Merge pull request #45 from jfrog/openshift4

Openshift4 Artifactory Operator v1.1.0 and Openshift Pipelines Helm Chart

Openshift4/helm/openshift-artifactory-ha/CHANGELOG.md

@@ -1,6 +1,12 @@
 # JFrog  Openshift Artifactory-ha Chart Changelog
 All changes to this chart will be documented in this file.
 
+## [4.1.0] - Sept 30, 2020
+* Updating to latest jfrog/artifactory-ha helm chart version 4.1.0 artifactory version 7.9.0
+
+## [3.1.0] - Aug 17, 2020
+* Updating to latest jfrog/artifactory-ha helm chart version 3.1.0 artifactory version 7.7.3
+
 ## [3.0.5] - Jul 16, 2020
 * Updating to latest jfrog/artifactory helm chart version 3.0.5 artifactory version 7.6.3
 

Openshift4/helm/openshift-artifactory-ha/Chart.yaml

@@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: 7.6.3
+appVersion: 7.9.0
 description: Openshift JFrog Artifactory HA subcharting Artifactory HA to work in Openshift environment
 home: https://www.jfrog.com/artifactory/
 icon: https://raw.githubusercontent.com/jfrog/charts/master/stable/artifactory-ha/logo/artifactory-logo.png
@@ -16,4 +16,4 @@ name: openshift-artifactory-ha
 sources:
 - https://bintray.com/jfrog/product/JFrog-Artifactory-Pro/view
 - https://github.com/jfrog/charts
-version: 3.0.5
+version: 4.1.0

Openshift4/helm/openshift-artifactory-ha/helminstall.sh

@@ -51,5 +51,7 @@ helm install artifactory-ha . \
                --set artifactory-ha.database.driver=org.postgresql.Driver \
                --set artifactory-ha.database.url=jdbc:postgresql://postgres-postgresql:5432/artifactory \
                --set artifactory-ha.database.user=artifactory \
-               --set artifactory-ha.database.password=password
+               --set artifactory-ha.database.password=password \
+               --set artifactory-ha.artifactory.joinKey=EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE \
+               --set artifactory-ha.artifactory.masterKey=FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
 

Openshift4/helm/openshift-artifactory-ha/requirements.lock

@@ -0,0 +1,6 @@
+dependencies:
+- name: artifactory-ha
+  repository: https://charts.jfrog.io/
+  version: 4.1.0
+digest: sha256:8df1fd70eeabbb7687da0dd534d2161a413389ec40f331d5eb8e95ae50119222
+generated: "2020-09-30T12:30:08.142288-07:00"

Openshift4/helm/openshift-artifactory-ha/requirements.yaml

@@ -1,4 +1,4 @@
 dependencies:
   - name: artifactory-ha
-    version: 3.0.5
+    version: 4.1.0
     repository: https://charts.jfrog.io/

Openshift4/helm/openshift-artifactory-ha/values.yaml

@@ -12,41 +12,31 @@ artifactory-ha:
     url: "OVERRIDE"
     user: "OVERRIDE"
     password: "OVERRIDE"
-  initContainerImage: registry.redhat.io/ubi8-minimal
-  waitForDatabase: false
+  initContainerImage: registry.connect.redhat.com/jfrog/init:1.0.1
+  waitForDatabase: true
   installerInfo: '{ "productId": "Openshift_artifactory-ha/{{ .Chart.Version }}", "features": [ { "featureId": "ArtifactoryVersion/{{ default .Chart.AppVersion .Values.artifactory.image.version }}" }, { "featureId": "{{ if .Values.postgresql.enabled }}postgresql{{ else }}{{ .Values.database.type }}{{ end }}/0.0.0" }, { "featureId": "Platform/Openshift" }, { "featureId": "Partner/ACC-006983" }, { "featureId": "Channel/Openshift" } ] }'
   artifactory:
-    ## Add custom init containers execution before predefined init containers
-    customInitContainersBegin: |
-      - name: "redhat-custom-setup"
-        #image: "{{ .Values.initContainerImage }}"
-        image: {{ index .Values "initContainerImage" }}
-        imagePullPolicy: "{{ .Values.artifactory.image.pullPolicy }}"
-        command:
-          - 'sh'
-          - '-c'
-          - 'chown -R 1030:1030 {{ .Values.artifactory.persistence.mountPath }}'
-        securityContext:
-            runAsUser: 0
-        volumeMounts:
-          - mountPath: "{{ .Values.artifactory.persistence.mountPath }}"
-            name: volume
+    uid: "1000721030"
     ## Change to use RH UBI images
     image:
-      repository: registry.connect.redhat.com/jfrog/artifactory-pro
-      version: 7.6.3
+      registry: registry.connect.redhat.com
+      repository: jfrog/artifactory-pro
+      tag: 7.9.0
     node:
       replicaCount: 2
       waitForPrimaryStartup:
         enabled: false
-    masterKey: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
-    joinKey: EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE
+    masterKey: "OVERRIDE"
+    joinKey: "OVERRIDE"
   postgresql:
     enabled: false
   nginx:
+    uid: "1000720104"
+    gid: "1000720107"
     image:
-      repository: registry.redhat.io/rhel8/nginx-116
-      version: latest
+      registry: registry.redhat.io
+      repository: rhel8/nginx-116
+      tag: latest
     ## K8S secret name for the TLS secret to be used for SSL
     tlsSecretName: "OVERRIDE"
     service:

Openshift4/helm/openshift-pipelines/CHANGELOG.md

@@ -0,0 +1,5 @@
+# JFrog  Openshift Pipelines Chart Changelog
+All changes to this chart will be documented in this file.
+
+## [1.4.5] Sept 21, 2020
+* Adding Openshift Pipelines helm chart version 1.4.5 app version 1.7.2

Openshift4/helm/openshift-pipelines/Chart.yaml

@@ -0,0 +1,16 @@
+apiVersion: v1
+appVersion: 1.7.2
+description: A Helm chart for JFrog Pipelines
+home: https://jfrog.com/pipelines/
+icon: https://raw.githubusercontent.com/jfrog/charts/master/stable/pipelines/icon/pipelines-logo.png
+keywords:
+  - pipelines
+  - jfrog
+  - devops
+maintainers:
+- email: vinaya@jfrog.com
+  name: Vinay Aggarwal
+- email: johnp@jfrog.com
+  name: John Peterson
+name: openshift-pipelines
+version: 1.4.5

Openshift4/helm/openshift-pipelines/README.md

@@ -0,0 +1,223 @@
+# JFrog Pipelines on Kubernetes Helm Chart
+
+[JFrog Pipelines](https://jfrog.com/pipelines/)
+
+## Prerequisites Details
+
+* Kubernetes 1.12+
+
+## Chart Details
+
+This chart will do the following:
+
+- Deploy PostgreSQL (optionally with an external PostgreSQL instance)
+- Deploy RabbitMQ (optionally as an HA cluster)
+- Deploy Redis (optionally as an HA cluster)
+- Deploy Vault (optionally as an HA cluster)
+- Deploy JFrog Pipelines
+
+## Requirements
+
+- A running Kubernetes cluster
+  - Dynamic storage provisioning enabled
+  - Default StorageClass set to allow services using the default StorageClass for persistent storage
+- A running Artifactory 7.7.x with Enterprise+ License
+  - Precreated repository `jfrogpipelines` in Artifactory type `Generic` with layout `maven-2-default`
+- [Kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) installed and setup to use the cluster
+- [Helm](https://helm.sh/) v2 or v3 installed
+
+
+## Install JFrog Pipelines
+
+### Add ChartCenter Helm repository
+
+Before installing JFrog helm charts, you need to add the [ChartCenter helm repository](https://chartcenter.io) to your helm client
+
+```bash
+helm repo add center https://repo.chartcenter.io
+helm repo update
+```
+
+### Artifactory Connection Details
+
+In order to connect Pipelines to your Artifactory installation, you have to use a Join Key, hence it is *MANDATORY* to provide a Join Key and Jfrog Url to your Pipelines installation. Here's how you do that:
+
+Retrieve the connection details of your Artifactory installation, from the UI - https://www.jfrog.com/confluence/display/JFROG/General+Security+Settings#GeneralSecuritySettings-ViewingtheJoinKey.
+
+### Install Pipelines Chart with Ingress
+
+#### Pre-requisites
+
+Before deploying Pipelines you need to have the following
+- A running Kubernetes cluster
+- An [Artifactory ](https://hub.helm.sh/charts/jfrog/artifactory) or [Artifactory HA](https://hub.helm.sh/charts/jfrog/artifactory-ha) with Enterprise+ License
+  - Precreated repository `jfrogpipelines` in Artifactiry type `Generic` with layout `maven-2-default`
+- Deployed [Nginx-ingress controller](https://hub.helm.sh/charts/stable/nginx-ingress)
+- [Optional] Deployed [Cert-manager](https://hub.helm.sh/charts/jetstack/cert-manager) for automatic management of TLS certificates with [Lets Encrypt](https://letsencrypt.org/)
+- [Optional] TLS secret needed for https access
+
+#### Prepare configurations
+
+Fetch the JFrog Pipelines helm chart to get the needed configuration files
+
+```bash
+helm fetch center/jfrog/pipelines --untar
+```
+
+Edit local copies of `values-ingress.yaml`, `values-ingress-passwords.yaml` and `values-ingress-external-secret.yaml` with the needed configuration values 
+
+- URLs in `values-ingress.yaml`
+  - Artifactory URL
+  - Ingress hosts
+  - Ingress tls secrets
+- Passwords `uiUserPassword`, `postgresqlPassword` and `rabbitmq.password` must be set, and same for `masterKey` and `joinKey` in `values-ingress-passwords.yaml`
+
+#### Install JFrog Pipelines
+
+Install JFrog Pipelines
+
+```bash
+kubectl create ns pipelines
+helm upgrade --install pipelines --namespace pipelines center/jfrog/pipelines -f pipelines/values-ingress.yaml -f pipelines/values-ingress-passwords.yaml
+```
+
+### Use external secret
+
+**Note:** Best practice is to use external secrets instead of storing passwords in `values.yaml` files.
+
+Don't forget to **update** URLs in `values-ingress-external-secret.yaml` file.
+
+Fill in all required passwords, `masterKey` and `joinKey` in `values-ingress-passwords.yaml` and then create and install the external secret.
+
+**Note:** Helm release name for secrets generation and `helm install` must be set the same, in this case it is `pipelines`.
+
+With Helm v2:
+
+```bash
+## Generate pipelines-system-yaml secret
+helm template --name-template pipelines pipelines/ -x templates/pipelines-system-yaml.yaml \
+    -f pipelines/values-ingress-external-secret.yaml -f pipelines/values-ingress-passwords.yaml | kubectl apply --namespace pipelines -f -
+
+## Generate pipelines-database secret
+helm template --name-template pipelines pipelines/ -x templates/database-secret.yaml \
+    -f pipelines/values-ingress-passwords.yaml | kubectl apply --namespace pipelines -f -
+
+## Generate pipelines-rabbitmq-secret secret
+helm template --name-template pipelines pipelines/ -x templates/rabbitmq-secret.yaml \
+    -f pipelines/values-ingress-passwords.yaml | kubectl apply --namespace pipelines -f -
+```
+
+With Helm v3:
+
+```bash
+## Generate pipelines-system-yaml secret
+helm template --name-template pipelines pipelines/ -s templates/pipelines-system-yaml.yaml \
+    -f pipelines/values-ingress-external-secret.yaml -f pipelines/values-ingress-passwords.yaml | kubectl apply --namespace pipelines -f -
+
+## Generate pipelines-database secret
+helm template --name-template pipelines pipelines/ -s templates/database-secret.yaml \
+    -f pipelines/values-ingress-passwords.yaml | kubectl apply --namespace pipelines -f -
+
+## Generate pipelines-rabbitmq-secret secret
+helm template --name-template pipelines pipelines/ -s templates/rabbitmq-secret.yaml \
+    -f pipelines/values-ingress-passwords.yaml | kubectl apply --namespace pipelines -f -
+```
+
+Install JFrog Pipelines:
+
+```bash
+helm upgrade --install pipelines --namespace pipelines center/jfrog/pipelines -f values-ingress-external-secret.yaml
+```
+
+### Using external Rabbitmq
+
+If you want to use external Rabbitmq, set `rabbitmq.enabled=false` and create `values-external-rabbitmq.yaml` with below yaml configuration
+
+```yaml
+rabbitmq:
+  enabled: false
+  internal_ip: "{{ .Release.Name }}-rabbitmq"
+  msg_hostname: "{{ .Release.Name }}-rabbitmq"
+  port: 5672
+  manager_port: 15672
+  ms_username: admin
+  ms_password: password
+  cp_username: admin
+  cp_password: password
+  build_username: admin
+  build_password: password    
+  root_vhost_exchange_name: rootvhost
+  erlang_cookie: secretcookie
+  build_vhost_name: pipelines
+  root_vhost_name: pipelinesRoot
+  protocol: amqp
+```
+
+```bash
+helm upgrade --install pipelines --namespace pipelines center/jfrog/pipelines -f values-external-rabbitmq.yaml
+```
+
+### Using external Vault
+
+If you want to use external Vault, set `vault.enabled=false` and create `values-external-vault.yaml` with below yaml configuration
+
+```yaml
+vault:
+  enabled: false
+
+global:
+  vault:
+    host: vault_url
+    port: vault_port
+    token: vault_token
+    ## Set Vault token using existing secret
+    # existingSecret: vault-secret
+```
+
+If you store external Vault token in a pre-existing Kubernetes Secret, you can specify it via `existingSecret`.
+
+To create a secret containing the Vault token:
+
+```bash
+kubectl create secret generic vault-secret --from-literal=token=${VAULT_TOKEN}
+```
+
+```bash
+helm upgrade --install pipelines --namespace pipelines center/jfrog/pipelines -f values-external-vault.yaml
+```
+
+### Status
+
+See the status of deployed **helm** release:
+
+With Helm v2:
+
+```bash
+helm status pipelines
+```
+
+With Helm v3:
+
+```bash
+helm status pipelines --namespace pipelines
+```
+
+### Pipelines Version
+- By default, the pipelines images will use the value `appVersion` in the Chart.yml. This can be over-ridden by adding `version` to the pipelines section of the values.yml
+
+### Build Plane
+
+#### Build Plane with static and dynamic node-pool VMs
+
+To start using Pipelines you need to setup a Build Plane:
+- For Static VMs Node-pool setup, please read [Managing Node Pools](https://www.jfrog.com/confluence/display/JFROG/Managing+Pipelines+Node+Pools#ManagingPipelinesNodePools-static-node-poolsAdministeringStaticNodePools).
+
+- For Dynamic VMs Node-pool setup, please read [Managing Dynamic Node Pools](https://www.jfrog.com/confluence/display/JFROG/Managing+Pipelines+Node+Pools#ManagingPipelinesNodePools-dynamic-node-poolsAdministeringDynamicNodePools).
+
+- For Kubernetes Node-pool setup, please read [Managing Dynamic Node Pools](https://www.jfrog.com/confluence/display/JFROG/Managing+Pipelines+Node+Pools#ManagingPipelinesNodePools-dynamic-node-poolsAdministeringDynamicNodePools).
+
+## Useful links
+
+- https://www.jfrog.com/confluence/display/JFROG/Pipelines+Quickstart
+- https://www.jfrog.com/confluence/display/JFROG/Using+Pipelines
+- https://www.jfrog.com/confluence/display/JFROG/Managing+Runtimes

Openshift4/helm/openshift-pipelines/helminstall.sh

@@ -0,0 +1,35 @@
+#!/usr/bin/env bash
+
+echo "Installing Pipelines"
+
+if [ -z "$MASTER_KEY" ]
+then
+  MASTER_KEY=FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
+fi
+
+if [ -z "$JOIN_KEY" ]
+then
+  JOIN_KEY=EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE
+fi
+
+helm upgrade --install pipelines . \
+     --set pipelines.pipelines.jfrogUrl=http://openshiftartifactoryha-nginx \
+     --set pipelines.pipelines.jfrogUrlUI=http://openshiftartifactoryha-nginx \
+     --set pipelines.pipelines.masterKey=$MASTER_KEY \
+     --set pipelines.pipelines.joinKey=$JOIN_KEY \
+     --set pipelines.pipelines.accessControlAllowOrigins_0=http://openshiftartifactoryha-nginx \
+     --set pipelines.pipelines.accessControlAllowOrigins_1=http://openshiftartifactoryha-nginx \
+     --set pipelines.pipelines.msg.uiUser=monitor \
+     --set pipelines.pipelines.msg.uiUserPassword=monitor \
+     --set pipelines.postgresql.enabled=false \
+     --set pipelines.global.postgresql.host=postgres-postgresql \
+     --set pipelines.global.postgresql.port=5432 \
+     --set pipelines.global.postgresql.database=pipelinesdb \
+     --set pipelines.global.postgresql.user=artifactory \
+     --set pipelines.global.postgresql.password=password \
+     --set pipelines.global.postgresql.ssl=false \
+     --set pipelines.rabbitmq.rabbitmq.username=user \
+     --set pipelines.rabbitmq.rabbitmq.password=bitnami \
+     --set pipelines.rabbitmq.externalUrl=amqps://pipelines-rabbit.jfrog.tech \
+     --set pipelines.pipelines.api.externalUrl=http://pipelines-api.jfrog.tech \
+     --set pipelines.pipelines.www.externalUrl=http://pipelines-www.jfrog.tech

Openshift4/helm/openshift-pipelines/requirements.lock

@@ -0,0 +1,6 @@
+dependencies:
+- name: pipelines
+  repository: https://charts.jfrog.io/
+  version: 1.4.5
+digest: sha256:83b0fa740797074925e7f237762ff493727faf58476c3884f247acc44428202b
+generated: "2020-09-21T10:32:37.846331-07:00"

Openshift4/helm/openshift-pipelines/requirements.yaml

@@ -0,0 +1,4 @@
+dependencies:
+  - name: pipelines
+    version: 1.4.5
+    repository: https://charts.jfrog.io/

Openshift4/helm/openshift-xray/CHANGELOG.md

@@ -1,6 +1,12 @@
 # JFrog  Openshift Artifactory-Xray Chart Changelog
 All changes to this chart will be documented in this file.
 
+## [6.0.6] Oct 1st, 2020
+* Updating to Xray chart version 6.0.6 and Xray app version 3.8.8
+
+## [4.2.0] Aug 17, 2020
+* Updating to Xray chart version 4.2.0 and Xray app version 3.8.0
+
 ## [4.1.2] July 28, 2020
 * Updating to Xray chart version 4.1.2 and Xray app version 3.6.2
 

Openshift4/helm/openshift-xray/Chart.yaml

@@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: 3.6.2
+appVersion: 3.8.8
 description: Universal component scan for security and license inventory and impact analysis
 sources:
 - https://bintray.com/jfrog/product/xray/view
@@ -13,4 +13,4 @@ maintainers:
 - email: johnp@jfrog.com
   name: John Peterson
 name: openshift-xray
-version: 4.1.2
+version: 6.0.6

Openshift4/helm/openshift-xray/helminstall.sh

@@ -57,7 +57,10 @@ fi
 JFROGURL=""
 if [[ -z "$4" ]]
 then
-  JFROGURL="http://openshiftartifactoryha-nginx"
+  # HELM
+  JFROGURL="http://artifactory-ha-nginx"
+  # OPERATOR
+  # JFROGURL="http://openshiftartifactoryha-nginx"
 else
   JFROGURL=$4
 fi
@@ -68,4 +71,6 @@ helm install xray . \
                --set xray.database.url=$DBURL \
                --set xray.database.user=$DBUSER \
                --set xray.database.password=$DBPASS \
-               --set xray.xray.jfrogUrl=$JFROGURL
+               --set xray.xray.jfrogUrl=$JFROGURL \
+               --set xray.xray.joinKey=EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE \
+               --set xray.xray.masterKey=FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF

Openshift4/helm/openshift-xray/rabbitmq.yaml

@@ -16,10 +16,10 @@ spec:
         app: rabbitmq
     spec:
       containers:
-        - image: quay.io/jfrog/xray-rabbitmq-rh:3.8.0
+        - image: registry.connect.redhat.com/jfrog/xray-rabbitmq:3.8.9
           imagePullPolicy: "Always"
           name: xray-rabbitmq
           ports:
             -  containerPort: 4369
             -  containerPort: 5672
-            -  containerPort: 25672
+            -  containerPort: 15672

Openshift4/helm/openshift-xray/rabbitmqservice.yaml

@@ -8,17 +8,17 @@ spec:
   selector:
     app: rabbitmq
   ports:
-  - name: port1
+  - name: epmd
     protocol: TCP
     port: 4369
     targetPort: 4369
-  - name: port3
+  - name: ampq
     protocol: TCP
     port: 5672
     targetPort: 5672
-  - name: port4
+  - name: management
     protocol: TCP
-    port: 25672
+    port: 15672
     targetPort: 25672
   type: ClusterIP
 

Openshift4/helm/openshift-xray/requirements.lock

@@ -0,0 +1,6 @@
+dependencies:
+- name: xray
+  repository: https://charts.jfrog.io/
+  version: 6.0.6
+digest: sha256:339b5ec4e309ce2970ed34ebc700d6fe8f436d6cbe8dd5d352f0b080401752af
+generated: "2020-10-01T15:04:29.008985-07:00"

Openshift4/helm/openshift-xray/requirements.yaml

@@ -1,4 +1,4 @@
 dependencies:
   - name: xray
-    version: 4.1.2
+    version: 6.0.6
     repository: https://charts.jfrog.io/

Openshift4/helm/openshift-xray/values.yaml

@@ -0,0 +1,101 @@
+# Openshift Jfrog Xray
+xray:
+  unifiedUpgradeAllowed: true
+  replicaCount: 1
+  xray:
+    masterKey: "OVERRIDE"
+    joinKey: "OVERRIDE"
+    consoleLog: false
+    jfrogUrl: "OVERRIDE"
+  postgresql:
+    enabled: false
+  database:
+    url: "OVERRIDE"
+    user: "OVERRIDE"
+    password: "OVERRIDE"
+  common:
+    xrayUserId: "1000721035"
+    xrayGroupId: "1000721035"
+  analysis:
+    name: xray-analysis
+    image:
+      registry: registry.connect.redhat.com
+      repository: jfrog/xray-analysis
+      tag: 3.8.8
+    updateStrategy: RollingUpdate
+    podManagementPolicy: Parallel
+    preStartCommand:
+  indexer:
+    name: xray-indexer
+    image:
+      registry: registry.connect.redhat.com
+      repository: jfrog/xray-indexer
+      tag: 3.8.8
+    updateStrategy: RollingUpdate
+    podManagementPolicy: Parallel
+  persist:
+    name: xray-persist
+    image:
+      registry: registry.connect.redhat.com
+      repository: jfrog/xray-persist
+      tag: 3.8.8
+    updateStrategy: RollingUpdate
+    podManagementPolicy: Parallel
+    persistence:
+      size: 10Gi
+    preStartCommand:
+  server:
+    name: xray-server
+    image:
+      registry: registry.connect.redhat.com
+      repository: jfrog/xray-server
+      tag: 3.8.8
+    updateStrategy: RollingUpdate
+    podManagementPolicy: Parallel
+    replicaCount: 1
+  router:
+    name: router
+    image:
+      registry: registry.connect.redhat.com
+      repository: jfrog/xray-router
+      tag: 1.4.3
+      imagePullPolicy: IfNotPresent
+  rabbitmq-ha:
+    enabled: true
+    replicaCount: 1
+    image:
+      repository: registry.connect.redhat.com/jfrog/xray-rabbitmq
+      tag: 3.8.9
+    rabbitmqEpmdPort: 4369
+    rabbitmqNodePort: 5672
+    rabbitmqManagerPort: 15672
+    rabbitmqUsername: guest
+    rabbitmqPassword: guest
+    managementUsername: management
+    managementPassword: management
+    initContainer:
+      enabled: false
+    securityContext:
+      fsGroup: 1000721035
+      runAsUser: 1000721035
+      runAsGroup: 1000721035
+    livenessProbe:
+      initialDelaySeconds: 120
+      periodSeconds: 10
+      timeoutSeconds: 5
+      failureThreshold: 6
+      exec:
+        command:
+          - /bin/sh
+          - -c
+          - 'rabbitmqctl status'
+    readinessProbe:
+      initialDelaySeconds: 20
+      periodSeconds: 5
+      timeoutSeconds: 3
+      failureThreshold: 6
+      exec:
+        command:
+          - /bin/sh
+          - -c
+          - 'rabbitmqctl status'

Openshift4/openshift-artifactory-ha/requirements.lock

@@ -1,6 +0,0 @@
-dependencies:
-- name: artifactory-ha
-  repository: https://charts.jfrog.io/
-  version: 3.0.5
-digest: sha256:59deb56ee27e8a629a22f48cc051453e774999228ece09c77584d95c8c54ce6d
-generated: "2020-07-16T14:29:16.129919-07:00"

Openshift4/openshift-xray/requirements.lock

@@ -1,6 +0,0 @@
-dependencies:
-- name: xray
-  repository: https://charts.jfrog.io/
-  version: 4.1.2
-digest: sha256:79e535f41be683f61d7f181a094d91f2688df43b7c3511be0c5c3216a6ce342b
-generated: "2020-07-28T11:11:46.534466-07:00"

Openshift4/openshift-xray/values.yaml

@@ -1,78 +0,0 @@
-# Openshift Jfrog Xray
-xray:
-  unifiedUpgradeAllowed: true
-  replicaCount: 1
-  xray:
-    masterKey: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
-    joinKey: EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE
-    consoleLog: false
-    jfrogUrl: "OVERRIDE"
-  postgresql:
-    enabled: false
-  database:
-    url: "OVERRIDE"
-    user: "OVERRIDE"
-    password: "OVERRIDE"
-  rabbitmq-ha:
-    enabled: true
-    replicaCount: 1
-    image:
-      tag: 3.7.21-alpine
-    rabbitmqUsername: guest
-    rabbitmqPassword: ""
-    persistentVolume:
-      enabled: true
-      size: 20Gi
-    rbac:
-      create: true
-    preStartCommand:
-  global:
-    postgresqlTlsSecret:
-  analysis:
-    name: xray-analysis
-    image:
-      repository: registry.connect.redhat.com/jfrog/xray-analysis
-      version: 3.6.2
-    updateStrategy: RollingUpdate
-    podManagementPolicy: Parallel
-    preStartCommand:
-  indexer:
-    name: xray-indexer
-    image:
-      repository: registry.connect.redhat.com/jfrog/xray-indexer
-      version: 3.6.2
-    updateStrategy: RollingUpdate
-    podManagementPolicy: Parallel
-  persist:
-    name: xray-persist
-    image:
-      repository: registry.connect.redhat.com/jfrog/xray-persist
-      version: 3.6.2
-    updateStrategy: RollingUpdate
-    podManagementPolicy: Parallel
-    persistence:
-      size: 10Gi
-    preStartCommand:
-  server:
-    name: xray-server
-    image:
-      repository: registry.connect.redhat.com/jfrog/xray-server
-      version: 3.6.2
-    updateStrategy: RollingUpdate
-    podManagementPolicy: Parallel
-    replicaCount: 1
-  router:
-    name: router
-    image:
-      repository: registry.connect.redhat.com/jfrog/xray-router
-      version: 1.4.2
-      imagePullPolicy: IfNotPresent
-  rabbitmq-ha:
-    enabled: true
-    replicaCount: 1
-    image:
-      repository: registry.connect.redhat.com/jfrog/xray-rabbitmq
-      tag: 3.8.0
-    rabbitmqEpmdPort: 4369
-    rabbitmqNodePort: 5672
-    rabbitmqManagerPort: 15672

Openshift4/operator/artifactory-ha-operator/.gitignore

@@ -0,0 +1,24 @@
+
+# Binaries for programs and plugins
+*.exe
+*.exe~
+*.dll
+*.so
+*.dylib
+bin
+
+# Test binary, build with `go test -c`
+*.test
+
+# Output of the go coverage tool, specifically when used with LiteIDE
+*.out
+
+# Kubernetes Generated files - skip generated files, except for vendored files
+
+!vendor/**/zz_generated.*
+
+# editor and IDE paraphernalia
+.idea
+*.swp
+*.swo
+*~

Openshift4/operator/artifactory-ha-operator/.osdk-scorecard.yaml

@@ -7,4 +7,4 @@ scorecard:
     - olm:
         cr-manifest:
           - "deploy/crds/charts.helm.k8s.io_v1alpha1_openshiftartifactoryha_cr.yaml"
-        csv-path: "deploy/olm-catalog/artifactory-ha-operator/1.0.2/artifactory-ha-operator.v1.0.2.clusterserviceversion.yaml"
+        csv-path: "deploy/olm-catalog/artifactory-ha-operator/1.0.3/artifactory-ha-operator.v1.0.3.clusterserviceversion.yaml"

Openshift4/operator/artifactory-ha-operator/CHANGELOG.md

@@ -0,0 +1,29 @@
+# JFrog  Openshift Artifactory-ha Chart Changelog
+All changes to this chart will be documented in this file.
+
+## [1.1.0] - Sept 30, 2020
+* Updating Operator to latest jfrog/artifactory-ha helm chart version 4.1.0 artifactory version 7.9.0
+
+## [1.0.3] - Aug 17, 2020
+* Updating Operator to latest jfrog/artifactory-ha helm chart version 3.1.0 artifactory version 7.7.3
+
+## [1.0.2] - July 16, 2020
+* Updating Operator to latest jfrog/artifactory-ha helm chart version 3.0.5 artifactory version 7.6.3
+
+## [1.0.1] - June 29, 2020
+* Updating to latest jfrog/artifactory-ha helm chart version 2.6.0 artifactory version 7.6.1
+
+## [1.0.0] - May 12, 2020
+* Updating to latest jfrog/artifactory-ha helm chart version 2.4.6 artifactory version 7.4.3
+
+## [0.4.0] - April 13, 2020
+* Updating to latest jfrog/artifactory-ha helm chart version 2.3.0
+
+## [0.3.0] - April 11, 2020
+* Fixed issues with master key
+
+## [0.2.0] - March 17, 2020
+* Updated Artifactory version to 7.3.2
+
+## [0.1.0] - March 09, 2020
+* Updated Artifactory version to 7.2.1

Openshift4/operator/artifactory-ha-operator/Dockerfile

@@ -0,0 +1,13 @@
+# Build the manager binary
+FROM quay.io/operator-framework/helm-operator:v1.0.1
+LABEL name="JFrog Artifactory Enterprise Operator" \
+      description="Openshift operator to deploy JFrog Artifactory Enterprise based on the Red Hat Universal Base Image." \
+      vendor="JFrog" \
+      summary="JFrog Artifactory Enterprise Operator" \
+      com.jfrog.license_terms="https://jfrog.com/artifactory/eula/"
+
+COPY licenses/ /licenses
+ENV HOME=/opt/helm
+COPY watches.yaml ${HOME}/watches.yaml
+COPY helm-charts  ${HOME}/helm-charts
+WORKDIR ${HOME}

Openshift4/operator/artifactory-ha-operator/Makefile

@@ -0,0 +1,92 @@
+# Current Operator version
+VERSION ?= 0.0.1
+# Default bundle image tag
+BUNDLE_IMG ?= controller-bundle:$(VERSION)
+# Options for 'bundle-build'
+ifneq ($(origin CHANNELS), undefined)
+BUNDLE_CHANNELS := --channels=$(CHANNELS)
+endif
+ifneq ($(origin DEFAULT_CHANNEL), undefined)
+BUNDLE_DEFAULT_CHANNEL := --default-channel=$(DEFAULT_CHANNEL)
+endif
+BUNDLE_METADATA_OPTS ?= $(BUNDLE_CHANNELS) $(BUNDLE_DEFAULT_CHANNEL)
+
+# Image URL to use all building/pushing image targets
+IMG ?= controller:latest
+
+all: docker-build
+
+# Run against the configured Kubernetes cluster in ~/.kube/config
+run: helm-operator
+	$(HELM_OPERATOR) run
+
+# Install CRDs into a cluster
+install: kustomize
+	$(KUSTOMIZE) build config/crd | kubectl apply -f -
+
+# Uninstall CRDs from a cluster
+uninstall: kustomize
+	$(KUSTOMIZE) build config/crd | kubectl delete -f -
+
+# Deploy controller in the configured Kubernetes cluster in ~/.kube/config
+deploy: kustomize
+	cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG}
+	$(KUSTOMIZE) build config/default | kubectl apply -f -
+
+# Undeploy controller in the configured Kubernetes cluster in ~/.kube/config
+undeploy: kustomize
+	$(KUSTOMIZE) build config/default | kubectl delete -f -
+
+# Build the docker image
+docker-build:
+	docker build . -t ${IMG}
+
+# Push the docker image
+docker-push:
+	docker push ${IMG}
+
+PATH  := $(PATH):$(PWD)/bin
+SHELL := env PATH=$(PATH) /bin/sh
+OS    = $(shell uname -s | tr '[:upper:]' '[:lower:]')
+ARCH  = $(shell uname -m | sed 's/x86_64/amd64/')
+OSOPER   = $(shell uname -s | tr '[:upper:]' '[:lower:]' | sed 's/darwin/apple-darwin/' | sed 's/linux/linux-gnu/')
+ARCHOPER = $(shell uname -m )
+
+kustomize:
+ifeq (, $(shell which kustomize 2>/dev/null))
+	@{ \
+	set -e ;\
+	mkdir -p bin ;\
+	curl -sSLo - https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v3.5.4/kustomize_v3.5.4_$(OS)_$(ARCH).tar.gz | tar xzf - -C bin/ ;\
+	}
+KUSTOMIZE=$(realpath ./bin/kustomize)
+else
+KUSTOMIZE=$(shell which kustomize)
+endif
+
+helm-operator:
+ifeq (, $(shell which helm-operator 2>/dev/null))
+	@{ \
+	set -e ;\
+	mkdir -p bin ;\
+	curl -LO https://github.com/operator-framework/operator-sdk/releases/download/v1.0.1/helm-operator-v1.0.1-$(ARCHOPER)-$(OSOPER) ;\
+	mv helm-operator-v1.0.1-$(ARCHOPER)-$(OSOPER) ./bin/helm-operator ;\
+	chmod +x ./bin/helm-operator ;\
+	}
+HELM_OPERATOR=$(realpath ./bin/helm-operator)
+else
+HELM_OPERATOR=$(shell which helm-operator)
+endif
+
+# Generate bundle manifests and metadata, then validate generated files.
+.PHONY: bundle
+bundle: kustomize
+	operator-sdk generate kustomize manifests -q
+	cd config/manager && $(KUSTOMIZE) edit set image controller=$(IMG)
+	$(KUSTOMIZE) build config/manifests | operator-sdk generate bundle -q --overwrite --version $(VERSION) $(BUNDLE_METADATA_OPTS)
+	operator-sdk bundle validate ./bundle
+
+# Build the bundle image.
+.PHONY: bundle-build
+bundle-build:
+	docker build -f bundle.Dockerfile -t $(BUNDLE_IMG) .

Openshift4/operator/artifactory-ha-operator/PROJECT

@@ -0,0 +1,8 @@
+domain: jfrog.com
+layout: helm.sdk.operatorframework.io/v1
+projectName: artifactory-ha-operator
+resources:
+- group: cache
+  kind: OpenshiftArtifactoryHa
+  version: v1alpha1
+version: 3-alpha

Openshift4/operator/artifactory-ha-operator/README.md

@@ -4,6 +4,12 @@ This code base is intended to deploy Artifactory HA as an operator to an Openshi
 
 Openshift OperatorHub has the latest official supported Cluster Service Version (CSV) for the OLM catalog.
 
+# Breaking Changes
+
+```
+v1.1.0 breaks existing upgrade path due to base helm chart breaking changes
+```
+
 ## Getting Started
 
 These instructions will get you a copy of the project up and running on your local machine for development and testing purposes. See deployment for notes on how to deploy the project on a live system.

Openshift4/operator/artifactory-ha-operator/bundle/1.0.0/manifests/openshiftartifactoryhas.charts.helm.k8s.io.crd.yaml

@@ -0,0 +1,29 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  creationTimestamp: null
+  name: openshiftartifactoryhas.charts.helm.k8s.io
+spec:
+  group: charts.helm.k8s.io
+  names:
+    kind: OpenshiftArtifactoryHa
+    listKind: OpenshiftArtifactoryHaList
+    plural: openshiftartifactoryhas
+    singular: openshiftartifactoryha
+  scope: Namespaced
+  subresources:
+    status: {}
+  validation:
+    openAPIV3Schema:
+      type: object
+  version: v1alpha1
+  versions:
+  - name: v1alpha1
+    served: true
+    storage: true
+status:
+  acceptedNames:
+    kind: ''
+    plural: ''
+  conditions: null
+  storedVersions: null

Openshift4/operator/artifactory-ha-operator/bundle/1.0.0/metadata/annotations.yaml

@@ -0,0 +1,7 @@
+annotations:
+  operators.operatorframework.io.bundle.channel.default.v1: alpha
+  operators.operatorframework.io.bundle.channels.v1: alpha
+  operators.operatorframework.io.bundle.manifests.v1: manifests/
+  operators.operatorframework.io.bundle.mediatype.v1: registry+v1
+  operators.operatorframework.io.bundle.metadata.v1: metadata/
+  operators.operatorframework.io.bundle.package.v1: openshiftartifactoryha-operator

Openshift4/operator/artifactory-ha-operator/bundle/1.0.0/openshiftartifactoryhas.charts.helm.k8s.io.crd.yaml

@@ -0,0 +1,29 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  creationTimestamp: null
+  name: openshiftartifactoryhas.charts.helm.k8s.io
+spec:
+  group: charts.helm.k8s.io
+  names:
+    kind: OpenshiftArtifactoryHa
+    listKind: OpenshiftArtifactoryHaList
+    plural: openshiftartifactoryhas
+    singular: openshiftartifactoryha
+  scope: Namespaced
+  subresources:
+    status: {}
+  validation:
+    openAPIV3Schema:
+      type: object
+  version: v1alpha1
+  versions:
+  - name: v1alpha1
+    served: true
+    storage: true
+status:
+  acceptedNames:
+    kind: ''
+    plural: ''
+  conditions: null
+  storedVersions: null

Openshift4/operator/artifactory-ha-operator/bundle/1.0.1/manifests/openshiftartifactoryhas.charts.helm.k8s.io.crd.yaml

@@ -0,0 +1,29 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  creationTimestamp: null
+  name: openshiftartifactoryhas.charts.helm.k8s.io
+spec:
+  group: charts.helm.k8s.io
+  names:
+    kind: OpenshiftArtifactoryHa
+    listKind: OpenshiftArtifactoryHaList
+    plural: openshiftartifactoryhas
+    singular: openshiftartifactoryha
+  scope: Namespaced
+  subresources:
+    status: {}
+  validation:
+    openAPIV3Schema:
+      type: object
+  version: v1alpha1
+  versions:
+  - name: v1alpha1
+    served: true
+    storage: true
+status:
+  acceptedNames:
+    kind: ''
+    plural: ''
+  conditions: null
+  storedVersions: null

Openshift4/operator/artifactory-ha-operator/bundle/1.0.1/metadata/annotations.yaml

@@ -0,0 +1,7 @@
+annotations:
+  operators.operatorframework.io.bundle.channel.default.v1: alpha
+  operators.operatorframework.io.bundle.channels.v1: alpha
+  operators.operatorframework.io.bundle.manifests.v1: manifests/
+  operators.operatorframework.io.bundle.mediatype.v1: registry+v1
+  operators.operatorframework.io.bundle.metadata.v1: metadata/
+  operators.operatorframework.io.bundle.package.v1: openshiftartifactoryha-operator

Openshift4/operator/artifactory-ha-operator/bundle/1.0.1/openshiftartifactoryhas.charts.helm.k8s.io.crd.yaml

@@ -0,0 +1,29 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  creationTimestamp: null
+  name: openshiftartifactoryhas.charts.helm.k8s.io
+spec:
+  group: charts.helm.k8s.io
+  names:
+    kind: OpenshiftArtifactoryHa
+    listKind: OpenshiftArtifactoryHaList
+    plural: openshiftartifactoryhas
+    singular: openshiftartifactoryha
+  scope: Namespaced
+  subresources:
+    status: {}
+  validation:
+    openAPIV3Schema:
+      type: object
+  version: v1alpha1
+  versions:
+  - name: v1alpha1
+    served: true
+    storage: true
+status:
+  acceptedNames:
+    kind: ''
+    plural: ''
+  conditions: null
+  storedVersions: null

Openshift4/operator/artifactory-ha-operator/bundle/1.0.2/manifests/openshiftartifactoryhas.charts.helm.k8s.io.crd.yaml

@@ -0,0 +1,29 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  creationTimestamp: null
+  name: openshiftartifactoryhas.charts.helm.k8s.io
+spec:
+  group: charts.helm.k8s.io
+  names:
+    kind: OpenshiftArtifactoryHa
+    listKind: OpenshiftArtifactoryHaList
+    plural: openshiftartifactoryhas
+    singular: openshiftartifactoryha
+  scope: Namespaced
+  subresources:
+    status: {}
+  validation:
+    openAPIV3Schema:
+      type: object
+  version: v1alpha1
+  versions:
+  - name: v1alpha1
+    served: true
+    storage: true
+status:
+  acceptedNames:
+    kind: ''
+    plural: ''
+  conditions: null
+  storedVersions: null

Openshift4/operator/artifactory-ha-operator/bundle/1.0.2/metadata/annotations.yaml

@@ -0,0 +1,7 @@
+annotations:
+  operators.operatorframework.io.bundle.channel.default.v1: alpha
+  operators.operatorframework.io.bundle.channels.v1: alpha
+  operators.operatorframework.io.bundle.manifests.v1: manifests/
+  operators.operatorframework.io.bundle.mediatype.v1: registry+v1
+  operators.operatorframework.io.bundle.metadata.v1: metadata/
+  operators.operatorframework.io.bundle.package.v1: openshiftartifactoryha-operator

Openshift4/operator/artifactory-ha-operator/bundle/1.0.2/openshiftartifactoryhas.charts.helm.k8s.io.crd.yaml

@@ -0,0 +1,29 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  creationTimestamp: null
+  name: openshiftartifactoryhas.charts.helm.k8s.io
+spec:
+  group: charts.helm.k8s.io
+  names:
+    kind: OpenshiftArtifactoryHa
+    listKind: OpenshiftArtifactoryHaList
+    plural: openshiftartifactoryhas
+    singular: openshiftartifactoryha
+  scope: Namespaced
+  subresources:
+    status: {}
+  validation:
+    openAPIV3Schema:
+      type: object
+  version: v1alpha1
+  versions:
+  - name: v1alpha1
+    served: true
+    storage: true
+status:
+  acceptedNames:
+    kind: ''
+    plural: ''
+  conditions: null
+  storedVersions: null

Openshift4/operator/artifactory-ha-operator/bundle/1.0.3/manifests/openshiftartifactoryhas.charts.helm.k8s.io.crd.yaml

@@ -0,0 +1,29 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  creationTimestamp: null
+  name: openshiftartifactoryhas.charts.helm.k8s.io
+spec:
+  group: charts.helm.k8s.io
+  names:
+    kind: OpenshiftArtifactoryHa
+    listKind: OpenshiftArtifactoryHaList
+    plural: openshiftartifactoryhas
+    singular: openshiftartifactoryha
+  scope: Namespaced
+  subresources:
+    status: {}
+  validation:
+    openAPIV3Schema:
+      type: object
+  version: v1alpha1
+  versions:
+  - name: v1alpha1
+    served: true
+    storage: true
+status:
+  acceptedNames:
+    kind: ''
+    plural: ''
+  conditions: null
+  storedVersions: null

Openshift4/operator/artifactory-ha-operator/bundle/1.0.3/metadata/annotations.yaml

@@ -0,0 +1,7 @@
+annotations:
+  operators.operatorframework.io.bundle.channel.default.v1: alpha
+  operators.operatorframework.io.bundle.channels.v1: alpha
+  operators.operatorframework.io.bundle.manifests.v1: manifests/
+  operators.operatorframework.io.bundle.mediatype.v1: registry+v1
+  operators.operatorframework.io.bundle.metadata.v1: metadata/
+  operators.operatorframework.io.bundle.package.v1: openshiftartifactoryha-operator

Openshift4/operator/artifactory-ha-operator/bundle/1.0.3/openshiftartifactoryhas.charts.helm.k8s.io.crd.yaml

@@ -0,0 +1,29 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  creationTimestamp: null
+  name: openshiftartifactoryhas.charts.helm.k8s.io
+spec:
+  group: charts.helm.k8s.io
+  names:
+    kind: OpenshiftArtifactoryHa
+    listKind: OpenshiftArtifactoryHaList
+    plural: openshiftartifactoryhas
+    singular: openshiftartifactoryha
+  scope: Namespaced
+  subresources:
+    status: {}
+  validation:
+    openAPIV3Schema:
+      type: object
+  version: v1alpha1
+  versions:
+  - name: v1alpha1
+    served: true
+    storage: true
+status:
+  acceptedNames:
+    kind: ''
+    plural: ''
+  conditions: null
+  storedVersions: null

Openshift4/operator/artifactory-ha-operator/bundle/1.1.0/manifests/openshiftartifactoryhas.charts.helm.k8s.io.crd.yaml

@@ -0,0 +1,29 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  creationTimestamp: null
+  name: openshiftartifactoryhas.charts.helm.k8s.io
+spec:
+  group: charts.helm.k8s.io
+  names:
+    kind: OpenshiftArtifactoryHa
+    listKind: OpenshiftArtifactoryHaList
+    plural: openshiftartifactoryhas
+    singular: openshiftartifactoryha
+  scope: Namespaced
+  subresources:
+    status: {}
+  validation:
+    openAPIV3Schema:
+      type: object
+  version: v1alpha1
+  versions:
+  - name: v1alpha1
+    served: true
+    storage: true
+status:
+  acceptedNames:
+    kind: ''
+    plural: ''
+  conditions: null
+  storedVersions: null

Openshift4/operator/artifactory-ha-operator/bundle/1.1.0/metadata/annotations.yaml

@@ -0,0 +1,12 @@
+annotations:
+  operators.operatorframework.io.bundle.channel.default.v1: alpha
+  operators.operatorframework.io.bundle.channels.v1: alpha
+  operators.operatorframework.io.bundle.manifests.v1: manifests/
+  operators.operatorframework.io.bundle.mediatype.v1: registry+v1
+  operators.operatorframework.io.bundle.metadata.v1: metadata/
+  operators.operatorframework.io.bundle.package.v1: openshiftartifactoryha-operator
+  operators.operatorframework.io.metrics.builder: operator-sdk-v1.0.1
+  operators.operatorframework.io.metrics.mediatype.v1: metrics+v1
+  operators.operatorframework.io.metrics.project_layout: helm.sdk.operatorframework.io/v1
+  operators.operatorframework.io.test.config.v1: tests/scorecard/
+  operators.operatorframework.io.test.mediatype.v1: scorecard+v1

Openshift4/operator/artifactory-ha-operator/bundle/1.1.0/metadata/openshiftartifactoryha-operator.package.yaml

@@ -0,0 +1,5 @@
+channels:
+- currentCSV: artifactory-ha-operator.v1.1.1
+  name: alpha
+defaultChannel: ''
+packageName: openshiftartifactoryha-operator

Openshift4/operator/artifactory-ha-operator/bundle/1.1.0/openshiftartifactoryhas.charts.helm.k8s.io.crd.yaml

@@ -0,0 +1,29 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  creationTimestamp: null
+  name: openshiftartifactoryhas.charts.helm.k8s.io
+spec:
+  group: charts.helm.k8s.io
+  names:
+    kind: OpenshiftArtifactoryHa
+    listKind: OpenshiftArtifactoryHaList
+    plural: openshiftartifactoryhas
+    singular: openshiftartifactoryha
+  scope: Namespaced
+  subresources:
+    status: {}
+  validation:
+    openAPIV3Schema:
+      type: object
+  version: v1alpha1
+  versions:
+  - name: v1alpha1
+    served: true
+    storage: true
+status:
+  acceptedNames:
+    kind: ''
+    plural: ''
+  conditions: null
+  storedVersions: null

Openshift4/operator/artifactory-ha-operator/bundle/bundle-1.0.0.Dockerfile

@@ -0,0 +1,13 @@
+FROM scratch
+
+LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1
+LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/
+LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/
+LABEL operators.operatorframework.io.bundle.package.v1=openshiftartifactoryha-operator
+LABEL operators.operatorframework.io.bundle.channels.v1=alpha
+LABEL operators.operatorframework.io.bundle.channel.default.v1=alpha
+
+COPY 1.0.0/manifests /manifests/
+COPY 1.0.0/metadata /metadata/
+LABEL com.redhat.openshift.versions="v4.5,v4.6"
+LABEL com.redhat.delivery.operator.bundle=true

Openshift4/operator/artifactory-ha-operator/bundle/bundle-1.0.1.Dockerfile

@@ -0,0 +1,13 @@
+FROM scratch
+
+LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1
+LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/
+LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/
+LABEL operators.operatorframework.io.bundle.package.v1=openshiftartifactoryha-operator
+LABEL operators.operatorframework.io.bundle.channels.v1=alpha
+LABEL operators.operatorframework.io.bundle.channel.default.v1=alpha
+
+COPY 1.0.1/manifests /manifests/
+COPY 1.0.1/metadata /metadata/
+LABEL com.redhat.openshift.versions="v4.5,v4.6"
+LABEL com.redhat.delivery.operator.bundle=true

Openshift4/operator/artifactory-ha-operator/bundle/bundle-1.0.2.Dockerfile

@@ -0,0 +1,13 @@
+FROM scratch
+
+LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1
+LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/
+LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/
+LABEL operators.operatorframework.io.bundle.package.v1=openshiftartifactoryha-operator
+LABEL operators.operatorframework.io.bundle.channels.v1=alpha
+LABEL operators.operatorframework.io.bundle.channel.default.v1=alpha
+
+COPY 1.0.2/manifests /manifests/
+COPY 1.0.2/metadata /metadata/
+LABEL com.redhat.openshift.versions="v4.5,v4.6"
+LABEL com.redhat.delivery.operator.bundle=true

Openshift4/operator/artifactory-ha-operator/bundle/bundle-1.0.3.Dockerfile

@@ -0,0 +1,14 @@
+FROM scratch
+
+LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1
+LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/
+LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/
+LABEL operators.operatorframework.io.bundle.package.v1=openshiftartifactoryha-operator
+LABEL operators.operatorframework.io.bundle.channels.v1=alpha
+LABEL operators.operatorframework.io.bundle.channel.default.v1=alpha
+
+COPY 1.0.3/manifests /manifests/
+COPY 1.0.3/metadata /metadata/
+LABEL com.redhat.openshift.versions="v4.5,v4.6"
+LABEL com.redhat.delivery.operator.bundle=true
+LABEL com.redhat.delivery.backport=true

Openshift4/operator/artifactory-ha-operator/bundle/bundle-1.1.0.Dockerfile

@@ -0,0 +1,19 @@
+FROM scratch
+
+LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1
+LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/
+LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/
+LABEL operators.operatorframework.io.bundle.package.v1=openshiftartifactoryha-operator
+LABEL operators.operatorframework.io.bundle.channels.v1=alpha
+LABEL operators.operatorframework.io.bundle.channel.default.v1=alpha
+LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.0.1
+LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1
+LABEL operators.operatorframework.io.metrics.project_layout=helm.sdk.operatorframework.io/v1
+LABEL operators.operatorframework.io.test.config.v1=tests/scorecard/
+LABEL operators.operatorframework.io.test.mediatype.v1=scorecard+v1
+
+COPY 1.1.0/manifests /manifests/
+COPY 1.1.0/metadata /metadata/
+LABEL com.redhat.openshift.versions="v4.5,v4.6"
+LABEL com.redhat.delivery.operator.bundle=true
+LABEL com.redhat.delivery.backport=true

Openshift4/operator/artifactory-ha-operator/bundle/openshiftartifactoryha-operator.package.yaml

@@ -0,0 +1,5 @@
+channels:
+- currentCSV: artifactory-ha-operator.v1.1.1
+  name: alpha
+defaultChannel: ''
+packageName: openshiftartifactoryha-operator

Openshift4/operator/artifactory-ha-operator/bundle_old/openshiftartifactoryha-operator.package.yaml

@@ -1,4 +1,4 @@
 packageName: openshiftartifactoryha-operator
 channels:
   - name: alpha
-    currentCSV: artifactory-ha-operator.v1.0.2
+    currentCSV: artifactory-ha-operator.v1.0.3

Openshift4/operator/artifactory-ha-operator/config/crd/kustomization.yaml

@@ -0,0 +1,6 @@
+# This kustomization.yaml is not intended to be run by itself,
+# since it depends on service name and namespace that are out of this kustomize package.
+# It should be run by config/default
+resources:
+- bases/cache.jfrog.com_openshiftartifactoryhas.yaml
+# +kubebuilder:scaffold:crdkustomizeresource

Openshift4/operator/artifactory-ha-operator/config/default/kustomization.yaml

@@ -0,0 +1,26 @@
+# Adds namespace to all resources.
+namespace: artifactory-ha-operator-system
+
+# Value of this field is prepended to the
+# names of all resources, e.g. a deployment named
+# "wordpress" becomes "alices-wordpress".
+# Note that it should also match with the prefix (text before '-') of the namespace
+# field above.
+namePrefix: artifactory-ha-operator-
+
+# Labels to add to all resources and selectors.
+#commonLabels:
+#  someName: someValue
+
+bases:
+- ../crd
+- ../rbac
+- ../manager
+# [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'.
+#- ../prometheus
+
+patchesStrategicMerge:
+  # Protect the /metrics endpoint by putting it behind auth.
+  # If you want your controller-manager to expose the /metrics
+  # endpoint w/o any authn/z, please comment the following line.
+- manager_auth_proxy_patch.yaml

Openshift4/operator/artifactory-ha-operator/config/default/manager_auth_proxy_patch.yaml

@@ -0,0 +1,26 @@
+# This patch inject a sidecar container which is a HTTP proxy for the
+# controller manager, it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews.
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: controller-manager
+  namespace: system
+spec:
+  template:
+    spec:
+      containers:
+      - name: kube-rbac-proxy
+        image: gcr.io/kubebuilder/kube-rbac-proxy:v0.5.0
+        args:
+        - "--secure-listen-address=0.0.0.0:8443"
+        - "--upstream=http://127.0.0.1:8080/"
+        - "--logtostderr=true"
+        - "--v=10"
+        ports:
+        - containerPort: 8443
+          name: https
+      - name: manager
+        args:
+        - "--metrics-addr=127.0.0.1:8080"
+        - "--enable-leader-election"
+        - "--leader-election-id=artifactory-ha-operator"

Openshift4/operator/artifactory-ha-operator/config/manager/kustomization.yaml

@@ -0,0 +1,8 @@
+resources:
+- manager.yaml
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+images:
+- name: controller
+  newName: controller
+  newTag: latest

Openshift4/operator/artifactory-ha-operator/config/manifests/kustomization.yaml

@@ -0,0 +1,4 @@
+resources:
+- ../default
+- ../samples
+- ../scorecard

Openshift4/operator/artifactory-ha-operator/config/prometheus/kustomization.yaml

@@ -0,0 +1,2 @@
+resources:
+- monitor.yaml

Openshift4/operator/artifactory-ha-operator/config/prometheus/monitor.yaml

@@ -0,0 +1,16 @@
+
+# Prometheus Monitor Service (Metrics)
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+  labels:
+    control-plane: controller-manager
+  name: controller-manager-metrics-monitor
+  namespace: system
+spec:
+  endpoints:
+    - path: /metrics
+      port: https
+  selector:
+    matchLabels:
+      control-plane: controller-manager

Openshift4/operator/artifactory-ha-operator/config/rbac/auth_proxy_client_clusterrole.yaml

@@ -0,0 +1,7 @@
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRole
+metadata:
+  name: metrics-reader
+rules:
+- nonResourceURLs: ["/metrics"]
+  verbs: ["get"]

Openshift4/operator/artifactory-ha-operator/config/rbac/auth_proxy_role.yaml

@@ -0,0 +1,13 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: proxy-role
+rules:
+- apiGroups: ["authentication.k8s.io"]
+  resources:
+  - tokenreviews
+  verbs: ["create"]
+- apiGroups: ["authorization.k8s.io"]
+  resources:
+  - subjectaccessreviews
+  verbs: ["create"]

Openshift4/operator/artifactory-ha-operator/config/rbac/auth_proxy_role_binding.yaml

@@ -0,0 +1,12 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: proxy-rolebinding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: proxy-role
+subjects:
+- kind: ServiceAccount
+  name: default
+  namespace: system

Openshift4/operator/artifactory-ha-operator/config/rbac/auth_proxy_service.yaml

@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    control-plane: controller-manager
+  name: controller-manager-metrics-service
+  namespace: system
+spec:
+  ports:
+  - name: https
+    port: 8443
+    targetPort: https
+  selector:
+    control-plane: controller-manager

Openshift4/operator/artifactory-ha-operator/config/rbac/kustomization.yaml

@@ -0,0 +1,12 @@
+resources:
+- role.yaml
+- role_binding.yaml
+- leader_election_role.yaml
+- leader_election_role_binding.yaml
+# Comment the following 4 lines if you want to disable
+# the auth proxy (https://github.com/brancz/kube-rbac-proxy)
+# which protects your /metrics endpoint.
+- auth_proxy_service.yaml
+- auth_proxy_role.yaml
+- auth_proxy_role_binding.yaml
+- auth_proxy_client_clusterrole.yaml

Openshift4/operator/artifactory-ha-operator/config/rbac/leader_election_role.yaml

@@ -0,0 +1,25 @@
+# permissions to do leader election.
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: leader-election-role
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  verbs:
+  - get
+  - list
+  - watch
+  - create
+  - update
+  - patch
+  - delete
+- apiGroups:
+  - ""
+  resources:
+  - events
+  verbs:
+  - create
+  - patch

Openshift4/operator/artifactory-ha-operator/config/rbac/leader_election_role_binding.yaml

@@ -0,0 +1,12 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: leader-election-rolebinding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: leader-election-role
+subjects:
+- kind: ServiceAccount
+  name: default
+  namespace: system

Openshift4/operator/artifactory-ha-operator/config/rbac/openshiftartifactoryha_editor_role.yaml

@@ -0,0 +1,24 @@
+# permissions for end users to edit openshiftartifactoryhas.
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: openshiftartifactoryha-editor-role
+rules:
+- apiGroups:
+  - cache.jfrog.com
+  resources:
+  - openshiftartifactoryhas
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - cache.jfrog.com
+  resources:
+  - openshiftartifactoryhas/status
+  verbs:
+  - get

Openshift4/operator/artifactory-ha-operator/config/rbac/openshiftartifactoryha_viewer_role.yaml

@@ -0,0 +1,20 @@
+# permissions for end users to view openshiftartifactoryhas.
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: openshiftartifactoryha-viewer-role
+rules:
+- apiGroups:
+  - cache.jfrog.com
+  resources:
+  - openshiftartifactoryhas
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - cache.jfrog.com
+  resources:
+  - openshiftartifactoryhas/status
+  verbs:
+  - get