This repository has been archived by the owner on Aug 14, 2024. It is now read-only.
-
-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
23 changed files
with
1,068 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
# More info: https://docs.docker.com/engine/reference/builder/#dockerignore-file | ||
# Ignore build and test binaries. | ||
bin/ | ||
charts/ | ||
hack/ | ||
.vscode |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
{ | ||
$schema: "https://docs.renovatebot.com/renovate-schema.json", | ||
extends: [ | ||
"github>bjw-s/renovate-config", | ||
"github>bjw-s/renovate-config:automerge-github-actions", | ||
"github>bjw-s/renovate-config:automerge-docker-digest", | ||
], | ||
platform: "github", | ||
username: "bjw-s-bot[bot]", | ||
gitAuthor: "bjw-s-bot <87358111+bjw-s-bot[bot]@users.noreply.github.com>", | ||
repositories: ["bjw-s/k8s-ycl"], | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
--- | ||
name: Build and release | ||
|
||
on: | ||
push: | ||
branches: | ||
- "main" | ||
- "development" | ||
tags: | ||
- "v*" | ||
workflow_dispatch: | ||
|
||
concurrency: | ||
group: build-and-release | ||
cancel-in-progress: true | ||
|
||
permissions: | ||
contents: read | ||
packages: write | ||
|
||
jobs: | ||
build_container: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Check out code | ||
uses: actions/checkout@v3 | ||
|
||
- name: Set up QEMU | ||
uses: docker/setup-qemu-action@v2 | ||
|
||
- name: Set up Docker Buildx | ||
uses: docker/setup-buildx-action@v2 | ||
|
||
- name: Login to image registry | ||
uses: docker/login-action@v2 | ||
with: | ||
registry: ghcr.io | ||
username: ${{ github.actor }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- name: Docker meta | ||
id: meta | ||
uses: docker/metadata-action@v4 | ||
with: | ||
images: | | ||
ghcr.io/${{ github.repository_owner }}/k8s-ycl | ||
tags: | | ||
type=raw,value=rolling,enable=${{ github.ref == format('refs/heads/{0}', 'main') }} | ||
type=ref,event=branch | ||
type=ref,event=tag | ||
- name: Build and push | ||
uses: docker/build-push-action@v4 | ||
with: | ||
context: . | ||
file: ./Dockerfile | ||
platforms: linux/amd64,linux/arm64 | ||
push: true | ||
tags: ${{ steps.meta.outputs.tags }} | ||
labels: ${{ steps.meta.outputs.labels }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
--- | ||
name: Schedule - Keepalive | ||
|
||
on: | ||
workflow_dispatch: | ||
schedule: | ||
- cron: "0 0 * * *" | ||
push: | ||
branches: | ||
- main | ||
paths: | ||
- ".github/workflows/scheduled-keepalive.yaml" | ||
|
||
jobs: | ||
keepalive: | ||
name: Keep scheduled GitHub workflows alive | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Get GitHub API token | ||
id: get-app-token | ||
uses: getsentry/action-github-app-token@v2 | ||
with: | ||
app_id: ${{ secrets.BJWS_APP_ID }} | ||
private_key: ${{ secrets.BJWS_APP_PRIVATE_KEY }} | ||
|
||
- name: Checkout main branch | ||
uses: actions/checkout@v3 | ||
with: | ||
token: ${{ steps.get-app-token.outputs.token }} | ||
|
||
- name: Keep scheduled GitHub workflows alive | ||
uses: gautamkrishnar/keepalive-workflow@v1 | ||
with: | ||
gh_token: ${{ steps.get-app-token.outputs.token }} | ||
committer_username: "bjw-s-bot[bot]" | ||
committer_email: "bjw-s-bot <87358111+bjw-s-bot[bot]@users.noreply.github.com>" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
--- | ||
name: Schedule - Renovate | ||
|
||
on: | ||
workflow_dispatch: | ||
inputs: | ||
dryRun: | ||
description: "Dry-Run" | ||
default: false | ||
required: false | ||
type: boolean | ||
logLevel: | ||
description: "Log-Level" | ||
default: "debug" | ||
required: false | ||
schedule: | ||
- cron: "0 * * * *" | ||
push: | ||
branches: | ||
- main | ||
paths: | ||
- ".github/renovate.json5" | ||
- ".github/renovate/**.json" | ||
- ".github/renovate/**.json5" | ||
- ".github/workflows/scheduled-renovate.yaml" | ||
|
||
jobs: | ||
renovate: | ||
name: Renovate | ||
uses: bjw-s/gh-workflows/.github/workflows/run-renovate.yaml@main | ||
with: | ||
configurationFile: ".github/renovate.json5" | ||
dryRun: ${{ inputs.dryRun || 'false' }} | ||
renovateLogLevel: ${{ inputs.logLevel || 'debug' }} | ||
secrets: | ||
app_id: ${{ secrets.BJWS_APP_ID }} | ||
app_private_key: ${{ secrets.BJWS_APP_PRIVATE_KEY }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
|
||
# Binaries for programs and plugins | ||
*.exe | ||
*.exe~ | ||
*.dll | ||
*.so | ||
*.dylib | ||
bin/* | ||
Dockerfile.cross | ||
|
||
# Test binary, build with `go test -c` | ||
*.test | ||
|
||
# Output of the go coverage tool, specifically when used with LiteIDE | ||
*.out | ||
|
||
# Helm Chart dependencies | ||
charts/**/charts/ | ||
|
||
# Test files | ||
certs/ | ||
hack/ | ||
|
||
# Kubernetes Generated files - skip generated files, except for vendored files | ||
|
||
!vendor/**/zz_generated.* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
repos: | ||
- repo: https://github.com/pre-commit/pre-commit-hooks | ||
rev: v4.4.0 | ||
hooks: | ||
- id: trailing-whitespace | ||
- id: end-of-file-fixer | ||
- id: fix-byte-order-marker | ||
- id: mixed-line-ending | ||
- id: check-added-large-files | ||
args: [--maxkb=2048] | ||
- id: check-merge-conflict | ||
- id: check-executables-have-shebangs | ||
|
||
- repo: https://github.com/Lucas-C/pre-commit-hooks | ||
rev: v1.5.1 | ||
hooks: | ||
- id: forbid-crlf | ||
|
||
- repo: https://github.com/sirosen/fix-smartquotes | ||
rev: 0.2.0 | ||
hooks: | ||
- id: fix-smartquotes | ||
|
||
- repo: https://github.com/jumanjihouse/pre-commit-hooks | ||
rev: 3.0.0 | ||
hooks: | ||
- id: shellcheck | ||
language: script | ||
args: [--severity=error] | ||
additional_dependencies: [] | ||
|
||
- repo: https://github.com/dnephin/pre-commit-golang | ||
rev: v0.5.1 | ||
hooks: | ||
- id: go-fmt | ||
- id: go-vet | ||
|
||
- repo: https://github.com/tekwizely/pre-commit-golang | ||
rev: v1.0.0-rc.1 | ||
hooks: | ||
- id: go-revive |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
{ | ||
// Use IntelliSense to learn about possible attributes. | ||
// Hover to view descriptions of existing attributes. | ||
// For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387 | ||
"version": "0.2.0", | ||
"configurations": [ | ||
{ | ||
"name": "Launch Package", | ||
"type": "go", | ||
"request": "launch", | ||
"mode": "auto", | ||
"program": "${workspaceFolder}/src", | ||
"args": [ | ||
"--tls-cert-dir", | ||
"${workspaceFolder}/certs", | ||
] | ||
} | ||
] | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
# Build the manager binary | ||
FROM golang:1.20 as builder | ||
ARG TARGETOS | ||
ARG TARGETARCH | ||
|
||
WORKDIR /workspace | ||
# Copy the Go Modules manifests | ||
COPY go.mod go.mod | ||
COPY go.sum go.sum | ||
# cache deps before building and copying source so that we don't need to re-download as much | ||
# and so that source changes don't invalidate our downloaded layer | ||
RUN go mod download | ||
|
||
# Copy the go source | ||
COPY src src | ||
|
||
WORKDIR /workspace/src | ||
|
||
# Build | ||
# the GOARCH has not a default value to allow the binary be built according to the host where the command | ||
# was called. For example, if we call make docker-build in a local env which has the Apple Silicon M1 SO | ||
# the docker BUILDPLATFORM arg will be linux/arm64 when for Apple x86 it will be linux/amd64. Therefore, | ||
# by leaving it empty we can ensure that the container and binary shipped on it will have the same platform. | ||
RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -a -o ../manager | ||
|
||
# Use distroless as minimal base image to package the manager binary | ||
# Refer to https://github.com/GoogleContainerTools/distroless for more details | ||
FROM gcr.io/distroless/static:nonroot | ||
WORKDIR / | ||
COPY --from=builder /workspace/manager . | ||
USER 65532:65532 | ||
|
||
ENTRYPOINT ["/manager"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,2 @@ | ||
# k8s-ycl | ||
Admission Controller to Yeet Kubernetes CPU limits | ||
Admission Controller to Yeet Kubernetes CPU limits |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
# Patterns to ignore when building packages. | ||
# This supports shell glob matching, relative path matching, and | ||
# negation (prefixed with !). Only one pattern per line. | ||
.DS_Store | ||
# Common VCS dirs | ||
.git/ | ||
.gitignore | ||
.bzr/ | ||
.bzrignore | ||
.hg/ | ||
.hgignore | ||
.svn/ | ||
# Common backup files | ||
*.swp | ||
*.bak | ||
*.tmp | ||
*~ | ||
# Various IDEs | ||
.project | ||
.idea/ | ||
*.tmproj | ||
.vscode/ | ||
# OWNERS file for Kubernetes | ||
OWNERS | ||
|
||
# helm-docs templates | ||
*.gotmpl | ||
|
||
# helm unit tests | ||
tests/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
dependencies: | ||
- name: common | ||
repository: https://bjw-s.github.io/helm-charts | ||
version: 1.5.1 | ||
digest: sha256:3588c89621170f198d4938664d3ea4c469bd91fd78183c83cfcf63f474d348c4 | ||
generated: "2023-07-27T09:32:33.480079+02:00" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
--- | ||
apiVersion: v2 | ||
description: Kubernetes admission controller to remove CPU limits from Pods. | ||
name: k8s-ycl | ||
version: 0.0.1 | ||
appVersion: 0.0.1 | ||
kubeVersion: ">=1.22.0-0" | ||
sources: | ||
- https://github.com/bjw-s/k8s-ycl | ||
keywords: | ||
- cpu | ||
- resources | ||
- limits | ||
- admission | ||
- controller | ||
maintainers: | ||
- name: bjw-s | ||
email: [email protected] | ||
dependencies: | ||
- name: common | ||
repository: https://bjw-s.github.io/helm-charts | ||
version: 1.5.1 | ||
annotations: | ||
artifacthub.io/changes: |- | ||
- kind: changed | ||
description: | | ||
Initial version | ||
artifacthub.io/links: | | ||
- name: "source" | ||
url: "https://github.com/bjw-s/k8s-ycl" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
{{- define "k8s-ycl.webhookPort" -}} | ||
9443 | ||
{{- end -}} | ||
|
||
{{- define "k8s-ycl.selfSignedIssuer" -}} | ||
{{ printf "%s-webhook-selfsign" (include "bjw-s.common.lib.chart.names.fullname" .) }} | ||
{{- end -}} | ||
|
||
{{- define "k8s-ycl.rootCAIssuer" -}} | ||
{{ printf "%s-webhook-ca" (include "bjw-s.common.lib.chart.names.fullname" .) }} | ||
{{- end -}} | ||
|
||
{{- define "k8s-ycl.rootCACertificate" -}} | ||
{{ printf "%s-webhook-ca" (include "bjw-s.common.lib.chart.names.fullname" .) }} | ||
{{- end -}} | ||
|
||
{{- define "k8s-ycl.servingCertificate" -}} | ||
{{ printf "%s-webhook-tls" (include "bjw-s.common.lib.chart.names.fullname" .) }} | ||
{{- end -}} |
Oops, something went wrong.