From 2aa73ff698f3f2c7b7f5452d5ba5af9a436dd396 Mon Sep 17 00:00:00 2001 From: "robozome-op1st-test[bot]" <116034653+robozome-op1st-test[bot]@users.noreply.github.com> Date: Mon, 7 Nov 2022 17:02:39 +0000 Subject: [PATCH] Onboarding team mimotej-team. --- .../mimotej-namespace/kustomization.yaml | 9 + .../mimotej-namespace/namespace.yaml | 10 + .../groups/mimotej-team/group.yaml | 6 + .../groups/mimotej-team/kustomization.yaml | 4 + .../mimotej-team/kustomization.yaml | 4 + .../mimotej-team/rbac.yaml | 12 ++ .../overlays/prod/common/kustomization.yaml | 199 +++++++++--------- .../prod/moc/infra/kustomization.yaml | 12 +- 8 files changed, 150 insertions(+), 106 deletions(-) create mode 100644 cluster-scope/base/core/namespaces/mimotej-namespace/kustomization.yaml create mode 100644 cluster-scope/base/core/namespaces/mimotej-namespace/namespace.yaml create mode 100644 cluster-scope/base/user.openshift.io/groups/mimotej-team/group.yaml create mode 100644 cluster-scope/base/user.openshift.io/groups/mimotej-team/kustomization.yaml create mode 100644 cluster-scope/components/project-admin-rolebindings/mimotej-team/kustomization.yaml create mode 100644 cluster-scope/components/project-admin-rolebindings/mimotej-team/rbac.yaml diff --git a/cluster-scope/base/core/namespaces/mimotej-namespace/kustomization.yaml b/cluster-scope/base/core/namespaces/mimotej-namespace/kustomization.yaml new file mode 100644 index 0000000..d671727 --- /dev/null +++ b/cluster-scope/base/core/namespaces/mimotej-namespace/kustomization.yaml @@ -0,0 +1,9 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- namespace.yaml +- ../../../../components/project-admin-rolebindings/mimotej-team +namespace: mimotej-namespace +components: +- ../../../../components/limitranges/default +- ../../../../components/resourcequotas/medium diff --git a/cluster-scope/base/core/namespaces/mimotej-namespace/namespace.yaml b/cluster-scope/base/core/namespaces/mimotej-namespace/namespace.yaml new file mode 100644 index 0000000..49b8124 --- /dev/null +++ b/cluster-scope/base/core/namespaces/mimotej-namespace/namespace.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Namespace +metadata: + annotations: + op1st/docs: https://example-project.com + op1st/onboarding-issue: https://github.com/example-test-organization/support/issues/20 + op1st/project-owner: mimotej + openshift.io/display-name: mimotej-namespace + openshift.io/requester: mimotej + name: mimotej-namespace diff --git a/cluster-scope/base/user.openshift.io/groups/mimotej-team/group.yaml b/cluster-scope/base/user.openshift.io/groups/mimotej-team/group.yaml new file mode 100644 index 0000000..2ca7340 --- /dev/null +++ b/cluster-scope/base/user.openshift.io/groups/mimotej-team/group.yaml @@ -0,0 +1,6 @@ +apiVersion: user.openshift.io/v1 +kind: Group +metadata: + name: mimotej-team +users: + - mimotej diff --git a/cluster-scope/base/user.openshift.io/groups/mimotej-team/kustomization.yaml b/cluster-scope/base/user.openshift.io/groups/mimotej-team/kustomization.yaml new file mode 100644 index 0000000..91bab2a --- /dev/null +++ b/cluster-scope/base/user.openshift.io/groups/mimotej-team/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- group.yaml diff --git a/cluster-scope/components/project-admin-rolebindings/mimotej-team/kustomization.yaml b/cluster-scope/components/project-admin-rolebindings/mimotej-team/kustomization.yaml new file mode 100644 index 0000000..ac74509 --- /dev/null +++ b/cluster-scope/components/project-admin-rolebindings/mimotej-team/kustomization.yaml @@ -0,0 +1,4 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: +- rbac.yaml diff --git a/cluster-scope/components/project-admin-rolebindings/mimotej-team/rbac.yaml b/cluster-scope/components/project-admin-rolebindings/mimotej-team/rbac.yaml new file mode 100644 index 0000000..55dfe0e --- /dev/null +++ b/cluster-scope/components/project-admin-rolebindings/mimotej-team/rbac.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: namespace-admin-mimotej-team +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: admin +subjects: + - apiGroup: rbac.authorization.k8s.io + kind: Group + name: mimotej-team diff --git a/cluster-scope/overlays/prod/common/kustomization.yaml b/cluster-scope/overlays/prod/common/kustomization.yaml index d292028..bcdec0c 100644 --- a/cluster-scope/overlays/prod/common/kustomization.yaml +++ b/cluster-scope/overlays/prod/common/kustomization.yaml @@ -1,102 +1,103 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: -- ../../../base/config.openshift.io/projects/cluster -- ../../../base/core/serviceaccounts/schemastore-ci -- ../../../base/operator.openshift.io/consoles/cluster -- ../../../base/rbac.authorization.k8s.io/clusterrolebindings/cluster-admins-rb -- ../../../base/rbac.authorization.k8s.io/clusterrolebindings/self-provisioners -- ../../../base/rbac.authorization.k8s.io/clusterrolebindings/sre -- ../../../base/rbac.authorization.k8s.io/clusterroles/events-aggregate-to-edit -- ../../../base/user.openshift.io/groups/adoptium -- ../../../base/user.openshift.io/groups/ai-services -- ../../../base/user.openshift.io/groups/aiops-tools-workshop-admins -- ../../../base/user.openshift.io/groups/apicurio -- ../../../base/user.openshift.io/groups/argocd-admins -- ../../../base/user.openshift.io/groups/argocd-readonly -- ../../../base/user.openshift.io/groups/b4mad -- ../../../base/user.openshift.io/groups/boatroackers -- ../../../base/user.openshift.io/groups/boston-university-redhat -- ../../../base/user.openshift.io/groups/bu-cs-book-dev -- ../../../base/user.openshift.io/groups/ccx -- ../../../base/user.openshift.io/groups/chi-rhug -- ../../../base/user.openshift.io/groups/chris-project -- ../../../base/user.openshift.io/groups/cnv-testing -- ../../../base/user.openshift.io/groups/codait-advo -- ../../../base/user.openshift.io/groups/copilot-ops -- ../../../base/user.openshift.io/groups/curator -- ../../../base/user.openshift.io/groups/data-science -- ../../../base/user.openshift.io/groups/debezium -- ../../../base/user.openshift.io/groups/demolab_team -- ../../../base/user.openshift.io/groups/drvbw -- ../../../base/user.openshift.io/groups/eldritch-team13 -- ../../../base/user.openshift.io/groups/emea-sa -- ../../../base/user.openshift.io/groups/enterprise-neurosystem -- ../../../base/user.openshift.io/groups/esi-project -- ../../../base/user.openshift.io/groups/fde -- ../../../base/user.openshift.io/groups/fedora -- ../../../base/user.openshift.io/groups/fybrik -- ../../../base/user.openshift.io/groups/grafana-editor -- ../../../base/user.openshift.io/groups/grafana-viewer -- ../../../base/user.openshift.io/groups/kepler-admins -- ../../../base/user.openshift.io/groups/kruize -- ../../../base/user.openshift.io/groups/jetsons -- ../../../base/user.openshift.io/groups/lab-cicd -- ../../../base/user.openshift.io/groups/logs-insights -- ../../../base/user.openshift.io/groups/manageiq -- ../../../base/user.openshift.io/groups/multinode-demo -- ../../../base/user.openshift.io/groups/mwperf -- ../../../base/user.openshift.io/groups/neu-students -- ../../../base/user.openshift.io/groups/ocp-pipelines-sre -- ../../../base/user.openshift.io/groups/octo-et-security -- ../../../base/user.openshift.io/groups/octo-et-platform -- ../../../base/user.openshift.io/groups/octo-otel-dev -- ../../../base/user.openshift.io/groups/octo-training-model -- ../../../base/user.openshift.io/groups/octo-ushift-dev -- ../../../base/user.openshift.io/groups/odh-admin -- ../../../base/user.openshift.io/groups/okd-team -- ../../../base/user.openshift.io/groups/okd-wg -- ../../../base/user.openshift.io/groups/open-aiops -- ../../../base/user.openshift.io/groups/operate-first -- ../../../base/user.openshift.io/groups/opf-alerting -- ../../../base/user.openshift.io/groups/osc -- ../../../base/user.openshift.io/groups/osc-admins -- ../../../base/user.openshift.io/groups/peribolos-as-a-service -- ../../../base/user.openshift.io/groups/prometheus-ai -- ../../../base/user.openshift.io/groups/prometheus-anomaly-detector -- ../../../base/user.openshift.io/groups/psse-research -- ../../../base/user.openshift.io/groups/pulp -- ../../../base/user.openshift.io/groups/quarkus -- ../../../base/user.openshift.io/groups/ray -- ../../../base/user.openshift.io/groups/redhat-cto-team -- ../../../base/user.openshift.io/groups/redhat-impact -- ../../../base/user.openshift.io/groups/rekor -- ../../../base/user.openshift.io/groups/rh-curator-eval -- ../../../base/user.openshift.io/groups/rh-dus -- ../../../base/user.openshift.io/groups/sa-dach -- ../../../base/user.openshift.io/groups/scsaol -- ../../../base/user.openshift.io/groups/sdap-mslsp -- ../../../base/user.openshift.io/groups/seldon-admin -- ../../../base/user.openshift.io/groups/seraph -- ../../../base/user.openshift.io/groups/sigstore -- ../../../base/user.openshift.io/groups/sostrades -- ../../../base/user.openshift.io/groups/sre -- ../../../base/user.openshift.io/groups/stackrox-admin -- ../../../base/user.openshift.io/groups/superset-admins -- ../../../base/user.openshift.io/groups/superset-user -- ../../../base/user.openshift.io/groups/team-pixel -- ../../../base/user.openshift.io/groups/thoth -- ../../../base/user.openshift.io/groups/thoth-devops -- ../../../base/user.openshift.io/groups/tremor-demo -- ../../../base/user.openshift.io/groups/ttm-as-a-service -- ../../../base/user.openshift.io/groups/uky-redhat -- ../../../base/user.openshift.io/groups/varangian -- ../../../base/user.openshift.io/groups/workshops -- ../../../bundles/opf-monitoring -- ../../../bundles/service-catalog-k8s-plugin -- ../../../base/user.openshift.io/groups/kaoto -- ../../../base/user.openshift.io/groups/gingersnap -- ../../../base/user.openshift.io/groups/highlander -- ../../../base/user.openshift.io/groups/ai4cloudops -- ../../../base/user.openshift.io/groups/ray-bu -- ../../../base/user.openshift.io/groups/wildfly + - ../../../base/config.openshift.io/projects/cluster + - ../../../base/core/serviceaccounts/schemastore-ci + - ../../../base/operator.openshift.io/consoles/cluster + - ../../../base/rbac.authorization.k8s.io/clusterrolebindings/cluster-admins-rb + - ../../../base/rbac.authorization.k8s.io/clusterrolebindings/self-provisioners + - ../../../base/rbac.authorization.k8s.io/clusterrolebindings/sre + - ../../../base/rbac.authorization.k8s.io/clusterroles/events-aggregate-to-edit + - ../../../base/user.openshift.io/groups/adoptium + - ../../../base/user.openshift.io/groups/ai-services + - ../../../base/user.openshift.io/groups/ai4cloudops + - ../../../base/user.openshift.io/groups/aiops-tools-workshop-admins + - ../../../base/user.openshift.io/groups/apicurio + - ../../../base/user.openshift.io/groups/argocd-admins + - ../../../base/user.openshift.io/groups/argocd-readonly + - ../../../base/user.openshift.io/groups/b4mad + - ../../../base/user.openshift.io/groups/boatroackers + - ../../../base/user.openshift.io/groups/boston-university-redhat + - ../../../base/user.openshift.io/groups/bu-cs-book-dev + - ../../../base/user.openshift.io/groups/ccx + - ../../../base/user.openshift.io/groups/chi-rhug + - ../../../base/user.openshift.io/groups/chris-project + - ../../../base/user.openshift.io/groups/cnv-testing + - ../../../base/user.openshift.io/groups/codait-advo + - ../../../base/user.openshift.io/groups/copilot-ops + - ../../../base/user.openshift.io/groups/curator + - ../../../base/user.openshift.io/groups/data-science + - ../../../base/user.openshift.io/groups/debezium + - ../../../base/user.openshift.io/groups/demolab_team + - ../../../base/user.openshift.io/groups/drvbw + - ../../../base/user.openshift.io/groups/eldritch-team13 + - ../../../base/user.openshift.io/groups/emea-sa + - ../../../base/user.openshift.io/groups/enterprise-neurosystem + - ../../../base/user.openshift.io/groups/esi-project + - ../../../base/user.openshift.io/groups/fde + - ../../../base/user.openshift.io/groups/fedora + - ../../../base/user.openshift.io/groups/fybrik + - ../../../base/user.openshift.io/groups/gingersnap + - ../../../base/user.openshift.io/groups/grafana-editor + - ../../../base/user.openshift.io/groups/grafana-viewer + - ../../../base/user.openshift.io/groups/highlander + - ../../../base/user.openshift.io/groups/jetsons + - ../../../base/user.openshift.io/groups/kaoto + - ../../../base/user.openshift.io/groups/kepler-admins + - ../../../base/user.openshift.io/groups/kruize + - ../../../base/user.openshift.io/groups/lab-cicd + - ../../../base/user.openshift.io/groups/logs-insights + - ../../../base/user.openshift.io/groups/manageiq + - ../../../base/user.openshift.io/groups/mimotej-team + - ../../../base/user.openshift.io/groups/multinode-demo + - ../../../base/user.openshift.io/groups/mwperf + - ../../../base/user.openshift.io/groups/neu-students + - ../../../base/user.openshift.io/groups/ocp-pipelines-sre + - ../../../base/user.openshift.io/groups/octo-et-platform + - ../../../base/user.openshift.io/groups/octo-et-security + - ../../../base/user.openshift.io/groups/octo-otel-dev + - ../../../base/user.openshift.io/groups/octo-training-model + - ../../../base/user.openshift.io/groups/octo-ushift-dev + - ../../../base/user.openshift.io/groups/odh-admin + - ../../../base/user.openshift.io/groups/okd-team + - ../../../base/user.openshift.io/groups/okd-wg + - ../../../base/user.openshift.io/groups/open-aiops + - ../../../base/user.openshift.io/groups/operate-first + - ../../../base/user.openshift.io/groups/opf-alerting + - ../../../base/user.openshift.io/groups/osc + - ../../../base/user.openshift.io/groups/osc-admins + - ../../../base/user.openshift.io/groups/peribolos-as-a-service + - ../../../base/user.openshift.io/groups/prometheus-ai + - ../../../base/user.openshift.io/groups/prometheus-anomaly-detector + - ../../../base/user.openshift.io/groups/psse-research + - ../../../base/user.openshift.io/groups/pulp + - ../../../base/user.openshift.io/groups/quarkus + - ../../../base/user.openshift.io/groups/ray + - ../../../base/user.openshift.io/groups/ray-bu + - ../../../base/user.openshift.io/groups/redhat-cto-team + - ../../../base/user.openshift.io/groups/redhat-impact + - ../../../base/user.openshift.io/groups/rekor + - ../../../base/user.openshift.io/groups/rh-curator-eval + - ../../../base/user.openshift.io/groups/rh-dus + - ../../../base/user.openshift.io/groups/sa-dach + - ../../../base/user.openshift.io/groups/scsaol + - ../../../base/user.openshift.io/groups/sdap-mslsp + - ../../../base/user.openshift.io/groups/seldon-admin + - ../../../base/user.openshift.io/groups/seraph + - ../../../base/user.openshift.io/groups/sigstore + - ../../../base/user.openshift.io/groups/sostrades + - ../../../base/user.openshift.io/groups/sre + - ../../../base/user.openshift.io/groups/stackrox-admin + - ../../../base/user.openshift.io/groups/superset-admins + - ../../../base/user.openshift.io/groups/superset-user + - ../../../base/user.openshift.io/groups/team-pixel + - ../../../base/user.openshift.io/groups/thoth + - ../../../base/user.openshift.io/groups/thoth-devops + - ../../../base/user.openshift.io/groups/tremor-demo + - ../../../base/user.openshift.io/groups/ttm-as-a-service + - ../../../base/user.openshift.io/groups/uky-redhat + - ../../../base/user.openshift.io/groups/varangian + - ../../../base/user.openshift.io/groups/wildfly + - ../../../base/user.openshift.io/groups/workshops + - ../../../bundles/opf-monitoring + - ../../../bundles/service-catalog-k8s-plugin diff --git a/cluster-scope/overlays/prod/moc/infra/kustomization.yaml b/cluster-scope/overlays/prod/moc/infra/kustomization.yaml index 594dc52..1bd78ac 100644 --- a/cluster-scope/overlays/prod/moc/infra/kustomization.yaml +++ b/cluster-scope/overlays/prod/moc/infra/kustomization.yaml @@ -1,13 +1,10 @@ ---- apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization - resources: - - ../common - - ../../../../bundles/klusterletaddonconfig-editor/ - ../../../../base/core/configmaps/cluster-monitoring-config - ../../../../base/core/configmaps/user-workload-monitoring-config - ../../../../base/core/namespaces/acm + - ../../../../base/core/namespaces/mimotej-namespace - ../../../../base/core/namespaces/open-cluster-management-observability - ../../../../base/core/namespaces/openshift-cnv - ../../../../base/core/namespaces/openshift-logging @@ -37,10 +34,12 @@ resources: - ../../../../bundles/acme-operator - ../../../../bundles/external-secrets-operator - ../../../../bundles/idp-mgmt-operator + - ../../../../bundles/klusterletaddonconfig-editor/ - ../../../../bundles/odf-external + - ../common - apiserver/api_server_cert.yaml - - configmaps/service-catalog-k8s-plugin.yaml - clusterversion.yaml + - configmaps/service-catalog-k8s-plugin.yaml - externalsecrets - kubeletconfigs/increase-worker-system-reserved-memory.yaml - metal3.io/provisionings/provisioning-configuration.yaml @@ -53,12 +52,11 @@ resources: - nodes/os-ctrl-2.moc-infra.massopen.cloud.yaml - oauth - objectbucketclaims/thanos.yaml - - secrets - secret-mgmt + - secrets - storageclasses/ocs-external-storagecluster-ceph-rbd.yaml generators: - secret-generator.yaml - patchesStrategicMerge: - subscriptions/cluster-logging-operator_patch.yaml - subscriptions/kubernetes-nmstate-operator_patch.yaml