fix

monitor/pvc-autoresizer/autoresizer_rbac.tf

@@ -0,0 +1,141 @@
+resource "kubectl_manifest" "ServiceAccount" {
+  yaml_body  = <<-EOF
+    apiVersion: v1
+    kind: ServiceAccount
+    metadata:
+      name: "${var.instance}-${var.component}"
+      namespace: ${var.namespace}
+      labels: ${jsonencode(local.common-labels)}
+EOF
+}
+
+
+resource "kubectl_manifest" "ClusterRole" {
+  yaml_body  = <<-EOF
+    apiVersion: rbac.authorization.k8s.io/v1
+    kind: ClusterRole
+    metadata:
+      name: "${var.namespace}-${var.instance}-${var.component}"
+      labels: ${jsonencode(local.common-labels)}
+    rules:
+    - apiGroups:
+      - ''
+      resources:
+      - events
+      verbs:
+      - create
+      - get
+      - list
+      - watch
+    - apiGroups:
+      - ''
+      resources:
+      - persistentvolumeclaims
+      verbs:
+      - get
+      - list
+      - patch
+      - update
+      - watch
+    - apiGroups:
+      - storage.k8s.io
+      resources:
+      - storageclasses
+      verbs:
+      - get
+      - list
+      - watch
+    - apiGroups:
+      - apps
+      resources:
+      - deployments
+      verbs:
+      - create
+      - get
+      - list
+      - watch
+      - update
+    - apiGroups:
+      - apps
+      resources:
+      - statefulsets
+      verbs:
+      - create
+      - get
+      - list
+      - watch
+      - update
+EOF
+}
+
+resource "kubectl_manifest" "ClusterRoleBinding" {
+  yaml_body  = <<-EOF
+    apiVersion: rbac.authorization.k8s.io/v1
+    kind: ClusterRoleBinding
+    metadata:
+      name: "${var.namespace}-${var.instance}-${var.component}"
+      labels: ${jsonencode(local.common-labels)}
+    roleRef:
+      apiGroup: rbac.authorization.k8s.io
+      kind: ClusterRole
+      name: ${kubectl_manifest.ClusterRole.name}
+    subjects:
+    - kind: ServiceAccount
+      name: ${kubectl_manifest.ServiceAccount.name}
+      namespace: ${var.namespace}
+EOF
+}
+
+resource "kubectl_manifest" "Role" {
+  yaml_body  = <<-EOF
+    apiVersion: rbac.authorization.k8s.io/v1
+    kind: Role
+    metadata:
+      name: "${var.instance}-${var.component}"
+      namespace: ${var.namespace}
+      labels: ${jsonencode(local.common-labels)}
+    rules:
+    - apiGroups:
+      - ''
+      - coordination.k8s.io
+      resources:
+      - configmaps
+      - leases
+      verbs:
+      - get
+      - list
+      - watch
+      - create
+      - update
+      - patch
+      - delete
+    - apiGroups:
+      - ''
+      resources:
+      - events
+      verbs:
+      - create
+      - patch
+EOF
+}
+
+resource "kubectl_manifest" "RoleBinding" {
+  yaml_body  = <<-EOF
+    apiVersion: rbac.authorization.k8s.io/v1
+    kind: RoleBinding
+    metadata:
+      name: "${var.instance}-${var.component}"
+      namespace: ${var.namespace}
+      labels: ${jsonencode(local.common-labels)}
+    roleRef:
+      apiGroup: rbac.authorization.k8s.io
+      kind: Role
+      name: ${kubectl_manifest.Role.name}
+    subjects:
+    - kind: ServiceAccount
+      name: ${kubectl_manifest.ServiceAccount.name}
+      namespace: ${var.namespace}
+EOF
+}
+
+

monitor/pvc-autoresizer/autoresizer_workload.tf

@@ -0,0 +1,48 @@
+resource "kubectl_manifest" "Deployment" {
+  yaml_body  = <<-EOF
+    apiVersion: apps/v1
+    kind: Deployment
+    metadata:
+      name: "${var.instance}-${var.component}"
+      namespace: ${var.namespace}
+      labels: ${jsonencode(local.common-labels)}
+    spec:
+      selector:
+        matchLabels:
+          app.kubernetes.io/name: pvc-autoresizer
+      replicas: 1
+      template:
+        metadata:
+          labels:
+            app.kubernetes.io/name: pvc-autoresizer
+        spec:
+          serviceAccountName: ${kubectl_manifest.ServiceAccount.name}
+          containers:
+          - name: pvc-autoresizer
+            command:
+            - /pvc-autoresizer
+            args:
+            - --prometheus-url=http://prometheus-prometheus.${var.domain}-monitor:9090
+            - --interval=10s
+            - --no-annotation-check
+            image: ${var.images.autoresizer.registry}/${var.images.autoresizer.repository}:${var.images.autoresizer.tag}
+            imagePullPolicy: ${var.images.autoresizer.pull_policy}
+            resources: ${jsonencode(var.resources)}
+            ports:
+            - name: metrics
+              containerPort: 8080
+              protocol: TCP
+            - name: health
+              containerPort: 8081
+              protocol: TCP
+            readinessProbe:
+              httpGet:
+                path: /readyz
+                port: health
+            livenessProbe:
+              httpGet:
+                path: /healthz
+                port: health
+EOF
+}
+

monitor/pvc-autoresizer/check.rhai

@@ -0,0 +1,13 @@
+const DOMAIN = config.domain;
+fn check_domain() {
+    assert(have_namespace(`${global::DOMAIN}`),                         `There is no ${global::DOMAIN} namespace`);
+}
+fn check_prometheus() {
+    assert(have_namespace(`${global::DOMAIN}-monitor`),                    `There is no ${global::DOMAIN}-monitor namespace`);
+    assert(have_install(`${global::DOMAIN}-monitor`, "prometheus"),         `No prometheus installation in ${global::DOMAIN}-monitor`);
+    assert(have_service(`${global::DOMAIN}-monitor`, "prometheus-prometheus"),          `No prometheus-prometheus service in ${global::DOMAIN}-monitor`);
+}
+fn pre_check() {
+    check_domain();
+    check_prometheus();
+}

monitor/pvc-autoresizer/index.yaml

@@ -0,0 +1,86 @@
+---
+apiVersion: vinyl.solidite.fr/v1beta1
+kind: Component
+category: monitor
+metadata:
+  name: pvc-autoresizer
+  description: pvc-autoresizer resizes PersistentVolumeClaims (PVCs) when the free amount of storage is below the threshold.
+options:
+  domain:
+    default: your-company
+    examples:
+    - your-company
+    type: string
+  images:
+    default:
+      autoresizer:
+        pull_policy: IfNotPresent
+        registry: docker.io
+        repository: kubesphere/pvc-autoresizer
+        tag: v0.3.1
+    examples:
+    - autoresizer:
+        pull_policy: IfNotPresent
+        registry: docker.io
+        repository: kubesphere/pvc-autoresizer
+        tag: v0.3.1
+    properties:
+      autoresizer:
+        default:
+          pull_policy: IfNotPresent
+          registry: docker.io
+          repository: kubesphere/pvc-autoresizer
+          tag: v0.3.1
+        properties:
+          pull_policy:
+            default: IfNotPresent
+            enum:
+            - Always
+            - Never
+            - IfNotPresent
+            type: string
+          registry:
+            default: docker.io
+            type: string
+          repository:
+            default: kubesphere/pvc-autoresizer
+            type: string
+          tag:
+            default: v0.3.1
+            type: string
+        type: object
+    type: object
+  resources:
+    default:
+      requests:
+        cpu: 100m
+        memory: 20Mi
+    examples:
+    - requests:
+        cpu: 100m
+        memory: 20Mi
+    properties:
+      requests:
+        default:
+          cpu: 100m
+          memory: 20Mi
+        properties:
+          cpu:
+            default: 100m
+            type: string
+          memory:
+            default: 20Mi
+            type: string
+        type: object
+    type: object
+dependencies: []
+providers:
+  kubernetes: true
+  authentik: null
+  kubectl: true
+  postgresql: null
+  mysql: null
+  restapi: null
+  http: null
+  gitea: null
+tfaddtype: null