|
| 1 | +apiVersion: operators.coreos.com/v1alpha1 |
| 2 | +kind: ClusterServiceVersion |
| 3 | +metadata: |
| 4 | + annotations: |
| 5 | + alm-examples: |- |
| 6 | + [ |
| 7 | + { |
| 8 | + "apiVersion": "ecr.services.k8s.aws/v1alpha1", |
| 9 | + "kind": "Repository", |
| 10 | + "metadata": { |
| 11 | + "name": "example" |
| 12 | + }, |
| 13 | + "spec": {} |
| 14 | + } |
| 15 | + ] |
| 16 | + capabilities: Basic Install |
| 17 | + categories: Cloud Provider |
| 18 | + certified: "false" |
| 19 | + containerImage: public.ecr.aws/aws-controllers-k8s/ecr-controller:1.5.0 |
| 20 | + createdAt: "2026-02-14T00:26:48Z" |
| 21 | + description: AWS ECR controller is a service controller for managing ECR resources |
| 22 | + in Kubernetes |
| 23 | + operatorframework.io/suggested-namespace: ack-system |
| 24 | + operators.operatorframework.io/builder: operator-sdk-v1.28.0 |
| 25 | + operators.operatorframework.io/project_layout: unknown |
| 26 | + repository: https://github.com/aws-controllers-k8s |
| 27 | + support: Community |
| 28 | + labels: |
| 29 | + operatorframework.io/arch.amd64: supported |
| 30 | + operatorframework.io/arch.arm64: supported |
| 31 | + operatorframework.io/os.linux: supported |
| 32 | + name: ack-ecr-controller.v1.5.0 |
| 33 | + namespace: placeholder |
| 34 | +spec: |
| 35 | + apiservicedefinitions: {} |
| 36 | + customresourcedefinitions: |
| 37 | + owned: |
| 38 | + - description: PullThroughCacheRule represents the state of an AWS ecr PullThroughCacheRule |
| 39 | + resource. |
| 40 | + displayName: PullThroughCacheRule |
| 41 | + kind: PullThroughCacheRule |
| 42 | + name: pullthroughcacherules.ecr.services.k8s.aws |
| 43 | + version: v1alpha1 |
| 44 | + - description: Repository represents the state of an AWS ecr Repository resource. |
| 45 | + displayName: Repository |
| 46 | + kind: Repository |
| 47 | + name: repositories.ecr.services.k8s.aws |
| 48 | + version: v1alpha1 |
| 49 | + - description: RepositoryCreationTemplate represents the state of an AWS ecr RepositoryCreationTemplate |
| 50 | + resource. |
| 51 | + displayName: RepositoryCreationTemplate |
| 52 | + kind: RepositoryCreationTemplate |
| 53 | + name: repositorycreationtemplates.ecr.services.k8s.aws |
| 54 | + version: v1alpha1 |
| 55 | + description: |- |
| 56 | + Manage Amazon Elastic Container Registry (ECR) resources in AWS from within your Kubernetes cluster. |
| 57 | +
|
| 58 | + **About Amazon ECR** |
| 59 | +
|
| 60 | + Amazon Elastic Container Registry (Amazon ECR) is an AWS managed container image registry service that is secure, scalable, and reliable. Amazon ECR supports private repositories with resource-based permissions using AWS IAM. This is so that specified users or Amazon EC2 instances can access your container repositories and images. You can use your preferred CLI to push, pull, and manage Docker images, Open Container Initiative (OCI) images, and OCI compatible artifacts. |
| 61 | +
|
| 62 | + **About the AWS Controllers for Kubernetes** |
| 63 | +
|
| 64 | + This controller is a component of the [AWS Controller for Kubernetes](https://github.com/aws/aws-controllers-k8s) project. |
| 65 | +
|
| 66 | + **Pre-Installation Steps** |
| 67 | +
|
| 68 | + Please follow the following link: [Red Hat OpenShift](https://aws-controllers-k8s.github.io/community/docs/user-docs/openshift/) |
| 69 | + displayName: AWS Controllers for Kubernetes - Amazon ECR |
| 70 | + icon: |
| 71 | + - base64data: PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4KPCEtLSBHZW5lcmF0b3I6IEFkb2JlIElsbHVzdHJhdG9yIDE5LjAuMSwgU1ZHIEV4cG9ydCBQbHVnLUluIC4gU1ZHIFZlcnNpb246IDYuMDAgQnVpbGQgMCkgIC0tPgo8c3ZnIHZlcnNpb249IjEuMSIgaWQ9IkxheWVyXzEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgeG1sbnM6eGxpbms9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmsiIHg9IjBweCIgeT0iMHB4IiB2aWV3Qm94PSIwIDAgMzA0IDE4MiIgc3R5bGU9ImVuYWJsZS1iYWNrZ3JvdW5kOm5ldyAwIDAgMzA0IDE4MjsiIHhtbDpzcGFjZT0icHJlc2VydmUiPgo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPgoJLnN0MHtmaWxsOiMyNTJGM0U7fQoJLnN0MXtmaWxsLXJ1bGU6ZXZlbm9kZDtjbGlwLXJ1bGU6ZXZlbm9kZDtmaWxsOiNGRjk5MDA7fQo8L3N0eWxlPgo8Zz4KCTxwYXRoIGNsYXNzPSJzdDAiIGQ9Ik04Ni40LDY2LjRjMCwzLjcsMC40LDYuNywxLjEsOC45YzAuOCwyLjIsMS44LDQuNiwzLjIsNy4yYzAuNSwwLjgsMC43LDEuNiwwLjcsMi4zYzAsMS0wLjYsMi0xLjksM2wtNi4zLDQuMiAgIGMtMC45LDAuNi0xLjgsMC45LTIuNiwwLjljLTEsMC0yLTAuNS0zLTEuNEM3Ni4yLDkwLDc1LDg4LjQsNzQsODYuOGMtMS0xLjctMi0zLjYtMy4xLTUuOWMtNy44LDkuMi0xNy42LDEzLjgtMjkuNCwxMy44ICAgYy04LjQsMC0xNS4xLTIuNC0yMC03LjJjLTQuOS00LjgtNy40LTExLjItNy40LTE5LjJjMC04LjUsMy0xNS40LDkuMS0yMC42YzYuMS01LjIsMTQuMi03LjgsMjQuNS03LjhjMy40LDAsNi45LDAuMywxMC42LDAuOCAgIGMzLjcsMC41LDcuNSwxLjMsMTEuNSwyLjJ2LTcuM2MwLTcuNi0xLjYtMTIuOS00LjctMTZjLTMuMi0zLjEtOC42LTQuNi0xNi4zLTQuNmMtMy41LDAtNy4xLDAuNC0xMC44LDEuM2MtMy43LDAuOS03LjMsMi0xMC44LDMuNCAgIGMtMS42LDAuNy0yLjgsMS4xLTMuNSwxLjNjLTAuNywwLjItMS4yLDAuMy0xLjYsMC4zYy0xLjQsMC0yLjEtMS0yLjEtMy4xdi00LjljMC0xLjYsMC4yLTIuOCwwLjctMy41YzAuNS0wLjcsMS40LTEuNCwyLjgtMi4xICAgYzMuNS0xLjgsNy43LTMuMywxMi42LTQuNWM0LjktMS4zLDEwLjEtMS45LDE1LjYtMS45YzExLjksMCwyMC42LDIuNywyNi4yLDguMWM1LjUsNS40LDguMywxMy42LDguMywyNC42VjY2LjR6IE00NS44LDgxLjYgICBjMy4zLDAsNi43LTAuNiwxMC4zLTEuOGMzLjYtMS4yLDYuOC0zLjQsOS41LTYuNGMxLjYtMS45LDIuOC00LDMuNC02LjRjMC42LTIuNCwxLTUuMywxLTguN3YtNC4yYy0yLjktMC43LTYtMS4zLTkuMi0xLjcgICBjLTMuMi0wLjQtNi4zLTAuNi05LjQtMC42Yy02LjcsMC0xMS42LDEuMy0xNC45LDRjLTMuMywyLjctNC45LDYuNS00LjksMTEuNWMwLDQuNywxLjIsOC4yLDMuNywxMC42ICAgQzM3LjcsODAuNCw0MS4yLDgxLjYsNDUuOCw4MS42eiBNMTI2LjEsOTIuNGMtMS44LDAtMy0wLjMtMy44LTFjLTAuOC0wLjYtMS41LTItMi4xLTMuOUw5Ni43LDEwLjJjLTAuNi0yLTAuOS0zLjMtMC45LTQgICBjMC0xLjYsMC44LTIuNSwyLjQtMi41aDkuOGMxLjksMCwzLjIsMC4zLDMuOSwxYzAuOCwwLjYsMS40LDIsMiwzLjlsMTYuOCw2Ni4ybDE1LjYtNjYuMmMwLjUtMiwxLjEtMy4zLDEuOS0zLjljMC44LTAuNiwyLjItMSw0LTEgICBoOGMxLjksMCwzLjIsMC4zLDQsMWMwLjgsMC42LDEuNSwyLDEuOSwzLjlsMTUuOCw2N2wxNy4zLTY3YzAuNi0yLDEuMy0zLjMsMi0zLjljMC44LTAuNiwyLjEtMSwzLjktMWg5LjNjMS42LDAsMi41LDAuOCwyLjUsMi41ICAgYzAsMC41LTAuMSwxLTAuMiwxLjZjLTAuMSwwLjYtMC4zLDEuNC0wLjcsMi41bC0yNC4xLDc3LjNjLTAuNiwyLTEuMywzLjMtMi4xLDMuOWMtMC44LDAuNi0yLjEsMS0zLjgsMWgtOC42Yy0xLjksMC0zLjItMC4zLTQtMSAgIGMtMC44LTAuNy0xLjUtMi0xLjktNEwxNTYsMjNsLTE1LjQsNjQuNGMtMC41LDItMS4xLDMuMy0xLjksNGMtMC44LDAuNy0yLjIsMS00LDFIMTI2LjF6IE0yNTQuNiw5NS4xYy01LjIsMC0xMC40LTAuNi0xNS40LTEuOCAgIGMtNS0xLjItOC45LTIuNS0xMS41LTRjLTEuNi0wLjktMi43LTEuOS0zLjEtMi44Yy0wLjQtMC45LTAuNi0xLjktMC42LTIuOHYtNS4xYzAtMi4xLDAuOC0zLjEsMi4zLTMuMWMwLjYsMCwxLjIsMC4xLDEuOCwwLjMgICBjMC42LDAuMiwxLjUsMC42LDIuNSwxYzMuNCwxLjUsNy4xLDIuNywxMSwzLjVjNCwwLjgsNy45LDEuMiwxMS45LDEuMmM2LjMsMCwxMS4yLTEuMSwxNC42LTMuM2MzLjQtMi4yLDUuMi01LjQsNS4yLTkuNSAgIGMwLTIuOC0wLjktNS4xLTIuNy03Yy0xLjgtMS45LTUuMi0zLjYtMTAuMS01LjJMMjQ2LDUyYy03LjMtMi4zLTEyLjctNS43LTE2LTEwLjJjLTMuMy00LjQtNS05LjMtNS0xNC41YzAtNC4yLDAuOS03LjksMi43LTExLjEgICBjMS44LTMuMiw0LjItNiw3LjItOC4yYzMtMi4zLDYuNC00LDEwLjQtNS4yYzQtMS4yLDguMi0xLjcsMTIuNi0xLjdjMi4yLDAsNC41LDAuMSw2LjcsMC40YzIuMywwLjMsNC40LDAuNyw2LjUsMS4xICAgYzIsMC41LDMuOSwxLDUuNywxLjZjMS44LDAuNiwzLjIsMS4yLDQuMiwxLjhjMS40LDAuOCwyLjQsMS42LDMsMi41YzAuNiwwLjgsMC45LDEuOSwwLjksMy4zdjQuN2MwLDIuMS0wLjgsMy4yLTIuMywzLjIgICBjLTAuOCwwLTIuMS0wLjQtMy44LTEuMmMtNS43LTIuNi0xMi4xLTMuOS0xOS4yLTMuOWMtNS43LDAtMTAuMiwwLjktMTMuMywyLjhjLTMuMSwxLjktNC43LDQuOC00LjcsOC45YzAsMi44LDEsNS4yLDMsNy4xICAgYzIsMS45LDUuNywzLjgsMTEsNS41bDE0LjIsNC41YzcuMiwyLjMsMTIuNCw1LjUsMTUuNSw5LjZjMy4xLDQuMSw0LjYsOC44LDQuNiwxNGMwLDQuMy0wLjksOC4yLTIuNiwxMS42ICAgYy0xLjgsMy40LTQuMiw2LjQtNy4zLDguOGMtMy4xLDIuNS02LjgsNC4zLTExLjEsNS42QzI2NC40LDk0LjQsMjU5LjcsOTUuMSwyNTQuNiw5NS4xeiIvPgoJPGc+CgkJPHBhdGggY2xhc3M9InN0MSIgZD0iTTI3My41LDE0My43Yy0zMi45LDI0LjMtODAuNywzNy4yLTEyMS44LDM3LjJjLTU3LjYsMC0xMDkuNS0yMS4zLTE0OC43LTU2LjdjLTMuMS0yLjgtMC4zLTYuNiwzLjQtNC40ICAgIGM0Mi40LDI0LjYsOTQuNywzOS41LDE0OC44LDM5LjVjMzYuNSwwLDc2LjYtNy42LDExMy41LTIzLjJDMjc0LjIsMTMzLjYsMjc4LjksMTM5LjcsMjczLjUsMTQzLjd6Ii8+CgkJPHBhdGggY2xhc3M9InN0MSIgZD0iTTI4Ny4yLDEyOC4xYy00LjItNS40LTI3LjgtMi42LTM4LjUtMS4zYy0zLjIsMC40LTMuNy0yLjQtMC44LTQuNWMxOC44LTEzLjIsNDkuNy05LjQsNTMuMy01ICAgIGMzLjYsNC41LTEsMzUuNC0xOC42LDUwLjJjLTIuNywyLjMtNS4zLDEuMS00LjEtMS45QzI4Mi41LDE1NS43LDI5MS40LDEzMy40LDI4Ny4yLDEyOC4xeiIvPgoJPC9nPgo8L2c+Cjwvc3ZnPg== |
| 72 | + mediatype: image/svg+xml |
| 73 | + install: |
| 74 | + spec: |
| 75 | + clusterPermissions: |
| 76 | + - rules: |
| 77 | + - apiGroups: |
| 78 | + - "" |
| 79 | + resources: |
| 80 | + - configmaps |
| 81 | + - secrets |
| 82 | + verbs: |
| 83 | + - get |
| 84 | + - list |
| 85 | + - patch |
| 86 | + - watch |
| 87 | + - apiGroups: |
| 88 | + - "" |
| 89 | + resources: |
| 90 | + - namespaces |
| 91 | + verbs: |
| 92 | + - get |
| 93 | + - list |
| 94 | + - watch |
| 95 | + - apiGroups: |
| 96 | + - ecr.services.k8s.aws |
| 97 | + resources: |
| 98 | + - pullthroughcacherules |
| 99 | + - repositories |
| 100 | + - repositorycreationtemplates |
| 101 | + verbs: |
| 102 | + - create |
| 103 | + - delete |
| 104 | + - get |
| 105 | + - list |
| 106 | + - patch |
| 107 | + - update |
| 108 | + - watch |
| 109 | + - apiGroups: |
| 110 | + - ecr.services.k8s.aws |
| 111 | + resources: |
| 112 | + - pullthroughcacherules/status |
| 113 | + - repositories/status |
| 114 | + - repositorycreationtemplates/status |
| 115 | + verbs: |
| 116 | + - get |
| 117 | + - patch |
| 118 | + - update |
| 119 | + - apiGroups: |
| 120 | + - iam.services.k8s.aws |
| 121 | + resources: |
| 122 | + - roles |
| 123 | + - roles/status |
| 124 | + verbs: |
| 125 | + - get |
| 126 | + - list |
| 127 | + - apiGroups: |
| 128 | + - secretsmanager.services.k8s.aws |
| 129 | + resources: |
| 130 | + - secrets |
| 131 | + - secrets/status |
| 132 | + verbs: |
| 133 | + - get |
| 134 | + - list |
| 135 | + - apiGroups: |
| 136 | + - services.k8s.aws |
| 137 | + resources: |
| 138 | + - fieldexports |
| 139 | + - iamroleselectors |
| 140 | + verbs: |
| 141 | + - create |
| 142 | + - delete |
| 143 | + - get |
| 144 | + - list |
| 145 | + - patch |
| 146 | + - update |
| 147 | + - watch |
| 148 | + - apiGroups: |
| 149 | + - services.k8s.aws |
| 150 | + resources: |
| 151 | + - fieldexports/status |
| 152 | + - iamroleselectors/status |
| 153 | + verbs: |
| 154 | + - get |
| 155 | + - patch |
| 156 | + - update |
| 157 | + serviceAccountName: ack-ecr-controller |
| 158 | + deployments: |
| 159 | + - label: |
| 160 | + app.kubernetes.io/name: ack-ecr-controller |
| 161 | + app.kubernetes.io/part-of: ack-system |
| 162 | + name: ack-ecr-controller |
| 163 | + spec: |
| 164 | + replicas: 1 |
| 165 | + selector: |
| 166 | + matchLabels: |
| 167 | + app.kubernetes.io/name: ack-ecr-controller |
| 168 | + strategy: {} |
| 169 | + template: |
| 170 | + metadata: |
| 171 | + labels: |
| 172 | + app.kubernetes.io/name: ack-ecr-controller |
| 173 | + spec: |
| 174 | + containers: |
| 175 | + - args: |
| 176 | + - --aws-region |
| 177 | + - $(AWS_REGION) |
| 178 | + - --aws-endpoint-url |
| 179 | + - $(AWS_ENDPOINT_URL) |
| 180 | + - --enable-development-logging=$(ACK_ENABLE_DEVELOPMENT_LOGGING) |
| 181 | + - --log-level |
| 182 | + - $(ACK_LOG_LEVEL) |
| 183 | + - --resource-tags |
| 184 | + - $(ACK_RESOURCE_TAGS) |
| 185 | + - --watch-namespace |
| 186 | + - $(ACK_WATCH_NAMESPACE) |
| 187 | + - --enable-leader-election=$(ENABLE_LEADER_ELECTION) |
| 188 | + - --leader-election-namespace |
| 189 | + - $(LEADER_ELECTION_NAMESPACE) |
| 190 | + - --reconcile-default-max-concurrent-syncs |
| 191 | + - $(RECONCILE_DEFAULT_MAX_CONCURRENT_SYNCS) |
| 192 | + - --feature-gates |
| 193 | + - $(FEATURE_GATES) |
| 194 | + - --enable-carm=$(ENABLE_CARM) |
| 195 | + command: |
| 196 | + - ./bin/controller |
| 197 | + env: |
| 198 | + - name: ACK_SYSTEM_NAMESPACE |
| 199 | + valueFrom: |
| 200 | + fieldRef: |
| 201 | + fieldPath: metadata.namespace |
| 202 | + envFrom: |
| 203 | + - configMapRef: |
| 204 | + name: ack-ecr-user-config |
| 205 | + optional: false |
| 206 | + - secretRef: |
| 207 | + name: ack-ecr-user-secrets |
| 208 | + optional: true |
| 209 | + image: public.ecr.aws/aws-controllers-k8s/ecr-controller:1.5.0 |
| 210 | + livenessProbe: |
| 211 | + httpGet: |
| 212 | + path: /healthz |
| 213 | + port: 8081 |
| 214 | + initialDelaySeconds: 15 |
| 215 | + periodSeconds: 20 |
| 216 | + name: controller |
| 217 | + ports: |
| 218 | + - containerPort: 8080 |
| 219 | + name: http |
| 220 | + readinessProbe: |
| 221 | + httpGet: |
| 222 | + path: /readyz |
| 223 | + port: 8081 |
| 224 | + initialDelaySeconds: 5 |
| 225 | + periodSeconds: 10 |
| 226 | + resources: |
| 227 | + limits: |
| 228 | + cpu: 100m |
| 229 | + memory: 300Mi |
| 230 | + requests: |
| 231 | + cpu: 100m |
| 232 | + memory: 200Mi |
| 233 | + securityContext: |
| 234 | + allowPrivilegeEscalation: false |
| 235 | + capabilities: |
| 236 | + drop: |
| 237 | + - ALL |
| 238 | + privileged: false |
| 239 | + runAsNonRoot: true |
| 240 | + dnsPolicy: ClusterFirst |
| 241 | + securityContext: |
| 242 | + seccompProfile: |
| 243 | + type: RuntimeDefault |
| 244 | + serviceAccountName: ack-ecr-controller |
| 245 | + terminationGracePeriodSeconds: 10 |
| 246 | + permissions: |
| 247 | + - rules: |
| 248 | + - apiGroups: |
| 249 | + - coordination.k8s.io |
| 250 | + resources: |
| 251 | + - leases |
| 252 | + verbs: |
| 253 | + - get |
| 254 | + - list |
| 255 | + - watch |
| 256 | + - create |
| 257 | + - update |
| 258 | + - patch |
| 259 | + - delete |
| 260 | + - apiGroups: |
| 261 | + - "" |
| 262 | + resources: |
| 263 | + - events |
| 264 | + verbs: |
| 265 | + - create |
| 266 | + - patch |
| 267 | + serviceAccountName: ack-ecr-controller |
| 268 | + strategy: deployment |
| 269 | + installModes: |
| 270 | + - supported: true |
| 271 | + type: OwnNamespace |
| 272 | + - supported: true |
| 273 | + type: SingleNamespace |
| 274 | + - supported: true |
| 275 | + type: MultiNamespace |
| 276 | + - supported: true |
| 277 | + type: AllNamespaces |
| 278 | + keywords: |
| 279 | + - ecr |
| 280 | + - aws |
| 281 | + - amazon |
| 282 | + - ack |
| 283 | + links: |
| 284 | + - name: AWS Controllers for Kubernetes |
| 285 | + url: https://github.com/aws-controllers-k8s/community |
| 286 | + - name: Documentation |
| 287 | + url: https://aws-controllers-k8s.github.io/community/ |
| 288 | + - name: Amazon ECR Developer Resources |
| 289 | + url: https://aws.amazon.com/ecr/resources/ |
| 290 | + maintainers: |
| 291 | + - email: ack-maintainers@amazon.com |
| 292 | + name: ecr maintainer team |
| 293 | + maturity: alpha |
| 294 | + provider: |
| 295 | + name: Amazon, Inc. |
| 296 | + url: https://aws.amazon.com |
| 297 | + version: 1.5.0 |
0 commit comments