diff --git a/assets/rancher-supportability-review-crd/rancher-supportability-review-crd-105.0.0+up0.1.0.tgz b/assets/rancher-supportability-review-crd/rancher-supportability-review-crd-105.0.0+up0.1.0.tgz new file mode 100644 index 0000000000..529fe5fdee Binary files /dev/null and b/assets/rancher-supportability-review-crd/rancher-supportability-review-crd-105.0.0+up0.1.0.tgz differ diff --git a/assets/rancher-supportability-review/rancher-supportability-review-105.0.0+up0.1.0.tgz b/assets/rancher-supportability-review/rancher-supportability-review-105.0.0+up0.1.0.tgz new file mode 100644 index 0000000000..827d24eb3d Binary files /dev/null and b/assets/rancher-supportability-review/rancher-supportability-review-105.0.0+up0.1.0.tgz differ diff --git a/charts/rancher-supportability-review-crd/105.0.0+up0.1.0/Chart.yaml b/charts/rancher-supportability-review-crd/105.0.0+up0.1.0/Chart.yaml new file mode 100644 index 0000000000..c5e013e70c --- /dev/null +++ b/charts/rancher-supportability-review-crd/105.0.0+up0.1.0/Chart.yaml @@ -0,0 +1,10 @@ +annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/hidden: "true" + catalog.cattle.io/namespace: sr-operator-system + catalog.cattle.io/release-name: rancher-supportability-review-crd +apiVersion: v1 +description: Installs the CRDs for rancher-supportability-review. +name: rancher-supportability-review-crd +type: application +version: 105.0.0+up0.1.0 diff --git a/charts/rancher-supportability-review-crd/105.0.0+up0.1.0/README.md b/charts/rancher-supportability-review-crd/105.0.0+up0.1.0/README.md new file mode 100644 index 0000000000..75a817d3b3 --- /dev/null +++ b/charts/rancher-supportability-review-crd/105.0.0+up0.1.0/README.md @@ -0,0 +1,2 @@ +# rancher-supportability-review-crd +A Rancher chart that installs the CRDs used by rancher-supportability-review. diff --git a/charts/rancher-supportability-review-crd/105.0.0+up0.1.0/templates/reviewbundle.yaml b/charts/rancher-supportability-review-crd/105.0.0+up0.1.0/templates/reviewbundle.yaml new file mode 100644 index 0000000000..c49cb0d41b --- /dev/null +++ b/charts/rancher-supportability-review-crd/105.0.0+up0.1.0/templates/reviewbundle.yaml @@ -0,0 +1,126 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: reviewbundles.sr.cattle.io +spec: + group: sr.cattle.io + names: + kind: ReviewBundle + plural: reviewbundles + singular: reviewbundle + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .status.timestamp + name: Timestamp + type: string + name: v1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + debug: + type: boolean + dev: + type: boolean + excludeClusters: + items: + nullable: true + type: string + nullable: true + type: array + includeClusters: + items: + nullable: true + type: string + nullable: true + type: array + parallelCollection: + type: boolean + sonobuoyNamespace: + nullable: true + type: string + sonobuoyTimeout: + type: integer + tolerations: + items: + properties: + effect: + nullable: true + type: string + key: + nullable: true + type: string + operator: + nullable: true + type: string + tolerationSeconds: + nullable: true + type: integer + value: + nullable: true + type: string + type: object + nullable: true + type: array + type: object + status: + properties: + checkResult: + nullable: true + type: string + clusterCount: + type: integer + conditions: + items: + properties: + lastTransitionTime: + nullable: true + type: string + lastUpdateTime: + nullable: true + type: string + message: + nullable: true + type: string + reason: + nullable: true + type: string + status: + nullable: true + type: string + type: + nullable: true + type: string + type: object + nullable: true + type: array + display: + nullable: true + properties: + error: + type: boolean + message: + nullable: true + type: string + state: + nullable: true + type: string + transitioning: + type: boolean + type: object + fileName: + nullable: true + type: string + fileSize: + type: integer + timestamp: + nullable: true + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/charts/rancher-supportability-review/105.0.0+up0.1.0/Chart.yaml b/charts/rancher-supportability-review/105.0.0+up0.1.0/Chart.yaml new file mode 100644 index 0000000000..2a6c06c9c9 --- /dev/null +++ b/charts/rancher-supportability-review/105.0.0+up0.1.0/Chart.yaml @@ -0,0 +1,22 @@ +annotations: + catalog.cattle.io/auto-install: rancher-supportability-review-crd=match + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: Supportability Review + catalog.cattle.io/kube-version: '>=1.18.0-0 < 1.33.0-0' + catalog.cattle.io/namespace: sr-operator-system + catalog.cattle.io/os: linux + catalog.cattle.io/permits-os: linux + catalog.cattle.io/provides-gvr: sr.cattle.io.reviewbundles/v1 + catalog.cattle.io/rancher-version: '>= 2.10.0 < 2.11.0' + catalog.cattle.io/release-name: rancher-supportability-review + catalog.cattle.io/type: cluster-tool + catalog.cattle.io/ui-component: rancher-supportability-review +apiVersion: v1 +appVersion: 0.1.0 +description: The rancher-supportability-review operator enables the functionality + of Supportability Reviews for Rancher. +icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg +keywords: +- support +name: rancher-supportability-review +version: 105.0.0+up0.1.0 diff --git a/charts/rancher-supportability-review/105.0.0+up0.1.0/README.md b/charts/rancher-supportability-review/105.0.0+up0.1.0/README.md new file mode 100644 index 0000000000..f23e157e65 --- /dev/null +++ b/charts/rancher-supportability-review/105.0.0+up0.1.0/README.md @@ -0,0 +1,9 @@ +# Rancher Supportability Review Chart + +The supportability-review-operator enables running Supportability Reviews. + +# Installation + +``` +helm install rancher-supportability-review ./ --create-namespace -n sr-operator-system +``` diff --git a/charts/rancher-supportability-review/105.0.0+up0.1.0/app-readme.md b/charts/rancher-supportability-review/105.0.0+up0.1.0/app-readme.md new file mode 100644 index 0000000000..d25a2fd1fc --- /dev/null +++ b/charts/rancher-supportability-review/105.0.0+up0.1.0/app-readme.md @@ -0,0 +1,3 @@ +# Rancher Supportability Review + +This chart is used for Supportability Review of Rancher. diff --git a/charts/rancher-supportability-review/105.0.0+up0.1.0/questions.yaml b/charts/rancher-supportability-review/105.0.0+up0.1.0/questions.yaml new file mode 100644 index 0000000000..9b20f78565 --- /dev/null +++ b/charts/rancher-supportability-review/105.0.0+up0.1.0/questions.yaml @@ -0,0 +1,151 @@ +questions: +- variable: rancher.url + label: Rancher URL + default: "" + description: "The URL of the Rancher server." + type: string + required: true + group: Rancher Configuration + +- variable: rancher.token + label: Rancher Token + default: "" + description: "The access token for the Rancher server." + type: string + required: true + group: Rancher Configuration + +- variable: s3.useS3 + label: Upload bundle to S3 compatible storage + default: "false" + description: "Upload bundle to S3 compatible storage" + type: boolean + group: S3 Configuration + show_subquestion_if: true + subquestions: + - variable: s3.useAwsS3 + label: Use AWS S3 Endpoint + default: "true" + description: "Use AWS S3 Endpoint" + type: boolean + group: S3 Configuration + show_subquestion_if: false + subquestions: + - variable: s3.endpoint + label: S3 endpoint URL + default: "https://:" + description: "The URL of S3 endpoint." + type: string + required: true + + - variable: s3.region + label: Region + default: "us-east-2" + description: "Region" + type: string + required: true + group: S3 Configuration + + - variable: s3.bucket + label: Bucket name + default: "" + description: "Bucket name" + type: string + required: true + group: S3 Configuration + + - variable: s3.folder + label: Folder name + default: "" + description: "Folder name" + type: string + required: false + group: S3 Configuration + + - variable: s3.insecureTLSSkipVerify + label: Skip TLS Verifications + default: false + description: "Skip TLS Verifications" + type: boolean + required: true + group: S3 Configuration + + - variable: s3.accessKeyId + label: Access Key ID + default: "" + description: "Access Key ID" + type: string + required: true + group: S3 Configuration + + - variable: s3.secretAccessKey + label: Secret Access Key + default: "" + description: "Secret Access Key" + type: password + required: true + group: S3 Configuration + +- variable: image.collector.repository + label: SR Collector image Repository + default: "ghcr.io/rancher/supportability-review" + description: "The repository of SR Collector image." + type: string + required: false + group: Images + +- variable: image.collector.tag + label: SR Collector image Tag + default: "latest" + description: "The repository of SR Collector Tag." + type: string + required: false + group: Images + +- variable: image.analyzer.repository + label: SR Analyzer image Repository + default: "ghcr.io/rancher/supportability-review-internal" + description: "The repository of SR Analyzer image." + type: string + required: false + group: Images + +- variable: image.analyzer.tag + label: SR Analyzer image Tag + default: "latest" + description: "The tag of SR Analyzer image." + type: string + required: false + group: Images + +- variable: image.operator.repository + label: SR Operator image Repository + default: "ghcr.io/rancher/supportability-review-operator" + description: "The repository of SR Operator image." + type: string + required: false + group: Images + +- variable: image.operator.tag + label: SR Operator image tag + default: "latest" + description: "The tag of SR Operator image." + type: string + required: false + group: Images + +- variable: image.appFrontend.repository + label: App frontend image Repository + default: "docker.io/masap20220915/supportability-review-app-frontend" + description: "The repository of App frontend image." + type: string + required: false + group: Images + +- variable: image.appFrontend.tag + label: App frontend image tag + default: "dev" + description: "The tag of App frontend image." + type: string + required: false + group: Images diff --git a/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/_helpers.tpl b/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/_helpers.tpl new file mode 100644 index 0000000000..2ac0008495 --- /dev/null +++ b/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/_helpers.tpl @@ -0,0 +1,90 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "rancher-supportability-review.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "rancher-supportability-review.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "rancher-supportability-review.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "rancher-supportability-review.labels" -}} +helm.sh/chart: {{ include "rancher-supportability-review.chart" . }} +{{ include "rancher-supportability-review.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "rancher-supportability-review.selectorLabels" -}} +app.kubernetes.io/name: {{ include "rancher-supportability-review.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "rancher-supportability-review.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "rancher-supportability-review.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* Ensure namespace is set the same everywhere */}} +{{- define "sr.namespace" -}} + {{- .Release.Namespace | default "sr-operator-system" -}} +{{- end -}} + +{{- define "system_default_registry" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} + +{{/* +Windows cluster will add default taint for linux nodes, +add below linux tolerations to workloads could be scheduled to those linux nodes +*/}} +{{- define "linux-node-tolerations" -}} +- key: "cattle.io/os" + value: "linux" + effect: "NoSchedule" + operator: "Equal" +{{- end -}} + +{{- define "linux-node-selector" -}} +kubernetes.io/os: linux +{{- end -}} diff --git a/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/app-frontend-resource.yaml b/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/app-frontend-resource.yaml new file mode 100644 index 0000000000..32a4062096 --- /dev/null +++ b/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/app-frontend-resource.yaml @@ -0,0 +1,45 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: sr-bundle-app-frontend-deployment + namespace: sr-operator-system +spec: + replicas: 1 + selector: + matchLabels: + sr-app: app-frontend + template: + metadata: + labels: + sr-app: app-frontend + spec: + containers: + - image: {{ .Values.image.appFrontend.repository }}:{{ .Values.image.appFrontend.tag }} + imagePullPolicy: Always + name: app-frontend + ports: + - containerPort: 80 + resources: + requests: + memory: "1Gi" + cpu: "100m" + ephemeral-storage: "10Gi" + limits: + memory: "1Gi" + cpu: "100m" + ephemeral-storage: "10Gi" + nodeSelector: + kubernetes.io/os: linux +--- +apiVersion: v1 +kind: Service +metadata: + name: sr-bundle-app-frontend-service + namespace: sr-operator-system +spec: + ports: + - port: 80 + protocol: TCP + targetPort: 80 + selector: + sr-app: app-frontend diff --git a/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/clusterrole.yaml b/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/clusterrole.yaml new file mode 100644 index 0000000000..9fda2aea28 --- /dev/null +++ b/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/clusterrole.yaml @@ -0,0 +1,8 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "rancher-supportability-review.fullname" . }}-cr +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] diff --git a/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/clusterrolebinding.yaml b/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/clusterrolebinding.yaml new file mode 100644 index 0000000000..e329c7ecee --- /dev/null +++ b/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/clusterrolebinding.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "rancher-supportability-review.fullname" . }}-crb +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "rancher-supportability-review.fullname" . }}-cr +subjects: +- kind: ServiceAccount + name: {{ include "rancher-supportability-review.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} diff --git a/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/db-resource.yaml b/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/db-resource.yaml new file mode 100644 index 0000000000..17cb6b5b46 --- /dev/null +++ b/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/db-resource.yaml @@ -0,0 +1,49 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: sr-bundle-db-deployment + namespace: sr-operator-system +spec: + replicas: 1 + selector: + matchLabels: + sr-app: db + template: + metadata: + labels: + sr-app: db + spec: + containers: + - args: + - --maxmemory + - 1gb + - --maxmemory-policy + - noeviction + image: redis:7.4.1 + name: redis + ports: + - containerPort: 6379 + resources: + requests: + memory: "1Gi" + cpu: "100m" + ephemeral-storage: "10Gi" + limits: + memory: "1Gi" + cpu: "100m" + ephemeral-storage: "10Gi" + nodeSelector: + kubernetes.io/os: linux +--- +apiVersion: v1 +kind: Service +metadata: + name: sr-bundle-db-service + namespace: sr-operator-system +spec: + ports: + - port: 6379 + protocol: TCP + targetPort: 6379 + selector: + sr-app: db diff --git a/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/deployment.yaml b/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/deployment.yaml new file mode 100644 index 0000000000..8616bc644a --- /dev/null +++ b/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/deployment.yaml @@ -0,0 +1,60 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "rancher-supportability-review.fullname" . }} + labels: + {{- include "rancher-supportability-review.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "rancher-supportability-review.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "rancher-supportability-review.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "rancher-supportability-review.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.operator.repository }}:{{ .Values.image.operator.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/network_policy_allow_all.yaml b/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/network_policy_allow_all.yaml new file mode 100644 index 0000000000..926ceea6de --- /dev/null +++ b/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/network_policy_allow_all.yaml @@ -0,0 +1,13 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: default-allow-all +spec: + podSelector: {} + ingress: + - {} + egress: + - {} + policyTypes: + - Ingress + - Egress diff --git a/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/secret.yaml b/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/secret.yaml new file mode 100644 index 0000000000..3a401f445a --- /dev/null +++ b/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/secret.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Values.rancher.secretName }} + namespace: {{ .Release.Namespace }} +type: Opaque +stringData: + url: {{ .Values.rancher.url }} + token: {{ .Values.rancher.token }} + srImageRepository: {{ .Values.image.collector.repository }}:{{ .Values.image.collector.tag }} + analyzerImageRepository: {{ .Values.image.analyzer.repository }}:{{ .Values.image.analyzer.tag }} + s3UseS3: {{ .Values.s3.useS3 | quote }} + s3Endpoint: {{ .Values.s3.endpoint }} + s3Region: {{ .Values.s3.region }} + s3Bucket: {{ .Values.s3.bucket }} + s3Folder: {{ .Values.s3.folder }} + s3InsecureTLSSkipVerify: {{ .Values.s3.insecureTLSSkipVerify | quote }} + s3AccessKeyId: {{ .Values.s3.accessKeyId }} + s3SecretAccessKey: {{ .Values.s3.secretAccessKey }} diff --git a/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/serviceaccount.yaml b/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/serviceaccount.yaml new file mode 100644 index 0000000000..64e565e5a5 --- /dev/null +++ b/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "rancher-supportability-review.serviceAccountName" . }} + labels: + {{- include "rancher-supportability-review.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/validate-install-crd.yaml b/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/validate-install-crd.yaml new file mode 100644 index 0000000000..ab7d90631a --- /dev/null +++ b/charts/rancher-supportability-review/105.0.0+up0.1.0/templates/validate-install-crd.yaml @@ -0,0 +1,14 @@ +#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}} +# {{- $found := dict -}} +# {{- set $found "sr.cattle.io/v1/ReviewBundle" false -}} +# {{- range .Capabilities.APIVersions -}} +# {{- if hasKey $found (toString .) -}} +# {{- set $found (toString .) true -}} +# {{- end -}} +# {{- end -}} +# {{- range $_, $exists := $found -}} +# {{- if (eq $exists false) -}} +# {{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}} +# {{- end -}} +# {{- end -}} +#{{- end -}} \ No newline at end of file diff --git a/charts/rancher-supportability-review/105.0.0+up0.1.0/values.yaml b/charts/rancher-supportability-review/105.0.0+up0.1.0/values.yaml new file mode 100644 index 0000000000..39a04e47bf --- /dev/null +++ b/charts/rancher-supportability-review/105.0.0+up0.1.0/values.yaml @@ -0,0 +1,103 @@ +# Default values for rancher-supportability-review. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +rancher: + secretName: "sr-api-details" + url: "" + token: "" + +s3: + useS3: false + useAwsS3: true + endpoint: "" + region: "" + bucket: "" + folder: "" + insecureTLSSkipVerify: false + accessKeyId: "" + secretAccessKey: "" + +image: + operator: + repository: ghcr.io/rancher/supportability-review-operator + tag: latest + collector: + repository: ghcr.io/rancher/supportability-review + tag: latest + analyzer: + repository: ghcr.io/rancher/supportability-review-internal + tag: latest + appFrontend: + repository: docker.io/masap20220915/supportability-review-app-frontend + tag: dev + pullPolicy: Always + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: [] +# - name: foo +# secret: +# secretName: mysecret +# optional: false + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: [] +# - name: foo +# mountPath: "/etc/foo" +# readOnly: true + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/index.yaml b/index.yaml index d885a91967..cc923b183b 100755 --- a/index.yaml +++ b/index.yaml @@ -21473,6 +21473,48 @@ entries: urls: - assets/rancher-pushprox/rancher-pushprox-102.0.0.tgz version: 102.0.0 + rancher-supportability-review: + - annotations: + catalog.cattle.io/auto-install: rancher-supportability-review-crd=match + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: Supportability Review + catalog.cattle.io/kube-version: '>=1.18.0-0 < 1.33.0-0' + catalog.cattle.io/namespace: sr-operator-system + catalog.cattle.io/os: linux + catalog.cattle.io/permits-os: linux + catalog.cattle.io/provides-gvr: sr.cattle.io.reviewbundles/v1 + catalog.cattle.io/rancher-version: '>= 2.10.0 < 2.11.0' + catalog.cattle.io/release-name: rancher-supportability-review + catalog.cattle.io/type: cluster-tool + catalog.cattle.io/ui-component: rancher-supportability-review + apiVersion: v1 + appVersion: 0.1.0 + created: "2025-01-28T14:57:15.354558556+09:00" + description: The rancher-supportability-review operator enables the functionality + of Supportability Reviews for Rancher. + digest: 6ef04f573da6f477095fe8f790e144da815a6251aee2d6938d72c9df70001e1e + icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg + keywords: + - support + name: rancher-supportability-review + urls: + - assets/rancher-supportability-review/rancher-supportability-review-105.0.0+up0.1.0.tgz + version: 105.0.0+up0.1.0 + rancher-supportability-review-crd: + - annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/hidden: "true" + catalog.cattle.io/namespace: sr-operator-system + catalog.cattle.io/release-name: rancher-supportability-review-crd + apiVersion: v1 + created: "2025-01-28T15:01:33.186674343+09:00" + description: Installs the CRDs for rancher-supportability-review. + digest: a1b50fcd3b261905865d6744fcc1232836332f3f126f00b855abb611f7839ab3 + name: rancher-supportability-review-crd + type: application + urls: + - assets/rancher-supportability-review-crd/rancher-supportability-review-crd-105.0.0+up0.1.0.tgz + version: 105.0.0+up0.1.0 rancher-vsphere-cpi: - annotations: catalog.cattle.io/certified: rancher diff --git a/packages/rancher-supportability-review/charts/Chart.yaml b/packages/rancher-supportability-review/charts/Chart.yaml new file mode 100644 index 0000000000..2a6c06c9c9 --- /dev/null +++ b/packages/rancher-supportability-review/charts/Chart.yaml @@ -0,0 +1,22 @@ +annotations: + catalog.cattle.io/auto-install: rancher-supportability-review-crd=match + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: Supportability Review + catalog.cattle.io/kube-version: '>=1.18.0-0 < 1.33.0-0' + catalog.cattle.io/namespace: sr-operator-system + catalog.cattle.io/os: linux + catalog.cattle.io/permits-os: linux + catalog.cattle.io/provides-gvr: sr.cattle.io.reviewbundles/v1 + catalog.cattle.io/rancher-version: '>= 2.10.0 < 2.11.0' + catalog.cattle.io/release-name: rancher-supportability-review + catalog.cattle.io/type: cluster-tool + catalog.cattle.io/ui-component: rancher-supportability-review +apiVersion: v1 +appVersion: 0.1.0 +description: The rancher-supportability-review operator enables the functionality + of Supportability Reviews for Rancher. +icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg +keywords: +- support +name: rancher-supportability-review +version: 105.0.0+up0.1.0 diff --git a/packages/rancher-supportability-review/charts/README.md b/packages/rancher-supportability-review/charts/README.md new file mode 100644 index 0000000000..f23e157e65 --- /dev/null +++ b/packages/rancher-supportability-review/charts/README.md @@ -0,0 +1,9 @@ +# Rancher Supportability Review Chart + +The supportability-review-operator enables running Supportability Reviews. + +# Installation + +``` +helm install rancher-supportability-review ./ --create-namespace -n sr-operator-system +``` diff --git a/packages/rancher-supportability-review/charts/app-readme.md b/packages/rancher-supportability-review/charts/app-readme.md new file mode 100644 index 0000000000..d25a2fd1fc --- /dev/null +++ b/packages/rancher-supportability-review/charts/app-readme.md @@ -0,0 +1,3 @@ +# Rancher Supportability Review + +This chart is used for Supportability Review of Rancher. diff --git a/packages/rancher-supportability-review/charts/crds/reviewbundle.yaml b/packages/rancher-supportability-review/charts/crds/reviewbundle.yaml new file mode 100755 index 0000000000..c49cb0d41b --- /dev/null +++ b/packages/rancher-supportability-review/charts/crds/reviewbundle.yaml @@ -0,0 +1,126 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: reviewbundles.sr.cattle.io +spec: + group: sr.cattle.io + names: + kind: ReviewBundle + plural: reviewbundles + singular: reviewbundle + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .status.timestamp + name: Timestamp + type: string + name: v1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + debug: + type: boolean + dev: + type: boolean + excludeClusters: + items: + nullable: true + type: string + nullable: true + type: array + includeClusters: + items: + nullable: true + type: string + nullable: true + type: array + parallelCollection: + type: boolean + sonobuoyNamespace: + nullable: true + type: string + sonobuoyTimeout: + type: integer + tolerations: + items: + properties: + effect: + nullable: true + type: string + key: + nullable: true + type: string + operator: + nullable: true + type: string + tolerationSeconds: + nullable: true + type: integer + value: + nullable: true + type: string + type: object + nullable: true + type: array + type: object + status: + properties: + checkResult: + nullable: true + type: string + clusterCount: + type: integer + conditions: + items: + properties: + lastTransitionTime: + nullable: true + type: string + lastUpdateTime: + nullable: true + type: string + message: + nullable: true + type: string + reason: + nullable: true + type: string + status: + nullable: true + type: string + type: + nullable: true + type: string + type: object + nullable: true + type: array + display: + nullable: true + properties: + error: + type: boolean + message: + nullable: true + type: string + state: + nullable: true + type: string + transitioning: + type: boolean + type: object + fileName: + nullable: true + type: string + fileSize: + type: integer + timestamp: + nullable: true + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/packages/rancher-supportability-review/charts/questions.yaml b/packages/rancher-supportability-review/charts/questions.yaml new file mode 100644 index 0000000000..9b20f78565 --- /dev/null +++ b/packages/rancher-supportability-review/charts/questions.yaml @@ -0,0 +1,151 @@ +questions: +- variable: rancher.url + label: Rancher URL + default: "" + description: "The URL of the Rancher server." + type: string + required: true + group: Rancher Configuration + +- variable: rancher.token + label: Rancher Token + default: "" + description: "The access token for the Rancher server." + type: string + required: true + group: Rancher Configuration + +- variable: s3.useS3 + label: Upload bundle to S3 compatible storage + default: "false" + description: "Upload bundle to S3 compatible storage" + type: boolean + group: S3 Configuration + show_subquestion_if: true + subquestions: + - variable: s3.useAwsS3 + label: Use AWS S3 Endpoint + default: "true" + description: "Use AWS S3 Endpoint" + type: boolean + group: S3 Configuration + show_subquestion_if: false + subquestions: + - variable: s3.endpoint + label: S3 endpoint URL + default: "https://:" + description: "The URL of S3 endpoint." + type: string + required: true + + - variable: s3.region + label: Region + default: "us-east-2" + description: "Region" + type: string + required: true + group: S3 Configuration + + - variable: s3.bucket + label: Bucket name + default: "" + description: "Bucket name" + type: string + required: true + group: S3 Configuration + + - variable: s3.folder + label: Folder name + default: "" + description: "Folder name" + type: string + required: false + group: S3 Configuration + + - variable: s3.insecureTLSSkipVerify + label: Skip TLS Verifications + default: false + description: "Skip TLS Verifications" + type: boolean + required: true + group: S3 Configuration + + - variable: s3.accessKeyId + label: Access Key ID + default: "" + description: "Access Key ID" + type: string + required: true + group: S3 Configuration + + - variable: s3.secretAccessKey + label: Secret Access Key + default: "" + description: "Secret Access Key" + type: password + required: true + group: S3 Configuration + +- variable: image.collector.repository + label: SR Collector image Repository + default: "ghcr.io/rancher/supportability-review" + description: "The repository of SR Collector image." + type: string + required: false + group: Images + +- variable: image.collector.tag + label: SR Collector image Tag + default: "latest" + description: "The repository of SR Collector Tag." + type: string + required: false + group: Images + +- variable: image.analyzer.repository + label: SR Analyzer image Repository + default: "ghcr.io/rancher/supportability-review-internal" + description: "The repository of SR Analyzer image." + type: string + required: false + group: Images + +- variable: image.analyzer.tag + label: SR Analyzer image Tag + default: "latest" + description: "The tag of SR Analyzer image." + type: string + required: false + group: Images + +- variable: image.operator.repository + label: SR Operator image Repository + default: "ghcr.io/rancher/supportability-review-operator" + description: "The repository of SR Operator image." + type: string + required: false + group: Images + +- variable: image.operator.tag + label: SR Operator image tag + default: "latest" + description: "The tag of SR Operator image." + type: string + required: false + group: Images + +- variable: image.appFrontend.repository + label: App frontend image Repository + default: "docker.io/masap20220915/supportability-review-app-frontend" + description: "The repository of App frontend image." + type: string + required: false + group: Images + +- variable: image.appFrontend.tag + label: App frontend image tag + default: "dev" + description: "The tag of App frontend image." + type: string + required: false + group: Images diff --git a/packages/rancher-supportability-review/charts/templates/_helpers.tpl b/packages/rancher-supportability-review/charts/templates/_helpers.tpl new file mode 100644 index 0000000000..2ac0008495 --- /dev/null +++ b/packages/rancher-supportability-review/charts/templates/_helpers.tpl @@ -0,0 +1,90 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "rancher-supportability-review.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "rancher-supportability-review.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "rancher-supportability-review.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "rancher-supportability-review.labels" -}} +helm.sh/chart: {{ include "rancher-supportability-review.chart" . }} +{{ include "rancher-supportability-review.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "rancher-supportability-review.selectorLabels" -}} +app.kubernetes.io/name: {{ include "rancher-supportability-review.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "rancher-supportability-review.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "rancher-supportability-review.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* Ensure namespace is set the same everywhere */}} +{{- define "sr.namespace" -}} + {{- .Release.Namespace | default "sr-operator-system" -}} +{{- end -}} + +{{- define "system_default_registry" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} + +{{/* +Windows cluster will add default taint for linux nodes, +add below linux tolerations to workloads could be scheduled to those linux nodes +*/}} +{{- define "linux-node-tolerations" -}} +- key: "cattle.io/os" + value: "linux" + effect: "NoSchedule" + operator: "Equal" +{{- end -}} + +{{- define "linux-node-selector" -}} +kubernetes.io/os: linux +{{- end -}} diff --git a/packages/rancher-supportability-review/charts/templates/app-frontend-resource.yaml b/packages/rancher-supportability-review/charts/templates/app-frontend-resource.yaml new file mode 100644 index 0000000000..32a4062096 --- /dev/null +++ b/packages/rancher-supportability-review/charts/templates/app-frontend-resource.yaml @@ -0,0 +1,45 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: sr-bundle-app-frontend-deployment + namespace: sr-operator-system +spec: + replicas: 1 + selector: + matchLabels: + sr-app: app-frontend + template: + metadata: + labels: + sr-app: app-frontend + spec: + containers: + - image: {{ .Values.image.appFrontend.repository }}:{{ .Values.image.appFrontend.tag }} + imagePullPolicy: Always + name: app-frontend + ports: + - containerPort: 80 + resources: + requests: + memory: "1Gi" + cpu: "100m" + ephemeral-storage: "10Gi" + limits: + memory: "1Gi" + cpu: "100m" + ephemeral-storage: "10Gi" + nodeSelector: + kubernetes.io/os: linux +--- +apiVersion: v1 +kind: Service +metadata: + name: sr-bundle-app-frontend-service + namespace: sr-operator-system +spec: + ports: + - port: 80 + protocol: TCP + targetPort: 80 + selector: + sr-app: app-frontend diff --git a/packages/rancher-supportability-review/charts/templates/clusterrole.yaml b/packages/rancher-supportability-review/charts/templates/clusterrole.yaml new file mode 100644 index 0000000000..9fda2aea28 --- /dev/null +++ b/packages/rancher-supportability-review/charts/templates/clusterrole.yaml @@ -0,0 +1,8 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "rancher-supportability-review.fullname" . }}-cr +rules: +- apiGroups: ["*"] + resources: ["*"] + verbs: ["*"] diff --git a/packages/rancher-supportability-review/charts/templates/clusterrolebinding.yaml b/packages/rancher-supportability-review/charts/templates/clusterrolebinding.yaml new file mode 100644 index 0000000000..e329c7ecee --- /dev/null +++ b/packages/rancher-supportability-review/charts/templates/clusterrolebinding.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "rancher-supportability-review.fullname" . }}-crb +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "rancher-supportability-review.fullname" . }}-cr +subjects: +- kind: ServiceAccount + name: {{ include "rancher-supportability-review.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} diff --git a/packages/rancher-supportability-review/charts/templates/db-resource.yaml b/packages/rancher-supportability-review/charts/templates/db-resource.yaml new file mode 100644 index 0000000000..17cb6b5b46 --- /dev/null +++ b/packages/rancher-supportability-review/charts/templates/db-resource.yaml @@ -0,0 +1,49 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: sr-bundle-db-deployment + namespace: sr-operator-system +spec: + replicas: 1 + selector: + matchLabels: + sr-app: db + template: + metadata: + labels: + sr-app: db + spec: + containers: + - args: + - --maxmemory + - 1gb + - --maxmemory-policy + - noeviction + image: redis:7.4.1 + name: redis + ports: + - containerPort: 6379 + resources: + requests: + memory: "1Gi" + cpu: "100m" + ephemeral-storage: "10Gi" + limits: + memory: "1Gi" + cpu: "100m" + ephemeral-storage: "10Gi" + nodeSelector: + kubernetes.io/os: linux +--- +apiVersion: v1 +kind: Service +metadata: + name: sr-bundle-db-service + namespace: sr-operator-system +spec: + ports: + - port: 6379 + protocol: TCP + targetPort: 6379 + selector: + sr-app: db diff --git a/packages/rancher-supportability-review/charts/templates/deployment.yaml b/packages/rancher-supportability-review/charts/templates/deployment.yaml new file mode 100644 index 0000000000..8616bc644a --- /dev/null +++ b/packages/rancher-supportability-review/charts/templates/deployment.yaml @@ -0,0 +1,60 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "rancher-supportability-review.fullname" . }} + labels: + {{- include "rancher-supportability-review.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "rancher-supportability-review.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "rancher-supportability-review.labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "rancher-supportability-review.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + containers: + - name: {{ .Chart.Name }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + image: "{{ .Values.image.operator.repository }}:{{ .Values.image.operator.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/packages/rancher-supportability-review/charts/templates/network_policy_allow_all.yaml b/packages/rancher-supportability-review/charts/templates/network_policy_allow_all.yaml new file mode 100644 index 0000000000..926ceea6de --- /dev/null +++ b/packages/rancher-supportability-review/charts/templates/network_policy_allow_all.yaml @@ -0,0 +1,13 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: default-allow-all +spec: + podSelector: {} + ingress: + - {} + egress: + - {} + policyTypes: + - Ingress + - Egress diff --git a/packages/rancher-supportability-review/charts/templates/secret.yaml b/packages/rancher-supportability-review/charts/templates/secret.yaml new file mode 100644 index 0000000000..3a401f445a --- /dev/null +++ b/packages/rancher-supportability-review/charts/templates/secret.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Values.rancher.secretName }} + namespace: {{ .Release.Namespace }} +type: Opaque +stringData: + url: {{ .Values.rancher.url }} + token: {{ .Values.rancher.token }} + srImageRepository: {{ .Values.image.collector.repository }}:{{ .Values.image.collector.tag }} + analyzerImageRepository: {{ .Values.image.analyzer.repository }}:{{ .Values.image.analyzer.tag }} + s3UseS3: {{ .Values.s3.useS3 | quote }} + s3Endpoint: {{ .Values.s3.endpoint }} + s3Region: {{ .Values.s3.region }} + s3Bucket: {{ .Values.s3.bucket }} + s3Folder: {{ .Values.s3.folder }} + s3InsecureTLSSkipVerify: {{ .Values.s3.insecureTLSSkipVerify | quote }} + s3AccessKeyId: {{ .Values.s3.accessKeyId }} + s3SecretAccessKey: {{ .Values.s3.secretAccessKey }} diff --git a/packages/rancher-supportability-review/charts/templates/serviceaccount.yaml b/packages/rancher-supportability-review/charts/templates/serviceaccount.yaml new file mode 100644 index 0000000000..64e565e5a5 --- /dev/null +++ b/packages/rancher-supportability-review/charts/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "rancher-supportability-review.serviceAccountName" . }} + labels: + {{- include "rancher-supportability-review.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automount }} +{{- end }} diff --git a/packages/rancher-supportability-review/charts/values.yaml b/packages/rancher-supportability-review/charts/values.yaml new file mode 100644 index 0000000000..39a04e47bf --- /dev/null +++ b/packages/rancher-supportability-review/charts/values.yaml @@ -0,0 +1,103 @@ +# Default values for rancher-supportability-review. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +rancher: + secretName: "sr-api-details" + url: "" + token: "" + +s3: + useS3: false + useAwsS3: true + endpoint: "" + region: "" + bucket: "" + folder: "" + insecureTLSSkipVerify: false + accessKeyId: "" + secretAccessKey: "" + +image: + operator: + repository: ghcr.io/rancher/supportability-review-operator + tag: latest + collector: + repository: ghcr.io/rancher/supportability-review + tag: latest + analyzer: + repository: ghcr.io/rancher/supportability-review-internal + tag: latest + appFrontend: + repository: docker.io/masap20220915/supportability-review-app-frontend + tag: dev + pullPolicy: Always + +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" + +serviceAccount: + # Specifies whether a service account should be created + create: true + # Automatically mount a ServiceAccount's API credentials? + automount: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +podAnnotations: {} +podLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 100 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +# Additional volumes on the output Deployment definition. +volumes: [] +# - name: foo +# secret: +# secretName: mysecret +# optional: false + +# Additional volumeMounts on the output Deployment definition. +volumeMounts: [] +# - name: foo +# mountPath: "/etc/foo" +# readOnly: true + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/packages/rancher-supportability-review/package.yaml b/packages/rancher-supportability-review/package.yaml new file mode 100644 index 0000000000..c7e6ed0875 --- /dev/null +++ b/packages/rancher-supportability-review/package.yaml @@ -0,0 +1,8 @@ +url: local +version: 105.0.0+up0.1.0 +additionalCharts: + - workingDir: charts-crd + crdOptions: + templateDirectory: crd-template + crdDirectory: templates + addCRDValidationToMainChart: true diff --git a/packages/rancher-supportability-review/templates/crd-template/Chart.yaml b/packages/rancher-supportability-review/templates/crd-template/Chart.yaml new file mode 100644 index 0000000000..dd933be61f --- /dev/null +++ b/packages/rancher-supportability-review/templates/crd-template/Chart.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +version: 105.0.0+up0.1.0 +description: Installs the CRDs for rancher-supportability-review. +name: rancher-supportability-review-crd +type: application +annotations: + catalog.cattle.io/hidden: "true" + catalog.cattle.io/release-name: rancher-supportability-review-crd + catalog.cattle.io/certified: rancher + catalog.cattle.io/namespace: sr-operator-system diff --git a/packages/rancher-supportability-review/templates/crd-template/README.md b/packages/rancher-supportability-review/templates/crd-template/README.md new file mode 100644 index 0000000000..75a817d3b3 --- /dev/null +++ b/packages/rancher-supportability-review/templates/crd-template/README.md @@ -0,0 +1,2 @@ +# rancher-supportability-review-crd +A Rancher chart that installs the CRDs used by rancher-supportability-review. diff --git a/release.yaml b/release.yaml index 844c2f9308..6a625cab17 100644 --- a/release.yaml +++ b/release.yaml @@ -52,6 +52,10 @@ rancher-gke-operator: rancher-gke-operator-crd: - 103.7.0+up1.2.7 - 104.6.0+up1.9.6 +rancher-supportability-review: + - 105.0.0+up0.1.0 +rancher-supportability-review-crd: + - 105.0.0+up0.1.0 rancher-vsphere-csi: - 104.1.0+up3.3.1-rancher7 rancher-webhook: