Skip to content

Instantly share code, notes, and snippets.

@dharmit

dharmit/install.yaml

Created December 2, 2020 11:14
Show Gist options
  • Save dharmit/0e05be20e98c9271b2117acea7908cc2 to your computer and use it in GitHub Desktop.
Save dharmit/0e05be20e98c9271b2117acea7908cc2 to your computer and use it in GitHub Desktop.
Download ZIP
install Service Binding Operator v0.3.0 on minikube
Raw
install.yaml
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: servicebindings.operators.coreos.com
spec:
group: operators.coreos.com
names:
kind: ServiceBinding
listKind: ServiceBindingList
plural: servicebindings
shortNames:
- sbr
- sbrs
singular: servicebinding
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
description: ServiceBinding expresses intent to bind an operator-backed service
with an application workload.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ServiceBindingSpec defines the desired state of ServiceBinding
properties:
application:
description: Application is used to identify the application connecting
to the backing service operator.
properties:
bindingPath:
description: 'BindingPath refers to the paths in the application
workload''s schema where the binding workload would be referenced.
If BindingPath is not specified the default path locations is
going to be used. The default location for ContainersPath is
going to be: "spec.template.spec.containers" and if SecretPath
is not specified, the name of the secret object is not going to
be specified.'
properties:
containersPath:
description: 'ContainersPath defines the path to the corev1.Containers
reference If BindingPath is not specified, the default location
is going to be: "spec.template.spec.containers"'
type: string
secretPath:
description: 'SecretPath defines the path to a string field
where the name of the secret object is going to be assigned.
Note: The name of the secret object is same as that of the
name of SBR CR (metadata.name)'
type: string
type: object
group:
type: string
labelSelector:
description: A label selector is a label query over a set of resources.
The result of matchLabels and matchExpressions are ANDed. An empty
label selector matches all objects. A null label selector matches
no objects.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: A label selector requirement is a selector that
contains values, a key, and an operator that relates the
key and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
type: string
values:
description: values is an array of string values. If the
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a
strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
type: object
type: object
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
resource:
type: string
version:
type: string
required:
- group
- resource
- version
type: object
customEnvVar:
description: Custom env variables
items:
description: EnvVar represents an environment variable present in
a Container.
properties:
name:
description: Name of the environment variable. Must be a C_IDENTIFIER.
type: string
value:
description: 'Variable references $(VAR_NAME) are expanded using
the previous defined environment variables in the container
and any service environment variables. If a variable cannot
be resolved, the reference in the input string will be unchanged.
The $(VAR_NAME) syntax can be escaped with a double $$, ie:
$$(VAR_NAME). Escaped references will never be expanded, regardless
of whether the variable exists or not. Defaults to "".'
type: string
valueFrom:
description: Source for the environment variable's value. Cannot
be used if value is not empty.
properties:
configMapKeyRef:
description: Selects a key of a ConfigMap.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the ConfigMap or its key
must be defined
type: boolean
required:
- key
type: object
fieldRef:
description: 'Selects a field of the pod: supports metadata.name,
metadata.namespace, metadata.labels, metadata.annotations,
spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP.'
properties:
apiVersion:
description: Version of the schema the FieldPath is written
in terms of, defaults to "v1".
type: string
fieldPath:
description: Path of the field to select in the specified
API version.
type: string
required:
- fieldPath
type: object
resourceFieldRef:
description: 'Selects a resource of the container: only resources
limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage,
requests.cpu, requests.memory and requests.ephemeral-storage)
are currently supported.'
properties:
containerName:
description: 'Container name: required for volumes, optional
for env vars'
type: string
divisor:
description: Specifies the output format of the exposed
resources, defaults to "1"
type: string
resource:
description: 'Required: resource to select'
type: string
required:
- resource
type: object
secretKeyRef:
description: Selects a key of a secret in the pod's namespace
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
type: object
required:
- name
type: object
type: array
detectBindingResources:
description: DetectBindingResources is flag used to bind all non-bindable
variables from different subresources owned by backing operator CR.
type: boolean
envVarPrefix:
description: EnvVarPrefix is the prefix for environment variables
type: string
mountPathPrefix:
description: MountPathPrefix is the prefix for volume mount
type: string
services:
description: Services is used to identify multiple backing services.
items:
description: Service defines the selector based on resource name,
version, and resource kind
properties:
envVarPrefix:
type: string
group:
type: string
id:
type: string
kind:
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
namespace:
type: string
version:
type: string
required:
- group
- kind
- version
type: object
type: array
type: object
status:
description: ServiceBindingStatus defines the observed state of ServiceBinding
properties:
applications:
description: Applications contain all the applications filtered by name
or label
items:
description: BoundApplication defines the application workloads to
which the binding secret has injected.
properties:
group:
type: string
kind:
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
version:
type: string
required:
- group
- kind
- version
type: object
type: array
conditions:
description: Conditions describes the state of the operator's reconciliation
functionality.
items:
description: Condition represents the state of the operator's reconciliation
functionality.
properties:
lastHeartbeatTime:
format: date-time
type: string
lastTransitionTime:
format: date-time
type: string
message:
type: string
reason:
type: string
status:
type: string
type:
description: ConditionType is the state of the operator's reconciliation
functionality.
type: string
required:
- status
- type
type: object
type: array
secret:
description: Secret is the name of the intermediate secret
type: string
required:
- conditions
- secret
type: object
type: object
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: service-binding-operator
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: service-binding-operator
rules:
- apiGroups:
- ""
resources:
- pods
- services
- endpoints
- persistentvolumeclaims
- events
- configmaps
- secrets
- pods/log
verbs:
- '*'
- apiGroups:
- apps
resources:
- deployments
- daemonsets
- replicasets
- statefulsets
- deployments/finalizers
verbs:
- '*'
- apiGroups:
- apiextensions.k8s.io
resources:
- customresourcedefinitions
- customresourcedefinitions/status
verbs:
- get
- list
- patch
- watch
- apiGroups:
- monitoring.coreos.com
resources:
- servicemonitors
verbs:
- get
- create
- apiGroups:
- apps
resourceNames:
- service-binding-operator
resources:
- deployments/finalizers
verbs:
- update
- apiGroups:
- '*'
resources:
- '*'
verbs:
- get
- list
- watch
- update
- apiGroups:
- operators.coreos.com
resources:
- '*'
verbs:
- '*'
- apiGroups:
- serving.knative.dev
resources:
- services
verbs:
- '*'
- apiGroups:
- route.openshift.io
resources:
- routes
verbs:
- get
- list
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: service-binding-operator
subjects:
- kind: ServiceAccount
name: service-binding-operator
roleRef:
kind: Role
name: service-binding-operator
apiGroup: rbac.authorization.k8s.io
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: sbo-cluster-role
rules:
- apiGroups:
- operators.coreos.com
resources:
- '*'
verbs:
- 'list'
- apiGroups:
- apps.openshift.io
resources:
- "*"
verbs:
- "*"
- apiGroups:
- apiextensions.k8s.io
resources:
- customresourcedefinitions
- customresourcedefinitions/status
verbs:
- get
- list
- patch
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: sbo-cluster-role-binding
subjects:
- kind: ServiceAccount
name: service-binding-operator
namespace: default
roleRef:
kind: ClusterRole
name: sbo-cluster-role
apiGroup: rbac.authorization.k8s.io
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: service-binding-operator
spec:
replicas: 1
selector:
matchLabels:
name: service-binding-operator
template:
metadata:
labels:
name: service-binding-operator
spec:
serviceAccountName: service-binding-operator
containers:
- name: service-binding-operator
image: quay.io/redhat-developer/app-binding-operator:v0.3.0
command:
- service-binding-operator
imagePullPolicy: Always
env:
- name: WATCH_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: OPERATOR_NAME
value: "service-binding-operator"
---
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment