dns-zone-controller: with env-manager generating dnssec key and zone records
diff --git a/core/ns-controller/config/crd/bases/dodo.cloud.dodo.cloud_dnszones.yaml b/core/ns-controller/config/crd/bases/dodo.cloud.dodo.cloud_dnszones.yaml
new file mode 100644
index 0000000..f767a08
--- /dev/null
+++ b/core/ns-controller/config/crd/bases/dodo.cloud.dodo.cloud_dnszones.yaml
@@ -0,0 +1,75 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ controller-gen.kubebuilder.io/version: v0.9.2
+ creationTimestamp: null
+ name: dnszones.dodo.cloud.dodo.cloud
+spec:
+ group: dodo.cloud.dodo.cloud
+ names:
+ kind: DNSZone
+ listKind: DNSZoneList
+ plural: dnszones
+ singular: dnszone
+ scope: Namespaced
+ versions:
+ - name: v1
+ schema:
+ openAPIV3Schema:
+ description: DNSZone is the Schema for the dnszones API
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: DNSZoneSpec defines the desired state of DNSZone
+ properties:
+ dnssec:
+ properties:
+ enabled:
+ type: boolean
+ secretName:
+ type: string
+ type: object
+ nameservers:
+ items:
+ type: string
+ type: array
+ privateIP:
+ type: string
+ publicIPs:
+ items:
+ type: string
+ type: array
+ zone:
+ description: Foo is an example field of DNSZone. Edit dnszone_types.go
+ to remove/update
+ type: string
+ type: object
+ status:
+ description: DNSZoneStatus defines the observed state of DNSZone
+ properties:
+ ready:
+ description: 'INSERT ADDITIONAL STATUS FIELD - define observed state
+ of cluster Important: Run "make" to regenerate code after modifying
+ this file'
+ type: boolean
+ recordsToPublish:
+ type: string
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
diff --git a/core/ns-controller/config/crd/kustomization.yaml b/core/ns-controller/config/crd/kustomization.yaml
new file mode 100644
index 0000000..d8892d5
--- /dev/null
+++ b/core/ns-controller/config/crd/kustomization.yaml
@@ -0,0 +1,21 @@
+# This kustomization.yaml is not intended to be run by itself,
+# since it depends on service name and namespace that are out of this kustomize package.
+# It should be run by config/default
+resources:
+- bases/dodo.cloud.dodo.cloud_dnszones.yaml
+#+kubebuilder:scaffold:crdkustomizeresource
+
+patchesStrategicMerge:
+# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
+# patches here are for enabling the conversion webhook for each CRD
+#- patches/webhook_in_dnszones.yaml
+#+kubebuilder:scaffold:crdkustomizewebhookpatch
+
+# [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix.
+# patches here are for enabling the CA injection for each CRD
+#- patches/cainjection_in_dnszones.yaml
+#+kubebuilder:scaffold:crdkustomizecainjectionpatch
+
+# the following config is for teaching kustomize how to do kustomization for CRDs.
+configurations:
+- kustomizeconfig.yaml
diff --git a/core/ns-controller/config/crd/kustomizeconfig.yaml b/core/ns-controller/config/crd/kustomizeconfig.yaml
new file mode 100644
index 0000000..ec5c150
--- /dev/null
+++ b/core/ns-controller/config/crd/kustomizeconfig.yaml
@@ -0,0 +1,19 @@
+# This file is for teaching kustomize how to substitute name and namespace reference in CRD
+nameReference:
+- kind: Service
+ version: v1
+ fieldSpecs:
+ - kind: CustomResourceDefinition
+ version: v1
+ group: apiextensions.k8s.io
+ path: spec/conversion/webhook/clientConfig/service/name
+
+namespace:
+- kind: CustomResourceDefinition
+ version: v1
+ group: apiextensions.k8s.io
+ path: spec/conversion/webhook/clientConfig/service/namespace
+ create: false
+
+varReference:
+- path: metadata/annotations
diff --git a/core/ns-controller/config/crd/patches/cainjection_in_dnszones.yaml b/core/ns-controller/config/crd/patches/cainjection_in_dnszones.yaml
new file mode 100644
index 0000000..3e98178
--- /dev/null
+++ b/core/ns-controller/config/crd/patches/cainjection_in_dnszones.yaml
@@ -0,0 +1,7 @@
+# The following patch adds a directive for certmanager to inject CA into the CRD
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+ name: dnszones.dodo.cloud.dodo.cloud
diff --git a/core/ns-controller/config/crd/patches/webhook_in_dnszones.yaml b/core/ns-controller/config/crd/patches/webhook_in_dnszones.yaml
new file mode 100644
index 0000000..4d48e74
--- /dev/null
+++ b/core/ns-controller/config/crd/patches/webhook_in_dnszones.yaml
@@ -0,0 +1,16 @@
+# The following patch enables a conversion webhook for the CRD
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ name: dnszones.dodo.cloud.dodo.cloud
+spec:
+ conversion:
+ strategy: Webhook
+ webhook:
+ clientConfig:
+ service:
+ namespace: system
+ name: webhook-service
+ path: /convert
+ conversionReviewVersions:
+ - v1