From 0dc4e2f13dc009e4c74fe1d94b7c9ba08d915ac7 Mon Sep 17 00:00:00 2001 From: GeorgeRaven Date: Sun, 24 Nov 2024 14:41:00 +0000 Subject: [PATCH] Added minio operator to cluster --- .../templates/minio-operator.yaml | 71 +++++++++++++++++++ charts/minio-operator/.helmignore | 23 ++++++ charts/minio-operator/Chart.yaml | 29 ++++++++ charts/minio-operator/README.md | 18 +++++ charts/minio-operator/values.yaml | 3 + 5 files changed, 144 insertions(+) create mode 100644 charts/infrastructure/templates/minio-operator.yaml create mode 100644 charts/minio-operator/.helmignore create mode 100644 charts/minio-operator/Chart.yaml create mode 100644 charts/minio-operator/README.md create mode 100644 charts/minio-operator/values.yaml diff --git a/charts/infrastructure/templates/minio-operator.yaml b/charts/infrastructure/templates/minio-operator.yaml new file mode 100644 index 00000000..007ed428 --- /dev/null +++ b/charts/infrastructure/templates/minio-operator.yaml @@ -0,0 +1,71 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: minio-operator + namespace: argocd + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + destination: + name: '' + namespace: minio-operator + server: 'https://kubernetes.default.svc' + source: + path: charts/minio-operator + repoURL: 'https://gitlab.com/deepcypher/dc-kc.git' + targetRevision: HEAD + #helm: + # values: | + #project: minio-operator + project: default + syncPolicy: + automated: + prune: true + selfHeal: true + syncOptions: + - CreateNamespace=true + - ApplyOutOfSyncOnly=true +--- +apiVersion: argoproj.io/v1alpha1 +kind: AppProject +metadata: + name: minio-operator + namespace: argocd + # Finalizer that ensures that project is not deleted until it is not referenced by any application + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + description: Infra-level project to isolate minio-operator + # Allow manifests to deploy from any Git repos + sourceRepos: + - '*' + # Only permit applications to deploy to the guestbook namespace in the same cluster + destinations: + - namespace: minio-operator + server: https://kubernetes.default.svc + # Deny all cluster-scoped resources from being created, except for Namespace + clusterResourceWhitelist: + - group: '' + kind: Namespace + # Allow all namespaced-scoped resources to be created, except for ResourceQuota, LimitRange, NetworkPolicy + namespaceResourceBlacklist: + - group: '' + kind: ResourceQuota + - group: '' + kind: LimitRange + #- group: '' + # kind: NetworkPolicy + # # Deny all namespaced-scoped resources from being created, except for Deployment and StatefulSet + # namespaceResourceWhitelist: + # - group: 'apps' + # kind: Deployment + # - group: 'apps' + # kind: StatefulSet + roles: + # A role which provides read-only access to all applications in the project + - name: read-only + description: Read-only privileges to minio-operator + policies: + - p, proj:my-project:read-only, applications, get, minio-operator/*, allow + groups: + - my-oidc-group diff --git a/charts/minio-operator/.helmignore b/charts/minio-operator/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/charts/minio-operator/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/minio-operator/Chart.yaml b/charts/minio-operator/Chart.yaml new file mode 100644 index 00000000..01b51c8d --- /dev/null +++ b/charts/minio-operator/Chart.yaml @@ -0,0 +1,29 @@ +apiVersion: v2 +name: minio-operator +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "4" + +dependencies: +- name: operator # operator is the new minio-operator chart name other is deprecated + version: 6.0.4 + repository: "https://operator.min.io" diff --git a/charts/minio-operator/README.md b/charts/minio-operator/README.md new file mode 100644 index 00000000..5323269a --- /dev/null +++ b/charts/minio-operator/README.md @@ -0,0 +1,18 @@ +# minio-operator + +A Helm chart for Kubernetes + +![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 4](https://img.shields.io/badge/AppVersion-4-informational?style=flat-square) + +## Requirements + +| Repository | Name | Version | +|------------|------|---------| +| https://operator.min.io | operator | 6.0.4 | + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| operator.operator | object | `{}` | | + diff --git a/charts/minio-operator/values.yaml b/charts/minio-operator/values.yaml new file mode 100644 index 00000000..ff1292e6 --- /dev/null +++ b/charts/minio-operator/values.yaml @@ -0,0 +1,3 @@ +operator: + # yes they do have a stupid subkey for all vars which ends up duplicated here + operator: {}