From f998290c15b2976a6e35faf085984100bb73208d Mon Sep 17 00:00:00 2001 From: Martin Linkhorst Date: Wed, 18 Sep 2019 17:05:39 +0200 Subject: [PATCH] chore: last adjustments to match the readme --- README.md | 37 +++++++++++++++------------------ deploy/{role.yaml => rbac.yaml} | 21 +++++++++++++++++++ deploy/role_binding.yaml | 11 ---------- deploy/service_account.yaml | 4 ---- 4 files changed, 38 insertions(+), 35 deletions(-) rename deploy/{role.yaml => rbac.yaml} (71%) delete mode 100644 deploy/role_binding.yaml delete mode 100644 deploy/service_account.yaml diff --git a/README.md b/README.md index dc2d322..7d25a3b 100644 --- a/README.md +++ b/README.md @@ -290,13 +290,12 @@ Check your CloudFormation console once more and validate that your stack as well Argument | Environment variable | Default value | Description ---------|----------------------|---------------|------------ -assume-role | AWS_ASSUME_ROLE | | Assume AWS role when defined. Useful for stacks in another AWS account. Specify the full ARN, e.g. `arn:aws:iam::123456789:role/cloudformation-operator` -capability | AWS_CAPABILITIES | | Enable specified capabilities for all stacks managed by the operator instance. Current parameter can be used multiple times. For example: `--capability CAPABILITY_NAMED_IAM --capability CAPABILITY_IAM`. Or with a line break when specifying as an environment variable: `AWS_CAPABILITIES=CAPABILITY_IAM$'\n'CAPABILITY_NAMED_IAM` -debug | DEBUG | | Enable debug logging. -dry-run | DRY_RUN | | If true, don't actually do anything. -tag ... | AWS_TAGS | | Default tags which should be applied for all stacks. The format is `--tag=foo=bar --tag=wambo=baz` on the command line or with a line break when specifying as an env var. (e.g. in zsh: `AWS_TAGS="foo=bar"$'\n'"wambo=baz"`) +assume-role | | | Assume AWS role when defined. Useful for stacks in another AWS account. Specify the full ARN, e.g. `arn:aws:iam::123456789:role/cloudformation-operator` +capability | | | Enable specified capabilities for all stacks managed by the operator instance. Current parameter can be used multiple times. For example: `--capability CAPABILITY_NAMED_IAM --capability CAPABILITY_IAM`. Or with a line break when specifying as an environment variable: `AWS_CAPABILITIES=CAPABILITY_IAM$'\n'CAPABILITY_NAMED_IAM` +dry-run | | | If true, don't actually do anything. +tag ... | | | Default tags which should be applied for all stacks. The format is `--tag=foo=bar --tag=wambo=baz` on the command line or with a line break when specifying as an env var. (e.g. in zsh: `AWS_TAGS="foo=bar"$'\n'"wambo=baz"`) namespace | WATCH_NAMESPACE | default | The Kubernetes namespace to watch -region | AWS_REGION | | The AWS region to use +region | | | The AWS region to use # Cleanup @@ -314,26 +313,24 @@ $ kubectl delete -f deploy/operator.yaml This project uses the [operator sdk](https://github.com/operator-framework/operator-sdk). ```console -$ dep ensure -vendor-only -$ go build -o ./tmp/_output/bin/cloudformation-operator ./cmd/cloudformation-operator -$ KUBERNETES_CONFIG=~/.kube/config ./tmp/_output/bin/cloudformation-operator --region eu-central-1 -$ # if you're using the operator-sdk helper use env vars to configure the flags. -$ AWS_REGION=eu-central-1 operator-sdk up local +$ go build -o ./tmp/_output/bin/cloudformation-operator ./cmd/manager + $ WATCH_NAMESPACE=default KUBERNETES_CONFIG=~/.kube/config ./tmp/_output/bin/cloudformation-operator --region eu-central-1 +$ # if you're using the operator-sdk helper use `operator-flags` to configure the flags. +$ operator-sdk up local --operator-flags="--region=eu-central-1" ``` ## Build the docker image ```console -$ operator-sdk build quay.io/linki/cloudformation-operator:v0.4.0 -$ docker push quay.io/linki/cloudformation-operator:v0.4.0 +$ operator-sdk build quay.io/linki/cloudformation-operator:v0.6.0 +$ docker push quay.io/linki/cloudformation-operator:v0.6.0 $ # or use the previously used Dockerfile (not the one from operator-sdk) -$ docker build -t quay.io/linki/cloudformation-operator:v0.4.0 . +$ docker build -t quay.io/linki/cloudformation-operator:v0.6.0 . ``` ## Test it locally -The `operator-sdk` doesn't allow to pass in flags, so instead use the environment variables -`WATCH_NAMESPACE`, `AWS_REGION` (and/or `AWS_PROFILE`), `DRY_RUN`, and `DEBUG`. +You can use `--operator-flags` to pass in flags using the operator-sdk. Assuming you are using minikube: @@ -342,10 +339,10 @@ $ minikube start # you will be have a kubeconfig read to use by cloudformation o $ export AWS_PROFILE=my_profile # setup your aws config $ cd $GOPATH/src/github.com/linki/cloudformation-operator $ # run cloudformation operator based on previous settings and env vars -$ WATCH_NAMESPACE=staging DRY_RUN=true DEBUG=true AWS_REGION=eu-central-1 operator-sdk up local -INFO[0000] Go Version: go1.10.1 +$ WATCH_NAMESPACE=staging operator-sdk up local --operator-flags="--dry-run=true --region=eu-central-1" +INFO[0000] Go Version: go1.13.0 INFO[0000] Go OS/Arch: darwin/amd64 -INFO[0000] operator-sdk Version: 0.0.5+git -INFO[0000] cloudformation-operator Version: 0.4.0+git +INFO[0000] operator-sdk Version: v0.10.0 +INFO[0000] cloudformation-operator Version: 0.6.0+git INFO[0000] starting stacks controller ``` diff --git a/deploy/role.yaml b/deploy/rbac.yaml similarity index 71% rename from deploy/role.yaml rename to deploy/rbac.yaml index 447eb43..7a74643 100644 --- a/deploy/role.yaml +++ b/deploy/rbac.yaml @@ -59,3 +59,24 @@ rules: - '*' verbs: - '*' + +--- + +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: cloudformation-operator +subjects: +- kind: ServiceAccount + name: cloudformation-operator +roleRef: + kind: Role + name: cloudformation-operator + apiGroup: rbac.authorization.k8s.io + +--- + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: cloudformation-operator diff --git a/deploy/role_binding.yaml b/deploy/role_binding.yaml deleted file mode 100644 index 39ac1e8..0000000 --- a/deploy/role_binding.yaml +++ /dev/null @@ -1,11 +0,0 @@ -kind: RoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: cloudformation-operator -subjects: -- kind: ServiceAccount - name: cloudformation-operator -roleRef: - kind: Role - name: cloudformation-operator - apiGroup: rbac.authorization.k8s.io diff --git a/deploy/service_account.yaml b/deploy/service_account.yaml deleted file mode 100644 index 60faea0..0000000 --- a/deploy/service_account.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: cloudformation-operator