apiVersion: v1 kind: Namespace metadata: labels: control-plane: controller-manager name: kubexpose-operator-system --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.4.1 creationTimestamp: null name: kubexposes.kubexpose.kubexpose.io spec: group: kubexpose.kubexpose.io names: kind: Kubexpose listKind: KubexposeList plural: kubexposes singular: kubexpose scope: Namespaced versions: - name: v1 schema: openAPIV3Schema: description: Kubexpose is the Schema for the kubexposes API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: KubexposeSpec defines the desired state of Kubexpose properties: port: type: integer sourceDeployment: description: will be used to create the Service type: string targetNamespace: type: string required: - port - sourceDeployment - targetNamespace type: object status: description: KubexposeStatus defines the observed state of Kubexpose properties: url: description: 'INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run "make" to regenerate code after modifying this file' type: string required: - url type: object type: object served: true storage: true subresources: status: {} status: acceptedNames: kind: "" plural: "" conditions: [] storedVersions: [] --- apiVersion: v1 kind: ServiceAccount metadata: name: kubexpose-operator-controller-manager namespace: kubexpose-operator-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: kubexpose-operator-leader-election-role namespace: kubexpose-operator-system rules: - apiGroups: - "" resources: - configmaps verbs: - get - list - watch - create - update - patch - delete - apiGroups: - coordination.k8s.io resources: - leases verbs: - get - list - watch - create - update - patch - delete - apiGroups: - "" resources: - events verbs: - create - patch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: creationTimestamp: null name: kubexpose-operator-manager-role rules: - apiGroups: - apps resources: - deployments verbs: - create - delete - get - list - patch - update - watch - apiGroups: - "" resources: - pods verbs: - create - delete - get - list - patch - update - watch - apiGroups: - "" resources: - pods/exec verbs: - create - apiGroups: - "" resources: - services verbs: - create - delete - get - list - patch - update - watch - apiGroups: - kubexpose.kubexpose.io resources: - kubexposes verbs: - create - delete - get - list - patch - update - watch - apiGroups: - kubexpose.kubexpose.io resources: - kubexposes/finalizers verbs: - update - apiGroups: - kubexpose.kubexpose.io resources: - kubexposes/status verbs: - get - patch - update --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: kubexpose-operator-metrics-reader rules: - nonResourceURLs: - /metrics verbs: - get --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: kubexpose-operator-proxy-role rules: - apiGroups: - authentication.k8s.io resources: - tokenreviews verbs: - create - apiGroups: - authorization.k8s.io resources: - subjectaccessreviews verbs: - create --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: kubexpose-operator-leader-election-rolebinding namespace: kubexpose-operator-system roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: kubexpose-operator-leader-election-role subjects: - kind: ServiceAccount name: kubexpose-operator-controller-manager namespace: kubexpose-operator-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: kubexpose-operator-manager-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: kubexpose-operator-manager-role subjects: - kind: ServiceAccount name: kubexpose-operator-controller-manager namespace: kubexpose-operator-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: kubexpose-operator-proxy-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: kubexpose-operator-proxy-role subjects: - kind: ServiceAccount name: kubexpose-operator-controller-manager namespace: kubexpose-operator-system --- apiVersion: v1 data: controller_manager_config.yaml: | apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 kind: ControllerManagerConfig health: healthProbeBindAddress: :8081 metrics: bindAddress: 127.0.0.1:8080 webhook: port: 9443 leaderElection: leaderElect: true resourceName: 2a9da821.kubexpose.io kind: ConfigMap metadata: name: kubexpose-operator-manager-config namespace: kubexpose-operator-system --- apiVersion: v1 kind: Service metadata: labels: control-plane: controller-manager name: kubexpose-operator-controller-manager-metrics-service namespace: kubexpose-operator-system spec: ports: - name: https port: 8443 targetPort: https selector: control-plane: controller-manager --- apiVersion: apps/v1 kind: Deployment metadata: labels: control-plane: controller-manager name: kubexpose-operator-controller-manager namespace: kubexpose-operator-system spec: replicas: 1 selector: matchLabels: control-plane: controller-manager template: metadata: labels: control-plane: controller-manager spec: containers: - args: - --secure-listen-address=0.0.0.0:8443 - --upstream=http://127.0.0.1:8080/ - --logtostderr=true - --v=10 image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 name: kube-rbac-proxy ports: - containerPort: 8443 name: https - args: - --health-probe-bind-address=:8081 - --metrics-bind-address=127.0.0.1:8080 - --leader-elect command: - /manager image: abhirockzz/kubexpose:latest livenessProbe: httpGet: path: /healthz port: 8081 initialDelaySeconds: 15 periodSeconds: 20 name: manager readinessProbe: httpGet: path: /readyz port: 8081 initialDelaySeconds: 5 periodSeconds: 10 resources: limits: cpu: 100m memory: 30Mi requests: cpu: 100m memory: 20Mi securityContext: allowPrivilegeEscalation: false securityContext: runAsNonRoot: true serviceAccountName: kubexpose-operator-controller-manager terminationGracePeriodSeconds: 10