apiVersion: v1 kind: Namespace metadata: labels: control-plane: controller-manager name: kubero-operator-system --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: kuberoapps.application.kubero.dev spec: group: application.kubero.dev names: kind: KuberoApp listKind: KuberoAppList plural: kuberoapps singular: kuberoapp scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: description: KuberoApp is the Schema for the kuberoapps API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: Spec defines the desired state of KuberoApp type: object x-kubernetes-preserve-unknown-fields: true status: description: Status defines the observed state of KuberoApp type: object x-kubernetes-preserve-unknown-fields: true type: object served: true storage: true subresources: status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: kuberobuilds.application.kubero.dev spec: group: application.kubero.dev names: kind: KuberoBuild listKind: KuberoBuildList plural: kuberobuilds singular: kuberobuild scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: description: KuberoBuild is the Schema for the kuberobuilds API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: Spec defines the desired state of KuberoBuild type: object x-kubernetes-preserve-unknown-fields: true status: description: Status defines the observed state of KuberoBuild type: object x-kubernetes-preserve-unknown-fields: true type: object served: true storage: true subresources: status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: kuberocouchdbs.application.kubero.dev spec: group: application.kubero.dev names: kind: KuberoCouchDB listKind: KuberoCouchDBList plural: kuberocouchdbs singular: kuberocouchdb scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: description: KuberoCouchDB is the Schema for the kuberocouchdbs API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: Spec defines the desired state of KuberoCouchDB type: object x-kubernetes-preserve-unknown-fields: true status: description: Status defines the observed state of KuberoCouchDB type: object x-kubernetes-preserve-unknown-fields: true type: object served: true storage: true subresources: status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: kuberoelasticsearches.application.kubero.dev spec: group: application.kubero.dev names: kind: KuberoElasticsearch listKind: KuberoElasticsearchList plural: kuberoelasticsearches singular: kuberoelasticsearch scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: description: KuberoElasticsearch is the Schema for the kuberoelasticsearches API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: Spec defines the desired state of KuberoElasticsearch type: object x-kubernetes-preserve-unknown-fields: true status: description: Status defines the observed state of KuberoElasticsearch type: object x-kubernetes-preserve-unknown-fields: true type: object served: true storage: true subresources: status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: kuberoes.application.kubero.dev spec: group: application.kubero.dev names: kind: Kubero listKind: KuberoList plural: kuberoes singular: kubero scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: description: Kubero is the Schema for the kuberoes API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: Spec defines the desired state of Kubero type: object x-kubernetes-preserve-unknown-fields: true status: description: Status defines the observed state of Kubero type: object x-kubernetes-preserve-unknown-fields: true type: object served: true storage: true subresources: status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: kuberokafkas.application.kubero.dev spec: group: application.kubero.dev names: kind: KuberoKafka listKind: KuberoKafkaList plural: kuberokafkas singular: kuberokafka scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: description: KuberoKafka is the Schema for the kuberokafkas API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: Spec defines the desired state of KuberoKafka type: object x-kubernetes-preserve-unknown-fields: true status: description: Status defines the observed state of KuberoKafka type: object x-kubernetes-preserve-unknown-fields: true type: object served: true storage: true subresources: status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: kuberomails.application.kubero.dev spec: group: application.kubero.dev names: kind: KuberoMail listKind: KuberoMailList plural: kuberomails singular: kuberomail scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: description: KuberoMail is the Schema for the kuberomails API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: Spec defines the desired state of KuberoMail type: object x-kubernetes-preserve-unknown-fields: true status: description: Status defines the observed state of KuberoMail type: object x-kubernetes-preserve-unknown-fields: true type: object served: true storage: true subresources: status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: kuberomemcacheds.application.kubero.dev spec: group: application.kubero.dev names: kind: KuberoMemcached listKind: KuberoMemcachedList plural: kuberomemcacheds singular: kuberomemcached scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: description: KuberoMemcached is the Schema for the kuberomemcacheds API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: Spec defines the desired state of KuberoMemcached type: object x-kubernetes-preserve-unknown-fields: true status: description: Status defines the observed state of KuberoMemcached type: object x-kubernetes-preserve-unknown-fields: true type: object served: true storage: true subresources: status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: kuberomongodbs.application.kubero.dev spec: group: application.kubero.dev names: kind: KuberoMongoDB listKind: KuberoMongoDBList plural: kuberomongodbs singular: kuberomongodb scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: description: KuberoMongoDB is the Schema for the kuberomongodbs API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: Spec defines the desired state of KuberoMongoDB type: object x-kubernetes-preserve-unknown-fields: true status: description: Status defines the observed state of KuberoMongoDB type: object x-kubernetes-preserve-unknown-fields: true type: object served: true storage: true subresources: status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: kuberomysqls.application.kubero.dev spec: group: application.kubero.dev names: kind: KuberoMysql listKind: KuberoMysqlList plural: kuberomysqls singular: kuberomysql scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: description: KuberoMysql is the Schema for the kuberomysqls API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: Spec defines the desired state of KuberoMysql type: object x-kubernetes-preserve-unknown-fields: true status: description: Status defines the observed state of KuberoMysql type: object x-kubernetes-preserve-unknown-fields: true type: object served: true storage: true subresources: status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: kuberopipelines.application.kubero.dev spec: group: application.kubero.dev names: kind: KuberoPipeline listKind: KuberoPipelineList plural: kuberopipelines singular: kuberopipeline scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: description: KuberoPipeline is the Schema for the kuberopipelines API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: Spec defines the desired state of KuberoPipeline type: object x-kubernetes-preserve-unknown-fields: true status: description: Status defines the observed state of KuberoPipeline type: object x-kubernetes-preserve-unknown-fields: true type: object served: true storage: true subresources: status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: kuberopostgresqls.application.kubero.dev spec: group: application.kubero.dev names: kind: KuberoPostgresql listKind: KuberoPostgresqlList plural: kuberopostgresqls singular: kuberopostgresql scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: description: KuberoPostgresql is the Schema for the kuberopostgresqls API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: Spec defines the desired state of KuberoPostgresql type: object x-kubernetes-preserve-unknown-fields: true status: description: Status defines the observed state of KuberoPostgresql type: object x-kubernetes-preserve-unknown-fields: true type: object served: true storage: true subresources: status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: kuberoprometheuses.application.kubero.dev spec: group: application.kubero.dev names: kind: KuberoPrometheus listKind: KuberoPrometheusList plural: kuberoprometheuses singular: kuberoprometheus scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: description: KuberoPrometheus is the Schema for the kuberoprometheuses API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: Spec defines the desired state of KuberoPrometheus type: object x-kubernetes-preserve-unknown-fields: true status: description: Status defines the observed state of KuberoPrometheus type: object x-kubernetes-preserve-unknown-fields: true type: object served: true storage: true subresources: status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: kuberorabbitmqs.application.kubero.dev spec: group: application.kubero.dev names: kind: KuberoRabbitMQ listKind: KuberoRabbitMQList plural: kuberorabbitmqs singular: kuberorabbitmq scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: description: KuberoRabbitMQ is the Schema for the kuberorabbitmqs API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: Spec defines the desired state of KuberoRabbitMQ type: object x-kubernetes-preserve-unknown-fields: true status: description: Status defines the observed state of KuberoRabbitMQ type: object x-kubernetes-preserve-unknown-fields: true type: object served: true storage: true subresources: status: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: kuberoredis.application.kubero.dev spec: group: application.kubero.dev names: kind: KuberoRedis listKind: KuberoRedisList plural: kuberoredis singular: kuberoredis scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: description: KuberoRedis is the Schema for the kuberoredis API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: Spec defines the desired state of KuberoRedis type: object x-kubernetes-preserve-unknown-fields: true status: description: Status defines the observed state of KuberoRedis type: object x-kubernetes-preserve-unknown-fields: true type: object served: true storage: true subresources: status: {} --- apiVersion: v1 kind: ServiceAccount metadata: name: kubero-operator-controller-manager namespace: kubero-operator-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: kubero-operator-leader-election-role namespace: kubero-operator-system rules: - apiGroups: - "" resources: - configmaps verbs: - get - list - watch - create - update - patch - delete - apiGroups: - coordination.k8s.io resources: - leases verbs: - get - list - watch - create - update - patch - delete - apiGroups: - "" resources: - events verbs: - create - patch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: kubero-operator-manager-role rules: - apiGroups: - "" resources: - namespaces verbs: - get - apiGroups: - "" - apps resources: - configmaps - secrets verbs: - '*' - apiGroups: - "" resources: - events verbs: - create - apiGroups: - rbac.authorization.k8s.io - "" resources: - roles - clusterroles - clusterrolebindings - rolebindings - secrets - deployments - namespaces - services - ingresses verbs: - '*' - apiGroups: - application.kubero.dev resources: - kuberoapps - kuberoapps/status - kuberoapps/finalizers verbs: - create - delete - get - list - patch - update - watch - apiGroups: - "" resources: - serviceaccounts - services verbs: - '*' - apiGroups: - apps - "" resources: - deployments - serviceaccounts verbs: - '*' - apiGroups: - autoscaling resources: - horizontalpodautoscalers verbs: - '*' - apiGroups: - networking.k8s.io - "" resources: - ingresses - rolebindings - services - jobs verbs: - '*' - apiGroups: - batch resources: - cronjobs verbs: - create - delete - get - list - patch - update - watch - apiGroups: - opstreelabs.in resources: - mongodbs verbs: - '*' - apiGroups: - redis.redis.opstreelabs.in resources: - redis - redisclusters verbs: - '*' - apiGroups: - postgres-operator.crunchydata.com resources: - postgresclusters verbs: - '*' - apiGroups: - minio.min.io resources: - tenants verbs: - '*' - apiGroups: - charts.operatorhub.io resources: - cockroachdbs verbs: - '*' - apiGroups: - apiextensions.k8s.io resources: - customresourcedefinitions verbs: - '*' - apiGroups: - networking.cfargotunnel.com resources: - tunnels - tunnelbindings verbs: - '*' - apiGroups: - clickhouse.altinity.com resources: - clickhouseinstallations verbs: - '*' - apiGroups: - application.kubero.dev resources: - kuberoes - kuberoes/status - kuberoes/finalizers verbs: - create - delete - get - list - patch - update - watch - apiGroups: - apps resources: - deployments verbs: - '*' - apiGroups: - "" resources: - serviceaccounts - services - persistentvolumeclaims - persistentvolumes - persistentvolumeclaims/finalizers - persistentvolumes/finalizers verbs: - '*' - apiGroups: - operators.coreos.com resources: - clusterserviceversions verbs: - '*' - apiGroups: - cert-manager.io resources: - certificates verbs: - '*' - apiGroups: - application.kubero.dev resources: - kuberopipelines - kuberopipelines/status - kuberopipelines/finalizers verbs: - create - delete - get - list - patch - update - watch - apiGroups: - "" resources: - serviceaccounts - services verbs: - '*' - apiGroups: - apps resources: - deployments verbs: - '*' - apiGroups: - "" resources: - namespaces - secrets verbs: - '*' - apiGroups: - application.kubero.dev resources: - kuberomysqls - kuberomysqls/status - kuberomysqls/finalizers verbs: - create - delete - get - list - patch - update - watch - apiGroups: - apps resources: - statefulsets verbs: - '*' - apiGroups: - "" resources: - secrets - configmaps - serviceaccounts - services - persistentvolumeclaims - persistentvolumes verbs: - '*' - apiGroups: - policy resources: - poddisruptionbudgets verbs: - '*' - apiGroups: - networking.k8s.io resources: - networkpolicies verbs: - '*' - apiGroups: - rbac.authorization.k8s.io resources: - roles - rolebindings verbs: - '*' - apiGroups: - application.kubero.dev resources: - kuberopostgresqls - kuberopostgresqls/status - kuberopostgresqls/finalizers verbs: - create - delete - get - list - patch - update - watch - apiGroups: - apps resources: - statefulsets verbs: - '*' - apiGroups: - "" resources: - secrets - configmaps - serviceaccounts - services - persistentvolumeclaims - persistentvolumes verbs: - '*' - apiGroups: - policy resources: - poddisruptionbudgets verbs: - '*' - apiGroups: - networking.k8s.io resources: - networkpolicies verbs: - '*' - apiGroups: - rbac.authorization.k8s.io resources: - roles - rolebindings verbs: - '*' - apiGroups: - application.kubero.dev resources: - kuberoredis - kuberoredis/status - kuberoredis/finalizers verbs: - create - delete - get - list - patch - update - watch - apiGroups: - apps resources: - statefulsets verbs: - '*' - apiGroups: - "" resources: - secrets - configmaps - serviceaccounts - services - persistentvolumeclaims - persistentvolumes verbs: - '*' - apiGroups: - policy resources: - poddisruptionbudgets verbs: - '*' - apiGroups: - networking.k8s.io resources: - networkpolicies verbs: - '*' - apiGroups: - rbac.authorization.k8s.io resources: - roles - rolebindings verbs: - '*' - apiGroups: - application.kubero.dev resources: - kuberomongodbs - kuberomongodbs/status - kuberomongodbs/finalizers verbs: - create - delete - get - list - patch - update - watch - apiGroups: - apps resources: - statefulsets verbs: - '*' - apiGroups: - "" resources: - secrets - configmaps - serviceaccounts - services - persistentvolumeclaims - persistentvolumes verbs: - '*' - apiGroups: - policy resources: - poddisruptionbudgets verbs: - '*' - apiGroups: - networking.k8s.io resources: - networkpolicies verbs: - '*' - apiGroups: - rbac.authorization.k8s.io resources: - roles - rolebindings verbs: - '*' - apiGroups: - application.kubero.dev resources: - kuberoelasticsearches - kuberoelasticsearches/status - kuberoelasticsearches/finalizers verbs: - create - delete - get - list - patch - update - watch - apiGroups: - apps resources: - statefulsets verbs: - '*' - apiGroups: - "" resources: - secrets - configmaps - serviceaccounts - services - persistentvolumeclaims - persistentvolumes verbs: - '*' - apiGroups: - policy resources: - poddisruptionbudgets verbs: - '*' - apiGroups: - networking.k8s.io resources: - networkpolicies verbs: - '*' - apiGroups: - rbac.authorization.k8s.io resources: - roles - rolebindings verbs: - '*' - apiGroups: - application.kubero.dev resources: - kuberocouchdbs - kuberocouchdbs/status - kuberocouchdbs/finalizers verbs: - create - delete - get - list - patch - update - watch - apiGroups: - apps resources: - statefulsets verbs: - '*' - apiGroups: - "" resources: - secrets - configmaps - serviceaccounts - services - persistentvolumeclaims - persistentvolumes verbs: - '*' - apiGroups: - policy resources: - poddisruptionbudgets verbs: - '*' - apiGroups: - networking.k8s.io resources: - networkpolicies verbs: - '*' - apiGroups: - rbac.authorization.k8s.io resources: - roles - rolebindings verbs: - '*' - apiGroups: - application.kubero.dev resources: - kuberokafkas - kuberokafkas/status - kuberokafkas/finalizers verbs: - create - delete - get - list - patch - update - watch - apiGroups: - apps resources: - deployments - statefulsets verbs: - '*' - apiGroups: - "" resources: - secrets - configmaps - serviceaccounts - services - persistentvolumeclaims - persistentvolumes verbs: - '*' - apiGroups: - job resources: - batch verbs: - '*' - apiGroups: - policy resources: - poddisruptionbudgets verbs: - '*' - apiGroups: - networking.k8s.io resources: - networkpolicies verbs: - '*' - apiGroups: - rbac.authorization.k8s.io resources: - roles - rolebindings verbs: - '*' - apiGroups: - application.kubero.dev resources: - kuberomails - kuberomails/status - kuberomails/finalizers verbs: - create - delete - get - list - patch - update - watch - apiGroups: - "" resources: - serviceaccounts - services verbs: - '*' - apiGroups: - apps resources: - deployments verbs: - '*' - apiGroups: - application.kubero.dev resources: - kuberorabbitmqs - kuberorabbitmqs/status - kuberorabbitmqs/finalizers verbs: - create - delete - get - list - patch - update - watch - apiGroups: - apps resources: - deployments verbs: - '*' - apiGroups: - "" resources: - serviceaccounts - services verbs: - '*' - apiGroups: - application.kubero.dev resources: - kuberomemcacheds - kuberomemcacheds/status - kuberomemcacheds/finalizers verbs: - create - delete - get - list - patch - update - watch - apiGroups: - "" resources: - serviceaccounts - services verbs: - '*' - apiGroups: - apps resources: - deployments verbs: - '*' - apiGroups: - application.kubero.dev resources: - kuberoprometheuses - kuberoprometheuses/status - kuberoprometheuses/finalizers verbs: - create - delete - get - list - patch - update - watch - apiGroups: - "" resources: - serviceaccounts - services verbs: - '*' - apiGroups: - apps resources: - deployments verbs: - '*' - apiGroups: - "" resources: - clusterrolebindings verbs: - '*' - apiGroups: - application.kubero.dev resources: - kuberobuilds - kuberobuilds/status - kuberobuilds/finalizers verbs: - create - delete - get - list - patch - update - watch - apiGroups: - batch resources: - jobs verbs: - '*' - apiGroups: - "" resources: - pods verbs: - '*' --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: kubero-operator-metrics-reader rules: - nonResourceURLs: - /metrics verbs: - get --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: kubero-operator-proxy-role rules: - apiGroups: - authentication.k8s.io resources: - tokenreviews verbs: - create - apiGroups: - authorization.k8s.io resources: - subjectaccessreviews verbs: - create --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: kubero-operator-leader-election-rolebinding namespace: kubero-operator-system roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: kubero-operator-leader-election-role subjects: - kind: ServiceAccount name: kubero-operator-controller-manager namespace: kubero-operator-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: kubero-operator-manager-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: kubero-operator-manager-role subjects: - kind: ServiceAccount name: kubero-operator-controller-manager namespace: kubero-operator-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: kubero-operator-proxy-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: kubero-operator-proxy-role subjects: - kind: ServiceAccount name: kubero-operator-controller-manager namespace: kubero-operator-system --- apiVersion: v1 data: controller_manager_config.yaml: | apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 kind: ControllerManagerConfig health: healthProbeBindAddress: :8081 metrics: bindAddress: 127.0.0.1:8080 leaderElection: leaderElect: true resourceName: 811c9dc5.kubero.dev kind: ConfigMap metadata: name: kubero-operator-manager-config namespace: kubero-operator-system --- apiVersion: v1 kind: Service metadata: labels: control-plane: controller-manager name: kubero-operator-controller-manager-metrics-service namespace: kubero-operator-system spec: ports: - name: https port: 8443 protocol: TCP targetPort: https selector: control-plane: controller-manager --- apiVersion: apps/v1 kind: Deployment metadata: labels: control-plane: controller-manager name: kubero-operator-controller-manager namespace: kubero-operator-system spec: replicas: 1 selector: matchLabels: control-plane: controller-manager template: metadata: annotations: kubectl.kubernetes.io/default-container: manager labels: control-plane: controller-manager spec: containers: - args: - --secure-listen-address=0.0.0.0:8443 - --upstream=http://127.0.0.1:8080/ - --logtostderr=true - --v=0 image: gcr.io/kubebuilder/kube-rbac-proxy:v0.11.0 name: kube-rbac-proxy ports: - containerPort: 8443 name: https protocol: TCP resources: limits: cpu: 500m memory: 128Mi requests: cpu: 5m memory: 64Mi - args: - --health-probe-bind-address=:8081 - --metrics-bind-address=127.0.0.1:8080 - --leader-elect - --leader-election-id=kubero-operator - --zap-log-level=info image: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.1.6 livenessProbe: httpGet: path: /healthz port: 8081 initialDelaySeconds: 15 periodSeconds: 20 name: manager readinessProbe: httpGet: path: /readyz port: 8081 initialDelaySeconds: 5 periodSeconds: 10 resources: limits: cpu: 1000m memory: 1Gi requests: cpu: 100m memory: 64Mi securityContext: allowPrivilegeEscalation: false securityContext: runAsNonRoot: true serviceAccountName: kubero-operator-controller-manager terminationGracePeriodSeconds: 10