diff --git a/dev/tekton/dashboard.yaml b/dev/tekton/dashboard.yaml old mode 100755 new mode 100644 index dfae974..189c395 --- a/dev/tekton/dashboard.yaml +++ b/dev/tekton/dashboard.yaml @@ -1,3 +1,70 @@ +# Copyright 2019-2024 The Tekton Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Namespace +metadata: + name: tekton-dashboard + labels: + app.kubernetes.io/instance: default + app.kubernetes.io/part-of: tekton-dashboard +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app.kubernetes.io/component: dashboard + app.kubernetes.io/instance: default + app.kubernetes.io/part-of: tekton-dashboard + name: extensions.dashboard.tekton.dev +spec: + group: dashboard.tekton.dev + names: + categories: + - tekton + - tekton-dashboard + kind: Extension + plural: extensions + shortNames: + - ext + - exts + preserveUnknownFields: false + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.apiVersion + name: API version + type: string + - jsonPath: .spec.name + name: Kind + type: string + - jsonPath: .spec.displayName + name: Display name + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true + subresources: + status: {} +--- apiVersion: v1 kind: ServiceAccount metadata: @@ -33,7 +100,34 @@ metadata: app.kubernetes.io/component: dashboard app.kubernetes.io/instance: default app.kubernetes.io/part-of: tekton-dashboard - name: tekton-dashboard-backend + name: tekton-dashboard-backend-edit +rules: + - apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - get + - list + - watch + - apiGroups: + - dashboard.tekton.dev + resources: + - extensions + verbs: + - create + - update + - delete + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/component: dashboard + app.kubernetes.io/instance: default + app.kubernetes.io/part-of: tekton-dashboard + name: tekton-dashboard-backend-view rules: - apiGroups: - apiextensions.k8s.io @@ -48,25 +142,6 @@ rules: - securitycontextconstraints verbs: - use - - apiGroups: - - tekton.dev - resources: - - clustertasks - verbs: - - get - - list - - watch - - update - - apiGroups: - - triggers.tekton.dev - resources: - - clusterinterceptors - - clustertriggerbindings - verbs: - - get - - list - - watch - - update --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -75,7 +150,7 @@ metadata: app.kubernetes.io/component: dashboard app.kubernetes.io/instance: default app.kubernetes.io/part-of: tekton-dashboard - name: tekton-dashboard-tenant + name: tekton-dashboard-tenant-view rules: - apiGroups: - dashboard.tekton.dev @@ -85,7 +160,6 @@ rules: - get - list - watch - - update - apiGroups: - "" resources: @@ -97,32 +171,6 @@ rules: - get - list - watch - - update - - apiGroups: - - tekton.dev - resources: - - tasks - - taskruns - - pipelines - - pipelineruns - - customruns - verbs: - - get - - list - - watch - - update - - apiGroups: - - triggers.tekton.dev - resources: - - eventlisteners - - interceptors - - triggerbindings - - triggers - - triggertemplates - verbs: - - get - - list - - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding @@ -149,11 +197,11 @@ metadata: app.kubernetes.io/instance: default app.kubernetes.io/part-of: tekton-dashboard rbac.dashboard.tekton.dev/subject: tekton-dashboard - name: tekton-dashboard-backend + name: tekton-dashboard-backend-view roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: tekton-dashboard-backend + name: tekton-dashboard-backend-view subjects: - kind: ServiceAccount name: tekton-dashboard @@ -161,7 +209,7 @@ subjects: --- apiVersion: v1 data: - version: v0.36.0 + version: v0.63.1 kind: ConfigMap metadata: labels: @@ -179,9 +227,9 @@ metadata: app.kubernetes.io/instance: default app.kubernetes.io/name: dashboard app.kubernetes.io/part-of: tekton-dashboard - app.kubernetes.io/version: v0.36.0 - dashboard.tekton.dev/release: v0.36.0 - version: v0.36.0 + app.kubernetes.io/version: v0.63.1 + dashboard.tekton.dev/release: v0.63.1 + version: v0.63.1 name: tekton-dashboard namespace: tekton-pipelines spec: @@ -205,9 +253,9 @@ metadata: app.kubernetes.io/instance: default app.kubernetes.io/name: dashboard app.kubernetes.io/part-of: tekton-dashboard - app.kubernetes.io/version: v0.36.0 - dashboard.tekton.dev/release: v0.36.0 - version: v0.36.0 + app.kubernetes.io/version: v0.63.1 + dashboard.tekton.dev/release: v0.63.1 + version: v0.63.1 name: tekton-dashboard namespace: tekton-pipelines spec: @@ -226,27 +274,48 @@ spec: app.kubernetes.io/instance: default app.kubernetes.io/name: dashboard app.kubernetes.io/part-of: tekton-dashboard - app.kubernetes.io/version: v0.36.0 + app.kubernetes.io/version: v0.63.1 name: tekton-dashboard spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/os + operator: NotIn + values: + - windows + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/component: dashboard + app.kubernetes.io/instance: default + app.kubernetes.io/name: dashboard + app.kubernetes.io/part-of: tekton-dashboard + topologyKey: kubernetes.io/hostname + weight: 100 containers: - args: - - --port=9097 - - --logout-url= - - --pipelines-namespace=tekton-pipelines - - --triggers-namespace=tekton-pipelines - - --read-only=no - - --log-level=info - - --log-format=json - - --namespace= - - --stream-logs=true + - --default-namespace= - --external-logs= + - --log-format=json + - --log-level=info + - --logout-url= + - --namespaces= + - --pipelines-namespace=tekton-pipelines + - --port=9097 + - --read-only=false + - --stream-logs=true + - --triggers-namespace=tekton-pipelines env: - name: INSTALLED_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - image: gcr.io/tekton-releases/github.com/tektoncd/dashboard/cmd/dashboard:v0.36.0@sha256:e7058eabec6bc53bfb3505b637ea6208e6e81ff71a29a5f47a32fa0ed03cb5e4 + image: ghcr.io/tektoncd/dashboard/dashboard-9623576a202fe86c8b7d1bc489905f86:v0.63.1@sha256:16eca97b649f6f27dfbab2be167be0afc34bab43af9d3304f64bf7f04d44e606 livenessProbe: httpGet: path: /health @@ -272,6 +341,8 @@ spec: kubernetes.io/os: linux serviceAccountName: tekton-dashboard volumes: [] + +--- --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -281,11 +352,101 @@ metadata: app.kubernetes.io/instance: default app.kubernetes.io/part-of: tekton-dashboard rbac.dashboard.tekton.dev/subject: tekton-dashboard - name: tekton-dashboard-tenant + name: tekton-dashboard-tenant-view roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: tekton-dashboard-tenant + name: tekton-dashboard-tenant-view +subjects: + - kind: ServiceAccount + name: tekton-dashboard + namespace: tekton-pipelines +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/component: dashboard + app.kubernetes.io/instance: default + app.kubernetes.io/part-of: tekton-dashboard + rbac.dashboard.tekton.dev/subject: tekton-dashboard + name: tekton-dashboard-pipelines-view +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: tekton-aggregate-view +subjects: + - kind: ServiceAccount + name: tekton-dashboard + namespace: tekton-pipelines +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/component: dashboard + app.kubernetes.io/instance: default + app.kubernetes.io/part-of: tekton-dashboard + rbac.dashboard.tekton.dev/subject: tekton-dashboard + name: tekton-dashboard-triggers-view +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: tekton-triggers-aggregate-view +subjects: + - kind: ServiceAccount + name: tekton-dashboard + namespace: tekton-pipelines +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/component: dashboard + app.kubernetes.io/instance: default + app.kubernetes.io/part-of: tekton-dashboard + rbac.dashboard.tekton.dev/subject: tekton-dashboard + name: tekton-dashboard-backend-edit +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: tekton-dashboard-backend-edit +subjects: + - kind: ServiceAccount + name: tekton-dashboard + namespace: tekton-pipelines +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/component: dashboard + app.kubernetes.io/instance: default + app.kubernetes.io/part-of: tekton-dashboard + rbac.dashboard.tekton.dev/subject: tekton-dashboard + name: tekton-dashboard-pipelines-edit +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: tekton-aggregate-edit +subjects: + - kind: ServiceAccount + name: tekton-dashboard + namespace: tekton-pipelines +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app.kubernetes.io/component: dashboard + app.kubernetes.io/instance: default + app.kubernetes.io/part-of: tekton-dashboard + rbac.dashboard.tekton.dev/subject: tekton-dashboard + name: tekton-dashboard-triggers-edit +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: tekton-triggers-aggregate-edit subjects: - kind: ServiceAccount name: tekton-dashboard diff --git a/dev/tekton/diversen/dashboard-patch.yaml b/dev/tekton/diversen/dashboard-patch.yaml deleted file mode 100755 index f0f69b5..0000000 --- a/dev/tekton/diversen/dashboard-patch.yaml +++ /dev/null @@ -1,31 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: tekton-dashboard-tutorial -rules: - - apiGroups: - - tekton.dev - resources: - - tasks - - taskruns - - pipelines - - pipelineruns - verbs: - - get - - create - - update - - patch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: tekton-dashboard-tutorial - namespace: default -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: tekton-dashboard-tutorial -subjects: - - kind: ServiceAccount - name: default - namespace: tekton-dashboard diff --git a/dev/tekton/diversen/dashboard.yaml b/dev/tekton/diversen/dashboard.yaml deleted file mode 100755 index a66e8c5..0000000 --- a/dev/tekton/diversen/dashboard.yaml +++ /dev/null @@ -1,337 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app.kubernetes.io/component: dashboard - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-dashboard - name: extensions.dashboard.tekton.dev -spec: - group: dashboard.tekton.dev - names: - categories: - - tekton - - tekton-dashboard - kind: Extension - plural: extensions - shortNames: - - ext - - exts - preserveUnknownFields: false - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.apiVersion - name: API version - type: string - - jsonPath: .spec.name - name: Kind - type: string - - jsonPath: .spec.displayname - name: Display name - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - x-kubernetes-preserve-unknown-fields: true - served: true - storage: true - subresources: - status: {} ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app.kubernetes.io/component: dashboard - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-dashboard - name: tekton-dashboard - namespace: tekton-pipelines ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-dashboard - name: tekton-dashboard-info - namespace: tekton-pipelines -rules: - - apiGroups: - - "" - resourceNames: - - dashboard-info - resources: - - configmaps - verbs: - - get ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/component: dashboard - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-dashboard - name: tekton-dashboard-backend -rules: - - apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - get - - list - - apiGroups: - - security.openshift.io - resources: - - securitycontextconstraints - verbs: - - use - - apiGroups: - - tekton.dev - resources: - - clustertasks - verbs: - - get - - list - - watch - - update - - apiGroups: - - triggers.tekton.dev - resources: - - clusterinterceptors - - clustertriggerbindings - verbs: - - get - - list - - watch - - update ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/component: dashboard - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-dashboard - name: tekton-dashboard-tenant -rules: - - apiGroups: - - dashboard.tekton.dev - resources: - - extensions - verbs: - - get - - list - - watch - - update - - apiGroups: - - "" - resources: - - events - - namespaces - - pods - - pods/log - verbs: - - get - - list - - watch - - update - - apiGroups: - - tekton.dev - resources: - - tasks - - taskruns - - pipelines - - pipelineruns - - customruns - verbs: - - get - - list - - watch - - update - - apiGroups: - - triggers.tekton.dev - resources: - - eventlisteners - - interceptors - - triggerbindings - - triggers - - triggertemplates - verbs: - - get - - list - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-dashboard - name: tekton-dashboard-info - namespace: tekton-pipelines -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: tekton-dashboard-info -subjects: - - apiGroup: rbac.authorization.k8s.io - kind: Group - name: system:authenticated ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/component: dashboard - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-dashboard - rbac.dashboard.tekton.dev/subject: tekton-dashboard - name: tekton-dashboard-backend -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: tekton-dashboard-backend -subjects: - - kind: ServiceAccount - name: tekton-dashboard - namespace: tekton-pipelines ---- -apiVersion: v1 -data: - version: v0.36.0 -kind: ConfigMap -metadata: - labels: - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-dashboard - name: dashboard-info - namespace: tekton-pipelines ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: tekton-dashboard - app.kubernetes.io/component: dashboard - app.kubernetes.io/instance: default - app.kubernetes.io/name: dashboard - app.kubernetes.io/part-of: tekton-dashboard - app.kubernetes.io/version: v0.36.0 - dashboard.tekton.dev/release: v0.36.0 - version: v0.36.0 - name: tekton-dashboard - namespace: tekton-pipelines -spec: - ports: - - name: http - port: 9097 - protocol: TCP - targetPort: 9097 - selector: - app.kubernetes.io/component: dashboard - app.kubernetes.io/instance: default - app.kubernetes.io/name: dashboard - app.kubernetes.io/part-of: tekton-dashboard ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: tekton-dashboard - app.kubernetes.io/component: dashboard - app.kubernetes.io/instance: default - app.kubernetes.io/name: dashboard - app.kubernetes.io/part-of: tekton-dashboard - app.kubernetes.io/version: v0.36.0 - dashboard.tekton.dev/release: v0.36.0 - version: v0.36.0 - name: tekton-dashboard - namespace: tekton-pipelines -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/component: dashboard - app.kubernetes.io/instance: default - app.kubernetes.io/name: dashboard - app.kubernetes.io/part-of: tekton-dashboard - template: - metadata: - labels: - app: tekton-dashboard - app.kubernetes.io/component: dashboard - app.kubernetes.io/instance: default - app.kubernetes.io/name: dashboard - app.kubernetes.io/part-of: tekton-dashboard - app.kubernetes.io/version: v0.36.0 - name: tekton-dashboard - spec: - containers: - - args: - - --port=9097 - - --logout-url= - - --pipelines-namespace=tekton-pipelines - - --triggers-namespace=tekton-pipelines - - --read-only=no - - --log-level=info - - --log-format=json - - --namespace= - - --stream-logs=true - - --external-logs= - env: - - name: INSTALLED_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - image: gcr.io/tekton-releases/github.com/tektoncd/dashboard/cmd/dashboard:v0.36.0@sha256:e7058eabec6bc53bfb3505b637ea6208e6e81ff71a29a5f47a32fa0ed03cb5e4 - livenessProbe: - httpGet: - path: /health - port: 9097 - name: tekton-dashboard - ports: - - containerPort: 9097 - readinessProbe: - httpGet: - path: /readiness - port: 9097 - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - runAsGroup: 65532 - runAsNonRoot: true - runAsUser: 65532 - seccompProfile: - type: RuntimeDefault - nodeSelector: - kubernetes.io/os: linux - serviceAccountName: tekton-dashboard - volumes: [] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/component: dashboard - app.kubernetes.io/instance: default - app.kubernetes.io/part-of: tekton-dashboard - rbac.dashboard.tekton.dev/subject: tekton-dashboard - name: tekton-dashboard-tenant -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: tekton-dashboard-tenant -subjects: - - kind: ServiceAccount - name: tekton-dashboard - namespace: tekton-pipelines