From 15149fabd3c6dd48767b02793ff13c5fa6b7c42e Mon Sep 17 00:00:00 2001 From: Oleksandr Simonov Date: Tue, 17 Sep 2024 14:08:04 +0300 Subject: [PATCH 1/2] Version tag to 1.2.6 Signed-off-by: Oleksandr Simonov --- releases/1.2.6/kustomization.yaml | 5 + releases/1.2.6/manager.yaml | 607 ++++++++++++++++++++++++++++++ 2 files changed, 612 insertions(+) create mode 100644 releases/1.2.6/kustomization.yaml create mode 100644 releases/1.2.6/manager.yaml diff --git a/releases/1.2.6/kustomization.yaml b/releases/1.2.6/kustomization.yaml new file mode 100644 index 0000000..31d56bc --- /dev/null +++ b/releases/1.2.6/kustomization.yaml @@ -0,0 +1,5 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - manager.yaml diff --git a/releases/1.2.6/manager.yaml b/releases/1.2.6/manager.yaml new file mode 100644 index 0000000..0d96d89 --- /dev/null +++ b/releases/1.2.6/manager.yaml @@ -0,0 +1,607 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: mailgun-operator + control-plane: controller-manager + name: mailgun-operator-system +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.1 + name: domains.domain.mailgun.com +spec: + group: domain.mailgun.com + names: + kind: Domain + listKind: DomainList + plural: domains + singular: domain + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: Domain is the Schema for the domains API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: DomainSpec defines the desired state of Domain + properties: + dkim_key_size: + type: integer + domain: + description: Domain is a domain name which we need to create on Mailgun + type: string + export_credentials: + description: Export SMTP or API credentials to a secret + type: boolean + export_secret_login_key: + description: Export secret key for login + type: string + export_secret_name: + description: Export SMTP credentials to a secret + type: string + export_secret_password_key: + description: Export secret key for password + type: string + external_dns: + description: Support for External-DNS + type: boolean + force_dkim_authority: + type: boolean + force_mx_check: + description: Force validation of MX records for receiving mail + type: boolean + ips: + items: + type: string + minItems: 0 + type: array + x-kubernetes-list-type: set + spam_action: + type: string + web_scheme: + description: See https://documentation.mailgun.com/en/latest/api-domains.html#domains + type: string + wildcard: + type: boolean + required: + - domain + type: object + status: + description: DomainStatus defines the observed state of Domain + properties: + dns_entrypoint_created: + description: A pointer to ExternalDNS Entrypoint + type: boolean + domain_state: + description: State of the domain on Mailgun + type: string + last_domain_validation_time: + description: Time when we last time requested a Validation of domain + on Mailgun + format: date-time + type: string + mailgun_error: + description: Mailgun errors + type: string + not_managed: + description: If domain is not managed by this operator (e.g. created + manually) + type: boolean + receiving_dns_records: + description: list of DNS records for receiving emails + items: + properties: + name: + type: string + priority: + type: string + record_type: + type: string + valid: + type: string + value: + type: string + required: + - record_type + - valid + - value + type: object + type: array + sending_dns_records: + description: list of DNS records for sending emails + items: + properties: + name: + type: string + priority: + type: string + record_type: + type: string + valid: + type: string + value: + type: string + required: + - record_type + - valid + - value + type: object + type: array + state: + description: Global state of the record + type: string + validation_count: + description: Domain validation counts + type: integer + required: + - domain_state + - state + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.1 + name: webhooks.domain.mailgun.com +spec: + group: domain.mailgun.com + names: + kind: Webhook + listKind: WebhookList + plural: webhooks + singular: webhook + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: Webhook is the Schema for the webhooks API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: WebhookSpec defines the desired state of Webhook + properties: + foo: + description: Foo is an example field of Webhook. Edit webhook_types.go + to remove/update + type: string + type: object + status: + description: WebhookStatus defines the observed state of Webhook + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: mailgun-operator + name: mailgun-controller-manager + namespace: mailgun-operator-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + labels: + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: mailgun-operator + name: mailgun-leader-election-role + namespace: mailgun-operator-system +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: mailgun-operator + name: mailgun-domain-domain-editor-role +rules: +- apiGroups: + - domain.mailgun.com + resources: + - domains + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - domain.mailgun.com + resources: + - domains/status + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: mailgun-operator + name: mailgun-domain-domain-viewer-role +rules: +- apiGroups: + - domain.mailgun.com + resources: + - domains + verbs: + - get + - list + - watch +- apiGroups: + - domain.mailgun.com + resources: + - domains/status + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: mailgun-operator + name: mailgun-domain-webhook-editor-role +rules: +- apiGroups: + - domain.mailgun.com + resources: + - webhooks + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - domain.mailgun.com + resources: + - webhooks/status + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: mailgun-operator + name: mailgun-domain-webhook-viewer-role +rules: +- apiGroups: + - domain.mailgun.com + resources: + - webhooks + verbs: + - get + - list + - watch +- apiGroups: + - domain.mailgun.com + resources: + - webhooks/status + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: mailgun-manager-role +rules: +- apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - list +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - domain.mailgun.com + resources: + - domains + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - domain.mailgun.com + resources: + - domains/finalizers + verbs: + - update +- apiGroups: + - domain.mailgun.com + resources: + - domains/status + verbs: + - get + - patch + - update +- apiGroups: + - externaldns.k8s.io + resources: + - dnsendpoints + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: mailgun-metrics-auth-role +rules: +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: mailgun-metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: mailgun-operator + name: mailgun-leader-election-rolebinding + namespace: mailgun-operator-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: mailgun-leader-election-role +subjects: +- kind: ServiceAccount + name: mailgun-controller-manager + namespace: mailgun-operator-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: mailgun-operator + name: mailgun-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: mailgun-manager-role +subjects: +- kind: ServiceAccount + name: mailgun-controller-manager + namespace: mailgun-operator-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: mailgun-metrics-auth-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: mailgun-metrics-auth-role +subjects: +- kind: ServiceAccount + name: mailgun-controller-manager + namespace: mailgun-operator-system +--- +apiVersion: v1 +data: {} +kind: ConfigMap +metadata: + name: mailgun-controller-manager-config + namespace: mailgun-operator-system +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: mailgun-operator + control-plane: controller-manager + name: mailgun-controller-manager-metrics-service + namespace: mailgun-operator-system +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: 8443 + selector: + control-plane: controller-manager +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: mailgun-operator + control-plane: controller-manager + name: mailgun-controller-manager + namespace: mailgun-operator-system +spec: + replicas: 1 + selector: + matchLabels: + control-plane: controller-manager + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: manager + labels: + control-plane: controller-manager + spec: + containers: + - args: + - --metrics-bind-address=:8443 + - --leader-elect + - --health-probe-bind-address=:8081 + - --config-map-name=mailgun-controller-manager-config + - --zap-log-level=1 + - --secret-name=mailgun-controller-manager-config + command: + - /manager + env: + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: ghcr.io/amoniacou/mailgun-operator:1.2.6 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + securityContext: + runAsNonRoot: true + serviceAccountName: mailgun-controller-manager + terminationGracePeriodSeconds: 10 From 79bffed462ed4617fe1253825df5ebbe809d6993 Mon Sep 17 00:00:00 2001 From: Oleksandr Simonov Date: Tue, 17 Sep 2024 14:08:52 +0300 Subject: [PATCH 2/2] CHANGELOG.md --- CHANGELOG.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index a0571ae..d3e0123 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 Generated by [`auto-changelog`](https://github.com/CookPete/auto-changelog). +## 1.2.6 + +- more optimizations for status update and reconciling only when we need it +- fixes for MX checkings + ## 1.2.5 - still want to watch secrets...