Import first batch of Edge 3.1 packages

Signed-off-by: Nicolas Belouin <nicolas.belouin@suse.com>
This commit is contained in:
Nicolas Belouin 2024-10-17 14:11:42 +02:00
parent fdcd84b482
commit 18bd432874
107 changed files with 5810 additions and 0 deletions

86
.obs/add_package.py Executable file
View File

@ -0,0 +1,86 @@
#!/usr/bin/env python3
import yaml
import subprocess
import argparse
import os
import os.path
from common import PROJECT, REPOSITORY, BRANCH
def add_package_to_workflow(name: str):
modified = False
with open(".obs/workflows.yml", "r") as wf_file:
workflows = yaml.safe_load(wf_file)
if not any(
x
for x in workflows["staging_build"]["steps"]
if x["branch_package"]["source_package"] == name
):
workflows["staging_build"]["steps"].append(
{
"branch_package": {
"source_project": PROJECT,
"target_project": f"{PROJECT}:Staging",
"source_package": name,
}
}
)
modified = True
if not any(
x
for x in workflows["refresh_factory"]["steps"]
if x["trigger_services"]["package"] == name
):
workflows["refresh_factory"]["steps"].append(
{
"trigger_services": {
"project": PROJECT,
"package": name,
}
}
)
modified = True
if modified:
with open(".obs/workflows.yml", "w") as wf_file:
yaml.dump(workflows, wf_file)
def add_package_to_project(name: str):
package_meta = f"""<package name="{name}" project="{PROJECT}">
<title/>
<description/>
<scmsync>{REPOSITORY}?subdir={name}#{BRANCH}</scmsync>
</package>"""
p = subprocess.run(["osc", "meta", "pkg", "-F", "-", PROJECT, name], input=package_meta, encoding='utf-8' , stdout=subprocess.PIPE)
print(p.stdout)
print(p.stderr)
p.check_returncode()
def add_package(package_name: str):
if "/" in package_name:
print("invalid package name")
os.exit(1)
if not os.path.isdir(package_name):
print("package doesn't exist in this directory")
os.exit(1)
add_package_to_project(package_name)
add_package_to_workflow(package_name)
def main():
parser = argparse.ArgumentParser(prog="add_package")
parser.add_argument("package")
args = parser.parse_args()
add_package(args.package)
print("Package created in OBS, you can now push the modified workflow file")
if __name__ == '__main__':
main()

3
.obs/common.py Normal file
View File

@ -0,0 +1,3 @@
PROJECT = "isv:SUSE:Edge:Factory"
REPOSITORY = "https://src.opensuse.org/suse-edge/Factory"
BRANCH = "main"

56
.obs/delete_package.py Executable file
View File

@ -0,0 +1,56 @@
#!/usr/bin/env python3
import yaml
import subprocess
import argparse
import os
import os.path
from common import PROJECT
def delete_package_from_workflow(name: str):
with open(".obs/workflows.yml", "r") as wf_file:
workflows = yaml.safe_load(wf_file)
workflows["staging_build"]["steps"] = [
x
for x in workflows["staging_build"]["steps"]
if x["branch_package"]["source_package"] != name
]
workflows["refresh_factory"]["steps"] = [
x
for x in workflows["refresh_factory"]["steps"]
if x["trigger_services"]["package"] != name
]
with open(".obs/workflows.yml", "w") as wf_file:
yaml.dump(workflows, wf_file)
def delete_package_from_project(name: str):
p = subprocess.run(["osc", "rdelete", PROJECT, name], stdout=subprocess.PIPE)
print(p.stdout)
print(p.stderr)
p.check_returncode()
def delete_package(package_name: str):
if "/" in package_name:
print("invalid package name")
os.exit(1)
delete_package_from_project(package_name)
delete_package_from_workflow(package_name)
def main():
parser = argparse.ArgumentParser(prog="delete_package")
parser.add_argument("package")
args = parser.parse_args()
delete_package(args.package)
print("Package deleted in OBS, you can now push the modified workflow file")
if __name__ == '__main__':
main()

44
.obs/sync_packages.py Normal file
View File

@ -0,0 +1,44 @@
import argparse
import subprocess
import pathlib
from typing import Set
import add_package
import delete_package
from common import PROJECT
def get_obs_packages() -> Set[str]:
packages = subprocess.run(["osc", "ls", PROJECT], encoding='utf-8' , capture_output=True)
return set(packages.stdout.splitlines())
def get_local_packages() -> Set[str]:
p = pathlib.Path('.')
return {x.name for x in p.iterdir() if x.is_dir() if not x.name.startswith('.')}
def main():
parser = argparse.ArgumentParser(prog="sync_packages")
parser.add_argument('--dry-run', action="store_true")
args = parser.parse_args()
local_packages = get_local_packages()
obs_packages = get_obs_packages()
packages_to_add = local_packages - obs_packages
packages_to_delete = obs_packages - local_packages
for p in packages_to_add:
print(f"Adding {p}")
if not args.dry_run:
add_package.add_package(p)
for p in packages_to_delete:
print(f"Removing {p}")
if not args.dry_run:
delete_package.delete_package(p)
print("Package synced in OBS, you can now push the modified workflow file")
if __name__ == '__main__':
main()

213
.obs/workflows.yml Normal file
View File

@ -0,0 +1,213 @@
refresh_factory:
filters:
branches:
only: main
event: push
steps:
- trigger_services:
package: endpoint-copier-operator
project: isv:SUSE:Edge:Factory
- trigger_services:
package: endpoint-copier-operator-image
project: isv:SUSE:Edge:Factory
- trigger_services:
package: endpoint-copier-operator-chart
project: isv:SUSE:Edge:Factory
- trigger_services:
package: akri
project: isv:SUSE:Edge:Factory
- trigger_services:
package: akri-agent-image
project: isv:SUSE:Edge:Factory
- trigger_services:
package: akri-chart
project: isv:SUSE:Edge:Factory
- trigger_services:
package: akri-controller-image
project: isv:SUSE:Edge:Factory
- trigger_services:
package: akri-dashboard-extension-chart
project: isv:SUSE:Edge:Factory
- trigger_services:
package: akri-debug-echo-discovery-handler-image
project: isv:SUSE:Edge:Factory
- trigger_services:
package: akri-onvif-discovery-handler-image
project: isv:SUSE:Edge:Factory
- trigger_services:
package: akri-opcua-discovery-handler-image
project: isv:SUSE:Edge:Factory
- trigger_services:
package: akri-udev-discovery-handler-image
project: isv:SUSE:Edge:Factory
- trigger_services:
package: akri-webhook-configuration-image
project: isv:SUSE:Edge:Factory
- trigger_services:
package: obs-service-set_version
project: isv:SUSE:Edge:Factory
- trigger_services:
package: cosign
project: isv:SUSE:Edge:Factory
- trigger_services:
package: frr-k8s
project: isv:SUSE:Edge:Factory
- trigger_services:
package: cluster-api
project: isv:SUSE:Edge:Factory
- trigger_services:
package: cluster-api-operator
project: isv:SUSE:Edge:Factory
- trigger_services:
package: kubectl
project: isv:SUSE:Edge:Factory
- trigger_services:
package: upgrade-controller
project: isv:SUSE:Edge:Factory
- trigger_services:
package: cluster-api-provider-rke2
project: isv:SUSE:Edge:Factory
- trigger_services:
package: nm-configurator
project: isv:SUSE:Edge:Factory
- trigger_services:
package: kube-rbac-proxy
project: isv:SUSE:Edge:Factory
- trigger_services:
package: edge-image-builder
project: isv:SUSE:Edge:Factory
- trigger_services:
package: metallb
project: isv:SUSE:Edge:Factory
- trigger_services:
package: hauler
project: isv:SUSE:Edge:Factory
- trigger_services:
package: ip-address-manager
project: isv:SUSE:Edge:Factory
- trigger_services:
package: baremetal-operator
project: isv:SUSE:Edge:Factory
- trigger_services:
package: cluster-api-provider-metal3
project: isv:SUSE:Edge:Factory
staging_build:
filters:
event: pull_request
steps:
- branch_package:
source_package: endpoint-copier-operator
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: endpoint-copier-operator-image
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: endpoint-copier-operator-chart
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: akri
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: akri-agent-image
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: akri-chart
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: akri-controller-image
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: akri-dashboard-extension-chart
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: akri-debug-echo-discovery-handler-image
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: akri-onvif-discovery-handler-image
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: akri-opcua-discovery-handler-image
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: akri-udev-discovery-handler-image
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: akri-webhook-configuration-image
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: obs-service-set_version
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: cosign
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: frr-k8s
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: cluster-api
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: cluster-api-operator
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: kubectl
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: upgrade-controller
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: cluster-api-provider-rke2
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: nm-configurator
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: kube-rbac-proxy
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: edge-image-builder
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: metallb
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: hauler
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: ip-address-manager
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: baremetal-operator
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging
- branch_package:
source_package: cluster-api-provider-metal3
source_project: isv:SUSE:Edge:Factory
target_project: isv:SUSE:Edge:Factory:Staging

View File

@ -0,0 +1,34 @@
#!BuildTag: akri-agent:latest
#!BuildTag: akri-agent:v%PACKAGE_VERSION%
#!BuildTag: akri-agent:v%PACKAGE_VERSION%-%RELEASE%
ARG SLE_VERSION
FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base
COPY --from=micro / /installroot/
RUN zypper --installroot /installroot --non-interactive install --no-recommends akri-agent
FROM micro AS final
# Define labels according to https://en.opensuse.org/Building_derived_containers
# labelprefix=com.suse.application.akri
LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
LABEL org.opencontainers.image.title="SLE Akri Agent Container Image"
LABEL org.opencontainers.image.description="akri-agent based on the SLE Base Container Image."
LABEL org.opencontainers.image.version="%PACKAGE_VERSION%"
LABEL org.opencontainers.image.url="https://www.suse.com/solutions/edge-computing/"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.vendor="SUSE LLC"
LABEL org.opensuse.reference="%%IMG_REPO%%/akri-agent:v%PACKAGE_VERSION%-%RELEASE%"
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL com.suse.supportlevel="techpreview"
LABEL com.suse.eula="SUSE Combined EULA February 2024"
LABEL com.suse.lifecycle-url="https://www.suse.com/lifecycle"
LABEL com.suse.image-type="application"
LABEL com.suse.release-stage="released"
# endlabelprefix
COPY --from=base /installroot /
ENV RUST_LOG agent,akri_debug_echo,akri_discovery_utils,akri_onvif,akri_opcua,akri_shared,akri_udev\
,controller,debug_echo_discovery_handler,onvif_discovery_handler,opcua_discovery_handler,udev_discovery_handler
ENTRYPOINT [ "/usr/bin/agent" ]

15
akri-agent-image/_service Normal file
View File

@ -0,0 +1,15 @@
<services>
<service name="kiwi_metainfo_helper" mode="buildtime"/>
<service name="docker_label_helper" mode="buildtime"/>
<service name="replace_using_package_version" mode="buildtime">
<param name="file">Dockerfile</param>
<param name="regex">%PACKAGE_VERSION%</param>
<param name="package">akri-agent</param>
<param name="parse-version">patch</param>
</service>
<service name="replace_using_env" mode="buildtime">
<param name="file">Dockerfile</param>
<param name="eval">IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo)</param>
<param name="var">IMG_REPO</param>
</service>
</services>

11
akri-chart/Chart.yaml Normal file
View File

@ -0,0 +1,11 @@
#!BuildTag: akri-chart:0.12.20
#!BuildTag: akri-chart:0.12.20-%RELEASE%
annotations:
catalog.cattle.io/display-name: Akri
apiVersion: v2
appVersion: 0.12.20
description: A Helm chart for Akri
icon: https://raw.githubusercontent.com/project-akri/akri-docs/main/art/icon/akri-icon-light.svg
name: akri
type: application
version: 0.12.20

8
akri-chart/_service Normal file
View File

@ -0,0 +1,8 @@
<services>
<service mode="buildtime" name="kiwi_metainfo_helper"/>
<service name="replace_using_env" mode="buildtime">
<param name="file">values.yaml</param>
<param name="eval">IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo)</param>
<param name="var">IMG_REPO</param>
</service>
</services>

5
akri-chart/app-readme.md Normal file
View File

@ -0,0 +1,5 @@
WARNING: [TESTING]
Akri lets you easily expose heterogeneous leaf devices (such as IP cameras and USB devices) as resources in a Kubernetes cluster, while also supporting the exposure of embedded hardware resources such as GPUs and FPGAs. Akri continually detects nodes that have access to these devices and schedules workloads based on them.
Simply put: you name it, Akri finds it, you use it.

View File

@ -0,0 +1,117 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: configurations.akri.sh
spec:
group: akri.sh
versions:
- name: v0
served: true
storage: true
schema:
openAPIV3Schema:
type: object
properties:
spec:
type: object
properties:
discoveryHandler: # {{DiscoveryHandlerInfo}}
type: object
properties:
name:
type: string
discoveryDetails:
type: string
discoveryProperties:
nullable: true
type: array
items: # {{DiscoveryProperty}}
type: object
required:
- name
properties:
name:
type: string
pattern: "^[_A-Za-z][_A-Za-z0-9]*$"
value:
type: string
nullable: true
valueFrom:
type: object
properties:
secretKeyRef:
type: object
required:
- name
properties:
key:
type: string
name:
type: string
namespace:
type: string
optional:
type: boolean
configMapKeyRef:
type: object
required:
- name
properties:
key:
type: string
name:
type: string
namespace:
type: string
optional:
type: boolean
oneOf:
- properties:
required: ["secretKeyRef"]
- properties:
required: ["configMapKeyRef"]
oneOf:
- properties:
required: ["value"]
- properties:
required: ["valueFrom"]
capacity:
type: integer
brokerSpec: # {{BrokerSpec}}
type: object
properties:
brokerJobSpec: # {{JobSpec}}
x-kubernetes-preserve-unknown-fields: true
type: object
nullable: true
brokerPodSpec: # {{PodSpec}}
x-kubernetes-preserve-unknown-fields: true
type: object
nullable: true
instanceServiceSpec: # {{ServiceSpec}}
x-kubernetes-preserve-unknown-fields: true
type: object
nullable: true
configurationServiceSpec: # {{ServiceSpec}}
x-kubernetes-preserve-unknown-fields: true
type: object
nullable: true
brokerProperties: # map<string, string>
additionalProperties:
type: string
type: object
additionalPrinterColumns:
- name: Capacity
type: string
description: The capacity for each Instance discovered
jsonPath: .spec.capacity
- name: Age
type: date
jsonPath: .metadata.creationTimestamp
scope: Namespaced
names:
plural: configurations
singular: configuration
kind: Configuration
shortNames:
- akric

View File

@ -0,0 +1,56 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: instances.akri.sh
spec:
group: akri.sh
versions:
- name: v0
served: true
storage: true
schema:
openAPIV3Schema:
type: object
properties:
spec:
type: object
properties:
configurationName:
type: string
brokerProperties:
additionalProperties:
type: string
type: object
shared:
type: boolean
nodes:
type: array
items:
type: string
deviceUsage: # map<string, string>
additionalProperties:
type: string
type: object
additionalPrinterColumns:
- name: Config
type: string
description: The Configuration this Instance belongs to
jsonPath: .spec.configurationName
- name: Shared
type: boolean
description: Describes whether this Instance is shared
jsonPath: .spec.shared
- name: Nodes
type: string
description: Nodes that expose this Instance
jsonPath: .spec.nodes
- name: Age
type: date
jsonPath: .metadata.creationTimestamp
scope: Namespaced
names:
plural: instances
singular: instance
kind: Instance
shortNames:
- akrii

121
akri-chart/questions.yml Normal file
View File

@ -0,0 +1,121 @@
questions:
- variable: kubernetesDistro
default: "k8s"
label: Kubernetes Distribution
description: Select Kubernetes distribution so Akri can determine where the container runtime socket lives.
type: enum
options:
- k8s
- microk8s
- k3s
- Other
group: General
- variable: agent.host.containerRuntimeSocket
label: Container Runtime Socket
description: Akri depends on crictl to track some Pod information. In order to use it, the Agent must know where the container runtime socket lives.
show_if: "kubernetesDistro=Other"
type: string
group: General
- variable: useDevelopmentContainers
label: Use development containers
description: When enabled the non-release (*-dev) image tags will be used by default. This can be overridden if the tag is explicitly specified.
type: boolean
group: General
- variable: _imageDetails
label: Customize agent and controller images
default: false
type: boolean
group: General
show_subquestion_if: true
subquestions:
- variable: agent.image.repository
label: Akri agent image repository
type: string
- variable: agent.image.tag
label: Akri agent image tag
description: Akri agent container tag. agent.yaml will default to v(AppVersion)[-dev] with `-dev` added if `Use development containers` is enabled.
type: string
- variable: agent.image.pullPolicy
label: Akri agent image pull policy
type: enum
options:
- "IfNotPresent"
- "Always"
- "Never"
- variable: controller.image.repository
label: Akri controller image repository
type: string
- variable: controller.image.tag
label: Akri controller image tag
description: Akri controller container tag. controller.yaml will default to v(AppVersion)[-dev] with `-dev` added if `Use development containers` is enabled.
type: string
- variable: controller.image.pullPolicy
label: Akri controller image pull policy
type: enum
options:
- "IfNotPresent"
- "Always"
- "Never"
- variable: onvif.discovery.enabled
label: Enable ONVIF Discovery Handler
description: ONVIF is a standard used by many IP cameras.
type: boolean
group: "Discovery Handlers"
show_subquestion_if: true
subquestions:
- variable: onvif.discovery.image.repository
label: ONVIF handler image repository
type: string
- variable: onvif.discovery.image.tag
label: Image tag
description: onvif-configuration.yaml will default to v(AppVersion)[-dev] with `-dev` added if `Use development containers` is enabled.
type: string
- variable: onvif.discovery.image.pullPolicy
label: Image pull policy
type: enum
options:
- "IfNotPresent"
- "Always"
- "Never"
- variable: opcua.discovery.enabled
label: Enable OPC UA Discovery Handler
description: OPC UA (Open Platform Communications Unified Architecture) is a communication protocol for industrial automation.
type: boolean
group: "Discovery Handlers"
show_subquestion_if: true
subquestions:
- variable: opcua.discovery.image.repository
label: OPC UA handler image repository
type: string
- variable: opcua.discovery.image.tag
label: Image tag
description: opcua-configuration.yaml will default to v(AppVersion)[-dev] with `-dev` added if `Use development containers` is enabled.
type: string
- variable: opcua.discovery.image.pullPolicy
label: Image pull policy
type: enum
options:
- "IfNotPresent"
- "Always"
- "Never"
- variable: udev.discovery.enabled
label: Enable Udev Discovery Handler
description: Udev is the device manager for Linux. It manages device nodes in the /dev directory, such as microphones, security chips, usb cameras, and so on. Udev can be used to find devices that are attached to or embedded in Linux nodes.
type: boolean
group: "Discovery Handlers"
show_subquestion_if: true
subquestions:
- variable: udev.discovery.image.repository
label: Udev handler image repository
type: string
- variable: udev.discovery.image.tag
label: Image tag
description: udev-configuration.yaml will default to v(AppVersion)[-dev] with `-dev` added if `Use development containers` is enabled.
type: string
- variable: udev.discovery.image.pullPolicy
label: Image pull policy
type: enum
options:
- "IfNotPresent"
- "Always"
- "Never"

View File

@ -0,0 +1,6 @@
1. Get the Akri Controller:
kubectl get -o wide pods | grep controller
2. Get the Akri Agent(s):
kubectl get -o wide pods | grep agent
3. Get the Akri Configuration(s):
kubectl get -o wide akric

View File

@ -0,0 +1,63 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "akri.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "akri.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "akri.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "akri.labels" -}}
helm.sh/chart: {{ include "akri.chart" . }}
{{ include "akri.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "akri.selectorLabels" -}}
app.kubernetes.io/part-of: {{ include "akri.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "akri.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "akri.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

View File

@ -0,0 +1,129 @@
{{- if .Values.agent.enabled }}
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: akri-agent-daemonset
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-agent
app.kubernetes.io/component: agent
spec:
selector:
matchLabels: {{- include "akri.selectorLabels" . | nindent 6 }}
app.kubernetes.io/name: akri-agent
template:
metadata:
labels: {{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/name: akri-agent
app.kubernetes.io/component: agent
spec:
nodeSelector:
"kubernetes.io/os": linux
{{- if .Values.agent.nodeSelectors }}
{{- toYaml .Values.agent.nodeSelectors | nindent 8 }}
{{- end }}
{{- if .Values.rbac.enabled }}
serviceAccountName: 'akri-agent-sa'
{{- end }}
containers:
- name: akri-agent
{{- $repository := .Values.agent.image.repository -}}
{{- if .Values.useDevelopmentContainers }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:%s" $repository (default "latest-dev" .Values.agent.image.tag) | quote }}
{{- else }}
image: {{ printf "%s:%s" $repository (default (printf "v%s-dev" .Chart.AppVersion) .Values.agent.image.tag) | quote }}
{{- end }}
{{- else }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:%s" $repository (default "latest" .Values.agent.image.tag) | quote }}
{{- else }}
image: {{ printf "%s:%s" $repository (default (printf "v%s" .Chart.AppVersion) .Values.agent.image.tag) | quote }}
{{- end }}
{{- end }}
{{- with .Values.agent.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
resources:
requests:
memory: {{ .Values.agent.resources.memoryRequest }}
cpu: {{ .Values.agent.resources.cpuRequest }}
limits:
memory: {{ .Values.agent.resources.memoryLimit }}
cpu: {{ .Values.agent.resources.cpuLimit }}
{{- if .Values.agent.securityContext }}
securityContext:
{{- toYaml .Values.agent.securityContext | nindent 10 }}
{{- else }}
securityContext:
privileged: true
{{- end}}
env:
{{- if .Values.agent.allowDebugEcho }}
- name: ENABLE_DEBUG_ECHO
value: "1"
{{- /* environment variable to tell the Agent's embedded debug echo Discovery Handler whether its instances are shared */}}
- name: DEBUG_ECHO_INSTANCES_SHARED
value: {{ .Values.debugEcho.configuration.shared | quote }}
{{- end }}
- name: HOST_CRICTL_PATH
value: /usr/bin/crictl
- name: HOST_RUNTIME_ENDPOINT
value: unix:///host/run/containerd/containerd.sock
- name: HOST_IMAGE_ENDPOINT
value: unix:///host/run/containerd/containerd.sock
- name: AGENT_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: DISCOVERY_HANDLERS_DIRECTORY
value: /var/lib/akri
volumeMounts:
- name: discovery-handlers
mountPath: /var/lib/akri
- name: device-plugin
mountPath: /var/lib/kubelet/device-plugins
- name: var-run-dockershim
mountPath: /host/run/containerd/containerd.sock
{{- if .Values.agent.host.udev }}
- name: devices
mountPath: /run/udev
{{- end }}
{{- if .Values.prometheus.enabled }}
ports:
- name: {{ .Values.prometheus.portName | quote }}
containerPort: {{ .Values.prometheus.port }}
{{- end }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
- name: discovery-handlers
hostPath:
path: {{ .Values.agent.host.discoveryHandlers }}
- name: device-plugin
hostPath:
path: "{{ .Values.agent.host.kubeletDevicePlugins }}"
- name: var-run-dockershim
hostPath:
{{- if ne "" .Values.agent.host.containerRuntimeSocket }}
path: {{.Values.agent.host.containerRuntimeSocket }}
{{- else if eq .Values.kubernetesDistro "microk8s" }}
path: "/var/snap/microk8s/common/run/containerd.sock"
{{- else if eq .Values.kubernetesDistro "k3s" }}
path: "/run/k3s/containerd/containerd.sock"
{{- else if eq .Values.kubernetesDistro "k8s" }}
path: "/run/containerd/containerd.sock"
{{- else }}
# Please set container runtime socket by either selecting the appropriate K8s distro `kubernetesDistro=<k8s|k3s|microk8s>`
# or setting `agent.host.containerRuntimeSocket=/container/runtime.sock`.
# See https://docs.akri.sh/user-guide/cluster-setup for more information.
# Using K8s default "/run/containerd/containerd.sock" for now.
path: "/run/containerd/containerd.sock"
{{- end }}
{{- if .Values.agent.host.udev }}
- name: devices
hostPath:
path: "{{ .Values.agent.host.udev }}"
{{- end }}
{{- end }}

View File

@ -0,0 +1,75 @@
{{- if .Values.controller.enabled }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: akri-controller-deployment
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-controller
app.kubernetes.io/component: controller
spec:
replicas: 1
selector:
matchLabels: {{- include "akri.selectorLabels" . | nindent 6 }}
app.kubernetes.io/name: akri-controller
template:
metadata:
labels: {{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/name: akri-controller
app.kubernetes.io/component: controller
spec:
{{- if .Values.rbac.enabled }}
serviceAccountName: 'akri-controller-sa'
{{- end }}
containers:
- name: akri-controller
{{- if .Values.useDevelopmentContainers }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:%s" .Values.controller.image.repository (default "latest-dev" .Values.controller.image.tag) | quote }}
{{- else }}
image: {{ printf "%s:%s" .Values.controller.image.repository (default (printf "v%s-dev" .Chart.AppVersion) .Values.controller.image.tag) | quote }}
{{- end }}
{{- else }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:%s" .Values.controller.image.repository (default "latest" .Values.controller.image.tag) | quote }}
{{- else }}
image: {{ printf "%s:%s" .Values.controller.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.controller.image.tag) | quote }}
{{- end }}
{{- end }}
{{- with .Values.controller.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
{{- if .Values.controller.securityContext }}
securityContext:
{{- toYaml .Values.controller.securityContext | nindent 10 }}
{{- end}}
resources:
requests:
memory: {{ .Values.controller.resources.memoryRequest }}
cpu: {{ .Values.controller.resources.cpuRequest }}
limits:
memory: {{ .Values.controller.resources.memoryLimit }}
cpu: {{ .Values.controller.resources.cpuLimit }}
{{- if .Values.prometheus.enabled }}
ports:
- name: {{ .Values.prometheus.portName | quote }}
containerPort: {{ .Values.prometheus.port }}
{{- end }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.controller.allowOnControlPlane }}
tolerations:
{{- /* Allow this pod to run on the master. */}}
- key: node-role.kubernetes.io/master
effect: NoSchedule
{{- end }}
nodeSelector:
{{- if .Values.controller.onlyOnControlPlane }}
node-role.kubernetes.io/master: ""
{{- end }}
"kubernetes.io/os": linux
{{- if .Values.controller.nodeSelectors }}
{{- toYaml .Values.controller.nodeSelectors | nindent 8 }}
{{- end }}
{{- end }}

View File

@ -0,0 +1,148 @@
{{- if .Values.custom.configuration.enabled }}
apiVersion: {{ printf "%s/%s" .Values.crds.group .Values.crds.version }}
kind: Configuration
metadata:
name: {{ .Values.custom.configuration.name }}
spec:
discoveryHandler:
name: {{ required "A custom.configuration.discoveryHandlerName is required." .Values.custom.configuration.discoveryHandlerName }}
discoveryDetails: {{ .Values.custom.configuration.discoveryDetails | quote }}
{{- if or .Values.custom.configuration.brokerPod.image.repository .Values.custom.configuration.brokerJob.image.repository }}
{{- /* Only add brokerSpec if a broker image is provided */}}
brokerSpec:
{{- if .Values.custom.configuration.brokerPod.image.repository }}
brokerPodSpec:
containers:
- name: {{ .Values.custom.configuration.name }}-broker
image: {{ printf "%s:%s" .Values.custom.configuration.brokerPod.image.repository .Values.custom.configuration.brokerPod.image.tag | quote }}
{{- with .Values.custom.configuration.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
{{- if .Values.custom.configuration.brokerPod.env }}
env:
{{- range $key, $val := .Values.custom.configuration.brokerPod.env }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
{{- end }}
{{- if .Values.custom.configuration.brokerPod.envFrom }}
envFrom:
{{- range $val := .Values.custom.configuration.brokerPod.envFrom.secretRef }}
- secretRef:
name: {{ $val | quote }}
{{- end }}
{{- range $val := .Values.custom.configuration.brokerPod.envFrom.configMapRef }}
- configMapRef:
name: {{ $val | quote }}
{{- end }}
{{- end }}
resources:
requests:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.custom.configuration.brokerPod.resources.memoryRequest }}
cpu: {{ .Values.custom.configuration.brokerPod.resources.cpuRequest }}
limits:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.custom.configuration.brokerPod.resources.memoryLimit }}
cpu: {{ .Values.custom.configuration.brokerPod.resources.cpuLimit }}
{{- with .Values.custom.configuration.brokerPod.volumeMounts}}
volumeMounts:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.custom.configuration.brokerPod.volumes}}
volumes:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- else }}
brokerJobSpec:
template:
spec:
containers:
- name: {{ .Values.custom.configuration.name }}-broker
image: {{ printf "%s:%s" .Values.custom.configuration.brokerJob.image.repository .Values.custom.configuration.brokerPod.image.tag | quote }}
{{- if .Values.custom.configuration.brokerJob.command }}
command:
{{- toYaml .Values.custom.configuration.brokerJob.command | nindent 14 }}
{{- end }}
{{- with .Values.custom.configuration.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
{{- if .Values.custom.configuration.brokerJob.env }}
env:
{{- range $key, $val := .Values.custom.configuration.brokerJob.env }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
{{- end }}
{{- if .Values.custom.configuration.brokerJob.envFrom }}
envFrom:
{{- range $val := .Values.custom.configuration.brokerJob.envFrom.secretRef }}
- secretRef:
name: {{ $val | quote }}
{{- end }}
{{- range $val := .Values.custom.configuration.brokerJob.envFrom.configMapRef }}
- configMapRef:
name: {{ $val | quote }}
{{- end }}
{{- end }}
resources:
requests:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.custom.configuration.brokerJob.resources.memoryRequest }}
cpu: {{ .Values.custom.configuration.brokerJob.resources.cpuRequest }}
limits:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.custom.configuration.brokerJob.resources.memoryLimit }}
cpu: {{ .Values.custom.configuration.brokerJob.resources.cpuLimit }}
{{- with .Values.custom.configuration.brokerJob.volumeMounts}}
volumeMounts:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.custom.configuration.brokerJob.volumes}}
volumes:
{{- toYaml . | nindent 10 }}
{{- end }}
restartPolicy: {{ .Values.custom.configuration.brokerJob.restartPolicy }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 10 }}
{{- end }}
backoffLimit: {{ .Values.custom.configuration.brokerJob.backoffLimit }}
parallelism: {{ .Values.custom.configuration.brokerJob.parallelism }}
completions: {{ .Values.custom.configuration.brokerJob.completions }}
{{- end }}
{{- end }}
{{- if .Values.custom.configuration.brokerPod.image.repository }}
{{- if .Values.custom.configuration.createInstanceServices }}
instanceServiceSpec:
type: {{ .Values.custom.configuration.instanceService.type }}
ports:
- name: {{ .Values.custom.configuration.instanceService.name }}
port: {{ .Values.custom.configuration.instanceService.port }}
protocol: {{ .Values.custom.configuration.instanceService.protocol }}
targetPort: {{ .Values.custom.configuration.instanceService.targetPort }}
{{- end }}
{{- if .Values.custom.configuration.createConfigurationService }}
configurationServiceSpec:
type: {{ .Values.custom.configuration.configurationService.type }}
ports:
- name: {{ .Values.custom.configuration.configurationService.name }}
port: {{ .Values.custom.configuration.configurationService.port }}
protocol: {{ .Values.custom.configuration.configurationService.protocol }}
targetPort: {{ .Values.custom.configuration.configurationService.port }}
{{- end }}
{{- end }}
{{- if .Values.custom.configuration.brokerProperties }}
brokerProperties:
{{- range $key, $val := .Values.custom.configuration.brokerProperties }}
{{- $key | nindent 4 }}: {{ $val | quote }}
{{- end }}
{{- else }}
brokerProperties: {}
{{- end }}
capacity: {{ .Values.custom.configuration.capacity }}
{{- end }}

View File

@ -0,0 +1,66 @@
{{- if .Values.custom.discovery.enabled }}
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: {{ printf "%s-daemonset" .Values.custom.discovery.name }}
{{- if .Values.custom.discovery.discoveryHandlerName }}
annotations:
akri.sh/discoveryHandlerName: {{ .Values.custom.discovery.discoveryHandlerName }}
{{- end }}
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: {{ .Values.custom.discovery.name }}
app.kubernetes.io/component: discovery-handler
spec:
selector:
matchLabels: {{- include "akri.selectorLabels" . | nindent 6 }}
app.kubernetes.io/name: {{ .Values.custom.discovery.name }}
template:
metadata:
labels: {{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/name: {{ .Values.custom.discovery.name }}
app.kubernetes.io/component: discovery-handler
spec:
containers:
- name: {{ .Values.custom.discovery.name }}
image: {{ printf "%s:%s" (required "A custom.discovery.image.repository is required." .Values.custom.discovery.image.repository) .Values.custom.discovery.image.tag | quote }}
{{- with .Values.custom.discovery.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end}}
resources:
requests:
memory: {{ .Values.custom.discovery.resources.memoryRequest }}
cpu: {{ .Values.custom.discovery.resources.cpuRequest }}
limits:
memory: {{ .Values.custom.discovery.resources.memoryLimit }}
cpu: {{ .Values.custom.discovery.resources.cpuLimit }}
{{- if .Values.custom.discovery.useNetworkConnection }}
ports:
- name: discovery
containerPort: {{ .Values.custom.discovery.port }}
{{- end }}
env:
{{- if .Values.custom.discovery.useNetworkConnection }}
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
{{- end }}
- name: DISCOVERY_HANDLERS_DIRECTORY
value: /var/lib/akri
volumeMounts:
- name: discovery-handlers
mountPath: /var/lib/akri
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
nodeSelector:
"kubernetes.io/os": linux
{{- if .Values.custom.discovery.nodeSelectors }}
{{- toYaml .Values.custom.discovery.nodeSelectors | nindent 8 }}
{{- end }}
volumes:
- name: discovery-handlers
hostPath:
path: {{ .Values.agent.host.discoveryHandlers }}
{{- end }}

View File

@ -0,0 +1,154 @@
{{- if .Values.debugEcho.configuration.enabled }}
apiVersion: {{ printf "%s/%s" .Values.crds.group .Values.crds.version }}
kind: Configuration
metadata:
name: {{ .Values.debugEcho.configuration.name }}
spec:
discoveryHandler:
name: debugEcho
discoveryDetails: |+
{{- if .Values.debugEcho.configuration.discoveryDetails.descriptions }}
descriptions:
{{- toYaml .Values.debugEcho.configuration.discoveryDetails.descriptions | nindent 6 }}
{{- else }}
descriptions: []
{{- end }}
{{- if or .Values.debugEcho.configuration.brokerPod.image.repository .Values.debugEcho.configuration.brokerJob.image.repository }}
{{- /* Only add brokerSpec if a broker image is provided */}}
brokerSpec:
{{- if .Values.debugEcho.configuration.brokerPod.image.repository }}
brokerPodSpec:
containers:
- name: {{ .Values.debugEcho.configuration.name }}-broker
image: {{ printf "%s:%s" .Values.debugEcho.configuration.brokerPod.image.repository .Values.debugEcho.configuration.brokerPod.image.tag | quote }}
{{- with .Values.debugEcho.configuration.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
{{- if .Values.debugEcho.configuration.brokerPod.env }}
env:
{{- range $key, $val := .Values.debugEcho.configuration.brokerPod.env }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
{{- end }}
{{- if .Values.debugEcho.configuration.brokerPod.envFrom }}
envFrom:
{{- range $val := .Values.debugEcho.configuration.brokerPod.envFrom.secretRef }}
- secretRef:
name: {{ $val | quote }}
{{- end }}
{{- range $val := .Values.debugEcho.configuration.brokerPod.envFrom.configMapRef }}
- configMapRef:
name: {{ $val | quote }}
{{- end }}
{{- end }}
resources:
requests:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.debugEcho.configuration.brokerPod.resources.memoryRequest }}
cpu: {{ .Values.debugEcho.configuration.brokerPod.resources.cpuRequest }}
limits:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.debugEcho.configuration.brokerPod.resources.memoryLimit }}
cpu: {{ .Values.debugEcho.configuration.brokerPod.resources.cpuLimit }}
{{- with .Values.debugEcho.configuration.brokerPod.volumeMounts}}
volumeMounts:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.debugEcho.configuration.brokerPod.volumes}}
volumes:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- else }}
brokerJobSpec:
template:
spec:
containers:
- name: {{ .Values.debugEcho.configuration.name }}-broker
image: {{ printf "%s:%s" .Values.debugEcho.configuration.brokerJob.image.repository .Values.debugEcho.configuration.brokerPod.image.tag | quote }}
{{- if .Values.debugEcho.configuration.brokerJob.command }}
command:
{{- toYaml .Values.debugEcho.configuration.brokerJob.command | nindent 14 }}
{{- end }}
{{- with .Values.debugEcho.configuration.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
{{- if .Values.debugEcho.configuration.brokerJob.env }}
env:
{{- range $key, $val := .Values.debugEcho.configuration.brokerJob.env }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
{{- end }}
{{- if .Values.debugEcho.configuration.brokerJob.envFrom }}
envFrom:
{{- range $val := .Values.debugEcho.configuration.brokerJob.envFrom.secretRef }}
- secretRef:
name: {{ $val | quote }}
{{- end }}
{{- range $val := .Values.debugEcho.configuration.brokerJob.envFrom.configMapRef }}
- configMapRef:
name: {{ $val | quote }}
{{- end }}
{{- end }}
resources:
requests:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.debugEcho.configuration.brokerJob.resources.memoryRequest }}
cpu: {{ .Values.debugEcho.configuration.brokerJob.resources.cpuRequest }}
limits:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.debugEcho.configuration.brokerJob.resources.memoryLimit }}
cpu: {{ .Values.debugEcho.configuration.brokerJob.resources.cpuLimit }}
{{- with .Values.debugEcho.configuration.brokerJob.volumeMounts}}
volumeMounts:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.debugEcho.configuration.brokerJob.volumes}}
volumes:
{{- toYaml . | nindent 10 }}
{{- end }}
restartPolicy: {{ .Values.debugEcho.configuration.brokerJob.restartPolicy }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 10 }}
{{- end }}
backoffLimit: {{ .Values.debugEcho.configuration.brokerJob.backoffLimit }}
parallelism: {{ .Values.debugEcho.configuration.brokerJob.parallelism }}
completions: {{ .Values.debugEcho.configuration.brokerJob.completions }}
{{- end }}
{{- end }}
{{- if or .Values.debugEcho.configuration.brokerPod.image.repository .Values.debugEcho.configuration.brokerJob.image.repository }}
{{- if .Values.debugEcho.configuration.createInstanceServices }}
instanceServiceSpec:
type: {{ .Values.debugEcho.configuration.instanceService.type }}
ports:
- name: {{ .Values.debugEcho.configuration.instanceService.name }}
port: {{ .Values.debugEcho.configuration.instanceService.port }}
protocol: {{ .Values.debugEcho.configuration.instanceService.protocol }}
targetPort: {{ .Values.debugEcho.configuration.instanceService.targetPort }}
{{- end }}
{{- if .Values.debugEcho.configuration.createConfigurationService }}
configurationServiceSpec:
type: {{ .Values.debugEcho.configuration.configurationService.type }}
ports:
- name: {{ .Values.debugEcho.configuration.configurationService.name }}
port: {{ .Values.debugEcho.configuration.configurationService.port }}
protocol: {{ .Values.debugEcho.configuration.configurationService.protocol }}
targetPort: {{ .Values.debugEcho.configuration.configurationService.port }}
{{- end }}
{{- end }}
{{- if .Values.debugEcho.configuration.brokerProperties }}
brokerProperties:
{{- range $key, $val := .Values.debugEcho.configuration.brokerProperties }}
{{- $key | nindent 4 }}: {{ $val | quote }}
{{- end }}
{{- else }}
brokerProperties: {}
{{- end }}
capacity: {{ .Values.debugEcho.configuration.capacity }}
{{- end }}

View File

@ -0,0 +1,78 @@
{{- if .Values.debugEcho.discovery.enabled }}
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: akri-debug-echo-discovery-daemonset
annotations:
akri.sh/discoveryHandlerName: debugEcho
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-debug-echo-discovery
app.kubernetes.io/component: discovery-handler
spec:
selector:
matchLabels: {{- include "akri.selectorLabels" . | nindent 6 }}
app.kubernetes.io/name: akri-debug-echo-discovery
template:
metadata:
labels: {{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/name: akri-debug-echo-discovery
app.kubernetes.io/component: discovery-handler
spec:
containers:
- name: akri-debug-echo-discovery
{{- if .Values.useDevelopmentContainers }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:%s" .Values.debugEcho.discovery.image.repository (default "latest-dev" .Values.debugEcho.discovery.image.tag) | quote }}
{{- else }}
image: {{ printf "%s:%s" .Values.debugEcho.discovery.image.repository (default (printf "v%s-dev" .Chart.AppVersion) .Values.debugEcho.discovery.image.tag) | quote }}
{{- end }}
{{- else }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:%s" .Values.debugEcho.discovery.image.repository (default "latest" .Values.debugEcho.discovery.image.tag) | quote }}
{{- else }}
image: {{ printf "%s:%s" .Values.debugEcho.discovery.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.debugEcho.discovery.image.tag) | quote }}
{{- end }}
{{- end }}
{{- with .Values.debugEcho.discovery.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end}}
resources:
requests:
memory: {{ .Values.debugEcho.discovery.resources.memoryRequest }}
cpu: {{ .Values.debugEcho.discovery.resources.cpuRequest }}
limits:
memory: {{ .Values.debugEcho.discovery.resources.memoryLimit }}
cpu: {{ .Values.debugEcho.discovery.resources.cpuLimit }}
{{- if .Values.debugEcho.discovery.useNetworkConnection }}
ports:
- name: discovery
containerPort: {{ .Values.debugEcho.discovery.port }}
{{- end }}
env:
{{- if .Values.debugEcho.discovery.useNetworkConnection }}
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
{{- end }}
- name: DISCOVERY_HANDLERS_DIRECTORY
value: /var/lib/akri
- name: DEBUG_ECHO_INSTANCES_SHARED
value: {{ .Values.debugEcho.configuration.shared | quote }}
volumeMounts:
- name: discovery-handlers
mountPath: /var/lib/akri
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
nodeSelector:
"kubernetes.io/os": linux
{{- if .Values.debugEcho.discovery.nodeSelectors }}
{{- toYaml .Values.debugEcho.discovery.nodeSelectors | nindent 8 }}
{{- end }}
volumes:
- name: discovery-handlers
hostPath:
path: {{ .Values.agent.host.discoveryHandlers }}
{{- end }}

View File

@ -0,0 +1,225 @@
{{- if .Values.onvif.configuration.enabled }}
apiVersion: {{ printf "%s/%s" .Values.crds.group .Values.crds.version }}
kind: Configuration
metadata:
name: {{ .Values.onvif.configuration.name }}
spec:
discoveryHandler:
name: onvif
discoveryDetails: |+
ipAddresses:
action: {{ .Values.onvif.configuration.discoveryDetails.ipAddresses.action }}
{{- if .Values.onvif.configuration.discoveryDetails.ipAddresses.items}}
items:
{{- toYaml .Values.onvif.configuration.discoveryDetails.ipAddresses.items | nindent 8 }}
{{- else }}
items: []
{{- end }}
macAddresses:
action: {{ .Values.onvif.configuration.discoveryDetails.macAddresses.action }}
{{- if .Values.onvif.configuration.discoveryDetails.macAddresses.items}}
items:
{{- toYaml .Values.onvif.configuration.discoveryDetails.macAddresses.items | nindent 8 }}
{{- else }}
items: []
{{- end }}
scopes:
action: {{ .Values.onvif.configuration.discoveryDetails.scopes.action }}
{{- if .Values.onvif.configuration.discoveryDetails.scopes.items}}
items:
{{- toYaml .Values.onvif.configuration.discoveryDetails.scopes.items | nindent 8 }}
{{- else }}
items: []
{{- end }}
uuids:
action: {{ .Values.onvif.configuration.discoveryDetails.uuids.action }}
{{- if .Values.onvif.configuration.discoveryDetails.uuids.items}}
items:
{{- toYaml .Values.onvif.configuration.discoveryDetails.uuids.items | nindent 8 }}
{{- else }}
items: []
{{- end }}
discoveryTimeoutSeconds: {{ .Values.onvif.configuration.discoveryDetails.discoveryTimeoutSeconds }}
{{- if .Values.onvif.configuration.discoveryProperties}}
discoveryProperties:
{{- range $property := .Values.onvif.configuration.discoveryProperties }}
- name: {{ $property.name }}
{{- if $property.valueFrom }}
valueFrom:
{{- if $property.valueFrom.secretKeyRef }}
secretKeyRef:
name: {{ $property.valueFrom.secretKeyRef.name }}
{{- if $property.valueFrom.secretKeyRef.namespace }}
namespace: {{ $property.valueFrom.secretKeyRef.namespace }}
{{- end }}
{{- if $property.valueFrom.secretKeyRef.key }}
key: {{ $property.valueFrom.secretKeyRef.key }}
{{- end }}
{{- if hasKey $property.valueFrom.secretKeyRef "optional" }}
optional: {{ $property.valueFrom.secretKeyRef.optional }}
{{- end }}
{{- else if $property.valueFrom.configMapKeyRef}}
configMapKeyRef:
name: {{ $property.valueFrom.configMapKeyRef.name }}
{{- if $property.valueFrom.configMapKeyRef.namespace }}
namespace: {{ $property.valueFrom.configMapKeyRef.namespace }}
{{- end }}
{{- if $property.valueFrom.configMapKeyRef.key }}
key: {{ $property.valueFrom.configMapKeyRef.key }}
{{- end }}
{{- if hasKey $property.valueFrom.configMapKeyRef "optional" }}
optional: {{ $property.configMapKeyRef.optional }}
{{- end }}
{{- end }}
{{- else }}
value: {{ $property.value | quote }}
{{- end }}
{{- end }}
{{- end }}
{{- if or .Values.onvif.configuration.brokerPod.image.repository .Values.onvif.configuration.brokerJob.image.repository }}
{{- /* Only add brokerSpec if a broker image is provided */}}
brokerSpec:
{{- if .Values.onvif.configuration.brokerPod.image.repository }}
brokerPodSpec:
containers:
- name: {{ .Values.onvif.configuration.name }}-broker
image: {{ printf "%s:%s" .Values.onvif.configuration.brokerPod.image.repository .Values.onvif.configuration.brokerPod.image.tag | quote }}
{{- with .Values.onvif.configuration.brokerPod.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
{{- if .Values.onvif.configuration.brokerPod.env }}
env:
{{- range $key, $val := .Values.onvif.configuration.brokerPod.env }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
{{- end }}
{{- if .Values.onvif.configuration.brokerPod.env }}
env:
{{- range $key, $val := .Values.onvif.configuration.brokerPod.env }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
{{- end }}
{{- if .Values.onvif.configuration.brokerPod.envFrom }}
envFrom:
{{- range $val := .Values.onvif.configuration.brokerPod.envFrom.secretRef }}
- secretRef:
name: {{ $val | quote }}
{{- end }}
{{- range $val := .Values.onvif.configuration.brokerPod.envFrom.configMapRef }}
- configMapRef:
name: {{ $val | quote }}
{{- end }}
{{- end }}
resources:
requests:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.onvif.configuration.brokerPod.resources.memoryRequest }}
cpu: {{ .Values.onvif.configuration.brokerPod.resources.cpuRequest }}
limits:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.onvif.configuration.brokerPod.resources.memoryLimit }}
cpu: {{ .Values.onvif.configuration.brokerPod.resources.cpuLimit }}
{{- with .Values.onvif.configuration.brokerPod.volumeMounts}}
volumeMounts:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.onvif.configuration.brokerPod.volumes}}
volumes:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- else }}
brokerJobSpec:
template:
spec:
containers:
- name: {{ .Values.onvif.configuration.name }}-broker
image: {{ printf "%s:%s" .Values.onvif.configuration.brokerJob.image.repository .Values.onvif.configuration.brokerPod.image.tag | quote }}
{{- if .Values.onvif.configuration.brokerJob.command }}
command:
{{- toYaml .Values.onvif.configuration.brokerJob.command | nindent 14 }}
{{- end }}
{{- with .Values.onvif.configuration.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
{{- if .Values.onvif.configuration.brokerJob.env }}
env:
{{- range $key, $val := .Values.onvif.configuration.brokerJob.env }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
{{- end }}
{{- if .Values.onvif.configuration.brokerJob.envFrom }}
envFrom:
{{- range $val := .Values.onvif.configuration.brokerJob.envFrom.secretRef }}
- secretRef:
name: {{ $val | quote }}
{{- end }}
{{- range $val := .Values.onvif.configuration.brokerJob.envFrom.configMapRef }}
- configMapRef:
name: {{ $val | quote }}
{{- end }}
{{- end }}
resources:
requests:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.onvif.configuration.brokerJob.resources.memoryRequest }}
cpu: {{ .Values.onvif.configuration.brokerJob.resources.cpuRequest }}
limits:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.onvif.configuration.brokerJob.resources.memoryLimit }}
cpu: {{ .Values.onvif.configuration.brokerJob.resources.cpuLimit }}
{{- with .Values.onvif.configuration.brokerJob.volumeMounts}}
volumeMounts:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.onvif.configuration.brokerJob.volumes}}
volumes:
{{- toYaml . | nindent 10 }}
{{- end }}
restartPolicy: {{ .Values.onvif.configuration.brokerJob.restartPolicy }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 10 }}
{{- end }}
backoffLimit: {{ .Values.onvif.configuration.brokerJob.backoffLimit }}
parallelism: {{ .Values.onvif.configuration.brokerJob.parallelism }}
completions: {{ .Values.onvif.configuration.brokerJob.completions }}
{{- end }}
{{- end }}
{{- /* Only add service specs if a broker image was specified and service creation was not disabled */}}
{{- if .Values.onvif.configuration.brokerPod.image.repository }}
{{- if .Values.onvif.configuration.createInstanceServices }}
instanceServiceSpec:
type: {{ .Values.onvif.configuration.instanceService.type }}
ports:
- name: {{ .Values.onvif.configuration.instanceService.portName }}
port: {{ .Values.onvif.configuration.instanceService.port }}
protocol: {{ .Values.onvif.configuration.instanceService.protocol }}
targetPort: {{ .Values.onvif.configuration.instanceService.targetPort }}
{{- end }}
{{- if .Values.onvif.configuration.createConfigurationService }}
configurationServiceSpec:
type: {{ .Values.onvif.configuration.configurationService.type }}
ports:
- name: {{ .Values.onvif.configuration.configurationService.portName }}
port: {{ .Values.onvif.configuration.configurationService.port }}
protocol: {{ .Values.onvif.configuration.configurationService.protocol }}
targetPort: {{ .Values.onvif.configuration.configurationService.targetPort }}
{{- end }}
{{- end }}
{{- if .Values.onvif.configuration.brokerProperties }}
brokerProperties:
{{- range $key, $val := .Values.onvif.configuration.brokerProperties }}
{{- $key | nindent 4 }}: {{ $val | quote }}
{{- end }}
{{- else }}
brokerProperties: {}
{{- end }}
capacity: {{ .Values.onvif.configuration.capacity }}
{{- end }}

View File

@ -0,0 +1,78 @@
{{- if .Values.onvif.discovery.enabled }}
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: akri-onvif-discovery-daemonset
annotations:
akri.sh/discoveryHandlerName: onvif
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-onvif-discovery
app.kubernetes.io/component: discovery-handler
spec:
selector:
matchLabels: {{- include "akri.selectorLabels" . | nindent 6 }}
app.kubernetes.io/name: akri-onvif-discovery
template:
metadata:
labels: {{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/name: akri-onvif-discovery
app.kubernetes.io/component: discovery-handler
spec:
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
containers:
- name: akri-onvif-discovery
{{- if .Values.useDevelopmentContainers }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:%s" .Values.onvif.discovery.image.repository (default "latest-dev" .Values.onvif.discovery.image.tag) | quote }}
{{- else }}
image: {{ printf "%s:%s" .Values.onvif.discovery.image.repository (default (printf "v%s-dev" .Chart.AppVersion) .Values.onvif.discovery.image.tag) | quote }}
{{- end }}
{{- else }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:%s" .Values.onvif.discovery.image.repository (default "latest" .Values.onvif.discovery.image.tag) | quote }}
{{- else }}
image: {{ printf "%s:%s" .Values.onvif.discovery.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.onvif.discovery.image.tag) | quote }}
{{- end }}
{{- end }}
{{- with .Values.onvif.discovery.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end}}
resources:
requests:
memory: {{ .Values.onvif.discovery.resources.memoryRequest }}
cpu: {{ .Values.onvif.discovery.resources.cpuRequest }}
limits:
memory: {{ .Values.onvif.discovery.resources.memoryLimit }}
cpu: {{ .Values.onvif.discovery.resources.cpuLimit }}
{{- if .Values.onvif.discovery.useNetworkConnection }}
ports:
- name: discovery
containerPort: {{ .Values.onvif.discovery.port }}
{{- end }}
env:
{{- if .Values.onvif.discovery.useNetworkConnection }}
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
{{- end }}
- name: DISCOVERY_HANDLERS_DIRECTORY
value: /var/lib/akri
volumeMounts:
- name: discovery-handlers
mountPath: /var/lib/akri
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
nodeSelector:
"kubernetes.io/os": linux
{{- if .Values.onvif.discovery.nodeSelectors }}
{{- toYaml .Values.onvif.discovery.nodeSelectors | nindent 8 }}
{{- end }}
volumes:
- name: discovery-handlers
hostPath:
path: {{ .Values.agent.host.discoveryHandlers }}
{{- end }}

View File

@ -0,0 +1,193 @@
{{- if .Values.opcua.configuration.enabled }}
apiVersion: {{ printf "%s/%s" .Values.crds.group .Values.crds.version }}
kind: Configuration
metadata:
name: {{ .Values.opcua.configuration.name }}
spec:
discoveryHandler:
name: opcua
discoveryDetails: |+
opcuaDiscoveryMethod:
standard:
discoveryUrls:
{{- toYaml .Values.opcua.configuration.discoveryDetails.discoveryUrls | nindent 10 }}
applicationNames:
action: {{ .Values.opcua.configuration.discoveryDetails.applicationNames.action }}
{{- if .Values.opcua.configuration.discoveryDetails.applicationNames.items}}
items:
{{- toYaml .Values.opcua.configuration.discoveryDetails.applicationNames.items | nindent 8 }}
{{- else }}
items: []
{{- end }}
{{- if or .Values.opcua.configuration.brokerPod.image.repository .Values.opcua.configuration.brokerJob.image.repository }}
{{- /* Only add brokerSpec if a broker image is provided */}}
brokerSpec:
{{- if .Values.opcua.configuration.brokerPod.image.repository }}
brokerPodSpec:
containers:
- name: {{ .Values.opcua.configuration.name }}-broker
image: {{ printf "%s:%s" .Values.opcua.configuration.brokerPod.image.repository .Values.opcua.configuration.brokerPod.image.tag | quote }}
{{- with .Values.opcua.configuration.brokerPod.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
{{- if .Values.opcua.configuration.brokerPod.env }}
env:
{{- range $key, $val := .Values.opcua.configuration.brokerPod.env }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
{{- end }}
{{- if .Values.opcua.configuration.brokerPod.envFrom }}
envFrom:
{{- range $val := .Values.opcua.configuration.brokerPod.envFrom.secretRef }}
- secretRef:
name: {{ $val | quote }}
{{- end }}
{{- range $val := .Values.opcua.configuration.brokerPod.envFrom.configMapRef }}
- configMapRef:
name: {{ $val | quote }}
{{- end }}
{{- end }}
{{- if .Values.opcua.configuration.brokerPod.env }}
env:
{{- range $key, $val := .Values.opcua.configuration.brokerPod.env }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
{{- end }}
resources:
requests:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.opcua.configuration.brokerPod.resources.memoryRequest }}
cpu: {{ .Values.opcua.configuration.brokerPod.resources.cpuRequest }}
limits:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.opcua.configuration.brokerPod.resources.memoryLimit }}
cpu: {{ .Values.opcua.configuration.brokerPod.resources.cpuLimit }}
{{- if or .Values.opcua.configuration.brokerPod.volumeMounts .Values.opcua.configuration.mountCertificates }}
volumeMounts:
{{- with .Values.opcua.configuration.brokerPod.volumeMounts}}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.opcua.configuration.mountCertificates}}
- name: credentials
mountPath: "/etc/opcua-certs/client-pki"
readOnly: false
{{- end }}
{{- end }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- if or .Values.opcua.configuration.brokerPod.volumeMounts .Values.opcua.configuration.mountCertificates }}
volumes:
{{- with .Values.opcua.configuration.brokerPod.volumes}}
{{- toYaml . | nindent 6 }}
{{- end }}
{{- if .Values.opcua.configuration.mountCertificates }}
- name: credentials
secret:
secretName: opcua-broker-credentials
items:
- key: client_certificate
path: own/certs/AkriBroker.der
- key: client_key
path: own/private/AkriBroker.pfx
- key: ca_certificate
path: trusted/certs/SomeCA.der
- key: ca_crl
path: trusted/crl/SomeCA.crl
{{- end }}
{{- end }}
{{- else }}
brokerJobSpec:
template:
spec:
containers:
- name: {{ .Values.opcua.configuration.name }}-broker
image: {{ printf "%s:%s" .Values.opcua.configuration.brokerJob.image.repository .Values.opcua.configuration.brokerPod.image.tag | quote }}
{{- if .Values.opcua.configuration.brokerJob.command }}
command:
{{- toYaml .Values.opcua.configuration.brokerJob.command | nindent 14 }}
{{- end }}
{{- with .Values.opcua.configuration.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
{{- if .Values.opcua.configuration.brokerJob.env }}
env:
{{- range $key, $val := .Values.opcua.configuration.brokerJob.env }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
{{- end }}
{{- if .Values.opcua.configuration.brokerJob.envFrom }}
envFrom:
{{- range $val := .Values.opcua.configuration.brokerJob.envFrom.secretRef }}
- secretRef:
name: {{ $val | quote }}
{{- end }}
{{- range $val := .Values.opcua.configuration.brokerJob.envFrom.configMapRef }}
- configMapRef:
name: {{ $val | quote }}
{{- end }}
{{- end }}
resources:
requests:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.opcua.configuration.brokerJob.resources.memoryRequest }}
cpu: {{ .Values.opcua.configuration.brokerJob.resources.cpuRequest }}
limits:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.opcua.configuration.brokerJob.resources.memoryLimit }}
cpu: {{ .Values.opcua.configuration.brokerJob.resources.cpuLimit }}
{{- with .Values.opcua.configuration.brokerJob.volumeMounts}}
volumeMounts:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.opcua.configuration.brokerJob.volumes}}
volumes:
{{- toYaml . | nindent 10 }}
{{- end }}
restartPolicy: {{ .Values.opcua.configuration.brokerJob.restartPolicy }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 10 }}
{{- end }}
backoffLimit: {{ .Values.opcua.configuration.brokerJob.backoffLimit }}
parallelism: {{ .Values.opcua.configuration.brokerJob.parallelism }}
completions: {{ .Values.opcua.configuration.brokerJob.completions }}
{{- end }}
{{- end }}
{{- /* Only add service specs if a broker image was specified and service
creation was not disabled */}}
{{- if .Values.opcua.configuration.brokerPod.image.repository }}
{{- if .Values.opcua.configuration.createInstanceServices }}
instanceServiceSpec:
type: {{ .Values.opcua.configuration.instanceService.type }}
ports:
- name: grpc
port: {{ .Values.opcua.configuration.instanceService.port }}
protocol: {{ .Values.opcua.configuration.instanceService.protocol }}
targetPort: {{ .Values.opcua.configuration.instanceService.targetPort }}
{{- end }}
{{- if .Values.opcua.configuration.createConfigurationService }}
configurationServiceSpec:
type: {{ .Values.opcua.configuration.configurationService.type }}
ports:
- name: grpc
port: {{ .Values.opcua.configuration.configurationService.port }}
protocol: {{ .Values.opcua.configuration.configurationService.protocol }}
targetPort: {{ .Values.opcua.configuration.configurationService.targetPort }}
{{- end }}
{{- end }}
{{- if .Values.opcua.configuration.brokerProperties }}
brokerProperties:
{{- range $key, $val := .Values.opcua.configuration.brokerProperties }}
{{- $key | nindent 4 }}: {{ $val | quote }}
{{- end }}
{{- else }}
brokerProperties: {}
{{- end }}
capacity: {{ .Values.opcua.configuration.capacity }}
{{- end }}

View File

@ -0,0 +1,76 @@
{{- if .Values.opcua.discovery.enabled }}
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: akri-opcua-discovery-daemonset
annotations:
akri.sh/discoveryHandlerName: opcua
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-opcua-discovery
app.kubernetes.io/component: discovery-handler
spec:
selector:
matchLabels: {{- include "akri.selectorLabels" . | nindent 6 }}
app.kubernetes.io/name: akri-opcua-discovery
template:
metadata:
labels: {{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/name: akri-opcua-discovery
app.kubernetes.io/component: discovery-handler
spec:
containers:
- name: akri-opcua-discovery
{{- if .Values.useDevelopmentContainers }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:%s" .Values.opcua.discovery.image.repository (default "latest-dev" .Values.opcua.discovery.image.tag) | quote }}
{{- else }}
image: {{ printf "%s:%s" .Values.opcua.discovery.image.repository (default (printf "v%s-dev" .Chart.AppVersion) .Values.opcua.discovery.image.tag) | quote }}
{{- end }}
{{- else }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:%s" .Values.opcua.discovery.image.repository (default "latest" .Values.opcua.discovery.image.tag) | quote }}
{{- else }}
image: {{ printf "%s:%s" .Values.opcua.discovery.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.opcua.discovery.image.tag) | quote }}
{{- end }}
{{- end }}
{{- with .Values.opcua.discovery.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end}}
resources:
requests:
memory: {{ .Values.opcua.discovery.resources.memoryRequest }}
cpu: {{ .Values.opcua.discovery.resources.cpuRequest }}
limits:
memory: {{ .Values.opcua.discovery.resources.memoryLimit }}
cpu: {{ .Values.opcua.discovery.resources.cpuLimit }}
{{- if .Values.opcua.discovery.useNetworkConnection }}
ports:
- name: discovery
containerPort: {{ .Values.opcua.discovery.port }}
{{- end }}
env:
{{- if .Values.opcua.discovery.useNetworkConnection }}
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
{{- end }}
- name: DISCOVERY_HANDLERS_DIRECTORY
value: /var/lib/akri
volumeMounts:
- name: discovery-handlers
mountPath: /var/lib/akri
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
nodeSelector:
"kubernetes.io/os": linux
{{- if .Values.opcua.discovery.nodeSelectors }}
{{- toYaml .Values.opcua.discovery.nodeSelectors | nindent 8 }}
{{- end }}
volumes:
- name: discovery-handlers
hostPath:
path: {{ .Values.agent.host.discoveryHandlers }}
{{- end }}

View File

@ -0,0 +1,33 @@
{{- if .Values.prometheus.enabled }}
apiVersion: monitoring.coreos.com/v1
kind: PodMonitor
metadata:
name: akri-agent-metrics
namespace: {{ .Release.Namespace }}
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-agent
release: prometheus
spec:
selector:
matchLabels: {{- include "akri.selectorLabels" . | nindent 6 }}
app.kubernetes.io/name: akri-agent
podMetricsEndpoints:
- port: {{ .Values.prometheus.portName | quote }}
path: {{ .Values.prometheus.endpoint }}
---
apiVersion: monitoring.coreos.com/v1
kind: PodMonitor
metadata:
name: akri-controller-metrics
namespace: {{ .Release.Namespace }}
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-controller
release: prometheus
spec:
selector:
matchLabels: {{- include "akri.selectorLabels" . | nindent 6 }}
app.kubernetes.io/name: akri-controller
podMetricsEndpoints:
- port: {{ .Values.prometheus.portName | quote }}
path: {{ .Values.prometheus.endpoint }}
{{- end }}

View File

@ -0,0 +1,93 @@
{{- if .Values.rbac.enabled }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: akri-controller-sa
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-controller
app.kubernetes.io/component: controller
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: akri-agent-sa
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-agent
app.kubernetes.io/component: agent
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: "akri-controller-role"
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-controller
app.kubernetes.io/component: controller
rules:
- apiGroups: [""]
resources: ["pods", "services"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: ["batch"]
resources: ["jobs"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete", "deletecollection"]
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get", "list", "watch"]
- apiGroups: [{{ .Values.crds.group | quote }}]
resources: ["instances"]
verbs: ["get", "list", "watch", "update", "patch"]
- apiGroups: [{{ .Values.crds.group | quote }}]
resources: ["configurations"]
verbs: ["get", "list", "watch"]
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: "akri-agent-role"
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-agent
app.kubernetes.io/component: agent
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "list", "watch"]
- apiGroups: [{{ .Values.crds.group | quote }}]
resources: ["instances"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: [{{ .Values.crds.group | quote }}]
resources: ["configurations"]
verbs: ["get", "list", "watch"]
---
apiVersion: 'rbac.authorization.k8s.io/v1'
kind: 'ClusterRoleBinding'
metadata:
name: 'akri-controller-binding'
namespace: {{ .Release.Namespace }}
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-controller
app.kubernetes.io/component: controller
roleRef:
apiGroup: ''
kind: 'ClusterRole'
name: 'akri-controller-role'
subjects:
- kind: 'ServiceAccount'
name: 'akri-controller-sa'
namespace: {{ .Release.Namespace }}
---
apiVersion: 'rbac.authorization.k8s.io/v1'
kind: 'ClusterRoleBinding'
metadata:
name: 'akri-agent-binding'
namespace: {{ .Release.Namespace }}
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-agent
app.kubernetes.io/component: agent
roleRef:
apiGroup: ''
kind: 'ClusterRole'
name: 'akri-agent-role'
subjects:
- kind: 'ServiceAccount'
name: 'akri-agent-sa'
namespace: {{ .Release.Namespace }}
{{- end }}

View File

@ -0,0 +1,133 @@
{{- if .Values.udev.configuration.enabled }}
apiVersion: {{ printf "%s/%s" .Values.crds.group .Values.crds.version }}
kind: Configuration
metadata:
name: {{ .Values.udev.configuration.name }}
spec:
discoveryHandler:
name: udev
discoveryDetails: |+
groupRecursive: {{ .Values.udev.configuration.discoveryDetails.groupRecursive }}
udevRules:
{{- required "Please set at least one udev rule with `--set udev.configuration.discoveryDetails.udevRules[0]==\"<udev rule>\"' to specify what you want discovered. See the udev Configuration document at https://docs.akri.sh/discovery-handlers/udev for more information." .Values.udev.configuration.discoveryDetails.udevRules | toYaml | nindent 6 }}
{{- if or .Values.udev.configuration.brokerPod.image.repository .Values.udev.configuration.brokerJob.image.repository }}
{{- /* Only add brokerSpec if a broker image is provided */}}
brokerSpec:
{{- if .Values.udev.configuration.brokerPod.image.repository }}
brokerPodSpec:
containers:
- name: {{ .Values.udev.configuration.name }}-broker
image: {{ printf "%s:%s" .Values.udev.configuration.brokerPod.image.repository .Values.udev.configuration.brokerPod.image.tag | quote }}
{{- with .Values.udev.configuration.brokerPod.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
{{- if .Values.udev.configuration.brokerPod.env }}
env:
{{- range $key, $val := .Values.udev.configuration.brokerPod.env }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
{{- end }}
{{- if .Values.udev.configuration.brokerPod.envFrom }}
envFrom:
{{- range $val := .Values.udev.configuration.brokerPod.envFrom.secretRef }}
- secretRef:
name: {{ $val | quote }}
{{- end }}
{{- range $val := .Values.udev.configuration.brokerPod.envFrom.configMapRef }}
- configMapRef:
name: {{ $val | quote }}
{{- end }}
{{- end }}
securityContext:
{{- if .Values.udev.configuration.brokerPod.securityContext }}
{{- toYaml .Values.udev.configuration.brokerPod.securityContext | nindent 10 }}
{{- else}}
privileged: true
{{- end}}
resources:
requests:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.udev.configuration.brokerPod.resources.memoryRequest }}
cpu: {{ .Values.udev.configuration.brokerPod.resources.cpuRequest }}
limits:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.udev.configuration.brokerPod.resources.memoryLimit }}
cpu: {{ .Values.udev.configuration.brokerPod.resources.cpuLimit }}
{{- with .Values.udev.configuration.brokerPod.volumeMounts}}
volumeMounts:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.udev.configuration.brokerPod.volumes}}
volumes:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- else }}
brokerJobSpec:
template:
spec:
containers:
- name: {{ .Values.udev.configuration.name }}-broker
image: {{ printf "%s:%s" .Values.udev.configuration.brokerJob.image.repository .Values.udev.configuration.brokerPod.image.tag | quote }}
{{- if .Values.udev.configuration.brokerJob.command }}
command:
{{- toYaml .Values.udev.configuration.brokerJob.command | nindent 14 }}
{{- end }}
{{- with .Values.udev.configuration.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
resources:
requests:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.udev.configuration.brokerJob.resources.memoryRequest }}
cpu: {{ .Values.udev.configuration.brokerJob.resources.cpuRequest }}
limits:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.udev.configuration.brokerJob.resources.memoryLimit }}
cpu: {{ .Values.udev.configuration.brokerJob.resources.cpuLimit }}
restartPolicy: {{ .Values.udev.configuration.brokerJob.restartPolicy }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 10 }}
{{- end }}
backoffLimit: {{ .Values.udev.configuration.brokerJob.backoffLimit }}
parallelism: {{ .Values.udev.configuration.brokerJob.parallelism }}
completions: {{ .Values.udev.configuration.brokerJob.completions }}
{{- end }}
{{- end }}
{{- /* Only add service specs if a broker image was specified and service
creation was not disabled */}}
{{- if .Values.udev.configuration.brokerPod.image.repository }}
{{- if .Values.udev.configuration.createInstanceServices }}
instanceServiceSpec:
type: {{ .Values.udev.configuration.instanceService.type }}
ports:
- name: {{ .Values.udev.configuration.instanceService.portName }}
port: {{ .Values.udev.configuration.instanceService.port }}
protocol: {{ .Values.udev.configuration.instanceService.protocol }}
targetPort: {{ .Values.udev.configuration.instanceService.targetPort }}
{{- end }}
{{- if .Values.udev.configuration.createConfigurationService }}
configurationServiceSpec:
type: {{ .Values.udev.configuration.configurationService.type }}
ports:
- name: {{ .Values.udev.configuration.configurationService.portName }}
port: {{ .Values.udev.configuration.configurationService.port }}
protocol: {{ .Values.udev.configuration.configurationService.protocol }}
targetPort: {{ .Values.udev.configuration.configurationService.targetPort }}
{{- end }}
{{- end }}
{{- if .Values.udev.configuration.brokerProperties }}
brokerProperties:
{{- range $key, $val := .Values.udev.configuration.brokerProperties }}
{{- $key | nindent 4 }}: {{ $val | quote }}
{{- end }}
{{- else }}
brokerProperties: {}
{{- end }}
capacity: {{ .Values.udev.configuration.capacity }}
{{- end }}

View File

@ -0,0 +1,87 @@
{{- if .Values.udev.discovery.enabled }}
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: akri-udev-discovery-daemonset
annotations:
akri.sh/discoveryHandlerName: udev
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-udev-discovery
app.kubernetes.io/component: discovery-handler
spec:
selector:
matchLabels: {{- include "akri.selectorLabels" . | nindent 6 }}
app.kubernetes.io/name: akri-udev-discovery
template:
metadata:
labels: {{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/name: akri-udev-discovery
app.kubernetes.io/component: discovery-handler
spec:
nodeSelector:
"kubernetes.io/os": linux
containers:
- name: akri-udev-discovery
{{- if .Values.useDevelopmentContainers }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:%s" .Values.udev.discovery.image.repository (default "latest-dev" .Values.udev.discovery.image.tag) | quote }}
{{- else }}
image: {{ printf "%s:%s" .Values.udev.discovery.image.repository (default (printf "v%s-dev" .Chart.AppVersion) .Values.udev.discovery.image.tag) | quote }}
{{- end }}
{{- else }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:%s" .Values.udev.discovery.image.repository (default "latest" .Values.udev.discovery.image.tag) | quote }}
{{- else }}
image: {{ printf "%s:%s" .Values.udev.discovery.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.udev.discovery.image.tag) | quote }}
{{- end }}
{{- end }}
{{- with .Values.udev.discovery.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end}}
resources:
requests:
memory: {{ .Values.udev.discovery.resources.memoryRequest }}
cpu: {{ .Values.udev.discovery.resources.cpuRequest }}
limits:
memory: {{ .Values.udev.discovery.resources.memoryLimit }}
cpu: {{ .Values.udev.discovery.resources.cpuLimit }}
{{- if .Values.udev.discovery.useNetworkConnection }}
ports:
- name: discovery
containerPort: {{ .Values.udev.discovery.port }}
{{- end }}
env:
{{- if .Values.udev.discovery.useNetworkConnection }}
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
{{- end }}
- name: DISCOVERY_HANDLERS_DIRECTORY
value: /var/lib/akri
volumeMounts:
- name: discovery-handlers
mountPath: /var/lib/akri
{{- if .Values.udev.discovery.host.udev }}
- name: devices
mountPath: /run/udev
{{- end }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
nodeSelector:
"kubernetes.io/os": linux
{{- if .Values.udev.discovery.nodeSelectors }}
{{- toYaml .Values.udev.discovery.nodeSelectors | nindent 8 }}
{{- end }}
volumes:
- name: discovery-handlers
hostPath:
path: {{ .Values.agent.host.discoveryHandlers }}
{{- if .Values.udev.discovery.host.udev }}
- name: devices
hostPath:
path: "{{ .Values.udev.discovery.host.udev }}"
{{- end }}
{{- end }}

View File

@ -0,0 +1,181 @@
{{- if and .Values.webhookConfiguration.enabled (not .Values.webhookConfiguration.caBundle) -}}
{{- if .Values.rbac.enabled }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ .Values.webhookConfiguration.name }}-patch
annotations:
"helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
"helm.sh/hook-weight": "-5"
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
labels:
{{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/component: admission-webhook
rules:
- apiGroups:
- admissionregistration.k8s.io
resources:
- validatingwebhookconfigurations
verbs:
- get
- update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ .Values.webhookConfiguration.name }}-patch
annotations:
"helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
"helm.sh/hook-weight": "-5"
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
labels:
{{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/component: admission-webhook
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ .Values.webhookConfiguration.name }}-patch
subjects:
- kind: ServiceAccount
name: {{ .Values.webhookConfiguration.name }}-patch
namespace: {{ .Release.Namespace | quote }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: {{ .Values.webhookConfiguration.name }}-patch
namespace: {{ .Release.Namespace }}
annotations:
"helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
"helm.sh/hook-weight": "-5"
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
labels:
{{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/component: admission-webhook
rules:
- apiGroups:
- ""
resources:
- secrets
verbs:
- get
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: {{ .Values.webhookConfiguration.name }}-patch
namespace: {{ .Release.Namespace }}
annotations:
"helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
"helm.sh/hook-weight": "-5"
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
labels:
{{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/component: admission-webhook
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: {{ .Values.webhookConfiguration.name }}-patch
subjects:
- kind: ServiceAccount
name: {{ .Values.webhookConfiguration.name }}-patch
namespace: {{ .Release.Namespace | quote }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.webhookConfiguration.name }}-patch
namespace: {{ .Release.Namespace }}
annotations:
"helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
"helm.sh/hook-weight": "-5"
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
labels:
{{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/component: admission-webhook
---
{{- end }}
apiVersion: batch/v1
kind: Job
metadata:
name: {{ .Values.webhookConfiguration.name }}-create
namespace: {{ .Release.Namespace }}
annotations:
"helm.sh/hook": pre-install,pre-upgrade
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
labels:
{{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/component: admission-webhook
spec:
ttlSecondsAfterFinished: 0
template:
metadata:
name: {{ .Values.webhookConfiguration.name }}-create
labels:
{{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/component: admission-webhook
spec:
containers:
- name: create
image: "{{ .Values.webhookConfiguration.certImage.reference }}:{{ .Values.webhookConfiguration.certImage.tag }}"
imagePullPolicy: {{ .Values.webhookConfiguration.certImage.pullPolicy }}
args:
- create
- --host={{ .Values.webhookConfiguration.name }},{{ .Values.webhookConfiguration.name }}.{{ .Release.Namespace }}.svc
- --namespace={{ .Release.Namespace }}
- --secret-name={{ .Values.webhookConfiguration.name }}
- --cert-name=tls.crt
- --key-name=tls.key
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
restartPolicy: OnFailure
{{- if .Values.rbac.enabled }}
serviceAccountName: {{ .Values.webhookConfiguration.name }}-patch
{{- end }}
---
apiVersion: batch/v1
kind: Job
metadata:
name: {{ .Values.webhookConfiguration.name }}-patch
namespace: {{ .Release.Namespace }}
annotations:
"helm.sh/hook": post-install,post-upgrade
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
labels:
{{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/component: admission-webhook
spec:
ttlSecondsAfterFinished: 0
template:
metadata:
name: {{ .Values.webhookConfiguration.name }}-patch
labels:
{{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/component: admission-webhook
spec:
containers:
- name: patch
image: "{{ .Values.webhookConfiguration.certImage.reference }}:{{ .Values.webhookConfiguration.certImage.tag }}"
imagePullPolicy: {{ .Values.webhookConfiguration.certImage.pullPolicy }}
args:
- patch
- --webhook-name={{ .Values.webhookConfiguration.name }}
- --namespace={{ .Release.Namespace }}
- --patch-mutating=false
- --secret-name={{ .Values.webhookConfiguration.name }}
- --patch-failure-policy=Fail
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
restartPolicy: OnFailure
{{- if .Values.rbac.enabled }}
serviceAccountName: {{ .Values.webhookConfiguration.name }}-patch
{{- end }}
{{- end -}}

View File

@ -0,0 +1,165 @@
{{- if .Values.webhookConfiguration.enabled }}
apiVersion: v1
kind: List
metadata:
name: {{ .Values.webhookConfiguration.name }}
labels: {{- include "akri.labels" . | nindent 4 }}
items:
- apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.webhookConfiguration.name }}
namespace: {{ .Release.Namespace }}
labels: {{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/name: {{ .Values.webhookConfiguration.name }}
app.kubernetes.io/component: admission-webhook
- apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: {{ .Values.webhookConfiguration.name }}
namespace: {{ .Release.Namespace }}
labels: {{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/name: {{ .Values.webhookConfiguration.name }}
app.kubernetes.io/component: admission-webhook
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get"]
- apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: {{ .Values.webhookConfiguration.name }}
namespace: {{ .Release.Namespace }}
labels: {{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/name: {{ .Values.webhookConfiguration.name }}
app.kubernetes.io/component: admission-webhook
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: {{ .Values.webhookConfiguration.name }}
subjects:
- kind: ServiceAccount
name: {{ .Values.webhookConfiguration.name }}
namespace: {{ .Release.Namespace }}
- apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Values.webhookConfiguration.name }}
labels: {{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/name: {{ .Values.webhookConfiguration.name }}
app.kubernetes.io/component: admission-webhook
spec:
replicas: 1
selector:
matchLabels: {{- include "akri.selectorLabels" . | nindent 10 }}
app.kubernetes.io/name: {{ .Values.webhookConfiguration.name }}
template:
metadata:
labels: {{- include "akri.labels" . | nindent 12 }}
app.kubernetes.io/name: {{ .Values.webhookConfiguration.name }}
app.kubernetes.io/component: admission-webhook
spec:
{{- if .Values.rbac.enabled }}
serviceAccountName: {{ .Values.webhookConfiguration.name }}
{{- end }}
containers:
- name: webhook
{{- if .Values.useDevelopmentContainers }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:latest-dev" .Values.webhookConfiguration.image.repository | quote }}
{{- else }}
image: {{ printf "%s:%s" .Values.webhookConfiguration.image.repository (default (printf "v%s-dev" .Chart.AppVersion) .Values.webhookConfiguration.image.tag) | quote }}
{{- end }}
{{- else }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:latest" .Values.webhookConfiguration.image.repository | quote }}
{{- else }}
image: {{ printf "%s:%s" .Values.webhookConfiguration.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.webhookConfiguration.image.tag) | quote }}
{{- end }}
{{- end }}
imagePullPolicy: {{ .Values.webhookConfiguration.image.pullPolicy }}
resources:
requests:
memory: {{ .Values.webhookConfiguration.resources.memoryRequest }}
cpu: {{ .Values.webhookConfiguration.resources.cpuRequest }}
limits:
memory: {{ .Values.webhookConfiguration.resources.memoryLimit }}
cpu: {{ .Values.webhookConfiguration.resources.cpuLimit }}
args:
- --tls-crt-file=/secrets/tls.crt
- --tls-key-file=/secrets/tls.key
- --port=8443
volumeMounts:
- name: secrets
mountPath: /secrets
readOnly: true
volumes:
- name: secrets
secret:
secretName: {{ .Values.webhookConfiguration.name }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- if .Values.webhookConfiguration.allowOnControlPlane }}
tolerations:
{{- /* Allow this pod to run on the master. */}}
- key: node-role.kubernetes.io/master
effect: NoSchedule
{{- end }}
nodeSelector:
{{- if .Values.webhookConfiguration.nodeSelectors }}
{{- toYaml .Values.webhookConfiguration.nodeSelectors | nindent 8 }}
{{- end }}
"kubernetes.io/os": linux
{{- if .Values.webhookConfiguration.onlyOnControlPlane }}
node-role.kubernetes.io/master: ""
{{- end }}
- apiVersion: v1
kind: Service
metadata:
name: {{ .Values.webhookConfiguration.name }}
labels: {{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/name: {{ .Values.webhookConfiguration.name }}
app.kubernetes.io/component: admission-webhook
spec:
selector: {{- include "akri.selectorLabels" . | nindent 8 }}
app.kubernetes.io/name: {{ .Values.webhookConfiguration.name }}
ports:
- name: http
port: 443
targetPort: 8443
- apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
name: {{ .Values.webhookConfiguration.name }}
labels: {{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/name: {{ .Values.webhookConfiguration.name }}
app.kubernetes.io/component: admission-webhook
webhooks:
- name: {{ .Values.webhookConfiguration.name }}.{{ .Release.Namespace }}.svc
clientConfig:
service:
name: {{ .Values.webhookConfiguration.name }}
namespace: {{ .Release.Namespace }}
port: 443
path: "/validate"
{{- if .Values.webhookConfiguration.caBundle }}
caBundle: {{ .Values.webhookConfiguration.caBundle }}
{{- end }}
rules:
- operations:
- "CREATE"
- "UPDATE"
apiGroups:
- {{ .Values.crds.group }}
apiVersions:
- {{ .Values.crds.version }}
resources:
- "configurations"
scope: "*"
admissionReviewVersions:
- v1
- v1beta1
sideEffects: None
{{- end }}

880
akri-chart/values.yaml Normal file
View File

@ -0,0 +1,880 @@
# Default values for akri.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
# useLatestContainers is specified if the latest or latest-dev
# tags should be used. This will be overridden if *.image.tag
# is specified.
useLatestContainers: false
# useDevelopmentContainers is specified if the non-release (*-dev)
# tags should be used. This will be overridden if *.image.tag
# is specified.
useDevelopmentContainers: false
# imagePullSecrets is the array of secrets needed to pull images.
# This can be set from the helm command line using `--set imagePullSecrets[0].name="mysecret"`
imagePullSecrets: []
# kubernetesDistro describes the Kubernetes distro Akri is running on. It is used to conditionally set
# distribution specific values such as container runtime socket. Options: microk8s | k3s | k8s
kubernetesDistro: ""
# generalize references to `apiGroups` and `apiVersion` values for Akri CRDs
crds:
group: akri.sh
version: v0
rbac:
# enabled defines whether to apply rbac to Akri
enabled: true
prometheus:
# enabled defines whether metrics ports are exposed on
# the Controller and Agent
enabled: false
# endpoint is the path the port exposed for metrics
endpoint: /metrics
# port is the port that the metrics service is exposed on
port: 8080
# portName is the name of the metrics port
portName: metrics
controller:
# enabled defines whether to apply the Akri Controller
enabled: true
image:
# repository is the Akri Controller container reference
repository: "%%IMG_REPO%%/akri-controller"
# tag is the Akri Controller container tag
# controller.yaml will default to v(AppVersion)[-dev]
# with `-dev` added if `useDevelopmentContainers` is specified
tag:
# pullPolicy is the Akri Controller pull policy
pullPolicy: "Always"
# ensures container doesn't run with unnecessary priviledges
securityContext:
runAsUser: 1000
allowPrivilegeEscalation: false
runAsNonRoot: true
readOnlyRootFilesystem: true
capabilities:
drop: ["ALL"]
# onlyOnControlPlane dictates whether the Akri Controller will only run on nodes with
# the label with (key, value) of ("node-role.kubernetes.io/master", "")
onlyOnControlPlane: false
# allowOnControlPlane dictates whether a toleration will be added to allow to Akri Controller
# to run on the control plane node
allowOnControlPlane: true
# nodeSelectors is the array of nodeSelectors used to target nodes for the Akri Controller to run on
# This can be set from the helm command line using `--set controller.nodeSelectors.label="value"`
nodeSelectors: {}
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 11Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 10m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 100Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 26m
agent:
# enabled defines whether to apply the Akri Agent
enabled: true
image:
# repository is the Akri Agent container reference
repository: "%%IMG_REPO%%/akri-agent"
# tag is the Akri Agent container tag
# agent.yaml will default to v(AppVersion)[-dev]
# with `-dev` added if `useDevelopmentContainers` is specified
tag:
# pullPolicy is the Akri Agent pull policy
pullPolicy: ""
securityContext:
privileged: true
host:
# discoveryHandlers is the location of Akri Discovery Handler sockets and
# the agent registration service
discoveryHandlers: /var/lib/akri
# kubeletDevicePlugins is the location of the kubelet device-plugin sockets
kubeletDevicePlugins: /var/lib/kubelet/device-plugins
# containerRuntimeSocket is the default node path of the container runtime socket.
# For MicroK8s, set to "/var/snap/microk8s/common/run/containerd.sock"
# For K3s, set to "/run/k3s/containerd/containerd.sock"
# For standard K8s, set to "/run/containerd/containerd.sock"
containerRuntimeSocket: ""
# udev is the node path of udev, usually at `/run/udev`
udev:
# allowDebugEcho dictates whether the Akri Agent will allow DebugEcho Configurations
allowDebugEcho: false
# nodeSelectors is the array of nodeSelectors used to target nodes for the Akri Agent to run on
# This can be set from the helm command line using `--set agent.nodeSelectors.label="value"`
nodeSelectors: {}
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 11Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 10m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 79Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 26m
custom:
configuration:
# enabled defines whether to load a custom configuration
enabled: false
# name is the Kubernetes resource name that will be created for this
# custom configuration
name: akri-custom
# discoveryHandlerName is the name of the Discovery Handler the Configuration is using
discoveryHandlerName:
# brokerProperties is a map of properties that will be passed to any instances
# created as a result of applying this custom configuration
brokerProperties: {}
# capacity is the capacity for any instances created as a result of
# applying this custom configuration
capacity: 1
# discoveryDetails is the string of discovery details that is
# passed to a Discovery Handler which can parse it into an expected format.
discoveryDetails: ""
brokerPod:
image:
# repository is the custom broker container reference
repository:
# tag is the custom broker image tag
tag: latest
# pullPolicy is the custom pull policy
pullPolicy: ""
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 11Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 10m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 24Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 24m
brokerJob:
# container used by custom
image:
# repository is the custom broker container reference
repository:
# tag is the custom broker image tag
tag: latest
# pullPolicy is the custom pull policy
pullPolicy: ""
# command to be executed in the Pod. An array of arguments. Can be set like:
# --set custom.configuration.brokerJob.command[0]="sh" \
# --set custom.configuration.brokerJob.command[1]="-c" \
# --set custom.configuration.brokerJob.command[2]="echo 'Hello World'"
command:
# restartPolicy for the Job. Can either be OnFailure or Never.
restartPolicy: OnFailure
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 11Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 10m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 24Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 24m
# backoffLimit defines the Kubernetes Job backoff failure policy. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job/#pod-backoff-failure-policy
backoffLimit: 2
# parallelism defines how many Pods of a Job should run in parallel. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job/#parallel-jobs
parallelism: 1
# completions defines how many Pods of a Job should successfully complete. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job
completions: 1
# createInstanceServices is specified if a service should automatically be
# created for each broker pod
createInstanceServices: true
instanceService:
# name is the description of the instance service
name: akri-custom-instance-service
# type is the service type of the instance service
type: ClusterIP
# port is the service port of the instance service
port: 6052
# targetPort is the service targetPort of the instance service
targetPort: 6052
# protocol is the service protocol of the instance service
protocol: TCP
# createConfigurationService is specified if a single service should automatically be
# created for all broker pods of a Configuration
createConfigurationService: true
configurationService:
# name is the description of the configuration service
name: akri-custom-configuration-service
# type is the service type of the instance service
type: ClusterIP
# port is the service port of the instance service
port: 6052
# targetPort is the service targetPort of the instance service
targetPort: 6052
# protocol is the service protocol of the instance service
protocol: TCP
# discovery defines a set of values for a custom discovery handler DaemonSet
discovery:
# exposes discovery handler name as akri.sh/discoveryHandlerName annotation on the DaemonSet
discoveryHandlerName: ''
# enabled defines whether discovery handler pods will be deployed in a slim Agent scenario
enabled: false
# name is the Kubernetes resource name that will be created for this
# custom Discovery Handler DaemonSet
name: akri-custom-discovery
image:
# repository is the custom broker container reference
repository:
# tag is the custom broker image tag
tag: latest
# pullPolicy is the pull policy
pullPolicy: ""
# useNetworkConnection specifies whether the discovery handler should make a networked connection
# with Agents, using its pod IP address when registering
useNetworkConnection: false
# port specifies (when useNetworkConnection is true) the port on which the discovery handler advertises its discovery service
port: 10000
# nodeSelectors is the array of nodeSelectors used to target nodes for the discovery handler to run on
# This can be set from the helm command line using `--set custom.discovery.nodeSelectors.label="value"`
nodeSelectors: {}
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 11Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 10m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 24Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 24m
debugEcho:
configuration:
# enabled defines whether to load a debugEcho configuration
enabled: false
# name is the Kubernetes resource name that will be created for this
# debugEcho configuration
name: akri-debug-echo
# brokerProperties is a map of properties that will be passed to any instances
# created as a result of applying this debugEcho configuration
brokerProperties: {}
# capacity is the capacity for any instances created as a result of
# applying this debugEcho configuration
capacity: 2
discoveryDetails:
# descriptions is the list of instances created as a result of
# applying this debugEcho configuration
descriptions:
- "foo0"
- "foo1"
# shared defines whether instances created as a result of
# applying this debugEcho configuration are shared
shared: true
brokerPod:
# container used by debugEcho
image:
# repository is the debugEcho broker container reference
repository:
# tag is the debugEcho broker image tag
tag: latest
# pullPolicy is the debugEcho pull policy
pullPolicy: ""
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 10Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 10m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 30Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 29m
brokerJob:
# container used by debugEcho
image:
# repository is the debugEcho broker container reference
repository:
# tag is the debugEcho broker image tag
tag: latest
# pullPolicy is the debugEcho pull policy
pullPolicy: ""
# command to be executed in the Pod. An array of arguments. Can be set like:
# --set debugEcho.configuration.brokerJob.command[0]="sh" \
# --set debugEcho.configuration.brokerJob.command[1]="-c" \
# --set debugEcho.configuration.brokerJob.command[2]="echo 'Hello World'" \
command:
# restartPolicy for the Job. Can either be OnFailure or Never.
restartPolicy: OnFailure
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 10Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 10m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 30Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 29m
# backoffLimit defines the Kubernetes Job backoff failure policy. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job/#pod-backoff-failure-policy
backoffLimit: 2
# parallelism defines how many Pods of a Job should run in parallel. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job/#parallel-jobs
parallelism: 1
# completions defines how many Pods of a Job should successfully complete. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job
completions: 1
# createInstanceServices is specified if a service should automatically be
# created for each broker pod
createInstanceServices: true
instanceService:
# name is the description of the instance service
name: akri-debug-echo-foo-instance-service
# type is the service type of the instance service
type: ClusterIP
# port is the service port of the instance service
port: 6052
# targetPort is the service targetPort of the instance service
targetPort: 6052
# protocol is the service protocol of the instance service
protocol: TCP
# createConfigurationService is specified if a single service should automatically be
# created for all broker pods of a Configuration
createConfigurationService: true
configurationService:
# name is the description of the configuration service
name: akri-debug-echo-foo-configuration-service
# type is the service type of the instance service
type: ClusterIP
# port is the service port of the instance service
port: 6052
# targetPort is the service targetPort of the instance service
targetPort: 6052
# protocol is the service protocol of the instance service
protocol: TCP
# discovery defines a set of values for a debugEcho discovery handler DaemonSet
discovery:
# enabled defines whether discovery handler pods will be deployed in a slim Agent scenario
enabled: false
image:
# repository is the container reference
repository: "%%IMG_REPO%%/akri-debug-echo-discovery-handler"
# tag is the container tag
# debug-echo-configuration.yaml will default to v(AppVersion)[-dev]
# with `-dev` added if `useDevelopmentContainers` is specified
tag:
# pullPolicy is the pull policy
pullPolicy: ""
# useNetworkConnection specifies whether the discovery handler should make a networked connection
# with Agents, using its pod IP address when registering
useNetworkConnection: false
# port specifies (when useNetworkConnection is true) the port on which the discovery handler advertises its discovery service
port: 10000
# nodeSelectors is the array of nodeSelectors used to target nodes for the discovery handler to run on
# This can be set from the helm command line using `--set debugEcho.discovery.nodeSelectors.label="value"`
nodeSelectors: {}
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 11Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 10m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 24Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 26m
onvif:
configuration:
# enabled defines whether to load a onvif configuration
enabled: false
# name is the Kubernetes resource name that will be created for this
# onvif configuration
name: akri-onvif
# brokerProperties is a map of properties that will be passed to any instances
# created as a result of applying this onvif configuration
brokerProperties: {}
discoveryDetails:
ipAddresses:
action: Exclude
items: []
macAddresses:
action: Exclude
items: []
scopes:
action: Exclude
items: []
uuids:
action: Exclude
items: []
discoveryTimeoutSeconds: 1
# discoveryProperties is a map of properties fthat will be passed to discovery handler,
# the properties can be direct specified or read from Secret or ConfigMap
discoveryProperties:
# capacity is the capacity for any instances created as a result of
# applying this onvif configuration
capacity: 1
brokerPod:
image:
# repository is the onvif broker container reference
repository:
# tag is the onvif broker image tag
tag: latest
# pullPolicy is the Akri onvif broker pull policy
pullPolicy: ""
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 98Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 134m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 400Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 2800m
brokerJob:
# container used by onvif
image:
# repository is the onvif broker container reference
repository:
# tag is the onvif broker image tag
tag: latest
# pullPolicy is the onvif pull policy
pullPolicy: ""
# command to be executed in the Pod. An array of arguments. Can be set like:
# --set onvif.configuration.brokerJob.command[0]="sh" \
# --set onvif.configuration.brokerJob.command[1]="-c" \
# --set onvif.configuration.brokerJob.command[2]="echo 'Hello World'"
command:
# restartPolicy for the Job. Can either be OnFailure or Never.
restartPolicy: OnFailure
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 98Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 134m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 400Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 2800m
# backoffLimit defines the Kubernetes Job backoff failure policy. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job/#pod-backoff-failure-policy
backoffLimit: 2
# parallelism defines how many Pods of a Job should run in parallel. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job/#parallel-jobs
parallelism: 1
# completions defines how many Pods of a Job should successfully complete. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job
completions: 1
# createInstanceServices is specified if a service should automatically be
# created for each broker pod
createInstanceServices: true
instanceService:
# name is the description of the instance service
name: akri-onvif-instance-service
# type is the service type of the instance service
type: ClusterIP
# portName is the name of the port
portName: grpc
# port is the service port of the instance service
port: 80
# targetPort is the service targetPort of the instance service
targetPort: 8083
# protocol is the service protocol of the instance service
protocol: TCP
# createConfigurationService is specified if a single service should automatically be
# created for all broker pods of a Configuration
createConfigurationService: true
configurationService:
# name is the description of the configuration service
name: akri-onvif-configuration-service
# type is the service type of the instance service
type: ClusterIP
# portName is the name of the port
portName: grpc
# port is the service port of the instance service
port: 80
# targetPort is the service targetPort of the instance service
targetPort: 8083
# protocol is the service protocol of the instance service
protocol: TCP
# discovery defines a set of values for a onvif discovery handler DaemonSet
discovery:
# enabled defines whether discovery handler pods will be deployed in a slim Agent scenario
enabled: false
image:
# repository is the container reference
repository: "%%IMG_REPO%%/akri-onvif-discovery-handler"
# tag is the container tag
# onvif-configuration.yaml will default to v(AppVersion)[-dev]
# with `-dev` added if `useDevelopmentContainers` is specified
tag:
# pullPolicy is the pull policy
pullPolicy: ""
# useNetworkConnection specifies whether the discovery handler should make a networked connection
# with Agents, using its pod IP address when registering
useNetworkConnection: false
# port specifies (when useNetworkConnection is true) the port on which the discovery handler advertises its discovery service
port: 10000
# nodeSelectors is the array of nodeSelectors used to target nodes for the discovery handler to run on
# This can be set from the helm command line using `--set onvif.discovery.nodeSelectors.label="value"`
nodeSelectors: {}
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 11Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 10m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 24Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 24m
opcua:
configuration:
# enabled defines whether to load an OPC UA configuration
enabled: false
# name is the Kubernetes resource name that will be created for this
# OPC UA configuration
name: akri-opcua
# brokerProperties is a map of properties that will be passed to any instances
# created as a result of applying this OPC UA configuration
brokerProperties: {}
discoveryDetails:
# discoveryUrls is a list of DiscoveryUrls for OPC UA servers
discoveryUrls:
- "opc.tcp://localhost:4840/"
# applicationNames is a filter applied to the discovered OPC UA servers to either exclusively
# include or exclude servers with application names in the applicationNames list.
applicationNames:
action: Exclude
items: []
# mountCertificates determines whether to mount into the broker pods k8s Secrets
# containing OPC UA client credentials for connecting to OPC UA severs with the
# same signing certificate authority.
# If set to false, the brokers will attempt to make an insecure connection with the servers.
mountCertificates: false
# capacity is the capacity for any instances created as a result of
# applying this OPC UA configuration
capacity: 1
brokerPod:
image:
# repository is the OPC UA broker container reference
repository:
# tag is the OPC UA broker image tag
tag: latest
# pullPolicy is the OPC UA broker pull policy
pullPolicy: ""
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 76Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 9m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 200Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 30m
brokerJob:
# container used by opcua
image:
# repository is the opcua broker container reference
repository:
# tag is the opcua broker image tag
tag: latest
# pullPolicy is the opcua pull policy
pullPolicy: ""
# command to be executed in the Pod. An array of arguments. Can be set like:
# --set opcua.configuration.brokerJob.command[0]="sh" \
# --set opcua.configuration.brokerJob.command[1]="-c" \
# --set opcua.configuration.brokerJob.command[2]="echo 'Hello World'"
command:
# restartPolicy for the Job. Can either be OnFailure or Never.
restartPolicy: OnFailure
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 76Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 9m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 200Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 30m
# backoffLimit defines the Kubernetes Job backoff failure policy. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job/#pod-backoff-failure-policy
backoffLimit: 2
# parallelism defines how many Pods of a Job should run in parallel. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job/#parallel-jobs
parallelism: 1
# completions defines how many Pods of a Job should successfully complete. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job
completions: 1
# createInstanceServices is specified if a service should automatically be
# created for each broker pod
createInstanceServices: true
instanceService:
# name is the description of the instance service
name: akri-opcua-instance-service
# type is the service type of the instance service
type: ClusterIP
# port is the service port of the instance service
port: 80
# targetPort is the service targetPort of the instance service
targetPort: 8083
# protocol is the service protocol of the instance service
protocol: TCP
# createConfigurationService is specified if a single service should automatically be
# created for all broker pods of a Configuration
createConfigurationService: true
configurationService:
# name is the description of the configuration service
name: akri-opcua-configuration-service
# type is the service type of the instance service
type: ClusterIP
# port is the service port of the instance service
port: 80
# targetPort is the service targetPort of the instance service
targetPort: 8083
# protocol is the service protocol of the instance service
protocol: TCP
# discovery defines a set of values for a opcua discovery handler DaemonSet
discovery:
# enabled defines whether discovery handler pods will be deployed in a slim Agent scenario
enabled: false
image:
# repository is the container reference
repository: "%%IMG_REPO%%/akri-opcua-discovery-handler"
# tag is the container tag
# opcua-configuration.yaml will default to v(AppVersion)[-dev]
# with `-dev` added if `useDevelopmentContainers` is specified
tag:
# pullPolicy is the pull policy
pullPolicy: ""
# useNetworkConnection specifies whether the discovery handler should make a networked connection
# with Agents, using its pod IP address when registering
useNetworkConnection: false
# port specifies (when useNetworkConnection is true) the port on which the discovery handler advertises its discovery service
port: 10000
# nodeSelectors is the array of nodeSelectors used to target nodes for the discovery handler to run on
# This can be set from the helm command line using `--set opcua.discovery.nodeSelectors.label="value"`
nodeSelectors: {}
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 11Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 10m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 24Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 24m
udev:
configuration:
# enabled defines whether to load a udev configuration
enabled: false
# name is the Kubernetes resource name that will be created for this
# udev configuration
name: akri-udev
# brokerProperties is a map of properties that will be passed to any instances
# created as a result of applying this udev configuration
brokerProperties: {}
discoveryDetails:
# groupRecursive defines whether to group discovered parent/children under the same instance
groupRecursive: false
# udevRules is the list of udev rules used to find instances created as a result of
# applying this udev configuration
udevRules:
# capacity is the capacity for any instances created as a result of
# applying this udev configuration
capacity: 1
brokerPod:
image:
# repository is the udev broker container reference
repository:
# tag is the udev broker image tag
tag: latest
# pullPolicy is the udev broker pull policy
pullPolicy: ""
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 10Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 10m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 30Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 29m
securityContext: {}
brokerJob:
# container used by udev
image:
# repository is the udev broker container reference
repository:
# tag is the udev broker image tag
tag: latest
# pullPolicy is the udev pull policy
pullPolicy: ""
# command to be executed in the Pod. An array of arguments. Can be set like:
# --set udev.configuration.brokerJob.command[0]="sh" \
# --set udev.configuration.brokerJob.command[1]="-c" \
# --set udev.configuration.brokerJob.command[2]="echo 'Hello World'"
command:
# restartPolicy for the Job. Can either be OnFailure or Never.
restartPolicy: OnFailure
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 10Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 10m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 30Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 29m
# backoffLimit defines the Kubernetes Job backoff failure policy. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job/#pod-backoff-failure-policy
backoffLimit: 2
# parallelism defines how many Pods of a Job should run in parallel. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job/#parallel-jobs
parallelism: 1
# completions defines how many Pods of a Job should successfully complete. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job
completions: 1
# createInstanceServices is specified if a service should automatically be
# created for each broker pod
createInstanceServices: true
instanceService:
# portName is the name of the port
portName: grpc
# type is the service type of the instance service
type: ClusterIP
# port is the service port of the instance service
port: 80
# targetPort is the service targetPort of the instance service
targetPort: 8083
# protocol is the service protocol of the instance service
protocol: TCP
# createConfigurationService is specified if a single service should automatically be
# created for all broker pods of a Configuration
createConfigurationService: true
configurationService:
# portName is the name of the port
portName: grpc
# type is the service type of the instance service
type: ClusterIP
# port is the service port of the instance service
port: 80
# targetPort is the service targetPort of the instance service
targetPort: 8083
# protocol is the service protocol of the instance service
protocol: TCP
# discovery defines a set of values for a udev discovery handler DaemonSet
discovery:
# enabled defines whether discovery handler pods will be deployed in a slim Agent scenario
enabled: false
image:
# repository is the container reference
repository: "%%IMG_REPO%%/akri-udev-discovery-handler"
# tag is the container tag
# udev-configuration.yaml will default to v(AppVersion)[-dev]
# with `-dev` added if `useDevelopmentContainers` is specified
tag:
# pullPolicy is the pull policy
pullPolicy: ""
# useNetworkConnection specifies whether the discovery handler should make a networked connection
# with Agents, using its pod IP address when registering
useNetworkConnection: false
# port specifies (when useNetworkConnection is true) the port on which the discovery handler advertises its discovery service
port: 10000
# nodeSelectors is the array of nodeSelectors used to target nodes for the discovery handler to run on
# This can be set from the helm command line using `--set udev.discovery.nodeSelectors.label="value"`
nodeSelectors: {}
host:
# udev is the node path of udev, usually at `/run/udev`
udev: /run/udev
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 11Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 10m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 24Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 24m
# Admission Controllers (Webhooks)
webhookConfiguration:
# enabled defines whether to apply the Akri Admission Controller (Webhook) for Akri Configurations
enabled: true
# name of the webhook
name: akri-webhook-configuration
# base64-encoded CA certificate (PEM) used by Kubernetes to validate the Webhook's certificate, if
# unset, will generate a self-signed certificate valid for 100y
caBundle: null
image:
# repository is the Akri Webhook for Configurations image reference
repository: "%%IMG_REPO%%/akri-webhook-configuration"
# tag is the container tag
# webhook-configuration.yaml will default to v(AppVersion)[-dev]
# with `-dev` added if `useDevelopmentContainers` is specified
tag:
# pullPolicy is the Akri Webhook pull policy
pullPolicy: Always
certImage:
# reference is the webhook-certgen image reference
reference: registry.k8s.io/ingress-nginx/kube-webhook-certgen
# tag is the webhook-certgen image tag
tag: v1.1.1
# pullPolicy is the webhook-certgen pull policy
pullPolicy: IfNotPresent
# onlyOnControlPlane dictates whether the Akri Webhook will only run on nodes with
# the label with (key, value) of ("node-role.kubernetes.io/master", "")
onlyOnControlPlane: false
# allowOnControlPlane dictates whether a toleration will be added to allow to Akri Webhook
# to run on the control plane node
allowOnControlPlane: true
# nodeSelectors is the array of nodeSelectors used to target nodes for the Akri Webhook to run on
# This can be set from the helm command line using `--set webhookConfiguration.nodeSelectors.label="value"`
nodeSelectors: {}
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 100Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 15m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 100Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 26m

View File

@ -0,0 +1,34 @@
#!BuildTag: akri-controller:latest
#!BuildTag: akri-controller:v%PACKAGE_VERSION%
#!BuildTag: akri-controller:v%PACKAGE_VERSION%-%RELEASE%
ARG SLE_VERSION
FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base
COPY --from=micro / /installroot/
RUN zypper --installroot /installroot --non-interactive install --no-recommends akri-controller
FROM micro AS final
# Define labels according to https://en.opensuse.org/Building_derived_containers
# labelprefix=com.suse.application.akri
LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
LABEL org.opencontainers.image.title="SLE Akri Controller Container Image"
LABEL org.opencontainers.image.description="akri-controller based on the SLE Base Container Image."
LABEL org.opencontainers.image.version="%PACKAGE_VERSION%"
LABEL org.opencontainers.image.url="https://www.suse.com/solutions/edge-computing/"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.vendor="SUSE LLC"
LABEL org.opensuse.reference="%%IMG_REPO%%/akri-controller:v%PACKAGE_VERSION%-%RELEASE%"
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL com.suse.supportlevel="techpreview"
LABEL com.suse.eula="SUSE Combined EULA February 2024"
LABEL com.suse.lifecycle-url="https://www.suse.com/lifecycle"
LABEL com.suse.image-type="application"
LABEL com.suse.release-stage="released"
# endlabelprefix
COPY --from=base /installroot /
ENV RUST_LOG agent,akri_debug_echo,akri_discovery_utils,akri_onvif,akri_opcua,akri_shared,akri_udev\
,controller,debug_echo_discovery_handler,onvif_discovery_handler,opcua_discovery_handler,udev_discovery_handler
ENTRYPOINT [ "/usr/bin/controller" ]

View File

@ -0,0 +1,15 @@
<services>
<service name="kiwi_metainfo_helper" mode="buildtime"/>
<service name="docker_label_helper" mode="buildtime"/>
<service name="replace_using_package_version" mode="buildtime">
<param name="file">Dockerfile</param>
<param name="regex">%PACKAGE_VERSION%</param>
<param name="package">akri-controller</param>
<param name="parse-version">patch</param>
</service>
<service name="replace_using_env" mode="buildtime">
<param name="file">Dockerfile</param>
<param name="eval">IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo)</param>
<param name="var">IMG_REPO</param>
</service>
</services>

View File

@ -0,0 +1,19 @@
#!BuildTag: akri-dashboard-extension-chart:1.0.0
#!BuildTag: akri-dashboard-extension-chart:1.0.0-%RELEASE%
annotations:
catalog.cattle.io/certified: rancher
catalog.cattle.io/display-name: Akri
catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.29.0-0'
catalog.cattle.io/namespace: cattle-ui-plugin-system
catalog.cattle.io/os: linux
catalog.cattle.io/permits-os: linux, windows
catalog.cattle.io/rancher-version: '>= v2.8.0'
catalog.cattle.io/scope: management
catalog.cattle.io/ui-component: plugins
apiVersion: v2
appVersion: 1.0.0
description: 'SUSE Edge: Akri extension for Rancher Dashboard'
icon: https://raw.githubusercontent.com/cncf/artwork/main/projects/akri/icon/color/akri-icon-color.svg
name: akri-dashboard-extension
type: application
version: 1.0.0

View File

@ -0,0 +1,6 @@
# SUSE Edge: Akri extension for Rancher Dashboard
An extension for Rancher Dashboard allowing to manage heterogenous leaf devices and their workloads.
For more information on SUSE Edge see https://suse-edge.github.io/ \
For more information on Kubevirt see https://docs.akri.sh/

View File

@ -0,0 +1,8 @@
<services>
<service mode="buildtime" name="kiwi_metainfo_helper"/>
<service name="replace_using_env" mode="buildtime">
<param name="file">values.yaml</param>
<param name="eval">IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo)</param>
<param name="var">IMG_REPO</param>
</service>
</services>

View File

@ -0,0 +1,52 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "extension-server.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "extension-server.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "extension-server.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "extension-server.labels" -}}
helm.sh/chart: {{ include "extension-server.chart" . }}
{{ include "extension-server.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "extension-server.selectorLabels" -}}
app.kubernetes.io/name: {{ include "extension-server.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

View File

@ -0,0 +1,12 @@
apiVersion: catalog.cattle.io/v1
kind: UIPlugin
metadata:
name: {{ include "extension-server.fullname" . }}
namespace: {{ .Release.Namespace }}
labels: {{ include "extension-server.labels" . | nindent 4 }}
spec:
plugin:
name: {{ include "extension-server.fullname" . }}
version: {{ (semver (default .Chart.AppVersion .Values.plugin.versionOverride)).Original }}
endpoint: https://raw.githubusercontent.com/suse-edge/dashboard-extensions/gh-pages/extensions/akri-dashboard-extension/1.0.0
noCache: {{ .Values.plugin.noCache }}

View File

@ -0,0 +1,6 @@
nameOverride: ""
fullnameOverride: ""
plugin:
enabled: true
versionOverride: ""
noCache: false

View File

@ -0,0 +1,34 @@
#!BuildTag: akri-debug-echo-discovery-handler:latest
#!BuildTag: akri-debug-echo-discovery-handler:v%PACKAGE_VERSION%
#!BuildTag: akri-debug-echo-discovery-handler:v%PACKAGE_VERSION%-%RELEASE%
ARG SLE_VERSION
FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base
COPY --from=micro / /installroot/
RUN zypper --installroot /installroot --non-interactive install --no-recommends akri-debug-echo-discovery-handler
FROM micro AS final
# Define labels according to https://en.opensuse.org/Building_derived_containers
# labelprefix=com.suse.application.akri
LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
LABEL org.opencontainers.image.title="SLE Akri Debug Echo Discovery Handler Container Image"
LABEL org.opencontainers.image.description="akri-debug-echo-discovery-handler based on the SLE Base Container Image."
LABEL org.opencontainers.image.version="%PACKAGE_VERSION%"
LABEL org.opencontainers.image.url="https://www.suse.com/solutions/edge-computing/"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.vendor="SUSE LLC"
LABEL org.opensuse.reference="%%IMG_REPO%%/akri-debug-echo-discovery-handler:v%PACKAGE_VERSION%-%RELEASE%"
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL com.suse.supportlevel="techpreview"
LABEL com.suse.eula="SUSE Combined EULA February 2024"
LABEL com.suse.lifecycle-url="https://www.suse.com/lifecycle"
LABEL com.suse.image-type="application"
LABEL com.suse.release-stage="released"
# endlabelprefix
COPY --from=base /installroot /
ENV RUST_LOG agent,akri_debug_echo,akri_discovery_utils,akri_onvif,akri_opcua,akri_shared,akri_udev\
,controller,debug_echo_discovery_handler,onvif_discovery_handler,opcua_discovery_handler,udev_discovery_handler
ENTRYPOINT [ "/usr/bin/debug-echo-discovery-handler" ]

View File

@ -0,0 +1,15 @@
<services>
<service name="kiwi_metainfo_helper" mode="buildtime"/>
<service name="docker_label_helper" mode="buildtime"/>
<service name="replace_using_package_version" mode="buildtime">
<param name="file">Dockerfile</param>
<param name="regex">%PACKAGE_VERSION%</param>
<param name="package">akri-debug-echo-discovery-handler</param>
<param name="parse-version">patch</param>
</service>
<service name="replace_using_env" mode="buildtime">
<param name="file">Dockerfile</param>
<param name="eval">IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo)</param>
<param name="var">IMG_REPO</param>
</service>
</services>

View File

@ -0,0 +1,34 @@
#!BuildTag: akri-onvif-discovery-handler:latest
#!BuildTag: akri-onvif-discovery-handler:v%PACKAGE_VERSION%
#!BuildTag: akri-onvif-discovery-handler:v%PACKAGE_VERSION%-%RELEASE%
ARG SLE_VERSION
FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base
COPY --from=micro / /installroot/
RUN zypper --installroot /installroot --non-interactive install --no-recommends akri-onvif-discovery-handler
FROM micro AS final
# Define labels according to https://en.opensuse.org/Building_derived_containers
# labelprefix=com.suse.application.akri
LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
LABEL org.opencontainers.image.title="SLE Akri ONVIF Discovery Handler Container Image"
LABEL org.opencontainers.image.description="akri-onvif-discovery-handler based on the SLE Base Container Image."
LABEL org.opencontainers.image.version="%PACKAGE_VERSION%"
LABEL org.opencontainers.image.url="https://www.suse.com/solutions/edge-computing/"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.vendor="SUSE LLC"
LABEL org.opensuse.reference="%%IMG_REPO%%/akri-onvif-discovery-handler:v%PACKAGE_VERSION%-%RELEASE%"
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL com.suse.supportlevel="techpreview"
LABEL com.suse.eula="SUSE Combined EULA February 2024"
LABEL com.suse.lifecycle-url="https://www.suse.com/lifecycle"
LABEL com.suse.image-type="application"
LABEL com.suse.release-stage="released"
# endlabelprefix
COPY --from=base /installroot /
ENV RUST_LOG agent,akri_debug_echo,akri_discovery_utils,akri_onvif,akri_opcua,akri_shared,akri_udev\
,controller,debug_echo_discovery_handler,onvif_discovery_handler,opcua_discovery_handler,udev_discovery_handler
ENTRYPOINT [ "/usr/bin/onvif-discovery-handler" ]

View File

@ -0,0 +1,15 @@
<services>
<service name="kiwi_metainfo_helper" mode="buildtime"/>
<service name="docker_label_helper" mode="buildtime"/>
<service name="replace_using_package_version" mode="buildtime">
<param name="file">Dockerfile</param>
<param name="regex">%PACKAGE_VERSION%</param>
<param name="package">akri-onvif-discovery-handler</param>
<param name="parse-version">patch</param>
</service>
<service name="replace_using_env" mode="buildtime">
<param name="file">Dockerfile</param>
<param name="eval">IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo)</param>
<param name="var">IMG_REPO</param>
</service>
</services>

View File

@ -0,0 +1,34 @@
#!BuildTag: akri-opcua-discovery-handler:latest
#!BuildTag: akri-opcua-discovery-handler:v%PACKAGE_VERSION%
#!BuildTag: akri-opcua-discovery-handler:v%PACKAGE_VERSION%-%RELEASE%
ARG SLE_VERSION
FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base
COPY --from=micro / /installroot/
RUN zypper --installroot /installroot --non-interactive install --no-recommends akri-opcua-discovery-handler
FROM micro AS final
# Define labels according to https://en.opensuse.org/Building_derived_containers
# labelprefix=com.suse.application.akri
LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
LABEL org.opencontainers.image.title="SLE Akri OPC-UA Discovery Handler Container Image"
LABEL org.opencontainers.image.description="akri-opcua-discovery-handler based on the SLE Base Container Image."
LABEL org.opencontainers.image.version="%PACKAGE_VERSION%"
LABEL org.opencontainers.image.url="https://www.suse.com/solutions/edge-computing/"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.vendor="SUSE LLC"
LABEL org.opensuse.reference="%%IMG_REPO%%/akri-opcua-discovery-handler:v%PACKAGE_VERSION%-%RELEASE%"
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL com.suse.supportlevel="techpreview"
LABEL com.suse.eula="SUSE Combined EULA February 2024"
LABEL com.suse.lifecycle-url="https://www.suse.com/lifecycle"
LABEL com.suse.image-type="application"
LABEL com.suse.release-stage="released"
# endlabelprefix
COPY --from=base /installroot /
ENV RUST_LOG agent,akri_debug_echo,akri_discovery_utils,akri_onvif,akri_opcua,akri_shared,akri_udev\
,controller,debug_echo_discovery_handler,onvif_discovery_handler,opcua_discovery_handler,udev_discovery_handler
ENTRYPOINT [ "/usr/bin/opcua-discovery-handler" ]

View File

@ -0,0 +1,15 @@
<services>
<service name="kiwi_metainfo_helper" mode="buildtime"/>
<service name="docker_label_helper" mode="buildtime"/>
<service name="replace_using_package_version" mode="buildtime">
<param name="file">Dockerfile</param>
<param name="regex">%PACKAGE_VERSION%</param>
<param name="package">akri-opcua-discovery-handler</param>
<param name="parse-version">patch</param>
</service>
<service name="replace_using_env" mode="buildtime">
<param name="file">Dockerfile</param>
<param name="eval">IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo)</param>
<param name="var">IMG_REPO</param>
</service>
</services>

View File

@ -0,0 +1,34 @@
#!BuildTag: akri-udev-discovery-handler:latest
#!BuildTag: akri-udev-discovery-handler:v%PACKAGE_VERSION%
#!BuildTag: akri-udev-discovery-handler:v%PACKAGE_VERSION%-%RELEASE%
ARG SLE_VERSION
FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base
COPY --from=micro / /installroot/
RUN zypper --installroot /installroot --non-interactive install --no-recommends akri-udev-discovery-handler
FROM micro AS final
# Define labels according to https://en.opensuse.org/Building_derived_containers
# labelprefix=com.suse.application.akri
LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
LABEL org.opencontainers.image.title="SLE Akri udev Discovery Handler Container Image"
LABEL org.opencontainers.image.description="akri-udev-discovery-handlert based on the SLE Base Container Image."
LABEL org.opencontainers.image.version="%PACKAGE_VERSION%"
LABEL org.opencontainers.image.url="https://www.suse.com/solutions/edge-computing/"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.vendor="SUSE LLC"
LABEL org.opensuse.reference="%%IMG_REPO%%/akri-udev-discovery-handler:v%PACKAGE_VERSION%-%RELEASE%"
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL com.suse.supportlevel="techpreview"
LABEL com.suse.eula="SUSE Combined EULA February 2024"
LABEL com.suse.lifecycle-url="https://www.suse.com/lifecycle"
LABEL com.suse.image-type="application"
LABEL com.suse.release-stage="released"
# endlabelprefix
COPY --from=base /installroot /
ENV RUST_LOG agent,akri_debug_echo,akri_discovery_utils,akri_onvif,akri_opcua,akri_shared,akri_udev\
,controller,debug_echo_discovery_handler,onvif_discovery_handler,opcua_discovery_handler,udev_discovery_handler
ENTRYPOINT [ "/usr/bin/udev-discovery-handler" ]

View File

@ -0,0 +1,15 @@
<services>
<service name="kiwi_metainfo_helper" mode="buildtime"/>
<service name="docker_label_helper" mode="buildtime"/>
<service name="replace_using_package_version" mode="buildtime">
<param name="file">Dockerfile</param>
<param name="regex">%PACKAGE_VERSION%</param>
<param name="package">akri-udev-discovery-handler</param>
<param name="parse-version">patch</param>
</service>
<service name="replace_using_env" mode="buildtime">
<param name="file">Dockerfile</param>
<param name="eval">IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo)</param>
<param name="var">IMG_REPO</param>
</service>
</services>

View File

@ -0,0 +1,34 @@
#!BuildTag: akri-webhook-configuration:latest
#!BuildTag: akri-webhook-configuration:v%PACKAGE_VERSION%
#!BuildTag: akri-webhook-configuration:v%PACKAGE_VERSION%-%RELEASE%
ARG SLE_VERSION
FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base
COPY --from=micro / /installroot/
RUN zypper --installroot /installroot --non-interactive install --no-recommends akri-webhook-configuration
FROM micro AS final
# Define labels according to https://en.opensuse.org/Building_derived_containers
# labelprefix=com.suse.application.akri
LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
LABEL org.opencontainers.image.title="SLE Akri Admission Controller Webhook Container Image"
LABEL org.opencontainers.image.description="akri-webhook-configuration based on the SLE Base Container Image."
LABEL org.opencontainers.image.version="%PACKAGE_VERSION%"
LABEL org.opencontainers.image.url="https://www.suse.com/solutions/edge-computing/"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.vendor="SUSE LLC"
LABEL org.opensuse.reference="%%IMG_REPO%%/akri-webhook-configuration:v%PACKAGE_VERSION%-%RELEASE%"
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL com.suse.supportlevel="techpreview"
LABEL com.suse.eula="SUSE Combined EULA February 2024"
LABEL com.suse.lifecycle-url="https://www.suse.com/lifecycle"
LABEL com.suse.image-type="application"
LABEL com.suse.release-stage="released"
# endlabelprefix
COPY --from=base /installroot /
ENV RUST_LOG agent,akri_debug_echo,akri_discovery_utils,akri_onvif,akri_opcua,akri_shared,akri_udev\
,controller,debug_echo_discovery_handler,onvif_discovery_handler,opcua_discovery_handler,udev_discovery_handler
ENTRYPOINT [ "/usr/bin/webhook-configuration" ]

View File

@ -0,0 +1,15 @@
<services>
<service name="kiwi_metainfo_helper" mode="buildtime"/>
<service name="docker_label_helper" mode="buildtime"/>
<service name="replace_using_package_version" mode="buildtime">
<param name="file">Dockerfile</param>
<param name="regex">%PACKAGE_VERSION%</param>
<param name="package">akri-webhook-configuration</param>
<param name="parse-version">patch</param>
</service>
<service name="replace_using_env" mode="buildtime">
<param name="file">Dockerfile</param>
<param name="eval">IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo)</param>
<param name="var">IMG_REPO</param>
</service>
</services>

11
akri/_constraints Normal file
View File

@ -0,0 +1,11 @@
<?xml version="1.0"?>
<constraints>
<hardware>
<physicalmemory>
<size unit="G">8</size>
</physicalmemory>
<disk>
<size unit="G">30</size>
</disk>
</hardware>
</constraints>

18
akri/_service Normal file
View File

@ -0,0 +1,18 @@
<services>
<service name="obs_scm" mode="manual">
<param name="scm">git</param>
<param name="url">https://github.com/project-akri/akri</param>
<param name="filename">akri</param>
<param name="version">_none_</param>
<param name="revision">58e2371f93ab229039d1916f3dd7b4810af202fa</param>
<param name="extract">version.txt</param>
</service>
<service name="cargo_vendor" mode="manual">
<param name="srcdir">akri</param>
</service>
<service name="tar" mode="buildtime" />
<service name="set_version" mode="buildtime" >
<param name="fromfile">version.txt</param>
<param name="regex">^(.*)$</param>
</service>
</services>

BIN
akri/akri.obscpio (Stored with Git LFS) Normal file

Binary file not shown.

4
akri/akri.obsinfo Normal file
View File

@ -0,0 +1,4 @@
name: akri
version:
mtime: 1705996748
commit: 58e2371f93ab229039d1916f3dd7b4810af202fa

94
akri/akri.spec Normal file
View File

@ -0,0 +1,94 @@
Name: akri
Version: 0
Release: 0
Summary: A Kubernetes Resource Interface for the Edge
License: Apache-2.0
URL: https://github.com/project-akri/akri
Source0: %{name}.tar
Source1: vendor.tar.zst
BuildRequires: cargo-packaging openssl-devel systemd-devel rust >= 1.68.1 protobuf-devel >= 3.19.1 libv4l-devel obs-service-set_version >= 0.5.14
%description
A Kubernetes Resource Interface for the Edge
%package agent
Summary: Device plugin agent for akri
Requires: cri-tools
%description agent
Device plugin agent for akri.
%package controller
Summary: akri controller
%description controller
akri controller
%package webhook-configuration
Summary: Admission webhook for akri.
%description webhook-configuration
Admission webhook for akri.
%package udev-discovery-handler
Summary: udev discovery handler for akri
%description udev-discovery-handler
%package opcua-discovery-handler
Summary: opcua discovery handler for akri
%description opcua-discovery-handler
%package onvif-discovery-handler
Summary: onvif discovery handler for akri
%description onvif-discovery-handler
%package debug-echo-discovery-handler
Summary: debug-echo discovery handler for akri
%description debug-echo-discovery-handler
%package metadata
Summary: Version metadata only for Akri
%description metadata
This package is empty and only serve as dummy package to
correctly get the version in image builds
%prep
%autosetup -n %{name} -a1
# Remove exec bits to prevent an issue in fedora shebang checking. Uncomment only if required.
# find vendor -type f -name \*.rs -exec chmod -x '{}' \;
%build
%{cargo_build}
%install
install -D -d -m 0755 %{buildroot}%{_bindir}
install -m 0755 %{_builddir}/%{name}/target/release/agent %{buildroot}%{_bindir}/agent
install -m 0755 %{_builddir}/%{name}/target/release/controller %{buildroot}%{_bindir}/controller
install -m 0755 %{_builddir}/%{name}/target/release/webhook-configuration %{buildroot}%{_bindir}/webhook-configuration
install -m 0755 %{_builddir}/%{name}/target/release/debug-echo-discovery-handler %{buildroot}%{_bindir}/debug-echo-discovery-handler
install -m 0755 %{_builddir}/%{name}/target/release/onvif-discovery-handler %{buildroot}%{_bindir}/onvif-discovery-handler
install -m 0755 %{_builddir}/%{name}/target/release/opcua-discovery-handler %{buildroot}%{_bindir}/opcua-discovery-handler
install -m 0755 %{_builddir}/%{name}/target/release/udev-discovery-handler %{buildroot}%{_bindir}/udev-discovery-handler
%files agent
%{_bindir}/agent
%files controller
%{_bindir}/controller
%files webhook-configuration
%{_bindir}/webhook-configuration
%files udev-discovery-handler
%{_bindir}/udev-discovery-handler
%files opcua-discovery-handler
%{_bindir}/opcua-discovery-handler
%files onvif-discovery-handler
%{_bindir}/onvif-discovery-handler
%files debug-echo-discovery-handler
%{_bindir}/debug-echo-discovery-handler
%files metadata
%changelog

BIN
akri/vendor.tar.zst (Stored with Git LFS) Normal file

Binary file not shown.

1
akri/version.txt Normal file
View File

@ -0,0 +1 @@
0.12.20

View File

@ -0,0 +1,31 @@
<services>
<service name="obs_scm">
<param name="url">https://github.com/metal3-io/baremetal-operator</param>
<param name="scm">git</param>
<param name="revision">v0.6.1</param>
<param name="version">_auto_</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>
<param name="changesauthor">steven.hardy@suse.com</param>
<param name="match-tag">v*</param>
<param name="versionrewrite-pattern">v(\d+\.\d+\.\d+)</param>
<param name="without-version">yes</param>
<param name="versionrewrite-replacement">\1</param>
</service>
<service mode="buildtime" name="tar" />
<service mode="buildtime" name="recompress">
<param name="file">*.tar</param>
<param name="compression">gz</param>
</service>
<service name="go_modules">
</service>
<service mode="buildtime" name="replace_using_env">
<param name="file">baremetal-operator.spec</param>
<param name="var">SOURCE_COMMIT</param>
<param name="eval">
SOURCE_COMMIT=$(grep commit *.obsinfo | cut -d" " -f2)
</param>
<param name="verbose">1</param>
</service>
<service mode="buildtime" name="set_version" />
</services>

View File

@ -0,0 +1,67 @@
#
# spec file for package baremetal-operator
#
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: baremetal-operator
Version: 0.6.1
Release: 0.6.1
Summary: Implements a Kubernetes API for managing bare metal hosts
License: Apache-2.0
URL: https://github.com/metal3-io/baremetal-operator
Source: baremetal-operator-%{version}.tar.gz
Source1: vendor.tar.gz
BuildRequires: golang(API) = 1.21
ExcludeArch: s390
ExcludeArch: %{ix86}
%description
The Bare Metal Operator implements a Kubernetes API for managing bare metal hosts.
It maintains an inventory of available hosts as instances of the BareMetalHost Custom Resource Definition.
The Bare Metal Operator knows how to:
Inspect the hosts hardware details and report them on the corresponding BareMetalHost.
This includes information about CPUs, RAM, disks, NICs, and more.
Provision hosts with a desired image.
Clean a hosts disk contents before or after provisioning.
More capabilities are being added regularly. See open issues and pull requests for more information on work in progress.
For more information about Metal³, the Bare Metal Operator, and other related components, see the Metal³ docs.
%prep
%autosetup -a1 -n baremetal-operator-%{version} -p1
%build
%define buildtime %(date +%%Y-%%m-%%dT%%H:%%M:%%S%%z)
%define buildcommit %%SOURCE_COMMIT%%
%define buildflags "-X github.com/metal3-io/baremetal-operator/pkg/version.Raw=%{version}\
-X github.com/metal3-io/baremetal-operator/pkg/version.BuildTime=%{buildtime}\
-X github.com/metal3-io/baremetal-operator/pkg/version.Commit=%{buildcommit}"
go build \
-mod=vendor \
-buildmode=pie \
-ldflags %{buildflags}
%install
install -D -m0755 baremetal-operator %{buildroot}%{_bindir}/baremetal-operator
%files
%license LICENSE
%doc README.md
%{_bindir}/baremetal-operator
%changelog

View File

@ -0,0 +1,23 @@
<services>
<service name="obs_scm">
<param name="url">https://github.com/kubernetes-sigs/cluster-api-operator</param>
<param name="scm">git</param>
<param name="revision">v0.12.0</param>
<param name="version">_auto_</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>
<param name="changesauthor">steven.hardy@suse.com</param>
<param name="match-tag">v*</param>
<param name="versionrewrite-pattern">v(\d+\.\d+\.\d+)</param>
<param name="without-version">yes</param>
<param name="versionrewrite-replacement">\1</param>
</service>
<service mode="buildtime" name="tar" />
<service mode="buildtime" name="recompress">
<param name="file">*.tar</param>
<param name="compression">gz</param>
</service>
<service name="go_modules">
</service>
<service mode="buildtime" name="set_version" />
</services>

View File

@ -0,0 +1,52 @@
#
# spec file for package cluster-api-operator
#
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: cluster-api-operator
Version: 0.12.0
Release: 0
Summary: Cluster API Core Controller
License: Apache-2.0
URL: https://github.com/kubernetes-sigs/cluster-api-operator
Source: cluster-api-operator-%{version}.tar.gz
Source1: vendor.tar.gz
BuildRequires: golang(API) = 1.21
ExcludeArch: s390
ExcludeArch: %{ix86}
%description
Cluster API operator
%prep
%autosetup -a1 -n cluster-api-operator-%{version}
%build
go build \
-mod=vendor \
-buildmode=pie \
-o cluster-api-operator cmd/main.go
%install
install -D -m0755 cluster-api-operator %{buildroot}%{_bindir}/cluster-api-operator-controller
%files
%license LICENSE
%doc README.md
%{_bindir}/cluster-api-operator-controller
%changelog

View File

@ -0,0 +1,23 @@
<services>
<service name="obs_scm">
<param name="url">https://github.com/metal3-io/cluster-api-provider-metal3</param>
<param name="scm">git</param>
<param name="revision">v1.7.1</param>
<param name="version">_auto_</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>
<param name="changesauthor">steven.hardy@suse.com</param>
<param name="match-tag">v*</param>
<param name="versionrewrite-pattern">v(\d+\.\d+\.\d+)</param>
<param name="without-version">yes</param>
<param name="versionrewrite-replacement">\1</param>
</service>
<service mode="buildtime" name="tar" />
<service mode="buildtime" name="recompress">
<param name="file">*.tar</param>
<param name="compression">gz</param>
</service>
<service name="go_modules">
</service>
<service mode="buildtime" name="set_version" />
</services>

View File

@ -0,0 +1,54 @@
#
# spec file for package cluster-api-provider-metal3
#
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: cluster-api-provider-metal3
Version: 1.7.1
Release: 0
Summary: Cluster API Infrastructure Provider for Metal3
License: Apache-2.0
URL: https://github.com/metal3-io/cluster-api-provider-metal3
Source: cluster-api-provider-metal3-%{version}.tar.gz
Source1: vendor.tar.gz
BuildRequires: golang(API) = 1.21
ExcludeArch: s390
ExcludeArch: %{ix86}
%description
Cluster API Provider Metal3 is one of the providers for Cluster API and enables
users to deploy a Cluster API based cluster on top of bare metal infrastructure
using Metal3.
%prep
%autosetup -a1 -n cluster-api-provider-metal3-%{version}
%build
go build \
-mod=vendor \
-buildmode=pie \
-a -ldflags '-extldflags "-static"'
%install
install -D -m0755 cluster-api-provider-metal3 %{buildroot}%{_bindir}/cluster-api-provider-metal3
%files
%license LICENSE
%doc README.md
%{_bindir}/cluster-api-provider-metal3
%changelog

View File

@ -0,0 +1,23 @@
<services>
<service name="obs_scm">
<param name="url">https://github.com/rancher-sandbox/cluster-api-provider-rke2</param>
<param name="scm">git</param>
<param name="revision">v0.7.0</param>
<param name="version">_auto_</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>
<param name="changesauthor">steven.hardy@suse.com</param>
<param name="match-tag">v*</param>
<param name="versionrewrite-pattern">v(\d+\.\d+\.\d+)</param>
<param name="without-version">yes</param>
<param name="versionrewrite-replacement">\1</param>
</service>
<service mode="buildtime" name="tar" />
<service mode="buildtime" name="recompress">
<param name="file">*.tar</param>
<param name="compression">gz</param>
</service>
<service name="go_modules">
</service>
<service mode="buildtime" name="set_version" />
</services>

View File

@ -0,0 +1,61 @@
#
# spec file for package cluster-api-provider-rke2
#
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: cluster-api-provider-rke2
Version: 0.7.0
Release: 0
Summary: Cluster API provider for RKE2
License: Apache-2.0
URL: https://github.com/rancher-sandbox/cluster-api-provider-rke2
Source: cluster-api-provider-rke2-%{version}.tar.gz
Source1: vendor.tar.gz
BuildRequires: golang(API) = 1.21
ExcludeArch: s390
ExcludeArch: %{ix86}
%description
Cluster API provider for RKE2
%package bootstrap
Summary: Cluster API bootstrap controller for RKE2
%description bootstrap
Cluster API bootstrap controller for RKE2
%package control-plane
Summary: Cluster API control-plane controller for RKE2
%description control-plane
Cluster API control-plane controller for RKE2
%prep
%autosetup -a1 -n cluster-api-provider-rke2-%{version}
%build
make managers
%install
install -D -m0755 bin/rke2-bootstrap-manager %{buildroot}%{_bindir}/rke2-bootstrap-manager
install -D -m0755 bin/rke2-control-plane-manager %{buildroot}%{_bindir}/rke2-control-plane-manager
%files bootstrap
%{_bindir}/rke2-bootstrap-manager
%files control-plane
%{_bindir}/rke2-control-plane-manager
%changelog

23
cluster-api/_service Normal file
View File

@ -0,0 +1,23 @@
<services>
<service name="obs_scm">
<param name="url">https://github.com/kubernetes-sigs/cluster-api</param>
<param name="scm">git</param>
<param name="revision">v1.7.5</param>
<param name="version">_auto_</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>
<param name="changesauthor">steven.hardy@suse.com</param>
<param name="match-tag">v*</param>
<param name="versionrewrite-pattern">v(\d+\.\d+\.\d+)</param>
<param name="without-version">yes</param>
<param name="versionrewrite-replacement">\1</param>
</service>
<service mode="buildtime" name="tar" />
<service mode="buildtime" name="recompress">
<param name="file">*.tar</param>
<param name="compression">gz</param>
</service>
<service name="go_modules">
</service>
<service mode="buildtime" name="set_version" />
</services>

View File

@ -0,0 +1,51 @@
#
# spec file for package cluster-api
#
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: cluster-api
Version: 1.7.5
Release: 0
Summary: Cluster API Core Controller
License: Apache-2.0
URL: https://github.com/kubernetes-sigs/cluster-api
Source: cluster-api-%{version}.tar.gz
Source1: vendor.tar.gz
BuildRequires: golang(API) = 1.21
ExcludeArch: s390
ExcludeArch: %{ix86}
%description
Cluster API core controller
%prep
%autosetup -a1 -n cluster-api-%{version}
%build
go build \
-mod=vendor \
-buildmode=pie \
%install
install -D -m0755 cluster-api %{buildroot}%{_bindir}/cluster-api-controller
%files
%license LICENSE
%doc README.md
%{_bindir}/cluster-api-controller
%changelog

20
cosign/_service Normal file
View File

@ -0,0 +1,20 @@
<services>
<service name="obs_scm">
<param name="url">https://github.com/rancher-government-carbide/cosign.git</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="scm">git</param>
<param name="exclude">.get</param>
<param name="revision">v2.2.3+carbide.2</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="changesgenerate">enable</param>
</service>
<service mode="buildtime" name="tar" />
<service mode="buildtime" name="recompress">
<param name="file">*.tar</param>
<param name="compression">gz</param>
</service>
<service mode="buildtime" name="set_version" />
<service name="go_modules">
<param name="compression">gz</param>
</service>
</services>

55
cosign/cosign.spec Normal file
View File

@ -0,0 +1,55 @@
#
# spec file for package cosign-rgs
#
# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%define project https://github.com/hauler-dev/cosign
%define revision 49542360ffb5de63f9d2f5856b658651d5538e40
Name: cosign
Version: 0
Release: 0
Summary: Container Signing, Verification and Storage in an OCI registry
License: Apache-2.0
URL: https://github.com/rancher-government-carbide/cosign
Source: cosign-%{version}.tar.gz
Source1: vendor.tar.gz
BuildRequires: golang-packaging
%description
%prep
%setup -q -a1 -n cosign-%{version}
%build
%goprep %{project}
DATE_FMT="+%%Y-%%m-%%dT%%H:%%M:%%SZ"
BUILD_DATE=$(date -u -d "@${SOURCE_DATE_EPOCH}" "${DATE_FMT}" 2>/dev/null || date -u -r "${SOURCE_DATE_EPOCH}" "${DATE_FMT}" 2>/dev/null || date -u "${DATE_FMT}")
CLI_PKG=sigs.k8s.io/release-utils/version
CLI_LDFLAGS="-X ${CLI_PKG}.gitVersion=%{version} -X ${CLI_PKG}.gitCommit=%{revision} -X ${CLI_PKG}.gitTreeState=release -X ${CLI_PKG}.buildDate=${BUILD_DATE}"
CGO_ENABLED=0 go build -mod=vendor -buildmode=pie -trimpath -ldflags "${CLI_LDFLAGS}" -o cosign ./cmd/cosign
%install
install -D -m 0755 cosign %{buildroot}%{_bindir}/cosign
%files
%license LICENSE
%doc *.md
%{_bindir}/cosign
%changelog

View File

@ -0,0 +1,21 @@
<services>
<service name="obs_scm">
<param name="url">https://github.com/suse-edge/edge-image-builder.git</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="scm">git</param>
<param name="exclude">.git</param>
<param name="revision">v1.1.0</param>
<param name="versionrewrite-pattern">v(\d+).(\d+).(\d+)</param>
<param name="versionrewrite-replacement">\1.\2.\3</param>
<param name="changesgenerate">enable</param>
</service>
<service mode="buildtime" name="tar" />
<service mode="buildtime" name="recompress">
<param name="file">*.tar</param>
<param name="compression">gz</param>
</service>
<service mode="buildtime" name="set_version" />
<service name="go_modules">
<param name="compression">gz</param>
</service>
</services>

View File

@ -0,0 +1,79 @@
#
# spec file for package edge-image-builder
#
# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: edge-image-builder-110
Version: 1.1.0
Release: 0
Summary: Edge Image Builder
License: Apache-2.0
URL: https://github.com/suse-edge/edge-image-builder
Source: edge-image-builder-%{version}.tar.gz
Source1: vendor.tar.gz
BuildRequires: golang(API) go1.22
BuildRequires: golang-packaging
BuildRequires: gpgme-devel
BuildRequires: device-mapper-devel
BuildRequires: libbtrfs-devel
Requires: xorriso
Requires: squashfs
Requires: libguestfs
Requires: kernel-default
Requires: e2fsprogs
Requires: parted
Requires: gptfdisk
Requires: btrfsprogs
Requires: guestfs-tools
Requires: lvm2
Requires: podman
Requires: createrepo_c
Requires: helm
Requires: hauler
Requires: nm-configurator
Requires: ca-certificates-suse
%description
Tool for creating and configuring a set of images to automate the deployment of Edge environments
%prep
%autosetup -a1 -n edge-image-builder-%{version}
%build
tar -xf %{SOURCE1}
MODULE=github.com/suse-edge/edge-image-builder
go build \
-mod=vendor \
-buildmode=pie \
-ldflags \
"-X $MODULE/pkg/version.version=v%{version}" \
-o eib ./cmd/eib
%install
install -D -m 0755 eib %{buildroot}%{_bindir}/eib
%files
%license LICENSE
%doc README.md
%{_bindir}/eib
%changelog

View File

@ -0,0 +1,26 @@
#!BuildTag: endpoint-copier-operator-chart:0.2.0
#!BuildTag: endpoint-copier-operator-chart:0.2.0-%RELEASE%
apiVersion: v2
name: endpoint-copier-operator
description: A Helm chart for Kubernetes
# A chart can be either an 'application' or a 'library' chart.
#
# Application charts are a collection of templates that can be packaged into versioned archives
# to be deployed.
#
# Library charts provide useful utilities or functions for the chart developer. They're included as
# a dependency of application charts to inject those utilities and functions into the rendering
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.2.0
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: "v0.2.0"

View File

@ -0,0 +1,8 @@
<services>
<service mode="buildtime" name="kiwi_metainfo_helper"/>
<service name="replace_using_env" mode="buildtime">
<param name="file">values.yaml</param>
<param name="eval">IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo)</param>
<param name="var">IMG_REPO</param>
</service>
</services>

View File

@ -0,0 +1,62 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "endpoint-copier-operator.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "endpoint-copier-operator.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "endpoint-copier-operator.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "endpoint-copier-operator.labels" -}}
helm.sh/chart: {{ include "endpoint-copier-operator.chart" . }}
{{ include "endpoint-copier-operator.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "endpoint-copier-operator.selectorLabels" -}}
app.kubernetes.io/name: {{ include "endpoint-copier-operator.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "endpoint-copier-operator.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "endpoint-copier-operator.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

View File

@ -0,0 +1,49 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "endpoint-copier-operator.fullname" . }}
labels:
{{- include "endpoint-copier-operator.labels" . | nindent 4 }}
spec:
selector:
matchLabels:
{{- include "endpoint-copier-operator.selectorLabels" . | nindent 6 }}
{{- if not .Values.autoscaling.enabled }}
replicas: {{ .Values.replicaCount }}
{{- end }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "endpoint-copier-operator.selectorLabels" . | nindent 8 }}
spec:
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- command:
- /manager
args:
- --leader-elect
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
name: manager
securityContext:
{{- toYaml .Values.securityContext | nindent 10 }}
livenessProbe:
httpGet:
path: /healthz
port: 8081
initialDelaySeconds: 15
periodSeconds: 20
readinessProbe:
httpGet:
path: /readyz
port: 8081
initialDelaySeconds: 5
periodSeconds: 10
resources:
{{- toYaml .Values.resources | nindent 10 }}
serviceAccountName: {{ include "endpoint-copier-operator.serviceAccountName" . }}
terminationGracePeriodSeconds: 10

View File

@ -0,0 +1,9 @@
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "endpoint-copier-operator.fullname" . }}
spec:
maxUnavailable: 1
selector:
matchLabels:
{{- include "endpoint-copier-operator.selectorLabels" . | nindent 6 }}

View File

@ -0,0 +1,39 @@
# permissions to do leader election.
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
labels:
{{- include "endpoint-copier-operator.labels" . | nindent 4 }}
name: {{ include "endpoint-copier-operator.fullname" . }}-leader-election
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch

View File

@ -0,0 +1,14 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
{{- include "endpoint-copier-operator.labels" . | nindent 4 }}
name: {{ include "endpoint-copier-operator.fullname" . }}-leader-election
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: {{ include "endpoint-copier-operator.fullname" . }}-leader-election
subjects:
- kind: ServiceAccount
name: {{ include "endpoint-copier-operator.fullname" . }}
namespace: {{ .Release.Namespace }}

View File

@ -0,0 +1,42 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
{{- include "endpoint-copier-operator.labels" . | nindent 4 }}
name: {{ include "endpoint-copier-operator.fullname" . }}
rules:
- apiGroups:
- ""
resources:
- endpoints
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- endpoints/finalizers
verbs:
- update
- apiGroups:
- ""
resources:
- endpoints/status
verbs:
- get
- patch
- update
- apiGroups:
- ""
resources:
- services
verbs:
- get
- list
- watch

View File

@ -0,0 +1,14 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
{{- include "endpoint-copier-operator.labels" . | nindent 4 }}
name: {{ include "endpoint-copier-operator.fullname" . }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ include "endpoint-copier-operator.fullname" . }}
subjects:
- kind: ServiceAccount
name: {{ include "endpoint-copier-operator.fullname" . }}
namespace: {{ .Release.Namespace }}

View File

@ -0,0 +1,12 @@
{{- if .Values.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "endpoint-copier-operator.serviceAccountName" . }}
labels:
{{- include "endpoint-copier-operator.labels" . | nindent 4 }}
{{- with .Values.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

View File

@ -0,0 +1,44 @@
# Default values for endpoint-copier-operator.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount: 2
image:
repository: "%%IMG_REPO%%/endpoint-copier-operator"
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
tag: ""
nameOverride: "endpoint-copier-operator"
fullnameOverride: "endpoint-copier-operator"
serviceAccount:
# Specifies whether a service account should be created
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: "endpoint-copier-operator"
podAnnotations: {}
podSecurityContext:
runAsNonRoot: true
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- "ALL"
resources:
limits:
cpu: 500m
memory: 128Mi
requests:
cpu: 10m
memory: 64Mi
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 100
targetCPUUtilizationPercentage: 80
# targetMemoryUtilizationPercentage: 80
nodeSelector: {}
tolerations: []
affinity: {}

View File

@ -0,0 +1,35 @@
# SPDX-License-Identifier: Apache-2.0
#!BuildTag: endpoint-copier-operator:v%%endpoint-copier-operator_version%%
#!BuildTag: endpoint-copier-operator:v%%endpoint-copier-operator_version%%-%RELEASE%
#!BuildTag: endpoint-copier-operator:latest
#!BuildVersion: 15.5
ARG SLE_VERSION
FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base
COPY --from=micro / /installroot/
RUN zypper --installroot /installroot --non-interactive install --no-recommends endpoint-copier-operator; zypper -n clean; rm -rf /var/log/*
FROM micro AS final
# Define labels according to https://en.opensuse.org/Building_derived_containers
# labelprefix=com.suse.application.endpoint-copier-operator
LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
LABEL org.opencontainers.image.title="SLE endpoint-copier-operator Container Image"
LABEL org.opencontainers.image.description="endpoint-copier-operator based on the SLE Base Container Image."
LABEL org.opencontainers.image.version="%%endpoint-copier-operator_version%%"
LABEL org.opencontainers.image.url="https://www.suse.com/products/server/"
LABEL org.opencontainers.image.created="%BUILDTIME%"
LABEL org.opencontainers.image.vendor="SUSE LLC"
LABEL org.opensuse.reference="%%IMG_REPO%%/endpoint-copier-operator:v%%endpoint-copier-operator_version%%-%RELEASE%"
LABEL org.openbuildservice.disturl="%DISTURL%"
LABEL com.suse.supportlevel="l3"
LABEL com.suse.eula="SUSE Combined EULA February 2024"
LABEL com.suse.lifecycle-url="https://www.suse.com/lifecycle"
LABEL com.suse.image-type="application"
LABEL com.suse.release-stage="released"
# endlabelprefix
#Install endpoint-copier-operator
COPY --from=base /installroot /
USER 65532:65532
ENTRYPOINT ["/usr/bin/manager"]

View File

@ -0,0 +1,15 @@
<services>
<service mode="buildtime" name="kiwi_metainfo_helper"/>
<service mode="buildtime" name="docker_label_helper"/>
<service name="replace_using_package_version" mode="buildtime">
<param name="file">Dockerfile</param>
<param name="regex">%%endpoint-copier-operator_version%%</param>
<param name="package">endpoint-copier-operator</param>
<param name="parse-version">patch</param>
</service>
<service name="replace_using_env" mode="buildtime">
<param name="file">Dockerfile</param>
<param name="eval">IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo)</param>
<param name="var">IMG_REPO</param>
</service>
</services>

View File

@ -0,0 +1,23 @@
<services>
<service name="obs_scm">
<param name="url">https://github.com/suse-edge/endpoint-copier-operator</param>
<param name="scm">git</param>
<param name="revision">v0.2.0</param>
<param name="version">_auto_</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>
<param name="changesauthor">kristian.zhelyazkov@suse.com</param>
<param name="match-tag">v*</param>
<param name="versionrewrite-pattern">v(\d+\.\d+\.\d+)</param>
<param name="without-version">yes</param>
<param name="versionrewrite-replacement">\1</param>
</service>
<service mode="buildtime" name="tar" />
<service mode="buildtime" name="recompress">
<param name="file">*.tar</param>
<param name="compression">gz</param>
</service>
<service name="go_modules">
</service>
<service mode="buildtime" name="set_version" />
</services>

View File

@ -0,0 +1,54 @@
#
# spec file for package endpoint-copier-operator
#
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: endpoint-copier-operator
Version: 0.2.0
Release: 0.2.0
Summary: Implements a Kubernetes API for copying endpoint resources
License: Apache-2.0
URL: https://github.com/suse-edge/endpoint-copier-operator
Source: endpoint-copier-operator-%{version}.tar.gz
Source1: vendor.tar.gz
BuildRequires: golang(API) = 1.20
ExcludeArch: s390
ExcludeArch: %{ix86}
%description
This is an Kubernetes operator whose purpose is to create a copy of the default Kubernetes Service (as LoadBalancer type)
and Endpoint and to keep them synced.
%prep
%autosetup -a1 -n endpoint-copier-operator-%{version}
%build
go build \
-mod=vendor \
-buildmode=pie \
-a \
-o endpoint-copier-operator \
cmd/main.go
%install
install -D -m0755 endpoint-copier-operator %{buildroot}/manager
%files
%license LICENSE
%doc README.md
/manager
%changelog

23
frr-k8s/_service Normal file
View File

@ -0,0 +1,23 @@
<services>
<service name="obs_scm">
<param name="url">https://github.com/metallb/frr-k8s</param>
<param name="scm">git</param>
<param name="revision">v0.0.14</param>
<param name="version">_auto_</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>
<param name="changesauthor">kristian.zhelyazkov@suse.com</param>
<param name="match-tag">v*</param>
<param name="versionrewrite-pattern">v(\d+\.\d+\.\d+)</param>
<param name="without-version">yes</param>
<param name="versionrewrite-replacement">\1</param>
</service>
<service mode="buildtime" name="tar" />
<service mode="buildtime" name="recompress">
<param name="file">*.tar</param>
<param name="compression">gz</param>
</service>
<service name="go_modules">
</service>
<service mode="buildtime" name="set_version" />
</services>

66
frr-k8s/frr-k8s.spec Normal file
View File

@ -0,0 +1,66 @@
#
# spec file for package endpoint-copier-operator
#
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: frr-k8s
Version: 0.0.14
Release: 0.0.14
Summary: A kubernetes based daemonset that exposes a subset of the FRR API in a kubernetes compliant manner.
License: Apache-2.0
URL: https://github.com/metallb/frr-k8s
Source: frr-k8s-%{version}.tar.gz
Source1: vendor.tar.gz
BuildRequires: golang(API) = 1.22
ExcludeArch: s390
ExcludeArch: %{ix86}
%description
A kubernetes based daemonset that exposes a subset of the FRR API in a kubernetes compliant manner.
The rationale behind the creation of this project is to allow multiple actors to share a single FRR instance running on kubernetes nodes.
%prep
%autosetup -a1 -n frr-k8s-%{version}
%build
go build \
-mod=vendor \
-buildmode=pie \
-a \
-o frr-metrics \
frr-tools/metrics/exporter.go
go build \
-mod=vendor \
-buildmode=pie \
-a \
-o frr-k8s \
cmd/main.go
%install
install -D -m0755 frr-tools/reloader/frr-reloader.sh %{buildroot}/frr-reloader.sh
install -D -m0755 frr-metrics %{buildroot}/frr-metrics
install -D -m0755 frr-k8s %{buildroot}/frr-k8s
%files
%license LICENSE
%doc README.md
/frr-reloader.sh
/frr-metrics
/frr-k8s
%changelog

20
hauler/_service Normal file
View File

@ -0,0 +1,20 @@
<services>
<service name="obs_scm">
<param name="url">https://github.com/hauler-dev/hauler.git</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="scm">git</param>
<param name="exclude">.get</param>
<param name="revision">v1.0.7</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="changesgenerate">enable</param>
</service>
<service mode="buildtime" name="tar" />
<service mode="buildtime" name="recompress">
<param name="file">*.tar</param>
<param name="compression">gz</param>
</service>
<service mode="buildtime" name="set_version" />
<service name="go_modules">
<param name="compression">gz</param>
</service>
</services>

57
hauler/hauler.spec Normal file
View File

@ -0,0 +1,57 @@
#
# spec file for package hauler
#
# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%define project github.com/hauler-dev/hauler
Name: hauler
Version: 1.0.7
Release: 0
Summary: Airgap Swiss Army Knife
License: Apache-2.0
URL: https://github.com/hauler-dev/hauler
Source: hauler-%{version}.tar.gz
Source1: vendor.tar.gz
BuildRequires: golang-packaging
BuildRequires: cosign
%description
%prep
%setup -q -n hauler-%{version}
%build
%goprep %{project}
tar -xf %{SOURCE1}
mkdir cmd/hauler/binaries
cp `which cosign` cmd/hauler/binaries/cosign-linux-%{go_arch}
go build -mod=vendor -buildmode=pie -o hauler ./cmd/hauler
%install
install -D -m 0755 hauler %{buildroot}%{_bindir}/hauler
%files
%doc README.md
%{_bindir}/hauler
%changelog

View File

@ -0,0 +1,23 @@
<services>
<service name="obs_scm">
<param name="url">https://github.com/metal3-io/ip-address-manager</param>
<param name="scm">git</param>
<param name="revision">v1.7.1</param>
<param name="version">_auto_</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>
<param name="changesauthor">steven.hardy@suse.com</param>
<param name="match-tag">v*</param>
<param name="versionrewrite-pattern">v(\d+\.\d+\.\d+)</param>
<param name="without-version">yes</param>
<param name="versionrewrite-replacement">\1</param>
</service>
<service mode="buildtime" name="tar" />
<service mode="buildtime" name="recompress">
<param name="file">*.tar</param>
<param name="compression">gz</param>
</service>
<service name="go_modules">
</service>
<service mode="buildtime" name="set_version" />
</services>

View File

@ -0,0 +1,51 @@
#
# spec file for package ip-address-manager
#
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: ip-address-manager
Version: 1.7.1
Release: 0
Summary: Metal3 IPAM controller
License: Apache-2.0
URL: https://github.com/metal3-io/ip-address-manager
Source: ip-address-manager-%{version}.tar.gz
Source1: vendor.tar.gz
BuildRequires: golang(API) = 1.21
ExcludeArch: s390
ExcludeArch: %{ix86}
%description
Metal3 IPAM controller
%prep
%autosetup -a1 -n ip-address-manager-%{version}
%build
go build \
-mod=vendor \
-buildmode=pie \
%install
install -D -m0755 ip-address-manager %{buildroot}%{_bindir}/ip-address-manager
%files
%license LICENSE
%doc README.md
%{_bindir}/ip-address-manager
%changelog

23
kube-rbac-proxy/_service Normal file
View File

@ -0,0 +1,23 @@
<services>
<service name="obs_scm">
<param name="url">https://github.com/brancz/kube-rbac-proxy</param>
<param name="scm">git</param>
<param name="revision">v0.18.0</param>
<param name="version">_auto_</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>
<param name="changesauthor">kristian.zhelyazkov@suse.com</param>
<param name="match-tag">v*</param>
<param name="versionrewrite-pattern">v(\d+\.\d+\.\d+)</param>
<param name="without-version">yes</param>
<param name="versionrewrite-replacement">\1</param>
</service>
<service mode="buildtime" name="tar" />
<service mode="buildtime" name="recompress">
<param name="file">*.tar</param>
<param name="compression">gz</param>
</service>
<service name="go_modules">
</service>
<service mode="buildtime" name="set_version" />
</services>

View File

@ -0,0 +1,56 @@
#
# spec file for package kube-rbac-proxy
#
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: kube-rbac-proxy
Version: 0.18.0
Release: 0.18.0
Summary: The kube-rbac-proxy is a small HTTP proxy for a single upstream
License: Apache-2.0
URL: https://github.com/brancz/kube-rbac-proxy
Source: kube-rbac-proxy-%{version}.tar.gz
Source1: vendor.tar.gz
BuildRequires: golang(API) = 1.22
ExcludeArch: s390
ExcludeArch: %{ix86}
%description
The kube-rbac-proxy is a small HTTP proxy for a single upstream,
that can perform RBAC authorization against the Kubernetes API using SubjectAccessReview.
%prep
%autosetup -a1 -n kube-rbac-proxy-%{version}
%build
CGO_ENABLED=0\
go build \
--installsuffix cgo \
-mod=vendor \
-buildmode=pie \
-a \
-o $HOME/go/bin/kube-rbac-proxy \
github.com/brancz/kube-rbac-proxy/cmd/kube-rbac-proxy
%install
install -D -m 0755 $HOME/go/bin/kube-rbac-proxy %{buildroot}/
%files
%license LICENSE
%doc README.md
/kube-rbac-proxy
%changelog

39
kubectl/kubectl.spec Normal file
View File

@ -0,0 +1,39 @@
%global debug_package %{nil}
Name: kubectl-1303
Version: 1.30.3
Release: 0
Summary: Command-line utility for interacting with a Kubernetes cluster
%if "%{_vendor}" == "debbuild"
Group: admin
%endif
Packager: Kubernetes Authors <dev@kubernetes.io>
License: Apache-2.0
URL: https://kubernetes.io
Source0: kubectl_%{version}.orig.tar.gz
%description
%{summary}.
%prep
%setup -q -c
%build
# Nothing to build
%install
# Detect host arch
KUBE_ARCH="$(uname -m)"
# Install binaries
mkdir -p %{buildroot}%{_bindir}
install -p -m 755 ${KUBE_ARCH}/kubectl %{buildroot}%{_bindir}/kubectl
%files
%{_bindir}/kubectl
%license LICENSE
%doc README.md
%changelog

BIN
kubectl/kubectl_1.30.3.orig.tar.gz (Stored with Git LFS) Normal file

Binary file not shown.

23
metallb/_service Normal file
View File

@ -0,0 +1,23 @@
<services>
<service name="obs_scm">
<param name="url">https://github.com/metallb/metallb</param>
<param name="scm">git</param>
<param name="revision">v0.14.8</param>
<param name="version">_auto_</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>
<param name="changesauthor">kristian.zhelyazkov@suse.com</param>
<param name="match-tag">v*</param>
<param name="versionrewrite-pattern">v(\d+\.\d+\.\d+)</param>
<param name="without-version">yes</param>
<param name="versionrewrite-replacement">\1</param>
</service>
<service mode="buildtime" name="tar" />
<service mode="buildtime" name="recompress">
<param name="file">*.tar</param>
<param name="compression">gz</param>
</service>
<service name="go_modules">
</service>
<service mode="buildtime" name="set_version" />
</services>

80
metallb/metallb.spec Normal file
View File

@ -0,0 +1,80 @@
#
# spec file for package metallb
#
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: metallb
Version: 0.14.8
Release: 0.14.8
Summary: Load Balancer for bare metal Kubernetes clusters
License: Apache-2.0
URL: https://github.com/metallb/metallb
Source: %{name}-%{version}.tar.gz
Source1: vendor.tar.gz
BuildRequires: golang(API) = 1.22
ExcludeArch: s390
ExcludeArch: %{ix86}
%define version_suffix 0148
%description
MetalLB is a load-balancer implementation for bare metal Kubernetes clusters, using standard routing protocols.
%package controller-%{version_suffix}
Summary: MetalLB controller binary
Group: System/Management
%description controller-%{version_suffix}
MetalLB is a load-balancer implementation for bare metal Kubernetes clusters, using standard routing protocols.
This package contains the controller binary.
%package speaker-%{version_suffix}
Summary: MetalLB speaker binary
Group: System/Management
%description speaker-%{version_suffix}
MetalLB is a load-balancer implementation for bare metal Kubernetes clusters, using standard routing protocols.
This package contains the speaker binary.
%prep
%autosetup -p1 -a1
# Add frr-tools/reloader
cp ./frr-tools/reloader/frr-reloader.sh frr-reloader.sh
%build
go install -v -mod vendor -buildmode=pie ./controller ./speaker ./frr-tools/metrics
mv $HOME/go/bin/metrics $HOME/go/bin/frr-metrics
%install
# Install the binary.
mkdir -p %{buildroot}%{_sbindir}/
install -D -m 0755 $HOME/go/bin/controller %{buildroot}/
install -D -m 0755 $HOME/go/bin/speaker %{buildroot}/
install -D -m 0755 $HOME/go/bin/frr-metrics %{buildroot}/
install -D -m 0755 frr-reloader.sh %{buildroot}/
%files controller-%{version_suffix}
%license LICENSE
/controller
%files speaker-%{version_suffix}
%license LICENSE
/speaker
/frr-metrics
/frr-reloader.sh
%changelog

1
nm-configurator/.gitattributes vendored Normal file
View File

@ -0,0 +1 @@
*.obscpio filter=lfs diff=lfs merge=lfs -text

18
nm-configurator/_service Normal file
View File

@ -0,0 +1,18 @@
<services>
<service mode="manual" name="obs_scm">
<param name="url">https://github.com/suse-edge/nm-configurator.git</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="scm">git</param>
<param name="revision">v0.3.1</param>
<param name="match-tag">*</param>
<param name="versionrewrite-pattern">v(\d+\.\d+\.\d+)</param>
<param name="versionrewrite-replacement">\1</param>
<param name="changesgenerate">enable</param>
</service>
<service mode="buildtime" name="tar" />
<service mode="buildtime" name="set_version"/>
<service mode="manual" name="cargo_vendor">
<param name="src">nm-configurator</param>
<param name="compression">xz</param>
</service>
</services>

Some files were not shown because too many files have changed in this diff Show More