apiVersion: v1
kind: Namespace
metadata:
  labels:
    control-plane: controller-manager
  name: etcdadm-controller-system
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.6.0-beta.0.0.20210504224115-9cd8c2840e84
  creationTimestamp: null
  labels:
    cluster.x-k8s.io/v1alpha3: v1alpha3
    cluster.x-k8s.io/v1alpha4: v1alpha4
  name: etcdadmclusters.etcdcluster.cluster.x-k8s.io
spec:
  group: etcdcluster.cluster.x-k8s.io
  names:
    kind: EtcdadmCluster
    listKind: EtcdadmClusterList
    plural: etcdadmclusters
    singular: etcdadmcluster
  scope: Namespaced
  versions:
  - name: v1alpha3
    schema:
      openAPIV3Schema:
        description: EtcdadmCluster is the Schema for the etcdadmclusters API
        properties:
          apiVersion:
            description: 'APIVersion defines the versioned schema of this representation
              of an object. Servers should convert recognized schemas to the latest
              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
            type: string
          kind:
            description: 'Kind is a string value representing the REST resource this
              object represents. Servers may infer this from the endpoint the client
              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
            type: string
          metadata:
            type: object
          spec:
            properties:
              etcdadmConfigSpec:
                description: EtcdadmConfigSpec defines the desired state of EtcdadmConfig
                properties:
                  postEtcdadmCommands:
                    description: PostEtcdadmCommands specifies extra commands to run
                      after kubeadm runs
                    items:
                      type: string
                    type: array
                  preEtcdadmCommands:
                    description: PreEtcdadmCommands specifies extra commands to run
                      before kubeadm runs
                    items:
                      type: string
                    type: array
                  users:
                    description: Users specifies extra users to add
                    items:
                      description: User defines the input for a generated user in
                        cloud-init.
                      properties:
                        gecos:
                          description: Gecos specifies the gecos to use for the user
                          type: string
                        groups:
                          description: Groups specifies the additional groups for
                            the user
                          type: string
                        homeDir:
                          description: HomeDir specifies the home directory to use
                            for the user
                          type: string
                        inactive:
                          description: Inactive specifies whether to mark the user
                            as inactive
                          type: boolean
                        lockPassword:
                          description: LockPassword specifies if password login should
                            be disabled
                          type: boolean
                        name:
                          description: Name specifies the user name
                          type: string
                        passwd:
                          description: Passwd specifies a hashed password for the
                            user
                          type: string
                        primaryGroup:
                          description: PrimaryGroup specifies the primary group for
                            the user
                          type: string
                        shell:
                          description: Shell specifies the user's shell
                          type: string
                        sshAuthorizedKeys:
                          description: SSHAuthorizedKeys specifies a list of ssh authorized
                            keys for the user
                          items:
                            type: string
                          type: array
                        sudo:
                          description: Sudo specifies a sudo role for the user
                          type: string
                      required:
                      - name
                      type: object
                    type: array
                  version:
                    type: string
                type: object
              infrastructureTemplate:
                description: InfrastructureTemplate is a required reference to a custom
                  resource offered by an infrastructure provider.
                properties:
                  apiVersion:
                    description: API version of the referent.
                    type: string
                  fieldPath:
                    description: 'If referring to a piece of an object instead of
                      an entire object, this string should contain a valid JSON/Go
                      field access statement, such as desiredState.manifest.containers[2].
                      For example, if the object reference is to a container within
                      a pod, this would take on a value like: "spec.containers{name}"
                      (where "name" refers to the name of the container that triggered
                      the event) or if no container name is specified "spec.containers[2]"
                      (container with index 2 in this pod). This syntax is chosen
                      only to have some well-defined way of referencing a part of
                      an object. TODO: this design is not final and this field is
                      subject to change in the future.'
                    type: string
                  kind:
                    description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
                    type: string
                  name:
                    description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
                    type: string
                  namespace:
                    description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
                    type: string
                  resourceVersion:
                    description: 'Specific resourceVersion to which this reference
                      is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
                    type: string
                  uid:
                    description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
                    type: string
                type: object
              replicas:
                format: int32
                type: integer
              version:
                type: string
            required:
            - infrastructureTemplate
            type: object
          status:
            description: EtcdadmClusterStatus defines the observed state of EtcdadmCluster
            properties:
              conditions:
                description: Conditions defines current service state of the EtcdadmCluster.
                items:
                  description: Condition defines an observation of a Cluster API resource
                    operational state.
                  properties:
                    lastTransitionTime:
                      description: Last time the condition transitioned from one status
                        to another. This should be when the underlying condition changed.
                        If that is not known, then using the time when the API field
                        changed is acceptable.
                      format: date-time
                      type: string
                    message:
                      description: A human readable message indicating details about
                        the transition. This field may be empty.
                      type: string
                    reason:
                      description: The reason for the condition's last transition
                        in CamelCase. The specific API may choose whether or not this
                        field is considered a guaranteed API. This field may not be
                        empty.
                      type: string
                    severity:
                      description: Severity provides an explicit classification of
                        Reason code, so the users or machines can immediately understand
                        the current situation and act accordingly. The Severity field
                        MUST be set only when Status=False.
                      type: string
                    status:
                      description: Status of the condition, one of True, False, Unknown.
                      type: string
                    type:
                      description: Type of condition in CamelCase or in foo.example.com/CamelCase.
                        Many .condition.type values are consistent across resources
                        like Available, but because arbitrary conditions can be useful
                        (see .node.status.conditions), the ability to deconflict is
                        important.
                      type: string
                  required:
                  - status
                  - type
                  type: object
                type: array
              endpoint:
                type: string
              initMachineAddress:
                type: string
              initialized:
                type: boolean
              observedGeneration:
                description: ObservedGeneration is the latest generation observed
                  by the controller.
                format: int64
                type: integer
              ready:
                type: boolean
              replicas:
                description: Total number of non-terminated machines targeted by this
                  etcd cluster (their labels match the selector).
                format: int32
                type: integer
              selector:
                description: 'Selector is the label selector in string format to avoid
                  introspection by clients, and is used to provide the CRD-based integration
                  for the scale subresource and additional integrations for things
                  like kubectl describe.. The string will be in the same format as
                  the query-param syntax. More info about label selectors: http://kubernetes.io/docs/user-guide/labels#label-selectors'
                type: string
            type: object
        type: object
    served: true
    storage: true
    subresources:
      status: {}
status:
  acceptedNames:
    kind: ""
    plural: ""
  conditions: []
  storedVersions: []
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: etcdadm-controller-manager
  namespace: etcdadm-controller-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: etcdadm-controller-leader-election-role
  namespace: etcdadm-controller-system
rules:
- apiGroups:
  - ""
  resources:
  - configmaps
  verbs:
  - get
  - list
  - watch
  - create
  - update
  - patch
  - delete
- apiGroups:
  - ""
  resources:
  - configmaps/status
  verbs:
  - get
  - update
  - patch
- apiGroups:
  - ""
  resources:
  - events
  verbs:
  - create
- apiGroups:
  - coordination.k8s.io
  resources:
  - leases
  verbs:
  - get
  - list
  - watch
  - create
  - update
  - patch
  - delete
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  creationTimestamp: null
  name: etcdadm-controller-manager-role
rules:
- apiGroups:
  - etcdcluster.cluster.x-k8s.io
  resources:
  - etcdadmclusters
  verbs:
  - create
  - delete
  - get
  - list
  - patch
  - update
  - watch
- apiGroups:
  - etcdcluster.cluster.x-k8s.io
  resources:
  - etcdadmclusters/status
  verbs:
  - get
  - patch
  - update
- apiGroups:
  - ""
  resources:
  - configmaps
  - events
  - secrets
  verbs:
  - create
  - delete
  - get
  - list
  - patch
  - update
  - watch
- apiGroups:
  - cluster.x-k8s.io
  resources:
  - clusters
  - clusters/status
  verbs:
  - get
  - list
  - watch
- apiGroups:
  - cluster.x-k8s.io
  resources:
  - machines
  - machines/status
  verbs:
  - create
  - delete
  - get
  - list
  - patch
  - update
  - watch
- apiGroups:
  - bootstrap.cluster.x-k8s.io
  resources:
  - etcdadmconfigs
  verbs:
  - create
  - delete
  - get
  - list
  - patch
  - update
  - watch
- apiGroups:
  - bootstrap.cluster.x-k8s.io
  resources:
  - etcdadmconfigs/status
  verbs:
  - get
  - patch
  - update
- apiGroups:
  - infrastructure.cluster.x-k8s.io
  resources:
  - '*'
  verbs:
  - create
  - delete
  - get
  - list
  - patch
  - update
  - watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: etcdadm-controller-proxy-role
rules:
- apiGroups:
  - authentication.k8s.io
  resources:
  - tokenreviews
  verbs:
  - create
- apiGroups:
  - authorization.k8s.io
  resources:
  - subjectaccessreviews
  verbs:
  - create
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
  name: etcdadm-controller-metrics-reader
rules:
- nonResourceURLs:
  - /metrics
  verbs:
  - get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: etcdadm-controller-leader-election-rolebinding
  namespace: etcdadm-controller-system
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: etcdadm-controller-leader-election-role
subjects:
- kind: ServiceAccount
  name: etcdadm-controller-manager
  namespace: etcdadm-controller-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: etcdadm-controller-manager-rolebinding
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: etcdadm-controller-manager-role
subjects:
- kind: ServiceAccount
  name: etcdadm-controller-manager
  namespace: etcdadm-controller-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: etcdadm-controller-proxy-rolebinding
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: etcdadm-controller-proxy-role
subjects:
- kind: ServiceAccount
  name: default
  namespace: etcdadm-controller-system
---
apiVersion: v1
kind: Service
metadata:
  labels:
    control-plane: controller-manager
  name: etcdadm-controller-controller-manager-metrics-service
  namespace: etcdadm-controller-system
spec:
  ports:
  - name: https
    port: 8443
    targetPort: https
  selector:
    control-plane: controller-manager
---
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    control-plane: controller-manager
  name: etcdadm-controller-controller-manager
  namespace: etcdadm-controller-system
spec:
  replicas: 1
  selector:
    matchLabels:
      control-plane: controller-manager
  template:
    metadata:
      labels:
        control-plane: controller-manager
    spec:
      containers:
      - args:
        - --secure-listen-address=0.0.0.0:8443
        - --upstream=http://127.0.0.1:8080/
        - --logtostderr=true
        - --v=10
        image: gcr.io/kubebuilder/kube-rbac-proxy:v0.5.0
        name: kube-rbac-proxy
        ports:
        - containerPort: 8443
          name: https
      - args:
        - --metrics-addr=127.0.0.1:8080
        - --enable-leader-election
        command:
        - /manager
        image: ${ETCDADM_CONTROLLER_IMAGE}
        name: manager
        resources:
          limits:
            cpu: 100m
            memory: 30Mi
          requests:
            cpu: 100m
            memory: 20Mi
      serviceAccountName: etcdadm-controller-manager
      terminationGracePeriodSeconds: 10