mirror of
https://github.com/ansible/awx-operator.git
synced 2026-03-26 21:33:14 +00:00
267 lines
7.2 KiB
YAML
267 lines
7.2 KiB
YAML
# This file is generated by Ansible. Changes will be lost.
|
|
# Update templates under ansible/templates/
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRole
|
|
metadata:
|
|
creationTimestamp: null
|
|
name: awx-operator
|
|
rules:
|
|
- apiGroups:
|
|
- route.openshift.io
|
|
resources:
|
|
- routes
|
|
- routes/custom-host
|
|
verbs:
|
|
- '*'
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- pods
|
|
- services
|
|
- services/finalizers
|
|
- endpoints
|
|
- persistentvolumeclaims
|
|
- events
|
|
- configmaps
|
|
- secrets
|
|
verbs:
|
|
- '*'
|
|
- apiGroups:
|
|
- apps
|
|
- extensions
|
|
resources:
|
|
- deployments
|
|
- daemonsets
|
|
- replicasets
|
|
- statefulsets
|
|
- ingresses
|
|
verbs:
|
|
- '*'
|
|
- apiGroups:
|
|
- monitoring.coreos.com
|
|
resources:
|
|
- servicemonitors
|
|
verbs:
|
|
- get
|
|
- create
|
|
- apiGroups:
|
|
- apps
|
|
resourceNames:
|
|
- awx-operator
|
|
resources:
|
|
- deployments/finalizers
|
|
verbs:
|
|
- update
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- pods/exec
|
|
verbs:
|
|
- create
|
|
- get
|
|
- apiGroups:
|
|
- apps
|
|
resources:
|
|
- replicasets
|
|
verbs:
|
|
- get
|
|
- apiGroups:
|
|
- awx.ansible.com
|
|
resources:
|
|
- '*'
|
|
verbs:
|
|
- '*'
|
|
|
|
---
|
|
kind: ClusterRoleBinding
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
metadata:
|
|
name: awx-operator
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: awx-operator
|
|
namespace: default
|
|
roleRef:
|
|
kind: ClusterRole
|
|
name: awx-operator
|
|
apiGroup: rbac.authorization.k8s.io
|
|
|
|
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: awx-operator
|
|
namespace: default
|
|
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: awx-operator
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
name: awx-operator
|
|
template:
|
|
metadata:
|
|
labels:
|
|
name: awx-operator
|
|
spec:
|
|
serviceAccountName: awx-operator
|
|
containers:
|
|
- name: awx-operator
|
|
image: "quay.io/ansible/awx-operator:0.6.0"
|
|
imagePullPolicy: "Always"
|
|
volumeMounts:
|
|
- mountPath: /tmp/ansible-operator/runner
|
|
name: runner
|
|
env:
|
|
# Watch all namespaces (cluster-scoped).
|
|
- name: WATCH_NAMESPACE
|
|
value: ""
|
|
- name: POD_NAME
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.name
|
|
- name: OPERATOR_NAME
|
|
value: awx-operator
|
|
- name: ANSIBLE_GATHERING
|
|
value: explicit
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: 6789
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 3
|
|
volumes:
|
|
- name: runner
|
|
emptyDir: {}
|
|
|
|
---
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
name: awxs.awx.ansible.com
|
|
spec:
|
|
group: awx.ansible.com
|
|
names:
|
|
kind: AWX
|
|
listKind: AWXList
|
|
plural: awxs
|
|
singular: awx
|
|
scope: Namespaced
|
|
versions:
|
|
- name: v1beta1
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: Schema validation for the AWX CRD
|
|
properties:
|
|
spec:
|
|
properties:
|
|
tower_hostname:
|
|
description: The hostname of the instance
|
|
type: string
|
|
tower_admin_email:
|
|
description: The admin user email
|
|
type: string
|
|
tower_admin_password_secret:
|
|
description: Secret where the admin password can be found
|
|
type: string
|
|
tower_postgres_configuration_secret:
|
|
description: Secret where the database configuration can be found
|
|
type: string
|
|
tower_secret_key_secret:
|
|
description: Secret where the secret key can be found
|
|
type: string
|
|
tower_ingress_type:
|
|
description: The ingress type to use to reach the deployed instance
|
|
type: string
|
|
enum:
|
|
- none
|
|
- Ingress
|
|
- ingress
|
|
- Route
|
|
- route
|
|
tower_route_host:
|
|
description: The DNS to use to points to the instance
|
|
type: string
|
|
tower_route_tls_termination_mechanism:
|
|
description: The secure TLS termination mechanism to use
|
|
type: string
|
|
default: Edge
|
|
enum:
|
|
- Edge
|
|
- edge
|
|
- Passthrough
|
|
- passthrough
|
|
tower_route_tls_secret:
|
|
description: Secret where the TLS related credentials are stored
|
|
type: string
|
|
tower_image_pull_policy:
|
|
description: The image pull policy
|
|
type: string
|
|
default: IfNotPresent
|
|
enum:
|
|
- Always
|
|
- always
|
|
- Never
|
|
- never
|
|
- IfNotPresent
|
|
- ifnotpresent
|
|
tower_task_resource_requirements:
|
|
description: Resource requirements for the task container
|
|
type: object
|
|
tower_web_resource_requirements:
|
|
description: Resource requirements for the web container
|
|
type: object
|
|
tower_replicas:
|
|
description: Number of instance replicas
|
|
type: integer
|
|
default: 1
|
|
format: int32
|
|
tower_garbage_collect_secrets:
|
|
description: Whether or not to remove secrets upon instance removal
|
|
default: false
|
|
type: boolean
|
|
tower_create_preload_data:
|
|
description: Whether or not to preload data upon Tower instance creation
|
|
default: true
|
|
type: boolean
|
|
type: object
|
|
status:
|
|
properties:
|
|
towerURL:
|
|
description: URL to access the deployed instance
|
|
type: string
|
|
towerAdminUser:
|
|
description: Admin user of the deployed instance
|
|
type: string
|
|
towerAdminPasswordSecret:
|
|
description: Admin password of the deployed instance
|
|
type: string
|
|
towerVersion:
|
|
description: Version of the deployed instance
|
|
type: string
|
|
conditions:
|
|
description: The resulting conditions when a Service Telemetry is instantiated
|
|
items:
|
|
properties:
|
|
status:
|
|
type: string
|
|
type:
|
|
type: string
|
|
reason:
|
|
type: string
|
|
lastTransitionTime:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
type: object
|
|
type: object
|