Add missing operator manifests

.gitignore

@@ -28,4 +28,3 @@ y.output
 .DS_Store
 
 .coverage
-cmd/cyphernetes/manifests/*.yaml

cmd/cyphernetes/manifests/operator-1.yaml

@@ -0,0 +1,101 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.16.1
+  name: dynamicoperators.cyphernetes-operator.cyphernet.es
+spec:
+  group: cyphernetes-operator.cyphernet.es
+  names:
+    kind: DynamicOperator
+    listKind: DynamicOperatorList
+    plural: dynamicoperators
+    singular: dynamicoperator
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .spec.resourceKind
+      name: ResourceKind
+      type: string
+    - jsonPath: .spec.namespace
+      name: Namespace
+      type: string
+    - jsonPath: .status.activeWatchers
+      name: ActiveWatchers
+      type: integer
+    name: v1
+    schema:
+      openAPIV3Schema:
+        description: DynamicOperator is the Schema for the dynamicoperators API
+        properties:
+          apiVersion:
+            description: |-
+              APIVersion defines the versioned schema of this representation of an object.
+              Servers should convert recognized schemas to the latest internal value, and
+              may reject unrecognized values.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+            type: string
+          kind:
+            description: |-
+              Kind is a string value representing the REST resource this object represents.
+              Servers may infer this from the endpoint the client submits requests to.
+              Cannot be updated.
+              In CamelCase.
+              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: DynamicOperatorSpec defines the desired state of DynamicOperator
+            properties:
+              namespace:
+                description: Namespace specifies the namespace to watch. If empty,
+                  it watches all namespaces
+                type: string
+              onCreate:
+                description: OnCreate is the Cyphernetes query to execute when a resource
+                  is created
+                type: string
+              onDelete:
+                description: OnDelete is the Cyphernetes query to execute when a resource
+                  is deleted
+                type: string
+              onUpdate:
+                description: OnUpdate is the Cyphernetes query to execute when a resource
+                  is updated
+                type: string
+              resourceKind:
+                description: ResourceKind specifies the Kubernetes resource kind to
+                  watch
+                type: string
+            required:
+            - resourceKind
+            type: object
+            x-kubernetes-validations:
+            - message: At least one of onCreate, onUpdate, or onDelete must be specified
+              rule: self.onCreate != "" || self.onUpdate != "" || self.onDelete !=
+                ""
+          status:
+            description: DynamicOperatorStatus defines the observed state of DynamicOperator
+            properties:
+              activeWatchers:
+                description: ActiveWatchers is the number of active watchers for this
+                  DynamicOperator
+                type: integer
+              lastExecutedQuery:
+                description: LastExecutedQuery is the last Cyphernetes query that
+                  was executed
+                type: string
+              lastExecutionTime:
+                description: LastExecutionTime is the timestamp of the last query
+                  execution
+                format: date-time
+                type: string
+            required:
+            - activeWatchers
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}

cmd/cyphernetes/manifests/operator-10.yaml

@@ -0,0 +1,15 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  labels:
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: cyphernetes-operator
+  name: cyphernetes-operator-manager-rolebinding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cyphernetes-operator-manager-role
+subjects:
+- kind: ServiceAccount
+  name: cyphernetes-operator-controller-manager
+  namespace: cyphernetes-system

cmd/cyphernetes/manifests/operator-11.yaml

@@ -0,0 +1,12 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: cyphernetes-operator-metrics-auth-rolebinding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cyphernetes-operator-metrics-auth-role
+subjects:
+- kind: ServiceAccount
+  name: cyphernetes-operator-controller-manager
+  namespace: cyphernetes-system

cmd/cyphernetes/manifests/operator-12.yaml

@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: cyphernetes-operator
+    control-plane: controller-manager
+  name: cyphernetes-operator-controller-manager-metrics-service
+  namespace: cyphernetes-system
+spec:
+  ports:
+  - name: https
+    port: 8443
+    protocol: TCP
+    targetPort: 8443
+  selector:
+    control-plane: controller-manager

cmd/cyphernetes/manifests/operator-13.yaml

@@ -0,0 +1,58 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: cyphernetes-operator
+    control-plane: controller-manager
+  name: cyphernetes-operator-controller-manager
+  namespace: cyphernetes-system
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      control-plane: controller-manager
+  template:
+    metadata:
+      annotations:
+        kubectl.kubernetes.io/default-container: manager
+      labels:
+        control-plane: controller-manager
+    spec:
+      containers:
+      - args:
+        - --metrics-bind-address=:8443
+        - --leader-elect
+        - --health-probe-bind-address=:8081
+        command:
+        - /manager
+        image: fatliverfreddy/cyphernetes-operator:latest
+        livenessProbe:
+          httpGet:
+            path: /healthz
+            port: 8081
+          initialDelaySeconds: 15
+          periodSeconds: 20
+        name: manager
+        readinessProbe:
+          httpGet:
+            path: /readyz
+            port: 8081
+          initialDelaySeconds: 5
+          periodSeconds: 10
+        resources:
+          limits:
+            cpu: 500m
+            memory: 128Mi
+          requests:
+            cpu: 10m
+            memory: 64Mi
+        securityContext:
+          allowPrivilegeEscalation: false
+          capabilities:
+            drop:
+            - ALL
+      securityContext:
+        runAsNonRoot: true
+      serviceAccountName: cyphernetes-operator-controller-manager
+      terminationGracePeriodSeconds: 10

cmd/cyphernetes/manifests/operator-2.yaml

@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  labels:
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: cyphernetes-operator
+  name: cyphernetes-operator-controller-manager
+  namespace: cyphernetes-system

cmd/cyphernetes/manifests/operator-3.yaml

@@ -0,0 +1,40 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  labels:
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: cyphernetes-operator
+  name: cyphernetes-operator-leader-election-role
+  namespace: cyphernetes-system
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - update
+  - patch
+  - delete
+- apiGroups:
+  - coordination.k8s.io
+  resources:
+  - leases
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - update
+  - patch
+  - delete
+- apiGroups:
+  - ""
+  resources:
+  - events
+  verbs:
+  - create
+  - patch

cmd/cyphernetes/manifests/operator-4.yaml

@@ -0,0 +1,26 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: cyphernetes-operator
+  name: cyphernetes-operator-dynamicoperator-editor-role
+rules:
+- apiGroups:
+  - cyphernetes-operator.cyphernet.es
+  resources:
+  - dynamicoperators
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - cyphernetes-operator.cyphernet.es
+  resources:
+  - dynamicoperators/status
+  verbs:
+  - get

cmd/cyphernetes/manifests/operator-5.yaml

@@ -0,0 +1,22 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: cyphernetes-operator
+  name: cyphernetes-operator-dynamicoperator-viewer-role
+rules:
+- apiGroups:
+  - cyphernetes-operator.cyphernet.es
+  resources:
+  - dynamicoperators
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - cyphernetes-operator.cyphernet.es
+  resources:
+  - dynamicoperators/status
+  verbs:
+  - get

cmd/cyphernetes/manifests/operator-6.yaml

@@ -0,0 +1,31 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: cyphernetes-operator-manager-role
+rules:
+- apiGroups:
+  - cyphernetes-operator.cyphernet.es
+  resources:
+  - dynamicoperators
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - cyphernetes-operator.cyphernet.es
+  resources:
+  - dynamicoperators/finalizers
+  verbs:
+  - update
+- apiGroups:
+  - cyphernetes-operator.cyphernet.es
+  resources:
+  - dynamicoperators/status
+  verbs:
+  - get
+  - patch
+  - update

cmd/cyphernetes/manifests/operator-7.yaml

@@ -0,0 +1,17 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: cyphernetes-operator-metrics-auth-role
+rules:
+- apiGroups:
+  - authentication.k8s.io
+  resources:
+  - tokenreviews
+  verbs:
+  - create
+- apiGroups:
+  - authorization.k8s.io
+  resources:
+  - subjectaccessreviews
+  verbs:
+  - create

cmd/cyphernetes/manifests/operator-8.yaml

@@ -0,0 +1,9 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: cyphernetes-operator-metrics-reader
+rules:
+- nonResourceURLs:
+  - /metrics
+  verbs:
+  - get

cmd/cyphernetes/manifests/operator-9.yaml

@@ -0,0 +1,16 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  labels:
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: cyphernetes-operator
+  name: cyphernetes-operator-leader-election-rolebinding
+  namespace: cyphernetes-system
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: cyphernetes-operator-leader-election-role
+subjects:
+- kind: ServiceAccount
+  name: cyphernetes-operator-controller-manager
+  namespace: cyphernetes-system