From f869d7559a9af29d01a3124e1f8b6ad1d0983a6a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergio=20L=C3=B3pez?= Date: Mon, 19 Apr 2021 13:00:29 +0200 Subject: [PATCH 1/4] Delete kube-rbac-proxy container from controller-manager --- config/default/kustomization.yaml | 3 ++- config/default/manager_metrics_patch.yaml | 17 +++++++++++++++++ config/manual/kustomization.yaml | 5 +++-- config/manual/manager_metrics_patch.yaml | 17 +++++++++++++++++ config/prometheus/monitor.yaml | 2 +- config/rbac/kustomization.yaml | 9 +++++---- config/rbac/metrics_service.yaml | 14 ++++++++++++++ config/testing/kustomization.yaml | 5 +++-- config/testing/manager_metrics_patch.yaml | 17 +++++++++++++++++ 9 files changed, 79 insertions(+), 10 deletions(-) create mode 100644 config/default/manager_metrics_patch.yaml create mode 100644 config/manual/manager_metrics_patch.yaml create mode 100644 config/rbac/metrics_service.yaml create mode 100644 config/testing/manager_metrics_patch.yaml diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml index b17d31d..b2a2497 100644 --- a/config/default/kustomization.yaml +++ b/config/default/kustomization.yaml @@ -22,4 +22,5 @@ patchesStrategicMerge: # Protect the /metrics endpoint by putting it behind auth. # If you want your controller-manager to expose the /metrics # endpoint w/o any authn/z, please comment the following line. -- manager_auth_proxy_patch.yaml + #- manager_auth_proxy_patch.yaml +- manager_metrics_patch.yaml diff --git a/config/default/manager_metrics_patch.yaml b/config/default/manager_metrics_patch.yaml new file mode 100644 index 0000000..0978b37 --- /dev/null +++ b/config/default/manager_metrics_patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: controller-manager + namespace: system +spec: + template: + spec: + containers: + - name: manager + args: + - "--metrics-addr=0.0.0.0:8080" + - "--enable-leader-election" + - "--leader-election-id=prometheus-exporter-operator" + ports: + - containerPort: 8080 + name: http \ No newline at end of file diff --git a/config/manual/kustomization.yaml b/config/manual/kustomization.yaml index 0bf839d..c6a6ea3 100644 --- a/config/manual/kustomization.yaml +++ b/config/manual/kustomization.yaml @@ -22,7 +22,8 @@ patchesStrategicMerge: # Protect the /metrics endpoint by putting it behind auth. # If you want your controller-manager to expose the /metrics # endpoint w/o any authn/z, please comment the following line. -- manager_auth_proxy_patch.yaml + #- manager_auth_proxy_patch.yaml +- manager_metrics_patch.yaml patches: - target: @@ -32,5 +33,5 @@ patches: name: controller-manager patch: |- - op: replace - path: /spec/template/spec/containers/1/env/1 + path: /spec/template/spec/containers/0/env/1 value: { "name": "WATCH_NAMESPACE", "value": prometheus-exporter-operator-system } \ No newline at end of file diff --git a/config/manual/manager_metrics_patch.yaml b/config/manual/manager_metrics_patch.yaml new file mode 100644 index 0000000..0978b37 --- /dev/null +++ b/config/manual/manager_metrics_patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: controller-manager + namespace: system +spec: + template: + spec: + containers: + - name: manager + args: + - "--metrics-addr=0.0.0.0:8080" + - "--enable-leader-election" + - "--leader-election-id=prometheus-exporter-operator" + ports: + - containerPort: 8080 + name: http \ No newline at end of file diff --git a/config/prometheus/monitor.yaml b/config/prometheus/monitor.yaml index 1b44d4f..5554ead 100644 --- a/config/prometheus/monitor.yaml +++ b/config/prometheus/monitor.yaml @@ -10,7 +10,7 @@ metadata: spec: endpoints: - path: /metrics - port: https + port: http selector: matchLabels: control-plane: controller-manager diff --git a/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml index 4762a8f..0f36b36 100644 --- a/config/rbac/kustomization.yaml +++ b/config/rbac/kustomization.yaml @@ -7,7 +7,8 @@ resources: # Comment the following 4 lines if you want to disable # the auth proxy (https://github.com/brancz/kube-rbac-proxy) # which protects your /metrics endpoint. -- auth_proxy_service.yaml -- auth_proxy_role.yaml -- auth_proxy_role_binding.yaml -- auth_proxy_client_clusterrole.yaml +#- auth_proxy_service.yaml +#- auth_proxy_role.yaml +#- auth_proxy_role_binding.yaml +#- auth_proxy_client_clusterrole.yaml +- metrics_service.yaml diff --git a/config/rbac/metrics_service.yaml b/config/rbac/metrics_service.yaml new file mode 100644 index 0000000..85eb827 --- /dev/null +++ b/config/rbac/metrics_service.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: controller-manager-metrics-service + namespace: system +spec: + ports: + - name: http + port: 8080 + targetPort: http + selector: + control-plane: controller-manager diff --git a/config/testing/kustomization.yaml b/config/testing/kustomization.yaml index 0593d33..adef47c 100644 --- a/config/testing/kustomization.yaml +++ b/config/testing/kustomization.yaml @@ -9,7 +9,8 @@ namePrefix: prometheus-exporter-operator- patchesStrategicMerge: - debug_logs_patch.yaml -- manager_auth_proxy_patch.yaml +#- manager_auth_proxy_patch.yaml +- manager_metrics_patch.yaml apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization @@ -28,5 +29,5 @@ patches: name: controller-manager patch: |- - op: replace - path: /spec/template/spec/containers/1/env/2 + path: /spec/template/spec/containers/0/env/2 value: { "name": "WATCH_NAMESPACE", "value": default } \ No newline at end of file diff --git a/config/testing/manager_metrics_patch.yaml b/config/testing/manager_metrics_patch.yaml new file mode 100644 index 0000000..0978b37 --- /dev/null +++ b/config/testing/manager_metrics_patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: controller-manager + namespace: system +spec: + template: + spec: + containers: + - name: manager + args: + - "--metrics-addr=0.0.0.0:8080" + - "--enable-leader-election" + - "--leader-election-id=prometheus-exporter-operator" + ports: + - containerPort: 8080 + name: http \ No newline at end of file From e6da13a293f918921d1374b44192c7ddf7ea900f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergio=20L=C3=B3pez?= Date: Mon, 19 Apr 2021 13:02:50 +0200 Subject: [PATCH 2/4] Update prepare-stable-release make target to make it explicit --- Makefile | 2 +- docs/release.md | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index d92baf8..f9f40cb 100644 --- a/Makefile +++ b/Makefile @@ -143,7 +143,7 @@ bundle-build: ######################### prepare-alpha-release: bundle -prepare-release: bundle +prepare-stable-release: bundle $(MAKE) bundle CHANNELS=alpha,stable DEFAULT_CHANNEL=alpha bundle-push: diff --git a/docs/release.md b/docs/release.md index 0bbb588..c6eeeaf 100644 --- a/docs/release.md +++ b/docs/release.md @@ -12,8 +12,8 @@ make prepare-alpha-release * Then you can manually execute opeator, bundle and catalog build/push. ## Stable -* Either if it is an **stable** release, execute the following target to create appropiate `alpha` and `stable` bundle files: +* But if it is an **stable** release, execute the following target to create appropiate `alpha` and `stable` bundle files: ```bash -make prepare-release +make prepare-stable-release ``` * Then open a [Pull Request](https://github.com/3scale-ops/prometheus-exporter-operator/pulls), and a GitHub Action will automatically detect if it is new release or not, in order to create it by building/pushing new operator, bundle and catalog images, as well as creating a GitHub release draft. From f1377fb52ed17001bd6b085a54f63d97b2808f85 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergio=20L=C3=B3pez?= Date: Mon, 19 Apr 2021 13:09:56 +0200 Subject: [PATCH 3/4] Release v0.3.1-alpha.1 --- Makefile | 2 +- bundle.Dockerfile | 3 +- ...nitoring.coreos.com_v1_servicemonitor.yaml | 2 +- ...er-manager-metrics-service_v1_service.yaml | 6 +-- ...c.authorization.k8s.io_v1_clusterrole.yaml | 10 ----- ...porter-operator.clusterserviceversion.yaml | 37 ++++--------------- bundle/metadata/annotations.yaml | 3 +- config/manager/kustomization.yaml | 2 +- 8 files changed, 15 insertions(+), 50 deletions(-) delete mode 100644 bundle/manifests/prometheus-exporter-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml diff --git a/Makefile b/Makefile index f9f40cb..dfb3c45 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ # Current Operator version -VERSION ?= 0.3.0 +VERSION ?= 0.3.1-alpha.1 # Image URL to use all building/pushing image targets IMG ?= quay.io/3scale/prometheus-exporter-operator:v$(VERSION) # Default catalog image diff --git a/bundle.Dockerfile b/bundle.Dockerfile index 8779b3f..97ff6c9 100644 --- a/bundle.Dockerfile +++ b/bundle.Dockerfile @@ -5,8 +5,7 @@ LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1 LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ LABEL operators.operatorframework.io.bundle.package.v1=prometheus-exporter-operator -LABEL operators.operatorframework.io.bundle.channels.v1=alpha,stable -LABEL operators.operatorframework.io.bundle.channel.default.v1=alpha +LABEL operators.operatorframework.io.bundle.channels.v1=alpha LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1 LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.4.0+git LABEL operators.operatorframework.io.metrics.project_layout=ansible.sdk.operatorframework.io/v1 diff --git a/bundle/manifests/prometheus-exporter-operator-controller-manager-metrics-monitor_monitoring.coreos.com_v1_servicemonitor.yaml b/bundle/manifests/prometheus-exporter-operator-controller-manager-metrics-monitor_monitoring.coreos.com_v1_servicemonitor.yaml index d076e74..a7ee922 100644 --- a/bundle/manifests/prometheus-exporter-operator-controller-manager-metrics-monitor_monitoring.coreos.com_v1_servicemonitor.yaml +++ b/bundle/manifests/prometheus-exporter-operator-controller-manager-metrics-monitor_monitoring.coreos.com_v1_servicemonitor.yaml @@ -7,7 +7,7 @@ metadata: spec: endpoints: - path: /metrics - port: https + port: http selector: matchLabels: control-plane: controller-manager diff --git a/bundle/manifests/prometheus-exporter-operator-controller-manager-metrics-service_v1_service.yaml b/bundle/manifests/prometheus-exporter-operator-controller-manager-metrics-service_v1_service.yaml index 42f0854..2a9c5ea 100644 --- a/bundle/manifests/prometheus-exporter-operator-controller-manager-metrics-service_v1_service.yaml +++ b/bundle/manifests/prometheus-exporter-operator-controller-manager-metrics-service_v1_service.yaml @@ -7,9 +7,9 @@ metadata: name: prometheus-exporter-operator-controller-manager-metrics-service spec: ports: - - name: https - port: 8443 - targetPort: https + - name: http + port: 8080 + targetPort: http selector: control-plane: controller-manager status: diff --git a/bundle/manifests/prometheus-exporter-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml b/bundle/manifests/prometheus-exporter-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml deleted file mode 100644 index d4bd213..0000000 --- a/bundle/manifests/prometheus-exporter-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - creationTimestamp: null - name: prometheus-exporter-operator-metrics-reader -rules: -- nonResourceURLs: - - /metrics - verbs: - - get diff --git a/bundle/manifests/prometheus-exporter-operator.clusterserviceversion.yaml b/bundle/manifests/prometheus-exporter-operator.clusterserviceversion.yaml index 5b4ead7..d4447ef 100644 --- a/bundle/manifests/prometheus-exporter-operator.clusterserviceversion.yaml +++ b/bundle/manifests/prometheus-exporter-operator.clusterserviceversion.yaml @@ -33,7 +33,7 @@ metadata: operators.operatorframework.io/project_layout: ansible.sdk.operatorframework.io/v1 repository: https://github.com/3scale-ops/prometheus-exporter-operator support: Red Hat, Inc. - name: prometheus-exporter-operator.v0.3.0 + name: prometheus-exporter-operator.v0.3.1-alpha.1 namespace: placeholder spec: apiservicedefinitions: {} @@ -88,21 +88,6 @@ spec: mediatype: image/svg+xml install: spec: - clusterPermissions: - - rules: - - apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create - - apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create - serviceAccountName: prometheus-exporter-operator-controller-manager deployments: - name: prometheus-exporter-operator-controller-manager spec: @@ -118,18 +103,7 @@ spec: spec: containers: - args: - - --secure-listen-address=0.0.0.0:8443 - - --upstream=http://127.0.0.1:8080/ - - --logtostderr=true - - --v=10 - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.5.0 - name: kube-rbac-proxy - ports: - - containerPort: 8443 - name: https - resources: {} - - args: - - --metrics-addr=127.0.0.1:8080 + - --metrics-addr=0.0.0.0:8080 - --enable-leader-election - --leader-election-id=prometheus-exporter-operator env: @@ -139,7 +113,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.annotations['olm.targetNamespaces'] - image: quay.io/3scale/prometheus-exporter-operator:v0.3.0 + image: quay.io/3scale/prometheus-exporter-operator:v0.3.1-alpha.1 livenessProbe: httpGet: path: /healthz @@ -148,6 +122,9 @@ spec: periodSeconds: 20 timeoutSeconds: 5 name: manager + ports: + - containerPort: 8080 + name: http readinessProbe: httpGet: path: /readyz @@ -293,4 +270,4 @@ spec: provider: name: Red Hat url: https://www.redhat.com - version: 0.3.0 + version: 0.3.1-alpha.1 diff --git a/bundle/metadata/annotations.yaml b/bundle/metadata/annotations.yaml index 168e7b5..d098990 100644 --- a/bundle/metadata/annotations.yaml +++ b/bundle/metadata/annotations.yaml @@ -4,8 +4,7 @@ annotations: operators.operatorframework.io.bundle.manifests.v1: manifests/ operators.operatorframework.io.bundle.metadata.v1: metadata/ operators.operatorframework.io.bundle.package.v1: prometheus-exporter-operator - operators.operatorframework.io.bundle.channels.v1: alpha,stable - operators.operatorframework.io.bundle.channel.default.v1: alpha + operators.operatorframework.io.bundle.channels.v1: alpha operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 operators.operatorframework.io.metrics.builder: operator-sdk-v1.4.0+git operators.operatorframework.io.metrics.project_layout: ansible.sdk.operatorframework.io/v1 diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index d46cb15..24e5f83 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -5,4 +5,4 @@ kind: Kustomization images: - name: controller newName: quay.io/3scale/prometheus-exporter-operator - newTag: v0.3.0 + newTag: v0.3.1-alpha.1 From 53da07df24961793dab572f1ed8a8fa7c77b8509 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergio=20L=C3=B3pez?= Date: Mon, 19 Apr 2021 13:23:31 +0200 Subject: [PATCH 4/4] Release v0.3.1 --- Makefile | 2 +- bundle.Dockerfile | 3 ++- .../prometheus-exporter-operator.clusterserviceversion.yaml | 6 +++--- bundle/metadata/annotations.yaml | 3 ++- config/manager/kustomization.yaml | 2 +- 5 files changed, 9 insertions(+), 7 deletions(-) diff --git a/Makefile b/Makefile index dfb3c45..9d43109 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,5 @@ # Current Operator version -VERSION ?= 0.3.1-alpha.1 +VERSION ?= 0.3.1 # Image URL to use all building/pushing image targets IMG ?= quay.io/3scale/prometheus-exporter-operator:v$(VERSION) # Default catalog image diff --git a/bundle.Dockerfile b/bundle.Dockerfile index 97ff6c9..8779b3f 100644 --- a/bundle.Dockerfile +++ b/bundle.Dockerfile @@ -5,7 +5,8 @@ LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1 LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ LABEL operators.operatorframework.io.bundle.package.v1=prometheus-exporter-operator -LABEL operators.operatorframework.io.bundle.channels.v1=alpha +LABEL operators.operatorframework.io.bundle.channels.v1=alpha,stable +LABEL operators.operatorframework.io.bundle.channel.default.v1=alpha LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1 LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.4.0+git LABEL operators.operatorframework.io.metrics.project_layout=ansible.sdk.operatorframework.io/v1 diff --git a/bundle/manifests/prometheus-exporter-operator.clusterserviceversion.yaml b/bundle/manifests/prometheus-exporter-operator.clusterserviceversion.yaml index d4447ef..5c3e952 100644 --- a/bundle/manifests/prometheus-exporter-operator.clusterserviceversion.yaml +++ b/bundle/manifests/prometheus-exporter-operator.clusterserviceversion.yaml @@ -33,7 +33,7 @@ metadata: operators.operatorframework.io/project_layout: ansible.sdk.operatorframework.io/v1 repository: https://github.com/3scale-ops/prometheus-exporter-operator support: Red Hat, Inc. - name: prometheus-exporter-operator.v0.3.1-alpha.1 + name: prometheus-exporter-operator.v0.3.1 namespace: placeholder spec: apiservicedefinitions: {} @@ -113,7 +113,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.annotations['olm.targetNamespaces'] - image: quay.io/3scale/prometheus-exporter-operator:v0.3.1-alpha.1 + image: quay.io/3scale/prometheus-exporter-operator:v0.3.1 livenessProbe: httpGet: path: /healthz @@ -270,4 +270,4 @@ spec: provider: name: Red Hat url: https://www.redhat.com - version: 0.3.1-alpha.1 + version: 0.3.1 diff --git a/bundle/metadata/annotations.yaml b/bundle/metadata/annotations.yaml index d098990..168e7b5 100644 --- a/bundle/metadata/annotations.yaml +++ b/bundle/metadata/annotations.yaml @@ -4,7 +4,8 @@ annotations: operators.operatorframework.io.bundle.manifests.v1: manifests/ operators.operatorframework.io.bundle.metadata.v1: metadata/ operators.operatorframework.io.bundle.package.v1: prometheus-exporter-operator - operators.operatorframework.io.bundle.channels.v1: alpha + operators.operatorframework.io.bundle.channels.v1: alpha,stable + operators.operatorframework.io.bundle.channel.default.v1: alpha operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 operators.operatorframework.io.metrics.builder: operator-sdk-v1.4.0+git operators.operatorframework.io.metrics.project_layout: ansible.sdk.operatorframework.io/v1 diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index 24e5f83..78d2246 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -5,4 +5,4 @@ kind: Kustomization images: - name: controller newName: quay.io/3scale/prometheus-exporter-operator - newTag: v0.3.1-alpha.1 + newTag: v0.3.1