diff --git a/charts/datacenter/manuela-data-lake/templates/central-s3-store/camel-k-integration-platform.yaml b/charts/datacenter/manuela-data-lake/templates/central-s3-store/camel-k-integration-platform.yaml index 348caefe8..2cf78cd82 100644 --- a/charts/datacenter/manuela-data-lake/templates/central-s3-store/camel-k-integration-platform.yaml +++ b/charts/datacenter/manuela-data-lake/templates/central-s3-store/camel-k-integration-platform.yaml @@ -10,3 +10,35 @@ spec: configuration: - type: repository value: https://maven.repository.redhat.com/ga/all@id=redhat.ea + build: + registry: + address: image-registry.openshift-image-registry.svc:5000 + secret: ocp-registry +--- +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: camel-k-operator-registry-editor + namespace: manuela-data-lake +subjects: + - kind: ServiceAccount + name: camel-k-operator + namespace: manuela-data-lake +roleRef: + kind: ClusterRole + name: registry-editor + apiGroup: rbac.authorization.k8s.io +--- +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: camel-k-operator-registry-viewer + namespace: manuela-data-lake +subjects: + - kind: ServiceAccount + name: camel-k-operator + namespace: manuela-data-lake +roleRef: + kind: ClusterRole + name: registry-viewer + apiGroup: rbac.authorization.k8s.io diff --git a/charts/datacenter/manuela-data-lake/templates/central-s3-store/camel-k-ip-secret.yaml b/charts/datacenter/manuela-data-lake/templates/central-s3-store/camel-k-ip-secret.yaml new file mode 100644 index 000000000..e6af44cf4 --- /dev/null +++ b/charts/datacenter/manuela-data-lake/templates/central-s3-store/camel-k-ip-secret.yaml @@ -0,0 +1,64 @@ +{{- if .Values.clusterGroup.isHubCluster }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: camel-k-operator + annotations: + kubernetes.io/service-account.name: camel-k-operator +type: kubernetes.io/service-account-token +--- +apiVersion: external-secrets.io/v1alpha1 +kind: PushSecret +metadata: + name: push-secret-camel-k-operator +spec: + data: + - conversionStrategy: None + match: + remoteRef: + remoteKey: pushsecrets/camel-k-operator-manuela-data-lake + property: token + secretKey: token + deletionPolicy: Delete + refreshInterval: 10s + secretStoreRefs: + - kind: ClusterSecretStore + name: vault-backend + selector: + secret: + name: camel-k-operator + updatePolicy: Replace +--- +apiVersion: "external-secrets.io/v1beta1" +kind: ExternalSecret +metadata: + name: camel-k-operator-es +spec: + refreshInterval: 15s + secretStoreRef: + name: {{ $.Values.secretStore.name }} + kind: {{ $.Values.secretStore.kind }} + target: + name: ocp-registry + template: + type: kubernetes.io/dockerconfigjson + engineVersion: v2 + data: + .dockerconfigjson: > + { + "auths": { + "image-registry.openshift-image-registry.svc:5000": { + "username": "camel-k-operator", + "password": "{{ `{{ .saToken }}` }}", + "auth": "{{ `{{ printf "serviceaccount:%s" .saToken | b64enc }}` }}" + } + } + } + data: + - secretKey: saToken + remoteRef: + key: "pushsecrets/camel-k-operator-manuela-data-lake" + property: "token" +--- +{{- end }} diff --git a/charts/datacenter/manuela-tst/templates/messaging-kafka/camel-k-integration-platform.yaml b/charts/datacenter/manuela-tst/templates/messaging-kafka/camel-k-integration-platform.yaml index 3611be952..f23520ef0 100644 --- a/charts/datacenter/manuela-tst/templates/messaging-kafka/camel-k-integration-platform.yaml +++ b/charts/datacenter/manuela-tst/templates/messaging-kafka/camel-k-integration-platform.yaml @@ -9,4 +9,36 @@ metadata: spec: configuration: - type: repository - value: https://maven.repository.redhat.com/earlyaccess/all@id=redhat.ea \ No newline at end of file + value: https://maven.repository.redhat.com/earlyaccess/all@id=redhat.ea + build: + registry: + address: image-registry.openshift-image-registry.svc:5000 + secret: ocp-registry +--- +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: camel-k-operator-registry-editor + namespace: manuela-tst-all +subjects: + - kind: ServiceAccount + name: camel-k-operator + namespace: manuela-tst-all +roleRef: + kind: ClusterRole + name: registry-editor + apiGroup: rbac.authorization.k8s.io +--- +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: camel-k-operator-registry-viewer + namespace: manuela-tst-all +subjects: + - kind: ServiceAccount + name: camel-k-operator + namespace: manuela-tst-all +roleRef: + kind: ClusterRole + name: registry-viewer + apiGroup: rbac.authorization.k8s.io diff --git a/charts/datacenter/manuela-tst/templates/messaging-kafka/camel-k-ip-secret.yaml b/charts/datacenter/manuela-tst/templates/messaging-kafka/camel-k-ip-secret.yaml new file mode 100644 index 000000000..a1b519bb2 --- /dev/null +++ b/charts/datacenter/manuela-tst/templates/messaging-kafka/camel-k-ip-secret.yaml @@ -0,0 +1,64 @@ +{{- if .Values.clusterGroup.isHubCluster }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: camel-k-operator + annotations: + kubernetes.io/service-account.name: camel-k-operator +type: kubernetes.io/service-account-token +--- +apiVersion: external-secrets.io/v1alpha1 +kind: PushSecret +metadata: + name: push-secret-camel-k-operator +spec: + data: + - conversionStrategy: None + match: + remoteRef: + remoteKey: pushsecrets/camel-k-operator-manuela-tst + property: token + secretKey: token + deletionPolicy: Delete + refreshInterval: 10s + secretStoreRefs: + - kind: ClusterSecretStore + name: vault-backend + selector: + secret: + name: camel-k-operator + updatePolicy: Replace +--- +apiVersion: "external-secrets.io/v1beta1" +kind: ExternalSecret +metadata: + name: camel-k-operator-es +spec: + refreshInterval: 15s + secretStoreRef: + name: {{ $.Values.secretStore.name }} + kind: {{ $.Values.secretStore.kind }} + target: + name: ocp-registry + template: + type: kubernetes.io/dockerconfigjson + engineVersion: v2 + data: + .dockerconfigjson: > + { + "auths": { + "image-registry.openshift-image-registry.svc:5000": { + "username": "camel-k-operator", + "password": "{{ `{{ .saToken }}` }}", + "auth": "{{ `{{ printf "serviceaccount:%s" .saToken | b64enc }}` }}" + } + } + } + data: + - secretKey: saToken + remoteRef: + key: "pushsecrets/camel-k-operator-manuela-tst" + property: "token" +--- +{{- end }} diff --git a/charts/factory/manuela-stormshift/templates/messaging-kafka/camel-k-integration-platform.yaml b/charts/factory/manuela-stormshift/templates/messaging-kafka/camel-k-integration-platform.yaml index ad81c30c7..3ca588d1f 100644 --- a/charts/factory/manuela-stormshift/templates/messaging-kafka/camel-k-integration-platform.yaml +++ b/charts/factory/manuela-stormshift/templates/messaging-kafka/camel-k-integration-platform.yaml @@ -11,3 +11,35 @@ spec: configuration: - type: repository value: https://maven.repository.redhat.com/earlyaccess/all@id=redhat.ea + build: + registry: + address: image-registry.openshift-image-registry.svc:5000 + secret: ocp-registry +--- +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: camel-k-operator-registry-editor + namespace: manuela-stormshift-messaging +subjects: + - kind: ServiceAccount + name: camel-k-operator + namespace: manuela-stormshift-messaging +roleRef: + kind: ClusterRole + name: registry-editor + apiGroup: rbac.authorization.k8s.io +--- +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: camel-k-operator-registry-viewer + namespace: manuela-stormshift-messaging +subjects: + - kind: ServiceAccount + name: camel-k-operator + namespace: manuela-stormshift-messaging +roleRef: + kind: ClusterRole + name: registry-viewer + apiGroup: rbac.authorization.k8s.io diff --git a/charts/factory/manuela-stormshift/templates/messaging-kafka/camel-k-ip-secret.yaml b/charts/factory/manuela-stormshift/templates/messaging-kafka/camel-k-ip-secret.yaml new file mode 100644 index 000000000..71e7930ae --- /dev/null +++ b/charts/factory/manuela-stormshift/templates/messaging-kafka/camel-k-ip-secret.yaml @@ -0,0 +1,65 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: camel-k-operator + namespace: manuela-stormshift-messaging + annotations: + kubernetes.io/service-account.name: camel-k-operator +type: kubernetes.io/service-account-token +--- +apiVersion: external-secrets.io/v1alpha1 +kind: PushSecret +metadata: + name: push-secret-camel-k-operator + namespace: manuela-stormshift-messaging +spec: + data: + - conversionStrategy: None + match: + remoteRef: + remoteKey: pushsecrets/camel-k-operator-manuela-stormshift + property: token + secretKey: token + deletionPolicy: Delete + refreshInterval: 10s + secretStoreRefs: + - kind: ClusterSecretStore + name: vault-backend + selector: + secret: + name: camel-k-operator + updatePolicy: Replace +--- +apiVersion: "external-secrets.io/v1beta1" +kind: ExternalSecret +metadata: + name: camel-k-operator-es + namespace: manuela-stormshift-messaging +spec: + refreshInterval: 15s + secretStoreRef: + name: {{ $.Values.secretStore.name }} + kind: {{ $.Values.secretStore.kind }} + target: + name: ocp-registry + template: + type: kubernetes.io/dockerconfigjson + engineVersion: v2 + data: + .dockerconfigjson: > + { + "auths": { + "image-registry.openshift-image-registry.svc:5000": { + "username": "camel-k-operator", + "password": "{{ `{{ .saToken }}` }}", + "auth": "{{ `{{ printf "serviceaccount:%s" .saToken | b64enc }}` }}" + } + } + } + data: + - secretKey: saToken + remoteRef: + key: "pushsecrets/camel-k-operator-manuela-stormshift" + property: "token" +--- diff --git a/values-datacenter.yaml b/values-datacenter.yaml index 0a71da621..9402ea3d3 100644 --- a/values-datacenter.yaml +++ b/values-datacenter.yaml @@ -1,5 +1,5 @@ storageSystem: - deploy: true + deploy: false inventory: useSpecificNodes: false @@ -36,7 +36,7 @@ clusterGroup: acm: name: advanced-cluster-management namespace: open-cluster-management - channel: release-2.11 + channel: release-2.14 amqbroker-prod: name: amq-broker-rhel8 @@ -54,8 +54,6 @@ clusterGroup: - manuela-data-lake - manuela-tst-all channel: stable-v2 - csv: camel-k-operator.v2.5.1 - installPlanApproval: Manual source: community-operators sourceNamespace: openshift-marketplace