stackabletech · adwk67 · May 5, 2023 · May 5, 2023 · May 5, 2023 · May 5, 2023
diff --git a/.gitignore b/.gitignore
@@ -14,4 +14,7 @@ crate-hashes.json
 result
 image.tar
 
-tilt_options.json
+tilt_options.json
+
+**/bundle/
+**/bundle.Dockerfile
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,12 @@ All notable changes to this project will be documented in this file.
 
 ## [Unreleased]
 
+### Added
+
+- Generate OLM bundle for Release 23.4.0 ([#74]).
+
+[#74]: https://github.com/stackabletech/listener-operator/pull/74
+
 ## [23.4.0] - 2023-04-17
 
 ### Added

diff --git a/deploy/olm/23.4.0/manifests/listener-operator-clusterrole.yaml b/deploy/olm/23.4.0/manifests/listener-operator-clusterrole.yaml
@@ -0,0 +1,84 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: listener-operator-clusterrole
+rules:
+  - apiGroups:
+      - ""
+    resources:
+      - events
+      - services
+    verbs:
+      - get
+      - list
+      - watch
+      - create
+      - patch
+  - apiGroups:
+      - ""
+    resources:
+      - persistentvolumes
+    verbs:
+      - get
+      - list
+      - watch
+      - create
+      - delete
+  - apiGroups:
+      - ""
+    resources:
+      - nodes
+      - persistentvolumeclaims
+      - endpoints
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+      - storage.k8s.io
+    resources:
+      - csinodes
+      - storageclasses
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+      - ""
+    resources:
+      - pods
+    verbs:
+      - get
+      - patch
+  - apiGroups:
+      - events.k8s.io
+    resources:
+      - events
+    verbs:
+      - create
+  - apiGroups:
+      - listeners.stackable.tech
+    resources:
+      - listenerclasses
+      - listeners
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+      - listeners.stackable.tech
+    resources:
+      - listeners
+      - listeners/status
+    verbs:
+      - patch
+      - create
+  - apiGroups:
+      - security.openshift.io
+    resourceNames:
+      - privileged
+    resources:
+      - securitycontextconstraints
+    verbs:
+      - use
diff --git a/deploy/olm/23.4.0/manifests/listener-operator-clusterrolebinding.yaml b/deploy/olm/23.4.0/manifests/listener-operator-clusterrolebinding.yaml
@@ -0,0 +1,13 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: listener-operator-clusterrolebinding
+subjects:
+  - kind: ServiceAccount
+    name: listener-operator-serviceaccount
+    namespace: stackable-operators
+roleRef:
+  kind: ClusterRole
+  name: listener-operator-clusterrole
+  apiGroup: rbac.authorization.k8s.io
diff --git a/deploy/olm/23.4.0/manifests/listener-operator-manifests.yaml b/deploy/olm/23.4.0/manifests/listener-operator-manifests.yaml
@@ -0,0 +1,137 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: listener-operator-deployer-manifests
+data:
+  csidriver.yaml: |
+    apiVersion: storage.k8s.io/v1
+    kind: CSIDriver
+    metadata:
+      name: listeners.stackable.tech
+      ownerReferences:
+        # We have to use a clusterScope object as an owner of another clusterScope object
+        - apiVersion: rbac.authorization.k8s.io/v1
+          kind: ClusterRole
+          name: "${LISTENER_OPERATOR_CLUSTERROLE_NAME}"
+          uid: "${LISTENER_OPERATOR_CLUSTERROLE_UID}"
+    spec:
+      attachRequired: false
+      podInfoOnMount: true
+      fsGroupPolicy: File
+      volumeLifecycleModes:
+        - Ephemeral
+        - Persistent
+  storageclass.yaml: |
+    apiVersion: storage.k8s.io/v1
+    kind: StorageClass
+    metadata:
+      name: listeners.stackable.tech
+      ownerReferences:
+        - apiVersion: rbac.authorization.k8s.io/v1
+          kind: ClusterRole
+          name: "${LISTENER_OPERATOR_CLUSTERROLE_NAME}"
+          uid: "${LISTENER_OPERATOR_CLUSTERROLE_UID}"
+    provisioner: listeners.stackable.tech
+    volumeBindingMode: WaitForFirstConsumer
+  node-daemonset.yaml: |
+    apiVersion: apps/v1
+    kind: DaemonSet
+    metadata:
+      name: listener-operator-node-daemonset
+      labels:
+        app.kubernetes.io/instance: listener-operator
+        app.kubernetes.io/name: listener-operator
+        app.kubernetes.io/version: 23.4.0
+      # We have to use a namespaced object as an owner of another namespaced object
+      ownerReferences:
+        - apiVersion: apps/v1
+          kind: Deployment
+          name: listener-operator-deployer
+          uid: "${LISTENER_OPERATOR_DEPLOYER_DEPLOYMENT_UID}"
+    spec:
+      selector:
+        matchLabels:
+          app.kubernetes.io/instance: listener-operator
+          app.kubernetes.io/name: listener-operator
+          app.kubernetes.io/role: node
+      template:
+        metadata:
+          labels:
+            app.kubernetes.io/instance: listener-operator
+            app.kubernetes.io/name: listener-operator
+            app.kubernetes.io/role: node
+        spec:
+          containers:
+          - name: listener-operator
+            securityContext:
+              privileged: true
+              runAsUser: 0
+            args:
+            - run
+            - node
+            env:
+            - name: CSI_ENDPOINT
+              value: /csi/csi.sock
+            - name: NODE_NAME
+              valueFrom:
+                fieldRef:
+                  apiVersion: v1
+                  fieldPath: spec.nodeName
+            image: docker.stackable.tech/stackable/listener-operator:23.4.0
+            imagePullPolicy: IfNotPresent
+            volumeMounts:
+            - mountPath: /csi
+              name: csi
+            - mountPath: /var/lib/kubelet/pods
+              mountPropagation: Bidirectional
+              name: mountpoint
+          - name: node-driver-registrar
+            args:
+            - --csi-address=/csi/csi.sock
+            - --kubelet-registration-path=/var/lib/kubelet/plugins/listeners.stackable.tech/csi.sock
+            image: docker.stackable.tech/k8s/sig-storage/csi-node-driver-registrar:v2.5.0
+            imagePullPolicy: IfNotPresent
+            volumeMounts:
+            - mountPath: /registration
+              name: registration-sock
+            - mountPath: /csi
+              name: csi
+          serviceAccountName: listener-operator-serviceaccount
+          volumes:
+          - hostPath:
+              path: /var/lib/kubelet/plugins_registry
+              type: ""
+            name: registration-sock
+          - hostPath:
+              path: /var/lib/kubelet/plugins/listeners.stackable.tech/
+              type: ""
+            name: csi
+          - hostPath:
+              path: /var/lib/kubelet/pods/
+              type: ""
+            name: mountpoint
+  listener-nodeport.yaml: |
+    apiVersion: listeners.stackable.tech/v1alpha1
+    kind: ListenerClass
+    metadata:
+      name: nodeport
+      ownerReferences:
+        - apiVersion: rbac.authorization.k8s.io/v1
+          kind: ClusterRole
+          name: "${LISTENER_OPERATOR_CLUSTERROLE_NAME}"
+          uid: "${LISTENER_OPERATOR_CLUSTERROLE_UID}"
+    spec:
+      serviceType: NodePort
+  listener-lb-external.yaml: |
+    apiVersion: listeners.stackable.tech/v1alpha1
+    kind: ListenerClass
+    metadata:
+      name: lb-external
+      ownerReferences:
+        - apiVersion: rbac.authorization.k8s.io/v1
+          kind: ClusterRole
+          name: "${LISTENER_OPERATOR_CLUSTERROLE_NAME}"
+          uid: "${LISTENER_OPERATOR_CLUSTERROLE_UID}"
+    spec:
+      serviceType: LoadBalancer
diff --git a/deploy/olm/23.4.0/manifests/listener-operator-serviceaccount.yaml b/deploy/olm/23.4.0/manifests/listener-operator-serviceaccount.yaml
@@ -0,0 +1,5 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: listener-operator-serviceaccount
diff --git a/deploy/olm/23.4.0/manifests/listenerclass.yaml b/deploy/olm/23.4.0/manifests/listenerclass.yaml
@@ -0,0 +1,48 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: listenerclasses.listeners.stackable.tech
+  annotations:
+    helm.sh/resource-policy: keep
+spec:
+  group: listeners.stackable.tech
+  names:
+    categories: []
+    kind: ListenerClass
+    plural: listenerclasses
+    shortNames: []
+    singular: listenerclass
+  scope: Cluster
+  versions:
+    - additionalPrinterColumns: []
+      name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: Auto-generated derived type for ListenerClassSpec via `CustomResource`
+          properties:
+            spec:
+              description: Defines a policy for how [`Listener`]s should be exposed.
+              properties:
+                serviceAnnotations:
+                  additionalProperties:
+                    type: string
+                  default: {}
+                  description: Annotations that should be added to the [`Service`] object.
+                  type: object
+                serviceType:
+                  description: The method used to access the services.
+                  enum:
+                    - NodePort
+                    - LoadBalancer
+                  type: string
+              required:
+                - serviceType
+              type: object
+          required:
+            - spec
+          title: ListenerClass
+          type: object
+      served: true
+      storage: true
+      subresources: {}