From edbb62cca4d3b28bab2096e304b2aeb3e32668ae Mon Sep 17 00:00:00 2001 From: Ben Vincent Date: Fri, 3 Jul 2026 19:54:09 +1000 Subject: [PATCH] Deploy bind-operator (operator + CRDs) Deploys the bind-operator control plane on its own so it can be verified before any DNS clusters are created. The three BIND tiers follow as separate PRs. - add apps/base/bind-system: operator Deployment (image v0.1.1), RBAC, namespace, and CRDs pulled from the operator repo by raw URL - add au-syd1 bind-system overlay - register all four bind apps in the platform ApplicationSet (the DNS overlays are instantiated only once their dirs land in later PRs) - add binddns-* namespaces to the platform AppProject destinations - add schemas/bind.unkin.net/*.json so kubeconform validates the CRs --- apps/base/bind-system/deployment.yaml | 57 ++ apps/base/bind-system/kustomization.yaml | 11 + apps/base/bind-system/namespace.yaml | 5 + apps/base/bind-system/rbac.yaml | 46 + .../au-syd1/bind-system/kustomization.yaml | 6 + argocd/applicationsets/platform.yaml | 4 + argocd/projects/platform.yaml | 6 + schemas/bind.unkin.net/bindacl_v1alpha1.json | 96 ++ .../bindcatalogzone_v1alpha1.json | 106 +++ .../bind.unkin.net/bindcluster_v1alpha1.json | 898 ++++++++++++++++++ .../binddnssecpolicy_v1alpha1.json | 160 ++++ .../bind.unkin.net/bindpolicy_v1alpha1.json | 154 +++ .../bind.unkin.net/bindtsigkey_v1alpha1.json | 110 +++ schemas/bind.unkin.net/bindview_v1alpha1.json | 125 +++ schemas/bind.unkin.net/bindzone_v1alpha1.json | 186 ++++ .../bind.unkin.net/dnsrecord_v1alpha1.json | 112 +++ 16 files changed, 2082 insertions(+) create mode 100644 apps/base/bind-system/deployment.yaml create mode 100644 apps/base/bind-system/kustomization.yaml create mode 100644 apps/base/bind-system/namespace.yaml create mode 100644 apps/base/bind-system/rbac.yaml create mode 100644 apps/overlays/au-syd1/bind-system/kustomization.yaml create mode 100644 schemas/bind.unkin.net/bindacl_v1alpha1.json create mode 100644 schemas/bind.unkin.net/bindcatalogzone_v1alpha1.json create mode 100644 schemas/bind.unkin.net/bindcluster_v1alpha1.json create mode 100644 schemas/bind.unkin.net/binddnssecpolicy_v1alpha1.json create mode 100644 schemas/bind.unkin.net/bindpolicy_v1alpha1.json create mode 100644 schemas/bind.unkin.net/bindtsigkey_v1alpha1.json create mode 100644 schemas/bind.unkin.net/bindview_v1alpha1.json create mode 100644 schemas/bind.unkin.net/bindzone_v1alpha1.json create mode 100644 schemas/bind.unkin.net/dnsrecord_v1alpha1.json diff --git a/apps/base/bind-system/deployment.yaml b/apps/base/bind-system/deployment.yaml new file mode 100644 index 0000000..0dd8c11 --- /dev/null +++ b/apps/base/bind-system/deployment.yaml @@ -0,0 +1,57 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: bind-operator + namespace: bind-system + labels: + app.kubernetes.io/name: bind-operator +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: bind-operator + template: + metadata: + labels: + app.kubernetes.io/name: bind-operator + spec: + serviceAccountName: bind-operator + securityContext: + runAsNonRoot: true + containers: + - name: operator + image: git.unkin.net/unkin/bind-operator:v0.1.1 + args: + - --metrics-bind-address=:8080 + - --health-probe-bind-address=:8081 + - --leader-elect + ports: + - containerPort: 8080 + name: metrics + - containerPort: 8081 + name: health + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: ["ALL"] + resources: + requests: + cpu: 50m + memory: 64Mi + limits: + cpu: 500m + memory: 256Mi diff --git a/apps/base/bind-system/kustomization.yaml b/apps/base/bind-system/kustomization.yaml new file mode 100644 index 0000000..332622f --- /dev/null +++ b/apps/base/bind-system/kustomization.yaml @@ -0,0 +1,11 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - namespace.yaml + # CRDs are pulled from the bind-operator repo at the matching tag rather than + # vendored here, so they never drift from the operator. + - https://git.unkin.net/unkin/bind-operator/raw/tag/v0.1.1/config/crd/install.yaml + - rbac.yaml + - deployment.yaml diff --git a/apps/base/bind-system/namespace.yaml b/apps/base/bind-system/namespace.yaml new file mode 100644 index 0000000..f342864 --- /dev/null +++ b/apps/base/bind-system/namespace.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: bind-system diff --git a/apps/base/bind-system/rbac.yaml b/apps/base/bind-system/rbac.yaml new file mode 100644 index 0000000..628c3ed --- /dev/null +++ b/apps/base/bind-system/rbac.yaml @@ -0,0 +1,46 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: bind-operator + namespace: bind-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: bind-operator +rules: + - apiGroups: ["bind.unkin.net"] + resources: ["*"] + verbs: ["*"] + - apiGroups: [""] + resources: ["services", "configmaps", "secrets"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["pods/exec"] + verbs: ["create", "get"] + - apiGroups: ["apps"] + resources: ["statefulsets"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: bind-operator +subjects: + - kind: ServiceAccount + name: bind-operator + namespace: bind-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: bind-operator diff --git a/apps/overlays/au-syd1/bind-system/kustomization.yaml b/apps/overlays/au-syd1/bind-system/kustomization.yaml new file mode 100644 index 0000000..1737624 --- /dev/null +++ b/apps/overlays/au-syd1/bind-system/kustomization.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - ../../../base/bind-system diff --git a/argocd/applicationsets/platform.yaml b/argocd/applicationsets/platform.yaml index 1a3bb85..9595164 100644 --- a/argocd/applicationsets/platform.yaml +++ b/argocd/applicationsets/platform.yaml @@ -12,6 +12,10 @@ spec: directories: - path: apps/overlays/*/authentik - path: apps/overlays/*/artifactapi + - path: apps/overlays/*/bind-system + - path: apps/overlays/*/binddns-auth + - path: apps/overlays/*/binddns-resolver + - path: apps/overlays/*/binddns-externaldns - path: apps/overlays/*/age-api - path: apps/overlays/*/cattle-system - path: apps/overlays/*/cert-manager diff --git a/argocd/projects/platform.yaml b/argocd/projects/platform.yaml index 6e21f68..4553acc 100644 --- a/argocd/projects/platform.yaml +++ b/argocd/projects/platform.yaml @@ -21,6 +21,12 @@ spec: server: https://kubernetes.default.svc - namespace: 'authentik' server: https://kubernetes.default.svc + - namespace: 'binddns-auth' + server: https://kubernetes.default.svc + - namespace: 'binddns-resolver' + server: https://kubernetes.default.svc + - namespace: 'binddns-externaldns' + server: https://kubernetes.default.svc - namespace: 'cert-manager' server: https://kubernetes.default.svc - namespace: 'certificates' diff --git a/schemas/bind.unkin.net/bindacl_v1alpha1.json b/schemas/bind.unkin.net/bindacl_v1alpha1.json new file mode 100644 index 0000000..91579a9 --- /dev/null +++ b/schemas/bind.unkin.net/bindacl_v1alpha1.json @@ -0,0 +1,96 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema#", + "properties": { + "apiVersion": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "properties": { + "clusterRef": { + "type": "string" + }, + "entries": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "entries" + ], + "type": "object" + }, + "status": { + "properties": { + "conditions": { + "items": { + "properties": { + "lastTransitionTime": { + "format": "date-time", + "type": "string" + }, + "message": { + "maxLength": 32768, + "type": "string" + }, + "observedGeneration": { + "format": "int64", + "minimum": 0, + "type": "integer" + }, + "reason": { + "maxLength": 1024, + "minLength": 1, + "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", + "type": "string" + }, + "status": { + "enum": [ + "True", + "False", + "Unknown" + ], + "type": "string" + }, + "type": { + "maxLength": 316, + "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", + "type": "string" + } + }, + "required": [ + "lastTransitionTime", + "message", + "reason", + "status", + "type" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "type" + ], + "x-kubernetes-list-type": "map" + }, + "observedGeneration": { + "format": "int64", + "type": "integer" + }, + "ready": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" +} diff --git a/schemas/bind.unkin.net/bindcatalogzone_v1alpha1.json b/schemas/bind.unkin.net/bindcatalogzone_v1alpha1.json new file mode 100644 index 0000000..d3f06b9 --- /dev/null +++ b/schemas/bind.unkin.net/bindcatalogzone_v1alpha1.json @@ -0,0 +1,106 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema#", + "properties": { + "apiVersion": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "properties": { + "clusterRef": { + "type": "string" + }, + "defaultPrimaries": { + "items": { + "type": "string" + }, + "type": "array" + }, + "transferKeyRef": { + "type": "string" + }, + "zoneName": { + "type": "string" + } + }, + "required": [ + "clusterRef", + "zoneName" + ], + "type": "object" + }, + "status": { + "properties": { + "conditions": { + "items": { + "properties": { + "lastTransitionTime": { + "format": "date-time", + "type": "string" + }, + "message": { + "maxLength": 32768, + "type": "string" + }, + "observedGeneration": { + "format": "int64", + "minimum": 0, + "type": "integer" + }, + "reason": { + "maxLength": 1024, + "minLength": 1, + "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", + "type": "string" + }, + "status": { + "enum": [ + "True", + "False", + "Unknown" + ], + "type": "string" + }, + "type": { + "maxLength": 316, + "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", + "type": "string" + } + }, + "required": [ + "lastTransitionTime", + "message", + "reason", + "status", + "type" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "type" + ], + "x-kubernetes-list-type": "map" + }, + "memberCount": { + "format": "int32", + "type": "integer" + }, + "observedGeneration": { + "format": "int64", + "type": "integer" + }, + "ready": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" +} diff --git a/schemas/bind.unkin.net/bindcluster_v1alpha1.json b/schemas/bind.unkin.net/bindcluster_v1alpha1.json new file mode 100644 index 0000000..1aaa072 --- /dev/null +++ b/schemas/bind.unkin.net/bindcluster_v1alpha1.json @@ -0,0 +1,898 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema#", + "properties": { + "apiVersion": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "properties": { + "affinity": { + "properties": { + "nodeAffinity": { + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "items": { + "properties": { + "preference": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchFields": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "weight": { + "format": "int32", + "type": "integer" + } + }, + "required": [ + "preference", + "weight" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "properties": { + "nodeSelectorTerms": { + "items": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchFields": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "nodeSelectorTerms" + ], + "type": "object", + "x-kubernetes-map-type": "atomic" + } + }, + "type": "object" + }, + "podAffinity": { + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "items": { + "properties": { + "podAffinityTerm": { + "properties": { + "labelSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "matchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "mismatchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "namespaceSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "topologyKey": { + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "items": { + "properties": { + "labelSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "matchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "mismatchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "namespaceSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "topologyKey": { + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "type": "object" + }, + "podAntiAffinity": { + "properties": { + "preferredDuringSchedulingIgnoredDuringExecution": { + "items": { + "properties": { + "podAffinityTerm": { + "properties": { + "labelSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "matchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "mismatchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "namespaceSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "topologyKey": { + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "weight": { + "format": "int32", + "type": "integer" + } + }, + "required": [ + "podAffinityTerm", + "weight" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "requiredDuringSchedulingIgnoredDuringExecution": { + "items": { + "properties": { + "labelSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "matchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "mismatchLabelKeys": { + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "namespaceSelector": { + "properties": { + "matchExpressions": { + "items": { + "properties": { + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "required": [ + "key", + "operator" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "matchLabels": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + } + }, + "type": "object", + "x-kubernetes-map-type": "atomic" + }, + "namespaces": { + "items": { + "type": "string" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + }, + "topologyKey": { + "type": "string" + } + }, + "required": [ + "topologyKey" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-type": "atomic" + } + }, + "type": "object" + } + }, + "type": "object" + }, + "allowNewZones": { + "default": true, + "type": "boolean" + }, + "catalogZoneRef": { + "type": "string" + }, + "extraOptions": { + "items": { + "type": "string" + }, + "type": "array" + }, + "forwarders": { + "items": { + "type": "string" + }, + "type": "array" + }, + "image": { + "default": "internetsystemsconsortium/bind9:9.20", + "type": "string" + }, + "imagePullPolicy": { + "type": "string" + }, + "mode": { + "default": "authoritative", + "enum": [ + "authoritative", + "resolver" + ], + "type": "string" + }, + "nodeSelector": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "recursion": { + "type": "boolean" + }, + "replicas": { + "default": 3, + "format": "int32", + "minimum": 1, + "type": "integer" + }, + "resources": { + "properties": { + "claims": { + "items": { + "properties": { + "name": { + "type": "string" + }, + "request": { + "type": "string" + } + }, + "required": [ + "name" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "name" + ], + "x-kubernetes-list-type": "map" + }, + "limits": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": "object" + }, + "requests": { + "additionalProperties": { + "anyOf": [ + { + "type": "integer" + }, + { + "type": "string" + } + ], + "pattern": "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$", + "x-kubernetes-int-or-string": true + }, + "type": "object" + } + }, + "type": "object" + }, + "service": { + "properties": { + "annotations": { + "additionalProperties": { + "type": "string" + }, + "type": "object" + }, + "loadBalancerIP": { + "type": "string" + }, + "type": { + "enum": [ + "ClusterIP", + "LoadBalancer", + "NodePort" + ], + "type": "string" + } + }, + "type": "object" + }, + "storageClassName": { + "type": "string" + }, + "storageSize": { + "default": "1Gi", + "type": "string" + }, + "tolerations": { + "items": { + "properties": { + "effect": { + "type": "string" + }, + "key": { + "type": "string" + }, + "operator": { + "type": "string" + }, + "tolerationSeconds": { + "format": "int64", + "type": "integer" + }, + "value": { + "type": "string" + } + }, + "type": "object" + }, + "type": "array" + } + }, + "required": [ + "mode" + ], + "type": "object" + }, + "status": { + "properties": { + "conditions": { + "items": { + "properties": { + "lastTransitionTime": { + "format": "date-time", + "type": "string" + }, + "message": { + "maxLength": 32768, + "type": "string" + }, + "observedGeneration": { + "format": "int64", + "minimum": 0, + "type": "integer" + }, + "reason": { + "maxLength": 1024, + "minLength": 1, + "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", + "type": "string" + }, + "status": { + "enum": [ + "True", + "False", + "Unknown" + ], + "type": "string" + }, + "type": { + "maxLength": 316, + "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", + "type": "string" + } + }, + "required": [ + "lastTransitionTime", + "message", + "reason", + "status", + "type" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "type" + ], + "x-kubernetes-list-type": "map" + }, + "observedGeneration": { + "format": "int64", + "type": "integer" + }, + "phase": { + "type": "string" + }, + "primaryPod": { + "type": "string" + }, + "primaryService": { + "type": "string" + }, + "readyReplicas": { + "format": "int32", + "type": "integer" + }, + "replicas": { + "format": "int32", + "type": "integer" + } + }, + "type": "object" + } + }, + "type": "object" +} diff --git a/schemas/bind.unkin.net/binddnssecpolicy_v1alpha1.json b/schemas/bind.unkin.net/binddnssecpolicy_v1alpha1.json new file mode 100644 index 0000000..8a31fd8 --- /dev/null +++ b/schemas/bind.unkin.net/binddnssecpolicy_v1alpha1.json @@ -0,0 +1,160 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema#", + "properties": { + "apiVersion": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "properties": { + "algorithm": { + "default": "ecdsap256sha256", + "type": "string" + }, + "clusterRef": { + "type": "string" + }, + "csk": { + "properties": { + "algorithm": { + "type": "string" + }, + "keySize": { + "format": "int32", + "type": "integer" + }, + "lifetime": { + "type": "string" + } + }, + "type": "object" + }, + "extraOptions": { + "items": { + "type": "string" + }, + "type": "array" + }, + "ksk": { + "properties": { + "algorithm": { + "type": "string" + }, + "keySize": { + "format": "int32", + "type": "integer" + }, + "lifetime": { + "type": "string" + } + }, + "type": "object" + }, + "maxZoneTTL": { + "type": "string" + }, + "nsec3": { + "type": "boolean" + }, + "policyName": { + "type": "string" + }, + "signaturesValidity": { + "type": "string" + }, + "zsk": { + "properties": { + "algorithm": { + "type": "string" + }, + "keySize": { + "format": "int32", + "type": "integer" + }, + "lifetime": { + "type": "string" + } + }, + "type": "object" + } + }, + "required": [ + "clusterRef" + ], + "type": "object" + }, + "status": { + "properties": { + "conditions": { + "items": { + "properties": { + "lastTransitionTime": { + "format": "date-time", + "type": "string" + }, + "message": { + "maxLength": 32768, + "type": "string" + }, + "observedGeneration": { + "format": "int64", + "minimum": 0, + "type": "integer" + }, + "reason": { + "maxLength": 1024, + "minLength": 1, + "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", + "type": "string" + }, + "status": { + "enum": [ + "True", + "False", + "Unknown" + ], + "type": "string" + }, + "type": { + "maxLength": 316, + "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", + "type": "string" + } + }, + "required": [ + "lastTransitionTime", + "message", + "reason", + "status", + "type" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "type" + ], + "x-kubernetes-list-type": "map" + }, + "observedGeneration": { + "format": "int64", + "type": "integer" + }, + "ready": { + "type": "boolean" + }, + "zoneCount": { + "format": "int32", + "type": "integer" + } + }, + "type": "object" + } + }, + "type": "object" +} diff --git a/schemas/bind.unkin.net/bindpolicy_v1alpha1.json b/schemas/bind.unkin.net/bindpolicy_v1alpha1.json new file mode 100644 index 0000000..947d200 --- /dev/null +++ b/schemas/bind.unkin.net/bindpolicy_v1alpha1.json @@ -0,0 +1,154 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema#", + "properties": { + "apiVersion": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "properties": { + "clusterRef": { + "type": "string" + }, + "order": { + "default": 100, + "format": "int32", + "type": "integer" + }, + "primaries": { + "items": { + "type": "string" + }, + "type": "array" + }, + "rules": { + "items": { + "properties": { + "action": { + "default": "nxdomain", + "enum": [ + "nxdomain", + "nodata", + "passthru", + "drop", + "tcp-only", + "cname" + ], + "type": "string" + }, + "match": { + "type": "string" + }, + "target": { + "type": "string" + }, + "trigger": { + "default": "qname", + "enum": [ + "qname", + "client-ip", + "ip", + "nsdname", + "nsip" + ], + "type": "string" + } + }, + "required": [ + "match" + ], + "type": "object" + }, + "type": "array" + }, + "transferKeyRef": { + "type": "string" + }, + "viewRef": { + "type": "string" + }, + "zoneName": { + "type": "string" + } + }, + "required": [ + "clusterRef", + "zoneName" + ], + "type": "object" + }, + "status": { + "properties": { + "conditions": { + "items": { + "properties": { + "lastTransitionTime": { + "format": "date-time", + "type": "string" + }, + "message": { + "maxLength": 32768, + "type": "string" + }, + "observedGeneration": { + "format": "int64", + "minimum": 0, + "type": "integer" + }, + "reason": { + "maxLength": 1024, + "minLength": 1, + "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", + "type": "string" + }, + "status": { + "enum": [ + "True", + "False", + "Unknown" + ], + "type": "string" + }, + "type": { + "maxLength": 316, + "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", + "type": "string" + } + }, + "required": [ + "lastTransitionTime", + "message", + "reason", + "status", + "type" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "type" + ], + "x-kubernetes-list-type": "map" + }, + "observedGeneration": { + "format": "int64", + "type": "integer" + }, + "ready": { + "type": "boolean" + }, + "ruleCount": { + "format": "int32", + "type": "integer" + } + }, + "type": "object" + } + }, + "type": "object" +} diff --git a/schemas/bind.unkin.net/bindtsigkey_v1alpha1.json b/schemas/bind.unkin.net/bindtsigkey_v1alpha1.json new file mode 100644 index 0000000..1b64e8d --- /dev/null +++ b/schemas/bind.unkin.net/bindtsigkey_v1alpha1.json @@ -0,0 +1,110 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema#", + "properties": { + "apiVersion": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "properties": { + "algorithm": { + "default": "hmac-sha256", + "enum": [ + "hmac-sha256", + "hmac-sha512", + "hmac-sha384", + "hmac-sha224", + "hmac-sha1", + "hmac-md5" + ], + "type": "string" + }, + "importExisting": { + "type": "boolean" + }, + "keyName": { + "type": "string" + }, + "secretName": { + "type": "string" + } + }, + "type": "object" + }, + "status": { + "properties": { + "conditions": { + "items": { + "properties": { + "lastTransitionTime": { + "format": "date-time", + "type": "string" + }, + "message": { + "maxLength": 32768, + "type": "string" + }, + "observedGeneration": { + "format": "int64", + "minimum": 0, + "type": "integer" + }, + "reason": { + "maxLength": 1024, + "minLength": 1, + "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", + "type": "string" + }, + "status": { + "enum": [ + "True", + "False", + "Unknown" + ], + "type": "string" + }, + "type": { + "maxLength": 316, + "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", + "type": "string" + } + }, + "required": [ + "lastTransitionTime", + "message", + "reason", + "status", + "type" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "type" + ], + "x-kubernetes-list-type": "map" + }, + "keyName": { + "type": "string" + }, + "observedGeneration": { + "format": "int64", + "type": "integer" + }, + "ready": { + "type": "boolean" + }, + "secretName": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" +} diff --git a/schemas/bind.unkin.net/bindview_v1alpha1.json b/schemas/bind.unkin.net/bindview_v1alpha1.json new file mode 100644 index 0000000..b3749d6 --- /dev/null +++ b/schemas/bind.unkin.net/bindview_v1alpha1.json @@ -0,0 +1,125 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema#", + "properties": { + "apiVersion": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "properties": { + "allowQuery": { + "items": { + "type": "string" + }, + "type": "array" + }, + "clusterRef": { + "type": "string" + }, + "extraOptions": { + "items": { + "type": "string" + }, + "type": "array" + }, + "matchClients": { + "items": { + "type": "string" + }, + "type": "array" + }, + "matchDestinations": { + "items": { + "type": "string" + }, + "type": "array" + }, + "order": { + "default": 100, + "format": "int32", + "type": "integer" + }, + "recursion": { + "type": "boolean" + } + }, + "required": [ + "clusterRef" + ], + "type": "object" + }, + "status": { + "properties": { + "conditions": { + "items": { + "properties": { + "lastTransitionTime": { + "format": "date-time", + "type": "string" + }, + "message": { + "maxLength": 32768, + "type": "string" + }, + "observedGeneration": { + "format": "int64", + "minimum": 0, + "type": "integer" + }, + "reason": { + "maxLength": 1024, + "minLength": 1, + "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", + "type": "string" + }, + "status": { + "enum": [ + "True", + "False", + "Unknown" + ], + "type": "string" + }, + "type": { + "maxLength": 316, + "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", + "type": "string" + } + }, + "required": [ + "lastTransitionTime", + "message", + "reason", + "status", + "type" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "type" + ], + "x-kubernetes-list-type": "map" + }, + "observedGeneration": { + "format": "int64", + "type": "integer" + }, + "ready": { + "type": "boolean" + }, + "zoneCount": { + "format": "int32", + "type": "integer" + } + }, + "type": "object" + } + }, + "type": "object" +} diff --git a/schemas/bind.unkin.net/bindzone_v1alpha1.json b/schemas/bind.unkin.net/bindzone_v1alpha1.json new file mode 100644 index 0000000..8d51423 --- /dev/null +++ b/schemas/bind.unkin.net/bindzone_v1alpha1.json @@ -0,0 +1,186 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema#", + "properties": { + "apiVersion": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "properties": { + "allowTransfer": { + "items": { + "type": "string" + }, + "type": "array" + }, + "catalog": { + "default": true, + "type": "boolean" + }, + "clusterRef": { + "type": "string" + }, + "defaultTTL": { + "default": 3600, + "format": "int32", + "type": "integer" + }, + "dnssecPolicyRef": { + "type": "string" + }, + "dynamicUpdate": { + "type": "boolean" + }, + "forwarders": { + "items": { + "type": "string" + }, + "type": "array" + }, + "primaries": { + "items": { + "type": "string" + }, + "type": "array" + }, + "records": { + "items": { + "properties": { + "name": { + "default": "@", + "type": "string" + }, + "ttl": { + "format": "int32", + "type": "integer" + }, + "type": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + } + }, + "required": [ + "type", + "values" + ], + "type": "object" + }, + "type": "array" + }, + "transferKeyRef": { + "type": "string" + }, + "type": { + "default": "primary", + "enum": [ + "primary", + "secondary", + "forward", + "stub" + ], + "type": "string" + }, + "updateKeyRef": { + "type": "string" + }, + "viewRef": { + "type": "string" + }, + "zoneName": { + "type": "string" + } + }, + "required": [ + "clusterRef", + "zoneName" + ], + "type": "object" + }, + "status": { + "properties": { + "conditions": { + "items": { + "properties": { + "lastTransitionTime": { + "format": "date-time", + "type": "string" + }, + "message": { + "maxLength": 32768, + "type": "string" + }, + "observedGeneration": { + "format": "int64", + "minimum": 0, + "type": "integer" + }, + "reason": { + "maxLength": 1024, + "minLength": 1, + "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", + "type": "string" + }, + "status": { + "enum": [ + "True", + "False", + "Unknown" + ], + "type": "string" + }, + "type": { + "maxLength": 316, + "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", + "type": "string" + } + }, + "required": [ + "lastTransitionTime", + "message", + "reason", + "status", + "type" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "type" + ], + "x-kubernetes-list-type": "map" + }, + "observedGeneration": { + "format": "int64", + "type": "integer" + }, + "phase": { + "type": "string" + }, + "recordCount": { + "format": "int32", + "type": "integer" + }, + "serial": { + "format": "int64", + "type": "integer" + }, + "signed": { + "type": "boolean" + } + }, + "type": "object" + } + }, + "type": "object" +} diff --git a/schemas/bind.unkin.net/dnsrecord_v1alpha1.json b/schemas/bind.unkin.net/dnsrecord_v1alpha1.json new file mode 100644 index 0000000..7854afb --- /dev/null +++ b/schemas/bind.unkin.net/dnsrecord_v1alpha1.json @@ -0,0 +1,112 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema#", + "properties": { + "apiVersion": { + "type": "string" + }, + "kind": { + "type": "string" + }, + "metadata": { + "type": "object" + }, + "spec": { + "properties": { + "name": { + "default": "@", + "type": "string" + }, + "ttl": { + "format": "int32", + "type": "integer" + }, + "type": { + "type": "string" + }, + "values": { + "items": { + "type": "string" + }, + "minItems": 1, + "type": "array" + }, + "zoneRef": { + "type": "string" + } + }, + "required": [ + "type", + "values", + "zoneRef" + ], + "type": "object" + }, + "status": { + "properties": { + "conditions": { + "items": { + "properties": { + "lastTransitionTime": { + "format": "date-time", + "type": "string" + }, + "message": { + "maxLength": 32768, + "type": "string" + }, + "observedGeneration": { + "format": "int64", + "minimum": 0, + "type": "integer" + }, + "reason": { + "maxLength": 1024, + "minLength": 1, + "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", + "type": "string" + }, + "status": { + "enum": [ + "True", + "False", + "Unknown" + ], + "type": "string" + }, + "type": { + "maxLength": 316, + "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", + "type": "string" + } + }, + "required": [ + "lastTransitionTime", + "message", + "reason", + "status", + "type" + ], + "type": "object" + }, + "type": "array", + "x-kubernetes-list-map-keys": [ + "type" + ], + "x-kubernetes-list-type": "map" + }, + "fqdn": { + "type": "string" + }, + "observedGeneration": { + "format": "int64", + "type": "integer" + }, + "phase": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" +} -- 2.47.3