diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index e3bc8dfb..16b2efd2 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -31,6 +31,15 @@ "golang.go", "ms-vscode.makefile-tools" ] + }, + "codespaces": { + "repositories": { + "zeiss/typhoon": { + "permissions": { + "contents": "write" + } + } + } } }, "portsAttributes": { diff --git a/cmd/webhook/main.go b/cmd/typhoon-webhook/main.go similarity index 100% rename from cmd/webhook/main.go rename to cmd/typhoon-webhook/main.go diff --git a/config/301-kafkatarget.yaml b/config/301-kafkatarget.yaml deleted file mode 100644 index 5252ed79..00000000 --- a/config/301-kafkatarget.yaml +++ /dev/null @@ -1,372 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: kafkatargets.targets.typhoon.zeiss.com - labels: - knative.dev/crd-install: 'true' - typhoon.zeiss.com/crd-install: 'true' - duck.knative.dev/addressable: 'true' - annotations: - registry.typhoon.zeiss.com/acceptedEventTypes: | - [ - { "type": "*" } - ] -spec: - group: targets.typhoon.zeiss.com - names: - kind: KafkaTarget - plural: kafkatargets - categories: - - all - - knative - - eventing - - targets - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: typhoon event target for Kafka. - properties: - spec: - description: Desired state of event target. - type: object - properties: - topic: - description: Topic name to stream the target events to. - type: string - minLength: 1 - topicReplicationFactor: - description: The number of replicas required to stream to the topic. - type: integer - minimum: 1 - maximum: 32767 - topicPartitions: - description: The number of partitions used by the topic to stream an event to. - type: integer - minimum: 1 - maximum: 2147483647 - bootstrapServers: - description: Array of Kafka servers used to bootstrap the connection. - type: array - items: - type: string - minLength: 1 - auth: - description: Authentication method used to interact with Kafka. - type: object - properties: - saslEnable: - description: Boolean to indicate if SASL is enabled. - type: boolean - tlsEnable: - description: Boolean to indicate if TLS is enabled. - type: boolean - securityMechanism: - description: securityMechanism attribute indicate which mechanism to use. - type: string - enum: [GSSAPI, PLAIN, SCRAM-SHA-256, SCRAM-SHA-512] - username: - description: Kafka account username when using SASL. - type: string - password: - description: Kafka account password when using SASL. - type: object - properties: - value: - description: Plain text password. - type: string - valueFromSecret: - description: A reference to a Kubernetes Secret object containing the password. - type: object - properties: - name: - type: string - key: - type: string - required: - - name - - key - oneOf: - - required: [value] - - required: [valueFromSecret] - kerberos: - description: Kerberos Authentication method to interact with Kafka. - type: object - properties: - realm: - description: Name of the Kerberos Realm. - type: string - serviceName: - description: The primary name of the Kafka server configured. - type: string - username: - description: Kerberos username or Kerberos Principal Name. The Username or the Principal doesn't require - the Realm in it. - type: string - password: - description: Kerberos Password. - type: object - properties: - value: - description: Plain text password. - type: string - valueFromSecret: - description: A reference to a Kubernetes Secret object containing the password. - type: object - properties: - name: - type: string - key: - type: string - required: - - name - - key - oneOf: - - required: [value] - - required: [valueFromSecret] - config: - type: object - properties: - valueFromSecret: - description: A reference to a Kubernetes Secret object containing the kerberos configuration file - (krb5.conf). - type: object - properties: - name: - type: string - key: - type: string - required: - - name - - key - required: - - valueFromSecret - keytab: - type: object - properties: - valueFromSecret: - description: A reference to a Kubernetes Secret object containing the kerberos keytab file contents. - type: object - properties: - name: - type: string - key: - type: string - required: - - name - - key - required: - - valueFromSecret - tls: - description: TLS Authentication method to interact with Kafka. - type: object - properties: - ca: - description: The value to the configured CA. - type: object - properties: - valueFromSecret: - description: A reference to a Kubernetes Secret object containing the value. - type: object - properties: - name: - type: string - key: - type: string - required: - - name - - key - required: - - valueFromSecret - clientCert: - description: The value of the SSL Client Cert. - type: object - properties: - valueFromSecret: - description: A reference to a Kubernetes Secret object containing the Client Cert content. - type: object - properties: - name: - type: string - key: - type: string - required: - - name - - key - required: - - valueFromSecret - clientKey: - description: The value of the SSL Client Key. - type: object - properties: - valueFromSecret: - description: A reference to a Kubernetes Secret object containing the Client Key content. - type: object - properties: - name: - type: string - key: - type: string - required: - - name - - key - required: - - valueFromSecret - skipVerify: - description: SkipVerify controls whether a client verifies the server's certificate chain and host - name. If skipVerify is true, crypto/tls accepts any certificate presented by the server and any - host name in that certificate. In this mode, TLS is susceptible to machine-in-the-middle attacks - unless custom verification is used. This should be used only for testing. - type: boolean - required: - - saslEnable - discardCloudEventContext: - description: Whether to omit CloudEvent context attributes in messages sent to Kafka. When this property is - false (default), the entire CloudEvent payload is included. When this property is true, only the CloudEvent - data is included. - type: boolean - adapterOverrides: - description: Kubernetes object parameters to apply on top of default adapter values. - type: object - properties: - annotations: - description: Adapter annotations. - type: object - additionalProperties: - type: string - labels: - description: Adapter labels. - type: object - additionalProperties: - type: string - env: - description: Adapter environment variables. - type: array - items: - type: object - properties: - name: - type: string - value: - type: string - public: - description: Adapter visibility scope. - type: boolean - resources: - description: Compute Resources required by the adapter. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Limits describes the maximum amount of compute resources allowed. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Requests describes the minimum amount of compute resources required. If Requests is omitted - for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined - value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ - Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ - type: array - items: - type: object - properties: - key: - description: Taint key that the toleration applies to. - type: string - operator: - description: Key's relationship to the value. - type: string - enum: [Exists, Equal] - value: - description: Taint value the toleration matches to. - type: string - effect: - description: Taint effect to match. - type: string - enum: [NoSchedule, PreferNoSchedule, NoExecute] - tolerationSeconds: - description: Period of time a toleration of effect NoExecute tolerates the taint. - type: integer - format: int64 - nodeSelector: - description: NodeSelector only allow the object pods to be created at nodes where all selector labels - are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. - NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ - type: object - additionalProperties: - type: string - affinity: - description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. - Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ - type: object - x-kubernetes-preserve-unknown-fields: true - required: - - bootstrapServers - - topic - status: - type: object - description: Reported status of the event target. - properties: - observedGeneration: - type: integer - format: int64 - conditions: - type: array - items: - type: object - properties: - type: - type: string - status: - type: string - enum: ['True', 'False', Unknown] - severity: - type: string - enum: [Error, Warning, Info] - reason: - type: string - message: - type: string - lastTransitionTime: - type: string - format: date-time - required: - - type - - status - address: - type: object - properties: - url: - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Ready - type: string - jsonPath: .status.conditions[?(@.type=='Ready')].status - - name: Reason - type: string - jsonPath: .status.conditions[?(@.type=='Ready')].reason - - name: Age - type: date - jsonPath: .metadata.creationTimestamp diff --git a/config/500-controller.yaml b/config/500-controller.yaml index 4c7d52f0..2b65b779 100644 --- a/config/500-controller.yaml +++ b/config/500-controller.yaml @@ -55,12 +55,8 @@ spec: value: ko://github.com/zeiss/typhoon/cmd/cloudeventstarget-adapter - name: HTTPTARGET_IMAGE value: ko://github.com/zeiss/typhoon/cmd/httptarget-adapter - - name: KAFKATARGET_IMAGE - value: ko://github.com/zeiss/typhoon/cmd/kafkatarget-adapter - name: LOGZTARGET_IMAGE value: ko://github.com/zeiss/typhoon/cmd/logztarget-adapter - - name: OPENTELEMETRYTARGET_IMAGE - value: ko://github.com/zeiss/typhoon/cmd/opentelemetrytarget-adapter # Flow adapters - name: JQTRANSFORMATION_IMAGE value: ko://github.com/zeiss/typhoon/cmd/jqtransformation-adapter @@ -75,20 +71,9 @@ spec: value: ko://github.com/zeiss/typhoon/cmd/filter-adapter - name: SPLITTER_IMAGE value: ko://github.com/zeiss/typhoon/cmd/splitter-adapter - # Function Runtimes - - name: RUNTIME_KLR_PYTHON - value: gcr.io/typhoon/knative-lambda-python310:v1.26.0 - - name: RUNTIME_KLR_NODE - value: gcr.io/typhoon/knative-lambda-node18:v1.26.0 - - name: RUNTIME_KLR_RUBY - value: gcr.io/typhoon/knative-lambda-ruby32:v1.26.0 # Custom build adapters - - name: IBMMQSOURCE_IMAGE - value: gcr.io/typhoon/ibmmqsource-adapter:latest - - name: IBMMQTARGET_IMAGE - value: gcr.io/typhoon/ibmmqtarget-adapter:latest - name: XSLTTRANSFORMATION_IMAGE - value: gcr.io/typhoon/xslttransformation-adapter:latest + value: ko://github.com/zeiss/typhoon/cmd/xslttransformation-adapter securityContext: runAsNonRoot: true diff --git a/config/500-webhook.yaml b/config/500-webhook.yaml index 417f80a9..b4521733 100644 --- a/config/500-webhook.yaml +++ b/config/500-webhook.yaml @@ -24,7 +24,7 @@ spec: containers: - name: webhook terminationMessagePolicy: FallbackToLogsOnError - image: ko://github.com/zeiss/typhoon/cmd/webhook + image: ko://github.com/zeiss/typhoon/cmd/typhoon-webhook env: - name: SYSTEM_NAMESPACE valueFrom: @@ -39,7 +39,7 @@ spec: ports: - containerPort: 9090 name: metrics - + # TODO set proper resource limits. readinessProbe: diff --git a/typhoon.yaml b/typhoon.yaml index f70335b3..fb6a3c0a 100644 --- a/typhoon.yaml +++ b/typhoon.yaml @@ -3212,367 +3212,6 @@ spec: type: date jsonPath: .metadata.creationTimestamp ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: kafkatargets.targets.typhoon.zeiss.com - labels: - knative.dev/crd-install: 'true' - typhoon.zeiss.com/crd-install: 'true' - duck.knative.dev/addressable: 'true' - annotations: - registry.typhoon.zeiss.com/acceptedEventTypes: | - [ - { "type": "*" } - ] -spec: - group: targets.typhoon.zeiss.com - names: - kind: KafkaTarget - plural: kafkatargets - categories: - - all - - knative - - eventing - - targets - scope: Namespaced - versions: - - name: v1alpha1 - served: true - storage: true - subresources: - status: {} - schema: - openAPIV3Schema: - type: object - description: typhoon event target for Kafka. - properties: - spec: - description: Desired state of event target. - type: object - properties: - topic: - description: Topic name to stream the target events to. - type: string - minLength: 1 - topicReplicationFactor: - description: The number of replicas required to stream to the topic. - type: integer - minimum: 1 - maximum: 32767 - topicPartitions: - description: The number of partitions used by the topic to stream an event to. - type: integer - minimum: 1 - maximum: 2147483647 - bootstrapServers: - description: Array of Kafka servers used to bootstrap the connection. - type: array - items: - type: string - minLength: 1 - auth: - description: Authentication method used to interact with Kafka. - type: object - properties: - saslEnable: - description: Boolean to indicate if SASL is enabled. - type: boolean - tlsEnable: - description: Boolean to indicate if TLS is enabled. - type: boolean - securityMechanism: - description: securityMechanism attribute indicate which mechanism to use. - type: string - enum: [GSSAPI, PLAIN, SCRAM-SHA-256, SCRAM-SHA-512] - username: - description: Kafka account username when using SASL. - type: string - password: - description: Kafka account password when using SASL. - type: object - properties: - value: - description: Plain text password. - type: string - valueFromSecret: - description: A reference to a Kubernetes Secret object containing the password. - type: object - properties: - name: - type: string - key: - type: string - required: - - name - - key - oneOf: - - required: [value] - - required: [valueFromSecret] - kerberos: - description: Kerberos Authentication method to interact with Kafka. - type: object - properties: - realm: - description: Name of the Kerberos Realm. - type: string - serviceName: - description: The primary name of the Kafka server configured. - type: string - username: - description: Kerberos username or Kerberos Principal Name. The Username or the Principal doesn't require the Realm in it. - type: string - password: - description: Kerberos Password. - type: object - properties: - value: - description: Plain text password. - type: string - valueFromSecret: - description: A reference to a Kubernetes Secret object containing the password. - type: object - properties: - name: - type: string - key: - type: string - required: - - name - - key - oneOf: - - required: [value] - - required: [valueFromSecret] - config: - type: object - properties: - valueFromSecret: - description: A reference to a Kubernetes Secret object containing the kerberos configuration file (krb5.conf). - type: object - properties: - name: - type: string - key: - type: string - required: - - name - - key - required: - - valueFromSecret - keytab: - type: object - properties: - valueFromSecret: - description: A reference to a Kubernetes Secret object containing the kerberos keytab file contents. - type: object - properties: - name: - type: string - key: - type: string - required: - - name - - key - required: - - valueFromSecret - tls: - description: TLS Authentication method to interact with Kafka. - type: object - properties: - ca: - description: The value to the configured CA. - type: object - properties: - valueFromSecret: - description: A reference to a Kubernetes Secret object containing the value. - type: object - properties: - name: - type: string - key: - type: string - required: - - name - - key - required: - - valueFromSecret - clientCert: - description: The value of the SSL Client Cert. - type: object - properties: - valueFromSecret: - description: A reference to a Kubernetes Secret object containing the Client Cert content. - type: object - properties: - name: - type: string - key: - type: string - required: - - name - - key - required: - - valueFromSecret - clientKey: - description: The value of the SSL Client Key. - type: object - properties: - valueFromSecret: - description: A reference to a Kubernetes Secret object containing the Client Key content. - type: object - properties: - name: - type: string - key: - type: string - required: - - name - - key - required: - - valueFromSecret - skipVerify: - description: SkipVerify controls whether a client verifies the server's certificate chain and host name. If skipVerify is true, crypto/tls accepts any certificate presented by the server and any host name in that certificate. In this mode, TLS is susceptible to machine-in-the-middle attacks unless custom verification is used. This should be used only for testing. - type: boolean - required: - - saslEnable - discardCloudEventContext: - description: Whether to omit CloudEvent context attributes in messages sent to Kafka. When this property is false (default), the entire CloudEvent payload is included. When this property is true, only the CloudEvent data is included. - type: boolean - adapterOverrides: - description: Kubernetes object parameters to apply on top of default adapter values. - type: object - properties: - annotations: - description: Adapter annotations. - type: object - additionalProperties: - type: string - labels: - description: Adapter labels. - type: object - additionalProperties: - type: string - env: - description: Adapter environment variables. - type: array - items: - type: object - properties: - name: - type: string - value: - type: string - public: - description: Adapter visibility scope. - type: boolean - resources: - description: Compute Resources required by the adapter. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Limits describes the maximum amount of compute resources allowed. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info at https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - tolerations: - description: Pod tolerations, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ Tolerations require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ - type: array - items: - type: object - properties: - key: - description: Taint key that the toleration applies to. - type: string - operator: - description: Key's relationship to the value. - type: string - enum: [Exists, Equal] - value: - description: Taint value the toleration matches to. - type: string - effect: - description: Taint effect to match. - type: string - enum: [NoSchedule, PreferNoSchedule, NoExecute] - tolerationSeconds: - description: Period of time a toleration of effect NoExecute tolerates the taint. - type: integer - format: int64 - nodeSelector: - description: NodeSelector only allow the object pods to be created at nodes where all selector labels are present, as documented at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector. NodeSelector require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ - type: object - additionalProperties: - type: string - affinity: - description: Scheduling constraints of the pod. More info at https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity. Affinity require additional configuration for Knative-based deployments - https://knative.dev/docs/serving/configuration/feature-flags/ - type: object - x-kubernetes-preserve-unknown-fields: true - required: - - bootstrapServers - - topic - status: - type: object - description: Reported status of the event target. - properties: - observedGeneration: - type: integer - format: int64 - conditions: - type: array - items: - type: object - properties: - type: - type: string - status: - type: string - enum: ['True', 'False', Unknown] - severity: - type: string - enum: [Error, Warning, Info] - reason: - type: string - message: - type: string - lastTransitionTime: - type: string - format: date-time - required: - - type - - status - address: - type: object - properties: - url: - type: string - additionalPrinterColumns: - - name: URL - type: string - jsonPath: .status.address.url - - name: Ready - type: string - jsonPath: .status.conditions[?(@.type=='Ready')].status - - name: Reason - type: string - jsonPath: .status.conditions[?(@.type=='Ready')].reason - - name: Age - type: date - jsonPath: .metadata.creationTimestamp - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition