apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization # Adds namespace to all resources. namespace: PLACEHOLDER-NAMESPACE namePrefix: sagemaker-k8s-operator- bases: - ../../../base - resources resources: - ../../../bindings/namespaced patchesStrategicMerge: - resources/manager_add_service_account_patch.yaml patchesJson6902: # Rename created namespace - target: version: v1 kind: Namespace name: sagemaker-k8s-operator-system patch: |- - op: replace path: "/metadata/name" value: PLACEHOLDER-NAMESPACE # Patch broken ServiceAccount names/namespaces # Because we are messing with namespaces so much, especially using patching, # it's breaking all the built in dynamic references that Kustomize provides # which would ensure they are all in the correct namespace. # See issue https://github.com/kubernetes-sigs/kustomize/issues/1377 - target: group: rbac.authorization.k8s.io version: v1 kind: RoleBinding name: manager-rolebinding patch: |- - op: replace path: "/subjects/0/name" value: sagemaker-k8s-operator-default - target: group: rbac.authorization.k8s.io version: v1 kind: RoleBinding name: proxy-rolebinding patch: |- - op: replace path: "/subjects/0/name" value: sagemaker-k8s-operator-default - target: group: rbac.authorization.k8s.io version: v1 kind: RoleBinding name: leader-election-rolebinding patch: |- - op: replace path: "/subjects/0/name" value: sagemaker-k8s-operator-default # Hacky solution so that its possible to add --namespace for both China and US region with this one file # change the position of pods so that manager pod is first pod in both US and China - target: group: apps version: v1 kind: Deployment namespace: system name: controller-manager patch: |- - op: move from: "/spec/template/spec/containers/0" path: "/spec/template/spec/containers/-" # Add --namespace option to the manager pod - target: group: apps version: v1 kind: Deployment namespace: system name: controller-manager patch: |- - op: add path: "/spec/template/spec/containers/0/args/-" value: --namespace=PLACEHOLDER-NAMESPACE