klauvsteinen/unifi-network-operator
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: klauvsteinen:master
Branches Tags
klauvsteinen:main klauvsteinen:feature/add-helm klauvsteinen:feature/properly-handle-namespaced-services klauvsteinen:feature/properly-handle-firewallgroups-in-same-namespace klauvsteinen:feature/cleanly-delete-empty-resources klauvsteinen:feature/default-namespace-same-as-firewallpolicy-namespace-when-referring-firewallgroup klauvsteinen:feature/add-namespace-to-firewallgroup-and-firewallpolicy-resources klauvsteinen:feature/use-prebuilt-image klauvsteinen:feature/fix-indentation klauvsteinen:feature/create-correct-manifests klauvsteinen:feature/build-alpha-and-beta klauvsteinen:feature/update-image-labels klauvsteinen:feature/generate-manifest klauvsteinen:feature/use-image-from-gitea klauvsteinen:feature/fix-variable klauvsteinen:feature/fix klauvsteinen:feature/fix-push-workflow klauvsteinen:feature/push-to-gitea klauvsteinen:feature/clean_some_files klauvsteinen:feature/fix-publish-pipeline klauvsteinen:feature/kobuild-on-main klauvsteinen:master klauvsteinen:feature/test-cicd-2 klauvsteinen:feature/test-cicd klauvsteinen:39-port-forwards-should-not-log-per-default klauvsteinen:37-optimize-api-usage klauvsteinen:35-fix-portforward-logic klauvsteinen:11-create-port-forward-api klauvsteinen:32-refactor-unifi-firewall-rule-api klauvsteinen:28-add-status-information-to-firewall-rule-resources klauvsteinen:29-create-finalizer-for-cleaning-up-firewallgroup-resources klauvsteinen:12-create-firewall-rule-api klauvsteinen:24-create-network-api klauvsteinen:chore/formatting klauvsteinen:17-create-utility-library klauvsteinen:22-use-reauthentication-method-in-more-reconcilers klauvsteinen:19-create-configmap-with-default-namespace klauvsteinen:13-create-api-for-networks klauvsteinen:14-create-object-for-ports-on-firewall-groups klauvsteinen:9-add-watcher-for-annotations-for-firewall-groups-and-handle-service-updates klauvsteinen:7-handle-annotations-for-firewall-groups-in-normal-reconcile-flow klauvsteinen:4-handle-reauthentication klauvsteinen:feature/create-functionality-to-create-a-unifi-network-object-based-on-an-annotation
klauvsteinen:v0.1.1-beta6 klauvsteinen:v0.1.1-beta5 klauvsteinen:v0.1.1-alpha16 klauvsteinen:v0.1.1-alpha15 klauvsteinen:v0.1.1-alpha14 klauvsteinen:v0.1.1-alpha13 klauvsteinen:v0.1.1-beta4 klauvsteinen:v0.1.1-beta3 klauvsteinen:v0.1.1-beta2 klauvsteinen:v0.1.1-alpha12 klauvsteinen:v.01.1-alpha10 klauvsteinen:v.0.1.1-alpha11 klauvsteinen:v.0.1.1-alpha10 klauvsteinen:v0.1.1-beta1 klauvsteinen:v0.1.1-alpha11 klauvsteinen:v0.1.1-alpha10 klauvsteinen:v0.1.1-alpha9 klauvsteinen:v0.1.1 klauvsteinen:v0.1.1-alpha8 klauvsteinen:v0.1.1-alpha7 klauvsteinen:v0.1.1-alpha6 klauvsteinen:v0.1.1-alpha5 klauvsteinen:v0.1.1-alpha4 klauvsteinen:v0.1.0-alpha3 klauvsteinen:v0.1.1-alpha2 klauvsteinen:v0.1.1-alpha1 klauvsteinen:v0.1.0 klauvsteinen:v0.0.5 klauvsteinen:v0.0.4 klauvsteinen:v0.0.3 klauvsteinen:0.0.3 klauvsteinen:v0.0.2 klauvsteinen:0.0.1 klauvsteinen:v0.0.1 klauvsteinen:v.0.0.1 klauvsteinen:v0.0.1-alpha70 klauvsteinen:v0.0.1-alpha69 klauvsteinen:v0.0.1-alpha68 klauvsteinen:v0.0.1-alpha67 klauvsteinen:v0.0.1-alpha66
...
compare: klauvsteinen:v0.1.1-alpha8
Branches Tags
klauvsteinen:feature/add-helm klauvsteinen:main klauvsteinen:feature/properly-handle-namespaced-services klauvsteinen:feature/properly-handle-firewallgroups-in-same-namespace klauvsteinen:feature/cleanly-delete-empty-resources klauvsteinen:feature/default-namespace-same-as-firewallpolicy-namespace-when-referring-firewallgroup klauvsteinen:feature/add-namespace-to-firewallgroup-and-firewallpolicy-resources klauvsteinen:feature/use-prebuilt-image klauvsteinen:feature/fix-indentation klauvsteinen:feature/create-correct-manifests klauvsteinen:feature/build-alpha-and-beta klauvsteinen:feature/update-image-labels klauvsteinen:feature/generate-manifest klauvsteinen:feature/use-image-from-gitea klauvsteinen:feature/fix-variable klauvsteinen:feature/fix klauvsteinen:feature/fix-push-workflow klauvsteinen:feature/push-to-gitea klauvsteinen:feature/clean_some_files klauvsteinen:feature/fix-publish-pipeline klauvsteinen:feature/kobuild-on-main klauvsteinen:master klauvsteinen:feature/test-cicd-2 klauvsteinen:feature/test-cicd klauvsteinen:39-port-forwards-should-not-log-per-default klauvsteinen:37-optimize-api-usage klauvsteinen:35-fix-portforward-logic klauvsteinen:11-create-port-forward-api klauvsteinen:32-refactor-unifi-firewall-rule-api klauvsteinen:28-add-status-information-to-firewall-rule-resources klauvsteinen:29-create-finalizer-for-cleaning-up-firewallgroup-resources klauvsteinen:12-create-firewall-rule-api klauvsteinen:24-create-network-api klauvsteinen:chore/formatting klauvsteinen:17-create-utility-library klauvsteinen:22-use-reauthentication-method-in-more-reconcilers klauvsteinen:19-create-configmap-with-default-namespace klauvsteinen:13-create-api-for-networks klauvsteinen:14-create-object-for-ports-on-firewall-groups klauvsteinen:9-add-watcher-for-annotations-for-firewall-groups-and-handle-service-updates klauvsteinen:7-handle-annotations-for-firewall-groups-in-normal-reconcile-flow klauvsteinen:4-handle-reauthentication klauvsteinen:feature/create-functionality-to-create-a-unifi-network-object-based-on-an-annotation
klauvsteinen:v0.1.1-beta6 klauvsteinen:v0.1.1-beta5 klauvsteinen:v0.1.1-alpha16 klauvsteinen:v0.1.1-alpha15 klauvsteinen:v0.1.1-alpha14 klauvsteinen:v0.1.1-alpha13 klauvsteinen:v0.1.1-beta4 klauvsteinen:v0.1.1-beta3 klauvsteinen:v0.1.1-beta2 klauvsteinen:v0.1.1-alpha12 klauvsteinen:v.01.1-alpha10 klauvsteinen:v.0.1.1-alpha11 klauvsteinen:v.0.1.1-alpha10 klauvsteinen:v0.1.1-beta1 klauvsteinen:v0.1.1-alpha11 klauvsteinen:v0.1.1-alpha10 klauvsteinen:v0.1.1-alpha9 klauvsteinen:v0.1.1 klauvsteinen:v0.1.1-alpha8 klauvsteinen:v0.1.1-alpha7 klauvsteinen:v0.1.1-alpha6 klauvsteinen:v0.1.1-alpha5 klauvsteinen:v0.1.1-alpha4 klauvsteinen:v0.1.0-alpha3 klauvsteinen:v0.1.1-alpha2 klauvsteinen:v0.1.1-alpha1 klauvsteinen:v0.1.0 klauvsteinen:v0.0.5 klauvsteinen:v0.0.4 klauvsteinen:v0.0.3 klauvsteinen:0.0.3 klauvsteinen:v0.0.2 klauvsteinen:0.0.1 klauvsteinen:v0.0.1 klauvsteinen:v.0.0.1 klauvsteinen:v0.0.1-alpha70 klauvsteinen:v0.0.1-alpha69 klauvsteinen:v0.0.1-alpha68 klauvsteinen:v0.0.1-alpha67 klauvsteinen:v0.0.1-alpha66

107 Commits
master ... v0.1.1-alp

Author SHA1 Message Date
Vegard Engen
4bb45b0128 Use pre-built image
Some checks failed
Build project / build (push) Has been cancelled
Details
Publish / build (push) Successful in 1m54s
Details
2025-06-27 01:47:15 +02:00
Vegard Engen
9eefd08823 Merge pull request 'Add variables' (#27) from feature/fix-indentation into main
Some checks failed
Build project / build (push) Has been cancelled
Details
Publish / build (push) Has been cancelled
Details 
Reviewed-on: #27
 2025-06-26 23:36:27 +00:00
Vegard Engen
d53810b714 Add variables
Some checks failed
Build project / build (push) Has been cancelled
Details
2025-06-27 01:36:01 +02:00
Vegard Engen
33f1fd5eac Merge pull request 'Need docker on main build' (#26) from feature/fix-indentation into main
Some checks failed
Publish / build (push) Failing after 2m21s
Details 
Reviewed-on: #26
 2025-06-26 23:28:36 +00:00
Vegard Engen
9ae7d91365 Need docker on main build
Some checks failed
Build project / build (push) Has been cancelled
Details
2025-06-27 01:28:01 +02:00
Vegard Engen
6fe5fdf859 Merge pull request 'Fix indentation' (#25) from feature/fix-indentation into main
Some checks failed
Publish / build (push) Failing after 1m9s
Details 
Reviewed-on: #25
 2025-06-26 23:24:16 +00:00
Vegard Engen
37b5eb830a Fix indentation
Some checks failed
Build project / build (push) Has been cancelled
Details
2025-06-27 01:23:49 +02:00
Vegard Engen
1834527d43 feature/create-correct-manifests (#23) 
Reviewed-on: #23
 2025-06-26 23:19:55 +00:00
Vegard Engen
b562c200ba Merge pull request 'split up regex' (#22) from feature/build-alpha-and-beta into main
All checks were successful
Publish / build (push) Successful in 2m53s
Details 
Reviewed-on: #22
 2025-06-26 22:19:58 +00:00
Vegard Engen
2485365728 split up regex
Some checks failed
Build project / build (push) Has been cancelled
Details
Publish / build (push) Successful in 3m22s
Details
2025-06-27 00:18:05 +02:00
Vegard Engen
efeaf521fd Merge pull request 'match alpha and beta tags' (#21) from feature/build-alpha-and-beta into main
All checks were successful
Publish / build (push) Successful in 2m55s
Details 
Reviewed-on: #21
 2025-06-26 22:08:57 +00:00
Vegard Engen
7ce8682ecb match alpha and beta tags
All checks were successful
Build project / build (push) Successful in 2m14s
Details
2025-06-27 00:07:04 +02:00
vegard
744e43c1f4 Merge pull request 'Add image url' (#20) from feature/update-image-labels into main
All checks were successful
Publish / build (push) Successful in 3m22s
Details 
Reviewed-on: #20
 2025-06-26 19:35:12 +00:00
Vegard Engen
8095723337 Add image url
Some checks failed
Build project / build (push) Has been cancelled
Details
2025-06-26 21:34:42 +02:00
vegard
9e7b6123c2 Merge pull request 'Override image labels' (#19) from feature/update-image-labels into main
All checks were successful
Publish / build (push) Successful in 3m15s
Details 
Reviewed-on: #19
 2025-06-26 19:14:46 +00:00
Vegard Engen
062b386f7f Override image labels
All checks were successful
Build project / build (push) Successful in 1m54s
Details
2025-06-26 21:14:23 +02:00
vegard
aca35507ba Merge pull request 'Override image labels' (#18) from feature/update-image-labels into main
Some checks failed
Publish / build (push) Failing after 1m35s
Details 
Reviewed-on: #18
 2025-06-26 19:06:58 +00:00
Vegard Engen
4ede272b70 Override image labels
All checks were successful
Build project / build (push) Successful in 1m58s
Details
2025-06-26 21:06:25 +02:00
vegard
5e413a64e8 Merge pull request 'Add ko.yaml' (#17) from feature/update-image-labels into main
All checks were successful
Publish / build (push) Successful in 3m22s
Details 
Reviewed-on: #17
 2025-06-26 18:22:11 +00:00
Vegard Engen
1cfd5ef55c Add ko.yaml
All checks were successful
Build project / build (push) Successful in 2m1s
Details
2025-06-26 20:21:45 +02:00
vegard
c89dad396b Merge pull request 'feature/generate-manifest' (#16) from feature/generate-manifest into main
All checks were successful
Publish / build (push) Successful in 3m17s
Details 
Reviewed-on: #16
 2025-06-25 18:30:29 +00:00
Vegard Engen
cddda7098c generic in the path
All checks were successful
Build project / build (push) Successful in 1m59s
Details
2025-06-25 20:29:15 +02:00
Vegard Engen
9a186ad190 Add forgotten files
All checks were successful
Build project / build (push) Successful in 1m58s
Details
2025-06-25 17:52:28 +02:00
vegard
4ece12d18b Merge pull request 'Upload manifest' (#15) from feature/generate-manifest into main
All checks were successful
Publish / build (push) Successful in 3m15s
Details 
Reviewed-on: #15
 2025-06-25 15:48:20 +00:00
Vegard Engen
6d0df79c87 Upload manifest
All checks were successful
Build project / build (push) Successful in 1m27s
Details
2025-06-25 17:45:02 +02:00
vegard
445dd7830e Merge pull request 'Use image from gitea' (#14) from feature/use-image-from-gitea into main
All checks were successful
Publish / build (push) Successful in 2m19s
Details 
Reviewed-on: #14
 2025-06-25 15:26:34 +00:00
Vegard Engen
a73aef4f9d Use image from gitea
All checks were successful
Build project / build (push) Successful in 1m29s
Details
2025-06-25 17:25:05 +02:00
vegard
a99de02594 Merge pull request 'Fix variable reference' (#13) from feature/fix-variable into main
All checks were successful
Publish / build (push) Successful in 3m2s
Details 
Reviewed-on: #13
 2025-06-25 15:09:34 +00:00
Vegard Engen
893318ad53 Fix variable reference
Some checks failed
Build project / build (push) Has been cancelled
Details
2025-06-25 17:09:15 +02:00
vegard
201edb1b82 Merge pull request 'feature/fix' (#12) from feature/fix into main
Some checks failed
Publish / build (push) Failing after 1m34s
Details 
Reviewed-on: #12
 2025-06-25 15:01:09 +00:00
Vegard Engen
b1c0a4ee11 :q:Merge branch 'feature/fix-push-workflow'
All checks were successful
Build project / build (push) Successful in 1m28s
Details
2025-06-25 16:59:39 +02:00
Vegard Engen
13677136a7 Fix variable reference
Some checks failed
Build project / build (push) Has been cancelled
Details
2025-06-25 16:57:02 +02:00
Vegard Engen
cb296c3881 Fix variable reference 2025-06-25 16:57:02 +02:00
Vegard Engen
3c6b48803d fix secret names 2025-06-25 16:57:02 +02:00
Vegard Engen
f71fa2af8e Add missing sign 2025-06-25 16:57:02 +02:00
Vegard Engen
1819ef2b60 Fix workflow 2025-06-25 16:57:02 +02:00
Vegard Engen
74d7ca84a5 Change package repo 2025-06-25 16:57:02 +02:00
Vegard Engen
0f7ffe3c85 cleanup 2025-06-25 16:57:02 +02:00
Vegard Engen
3020510c6f bare 2025-06-25 16:57:01 +02:00
Vegard Engen
475e226b69 fix 2025-06-25 16:57:01 +02:00
Vegard Engen
a5521013b9 fix 2025-06-25 16:57:01 +02:00
Vegard Engen
4aa3436f28 fix 2025-06-25 16:57:01 +02:00
Vegard Engen
6e32555e9e fix 2025-06-25 16:57:01 +02:00
Vegard Engen
13c23863be fix 2025-06-25 16:57:01 +02:00
Vegard Engen
918b45c940 fix 2025-06-25 16:57:01 +02:00
Vegard Engen
3cb65a5a14 fix 2025-06-25 16:57:00 +02:00
Vegard Engen
4ae70ecf74 fix 2025-06-25 16:57:00 +02:00
Vegard Engen
3aa4d1a24a fix 2025-06-25 16:57:00 +02:00
Vegard Engen
1231bc50e5 fix 2025-06-25 16:57:00 +02:00
Vegard Engen
e1847f4cf9 fix 2025-06-25 16:57:00 +02:00
Vegard Engen
55a206d509 fix 2025-06-25 16:57:00 +02:00
Vegard Engen
00179595e4 fix 2025-06-25 16:57:00 +02:00
Vegard Engen
f09e008fb7 fix 2025-06-25 16:57:00 +02:00
Vegard Engen
14a8155dcf fix 2025-06-25 16:57:00 +02:00
Vegard Engen
93ef66f01d fix 2025-06-25 16:57:00 +02:00
Vegard Engen
80746321a9 fix 2025-06-25 16:57:00 +02:00
Vegard Engen
6423ef7d6e fix 2025-06-25 16:57:00 +02:00
Vegard Engen
fdefd05608 fix 2025-06-25 16:57:00 +02:00
Vegard Engen
760fd3903f fix 2025-06-25 16:57:00 +02:00
Vegard Engen
cda1c7ddff fix 2025-06-25 16:57:00 +02:00
Vegard Engen
1274fe610f fix 2025-06-25 16:57:00 +02:00
Vegard Engen
f091ec148b Tag 2025-06-25 16:57:00 +02:00
Vegard Engen
66e1d854d3 Tag 2025-06-25 16:57:00 +02:00
Vegard Engen
f43c1f3b63 fix tagging 2025-06-25 16:57:00 +02:00
Vegard Engen
0046157633 Fix variable reference (#10)
Some checks failed
Publish / build (push) Failing after 1m33s
Details 
Reviewed-on: #10
Co-authored-by: Vegard Engen <vegard@engen.priv.no>
Co-committed-by: Vegard Engen <vegard@engen.priv.no>
 2025-06-25 14:52:55 +00:00
vegard
56a781a260 Merge pull request 'fix secret names' (#9) from feature/fix-push-workflow into main
Some checks failed
Publish / build (push) Failing after 1m34s
Details 
Reviewed-on: #9
 2025-06-25 14:35:35 +00:00
Vegard Engen
29fb9601fd fix secret names
Some checks failed
Build project / build (push) Has been cancelled
Details
2025-06-25 16:35:12 +02:00
vegard
c34eea5e13 Merge pull request 'Add missing sign' (#8) from feature/fix-push-workflow into main
Some checks failed
Publish / build (push) Failing after 1m34s
Details 
Reviewed-on: #8
 2025-06-25 14:30:15 +00:00
Vegard Engen
fe90ac7ea4 Add missing sign
Some checks failed
Build project / build (push) Has been cancelled
Details
2025-06-25 16:29:37 +02:00
vegard
31679a3f53 Merge pull request 'Fix workflow' (#7) from feature/fix-push-workflow into main
Some checks failed
Publish / build (push) Has been cancelled
Details 
Reviewed-on: #7
 2025-06-25 14:25:22 +00:00
Vegard Engen
de38c76e24 Fix workflow
Some checks failed
Build project / build (push) Has been cancelled
Details
2025-06-25 16:25:03 +02:00
vegard
2a396ad981 Merge pull request 'Change package repo' (#6) from feature/push-to-gitea into main
All checks were successful
Publish / build (push) Successful in 2m20s
Details 
Reviewed-on: #6
 2025-06-25 14:21:03 +00:00
Vegard Engen
f147ec8108 Change package repo
Some checks failed
Build project / build (push) Has been cancelled
Details
2025-06-25 16:20:35 +02:00
vegard
b6a2b73eb8 Merge pull request 'cleanup' (#5) from feature/clean_some_files into main
All checks were successful
Publish / build (push) Successful in 2m20s
Details 
Reviewed-on: #5
 2025-06-25 13:41:23 +00:00
Vegard Engen
2304e33586 cleanup
All checks were successful
Build project / build (push) Successful in 1m33s
Details
2025-06-25 15:40:02 +02:00
vegard
a40f1342fe Merge pull request 'feature/fix-publish-pipeline' (#4) from feature/fix-publish-pipeline into main
All checks were successful
Publish / build (push) Successful in 2m29s
Details 
Reviewed-on: #4
 2025-06-24 21:13:12 +00:00
Vegard Engen
bd8d1f7c01 bare
All checks were successful
Build project / build (push) Successful in 1m48s
Details
Publish / build (push) Successful in 2m26s
Details
2025-06-24 23:12:39 +02:00
Vegard Engen
ac47c880ed fix
Some checks failed
Build project / build (push) Has been cancelled
Details
Publish / build (push) Successful in 2m21s
Details
2025-06-24 12:01:15 +02:00
Vegard Engen
481091160b fix
Some checks failed
Build project / build (push) Has been cancelled
Details
Publish / build (push) Failing after 1m6s
Details
2025-06-24 11:58:06 +02:00
Vegard Engen
14e4fe1c46 fix
Some checks failed
Publish / build (push) Has been cancelled
Details
Build project / build (push) Has been cancelled
Details
2025-06-24 11:57:31 +02:00
Vegard Engen
4901dfbad5 fix
Some checks failed
Build project / build (push) Has been cancelled
Details
Publish / build (push) Failing after 1m8s
Details
2025-06-24 11:56:05 +02:00
Vegard Engen
c454c78478 fix
Some checks failed
Build project / build (push) Has been cancelled
Details
Publish / build (push) Failing after 1m5s
Details
2025-06-24 11:53:10 +02:00
Vegard Engen
c30e27efc4 fix
Some checks failed
Build project / build (push) Has been cancelled
Details
Publish / build (push) Failing after 1m6s
Details
2025-06-24 11:43:37 +02:00
Vegard Engen
f2a943de3c fix
Some checks failed
Build project / build (push) Has been cancelled
Details
Publish / build (push) Failing after 1m7s
Details
2025-06-24 11:41:12 +02:00
Vegard Engen
720865c984 fix
Some checks failed
Build project / build (push) Has been cancelled
Details
Publish / build (push) Failing after 1m7s
Details
2025-06-24 11:39:41 +02:00
Vegard Engen
913a24a613 fix
Some checks failed
Build project / build (push) Has been cancelled
Details
Publish / build (push) Failing after 1m6s
Details
2025-06-24 11:33:40 +02:00
Vegard Engen
719ba853bc fix
Some checks failed
Build project / build (push) Has been cancelled
Details
Publish / build (push) Failing after 1m8s
Details
2025-06-24 11:31:09 +02:00
Vegard Engen
4e26fe02f5 fix
Some checks failed
Build project / build (push) Has been cancelled
Details
Publish / build (push) Failing after 3s
Details
2025-06-24 11:29:54 +02:00
Vegard Engen
cd61d5c82a fix
Some checks failed
Build project / build (push) Has been cancelled
Details
Publish / build (push) Failing after 0s
Details
2025-06-24 11:29:25 +02:00
Vegard Engen
6983253c9e fix
Some checks failed
Build project / build (push) Has been cancelled
Details
Publish / build (push) Failing after 3s
Details
2025-06-24 11:26:23 +02:00
Vegard Engen
1d7c7c864e fix
Some checks failed
Build project / build (push) Has been cancelled
Details
Publish / build (push) Failing after 1s
Details
2025-06-24 11:25:03 +02:00
Vegard Engen
1a2def25bf fix
Some checks failed
Build project / build (push) Has been cancelled
Details
Publish / build (push) Failing after 1s
Details
2025-06-24 11:21:51 +02:00
Vegard Engen
6c8503bf15 fix
Some checks failed
Build project / build (push) Has been cancelled
Details
Publish / build (push) Failing after 1m8s
Details
2025-06-24 11:17:03 +02:00
Vegard Engen
b9b86e0d5d fix
Some checks failed
Build project / build (push) Has been cancelled
Details
Publish / build (push) Failing after 2m14s
Details
2025-06-24 11:10:19 +02:00
Vegard Engen
2c9659409c fix
Some checks failed
Build project / build (push) Has been cancelled
Details
Publish / build (push) Failing after 2m46s
Details
2025-06-24 11:05:01 +02:00
Vegard Engen
20c4dda5ad fix
Some checks failed
Build project / build (push) Has been cancelled
Details
Publish / build (push) Failing after 1m7s
Details
2025-06-24 11:02:18 +02:00
Vegard Engen
bb28850ca5 fix
Some checks failed
Build project / build (push) Has been cancelled
Details
Publish / build (push) Failing after 34s
Details
2025-06-24 10:58:27 +02:00
Vegard Engen
f08c165628 fix
Some checks failed
Build project / build (push) Has been cancelled
Details
Publish / build (push) Failing after 1m13s
Details
2025-06-24 10:54:43 +02:00
Vegard Engen
46e6217557 fix
Some checks failed
Build project / build (push) Successful in 1m29s
Details
Publish / build (push) Failing after 1s
Details
2025-06-24 10:52:17 +02:00
Vegard Engen
36f337434d Tag
Some checks failed
Build project / build (push) Has been cancelled
Details
Publish / build (push) Failing after 1m7s
Details
2025-06-24 10:47:51 +02:00
Vegard Engen
3f14d82679 Tag
Some checks failed
Build project / build (push) Has been cancelled
Details
Publish / build (push) Failing after 1m11s
Details
2025-06-24 10:42:24 +02:00
vegard
2817272082 Merge pull request 'fix tagging' (#3) from feature/fix-publish-pipeline into main
Some checks failed
Publish / build (push) Failing after 1m7s
Details 
Reviewed-on: #3
 2025-06-24 08:35:30 +00:00
Vegard Engen
1545f05d53 fix tagging
Some checks failed
Build project / build (push) Has been cancelled
Details
2025-06-24 10:35:05 +02:00
vegard
47116c70b5 Merge pull request 'ko build --local on main' (#2) from feature/kobuild-on-main into main
All checks were successful
Publish / build (push) Successful in 2m24s
Details 
Reviewed-on: #2
 2025-06-24 08:24:32 +00:00
Vegard Engen
0eb5b5c2eb ko build --local on main
All checks were successful
Build project / build (push) Successful in 1m27s
Details
2025-06-24 10:23:55 +02:00
vegard
7e6573deb4 Merge pull request 'ko build on main' (#1) from feature/kobuild-on-main into main
All checks were successful
Publish / build (push) Successful in 2m19s
Details 
Reviewed-on: #1
 2025-06-24 08:15:36 +00:00
Vegard Engen
e22a4c4992 ko build on main
All checks were successful
Build project / build (push) Successful in 1m27s
Details
2025-06-24 10:14:52 +02:00
9 changed files with 1065 additions and 27 deletions
Expand all files Collapse all files

4
.gitea/workflows/build.yaml
View File

@@ -6,7 +6,7 @@ on:
jobs: jobs:
build: build:
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: golang:1.24 container: registry.engen.priv.no/gitea-build:0.1.0
steps: steps:
- name: Setup SSH - name: Setup SSH
run: | run: |
@@ -22,3 +22,5 @@ jobs:
run: git config --global url.git@gitea-ssh.engen.priv.no:.insteadOf https://gitea.engen.priv.no/ run: git config --global url.git@gitea-ssh.engen.priv.no:.insteadOf https://gitea.engen.priv.no/
- name: Build - name: Build
run: go build cmd/main.go run: go build cmd/main.go
- name: Build manifest
run: make build-installer

50
.gitea/workflows/kobuild.yaml Normal file
View File

@@ -0,0 +1,50 @@
name: Publish
on:
push:
branches:
- main
jobs:
build:
runs-on: ubuntu-latest
container: registry.engen.priv.no/gitea-build:0.1.0
env:
GITEA_USER: ${{ secrets.GITEAUSER }}
GITEA_TOKEN: ${{ secrets.GITEATOKEN }}
GITEA_REGISTRY: gitea.engen.priv.no
GITEA_ORG: klauvsteinen
steps:
- name: Setup SSH
run: |
mkdir -p ~/.ssh
echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa
ssh-keyscan gitea-ssh.engen.priv.no >> ~/.ssh/known_hosts
- name: Check out repository code
uses: actions/checkout@v4
- name: ssh repo
run: git config --global url.git@gitea-ssh.engen.priv.no:.insteadOf https://gitea.engen.priv.no/
- name: Docker login
run: echo "${GITEA_TOKEN}" | docker login "${GITEA_REGISTRY}" --username "${GITEA_USER}" --password-stdin
- name: Build
run: |
export KO_DOCKER_REPO="${GITEA_REGISTRY}/${GITEA_ORG}/unifi-network-operator-controller"
ko publish ./cmd \
--tags "latest" \
--image-label 'org.opencontainers.image.authors=Klauvsteinen <vegard@engen.priv.no>' \
--image-label 'org.opencontainers.image.vendor=Klauvsteinen' \
--image-label 'org.opencontainers.image.source=https://gitea.engen.priv.no/klauvsteinen/unifi-network-operator' \
--image-label 'org.opencontainers.image.url=https://gitea.engen.priv.no/klauvsteinen/unifi-network-operator' \
--image-label 'dev.chainguard.package.main=' \
--bare
- name: Build manifest
run: |
make IMG="${GITEA_REGISTRY}/${GITEA_ORG}/unifi-network-operator-controller:latest" build-installer
curl -X DELETE \
-H "Authorization: token $GITEA_TOKEN" \
-H "Content-Type: application/x-yaml" \
https://gitea.engen.priv.no/api/packages/klauvsteinen/generic/unifi-network-operator/latest/install.yaml
curl -X PUT \
-H "Authorization: token $GITEA_TOKEN" \
-H "Content-Type: application/x-yaml" \
--data-binary @./dist/install.yaml \
https://gitea.engen.priv.no/api/packages/klauvsteinen/generic/unifi-network-operator/latest/install.yaml

62
.gitea/workflows/publish.yaml
View File

@@ -3,24 +3,52 @@ on:
push: push:
tags: tags:
- 'v[0-9]+.[0-9]+.[0-9]+' - 'v[0-9]+.[0-9]+.[0-9]+'
- 'v[0-9]+.[0-9]+.[0-9]+-alpha[0-9]+'
- 'v[0-9]+.[0-9]+.[0-9]+-beta[0-9]+'
jobs: jobs:
build: build:
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: golang:1.24 container: registry.engen.priv.no/gitea-build:0.1.0
env:
GITEA_USER: ${{ secrets.GITEAUSER }}
GITEA_TOKEN: ${{ secrets.GITEATOKEN }}
GITEA_REGISTRY: gitea.engen.priv.no
GITEA_ORG: klauvsteinen
steps: steps:
- name: Setup SSH - name: Setup SSH
run: | run: |
mkdir -p ~/.ssh mkdir -p ~/.ssh
echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa chmod 600 ~/.ssh/id_rsa
ssh-keyscan gitea-ssh.engen.priv.no >> ~/.ssh/known_hosts ssh-keyscan gitea-ssh.engen.priv.no >> ~/.ssh/known_hosts
- name: Install node and go - name: Check out repository code
run: apt update && apt -y install nodejs uses: actions/checkout@v4
- name: Check out repository code - name: ssh repo
uses: actions/checkout@v4 run: git config --global url.git@gitea-ssh.engen.priv.no:.insteadOf https://gitea.engen.priv.no/
- name: ssh repo - name: Extract tag (outside container)
run: git config --global url.git@gitea-ssh.engen.priv.no:.insteadOf https://gitea.engen.priv.no/ shell: bash
- name: Install ko run: |
run: go install github.com/google/ko@latest echo "TAG=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV
- name: Build env
run: KO_DOCKER_REPO=registry.engen.priv.no/unifi-network-operator-controller PATH=~/go/bin:$PATH ko publish ./cmd --tags latest --bare - name: Docker login
run: echo "${GITEA_TOKEN}" | docker login "${GITEA_REGISTRY}" --username "${GITEA_USER}" --password-stdin
- name: Build
run: |
export KO_DOCKER_REPO="${GITEA_REGISTRY}/${GITEA_ORG}/unifi-network-operator-controller"
ko publish ./cmd \
--tags "$TAG" \
--image-label 'org.opencontainers.image.authors=Klauvsteinen <vegard@engen.priv.no>' \
--image-label 'org.opencontainers.image.vendor=Klauvsteinen' \
--image-label 'org.opencontainers.image.source=https://gitea.engen.priv.no/klauvsteinen/unifi-network-operator' \
--image-label 'org.opencontainers.image.url=https://gitea.engen.priv.no/klauvsteinen/unifi-network-operator' \
--image-label 'dev.chainguard.package.main=' \
--bare
- name: Build manifest
run: |
make IMG="${GITEA_REGISTRY}/${GITEA_ORG}/unifi-network-operator-controller:$TAG" build-installer
curl -X PUT \
-H "Authorization: token $GITEA_TOKEN" \
-H "Content-Type: application/x-yaml" \
--data-binary @./dist/install.yaml \
https://gitea.engen.priv.no/api/packages/klauvsteinen/generic/unifi-network-operator/$TAG/install.yaml

4
Makefile
View File

@@ -1,5 +1,5 @@
# Image URL to use all building/pushing image targets # Image URL to use all building/pushing image targets
IMG ?= registry.engen.priv.no/unifi-network-operator-controller:latest IMG ?= gitea.engen.priv.no/klauvsteinen/unifi-network-operator-controller:latest
# Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set) # Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)
ifeq (,$(shell go env GOBIN)) ifeq (,$(shell go env GOBIN))
@@ -8,7 +8,7 @@ else
GOBIN=$(shell go env GOBIN) GOBIN=$(shell go env GOBIN)
endif endif
export KO_DOCKER_REPO=registry.engen.priv.no/unifi-network-operator-controller export KO_DOCKER_REPO=gitea.engen.priv.no/klauvsteinen/unifi-network-operator-controller
# CONTAINER_TOOL defines the container tool to be used for building images. # CONTAINER_TOOL defines the container tool to be used for building images.
# Be aware that the target commands are only tested with Docker which is # Be aware that the target commands are only tested with Docker which is

10
PROJECT
View File

@@ -6,7 +6,7 @@ domain: engen.priv.no
layout: layout:
- go.kubebuilder.io/v4 - go.kubebuilder.io/v4
projectName: unifi-network-operator projectName: unifi-network-operator
repo: github.com/vegardengen/unifi-network-operator repo: gitea.engen.priv.no/klauvsteinen/unifi-network-operator
resources: resources:
- api: - api:
crdVersion: v1 crdVersion: v1
@@ -15,7 +15,7 @@ resources:
domain: engen.priv.no domain: engen.priv.no
group: unifi group: unifi
kind: Networkconfiguration kind: Networkconfiguration
path: github.com/vegardengen/unifi-network-operator/api/v1beta1 path: gitea.engen.priv.no/klauvsteinen/unifi-network-operator/api/v1beta1
version: v1beta1 version: v1beta1
- api: - api:
crdVersion: v1 crdVersion: v1
@@ -24,7 +24,7 @@ resources:
domain: engen.priv.no domain: engen.priv.no
group: unifi group: unifi
kind: FirewallZone kind: FirewallZone
path: github.com/vegardengen/unifi-network-operator/api/v1beta1 path: gitea.engen.priv.no/klauvsteinen/unifi-network-operator/api/v1beta1
version: v1beta1 version: v1beta1
- api: - api:
crdVersion: v1 crdVersion: v1
@@ -33,7 +33,7 @@ resources:
domain: engen.priv.no domain: engen.priv.no
group: unifi group: unifi
kind: FirewallPolicy kind: FirewallPolicy
path: github.com/vegardengen/unifi-network-operator/api/v1beta1 path: gitea.engen.priv.no/klauvsteinen/unifi-network-operator/api/v1beta1
version: v1beta1 version: v1beta1
- api: - api:
crdVersion: v1 crdVersion: v1
@@ -42,6 +42,6 @@ resources:
domain: engen.priv.no domain: engen.priv.no
group: unifi group: unifi
kind: PortForward kind: PortForward
path: github.com/vegardengen/unifi-network-operator/api/v1beta1 path: gitea.engen.priv.no/klauvsteinen/unifi-network-operator/api/v1beta1
version: v1beta1 version: v1beta1
version: "3" version: "3"

2
config/manager/kustomization.yaml
View File

@@ -4,5 +4,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization kind: Kustomization
images: images:
- name: controller - name: controller
newName: registry.engen.priv.no/unifi-network-operator-controller newName: gitea.engen.priv.no/klauvsteinen/unifi-network-operator-controller
newTag: latest newTag: latest

952
dist/install.yaml vendored Normal file
View File

@@ -0,0 +1,952 @@
apiVersion: v1
kind: Namespace
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: unifi-network-operator
control-plane: controller-manager
name: unifi-network-operator-system
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.17.2
name: firewallpolicies.unifi.engen.priv.no
spec:
group: unifi.engen.priv.no
names:
kind: FirewallPolicy
listKind: FirewallPolicyList
plural: firewallpolicies
singular: firewallpolicy
scope: Namespaced
versions:
- name: v1beta1
schema:
openAPIV3Schema:
description: FirewallPolicy is the Schema for the firewallpolicies API.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
properties:
destination:
properties:
firewall_groups:
items:
properties:
name:
type: string
namespace:
type: string
type: object
type: array
services:
items:
properties:
name:
type: string
namespace:
type: string
type: object
type: array
type: object
match_firewall_groups_in_all_namespaces:
type: boolean
match_services_in_all_namespaces:
type: boolean
name:
type: string
source:
properties:
from_networks:
items:
properties:
name:
type: string
namespace:
type: string
type: object
type: array
from_zones:
items:
properties:
name:
type: string
namespace:
type: string
type: object
type: array
type: object
required:
- destination
- name
- source
type: object
status:
description: FirewallPolicyStatus defines the observed state of FirewallPolicy.
properties:
resources_managed:
properties:
firewall_groups_managed:
items:
properties:
name:
type: string
namespace:
type: string
type: object
type: array
firewall_policies_managed:
items:
properties:
from:
type: string
tcpipv4_id:
type: string
tcpipv6_id:
type: string
to:
type: string
udpipv4_id:
type: string
udpipv6_id:
type: string
required:
- from
- tcpipv4_id
- tcpipv6_id
- to
- udpipv4_id
- udpipv6_id
type: object
type: array
type: object
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.17.2
name: firewallzones.unifi.engen.priv.no
spec:
group: unifi.engen.priv.no
names:
kind: FirewallZone
listKind: FirewallZoneList
plural: firewallzones
singular: firewallzone
scope: Namespaced
versions:
- name: v1beta1
schema:
openAPIV3Schema:
description: FirewallZone is the Schema for the firewallzones API.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: FirewallZoneSpec defines the desired state of FirewallZone.
properties:
_id:
type: string
default_zone:
type: boolean
name:
type: string
network_ids:
items:
type: string
type: array
zone_key:
type: string
type: object
status:
description: FirewallZoneStatus defines the observed state of FirewallZone.
properties:
resources_managed:
properties:
firewall_zones_managed:
items:
properties:
id:
type: string
name:
type: string
type: object
type: array
type: object
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.17.2
name: networkconfigurations.unifi.engen.priv.no
spec:
group: unifi.engen.priv.no
names:
kind: Networkconfiguration
listKind: NetworkconfigurationList
plural: networkconfigurations
singular: networkconfiguration
scope: Namespaced
versions:
- name: v1beta1
schema:
openAPIV3Schema:
description: Networkconfiguration is the Schema for the networkconfigurations
API.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: NetworkconfigurationSpec defines the desired state of Networkconfiguration.
properties:
_id:
description: Foo is an example field of Networkconfiguration. Edit
networkconfiguration_types.go to remove/update
type: string
enabled:
type: boolean
firewall_zone:
type: string
gateway_type:
type: string
ip_subnet:
type: string
ipv6_interface_type:
type: string
ipv6_pd_auto_prefixid_enabled:
type: boolean
ipv6_ra_enabled:
type: boolean
ipv6_setting_preference:
type: string
ipv6_subnet:
type: string
name:
type: string
networkgroup:
type: string
purpose:
type: string
setting_preference:
type: string
vlan:
format: int64
type: integer
vlan_enabled:
type: boolean
required:
- name
type: object
status:
description: NetworkconfigurationStatus defines the observed state of
Networkconfiguration.
properties:
firewall_zone_id:
description: |-
INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
Important: Run "make" to regenerate code after modifying this file
type: string
ipv6_subnet_status:
type: string
lastSyncTime:
description: LastSyncTime is the last time the object was synced
format: date-time
type: string
resources_managed:
properties:
networks_managed:
items:
properties:
id:
type: string
name:
type: string
type: object
type: array
type: object
syncedWithUnifi:
description: SyncedWithUnifi indicates whether the addresses are successfully
pushed
type: boolean
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.17.2
name: portforwards.unifi.engen.priv.no
spec:
group: unifi.engen.priv.no
names:
kind: PortForward
listKind: PortForwardList
plural: portforwards
singular: portforward
scope: Namespaced
versions:
- name: v1beta1
schema:
openAPIV3Schema:
description: |-
PortForward is a placeholder type to allow future CRD support if needed.
Right now, port forwards are managed entirely through annotations on Services.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
type: object
status:
type: object
type: object
served: true
storage: true
subresources:
status: {}
---
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: unifi-network-operator
name: unifi-network-operator-controller-manager
namespace: unifi-network-operator-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: unifi-network-operator
name: unifi-network-operator-leader-election-role
namespace: unifi-network-operator-system
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: unifi-network-operator
name: unifi-network-operator-firewallpolicy-admin-role
rules:
- apiGroups:
- unifi.engen.priv.no
resources:
- firewallpolicies
verbs:
- '*'
- apiGroups:
- unifi.engen.priv.no
resources:
- firewallpolicies/status
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: unifi-network-operator
name: unifi-network-operator-firewallpolicy-editor-role
rules:
- apiGroups:
- unifi.engen.priv.no
resources:
- firewallpolicies
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- unifi.engen.priv.no
resources:
- firewallpolicies/status
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: unifi-network-operator
name: unifi-network-operator-firewallpolicy-viewer-role
rules:
- apiGroups:
- unifi.engen.priv.no
resources:
- firewallpolicies
verbs:
- get
- list
- watch
- apiGroups:
- unifi.engen.priv.no
resources:
- firewallpolicies/status
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: unifi-network-operator
name: unifi-network-operator-firewallzone-admin-role
rules:
- apiGroups:
- unifi.engen.priv.no
resources:
- firewallzones
verbs:
- '*'
- apiGroups:
- unifi.engen.priv.no
resources:
- firewallzones/status
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: unifi-network-operator
name: unifi-network-operator-firewallzone-editor-role
rules:
- apiGroups:
- unifi.engen.priv.no
resources:
- firewallzones
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- unifi.engen.priv.no
resources:
- firewallzones/status
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: unifi-network-operator
name: unifi-network-operator-firewallzone-viewer-role
rules:
- apiGroups:
- unifi.engen.priv.no
resources:
- firewallzones
verbs:
- get
- list
- watch
- apiGroups:
- unifi.engen.priv.no
resources:
- firewallzones/status
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: unifi-network-operator-manager-role
rules:
- apiGroups:
- ""
resources:
- configmaps
- services
verbs:
- get
- list
- watch
- apiGroups:
- unifi.engen.priv.no
resources:
- firewallgroups
- firewallpolicies
- firewallzones
- networkconfigurations
- portforwards
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- unifi.engen.priv.no
resources:
- firewallgroups/finalizers
- firewallpolicies/finalizers
- firewallzones/finalizers
- networkconfigurations/finalizers
- portforwards/finalizers
verbs:
- update
- apiGroups:
- unifi.engen.priv.no
resources:
- firewallgroups/status
- firewallpolicies/status
- firewallzones/status
- networkconfigurations/status
- portforwards/status
verbs:
- get
- patch
- update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: unifi-network-operator-metrics-auth-role
rules:
- apiGroups:
- authentication.k8s.io
resources:
- tokenreviews
verbs:
- create
- apiGroups:
- authorization.k8s.io
resources:
- subjectaccessreviews
verbs:
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: unifi-network-operator-metrics-reader
rules:
- nonResourceURLs:
- /metrics
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: unifi-network-operator
name: unifi-network-operator-networkconfiguration-admin-role
rules:
- apiGroups:
- unifi.engen.priv.no
resources:
- networkconfigurations
verbs:
- '*'
- apiGroups:
- unifi.engen.priv.no
resources:
- networkconfigurations/status
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: unifi-network-operator
name: unifi-network-operator-networkconfiguration-editor-role
rules:
- apiGroups:
- unifi.engen.priv.no
resources:
- networkconfigurations
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- unifi.engen.priv.no
resources:
- networkconfigurations/status
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: unifi-network-operator
name: unifi-network-operator-networkconfiguration-viewer-role
rules:
- apiGroups:
- unifi.engen.priv.no
resources:
- networkconfigurations
verbs:
- get
- list
- watch
- apiGroups:
- unifi.engen.priv.no
resources:
- networkconfigurations/status
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: unifi-network-operator
name: unifi-network-operator-portforward-admin-role
rules:
- apiGroups:
- unifi.engen.priv.no
resources:
- portforwards
verbs:
- '*'
- apiGroups:
- unifi.engen.priv.no
resources:
- portforwards/status
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: unifi-network-operator
name: unifi-network-operator-portforward-editor-role
rules:
- apiGroups:
- unifi.engen.priv.no
resources:
- portforwards
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- unifi.engen.priv.no
resources:
- portforwards/status
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: unifi-network-operator
name: unifi-network-operator-portforward-viewer-role
rules:
- apiGroups:
- unifi.engen.priv.no
resources:
- portforwards
verbs:
- get
- list
- watch
- apiGroups:
- unifi.engen.priv.no
resources:
- portforwards/status
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: unifi-network-operator
name: unifi-network-operator-leader-election-rolebinding
namespace: unifi-network-operator-system
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: unifi-network-operator-leader-election-role
subjects:
- kind: ServiceAccount
name: unifi-network-operator-controller-manager
namespace: unifi-network-operator-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: unifi-network-operator
name: unifi-network-operator-manager-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: unifi-network-operator-manager-role
subjects:
- kind: ServiceAccount
name: unifi-network-operator-controller-manager
namespace: unifi-network-operator-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: unifi-network-operator-metrics-auth-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: unifi-network-operator-metrics-auth-role
subjects:
- kind: ServiceAccount
name: unifi-network-operator-controller-manager
namespace: unifi-network-operator-system
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: unifi-network-operator
control-plane: controller-manager
name: unifi-network-operator-controller-manager-metrics-service
namespace: unifi-network-operator-system
spec:
ports:
- name: https
port: 8443
protocol: TCP
targetPort: 8443
selector:
app.kubernetes.io/name: unifi-network-operator
control-plane: controller-manager
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/name: unifi-network-operator
control-plane: controller-manager
name: unifi-network-operator-controller-manager
namespace: unifi-network-operator-system
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: unifi-network-operator
control-plane: controller-manager
template:
metadata:
annotations:
kubectl.kubernetes.io/default-container: manager
labels:
app.kubernetes.io/name: unifi-network-operator
control-plane: controller-manager
spec:
containers:
- args:
- --metrics-bind-address=:8443
- --leader-elect
- --health-probe-bind-address=:8081
env:
- name: UNIFI_URL
valueFrom:
secretKeyRef:
key: UNIFI_URL
name: unifi-configuration
- name: UNIFI_SITE
valueFrom:
secretKeyRef:
key: UNIFI_SITE
name: unifi-configuration
- name: UNIFI_USER
valueFrom:
secretKeyRef:
key: UNIFI_USERNAME
name: unifi-configuration
- name: UNIFI_PASSWORD
valueFrom:
secretKeyRef:
key: UNIFI_PASSWORD
name: unifi-configuration
image: gitea.engen.priv.no/klauvsteinen/unifi-network-operator-controller:latest
livenessProbe:
httpGet:
path: /healthz
port: 8081
initialDelaySeconds: 15
periodSeconds: 20
name: manager
ports: []
readinessProbe:
httpGet:
path: /readyz
port: 8081
initialDelaySeconds: 5
periodSeconds: 10
resources:
limits:
cpu: 500m
memory: 128Mi
requests:
cpu: 10m
memory: 64Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
volumeMounts: []
securityContext:
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
serviceAccountName: unifi-network-operator-controller-manager
terminationGracePeriodSeconds: 10
volumes: []

7
ko.yaml Normal file
View File

@@ -0,0 +1,7 @@
defaultBaseImage: cgr.dev/chainguard/static:latest
labels:
org.opencontainers.image.authors: Vegard Engen <vegard@engen.priv.no>
org.opencontainers.image.source: https://gitea.engen.priv.no/klauvsteinen/unifi-network-operator
org.opencontainers.image.vendor: Klauvsteinen
dev.chainguard.package.main: ""

1
riktig
View File

@@ -1 +0,0 @@
Riktig fil