diff --git a/operators/cluster-aas-operator/0.1.5/manifests/argo_cd_cluser_rb.yaml b/operators/cluster-aas-operator/0.1.5/manifests/argo_cd_cluser_rb.yaml new file mode 100644 index 00000000000..3d5a7441e94 --- /dev/null +++ b/operators/cluster-aas-operator/0.1.5/manifests/argo_cd_cluser_rb.yaml @@ -0,0 +1,12 @@ +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: claas-argocd-cluster-rolebinding +subjects: + - kind: ServiceAccount + name: class-argocd-argocd-application-controller + namespace: cluster-aas-operator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: claas-argocd-cluster-role \ No newline at end of file diff --git a/operators/cluster-aas-operator/0.1.5/manifests/argo_cd_cluster_role.yaml b/operators/cluster-aas-operator/0.1.5/manifests/argo_cd_cluster_role.yaml new file mode 100644 index 00000000000..0e99d578175 --- /dev/null +++ b/operators/cluster-aas-operator/0.1.5/manifests/argo_cd_cluster_role.yaml @@ -0,0 +1,11 @@ +--- +kind: ClusterRole +metadata: + name: claas-argocd-cluster-role +rules: +- apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' diff --git a/operators/cluster-aas-operator/0.1.5/manifests/cluster-aas-operator-controller-manager-metrics-service_v1_service.yaml b/operators/cluster-aas-operator/0.1.5/manifests/cluster-aas-operator-controller-manager-metrics-service_v1_service.yaml new file mode 100644 index 00000000000..d8db9270f6e --- /dev/null +++ b/operators/cluster-aas-operator/0.1.5/manifests/cluster-aas-operator-controller-manager-metrics-service_v1_service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + control-plane: caas-controller-manager + name: cluster-aas-operator-controller-manager-metrics-service +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + control-plane: caas-controller-manager +status: + loadBalancer: {} diff --git a/operators/cluster-aas-operator/0.1.5/manifests/cluster-aas-operator-manager-config_v1_configmap.yaml b/operators/cluster-aas-operator/0.1.5/manifests/cluster-aas-operator-manager-config_v1_configmap.yaml new file mode 100644 index 00000000000..663c49dee5a --- /dev/null +++ b/operators/cluster-aas-operator/0.1.5/manifests/cluster-aas-operator-manager-config_v1_configmap.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +data: + controller_manager_config.yaml: | + apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 + kind: ControllerManagerConfig + health: + healthProbeBindAddress: :8081 + metrics: + bindAddress: 127.0.0.1:8080 + webhook: + port: 9443 + leaderElection: + leaderElect: true + resourceName: 135184d5.openshift.io +kind: ConfigMap +metadata: + name: cluster-aas-operator-manager-config diff --git a/operators/cluster-aas-operator/0.1.5/manifests/cluster-aas-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml b/operators/cluster-aas-operator/0.1.5/manifests/cluster-aas-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml new file mode 100644 index 00000000000..36ed618a392 --- /dev/null +++ b/operators/cluster-aas-operator/0.1.5/manifests/cluster-aas-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -0,0 +1,10 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: cluster-aas-operator-metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get diff --git a/operators/cluster-aas-operator/0.1.5/manifests/cluster-aas-operator-repo-bridge.yaml b/operators/cluster-aas-operator/0.1.5/manifests/cluster-aas-operator-repo-bridge.yaml new file mode 100644 index 00000000000..bca6d65de0e --- /dev/null +++ b/operators/cluster-aas-operator/0.1.5/manifests/cluster-aas-operator-repo-bridge.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + annotations: + service.beta.openshift.io/serving-cert-secret-name: cluster-aas-operator-certs + labels: + caas-repo-bridge: 'true' + name: cluster-aas-operator-repo-bridge-service +spec: + ports: + - name: https + port: 8001 + protocol: TCP + targetPort: repo-server + selector: + control-plane: caas-controller-manager +status: + loadBalancer: {} diff --git a/operators/cluster-aas-operator/0.1.5/manifests/cluster-aas-operator-webhook-service_v1_service.yaml b/operators/cluster-aas-operator/0.1.5/manifests/cluster-aas-operator-webhook-service_v1_service.yaml new file mode 100644 index 00000000000..6f8ce0f44fc --- /dev/null +++ b/operators/cluster-aas-operator/0.1.5/manifests/cluster-aas-operator-webhook-service_v1_service.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + name: cluster-aas-operator-webhook-service +spec: + ports: + - port: 443 + protocol: TCP + targetPort: 9443 + selector: + control-plane: caas-controller-manager +status: + loadBalancer: {} diff --git a/operators/cluster-aas-operator/0.1.5/manifests/cluster-aas-operator.clusterserviceversion.yaml b/operators/cluster-aas-operator/0.1.5/manifests/cluster-aas-operator.clusterserviceversion.yaml new file mode 100644 index 00000000000..601fbf93954 --- /dev/null +++ b/operators/cluster-aas-operator/0.1.5/manifests/cluster-aas-operator.clusterserviceversion.yaml @@ -0,0 +1,654 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "clustertemplate.openshift.io/v1alpha1", + "kind": "ClusterTemplate", + "metadata": { + "name": "clustertemplate-sample" + }, + "spec": {} + }, + { + "apiVersion": "clustertemplate.openshift.io/v1alpha1", + "kind": "ClusterTemplateInstance", + "metadata": { + "name": "clustertemplateinstance-sample" + }, + "spec": {} + }, + { + "apiVersion": "clustertemplate.openshift.io/v1alpha1", + "kind": "ClusterTemplateQuota", + "metadata": { + "name": "clustertemplatequota-sample" + }, + "spec": {} + } + ] + categories: Integration & Delivery,OpenShift Optional + certified: "false" + containerImage: quay.io/stolostron/cluster-templates-operator:2.11.0-0c3131154065397d37e3b66ae635d7ea88650bf9 + createdAt: "2024-06-06T19:34:44Z" + description: Easily install fully configured clusters with guard-rails. + operators.operatorframework.io/builder: operator-sdk-v1.34.1 + operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 + repository: https://github.com/stolostron/cluster-templates-operator + name: cluster-aas-operator.v0.1.5 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: Represents instance of a cluster + displayName: Cluster template instance + kind: ClusterTemplateInstance + name: clustertemplateinstances.clustertemplate.openshift.io + resources: + - kind: Pod + name: "" + version: v1 + statusDescriptors: + - description: A reference for secret which contains username and password under + keys "username" and "password" + displayName: Admin Password + path: adminPassword + - description: API server URL of the new cluster + displayName: APIserver URL + path: apiServerURL + - description: Status of each cluster setup + displayName: Cluster Setup + path: clusterSetup + - description: Secrets create by cluster setup which provide credentials for + applications created by cluster setup + displayName: Cluster Setup Secrets + path: clusterSetupSecrets + - description: Resource conditions + displayName: Conditions + path: conditions + - description: Console URL of the new cluster. The value is taken from ManagedCluster. + displayName: Console URL + path: consoleURL + - description: Time of first attempt of login to a new cluster + displayName: First Login Attempt + path: firstLoginAttempt + - description: A reference for secret which contains kubeconfig under key "kubeconfig" + displayName: Kubeconfig + path: kubeconfig + - description: A reference to ManagedCluster resource + displayName: Managed Cluster + path: managedCluster + - description: Additional message for Phase + displayName: Message + path: message + - description: Represents instance installaton & setup phase + displayName: Phase + path: phase + version: v1alpha1 + - description: Defines which ClusterTemplates can be used in a given namespace + displayName: Cluster template quota + kind: ClusterTemplateQuota + name: clustertemplatequotas.clustertemplate.openshift.io + resources: + - kind: Pod + name: "" + version: v1 + statusDescriptors: + - description: How much budget is currenly spent + displayName: Budget Spent + path: budgetSpent + - description: Which instances are in use + displayName: Template Instances + path: templateInstances + version: v1alpha1 + - description: Template of a cluster - both installation and post-install setup + are defined as ArgoCD application spec. Any application source is supported + - typically a Helm chart + displayName: Cluster template + kind: ClusterTemplate + name: clustertemplates.clustertemplate.openshift.io + resources: + - kind: Pod + name: "" + version: v1 + statusDescriptors: + - description: Describes helm chart properties and their schema + displayName: Cluster Definition + path: clusterDefinition + - description: Describes helm chart properties and schema for every cluster + setup step + displayName: Cluster Setup + path: clusterSetup + version: v1alpha1 + - kind: ClusterTemplateSetup + name: clustertemplatesetup.clustertemplate.openshift.io + version: v1alpha1 + - kind: Config + name: config.clustertemplate.openshift.io + version: v1alpha1 + description: | + **Self-service clusters with guardrails!** + Cluster as a service operator provides an easy way to define clusters as templates and allows creating instances of those templates even for non-privileged developer/devops engineers. Cluster templates operator also allows specifing quotas for the developer/devops engineers. + + ### User Interface + The User interface is installed but is not enabled by default. To enable go to `Home` -> `Overview` -> in the status card click `Dynamic Plugins` -> click `View all` -> click the `pencil` icon -> pick `Enable` and hit `Save`. You can access the UI in the `All Clusters` perspective under `Infrastructure` -> `Cluster Templates`. + + ### Documentation + Documentation can be found on our [website](https://github.com/stolostron/cluster-templates-operator). + + ### Getting help + To report any issues or ask questions, create an issue on our [Github repo](https://github.com/stolostron/cluster-templates-operator/issues) + displayName: Cluster as a service operator + icon: + - base64data: PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZpZXdCb3g9IjAgMCAyNTguNTEgMjU4LjUxIj48ZGVmcz48c3R5bGU+LmNscy0xe2ZpbGw6I2QxZDFkMTt9LmNscy0ye2ZpbGw6IzhkOGQ4Zjt9PC9zdHlsZT48L2RlZnM+PHRpdGxlPkFzc2V0IDQ8L3RpdGxlPjxnIGlkPSJMYXllcl8yIiBkYXRhLW5hbWU9IkxheWVyIDIiPjxnIGlkPSJMYXllcl8xLTIiIGRhdGEtbmFtZT0iTGF5ZXIgMSI+PHBhdGggY2xhc3M9ImNscy0xIiBkPSJNMTI5LjI1LDIwQTEwOS4xLDEwOS4xLDAsMCwxLDIwNi40LDIwNi40LDEwOS4xLDEwOS4xLDAsMSwxLDUyLjExLDUyLjExLDEwOC40NSwxMDguNDUsMCwwLDEsMTI5LjI1LDIwbTAtMjBoMEM1OC4xNiwwLDAsNTguMTYsMCwxMjkuMjVIMGMwLDcxLjA5LDU4LjE2LDEyOS4yNiwxMjkuMjUsMTI5LjI2aDBjNzEuMDksMCwxMjkuMjYtNTguMTcsMTI5LjI2LTEyOS4yNmgwQzI1OC41MSw1OC4xNiwyMDAuMzQsMCwxMjkuMjUsMFoiLz48cGF0aCBjbGFzcz0iY2xzLTIiIGQ9Ik0xNzcuNTQsMTAzLjQxSDE0MS42NkwxNTQuOSw2NS43NmMxLjI1LTQuNC0yLjMzLTguNzYtNy4yMS04Ljc2SDEwMi45M2E3LjMyLDcuMzIsMCwwLDAtNy40LDZsLTEwLDY5LjYxYy0uNTksNC4xNywyLjg5LDcuODksNy40LDcuODloMzYuOUwxMTUuNTUsMTk3Yy0xLjEyLDQuNDEsMi40OCw4LjU1LDcuMjQsOC41NWE3LjU4LDcuNTgsMCwwLDAsNi40Ny0zLjQ4TDE4NCwxMTMuODVDMTg2Ljg2LDEwOS4yNCwxODMuMjksMTAzLjQxLDE3Ny41NCwxMDMuNDFaIi8+PC9nPjwvZz48L3N2Zz4= + mediatype: image/svg+xml + install: + spec: + clusterPermissions: + - rules: + - apiGroups: + - "" + resources: + - configmaps + - services + verbs: + - create + - delete + - get + - list + - update + - watch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - create + - delete + - get + - list + - update + - watch + - apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - update + - watch + - apiGroups: + - agent.open-cluster-management.io + resources: + - klusterletaddonconfigs + verbs: + - create + - delete + - get + - list + - watch + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - list + - watch + - apiGroups: + - apps + resources: + - deployments + verbs: + - create + - delete + - get + - list + - update + - watch + - apiGroups: + - argoproj.io + resources: + - applications + verbs: + - create + - delete + - get + - list + - watch + - apiGroups: + - argoproj.io + resources: + - applicationsets + verbs: + - create + - get + - list + - patch + - update + - watch + - apiGroups: + - argoproj.io + resources: + - argocds + verbs: + - create + - delete + - get + - list + - update + - watch + - apiGroups: + - cluster.open-cluster-management.io + resources: + - managedclusters + verbs: + - create + - delete + - get + - list + - watch + - apiGroups: + - cluster.open-cluster-management.io + resources: + - managedclustersets/join + verbs: + - create + - apiGroups: + - clustertemplate.openshift.io + resources: + - clustertemplateinstances + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - clustertemplate.openshift.io + resources: + - clustertemplateinstances/status + verbs: + - get + - patch + - update + - apiGroups: + - clustertemplate.openshift.io + resources: + - clustertemplatequotas + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - clustertemplate.openshift.io + resources: + - clustertemplatequotas/status + verbs: + - get + - patch + - update + - apiGroups: + - clustertemplate.openshift.io + resources: + - clustertemplates + verbs: + - create + - get + - list + - update + - watch + - apiGroups: + - clustertemplate.openshift.io + resources: + - clustertemplates/status + verbs: + - get + - patch + - update + - apiGroups: + - clustertemplate.openshift.io + resources: + - clustertemplatesetup + verbs: + - get + - list + - watch + - apiGroups: + - clustertemplate.openshift.io + resources: + - clustertemplatesetup/status + verbs: + - get + - patch + - update + - apiGroups: + - clustertemplate.openshift.io + resources: + - config + verbs: + - create + - get + - list + - patch + - update + - watch + - apiGroups: + - console.openshift.io + resources: + - consoleplugins + verbs: + - create + - delete + - get + - list + - update + - watch + - apiGroups: + - console.openshift.io + resources: + - consolequickstarts + verbs: + - create + - delete + - get + - list + - update + - watch + - apiGroups: + - hive.openshift.io + resources: + - clusterclaims + - clusterdeployments + verbs: + - get + - list + - watch + - apiGroups: + - hypershift.openshift.io + resources: + - hostedclusters + - nodepools + verbs: + - get + - list + - watch + - apiGroups: + - operators.coreos.com + resources: + - subscriptions + verbs: + - get + - list + - patch + - update + - watch + - apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + - roles + verbs: + - create + - delete + - get + - list + - update + - watch + - apiGroups: + - register.open-cluster-management.io + resources: + - managedclusters/accept + verbs: + - update + - apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + serviceAccountName: cluster-aas-operator-controller-manager + deployments: + - label: + control-plane: caas-controller-manager + name: cluster-aas-operator-controller-manager + spec: + replicas: 1 + selector: + matchLabels: + control-plane: caas-controller-manager + strategy: {} + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: manager + labels: + control-plane: caas-controller-manager + spec: + containers: + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=0 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.11.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + protocol: TCP + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + - args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + - --tls-cert-file=/etc/certs/tls/tls.crt + - --tls-private-key-file=/etc/certs/tls/tls.key + command: + - /manager + image: quay.io/stolostron/cluster-templates-operator:2.11.0-0c3131154065397d37e3b66ae635d7ea88650bf9 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP + - containerPort: 8001 + name: repo-server + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 1Gi + requests: + cpu: 10m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + volumeMounts: + - mountPath: /etc/certs/tls + name: tls-cert + securityContext: + runAsNonRoot: true + serviceAccountName: cluster-aas-operator-controller-manager + terminationGracePeriodSeconds: 10 + volumes: + - name: tls-cert + secret: + defaultMode: 420 + secretName: cluster-aas-operator-certs + permissions: + - rules: + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + serviceAccountName: cluster-aas-operator-controller-manager + strategy: deployment + installModes: + - supported: false + type: OwnNamespace + - supported: false + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: true + type: AllNamespaces + keywords: + - cluster + - templates + - hive + - hypershift + - selfservice + - openshift + - multicluster + - quota + - helm + - argocd + links: + - name: Cluster as a service operator + url: https://github.com/stolostron/cluster-templates-operator + maintainers: + - email: rawagner@redhat.com + name: Rastislav Wagner + maturity: alpha + minKubeVersion: 1.24.0 + provider: + name: Stolostron + version: 0.1.5 + webhookdefinitions: + - admissionReviewVersions: + - v1 + containerPort: 443 + conversionCRDs: + - clustertemplateinstances.clustertemplate.openshift.io + - clustertemplatequotas.clustertemplate.openshift.io + deploymentName: cluster-aas-operator-controller-manager + generateName: cclustertemplateinstancesclustertemplatequotas.kb.io + sideEffects: None + targetPort: 9443 + type: ConversionWebhook + webhookPath: /convert + - admissionReviewVersions: + - v1 + containerPort: 443 + deploymentName: cluster-aas-operator-controller-manager + failurePolicy: Fail + generateName: mclustertemplateinstance.kb.io + rules: + - apiGroups: + - clustertemplate.openshift.io + apiVersions: + - v1alpha1 + operations: + - CREATE + resources: + - clustertemplateinstances + sideEffects: None + targetPort: 9443 + type: MutatingAdmissionWebhook + webhookPath: /mutate-clustertemplate-openshift-io-v1alpha1-clustertemplateinstance + - admissionReviewVersions: + - v1 + containerPort: 443 + deploymentName: cluster-aas-operator-controller-manager + failurePolicy: Fail + generateName: vclustertemplateinstance.kb.io + rules: + - apiGroups: + - clustertemplate.openshift.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - clustertemplateinstances + sideEffects: None + targetPort: 9443 + type: ValidatingAdmissionWebhook + webhookPath: /validate-clustertemplate-openshift-io-v1alpha1-clustertemplateinstance + - admissionReviewVersions: + - v1 + containerPort: 443 + deploymentName: cluster-aas-operator-controller-manager + failurePolicy: Fail + generateName: vclustertemplatequota.kb.io + rules: + - apiGroups: + - clustertemplate.openshift.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - clustertemplatequotas + sideEffects: None + targetPort: 9443 + type: ValidatingAdmissionWebhook + webhookPath: /validate-clustertemplate-openshift-io-v1alpha1-clustertemplatequota diff --git a/operators/cluster-aas-operator/0.1.5/manifests/cluster_templates_user_ct_role.yaml b/operators/cluster-aas-operator/0.1.5/manifests/cluster_templates_user_ct_role.yaml new file mode 100644 index 00000000000..9d9afa795a3 --- /dev/null +++ b/operators/cluster-aas-operator/0.1.5/manifests/cluster_templates_user_ct_role.yaml @@ -0,0 +1,13 @@ +--- +kind: ClusterRole +metadata: + name: cluster-templates-user-ct +rules: +- apiGroups: + - clustertemplate.openshift.io + resources: + - clustertemplates + verbs: + - get + - watch + - list diff --git a/operators/cluster-aas-operator/0.1.5/manifests/cluster_templates_user_role.yaml b/operators/cluster-aas-operator/0.1.5/manifests/cluster_templates_user_role.yaml new file mode 100644 index 00000000000..299cbb9c57e --- /dev/null +++ b/operators/cluster-aas-operator/0.1.5/manifests/cluster_templates_user_role.yaml @@ -0,0 +1,35 @@ +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: cluster-templates-user +rules: + - verbs: + - get + - list + - watch + apiGroups: + - clustertemplate.openshift.io + resources: + - clustertemplatequotas + - verbs: + - '*' + apiGroups: + - clustertemplate.openshift.io + resources: + - clustertemplateinstances + - verbs: + - get + apiGroups: + - '' + - project.openshift.io + resources: + - projects + - verbs: + - get + - list + - watch + apiGroups: + - '' + resources: + - namespaces diff --git a/operators/cluster-aas-operator/0.1.5/manifests/clustertemplate.openshift.io_clustertemplateinstances.yaml b/operators/cluster-aas-operator/0.1.5/manifests/clustertemplate.openshift.io_clustertemplateinstances.yaml new file mode 100644 index 00000000000..1d8fbb36037 --- /dev/null +++ b/operators/cluster-aas-operator/0.1.5/manifests/clustertemplate.openshift.io_clustertemplateinstances.yaml @@ -0,0 +1,258 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.0 + creationTimestamp: null + name: clustertemplateinstances.clustertemplate.openshift.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: cluster-aas-operator-webhook-service + namespace: cluster-aas-operator-system + path: /convert + conversionReviewVersions: + - v1 + group: clustertemplate.openshift.io + names: + kind: ClusterTemplateInstance + listKind: ClusterTemplateInstanceList + plural: clustertemplateinstances + shortNames: + - cti + - ctis + singular: clustertemplateinstance + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Cluster phase + jsonPath: .status.phase + name: Phase + type: string + - description: Admin Secret + jsonPath: .status.adminPassword.name + name: Adminpassword + type: string + - description: Kubeconfig Secret + jsonPath: .status.kubeconfig.name + name: Kubeconfig + type: string + - description: API URL + jsonPath: .status.apiServerURL + name: API URL + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Represents instance of a cluster + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + clusterTemplateRef: + description: A reference to ClusterTemplate which will be used for + installing and setting up the cluster + type: string + kubeconfigSecretRef: + description: A reference to a secret which contains kubeconfig of + the cluster. If specified day1 operation won't be executed. + type: string + parameters: + description: Helm parameters to be passed to cluster installation + or setup + items: + properties: + clusterSetup: + description: Name of the application set to which parameter + is applied + type: string + name: + description: Name of the Helm parameter + type: string + value: + description: Value of the Helm parameter + type: string + required: + - name + - value + type: object + type: array + required: + - clusterTemplateRef + type: object + status: + properties: + adminPassword: + description: A reference for secret which contains username and password + under keys "username" and "password" + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + apiServerURL: + description: API server URL of the new cluster + type: string + clusterSetup: + description: Status of each cluster setup + items: + properties: + message: + description: Description of the cluster setup status + type: string + name: + description: Name of the cluster setup + type: string + status: + description: Status of the cluster setup + type: string + required: + - message + - name + - status + type: object + type: array + clusterSetupSecrets: + description: Secrets create by cluster setup which provide credentials + for applications created by cluster setup + items: + description: LocalObjectReference contains enough information to + let you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + type: array + conditions: + description: Resource conditions + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + type FooStatus struct{ // Represents the observations of a foo's + current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + consoleURL: + description: Console URL of the new cluster. The value is taken from + ManagedCluster. + type: string + firstLoginAttempt: + description: Time of first attempt of login to a new cluster + format: date-time + type: string + kubeconfig: + description: A reference for secret which contains kubeconfig under + key "kubeconfig" + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + managedCluster: + description: A reference to ManagedCluster resource + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + message: + description: Additional message for Phase + type: string + phase: + description: Represents instance installaton & setup phase + type: string + required: + - conditions + - message + - phase + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/cluster-aas-operator/0.1.5/manifests/clustertemplate.openshift.io_clustertemplatequotas.yaml b/operators/cluster-aas-operator/0.1.5/manifests/clustertemplate.openshift.io_clustertemplatequotas.yaml new file mode 100644 index 00000000000..c03e19c3a65 --- /dev/null +++ b/operators/cluster-aas-operator/0.1.5/manifests/clustertemplate.openshift.io_clustertemplatequotas.yaml @@ -0,0 +1,119 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.0 + creationTimestamp: null + name: clustertemplatequotas.clustertemplate.openshift.io +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + name: cluster-aas-operator-webhook-service + namespace: cluster-aas-operator-system + path: /convert + conversionReviewVersions: + - v1 + group: clustertemplate.openshift.io + names: + kind: ClusterTemplateQuota + listKind: ClusterTemplateQuotaList + plural: clustertemplatequotas + shortNames: + - ctq + - ctqs + singular: clustertemplatequota + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Defines which ClusterTemplates can be used in a given namespace + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + allowedTemplates: + description: Represents all ClusterTemplates which can be used in + given namespace + items: + properties: + count: + description: Defines how many instances of the ClusterTemplate + can exist + minimum: 1 + type: integer + deleteAfter: + description: 'Template instance will be removed after specified + time This is a Duration value; see https://pkg.go.dev/time#ParseDuration + for accepted formats. Note: due to discrepancies in validation + vs parsing, we use a Pattern instead of `Format=duration`. + See https://bugzilla.redhat.com/show_bug.cgi?id=2050332 https://github.com/kubernetes/apimachinery/issues/131 + https://github.com/kubernetes/apiextensions-apiserver/issues/56' + pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$ + type: string + name: + description: Name of the ClusterTemplate + type: string + required: + - name + type: object + type: array + budget: + description: Total budget for all clusters within given namespace + minimum: 1 + type: integer + required: + - allowedTemplates + type: object + status: + description: ClusterTemplateQuotaStatus defines the observed state of + ClusterTemplateQuota + properties: + budgetSpent: + description: How much budget is currenly spent + type: integer + templateInstances: + description: Which instances are in use + items: + properties: + count: + description: Defines how many instances of the ClusterTemplate + exist + type: integer + name: + description: Name of the ClusterTemplate + type: string + required: + - count + - name + type: object + type: array + required: + - budgetSpent + - templateInstances + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/cluster-aas-operator/0.1.5/manifests/clustertemplate.openshift.io_clustertemplates.yaml b/operators/cluster-aas-operator/0.1.5/manifests/clustertemplate.openshift.io_clustertemplates.yaml new file mode 100644 index 00000000000..8d91bfe5ff1 --- /dev/null +++ b/operators/cluster-aas-operator/0.1.5/manifests/clustertemplate.openshift.io_clustertemplates.yaml @@ -0,0 +1,148 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.0 + creationTimestamp: null + name: clustertemplates.clustertemplate.openshift.io +spec: + group: clustertemplate.openshift.io + names: + kind: ClusterTemplate + listKind: ClusterTemplateList + plural: clustertemplates + shortNames: + - ct + - cts + singular: clustertemplate + scope: Cluster + versions: + - additionalPrinterColumns: + - description: Cluster cost + jsonPath: .spec.cost + name: Cost + type: integer + name: v1alpha1 + schema: + openAPIV3Schema: + description: Template of a cluster - both installation and post-install setup + are defined as ArgoCD application spec. Any application source is supported + - typically a Helm chart + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + clusterDefinition: + description: ArgoCD applicationset name which is used for installation + of the cluster + type: string + clusterSetup: + description: Array of ArgoCD applicationset names which are used for + post installation setup of the cluster + items: + type: string + type: array + cost: + description: Cost of the cluster, used for quotas + minimum: 0 + type: integer + skipClusterRegistration: + description: Skip the registration of the cluster to the hub cluster + type: boolean + required: + - clusterDefinition + type: object + status: + description: ClusterTemplateStatus defines the observed state of ClusterTemplate + properties: + clusterDefinition: + description: Describes helm chart properties and their schema + properties: + error: + description: Contain information about failure during fetching + helm chart + type: string + params: + description: Helm chart param overrides from the ArgoCD ApplicationSet + items: + properties: + name: + description: Name of a helm chart param + type: string + value: + description: Value of a helm chart param + type: string + required: + - name + - value + type: object + type: array + schema: + description: Content of helm chart values.schema.json + type: string + values: + description: Content of helm chart values.yaml + type: string + type: object + clusterSetup: + description: Describes helm chart properties and schema for every + cluster setup step + items: + properties: + error: + description: Contain information about failure during fetching + helm chart + type: string + name: + description: Name of the cluster setup step + type: string + params: + description: Helm chart param overrides from the ArgoCD ApplicationSet + items: + properties: + name: + description: Name of a helm chart param + type: string + value: + description: Value of a helm chart param + type: string + required: + - name + - value + type: object + type: array + schema: + description: Content of helm chart values.schema.json + type: string + values: + description: Content of helm chart values.yaml + type: string + required: + - name + type: object + type: array + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/cluster-aas-operator/0.1.5/manifests/clustertemplate.openshift.io_clustertemplatesetup.yaml b/operators/cluster-aas-operator/0.1.5/manifests/clustertemplate.openshift.io_clustertemplatesetup.yaml new file mode 100644 index 00000000000..68dba1e0d87 --- /dev/null +++ b/operators/cluster-aas-operator/0.1.5/manifests/clustertemplate.openshift.io_clustertemplatesetup.yaml @@ -0,0 +1,103 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.0 + creationTimestamp: null + name: clustertemplatesetup.clustertemplate.openshift.io +spec: + group: clustertemplate.openshift.io + names: + kind: ClusterTemplateSetup + listKind: ClusterTemplateSetupList + plural: clustertemplatesetup + shortNames: + - ctsetup + - ctsetup + singular: clustertemplatesetup + scope: Cluster + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Template of a cluster - post-install setup are defined as ArgoCD + application set refs. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + clusterSetup: + description: Array of ArgoCD applicationset names which are used for + post installation setup of the cluster + items: + type: string + type: array + skipClusterRegistration: + description: Skip the registeration of the cluster to the hub cluster + type: boolean + type: object + status: + description: ClusterTemplateStatus defines the observed state of ClusterTemplateSetup + properties: + clusterSetup: + description: Describes helm chart properties and schema for every + cluster setup step + items: + properties: + error: + description: Contain information about failure during fetching + helm chart + type: string + name: + description: Name of the cluster setup step + type: string + params: + description: Helm chart param overrides from the ArgoCD ApplicationSet + items: + properties: + name: + description: Name of a helm chart param + type: string + value: + description: Value of a helm chart param + type: string + required: + - name + - value + type: object + type: array + schema: + description: Content of helm chart values.schema.json + type: string + values: + description: Content of helm chart values.yaml + type: string + required: + - name + type: object + type: array + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/cluster-aas-operator/0.1.5/manifests/clustertemplate.openshift.io_config.yaml b/operators/cluster-aas-operator/0.1.5/manifests/clustertemplate.openshift.io_config.yaml new file mode 100644 index 00000000000..975f12bbcca --- /dev/null +++ b/operators/cluster-aas-operator/0.1.5/manifests/clustertemplate.openshift.io_config.yaml @@ -0,0 +1,66 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.0 + creationTimestamp: null + name: config.clustertemplate.openshift.io +spec: + group: clustertemplate.openshift.io + names: + kind: Config + listKind: ConfigList + plural: config + shortNames: + - ctconfig + - clustertemplateconfig + singular: config + scope: Cluster + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Configuration of the cluster operator + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + properties: + argoCDNamespace: + description: ArgoCd namespace where the ArgoCD instance is running + type: string + loginAttemptTimeoutOverride: + description: Override default timeout for logging into the new cluster. + The default is set to 10 minutes + pattern: ^([0-9]+(\.[0-9]+)?(ns|us|µs|ms|s|m|h))+$ + type: string + uiEnabled: + description: Flag that indicate if UI console plugin should be deployed + type: boolean + uiImage: + description: Custom UI image + type: string + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/cluster-aas-operator/0.1.5/metadata/annotations.yaml b/operators/cluster-aas-operator/0.1.5/metadata/annotations.yaml new file mode 100644 index 00000000000..5cc59001164 --- /dev/null +++ b/operators/cluster-aas-operator/0.1.5/metadata/annotations.yaml @@ -0,0 +1,14 @@ +annotations: + # Core bundle annotations. + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: cluster-aas-operator + operators.operatorframework.io.bundle.channels.v1: alpha + operators.operatorframework.io.metrics.builder: operator-sdk-v1.34.1 + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: go.kubebuilder.io/v3 + + # Annotations for testing. + operators.operatorframework.io.test.mediatype.v1: scorecard+v1 + operators.operatorframework.io.test.config.v1: tests/scorecard/ diff --git a/operators/cluster-aas-operator/0.1.5/metadata/dependencies.yaml b/operators/cluster-aas-operator/0.1.5/metadata/dependencies.yaml new file mode 100644 index 00000000000..d9ab0ab4572 --- /dev/null +++ b/operators/cluster-aas-operator/0.1.5/metadata/dependencies.yaml @@ -0,0 +1,6 @@ +dependencies: +- type: olm.gvk + value: + group: argoproj.io + kind: Application + version: v1alpha1 \ No newline at end of file diff --git a/operators/cluster-aas-operator/0.1.5/tests/scorecard/config.yaml b/operators/cluster-aas-operator/0.1.5/tests/scorecard/config.yaml new file mode 100644 index 00000000000..6643020929c --- /dev/null +++ b/operators/cluster-aas-operator/0.1.5/tests/scorecard/config.yaml @@ -0,0 +1,70 @@ +apiVersion: scorecard.operatorframework.io/v1alpha3 +kind: Configuration +metadata: + name: config +stages: +- parallel: true + tests: + - entrypoint: + - scorecard-test + - basic-check-spec + image: quay.io/operator-framework/scorecard-test:v1.22.2 + labels: + suite: basic + test: basic-check-spec-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-bundle-validation + image: quay.io/operator-framework/scorecard-test:v1.22.2 + labels: + suite: olm + test: olm-bundle-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-validation + image: quay.io/operator-framework/scorecard-test:v1.22.2 + labels: + suite: olm + test: olm-crds-have-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-resources + image: quay.io/operator-framework/scorecard-test:v1.22.2 + labels: + suite: olm + test: olm-crds-have-resources-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-spec-descriptors + image: quay.io/operator-framework/scorecard-test:v1.22.2 + labels: + suite: olm + test: olm-spec-descriptors-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-status-descriptors + image: quay.io/operator-framework/scorecard-test:v1.22.2 + labels: + suite: olm + test: olm-status-descriptors-test + storage: + spec: + mountPath: {} +storage: + spec: + mountPath: {}