monzo · ElvinEfendi · Oct 30, 2022 · sjanel · Feb 15, 2023
diff --git a/Makefile b/Makefile
@@ -1,7 +1,7 @@
 # Image URL to use all building/pushing image targets
 IMG ?= ${ACC}.dkr.ecr.eu-west-1.amazonaws.com/monzo/egress-operator:manager-$(shell git rev-parse --short head)
 # Produce CRDs that work back to Kubernetes 1.11 (no version conversion)
-CRD_OPTIONS ?= "crd:trivialVersions=true"
+CRD_OPTIONS ?= "crd:trivialVersions=true,crdVersions=v1"
 
 # Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)
 ifeq (,$(shell go env GOBIN))
@@ -21,7 +21,7 @@ manager: generate fmt vet
 	go build -o bin/manager main.go
 
 # Run against the configured Kubernetes cluster in ~/.kube/config
-run: generate fmt vet manifests
+run: generate fmt vet manifests install
 	go run ./main.go
 
 # Install CRDs into a cluster

diff --git a/api/v1/zz_generated.deepcopy.go b/api/v1/zz_generated.deepcopy.go
diff --git a/config/crd/bases/egress.monzo.com_externalservices.yaml b/config/crd/bases/egress.monzo.com_externalservices.yaml
@@ -1,6 +1,6 @@
 
 ---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
@@ -15,90 +15,95 @@ spec:
     plural: externalservices
     singular: externalservice
   scope: Cluster
-  validation:
-    openAPIV3Schema:
-      description: ExternalService is the Schema for the externalservices API
-      properties:
-        apiVersion:
-          description: 'APIVersion defines the versioned schema of this representation
-            of an object. Servers should convert recognized schemas to the latest
-            internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-          type: string
-        kind:
-          description: 'Kind is a string value representing the REST resource this
-            object represents. Servers may infer this from the endpoint the client
-            submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-          type: string
-        metadata:
-          type: object
-        spec:
-          description: ExternalServiceSpec defines the desired state of ExternalService
-          properties:
-            dnsName:
-              description: DnsName is a DNS name target for the external service
-              type: string
-            hijackDns:
-              description: 'If true, add a `egress.monzo.com/hijack-dns: true` label
-                to produced Service objects CoreDNS can watch this label and decide
-                to rewrite DnsName -> clusterIP'
-              type: boolean
-            maxReplicas:
-              description: MaxReplicas is the maximum number of gateways to run, enforced
-                by HorizontalPodAutoscaler. Defaults to 12
-              format: int32
-              type: integer
-            minReplicas:
-              description: MinReplicas is the minimum number of gateways to run. Defaults
-                to 3
-              format: int32
-              type: integer
-            ports:
-              description: Ports is a list of ports on which the external service
-                may be called
-              items:
-                properties:
-                  port:
-                    description: The port on the given protocol.
-                    format: int32
-                    type: integer
-                  protocol:
-                    description: The protocol (TCP or UDP) which traffic must match.
-                      If not specified, this field defaults to TCP.
-                    type: string
-                type: object
-              type: array
-            resources:
-              description: ResourceRequirements describes the compute resource requirements
-                for gateway pods. Defaults to 100m, 50Mi, 2, 1Gi
-              properties:
-                limits:
-                  additionalProperties:
-                    type: string
-                  description: 'Limits describes the maximum amount of compute resources
-                    allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
-                  type: object
-                requests:
-                  additionalProperties:
-                    type: string
-                  description: 'Requests describes the minimum amount of compute resources
-                    required. If Requests is omitted for a container, it defaults
-                    to Limits if that is explicitly specified, otherwise to an implementation-defined
-                    value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
-                  type: object
-              type: object
-            targetCPUUtilizationPercentage:
-              description: Target average CPU utilization (represented as a percentage
-                of requested CPU) over all the pods. Defaults to 50
-              format: int32
-              type: integer
-          type: object
-        status:
-          description: ExternalServiceStatus defines the observed state of ExternalService
-          type: object
-      type: object
-  version: v1
   versions:
   - name: v1
+    schema:
+      openAPIV3Schema:
+        description: ExternalService is the Schema for the externalservices API
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: ExternalServiceSpec defines the desired state of ExternalService
+            properties:
+              dnsName:
+                description: DnsName is a DNS name target for the external service
+                type: string
+              hijackDns:
+                description: 'If true, add a `egress.monzo.com/hijack-dns: true` label
+                  to produced Service objects CoreDNS can watch this label and decide
+                  to rewrite DnsName -> clusterIP'
+                type: boolean
+              ipOverride:
+                description: When set allows overwriting the A records of the DNS
+                  being overridden.
+                items:
+                  type: string
+                type: array
+              maxReplicas:
+                description: MaxReplicas is the maximum number of gateways to run,
+                  enforced by HorizontalPodAutoscaler. Defaults to 12
+                format: int32
+                type: integer
+              minReplicas:
+                description: MinReplicas is the minimum number of gateways to run.
+                  Defaults to 3
+                format: int32
+                type: integer
+              ports:
+                description: Ports is a list of ports on which the external service
+                  may be called
+                items:
+                  properties:
+                    port:
+                      description: The port on the given protocol.
+                      format: int32
+                      type: integer
+                    protocol:
+                      description: The protocol (TCP or UDP) which traffic must match.
+                        If not specified, this field defaults to TCP.
+                      type: string
+                  type: object
+                type: array
+              resources:
+                description: ResourceRequirements describes the compute resource requirements
+                  for gateway pods. Defaults to 100m, 50Mi, 2, 1Gi
+                properties:
+                  limits:
+                    additionalProperties:
+                      type: string
+                    description: 'Limits describes the maximum amount of compute resources
+                      allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+                    type: object
+                  requests:
+                    additionalProperties:
+                      type: string
+                    description: 'Requests describes the minimum amount of compute
+                      resources required. If Requests is omitted for a container,
+                      it defaults to Limits if that is explicitly specified, otherwise
+                      to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
+                    type: object
+                type: object
+              targetCPUUtilizationPercentage:
+                description: Target average CPU utilization (represented as a percentage
+                  of requested CPU) over all the pods. Defaults to 50
+                format: int32
+                type: integer
+            type: object
+          status:
+            description: ExternalServiceStatus defines the observed state of ExternalService
+            type: object
+        type: object
     served: true
     storage: true
 status:

diff --git a/config/crd/patches/cainjection_in_externalservices.yaml b/config/crd/patches/cainjection_in_externalservices.yaml
@@ -1,6 +1,6 @@
 # The following patch adds a directive for certmanager to inject CA into the CRD
 # CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:

diff --git a/config/crd/patches/webhook_in_externalservices.yaml b/config/crd/patches/webhook_in_externalservices.yaml
@@ -1,6 +1,6 @@
 # The following patch enables conversion webhook for CRD
 # CRD conversion requires k8s 1.13 or later.
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   name: externalservices.egress.monzo.com

diff --git a/controllers/deployment.go b/controllers/deployment.go
@@ -107,7 +107,7 @@ func deployment(es *egressv1.ExternalService, configHash string) *appsv1.Deploym
 				Spec: corev1.PodSpec{
 					Containers: []corev1.Container{
 						{
-							Name: "gateway",
+							Name:            "gateway",
 							Image:           "envoyproxy/envoy-alpine:v1.16.5",
 							ImagePullPolicy: corev1.PullIfNotPresent,
 							Ports:           deploymentPorts(es),