import * as pulumi from "@pulumi/pulumi"; import * as kubernetes from "@pulumi/kubernetes"; const pulumi_kubernetes_operatorDeployment = new kubernetes.apps.v1.Deployment("pulumi_kubernetes_operatorDeployment", { apiVersion: "apps/v1", kind: "Deployment", metadata: { name: "pulumi-kubernetes-operator", }, spec: { replicas: 1, selector: { matchLabels: { name: "pulumi-kubernetes-operator", }, }, template: { metadata: { labels: { name: "pulumi-kubernetes-operator", }, }, spec: { serviceAccountName: "pulumi-kubernetes-operator", imagePullSecrets: [{ name: "pulumi-kubernetes-operator", }], containers: [{ name: "pulumi-kubernetes-operator", image: "pulumi/pulumi-kubernetes-operator:v0.0.2", command: ["pulumi-kubernetes-operator"], args: ["--zap-level=debug"], imagePullPolicy: "Always", env: [ { name: "WATCH_NAMESPACE", valueFrom: { fieldRef: { fieldPath: "metadata.namespace", }, }, }, { name: "POD_NAME", valueFrom: { fieldRef: { fieldPath: "metadata.name", }, }, }, { name: "OPERATOR_NAME", value: "pulumi-kubernetes-operator", }, ], }], }, }, }, }); const pulumi_kubernetes_operatorRole = new kubernetes.rbac.v1.Role("pulumi_kubernetes_operatorRole", { apiVersion: "rbac.authorization.k8s.io/v1", kind: "Role", metadata: { creationTimestamp: undefined, name: "pulumi-kubernetes-operator", }, rules: [ { apiGroups: [""], resources: [ "pods", "services", "services/finalizers", "endpoints", "persistentvolumeclaims", "events", "configmaps", "secrets", ], verbs: [ "create", "delete", "get", "list", "patch", "update", "watch", ], }, { apiGroups: ["apps"], resources: [ "deployments", "daemonsets", "replicasets", "statefulsets", ], verbs: [ "create", "delete", "get", "list", "patch", "update", "watch", ], }, { apiGroups: ["monitoring.coreos.com"], resources: ["servicemonitors"], verbs: [ "get", "create", ], }, { apiGroups: ["apps"], resourceNames: ["pulumi-kubernetes-operator"], resources: ["deployments/finalizers"], verbs: ["update"], }, { apiGroups: [""], resources: ["pods"], verbs: ["get"], }, { apiGroups: ["apps"], resources: [ "replicasets", "deployments", ], verbs: ["get"], }, { apiGroups: ["pulumi.com"], resources: ["*"], verbs: [ "create", "delete", "get", "list", "patch", "update", "watch", ], }, ], }); const pulumi_kubernetes_operatorRoleBinding = new kubernetes.rbac.v1.RoleBinding("pulumi_kubernetes_operatorRoleBinding", { kind: "RoleBinding", apiVersion: "rbac.authorization.k8s.io/v1", metadata: { name: "pulumi-kubernetes-operator", }, subjects: [{ kind: "ServiceAccount", name: "pulumi-kubernetes-operator", }], roleRef: { kind: "Role", name: "pulumi-kubernetes-operator", apiGroup: "rbac.authorization.k8s.io", }, }); const pulumi_kubernetes_operatorServiceAccount = new kubernetes.core.v1.ServiceAccount("pulumi_kubernetes_operatorServiceAccount", { apiVersion: "v1", kind: "ServiceAccount", metadata: { name: "pulumi-kubernetes-operator", }, });