This is an automated email from the ASF dual-hosted git repository. nferraro pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/camel-k.git
commit e5354e53e48b853718848daf382f1da898e94b60 Author: nicolaferraro <ni.ferr...@gmail.com> AuthorDate: Mon Dec 20 17:09:50 2021 +0100 Fix #1107: added roles and regen --- addons/keda/keda.go | 1 - config/rbac/kustomization.yaml | 2 + ...zation.yaml => operator-role-binding-keda.yaml} | 36 +++++++----------- ...{kustomization.yaml => operator-role-keda.yaml} | 44 +++++++++++----------- docs/modules/traits/pages/keda.adoc | 2 + pkg/install/operator.go | 14 +++++++ pkg/resources/resources.go | 28 +++++++++++--- resources/traits.yaml | 4 +- 8 files changed, 77 insertions(+), 54 deletions(-) diff --git a/addons/keda/keda.go b/addons/keda/keda.go index 3a54896..c446ea3 100644 --- a/addons/keda/keda.go +++ b/addons/keda/keda.go @@ -123,7 +123,6 @@ func (t *kedaTrait) Configure(e *trait.Environment) (bool, error) { if t.Auto == nil || *t.Auto { if err := t.populateTriggersFromKamelets(e); err != nil { - // TODO: set condition return false, err } } diff --git a/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml index 40d4d39..7f03ac1 100644 --- a/config/rbac/kustomization.yaml +++ b/config/rbac/kustomization.yaml @@ -26,10 +26,12 @@ resources: - operator-role-events.yaml - operator-role-knative.yaml - operator-role.yaml +- operator-role-keda.yaml - operator-role-leases.yaml - operator-role-podmonitors.yaml - operator-role-strimzi.yaml - operator-role-binding-events.yaml +- operator-role-binding-keda.yaml - operator-role-binding-knative.yaml - operator-role-binding-leases.yaml - operator-role-binding-podmonitors.yaml diff --git a/config/rbac/kustomization.yaml b/config/rbac/operator-role-binding-keda.yaml similarity index 58% copy from config/rbac/kustomization.yaml copy to config/rbac/operator-role-binding-keda.yaml index 40d4d39..fd8c602 100644 --- a/config/rbac/kustomization.yaml +++ b/config/rbac/operator-role-binding-keda.yaml @@ -15,26 +15,16 @@ # limitations under the License. # --------------------------------------------------------------------------- -# -# rbac resources applicable for all kubernetes platforms -# -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -resources: -- user-cluster-role.yaml -- operator-role-events.yaml -- operator-role-knative.yaml -- operator-role.yaml -- operator-role-leases.yaml -- operator-role-podmonitors.yaml -- operator-role-strimzi.yaml -- operator-role-binding-events.yaml -- operator-role-binding-knative.yaml -- operator-role-binding-leases.yaml -- operator-role-binding-podmonitors.yaml -- operator-role-binding-strimzi.yaml -- operator-role-binding.yaml -- operator-cluster-role-custom-resource-definitions.yaml -- operator-cluster-role-binding-custom-resource-definitions.yaml - +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: camel-k-operator-keda + labels: + app: "camel-k" +subjects: +- kind: ServiceAccount + name: camel-k-operator +roleRef: + kind: Role + name: camel-k-operator-keda + apiGroup: rbac.authorization.k8s.io diff --git a/config/rbac/kustomization.yaml b/config/rbac/operator-role-keda.yaml similarity index 60% copy from config/rbac/kustomization.yaml copy to config/rbac/operator-role-keda.yaml index 40d4d39..22c026c 100644 --- a/config/rbac/kustomization.yaml +++ b/config/rbac/operator-role-keda.yaml @@ -15,26 +15,24 @@ # limitations under the License. # --------------------------------------------------------------------------- -# -# rbac resources applicable for all kubernetes platforms -# -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -resources: -- user-cluster-role.yaml -- operator-role-events.yaml -- operator-role-knative.yaml -- operator-role.yaml -- operator-role-leases.yaml -- operator-role-podmonitors.yaml -- operator-role-strimzi.yaml -- operator-role-binding-events.yaml -- operator-role-binding-knative.yaml -- operator-role-binding-leases.yaml -- operator-role-binding-podmonitors.yaml -- operator-role-binding-strimzi.yaml -- operator-role-binding.yaml -- operator-cluster-role-custom-resource-definitions.yaml -- operator-cluster-role-binding-custom-resource-definitions.yaml - +kind: Role +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: camel-k-operator-keda + labels: + app: "camel-k" +rules: +- apiGroups: + - "keda.sh" + resources: + - scaledobjects + - triggerauthentications + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch diff --git a/docs/modules/traits/pages/keda.adoc b/docs/modules/traits/pages/keda.adoc index 6f0fcac..1d5bbcb 100644 --- a/docs/modules/traits/pages/keda.adoc +++ b/docs/modules/traits/pages/keda.adoc @@ -70,6 +70,8 @@ The following configuration options are available: | []github.com/apache/camel-k/addons/keda.kedaTrigger | Definition of triggers according to the KEDA format. Each trigger must contain `type` field corresponding to the name of a KEDA autoscaler and a key/value map named `metadata` containing specific trigger options. +An optional `authentication-secret` can be declared per trigger and the operator will link each entry of +the secret to a KEDA authentication parameter. |=== diff --git a/pkg/install/operator.go b/pkg/install/operator.go index 9492ab1..33b8371 100644 --- a/pkg/install/operator.go +++ b/pkg/install/operator.go @@ -256,6 +256,13 @@ func OperatorOrCollect(ctx context.Context, c client.Client, cfg OperatorConfigu fmt.Println("Warning: the operator will not be able to publish Kubernetes events. Try installing as cluster-admin to allow it to generate events.") } + if errmtr := installKedaBindings(ctx, c, cfg.Namespace, customizer, collection, force); errmtr != nil { + if k8serrors.IsAlreadyExists(errmtr) { + return errmtr + } + fmt.Println("Warning: the operator will not be able to create KEDA resources. Try installing as cluster-admin.") + } + if errmtr := installPodMonitors(ctx, c, cfg.Namespace, customizer, collection, force); errmtr != nil { if k8serrors.IsAlreadyExists(errmtr) { return errmtr @@ -393,6 +400,13 @@ func installOperator(ctx context.Context, c client.Client, namespace string, cus ) } +func installKedaBindings(ctx context.Context, c client.Client, namespace string, customizer ResourceCustomizer, collection *kubernetes.Collection, force bool) error { + return ResourcesOrCollect(ctx, c, namespace, collection, force, customizer, + "/rbac/operator-role-keda.yaml", + "/rbac/operator-role-binding-keda.yaml", + ) +} + func installKnative(ctx context.Context, c client.Client, namespace string, customizer ResourceCustomizer, collection *kubernetes.Collection, force bool) error { return ResourcesOrCollect(ctx, c, namespace, collection, force, customizer, "/rbac/operator-role-knative.yaml", diff --git a/pkg/resources/resources.go b/pkg/resources/resources.go index a979664..c753ccb 100644 --- a/pkg/resources/resources.go +++ b/pkg/resources/resources.go @@ -152,16 +152,16 @@ var assets = func() http.FileSystem { "/crd/bases/camel.apache.org_kameletbindings.yaml": &vfsgen۰CompressedFileInfo{ name: "camel.apache.org_kameletbindings.yaml", modTime: time.Time{}, - uncompressedSize: 431973, + uncompressedSize: 432125, - compressedContent: []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xec\xbd\xfb\x73\x1b\x37\x96\x30\xfa\x7b\xfe\x0a\x94\x9c\xfa\x24\x6d\x44\xca\xce\xcc\xce\xdd\xf1\x9d\xfa\x52\x1a\x59\xce\xe8\xc6\x96\x59\x96\xe2\x7c\x29\x27\x9b\x05\xbb\x41\x12\xab\x6e\xa0\x17\x40\x53\xe2\x5e\xdf\xff\xfd\x16\x0e\x80\x7e\xf0\x25\x9c\xa6\xa8\x28\x3b\x8d\xa9\x9a\x98\x22\xfb\x34\x5e\xe7\xfd\x7a\x41\x06\x8f\x37\xbe\x7a\x41\xde\xf1\x84\x09\xcd\x52\x62\x24\x31\x33\x46\xce\x0a\x9a\xcc\x18\xb9\x96\x13\x73\x47\x [...] + compressedContent: []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xec\xbd\xfb\x73\x1b\x37\x96\x30\xfa\x7b\xfe\x0a\x94\x9c\xfa\x24\x6d\x44\xca\xce\xcc\xce\xdd\xf1\x9d\xfa\x52\x1a\x59\xce\xe8\xc6\x96\x59\x96\xe2\x7c\x29\x27\x9b\x05\xbb\x41\x12\xab\x6e\xa0\x17\x40\x53\xe2\x5e\xdf\xff\xfd\x16\x0e\x80\x7e\xf0\x25\x9c\xa6\xa8\x28\x3b\x8d\xa9\x9a\x98\x22\xfb\x34\x5e\xe7\xfd\x7a\x41\x06\x8f\x37\xbe\x7a\x41\xde\xf1\x84\x09\xcd\x52\x62\x24\x31\x33\x46\xce\x0a\x9a\xcc\x18\xb9\x96\x13\x73\x47\x [...] }, "/crd/bases/camel.apache.org_kamelets.yaml": &vfsgen۰CompressedFileInfo{ name: "camel.apache.org_kamelets.yaml", modTime: time.Time{}, - uncompressedSize: 24256, + uncompressedSize: 24280, - compressedContent: []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xec\x5c\x7d\x4f\xe3\x3a\xba\xff\xbf\x9f\xe2\x11\x1c\x69\x18\x89\x94\x96\xc2\x9c\x99\xde\x3f\x10\x07\x86\xbd\xbd\x87\x03\x88\xc2\xae\xce\x85\x59\xc9\x4d\x9e\xb6\x5e\x12\x3b\x6b\x3b\x14\xf6\xc0\x77\xbf\xb2\x9d\xa4\xe9\x4b\x12\xb7\x14\xf6\xe8\x6a\x2d\x8d\xa6\x49\xec\x9f\x9f\x37\x3f\x7e\xc9\x8f\x6c\x83\xb7\xb9\xd2\xd8\x86\x73\xea\x23\x93\x18\x80\xe2\xa0\xc6\x08\xc7\x31\xf1\xc7\x08\x7d\x3e\x54\x13\x22\x10\xce\x78\xc2\x02\x [...] + compressedContent: []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xec\x5c\x7d\x53\xe3\x38\x9a\xff\x3f\x9f\xe2\x29\x98\xaa\xa6\xab\x70\x48\x08\x30\xdd\xb9\x3f\x28\x06\x9a\xbd\xdc\xd0\x40\x11\xd8\xbd\x39\xe8\xad\x52\xec\x27\x89\x16\x5b\xf2\x4a\x32\x2f\x3b\xf0\xdd\xaf\x24\xd9\x8e\xf3\x62\x5b\x09\x81\xed\xba\x3a\x55\x4d\x0d\x76\xa4\x9f\x9e\x37\x3d\x7a\xfb\xb5\x37\xc1\x5b\x5f\x69\x6c\xc2\x19\xf5\x91\x49\x0c\x40\x71\x50\x63\x84\xa3\x98\xf8\x63\x84\x3e\x1f\xaa\x47\x22\x10\x4e\x79\xc2\x02\x [...] }, "/manager": &vfsgen۰DirInfo{ name: "manager", @@ -298,6 +298,13 @@ var assets = func() http.FileSystem { compressedContent: []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xac\x93\x41\x6f\xfa\x46\x10\xc5\xef\xfb\x29\x9e\xf0\xe5\x1f\x09\x4c\xdb\x53\x45\x4f\x4e\x02\xad\xd5\x08\x24\x4c\x1a\xe5\xb8\xac\x07\x7b\x8a\xbd\xe3\xee\xae\x71\xe8\xa7\xaf\xd6\x40\x93\xa8\x6a\xd5\x43\xf6\x86\x18\xbf\xf9\xbd\x7d\x6f\x13\xcc\xbe\xee\xa8\x04\x4f\x6c\xc8\x7a\x2a\x11\x04\xa1\x26\x64\x9d\x36\x35\xa1\x90\x43\x18\xb4\x23\xac\xa4\xb7\xa5\x0e\x2c\x16\xdf\xb2\x62\x75\x87\xde\x96\xe4\x20\x96\x20\x0e\xad\x38\x52\x [...] }, + "/rbac/operator-role-binding-keda.yaml": &vfsgen۰CompressedFileInfo{ + name: "operator-role-binding-keda.yaml", + modTime: time.Time{}, + uncompressedSize: 1215, + + compressedContent: []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xac\x93\x41\x8f\xdb\x36\x10\x85\xef\xfc\x15\x0f\xd6\x25\x01\xd6\x72\xdb\x53\xe1\x9e\x94\xcd\xba\x15\x1a\xd8\x80\xe5\x34\xc8\x71\x4c\x8d\xa5\xa9\x25\x8e\x4a\x52\xab\xb8\xbf\xbe\xa0\x6c\x77\x37\x28\xda\x5e\xc2\x9b\xa0\xd1\x9b\xef\xf1\x3d\x65\x58\x7e\xbb\x63\x32\x7c\x10\xcb\x2e\x70\x8d\xa8\x88\x2d\xa3\x18\xc8\xb6\x8c\x4a\x4f\x71\x22\xcf\xd8\xe8\xe8\x6a\x8a\xa2\x0e\x6f\x8a\x6a\xf3\x16\xa3\xab\xd9\x43\x1d\x43\x3d\x7a\xf5\x [...] + }, "/rbac/operator-role-binding-knative.yaml": &vfsgen۰CompressedFileInfo{ name: "operator-role-binding-knative.yaml", modTime: time.Time{}, @@ -340,6 +347,13 @@ var assets = func() http.FileSystem { compressedContent: []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xac\x53\xc1\x8e\xdb\x36\x10\xbd\xf3\x2b\x1e\xac\x4b\x02\xac\xe5\xb6\xa7\xc2\x3d\xb9\x9b\xdd\x56\x68\x60\x03\x2b\xa7\x41\x8e\x63\x69\x2c\x0d\x56\xe2\xa8\x43\x6a\x15\xf7\xeb\x0b\xca\x72\xb2\x41\xaf\xcb\x8b\x69\xf2\xe9\xcd\x7b\xf3\x86\x19\xd6\x6f\xb7\x5c\x86\x8f\x52\xb1\x0f\x5c\x23\x2a\x62\xcb\xd8\x0d\x54\xb5\x8c\x52\xcf\x71\x22\x63\x3c\xea\xe8\x6b\x8a\xa2\x1e\xef\x76\xe5\xe3\x7b\x8c\xbe\x66\x83\x7a\x86\x1a\x7a\x35\x76\x [...] }, + "/rbac/operator-role-keda.yaml": &vfsgen۰CompressedFileInfo{ + name: "operator-role-keda.yaml", + modTime: time.Time{}, + uncompressedSize: 1252, + + compressedContent: []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xac\x53\xc1\x8e\xdb\x36\x10\xbd\xf3\x2b\x1e\xac\x4b\x02\xac\xe5\xb6\xa7\xc2\x3d\xb9\x9b\xdd\xd6\x68\x60\x03\x2b\xa7\x41\x8e\x63\x6a\x2c\x4d\x4d\x91\xea\x90\x5a\x65\xfb\xf5\x05\x69\xbb\xd9\x45\xaf\xe1\xc5\x63\x72\xe6\xcd\x7b\xf3\x46\x15\x96\xdf\xef\x98\x0a\x1f\xc5\xb2\x8f\xdc\x22\x05\xa4\x9e\xb1\x19\xc9\xf6\x8c\x26\x9c\xd2\x4c\xca\x78\x0c\x93\x6f\x29\x49\xf0\x78\xb7\x69\x1e\xdf\x63\xf2\x2d\x2b\x82\x67\x04\xc5\x10\x94\x [...] + }, "/rbac/operator-role-knative.yaml": &vfsgen۰CompressedFileInfo{ name: "operator-role-knative.yaml", modTime: time.Time{}, @@ -541,9 +555,9 @@ var assets = func() http.FileSystem { "/traits.yaml": &vfsgen۰CompressedFileInfo{ name: "traits.yaml", modTime: time.Time{}, - uncompressedSize: 47743, + uncompressedSize: 49398, - compressedContent: []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xec\x7d\xfd\x73\x1c\xb7\xb1\xe0\xef\xfe\x2b\x50\x7c\x57\x25\x92\xb5\xbb\x94\x9d\x97\xc4\xc7\x3b\x5d\x8a\x96\xe4\x98\xb6\x3e\x78\x92\xec\x5c\x4a\xe7\xca\x62\x67\x7a\x77\x21\x62\x80\x09\x80\x21\xb5\xb9\x77\xff\xfb\x2b\x74\xe3\x6b\x66\x77\xc9\xa1\x24\xfa\x85\x55\x79\xa9\x7a\x16\xc9\x01\xd0\xdd\x68\x34\xfa\x1b\xce\x70\xe1\xec\xe9\x57\x53\xa6\x78\x03\xa7\x8c\x2f\x97\x42\x09\xb7\xf9\x8a\xb1\x56\x72\xb7\xd4\xa6\x39\x65\x4b\x [...] + compressedContent: []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xec\x7d\xfd\x73\x5b\xb9\x91\xe0\xef\xf3\x57\xa0\xb4\x57\x65\x49\x45\x52\x9e\xc9\x26\x3b\xa7\xbb\xd9\x94\xc6\x76\x12\xcd\xf8\x43\x67\x3b\xb3\x97\x9a\x9b\x0a\xc1\xf7\x9a\x24\xcc\x47\xe0\x05\xc0\x93\xcc\xdc\xde\xff\x7e\x85\xee\xc6\xc7\x7b\x24\x25\xca\xb6\x66\xa3\xad\xdd\x54\xed\x58\xd2\x03\xd0\x68\x34\xfa\xbb\x1b\xde\x4a\xe5\xdd\xf9\x57\x63\xa1\xe5\x1a\xce\x85\x9c\xcf\x95\x56\x7e\xf3\x95\x10\x6d\x23\xfd\xdc\xd8\xf5\xb9\x [...] }, } fs["/"].(*vfsgen۰DirInfo).entries = []os.FileInfo{ @@ -605,12 +619,14 @@ var assets = func() http.FileSystem { fs["/rbac/operator-cluster-role-binding-custom-resource-definitions.yaml"].(os.FileInfo), fs["/rbac/operator-cluster-role-custom-resource-definitions.yaml"].(os.FileInfo), fs["/rbac/operator-role-binding-events.yaml"].(os.FileInfo), + fs["/rbac/operator-role-binding-keda.yaml"].(os.FileInfo), fs["/rbac/operator-role-binding-knative.yaml"].(os.FileInfo), fs["/rbac/operator-role-binding-leases.yaml"].(os.FileInfo), fs["/rbac/operator-role-binding-podmonitors.yaml"].(os.FileInfo), fs["/rbac/operator-role-binding-strimzi.yaml"].(os.FileInfo), fs["/rbac/operator-role-binding.yaml"].(os.FileInfo), fs["/rbac/operator-role-events.yaml"].(os.FileInfo), + fs["/rbac/operator-role-keda.yaml"].(os.FileInfo), fs["/rbac/operator-role-knative.yaml"].(os.FileInfo), fs["/rbac/operator-role-leases.yaml"].(os.FileInfo), fs["/rbac/operator-role-podmonitors.yaml"].(os.FileInfo), diff --git a/resources/traits.yaml b/resources/traits.yaml index a6c05b8..8eac6f4 100755 --- a/resources/traits.yaml +++ b/resources/traits.yaml @@ -622,7 +622,9 @@ traits: type: '[]github.com/apache/camel-k/addons/keda.kedaTrigger' description: Definition of triggers according to the KEDA format. Each trigger must contain `type` field correspondingto the name of a KEDA autoscaler and - a key/value map named `metadata` containing specific trigger options. + a key/value map named `metadata` containing specific trigger options.An optional + `authentication-secret` can be declared per trigger and the operator will link + each entry ofthe secret to a KEDA authentication parameter. - name: knative-service platform: false profiles: