Deploy providers in the same namespace

To do this it is required to remove the namespace and object prefix
fields from the default kustomization.yaml. Without these changes the
namespace objects in the manager manifest would get prefixed and thus
would change between the providers.

Now it will be required to directly name and namespace resources
when creating them.

Author: carbonin

Makefile

@@ -54,8 +54,8 @@ help: ## Display this help.
 
 .PHONY: manifests
 manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects.
-	cd bootstrap && $(CONTROLLER_GEN) rbac:roleName=manager-role crd webhook paths="./..." output:crd:artifacts:config=./config/crd/bases
-	cd controlplane && $(CONTROLLER_GEN) rbac:roleName=manager-role crd webhook paths="./..." output:crd:artifacts:config=./config/crd/bases
+	cd bootstrap && $(CONTROLLER_GEN) rbac:roleName=capoa-bootstrap-manager-role crd webhook paths="./..." output:crd:artifacts:config=./config/crd/bases
+	cd controlplane && $(CONTROLLER_GEN) rbac:roleName=capoa-controlplane-manager-role crd webhook paths="./..." output:crd:artifacts:config=./config/crd/bases
 
 .PHONY: generate
 generate: controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations.

bootstrap-components.yaml

@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: Namespace
 metadata:
-  name: capoa-bootstrap-system
+  name: capoa-system
 ---
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
@@ -583,13 +583,13 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: capoa-bootstrap-controller-manager
-  namespace: capoa-bootstrap-system
+  namespace: capoa-system
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
   name: capoa-bootstrap-leader-election-role
-  namespace: capoa-bootstrap-system
+  namespace: capoa-system
 rules:
 - apiGroups:
   - ""
@@ -756,15 +756,15 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
   name: capoa-bootstrap-leader-election-rolebinding
-  namespace: capoa-bootstrap-system
+  namespace: capoa-system
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
   name: capoa-bootstrap-leader-election-role
 subjects:
 - kind: ServiceAccount
   name: capoa-bootstrap-controller-manager
-  namespace: capoa-bootstrap-system
+  namespace: capoa-system
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
@@ -777,7 +777,7 @@ roleRef:
 subjects:
 - kind: ServiceAccount
   name: capoa-bootstrap-controller-manager
-  namespace: capoa-bootstrap-system
+  namespace: capoa-system
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
@@ -790,13 +790,13 @@ roleRef:
 subjects:
 - kind: ServiceAccount
   name: capoa-bootstrap-controller-manager
-  namespace: capoa-bootstrap-system
+  namespace: capoa-system
 ---
 apiVersion: v1
 kind: Service
 metadata:
   name: capoa-bootstrap-controller-manager-metrics-service
-  namespace: capoa-bootstrap-system
+  namespace: capoa-system
 spec:
   ports:
   - name: https
@@ -810,16 +810,14 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: capoa-bootstrap-controller-manager
-  namespace: capoa-bootstrap-system
+  namespace: capoa-system
 spec:
   replicas: 1
   selector:
     matchLabels:
       control-plane: capoa-bootstrap-controller-manager
   template:
     metadata:
-      annotations:
-        kubectl.kubernetes.io/default-container: manager
       labels:
         control-plane: capoa-bootstrap-controller-manager
     spec:

bootstrap/config/default/kustomization.yaml

@@ -1,19 +1,3 @@
-# Adds namespace to all resources.
-namespace: capoa-bootstrap-system
-
-# Value of this field is prepended to the
-# names of all resources, e.g. a deployment named
-# "wordpress" becomes "alices-wordpress".
-# Note that it should also match with the prefix (text before '-') of the namespace
-# field above.
-namePrefix: capoa-bootstrap-
-
-# Labels to add to all resources and selectors.
-#labels:
-#- includeSelectors: true
-#  pairs:
-#    someName: someValue
-
 resources:
 - ../crd
 - ../rbac

bootstrap/config/default/manager_auth_proxy_patch.yaml

@@ -3,8 +3,8 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: controller-manager
-  namespace: system
+  name: capoa-bootstrap-controller-manager
+  namespace: capoa-system
 spec:
   template:
     spec:

bootstrap/config/manager/manager.yaml

@@ -1,22 +1,20 @@
 apiVersion: v1
 kind: Namespace
 metadata:
-  name: system
+  name: capoa-system
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: controller-manager
-  namespace: system
+  name: capoa-bootstrap-controller-manager
+  namespace: capoa-system
 spec:
   selector:
     matchLabels:
       control-plane: capoa-bootstrap-controller-manager
   replicas: 1
   template:
     metadata:
-      annotations:
-        kubectl.kubernetes.io/default-container: manager
       labels:
         control-plane: capoa-bootstrap-controller-manager
     spec:
@@ -59,5 +57,5 @@ spec:
           requests:
             cpu: 10m
             memory: 64Mi
-      serviceAccountName: controller-manager
+      serviceAccountName: capoa-bootstrap-controller-manager
       terminationGracePeriodSeconds: 10

bootstrap/config/prometheus/monitor.yaml

@@ -2,8 +2,8 @@
 apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
 metadata:
-  name: controller-manager-metrics-monitor
-  namespace: system
+  name: capoa-bootstrap-controller-manager-metrics-monitor
+  namespace: capoa-system
 spec:
   endpoints:
     - path: /metrics

bootstrap/config/rbac/auth_proxy_client_clusterrole.yaml

@@ -1,7 +1,7 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: metrics-reader
+  name: capoa-bootstrap-metrics-reader
 rules:
 - nonResourceURLs:
   - "/metrics"

bootstrap/config/rbac/auth_proxy_role.yaml

@@ -1,7 +1,7 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: proxy-role
+  name: capoa-bootstrap-proxy-role
 rules:
 - apiGroups:
   - authentication.k8s.io

bootstrap/config/rbac/auth_proxy_role_binding.yaml

@@ -1,12 +1,12 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
-  name: proxy-rolebinding
+  name: capoa-bootstrap-proxy-rolebinding
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
-  name: proxy-role
+  name: capoa-bootstrap-proxy-role
 subjects:
 - kind: ServiceAccount
-  name: controller-manager
-  namespace: system
+  name: capoa-bootstrap-controller-manager
+  namespace: capoa-system

bootstrap/config/rbac/auth_proxy_service.yaml

@@ -1,8 +1,8 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: controller-manager-metrics-service
-  namespace: system
+  name: capoa-bootstrap-controller-manager-metrics-service
+  namespace: capoa-system
 spec:
   ports:
   - name: https

bootstrap/config/rbac/leader_election_role.yaml

@@ -2,7 +2,8 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
-  name: leader-election-role
+  name: capoa-bootstrap-leader-election-role
+  namespace: capoa-system
 rules:
 - apiGroups:
   - ""

bootstrap/config/rbac/leader_election_role_binding.yaml

@@ -1,12 +1,13 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
-  name: leader-election-rolebinding
+  name: capoa-bootstrap-leader-election-rolebinding
+  namespace: capoa-system
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
-  name: leader-election-role
+  name: capoa-bootstrap-leader-election-role
 subjects:
 - kind: ServiceAccount
-  name: controller-manager
-  namespace: system
+  name: capoa-bootstrap-controller-manager
+  namespace: capoa-system

bootstrap/config/rbac/openshiftassistedconfig_editor_role.yaml

@@ -2,7 +2,7 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: openshiftassistedconfig-editor-role
+  name: capoa-bootstrap-openshiftassistedconfig-editor-role
 rules:
 - apiGroups:
   - bootstrap.cluster.x-k8s.io

bootstrap/config/rbac/openshiftassistedconfig_viewer_role.yaml

@@ -2,7 +2,7 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: openshiftassistedconfig-viewer-role
+  name: capoa-bootstrap-openshiftassistedconfig-viewer-role
 rules:
 - apiGroups:
   - bootstrap.cluster.x-k8s.io

bootstrap/config/rbac/openshiftassistedconfigtemplate_editor_role.yaml

@@ -2,7 +2,7 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: openshiftassistedconfigtemplate-editor-role
+  name: capoa-bootstrap-openshiftassistedconfigtemplate-editor-role
 rules:
 - apiGroups:
   - bootstrap.cluster.x-k8s.io

bootstrap/config/rbac/openshiftassistedconfigtemplate_viewer_role.yaml

@@ -2,7 +2,7 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: openshiftassistedconfigtemplate-viewer-role
+  name: capoa-bootstrap-openshiftassistedconfigtemplate-viewer-role
 rules:
 - apiGroups:
   - bootstrap.cluster.x-k8s.io

bootstrap/config/rbac/role.yaml

@@ -2,7 +2,7 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: manager-role
+  name: capoa-bootstrap-manager-role
 rules:
 - apiGroups:
   - ""

bootstrap/config/rbac/role_binding.yaml

@@ -1,12 +1,12 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
-  name: manager-rolebinding
+  name: capoa-bootstrap-manager-rolebinding
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
-  name: manager-role
+  name: capoa-bootstrap-manager-role
 subjects:
 - kind: ServiceAccount
-  name: controller-manager
-  namespace: system
+  name: capoa-bootstrap-controller-manager
+  namespace: capoa-system

bootstrap/config/rbac/service_account.yaml

@@ -1,5 +1,5 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: controller-manager
-  namespace: system
+  name: capoa-bootstrap-controller-manager
+  namespace: capoa-system