feat: turn aws-iam-authenticator into system service

2025-02-15 15:08:50 +00:00 · 2025-02-15 15:08:50 +00:00 · 137f23b661
commit 137f23b661
parent a1ff0652a2
6 changed files with 57 additions and 4 deletions
--- a/kubezero/aws-iam-authenticator/APKBUILD
+++ b/kubezero/aws-iam-authenticator/APKBUILD
@ -9,7 +9,17 @@ arch="x86_64 aarch64 armv7 x86"
 license="Apache-2.0"
 makedepends="go bash"
 options="!check chmod-clean net"
-source="$pkgname-$pkgver.tar.gz::https://github.com/kubernetes-sigs/$pkgname/archive/refs/tags/v$pkgver.tar.gz"
+source="$pkgname-$pkgver.tar.gz::https://github.com/kubernetes-sigs/$pkgname/archive/refs/tags/v$pkgver.tar.gz
        aws-iam-authenticator.initd
        aws-iam-authenticator.monit
        config.yaml
        "
 install="$pkgname-server.pre-install"
 subpackages="$pkgname-server"
 pkggroups="awsiam"
 pkgusers="awsiam"
 build() {
  make bin
@ -19,6 +29,19 @@ package() {
 	install -Dm755 "$builddir/_output/bin/aws-iam-authenticator" "$pkgdir"/usr/bin/aws-iam-authenticator
 }
 server() {
 	install -d "$subpkgdir"/var/log/"$pkgname" -g awsiam -m 775
 	install -d "$subpkgdir"/etc/"$pkgname" -g awsiam -m 775
  install "$srcdir"/config.yaml "$subpkgdir"/etc/$pkgname/config.yaml
  install -Dm755 "$srcdir"/$pkgname.initd "$subpkgdir"/etc/init.d/$pkgname
  install -Dm644 "$srcdir"/$pkgname.monit "$subpkgdir/etc/monit.d/$pkgname.conf"
 }
 sha512sums="
 276efbbf44228b7ef6fe45e80c19443b134664d940706f2634e7478c4e8a3d2499bd0cbe70e1b7916af47dbc66ca1b5419f4738ad1f94ef82fe88f3a06f27d65  aws-iam-authenticator-0.6.29.tar.gz
 a374448ffe7ac2079fef4a4d370b8d4b3aa10d371fff976e41a1107c17198d366f0e28f47f7313555503eaa44d358dff385f84a0000709aa6b75991a0c35f77b  aws-iam-authenticator.initd
 81454a32d898214c80fef1dda1630e6f6550180908e0b45980b25700478ee7fa4a8ef797cf0f1597fa98713b84f2ae9bd324d017e636ef965c26876147039745  aws-iam-authenticator.monit
 97fb2b255161837b1789c17dc7543644d24404ee9eeb95ace0d7c1d8ba12647cca78a8d86ff07dcb7a3eb833d9bc632b4f8511df8aedf484d61acc48929ce9be  config.yaml
 "
--- a/kubezero/aws-iam-authenticator/aws-iam-authenticator-server.pre-install
+++ b/kubezero/aws-iam-authenticator/aws-iam-authenticator-server.pre-install
@ -0,0 +1,6 @@
 #!/bin/sh
 addgroup -S awsiam 2>/dev/null
 adduser -S -D -H -h /dev/null -s /sbin/nologin -G awsiam -g awsiam awsiam 2>/dev/null
 exit 0
--- a/kubezero/aws-iam-authenticator/aws-iam-authenticator.initd
+++ b/kubezero/aws-iam-authenticator/aws-iam-authenticator.initd
@ -0,0 +1,16 @@
 #!/sbin/openrc-run
 name=aws-iam-authenticator
 command="/usr/bin/aws-iam-authenticator"
 command_background="true"
 command_user="awsiam:awsiam"
 pidfile="${pidfile:-/run/${RC_SVCNAME}.pid}"
 start_stop_daemon_args="--stderr /var/log/${RC_SVCNAME}/${RC_SVCNAME}.log \
                        --stdout /var/log/${RC_SVCNAME}/${RC_SVCNAME}.log"
 command_args="server -l=json --config=/etc/aws-iam-authenticator/config.yaml"
 depend() {
 	need net
 }
--- a/kubezero/aws-iam-authenticator/aws-iam-authenticator.monit
+++ b/kubezero/aws-iam-authenticator/aws-iam-authenticator.monit
@ -0,0 +1,10 @@
 check process aws-iam-authenticator pidfile /run/aws-iam-authenticator.pid
  start program = "/sbin/rc-service aws-iam-authenticator start"
  stop program  = "/sbin/rc-service aws-iam-authenticator stop"
  restart program = "/sbin/rc-service aws-iam-authenticator restart"
  if failed
    port 21363
    protocol http
    request "/healthz"
    for 2 cycles
  then restart
--- a/kubezero/aws-iam-authenticator/config.yaml
+++ b/kubezero/aws-iam-authenticator/config.yaml
@ -0,0 +1 @@
 clusterID: exampleCluster
--- a/kubezero/multus-cni/APKBUILD
+++ b/kubezero/multus-cni/APKBUILD
@ -11,9 +11,6 @@ makedepends="go bash"
 options="!check chmod-clean net"
 source="$pkgname-$pkgver.tar.gz::https://github.com/k8snetworkplumbingwg/$pkgname/archive/refs/tags/v$pkgver.tar.gz"
 export CGO_ENABLED=0
 export GO111MODULE=on
 build() {
  DEST_DIR="bin"