From 6e8d6705f4acfc7cabab59e27c9f7bd06bdc7cc6 Mon Sep 17 00:00:00 2001 From: kashifest Date: Wed, 27 Oct 2021 09:57:45 +0300 Subject: [PATCH] Uplift to kubebuilder v3 --- .dockerignore | 5 +++ PROJECT | 41 ++++++++++++++--- .../metal3.io/v1alpha1/baremetalhost_types.go | 1 - apis/metal3.io/v1alpha1/groupversion_info.go | 5 +-- config/crd/kustomization.yaml | 6 +-- config/crd/kustomizeconfig.yaml | 6 ++- .../cainjection_in_baremetalhosts.yaml | 1 - .../patches/webhook_in_baremetalhosts.yaml | 20 ++++----- .../patches/webhook_in_firmwareschemas.yaml | 17 +++---- .../webhook_in_hostfirmwaresettings.yaml | 18 ++++---- .../webhook_in_preprovisioningimages.yaml | 17 +++---- config/default/kustomization.yaml | 16 ++++--- config/default/manager_auth_proxy_patch.yaml | 2 +- config/default/manager_config_patch.yaml | 20 +++++++++ config/manager/controller_manager_config.yaml | 11 +++++ config/manager/kustomization.yaml | 8 ++++ config/manager/manager.yaml | 17 ++++--- config/prometheus/monitor.yaml | 4 ++ .../rbac/auth_proxy_client_clusterrole.yaml | 6 ++- config/rbac/auth_proxy_role.yaml | 12 +++-- config/rbac/auth_proxy_role_binding.yaml | 2 +- config/rbac/kustomization.yaml | 6 +++ config/rbac/leader_election_role_binding.yaml | 2 +- config/rbac/role_binding.yaml | 2 +- config/rbac/service_account.yaml | 5 +++ config/render/capm3.yaml | 44 +++++++++++++++---- hack/manifestlint.sh | 2 +- hack/unit.sh | 2 - main.go | 7 ++- 29 files changed, 218 insertions(+), 87 deletions(-) create mode 100644 .dockerignore create mode 100644 config/default/manager_config_patch.yaml create mode 100644 config/manager/controller_manager_config.yaml create mode 100644 config/rbac/service_account.yaml diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000000..243f81a508 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,5 @@ +# More info: https://docs.docker.com/engine/reference/builder/#dockerignore-file +# Ignore all files which are not go type +!**/*.go +!**/*.mod +!**/*.sum diff --git a/PROJECT b/PROJECT index f3e77ea564..a76ea4d6c6 100644 --- a/PROJECT +++ b/PROJECT @@ -1,16 +1,47 @@ +domain: metal3.io +layout: +- go.kubebuilder.io/v3 multigroup: true +projectName: baremetal-operator repo: github.com/metal3-io/baremetal-operator resources: -- group: metal3.io +- api: + crdVersion: v1 + namespaced: true + controller: true + domain: metal3.io + group: metal3.io kind: BareMetalHost + path: github.com/metal3-io/baremetal-operator/apis/metal3.io/v1alpha1 version: v1alpha1 -- group: metal3.io + webhooks: + validation: true + webhookVersion: v1 +- api: + crdVersion: v1 + namespaced: true + controller: true + domain: metal3.io + group: metal3.io kind: HostFirmwareSettings + path: github.com/metal3-io/baremetal-operator/apis/metal3.io/v1alpha1 version: v1alpha1 -- group: metal3.io +- api: + crdVersion: v1 + namespaced: true + controller: true + domain: metal3.io + group: metal3.io kind: FirmwareSchema + path: github.com/metal3-io/baremetal-operator/apis/metal3.io/v1alpha1 version: v1alpha1 -- group: metal3.io +- api: + crdVersion: v1 + namespaced: true + controller: true + domain: metal3.io + group: metal3.io kind: PreprovisioningImage + path: github.com/metal3-io/baremetal-operator/apis/metal3.io/v1alpha1 version: v1alpha1 -version: "2" +version: "3" diff --git a/apis/metal3.io/v1alpha1/baremetalhost_types.go b/apis/metal3.io/v1alpha1/baremetalhost_types.go index 371b5ebba7..433a26f883 100644 --- a/apis/metal3.io/v1alpha1/baremetalhost_types.go +++ b/apis/metal3.io/v1alpha1/baremetalhost_types.go @@ -1,6 +1,5 @@ /* - Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at diff --git a/apis/metal3.io/v1alpha1/groupversion_info.go b/apis/metal3.io/v1alpha1/groupversion_info.go index 700bd31345..eb8116d7ca 100644 --- a/apis/metal3.io/v1alpha1/groupversion_info.go +++ b/apis/metal3.io/v1alpha1/groupversion_info.go @@ -1,6 +1,5 @@ /* - Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -15,8 +14,8 @@ limitations under the License. */ // Package v1alpha1 contains API Schema definitions for the metal3.io v1alpha1 API group -// +kubebuilder:object:generate=true -// +groupName=metal3.io +//+kubebuilder:object:generate=true +//+groupName=metal3.io package v1alpha1 import ( diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml index 0160d1a9e7..9a31c53b54 100644 --- a/config/crd/kustomization.yaml +++ b/config/crd/kustomization.yaml @@ -6,7 +6,7 @@ resources: - bases/metal3.io_hostfirmwaresettings.yaml - bases/metal3.io_firmwareschemas.yaml - bases/metal3.io_preprovisioningimages.yaml -# +kubebuilder:scaffold:crdkustomizeresource +#+kubebuilder:scaffold:crdkustomizeresource patchesStrategicMerge: # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. @@ -15,7 +15,7 @@ patchesStrategicMerge: #- patches/webhook_in_hostfirmwaresettings.yaml #- patches/webhook_in_firmwareschemas.yaml #- patches/webhook_in_preprovisioningimages.yaml -# +kubebuilder:scaffold:crdkustomizewebhookpatch +#+kubebuilder:scaffold:crdkustomizewebhookpatch # [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix. # patches here are for enabling the CA injection for each CRD @@ -23,7 +23,7 @@ patchesStrategicMerge: #- patches/cainjection_in_hostfirmwaresettings.yaml #- patches/cainjection_in_firmwareschemas.yaml #- patches/cainjection_in_preprovisioningimages.yaml -# +kubebuilder:scaffold:crdkustomizecainjectionpatch +#+kubebuilder:scaffold:crdkustomizecainjectionpatch # the following config is for teaching kustomize how to do kustomization for CRDs. configurations: diff --git a/config/crd/kustomizeconfig.yaml b/config/crd/kustomizeconfig.yaml index 6f83d9a94b..ec5c150a9d 100644 --- a/config/crd/kustomizeconfig.yaml +++ b/config/crd/kustomizeconfig.yaml @@ -4,13 +4,15 @@ nameReference: version: v1 fieldSpecs: - kind: CustomResourceDefinition + version: v1 group: apiextensions.k8s.io - path: spec/conversion/webhookClientConfig/service/name + path: spec/conversion/webhook/clientConfig/service/name namespace: - kind: CustomResourceDefinition + version: v1 group: apiextensions.k8s.io - path: spec/conversion/webhookClientConfig/service/namespace + path: spec/conversion/webhook/clientConfig/service/namespace create: false varReference: diff --git a/config/crd/patches/cainjection_in_baremetalhosts.yaml b/config/crd/patches/cainjection_in_baremetalhosts.yaml index 6c3666e7ea..74f1a27f99 100644 --- a/config/crd/patches/cainjection_in_baremetalhosts.yaml +++ b/config/crd/patches/cainjection_in_baremetalhosts.yaml @@ -1,5 +1,4 @@ # The following patch adds a directive for certmanager to inject CA into the CRD -# CRD conversion requires k8s 1.13 or later. apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: diff --git a/config/crd/patches/webhook_in_baremetalhosts.yaml b/config/crd/patches/webhook_in_baremetalhosts.yaml index d99d8f1389..fdf4a74e77 100644 --- a/config/crd/patches/webhook_in_baremetalhosts.yaml +++ b/config/crd/patches/webhook_in_baremetalhosts.yaml @@ -1,5 +1,4 @@ -# The following patch enables conversion webhook for CRD -# CRD conversion requires k8s 1.13 or later. +# The following patch enables a conversion webhook for the CRD apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -7,11 +6,12 @@ metadata: spec: conversion: strategy: Webhook - webhookClientConfig: - # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, - # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) - caBundle: Cg== - service: - namespace: system - name: webhook-service - path: /convert + webhook: + clientConfig: + service: + namespace: system + name: webhook-service + path: /convert + caBundle: Cg== + conversionReviewVersions: + - v1 diff --git a/config/crd/patches/webhook_in_firmwareschemas.yaml b/config/crd/patches/webhook_in_firmwareschemas.yaml index 2744739c38..e221c848fb 100644 --- a/config/crd/patches/webhook_in_firmwareschemas.yaml +++ b/config/crd/patches/webhook_in_firmwareschemas.yaml @@ -7,11 +7,12 @@ metadata: spec: conversion: strategy: Webhook - webhookClientConfig: - # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, - # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) - caBundle: Cg== - service: - namespace: system - name: webhook-service - path: /convert + webhook: + clientConfig: + service: + namespace: system + name: webhook-service + path: /convert + caBundle: Cg== + conversionReviewVersions: + - v1 diff --git a/config/crd/patches/webhook_in_hostfirmwaresettings.yaml b/config/crd/patches/webhook_in_hostfirmwaresettings.yaml index 7387084884..24da15b8fe 100644 --- a/config/crd/patches/webhook_in_hostfirmwaresettings.yaml +++ b/config/crd/patches/webhook_in_hostfirmwaresettings.yaml @@ -7,11 +7,13 @@ metadata: spec: conversion: strategy: Webhook - webhookClientConfig: - # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, - # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) - caBundle: Cg== - service: - namespace: system - name: webhook-service - path: /convert + webhook: + clientConfig: + service: + namespace: system + name: webhook-service + path: /convert + caBundle: Cg== + conversionReviewVersions: + - v1 + diff --git a/config/crd/patches/webhook_in_preprovisioningimages.yaml b/config/crd/patches/webhook_in_preprovisioningimages.yaml index 2773ae6f85..33a66ce7a8 100644 --- a/config/crd/patches/webhook_in_preprovisioningimages.yaml +++ b/config/crd/patches/webhook_in_preprovisioningimages.yaml @@ -7,11 +7,12 @@ metadata: spec: conversion: strategy: Webhook - webhookClientConfig: - # this is "\n" used as a placeholder, otherwise it will be rejected by the apiserver for being blank, - # but we're going to set it later using the cert-manager (or potentially a patch if not using cert-manager) - caBundle: Cg== - service: - namespace: system - name: webhook-service - path: /convert + webhook: + clientConfig: + service: + namespace: system + name: webhook-service + path: /convert + caBundle: Cg== + conversionReviewVersions: + - v1 diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml index c151099e60..2e88f2fa8f 100644 --- a/config/default/kustomization.yaml +++ b/config/default/kustomization.yaml @@ -16,21 +16,25 @@ bases: - ../crd - ../rbac - ../manager -# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in +# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in # crd/kustomization.yaml - ../webhook # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required. - ../certmanager -# [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. +# [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. #- ../prometheus patchesStrategicMerge: - # Protect the /metrics endpoint by putting it behind auth. - # If you want your controller-manager to expose the /metrics - # endpoint w/o any authn/z, please comment the following line. +# Protect the /metrics endpoint by putting it behind auth. +# If you want your controller-manager to expose the /metrics +# endpoint w/o any authn/z, please comment the following line. - manager_auth_proxy_patch.yaml -# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in +# Mount the controller config file for loading manager configurations +# through a ComponentConfig type +#- manager_config_patch.yaml + +# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in # crd/kustomization.yaml - manager_webhook_patch.yaml diff --git a/config/default/manager_auth_proxy_patch.yaml b/config/default/manager_auth_proxy_patch.yaml index 4161fd4cc4..9ace727e7f 100644 --- a/config/default/manager_auth_proxy_patch.yaml +++ b/config/default/manager_auth_proxy_patch.yaml @@ -1,4 +1,4 @@ -# This patch inject a sidecar container which is a HTTP proxy for the +# This patch inject a sidecar container which is a HTTP proxy for the # controller manager, it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews. apiVersion: apps/v1 kind: Deployment diff --git a/config/default/manager_config_patch.yaml b/config/default/manager_config_patch.yaml new file mode 100644 index 0000000000..6c400155cf --- /dev/null +++ b/config/default/manager_config_patch.yaml @@ -0,0 +1,20 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: controller-manager + namespace: system +spec: + template: + spec: + containers: + - name: manager + args: + - "--config=controller_manager_config.yaml" + volumeMounts: + - name: manager-config + mountPath: /controller_manager_config.yaml + subPath: controller_manager_config.yaml + volumes: + - name: manager-config + configMap: + name: manager-config diff --git a/config/manager/controller_manager_config.yaml b/config/manager/controller_manager_config.yaml new file mode 100644 index 0000000000..43be936600 --- /dev/null +++ b/config/manager/controller_manager_config.yaml @@ -0,0 +1,11 @@ +apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 +kind: ControllerManagerConfig +health: + healthProbeBindAddress: :9440 +metrics: + bindAddress: 127.0.0.1:8085 +webhook: + port: 9443 +leaderElection: + leaderElect: true + resourceName: a9498140.metal3.io diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index 5c5f0b84cb..2bcd3eeaa9 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -1,2 +1,10 @@ resources: - manager.yaml + +generatorOptions: + disableNameSuffixHash: true + +configMapGenerator: +- name: manager-config + files: + - controller_manager_config.yaml diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index 783ff62353..eabc6206e3 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -37,16 +37,19 @@ spec: - configMapRef: name: ironic name: manager - readinessProbe: + securityContext: + allowPrivilegeEscalation: false + livenessProbe: httpGet: path: /healthz port: 9440 - initialDelaySeconds: 3 - periodSeconds: 3 - livenessProbe: + initialDelaySeconds: 15 + periodSeconds: 20 + readinessProbe: httpGet: - path: /healthz + path: /readyz port: 9440 - initialDelaySeconds: 10 - periodSeconds: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + serviceAccountName: controller-manager terminationGracePeriodSeconds: 10 diff --git a/config/prometheus/monitor.yaml b/config/prometheus/monitor.yaml index 9b8047b760..d19136ae71 100644 --- a/config/prometheus/monitor.yaml +++ b/config/prometheus/monitor.yaml @@ -11,6 +11,10 @@ spec: endpoints: - path: /metrics port: https + scheme: https + bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token + tlsConfig: + insecureSkipVerify: true selector: matchLabels: control-plane: controller-manager diff --git a/config/rbac/auth_proxy_client_clusterrole.yaml b/config/rbac/auth_proxy_client_clusterrole.yaml index bd4af137a9..51a75db47a 100644 --- a/config/rbac/auth_proxy_client_clusterrole.yaml +++ b/config/rbac/auth_proxy_client_clusterrole.yaml @@ -3,5 +3,7 @@ kind: ClusterRole metadata: name: metrics-reader rules: -- nonResourceURLs: ["/metrics"] - verbs: ["get"] +- nonResourceURLs: + - "/metrics" + verbs: + - get diff --git a/config/rbac/auth_proxy_role.yaml b/config/rbac/auth_proxy_role.yaml index 618f5e4177..80e1857c59 100644 --- a/config/rbac/auth_proxy_role.yaml +++ b/config/rbac/auth_proxy_role.yaml @@ -3,11 +3,15 @@ kind: ClusterRole metadata: name: proxy-role rules: -- apiGroups: ["authentication.k8s.io"] +- apiGroups: + - authentication.k8s.io resources: - tokenreviews - verbs: ["create"] -- apiGroups: ["authorization.k8s.io"] + verbs: + - create +- apiGroups: + - authorization.k8s.io resources: - subjectaccessreviews - verbs: ["create"] + verbs: + - create diff --git a/config/rbac/auth_proxy_role_binding.yaml b/config/rbac/auth_proxy_role_binding.yaml index 48ed1e4b85..ec7acc0a1b 100644 --- a/config/rbac/auth_proxy_role_binding.yaml +++ b/config/rbac/auth_proxy_role_binding.yaml @@ -8,5 +8,5 @@ roleRef: name: proxy-role subjects: - kind: ServiceAccount - name: default + name: controller-manager namespace: system diff --git a/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml index 66c28338fe..731832a6ac 100644 --- a/config/rbac/kustomization.yaml +++ b/config/rbac/kustomization.yaml @@ -1,4 +1,10 @@ resources: +# All RBAC will be applied under this service account in +# the deployment namespace. You may comment out this resource +# if your manager will use a service account that exists at +# runtime. Be sure to update RoleBinding and ClusterRoleBinding +# subjects if changing service account names. +- service_account.yaml - role.yaml - role_binding.yaml - leader_election_role.yaml diff --git a/config/rbac/leader_election_role_binding.yaml b/config/rbac/leader_election_role_binding.yaml index eed16906f4..1d1321ed4f 100644 --- a/config/rbac/leader_election_role_binding.yaml +++ b/config/rbac/leader_election_role_binding.yaml @@ -8,5 +8,5 @@ roleRef: name: leader-election-role subjects: - kind: ServiceAccount - name: default + name: controller-manager namespace: system diff --git a/config/rbac/role_binding.yaml b/config/rbac/role_binding.yaml index 8f2658702c..2070ede446 100644 --- a/config/rbac/role_binding.yaml +++ b/config/rbac/role_binding.yaml @@ -8,5 +8,5 @@ roleRef: name: manager-role subjects: - kind: ServiceAccount - name: default + name: controller-manager namespace: system diff --git a/config/rbac/service_account.yaml b/config/rbac/service_account.yaml new file mode 100644 index 0000000000..7cd6025bfc --- /dev/null +++ b/config/rbac/service_account.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: controller-manager + namespace: system diff --git a/config/render/capm3.yaml b/config/render/capm3.yaml index a360e145e3..83f1f439b1 100644 --- a/config/render/capm3.yaml +++ b/config/render/capm3.yaml @@ -1545,6 +1545,12 @@ status: conditions: [] storedVersions: [] --- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: baremetal-operator-controller-manager + namespace: baremetal-operator-system +--- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: @@ -1736,7 +1742,7 @@ roleRef: name: baremetal-operator-leader-election-role subjects: - kind: ServiceAccount - name: default + name: baremetal-operator-controller-manager namespace: baremetal-operator-system --- apiVersion: rbac.authorization.k8s.io/v1 @@ -1749,7 +1755,7 @@ roleRef: name: baremetal-operator-manager-role subjects: - kind: ServiceAccount - name: default + name: baremetal-operator-controller-manager namespace: baremetal-operator-system --- apiVersion: rbac.authorization.k8s.io/v1 @@ -1762,7 +1768,7 @@ roleRef: name: baremetal-operator-proxy-role subjects: - kind: ServiceAccount - name: default + name: baremetal-operator-controller-manager namespace: baremetal-operator-system --- apiVersion: v1 @@ -1782,6 +1788,25 @@ metadata: namespace: baremetal-operator-system --- apiVersion: v1 +data: + controller_manager_config.yaml: | + apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 + kind: ControllerManagerConfig + health: + healthProbeBindAddress: :9440 + metrics: + bindAddress: 127.0.0.1:8085 + webhook: + port: 9443 + leaderElection: + leaderElect: true + resourceName: a9498140.metal3.io +kind: ConfigMap +metadata: + name: baremetal-operator-manager-config + namespace: baremetal-operator-system +--- +apiVersion: v1 kind: Service metadata: labels: @@ -1862,8 +1887,8 @@ spec: httpGet: path: /healthz port: 9440 - initialDelaySeconds: 10 - periodSeconds: 3 + initialDelaySeconds: 15 + periodSeconds: 20 name: manager ports: - containerPort: 9443 @@ -1871,14 +1896,17 @@ spec: protocol: TCP readinessProbe: httpGet: - path: /healthz + path: /readyz port: 9440 - initialDelaySeconds: 3 - periodSeconds: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + securityContext: + allowPrivilegeEscalation: false volumeMounts: - mountPath: /tmp/k8s-webhook-server/serving-certs name: cert readOnly: true + serviceAccountName: baremetal-operator-controller-manager terminationGracePeriodSeconds: 10 volumes: - name: cert diff --git a/hack/manifestlint.sh b/hack/manifestlint.sh index 8698aba366..1e0c2724bf 100755 --- a/hack/manifestlint.sh +++ b/hack/manifestlint.sh @@ -23,7 +23,7 @@ if [ "${IS_CONTAINER}" != "false" ]; then { set +x; } 2>/dev/null echo "<-------------------------STARTING MANIFESTS VALIDATION CHECKS------------------------->" kubeval --strict --ignore-missing-schemas \ - -d config,examples -i kustom,patch -o tap + -d config,examples -i kustom,patch,controller_manager_config -o tap echo "<-------------------------COMPLETED MANIFESTS VALIDATION CHECKS------------------------>" else "${CONTAINER_RUNTIME}" run --rm \ diff --git a/hack/unit.sh b/hack/unit.sh index 05bace2a83..6993ccc73a 100755 --- a/hack/unit.sh +++ b/hack/unit.sh @@ -11,9 +11,7 @@ if [ "${IS_CONTAINER}" != "false" ]; then eval "$(go env)" cd "${GOPATH}"/src/github.com/metal3-io/baremetal-operator export XDG_CACHE_HOME="/tmp/.cache" - export COVER_PROFILE="${ARTIFACTS}"/cover.out - TEST_FLAGS=${TEST_FLAGS} make -e unit-cover else diff --git a/main.go b/main.go index 2c259c97c5..dd084a58b3 100644 --- a/main.go +++ b/main.go @@ -1,6 +1,5 @@ /* - Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at @@ -83,7 +82,7 @@ func setupWebhooks(mgr ctrl.Manager) { func main() { var watchNamespace string - var metricsAddr string + var metricsBindAddr string var enableLeaderElection bool var preprovImgEnable bool var devLogging bool @@ -97,7 +96,7 @@ func main() { // namespace. flag.StringVar(&watchNamespace, "namespace", os.Getenv("WATCH_NAMESPACE"), "Namespace that the controller watches to reconcile host resources.") - flag.StringVar(&metricsAddr, "metrics-addr", "127.0.0.1:8085", + flag.StringVar(&metricsBindAddr, "metrics-addr", "127.0.0.1:8085", "The address the metric endpoint binds to.") flag.BoolVar(&enableLeaderElection, "enable-leader-election", false, "Enable leader election for controller manager. "+ @@ -126,7 +125,7 @@ func main() { mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{ Scheme: scheme, - MetricsBindAddress: metricsAddr, + MetricsBindAddress: metricsBindAddr, Port: webhookPort, LeaderElection: enableLeaderElection, LeaderElectionID: "baremetal-operator",