Add Kubernetes config

contrib/kubernetes/buildconfig.yaml

@@ -0,0 +1,29 @@
+apiVersion: build.openshift.io/v1
+kind: BuildConfig
+metadata:
+  name: roundtrip
+  namespace: logging-roundtrip
+spec:
+  failedBuildsHistoryLimit: 5
+  output:
+    to:
+      kind: ImageStreamTag
+      name: roundtrip:latest
+  runPolicy: Serial
+  source:
+    contextDir: /
+    git:
+      uri: https://github.com/xperimental/logging-roundtrip.git
+      ref: main
+    type: Git
+  strategy:
+    dockerStrategy:
+      dockerfilePath: Dockerfile
+    type: Docker
+  successfulBuildsHistoryLimit: 5
+  triggers:
+  - github:
+      secretReference:
+        name: roundtrip-github-webhook-secret
+    type: GitHub
+  - type: ConfigChange

contrib/kubernetes/config/config.yaml

@@ -0,0 +1,9 @@
+logLevel: info
+source:
+  logsPerSecond: 3
+sink:
+  url: https://lokistack-dev-gateway-http.openshift-logging.svc:8080/api/logs/v1/application/loki/api/v1/tail
+  query: '{kubernetes_namespace_name="logging-roundtrip",kubernetes_container_name="roundtrip"} | json | kubernetes_container_iostream="stdout"'
+  tokenFile: /var/run/secrets/logs/token
+  tls:
+    insecureSkipVerify: true

contrib/kubernetes/deployment.yaml

@@ -0,0 +1,50 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  annotations:
+    alpha.image.policy.openshift.io/resolve-names: '*'
+    app.openshift.io/route-disabled: "false"
+    image.openshift.io/triggers: '[{"from":{"kind":"ImageStreamTag","name":"roundtrip:latest"},"fieldPath":"spec.template.spec.containers[?(@.name==\"roundtrip\")].image"}]'
+  name: roundtrip
+spec:
+  selector:
+    matchLabels:
+      app: roundtrip
+  template:
+    metadata:
+      labels:
+        app: roundtrip
+    spec:
+      containers:
+      - image: image-registry.openshift-image-registry.svc:5000/logging-roundtrip/roundtrip:latest
+        imagePullPolicy: Always
+        args:
+        - --config-file
+        - /config/config.yaml
+        livenessProbe:
+          failureThreshold: 3
+          httpGet:
+            path: /api/live
+            port: 8080
+            scheme: HTTP
+          periodSeconds: 10
+          successThreshold: 1
+          timeoutSeconds: 1
+        name: roundtrip
+        ports:
+        - containerPort: 8080
+          protocol: TCP
+        volumeMounts:
+        - mountPath: /config
+          name: config
+          readOnly: true
+        - mountPath: /var/run/secrets/logs
+          name: token
+          readOnly: true
+      volumes:
+      - name: config
+        configMap:
+          name: roundtrip-config
+      - name: token
+        secret:
+          secretName: roundtrip-sa-token

contrib/kubernetes/imagestream.yaml

@@ -0,0 +1,7 @@
+apiVersion: image.openshift.io/v1
+kind: ImageStream
+metadata:
+  name: roundtrip
+spec:
+  lookupPolicy:
+    local: false

contrib/kubernetes/kustomization.yaml

@@ -0,0 +1,27 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: logging-roundtrip
+commonAnnotations:
+  app.openshift.io/vcs-ref: main
+  app.openshift.io/vcs-uri: https://github.com/xperimental/logging-roundtrip.git
+  openshift.io/generated-by: OpenShiftWebConsole
+labels:
+- pairs:
+    app: roundtrip
+    app.kubernetes.io/component: roundtrip
+    app.kubernetes.io/instance: roundtrip
+    app.kubernetes.io/name: roundtrip
+    app.kubernetes.io/part-of: roundtrip
+configMapGenerator:
+- name: roundtrip-config
+  files:
+  - config/config.yaml
+resources:
+- buildconfig.yaml
+- deployment.yaml
+- imagestream.yaml
+- namespace.yaml
+- rbac.yaml
+- route.yaml
+- secret.yaml
+- service.yaml

contrib/kubernetes/namespace.yaml

@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: logging-roundtrip

contrib/kubernetes/rbac.yaml

@@ -0,0 +1,39 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  annotations:
+    rbac.authorization.kubernetes.io/autoupdate: "true"
+  name: webhook-access-unauthenticated
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: "system:webhook"
+subjects:
+- apiGroup: rbac.authorization.k8s.io
+  kind: Group
+  name: "system:unauthenticated"
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: roundtrip
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: roundtrip-sa-token
+  annotations:
+    kubernetes.io/service-account.name: roundtrip
+type: kubernetes.io/service-account-token
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: roundtrip-read-logs
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cluster-logging-application-view
+subjects:
+- kind: ServiceAccount
+  name: roundtrip

contrib/kubernetes/route.yaml

@@ -0,0 +1,15 @@
+apiVersion: route.openshift.io/v1
+kind: Route
+metadata:
+  name: roundtrip
+spec:
+  port:
+    targetPort: web
+  tls:
+    insecureEdgeTerminationPolicy: Redirect
+    termination: edge
+  to:
+    kind: Service
+    name: roundtrip
+    weight: 100
+  wildcardPolicy: None

contrib/kubernetes/secret.yaml

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: roundtrip-github-webhook-secret
+type: Opaque
+stringData:
+  WebHookSecretKey: "example-secret"

contrib/kubernetes/service.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: roundtrip
+spec:
+  ports:
+  - name: web
+    port: 8080
+    targetPort: 8080
+  selector:
+    app: roundtrip
+  type: ClusterIP