This is an automated email from the ASF dual-hosted git repository.
nferraro pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel-k.git
commit e5354e53e48b853718848daf382f1da898e94b60
Author: nicolaferraro <ni.ferr...@gmail.com>
AuthorDate: Mon Dec 20 17:09:50 2021 +0100
Fix #1107: added roles and regen
---
addons/keda/keda.go | 1 -
config/rbac/kustomization.yaml | 2 +
...zation.yaml => operator-role-binding-keda.yaml} | 36 +++++++-----------
...{kustomization.yaml => operator-role-keda.yaml} | 44 +++++++++++-----------
docs/modules/traits/pages/keda.adoc | 2 +
pkg/install/operator.go | 14 +++++++
pkg/resources/resources.go | 28 +++++++++++---
resources/traits.yaml | 4 +-
8 files changed, 77 insertions(+), 54 deletions(-)
diff --git a/addons/keda/keda.go b/addons/keda/keda.go
index 3a54896..c446ea3 100644
--- a/addons/keda/keda.go
+++ b/addons/keda/keda.go
@@ -123,7 +123,6 @@ func (t *kedaTrait) Configure(e *trait.Environment) (bool,
error) {
if t.Auto == nil || *t.Auto {
if err := t.populateTriggersFromKamelets(e); err != nil {
- // TODO: set condition
return false, err
}
}
diff --git a/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml
index 40d4d39..7f03ac1 100644
--- a/config/rbac/kustomization.yaml
+++ b/config/rbac/kustomization.yaml
@@ -26,10 +26,12 @@ resources:
- operator-role-events.yaml
- operator-role-knative.yaml
- operator-role.yaml
+- operator-role-keda.yaml
- operator-role-leases.yaml
- operator-role-podmonitors.yaml
- operator-role-strimzi.yaml
- operator-role-binding-events.yaml
+- operator-role-binding-keda.yaml
- operator-role-binding-knative.yaml
- operator-role-binding-leases.yaml
- operator-role-binding-podmonitors.yaml
diff --git a/config/rbac/kustomization.yaml
b/config/rbac/operator-role-binding-keda.yaml
similarity index 58%
copy from config/rbac/kustomization.yaml
copy to config/rbac/operator-role-binding-keda.yaml
index 40d4d39..fd8c602 100644
--- a/config/rbac/kustomization.yaml
+++ b/config/rbac/operator-role-binding-keda.yaml
@@ -15,26 +15,16 @@
# limitations under the License.
# ---------------------------------------------------------------------------
-#
-# rbac resources applicable for all kubernetes platforms
-#
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-
-resources:
-- user-cluster-role.yaml
-- operator-role-events.yaml
-- operator-role-knative.yaml
-- operator-role.yaml
-- operator-role-leases.yaml
-- operator-role-podmonitors.yaml
-- operator-role-strimzi.yaml
-- operator-role-binding-events.yaml
-- operator-role-binding-knative.yaml
-- operator-role-binding-leases.yaml
-- operator-role-binding-podmonitors.yaml
-- operator-role-binding-strimzi.yaml
-- operator-role-binding.yaml
-- operator-cluster-role-custom-resource-definitions.yaml
-- operator-cluster-role-binding-custom-resource-definitions.yaml
-
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: camel-k-operator-keda
+ labels:
+ app: "camel-k"
+subjects:
+- kind: ServiceAccount
+ name: camel-k-operator
+roleRef:
+ kind: Role
+ name: camel-k-operator-keda
+ apiGroup: rbac.authorization.k8s.io
diff --git a/config/rbac/kustomization.yaml
b/config/rbac/operator-role-keda.yaml
similarity index 60%
copy from config/rbac/kustomization.yaml
copy to config/rbac/operator-role-keda.yaml
index 40d4d39..22c026c 100644
--- a/config/rbac/kustomization.yaml
+++ b/config/rbac/operator-role-keda.yaml
@@ -15,26 +15,24 @@
# limitations under the License.
# ---------------------------------------------------------------------------
-#
-# rbac resources applicable for all kubernetes platforms
-#
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-
-resources:
-- user-cluster-role.yaml
-- operator-role-events.yaml
-- operator-role-knative.yaml
-- operator-role.yaml
-- operator-role-leases.yaml
-- operator-role-podmonitors.yaml
-- operator-role-strimzi.yaml
-- operator-role-binding-events.yaml
-- operator-role-binding-knative.yaml
-- operator-role-binding-leases.yaml
-- operator-role-binding-podmonitors.yaml
-- operator-role-binding-strimzi.yaml
-- operator-role-binding.yaml
-- operator-cluster-role-custom-resource-definitions.yaml
-- operator-cluster-role-binding-custom-resource-definitions.yaml
-
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: camel-k-operator-keda
+ labels:
+ app: "camel-k"
+rules:
+- apiGroups:
+ - "keda.sh"
+ resources:
+ - scaledobjects
+ - triggerauthentications
+ verbs:
+ - create
+ - delete
+ - deletecollection
+ - get
+ - list
+ - patch
+ - update
+ - watch
diff --git a/docs/modules/traits/pages/keda.adoc
b/docs/modules/traits/pages/keda.adoc
index 6f0fcac..1d5bbcb 100644
--- a/docs/modules/traits/pages/keda.adoc
+++ b/docs/modules/traits/pages/keda.adoc
@@ -70,6 +70,8 @@ The following configuration options are available:
| []github.com/apache/camel-k/addons/keda.kedaTrigger
| Definition of triggers according to the KEDA format. Each trigger must
contain `type` field corresponding
to the name of a KEDA autoscaler and a key/value map named `metadata`
containing specific trigger options.
+An optional `authentication-secret` can be declared per trigger and the
operator will link each entry of
+the secret to a KEDA authentication parameter.
|===
diff --git a/pkg/install/operator.go b/pkg/install/operator.go
index 9492ab1..33b8371 100644
--- a/pkg/install/operator.go
+++ b/pkg/install/operator.go
@@ -256,6 +256,13 @@ func OperatorOrCollect(ctx context.Context, c
client.Client, cfg OperatorConfigu
fmt.Println("Warning: the operator will not be able to publish
Kubernetes events. Try installing as cluster-admin to allow it to generate
events.")
}
+ if errmtr := installKedaBindings(ctx, c, cfg.Namespace, customizer,
collection, force); errmtr != nil {
+ if k8serrors.IsAlreadyExists(errmtr) {
+ return errmtr
+ }
+ fmt.Println("Warning: the operator will not be able to create
KEDA resources. Try installing as cluster-admin.")
+ }
+
if errmtr := installPodMonitors(ctx, c, cfg.Namespace, customizer,
collection, force); errmtr != nil {
if k8serrors.IsAlreadyExists(errmtr) {
return errmtr
@@ -393,6 +400,13 @@ func installOperator(ctx context.Context, c client.Client,
namespace string, cus
)
}
+func installKedaBindings(ctx context.Context, c client.Client, namespace
string, customizer ResourceCustomizer, collection *kubernetes.Collection, force
bool) error {
+ return ResourcesOrCollect(ctx, c, namespace, collection, force,
customizer,
+ "/rbac/operator-role-keda.yaml",
+ "/rbac/operator-role-binding-keda.yaml",
+ )
+}
+
func installKnative(ctx context.Context, c client.Client, namespace string,
customizer ResourceCustomizer, collection *kubernetes.Collection, force bool)
error {
return ResourcesOrCollect(ctx, c, namespace, collection, force,
customizer,
"/rbac/operator-role-knative.yaml",
diff --git a/pkg/resources/resources.go b/pkg/resources/resources.go
index a979664..c753ccb 100644
--- a/pkg/resources/resources.go
+++ b/pkg/resources/resources.go
@@ -152,16 +152,16 @@ var assets = func() http.FileSystem {
"/crd/bases/camel.apache.org_kameletbindings.yaml":
&vfsgen۰CompressedFileInfo{
name:
"camel.apache.org_kameletbindings.yaml",
modTime: time.Time{},
- uncompressedSize: 431973,
+ uncompressedSize: 432125,
- compressedContent:
[]byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xec\xbd\xfb\x73\x1b\x37\x96\x30\xfa\x7b\xfe\x0a\x94\x9c\xfa\x24\x6d\x44\xca\xce\xcc\xce\xdd\xf1\x9d\xfa\x52\x1a\x59\xce\xe8\xc6\x96\x59\x96\xe2\x7c\x29\x27\x9b\x05\xbb\x41\x12\xab\x6e\xa0\x17\x40\x53\xe2\x5e\xdf\xff\xfd\x16\x0e\x80\x7e\xf0\x25\x9c\xa6\xa8\x28\x3b\x8d\xa9\x9a\x98\x22\xfb\x34\x5e\xe7\xfd\x7a\x41\x06\x8f\x37\xbe\x7a\x41\xde\xf1\x84\x09\xcd\x52\x62\x24\x31\x33\x46\xce\x0a\x9a\xcc\x18\xb9\x96\x13\x73\x47\x
[...]
+ compressedContent:
[]byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xec\xbd\xfb\x73\x1b\x37\x96\x30\xfa\x7b\xfe\x0a\x94\x9c\xfa\x24\x6d\x44\xca\xce\xcc\xce\xdd\xf1\x9d\xfa\x52\x1a\x59\xce\xe8\xc6\x96\x59\x96\xe2\x7c\x29\x27\x9b\x05\xbb\x41\x12\xab\x6e\xa0\x17\x40\x53\xe2\x5e\xdf\xff\xfd\x16\x0e\x80\x7e\xf0\x25\x9c\xa6\xa8\x28\x3b\x8d\xa9\x9a\x98\x22\xfb\x34\x5e\xe7\xfd\x7a\x41\x06\x8f\x37\xbe\x7a\x41\xde\xf1\x84\x09\xcd\x52\x62\x24\x31\x33\x46\xce\x0a\x9a\xcc\x18\xb9\x96\x13\x73\x47\x
[...]
},
"/crd/bases/camel.apache.org_kamelets.yaml":
&vfsgen۰CompressedFileInfo{
name: "camel.apache.org_kamelets.yaml",
modTime: time.Time{},
- uncompressedSize: 24256,
+ uncompressedSize: 24280,
- compressedContent:
[]byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xec\x5c\x7d\x4f\xe3\x3a\xba\xff\xbf\x9f\xe2\x11\x1c\x69\x18\x89\x94\x96\xc2\x9c\x99\xde\x3f\x10\x07\x86\xbd\xbd\x87\x03\x88\xc2\xae\xce\x85\x59\xc9\x4d\x9e\xb6\x5e\x12\x3b\x6b\x3b\x14\xf6\xc0\x77\xbf\xb2\x9d\xa4\xe9\x4b\x12\xb7\x14\xf6\xe8\x6a\x2d\x8d\xa6\x49\xec\x9f\x9f\x37\x3f\x7e\xc9\x8f\x6c\x83\xb7\xb9\xd2\xd8\x86\x73\xea\x23\x93\x18\x80\xe2\xa0\xc6\x08\xc7\x31\xf1\xc7\x08\x7d\x3e\x54\x13\x22\x10\xce\x78\xc2\x02\x
[...]
+ compressedContent:
[]byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xec\x5c\x7d\x53\xe3\x38\x9a\xff\x3f\x9f\xe2\x29\x98\xaa\xa6\xab\x70\x48\x08\x30\xdd\xb9\x3f\x28\x06\x9a\xbd\xdc\xd0\x40\x11\xd8\xbd\x39\xe8\xad\x52\xec\x27\x89\x16\x5b\xf2\x4a\x32\x2f\x3b\xf0\xdd\xaf\x24\xd9\x8e\xf3\x62\x5b\x09\x81\xed\xba\x3a\x55\x4d\x0d\x76\xa4\x9f\x9e\x37\x3d\x7a\xfb\xb5\x37\xc1\x5b\x5f\x69\x6c\xc2\x19\xf5\x91\x49\x0c\x40\x71\x50\x63\x84\xa3\x98\xf8\x63\x84\x3e\x1f\xaa\x47\x22\x10\x4e\x79\xc2\x02\x
[...]
},
"/manager": &vfsgen۰DirInfo{
name: "manager",
@@ -298,6 +298,13 @@ var assets = func() http.FileSystem {
compressedContent:
[]byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xac\x93\x41\x6f\xfa\x46\x10\xc5\xef\xfb\x29\x9e\xf0\xe5\x1f\x09\x4c\xdb\x53\x45\x4f\x4e\x02\xad\xd5\x08\x24\x4c\x1a\xe5\xb8\xac\x07\x7b\x8a\xbd\xe3\xee\xae\x71\xe8\xa7\xaf\xd6\x40\x93\xa8\x6a\xd5\x43\xf6\x86\x18\xbf\xf9\xbd\x7d\x6f\x13\xcc\xbe\xee\xa8\x04\x4f\x6c\xc8\x7a\x2a\x11\x04\xa1\x26\x64\x9d\x36\x35\xa1\x90\x43\x18\xb4\x23\xac\xa4\xb7\xa5\x0e\x2c\x16\xdf\xb2\x62\x75\x87\xde\x96\xe4\x20\x96\x20\x0e\xad\x38\x52\x
[...]
},
+ "/rbac/operator-role-binding-keda.yaml":
&vfsgen۰CompressedFileInfo{
+ name: "operator-role-binding-keda.yaml",
+ modTime: time.Time{},
+ uncompressedSize: 1215,
+
+ compressedContent:
[]byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xac\x93\x41\x8f\xdb\x36\x10\x85\xef\xfc\x15\x0f\xd6\x25\x01\xd6\x72\xdb\x53\xe1\x9e\x94\xcd\xba\x15\x1a\xd8\x80\xe5\x34\xc8\x71\x4c\x8d\xa5\xa9\x25\x8e\x4a\x52\xab\xb8\xbf\xbe\xa0\x6c\x77\x37\x28\xda\x5e\xc2\x9b\xa0\xd1\x9b\xef\xf1\x3d\x65\x58\x7e\xbb\x63\x32\x7c\x10\xcb\x2e\x70\x8d\xa8\x88\x2d\xa3\x18\xc8\xb6\x8c\x4a\x4f\x71\x22\xcf\xd8\xe8\xe8\x6a\x8a\xa2\x0e\x6f\x8a\x6a\xf3\x16\xa3\xab\xd9\x43\x1d\x43\x3d\x7a\xf5\x
[...]
+ },
"/rbac/operator-role-binding-knative.yaml":
&vfsgen۰CompressedFileInfo{
name: "operator-role-binding-knative.yaml",
modTime: time.Time{},
@@ -340,6 +347,13 @@ var assets = func() http.FileSystem {
compressedContent:
[]byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xac\x53\xc1\x8e\xdb\x36\x10\xbd\xf3\x2b\x1e\xac\x4b\x02\xac\xe5\xb6\xa7\xc2\x3d\xb9\x9b\xdd\x56\x68\x60\x03\x2b\xa7\x41\x8e\x63\x69\x2c\x0d\x56\xe2\xa8\x43\x6a\x15\xf7\xeb\x0b\xca\x72\xb2\x41\xaf\xcb\x8b\x69\xf2\xe9\xcd\x7b\xf3\x86\x19\xd6\x6f\xb7\x5c\x86\x8f\x52\xb1\x0f\x5c\x23\x2a\x62\xcb\xd8\x0d\x54\xb5\x8c\x52\xcf\x71\x22\x63\x3c\xea\xe8\x6b\x8a\xa2\x1e\xef\x76\xe5\xe3\x7b\x8c\xbe\x66\x83\x7a\x86\x1a\x7a\x35\x76\x
[...]
},
+ "/rbac/operator-role-keda.yaml": &vfsgen۰CompressedFileInfo{
+ name: "operator-role-keda.yaml",
+ modTime: time.Time{},
+ uncompressedSize: 1252,
+
+ compressedContent:
[]byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xac\x53\xc1\x8e\xdb\x36\x10\xbd\xf3\x2b\x1e\xac\x4b\x02\xac\xe5\xb6\xa7\xc2\x3d\xb9\x9b\xdd\xd6\x68\x60\x03\x2b\xa7\x41\x8e\x63\x6a\x2c\x4d\x4d\x91\xea\x90\x5a\x65\xfb\xf5\x05\x69\xbb\xd9\x45\xaf\xe1\xc5\x63\x72\xe6\xcd\x7b\xf3\x46\x15\x96\xdf\xef\x98\x0a\x1f\xc5\xb2\x8f\xdc\x22\x05\xa4\x9e\xb1\x19\xc9\xf6\x8c\x26\x9c\xd2\x4c\xca\x78\x0c\x93\x6f\x29\x49\xf0\x78\xb7\x69\x1e\xdf\x63\xf2\x2d\x2b\x82\x67\x04\xc5\x10\x94\x
[...]
+ },
"/rbac/operator-role-knative.yaml": &vfsgen۰CompressedFileInfo{
name: "operator-role-knative.yaml",
modTime: time.Time{},
@@ -541,9 +555,9 @@ var assets = func() http.FileSystem {
"/traits.yaml": &vfsgen۰CompressedFileInfo{
name: "traits.yaml",
modTime: time.Time{},
- uncompressedSize: 47743,
+ uncompressedSize: 49398,
- compressedContent:
[]byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xec\x7d\xfd\x73\x1c\xb7\xb1\xe0\xef\xfe\x2b\x50\x7c\x57\x25\x92\xb5\xbb\x94\x9d\x97\xc4\xc7\x3b\x5d\x8a\x96\xe4\x98\xb6\x3e\x78\x92\xec\x5c\x4a\xe7\xca\x62\x67\x7a\x77\x21\x62\x80\x09\x80\x21\xb5\xb9\x77\xff\xfb\x2b\x74\xe3\x6b\x66\x77\xc9\xa1\x24\xfa\x85\x55\x79\xa9\x7a\x16\xc9\x01\xd0\xdd\x68\x34\xfa\x1b\xce\x70\xe1\xec\xe9\x57\x53\xa6\x78\x03\xa7\x8c\x2f\x97\x42\x09\xb7\xf9\x8a\xb1\x56\x72\xb7\xd4\xa6\x39\x65\x4b\x
[...]
+ compressedContent:
[]byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xec\x7d\xfd\x73\x5b\xb9\x91\xe0\xef\xf3\x57\xa0\xb4\x57\x65\x49\x45\x52\x9e\xc9\x26\x3b\xa7\xbb\xd9\x94\xc6\x76\x12\xcd\xf8\x43\x67\x3b\xb3\x97\x9a\x9b\x0a\xc1\xf7\x9a\x24\xcc\x47\xe0\x05\xc0\x93\xcc\xdc\xde\xff\x7e\x85\xee\xc6\xc7\x7b\x24\x25\xca\xb6\x66\xa3\xad\xdd\x54\xed\x58\xd2\x03\xd0\x68\x34\xfa\xbb\x1b\xde\x4a\xe5\xdd\xf9\x57\x63\xa1\xe5\x1a\xce\x85\x9c\xcf\x95\x56\x7e\xf3\x95\x10\x6d\x23\xfd\xdc\xd8\xf5\xb9\x
[...]
},
}
fs["/"].(*vfsgen۰DirInfo).entries = []os.FileInfo{
@@ -605,12 +619,14 @@ var assets = func() http.FileSystem {
fs["/rbac/operator-cluster-role-binding-custom-resource-definitions.yaml"].(os.FileInfo),
fs["/rbac/operator-cluster-role-custom-resource-definitions.yaml"].(os.FileInfo),
fs["/rbac/operator-role-binding-events.yaml"].(os.FileInfo),
+ fs["/rbac/operator-role-binding-keda.yaml"].(os.FileInfo),
fs["/rbac/operator-role-binding-knative.yaml"].(os.FileInfo),
fs["/rbac/operator-role-binding-leases.yaml"].(os.FileInfo),
fs["/rbac/operator-role-binding-podmonitors.yaml"].(os.FileInfo),
fs["/rbac/operator-role-binding-strimzi.yaml"].(os.FileInfo),
fs["/rbac/operator-role-binding.yaml"].(os.FileInfo),
fs["/rbac/operator-role-events.yaml"].(os.FileInfo),
+ fs["/rbac/operator-role-keda.yaml"].(os.FileInfo),
fs["/rbac/operator-role-knative.yaml"].(os.FileInfo),
fs["/rbac/operator-role-leases.yaml"].(os.FileInfo),
fs["/rbac/operator-role-podmonitors.yaml"].(os.FileInfo),
diff --git a/resources/traits.yaml b/resources/traits.yaml
index a6c05b8..8eac6f4 100755
--- a/resources/traits.yaml
+++ b/resources/traits.yaml
@@ -622,7 +622,9 @@ traits:
type: '[]github.com/apache/camel-k/addons/keda.kedaTrigger'
description: Definition of triggers according to the KEDA format. Each
trigger
must contain `type` field correspondingto the name of a KEDA autoscaler
and
- a key/value map named `metadata` containing specific trigger options.
+ a key/value map named `metadata` containing specific trigger options.An
optional
+ `authentication-secret` can be declared per trigger and the operator
will link
+ each entry ofthe secret to a KEDA authentication parameter.
- name: knative-service
platform: false
profiles:
