updates to openshift v4.3.5 to artifactory-ha v7.3.2

Openshift4/.gitignore

@@ -1,3 +1,4 @@
 artifactory.cluster.license
 jfrog.team.crt
 jfrog.team.key
+artifactory-ha-operator/helm-charts/openshift-artifactory-ha

Openshift4/artifactory-ha-operator/build/Dockerfile

@@ -1,4 +1,4 @@
-FROM quay.io/operator-framework/helm-operator:v0.14.1
+FROM quay.io/operator-framework/helm-operator:v0.16.0
 
 COPY watches.yaml ${HOME}/watches.yaml
 COPY helm-charts/ ${HOME}/helm-charts/

Openshift4/artifactory-ha-operator/bundle/openshiftartifactoryha-operator.crd.yaml

@@ -0,0 +1,23 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: openshiftartifactoryhas.charts.helm.k8s.io
+spec:
+  group: charts.helm.k8s.io
+  names:
+    kind: OpenshiftArtifactoryHa
+    listKind: OpenshiftArtifactoryHaList
+    plural: openshiftartifactoryhas
+    singular: openshiftartifactoryha
+  scope: Namespaced
+  subresources:
+    status: {}
+  validation:
+    openAPIV3Schema:
+      type: object
+      x-kubernetes-preserve-unknown-fields: true
+  version: v1alpha1
+  versions:
+  - name: v1alpha1
+    served: true
+    storage: true

Openshift4/artifactory-ha-operator/bundle/openshiftartifactoryha-operator.package.yaml

@@ -0,0 +1,4 @@
+packageName: openshiftartifactoryha-operator
+channels:
+  - name: alpha
+    currentCSV: artifactory-ha-operator.v1.0.0

Openshift4/artifactory-ha-operator/deploy/catalogsourceconfig.yaml

@@ -0,0 +1,8 @@
+apiVersion: operators.coreos.com/v1
+kind: CatalogSourceConfig
+metadata:
+  name: artifactory-ha-operator-csc
+  namespace: openshift-marketplace
+spec:
+  targetNamespace: jfrog-artifactory
+  packages: artifactory-ha-operator

Openshift4/artifactory-ha-operator/deploy/imagestream-nginx.yaml

@@ -1,6 +0,0 @@
-apiVersion: image.openshift.io/v1
-kind: ImageStream
-metadata:
-  name: nginx-artifactory-pro
-  namespace: jfrog-artifactory
-

Openshift4/artifactory-ha-operator/deploy/imagestream-operator.yaml

@@ -1,6 +0,0 @@
-apiVersion: image.openshift.io/v1
-kind: ImageStream
-metadata:
-  name: artifactory-ha
-  namespace: jfrog-artifactory
-

Openshift4/artifactory-ha-operator/deploy/imagestream-pro.yaml

@@ -1,6 +0,0 @@
-apiVersion: image.openshift.io/v1
-kind: ImageStream
-metadata:
-  name: artifactory-pro
-  namespace: jfrog-artifactory
-

Openshift4/artifactory-ha-operator/deploy/operator.yaml

@@ -15,7 +15,7 @@ spec:
       serviceAccountName: artifactory-ha-operator
       containers:
         - name: artifactory-ha-operator
-          image: image-registry.openshift-image-registry.svc:5000/jfrog-artifactory/artifactory-ha
+          image: quay.io/jfrog/artifactory-ha-operator
           imagePullPolicy: IfNotPresent
           env:
             - name: WATCH_NAMESPACE
@@ -28,3 +28,17 @@ spec:
                   fieldPath: metadata.name
             - name: OPERATOR_NAME
               value: "artifactory-ha-operator"
+            - name: RELATED_IMAGE_ARTIFACTORY_IMAGE_REPOSITORY
+              value: "quay.io/jfrog/artifactory-rh-pro"
+            - name: RELATED_IMAGE_NGINX_IMAGE_REPOSITORY
+              value: "quay.io/jfrog/nginx-artifactory-rh-pro"
+            - name: DATABASE_TYPE
+              value: "OVERRIDE"
+            - name: DATABASE_DRIVER
+              value: "OVERRIDE"
+            - name: DATABASE_URL
+              value: "OVERRIDE"
+            - name: DATABASE_USER
+              value: "OVERRIDE"
+            - name: DATABASE_PASSWORD
+              value: "OVERRIDE"

Openshift4/artifactory-ha-operator/deploy/operatorgroup.yaml

@@ -1,7 +1,7 @@
 apiVersion: operators.coreos.com/v1alpha2
 kind: OperatorGroup
 metadata:
-  name: jfrog-group
+  name: jfrog-operator-group
   namespace: jfrog-artifactory
 spec:
   targetNamespaces:

Openshift4/artifactory-ha-operator/deploy/project.yaml

@@ -10,7 +10,7 @@ objects:
     annotations:
       openshift.io/description: JFrog Artifactory
       openshift.io/display-name: jfrog-artifactory
-      openshift.io/requester: johnp@jfrog.com
+      openshift.io/requester: integrations@jfrog.com
     creationTimestamp: null
     name: jfrog-artifactory
   spec: {}

Openshift4/artifactory-ha-operator/deploy/role.yaml

@@ -4,6 +4,40 @@ metadata:
   creationTimestamp: null
   name: artifactory-ha-operator
 rules:
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  - services
+  - services/finalizers
+  - endpoints
+  - persistentvolumeclaims
+  - events
+  - configmaps
+  - secrets
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - apps
+  resources:
+  - deployments
+  - daemonsets
+  - replicasets
+  - statefulsets
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
 - apiGroups:
   - ""
   resources:
@@ -23,41 +57,6 @@ rules:
   - events
   verbs:
   - create
-- apiGroups:
-  - networking.k8s.io
-  resources:
-  - networkpolicies
-  verbs:
-  - '*'
-- apiGroups:
-  - policy
-  resources:
-  - poddisruptionbudgets
-  verbs:
-  - '*'
-- apiGroups:
-  - ""
-  resources:
-  - configmaps
-  - secrets
-  - serviceaccounts
-  - services
-  verbs:
-  - '*'
-- apiGroups:
-  - rbac.authorization.k8s.io
-  resources:
-  - rolebindings
-  - roles
-  verbs:
-  - '*'
-- apiGroups:
-  - apps
-  resources:
-  - deployments
-  - statefulsets
-  verbs:
-  - '*'
 - apiGroups:
   - monitoring.coreos.com
   resources:

Openshift4/artifactory-ha-operator/deploy/securitycontextconstraints.yaml

@@ -1,15 +0,0 @@
-kind: SecurityContextConstraints
-apiVersion: v1
-metadata:
-  name: scc-admin
-allowPrivilegedContainer: true
-runAsUser:
-  type: RunAsAny
-seLinuxContext:
-  type: RunAsAny
-fsGroup:
-  type: RunAsAny
-supplementalGroups:
-  type: RunAsAny
-users:
-- kubeadmin

Openshift4/artifactory-ha-operator/deploy/subscription.yaml

@@ -0,0 +1,10 @@
+apiVersion: operators.coreos.com/v1alpha1
+kind: Subscription
+metadata:
+  name: artifactory-ha-operator
+  namespace: jfrog-artifactory
+spec:
+  channel: alpha
+  name: artifactory-ha-operator
+  source: artifactory-ha-operator-csc
+  sourceNamespace: openshift-operators

Openshift4/artifactory-ha-operator/helm-charts/README.md

@@ -0,0 +1,2 @@
+## README
+Should use the latest openshift artifactory ha chart from the partnership artifactory 

Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/hostpathscc.yaml

@@ -1,18 +0,0 @@
-kind: SecurityContextConstraints
-apiVersion: v1
-metadata:
-  name: hostpath
-allowPrivilegedContainer: false
-runAsUser:
-  type: RunAsAny
-seLinuxContext:
-  type: RunAsAny
-fsGroup:
-  type: RunAsAny
-supplementalGroups:
-  type: RunAsAny
-users:
-- artifactory
-groups:
-- artifactory
-- jfrog-artifactory

Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/requirements.lock

@@ -1,6 +0,0 @@
-dependencies:
-- name: artifactory-ha
-  repository: https://charts.jfrog.io/
-  version: 2.0.31
-digest: sha256:d7c2af74a0188ca8df2a97158c83b36f85dfae72c1b60ce4540a4e00da2d9a6f
-generated: "2020-03-19T17:29:04.445679-07:00"

Openshift4/artifactory-ha-operator/setup.sh

@@ -1,25 +0,0 @@
-#!/usr/bin/env bash
-oc project default
-oc apply -f helm-charts/openshift-artifactory-ha/pv-examples
-oc apply -f deploy/project.yaml
-oc apply -f deploy/namespace.yaml
-oc project jfrog-artifactory
-oc apply -f deploy/imagestream-nginx.yaml
-oc apply -f deploy/imagestream-pro.yaml
-oc apply -f deploy/imagestream-operator.yaml
-oc patch image.config.openshift.io/cluster --type=merge --patch='{"spec":{"registrySources":{"insecureRegistries":["default-route-openshift-image-registry.apps-crc.testing"]}}}'
-oc apply -f deploy/role.yaml
-oc apply -f deploy/role_binding.yaml
-oc apply -f deploy/service_account.yaml
-oc apply -f deploy/securitycontextconstraints.yaml
-oc adm policy add-scc-to-user  scc-admin system:serviceaccount:jfrog-artifactory:artifactory-ha-operator
-oc adm policy add-scc-to-user  scc-admin system:serviceaccount:jfrog-artifactory:default
-oc adm policy add-scc-to-user  anyuid system:serviceaccount:jfrog-artifactory:artifactory-ha-operator
-oc adm policy add-scc-to-user anyuid system:serviceaccount:jfrog-artifactory:default
-oc adm policy add-scc-to-group anyuid system:authenticated
-oc apply -f deploy/hostpathscc.yaml
-oc patch securitycontextconstraints.security.openshift.io/hostpath --type=merge --patch='{"allowHostDirVolumePlugin": true}'
-oc adm policy add-scc-to-user hostpath system:serviceaccount:jfrog-artifactory:artifactory-ha-operator
-oc apply -f deploy/crds/charts.helm.k8s.io_openshiftartifactoryhas_crd.yaml
-oc apply -f deploy/crds/charts.helm.k8s.io_v1alpha1_openshiftartifactoryha_cr.yaml
-oc create secret generic artifactory-license --from-file=../artifactory.cluster.license

Openshift4/artifactory-ha-operator/unload.sh

@@ -1,16 +0,0 @@
-#!/usr/bin/env bash
-oc project jfrog-artifactory
-oc delete deployments --all
-oc delete statefulsets --all
-oc delete configmaps --all
-oc delete deploymentconfigs --all
-oc delete pods --all
-oc delete svc --all
-oc delete networkpolicies --all
-oc delete pvc --all
-oc delete PodDisruptionBudget --all
-for s in $(oc get secrets | grep artifactory | cut -f1 -d ' '); do
-    oc delete secret $s
-done
-oc delete serviceaccount artifactoryha-artifactory-ha
-oc delete role artifactoryha-artifactory-ha  

Openshift4/artifactory-ha-operator/watches.yaml

@@ -3,3 +3,11 @@
   group: charts.helm.k8s.io
   kind: OpenshiftArtifactoryHa
   chart: helm-charts/openshift-artifactory-ha
+  overrideValues:
+    artifactory-ha.artifactory.image.repository: $RELATED_IMAGE_ARTIFACTORY_IMAGE_REPOSITORY
+    artifactory-ha.nginx.image.repository: $RELATED_IMAGE_NGINX_IMAGE_REPOSITORY
+    artifactory-ha.database.type: $DATABASE_TYPE
+    artifactory-ha.database.driver: $DATABASE_DRIVER
+    artifactory-ha.database.url: $DATABASE_URL
+    artifactory-ha.database.user: $DATABASE_USER
+    artifactory-ha.database.password: $DATABASE_PASSWORD

Openshift4/openshift-artifactory-ha/Chart.yaml

@@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: 7.2.1
+appVersion: 7.3.2
 description: Universal Repository Manager supporting all major packaging formats,
   build tools and CI servers.
 home: https://www.jfrog.com/artifactory/
@@ -21,4 +21,4 @@ name: openshift-artifactory-ha
 sources:
 - https://bintray.com/jfrog/product/JFrog-Artifactory-Pro/view
 - https://github.com/jfrog/charts
-version: 2.0.34
+version: 2.1.3

Openshift4/openshift-artifactory-ha/requirements.lock

@@ -0,0 +1,6 @@
+dependencies:
+- name: artifactory-ha
+  repository: https://charts.jfrog.io/
+  version: 2.1.3
+digest: sha256:58169c65a87781f34ab6a49706e0f345234878558ce681ee7ed38ace25b88dfe
+generated: "2020-03-26T13:58:11.770394-07:00"

Openshift4/openshift-artifactory-ha/requirements.yaml

@@ -1,4 +1,4 @@
 dependencies:
   - name: artifactory-ha
-    version: 2.0.34
+    version: 2.1.3
     repository: https://charts.jfrog.io/

Openshift4/openshift-artifactory-ha/values.yaml

@@ -2,8 +2,22 @@
 # Requires one custom init container
 # to resolve the user id perm issue with redhat
 artifactory-ha:
+  ###################################
+  # EDIT TO YOUR DB CONFIGURATION
+  ###################################
+  database:
+    type: "OVERRIDE"
+    driver: "OVERRIDE"
+    url: "OVERRIDE"
+    user: "OVERRIDE"
+    password: "OVERRIDE"
+
+  ###################################
+  # DO NOT EDIT FURTHER
+  ###################################
   initContainerImage: registry.redhat.io/ubi8-minimal
   waitForDatabase: false
+  installerInfo: '{ "productId": "Openshift_artifactory-ha/{{ .Chart.Version }}", "features": [ { "featureId": "ArtifactoryVersion/{{ default .Chart.AppVersion .Values.artifactory.image.version }}" }, { "featureId": "{{ if .Values.postgresql.enabled }}postgresql{{ else }}{{ default \"derby\" .Values.database.type }}{{ end }}/0.0.0" }, { "featureId": "Platform/{{ default \"openshift\" .Values.installer.platform }}" }, { "featureId": "Partner/ACC-006983" }, { "featureId": "Channel/Openshift" } ] }'
   artifactory:
     ## Add custom init containers execution before predefined init containers
     customInitContainersBegin: |
@@ -26,6 +40,8 @@ artifactory-ha:
     node:
       waitForPrimaryStartup:
         enabled: false
+  postgresql:
+    enabled: false
   nginx:
     image:
       repository: "image-registry.openshift-image-registry.svc:5000/jfrog-artifactory/nginx-artifactory-pro"