From 97c08814340e7e88222d2c59f54f6f27dd00e965 Mon Sep 17 00:00:00 2001 From: Dion Gionet Mallet Date: Fri, 17 Feb 2023 17:06:30 -0500 Subject: [PATCH 1/3] refactor: renamed operator to dvls-kubernetes-operator --- Makefile | 4 ++-- PROJECT | 6 +++--- README.md | 14 +++++++------- config/default/kustomization.yaml | 4 ++-- config/manager/kustomization.yaml | 2 +- config/manager/manager.yaml | 8 ++++---- config/manifests/kustomization.yaml | 2 +- config/prometheus/monitor.yaml | 4 ++-- config/rbac/auth_proxy_client_clusterrole.yaml | 4 ++-- config/rbac/auth_proxy_role.yaml | 4 ++-- config/rbac/auth_proxy_role_binding.yaml | 4 ++-- config/rbac/auth_proxy_service.yaml | 4 ++-- config/rbac/dvlssecret_editor_role.yaml | 4 ++-- config/rbac/dvlssecret_viewer_role.yaml | 4 ++-- config/rbac/leader_election_role.yaml | 4 ++-- config/rbac/leader_election_role_binding.yaml | 4 ++-- config/rbac/role_binding.yaml | 4 ++-- config/rbac/service_account.yaml | 4 ++-- config/samples/dvls_v1alpha1_dvlssecret.yaml | 4 ++-- controllers/dvlssecret_controller.go | 2 +- controllers/suite_test.go | 2 +- go.mod | 2 +- main.go | 4 ++-- 23 files changed, 49 insertions(+), 49 deletions(-) diff --git a/Makefile b/Makefile index d0b0bee..95fc740 100644 --- a/Makefile +++ b/Makefile @@ -28,8 +28,8 @@ BUNDLE_METADATA_OPTS ?= $(BUNDLE_CHANNELS) $(BUNDLE_DEFAULT_CHANNEL) # This variable is used to construct full image tags for bundle and catalog images. # # For example, running 'make bundle-build bundle-push catalog-build catalog-push' will build and push both -# devolutions.com/devolutions-kubernetes-operator-bundle:$VERSION and devolutions.com/devolutions-kubernetes-operator-catalog:$VERSION. -IMAGE_TAG_BASE ?= devolutions.com/devolutions-kubernetes-operator +# devolutions.com/dvls-kubernetes-operator-bundle:$VERSION and devolutions.com/dvls-kubernetes-operator-catalog:$VERSION. +IMAGE_TAG_BASE ?= devolutions.com/dvls-kubernetes-operator # BUNDLE_IMG defines the image:tag used for the bundle. # You can use it as an arg. (E.g make bundle-build BUNDLE_IMG=/:) diff --git a/PROJECT b/PROJECT index b6c2a0b..bb374c2 100644 --- a/PROJECT +++ b/PROJECT @@ -4,8 +4,8 @@ layout: plugins: manifests.sdk.operatorframework.io/v2: {} scorecard.sdk.operatorframework.io/v2: {} -projectName: devolutions-kubernetes-operator -repo: github.com/Devolutions/devolutions-kubernetes-operator +projectName: dvls-kubernetes-operator +repo: github.com/Devolutions/dvls-kubernetes-operator resources: - api: crdVersion: v1 @@ -14,6 +14,6 @@ resources: domain: devolutions.com group: dvls kind: DvlsSecret - path: github.com/Devolutions/devolutions-kubernetes-operator/api/v1alpha1 + path: github.com/Devolutions/dvls-kubernetes-operator/api/v1alpha1 version: v1alpha1 version: "3" diff --git a/README.md b/README.md index ab9e279..eacd941 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# devolutions-kubernetes-operator +# dvls-kubernetes-operator // TODO(user): Add simple overview of use/purpose ## Description @@ -16,15 +16,15 @@ kubectl apply -f config/samples/ ``` 2. Build and push your image to the location specified by `IMG`: - + ```sh -make docker-build docker-push IMG=/devolutions-kubernetes-operator:tag +make docker-build docker-push IMG=/dvls-kubernetes-operator:tag ``` - + 3. Deploy the controller to the cluster with the image specified by `IMG`: ```sh -make deploy IMG=/devolutions-kubernetes-operator:tag +make deploy IMG=/dvls-kubernetes-operator:tag ``` ### Uninstall CRDs @@ -47,8 +47,8 @@ make undeploy ### How it works This project aims to follow the Kubernetes [Operator pattern](https://kubernetes.io/docs/concepts/extend-kubernetes/operator/) -It uses [Controllers](https://kubernetes.io/docs/concepts/architecture/controller/) -which provides a reconcile function responsible for synchronizing resources untile the desired state is reached on the cluster +It uses [Controllers](https://kubernetes.io/docs/concepts/architecture/controller/) +which provides a reconcile function responsible for synchronizing resources untile the desired state is reached on the cluster ### Test It Out 1. Install the CRDs into the cluster: diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml index 5fd4847..ff5bf85 100644 --- a/config/default/kustomization.yaml +++ b/config/default/kustomization.yaml @@ -1,12 +1,12 @@ # Adds namespace to all resources. -namespace: devolutions-kubernetes-operator-system +namespace: dvls-kubernetes-operator-system # Value of this field is prepended to the # names of all resources, e.g. a deployment named # "wordpress" becomes "alices-wordpress". # Note that it should also match with the prefix (text before '-') of the namespace # field above. -namePrefix: devolutions-kubernetes-operator- +namePrefix: dvls-kubernetes-operator- # Labels to add to all resources and selectors. #commonLabels: diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index ebc1f9c..1f64d93 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -4,5 +4,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization images: - name: controller - newName: devolutions/devolutions-kubernetes-operator + newName: devolutions/dvls-kubernetes-operator newTag: latest diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index 7e6603b..14f4c8e 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -6,8 +6,8 @@ metadata: app.kubernetes.io/name: namespace app.kubernetes.io/instance: system app.kubernetes.io/component: manager - app.kubernetes.io/created-by: devolutions-kubernetes-operator - app.kubernetes.io/part-of: devolutions-kubernetes-operator + app.kubernetes.io/created-by: dvls-kubernetes-operator + app.kubernetes.io/part-of: dvls-kubernetes-operator app.kubernetes.io/managed-by: kustomize name: system --- @@ -21,8 +21,8 @@ metadata: app.kubernetes.io/name: deployment app.kubernetes.io/instance: controller-manager app.kubernetes.io/component: manager - app.kubernetes.io/created-by: devolutions-kubernetes-operator - app.kubernetes.io/part-of: devolutions-kubernetes-operator + app.kubernetes.io/created-by: dvls-kubernetes-operator + app.kubernetes.io/part-of: dvls-kubernetes-operator app.kubernetes.io/managed-by: kustomize spec: selector: diff --git a/config/manifests/kustomization.yaml b/config/manifests/kustomization.yaml index 0c8ff1d..a7834b0 100644 --- a/config/manifests/kustomization.yaml +++ b/config/manifests/kustomization.yaml @@ -1,7 +1,7 @@ # These resources constitute the fully configured set of manifests # used to generate the 'manifests/' directory in a bundle. resources: -- bases/devolutions-kubernetes-operator.clusterserviceversion.yaml +- bases/dvls-kubernetes-operator.clusterserviceversion.yaml - ../default - ../samples - ../scorecard diff --git a/config/prometheus/monitor.yaml b/config/prometheus/monitor.yaml index 954b70c..130a5d6 100644 --- a/config/prometheus/monitor.yaml +++ b/config/prometheus/monitor.yaml @@ -8,8 +8,8 @@ metadata: app.kubernetes.io/name: servicemonitor app.kubernetes.io/instance: controller-manager-metrics-monitor app.kubernetes.io/component: metrics - app.kubernetes.io/created-by: devolutions-kubernetes-operator - app.kubernetes.io/part-of: devolutions-kubernetes-operator + app.kubernetes.io/created-by: dvls-kubernetes-operator + app.kubernetes.io/part-of: dvls-kubernetes-operator app.kubernetes.io/managed-by: kustomize name: controller-manager-metrics-monitor namespace: system diff --git a/config/rbac/auth_proxy_client_clusterrole.yaml b/config/rbac/auth_proxy_client_clusterrole.yaml index 29ac03a..fd77cbc 100644 --- a/config/rbac/auth_proxy_client_clusterrole.yaml +++ b/config/rbac/auth_proxy_client_clusterrole.yaml @@ -5,8 +5,8 @@ metadata: app.kubernetes.io/name: clusterrole app.kubernetes.io/instance: metrics-reader app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: devolutions-kubernetes-operator - app.kubernetes.io/part-of: devolutions-kubernetes-operator + app.kubernetes.io/created-by: dvls-kubernetes-operator + app.kubernetes.io/part-of: dvls-kubernetes-operator app.kubernetes.io/managed-by: kustomize name: metrics-reader rules: diff --git a/config/rbac/auth_proxy_role.yaml b/config/rbac/auth_proxy_role.yaml index 74184dd..49dc854 100644 --- a/config/rbac/auth_proxy_role.yaml +++ b/config/rbac/auth_proxy_role.yaml @@ -5,8 +5,8 @@ metadata: app.kubernetes.io/name: clusterrole app.kubernetes.io/instance: proxy-role app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: devolutions-kubernetes-operator - app.kubernetes.io/part-of: devolutions-kubernetes-operator + app.kubernetes.io/created-by: dvls-kubernetes-operator + app.kubernetes.io/part-of: dvls-kubernetes-operator app.kubernetes.io/managed-by: kustomize name: proxy-role rules: diff --git a/config/rbac/auth_proxy_role_binding.yaml b/config/rbac/auth_proxy_role_binding.yaml index 937f00e..a7844e1 100644 --- a/config/rbac/auth_proxy_role_binding.yaml +++ b/config/rbac/auth_proxy_role_binding.yaml @@ -5,8 +5,8 @@ metadata: app.kubernetes.io/name: clusterrolebinding app.kubernetes.io/instance: proxy-rolebinding app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: devolutions-kubernetes-operator - app.kubernetes.io/part-of: devolutions-kubernetes-operator + app.kubernetes.io/created-by: dvls-kubernetes-operator + app.kubernetes.io/part-of: dvls-kubernetes-operator app.kubernetes.io/managed-by: kustomize name: proxy-rolebinding roleRef: diff --git a/config/rbac/auth_proxy_service.yaml b/config/rbac/auth_proxy_service.yaml index f33ff57..9e3b1ac 100644 --- a/config/rbac/auth_proxy_service.yaml +++ b/config/rbac/auth_proxy_service.yaml @@ -6,8 +6,8 @@ metadata: app.kubernetes.io/name: service app.kubernetes.io/instance: ctrl-mgr-metrics-service app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: devolutions-kubernetes-operator - app.kubernetes.io/part-of: devolutions-kubernetes-operator + app.kubernetes.io/created-by: dvls-kubernetes-operator + app.kubernetes.io/part-of: dvls-kubernetes-operator app.kubernetes.io/managed-by: kustomize name: ctrl-mgr-metrics-service namespace: system diff --git a/config/rbac/dvlssecret_editor_role.yaml b/config/rbac/dvlssecret_editor_role.yaml index 19c4ff7..b13ed1a 100644 --- a/config/rbac/dvlssecret_editor_role.yaml +++ b/config/rbac/dvlssecret_editor_role.yaml @@ -6,8 +6,8 @@ metadata: app.kubernetes.io/name: clusterrole app.kubernetes.io/instance: dvlssecret-editor-role app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: devolutions-kubernetes-operator - app.kubernetes.io/part-of: devolutions-kubernetes-operator + app.kubernetes.io/created-by: dvls-kubernetes-operator + app.kubernetes.io/part-of: dvls-kubernetes-operator app.kubernetes.io/managed-by: kustomize name: dvlssecret-editor-role rules: diff --git a/config/rbac/dvlssecret_viewer_role.yaml b/config/rbac/dvlssecret_viewer_role.yaml index 1431ce5..6e1ac10 100644 --- a/config/rbac/dvlssecret_viewer_role.yaml +++ b/config/rbac/dvlssecret_viewer_role.yaml @@ -6,8 +6,8 @@ metadata: app.kubernetes.io/name: clusterrole app.kubernetes.io/instance: dvlssecret-viewer-role app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: devolutions-kubernetes-operator - app.kubernetes.io/part-of: devolutions-kubernetes-operator + app.kubernetes.io/created-by: dvls-kubernetes-operator + app.kubernetes.io/part-of: dvls-kubernetes-operator app.kubernetes.io/managed-by: kustomize name: dvlssecret-viewer-role rules: diff --git a/config/rbac/leader_election_role.yaml b/config/rbac/leader_election_role.yaml index 08b60bb..bb3a7ae 100644 --- a/config/rbac/leader_election_role.yaml +++ b/config/rbac/leader_election_role.yaml @@ -6,8 +6,8 @@ metadata: app.kubernetes.io/name: role app.kubernetes.io/instance: leader-election-role app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: devolutions-kubernetes-operator - app.kubernetes.io/part-of: devolutions-kubernetes-operator + app.kubernetes.io/created-by: dvls-kubernetes-operator + app.kubernetes.io/part-of: dvls-kubernetes-operator app.kubernetes.io/managed-by: kustomize name: leader-election-role rules: diff --git a/config/rbac/leader_election_role_binding.yaml b/config/rbac/leader_election_role_binding.yaml index 281c7ed..c7f6e82 100644 --- a/config/rbac/leader_election_role_binding.yaml +++ b/config/rbac/leader_election_role_binding.yaml @@ -5,8 +5,8 @@ metadata: app.kubernetes.io/name: rolebinding app.kubernetes.io/instance: leader-election-rolebinding app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: devolutions-kubernetes-operator - app.kubernetes.io/part-of: devolutions-kubernetes-operator + app.kubernetes.io/created-by: dvls-kubernetes-operator + app.kubernetes.io/part-of: dvls-kubernetes-operator app.kubernetes.io/managed-by: kustomize name: leader-election-rolebinding roleRef: diff --git a/config/rbac/role_binding.yaml b/config/rbac/role_binding.yaml index 50ce153..3e01878 100644 --- a/config/rbac/role_binding.yaml +++ b/config/rbac/role_binding.yaml @@ -5,8 +5,8 @@ metadata: app.kubernetes.io/name: clusterrolebinding app.kubernetes.io/instance: manager-rolebinding app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: devolutions-kubernetes-operator - app.kubernetes.io/part-of: devolutions-kubernetes-operator + app.kubernetes.io/created-by: dvls-kubernetes-operator + app.kubernetes.io/part-of: dvls-kubernetes-operator app.kubernetes.io/managed-by: kustomize name: manager-rolebinding roleRef: diff --git a/config/rbac/service_account.yaml b/config/rbac/service_account.yaml index 3fec5df..87c71a5 100644 --- a/config/rbac/service_account.yaml +++ b/config/rbac/service_account.yaml @@ -5,8 +5,8 @@ metadata: app.kubernetes.io/name: serviceaccount app.kubernetes.io/instance: controller-manager app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: devolutions-kubernetes-operator - app.kubernetes.io/part-of: devolutions-kubernetes-operator + app.kubernetes.io/created-by: dvls-kubernetes-operator + app.kubernetes.io/part-of: dvls-kubernetes-operator app.kubernetes.io/managed-by: kustomize name: controller-manager namespace: system diff --git a/config/samples/dvls_v1alpha1_dvlssecret.yaml b/config/samples/dvls_v1alpha1_dvlssecret.yaml index cde0560..dc66e1c 100644 --- a/config/samples/dvls_v1alpha1_dvlssecret.yaml +++ b/config/samples/dvls_v1alpha1_dvlssecret.yaml @@ -4,9 +4,9 @@ metadata: labels: app.kubernetes.io/name: dvlssecret app.kubernetes.io/instance: dvlssecret-sample - app.kubernetes.io/part-of: devolutions-kubernetes-operator + app.kubernetes.io/part-of: dvls-kubernetes-operator app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/created-by: devolutions-kubernetes-operator + app.kubernetes.io/created-by: dvls-kubernetes-operator name: dvlssecret-sample spec: # TODO(user): Add fields here diff --git a/controllers/dvlssecret_controller.go b/controllers/dvlssecret_controller.go index 17f62a4..9f6dcc0 100644 --- a/controllers/dvlssecret_controller.go +++ b/controllers/dvlssecret_controller.go @@ -32,7 +32,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/log" - dvlsv1alpha1 "github.com/Devolutions/devolutions-kubernetes-operator/api/v1alpha1" + dvlsv1alpha1 "github.com/Devolutions/dvls-kubernetes-operator/api/v1alpha1" "github.com/Devolutions/go-dvls" ) diff --git a/controllers/suite_test.go b/controllers/suite_test.go index b9b6472..eef4329 100644 --- a/controllers/suite_test.go +++ b/controllers/suite_test.go @@ -30,7 +30,7 @@ import ( logf "sigs.k8s.io/controller-runtime/pkg/log" "sigs.k8s.io/controller-runtime/pkg/log/zap" - dvlsv1alpha1 "github.com/Devolutions/devolutions-kubernetes-operator/api/v1alpha1" + dvlsv1alpha1 "github.com/Devolutions/dvls-kubernetes-operator/api/v1alpha1" //+kubebuilder:scaffold:imports ) diff --git a/go.mod b/go.mod index 5884dc3..93857cf 100644 --- a/go.mod +++ b/go.mod @@ -1,4 +1,4 @@ -module github.com/Devolutions/devolutions-kubernetes-operator +module github.com/Devolutions/dvls-kubernetes-operator go 1.19 diff --git a/main.go b/main.go index 3ead48d..92a5006 100644 --- a/main.go +++ b/main.go @@ -32,8 +32,8 @@ import ( "sigs.k8s.io/controller-runtime/pkg/healthz" "sigs.k8s.io/controller-runtime/pkg/log/zap" - dvlsv1alpha1 "github.com/Devolutions/devolutions-kubernetes-operator/api/v1alpha1" - "github.com/Devolutions/devolutions-kubernetes-operator/controllers" + dvlsv1alpha1 "github.com/Devolutions/dvls-kubernetes-operator/api/v1alpha1" + "github.com/Devolutions/dvls-kubernetes-operator/controllers" "github.com/Devolutions/go-dvls" //+kubebuilder:scaffold:imports ) From b7bc720f28b2f32a4bc7c9e424282607240513bb Mon Sep 17 00:00:00 2001 From: Dion Gionet Mallet Date: Fri, 17 Feb 2023 17:13:42 -0500 Subject: [PATCH 2/3] chore: added license --- LICENSE | 201 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 201 insertions(+) create mode 100644 LICENSE diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..261eeb9 --- /dev/null +++ b/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. From 684be6d8dc2043232902022c5c86ee1253854df8 Mon Sep 17 00:00:00 2001 From: Dion Gionet Mallet Date: Fri, 17 Feb 2023 17:15:12 -0500 Subject: [PATCH 3/3] doc: updated readme and fixed some todos --- README.md | 29 ++++++++++++++++++-- api/v1alpha1/dvlssecret_types.go | 2 -- config/manager/manager.yaml | 14 ++-------- config/samples/dvls_v1alpha1_dvlssecret.yaml | 3 +- controllers/dvlssecret_controller.go | 7 ----- 5 files changed, 30 insertions(+), 25 deletions(-) diff --git a/README.md b/README.md index eacd941..1b3f42c 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,32 @@ # dvls-kubernetes-operator -// TODO(user): Add simple overview of use/purpose +:warning: **This operator is a work in progress, expect breaking changes between releases** :warning: + +Operator to sync Devolutions Server `Credential Entry - Username / Password` entries as Kubernetes Secrets ## Description -// TODO(user): An in-depth paragraph about your project and overview of use +This operator uses the defined custom resource DvlsSecret which manages its own Kubernetes Secret and will keep itself up to date at a defined interval (every minute by default). +The Docker image can be found [here](https://hub.docker.com/r/devolutions/dvls-kubernetes-operator). + +### Operator configuration +The following Environment Variables can be used to configure the operator : +- `DEVO_OPERATOR_DVLS_BASEURI` (required) - DVLS instance base URI +- `DEVO_OPERATOR_DVLS_APPID` (required) - DVLS Application ID +- `DEVO_OPERATOR_DVLS_APPSECRET` (required) - DVLS Application Secret +- `DEVO_OPERATOR_REQUEUE_DURATION` (optional) - Entry/Secret resync interval (default 60s). Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + +A sample of the custom resource can be found [here](https://github.com/Devolutions/dvls-kubernetes-operator/blob/master/config/samples/dvls_v1alpha1_dvlssecret.yaml). +The entry ID can be fetched by going in the entry properties, `Advanced -> Session ID`. + +### Devolutions Server configuration +We recommend creating an [Application ID](https://helpserver.devolutions.net/webinterface_applications.html?q=application) specifically to be used with the Operator that has [minimal access to a vault](https://helpserver.devolutions.net/vaults_applications.html?q=application) that only contains the secrets to be synchronized. + +Only `Credential Entry - Username / Password` entries are supported at the moment. The following entry data is available per secret : +- entry name +- username +- password + +### Kubernetes configuration +Since this operator uses Kubernetes Secrets, it is recommended that you follow [best practices](https://kubernetes.io/docs/concepts/security/secrets-good-practices/) surrounding secrets, especially [encryption at rest](https://kubernetes.io/docs/tasks/administer-cluster/encrypt-data/). ## Getting Started You’ll need a Kubernetes cluster to run against. You can use [KIND](https://sigs.k8s.io/kind) to get a local cluster for testing, or run against a remote cluster. @@ -42,7 +66,6 @@ make undeploy ``` ## Contributing -// TODO(user): Add detailed information on how you would like others to contribute to this project ### How it works This project aims to follow the Kubernetes [Operator pattern](https://kubernetes.io/docs/concepts/extend-kubernetes/operator/) diff --git a/api/v1alpha1/dvlssecret_types.go b/api/v1alpha1/dvlssecret_types.go index f37c3a4..51cf401 100644 --- a/api/v1alpha1/dvlssecret_types.go +++ b/api/v1alpha1/dvlssecret_types.go @@ -29,8 +29,6 @@ type DvlsSecretSpec struct { // Important: Run "make" to regenerate code after modifying this file EntryID string `json:"entryId"` // entry id on dvls - // SecretName string `json:"secretName"` // secret name on kubernetes - // Namespace string `json:"namespace"` // secret namespace on kubernetes } // DvlsSecretStatus defines the observed state of DvlsSecret diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index 14f4c8e..666203d 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -58,13 +58,8 @@ spec: # - linux securityContext: runAsNonRoot: true - # TODO(user): For common cases that do not require escalating privileges - # it is recommended to ensure that all your Pods/Containers are restrictive. - # More info: https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted - # Please uncomment the following code if your project does NOT have to work on old Kubernetes - # versions < 1.19 or on vendors versions which do NOT support this field by default (i.e. Openshift < 4.11 ). - # seccompProfile: - # type: RuntimeDefault + seccompProfile: + type: RuntimeDefault containers: - command: - /manager @@ -89,14 +84,11 @@ spec: port: 8081 initialDelaySeconds: 5 periodSeconds: 10 - # TODO(user): Configure the resources accordingly based on the project requirements. - # More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ resources: limits: - cpu: 500m memory: 128Mi requests: - cpu: 10m + cpu: 100m memory: 64Mi env: - name: DEVO_OPERATOR_DVLS_APPID diff --git a/config/samples/dvls_v1alpha1_dvlssecret.yaml b/config/samples/dvls_v1alpha1_dvlssecret.yaml index dc66e1c..5badd44 100644 --- a/config/samples/dvls_v1alpha1_dvlssecret.yaml +++ b/config/samples/dvls_v1alpha1_dvlssecret.yaml @@ -9,5 +9,4 @@ metadata: app.kubernetes.io/created-by: dvls-kubernetes-operator name: dvlssecret-sample spec: - # TODO(user): Add fields here - entryId: (entry id) + entryId: 00000000-0000-0000-0000-000000000000 diff --git a/controllers/dvlssecret_controller.go b/controllers/dvlssecret_controller.go index 9f6dcc0..d4c7ac2 100644 --- a/controllers/dvlssecret_controller.go +++ b/controllers/dvlssecret_controller.go @@ -66,13 +66,6 @@ type DvlsSecretReconciler struct { // Reconcile is part of the main kubernetes reconciliation loop which aims to // move the current state of the cluster closer to the desired state. -// TODO(user): Modify the Reconcile function to compare the state specified by -// the DvlsSecret object against the actual cluster state, and then -// perform operations to make the cluster state reflect the state specified by -// the user. -// -// For more details, check Reconcile and its Result here: -// - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.13.0/pkg/reconcile func (r *DvlsSecretReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { log := log.FromContext(ctx)