chore: add v0.6.x to metadata, fix metrics service

Part of #1070 Signed-off-by: Gerard de Leeuw <gdeleeuw@leeuwit.nl> Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
2025-09-24 23:31:22 +02:00 · 2022-09-06 09:50:14 +02:00 · 2022-09-06 09:50:14 +02:00 · ef65ff05a9
commit ef65ff05a9
parent e433504087
10 changed files with 63 additions and 18 deletions
--- a/app/caps-controller-manager/config/default/kustomization.yaml
+++ b/app/caps-controller-manager/config/default/kustomization.yaml
@ -14,6 +14,7 @@ bases:
  - ../manager
 patchesStrategicMerge:
  - manager_auth_proxy_patch.yaml
  - manager_webhook_patch.yaml
  - webhookcainjection_patch.yaml
--- a/app/caps-controller-manager/config/default/manager_auth_proxy_patch.yaml
+++ b/app/caps-controller-manager/config/default/manager_auth_proxy_patch.yaml
@ -0,0 +1,21 @@
 # This patch inject a sidecar container which is an HTTP proxy for the controller manager,
 # it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews.
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: controller-manager
  namespace: system
 spec:
  template:
    spec:
      containers:
        - name: kube-rbac-proxy
          image: gcr.io/kubebuilder/kube-rbac-proxy:v0.4.1
          args:
            - "--secure-listen-address=0.0.0.0:8443"
            - "--upstream=http://127.0.0.1:8080/"
            - "--logtostderr=true"
            - "--v=10"
          ports:
            - containerPort: 8443
              name: https
--- a/app/caps-controller-manager/config/prometheus/monitor.yaml
+++ b/app/caps-controller-manager/config/prometheus/monitor.yaml
@ -1,4 +1,3 @@
 # Prometheus Monitor Service (Metrics)
 apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
--- a/app/caps-controller-manager/config/rbac/auth_proxy_service.yaml
+++ b/app/caps-controller-manager/config/rbac/auth_proxy_service.yaml
@ -7,8 +7,8 @@ metadata:
  namespace: system
 spec:
  ports:
-  - name: https
+    - name: https
-    port: 8443
+      port: 8443
-    targetPort: https
+      targetPort: https
  selector:
    control-plane: caps-controller-manager
--- a/app/caps-controller-manager/config/rbac/kustomization.yaml
+++ b/app/caps-controller-manager/config/rbac/kustomization.yaml
@ -6,6 +6,6 @@ resources:
  # Comment the following 3 lines if you want to disable
  # the auth proxy (https://github.com/brancz/kube-rbac-proxy)
  # which protects your /metrics endpoint.
-  # - auth_proxy_service.yaml
+  - auth_proxy_service.yaml
-  # - auth_proxy_role.yaml
+  - auth_proxy_role.yaml
-  # - auth_proxy_role_binding.yaml
+  - auth_proxy_role_binding.yaml
--- a/app/sidero-controller-manager/config/kustomization.yaml
+++ b/app/sidero-controller-manager/config/kustomization.yaml
@ -16,13 +16,13 @@ patchesStrategicMerge:
  # Protect the /metrics endpoint by putting it behind auth.
  # Only one of manager_auth_proxy_patch.yaml and
  # manager_prometheus_metrics_patch.yaml should be enabled.
-  #- manager_auth_proxy_patch.yaml
+  - manager_auth_proxy_patch.yaml
-    # If you want your controller-manager to expose the /metrics
+  # If you want your controller-manager to expose the /metrics
-    # endpoint w/o any authn/z, uncomment the following line and
+  # endpoint w/o any authn/z, uncomment the following line and
-    # comment manager_auth_proxy_patch.yaml.
+  # comment manager_auth_proxy_patch.yaml.
-    # Only one of manager_auth_proxy_patch.yaml and
+  # Only one of manager_auth_proxy_patch.yaml and
-    # manager_prometheus_metrics_patch.yaml should be enabled.
+  # manager_prometheus_metrics_patch.yaml should be enabled.
-#- manager_prometheus_metrics_patch.yaml
+  #- manager_prometheus_metrics_patch.yaml
  - manager_webhook_patch.yaml
  - webhookcainjection_patch.yaml
 vars:
--- a/app/sidero-controller-manager/config/manager_auth_proxy_patch.yaml
+++ b/app/sidero-controller-manager/config/manager_auth_proxy_patch.yaml
@ -0,0 +1,21 @@
 # This patch inject a sidecar container which is an HTTP proxy for the controller manager,
 # it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews.
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: controller-manager
  namespace: system
 spec:
  template:
    spec:
      containers:
        - name: kube-rbac-proxy
          image: gcr.io/kubebuilder/kube-rbac-proxy:v0.4.1
          args:
            - "--secure-listen-address=0.0.0.0:8443"
            - "--upstream=http://127.0.0.1:8080/"
            - "--logtostderr=true"
            - "--v=10"
          ports:
            - containerPort: 8443
              name: https
--- a/app/sidero-controller-manager/config/prometheus/monitor.yaml
+++ b/app/sidero-controller-manager/config/prometheus/monitor.yaml
@ -3,7 +3,7 @@ apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
 metadata:
  labels:
-    control-plane: caps-controller-manager
+    control-plane: sidero-controller-manager
  name: metrics-monitor
  namespace: system
 spec:
@ -11,4 +11,4 @@ spec:
    - path: /metrics
      port: https
  selector:
-    control-plane: caps-controller-manager
+    control-plane: sidero-controller-manager
--- a/app/sidero-controller-manager/config/rbac/auth_proxy_service.yaml
+++ b/app/sidero-controller-manager/config/rbac/auth_proxy_service.yaml
@ -2,7 +2,7 @@ apiVersion: v1
 kind: Service
 metadata:
  labels:
-    control-plane: caps-controller-manager
+    control-plane: sidero-controller-manager
  name: controller-manager-metrics-service
  namespace: system
 spec:
@ -11,4 +11,4 @@ spec:
      port: 8443
      targetPort: https
  selector:
-    control-plane: caps-controller-manager
+    control-plane: sidero-controller-manager
--- a/config/metadata/metadata.yaml
+++ b/config/metadata/metadata.yaml
@ -16,3 +16,6 @@ releaseSeries:
  - major: 0
    minor: 5
    contract: v1beta1
  - major: 0
    minor: 6
    contract: v1beta1