mml/sonobuoy-conformance.yaml

## sonobuoy-conformance.yaml
---
apiVersion: v1
kind: Namespace
metadata:
  name: sonobuoy
---
apiVersion: v1
kind: ServiceAccount
metadata:
  labels:
    component: sonobuoy
  name: sonobuoy-serviceaccount
  namespace: sonobuoy
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: cluster-admin-binding
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: User
  name: mml@google.com
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  labels:
    component: sonobuoy
  name: sonobuoy-serviceaccount
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: sonobuoy-serviceaccount
subjects:
- kind: ServiceAccount
  name: sonobuoy-serviceaccount
  namespace: sonobuoy
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
  labels:
    component: sonobuoy
  name: sonobuoy-serviceaccount
  namespace: sonobuoy
rules:
- apiGroups:
  - '*'
  resources:
  - '*'
  verbs:
  - '*'
---
apiVersion: v1
kind: ConfigMap
metadata:
  labels:
    component: sonobuoy
  name: sonobuoy-config-cm
  namespace: sonobuoy
data:
  config.json: |
    {
        "Description": "EXAMPLE",
        "Filters": {
            "LabelSelector": "",
            "Namespaces": ".*"
        },
        "PluginNamespace": "sonobuoy",
        "Plugins": [
            {
                "name": "e2e"
            }
        ],
        "Resources": [
            "ServerVersion"
        ],
        "ResultsDir": "/tmp/sonobuoy",
        "Server": {
            "advertiseaddress": "sonobuoy-master:8080",
            "bindaddress": "0.0.0.0",
            "bindport": 8080,
            "timeoutseconds": 3600
        },
        "Version": "v0.8.0"
    }
---
apiVersion: v1
kind: ConfigMap
metadata:
  labels:
    component: sonobuoy
  name: sonobuoy-plugins-cm
  namespace: sonobuoy
data:
  e2e.yaml: |
    driver: Job
    name: e2e
    resultType: e2e
    spec:
      containers:
      - env:
        - name: E2E_FOCUS
          value: '\[Conformance\]'
        image: gcr.io/heptio-images/kube-conformance:v1.8
        imagePullPolicy: Always
        name: e2e
        volumeMounts:
        - mountPath: /tmp/results
          name: results
      - command:
        - sh
        - -c
        - /sonobuoy worker global -v 5 --logtostderr
        env:
        - name: NODE_NAME
          valueFrom:
            fieldRef:
              apiVersion: v1
              fieldPath: spec.nodeName
        - name: RESULTS_DIR
          value: /tmp/results
        image: gcr.io/heptio-images/sonobuoy:latest
        imagePullPolicy: Always
        name: sonobuoy-worker
        volumeMounts:
        - mountPath: /etc/sonobuoy
          name: config
        - mountPath: /tmp/results
          name: results
      restartPolicy: Never
      serviceAccountName: sonobuoy-serviceaccount
      tolerations:
      - effect: NoSchedule
        key: node-role.kubernetes.io/master
        operator: Exists
      - key: CriticalAddonsOnly
        operator: Exists
      volumes:
      - emptyDir: {}
        name: results
      - configMap:
          name: __SONOBUOY_CONFIGMAP__
        name: config
---
apiVersion: v1
kind: Pod
metadata:
  labels:
    component: sonobuoy
    run: sonobuoy-master
    tier: analysis
  name: sonobuoy
  namespace: sonobuoy
spec:
  containers:
  - command:
    - /bin/bash
    - -c
    - /sonobuoy master --no-exit=true -v 3 --logtostderr
    env:
    - name: SONOBUOY_ADVERTISE_IP
      valueFrom:
        fieldRef:
          fieldPath: status.podIP
    image: gcr.io/heptio-images/sonobuoy:latest
    imagePullPolicy: Always
    name: kube-sonobuoy
    volumeMounts:
    - mountPath: /etc/sonobuoy
      name: sonobuoy-config-volume
    - mountPath: /etc/sonobuoy/plugins.d
      name: sonobuoy-plugins-volume
    - mountPath: /tmp/sonobuoy
      name: output-volume
  restartPolicy: Never
  serviceAccountName: sonobuoy-serviceaccount
  volumes:
  - configMap:
      name: sonobuoy-config-cm
    name: sonobuoy-config-volume
  - configMap:
      name: sonobuoy-plugins-cm
    name: sonobuoy-plugins-volume
  - emptyDir: {}
    name: output-volume
---
apiVersion: v1
kind: Service
metadata:
  labels:
    component: sonobuoy
    run: sonobuoy-master
  name: sonobuoy-master
  namespace: sonobuoy
spec:
  ports:
  - port: 8080
    protocol: TCP
    targetPort: 8080
  selector:
    run: sonobuoy-master
  type: ClusterIP
	---
	apiVersion: v1
	kind: Namespace
	metadata:
	name: sonobuoy
	---
	apiVersion: v1
	kind: ServiceAccount
	metadata:
	labels:
	component: sonobuoy
	name: sonobuoy-serviceaccount
	namespace: sonobuoy
	---
	apiVersion: rbac.authorization.k8s.io/v1beta1
	kind: ClusterRoleBinding
	metadata:
	name: cluster-admin-binding
	roleRef:
	apiGroup: rbac.authorization.k8s.io
	kind: ClusterRole
	name: cluster-admin
	subjects:
	- kind: User
	name: mml@google.com
	---
	apiVersion: rbac.authorization.k8s.io/v1beta1
	kind: ClusterRoleBinding
	metadata:
	labels:
	component: sonobuoy
	name: sonobuoy-serviceaccount
	roleRef:
	apiGroup: rbac.authorization.k8s.io
	kind: ClusterRole
	name: sonobuoy-serviceaccount
	subjects:
	- kind: ServiceAccount
	name: sonobuoy-serviceaccount
	namespace: sonobuoy
	---
	apiVersion: rbac.authorization.k8s.io/v1beta1
	kind: ClusterRole
	metadata:
	labels:
	component: sonobuoy
	name: sonobuoy-serviceaccount
	namespace: sonobuoy
	rules:
	- apiGroups:
	- '*'
	resources:
	- '*'
	verbs:
	- '*'
	---
	apiVersion: v1
	kind: ConfigMap
	metadata:
	labels:
	component: sonobuoy
	name: sonobuoy-config-cm
	namespace: sonobuoy
	data:
	config.json: \|
	{
	"Description": "EXAMPLE",
	"Filters": {
	"LabelSelector": "",
	"Namespaces": ".*"
	},
	"PluginNamespace": "sonobuoy",
	"Plugins": [
	{
	"name": "e2e"
	}
	],
	"Resources": [
	"ServerVersion"
	],
	"ResultsDir": "/tmp/sonobuoy",
	"Server": {
	"advertiseaddress": "sonobuoy-master:8080",
	"bindaddress": "0.0.0.0",
	"bindport": 8080,
	"timeoutseconds": 3600
	},
	"Version": "v0.8.0"
	}
	---
	apiVersion: v1
	kind: ConfigMap
	metadata:
	labels:
	component: sonobuoy
	name: sonobuoy-plugins-cm
	namespace: sonobuoy
	data:
	e2e.yaml: \|
	driver: Job
	name: e2e
	resultType: e2e
	spec:
	containers:
	- env:
	- name: E2E_FOCUS
	value: '\[Conformance\]'
	image: gcr.io/heptio-images/kube-conformance:v1.8
	imagePullPolicy: Always
	name: e2e
	volumeMounts:
	- mountPath: /tmp/results
	name: results
	- command:
	- sh
	- -c
	- /sonobuoy worker global -v 5 --logtostderr
	env:
	- name: NODE_NAME
	valueFrom:
	fieldRef:
	apiVersion: v1
	fieldPath: spec.nodeName
	- name: RESULTS_DIR
	value: /tmp/results
	image: gcr.io/heptio-images/sonobuoy:latest
	imagePullPolicy: Always
	name: sonobuoy-worker
	volumeMounts:
	- mountPath: /etc/sonobuoy
	name: config
	- mountPath: /tmp/results
	name: results
	restartPolicy: Never
	serviceAccountName: sonobuoy-serviceaccount
	tolerations:
	- effect: NoSchedule
	key: node-role.kubernetes.io/master
	operator: Exists
	- key: CriticalAddonsOnly
	operator: Exists
	volumes:
	- emptyDir: {}
	name: results
	- configMap:
	name: __SONOBUOY_CONFIGMAP__
	name: config
	---
	apiVersion: v1
	kind: Pod
	metadata:
	labels:
	component: sonobuoy
	run: sonobuoy-master
	tier: analysis
	name: sonobuoy
	namespace: sonobuoy
	spec:
	containers:
	- command:
	- /bin/bash
	- -c
	- /sonobuoy master --no-exit=true -v 3 --logtostderr
	env:
	- name: SONOBUOY_ADVERTISE_IP
	valueFrom:
	fieldRef:
	fieldPath: status.podIP
	image: gcr.io/heptio-images/sonobuoy:latest
	imagePullPolicy: Always
	name: kube-sonobuoy
	volumeMounts:
	- mountPath: /etc/sonobuoy
	name: sonobuoy-config-volume
	- mountPath: /etc/sonobuoy/plugins.d
	name: sonobuoy-plugins-volume
	- mountPath: /tmp/sonobuoy
	name: output-volume
	restartPolicy: Never
	serviceAccountName: sonobuoy-serviceaccount
	volumes:
	- configMap:
	name: sonobuoy-config-cm
	name: sonobuoy-config-volume
	- configMap:
	name: sonobuoy-plugins-cm
	name: sonobuoy-plugins-volume
	- emptyDir: {}
	name: output-volume
	---
	apiVersion: v1
	kind: Service
	metadata:
	labels:
	component: sonobuoy
	run: sonobuoy-master
	name: sonobuoy-master
	namespace: sonobuoy
	spec:
	ports:
	- port: 8080
	protocol: TCP
	targetPort: 8080
	selector:
	run: sonobuoy-master
	type: ClusterIP