mirror of https://github.com/pulumi/pulumi.git
215 lines
2.8 KiB
Puppet
215 lines
2.8 KiB
Puppet
resource pulumi_kubernetes_operatorDeployment "kubernetes:apps/v1:Deployment" {
|
|
apiVersion = "apps/v1"
|
|
kind = "Deployment"
|
|
metadata = {
|
|
name = "pulumi-kubernetes-operator"
|
|
}
|
|
spec = {
|
|
# Currently only 1 replica supported, until leader election: https://github.com/pulumi/pulumi-kubernetes-operator/issues/33
|
|
replicas = 1
|
|
selector = {
|
|
matchLabels = {
|
|
name = "pulumi-kubernetes-operator"
|
|
}
|
|
}
|
|
template = {
|
|
metadata = {
|
|
labels = {
|
|
name = "pulumi-kubernetes-operator"
|
|
}
|
|
}
|
|
spec = {
|
|
serviceAccountName = "pulumi-kubernetes-operator"
|
|
imagePullSecrets = [
|
|
{
|
|
name = "pulumi-kubernetes-operator"
|
|
}
|
|
]
|
|
containers = [
|
|
{
|
|
name = "pulumi-kubernetes-operator"
|
|
image = "pulumi/pulumi-kubernetes-operator:v0.0.2"
|
|
command = [
|
|
"pulumi-kubernetes-operator"
|
|
]
|
|
args = [
|
|
"--zap-level=debug"
|
|
]
|
|
imagePullPolicy = "Always"
|
|
env = [
|
|
{
|
|
name = "WATCH_NAMESPACE"
|
|
valueFrom = {
|
|
fieldRef = {
|
|
fieldPath = "metadata.namespace"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
name = "POD_NAME"
|
|
valueFrom = {
|
|
fieldRef = {
|
|
fieldPath = "metadata.name"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
name = "OPERATOR_NAME"
|
|
value = "pulumi-kubernetes-operator"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
resource pulumi_kubernetes_operatorRole "kubernetes:rbac.authorization.k8s.io/v1:Role" {
|
|
apiVersion = "rbac.authorization.k8s.io/v1"
|
|
kind = "Role"
|
|
metadata = {
|
|
creationTimestamp = null
|
|
name = "pulumi-kubernetes-operator"
|
|
}
|
|
rules = [
|
|
{
|
|
apiGroups = [
|
|
""
|
|
]
|
|
resources = [
|
|
"pods",
|
|
"services",
|
|
"services/finalizers",
|
|
"endpoints",
|
|
"persistentvolumeclaims",
|
|
"events",
|
|
"configmaps",
|
|
"secrets"
|
|
]
|
|
verbs = [
|
|
"create",
|
|
"delete",
|
|
"get",
|
|
"list",
|
|
"patch",
|
|
"update",
|
|
"watch"
|
|
]
|
|
},
|
|
{
|
|
apiGroups = [
|
|
"apps"
|
|
]
|
|
resources = [
|
|
"deployments",
|
|
"daemonsets",
|
|
"replicasets",
|
|
"statefulsets"
|
|
]
|
|
verbs = [
|
|
"create",
|
|
"delete",
|
|
"get",
|
|
"list",
|
|
"patch",
|
|
"update",
|
|
"watch"
|
|
]
|
|
},
|
|
{
|
|
apiGroups = [
|
|
"monitoring.coreos.com"
|
|
]
|
|
resources = [
|
|
"servicemonitors"
|
|
]
|
|
verbs = [
|
|
"get",
|
|
"create"
|
|
]
|
|
},
|
|
{
|
|
apiGroups = [
|
|
"apps"
|
|
]
|
|
resourceNames = [
|
|
"pulumi-kubernetes-operator"
|
|
]
|
|
resources = [
|
|
"deployments/finalizers"
|
|
]
|
|
verbs = [
|
|
"update"
|
|
]
|
|
},
|
|
{
|
|
apiGroups = [
|
|
""
|
|
]
|
|
resources = [
|
|
"pods"
|
|
]
|
|
verbs = [
|
|
"get"
|
|
]
|
|
},
|
|
{
|
|
apiGroups = [
|
|
"apps"
|
|
]
|
|
resources = [
|
|
"replicasets",
|
|
"deployments"
|
|
]
|
|
verbs = [
|
|
"get"
|
|
]
|
|
},
|
|
{
|
|
apiGroups = [
|
|
"pulumi.com"
|
|
]
|
|
resources = [
|
|
"*"
|
|
]
|
|
verbs = [
|
|
"create",
|
|
"delete",
|
|
"get",
|
|
"list",
|
|
"patch",
|
|
"update",
|
|
"watch"
|
|
]
|
|
}
|
|
]
|
|
}
|
|
|
|
resource pulumi_kubernetes_operatorRoleBinding "kubernetes:rbac.authorization.k8s.io/v1:RoleBinding" {
|
|
kind = "RoleBinding"
|
|
apiVersion = "rbac.authorization.k8s.io/v1"
|
|
metadata = {
|
|
name = "pulumi-kubernetes-operator"
|
|
}
|
|
subjects = [
|
|
{
|
|
kind = "ServiceAccount"
|
|
name = "pulumi-kubernetes-operator"
|
|
}
|
|
]
|
|
roleRef = {
|
|
kind = "Role"
|
|
name = "pulumi-kubernetes-operator"
|
|
apiGroup = "rbac.authorization.k8s.io"
|
|
}
|
|
}
|
|
|
|
resource pulumi_kubernetes_operatorServiceAccount "kubernetes:core/v1:ServiceAccount" {
|
|
apiVersion = "v1"
|
|
kind = "ServiceAccount"
|
|
metadata = {
|
|
name = "pulumi-kubernetes-operator"
|
|
}
|
|
}
|