diff --git a/operators/ack-elbv2-controller/1.0.1/bundle.Dockerfile b/operators/ack-elbv2-controller/1.0.1/bundle.Dockerfile new file mode 100644 index 00000000000..644d34a4a2d --- /dev/null +++ b/operators/ack-elbv2-controller/1.0.1/bundle.Dockerfile @@ -0,0 +1,21 @@ +FROM scratch + +# Core bundle labels. +LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1 +LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ +LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ +LABEL operators.operatorframework.io.bundle.package.v1=ack-elbv2-controller +LABEL operators.operatorframework.io.bundle.channels.v1=alpha +LABEL operators.operatorframework.io.bundle.channel.default.v1=alpha +LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.28.0 +LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1 +LABEL operators.operatorframework.io.metrics.project_layout=unknown + +# Labels for testing. +LABEL operators.operatorframework.io.test.mediatype.v1=scorecard+v1 +LABEL operators.operatorframework.io.test.config.v1=tests/scorecard/ + +# Copy files to locations specified by labels. +COPY bundle/manifests /manifests/ +COPY bundle/metadata /metadata/ +COPY bundle/tests/scorecard /tests/scorecard/ diff --git a/operators/ack-elbv2-controller/1.0.1/manifests/ack-elbv2-controller.clusterserviceversion.yaml b/operators/ack-elbv2-controller/1.0.1/manifests/ack-elbv2-controller.clusterserviceversion.yaml new file mode 100644 index 00000000000..713466f0b13 --- /dev/null +++ b/operators/ack-elbv2-controller/1.0.1/manifests/ack-elbv2-controller.clusterserviceversion.yaml @@ -0,0 +1,320 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "elbv2.services.k8s.aws/v1alpha1", + "kind": "Listener", + "metadata": { + "name": "example" + }, + "spec": {} + }, + { + "apiVersion": "elbv2.services.k8s.aws/v1alpha1", + "kind": "LoadBalancer", + "metadata": { + "name": "example" + }, + "spec": {} + }, + { + "apiVersion": "elbv2.services.k8s.aws/v1alpha1", + "kind": "Rule", + "metadata": { + "name": "example" + }, + "spec": {} + }, + { + "apiVersion": "elbv2.services.k8s.aws/v1alpha1", + "kind": "TargetGroup", + "metadata": { + "name": "example" + }, + "spec": {} + } + ] + capabilities: Basic Install + categories: Cloud Provider + certified: "false" + containerImage: public.ecr.aws/aws-controllers-k8s/elbv2-controller:1.0.1 + createdAt: "2024-10-12T00:18:10Z" + description: AWS ELB controller is a service controller for managing ELB resources + in Kubernetes + operatorframework.io/suggested-namespace: ack-system + operators.operatorframework.io/builder: operator-sdk-v1.28.0 + operators.operatorframework.io/project_layout: unknown + repository: https://github.com/aws-controllers-k8s + support: Community + labels: + operatorframework.io/arch.amd64: supported + operatorframework.io/arch.arm64: supported + operatorframework.io/os.linux: supported + name: ack-elbv2-controller.v1.0.1 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: Listener represents the state of an AWS elbv2 Listener resource. + displayName: Listener + kind: Listener + name: listeners.elbv2.services.k8s.aws + version: v1alpha1 + - description: LoadBalancer represents the state of an AWS elbv2 LoadBalancer + resource. + displayName: LoadBalancer + kind: LoadBalancer + name: loadbalancers.elbv2.services.k8s.aws + version: v1alpha1 + - description: Rule represents the state of an AWS elbv2 Rule resource. + displayName: Rule + kind: Rule + name: rules.elbv2.services.k8s.aws + version: v1alpha1 + - description: TargetGroup represents the state of an AWS elbv2 TargetGroup resource. + displayName: TargetGroup + kind: TargetGroup + name: targetgroups.elbv2.services.k8s.aws + version: v1alpha1 + description: |- + Manage Amazon Elastic Load Balancing (ELB) resources in AWS from within your Kubernetes cluster. + + **About Amazon ELB** + + Elastic Load Balancing automatically distributes your incoming traffic across multiple targets, such as EC2 instances, containers, and IP addresses, in one or more Availability Zones. It monitors the health of its registered targets, and routes traffic only to the healthy targets. Elastic Load Balancing scales your load balancer capacity automatically in response to changes in incoming traffic. + + **About the AWS Controllers for Kubernetes** + + This controller is a component of the [AWS Controller for Kubernetes](https://github.com/aws/aws-controllers-k8s) project. + + **Pre-Installation Steps** + + Please follow the following link: [Red Hat OpenShift](https://aws-controllers-k8s.github.io/community/docs/user-docs/openshift/) + displayName: AWS Controllers for Kubernetes - Amazon ELB + icon: + - base64data: PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4KPCEtLSBHZW5lcmF0b3I6IEFkb2JlIElsbHVzdHJhdG9yIDE5LjAuMSwgU1ZHIEV4cG9ydCBQbHVnLUluIC4gU1ZHIFZlcnNpb246IDYuMDAgQnVpbGQgMCkgIC0tPgo8c3ZnIHZlcnNpb249IjEuMSIgaWQ9IkxheWVyXzEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgeG1sbnM6eGxpbms9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmsiIHg9IjBweCIgeT0iMHB4IiB2aWV3Qm94PSIwIDAgMzA0IDE4MiIgc3R5bGU9ImVuYWJsZS1iYWNrZ3JvdW5kOm5ldyAwIDAgMzA0IDE4MjsiIHhtbDpzcGFjZT0icHJlc2VydmUiPgo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPgoJLnN0MHtmaWxsOiMyNTJGM0U7fQoJLnN0MXtmaWxsLXJ1bGU6ZXZlbm9kZDtjbGlwLXJ1bGU6ZXZlbm9kZDtmaWxsOiNGRjk5MDA7fQo8L3N0eWxlPgo8Zz4KCTxwYXRoIGNsYXNzPSJzdDAiIGQ9Ik04Ni40LDY2LjRjMCwzLjcsMC40LDYuNywxLjEsOC45YzAuOCwyLjIsMS44LDQuNiwzLjIsNy4yYzAuNSwwLjgsMC43LDEuNiwwLjcsMi4zYzAsMS0wLjYsMi0xLjksM2wtNi4zLDQuMiAgIGMtMC45LDAuNi0xLjgsMC45LTIuNiwwLjljLTEsMC0yLTAuNS0zLTEuNEM3Ni4yLDkwLDc1LDg4LjQsNzQsODYuOGMtMS0xLjctMi0zLjYtMy4xLTUuOWMtNy44LDkuMi0xNy42LDEzLjgtMjkuNCwxMy44ICAgYy04LjQsMC0xNS4xLTIuNC0yMC03LjJjLTQuOS00LjgtNy40LTExLjItNy40LTE5LjJjMC04LjUsMy0xNS40LDkuMS0yMC42YzYuMS01LjIsMTQuMi03LjgsMjQuNS03LjhjMy40LDAsNi45LDAuMywxMC42LDAuOCAgIGMzLjcsMC41LDcuNSwxLjMsMTEuNSwyLjJ2LTcuM2MwLTcuNi0xLjYtMTIuOS00LjctMTZjLTMuMi0zLjEtOC42LTQuNi0xNi4zLTQuNmMtMy41LDAtNy4xLDAuNC0xMC44LDEuM2MtMy43LDAuOS03LjMsMi0xMC44LDMuNCAgIGMtMS42LDAuNy0yLjgsMS4xLTMuNSwxLjNjLTAuNywwLjItMS4yLDAuMy0xLjYsMC4zYy0xLjQsMC0yLjEtMS0yLjEtMy4xdi00LjljMC0xLjYsMC4yLTIuOCwwLjctMy41YzAuNS0wLjcsMS40LTEuNCwyLjgtMi4xICAgYzMuNS0xLjgsNy43LTMuMywxMi42LTQuNWM0LjktMS4zLDEwLjEtMS45LDE1LjYtMS45YzExLjksMCwyMC42LDIuNywyNi4yLDguMWM1LjUsNS40LDguMywxMy42LDguMywyNC42VjY2LjR6IE00NS44LDgxLjYgICBjMy4zLDAsNi43LTAuNiwxMC4zLTEuOGMzLjYtMS4yLDYuOC0zLjQsOS41LTYuNGMxLjYtMS45LDIuOC00LDMuNC02LjRjMC42LTIuNCwxLTUuMywxLTguN3YtNC4yYy0yLjktMC43LTYtMS4zLTkuMi0xLjcgICBjLTMuMi0wLjQtNi4zLTAuNi05LjQtMC42Yy02LjcsMC0xMS42LDEuMy0xNC45LDRjLTMuMywyLjctNC45LDYuNS00LjksMTEuNWMwLDQuNywxLjIsOC4yLDMuNywxMC42ICAgQzM3LjcsODAuNCw0MS4yLDgxLjYsNDUuOCw4MS42eiBNMTI2LjEsOTIuNGMtMS44LDAtMy0wLjMtMy44LTFjLTAuOC0wLjYtMS41LTItMi4xLTMuOUw5Ni43LDEwLjJjLTAuNi0yLTAuOS0zLjMtMC45LTQgICBjMC0xLjYsMC44LTIuNSwyLjQtMi41aDkuOGMxLjksMCwzLjIsMC4zLDMuOSwxYzAuOCwwLjYsMS40LDIsMiwzLjlsMTYuOCw2Ni4ybDE1LjYtNjYuMmMwLjUtMiwxLjEtMy4zLDEuOS0zLjljMC44LTAuNiwyLjItMSw0LTEgICBoOGMxLjksMCwzLjIsMC4zLDQsMWMwLjgsMC42LDEuNSwyLDEuOSwzLjlsMTUuOCw2N2wxNy4zLTY3YzAuNi0yLDEuMy0zLjMsMi0zLjljMC44LTAuNiwyLjEtMSwzLjktMWg5LjNjMS42LDAsMi41LDAuOCwyLjUsMi41ICAgYzAsMC41LTAuMSwxLTAuMiwxLjZjLTAuMSwwLjYtMC4zLDEuNC0wLjcsMi41bC0yNC4xLDc3LjNjLTAuNiwyLTEuMywzLjMtMi4xLDMuOWMtMC44LDAuNi0yLjEsMS0zLjgsMWgtOC42Yy0xLjksMC0zLjItMC4zLTQtMSAgIGMtMC44LTAuNy0xLjUtMi0xLjktNEwxNTYsMjNsLTE1LjQsNjQuNGMtMC41LDItMS4xLDMuMy0xLjksNGMtMC44LDAuNy0yLjIsMS00LDFIMTI2LjF6IE0yNTQuNiw5NS4xYy01LjIsMC0xMC40LTAuNi0xNS40LTEuOCAgIGMtNS0xLjItOC45LTIuNS0xMS41LTRjLTEuNi0wLjktMi43LTEuOS0zLjEtMi44Yy0wLjQtMC45LTAuNi0xLjktMC42LTIuOHYtNS4xYzAtMi4xLDAuOC0zLjEsMi4zLTMuMWMwLjYsMCwxLjIsMC4xLDEuOCwwLjMgICBjMC42LDAuMiwxLjUsMC42LDIuNSwxYzMuNCwxLjUsNy4xLDIuNywxMSwzLjVjNCwwLjgsNy45LDEuMiwxMS45LDEuMmM2LjMsMCwxMS4yLTEuMSwxNC42LTMuM2MzLjQtMi4yLDUuMi01LjQsNS4yLTkuNSAgIGMwLTIuOC0wLjktNS4xLTIuNy03Yy0xLjgtMS45LTUuMi0zLjYtMTAuMS01LjJMMjQ2LDUyYy03LjMtMi4zLTEyLjctNS43LTE2LTEwLjJjLTMuMy00LjQtNS05LjMtNS0xNC41YzAtNC4yLDAuOS03LjksMi43LTExLjEgICBjMS44LTMuMiw0LjItNiw3LjItOC4yYzMtMi4zLDYuNC00LDEwLjQtNS4yYzQtMS4yLDguMi0xLjcsMTIuNi0xLjdjMi4yLDAsNC41LDAuMSw2LjcsMC40YzIuMywwLjMsNC40LDAuNyw2LjUsMS4xICAgYzIsMC41LDMuOSwxLDUuNywxLjZjMS44LDAuNiwzLjIsMS4yLDQuMiwxLjhjMS40LDAuOCwyLjQsMS42LDMsMi41YzAuNiwwLjgsMC45LDEuOSwwLjksMy4zdjQuN2MwLDIuMS0wLjgsMy4yLTIuMywzLjIgICBjLTAuOCwwLTIuMS0wLjQtMy44LTEuMmMtNS43LTIuNi0xMi4xLTMuOS0xOS4yLTMuOWMtNS43LDAtMTAuMiwwLjktMTMuMywyLjhjLTMuMSwxLjktNC43LDQuOC00LjcsOC45YzAsMi44LDEsNS4yLDMsNy4xICAgYzIsMS45LDUuNywzLjgsMTEsNS41bDE0LjIsNC41YzcuMiwyLjMsMTIuNCw1LjUsMTUuNSw5LjZjMy4xLDQuMSw0LjYsOC44LDQuNiwxNGMwLDQuMy0wLjksOC4yLTIuNiwxMS42ICAgYy0xLjgsMy40LTQuMiw2LjQtNy4zLDguOGMtMy4xLDIuNS02LjgsNC4zLTExLjEsNS42QzI2NC40LDk0LjQsMjU5LjcsOTUuMSwyNTQuNiw5NS4xeiIvPgoJPGc+CgkJPHBhdGggY2xhc3M9InN0MSIgZD0iTTI3My41LDE0My43Yy0zMi45LDI0LjMtODAuNywzNy4yLTEyMS44LDM3LjJjLTU3LjYsMC0xMDkuNS0yMS4zLTE0OC43LTU2LjdjLTMuMS0yLjgtMC4zLTYuNiwzLjQtNC40ICAgIGM0Mi40LDI0LjYsOTQuNywzOS41LDE0OC44LDM5LjVjMzYuNSwwLDc2LjYtNy42LDExMy41LTIzLjJDMjc0LjIsMTMzLjYsMjc4LjksMTM5LjcsMjczLjUsMTQzLjd6Ii8+CgkJPHBhdGggY2xhc3M9InN0MSIgZD0iTTI4Ny4yLDEyOC4xYy00LjItNS40LTI3LjgtMi42LTM4LjUtMS4zYy0zLjIsMC40LTMuNy0yLjQtMC44LTQuNWMxOC44LTEzLjIsNDkuNy05LjQsNTMuMy01ICAgIGMzLjYsNC41LTEsMzUuNC0xOC42LDUwLjJjLTIuNywyLjMtNS4zLDEuMS00LjEtMS45QzI4Mi41LDE1NS43LDI5MS40LDEzMy40LDI4Ny4yLDEyOC4xeiIvPgoJPC9nPgo8L2c+Cjwvc3ZnPg== + mediatype: image/svg+xml + install: + spec: + clusterPermissions: + - rules: + - apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list + - patch + - watch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - ec2.services.k8s.aws + resources: + - securitygroups + - securitygroups/status + - subnets + - subnets/status + - vpcs + - vpcs/status + verbs: + - get + - list + - apiGroups: + - elbv2.services.k8s.aws + resources: + - listeners + - loadbalancers + - rules + - targetgroups + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - elbv2.services.k8s.aws + resources: + - listeners/status + - loadbalancers/status + - rules/status + - targetgroups/status + verbs: + - get + - patch + - update + - apiGroups: + - services.k8s.aws + resources: + - adoptedresources + - fieldexports + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - services.k8s.aws + resources: + - adoptedresources/status + - fieldexports/status + verbs: + - get + - patch + - update + serviceAccountName: ack-elbv2-controller + deployments: + - label: + app.kubernetes.io/name: ack-elbv2-controller + app.kubernetes.io/part-of: ack-system + name: ack-elbv2-controller + spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: ack-elbv2-controller + strategy: {} + template: + metadata: + labels: + app.kubernetes.io/name: ack-elbv2-controller + spec: + containers: + - args: + - --aws-region + - $(AWS_REGION) + - --aws-endpoint-url + - $(AWS_ENDPOINT_URL) + - --enable-development-logging=$(ACK_ENABLE_DEVELOPMENT_LOGGING) + - --log-level + - $(ACK_LOG_LEVEL) + - --resource-tags + - $(ACK_RESOURCE_TAGS) + - --watch-namespace + - $(ACK_WATCH_NAMESPACE) + - --enable-leader-election=$(ENABLE_LEADER_ELECTION) + - --leader-election-namespace + - $(LEADER_ELECTION_NAMESPACE) + - --reconcile-default-max-concurrent-syncs + - $(RECONCILE_DEFAULT_MAX_CONCURRENT_SYNCS) + command: + - ./bin/controller + env: + - name: ACK_SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + envFrom: + - configMapRef: + name: ack-elbv2-user-config + optional: false + - secretRef: + name: ack-elbv2-user-secrets + optional: true + image: public.ecr.aws/aws-controllers-k8s/elbv2-controller:1.0.1 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: controller + ports: + - containerPort: 8080 + name: http + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 100m + memory: 300Mi + requests: + cpu: 100m + memory: 200Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + runAsNonRoot: true + dnsPolicy: ClusterFirst + securityContext: + seccompProfile: + type: RuntimeDefault + serviceAccountName: ack-elbv2-controller + terminationGracePeriodSeconds: 10 + permissions: + - rules: + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + serviceAccountName: ack-elbv2-controller + strategy: deployment + installModes: + - supported: true + type: OwnNamespace + - supported: true + type: SingleNamespace + - supported: true + type: MultiNamespace + - supported: true + type: AllNamespaces + keywords: + - elbv2 + - aws + - amazon + - ack + links: + - name: AWS Controllers for Kubernetes + url: https://github.com/aws-controllers-k8s/community + - name: Documentation + url: https://aws-controllers-k8s.github.io/community/ + - name: Amazon ELB Developer Resources + url: https://aws.amazon.com/elasticloadbalancing + maintainers: + - email: ack-maintainers@amazon.com + name: elb maintainer team + maturity: alpha + provider: + name: Amazon, Inc. + url: https://aws.amazon.com + version: 1.0.1 diff --git a/operators/ack-elbv2-controller/1.0.1/manifests/ack-elbv2-metrics-service_v1_service.yaml b/operators/ack-elbv2-controller/1.0.1/manifests/ack-elbv2-metrics-service_v1_service.yaml new file mode 100644 index 00000000000..e695218a921 --- /dev/null +++ b/operators/ack-elbv2-controller/1.0.1/manifests/ack-elbv2-metrics-service_v1_service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + name: ack-elbv2-metrics-service +spec: + ports: + - name: metricsport + port: 8080 + protocol: TCP + targetPort: http + selector: + app.kubernetes.io/name: ack-elbv2-controller + type: NodePort +status: + loadBalancer: {} diff --git a/operators/ack-elbv2-controller/1.0.1/manifests/ack-elbv2-reader_rbac.authorization.k8s.io_v1_role.yaml b/operators/ack-elbv2-controller/1.0.1/manifests/ack-elbv2-reader_rbac.authorization.k8s.io_v1_role.yaml new file mode 100644 index 00000000000..56c7d70ade2 --- /dev/null +++ b/operators/ack-elbv2-controller/1.0.1/manifests/ack-elbv2-reader_rbac.authorization.k8s.io_v1_role.yaml @@ -0,0 +1,17 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + creationTimestamp: null + name: ack-elbv2-reader +rules: +- apiGroups: + - elbv2.services.k8s.aws + resources: + - listeners + - loadbalancers + - rules + - targetgroups + verbs: + - get + - list + - watch diff --git a/operators/ack-elbv2-controller/1.0.1/manifests/ack-elbv2-writer_rbac.authorization.k8s.io_v1_role.yaml b/operators/ack-elbv2-controller/1.0.1/manifests/ack-elbv2-writer_rbac.authorization.k8s.io_v1_role.yaml new file mode 100644 index 00000000000..9855a2814b3 --- /dev/null +++ b/operators/ack-elbv2-controller/1.0.1/manifests/ack-elbv2-writer_rbac.authorization.k8s.io_v1_role.yaml @@ -0,0 +1,32 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + creationTimestamp: null + name: ack-elbv2-writer +rules: +- apiGroups: + - elbv2.services.k8s.aws + resources: + - listeners + - loadbalancers + - rules + - targetgroups + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - elbv2.services.k8s.aws + resources: + - listeners + - loadbalancers + - rules + - targetgroups + verbs: + - get + - patch + - update diff --git a/operators/ack-elbv2-controller/1.0.1/manifests/elbv2.services.k8s.aws_listeners.yaml b/operators/ack-elbv2-controller/1.0.1/manifests/elbv2.services.k8s.aws_listeners.yaml new file mode 100644 index 00000000000..d8edbefdd58 --- /dev/null +++ b/operators/ack-elbv2-controller/1.0.1/manifests/elbv2.services.k8s.aws_listeners.yaml @@ -0,0 +1,403 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.2 + creationTimestamp: null + name: listeners.elbv2.services.k8s.aws +spec: + group: elbv2.services.k8s.aws + names: + kind: Listener + listKind: ListenerList + plural: listeners + singular: listener + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Listener is the Schema for the Listeners API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + ListenerSpec defines the desired state of Listener. + + Information about a listener. + properties: + alpnPolicy: + description: |- + [TLS listeners] The name of the Application-Layer Protocol Negotiation (ALPN) + policy. You can specify one policy name. The following are the possible values: + + * HTTP1Only + + * HTTP2Only + + * HTTP2Optional + + * HTTP2Preferred + + * None + + For more information, see ALPN policies (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/create-tls-listener.html#alpn-policies) + in the Network Load Balancers Guide. + items: + type: string + type: array + certificates: + description: |- + [HTTPS and TLS listeners] The default certificate for the listener. You must + provide exactly one certificate. Set CertificateArn to the certificate ARN + but do not set IsDefault. + items: + description: Information about an SSL server certificate. + properties: + certificateARN: + type: string + isDefault: + type: boolean + type: object + type: array + defaultActions: + description: The actions for the default rule. + items: + description: |- + Information about an action. + + Each rule must include exactly one of the following types of actions: forward, + fixed-response, or redirect, and it must be the last action to be performed. + properties: + authenticateCognitoConfig: + description: |- + Request parameters to use when integrating with Amazon Cognito to authenticate + users. + properties: + authenticationRequestExtraParams: + additionalProperties: + type: string + type: object + onUnauthenticatedRequest: + type: string + scope: + type: string + sessionCookieName: + type: string + sessionTimeout: + format: int64 + type: integer + userPoolARN: + type: string + userPoolClientID: + type: string + userPoolDomain: + type: string + type: object + authenticateOIDCConfig: + description: |- + Request parameters when using an identity provider (IdP) that is compliant + with OpenID Connect (OIDC) to authenticate users. + properties: + authenticationRequestExtraParams: + additionalProperties: + type: string + type: object + authorizationEndpoint: + type: string + clientID: + type: string + clientSecret: + type: string + issuer: + type: string + onUnauthenticatedRequest: + type: string + scope: + type: string + sessionCookieName: + type: string + sessionTimeout: + format: int64 + type: integer + tokenEndpoint: + type: string + useExistingClientSecret: + type: boolean + userInfoEndpoint: + type: string + type: object + fixedResponseConfig: + description: Information about an action that returns a custom + HTTP response. + properties: + contentType: + type: string + messageBody: + type: string + statusCode: + type: string + type: object + forwardConfig: + description: Information about a forward action. + properties: + targetGroupStickinessConfig: + description: Information about the target group stickiness + for a rule. + properties: + durationSeconds: + format: int64 + type: integer + enabled: + type: boolean + type: object + targetGroups: + items: + description: |- + Information about how traffic will be distributed between multiple target + groups in a forward rule. + properties: + targetGroupARN: + type: string + targetGroupRef: + description: Reference field for TargetGroupARN + properties: + from: + description: |- + AWSResourceReference provides all the values necessary to reference another + k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + namespace: + type: string + type: object + type: object + weight: + format: int64 + type: integer + type: object + type: array + type: object + order: + format: int64 + type: integer + redirectConfig: + description: |- + Information about a redirect action. + + A URI consists of the following components: protocol://hostname:port/path?query. + You must modify at least one of the following components to avoid a redirect + loop: protocol, hostname, port, or path. Any components that you do not modify + retain their original values. + + You can reuse URI components using the following reserved keywords: + + * #{protocol} + + * #{host} + + * #{port} + + * #{path} (the leading "/" is removed) + + * #{query} + + For example, you can change the path to "/new/#{path}", the hostname to "example.#{host}", + or the query to "#{query}&value=xyz". + properties: + host: + type: string + path: + type: string + port: + type: string + protocol: + type: string + query: + type: string + statusCode: + type: string + type: object + targetGroupARN: + type: string + targetGroupRef: + description: Reference field for TargetGroupARN + properties: + from: + description: |- + AWSResourceReference provides all the values necessary to reference another + k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + namespace: + type: string + type: object + type: object + type: + type: string + type: object + type: array + loadBalancerARN: + description: The Amazon Resource Name (ARN) of the load balancer. + type: string + loadBalancerRef: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference\ntype to provide more user friendly syntax + for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t + \ name: my-api" + properties: + from: + description: |- + AWSResourceReference provides all the values necessary to reference another + k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + namespace: + type: string + type: object + type: object + mutualAuthentication: + description: The mutual authentication configuration information. + properties: + ignoreClientCertificateExpiry: + type: boolean + mode: + type: string + trustStoreARN: + type: string + type: object + port: + description: |- + The port on which the load balancer is listening. You cannot specify a port + for a Gateway Load Balancer. + format: int64 + type: integer + protocol: + description: |- + The protocol for connections from clients to the load balancer. For Application + Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load + Balancers, the supported protocols are TCP, TLS, UDP, and TCP_UDP. You can’t + specify the UDP or TCP_UDP protocol if dual-stack mode is enabled. You cannot + specify a protocol for a Gateway Load Balancer. + type: string + sslPolicy: + description: |- + [HTTPS and TLS listeners] The security policy that defines which protocols + and ciphers are supported. + + For more information, see Security policies (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies) + in the Application Load Balancers Guide and Security policies (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/create-tls-listener.html#describe-ssl-policies) + in the Network Load Balancers Guide. + type: string + tags: + description: The tags to assign to the listener. + items: + description: Information about a tag. + properties: + key: + type: string + value: + type: string + type: object + type: array + required: + - defaultActions + type: object + status: + description: ListenerStatus defines the observed state of Listener + properties: + ackResourceMetadata: + description: |- + All CRs managed by ACK have a common `Status.ACKResourceMetadata` member + that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: |- + ARN is the Amazon Resource Name for the resource. This is a + globally-unique identifier and is set only by the ACK service controller + once the controller has orchestrated the creation of the resource OR + when it has verified that an "adopted" resource (a resource where the + ARN annotation was set by the Kubernetes user on the CR) exists and + matches the supplied CR's Spec field values. + https://github.com/aws/aws-controllers-k8s/issues/270 + type: string + ownerAccountID: + description: |- + OwnerAccountID is the AWS Account ID of the account that owns the + backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + conditions: + description: |- + All CRS managed by ACK have a common `Status.Conditions` member that + contains a collection of `ackv1alpha1.Condition` objects that describe + the various terminal states of the CR and its backend AWS service API + resource + items: + description: |- + Condition is the common struct used by all CRDs managed by ACK service + controllers to indicate terminal states of the CR and its backend AWS + service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-elbv2-controller/1.0.1/manifests/elbv2.services.k8s.aws_loadbalancers.yaml b/operators/ack-elbv2-controller/1.0.1/manifests/elbv2.services.k8s.aws_loadbalancers.yaml new file mode 100644 index 00000000000..ee73265af88 --- /dev/null +++ b/operators/ack-elbv2-controller/1.0.1/manifests/elbv2.services.k8s.aws_loadbalancers.yaml @@ -0,0 +1,355 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.2 + creationTimestamp: null + name: loadbalancers.elbv2.services.k8s.aws +spec: + group: elbv2.services.k8s.aws + names: + kind: LoadBalancer + listKind: LoadBalancerList + plural: loadbalancers + singular: loadbalancer + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: LoadBalancer is the Schema for the LoadBalancers API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + LoadBalancerSpec defines the desired state of LoadBalancer. + + Information about a load balancer. + properties: + attributes: + description: The load balancer attributes. + items: + description: Information about a load balancer attribute. + properties: + key: + type: string + value: + type: string + type: object + type: array + customerOwnedIPv4Pool: + description: |- + [Application Load Balancers on Outposts] The ID of the customer-owned address + pool (CoIP pool). + type: string + ipAddressType: + description: |- + The type of IP addresses used by the subnets for your load balancer. The + possible values are ipv4 (for IPv4 addresses) and dualstack (for IPv4 and + IPv6 addresses). + type: string + name: + description: |- + The name of the load balancer. + + This name must be unique per region per account, can have a maximum of 32 + characters, must contain only alphanumeric characters or hyphens, must not + begin or end with a hyphen, and must not begin with "internal-". + type: string + scheme: + description: |- + The nodes of an Internet-facing load balancer have public IP addresses. The + DNS name of an Internet-facing load balancer is publicly resolvable to the + public IP addresses of the nodes. Therefore, Internet-facing load balancers + can route requests from clients over the internet. + + The nodes of an internal load balancer have only private IP addresses. The + DNS name of an internal load balancer is publicly resolvable to the private + IP addresses of the nodes. Therefore, internal load balancers can route requests + only from clients with access to the VPC for the load balancer. + + The default is an Internet-facing load balancer. + + You cannot specify a scheme for a Gateway Load Balancer. + type: string + securityGroupRefs: + items: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference\ntype to provide more user friendly syntax + for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t + \ name: my-api" + properties: + from: + description: |- + AWSResourceReference provides all the values necessary to reference another + k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + namespace: + type: string + type: object + type: object + type: array + securityGroups: + description: |- + [Application Load Balancers and Network Load Balancers] The IDs of the security + groups for the load balancer. + items: + type: string + type: array + subnetMappings: + description: |- + The IDs of the subnets. You can specify only one subnet per Availability + Zone. You must specify either subnets or subnet mappings, but not both. + + [Application Load Balancers] You must specify subnets from at least two Availability + Zones. You cannot specify Elastic IP addresses for your subnets. + + [Application Load Balancers on Outposts] You must specify one Outpost subnet. + + [Application Load Balancers on Local Zones] You can specify subnets from + one or more Local Zones. + + [Network Load Balancers] You can specify subnets from one or more Availability + Zones. You can specify one Elastic IP address per subnet if you need static + IP addresses for your internet-facing load balancer. For internal load balancers, + you can specify one private IP address per subnet from the IPv4 range of + the subnet. For internet-facing load balancer, you can specify one IPv6 address + per subnet. + + [Gateway Load Balancers] You can specify subnets from one or more Availability + Zones. You cannot specify Elastic IP addresses for your subnets. + items: + description: Information about a subnet mapping. + properties: + allocationID: + type: string + ipv6Address: + type: string + privateIPv4Address: + type: string + subnetID: + type: string + subnetRef: + description: Reference field for SubnetID + properties: + from: + description: |- + AWSResourceReference provides all the values necessary to reference another + k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + namespace: + type: string + type: object + type: object + type: object + type: array + subnetRefs: + items: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference\ntype to provide more user friendly syntax + for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t + \ name: my-api" + properties: + from: + description: |- + AWSResourceReference provides all the values necessary to reference another + k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + namespace: + type: string + type: object + type: object + type: array + subnets: + description: |- + The IDs of the subnets. You can specify only one subnet per Availability + Zone. You must specify either subnets or subnet mappings, but not both. To + specify an Elastic IP address, specify subnet mappings instead of subnets. + + [Application Load Balancers] You must specify subnets from at least two Availability + Zones. + + [Application Load Balancers on Outposts] You must specify one Outpost subnet. + + [Application Load Balancers on Local Zones] You can specify subnets from + one or more Local Zones. + + [Network Load Balancers] You can specify subnets from one or more Availability + Zones. + + [Gateway Load Balancers] You can specify subnets from one or more Availability + Zones. + items: + type: string + type: array + tags: + description: The tags to assign to the load balancer. + items: + description: Information about a tag. + properties: + key: + type: string + value: + type: string + type: object + type: array + type: + description: The type of load balancer. The default is application. + type: string + type: object + status: + description: LoadBalancerStatus defines the observed state of LoadBalancer + properties: + ackResourceMetadata: + description: |- + All CRs managed by ACK have a common `Status.ACKResourceMetadata` member + that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: |- + ARN is the Amazon Resource Name for the resource. This is a + globally-unique identifier and is set only by the ACK service controller + once the controller has orchestrated the creation of the resource OR + when it has verified that an "adopted" resource (a resource where the + ARN annotation was set by the Kubernetes user on the CR) exists and + matches the supplied CR's Spec field values. + https://github.com/aws/aws-controllers-k8s/issues/270 + type: string + ownerAccountID: + description: |- + OwnerAccountID is the AWS Account ID of the account that owns the + backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + availabilityZones: + description: The subnets for the load balancer. + items: + description: Information about an Availability Zone. + properties: + loadBalancerAddresses: + items: + description: Information about a static IP address for a load + balancer. + properties: + allocationID: + type: string + ipAddress: + type: string + ipv6Address: + type: string + privateIPv4Address: + type: string + type: object + type: array + outpostID: + type: string + subnetID: + type: string + zoneName: + type: string + type: object + type: array + canonicalHostedZoneID: + description: The ID of the Amazon Route 53 hosted zone associated + with the load balancer. + type: string + conditions: + description: |- + All CRS managed by ACK have a common `Status.Conditions` member that + contains a collection of `ackv1alpha1.Condition` objects that describe + the various terminal states of the CR and its backend AWS service API + resource + items: + description: |- + Condition is the common struct used by all CRDs managed by ACK service + controllers to indicate terminal states of the CR and its backend AWS + service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + createdTime: + description: The date and time the load balancer was created. + format: date-time + type: string + dnsName: + description: The public DNS name of the load balancer. + type: string + enforceSecurityGroupInboundRulesOnPrivateLinkTraffic: + description: |- + Indicates whether to evaluate inbound security group rules for traffic sent + to a Network Load Balancer through Amazon Web Services PrivateLink. + type: string + state: + description: The state of the load balancer. + properties: + code: + type: string + reason: + type: string + type: object + vpcID: + description: The ID of the VPC for the load balancer. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-elbv2-controller/1.0.1/manifests/elbv2.services.k8s.aws_rules.yaml b/operators/ack-elbv2-controller/1.0.1/manifests/elbv2.services.k8s.aws_rules.yaml new file mode 100644 index 00000000000..ef1d370dce5 --- /dev/null +++ b/operators/ack-elbv2-controller/1.0.1/manifests/elbv2.services.k8s.aws_rules.yaml @@ -0,0 +1,444 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.2 + creationTimestamp: null + name: rules.elbv2.services.k8s.aws +spec: + group: elbv2.services.k8s.aws + names: + kind: Rule + listKind: RuleList + plural: rules + singular: rule + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Rule is the Schema for the Rules API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + RuleSpec defines the desired state of Rule. + + Information about a rule. + properties: + actions: + description: The actions. + items: + description: |- + Information about an action. + + Each rule must include exactly one of the following types of actions: forward, + fixed-response, or redirect, and it must be the last action to be performed. + properties: + authenticateCognitoConfig: + description: |- + Request parameters to use when integrating with Amazon Cognito to authenticate + users. + properties: + authenticationRequestExtraParams: + additionalProperties: + type: string + type: object + onUnauthenticatedRequest: + type: string + scope: + type: string + sessionCookieName: + type: string + sessionTimeout: + format: int64 + type: integer + userPoolARN: + type: string + userPoolClientID: + type: string + userPoolDomain: + type: string + type: object + authenticateOIDCConfig: + description: |- + Request parameters when using an identity provider (IdP) that is compliant + with OpenID Connect (OIDC) to authenticate users. + properties: + authenticationRequestExtraParams: + additionalProperties: + type: string + type: object + authorizationEndpoint: + type: string + clientID: + type: string + clientSecret: + type: string + issuer: + type: string + onUnauthenticatedRequest: + type: string + scope: + type: string + sessionCookieName: + type: string + sessionTimeout: + format: int64 + type: integer + tokenEndpoint: + type: string + useExistingClientSecret: + type: boolean + userInfoEndpoint: + type: string + type: object + fixedResponseConfig: + description: Information about an action that returns a custom + HTTP response. + properties: + contentType: + type: string + messageBody: + type: string + statusCode: + type: string + type: object + forwardConfig: + description: Information about a forward action. + properties: + targetGroupStickinessConfig: + description: Information about the target group stickiness + for a rule. + properties: + durationSeconds: + format: int64 + type: integer + enabled: + type: boolean + type: object + targetGroups: + items: + description: |- + Information about how traffic will be distributed between multiple target + groups in a forward rule. + properties: + targetGroupARN: + type: string + targetGroupRef: + description: Reference field for TargetGroupARN + properties: + from: + description: |- + AWSResourceReference provides all the values necessary to reference another + k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + namespace: + type: string + type: object + type: object + weight: + format: int64 + type: integer + type: object + type: array + type: object + order: + format: int64 + type: integer + redirectConfig: + description: |- + Information about a redirect action. + + A URI consists of the following components: protocol://hostname:port/path?query. + You must modify at least one of the following components to avoid a redirect + loop: protocol, hostname, port, or path. Any components that you do not modify + retain their original values. + + You can reuse URI components using the following reserved keywords: + + * #{protocol} + + * #{host} + + * #{port} + + * #{path} (the leading "/" is removed) + + * #{query} + + For example, you can change the path to "/new/#{path}", the hostname to "example.#{host}", + or the query to "#{query}&value=xyz". + properties: + host: + type: string + path: + type: string + port: + type: string + protocol: + type: string + query: + type: string + statusCode: + type: string + type: object + targetGroupARN: + type: string + targetGroupRef: + description: Reference field for TargetGroupARN + properties: + from: + description: |- + AWSResourceReference provides all the values necessary to reference another + k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + namespace: + type: string + type: object + type: object + type: + type: string + type: object + type: array + conditions: + description: The conditions. + items: + description: |- + Information about a condition for a rule. + + Each rule can optionally include up to one of each of the following conditions: + http-request-method, host-header, path-pattern, and source-ip. Each rule + can also optionally include one or more of each of the following conditions: + http-header and query-string. Note that the value for a condition cannot + be empty. + + For more information, see Quotas for your Application Load Balancers (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-limits.html). + properties: + field: + type: string + hostHeaderConfig: + description: Information about a host header condition. + properties: + values: + items: + type: string + type: array + type: object + httpHeaderConfig: + description: |- + Information about an HTTP header condition. + + There is a set of standard HTTP header fields. You can also define custom + HTTP header fields. + properties: + httpHeaderName: + type: string + values: + items: + type: string + type: array + type: object + httpRequestMethodConfig: + description: |- + Information about an HTTP method condition. + + HTTP defines a set of request methods, also referred to as HTTP verbs. For + more information, see the HTTP Method Registry (https://www.iana.org/assignments/http-methods/http-methods.xhtml). + You can also define custom HTTP methods. + properties: + values: + items: + type: string + type: array + type: object + pathPatternConfig: + description: Information about a path pattern condition. + properties: + values: + items: + type: string + type: array + type: object + queryStringConfig: + description: |- + Information about a query string condition. + + The query string component of a URI starts after the first '?' character + and is terminated by either a '#' character or the end of the URI. A typical + query string contains key/value pairs separated by '&' characters. The allowed + characters are specified by RFC 3986. Any character can be percentage encoded. + properties: + values: + items: + description: Information about a key/value pair. + properties: + key: + type: string + value: + type: string + type: object + type: array + type: object + sourceIPConfig: + description: |- + Information about a source IP condition. + + You can use this condition to route based on the IP address of the source + that connects to the load balancer. If a client is behind a proxy, this is + the IP address of the proxy not the IP address of the client. + properties: + values: + items: + type: string + type: array + type: object + values: + items: + type: string + type: array + type: object + type: array + listenerARN: + description: The Amazon Resource Name (ARN) of the listener. + type: string + listenerRef: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference\ntype to provide more user friendly syntax + for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t + \ name: my-api" + properties: + from: + description: |- + AWSResourceReference provides all the values necessary to reference another + k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + namespace: + type: string + type: object + type: object + priority: + description: The rule priority. A listener can't have multiple rules + with the same priority. + format: int64 + type: integer + tags: + description: The tags to assign to the rule. + items: + description: Information about a tag. + properties: + key: + type: string + value: + type: string + type: object + type: array + required: + - actions + - conditions + - priority + type: object + status: + description: RuleStatus defines the observed state of Rule + properties: + ackResourceMetadata: + description: |- + All CRs managed by ACK have a common `Status.ACKResourceMetadata` member + that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: |- + ARN is the Amazon Resource Name for the resource. This is a + globally-unique identifier and is set only by the ACK service controller + once the controller has orchestrated the creation of the resource OR + when it has verified that an "adopted" resource (a resource where the + ARN annotation was set by the Kubernetes user on the CR) exists and + matches the supplied CR's Spec field values. + https://github.com/aws/aws-controllers-k8s/issues/270 + type: string + ownerAccountID: + description: |- + OwnerAccountID is the AWS Account ID of the account that owns the + backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + conditions: + description: |- + All CRS managed by ACK have a common `Status.Conditions` member that + contains a collection of `ackv1alpha1.Condition` objects that describe + the various terminal states of the CR and its backend AWS service API + resource + items: + description: |- + Condition is the common struct used by all CRDs managed by ACK service + controllers to indicate terminal states of the CR and its backend AWS + service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + isDefault: + description: Indicates whether this is the default rule. + type: boolean + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-elbv2-controller/1.0.1/manifests/elbv2.services.k8s.aws_targetgroups.yaml b/operators/ack-elbv2-controller/1.0.1/manifests/elbv2.services.k8s.aws_targetgroups.yaml new file mode 100644 index 00000000000..3c03db1dc74 --- /dev/null +++ b/operators/ack-elbv2-controller/1.0.1/manifests/elbv2.services.k8s.aws_targetgroups.yaml @@ -0,0 +1,301 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.2 + creationTimestamp: null + name: targetgroups.elbv2.services.k8s.aws +spec: + group: elbv2.services.k8s.aws + names: + kind: TargetGroup + listKind: TargetGroupList + plural: targetgroups + singular: targetgroup + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: TargetGroup is the Schema for the TargetGroups API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + TargetGroupSpec defines the desired state of TargetGroup. + + Information about a target group. + properties: + healthCheckEnabled: + description: |- + Indicates whether health checks are enabled. If the target type is lambda, + health checks are disabled by default but can be enabled. If the target type + is instance, ip, or alb, health checks are always enabled and cannot be disabled. + type: boolean + healthCheckIntervalSeconds: + description: |- + The approximate amount of time, in seconds, between health checks of an individual + target. The range is 5-300. If the target group protocol is TCP, TLS, UDP, + TCP_UDP, HTTP or HTTPS, the default is 30 seconds. If the target group protocol + is GENEVE, the default is 10 seconds. If the target type is lambda, the default + is 35 seconds. + format: int64 + type: integer + healthCheckPath: + description: |- + [HTTP/HTTPS health checks] The destination for health checks on the targets. + + [HTTP1 or HTTP2 protocol version] The ping path. The default is /. + + [GRPC protocol version] The path of a custom health check method with the + format /package.service/method. The default is /Amazon Web Services.ALB/healthcheck. + type: string + healthCheckPort: + description: |- + The port the load balancer uses when performing health checks on targets. + If the protocol is HTTP, HTTPS, TCP, TLS, UDP, or TCP_UDP, the default is + traffic-port, which is the port on which each target receives traffic from + the load balancer. If the protocol is GENEVE, the default is port 80. + type: string + healthCheckProtocol: + description: |- + The protocol the load balancer uses when performing health checks on targets. + For Application Load Balancers, the default is HTTP. For Network Load Balancers + and Gateway Load Balancers, the default is TCP. The TCP protocol is not supported + for health checks if the protocol of the target group is HTTP or HTTPS. The + GENEVE, TLS, UDP, and TCP_UDP protocols are not supported for health checks. + type: string + healthCheckTimeoutSeconds: + description: |- + The amount of time, in seconds, during which no response from a target means + a failed health check. The range is 2–120 seconds. For target groups with + a protocol of HTTP, the default is 6 seconds. For target groups with a protocol + of TCP, TLS or HTTPS, the default is 10 seconds. For target groups with a + protocol of GENEVE, the default is 5 seconds. If the target type is lambda, + the default is 30 seconds. + format: int64 + type: integer + healthyThresholdCount: + description: |- + The number of consecutive health check successes required before considering + a target healthy. The range is 2-10. If the target group protocol is TCP, + TCP_UDP, UDP, TLS, HTTP or HTTPS, the default is 5. For target groups with + a protocol of GENEVE, the default is 5. If the target type is lambda, the + default is 5. + format: int64 + type: integer + ipAddressType: + description: |- + The type of IP address used for this target group. The possible values are + ipv4 and ipv6. This is an optional parameter. If not specified, the IP address + type defaults to ipv4. + type: string + matcher: + description: |- + [HTTP/HTTPS health checks] The HTTP or gRPC codes to use when checking for + a successful response from a target. For target groups with a protocol of + TCP, TCP_UDP, UDP or TLS the range is 200-599. For target groups with a protocol + of HTTP or HTTPS, the range is 200-499. For target groups with a protocol + of GENEVE, the range is 200-399. + properties: + grpcCode: + type: string + httpCode: + type: string + type: object + name: + description: |- + The name of the target group. + + This name must be unique per region per account, can have a maximum of 32 + characters, must contain only alphanumeric characters or hyphens, and must + not begin or end with a hyphen. + type: string + port: + description: |- + The port on which the targets receive traffic. This port is used unless you + specify a port override when registering the target. If the target is a Lambda + function, this parameter does not apply. If the protocol is GENEVE, the supported + port is 6081. + format: int64 + type: integer + protocol: + description: |- + The protocol to use for routing traffic to the targets. For Application Load + Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, + the supported protocols are TCP, TLS, UDP, or TCP_UDP. For Gateway Load Balancers, + the supported protocol is GENEVE. A TCP_UDP listener must be associated with + a TCP_UDP target group. If the target is a Lambda function, this parameter + does not apply. + type: string + protocolVersion: + description: |- + [HTTP/HTTPS protocol] The protocol version. Specify GRPC to send requests + to targets using gRPC. Specify HTTP2 to send requests to targets using HTTP/2. + The default is HTTP1, which sends requests to targets using HTTP/1.1. + type: string + tags: + description: The tags to assign to the target group. + items: + description: Information about a tag. + properties: + key: + type: string + value: + type: string + type: object + type: array + targetType: + description: |- + The type of target that you must specify when registering targets with this + target group. You can't specify targets for a target group using more than + one target type. + + * instance - Register targets by instance ID. This is the default value. + + * ip - Register targets by IP address. You can specify IP addresses from + the subnets of the virtual private cloud (VPC) for the target group, the + RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the + RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP + addresses. + + * lambda - Register a single Lambda function as a target. + + * alb - Register a single Application Load Balancer as a target. + type: string + unhealthyThresholdCount: + description: |- + The number of consecutive health check failures required before considering + a target unhealthy. The range is 2-10. If the target group protocol is TCP, + TCP_UDP, UDP, TLS, HTTP or HTTPS, the default is 2. For target groups with + a protocol of GENEVE, the default is 2. If the target type is lambda, the + default is 5. + format: int64 + type: integer + vpcID: + description: |- + The identifier of the virtual private cloud (VPC). If the target is a Lambda + function, this parameter does not apply. Otherwise, this parameter is required. + type: string + vpcRef: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference\ntype to provide more user friendly syntax + for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t + \ name: my-api" + properties: + from: + description: |- + AWSResourceReference provides all the values necessary to reference another + k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + namespace: + type: string + type: object + type: object + required: + - name + type: object + status: + description: TargetGroupStatus defines the observed state of TargetGroup + properties: + ackResourceMetadata: + description: |- + All CRs managed by ACK have a common `Status.ACKResourceMetadata` member + that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: |- + ARN is the Amazon Resource Name for the resource. This is a + globally-unique identifier and is set only by the ACK service controller + once the controller has orchestrated the creation of the resource OR + when it has verified that an "adopted" resource (a resource where the + ARN annotation was set by the Kubernetes user on the CR) exists and + matches the supplied CR's Spec field values. + https://github.com/aws/aws-controllers-k8s/issues/270 + type: string + ownerAccountID: + description: |- + OwnerAccountID is the AWS Account ID of the account that owns the + backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + conditions: + description: |- + All CRS managed by ACK have a common `Status.Conditions` member that + contains a collection of `ackv1alpha1.Condition` objects that describe + the various terminal states of the CR and its backend AWS service API + resource + items: + description: |- + Condition is the common struct used by all CRDs managed by ACK service + controllers to indicate terminal states of the CR and its backend AWS + service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + loadBalancerARNs: + description: |- + The Amazon Resource Name (ARN) of the load balancer that routes traffic to + this target group. You can use each target group with only one load balancer. + items: + type: string + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-elbv2-controller/1.0.1/metadata/annotations.yaml b/operators/ack-elbv2-controller/1.0.1/metadata/annotations.yaml new file mode 100644 index 00000000000..37dc9ae7247 --- /dev/null +++ b/operators/ack-elbv2-controller/1.0.1/metadata/annotations.yaml @@ -0,0 +1,15 @@ +annotations: + # Core bundle annotations. + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: ack-elbv2-controller + operators.operatorframework.io.bundle.channels.v1: alpha + operators.operatorframework.io.bundle.channel.default.v1: alpha + operators.operatorframework.io.metrics.builder: operator-sdk-v1.28.0 + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: unknown + + # Annotations for testing. + operators.operatorframework.io.test.mediatype.v1: scorecard+v1 + operators.operatorframework.io.test.config.v1: tests/scorecard/ diff --git a/operators/ack-elbv2-controller/1.0.1/tests/scorecard/config.yaml b/operators/ack-elbv2-controller/1.0.1/tests/scorecard/config.yaml new file mode 100644 index 00000000000..382ddefd156 --- /dev/null +++ b/operators/ack-elbv2-controller/1.0.1/tests/scorecard/config.yaml @@ -0,0 +1,50 @@ +apiVersion: scorecard.operatorframework.io/v1alpha3 +kind: Configuration +metadata: + name: config +stages: +- parallel: true + tests: + - entrypoint: + - scorecard-test + - basic-check-spec + image: quay.io/operator-framework/scorecard-test:v1.7.1 + labels: + suite: basic + test: basic-check-spec-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-bundle-validation + image: quay.io/operator-framework/scorecard-test:v1.7.1 + labels: + suite: olm + test: olm-bundle-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-validation + image: quay.io/operator-framework/scorecard-test:v1.7.1 + labels: + suite: olm + test: olm-crds-have-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-spec-descriptors + image: quay.io/operator-framework/scorecard-test:v1.7.1 + labels: + suite: olm + test: olm-spec-descriptors-test + storage: + spec: + mountPath: {} +storage: + spec: + mountPath: {}