Created
August 12, 2020 16:21
-
-
Save fbiville/75e895a58b067e38003867638271f27e to your computer and use it in GitHub Desktop.
https://github.com/fbiville/eventing-contrib/ | registry-source branch | 91efb2b1da5db214e9c839bc23752ffad2543d8c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright 2019 The Knative Authors | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, | |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| # See the License for the specific language governing permissions and | |
| # limitations under the License. | |
| apiVersion: v1 | |
| kind: Namespace | |
| metadata: | |
| name: knative-sources | |
| labels: | |
| contrib.eventing.knative.dev/release: devel | |
| --- | |
| # Copyright 2019 The Knative Authors | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, | |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| # See the License for the specific language governing permissions and | |
| # limitations under the License. | |
| apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: | |
| name: registry-controller-manager | |
| namespace: knative-sources | |
| labels: | |
| contrib.eventing.knative.dev/release: devel | |
| --- | |
| apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: | |
| name: registry-webhook | |
| namespace: knative-sources | |
| labels: | |
| contrib.eventing.knative.dev/release: devel | |
| --- | |
| # Copyright 2019 The Knative Authors | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, | |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| # See the License for the specific language governing permissions and | |
| # limitations under the License. | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: ClusterRole | |
| metadata: | |
| name: eventing-sources-registry-controller | |
| labels: | |
| contrib.eventing.knative.dev/release: devel | |
| rules: | |
| - # Sources admin | |
| apiGroups: | |
| - sources.knative.dev | |
| resources: | |
| - registrysources | |
| verbs: &everything | |
| - get | |
| - list | |
| - watch | |
| - create | |
| - update | |
| - patch | |
| - delete | |
| - # Sources finalizer | |
| apiGroups: | |
| - sources.knative.dev | |
| resources: | |
| - registrysources/finalizers | |
| verbs: *everything | |
| - # Source statuses update | |
| apiGroups: | |
| - sources.knative.dev | |
| resources: | |
| - registrysources/status | |
| verbs: | |
| - get | |
| - update | |
| - patch | |
| - # Deployments admin | |
| apiGroups: | |
| - apps | |
| resources: | |
| - deployments | |
| verbs: *everything | |
| - # Knative Services admin | |
| apiGroups: | |
| - serving.knative.dev | |
| resources: | |
| - services | |
| verbs: *everything | |
| - # Secrets read | |
| apiGroups: | |
| - "" | |
| resources: | |
| - secrets | |
| - services | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - # Events admin | |
| apiGroups: | |
| - "" | |
| resources: | |
| - events | |
| - configmaps | |
| verbs: *everything | |
| - apiGroups: | |
| - coordination.k8s.io | |
| resources: | |
| - leases | |
| verbs: *everything | |
| --- | |
| # The role is needed for the aggregated role source-observer in knative-eventing to provide readonly access to "Sources". | |
| # Ref: https://github.com/knative/eventing/tree/master/config/core/rolessource-observer-clusterrole.yaml. | |
| kind: ClusterRole | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| metadata: | |
| name: eventing-contrib-registry-source-observer | |
| labels: | |
| eventing.knative.dev/release: devel | |
| duck.knative.dev/source: "true" | |
| rules: | |
| - apiGroups: | |
| - "sources.knative.dev" | |
| resources: | |
| - "registrysources" | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| --- | |
| # Copyright 2019 The Knative Authors | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, | |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| # See the License for the specific language governing permissions and | |
| # limitations under the License. | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: ClusterRoleBinding | |
| metadata: | |
| name: eventing-sources-registry-controller | |
| labels: | |
| contrib.eventing.knative.dev/release: devel | |
| subjects: | |
| - kind: ServiceAccount | |
| name: registry-controller-manager | |
| namespace: knative-sources | |
| roleRef: | |
| apiGroup: rbac.authorization.k8s.io | |
| kind: ClusterRole | |
| name: eventing-sources-registry-controller | |
| --- | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: ClusterRoleBinding | |
| metadata: | |
| name: eventing-sources-registry-webhook | |
| labels: | |
| contrib.eventing.knative.dev/release: devel | |
| subjects: | |
| - kind: ServiceAccount | |
| name: registry-webhook | |
| namespace: knative-sources | |
| roleRef: | |
| apiGroup: rbac.authorization.k8s.io | |
| kind: ClusterRole | |
| name: registry-webhook | |
| --- | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: ClusterRoleBinding | |
| metadata: | |
| name: eventing-sources-registry-podspecable-binding | |
| labels: | |
| contrib.eventing.knative.dev/release: devel | |
| subjects: | |
| - kind: ServiceAccount | |
| name: registry-webhook | |
| namespace: knative-sources | |
| roleRef: | |
| kind: ClusterRole | |
| name: podspecable-binding | |
| apiGroup: rbac.authorization.k8s.io | |
| --- | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: ClusterRoleBinding | |
| metadata: | |
| name: eventing-sources-registry-addressable-resolver | |
| labels: | |
| contrib.eventing.knative.dev/release: devel | |
| subjects: | |
| - kind: ServiceAccount | |
| name: registry-controller-manager | |
| namespace: knative-sources | |
| # An aggregated ClusterRole for all Addressable CRDs. | |
| # Ref: https://github.com/knative/eventing/tree/master/config/core/rolesaddressable-resolvers-clusterrole.yaml | |
| roleRef: | |
| apiGroup: rbac.authorization.k8s.io | |
| kind: ClusterRole | |
| name: addressable-resolver | |
| --- | |
| # Copyright 2020 The Knative Authors | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, | |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| # See the License for the specific language governing permissions and | |
| # limitations under the License. | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: ClusterRole | |
| metadata: | |
| name: registry-webhook | |
| labels: | |
| contrib.eventing.knative.dev/release: devel | |
| rules: | |
| - # Sources admin | |
| apiGroups: | |
| - sources.knative.dev | |
| resources: | |
| - registrysources | |
| verbs: &everything | |
| - get | |
| - list | |
| - watch | |
| - create | |
| - update | |
| - patch | |
| - delete | |
| - # Sources finalizer | |
| apiGroups: | |
| - sources.knative.dev | |
| resources: | |
| - registrysources/finalizers | |
| verbs: *everything | |
| - # Source statuses update | |
| apiGroups: | |
| - sources.knative.dev | |
| resources: | |
| - registrysources/status | |
| verbs: | |
| - get | |
| - update | |
| - patch | |
| - # Deployments admin | |
| apiGroups: | |
| - apps | |
| resources: | |
| - deployments | |
| verbs: *everything | |
| - # Knative Services admin | |
| apiGroups: | |
| - serving.knative.dev | |
| resources: | |
| - services | |
| verbs: *everything | |
| - # Secrets read | |
| apiGroups: | |
| - "" | |
| resources: | |
| - secrets | |
| - services | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - # Namespace labelling for webhook | |
| apiGroups: | |
| - "" | |
| resources: | |
| - namespaces | |
| verbs: | |
| - get | |
| - list | |
| - watch | |
| - patch | |
| - # Events admin | |
| apiGroups: | |
| - "" | |
| resources: | |
| - events | |
| - configmaps | |
| verbs: *everything | |
| - # EventTypes admin | |
| apiGroups: | |
| - eventing.knative.dev | |
| resources: | |
| - eventtypes | |
| verbs: *everything | |
| - # For manipulating certs into secrets. | |
| apiGroups: | |
| - "" | |
| resources: | |
| - "secrets" | |
| verbs: | |
| - "get" | |
| - "create" | |
| - "update" | |
| - "list" | |
| - "watch" | |
| - # For actually registering our webhook. | |
| apiGroups: | |
| - "admissionregistration.k8s.io" | |
| resources: | |
| - "mutatingwebhookconfigurations" | |
| - "validatingwebhookconfigurations" | |
| verbs: *everything | |
| - # Bindings admin | |
| apiGroups: | |
| - bindings.knative.dev | |
| resources: | |
| - registrybindings | |
| verbs: &everything | |
| - get | |
| - list | |
| - watch | |
| - create | |
| - update | |
| - patch | |
| - delete | |
| - # Bindings finalizer | |
| apiGroups: | |
| - bindings.knative.dev | |
| resources: | |
| - registrybindings/finalizers | |
| verbs: *everything | |
| - # Source statuses update | |
| apiGroups: | |
| - bindings.knative.dev | |
| resources: | |
| - registrybindings/status | |
| verbs: | |
| - get | |
| - update | |
| - patch | |
| --- | |
| # Copyright 2020 The Knative Authors | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, | |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| # See the License for the specific language governing permissions and | |
| # limitations under the License. | |
| apiVersion: apiextensions.k8s.io/v1beta1 | |
| kind: CustomResourceDefinition | |
| metadata: | |
| labels: | |
| contrib.eventing.knative.dev/release: devel | |
| duck.knative.dev/binding: "true" | |
| knative.dev/crd-install: "true" | |
| name: registrybindings.bindings.knative.dev | |
| spec: | |
| group: bindings.knative.dev | |
| names: | |
| categories: | |
| - all | |
| - knative | |
| - eventing | |
| - bindings | |
| kind: RegistryBinding | |
| plural: registrybindings | |
| scope: Namespaced | |
| subresources: | |
| status: {} | |
| additionalPrinterColumns: | |
| - name: Ready | |
| type: string | |
| JSONPath: ".status.conditions[?(@.type=='Ready')].status" | |
| - name: Reason | |
| type: string | |
| JSONPath: ".status.conditions[?(@.type=='Ready')].reason" | |
| versions: | |
| - name: v1alpha1 | |
| served: true | |
| storage: true | |
| --- | |
| # Copyright 2019 The Knative Authors | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, | |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| # See the License for the specific language governing permissions and | |
| # limitations under the License. | |
| apiVersion: apiextensions.k8s.io/v1beta1 | |
| kind: CustomResourceDefinition | |
| metadata: | |
| name: registrysources.sources.knative.dev | |
| labels: | |
| contrib.eventing.knative.dev/release: devel | |
| eventing.knative.dev/source: "true" | |
| duck.knative.dev/source: "true" | |
| knative.dev/crd-install: "true" | |
| annotations: | |
| # TODO add schemas and descriptions | |
| registry.knative.dev/eventTypes: | | |
| [ | |
| { "type": "dev.knative.source.registry.create" }, | |
| { "type": "dev.knative.source.registry.update" }, | |
| { "type": "dev.knative.source.registry.delete" } | |
| ] | |
| spec: | |
| group: sources.knative.dev | |
| names: | |
| categories: | |
| - all | |
| - knative | |
| - eventing | |
| - sources | |
| kind: RegistrySource | |
| plural: registrysources | |
| scope: Namespaced | |
| subresources: | |
| status: {} | |
| additionalPrinterColumns: | |
| - name: Ready | |
| type: string | |
| JSONPath: ".status.conditions[?(@.type=='Ready')].status" | |
| - name: Reason | |
| type: string | |
| JSONPath: ".status.conditions[?(@.type=='Ready')].reason" | |
| - name: Sink | |
| type: string | |
| JSONPath: ".status.sinkUri" | |
| - name: Age | |
| type: date | |
| JSONPath: .metadata.creationTimestamp | |
| validation: | |
| openAPIV3Schema: | |
| properties: | |
| spec: | |
| properties: | |
| eventTypes: | |
| items: | |
| enum: | |
| - create | |
| - delete | |
| - update | |
| type: string | |
| minItems: 1 | |
| type: array | |
| ownerAndRepository: | |
| minLength: 1 | |
| type: string | |
| serviceAccountName: | |
| type: string | |
| sink: | |
| anyOf: | |
| - type: object | |
| description: "the destination that should receive events." | |
| properties: | |
| ref: | |
| type: object | |
| description: "a reference to a Kubernetes object from which to | |
| retrieve the target URI." | |
| required: | |
| - apiVersion | |
| - kind | |
| - name | |
| properties: | |
| apiVersion: | |
| type: string | |
| minLength: 1 | |
| kind: | |
| type: string | |
| minLength: 1 | |
| name: | |
| type: string | |
| minLength: 1 | |
| uri: | |
| type: string | |
| description: "the target URI. If ref is provided, this must be | |
| relative URI reference." | |
| - type: object | |
| description: "DEPRECATED: a reference to a Kubernetes object from | |
| which to retrieve the target URI." | |
| required: | |
| - apiVersion | |
| - kind | |
| - name | |
| properties: | |
| apiVersion: | |
| type: string | |
| minLength: 1 | |
| kind: | |
| type: string | |
| minLength: 1 | |
| name: | |
| type: string | |
| minLength: 1 | |
| uri: | |
| type: string | |
| description: "the target URI. If ref is provided, this must be | |
| relative URI reference." | |
| required: | |
| - ownerAndRepository | |
| type: object | |
| status: | |
| properties: | |
| conditions: | |
| items: | |
| properties: | |
| lastTransitionTime: | |
| # we use a string in the stored object but a wrapper object | |
| # at runtime. | |
| type: string | |
| message: | |
| type: string | |
| reason: | |
| type: string | |
| severity: | |
| type: string | |
| status: | |
| type: string | |
| type: | |
| type: string | |
| required: | |
| - type | |
| - status | |
| type: object | |
| type: array | |
| sinkUri: | |
| type: string | |
| webhookIDKey: | |
| type: string | |
| type: object | |
| version: v1alpha1 | |
| --- | |
| # Copyright 2019 The Knative Authors | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, | |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| # See the License for the specific language governing permissions and | |
| # limitations under the License. | |
| apiVersion: v1 | |
| kind: Service | |
| metadata: | |
| name: registry-controller | |
| namespace: knative-sources | |
| labels: | |
| contrib.eventing.knative.dev/release: devel | |
| control-plane: registry-controller-manager | |
| spec: | |
| selector: | |
| control-plane: registry-controller-manager | |
| ports: | |
| - name: https-registry | |
| port: 443 | |
| --- | |
| # Copyright 2019 The Knative Authors | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, | |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| # See the License for the specific language governing permissions and | |
| # limitations under the License. | |
| apiVersion: apps/v1 | |
| kind: StatefulSet | |
| metadata: | |
| name: registry-controller-manager | |
| namespace: knative-sources | |
| labels: | |
| contrib.eventing.knative.dev/release: devel | |
| control-plane: registry-controller-manager | |
| spec: | |
| selector: | |
| matchLabels: &labels | |
| control-plane: registry-controller-manager | |
| serviceName: registry-controller-manager | |
| template: | |
| metadata: | |
| labels: *labels | |
| spec: | |
| serviceAccountName: registry-controller-manager | |
| containers: | |
| - image: docker.io/fbiville/controller-5a214be5b9564cf59cb92e889d3bc3c4@sha256:77ab9a5e377f1ffddb7eda59b90553c5a15d45a5fd9fc8a6ac0f4596aef34ffb | |
| name: manager | |
| env: | |
| - name: SYSTEM_NAMESPACE | |
| valueFrom: | |
| fieldRef: | |
| fieldPath: metadata.namespace | |
| - name: CONFIG_LOGGING_NAME | |
| value: config-logging | |
| - name: CONFIG_OBSERVABILITY_NAME | |
| value: config-observability | |
| - name: CONFIG_LEADERELECTION_NAME | |
| value: config-leader-election-registry | |
| - name: METRICS_DOMAIN | |
| value: knative.dev/sources | |
| - name: REG_RA_IMAGE | |
| value: docker.io/fbiville/receive_adapter-c995d9f5328d5aa813bd8a7de47595f0@sha256:f178f937a559799ae68b1cb4ed4b78ba84fd74bb625b7933dfe6f471ceac7164 | |
| resources: | |
| requests: | |
| cpu: 100m | |
| memory: 100Mi | |
| limits: | |
| cpu: 1000m | |
| memory: 1000Mi | |
| terminationGracePeriodSeconds: 10 | |
| --- | |
| # Copyright 2019 The Knative Authors | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # https://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, | |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| # See the License for the specific language governing permissions and | |
| # limitations under the License. | |
| apiVersion: admissionregistration.k8s.io/v1beta1 | |
| kind: MutatingWebhookConfiguration | |
| metadata: | |
| name: defaulting.webhook.registry.sources.knative.dev | |
| labels: | |
| contrib.eventing.knative.dev/release: devel | |
| webhooks: | |
| - admissionReviewVersions: | |
| - v1beta1 | |
| clientConfig: | |
| service: | |
| name: registry-webhook | |
| namespace: knative-sources | |
| failurePolicy: Fail | |
| name: defaulting.webhook.registry.sources.knative.dev | |
| --- | |
| apiVersion: admissionregistration.k8s.io/v1beta1 | |
| kind: ValidatingWebhookConfiguration | |
| metadata: | |
| name: validation.webhook.registry.sources.knative.dev | |
| labels: | |
| contrib.eventing.knative.dev/release: devel | |
| webhooks: | |
| - admissionReviewVersions: | |
| - v1beta1 | |
| clientConfig: | |
| service: | |
| name: registry-webhook | |
| namespace: knative-sources | |
| failurePolicy: Fail | |
| name: validation.webhook.registry.sources.knative.dev | |
| --- | |
| apiVersion: admissionregistration.k8s.io/v1beta1 | |
| kind: MutatingWebhookConfiguration | |
| metadata: | |
| name: registrybindings.webhook.registry.sources.knative.dev | |
| labels: | |
| samples.knative.dev/release: devel | |
| webhooks: | |
| - admissionReviewVersions: | |
| - v1beta1 | |
| clientConfig: | |
| service: | |
| name: registry-webhook | |
| namespace: knative-sources | |
| failurePolicy: Fail | |
| name: registrybindings.webhook.registry.sources.knative.dev | |
| --- | |
| apiVersion: v1 | |
| kind: Secret | |
| metadata: | |
| name: registry-webhook-certs | |
| namespace: knative-sources | |
| labels: | |
| contrib.eventing.knative.dev/release: devel | |
| # The data is populated at install time. | |
| --- | |
| # Copyright 2020 The Knative Authors | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # https://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, | |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| # See the License for the specific language governing permissions and | |
| # limitations under the License. | |
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| name: registry-webhook | |
| namespace: knative-sources | |
| labels: | |
| contrib.eventing.knative.dev/release: devel | |
| spec: | |
| replicas: 1 | |
| selector: | |
| matchLabels: &labels | |
| app: registry-webhook | |
| role: registry-webhook | |
| template: | |
| metadata: | |
| annotations: | |
| sidecar.istio.io/inject: "false" | |
| labels: *labels | |
| spec: | |
| serviceAccountName: registry-webhook | |
| containers: | |
| - name: registry-webhook | |
| terminationMessagePolicy: FallbackToLogsOnError | |
| image: docker.io/fbiville/webhook-3c14618f4fb7786b89063a08487ba07b@sha256:e6898e6012eae16a16c8fb87ec55c8fc7e6c442e343688a6edd37b1c944eec07 | |
| env: | |
| - name: SYSTEM_NAMESPACE | |
| valueFrom: | |
| fieldRef: | |
| fieldPath: metadata.namespace | |
| - name: CONFIG_LOGGING_NAME | |
| value: config-logging | |
| - name: METRICS_DOMAIN | |
| value: knative.dev/eventing | |
| - name: WEBHOOK_NAME | |
| value: registry-webhook | |
| ports: | |
| - containerPort: 9090 | |
| name: metrics | |
| # TODO set proper resource limits. | |
| readinessProbe: &probe | |
| periodSeconds: 1 | |
| httpGet: | |
| scheme: HTTPS | |
| port: 8443 | |
| httpHeaders: | |
| - name: k-kubelet-probe | |
| value: "webhook" | |
| livenessProbe: *probe | |
| --- | |
| apiVersion: v1 | |
| kind: Service | |
| metadata: | |
| labels: | |
| eventing.knative.dev/release: devel | |
| role: registry-webhook | |
| name: registry-webhook | |
| namespace: knative-sources | |
| spec: | |
| ports: | |
| - name: https-webhook | |
| port: 443 | |
| targetPort: 8443 | |
| selector: | |
| role: registry-webhook | |
| --- | |
| # Copyright 2020 The Knative Authors | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # https://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, | |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| # See the License for the specific language governing permissions and | |
| # limitations under the License. | |
| apiVersion: v1 | |
| kind: ConfigMap | |
| metadata: | |
| name: config-leader-election-registry | |
| namespace: knative-sources | |
| labels: | |
| contrib.eventing.knative.dev/release: devel | |
| data: | |
| # An inactive but valid configuration follows; see example. | |
| resourceLock: "leases" | |
| leaseDuration: "15s" | |
| renewDeadline: "10s" | |
| retryPeriod: "2s" | |
| _example: | | |
| ################################ | |
| # # | |
| # EXAMPLE CONFIGURATION # | |
| # # | |
| ################################ | |
| # This block is not actually functional configuration, | |
| # but serves to illustrate the available configuration | |
| # options and document them in a way that is accessible | |
| # to users that `kubectl edit` this config map. | |
| # | |
| # These sample configuration options may be copied out of | |
| # this example block and unindented to be in the data block | |
| # to actually change the configuration. | |
| # resourceLock controls which API resource is used as the basis for the | |
| # leader election lock. Valid values are: | |
| # | |
| # - leases -> use the coordination API | |
| # - configmaps -> use configmaps | |
| # - endpoints -> use endpoints | |
| resourceLock: "leases" | |
| # leaseDuration is how long non-leaders will wait to try to acquire the | |
| # lock; 15 seconds is the value used by core kubernetes controllers. | |
| leaseDuration: "15s" | |
| # renewDeadline is how long a leader will try to renew the lease before | |
| # giving up; 10 seconds is the value used by core kubernetes controllers. | |
| renewDeadline: "10s" | |
| # retryPeriod is how long the leader election client waits between tries of | |
| # actions; 2 seconds is the value used by core kuberntes controllers. | |
| retryPeriod: "2s" | |
| # enabledComponents is a comma-delimited list of component names for which | |
| # leader election is enabled. Valid values are: | |
| # | |
| # - registry-controller | |
| enabledComponents: "registry-controller" | |
| --- | |
| # Copyright 2019 The Knative Authors | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # https://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, | |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| # See the License for the specific language governing permissions and | |
| # limitations under the License. | |
| apiVersion: v1 | |
| kind: ConfigMap | |
| metadata: | |
| name: config-logging | |
| namespace: knative-sources | |
| data: | |
| # Common configuration for all Knative codebase | |
| zap-logger-config: | | |
| { | |
| "level": "info", | |
| "development": false, | |
| "outputPaths": ["stdout"], | |
| "errorOutputPaths": ["stderr"], | |
| "encoding": "json", | |
| "encoderConfig": { | |
| "timeKey": "ts", | |
| "levelKey": "level", | |
| "nameKey": "logger", | |
| "callerKey": "caller", | |
| "messageKey": "msg", | |
| "stacktraceKey": "stacktrace", | |
| "lineEnding": "", | |
| "levelEncoder": "", | |
| "timeEncoder": "iso8601", | |
| "durationEncoder": "", | |
| "callerEncoder": "" | |
| } | |
| } | |
| # Log level overrides | |
| # For all components changes are be picked up immediately. | |
| loglevel.controller: "info" | |
| loglevel.webhook: "info" | |
| --- | |
| # Copyright 2019 The Knative Authors | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # https://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, | |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| # See the License for the specific language governing permissions and | |
| # limitations under the License. | |
| apiVersion: v1 | |
| kind: ConfigMap | |
| metadata: | |
| name: config-observability | |
| namespace: knative-sources | |
| data: | |
| _example: | | |
| ################################ | |
| # # | |
| # EXAMPLE CONFIGURATION # | |
| # # | |
| ################################ | |
| # This block is not actually functional configuration, | |
| # but serves to illustrate the available configuration | |
| # options and document them in a way that is accessible | |
| # to users that `kubectl edit` this config map. | |
| # | |
| # These sample configuration options may be copied out of | |
| # this example block and unindented to be in the data block | |
| # to actually change the configuration. | |
| # logging.enable-var-log-collection defaults to false. | |
| # A fluentd sidecar will be set up to collect var log if | |
| # this flag is true. | |
| logging.enable-var-log-collection: false | |
| # logging.fluentd-sidecar-image provides the fluentd sidecar image | |
| # to inject as a sidecar to collect logs from /var/log. | |
| # Must be presented if logging.enable-var-log-collection is true. | |
| logging.fluentd-sidecar-image: k8s.gcr.io/fluentd-elasticsearch:v2.0.4 | |
| # logging.fluentd-sidecar-output-config provides the configuration | |
| # for the fluentd sidecar, which will be placed into a configmap and | |
| # mounted into the fluentd sidecar image. | |
| logging.fluentd-sidecar-output-config: | | |
| # Parse json log before sending to Elastic Search | |
| <filter **> | |
| @type parser | |
| key_name log | |
| <parse> | |
| @type multi_format | |
| <pattern> | |
| format json | |
| time_key fluentd-time # fluentd-time is reserved for structured logs | |
| time_format %Y-%m-%dT%H:%M:%S.%NZ | |
| </pattern> | |
| <pattern> | |
| format none | |
| message_key log | |
| </pattern> | |
| </parse> | |
| </filter> | |
| # Send to Elastic Search | |
| <match **> | |
| @id elasticsearch | |
| @type elasticsearch | |
| @log_level info | |
| include_tag_key true | |
| # Elasticsearch service is in monitoring namespace. | |
| host elasticsearch-logging.knative-monitoring | |
| port 9200 | |
| logstash_format true | |
| <buffer> | |
| @type file | |
| path /var/log/fluentd-buffers/kubernetes.system.buffer | |
| flush_mode interval | |
| retry_type exponential_backoff | |
| flush_thread_count 2 | |
| flush_interval 5s | |
| retry_forever | |
| retry_max_interval 30 | |
| chunk_limit_size 2M | |
| queue_limit_length 8 | |
| overflow_action block | |
| </buffer> | |
| </match> | |
| # logging.revision-url-template provides a template to use for producing the | |
| # logging URL that is injected into the status of each Revision. | |
| # This value is what you might use the the Knative monitoring bundle, and provides | |
| # access to Kibana after setting up kubectl proxy. | |
| logging.revision-url-template: | | |
| http://localhost:8001/api/v1/namespaces/knative-monitoring/services/kibana-logging/proxy/app/kibana#/discover?_a=(query:(match:(kubernetes.labels.knative-dev%2FrevisionUID:(query:'${REVISION_UID}',type:phrase)))) | |
| # If non-empty, this enables queue proxy writing request logs to stdout. | |
| # The value determines the shape of the request logs and it must be a valid go text/template. | |
| # It is important to keep this as a single line. Multiple lines are parsed as separate entities | |
| # by most collection agents and will split the request logs into multiple records. | |
| # | |
| # The following fields and functions are available to the template: | |
| # | |
| # Request: An http.Request (see https://golang.org/pkg/net/http/#Request) | |
| # representing an HTTP request received by the server. | |
| # | |
| # Response: | |
| # struct { | |
| # Code int // HTTP status code (see https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml) | |
| # Size int // An int representing the size of the response. | |
| # Latency float64 // A float64 representing the latency of the response in seconds. | |
| # } | |
| # | |
| # Revision: | |
| # struct { | |
| # Name string // Knative revision name | |
| # Namespace string // Knative revision namespace | |
| # Service string // Knative service name | |
| # Configuration string // Knative configuration name | |
| # PodName string // Name of the pod hosting the revision | |
| # PodIP string // IP of the pod hosting the revision | |
| # } | |
| # | |
| logging.request-log-template: '{"httpRequest": {"requestMethod": "{{.Request.Method}}", "requestUrl": "{{js .Request.RequestURI}}", "requestSize": "{{.Request.ContentLength}}", "status": {{.Response.Code}}, "responseSize": "{{.Response.Size}}", "userAgent": "{{js .Request.UserAgent}}", "remoteIp": "{{js .Request.RemoteAddr}}", "serverIp": "{{.Revision.PodIP}}", "referer": "{{js .Request.Referer}}", "latency": "{{.Response.Latency}}s", "protocol": "{{.Request.Proto}}"}, "traceId": "{{index .Request.Header "X-B3-Traceid"}}"}' | |
| # metrics.backend-destination field specifies the system metrics destination. | |
| # It supports either prometheus (the default) or stackdriver. | |
| # Note: Using stackdriver will incur additional charges | |
| metrics.backend-destination: prometheus | |
| # metrics.request-metrics-backend-destination specifies the request metrics | |
| # destination. If non-empty, it enables queue proxy to send request metrics. | |
| # Currently supported values: prometheus, stackdriver. | |
| metrics.request-metrics-backend-destination: prometheus | |
| # metrics.stackdriver-project-id field specifies the stackdriver project ID. This | |
| # field is optional. When running on GCE, application default credentials will be | |
| # used if this field is not provided. | |
| metrics.stackdriver-project-id: "<your stackdriver project id>" | |
| # metrics.allow-stackdriver-custom-metrics indicates whether it is allowed to send metrics to | |
| # Stackdriver using "global" resource type and custom metric type if the | |
| # metrics are not supported by "knative_revision" resource type. Setting this | |
| # flag to "true" could cause extra Stackdriver charge. | |
| # If metrics.backend-destination is not Stackdriver, this is ignored. | |
| metrics.allow-stackdriver-custom-metrics: "false" | |
| --- |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment