andata
/
rancher-partner-charts
mirror of https://git.rancher.io/partner-charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #316 from mattray/triggermesh-1.13 

Initial TriggerMesh 1.13 chart
pull/318/head
Samuel Attwood 2022-01-20 11:23:20 -05:00 committed by GitHub
parent c18df031c7 bd7c20ed5c
commit 85a5255d76
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
25 changed files with 14923 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
assets/triggermesh/triggermesh-0.3.401.tgz Normal file
View File

Binary file not shown.

23
charts/triggermesh/triggermesh/0.3.401/.helmignore Normal file
View File

@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

26
charts/triggermesh/triggermesh/0.3.401/Chart.yaml Normal file
View File

@ -0,0 +1,26 @@
annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: TriggerMesh Cloud Native Integration Platform
catalog.cattle.io/release-name: triggermesh
apiVersion: v2
appVersion: v1.13.0
description: A Helm chart deploying TriggerMesh Open Source Components
home: https://github.com/triggermesh/triggermesh
icon: https://global-uploads.webflow.com/5f683649f57c927210b6707e/5f683649f57c9261bab67097_logo.svg
keywords:
- aws
- eda
- knative-eventing
- serverless
- triggermesh
kubeVersion: '>= 1.20'
maintainers:
- email: sameer@triggermesh.com
name: sameersbn
- email: antoine@triggermesh.com
name: antoineco
- email: matt@triggermesh.com
name: mattray
name: triggermesh
type: application
version: 0.3.401

76
charts/triggermesh/triggermesh/0.3.401/README.md Normal file
View File

@ -0,0 +1,76 @@
# TriggerMesh
## TL;DR;
```console
$ helm repo add triggermesh https://storage.googleapis.com/triggermesh-charts
$ helm install -n triggermesh triggermesh triggermesh/triggermesh --create-namespace
```
To report bugs and for feedback and support please [create a new issue](https://github.com/triggermesh/charts/issues/new).
## Introduction
This chart installs the [TriggerMesh Open Source Components](https://github.com/triggermesh/triggermesh) on a Kubernetes cluster.
## Prerequisites
- Kubernetes 1.20+
- Helm 3.0+
- Knative v0.25+
## Installing the Chart
Add the TriggerMesh chart repository to Helm:
```console
$ helm repo add triggermesh https://storage.googleapis.com/triggermesh-charts
```
To install the chart with the release name `my-release`:
```console
$ helm install --name my-release triggermesh/triggermesh
```
The command deploys the TriggerMesh opensource components in the default configuration. Refer to the [configuration](#configuration) section for the complete list of parameters that can be specified to customize the deployment of the controller.
## Uninstalling the Chart
To uninstall/delete the `my-release` deployment:
```console
$ helm uninstall my-release
```
The Kubernetes resources associated with chart will be removed and the Helm release will be deleted.
## Configuration
| Parameter | Description | Default |
|------------------------------|-----------------------------------------------------|--------------------------------------|
| `nameOverride` | Override the name for controller resources | `""` |
| `fullnameOverride` | Override the fullname for controller resources | `""` |
| `image.registry` | Image registry name | `gcr.io/triggermesh` |
| `image.tag` | Image tag | `.Chart.AppVersion` |
| `image.pullPolicy` | Image pull policy | `IfNotPresent` |
| `imagePullSecrets` | Specify image pull secrets | `[]` |
| `replicaCount` | Number of replicas | `1` |
| `rbac.create` | Create RBAC resources | `true` |
| `serviceAccount.create` | Create service account for the controller | `true` |
| `serviceAccount.annotations` | Annotations to add to controller service account | `{}` |
| `serviceAccount.name` | Override the name for the service account | `nil` |
| `podAnnotations` | Annotations to add to the controller pod | `{}` |
| `podSecurityContext` | Security context for controller pods | `{}` |
| `securityContext` | Security context for controller containers | `{}` |
| `resources` | Resource requests/limits for the controller | `{}` |
| `nodeSelector` | Controller node selector | `{}` |
| `tolerations` | Tolerations for use with node taints | `[]` |
| `affinity` | Assign custom affinity rules to the controller pods | `{}` |
| `webhook.podAnnotations` | Annotations to add to the webhook pod | `{sidecar.istio.io/inject: 'false'}` |
| `webhook.podSecurityContext` | Security context for webhook pods | `{}` |
| `webhook.securityContext` | Security context for webhook containers | `{}` |
| `webhook.resources` | Resource requests/limits for the webhook | `{}` |
| `webhook.nodeSelector` | Webhook node selector | `{}` |
| `webhook.tolerations` | Tolerations for use with node taints | `[]` |
| `webhook.affinity` | Assign custom affinity rules to the webhook pods | `{}` |

5
charts/triggermesh/triggermesh/0.3.401/app-readme.md Normal file
View File

@ -0,0 +1,5 @@
# TriggerMesh Cloud Native Integration Platform
The [TriggerMesh Cloud Native Integration Platform](https://github.com/triggermesh/triggermesh) consists of a set of APIs which allow you to build event-driven applications with [Knative](https://knative.dev). Implemented as a set of Kubernetes CRDs and a Kubernetes controller, TriggerMesh gives you a way to declaratively define your event sources and event targets, in addition to potential actions needed in your applications: content-based event filtering, event splitting, event transformation and event processing via functions.
Learn more at [docs.triggermesh.io](https://docs.triggermesh.io/).

12938
charts/triggermesh/triggermesh/0.3.401/crds/triggermesh-crds.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

3
charts/triggermesh/triggermesh/0.3.401/templates/NOTES.txt Normal file
View File

@ -0,0 +1,3 @@
*************************************************
*** PLEASE BE PATIENT: DEPLOYMENT IN PROGRESS ***
*************************************************

128
charts/triggermesh/triggermesh/0.3.401/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,128 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "triggermesh.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "triggermesh.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "triggermesh.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "triggermesh.labels" -}}
helm.sh/chart: {{ include "triggermesh.chart" . }}
{{ include "triggermesh.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/part-of: triggermesh
{{- end }}
{{/*
Selector labels
*/}}
{{- define "triggermesh.selectorLabels" -}}
app.kubernetes.io/name: {{ include "triggermesh.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "triggermesh.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "triggermesh.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}
{{/*
Controller Service Account Name
*/}}
{{- define "triggermesh.controller.serviceAccountName" -}}
{{- $name := include "triggermesh.serviceAccountName" . }}
{{- printf "%s-%s" $name "controller" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Controller FQDN
*/}}
{{- define "triggermesh.controller.fullname" -}}
{{- $name := include "triggermesh.fullname" . }}
{{- printf "%s-%s" $name "controller" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Controller labels
*/}}
{{- define "triggermesh.controller.labels" -}}
{{ include "triggermesh.labels" . }}
app: triggermesh-controller
{{- end }}
{{/*
Controller Selector labels
*/}}
{{- define "triggermesh.controller.selectorLabels" -}}
{{ include "triggermesh.selectorLabels" . }}
app: triggermesh-controller
{{- end }}
{{/*
Webhook Service Account Name
*/}}
{{- define "triggermesh.webhook.serviceAccountName" -}}
{{- $name := include "triggermesh.serviceAccountName" . }}
{{- printf "%s-%s" $name "webhook" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Webhook FQDN
*/}}
{{- define "triggermesh.webhook.fullname" -}}
{{- $name := include "triggermesh.fullname" . }}
{{- printf "%s-%s" $name "webhook" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Webhook labels
*/}}
{{- define "triggermesh.webhook.labels" -}}
{{ include "triggermesh.labels" . }}
app: triggermesh-webhook
{{- end }}
{{/*
Webhook Selector labels
*/}}
{{- define "triggermesh.webhook.selectorLabels" -}}
{{ include "triggermesh.selectorLabels" . }}
app: triggermesh-webhook
{{- end }}

129
charts/triggermesh/triggermesh/0.3.401/templates/clusterrolebinding.yaml Normal file
View File

@ -0,0 +1,129 @@
# Copyright 2021 TriggerMesh Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.serviceAccount.create }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ template "triggermesh.controller.fullname" . }}
labels:
{{- include "triggermesh.controller.labels" . | nindent 4 }}
subjects:
- kind: ServiceAccount
name: {{ include "triggermesh.controller.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ template "triggermesh.controller.fullname" . }}
---
# Permissions not required by controllers directly, but granted to
# receive-adapters via RoleBindings.
#
# Without them, the following error is thrown:
# "attempting to grant RBAC permissions not currently held"
#
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: awssnssource-adapter
labels:
{{- include "triggermesh.controller.labels" . | nindent 4 }}
subjects:
- kind: ServiceAccount
name: {{ include "triggermesh.controller.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: awssnssource-adapter
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: zendesksource-adapter
labels:
{{- include "triggermesh.controller.labels" . | nindent 4 }}
subjects:
- kind: ServiceAccount
name: {{ include "triggermesh.controller.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: zendesksource-adapter
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: tektontarget-adapter
labels:
{{- include "triggermesh.controller.labels" . | nindent 4 }}
subjects:
- kind: ServiceAccount
name: {{ include "triggermesh.controller.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: tektontarget-adapter
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: filter-adapter
labels:
{{- include "triggermesh.controller.labels" . | nindent 4 }}
subjects:
- kind: ServiceAccount
name: {{ include "triggermesh.controller.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: filter-adapter
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: splitter-adapter
labels:
{{- include "triggermesh.controller.labels" . | nindent 4 }}
subjects:
- kind: ServiceAccount
name: {{ include "triggermesh.controller.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: splitter-adapter
---
# Resolve sink URIs
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ template "triggermesh.controller.fullname" . }}-addressable-resolver
labels:
{{- include "triggermesh.controller.labels" . | nindent 4 }}
subjects:
- kind: ServiceAccount
name: {{ include "triggermesh.controller.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: addressable-resolver
{{- end }}

859
charts/triggermesh/triggermesh/0.3.401/templates/clusterroles.yaml Normal file
View File

@ -0,0 +1,859 @@
# Copyright 2021 TriggerMesh Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.rbac.create }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ template "triggermesh.controller.fullname" . }}
labels:
{{- include "triggermesh.controller.labels" . | nindent 4 }}
rules:
# Record Kubernetes events
- apiGroups:
- ''
resources:
- events
verbs:
- create
- patch
- update
# Manage receive-adapters
- apiGroups:
- apps
resources:
- deployments
verbs:
- get
- list
- watch
- create
- update
- delete
- patch
- apiGroups:
- serving.knative.dev
resources:
- services
verbs:
- get
- list
- watch
- create
- update
- delete
- patch
# Read reconciled TriggerMesh resources and update their statuses
# +rbac-check
- apiGroups:
- sources.triggermesh.io
resources:
- awscloudwatchlogssources
- awscloudwatchsources
- awscodecommitsources
- awscognitoidentitysources
- awscognitouserpoolsources
- awsdynamodbsources
- awskinesissources
- awsperformanceinsightssources
- awss3sources
- awssnssources
- awssqssources
- azureactivitylogssources
- azureblobstoragesources
- azureeventgridsources
- azureeventhubsources
- azureiothubsources
- azurequeuestoragesources
- azureservicebusqueuesources
- azureservicebustopicsources
- googlecloudauditlogssources
- googlecloudbillingsources
- googlecloudiotsources
- googlecloudpubsubsources
- googlecloudsourcerepositoriessources
- googlecloudstoragesources
- httppollersources
- ibmmqsources
- ocimetricssources
- salesforcesources
- slacksources
- twiliosources
- webhooksources
- zendesksources
verbs:
- list
- watch
- get
# +rbac-check:subresource=status
- apiGroups:
- sources.triggermesh.io
resources:
- awscloudwatchlogssources/status
- awscloudwatchsources/status
- awscodecommitsources/status
- awscognitoidentitysources/status
- awscognitouserpoolsources/status
- awsdynamodbsources/status
- awskinesissources/status
- awsperformanceinsightssources/status
- awss3sources/status
- awssnssources/status
- awssqssources/status
- azureactivitylogssources/status
- azureblobstoragesources/status
- azureeventgridsources/status
- azureeventhubsources/status
- azureiothubsources/status
- azurequeuestoragesources/status
- azureservicebusqueuesources/status
- azureservicebustopicsources/status
- googlecloudauditlogssources/status
- googlecloudbillingsources/status
- googlecloudiotsources/status
- googlecloudpubsubsources/status
- googlecloudsourcerepositoriessources/status
- googlecloudstoragesources/status
- httppollersources/status
- ibmmqsources/status
- ocimetricssources/status
- salesforcesources/status
- slacksources/status
- twiliosources/status
- webhooksources/status
- zendesksources/status
verbs:
- update
# +rbac-check
- apiGroups:
- targets.triggermesh.io
resources:
- alibabaosstargets
- awscomprehendtargets
- awsdynamodbtargets
- awskinesistargets
- awslambdatargets
- awss3targets
- awssnstargets
- awssqstargets
- azureeventhubstargets
- confluenttargets
- datadogtargets
- elasticsearchtargets
- googlecloudfirestoretargets
- googlecloudstoragetargets
- googlecloudworkflowstargets
- googlesheettargets
- hasuratargets
- httptargets
- ibmmqtargets
- infratargets
- jiratargets
- logzmetricstargets
- logztargets
- oracletargets
- salesforcetargets
- sendgridtargets
- slacktargets
- splunktargets
- tektontargets
- twiliotargets
- uipathtargets
- zendesktargets
verbs:
- list
- watch
- get
# +rbac-check:subresource=status
- apiGroups:
- targets.triggermesh.io
resources:
- alibabaosstargets/status
- awscomprehendtargets/status
- awsdynamodbtargets/status
- awskinesistargets/status
- awslambdatargets/status
- awss3targets/status
- awssnstargets/status
- awssqstargets/status
- azureeventhubstargets/status
- confluenttargets/status
- datadogtargets/status
- elasticsearchtargets/status
- googlecloudfirestoretargets/status
- googlecloudstoragetargets/status
- googlecloudworkflowstargets/status
- googlesheettargets/status
- hasuratargets/status
- httptargets/status
- ibmmqtargets/status
- infratargets/status
- jiratargets/status
- logzmetricstargets/status
- logztargets/status
- oracletargets/status
- salesforcetargets/status
- sendgridtargets/status
- slacktargets/status
- splunktargets/status
- tektontargets/status
- twiliotargets/status
- uipathtargets/status
- zendesktargets/status
verbs:
- update
# +rbac-check
- apiGroups:
- flow.triggermesh.io
resources:
- transformations
- xslttransforms
verbs:
- list
- watch
- get
# +rbac-check:subresource=status
- apiGroups:
- flow.triggermesh.io
resources:
- transformations/status
- xslttransforms/status
verbs:
- update
# +rbac-check
- apiGroups:
- extensions.triggermesh.io
resources:
- functions
verbs:
- list
- watch
- get
# +rbac-check:subresource=status
- apiGroups:
- extensions.triggermesh.io
resources:
- functions/status
verbs:
- update
# +rbac-check
- apiGroups:
- routing.triggermesh.io
resources:
- filters
- splitters
verbs:
- list
- watch
- get
# +rbac-check:subresource=status
- apiGroups:
- routing.triggermesh.io
resources:
- filters/status
- splitters/status
verbs:
- update
# Ensure compatibility with the OwnerReferencesPermissionEnforcement Admission Controller
# https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement
# +rbac-check:subresource=finalizers
- apiGroups:
- sources.triggermesh.io
resources:
- awscloudwatchlogssources/finalizers
- awscloudwatchsources/finalizers
- awscodecommitsources/finalizers
- awscognitoidentitysources/finalizers
- awscognitouserpoolsources/finalizers
- awsdynamodbsources/finalizers
- awskinesissources/finalizers
- awsperformanceinsightssources/finalizers
- awss3sources/finalizers
- awssnssources/finalizers
- awssqssources/finalizers
- azureactivitylogssources/finalizers
- azureblobstoragesources/finalizers
- azureeventgridsources/finalizers
- azureeventhubsources/finalizers
- azureiothubsources/finalizers
- azurequeuestoragesources/finalizers
- azureservicebusqueuesources/finalizers
- azureservicebustopicsources/finalizers
- googlecloudauditlogssources/finalizers
- googlecloudbillingsources/finalizers
- googlecloudiotsources/finalizers
- googlecloudpubsubsources/finalizers
- googlecloudsourcerepositoriessources/finalizers
- googlecloudstoragesources/finalizers
- httppollersources/finalizers
- ibmmqsources/finalizers
- ocimetricssources/finalizers
- salesforcesources/finalizers
- slacksources/finalizers
- twiliosources/finalizers
- webhooksources/finalizers
- zendesksources/finalizers
verbs:
- update
# +rbac-check:subresource=finalizers
- apiGroups:
- targets.triggermesh.io
resources:
- alibabaosstargets/finalizers
- awscomprehendtargets/finalizers
- awsdynamodbtargets/finalizers
- awskinesistargets/finalizers
- awslambdatargets/finalizers
- awss3targets/finalizers
- awssnstargets/finalizers
- awssqstargets/finalizers
- azureeventhubstargets/finalizers
- confluenttargets/finalizers
- datadogtargets/finalizers
- elasticsearchtargets/finalizers
- googlecloudfirestoretargets/finalizers
- googlecloudstoragetargets/finalizers
- googlecloudworkflowstargets/finalizers
- googlesheettargets/finalizers
- hasuratargets/finalizers
- httptargets/finalizers
- ibmmqtargets/finalizers
- infratargets/finalizers
- jiratargets/finalizers
- logzmetricstargets/finalizers
- logztargets/finalizers
- oracletargets/finalizers
- salesforcetargets/finalizers
- sendgridtargets/finalizers
- slacktargets/finalizers
- splunktargets/finalizers
- tektontargets/finalizers
- twiliotargets/finalizers
- uipathtargets/finalizers
- zendesktargets/finalizers
verbs:
- update
# +rbac-check:subresource=finalizers
- apiGroups:
- flow.triggermesh.io
resources:
- transformations/finalizers
- xslttransforms/finalizers
verbs:
- update
# +rbac-check:subresource=finalizers
- apiGroups:
- extensions.triggermesh.io
resources:
- functions/finalizers
verbs:
- update
# +rbac-check:subresource=finalizers
- apiGroups:
- routing.triggermesh.io
resources:
- filters/finalizers
- splitters/finalizers
verbs:
- update
# Set finalizers
- apiGroups:
- sources.triggermesh.io
resources:
- awss3sources
- awssnssources
- azureactivitylogssources
- azureblobstoragesources
- azureeventgridsources
- azureservicebusqueuesources
- azureservicebustopicsources
- googlecloudauditlogssources
- googlecloudbillingsources
- googlecloudiotsources
- googlecloudpubsubsources
- googlecloudsourcerepositoriessources
- googlecloudstoragesources
- zendesksources
verbs:
- patch
# Manage resource-specific ServiceAccounts and RoleBindings
- apiGroups:
- ''
resources:
- serviceaccounts
- serviceaccounts/finalizers
verbs:
- list
- watch
- create
- update
- apiGroups:
- rbac.authorization.k8s.io
resources:
- rolebindings
verbs:
- list
- watch
- create
- apiGroups:
- rbac.authorization.k8s.io
resources:
- rolebindings
# Only multi-tenant components receive permissions via RoleBindings to
# interact with the Kubernetes API.
resourceNames:
- awssnssource-adapter
- zendesksource-adapter
- tektontarget-adapter
- filter-adapter
- splitter-adapter
verbs:
- update
# List namespaces
# Required by the TektonTarget reaper.
- apiGroups:
- ''
resources:
- namespaces
verbs:
- list
# Read credentials
- apiGroups:
- ''
resources:
- secrets
verbs:
- get
# Required by Function controller to store, and mount user's code
- apiGroups:
- ''
resources:
- configmaps
verbs:
- get
- list
- create
- update
- delete
- patch
- watch
# Read controller configurations
- apiGroups:
- ''
resources:
- configmaps
verbs:
- list
- watch
- apiGroups:
- ''
resources:
- configmaps
resourceNames:
- config-logging
- config-observability
- config-leader-election
verbs:
- get
# Acquire leases for leader election
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- create
- update
# Determine the exact reason why Deployments fail
- apiGroups:
- ''
resources:
- pods
verbs:
- list
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: awssnssource-adapter
labels:
{{- include "triggermesh.controller.labels" . | nindent 4 }}
rules:
# Record Kubernetes events
- apiGroups:
- ''
resources:
- events
verbs:
- create
- patch
- update
# Read Source resources and update their statuses
- apiGroups:
- sources.triggermesh.io
resources:
- awssnssources
verbs:
- list
- watch
- apiGroups:
- sources.triggermesh.io
resources:
- awssnssources/status
verbs:
- patch
# Read credentials
- apiGroups:
- ''
resources:
- secrets
verbs:
- get
# Acquire leases for leader election
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- create
- update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: zendesksource-adapter
labels:
{{- include "triggermesh.controller.labels" . | nindent 4 }}
rules:
# Record Kubernetes events
- apiGroups:
- ''
resources:
- events
verbs:
- create
- patch
- update
# Read Source resources
- apiGroups:
- sources.triggermesh.io
resources:
- zendesksources
verbs:
- list
- watch
# Read credentials
- apiGroups:
- ''
resources:
- secrets
verbs:
- get
# Acquire leases for leader election
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- create
- update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: tektontarget-adapter
labels:
{{- include "triggermesh.controller.labels" . | nindent 4 }}
rules:
- apiGroups:
- tekton.dev
resources:
- taskruns
- pipelineruns
verbs:
- create
- list
- delete
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: filter-adapter
labels:
{{- include "triggermesh.controller.labels" . | nindent 4 }}
rules:
- apiGroups:
- ''
resources:
- events
verbs:
- create
- patch
- update
- apiGroups:
- ''
resources:
- configmaps
verbs:
- get
- list
- watch
- apiGroups:
- routing.triggermesh.io
resources:
- filters
verbs:
- get
- list
- watch
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- create
- update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: splitter-adapter
labels:
{{- include "triggermesh.controller.labels" . | nindent 4 }}
rules:
- apiGroups:
- ''
resources:
- events
verbs:
- create
- patch
- update
- apiGroups:
- ''
resources:
- configmaps
verbs:
- get
- list
- watch
- apiGroups:
- routing.triggermesh.io
resources:
- splitters
verbs:
- get
- list
- watch
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- create
- update
---
# This role provides readonly access to "Source" duck types.
# All the rules it contains get aggregated into the "source-observer" ClusterRole provided by Knative Eventing.
# see https://github.com/knative/eventing/blob/release-0.26/docs/spec/sources.md#source-rbac
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: triggermesh-source-observer
labels:
{{- include "triggermesh.controller.labels" . | nindent 4 }}
duck.knative.dev/source: 'true'
rules:
# +rbac-check
- apiGroups:
- sources.triggermesh.io
resources:
- awscloudwatchlogssources
- awscloudwatchsources
- awscodecommitsources
- awscognitoidentitysources
- awscognitouserpoolsources
- awsdynamodbsources
- awskinesissources
- awsperformanceinsightssources
- awss3sources
- awssnssources
- awssqssources
- azureactivitylogssources
- azureblobstoragesources
- azureeventgridsources
- azureeventhubsources
- azureiothubsources
- azurequeuestoragesources
- azureservicebusqueuesources
- azureservicebustopicsources
- googlecloudauditlogssources
- googlecloudbillingsources
- googlecloudiotsources
- googlecloudpubsubsources
- googlecloudsourcerepositoriessources
- googlecloudstoragesources
- httppollersources
- ibmmqsources
- ocimetricssources
- salesforcesources
- slacksources
- twiliosources
- webhooksources
- zendesksources
verbs:
- get
- list
- watch
---
# This role provides readonly access to "Addressable" duck types.
# All the rules it contains get aggregated into the "addressable-resolver" ClusterRole.
# https://github.com/knative/eventing/blob/release-0.26/config/core/roles/addressable-resolvers-clusterrole.yaml#L15-L28
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: triggermesh-addressable-resolver
labels:
{{- include "triggermesh.controller.labels" . | nindent 4 }}
duck.knative.dev/addressable: 'true'
rules:
# +rbac-check
- apiGroups:
- targets.triggermesh.io
resources:
- alibabaosstargets
- awscomprehendtargets
- awsdynamodbtargets
- awskinesistargets
- awslambdatargets
- awss3targets
- awssnstargets
- awssqstargets
- azureeventhubstargets
- confluenttargets
- datadogtargets
- elasticsearchtargets
- googlecloudfirestoretargets
- googlecloudstoragetargets
- googlecloudworkflowstargets
- googlesheettargets
- hasuratargets
- httptargets
- ibmmqtargets
- infratargets
- jiratargets
- logzmetricstargets
- logztargets
- oracletargets
- salesforcetargets
- sendgridtargets
- slacktargets
- splunktargets
- tektontargets
- twiliotargets
- uipathtargets
- zendesktargets
verbs:
- get
- list
- watch
# +rbac-check
- apiGroups:
- flow.triggermesh.io
resources:
- transformations
- xslttransforms
verbs:
- get
- list
- watch
# +rbac-check
- apiGroups:
- extensions.triggermesh.io
resources:
- functions
verbs:
- get
- list
- watch
# +rbac-check
- apiGroups:
- routing.triggermesh.io
resources:
- filters
- splitters
verbs:
- get
- list
- watch
# Allow resolving URLs of a few additional common types which are not supplied by TriggerMesh.
- apiGroups:
- ''
resources:
- services
verbs:
- get
- list
- watch
- apiGroups:
- serving.knative.dev
resources:
- routes
- services
verbs:
- get
- list
- watch
{{- end }}

212
charts/triggermesh/triggermesh/0.3.401/templates/deployment.yaml Normal file
View File

@ -0,0 +1,212 @@
# Copyright 2021 TriggerMesh Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "triggermesh.controller.fullname" . }}
labels:
{{- include "triggermesh.controller.labels" . | nindent 4 }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
{{- include "triggermesh.controller.selectorLabels" . | nindent 6 }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "triggermesh.controller.selectorLabels" . | nindent 8 }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "triggermesh.controller.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: controller
terminationMessagePolicy: FallbackToLogsOnError
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.registry }}/triggermesh-controller:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
env:
- name: SYSTEM_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
# Logging/observability configuration
- name: CONFIG_LOGGING_NAME
value: config-logging
- name: CONFIG_OBSERVABILITY_NAME
value: config-observability
- name: METRICS_DOMAIN
value: triggermesh.io
# Source adapters
- name: AWSCLOUDWATCHSOURCE_IMAGE
value: "{{ .Values.image.registry }}/awscloudwatchsource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: AWSCLOUDWATCHLOGSSOURCE_IMAGE
value: "{{ .Values.image.registry }}/awscloudwatchlogssource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: AWSCODECOMMITSOURCE_IMAGE
value: "{{ .Values.image.registry }}/awscodecommitsource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: AWSCOGNITOIDENTITYSOURCE_IMAGE
value: "{{ .Values.image.registry }}/awscognitoidentitysource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: AWSCOGNITOUSERPOOLSOURCE_IMAGE
value: "{{ .Values.image.registry }}/awscognitouserpoolsource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: AWSDYNAMODBSOURCE_IMAGE
value: "{{ .Values.image.registry }}/awsdynamodbsource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: AWSKINESISSOURCE_IMAGE
value: "{{ .Values.image.registry }}/awskinesissource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: AWSPERFORMANCEINSIGHTSSOURCE_IMAGE
value: "{{ .Values.image.registry }}/awsperformanceinsightssource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: AWSSNSSOURCE_IMAGE
value: "{{ .Values.image.registry }}/awssnssource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: AWSSQSSOURCE_IMAGE
value: "{{ .Values.image.registry }}/awssqssource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: AZUREEVENTHUBSOURCE_IMAGE
value: "{{ .Values.image.registry }}/azureeventhubsource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: AZUREIOTHUBSOURCE_IMAGE
value: "{{ .Values.image.registry }}/azureiothubsource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: AZUREQUEUESTORAGESOURCE_IMAGE
value: "{{ .Values.image.registry }}/azurequeuestoragesource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: AZURESERVICEBUSSOURCE_IMAGE
value: "{{ .Values.image.registry }}/azureservicebussource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: GOOGLECLOUDPUBSUBSOURCE_IMAGE
value: "{{ .Values.image.registry }}/googlecloudpubsubsource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: HTTPPOLLERSOURCE_IMAGE
value: "{{ .Values.image.registry }}/httppollersource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: OCIMETRICSSOURCE_IMAGE
value: "{{ .Values.image.registry }}/ocimetricssource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: SALESFORCESOURCE_IMAGE
value: "{{ .Values.image.registry }}/salesforcesource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: SLACKSOURCE_IMAGE
value: "{{ .Values.image.registry }}/slacksource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: TWILIOSOURCE_IMAGE
value: "{{ .Values.image.registry }}/twiliosource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: WEBHOOKSOURCE_IMAGE
value: "{{ .Values.image.registry }}/webhooksource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: ZENDESKSOURCE_IMAGE
value: "{{ .Values.image.registry }}/zendesksource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
# Target adapters
- name: ALIBABAOSS_ADAPTER_IMAGE
value: "{{ .Values.image.registry }}/alibabaosstarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: AWS_COMPREHEND_ADAPTER_IMAGE
value: "{{ .Values.image.registry }}/awscomprehendtarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: AWS_DYNAMODB_ADAPTER_IMAGE
value: "{{ .Values.image.registry }}/awsdynamodbtarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: AWS_KINESIS_ADAPTER_IMAGE
value: "{{ .Values.image.registry }}/awskinesistarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: AWS_LAMBDA_ADAPTER_IMAGE
value: "{{ .Values.image.registry }}/awslambdatarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: AWS_S3_ADAPTER_IMAGE
value: "{{ .Values.image.registry }}/awss3target-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: AWS_SNS_ADAPTER_IMAGE
value: "{{ .Values.image.registry }}/awssnstarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: AWS_SQS_ADAPTER_IMAGE
value: "{{ .Values.image.registry }}/awssqstarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: AZURE_EVENTHUBS_ADAPTER_IMAGE
value: "{{ .Values.image.registry }}/azureeventhubstarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: CONFLUENT_ADAPTER_IMAGE
value: "{{ .Values.image.registry }}/confluenttarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: DATADOGTARGET_IMAGE
value: "{{ .Values.image.registry }}/datadogtarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: ELASTICSEARCH_ADAPTER_IMAGE
value: "{{ .Values.image.registry }}/elasticsearchtarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: GOOGLESHEET_ADAPTER_IMAGE
value: "{{ .Values.image.registry }}/googlesheettarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: GOOGLECLOUDFIRESTORE_ADAPTER_IMAGE
value: "{{ .Values.image.registry }}/googlecloudfirestoretarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: GOOGLECLOUDSTORAGE_ADAPTER_IMAGE
value: "{{ .Values.image.registry }}/googlecloudstoragetarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: GOOGLECLOUDWORKFLOWS_ADAPTER_IMAGE
value: "{{ .Values.image.registry }}/googlecloudworkflowstarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: HASURATARGET_IMAGE
value: "{{ .Values.image.registry }}/hasuratarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: HTTPTARGET_IMAGE
value: "{{ .Values.image.registry }}/httptarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: INFRATARGET_IMAGE
value: "{{ .Values.image.registry }}/infratarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: JIRATARGET_IMAGE
value: "{{ .Values.image.registry }}/jiratarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: LOGZTARGET_IMAGE
value: "{{ .Values.image.registry }}/logztarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: OPENTELEMETRYTARGET_IMAGE
value: "{{ .Values.image.registry }}/opentelemetrytarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: ORACLE_ADAPTER_IMAGE
value: "{{ .Values.image.registry }}/oracletarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: SALESFORCETARGET_IMAGE
value: "{{ .Values.image.registry }}/salesforcetarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: SENDGRID_ADAPTER_IMAGE
value: "{{ .Values.image.registry }}/sendgridtarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: SLACK_ADAPTER_IMAGE
value: "{{ .Values.image.registry }}/slacktarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: SPLUNKTARGET_IMAGE
value: "{{ .Values.image.registry }}/splunktarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: TEKTON_ADAPTER_IMAGE
value: "{{ .Values.image.registry }}/tektontarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: TWILIO_ADAPTER_IMAGE
value: "{{ .Values.image.registry }}/twiliotarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: UIPATH_ADAPTER_IMAGE
value: "{{ .Values.image.registry }}/uipathtarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: ZENDESK_ADAPTER_IMAGE
value: "{{ .Values.image.registry }}/zendesktarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
# Custom build adapters
- name: IBMMQSOURCE_ADAPTER_IMAGE
value: "{{ .Values.image.registry }}/ibmmqsource-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: IBMMQTARGET_ADAPTER_IMAGE
value: "{{ .Values.image.registry }}/ibmmqtarget-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
# Transformation adapter
- name: TRANSFORMER_IMAGE
value: "{{ .Values.image.registry }}/transformation-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: XSLTTRANSFORM_IMAGE
value: "{{ .Values.image.registry }}/xslttransform-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
# Routing adapters
- name: FILTER_IMAGE
value: "{{ .Values.image.registry }}/filter-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: SPLITTER_IMAGE
value: "{{ .Values.image.registry }}/splitter-adapter:{{ .Values.image.tag | default .Chart.AppVersion }}"
# Function Runtimes
- name: RUNTIME_KLR_PYTHON
value: "{{ .Values.image.registry }}/knative-lambda-python37:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: RUNTIME_KLR_NODE
value: "{{ .Values.image.registry }}/knative-lambda-node10:{{ .Values.image.tag | default .Chart.AppVersion }}"
- name: RUNTIME_KLR_RUBY
value: "{{ .Values.image.registry }}/knative-lambda-ruby25:{{ .Values.image.tag | default .Chart.AppVersion }}"
# Type-specific options
- name: TEKTON_REAPING_INTERVAL
value: 2m
ports:
- name: metrics
containerPort: 9090
- name: profiling
containerPort: 8008
resources:
{{- toYaml .Values.resources | nindent 12 }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

26
charts/triggermesh/triggermesh/0.3.401/templates/serviceaccount.yaml Normal file
View File

@ -0,0 +1,26 @@
# Copyright 2021 TriggerMesh Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.serviceAccount.create }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "triggermesh.controller.serviceAccountName" . }}
labels:
{{- include "triggermesh.controller.labels" . | nindent 4 }}
{{- with .Values.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

32
charts/triggermesh/triggermesh/0.3.401/templates/webhook/clusterrolebinding.yaml Normal file
View File

@ -0,0 +1,32 @@
# Copyright 2021 TriggerMesh Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.serviceAccount.create }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ template "triggermesh.webhook.fullname" . }}
labels:
{{- include "triggermesh.webhook.labels" . | nindent 4 }}
subjects:
- kind: ServiceAccount
name: {{ include "triggermesh.webhook.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ template "triggermesh.webhook.fullname" . }}
{{- end }}

120
charts/triggermesh/triggermesh/0.3.401/templates/webhook/clusterroles.yaml Normal file
View File

@ -0,0 +1,120 @@
# Copyright 2021 TriggerMesh Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.rbac.create }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ template "triggermesh.webhook.fullname" . }}
labels:
{{- include "triggermesh.webhook.labels" . | nindent 4 }}
rules:
# Routing admin
- apiGroups:
- routing.triggermesh.io
resources:
- filters
- splitters
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
# Routing statuses update
- apiGroups:
- routing.triggermesh.io
resources:
- splitters/status
- filters/status
verbs:
- update
- apiGroups:
- flow.triggermesh.io
resources:
- xslttransforms
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- flow.triggermesh.io
resources:
- xslttransforms/status
verbs:
- update
# Events admin
- apiGroups:
- ''
resources:
- events
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
# For manipulating certs into secrets.
- apiGroups:
- ''
resources:
- secrets
verbs:
- get
- create
- update
- list
- watch
# Validation webhook gets system namespace to use it as an owner.
- apiGroups:
- ''
resources:
- namespaces
verbs:
- get
# For actually registering our webhook.
- apiGroups:
- admissionregistration.k8s.io
resources:
- mutatingwebhookconfigurations
- validatingwebhookconfigurations
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
# Acquire leases for leader election
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- create
- update
{{- end }}

91
charts/triggermesh/triggermesh/0.3.401/templates/webhook/deployment.yaml Normal file
View File

@ -0,0 +1,91 @@
# Copyright 2021 TriggerMesh Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "triggermesh.webhook.fullname" . }}
labels:
{{- include "triggermesh.webhook.labels" . | nindent 4 }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
{{- include "triggermesh.webhook.selectorLabels" . | nindent 6 }}
template:
metadata:
annotations:
sidecar.istio.io/inject: 'false'
{{- with .Values.podAnnotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "triggermesh.webhook.selectorLabels" . | nindent 8 }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "triggermesh.webhook.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.webhook.podSecurityContext | nindent 8 }}
containers:
- name: webhook
terminationMessagePolicy: FallbackToLogsOnError
securityContext:
{{- toYaml .Values.webhook.securityContext | nindent 12 }}
image: "{{ .Values.image.registry }}/triggermesh-webhook:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
env:
- name: SYSTEM_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: CONFIG_LOGGING_NAME
value: config-logging
- name: METRICS_DOMAIN
value: triggermesh.io/sources
- name: WEBHOOK_NAME
value: {{ include "triggermesh.webhook.fullname" . }}
ports:
- name: metrics
containerPort: 9090
readinessProbe:
periodSeconds: 1
httpGet:
scheme: HTTPS
port: 8443
httpHeaders:
- name: k-kubelet-probe
value: webhook
livenessProbe:
periodSeconds: 1
httpGet:
scheme: HTTPS
port: 8443
httpHeaders:
- name: k-kubelet-probe
value: webhook
{{- with .Values.webhook.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.webhook.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.webhook.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

30
charts/triggermesh/triggermesh/0.3.401/templates/webhook/mutating-webhook.yaml Normal file
View File

@ -0,0 +1,30 @@
# Copyright 2021 TriggerMesh Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration
metadata:
name: defaulting.webhook.triggermesh.io
labels:
{{- include "triggermesh.webhook.labels" . | nindent 4 }}
webhooks:
- admissionReviewVersions:
- v1beta1
clientConfig:
service:
name: {{ include "triggermesh.webhook.fullname" . }}
namespace: {{ .Release.Namespace }}
sideEffects: None
failurePolicy: Fail
name: defaulting.webhook.triggermesh.io

21
charts/triggermesh/triggermesh/0.3.401/templates/webhook/secret.yaml Normal file
View File

@ -0,0 +1,21 @@
# Copyright 2021 TriggerMesh Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: v1
kind: Secret
metadata:
name: {{ include "triggermesh.webhook.fullname" . }}-certs
labels:
{{- include "triggermesh.webhook.labels" . | nindent 4 }}
# The data is populated at install time.

27
charts/triggermesh/triggermesh/0.3.401/templates/webhook/service.yaml Normal file
View File

@ -0,0 +1,27 @@
# Copyright 2021 TriggerMesh Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: v1
kind: Service
metadata:
name: {{ include "triggermesh.webhook.fullname" . }}
labels:
{{- include "triggermesh.webhook.labels" . | nindent 4 }}
spec:
ports:
- name: https-webhook
port: 443
targetPort: 8443
selector:
{{- include "triggermesh.webhook.selectorLabels" . | nindent 4 }}

26
charts/triggermesh/triggermesh/0.3.401/templates/webhook/serviceaccount.yaml Normal file
View File

@ -0,0 +1,26 @@
# Copyright 2021 TriggerMesh Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.serviceAccount.create }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "triggermesh.webhook.serviceAccountName" . }}
labels:
{{- include "triggermesh.webhook.labels" . | nindent 4 }}
{{- with .Values.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

30
charts/triggermesh/triggermesh/0.3.401/templates/webhook/validating-webhook.yaml Normal file
View File

@ -0,0 +1,30 @@
# Copyright 2021 TriggerMesh Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
name: validation.webhook.triggermesh.io
labels:
{{- include "triggermesh.webhook.labels" . | nindent 4 }}
webhooks:
- admissionReviewVersions:
- v1beta1
clientConfig:
service:
name: {{ include "triggermesh.webhook.fullname" . }}
namespace: {{ .Release.Namespace }}
sideEffects: None
failurePolicy: Fail
name: validation.webhook.triggermesh.io

57
charts/triggermesh/triggermesh/0.3.401/values.yaml Normal file
View File

@ -0,0 +1,57 @@
# Default values
nameOverride: ""
fullnameOverride: ""
replicaCount: 1
image:
registry: "gcr.io/triggermesh"
pullPolicy: "IfNotPresent"
# Overrides the image tag whose default is the chart appVersion.
tag: ""
imagePullSecrets: []
rbac:
create: true
serviceAccount:
create: true
annotations: {}
name: ""
podAnnotations: {}
podSecurityContext: {}
# fsGroup: 2000
securityContext:
allowPrivilegeEscalation: false
resources: {}
# requests:
# cpu: 50m
# memory: 20Mi
nodeSelector: {}
tolerations: []
affinity: {}
webhook:
podAnnotations:
sidecar.istio.io/inject: 'false'
podSecurityContext: {}
securityContext: {}
resources: {}
nodeSelector: {}
tolerations: []
affinity: {}

31
index.yaml
View File

@ -2847,6 +2847,37 @@ entries:
urls:
- assets/traefik/traefik-10.6.0.tgz
version: 10.6.0
triggermesh:
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: TriggerMesh Cloud Native Integration Platform
catalog.cattle.io/release-name: triggermesh
apiVersion: v2
appVersion: v1.13.0
created: "2022-01-18T22:42:15.821329+11:00"
description: A Helm chart deploying TriggerMesh Open Source Components
digest: fc99b1240dfc1775fead2dfa2fb3d186a6c5e0b9505ade3c9b739c302b0c4547
home: https://github.com/triggermesh/triggermesh
icon: https://global-uploads.webflow.com/5f683649f57c927210b6707e/5f683649f57c9261bab67097_logo.svg
keywords:
- aws
- eda
- knative-eventing
- serverless
- triggermesh
kubeVersion: '>= 1.20'
maintainers:
- email: sameer@triggermesh.com
name: sameersbn
- email: antoine@triggermesh.com
name: antoineco
- email: matt@triggermesh.com
name: mattray
name: triggermesh
type: application
urls:
- assets/triggermesh/triggermesh-0.3.401.tgz
version: 0.3.401
universal-crossplane:
- annotations:
catalog.cattle.io/certified: partner

5
packages/triggermesh/generated-changes/overlay/app-readme.md Normal file
View File

@ -0,0 +1,5 @@
# TriggerMesh Cloud Native Integration Platform
The [TriggerMesh Cloud Native Integration Platform](https://github.com/triggermesh/triggermesh) consists of a set of APIs which allow you to build event-driven applications with [Knative](https://knative.dev). Implemented as a set of Kubernetes CRDs and a Kubernetes controller, TriggerMesh gives you a way to declaratively define your event sources and event targets, in addition to potential actions needed in your applications: content-based event filtering, event splitting, event transformation and event processing via functions.
Learn more at [docs.triggermesh.io](https://docs.triggermesh.io/).

26
packages/triggermesh/generated-changes/patch/Chart.yaml.patch Normal file
View File

@ -0,0 +1,26 @@
--- charts-original/Chart.yaml
+++ charts/Chart.yaml
@@ -4,3 +4,23 @@
name: triggermesh
type: application
version: 0.3.4
+kubeVersion: ">= 1.20"
+annotations:
+ catalog.cattle.io/certified: partner
+ catalog.cattle.io/release-name: triggermesh
+ catalog.cattle.io/display-name: TriggerMesh Cloud Native Integration Platform
+icon: https://global-uploads.webflow.com/5f683649f57c927210b6707e/5f683649f57c9261bab67097_logo.svg
+home: https://github.com/triggermesh/triggermesh
+keywords:
+- aws
+- eda
+- knative-eventing
+- serverless
+- triggermesh
+maintainers:
+- email: sameer@triggermesh.com
+ name: sameersbn
+- email: antoine@triggermesh.com
+ name: antoineco
+- email: matt@triggermesh.com
+ name: mattray

2
packages/triggermesh/package.yaml Normal file
View File

@ -0,0 +1,2 @@
url: https://storage.googleapis.com/triggermesh-charts/triggermesh-0.3.4.tgz
packageVersion: 01