diff --git a/postprocess/non-openshift.jsonnet b/postprocess/non-openshift.jsonnet index a4c0ad4..741a232 100644 --- a/postprocess/non-openshift.jsonnet +++ b/postprocess/non-openshift.jsonnet @@ -67,16 +67,12 @@ local fixup_servicemonitor(obj) = }; local fixup_obj(obj) = - if distribution != 'openshift4' then ( - if obj.kind == 'Deployment' then - fixup_deploy(obj) - else if obj.kind == 'Service' then - fixup_service(obj) - else if obj.kind == 'ServiceMonitor' then - fixup_servicemonitor(obj) - else - obj - ) + if obj.kind == 'Deployment' then + fixup_deploy(obj) + else if obj.kind == 'Service' then + fixup_service(obj) + else if obj.kind == 'ServiceMonitor' then + fixup_servicemonitor(obj) else obj; @@ -85,7 +81,10 @@ local fixup(obj_file) = // process all objs [ fixup_obj(obj) for obj in objs ]; -{ - [stem(elem)]: fixup(input_file(elem)) - for elem in chart_files -} +if distribution != 'openshift4' then + { + [stem(elem)]: fixup(input_file(elem)) + for elem in chart_files + } +else + {} diff --git a/tests/golden/openshift4/resource-locker/resource-locker/01_resource_locker_operator_helmchart/resource-locker-operator/templates/manager.yaml b/tests/golden/openshift4/resource-locker/resource-locker/01_resource_locker_operator_helmchart/resource-locker-operator/templates/manager.yaml index 2660734..8ad52ce 100644 --- a/tests/golden/openshift4/resource-locker/resource-locker/01_resource_locker_operator_helmchart/resource-locker-operator/templates/manager.yaml +++ b/tests/golden/openshift4/resource-locker/resource-locker/01_resource_locker_operator_helmchart/resource-locker-operator/templates/manager.yaml @@ -22,52 +22,52 @@ spec: operator: resource-locker-operator spec: containers: - - args: - - --secure-listen-address=0.0.0.0:8443 - - --upstream=http://127.0.0.1:8080/ - - --logtostderr=true - - --tls-cert-file=/etc/certs/tls/tls.crt - - --tls-private-key-file=/etc/certs/tls/tls.key - - --v=10 - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 - imagePullPolicy: IfNotPresent - name: kube-rbac-proxy - ports: - - containerPort: 8443 - name: https - resources: - requests: - cpu: 100m - memory: 20Mi - volumeMounts: - - mountPath: /etc/certs/tls - name: tls-cert - - args: - - --leader-elect - command: - - /manager - image: quay.io/redhat-cop/resource-locker-operator:v1.1.0 - imagePullPolicy: IfNotPresent - livenessProbe: - httpGet: - path: /healthz - port: 8081 - initialDelaySeconds: 15 - periodSeconds: 20 - name: resource-locker-operator - readinessProbe: - httpGet: - path: /readyz - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - resources: - requests: - cpu: 100m - memory: 20Mi + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --tls-cert-file=/etc/certs/tls/tls.crt + - --tls-private-key-file=/etc/certs/tls/tls.key + - --v=10 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0 + imagePullPolicy: IfNotPresent + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + resources: + requests: + cpu: 100m + memory: 20Mi + volumeMounts: + - mountPath: /etc/certs/tls + name: tls-cert + - args: + - --leader-elect + command: + - /manager + image: quay.io/redhat-cop/resource-locker-operator:v1.1.0 + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: resource-locker-operator + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + requests: + cpu: 100m + memory: 20Mi serviceAccountName: resource-locker-operator-controller-manager volumes: - - name: tls-cert - secret: - defaultMode: 420 - secretName: resource-locker-operator-certs + - name: tls-cert + secret: + defaultMode: 420 + secretName: resource-locker-operator-certs diff --git a/tests/golden/openshift4/resource-locker/resource-locker/01_resource_locker_operator_helmchart/resource-locker-operator/templates/rbac.yaml b/tests/golden/openshift4/resource-locker/resource-locker/01_resource_locker_operator_helmchart/resource-locker-operator/templates/rbac.yaml index 988cfc4..1c8977c 100644 --- a/tests/golden/openshift4/resource-locker/resource-locker/01_resource_locker_operator_helmchart/resource-locker-operator/templates/rbac.yaml +++ b/tests/golden/openshift4/resource-locker/resource-locker/01_resource_locker_operator_helmchart/resource-locker-operator/templates/rbac.yaml @@ -10,108 +10,109 @@ metadata: name: resource-locker-operator-leader-election-role namespace: syn-resource-locker rules: -- apiGroups: - - '' - resources: - - configmaps - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - '' - resources: - - configmaps/status - verbs: - - get - - update - - patch -- apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - '' - resources: - - events - verbs: - - create - - patch + - apiGroups: + - '' + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - '' + resources: + - configmaps/status + verbs: + - get + - update + - patch + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - '' + resources: + - events + verbs: + - create + - patch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: + creationTimestamp: null name: resource-locker-operator-manager-role rules: -- apiGroups: - - '' - resources: - - secrets - - serviceaccounts - verbs: - - get - - list - - watch -- apiGroups: - - redhatcop.redhat.io - resources: - - resourcelockers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - redhatcop.redhat.io - resources: - - resourcelockers/status - verbs: - - get - - patch - - update + - apiGroups: + - '' + resources: + - secrets + - serviceaccounts + verbs: + - get + - list + - watch + - apiGroups: + - redhatcop.redhat.io + resources: + - resourcelockers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - redhatcop.redhat.io + resources: + - resourcelockers/status + verbs: + - get + - patch + - update --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: resource-locker-operator-metrics-reader rules: -- nonResourceURLs: - - /metrics - verbs: - - get + - nonResourceURLs: + - /metrics + verbs: + - get --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: resource-locker-operator-proxy-role rules: -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create + - apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding @@ -123,9 +124,9 @@ roleRef: kind: Role name: resource-locker-operator-leader-election-role subjects: -- kind: ServiceAccount - name: resource-locker-operator-controller-manager - namespace: syn-resource-locker + - kind: ServiceAccount + name: resource-locker-operator-controller-manager + namespace: syn-resource-locker --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -136,9 +137,9 @@ roleRef: kind: ClusterRole name: resource-locker-operator-manager-role subjects: -- kind: ServiceAccount - name: resource-locker-operator-controller-manager - namespace: syn-resource-locker + - kind: ServiceAccount + name: resource-locker-operator-controller-manager + namespace: syn-resource-locker --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -149,9 +150,9 @@ roleRef: kind: ClusterRole name: resource-locker-operator-proxy-role subjects: -- kind: ServiceAccount - name: resource-locker-operator-controller-manager - namespace: syn-resource-locker + - kind: ServiceAccount + name: resource-locker-operator-controller-manager + namespace: syn-resource-locker --- apiVersion: v1 kind: Service @@ -164,9 +165,9 @@ metadata: namespace: syn-resource-locker spec: ports: - - name: https - port: 8443 - targetPort: https + - name: https + port: 8443 + targetPort: https selector: operator: resource-locker-operator --- @@ -179,13 +180,13 @@ metadata: namespace: syn-resource-locker spec: endpoints: - - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token - interval: 30s - port: https - scheme: https - tlsConfig: - caFile: /etc/prometheus/configmaps/serving-certs-ca-bundle/service-ca.crt - serverName: resource-locker-operator-controller-manager-metrics.syn-resource-locker.svc + - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + interval: 30s + port: https + scheme: https + tlsConfig: + caFile: /etc/prometheus/configmaps/serving-certs-ca-bundle/service-ca.crt + serverName: resource-locker-operator-controller-manager-metrics.syn-resource-locker.svc selector: matchLabels: operator: resource-locker-operator