remove warnings from kustomization file (#2073)

Author: priyanshikhetwani

config/crd/kustomization.yaml

@@ -1,7 +1,5 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
-commonLabels:
-  cluster.x-k8s.io/v1beta1: v1beta1_v1beta2
 
 # This kustomization.yaml is not intended to be run by itself,
 # since it depends on service name and namespace that are out of this kustomize package.
@@ -18,33 +16,37 @@ resources:
 - bases/infrastructure.cluster.x-k8s.io_ibmvpcclustertemplates.yaml
 # +kubebuilder:scaffold:crdkustomizeresource
 
-patchesStrategicMerge:
 # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
 # patches here are for enabling the conversion webhook for each CRD
-- patches/webhook_in_ibmvpcclusters.yaml
-- patches/webhook_in_ibmvpcmachines.yaml
-- patches/webhook_in_ibmpowervsclusters.yaml
-- patches/webhook_in_ibmpowervsmachines.yaml
-- patches/webhook_in_ibmpowervsmachinetemplates.yaml
-- patches/webhook_in_ibmvpcmachinetemplates.yaml
-- patches/webhook_in_ibmpowervsimages.yaml
 #- patches/webhook_in_ibmpowervsclustertemplates.yaml
 #- patches/webhook_in_ibmvpcclustertemplates.yaml
 # +kubebuilder:scaffold:crdkustomizewebhookpatch
 
 # [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix.
 # patches here are for enabling the CA injection for each CRD
-- patches/cainjection_in_ibmvpcclusters.yaml
-- patches/cainjection_in_ibmvpcmachines.yaml
-- patches/cainjection_in_ibmpowervsclusters.yaml
-- patches/cainjection_in_ibmpowervsmachines.yaml
-- patches/cainjection_in_ibmpowervsmachinetemplates.yaml
-- patches/cainjection_in_ibmvpcmachinetemplates.yaml
-- patches/cainjection_in_ibmpowervsimages.yaml
 #- patches/cainjection_in_ibmpowervsclustertemplates.yaml
 #- patches/cainjection_in_ibmvpcclustertemplates.yaml
 # +kubebuilder:scaffold:crdkustomizecainjectionpatch
 
 # the following config is for teaching kustomize how to do kustomization for CRDs.
 configurations:
 - kustomizeconfig.yaml
+labels:
+- includeSelectors: true
+  pairs:
+    cluster.x-k8s.io/v1beta1: v1beta1_v1beta2
+patches:
+- path: patches/webhook_in_ibmvpcclusters.yaml
+- path: patches/webhook_in_ibmvpcmachines.yaml
+- path: patches/webhook_in_ibmpowervsclusters.yaml
+- path: patches/webhook_in_ibmpowervsmachines.yaml
+- path: patches/webhook_in_ibmpowervsmachinetemplates.yaml
+- path: patches/webhook_in_ibmvpcmachinetemplates.yaml
+- path: patches/webhook_in_ibmpowervsimages.yaml
+- path: patches/cainjection_in_ibmvpcclusters.yaml
+- path: patches/cainjection_in_ibmvpcmachines.yaml
+- path: patches/cainjection_in_ibmpowervsclusters.yaml
+- path: patches/cainjection_in_ibmpowervsmachines.yaml
+- path: patches/cainjection_in_ibmpowervsmachinetemplates.yaml
+- path: patches/cainjection_in_ibmvpcmachinetemplates.yaml
+- path: patches/cainjection_in_ibmpowervsimages.yaml

config/default/kustomization.yaml

@@ -8,64 +8,213 @@ namespace: capi-ibmcloud-system
 # field above.
 namePrefix: capi-ibmcloud-
 
-commonLabels:
-  cluster.x-k8s.io/provider: "infrastructure-ibmcloud"
 
-bases:
-- ../crd
-- ../rbac
-- ../manager
 # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in 
 # crd/kustomization.yaml
-- ../webhook
 # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required.
-- ../certmanager
 # [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. 
 #- ../prometheus
 
 resources:
 - credentials.yaml
+- ../crd
+- ../rbac
+- ../manager
+- ../webhook
+- ../certmanager
 
-patchesStrategicMerge:
-- manager_credentials_patch.yaml
-- manager_image_patch.yaml
-- manager_pull_policy.yaml
 
 # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in 
 # crd/kustomization.yaml
-- manager_webhook_patch.yaml
 
 # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'.
 # Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks.
 # 'CERTMANAGER' needs to be enabled to use ca injection
-- webhookcainjection_patch.yaml
 
 # the following config is for teaching kustomize how to do var substitution
-vars:
 # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix.
-- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR
-  objref:
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+labels:
+- includeSelectors: true
+  pairs:
+    cluster.x-k8s.io/provider: infrastructure-ibmcloud
+patches:
+- path: manager_credentials_patch.yaml
+- path: manager_image_patch.yaml
+- path: manager_pull_policy.yaml
+- path: manager_webhook_patch.yaml
+- path: webhookcainjection_patch.yaml
+replacements:
+- source:
+    fieldPath: metadata.namespace
     kind: Certificate
-    group: cert-manager.io
-    version: v1
-    name: serving-cert # this name should match the one in certificate.yaml
-  fieldref:
-    fieldpath: metadata.namespace
-- name: CERTIFICATE_NAME
-  objref:
+    name: serving-cert
+  targets:
+  - fieldPaths:
+    - metadata.annotations.[cert-manager.io/inject-ca-from]
+    options:
+      delimiter: /
+    select:
+      kind: MutatingWebhookConfiguration
+      name: mutating-webhook-configuration
+  - fieldPaths:
+    - metadata.annotations.[cert-manager.io/inject-ca-from]
+    options:
+      delimiter: /
+    select:
+      kind: ValidatingWebhookConfiguration
+      name: validating-webhook-configuration
+  - fieldPaths:
+    - metadata.annotations.[cert-manager.io/inject-ca-from]
+    options:
+      delimiter: /
+    select:
+      kind: CustomResourceDefinition
+      name: ibmpowervsclusters.infrastructure.cluster.x-k8s.io
+  - fieldPaths:
+    - metadata.annotations.[cert-manager.io/inject-ca-from]
+    options:
+      delimiter: /
+    select:
+      kind: CustomResourceDefinition
+      name: ibmpowervsimages.infrastructure.cluster.x-k8s.io
+  - fieldPaths:
+    - metadata.annotations.[cert-manager.io/inject-ca-from]
+    options:
+      delimiter: /
+    select:
+      kind: CustomResourceDefinition
+      name: ibmpowervsmachines.infrastructure.cluster.x-k8s.io
+  - fieldPaths:
+    - metadata.annotations.[cert-manager.io/inject-ca-from]
+    options:
+      delimiter: /
+    select:
+      kind: CustomResourceDefinition
+      name: ibmpowervsmachinetemplates.infrastructure.cluster.x-k8s.io
+  - fieldPaths:
+    - metadata.annotations.[cert-manager.io/inject-ca-from]
+    options:
+      delimiter: /
+    select:
+      kind: CustomResourceDefinition
+      name: ibmvpcclusters.infrastructure.cluster.x-k8s.io
+  - fieldPaths:
+    - metadata.annotations.[cert-manager.io/inject-ca-from]
+    options:
+      delimiter: /
+    select:
+      kind: CustomResourceDefinition
+      name: ibmvpcmachines.infrastructure.cluster.x-k8s.io
+  - fieldPaths:
+    - metadata.annotations.[cert-manager.io/inject-ca-from]
+    options:
+      delimiter: /
+    select:
+      kind: CustomResourceDefinition
+      name: ibmvpcmachinetemplates.infrastructure.cluster.x-k8s.io
+- source:
+    fieldPath: metadata.name
     kind: Certificate
-    group: cert-manager.io
-    version: v1
-    name: serving-cert # this name should match the one in certificate.yaml
-- name: SERVICE_NAMESPACE # namespace of the service
-  objref:
+    name: serving-cert
+  targets:
+  - fieldPaths:
+    - metadata.annotations.[cert-manager.io/inject-ca-from]
+    options:
+      delimiter: /
+      index: 1
+    select:
+      kind: MutatingWebhookConfiguration
+      name: mutating-webhook-configuration
+  - fieldPaths:
+    - metadata.annotations.[cert-manager.io/inject-ca-from]
+    options:
+      delimiter: /
+      index: 1
+    select:
+      kind: ValidatingWebhookConfiguration
+      name: validating-webhook-configuration
+  - fieldPaths:
+    - metadata.annotations.[cert-manager.io/inject-ca-from]
+    options:
+      delimiter: /
+      index: 1
+    select:
+      kind: CustomResourceDefinition
+      name: ibmpowervsclusters.infrastructure.cluster.x-k8s.io
+  - fieldPaths:
+    - metadata.annotations.[cert-manager.io/inject-ca-from]
+    options:
+      delimiter: /
+      index: 1
+    select:
+      kind: CustomResourceDefinition
+      name: ibmpowervsimages.infrastructure.cluster.x-k8s.io
+  - fieldPaths:
+    - metadata.annotations.[cert-manager.io/inject-ca-from]
+    options:
+      delimiter: /
+      index: 1
+    select:
+      kind: CustomResourceDefinition
+      name: ibmpowervsmachines.infrastructure.cluster.x-k8s.io
+  - fieldPaths:
+    - metadata.annotations.[cert-manager.io/inject-ca-from]
+    options:
+      delimiter: /
+      index: 1
+    select:
+      kind: CustomResourceDefinition
+      name: ibmpowervsmachinetemplates.infrastructure.cluster.x-k8s.io
+  - fieldPaths:
+    - metadata.annotations.[cert-manager.io/inject-ca-from]
+    options:
+      delimiter: /
+      index: 1
+    select:
+      kind: CustomResourceDefinition
+      name: ibmvpcclusters.infrastructure.cluster.x-k8s.io
+  - fieldPaths:
+    - metadata.annotations.[cert-manager.io/inject-ca-from]
+    options:
+      delimiter: /
+      index: 1
+    select:
+      kind: CustomResourceDefinition
+      name: ibmvpcmachines.infrastructure.cluster.x-k8s.io
+  - fieldPaths:
+    - metadata.annotations.[cert-manager.io/inject-ca-from]
+    options:
+      delimiter: /
+      index: 1
+    select:
+      kind: CustomResourceDefinition
+      name: ibmvpcmachinetemplates.infrastructure.cluster.x-k8s.io
+- source:
+    fieldPath: metadata.name
     kind: Service
-    version: v1
     name: webhook-service
-  fieldref:
-    fieldpath: metadata.namespace
-- name: SERVICE_NAME
-  objref:
+  targets:
+  - fieldPaths:
+    - spec.dnsNames.0
+    - spec.dnsNames.1
+    options:
+      delimiter: .
+    select:
+      kind: Certificate
+      name: serving-cert
+- source:
+    fieldPath: metadata.namespace
     kind: Service
-    version: v1
     name: webhook-service
+  targets:
+  - fieldPaths:
+    - spec.dnsNames.0
+    - spec.dnsNames.1
+    options:
+      delimiter: .
+      index: 1
+    select:
+      kind: Certificate
+      name: serving-cert

test/e2e/data/templates/cluster-template-powervs-md-remediation/kustomization.yaml

@@ -1,6 +1,6 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-  - ../../../../../templates/cluster-template-powervs-cloud-provider.yaml
-patchesStrategicMerge:
-  - patches/mhc-label.yaml
+- ../../../../../templates/cluster-template-powervs-cloud-provider.yaml
+patches:
+- path: patches/mhc-label.yaml