( "github.com/gardener/gardener/extensions/pkg/controller/backupentry" "github.com/gardener/gardener/extensions/pkg/controller/backupentry/genericactuator" + extensionsv1alpha1 "github.com/gardener/gardener/pkg/apis/extensions/v1alpha1" "sigs.k8s.io/controller-runtime/pkg/controller" "sigs.k8s.io/controller-runtime/pkg/manager" @@ -26,6 +27,8 @@ type AddOptions struct { Controller controller.Options // IgnoreOperationAnnotation specifies whether to ignore the operation annotation or not. IgnoreOperationAnnotation bool + // ExtensionClass defines the extension class this extension is responsible for. + ExtensionClass extensionsv1alpha1.ExtensionClass } // AddToManagerWithOptions adds a controller with the given Options to the given manager. @@ -36,6 +39,7 @@ func AddToManagerWithOptions(ctx context.Context, mgr manager.Manager, opts AddO ControllerOptions: opts.Controller, Predicates: backupentry.DefaultPredicates(opts.IgnoreOperationAnnotation), Type: openstack.Type, + ExtensionClass: opts.ExtensionClass, }) } diff --git a/pkg/controller/dnsrecord/add.go b/pkg/controller/dnsrecord/add.go index 85265aeef..a08d49811 100644 --- a/pkg/controller/dnsrecord/add.go +++ b/pkg/controller/dnsrecord/add.go @@ -8,6 +8,7 @@ import ( "context" "github.com/gardener/gardener/extensions/pkg/controller/dnsrecord" + extensionsv1alpha1 "github.com/gardener/gardener/pkg/apis/extensions/v1alpha1" "sigs.k8s.io/controller-runtime/pkg/controller" "sigs.k8s.io/controller-runtime/pkg/manager" @@ -26,6 +27,8 @@ type AddOptions struct { Controller controller.Options // IgnoreOperationAnnotation specifies whether to ignore the operation annotation or not. IgnoreOperationAnnotation bool + // ExtensionClass defines the extension class this extension is responsible for. + ExtensionClass extensionsv1alpha1.ExtensionClass } // AddToManagerWithOptions adds a controller with the given Options to the given manager. @@ -36,6 +39,7 @@ func AddToManagerWithOptions(ctx context.Context, mgr manager.Manager, opts AddO ControllerOptions: opts.Controller, Predicates: dnsrecord.DefaultPredicates(ctx, mgr, opts.IgnoreOperationAnnotation), Type: openstack.DNSType, + ExtensionClass: opts.ExtensionClass, }) }