Openshift Xray Helm and relocated to helm or operator folder

Openshift4/operator/artifactory-ha-operator/deploy/catalogsourceconfig.yaml

@@ -0,0 +1,8 @@
+apiVersion: operators.coreos.com/v1
+kind: CatalogSourceConfig
+metadata:
+  name: artifactory-ha-operator-csc
+  namespace: openshift-marketplace
+spec:
+  targetNamespace: jfrog-artifactory
+  packages: artifactory-ha-operator

Openshift4/operator/artifactory-ha-operator/deploy/crds/charts.helm.k8s.io_openshiftartifactoryhas_crd.yaml

@@ -0,0 +1,23 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: openshiftartifactoryhas.charts.helm.k8s.io
+spec:
+  group: charts.helm.k8s.io
+  names:
+    kind: OpenshiftArtifactoryHa
+    listKind: OpenshiftArtifactoryHaList
+    plural: openshiftartifactoryhas
+    singular: openshiftartifactoryha
+  scope: Namespaced
+  subresources:
+    status: {}
+  validation:
+    openAPIV3Schema:
+      type: object
+      x-kubernetes-preserve-unknown-fields: true
+  version: v1alpha1
+  versions:
+  - name: v1alpha1
+    served: true
+    storage: true

Openshift4/operator/artifactory-ha-operator/deploy/crds/charts.helm.k8s.io_v1alpha1_openshiftartifactoryha_cr.yaml

@@ -0,0 +1,97 @@
+apiVersion: charts.helm.k8s.io/v1alpha1
+kind: OpenshiftArtifactoryHa
+metadata:
+  name: openshiftartifactoryha
+spec:
+  artifactory-ha:
+    database:
+      type: "OVERRIDE"
+      driver: "OVERRIDE"
+      url: "OVERRIDE"
+      user: "OVERRIDE"
+      password: "OVERRIDE"
+    initContainerImage: registry.connect.redhat.com/jfrog/init:1.0.1
+    waitForDatabase: true
+    installerInfo: '{ "productId": "Openshift_artifactory-ha/{{ .Chart.Version }}", "features": [ { "featureId": "ArtifactoryVersion/{{ default .Chart.AppVersion .Values.artifactory.image.version }}" }, { "featureId": "{{ if .Values.postgresql.enabled }}postgresql{{ else }}{{ .Values.database.type }}{{ end }}/0.0.0" }, { "featureId": "Platform/Openshift" }, { "featureId": "Partner/ACC-006983" }, { "featureId": "Channel/Openshift" } ] }'
+    artifactory:
+      uid: "1000721030"
+      ## Change to use RH UBI images
+      image:
+        registry: registry.connect.redhat.com
+        repository: jfrog/artifactory-pro
+        tag: 7.9.0
+      node:
+        replicaCount: 2
+        waitForPrimaryStartup:
+          enabled: false
+      masterKey: "OVERRIDE"
+      joinKey: "OVERRIDE"
+    postgresql:
+      enabled: false
+    nginx:
+      uid: "1000720104"
+      gid: "1000720107"
+      image:
+        registry: registry.redhat.io
+        repository: rhel8/nginx-116
+        tag: latest
+      ## K8S secret name for the TLS secret to be used for SSL
+      tlsSecretName: "OVERRIDE"
+      service:
+        ssloffload: false
+      http:
+        externalPort: 80
+        internalPort: 8080
+      https:
+        externalPort: 443
+        internalPort: 8443
+      mainConf: |
+        # Main Nginx configuration file
+        worker_processes  4;
+        error_log  {{ .Values.nginx.persistence.mountPath }}/logs//error.log warn;
+        pid        /tmp/nginx.pid;
+        events {
+          worker_connections  1024;
+        }
+        http {
+          include       /etc/nginx/mime.types;
+          default_type  application/octet-stream;
+          variables_hash_max_size 1024;
+          variables_hash_bucket_size 64;
+          server_names_hash_max_size 4096;
+          server_names_hash_bucket_size 128;
+          types_hash_max_size 2048;
+          types_hash_bucket_size 64;
+          proxy_read_timeout 2400s;
+          client_header_timeout 2400s;
+          client_body_timeout 2400s;
+          proxy_connect_timeout 75s;
+          proxy_send_timeout 2400s;
+          proxy_buffer_size 32k;
+          proxy_buffers 40 32k;
+          proxy_busy_buffers_size 64k;
+          proxy_temp_file_write_size 250m;
+          proxy_http_version 1.1;
+          client_body_buffer_size 128k;
+          log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+          '$status $body_bytes_sent "$http_referer" '
+          '"$http_user_agent" "$http_x_forwarded_for"';
+          log_format timing 'ip = $remote_addr '
+          'user = \"$remote_user\" '
+          'local_time = \"$time_local\" '
+          'host = $host '
+          'request = \"$request\" '
+          'status = $status '
+          'bytes = $body_bytes_sent '
+          'upstream = \"$upstream_addr\" '
+          'upstream_time = $upstream_response_time '
+          'request_time = $request_time '
+          'referer = \"$http_referer\" '
+          'UA = \"$http_user_agent\"';
+          access_log  {{ .Values.nginx.persistence.mountPath }}/logs/access.log  timing;
+          sendfile        on;
+          #tcp_nopush     on;
+          keepalive_timeout  65;
+          #gzip  on;
+          include {{ .Values.nginx.persistence.mountPath }}/conf.d/*.conf;
+        }

Openshift4/operator/artifactory-ha-operator/deploy/namespace.yaml

@@ -0,0 +1,4 @@
+kind: Namespace
+apiVersion: v1
+metadata:
+  name: jfrog-artifactory

Openshift4/operator/artifactory-ha-operator/deploy/olm-catalog/artifactory-ha-operator/artifactory-ha-operator.package.yaml

@@ -0,0 +1,5 @@
+channels:
+- currentCSV: artifactory-ha-operator.v1.0.0
+  name: alpha
+defaultChannel: alpha
+packageName: artifactory-ha-operator

Openshift4/operator/artifactory-ha-operator/deploy/operator.yaml

@@ -0,0 +1,34 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: artifactory-ha-operator
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      name: artifactory-ha-operator
+  template:
+    metadata:
+      labels:
+        name: artifactory-ha-operator
+    spec:
+      serviceAccountName: artifactory-ha-operator
+      containers:
+        - name: artifactory-ha-operator
+          image: registry.connect.redhat.com/jfrog/artifactory-operator
+          imagePullPolicy: Always
+          env:
+            - name: WATCH_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.namespace
+            - name: POD_NAME
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.name
+            - name: OPERATOR_NAME
+              value: "artifactory-ha-operator"
+            - name: RELATED_IMAGE_ARTIFACTORY_IMAGE_REPOSITORY
+              value: "registry.connect.redhat.com/jfrog/artifactory-pro"
+            - name: RELATED_IMAGE_NGINX_IMAGE_REPOSITORY
+              value: "registry.redhat.io/rhel8/nginx-116"

Openshift4/operator/artifactory-ha-operator/deploy/operatorgroup.yaml

@@ -0,0 +1,8 @@
+apiVersion: operators.coreos.com/v1alpha2
+kind: OperatorGroup
+metadata:
+  name: jfrog-operator-group
+  namespace: jfrog-artifactory
+spec:
+  targetNamespaces:
+  - jfrog-artifactory

Openshift4/operator/artifactory-ha-operator/deploy/project.yaml

@@ -0,0 +1,89 @@
+apiVersion: template.openshift.io/v1
+kind: Template
+metadata:
+  creationTimestamp: null
+  name: project-request
+objects:
+- apiVersion: project.openshift.io/v1
+  kind: Project
+  metadata:
+    annotations:
+      openshift.io/description: JFrog Artifactory
+      openshift.io/display-name: jfrog-artifactory
+      openshift.io/requester: integrations@jfrog.com
+    creationTimestamp: null
+    name: jfrog-artifactory
+  spec: {}
+  status: {}
+- apiVersion: rbac.authorization.k8s.io/v1
+  kind: RoleBinding
+  metadata:
+    annotations:
+      openshift.io/description: Allows all pods in this namespace to pull images from
+        this namespace.  It is auto-managed by a controller; remove subjects to disable.
+    creationTimestamp: null
+    name: system:image-pullers
+    namespace: jfrog-artifactory
+  roleRef:
+    apiGroup: rbac.authorization.k8s.io
+    kind: ClusterRole
+    name: system:image-puller
+  subjects:
+  - apiGroup: rbac.authorization.k8s.io
+    kind: Group
+    name: system:serviceaccounts:jfrog-artifactory
+- apiVersion: rbac.authorization.k8s.io/v1
+  kind: RoleBinding
+  metadata:
+    annotations:
+      openshift.io/description: Allows builds in this namespace to push images to
+        this namespace.  It is auto-managed by a controller; remove subjects to disable.
+    creationTimestamp: null
+    name: system:image-builders
+    namespace: jfrog-artifactory
+  roleRef:
+    apiGroup: rbac.authorization.k8s.io
+    kind: ClusterRole
+    name: system:image-builder
+  subjects:
+  - kind: ServiceAccount
+    name: builder
+    namespace: jfrog-artifactory
+- apiVersion: rbac.authorization.k8s.io/v1
+  kind: RoleBinding
+  metadata:
+    annotations:
+      openshift.io/description: Allows deploymentconfigs in this namespace to rollout
+        pods in this namespace.  It is auto-managed by a controller; remove subjects
+        to disable.
+    creationTimestamp: null
+    name: system:deployers
+    namespace: jfrog-artifactory
+  roleRef:
+    apiGroup: rbac.authorization.k8s.io
+    kind: ClusterRole
+    name: system:deployer
+  subjects:
+  - kind: ServiceAccount
+    name: deployer
+    namespace: jfrog-artifactory
+- apiVersion: rbac.authorization.k8s.io/v1
+  kind: RoleBinding
+  metadata:
+    creationTimestamp: null
+    name: admin
+    namespace: jfrog-artifactory
+  roleRef:
+    apiGroup: rbac.authorization.k8s.io
+    kind: ClusterRole
+    name: admin
+  subjects:
+  - apiGroup: rbac.authorization.k8s.io
+    kind: User
+    name: kubeadmin
+parameters:
+- name: PROJECT_NAME
+- name: PROJECT_DISPLAYNAME
+- name: PROJECT_DESCRIPTION
+- name: PROJECT_ADMIN_USER
+- name: PROJECT_REQUESTING_USER

Openshift4/operator/artifactory-ha-operator/deploy/role.yaml

@@ -0,0 +1,119 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  creationTimestamp: null
+  name: artifactory-ha-operator
+rules:
+- apiGroups:
+    - ""
+  resources:
+    - pods
+    - services
+    - services/finalizers
+    - endpoints
+    - persistentvolumeclaims
+    - events
+    - configmaps
+    - secrets
+    - serviceaccounts
+  verbs:
+    - create
+    - delete
+    - get
+    - list
+    - patch
+    - update
+    - watch
+- apiGroups:
+    - apps
+  resources:
+    - deployments
+    - daemonsets
+    - replicasets
+    - statefulsets
+  verbs:
+    - create
+    - delete
+    - get
+    - list
+    - patch
+    - update
+    - watch
+- apiGroups:
+    - ""
+  resources:
+    - namespaces
+  verbs:
+    - get
+- apiGroups:
+    - ""
+  resourceNames:
+    - artifactory-ha-operator
+  resources:
+    - '*'
+  verbs:
+    - '*'
+- apiGroups:
+    - ""
+  resources:
+    - events
+  verbs:
+    - create
+- apiGroups:
+    - monitoring.coreos.com
+  resources:
+    - servicemonitors
+  verbs:
+    - get
+    - create
+- apiGroups:
+    - apps
+  resourceNames:
+    - artifactory-ha-operator
+  resources:
+    - deployments/finalizers
+  verbs:
+    - update
+- apiGroups:
+    - ""
+  resources:
+    - pods
+  verbs:
+    - get
+- apiGroups:
+    - apps
+  resources:
+    - replicasets
+    - deployments
+  verbs:
+    - get
+- apiGroups:
+    - charts.helm.k8s.io
+  resources:
+    - '*'
+  verbs:
+    - create
+    - delete
+    - get
+    - list
+    - patch
+    - update
+    - watch
+- apiGroups:
+    - networking.k8s.io
+  resources:
+    - '*'
+  verbs:
+    - '*'
+- apiGroups:
+    - policy
+  resources:
+    - '*'
+  verbs:
+    - '*'
+- apiGroups:
+    - 'rbac.authorization.k8s.io'
+  resources:
+    - '*'
+  verbs:
+    - '*'

Openshift4/operator/artifactory-ha-operator/deploy/role_binding.yaml

@@ -0,0 +1,11 @@
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: artifactory-ha-operator
+subjects:
+- kind: ServiceAccount
+  name: artifactory-ha-operator
+roleRef:
+  kind: Role
+  name: artifactory-ha-operator
+  apiGroup: rbac.authorization.k8s.io

Openshift4/operator/artifactory-ha-operator/deploy/service_account.yaml

@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: artifactory-ha-operator

Openshift4/operator/artifactory-ha-operator/deploy/subscription.yaml

@@ -0,0 +1,10 @@
+apiVersion: operators.coreos.com/v1alpha1
+kind: Subscription
+metadata:
+  name: artifactory-ha-operator
+  namespace: jfrog-artifactory
+spec:
+  channel: alpha
+  name: artifactory-ha-operator
+  source: artifactory-ha-operator-csc
+  sourceNamespace: openshift-operators