valitydev/botkube
14
0
Fork 0
mirror of https://github.com/valitydev/botkube.git synced 2024-11-06 16:35:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
11b57d7a2b
botkube/deploy-all-in-one.yaml
Aananth K ebd2c93474
Configure default namespace for kubectl cmds through config 
##### ISSUE TYPE
<!--- Pick one below and delete the rest: -->
 - Feature Pull Request

##### SUMMARY
<!--- Describe the change, including rationale and design decisions -->
This Commit,
- Adds `kubectl.Enabled`, `Kubectl.DefaultNamespace` to `Config.Settings` to configure default namespace, under which all  botkube kubectl commands will be executed by default.
- changes `Settings.RestrictAccess` into `Settings. Kubectl.RestrictAccess` 
- updates all config.yaml files
<!---
If you are fixing an existing issue, please include "Fixes #nnn" in your
PR comment; and describe briefly what the change does.
-->

<!--- Please list dependencies added with your change also -->

Fixes #176

**Preview**:

```yaml
settings:
  # Kubectl executor configs
  kubectl:
    # Set true to enable kubectl commands execution
    enabled: false
    # set Namespace to execute botkube kubectl commands by default
    defaultNamespace: default
    # Set true to enable commands execution from configured channel only
    restrictAccess: false
```
2020-05-01 13:38:10 +00:00

359 lines
8.6 KiB
YAML
Raw Blame History

---
apiVersion: v1
kind: Namespace
metadata:
name: botkube
---
# Configmap
apiVersion: v1
kind: ConfigMap
metadata:
name: botkube-configmap
namespace: botkube
labels:
app: botkube
data:
resource_config.yaml: |
## Resources you want to watch
resources:
- name: pod # Name of the resources e.g pod, deployment, ingress, etc. (Resource name must be in singular form)
namespaces:
include:
- all
ignore: # List of namespaces to be ignored (omitempty), used only with include: all
- # example : include [all], ignore [x,y,z]
events: # List of lifecycle events you want to receive, e.g create, update, delete, error OR all
- create
- delete
- error
- name: service
namespaces:
include:
- all
ignore:
-
events:
- create
- delete
- error
- name: deployment
namespaces:
include:
- all
ignore:
-
events:
- create
- update
- delete
- error
updateSetting:
includeDiff: true
fields:
- spec.template.spec.containers[*].image
- status.availableReplicas
- name: statefulset
namespaces:
include:
- all
ignore:
-
events:
- create
- update
- delete
- error
updateSetting:
includeDiff: true
fields:
- spec.template.spec.containers[*].image
- status.readyReplicas
- name: ingress
namespaces:
include:
- all
ignore:
-
events:
- create
- delete
- error
- name: node
namespaces:
include:
- all
ignore:
-
events:
- create
- delete
- error
- name: namespace
namespaces:
include:
- all
ignore:
-
events:
- create
- delete
- error
- name: persistentvolume
namespaces:
include:
- all
ignore:
-
events:
- create
- delete
- error
- name: persistentvolumeclaim
namespaces:
include:
- all
ignore:
-
events:
- create
- delete
- error
- name: configmap
namespaces:
include:
- all
ignore:
-
events:
- create
- delete
- error
- name: daemonset
namespaces:
include:
- all
ignore:
-
events:
- create
- update
- delete
- error
updateSetting:
includeDiff: true
fields:
- spec.template.spec.containers[*].image
- status.numberReady
- name: job
namespaces:
include:
- all
ignore:
-
events:
- create
- update
- delete
- error
updateSetting:
includeDiff: true
fields:
- spec.template.spec.containers[*].image
- status.conditions[*].type
- name: role
namespaces:
include:
- all
ignore:
-
events:
- create
- delete
- error
- name: rolebinding
namespaces:
include:
- all
ignore:
-
events:
- create
- delete
- error
- name: clusterrole
namespaces:
include:
- all
ignore:
-
events:
- create
- delete
- error
- name: clusterrolebinding
namespaces:
include:
- all
ignore:
-
events:
- create
- delete
- error
# Check true if you want to receive recommendations
# about the best practices for the created resource
recommendations: true
# Setting to support multiple clusters
settings:
# Cluster name to differentiate incoming messages
clustername: not-configured
# Kubectl executor configs
kubectl:
# Set true to enable kubectl commands execution
enabled: false
# set Namespace to execute botkube kubectl commands by default
defaultNamespace: default
# Set true to enable commands execution from configured channel only
restrictAccess: false
# Set true to enable config watcher
configwatcher: true
# Set false to disable upgrade notification
upgradeNotifier: true
---
# secret
apiVersion: v1
kind: Secret
metadata:
name: botkube-communication-secret
namespace: botkube
labels:
app: botkube
type: Opaque
stringData:
comm_config.yaml: |
# Communication settings
communications:
# Settings for Slack
slack:
enabled: false
channel: 'SLACK_CHANNEL'
token: 'SLACK_API_TOKEN'
notiftype: short # Change notification type short/long you want to receive. notiftype is optional and Default notification type is short (if not specified)
# Settings for Mattermost
mattermost:
enabled: false
url: 'MATTERMOST_SERVER_URL' # URL where Mattermost is running. e.g https://example.com:9243
token: 'MATTERMOST_TOKEN' # Personal Access token generated by BotKube user
team: 'MATTERMOST_TEAM' # Mattermost Team to configure with BotKube
channel: 'MATTERMOST_CHANNEL' # Mattermost Channel for receiving BotKube alerts
notiftype: short # Change notification type short/long you want to receive. notiftype is optional and Default notification type is short (if not specified)
# Settings for ELS
elasticsearch:
enable: false
server: 'ELASTICSEARCH_ADDRESS' # e.g https://example.com:9243
username: 'ELASTICSEARCH_USERNAME'
password: 'ELASTICSEARCH_PASSWORD'
# ELS index settings
index:
name: botkube
type: botkube-event
shards: 1
replicas: 0
# Settings for Webhook
webhook:
enabled: false
url: 'WEBHOOK_URL' # e.g https://example.com:80
---
# serviceaccount
apiVersion: v1
kind: ServiceAccount
metadata:
name: botkube-sa
namespace: botkube
labels:
app: botkube
---
# Source: botkube/templates/clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: botkube-clusterrole
labels:
app: botkube
rules:
- apiGroups: ["*"]
resources: ["*"]
verbs: ["get", "watch", "list"]
---
# clusterrolebinding
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: botkube-clusterrolebinding
labels:
app: botkube
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: botkube-clusterrole
subjects:
- kind: ServiceAccount
name: botkube-sa
namespace: botkube
---
# deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: botkube
namespace: botkube
labels:
component: controller
app: botkube
spec:
replicas: 1
selector:
matchLabels:
component: controller
app: botkube
template:
metadata:
labels:
component: controller
app: botkube
spec:
serviceAccountName: botkube-sa
containers:
- name: botkube
image: "infracloudio/botkube:v0.10.0"
imagePullPolicy: Always
volumeMounts:
- name: config-volume
mountPath: "/config"
env:
- name: CONFIG_PATH
value: "/config/"
# set one of the log levels- info, warn, debug, error, fatal, panic
- name: LOG_LEVEL
value: "info"
# set BotKube release version
- name: BOTKUBE_VERSION
value: v0.10.0
volumes:
- name: config-volume
projected:
sources:
- configMap:
name: botkube-configmap
- secret:
name: botkube-communication-secret
# run as non privilaged user
securityContext:
runAsUser: 101
runAsGroup: 101
Reference in New Issue View Git Blame Copy Permalink