diff --git a/docs/hpe-greenlake-file-csi-driver-1.0.0-beta.tgz b/docs/hpe-greenlake-file-csi-driver-1.0.0-beta.tgz new file mode 100644 index 0000000..084018f Binary files /dev/null and b/docs/hpe-greenlake-file-csi-driver-1.0.0-beta.tgz differ diff --git a/docs/index.yaml b/docs/index.yaml index 17d9b4d..1c3c26c 100644 --- a/docs/index.yaml +++ b/docs/index.yaml @@ -1375,4 +1375,40 @@ entries: urls: - hpe-flexvolume-driver-3.0.0.tgz version: 3.0.0 -generated: "2024-08-01T03:20:00.451286-07:00" + hpe-greenlake-file-csi-driver: + - annotations: + artifacthub.io/category: storage + artifacthub.io/containsSecurityUpdates: "false" + artifacthub.io/license: Apache-2.0 + artifacthub.io/links: | + - name: Release Highlights + url: https://scod.hpedev.io/filex_csi_driver/index.html#latest_release + - name: Documentation + url: https://scod.hpedev.io/filex_csi_driver + - name: Chart Source + url: https://github.com/hpe-storage/co-deployments + artifacthub.io/prerelease: "true" + artifacthub.io/recommendations: | + - url: https://artifacthub.io/packages/helm/hpe-storage/hpe-csi-driver + apiVersion: v1 + appVersion: 2.4.1 + created: "2024-09-20T12:14:10.799353-07:00" + description: A Helm chart for installing the HPE GreenLake for File Storage CSI + Driver + digest: cccf4a390e28fca2651d9190c22be8691f353e17400566796d722a4518c7c465 + home: https://hpe.com/storage/containers + icon: https://raw.githubusercontent.com/hpe-storage/co-deployments/master/docs/assets/hpedev.png + keywords: + - HPE + - Storage + - CSI + maintainers: + - email: dev-hi-containers@hpe.com + name: datamattsson + name: hpe-greenlake-file-csi-driver + sources: + - https://github.com/hpe-storage/co-deployments + urls: + - hpe-greenlake-file-csi-driver-1.0.0-beta.tgz + version: 1.0.0-beta +generated: "2024-09-20T12:14:10.798873-07:00" diff --git a/helm/charts/hpe-greenlake-file-csi-driver/.helmignore b/helm/charts/hpe-greenlake-file-csi-driver/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/helm/charts/hpe-greenlake-file-csi-driver/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/charts/hpe-greenlake-file-csi-driver/Chart.yaml b/helm/charts/hpe-greenlake-file-csi-driver/Chart.yaml new file mode 100644 index 0000000..79f9961 --- /dev/null +++ b/helm/charts/hpe-greenlake-file-csi-driver/Chart.yaml @@ -0,0 +1,30 @@ +apiVersion: v1 +version: "1.0.0-beta" +appVersion: "2.4.1" +annotations: + artifacthub.io/prerelease: "true" + artifacthub.io/containsSecurityUpdates: "false" + artifacthub.io/license: Apache-2.0 + artifacthub.io/category: storage + artifacthub.io/links: | + - name: Release Highlights + url: https://scod.hpedev.io/filex_csi_driver/index.html#latest_release + - name: Documentation + url: https://scod.hpedev.io/filex_csi_driver + - name: Chart Source + url: https://github.com/hpe-storage/co-deployments + artifacthub.io/recommendations: | + - url: https://artifacthub.io/packages/helm/hpe-storage/hpe-csi-driver +description: A Helm chart for installing the HPE GreenLake for File Storage CSI Driver +icon: https://raw.githubusercontent.com/hpe-storage/co-deployments/master/docs/assets/hpedev.png +maintainers: +- name: datamattsson + email: dev-hi-containers@hpe.com +sources: +- https://github.com/hpe-storage/co-deployments +name: hpe-greenlake-file-csi-driver +home: https://hpe.com/storage/containers +keywords: + - HPE + - Storage + - CSI diff --git a/helm/charts/hpe-greenlake-file-csi-driver/README.md b/helm/charts/hpe-greenlake-file-csi-driver/README.md new file mode 100644 index 0000000..1561dc5 --- /dev/null +++ b/helm/charts/hpe-greenlake-file-csi-driver/README.md @@ -0,0 +1,103 @@ +# HPE GreenLake for File Storage CSI Driver Helm chart + +The [HPE GreenLake for File Storage CSI Driver](https://scod.hpedev.io/filex_csi_driver/index.html) leverages HPE GreenLake for File Storage to provide scalable and persistent storage for stateful and ephemeral applications running on Kubernetes. + +## Release highlights + +The HPE GreenLake for File Storage CSI Driver Helm chart is the primary delivery vehicle for the HPE GreenLake for File Storage CSI Driver. + +- All resources for HPE CSI drivers are available on [HPE Storage Container Orchestrator Documentation](https://scod.hpedev.io/) (SCOD). +- Visit [the latest release](https://scod.hpedev.io/filex_csi_driver/index.html#latest_release) on SCOD to learn what's new in this chart. + +## Prerequisites + +- Most recent Kubernetes distributions are supported +- Recent Ubuntu, SLES or RHEL (and its derives) compute nodes connected to their respective official package repositories +- Helm 3 (Version >= 3.2.0 required) + +Refer to [Compatibility & Support](https://scod.hpedev.io/filex_csi_driver/index.html#compatibility_and_support) for currently supported versions of Kubernetes and compute node operating systems. + +## Configuration and installation + +The following table lists the configurable parameters of the chart and their default values. + +| Parameter | Description | Default | +|---------------------------|-----------------------------------------------------------------------|------------------| +| disableNodeConformance | Disable automatic installation of NFS utilities on the compute nodes. | false | +| kubeletRootDir | The kubelet root directory path. | /var/lib/kubelet | +| controller.labels | Additional labels for the CSI driver controller Pod. | {} | +| controller.nodeSelector | Node labels for the CSI driver controller Pod assignment. | {} | +| controller.affinity | Affinity rules for the CSI driver controller Pod. | {} | +| controller.tolerations | Node taints to tolerate for the CSI driver controller Pod. | [] | +| controller.resources | A resource block with requests and limits for controller containers. | From values.yaml | +| node.labels | Additional labels for CSI driver node Pods. | {} | +| node.nodeSelector | Node labels for the CSI driver node Pods assignment. | {} | +| node.affinity | Affinity rules for the CSI driver node Pods. | {} | +| node.tolerations | Node taints to tolerate for the CSI driver node Pods. | [] | +| node.resources | A resource block with requests and limits for node containers. | From values.yaml | +| images | Key/value pairs of CSI driver runtime images. | From values.yaml | +| imagePullPolicy | Image pull policy (`Always`, `IfNotPresent`, `Never`). | IfNotPresent | + +`*` = Disabling node conformance and configuration may prevent the CSI driver from functioning properly. See the [manual node configuration](https://scod.hpedev.io/csi_driver/operations.html#manual_node_configuration) section on SCOD to understand the consequences. + +It's recommended to create a [values.yaml](https://github.com/hpe-storage/co-deployments/blob/master/helm/values/hpe-greenlake-file-csi-driver) file from the corresponding release of the chart and edit it to fit the environment the chart is being deployed to. Download and edit [a sample file](https://github.com/hpe-storage/co-deployments/blob/master/helm/values/hpe-greenlake-file-csi-driver). + +**Note:** The chart is installed with all components and features enabled using reasonable defaults if no tweaks are needed. + +### Installing the chart + +To install the chart with the name `my-hpe-greenlake-file-csi-driver`: + +Add HPE storage helm repo: + +``` +helm repo add hpe-storage https://hpe-storage.github.io/co-deployments/ +helm repo update +``` + +Install the latest chart: + +``` +helm install --create-namespace -n hpe-storage my-hpe-greenlake-file-csi-driver hpe-storage/hpe-greenlake-file-csi-driver +``` + +**Note**: By default, the latest stable chart will be installed. If it's labeled with `prerelease` and a "beta" version tag, add `--version X.Y.Z-beta` to the command line to install a "beta" chart. + +### Upgrading the chart + +Refresh the Helm repository cache and upgrade. + +``` +helm repo update +helm upgrade -n hpe-storage my-hpe-greenlake-file-csi-driver hpe-storage/hpe-greenlake-file-csi-driver +``` + +#### Uninstalling the chart + +To uninstall the `hpe-greenlake-file-csi-driver` chart: + +``` +helm uninstall hpe-greenlake-file-csi-driver -n hpe-storage +``` + +## Using persistent storage with Kubernetes + +Enable dynamic provisioning of persistent storage by creating a `StorageClass` API object that references a `Secret` which maps to a storage backend. Refer to the [HPE GreenLake for File Storage CSI Driver](https://scod.hpedev.io/filex_csi_driver/deployment.html#add_a_storage_backend) documentation on SCOD. Also, it's helpful to be familiar with [persistent storage concepts](https://kubernetes.io/docs/concepts/storage/volumes/) in Kubernetes prior to deploying stateful workloads. + +## Support + +The HPE GreenLake for File Storage CSI Driver Helm chart is fully supported by HPE. + +Formal support statements for each HPE backend is [available on SCOD](https://scod.hpedev.io/legal/support). Use this facility for formal support of your HPE storage products, including the Helm chart. + +## Community + +Please file any issues, questions or feature requests you may have [here](https://github.com/hpe-storage/co-deployments/issues) (do not use this facility for support inquiries of your HPE storage product, see [SCOD](https://scod.hpedev.io/legal/support) for support). You may also join our Slack community to chat with HPE folks close to this project. We hang out in `#Alletra`, `#HPE-GreenLake-Data-Services`, and `#Kubernetes`. Sign up at [developer.hpe.com/slack-signup](https://developer.hpe.com/slack-signup) and login at [hpedev.slack.com](https://hpedev.slack.com/) + +## Contributing + +We value all feedback and contributions. If you find any issues or want to contribute, please feel free to open an issue or file a PR. More details in [CONTRIBUTING.md](https://github.com/hpe-storage/co-deployments/blob/master/CONTRIBUTING.md) + +## License + +This is open source software licensed using the Apache License 2.0. Please see [LICENSE](https://github.com/hpe-storage/co-deployments/blob/master/LICENSE) for details. diff --git a/helm/charts/hpe-greenlake-file-csi-driver/templates/NOTES.txt b/helm/charts/hpe-greenlake-file-csi-driver/templates/NOTES.txt new file mode 100644 index 0000000..e69de29 diff --git a/helm/charts/hpe-greenlake-file-csi-driver/templates/_helpers.tpl b/helm/charts/hpe-greenlake-file-csi-driver/templates/_helpers.tpl new file mode 100644 index 0000000..4e6a042 --- /dev/null +++ b/helm/charts/hpe-greenlake-file-csi-driver/templates/_helpers.tpl @@ -0,0 +1,52 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "hpe-greenlake-file-csi-driver.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "hpe-greenlake-file-csi-driver.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "hpe-greenlake-file-csi-driver.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "hpe-greenlake-file-csi-driver.labels" -}} +helm.sh/chart: {{ include "hpe-greenlake-file-csi-driver.chart" . }} +{{ include "hpe-greenlake-file-csi-driver.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "hpe-greenlake-file-csi-driver.selectorLabels" -}} +app.kubernetes.io/name: {{ include "hpe-greenlake-file-csi-driver.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + diff --git a/helm/charts/hpe-greenlake-file-csi-driver/templates/hpe-filex-csi-controller.yaml b/helm/charts/hpe-greenlake-file-csi-driver/templates/hpe-filex-csi-controller.yaml new file mode 100644 index 0000000..be12a10 --- /dev/null +++ b/helm/charts/hpe-greenlake-file-csi-driver/templates/hpe-filex-csi-controller.yaml @@ -0,0 +1,160 @@ +--- + +############################################# +############ Controller driver ############ +############################################# + +kind: Deployment +apiVersion: apps/v1 +metadata: + name: hpe-filex-csi-controller + namespace: {{ .Release.Namespace }} +spec: + replicas: 1 + selector: + matchLabels: + app: hpe-filex-csi-controller + template: + metadata: + labels: + app: hpe-filex-csi-controller + role: hpe-filex-csi + {{- if .Values.controller.labels }} +{{ toYaml .Values.controller.labels | indent 8 }} + {{- end }} + spec: + serviceAccountName: hpe-filex-csi-controller-sa + priorityClassName: system-cluster-critical + hostNetwork: true + restartPolicy: Always + terminationGracePeriodSeconds: 30 + dnsPolicy: ClusterFirstWithHostNet + dnsConfig: + options: + - name: ndots + value: "1" + containers: + - name: csi-provisioner + image: {{ .Values.images.csiProvisioner | quote }} + resources: + {{- toYaml .Values.controller.resources | nindent 12 }} + args: + - --csi-address=$(ADDRESS) + - --v=5 + - --extra-create-metadata + - --timeout=15s + - --worker-threads=10 + - --retry-interval-start=10s + - --retry-interval-max=60s + env: + - name: ADDRESS + value: /var/lib/csi/sockets/pluginproxy/csi.sock + imagePullPolicy: {{ .Values.imagePullPolicy | quote }} + volumeMounts: + - name: socket-dir + mountPath: /var/lib/csi/sockets/pluginproxy + - name: csi-attacher + image: {{ .Values.images.csiAttacher | quote }} + resources: + {{- toYaml .Values.controller.resources | nindent 12 }} + args: + - --csi-address=$(ADDRESS) + - --v=5 + - --timeout=15s + - --worker-threads=10 + - --retry-interval-start=10s + - --retry-interval-max=60s + env: + - name: ADDRESS + value: /var/lib/csi/sockets/pluginproxy/csi.sock + imagePullPolicy: {{ .Values.imagePullPolicy | quote }} + volumeMounts: + - name: socket-dir + mountPath: /var/lib/csi/sockets/pluginproxy + - name: csi-snapshotter + image: {{ .Values.images.csiSnapshotter | quote }} + resources: + {{- toYaml .Values.controller.resources | nindent 12 }} + args: + - --csi-address=$(ADDRESS) + - --v=5 + - --extra-create-metadata + - --leader-election=false + - --timeout=15s + - --worker-threads=10 + - --retry-interval-start=10s + - --retry-interval-max=60s + env: + - name: ADDRESS + value: /var/lib/csi/sockets/pluginproxy/csi.sock + imagePullPolicy: {{ .Values.imagePullPolicy | quote }} + volumeMounts: + - name: socket-dir + mountPath: /var/lib/csi/sockets/pluginproxy + - name: csi-resizer + image: {{ .Values.images.csiResizer | quote }} + resources: + {{- toYaml .Values.controller.resources | nindent 12 }} + args: + - --csi-address=$(ADDRESS) + - --v=5 + - --timeout=15s + - --workers=10 + - --retry-interval-start=10s + - --retry-interval-max=60s + - --handle-volume-inuse-error=false + env: + - name: ADDRESS + value: /var/lib/csi/sockets/pluginproxy/csi.sock + imagePullPolicy: {{ .Values.imagePullPolicy | quote }} + volumeMounts: + - name: socket-dir + mountPath: /var/lib/csi/sockets/pluginproxy + - name: hpe-filex-csi-driver + image: {{ .Values.images.csiControllerDriver | quote }} + resources: + {{- toYaml .Values.controller.resources | nindent 12 }} + args : + - serve + env: + - name: X_CSI_PLUGIN_NAME + value: filex.csi.hpe.com + - name: X_CSI_VMS_HOST + - name: X_CSI_ENABLE_VMS_SSL_VERIFICATION + value: "false" + - name: X_CSI_DELETION_VIP_POOL_NAME + - name: X_CSI_DELETION_VIEW_POLICY + - name: X_CSI_WORKER_THREADS + value: "10" + - name: X_CSI_DONT_USE_TRASH_API + value: "false" + - name: X_CSI_USE_LOCALIP_FOR_MOUNT + - name: X_CSI_ATTACH_REQUIRED + value: "true" + - name: X_CSI_VMS_TIMEOUT + value: "15" + - name: X_CSI_TRUNCATE_VOLUME_NAME + value: "64" + - name: CSI_ENDPOINT + value: unix:///var/lib/csi/sockets/pluginproxy/csi.sock + - name: X_CSI_MODE + value: controller + imagePullPolicy: {{ .Values.imagePullPolicy | quote }} + volumeMounts: + - mountPath: /var/lib/csi/sockets/pluginproxy/ + name: socket-dir + volumes: + - name: socket-dir + emptyDir: {} + {{- if .Values.controller.nodeSelector }} + nodeSelector: +{{ toYaml .Values.controller.nodeSelector | indent 8 }} + {{- end }} + {{- if .Values.controller.tolerations }} + tolerations: +{{ toYaml .Values.controller.tolerations | indent 8 }} + {{- end }} + {{- if .Values.controller.affinity }} + affinity: +{{ toYaml .Values.controller.affinity | indent 8 }} + {{- end }} diff --git a/helm/charts/hpe-greenlake-file-csi-driver/templates/hpe-filex-csi-driver.yaml b/helm/charts/hpe-greenlake-file-csi-driver/templates/hpe-filex-csi-driver.yaml new file mode 100644 index 0000000..9ccc35e --- /dev/null +++ b/helm/charts/hpe-greenlake-file-csi-driver/templates/hpe-filex-csi-driver.yaml @@ -0,0 +1,10 @@ +apiVersion: storage.k8s.io/v1 +kind: CSIDriver +metadata: + name: filex.csi.hpe.com +spec: + attachRequired: true + podInfoOnMount: true + volumeLifecycleModes: + - Persistent + - Ephemeral diff --git a/helm/charts/hpe-greenlake-file-csi-driver/templates/hpe-filex-csi-node.yaml b/helm/charts/hpe-greenlake-file-csi-driver/templates/hpe-filex-csi-node.yaml new file mode 100644 index 0000000..98042ec --- /dev/null +++ b/helm/charts/hpe-greenlake-file-csi-driver/templates/hpe-filex-csi-node.yaml @@ -0,0 +1,201 @@ +--- + +####################################### +############ Node driver ############ +####################################### + +kind: DaemonSet +apiVersion: apps/v1 +metadata: + name: hpe-filex-csi-node + namespace: {{ .Release.Namespace }} +spec: + selector: + matchLabels: + app: hpe-filex-csi-node + template: + metadata: + labels: + app: hpe-filex-csi-node + role: hpe-filex-csi + {{- if .Values.node.labels }} +{{ toYaml .Values.node.labels | indent 8 }} + {{- end }} + spec: + serviceAccountName: hpe-filex-csi-node-sa + priorityClassName: system-node-critical + hostNetwork: true + dnsPolicy: ClusterFirstWithHostNet + dnsConfig: + options: + - name: ndots + value: "1" + initContainers: + - name: hpe-filex-csi-node-init + image: {{ .Values.images.csiNodeInit | quote }} + resources: + {{- toYaml .Values.node.resources | nindent 12 }} + volumeMounts: + - name: root-dir + mountPath: /host + mountPropagation: "Bidirectional" + - name: etc-hpe-storage-dir + mountPath: /etc/hpe-storage + - name: runsystemd + mountPath: /run/systemd + - name: etcsystemd + mountPath: /etc/systemd/system + env: + {{ if .Values.disableNodeConformance -}} + - name: DISABLE_NODE_CONFORMANCE + value: "true" + {{- end }} + imagePullPolicy: {{ .Values.imagePullPolicy | quote }} + securityContext: + privileged: true + capabilities: + add: ["SYS_ADMIN"] + allowPrivilegeEscalation: true + containers: + - name: csi-node-driver-registrar + image: {{ .Values.images.csiNodeDriverRegistrar | quote }} + resources: + {{- toYaml .Values.node.resources | nindent 12 }} + args: + - "--csi-address=$(ADDRESS)" + - "--kubelet-registration-path=$(DRIVER_REG_SOCK_PATH)" + - "--v=5" + env: + - name: ADDRESS + value: /csi/csi.sock + - name: DRIVER_REG_SOCK_PATH + {{- if .Values.kubeletRootDir }} + value: {{ .Values.kubeletRootDir }}/plugins/filex.csi.hpe.com/csi.sock + {{- else }} + value: /var/lib/kubelet/plugins/filex.csi.hpe.com/csi.sock + {{- end }} + - name: KUBE_NODE_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + imagePullPolicy: {{ .Values.imagePullPolicy | quote }} + volumeMounts: + - name: plugin-dir + mountPath: /csi + - name: registration-dir + mountPath: /registration + - name: hpe-filex-csi-node-driver + image: {{ .Values.images.csiNodeDriver | quote }} + resources: + {{- toYaml .Values.node.resources | nindent 12 }} + args : + - serve + env: + - name: X_CSI_PLUGIN_NAME + value: filex.csi.hpe.com + - name: X_CSI_VMS_HOST + - name: X_CSI_ENABLE_VMS_SSL_VERIFICATION + value: "false" + - name: X_CSI_DELETION_VIP_POOL_NAME + - name: X_CSI_DELETION_VIEW_POLICY + - name: X_CSI_WORKER_THREADS + value: "10" + - name: X_CSI_DONT_USE_TRASH_API + value: "false" + - name: X_CSI_USE_LOCALIP_FOR_MOUNT + - name: X_CSI_ATTACH_REQUIRED + value: "true" + - name: X_CSI_VMS_TIMEOUT + value: "15" + - name: X_CSI_TRUNCATE_VOLUME_NAME + value: "64" + - name: CSI_ENDPOINT + value: unix:///csi/csi.sock + - name: X_CSI_MODE + value: node + - name: X_CSI_NODE_ID + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: spec.nodeName + imagePullPolicy: {{ .Values.imagePullPolicy | quote }} + securityContext: + privileged: true + capabilities: + add: ["SYS_ADMIN"] + allowPrivilegeEscalation: true + volumeMounts: + - name: pods-mount-dir + {{- if .Values.kubeletRootDir }} + mountPath: {{ .Values.kubeletRootDir }} + {{- else }} + mountPath: /var/lib/kubelet + {{- end }} + mountPropagation: Bidirectional + - name: plugin-dir + mountPath: /csi + - name: device-dir + mountPath: /dev + - name: host-nfsmount-conf-d + mountPath: /etc/nfsmount.conf.d + volumes: + # gl4f + - hostPath: + {{ if .Values.kubeletRootDir }} + path: {{ .Values.kubeletRootDir }}/plugins_registry/ + {{- else }} + path: /var/lib/kubelet/plugins_registry/ + {{- end }} + type: DirectoryOrCreate + name: registration-dir + - hostPath: + {{ if .Values.kubeletRootDir }} + path: {{ .Values.kubeletRootDir }}/plugins/filex.csi.hpe.com + {{- else }} + path: /var/lib/kubelet/plugins/filex.csi.hpe.com + {{- end }} + type: DirectoryOrCreate + name: plugin-dir + - hostPath: + {{ if .Values.kubeletRootDir }} + path: {{ .Values.kubeletRootDir }} + {{- else }} + path: /var/lib/kubelet + {{- end }} + type: Directory + name: pods-mount-dir + - hostPath: + path: /dev + type: "" + name: device-dir + - hostPath: + path: /etc/nfsmount.conf.d + type: DirectoryOrCreate + name: host-nfsmount-conf-d + + # init + - name: root-dir + hostPath: + path: / + - name: runsystemd + hostPath: + path: /run/systemd + - name: etcsystemd + hostPath: + path: /etc/systemd/system + - name: etc-hpe-storage-dir + hostPath: + path: /etc/hpe-storage + {{- if .Values.node.nodeSelector }} + nodeSelector: +{{ toYaml .Values.node.nodeSelector | indent 8 }} + {{- end }} + {{- if .Values.node.tolerations }} + tolerations: +{{ toYaml .Values.node.tolerations | indent 8 }} + {{- end }} + {{- if .Values.node.affinity }} + affinity: +{{ toYaml .Values.node.affinity | indent 8 }} + {{- end }} diff --git a/helm/charts/hpe-greenlake-file-csi-driver/templates/hpe-filex-csi-rbac.yaml b/helm/charts/hpe-greenlake-file-csi-driver/templates/hpe-filex-csi-rbac.yaml new file mode 100644 index 0000000..f6aaf6d --- /dev/null +++ b/helm/charts/hpe-greenlake-file-csi-driver/templates/hpe-filex-csi-rbac.yaml @@ -0,0 +1,291 @@ +--- +kind: ServiceAccount +apiVersion: v1 +metadata: + name: hpe-filex-csi-controller-sa + namespace: {{ .Release.Namespace }} + +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: hpe-filex-csi-provisioner-role +rules: + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] + - apiGroups: [""] + resources: ["namespaces"] + verbs: ["get", "list", "create"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list"] + - apiGroups: [""] + resources: ["serviceaccounts"] + verbs: ["get", "list", "create"] + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get", "create"] + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "create", "delete", "update"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["create", "get", "list", "watch", "update", "delete"] + - apiGroups: [""] + resources: ["services"] + verbs: ["create", "get", "list", "watch", "update", "delete"] + - apiGroups: ["apps"] + resources: ["deployments"] + verbs: ["create", "get", "list", "watch", "update", "delete"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots"] + verbs: ["get", "list"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["get", "list"] + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "list", "delete"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "update", "patch", "delete"] + +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: hpe-filex-csi-provisioner-binding +subjects: + - kind: ServiceAccount + name: hpe-filex-csi-controller-sa + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: hpe-filex-csi-provisioner-role + apiGroup: rbac.authorization.k8s.io + +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: hpe-filex-csi-attacher-role +rules: + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments/status"] + verbs: ["get", "list", "watch", "update", "create", "delete", "patch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "watch", "list"] + - apiGroups: ["storage.k8s.io"] + resources: ["csinodes"] + verbs: ["get", "list", "watch"] + +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: hpe-filex-csi-attacher-binding +subjects: + - kind: ServiceAccount + name: hpe-filex-csi-controller-sa + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: hpe-filex-csi-attacher-role + apiGroup: rbac.authorization.k8s.io + +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: hpe-filex-csi-snapshotter-role +rules: + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "create", "delete"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots"] + verbs: ["create", "update", "delete", "get", "list", "watch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots/status"] + verbs: ["update"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: ["create", "update", "delete", "get", "list", "watch", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents/status"] + verbs: ["create", "get", "list", "watch", "update", "delete", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch", "create", "delete", "update"] + +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: hpe-filex-csi-snapshotter-binding +subjects: + - kind: ServiceAccount + name: hpe-filex-csi-controller-sa + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: hpe-filex-csi-snapshotter-role + apiGroup: rbac.authorization.k8s.io + +--- +# Resizer must be able to work with PVCs, PVs, SCs. +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: hpe-filex-csi-resizer-role +rules: + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims/status"] + verbs: ["update", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["list", "watch", "create", "update", "patch"] + +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: hpe-filex-csi-resizer-role +subjects: + - kind: ServiceAccount + name: hpe-filex-csi-controller-sa + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: hpe-filex-csi-resizer-role + apiGroup: rbac.authorization.k8s.io + +--- + +# Resizer must be able to work with end point in current namespace +# if (and only if) leadership election is enabled +kind: Role +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + namespace: {{ .Release.Namespace }} + name: hpe-filex-csi-resizer-role +rules: + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["get", "watch", "list", "delete", "update", "create"] + +--- +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: hpe-filex-csi-resizer-role-cfg + namespace: {{ .Release.Namespace }} +subjects: + - kind: ServiceAccount + name: hpe-filex-csi-controller-sa + namespace: {{ .Release.Namespace }} +roleRef: + kind: Role + name: hpe-filex-csi-resizer-role + apiGroup: rbac.authorization.k8s.io +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: hpe-filex-csi-driver-role +rules: + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "list"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] + - apiGroups: [""] + resources: ["services"] + verbs: ["get"] + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: ["get", "list"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: ["get", "list"] + - apiGroups: [""] + resources: ["namespaces"] + verbs: ["get", "list"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch"] + +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: hpe-filex-csi-node-sa + namespace: {{ .Release.Namespace }} + +--- +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: hpe-filex-csi-driver-binding +subjects: + - kind: ServiceAccount + name: hpe-filex-csi-controller-sa + namespace: {{ .Release.Namespace }} + - kind: ServiceAccount + name: hpe-filex-csi-node-sa + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: hpe-filex-csi-driver-role + apiGroup: rbac.authorization.k8s.io diff --git a/helm/charts/hpe-greenlake-file-csi-driver/values.schema.json b/helm/charts/hpe-greenlake-file-csi-driver/values.schema.json new file mode 100644 index 0000000..debac90 --- /dev/null +++ b/helm/charts/hpe-greenlake-file-csi-driver/values.schema.json @@ -0,0 +1,221 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema", + "$id": "http://example.com/example.json", + "title": "HPE CSI Driver for Kubernetes Helm Chart JSON Schema", + "type": "object", + "default": + { + "disableNodeConformance": false, + "imagePullPolicy": "IfNotPresent", + "iscsi": { + "chapSecretName": "" + }, + "logLevel": "info", + "kubeletRootDir": "/var/lib/kubelet", + "controller": { + "nodeSelector": {}, + "tolerations": [], + "affinity": {}, + "labels": {}, + "resources": {} + }, + "node": { + "nodeSelector": {}, + "tolerations": [], + "affinity": {}, + "labels": {}, + "resources": {} + }, + "images": {} + }, + "required": [ + "disableNodeConformance", + "imagePullPolicy", + "kubeletRootDir", + "controller", + "node", + "images" + ], + "properties": { + "disableNodeConformance": { + "$id": "#/properties/disableNodeConformance", + "title": "Disable node conformance", + "description": "Disabling node conformance forces the cluster administrator to install required packages and ensure the correct node services are started to use external block storage.", + "type": "boolean", + "default": false + }, + "imagePullPolicy": { + "$id": "#/properties/imagePullPolicy", + "title": "CSI driver image pull policy", + "type": "string", + "default": "IfNotPresent", + "enum": [ "Always", "IfNotPresent", "Never" ] + }, + "kubeletRootDir": { + "$id": "#/properties/kubeletRootDir", + "title": "Kubelet root directory", + "description": "Only change this if the kubelet root dir has been altered by the Kubernetes platform installer.", + "type": "string", + "default": "/var/lib/kubelet", + "pattern": "^/" + }, + "controller": { + "nodeSelector": { + "$id": "#/properties/controller/properties/nodeSelector", + "title": "Node selector to control the selection of nodes (optional).", + "description": "Selector which must match a node's labels for the pod to be scheduled on that node.", + "type": "object", + "default": {} + }, + "tolerations": { + "$id": "#/properties/controller/properties/tolerations", + "title": "Set tolerations for the driver pods(optional)", + "description": "Tolerations is the list of tolerations for the driver pods.", + "type": "array", + "default": [] + }, + "affinity": { + "$id": "#/properties/controller/properties/affinity", + "title": "Node affinity for controller plugin (optional).", + "description": "Describes node affinity scheduling rules for the pod.", + "type": "object", + "default": {} + }, + "labels": { + "$id": "#/properties/controller/properties/labels", + "title": "labels", + "description": "Labels to apply to the controller driver.", + "type": "object", + "default": {} + }, + "resources": { + "$id": "#/properties/controller/properties/resources", + "type": "object", + "title": "resource requests and limits", + "additionalProperties": false, + "required": ["limits", "requests"], + "description": "See https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "properties": { + "limits": { + "type": "object", + "title": "resource limits", + "default": {} + }, + "requests": { + "type": "object", + "title": "resource requests", + "default": {} } + } + } + }, + "node": { + "nodeSelector": { + "$id": "#/properties/node/properties/nodeSelector", + "title": "Node selector to control the selection of nodes (optional).", + "description": "Selector which must match a node's labels for the pod to be scheduled on that node.", + "type": "object", + "default": {} + }, + "tolerations": { + "$id": "#/properties/node/properties/tolerations", + "title": "Set tolerations for the node pods(optional).", + "description": "Tolerations is the list of tolerations for the node pods.", + "type": "array", + "default": [] + }, + "affinity": { + "$id": "#/properties/node/properties/affinity", + "title": "Node affinity for node plugin (optional).", + "description": "Describes node affinity scheduling rules for the pod.", + "type": "object", + "default": {} + }, + "labels": { + "$id": "#/properties/node/properties/labels", + "title": "labels", + "description": "Labels to apply to the node driver.", + "type": "object", + "default": {} + }, + "resources": { + "$id": "#/properties/node/properties/resources", + "type": "object", + "title": "resource requests and limits", + "additionalProperties": false, + "required": ["limits", "requests"], + "description": "See https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/", + "properties": { + "limits": { + "type": "object", + "title": "resource limits", + "default": {} + }, + "requests": { + "type": "object", + "title": "resource requests", + "default": {} } + } + } + }, + "images": { + "$id": "#/properties/images", + "title": "images", + "description": "Runtime images.", + "type": "object", + "required": [ + "csiNodeInit", + "csiNodeDriver", + "csiControllerDriver", + "csiAttacher", + "csiNodeDriverRegistrar", + "csiProvisioner", + "csiResizer", + "csiSnapshotter" + ], + "properties": { + "csiNodeDriver": { + "$id": "#/properties/images/properties/csiNodeDriver", + "title": "CSI Node Driver", + "type": "string" + }, + "csiNodeInitDriver": { + "$id": "#/properties/images/properties/csiNodeDriver", + "title": "CSI Node Init Driver", + "type": "string" + }, + "csiControllerDriver": { + "$id": "#/properties/images/properties/csiControllerDriver", + "title": "CSI Controller Driver", + "type": "string" + }, + "csiAttacher": { + "$id": "#/properties/images/properties/csiAttacher", + "title": "SIG Storage CSI Attacher", + "type": "string" + }, + "csiNodeDriverRegistrar": { + "$id": "#/properties/images/properties/csiNodeDriverRegistrar", + "title": "SIG Storage CSI Driver Registrar", + "type": "string" + }, + "csiProvisioner": { + "$id": "#/properties/images/properties/csiProvisioner", + "title": "SIG Storage CSI Provisioner", + "type": "string" + }, + "csiResizer": { + "$id": "#/properties/images/properties/csiResizer", + "title": "SIG Storage CSI Resizer", + "type": "string" + }, + "csiSnapshotter": { + "$id": "#/properties/images/properties/csiSnapshotter", + "title": "SIG Storage CSI Snapshotter", + "type": "string" + } + } + }, + "global": {} + }, + "additionalProperties": false +} diff --git a/helm/charts/hpe-greenlake-file-csi-driver/values.yaml b/helm/charts/hpe-greenlake-file-csi-driver/values.yaml new file mode 100644 index 0000000..e59a528 --- /dev/null +++ b/helm/charts/hpe-greenlake-file-csi-driver/values.yaml @@ -0,0 +1,67 @@ +# Default values for hpe-csi-driver Helm chart +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +# For controlling automatic iscsi/multipath package installation +disableNodeConformance: false + +# Kubelet root directory path +kubeletRootDir: "/var/lib/kubelet" + +# Controller driver decorations +controller: + + # These values map directly to yaml in the deployment spec, see the kubernetes docs for info + labels: {} + + # These values map directly to yaml in the deployment spec, see the kubernetes docs for info + nodeSelector: {} + + # These values map directly to yaml in the deployment spec, see the kubernetes docs for info + tolerations: [] + + affinity: {} + + resources: + limits: + cpu: 2000m + memory: 1Gi + requests: + cpu: 100m + memory: 128Mi + +# Node driver decorations +node: + + # These values map directly to yaml in the deployment spec, see the kubernetes docs for info + labels: {} + + # These values map directly to yaml in the deployment spec, see the kubernetes docs for info + nodeSelector: {} + + # These values map directly to yaml in the deployment spec, see the kubernetes docs for info + tolerations: [] + + affinity: {} + + resources: + limits: + cpu: 2000m + memory: 1Gi + requests: + cpu: 100m + memory: 128Mi + +# imagePullPolicy applied for all hpe-csi-driver images +imagePullPolicy: "IfNotPresent" + +# Release images +images: + csiNodeInit: quay.io/hpestorage/filex-csi-init:v1.0.0-beta + csiNodeDriver: quay.io/hpestorage/filex-csi-driver:v1.0.0-beta + csiControllerDriver: quay.io/hpestorage/filex-csi-driver:v1.0.0-beta + csiAttacher: registry.k8s.io/sig-storage/csi-attacher:v4.6.1 + csiNodeDriverRegistrar: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.1 + csiProvisioner: registry.k8s.io/sig-storage/csi-provisioner:v5.0.1 + csiResizer: registry.k8s.io/sig-storage/csi-resizer:v1.11.1 + csiSnapshotter: registry.k8s.io/sig-storage/csi-snapshotter:v8.0.1 diff --git a/operators/hpe-greenlake-file-csi-operator/.gitignore b/operators/hpe-greenlake-file-csi-operator/.gitignore new file mode 100644 index 0000000..6fe92c5 --- /dev/null +++ b/operators/hpe-greenlake-file-csi-operator/.gitignore @@ -0,0 +1,4 @@ +filex-csi-driver-operator +cache +prep +init diff --git a/operators/hpe-greenlake-file-csi-operator/Makefile b/operators/hpe-greenlake-file-csi-operator/Makefile new file mode 100755 index 0000000..6ce8466 --- /dev/null +++ b/operators/hpe-greenlake-file-csi-operator/Makefile @@ -0,0 +1,119 @@ +# Set these +VERSION ?= 0.0.0 +SOURCE_VERSION ?= $(VERSION) +REPO_NAME ?= quay.io/myrepo + +# Don't set these, preferably +RH_REPO_NAME=registry.connect.redhat.com/hpestorage +CERTIFIED_OUTPUT=destinations/certified-operators/current-version +CERTIFIED_KUBE_PROXY=registry.redhat.io/openshift4/ose-kube-rbac-proxy:latest +NAMESPACE ?= hpe-storage +KIND ?= HPEGreenLakeFileCSIDriver +KIND_LC ?= hpegreenlakefilecsidriver +CHART ?= hpe-greenlake-file-csi-driver +VANITY_NAME ?= hpe-filex-csi-operator +IMAGE_NAME ?= filex-csi-driver-operator +OCP_BUNDLE_NAME ?= filex-csi-driver-operator-bundle-ocp +IMG ?= $(REPO_NAME)/$(IMAGE_NAME):v$(VERSION) +OCP_BUNDLE_IMG ?= $(REPO_NAME)/$(OCP_BUNDLE_NAME):v$(VERSION) +BUNDLE_CHANNELS ?= stable +PLATFORMS ?= linux/amd64 +#PLATFORMS ?= linux/arm64,linux/amd64 + +undeploy: + # Remove Operator from cluster + - operator-sdk cleanup $(VANITY_NAME) -n $(NAMESPACE) + +clean: undeploy + # Delete build + rm -rf "init" "prep" "$(IMAGE_NAME)" bundle-* + +init: + # Creat temp space + mkdir $(IMAGE_NAME) + + # Initialize workspace + cd $(IMAGE_NAME); operator-sdk init --plugins helm.sdk.operatorframework.io/v1 \ + --domain hpe.com \ + --group storage \ + --version v1 \ + --kind $(KIND) \ + --project-name $(VANITY_NAME) \ + --helm-chart ../../../docs/$(CHART)-$(VERSION).tgz \ + --helm-chart-version $(SOURCE_VERSION) + touch init + +prep: init + # Populate with our sources + mkdir -p $(IMAGE_NAME)/config/manifests/bases + cp -f sources/$(KIND_LC)s.storage.hpe.com.crd.yaml \ + $(IMAGE_NAME)/config/crd/bases/storage.hpe.com_$(KIND_LC)s.yaml + sed -e "s/%SEMVER%/$(VERSION)/g" -e "s#%IMG%#$(IMG)#g" \ + sources/$(VANITY_NAME).csv.yaml \ + > $(IMAGE_NAME)/config/manifests/bases/$(VANITY_NAME).clusterserviceversion.yaml + cp -f sources/role.yaml $(IMAGE_NAME)/config/rbac/ + + # Fix memory on the manager. + sed -i.remove -e "s/memory: 128Mi/memory: 1Gi/g" $(IMAGE_NAME)/config/manager/manager.yaml && \ + rm -f $(IMAGE_NAME)/config/manager/manager.yaml.remove + + # Dockerfile for operator + sed -e "s|%FROM%|$(shell grep ^FROM $(IMAGE_NAME)/Dockerfile)|" sources/operator.Dockerfile > $(IMAGE_NAME)/Dockerfile + sed -i.remove -e "s/%SEMVER%/$(VERSION)/g" $(IMAGE_NAME)/Dockerfile && \ + rm -f $(IMAGE_NAME)/Dockerfile.remove + cp -f sources/LICENSE $(IMAGE_NAME)/LICENSE + + # Community and OpenShift Operators + cd $(IMAGE_NAME); docker-buildx build --progress=plain --no-cache \ + --provenance=false --push --platform=$(PLATFORMS) --tag ${IMG} -f Dockerfile . + + # Sample CSI driver instance + cp -f $(IMAGE_NAME)/config/samples/storage_v1_$(KIND_LC).yaml \ + destinations/$(KIND_LC)-v${VERSION}-sample.yaml + cp -f $(IMAGE_NAME)/config/samples/storage_v1_$(KIND_LC).yaml \ + destinations/$(KIND_LC)-latest-sample.yaml + touch prep + +certified: prep + # Replace kube-proxy for certified bundle + sed -i.remove -e "s#gcr.io/kubebuilder/kube-rbac-proxy.*#$(CERTIFIED_KUBE_PROXY)#" \ + $(IMAGE_NAME)/config/default/manager_auth_proxy_patch.yaml && \ + rm -f $(IMAGE_NAME)/config/default/manager_auth_proxy_patch.yaml.remove + + # Create certified bundle manifests + cd $(IMAGE_NAME); make bundle CHANNELS="$(BUNDLE_CHANNELS)" IMG="$(IMG)" BUNDLE_IMG="$(OCP_BUNDLE_IMG)" VERSION="$(VERSION)" USE_IMAGE_DIGESTS="true" + + # Dockerfile for certified bundle + sed -i.remove -e "s/^FROM.*//g" $(IMAGE_NAME)/bundle.Dockerfile && \ + rm -f $(IMAGE_NAME)/bundle.Dockerfile.remove + cat sources/bundle.Dockerfile $(IMAGE_NAME)/bundle.Dockerfile \ + > $(IMAGE_NAME)/bundle.Dockerfile-tmp && \ + mv $(IMAGE_NAME)/bundle.Dockerfile-tmp $(IMAGE_NAME)/bundle.Dockerfile + + # Annotations for certified bundle + cat sources/annotations.certified.yaml | tee -a $(IMAGE_NAME)/bundle/metadata/annotations.yaml + + # Create certified bundle image for testing + cd $(IMAGE_NAME); make bundle-build bundle-push IMG="$(IMG)" BUNDLE_IMG="$(OCP_BUNDLE_IMG)" VERSION="$(VERSION)" USE_IMAGE_DIGESTS="true" + + # Validate certified bundle + operator-sdk bundle validate $(OCP_BUNDLE_IMG) --select-optional suite=operatorframework + + # Create certified-operators content + rm -rf $(CERTIFIED_OUTPUT)/* + cp -f -a $(IMAGE_NAME)/bundle/* $(CERTIFIED_OUTPUT) + sed -i.remove -e "s|$(REPO_NAME)/$(IMAGE_NAME)|$(RH_REPO_NAME)/$(IMAGE_NAME)|g" -e "/replaces: /d" \ + $(CERTIFIED_OUTPUT)/manifests/$(VANITY_NAME).clusterserviceversion.yaml && \ + rm -f $(CERTIFIED_OUTPUT)/manifests/$(VANITY_NAME).clusterserviceversion.yaml.remove + +certified-deploy: + # Run certified bundle + - oc create ns $(NAMESPACE) + operator-sdk run bundle --timeout 5m $(OCP_BUNDLE_IMG) -n $(NAMESPACE) + + # Instantiate HPECSIDriver + oc apply -n $(NAMESPACE) -f destinations/$(KIND_LC)-v${VERSION}-sample.yaml + +certified-scorecard: + # Create certified scorecard + operator-sdk scorecard --wait-time 5m $(OCP_BUNDLE_IMG) -n $(NAMESPACE) diff --git a/operators/hpe-greenlake-file-csi-operator/README.md b/operators/hpe-greenlake-file-csi-operator/README.md new file mode 100644 index 0000000..26c694e --- /dev/null +++ b/operators/hpe-greenlake-file-csi-operator/README.md @@ -0,0 +1,117 @@ +# Operator SDK build and delivery process + +This README describes how to build an Operator from the HPE GreenLake for File Storage CSI Driver Helm chart hosted in this repository. + +Tutorial to get started with Operator Helm charts: https://sdk.operatorframework.io/docs/building-operators/helm/tutorial/ + +The workflow breaks down to this flowchart once you have two clusters installed and OLM running in the Vanilla cluster. + +``` +o-------------------------------------o +| export KUBECONFIG=ocp.yaml | o--------------------------o +| export VERSION=2.4.2 |->| make certified-deploy | +| export REPO_NAME=quay.io/hpestorage | | # Perform tests | +| make certified | | make certified-scorecard | +o-------------------------------------o o------------v-------------o + | + o--------------------------------o + | +o-----------V----------o o---------o +| Submit Pull Request: |->| Reviews | +| - co-deployments | o------v--o +o----------------------o | o-----------------------o + o-->| Red Hat Certification | + o-----------v-----------o + | + o-----------V-----------o + | Submit Pull Request | + | - certified-operators | + o-----------------------o +``` + +## Testing and building for OLM + +Install the `operator-sdk` binary on your computer, `docker`, `docker-buildx`, `make` and `sed` is also needed. + +On you cluster, install OLM (ensure your KUBECONFIG points to a cluster). + +``` +operator-sdk olm install +``` + +Next, figure out what destination repositories you want to use. For example, I use `quay.io/datamattsson` as the base. + +``` +export REPO_NAME=quay.io/datamattsson +``` + +Next, what version are we iterating on? Make sure to follow Semantic Versioning. + +``` +# Do not include the initial 'v' used in image tags +export VERSION=0.0.0 +``` + +If you're making changes to update the Operators. Patrol all the files in `sources` and update decorations as necessary. + +Next, build the Operator. + +``` +make community +``` + +If there are no errors, go ahead and deploy the Operator on your test cluster. + +``` +make community-deploy +``` + +You should be able to see the Operator come to life including a fresh install of the HPE CSI Driver. + +``` +kubectl get pods -n hpe-storage -w +``` + +Iterate this until it looks OK to submit. For good measure, generate the scorecard and make sure all tests pass. + +``` +make community-scorecard +``` + +## Testing and Building for OpenShift + +Follow the same workflow as above, pointing to Red Hat's registry instead of Quay. + +OpenShift does not require OLM pre-installed. Simply point to your OpenShift cluster run: + +``` +make certified +make certified-deploy +make certified-scorecard +``` + +## Submitting a PR + +In `destinations` are the current shipping versions of the Operator. Those needs to be updated with the new version and included in the PR. Make sure the same environment variables are set from the testing phases when making the certified targets. + +A `git diff` should reveal all the work for the PR. Once PRs are approved in `co-deployments` and thoroughly tested, each bundle can be submitted to each upstream. + +## External Testing + +For testing and experimentation only, the `operator-sdk` binary is required besides the cluster access with `kubectl` or `oc`. + +In a typical test scenario, these are the steps for each of the supported platforms on a blank cluster. + +``` +export VERSION=0.0.0 +oc create ns hpe-storage +oc apply -f https://scod.hpedev.io/partners/redhat_openshift/examples/scc/hpe-filex-csi-scc.yaml +operator-sdk run bundle -n hpe-storage quay.io/hpestorage/filex-csi-driver-operator-bundle-ocp:v${VERSION} +oc apply -n hpe-storage -f https://raw.githubusercontent.com/hpe-storage/co-deployments/master/operators/hpe-greenlake-file-csi-operator/destinations/hpegreenlakefilecsidriver-v${VERSION}-sample.yaml +``` + +To cleanup or re-deploy: + +``` +operator-sdk cleanup hpe-greenlake-file-csi-operator -n hpe-storage +``` diff --git a/operators/hpe-greenlake-file-csi-operator/destinations/certified-operators/current-version/manifests/hpe-filex-csi-operator-controller-manager-metrics-service_v1_service.yaml b/operators/hpe-greenlake-file-csi-operator/destinations/certified-operators/current-version/manifests/hpe-filex-csi-operator-controller-manager-metrics-service_v1_service.yaml new file mode 100644 index 0000000..871c502 --- /dev/null +++ b/operators/hpe-greenlake-file-csi-operator/destinations/certified-operators/current-version/manifests/hpe-filex-csi-operator-controller-manager-metrics-service_v1_service.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: kube-rbac-proxy + app.kubernetes.io/created-by: hpe-filex-csi-operator + app.kubernetes.io/instance: controller-manager-metrics-service + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: service + app.kubernetes.io/part-of: hpe-filex-csi-operator + control-plane: controller-manager + name: hpe-filex-csi-operator-controller-manager-metrics-service +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: https + selector: + control-plane: controller-manager +status: + loadBalancer: {} diff --git a/operators/hpe-greenlake-file-csi-operator/destinations/certified-operators/current-version/manifests/hpe-filex-csi-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml b/operators/hpe-greenlake-file-csi-operator/destinations/certified-operators/current-version/manifests/hpe-filex-csi-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml new file mode 100644 index 0000000..940e091 --- /dev/null +++ b/operators/hpe-greenlake-file-csi-operator/destinations/certified-operators/current-version/manifests/hpe-filex-csi-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -0,0 +1,17 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: kube-rbac-proxy + app.kubernetes.io/created-by: hpe-filex-csi-operator + app.kubernetes.io/instance: metrics-reader + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: clusterrole + app.kubernetes.io/part-of: hpe-filex-csi-operator + name: hpe-filex-csi-operator-metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get diff --git a/operators/hpe-greenlake-file-csi-operator/destinations/certified-operators/current-version/manifests/hpe-filex-csi-operator.clusterserviceversion.yaml b/operators/hpe-greenlake-file-csi-operator/destinations/certified-operators/current-version/manifests/hpe-filex-csi-operator.clusterserviceversion.yaml new file mode 100644 index 0000000..e58181c --- /dev/null +++ b/operators/hpe-greenlake-file-csi-operator/destinations/certified-operators/current-version/manifests/hpe-filex-csi-operator.clusterserviceversion.yaml @@ -0,0 +1,741 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "storage.hpe.com/v1", + "kind": "HPEGreenLakeFileCSIDriver", + "metadata": { + "name": "hpegreenlakefilecsidriver-sample" + }, + "spec": { + "controller": { + "affinity": {}, + "labels": {}, + "nodeSelector": {}, + "resources": { + "limits": { + "cpu": "2000m", + "memory": "1Gi" + }, + "requests": { + "cpu": "100m", + "memory": "128Mi" + } + }, + "tolerations": [] + }, + "disableNodeConformance": false, + "imagePullPolicy": "IfNotPresent", + "images": { + "csiAttacher": "registry.k8s.io/sig-storage/csi-attacher@sha256:b4d611100ece2f9bc980d1cb19c2285b8868da261e3b1ee8f45448ab5512ab94", + "csiControllerDriver": "quay.io/hpestorage/filex-csi-driver@sha256:c44b4bbb23f474c19b018d2f02ffd87260d8135b244ae725709213b714aa402b", + "csiNodeDriver": "quay.io/hpestorage/filex-csi-driver@sha256:c44b4bbb23f474c19b018d2f02ffd87260d8135b244ae725709213b714aa402b", + "csiNodeDriverRegistrar": "registry.k8s.io/sig-storage/csi-node-driver-registrar@sha256:f25af73ee708ff9c82595ae99493cdef9295bd96953366cddf36305f82555dac", + "csiNodeInit": "quay.io/hpestorage/filex-csi-init@sha256:6331adda96aac94df2848848f4f3b3a8a35c91426f38c4564db5bffd6b1f7cf6", + "csiProvisioner": "registry.k8s.io/sig-storage/csi-provisioner@sha256:405a14e1aa702f7ea133cea459e8395fe40a6125c088c55569e696d48e1bd385", + "csiResizer": "registry.k8s.io/sig-storage/csi-resizer@sha256:a541e6cc2d8b011bb21b1d4ffec6b090e85270cce6276ee302d86153eec0af43", + "csiSnapshotter": "registry.k8s.io/sig-storage/csi-snapshotter@sha256:2e04046334baf9be425bb0fa1d04c2d1720d770825eedbdbcdb10d430da4ad8c" + }, + "kubeletRootDir": "/var/lib/kubelet", + "node": { + "affinity": {}, + "labels": {}, + "nodeSelector": {}, + "resources": { + "limits": { + "cpu": "2000m", + "memory": "1Gi" + }, + "requests": { + "cpu": "100m", + "memory": "128Mi" + } + }, + "tolerations": [] + } + } + } + ] + capabilities: Basic Install + categories: Storage + certified: "true" + containerImage: registry.connect.redhat.com/hpestorage/filex-csi-driver-operator@sha256:3ac0b05bb41f4849c99967b1556aea09dfe723cc98e0e7c347f6e43e958a0496 + createdAt: "2024-09-20T22:25:35Z" + description: A Container Storage Interface (CSI) driver for HPE GreenLake File Storage. + features.operators.openshift.io/cnf: "false" + features.operators.openshift.io/cni: "false" + features.operators.openshift.io/csi: "true" + features.operators.openshift.io/disconnected: "false" + features.operators.openshift.io/fips-compliant: "false" + features.operators.openshift.io/proxy-aware: "false" + features.operators.openshift.io/tls-profiles: "false" + features.operators.openshift.io/token-auth-aws: "false" + features.operators.openshift.io/token-auth-azure: "false" + features.operators.openshift.io/token-auth-gcp: "false" + olm.skipRange: '>=1.0.0 <1.0.0-beta' + operatorhub.io/ui-metadata-max-k8s-version: "1.31" + operators.operatorframework.io/builder: operator-sdk-v1.35.0 + operators.operatorframework.io/project_layout: helm.sdk.operatorframework.io/v1 + repository: https://github.com/hpe-storage/co-deployments + support: HPE + name: hpe-filex-csi-operator.v1.0.0-beta + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: HPE GreenLake File Storage CSI Driver + displayName: HPEGreenLakeFileCSIDriver + kind: HPEGreenLakeFileCSIDriver + name: hpegreenlakefilecsidrivers.storage.hpe.com + resources: + - kind: Deployment + name: "" + version: v1 + - kind: Service + name: "" + version: v1 + - kind: ReplicaSet + name: "" + version: v1 + - kind: Pod + name: "" + version: v1 + - kind: Secret + name: "" + version: v1 + specDescriptors: + - description: Image pull policy for all images used in the HPE GreenLake for File Storage CSI Driver deployment + displayName: ImagePullPolicy + path: imagePullPolicy + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:imagePullPolicy + - description: 'Disables automatic installation of NFS utilities (default: false)' + displayName: Disable Node Conformance + path: disableNodeConformance + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:booleanSwitch + - description: The kubelet root directory path + displayName: Kubelet root dir + path: kubeletRootDir + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - description: Configure CSI controller decorations + displayName: CSI controller configuration + path: controller + - description: Sets a nodeSelector on the CSI controller Pod + displayName: CSI controller nodeSelector + path: controller.nodeSelector + - description: Sets tolerations on the CSI controller Pod + displayName: CSI controller tolerations + path: controller.tolerations + - description: Labels the CSI controller Pod + displayName: CSI controller labels + path: controller.labels + - description: Sets affinity rules on the CSI controller Pod + displayName: CSI controller affinity rules + path: controller.affinity + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:nodeAffinity + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: CSI controller resource requirements + path: controller.resources + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:resourceRequirements + - description: Configure CSI node driver decorations + displayName: CSI node driver configuration + path: node + - description: Sets a nodeSelector on the CSI node driver Pods + displayName: CSI node driver nodeSelector + path: node.nodeSelector + - description: Sets tolerations on the CSI node driver Pods + displayName: CSI node driver tolerations + path: node.tolerations + - description: Labels the CSI node driver Pods + displayName: CSI node driver labels + path: node.labels + - description: Sets affinity rules on the CSI node driver Pods + displayName: CSI node driver affinity rules + path: node.affinity + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:nodeAffinity + - description: Limits describes the minimum/maximum amount of compute resources required/allowed + displayName: CSI node resource requirements + path: node.resources + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:resourceRequirements + - description: Set images for sidecars, controller and node + displayName: HPE GreenLake for File Storage CSI Operator images + path: images + - description: HPE GreenLake for File Storage CSI Driver Node Driver container image + displayName: CSI Node Driver Image + path: images.csiNodeDriver + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - description: HPE GreenLake for File Storge CSI Init container image + displayName: CSI Node Init Image + path: images.csiNodeInit + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - description: HPE GreenLake for File Storage CSI Driver Controller Driver container image + displayName: CSI Controller Driver Image + path: images.csiControllerDriver + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - description: The SIG Storage CSI Attacher container image + displayName: CSI Attacher Image + path: images.csiAttacher + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - description: The SIG Storage CSI Node Driver Registrar container image + displayName: CSI Node Driver Registrar Image + path: images.csiNodeDriverRegistrar + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - description: The SIG Storage CSI Provisioner container image + displayName: CSI Provisioner Image + path: images.csiProvisioner + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - description: The SIG Storage CSI Provisioner container image + displayName: CSI Resizer Image + path: images.csiResizer + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - description: The SIG Storage CSI External Snapshotter container image + displayName: CSI Snapshotter Image + path: images.csiSnapshotter + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + statusDescriptors: + - description: HPE GreenLake for File Storage CSI Driver Helm release status + displayName: Conditions + path: conditions + x-descriptors: + - urn:alm:descriptor:io.kubernetes.conditions + - description: HPE GreenLake for File Storage CSI Driver Helm release + displayName: DeployedRelease + path: deployedRelease + x-descriptors: + - urn:alm:descriptor:text + version: v1 + description: | + The HPE GreenLake File Storage CSI Operator deploys the HPE GreenLake File Storage CSI Driver on OpenShift for dynamic provisioning of persistent volumes. + Please refer to our CSI driver [documentation](https://scod.hpedev.io/filex_csi_driver/index.html) for supported HPE platforms and full list of supported CSI features. + ## Installation + Refer to the HPE GreenLake File Storage CSI Operator [documentation](https://scod.hpedev.io/filex_csi_driver/deployment.html#operator). + displayName: HPE GreenLake File Storage CSI Operator + icon: + - base64data: iVBORw0KGgoAAAANSUhEUgAAAlgAAAJYCAYAAAC+ZpjcAAAHXnpUWHRSYXcgcHJvZmlsZSB0eXBlIGV4aWYAAHja7VpZsiMpDPzXKeYIiJ3jsEbMDeb4k4IqPy/YbbsnYn7aFc9UU5RIMiUhHE39n78H/YWPNUqTdSH65L3CxyabdMZNVOuT5zcrO7/nx0Wlj96bfro80OgyaM16EP1q+ew/XjhbzrhzV4ZiPR6U2wfJrlbHO0PHREYQCYR2GEqHIaPXAz4M5LUs5VMM10sofbXH+4sG/JF8laTCFScP/7YB7DWHeYzW3TC47caYA4CRP00m48bjWxuAwiDGPc8eZc6lgpAdT5dPAqIhUO120I0qlzve99O9WlYfQ8wdyf7SbvuJ3V6VSf3VzDYed/q2Pww1FqI79uVvjBbHXDNWka0H1f5Y1LmUeYdxBVPI1JEAzUMjDx+KaOVKuCIUq3CFpqoquCon1pBrsOXGmQf32VaugGh1Jx1wo3XVZnZGE3TS1Yh+Vi4eOphkmonQtU7ZrdEXLDynTarSnC1i5sYYqhnGWPzi04s+fWEMCQVmFS9cAZfWQjZgiHLyjWFQhMdBqpsEn9f9R3Q1UNAJyxIiCcSWZaI4/skEZgptMNChXTHIoR0GQBGmdgCDaLAM1dg49qyC1oEZREYIlAFdG6sLFGDndANIbY3x0CZqmRqvBJ5DtdPoJvQjmUEJh/gK0CaZDLGsdfCfYCN8KDvjrHPOu+CiSy5746133vvgJSnmYIKl4IIPIcSQQo4m2uiijyHGmGJOOhkkTZd8CimmlHLGnBmWM97OGJBz0cUUWxwVX0KJJZVc4T7VVld9DTXWVHPTzTTkj+ZbaLGlljt3uFK33XXfQ4899TzgasPQsMMNP8KII418Ue2Q9eH6QDU+VNNTKRkYLqqhN4TTBEs6caIZBMMuwlA8iARwaC2aqcjWalFONFMJGc84DZBONGssikFB21m7wad2pJeiotxv6UbB3uimv1WORLoPlXvUbadak52jTsVWFAqpyiD68LzHrGOWze6hpWcPPm3/GPpj6J2Bw7oxogsjeySKAVcfcNI2bJG2WkI2lj0jy7edD+HgBU9LTwGvIpS69SEZbIku2t5H76b2fG+aHm3/2rRJHMPwDfsG+kscJmNppXEYnd3oCYPNcCHIy6FhL0SLnTuMqstoBsNCz116+8huttpHAObRaIcXxcWBGAgX5AX4gAuwAvUAKnVlCjRf26O9Ays5YMKdYJENbsDSgXZh/UH6ktgdr/QNsTte6Rtid3DpG2J3vNI3xO54pW+I3fFK3xC745W+IXbHK31D7A4sfUPsDih9Q+yOV/qG2B2v9A2xO17pDWJ78TPl4qQTmwJuVDaloxArbJsGyJZ6pOANuzpSDqkyQBqDtaGQgnWrugUbI8t68LxxT7nifBmbG5iWbQgFx30lwKlI3TXk+Bo0bGP5MDSpqBaDe+SaJk8oWyAL1x7NKDgdpVHLiNmUJhj1SmwuJjnwKBRrELrLm/kJstgDTkyyyjq6G9Vx6w1rIr6ffE4txoXKJ3hNVqOjFPMBNVaH8eEp5o6S9pxczsl9GjoBPEecGtbrDU5wQhjdMKYOCK8J+8F8RRjdMCZ0zsnll4ar6dU1ZY+ohTba8MbPNXuOmja83dJ2q9lTzPTA2g1p73sZvXaz972MXrvZ+15Gr93sfS+j1272hpeNGCQTUNG1cV2pwISiVibAMQSZQKjj7jhWm0/usiQUnZEIL/XcWBukgIOZmetKRuozOfrsV5Z6fFIS0pv8OAJmps0oV9b0H9Wid4YARNwB8mH5JUP0A95Dr0pJ9By+Tlglkxq125vVfrdYelztd4ujXwx4e7H0uNqbxcIXPTxl6FqMTXAfH7VqvboiftGNDr3YCqOEPfCIZevEL9feynm6derWBkxv4O7a+e5HZV5xU8qMG61X0HaSxHBuzL1Pv41Z/Fbi0jgJORu0RvC0KMFjQldxxY1rVYKWeQWtJAU/88wrbNg0JXSql9ApQ9kVNWtuCVu6mt7uIE/EM+C4Rsk12FBBahtRmzPNCAIJ2h8APPPMDeSFuEh+QoUguaaw5Jp7uuiYfE4N66swuAB+ny7ZRcb8uezIMydlJ+Q7xE8Jo2d6PRB2wbwnjMzazZ4o9kPZA+o72mjD271mb3kZvXaz972MXrvZ+15Gr93sfS+j1252r5jpvHKBA8KVCxjkcGGSZBAAsrjW3GIuoNQ0nEuYzK2Ekk2tJp07L59Vbm6zykXFTNhV166pzDo+uLPKdavKzXmV4JjPhwaUXndkZNBRj3PUtAtDy6zU+3rV++4sX5ZtqfbdqvbF9mkZu7zU5rGgNgcpNMyq9r3ys9rv5aj2a17VvlvFh1rVfvNHtZ+OU1Qus7g3lFp8QPuMh1c00DUPd2jvwOIUteBOsLJ3XYOlA+3C+oN0B/SEuWWVPqd1zyp9TuueVfqc1j2r9Dmte1bpc1r3rNLntO5Zpc9p/c2g/ZWz0ue07lmlz2nds0qf07pnlT6ndc8q/ZrWVWBmO1z88zP0H0P/qyGER5P/XfAv31Y5/NGJ9YUAAAGFaUNDUElDQyBwcm9maWxlAAB4nH2RPUjDQBzFX1O1IhUFC0pxyFDFwYKoiKNWoQgVQq3QqoPJpR9Ck4YkxcVRcC04+LFYdXBx1tXBVRAEP0AcnZwUXaTE/yWFFrEeHPfj3b3H3TtAqBaZZrWNAZpum8l4TExnVsTAKzrQj16MICwzy5iVpARajq97+Ph6F+VZrc/9ObrVrMUAn0g8wwzTJl4nntq0Dc77xCFWkFXic+JRky5I/Mh1xeM3znmXBZ4ZMlPJOeIQsZhvYqWJWcHUiCeJI6qmU76Q9ljlvMVZK5ZZ/Z78hcGsvrzEdZqDiGMBi5AgQkEZGyjCRpRWnRQLSdqPtfCHXb9ELoVcG2DkmEcJGmTXD/4Hv7u1chPjXlIwBrS/OM7HEBDYBWoVx/k+dpzaCeB/Bq70hr9UBaY/Sa80tMgR0LMNXFw3NGUPuNwBBp4M2ZRdyU9TyOWA9zP6pgzQdwt0rXq91fdx+gCkqKvEDXBwCAznKXutxbs7m3v790y9vx+EqnKuz9SrLAAADRxpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+Cjx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IlhNUCBDb3JlIDQuNC4wLUV4aXYyIj4KIDxyZGY6UkRGIHhtbG5zOnJkZj0iaHR0cDovL3d3dy53My5vcmcvMTk5OS8wMi8yMi1yZGYtc3ludGF4LW5zIyI+CiAgPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIKICAgIHhtbG5zOnhtcE1NPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvbW0vIgogICAgeG1sbnM6c3RFdnQ9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9zVHlwZS9SZXNvdXJjZUV2ZW50IyIKICAgIHhtbG5zOmRjPSJodHRwOi8vcHVybC5vcmcvZGMvZWxlbWVudHMvMS4xLyIKICAgIHhtbG5zOkdJTVA9Imh0dHA6Ly93d3cuZ2ltcC5vcmcveG1wLyIKICAgIHhtbG5zOnRpZmY9Imh0dHA6Ly9ucy5hZG9iZS5jb20vdGlmZi8xLjAvIgogICAgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvIgogICB4bXBNTTpEb2N1bWVudElEPSJnaW1wOmRvY2lkOmdpbXA6MTNjMDg5ZTItODcyMC00Nzc2LWE5YTktODFhOWVkNmQ0YjE4IgogICB4bXBNTTpJbnN0YW5jZUlEPSJ4bXAuaWlkOmNiOTg0ZTE4LTVmNjItNGQ1Yy1iNmVkLTUzY2VhOWI1ODI0ZSIKICAgeG1wTU06T3JpZ2luYWxEb2N1bWVudElEPSJ4bXAuZGlkOjJmNmNkMmU4LTlmOTItNGI2MS1hMGRjLWRkYmYyMmQwNTEyMiIKICAgZGM6Rm9ybWF0PSJpbWFnZS9wbmciCiAgIEdJTVA6QVBJPSIyLjAiCiAgIEdJTVA6UGxhdGZvcm09Ik1hYyBPUyIKICAgR0lNUDpUaW1lU3RhbXA9IjE2NTYwMDgxNjU1NjEyOTUiCiAgIEdJTVA6VmVyc2lvbj0iMi4xMC4zMCIKICAgdGlmZjpPcmllbnRhdGlvbj0iMSIKICAgeG1wOkNyZWF0b3JUb29sPSJHSU1QIDIuMTAiPgogICA8eG1wTU06SGlzdG9yeT4KICAgIDxyZGY6U2VxPgogICAgIDxyZGY6bGkKICAgICAgc3RFdnQ6YWN0aW9uPSJzYXZlZCIKICAgICAgc3RFdnQ6Y2hhbmdlZD0iLyIKICAgICAgc3RFdnQ6aW5zdGFuY2VJRD0ieG1wLmlpZDoyNTZjMzUwNy1mMTBkLTRiZmQtYjk1Ni01YmQ1MDkyYTYxOGYiCiAgICAgIHN0RXZ0OnNvZnR3YXJlQWdlbnQ9IkdpbXAgMi4xMCAoTWFjIE9TKSIKICAgICAgc3RFdnQ6d2hlbj0iMjAyMi0wNi0yM1QxMToxNjowNS0wNzowMCIvPgogICAgPC9yZGY6U2VxPgogICA8L3htcE1NOkhpc3Rvcnk+CiAgPC9yZGY6RGVzY3JpcHRpb24+CiA8L3JkZjpSREY+CjwveDp4bXBtZXRhPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgCjw/eHBhY2tldCBlbmQ9InciPz5E/GOUAAAABmJLR0QAAAAAAAD5Q7t/AAAACXBIWXMAAE06AABNOgE3s+Y8AAAAB3RJTUUH5gYXEhAFa01ZeQAABs9JREFUeNrt2bENAjEMQFE7uoohbhMmoKdiFSQE05A1qBgDBsFMwHEFRZDem8CKXXwpEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBgyr+fyDAAAv9M8AQCAwAIAEFgAAAILAACBBQAgsAAABBYAAAILAEBgAQAILAAABBYAgMACABBYAAACCwAAgQUAILAAAAQWAAACCwBAYAEACCwAAAQWAIDAAgAQWAAACCwAAIEFACCwAAAEFgAAAgsAQGABAAgsAAAEFgCAwAIAEFgAAAgsAACBBQAgsAAAiIiIadC5nhl5sx4AYElFbSNiFlgrZOb9tT8enA0AsKT1S6+q4QLLFyEAgMACABBYAAACCwAAgQUAILAAAAQWAAACCwBAYAEACCwAAAQWAIDAAgAQWAAAAgsAAIEFACCwAAAEFgAAAgsAQGABAAgsAAAEFgCAwAIAEFgAAAgsAACBBQAgsAAABBYAAAILAEBgAQAILAAABBYAgMACABBYAAAILAAAgQUAILAAABBYAAACCwBAYAEACCwAAAQWAIDAAgAQWAAACCwAAIEFACCwAAAQWAAAAgsAQGABACCwAAAEFgCAwAIAEFgAAAgsAACBBQAgsAAAEFgAAAILAEBgAQAgsAAABBYAgMACABBYAAAILAAAgQUAILAAABBYAAACCwBAYAEAILAAAAQWAIDAAgBAYAEACCwAAIEFACCwAAAQWAAAAgsAQGABACCwAAAEFgCAwAIAQGABAAgsAACBBQCAwAIAEFgAAAILAEBgAQAgsAAABBYAgMACAEBgAQAILAAAgQUAwAfTiENV1Sb6abYeAOBrMwis1XZZ7eFsAIB/5IsQAEBgAQAILAAAgQUAgMACABBYAAACCwAAgQUAILAAAAQWAAACCwBAYAEACCwAAIEFAIDAAgAQWAAAAgsAAIEFACCwAAAEFgAAAgsAQGABAAgsAAAEFgCAwAIAEFgAAAILAACBBQAgsAAABBYAAAILAEBgAQAILAAABBYAgMACABBYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABjeQPykxj8q5E4CAAAAABJRU5ErkJggg== + mediatype: image/png + install: + spec: + clusterPermissions: + - rules: + - apiGroups: + - storage.hpe.com + resources: + - '*' + verbs: + - get + - watch + - list + - delete + - update + - create + - patch + - apiGroups: + - "" + resources: + - namespaces + - pods + - services + - endpoints + - configmaps + - secrets + - serviceaccounts + verbs: + - get + - watch + - list + - delete + - update + - create + - patch + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - get + - watch + - list + - delete + - update + - create + - patch + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - clusterroles + - roles + - rolebindings + verbs: + - get + - watch + - list + - delete + - update + - create + - patch + - apiGroups: + - authorization.openshift.io + resources: + - clusterrolebindings + - clusterroles + verbs: + - get + - watch + - list + - delete + - update + - create + - patch + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - watch + - list + - delete + - update + - create + - patch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - create + - apiGroups: + - "" + resources: + - nodes + verbs: + - get + - list + - apiGroups: + - "" + resources: + - persistentvolumes + verbs: + - get + - list + - watch + - create + - delete + - update + - patch + - apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - get + - watch + - list + - delete + - update + - create + - patch + - apiGroups: + - "" + resources: + - services + verbs: + - get + - watch + - list + - delete + - update + - create + - patch + - apiGroups: + - apps + resources: + - deployments + - daemonsets + verbs: + - get + - watch + - list + - delete + - update + - create + - patch + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - get + - watch + - list + - delete + - update + - create + - patch + - apiGroups: + - "" + resources: + - events + verbs: + - get + - list + - watch + - create + - update + - patch + - apiGroups: + - "" + resources: + - nodes + verbs: + - get + - list + - watch + - apiGroups: + - storage.k8s.io + resources: + - volumeattachments + verbs: + - get + - list + - watch + - update + - patch + - delete + - apiGroups: + - storage.k8s.io + resources: + - volumeattachments/status + verbs: + - get + - list + - watch + - update + - create + - delete + - patch + - apiGroups: + - storage.k8s.io + resources: + - csinodes + verbs: + - get + - list + - watch + - apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshots + verbs: + - create + - update + - delete + - get + - list + - watch + - apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshots/status + verbs: + - update + - apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshotcontents + verbs: + - create + - update + - delete + - get + - list + - watch + - patch + - apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshotcontents/status + verbs: + - create + - get + - list + - watch + - update + - delete + - patch + - apiGroups: + - snapshot.storage.k8s.io + resources: + - volumesnapshotclasses + verbs: + - get + - list + - watch + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - watch + - list + - delete + - update + - create + - apiGroups: + - csi.storage.k8s.io + resources: + - csidrivers + verbs: + - get + - watch + - list + - delete + - update + - create + - patch + - apiGroups: + - storage.k8s.io + resources: + - csidrivers + verbs: + - get + - watch + - list + - delete + - update + - create + - patch + - apiGroups: + - "" + resources: + - persistentvolumeclaims/status + verbs: + - create + - get + - list + - watch + - update + - delete + - patch + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - watch + - list + - delete + - update + - create + - patch + - apiGroups: + - batch + resources: + - jobs + verbs: + - get + - watch + - list + - delete + - update + - create + - apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + serviceAccountName: hpe-filex-csi-operator-controller-manager + deployments: + - label: + app.kubernetes.io/component: manager + app.kubernetes.io/created-by: hpe-filex-csi-operator + app.kubernetes.io/instance: controller-manager + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: deployment + app.kubernetes.io/part-of: hpe-filex-csi-operator + control-plane: controller-manager + name: hpe-filex-csi-operator-controller-manager + spec: + replicas: 1 + selector: + matchLabels: + control-plane: controller-manager + strategy: {} + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: manager + labels: + control-plane: controller-manager + spec: + containers: + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=0 + image: registry.redhat.io/openshift4/ose-kube-rbac-proxy@sha256:f6c37678f1eb3279e603f63d2a821b72394c52d25c2ed5058dc29d4caa15d504 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + protocol: TCP + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 5m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + - args: + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + - --leader-election-id=hpe-filex-csi-operator + image: registry.connect.redhat.com/hpestorage/filex-csi-driver-operator@sha256:3ac0b05bb41f4849c99967b1556aea09dfe723cc98e0e7c347f6e43e958a0496 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 1Gi + requests: + cpu: 10m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + securityContext: + runAsNonRoot: true + serviceAccountName: hpe-filex-csi-operator-controller-manager + terminationGracePeriodSeconds: 10 + permissions: + - rules: + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + serviceAccountName: hpe-filex-csi-operator-controller-manager + strategy: deployment + installModes: + - supported: true + type: OwnNamespace + - supported: true + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: false + type: AllNamespaces + keywords: + - HPE + - HPE CSI + - HPE Storage + - CSI + links: + - name: Documentation + url: https://scod.hpedev.io/filex_csi_driver/index.html + maintainers: + - email: dev-hi-containers@hpe.com + name: HPE Storage Containers Team + maturity: stable + minKubeVersion: 1.25.0 + provider: + name: HPE + relatedImages: + - image: registry.connect.redhat.com/hpestorage/filex-csi-driver-operator@sha256:3ac0b05bb41f4849c99967b1556aea09dfe723cc98e0e7c347f6e43e958a0496 + name: filex-csi-driver-operator-3ac0b05bb41f4849c99967b1556aea09dfe723cc98e0e7c347f6e43e958a0496-annotation + - image: registry.k8s.io/sig-storage/csi-snapshotter@sha256:2e04046334baf9be425bb0fa1d04c2d1720d770825eedbdbcdb10d430da4ad8c + name: csi-snapshotter-2e04046334baf9be425bb0fa1d04c2d1720d770825eedbdbcdb10d430da4ad8c-annotation + - image: registry.k8s.io/sig-storage/csi-resizer@sha256:a541e6cc2d8b011bb21b1d4ffec6b090e85270cce6276ee302d86153eec0af43 + name: csi-resizer-a541e6cc2d8b011bb21b1d4ffec6b090e85270cce6276ee302d86153eec0af43-annotation + - image: registry.k8s.io/sig-storage/csi-provisioner@sha256:405a14e1aa702f7ea133cea459e8395fe40a6125c088c55569e696d48e1bd385 + name: csi-provisioner-405a14e1aa702f7ea133cea459e8395fe40a6125c088c55569e696d48e1bd385-annotation + - image: quay.io/hpestorage/filex-csi-init@sha256:6331adda96aac94df2848848f4f3b3a8a35c91426f38c4564db5bffd6b1f7cf6 + name: filex-csi-init-6331adda96aac94df2848848f4f3b3a8a35c91426f38c4564db5bffd6b1f7cf6-annotation + - image: registry.k8s.io/sig-storage/csi-node-driver-registrar@sha256:f25af73ee708ff9c82595ae99493cdef9295bd96953366cddf36305f82555dac + name: csi-node-driver-registrar-f25af73ee708ff9c82595ae99493cdef9295bd96953366cddf36305f82555dac-annotation + - image: registry.redhat.io/openshift4/ose-kube-rbac-proxy@sha256:f6c37678f1eb3279e603f63d2a821b72394c52d25c2ed5058dc29d4caa15d504 + name: kube-rbac-proxy + - image: registry.connect.redhat.com/hpestorage/filex-csi-driver-operator@sha256:3ac0b05bb41f4849c99967b1556aea09dfe723cc98e0e7c347f6e43e958a0496 + name: manager + - image: quay.io/hpestorage/filex-csi-driver@sha256:c44b4bbb23f474c19b018d2f02ffd87260d8135b244ae725709213b714aa402b + name: filex-csi-driver-c44b4bbb23f474c19b018d2f02ffd87260d8135b244ae725709213b714aa402b-annotation + - image: registry.k8s.io/sig-storage/csi-attacher@sha256:b4d611100ece2f9bc980d1cb19c2285b8868da261e3b1ee8f45448ab5512ab94 + name: csi-attacher-b4d611100ece2f9bc980d1cb19c2285b8868da261e3b1ee8f45448ab5512ab94-annotation + selector: {} + version: 1.0.0-beta diff --git a/operators/hpe-greenlake-file-csi-operator/destinations/certified-operators/current-version/manifests/storage.hpe.com_hpegreenlakefilecsidrivers.yaml b/operators/hpe-greenlake-file-csi-operator/destinations/certified-operators/current-version/manifests/storage.hpe.com_hpegreenlakefilecsidrivers.yaml new file mode 100644 index 0000000..e5e89fb --- /dev/null +++ b/operators/hpe-greenlake-file-csi-operator/destinations/certified-operators/current-version/manifests/storage.hpe.com_hpegreenlakefilecsidrivers.yaml @@ -0,0 +1,1469 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: hpegreenlakefilecsidrivers.storage.hpe.com +spec: + group: storage.hpe.com + names: + kind: HPEGreenLakeFileCSIDriver + listKind: HPEGreenLakeFileCSIDriverList + plural: hpegreenlakefilecsidrivers + singular: hpegreenlakefilecsidriver + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: HPEGreenLakeFileCSIDriver is the Schema for the hpegreenlakefilecsidrivers + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HPEGreenLakeFileCSIDriverSpec defines the desired state of + HPEGreenLakeFileCSIDriver + properties: + controller: + description: Controller parameters to be configured + properties: + affinity: + description: Node affinity for controller plugin (optional) + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for + the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects + (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated with + the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching the + corresponding nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to an update), the system + may or may not try to eventually evict the pod from + its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term + matches no objects. The requirements of them are + ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the + corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to a pod label update), + the system may or may not try to eventually evict the + pod from its node. When there are multiple elements, + the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, etc. + as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node that + violates one or more of the expressions. The node that + is most preferred is the one with the greatest sum of + weights, i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + anti-affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the + corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, the pod + will not be scheduled onto the node. If the anti-affinity + requirements specified by this field cease to be met + at some point during pod execution (e.g. due to a pod + label update), the system may or may not try to eventually + evict the pod from its node. When there are multiple + elements, the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + labels: + type: object + nodeSelector: + additionalProperties: + type: string + description: Node selector to control the selection of nodes (optional) + type: object + resources: + description: Resources the HPE GreenLake for File Storage CSI + Operator controller and sidecar containers will use. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: Limits describes the maximum amount of compute + resources allowed + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: Requests describes the minimum amount of compute + resources required + type: object + type: object + tolerations: + description: Set tolerations for the controller pods(optional) + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + type: object + type: array + type: object + disableNodeConformance: + description: DisableNodeConformance disables automatic installation + of NFS client packages and services + type: boolean + imagePullPolicy: + description: Image Pull Policy for HPE GreenLake for File Storage + CSI Driver images + type: string + images: + description: HPE GreenLake for File Storage CSI Operator Images + properties: + csiAttacher: + type: string + csiControllerDriver: + type: string + csiNodeDriver: + type: string + csiNodeDriverRegistrar: + type: string + csiNodeInit: + type: string + csiProvisioner: + type: string + csiResizer: + type: string + csiSnapshotter: + type: string + required: + - csiNodeDriver + - csiNodeInit + - csiControllerDriver + - csiAttacher + - csiNodeDriverRegistrar + - csiProvisioner + - csiResizer + - csiSnapshotter + type: object + kubeletRootDir: + description: Kubelet root directory path + type: string + node: + description: Node parameters to be configured + properties: + affinity: + description: Node affinity for node plugin (optional) + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for + the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node matches the corresponding matchExpressions; + the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects + (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated with + the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching the + corresponding nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to an update), the system + may or may not try to eventually evict the pod from + its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term + matches no objects. The requirements of them are + ANDed. The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is + a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators + are In, NotIn, Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of string values. + If the operator is In or NotIn, the + values array must be non-empty. If the + operator is Exists or DoesNotExist, + the values array must be empty. If the + operator is Gt or Lt, the values array + must have a single element, which will + be interpreted as an integer. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. + co-locate this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the affinity expressions specified + by this field, but it may choose a node that violates + one or more of the expressions. The node that is most + preferred is the one with the greatest sum of weights, + i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the + corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the affinity requirements + specified by this field cease to be met at some point + during pod execution (e.g. due to a pod label update), + the system may or may not try to eventually evict the + pod from its node. When there are multiple elements, + the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules + (e.g. avoid putting this pod in the same node, zone, etc. + as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods + to nodes that satisfy the anti-affinity expressions + specified by this field, but it may choose a node that + violates one or more of the expressions. The node that + is most preferred is the one with the greatest sum of + weights, i.e. for each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + anti-affinity expressions, etc.), compute a sum by iterating + through the elements of this field and adding "weight" + to the sum if the node has pods which matches the corresponding + podAffinityTerm; the node(s) with the highest sum are + the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred + node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list + of label selector requirements. The requirements + are ANDed. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator + is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the + pods matching the labelSelector in the specified + namespaces, where co-located is defined as + running on a node whose value of the label + with key topologyKey matches that of any node + on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the + corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified + by this field are not met at scheduling time, the pod + will not be scheduled onto the node. If the anti-affinity + requirements specified by this field cease to be met + at some point during pod execution (e.g. due to a pod + label update), the system may or may not try to eventually + evict the pod from its node. When there are multiple + elements, the lists of nodes corresponding to each podAffinityTerm + are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not + co-located (anti-affinity) with, where co-located + is defined as running on a node whose value of the + label with key matches that of any node + on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + labels: + type: object + nodeSelector: + additionalProperties: + type: string + description: Node selector to control the selection of nodes (optional) + type: object + resources: + description: Resources the HPE GreenLake for File Storage CSI + Operator node containers will use. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: Limits describes the maximum amount of compute + resources allowed + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: Requests describes the minimum amount of compute + resources required + type: object + type: object + tolerations: + description: Set tolerations for the node pods(optional) + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + type: integer + value: + type: string + type: object + type: array + type: object + required: + - disableNodeConformance + - imagePullPolicy + - images + - kubeletRootDir + - controller + - node + type: object + status: + description: HPEGreenLakeFileCSIDriverStatus defines the observed state + of HPEGreenLakeFileCSIDriver + properties: + conditions: + description: HPE GreenLake for File Storage CSI Driver helm release + status + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + deployedRelease: + description: HPE GreenLake for File Storage CSI Driver helm release + properties: + manifest: + type: string + name: + type: string + type: object + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/operators/hpe-greenlake-file-csi-operator/destinations/certified-operators/current-version/metadata/annotations.yaml b/operators/hpe-greenlake-file-csi-operator/destinations/certified-operators/current-version/metadata/annotations.yaml new file mode 100644 index 0000000..163175e --- /dev/null +++ b/operators/hpe-greenlake-file-csi-operator/destinations/certified-operators/current-version/metadata/annotations.yaml @@ -0,0 +1,17 @@ +annotations: + # Core bundle annotations. + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: hpe-filex-csi-operator + operators.operatorframework.io.bundle.channels.v1: stable + operators.operatorframework.io.metrics.builder: operator-sdk-v1.35.0 + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: helm.sdk.operatorframework.io/v1 + + # Annotations for testing. + operators.operatorframework.io.test.mediatype.v1: scorecard+v1 + operators.operatorframework.io.test.config.v1: tests/scorecard/ + + # Red Hat OpenShift + com.redhat.openshift.versions: v4.14-v4.16 diff --git a/operators/hpe-greenlake-file-csi-operator/destinations/certified-operators/current-version/tests/scorecard/config.yaml b/operators/hpe-greenlake-file-csi-operator/destinations/certified-operators/current-version/tests/scorecard/config.yaml new file mode 100644 index 0000000..4e32de1 --- /dev/null +++ b/operators/hpe-greenlake-file-csi-operator/destinations/certified-operators/current-version/tests/scorecard/config.yaml @@ -0,0 +1,70 @@ +apiVersion: scorecard.operatorframework.io/v1alpha3 +kind: Configuration +metadata: + name: config +stages: +- parallel: true + tests: + - entrypoint: + - scorecard-test + - basic-check-spec + image: quay.io/operator-framework/scorecard-test:v1.35.0 + labels: + suite: basic + test: basic-check-spec-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-bundle-validation + image: quay.io/operator-framework/scorecard-test:v1.35.0 + labels: + suite: olm + test: olm-bundle-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-validation + image: quay.io/operator-framework/scorecard-test:v1.35.0 + labels: + suite: olm + test: olm-crds-have-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-resources + image: quay.io/operator-framework/scorecard-test:v1.35.0 + labels: + suite: olm + test: olm-crds-have-resources-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-spec-descriptors + image: quay.io/operator-framework/scorecard-test:v1.35.0 + labels: + suite: olm + test: olm-spec-descriptors-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-status-descriptors + image: quay.io/operator-framework/scorecard-test:v1.35.0 + labels: + suite: olm + test: olm-status-descriptors-test + storage: + spec: + mountPath: {} +storage: + spec: + mountPath: {} diff --git a/operators/hpe-greenlake-file-csi-operator/destinations/hpegreenlakefilecsidriver-latest-sample.yaml b/operators/hpe-greenlake-file-csi-operator/destinations/hpegreenlakefilecsidriver-latest-sample.yaml new file mode 100644 index 0000000..f40021a --- /dev/null +++ b/operators/hpe-greenlake-file-csi-operator/destinations/hpegreenlakefilecsidriver-latest-sample.yaml @@ -0,0 +1,44 @@ +apiVersion: storage.hpe.com/v1 +kind: HPEGreenLakeFileCSIDriver +metadata: + name: hpegreenlakefilecsidriver-sample +spec: + # Default values copied from /helm-charts/hpe-greenlake-file-csi-driver/values.yaml + controller: + affinity: {} + labels: {} + nodeSelector: {} + resources: + limits: + cpu: 2000m + memory: 1Gi + requests: + cpu: 100m + memory: 128Mi + tolerations: [] + disableNodeConformance: false + imagePullPolicy: IfNotPresent + images: + csiAttacher: registry.k8s.io/sig-storage/csi-attacher:v4.6.1 + csiControllerDriver: quay.io/hpestorage/filex-csi-driver:v1.0.0-beta + csiNodeDriver: quay.io/hpestorage/filex-csi-driver:v1.0.0-beta + csiNodeDriverRegistrar: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.1 + csiNodeInit: quay.io/hpestorage/filex-csi-init:v1.0.0-beta + csiProvisioner: registry.k8s.io/sig-storage/csi-provisioner:v5.0.1 + csiResizer: registry.k8s.io/sig-storage/csi-resizer:v1.11.1 + csiSnapshotter: registry.k8s.io/sig-storage/csi-snapshotter:v8.0.1 + kubeletRootDir: /var/lib/kubelet + node: + affinity: {} + labels: {} + nodeSelector: {} + resources: + limits: + cpu: 2000m + memory: 1Gi + requests: + cpu: 100m + memory: 128Mi + tolerations: [] + + diff --git a/operators/hpe-greenlake-file-csi-operator/destinations/hpegreenlakefilecsidriver-v1.0.0-beta-sample.yaml b/operators/hpe-greenlake-file-csi-operator/destinations/hpegreenlakefilecsidriver-v1.0.0-beta-sample.yaml new file mode 100644 index 0000000..f40021a --- /dev/null +++ b/operators/hpe-greenlake-file-csi-operator/destinations/hpegreenlakefilecsidriver-v1.0.0-beta-sample.yaml @@ -0,0 +1,44 @@ +apiVersion: storage.hpe.com/v1 +kind: HPEGreenLakeFileCSIDriver +metadata: + name: hpegreenlakefilecsidriver-sample +spec: + # Default values copied from /helm-charts/hpe-greenlake-file-csi-driver/values.yaml + controller: + affinity: {} + labels: {} + nodeSelector: {} + resources: + limits: + cpu: 2000m + memory: 1Gi + requests: + cpu: 100m + memory: 128Mi + tolerations: [] + disableNodeConformance: false + imagePullPolicy: IfNotPresent + images: + csiAttacher: registry.k8s.io/sig-storage/csi-attacher:v4.6.1 + csiControllerDriver: quay.io/hpestorage/filex-csi-driver:v1.0.0-beta + csiNodeDriver: quay.io/hpestorage/filex-csi-driver:v1.0.0-beta + csiNodeDriverRegistrar: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.1 + csiNodeInit: quay.io/hpestorage/filex-csi-init:v1.0.0-beta + csiProvisioner: registry.k8s.io/sig-storage/csi-provisioner:v5.0.1 + csiResizer: registry.k8s.io/sig-storage/csi-resizer:v1.11.1 + csiSnapshotter: registry.k8s.io/sig-storage/csi-snapshotter:v8.0.1 + kubeletRootDir: /var/lib/kubelet + node: + affinity: {} + labels: {} + nodeSelector: {} + resources: + limits: + cpu: 2000m + memory: 1Gi + requests: + cpu: 100m + memory: 128Mi + tolerations: [] + + diff --git a/operators/hpe-greenlake-file-csi-operator/sources/LICENSE b/operators/hpe-greenlake-file-csi-operator/sources/LICENSE new file mode 100644 index 0000000..d7ac6fc --- /dev/null +++ b/operators/hpe-greenlake-file-csi-operator/sources/LICENSE @@ -0,0 +1,192 @@ +Apache License +Version 2.0, January 2004 +http://www.apache.org/licenses/ + +TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + +1. Definitions. + +"License" shall mean the terms and conditions for use, reproduction, and +distribution as defined by Sections 1 through 9 of this document. + +"Licensor" shall mean the copyright owner or entity authorized by the copyright +owner that is granting the License. + +"Legal Entity" shall mean the union of the acting entity and all other entities +that control, are controlled by, or are under common control with that entity. +For the purposes of this definition, "control" means (i) the power, direct or +indirect, to cause the direction or management of such entity, whether by +contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the +outstanding shares, or (iii) beneficial ownership of such entity. + +"You" (or "Your") shall mean an individual or Legal Entity exercising +permissions granted by this License. + +"Source" form shall mean the preferred form for making modifications, including +but not limited to software source code, documentation source, and +configuration files. + +"Object" form shall mean any form resulting from mechanical transformation or +translation of a Source form, including but not limited to compiled object +code, generated documentation, and conversions to other media types. + +"Work" shall mean the work of authorship, whether in Source or Object form, +made available under the License, as indicated by a copyright notice that is +included in or attached to the work (an example is provided in the Appendix +below). + +"Derivative Works" shall mean any work, whether in Source or Object form, that +is based on (or derived from) the Work and for which the editorial revisions, +annotations, elaborations, or other modifications represent, as a whole, an +original work of authorship. For the purposes of this License, Derivative Works +shall not include works that remain separable from, or merely link (or bind by +name) to the interfaces of, the Work and Derivative Works thereof. + +"Contribution" shall mean any work of authorship, including the original +version of the Work and any modifications or additions to that Work or +Derivative Works thereof, that is intentionally submitted to Licensor for +inclusion in the Work by the copyright owner or by an individual or Legal +Entity authorized to submit on behalf of the copyright owner. For the purposes +of this definition, "submitted" means any form of electronic, verbal, or +written communication sent to the Licensor or its representatives, including +but not limited to communication on electronic mailing lists, source code +control systems, and issue tracking systems that are managed by, or on behalf +of, the Licensor for the purpose of discussing and improving the Work, but +excluding communication that is conspicuously marked or otherwise designated in +writing by the copyright owner as "Not a Contribution." + +"Contributor" shall mean Licensor and any individual or Legal Entity on behalf +of whom a Contribution has been received by Licensor and subsequently +incorporated within the Work. + +2. Grant of Copyright License. + +Subject to the terms and conditions of this License, each Contributor hereby +grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, +irrevocable copyright license to reproduce, prepare Derivative Works of, +publicly display, publicly perform, sublicense, and distribute the Work and +such Derivative Works in Source or Object form. + +3. Grant of Patent License. + +Subject to the terms and conditions of this License, each Contributor hereby +grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, +irrevocable (except as stated in this section) patent license to make, have +made, use, offer to sell, sell, import, and otherwise transfer the Work, where +such license applies only to those patent claims licensable by such Contributor +that are necessarily infringed by their Contribution(s) alone or by combination +of their Contribution(s) with the Work to which such Contribution(s) was +submitted. If You institute patent litigation against any entity (including a +cross-claim or counterclaim in a lawsuit) alleging that the Work or a +Contribution incorporated within the Work constitutes direct or contributory +patent infringement, then any patent licenses granted to You under this License +for that Work shall terminate as of the date such litigation is filed. + +4. Redistribution. + +You may reproduce and distribute copies of the Work or Derivative Works thereof +in any medium, with or without modifications, and in Source or Object form, +provided that You meet the following conditions: + +You must give any other recipients of the Work or Derivative Works a copy of +this License; and +You must cause any modified files to carry prominent notices stating that You +changed the files; and +You must retain, in the Source form of any Derivative Works that You +distribute, all copyright, patent, trademark, and attribution notices from the +Source form of the Work, excluding those notices that do not pertain to any +part of the Derivative Works; and +If the Work includes a "NOTICE" text file as part of its distribution, then any +Derivative Works that You distribute must include a readable copy of the +attribution notices contained within such NOTICE file, excluding those notices +that do not pertain to any part of the Derivative Works, in at least one of the +following places: within a NOTICE text file distributed as part of the +Derivative Works; within the Source form or documentation, if provided along +with the Derivative Works; or, within a display generated by the Derivative +Works, if and wherever such third-party notices normally appear. The contents +of the NOTICE file are for informational purposes only and do not modify the +License. You may add Your own attribution notices within Derivative Works that +You distribute, alongside or as an addendum to the NOTICE text from the Work, +provided that such additional attribution notices cannot be construed as +modifying the License. +You may add Your own copyright statement to Your modifications and may provide +additional or different license terms and conditions for use, reproduction, or +distribution of Your modifications, or for any such Derivative Works as a +whole, provided Your use, reproduction, and distribution of the Work otherwise +complies with the conditions stated in this License. + +5. Submission of Contributions. + +Unless You explicitly state otherwise, any Contribution intentionally submitted +for inclusion in the Work by You to the Licensor shall be under the terms and +conditions of this License, without any additional terms or conditions. +Notwithstanding the above, nothing herein shall supersede or modify the terms +of any separate license agreement you may have executed with Licensor regarding +such Contributions. + +6. Trademarks. + +This License does not grant permission to use the trade names, trademarks, +service marks, or product names of the Licensor, except as required for +reasonable and customary use in describing the origin of the Work and +reproducing the content of the NOTICE file. + +7. Disclaimer of Warranty. + +Unless required by applicable law or agreed to in writing, Licensor provides +the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, +including, without limitation, any warranties or conditions of TITLE, +NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are +solely responsible for determining the appropriateness of using or +redistributing the Work and assume any risks associated with Your exercise of +permissions under this License. + +8. Limitation of Liability. + +In no event and under no legal theory, whether in tort (including negligence), +contract, or otherwise, unless required by applicable law (such as deliberate +and grossly negligent acts) or agreed to in writing, shall any Contributor be +liable to You for damages, including any direct, indirect, special, incidental, +or consequential damages of any character arising as a result of this License +or out of the use or inability to use the Work (including but not limited to +damages for loss of goodwill, work stoppage, computer failure or malfunction, +or any and all other commercial damages or losses), even if such Contributor +has been advised of the possibility of such damages. + +9. Accepting Warranty or Additional Liability. + +While redistributing the Work or Derivative Works thereof, You may choose to +offer, and charge a fee for, acceptance of support, warranty, indemnity, or +other liability obligations and/or rights consistent with this License. +However, in accepting such obligations, You may act only on Your own behalf and +on Your sole responsibility, not on behalf of any other Contributor, and only +if You agree to indemnify, defend, and hold each Contributor harmless for any +liability incurred by, or claims asserted against, such Contributor by reason +of your accepting any such warranty or additional liability. + +END OF TERMS AND CONDITIONS + +APPENDIX: How to apply the Apache License to your work + +To apply the Apache License to your work, attach the following boilerplate +notice, with the fields enclosed by brackets "[]" replaced with your own +identifying information. (Don't include the brackets!) The text should be +enclosed in the appropriate comment syntax for the file format. We also +recommend that a file or class name and description of purpose be included on +the same "printed page" as the copyright notice for easier identification +within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. \ No newline at end of file diff --git a/operators/hpe-greenlake-file-csi-operator/sources/annotations.certified.yaml b/operators/hpe-greenlake-file-csi-operator/sources/annotations.certified.yaml new file mode 100644 index 0000000..d42722a --- /dev/null +++ b/operators/hpe-greenlake-file-csi-operator/sources/annotations.certified.yaml @@ -0,0 +1,3 @@ + + # Red Hat OpenShift + com.redhat.openshift.versions: v4.14-v4.16 diff --git a/operators/hpe-greenlake-file-csi-operator/sources/bundle.Dockerfile b/operators/hpe-greenlake-file-csi-operator/sources/bundle.Dockerfile new file mode 100644 index 0000000..859755f --- /dev/null +++ b/operators/hpe-greenlake-file-csi-operator/sources/bundle.Dockerfile @@ -0,0 +1,6 @@ +FROM scratch + +#Add these labels +LABEL com.redhat.openshift.versions="v4.14-v4.16" +LABEL com.redhat.delivery.operator.bundle=true +LABEL com.redhat.delivery.backport=true diff --git a/operators/hpe-greenlake-file-csi-operator/sources/hpe-filex-csi-operator.csv.yaml b/operators/hpe-greenlake-file-csi-operator/sources/hpe-filex-csi-operator.csv.yaml new file mode 100644 index 0000000..8ab180c --- /dev/null +++ b/operators/hpe-greenlake-file-csi-operator/sources/hpe-filex-csi-operator.csv.yaml @@ -0,0 +1,215 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + name: hpe-filex-csi-operator.v0.0.0 + namespace: placeholder + annotations: + features.operators.openshift.io/csi: "true" + features.operators.openshift.io/disconnected: "false" + features.operators.openshift.io/fips-compliant: "false" + features.operators.openshift.io/proxy-aware: "false" + features.operators.openshift.io/tls-profiles: "false" + features.operators.openshift.io/token-auth-aws: "false" + features.operators.openshift.io/token-auth-azure: "false" + features.operators.openshift.io/token-auth-gcp: "false" + features.operators.openshift.io/cnf: "false" + features.operators.openshift.io/cni: "false" + olm.skipRange: ">=1.0.0 <%SEMVER%" + alm-examples: '[]' + capabilities: Basic Install + categories: Storage + certified: "true" + description: >- + A Container Storage Interface (CSI) driver for HPE GreenLake File Storage. + support: "HPE" + repository: "https://github.com/hpe-storage/co-deployments" + containerImage: %IMG% + # Update >>> + operatorhub.io/ui-metadata-max-k8s-version: "1.31" +spec: + minKubeVersion: 1.25.0 + replaces: hpe-filex-csi-operator.v0.0.0 + # <<< for each new release + apiservicedefinitions: {} + install: + spec: + deployments: null + strategy: "" + displayName: HPE GreenLake File Storage CSI Operator + description: > + The HPE GreenLake File Storage CSI Operator deploys the + HPE GreenLake File Storage CSI Driver on OpenShift for dynamic + provisioning of persistent volumes. + + Please refer to our CSI driver [documentation](https://scod.hpedev.io/filex_csi_driver/index.html) + for supported HPE platforms and full list of supported CSI features. + + ## Installation + + Refer to the HPE GreenLake File Storage CSI Operator [documentation](https://scod.hpedev.io/filex_csi_driver/deployment.html#operator). + + maturity: stable + version: %SEMVER% + keywords: + - HPE + - HPE CSI + - HPE Storage + - CSI + maintainers: + - name: HPE Storage Containers Team + email: dev-hi-containers@hpe.com + provider: + name: HPE + labels: {} + selector: + matchLabels: {} + links: + - name: Documentation + url: "https://scod.hpedev.io/filex_csi_driver/index.html" + icon: + - base64data: >- + iVBORw0KGgoAAAANSUhEUgAAAlgAAAJYCAYAAAC+ZpjcAAAHXnpUWHRSYXcgcHJvZmlsZSB0eXBlIGV4aWYAAHja7VpZsiMpDPzXKeYIiJ3jsEbMDeb4k4IqPy/YbbsnYn7aFc9UU5RIMiUhHE39n78H/YWPNUqTdSH65L3CxyabdMZNVOuT5zcrO7/nx0Wlj96bfro80OgyaM16EP1q+ew/XjhbzrhzV4ZiPR6U2wfJrlbHO0PHREYQCYR2GEqHIaPXAz4M5LUs5VMM10sofbXH+4sG/JF8laTCFScP/7YB7DWHeYzW3TC47caYA4CRP00m48bjWxuAwiDGPc8eZc6lgpAdT5dPAqIhUO120I0qlzve99O9WlYfQ8wdyf7SbvuJ3V6VSf3VzDYed/q2Pww1FqI79uVvjBbHXDNWka0H1f5Y1LmUeYdxBVPI1JEAzUMjDx+KaOVKuCIUq3CFpqoquCon1pBrsOXGmQf32VaugGh1Jx1wo3XVZnZGE3TS1Yh+Vi4eOphkmonQtU7ZrdEXLDynTarSnC1i5sYYqhnGWPzi04s+fWEMCQVmFS9cAZfWQjZgiHLyjWFQhMdBqpsEn9f9R3Q1UNAJyxIiCcSWZaI4/skEZgptMNChXTHIoR0GQBGmdgCDaLAM1dg49qyC1oEZREYIlAFdG6sLFGDndANIbY3x0CZqmRqvBJ5DtdPoJvQjmUEJh/gK0CaZDLGsdfCfYCN8KDvjrHPOu+CiSy5746133vvgJSnmYIKl4IIPIcSQQo4m2uiijyHGmGJOOhkkTZd8CimmlHLGnBmWM97OGJBz0cUUWxwVX0KJJZVc4T7VVld9DTXWVHPTzTTkj+ZbaLGlljt3uFK33XXfQ4899TzgasPQsMMNP8KII418Ue2Q9eH6QDU+VNNTKRkYLqqhN4TTBEs6caIZBMMuwlA8iARwaC2aqcjWalFONFMJGc84DZBONGssikFB21m7wad2pJeiotxv6UbB3uimv1WORLoPlXvUbadak52jTsVWFAqpyiD68LzHrGOWze6hpWcPPm3/GPpj6J2Bw7oxogsjeySKAVcfcNI2bJG2WkI2lj0jy7edD+HgBU9LTwGvIpS69SEZbIku2t5H76b2fG+aHm3/2rRJHMPwDfsG+kscJmNppXEYnd3oCYPNcCHIy6FhL0SLnTuMqstoBsNCz116+8huttpHAObRaIcXxcWBGAgX5AX4gAuwAvUAKnVlCjRf26O9Ays5YMKdYJENbsDSgXZh/UH6ktgdr/QNsTte6Rtid3DpG2J3vNI3xO54pW+I3fFK3xC745W+IXbHK31D7A4sfUPsDih9Q+yOV/qG2B2v9A2xO17pDWJ78TPl4qQTmwJuVDaloxArbJsGyJZ6pOANuzpSDqkyQBqDtaGQgnWrugUbI8t68LxxT7nifBmbG5iWbQgFx30lwKlI3TXk+Bo0bGP5MDSpqBaDe+SaJk8oWyAL1x7NKDgdpVHLiNmUJhj1SmwuJjnwKBRrELrLm/kJstgDTkyyyjq6G9Vx6w1rIr6ffE4txoXKJ3hNVqOjFPMBNVaH8eEp5o6S9pxczsl9GjoBPEecGtbrDU5wQhjdMKYOCK8J+8F8RRjdMCZ0zsnll4ar6dU1ZY+ohTba8MbPNXuOmja83dJ2q9lTzPTA2g1p73sZvXaz972MXrvZ+15Gr93sfS+j1272hpeNGCQTUNG1cV2pwISiVibAMQSZQKjj7jhWm0/usiQUnZEIL/XcWBukgIOZmetKRuozOfrsV5Z6fFIS0pv8OAJmps0oV9b0H9Wid4YARNwB8mH5JUP0A95Dr0pJ9By+Tlglkxq125vVfrdYelztd4ujXwx4e7H0uNqbxcIXPTxl6FqMTXAfH7VqvboiftGNDr3YCqOEPfCIZevEL9feynm6derWBkxv4O7a+e5HZV5xU8qMG61X0HaSxHBuzL1Pv41Z/Fbi0jgJORu0RvC0KMFjQldxxY1rVYKWeQWtJAU/88wrbNg0JXSql9ApQ9kVNWtuCVu6mt7uIE/EM+C4Rsk12FBBahtRmzPNCAIJ2h8APPPMDeSFuEh+QoUguaaw5Jp7uuiYfE4N66swuAB+ny7ZRcb8uezIMydlJ+Q7xE8Jo2d6PRB2wbwnjMzazZ4o9kPZA+o72mjD271mb3kZvXaz972MXrvZ+15Gr93sfS+j1252r5jpvHKBA8KVCxjkcGGSZBAAsrjW3GIuoNQ0nEuYzK2Ekk2tJp07L59Vbm6zykXFTNhV166pzDo+uLPKdavKzXmV4JjPhwaUXndkZNBRj3PUtAtDy6zU+3rV++4sX5ZtqfbdqvbF9mkZu7zU5rGgNgcpNMyq9r3ys9rv5aj2a17VvlvFh1rVfvNHtZ+OU1Qus7g3lFp8QPuMh1c00DUPd2jvwOIUteBOsLJ3XYOlA+3C+oN0B/SEuWWVPqd1zyp9TuueVfqc1j2r9Dmte1bpc1r3rNLntO5Zpc9p/c2g/ZWz0ue07lmlz2nds0qf07pnlT6ndc8q/ZrWVWBmO1z88zP0H0P/qyGER5P/XfAv31Y5/NGJ9YUAAAGFaUNDUElDQyBwcm9maWxlAAB4nH2RPUjDQBzFX1O1IhUFC0pxyFDFwYKoiKNWoQgVQq3QqoPJpR9Ck4YkxcVRcC04+LFYdXBx1tXBVRAEP0AcnZwUXaTE/yWFFrEeHPfj3b3H3TtAqBaZZrWNAZpum8l4TExnVsTAKzrQj16MICwzy5iVpARajq97+Ph6F+VZrc/9ObrVrMUAn0g8wwzTJl4nntq0Dc77xCFWkFXic+JRky5I/Mh1xeM3znmXBZ4ZMlPJOeIQsZhvYqWJWcHUiCeJI6qmU76Q9ljlvMVZK5ZZ/Z78hcGsvrzEdZqDiGMBi5AgQkEZGyjCRpRWnRQLSdqPtfCHXb9ELoVcG2DkmEcJGmTXD/4Hv7u1chPjXlIwBrS/OM7HEBDYBWoVx/k+dpzaCeB/Bq70hr9UBaY/Sa80tMgR0LMNXFw3NGUPuNwBBp4M2ZRdyU9TyOWA9zP6pgzQdwt0rXq91fdx+gCkqKvEDXBwCAznKXutxbs7m3v790y9vx+EqnKuz9SrLAAADRxpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+Cjx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IlhNUCBDb3JlIDQuNC4wLUV4aXYyIj4KIDxyZGY6UkRGIHhtbG5zOnJkZj0iaHR0cDovL3d3dy53My5vcmcvMTk5OS8wMi8yMi1yZGYtc3ludGF4LW5zIyI+CiAgPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIKICAgIHhtbG5zOnhtcE1NPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvbW0vIgogICAgeG1sbnM6c3RFdnQ9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9zVHlwZS9SZXNvdXJjZUV2ZW50IyIKICAgIHhtbG5zOmRjPSJodHRwOi8vcHVybC5vcmcvZGMvZWxlbWVudHMvMS4xLyIKICAgIHhtbG5zOkdJTVA9Imh0dHA6Ly93d3cuZ2ltcC5vcmcveG1wLyIKICAgIHhtbG5zOnRpZmY9Imh0dHA6Ly9ucy5hZG9iZS5jb20vdGlmZi8xLjAvIgogICAgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvIgogICB4bXBNTTpEb2N1bWVudElEPSJnaW1wOmRvY2lkOmdpbXA6MTNjMDg5ZTItODcyMC00Nzc2LWE5YTktODFhOWVkNmQ0YjE4IgogICB4bXBNTTpJbnN0YW5jZUlEPSJ4bXAuaWlkOmNiOTg0ZTE4LTVmNjItNGQ1Yy1iNmVkLTUzY2VhOWI1ODI0ZSIKICAgeG1wTU06T3JpZ2luYWxEb2N1bWVudElEPSJ4bXAuZGlkOjJmNmNkMmU4LTlmOTItNGI2MS1hMGRjLWRkYmYyMmQwNTEyMiIKICAgZGM6Rm9ybWF0PSJpbWFnZS9wbmciCiAgIEdJTVA6QVBJPSIyLjAiCiAgIEdJTVA6UGxhdGZvcm09Ik1hYyBPUyIKICAgR0lNUDpUaW1lU3RhbXA9IjE2NTYwMDgxNjU1NjEyOTUiCiAgIEdJTVA6VmVyc2lvbj0iMi4xMC4zMCIKICAgdGlmZjpPcmllbnRhdGlvbj0iMSIKICAgeG1wOkNyZWF0b3JUb29sPSJHSU1QIDIuMTAiPgogICA8eG1wTU06SGlzdG9yeT4KICAgIDxyZGY6U2VxPgogICAgIDxyZGY6bGkKICAgICAgc3RFdnQ6YWN0aW9uPSJzYXZlZCIKICAgICAgc3RFdnQ6Y2hhbmdlZD0iLyIKICAgICAgc3RFdnQ6aW5zdGFuY2VJRD0ieG1wLmlpZDoyNTZjMzUwNy1mMTBkLTRiZmQtYjk1Ni01YmQ1MDkyYTYxOGYiCiAgICAgIHN0RXZ0OnNvZnR3YXJlQWdlbnQ9IkdpbXAgMi4xMCAoTWFjIE9TKSIKICAgICAgc3RFdnQ6d2hlbj0iMjAyMi0wNi0yM1QxMToxNjowNS0wNzowMCIvPgogICAgPC9yZGY6U2VxPgogICA8L3htcE1NOkhpc3Rvcnk+CiAgPC9yZGY6RGVzY3JpcHRpb24+CiA8L3JkZjpSREY+CjwveDp4bXBtZXRhPgogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAKICAgICAgICAgICAgICAgICAgICAgICAgICAgCjw/eHBhY2tldCBlbmQ9InciPz5E/GOUAAAABmJLR0QAAAAAAAD5Q7t/AAAACXBIWXMAAE06AABNOgE3s+Y8AAAAB3RJTUUH5gYXEhAFa01ZeQAABs9JREFUeNrt2bENAjEMQFE7uoohbhMmoKdiFSQE05A1qBgDBsFMwHEFRZDem8CKXXwpEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBgyr+fyDAAAv9M8AQCAwAIAEFgAAAILAACBBQAgsAAABBYAAAILAEBgAQAILAAABBYAgMACABBYAAACCwAAgQUAILAAAAQWAAACCwBAYAEACCwAAAQWAIDAAgAQWAAACCwAAIEFACCwAAAEFgAAAgsAQGABAAgsAAAEFgCAwAIAEFgAAAgsAACBBQAgsAAAiIiIadC5nhl5sx4AYElFbSNiFlgrZOb9tT8enA0AsKT1S6+q4QLLFyEAgMACABBYAAACCwAAgQUAILAAAAQWAAACCwBAYAEACCwAAAQWAIDAAgAQWAAAAgsAAIEFACCwAAAEFgAAAgsAQGABAAgsAAAEFgCAwAIAEFgAAAgsAACBBQAgsAAABBYAAAILAEBgAQAILAAABBYAgMACABBYAAAILAAAgQUAILAAABBYAAACCwBAYAEACCwAAAQWAIDAAgAQWAAACCwAAIEFACCwAAAQWAAAAgsAQGABACCwAAAEFgCAwAIAEFgAAAgsAACBBQAgsAAAEFgAAAILAEBgAQAgsAAABBYAgMACABBYAAAILAAAgQUAILAAABBYAAACCwBAYAEAILAAAAQWAIDAAgBAYAEACCwAAIEFACCwAAAQWAAAAgsAQGABACCwAAAEFgCAwAIAQGABAAgsAACBBQCAwAIAEFgAAAILAEBgAQAgsAAABBYAgMACAEBgAQAILAAAgQUAwAfTiENV1Sb6abYeAOBrMwis1XZZ7eFsAIB/5IsQAEBgAQAILAAAgQUAgMACABBYAAACCwAAgQUAILAAAAQWAAACCwBAYAEACCwAAIEFAIDAAgAQWAAAAgsAAIEFACCwAAAEFgAAAgsAQGABAAgsAAAEFgCAwAIAEFgAAAILAACBBQAgsAAABBYAAAILAEBgAQAILAAABBYAgMACABBYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABjeQPykxj8q5E4CAAAAABJRU5ErkJggg== + + mediatype: image/png + relatedImages: [] + customresourcedefinitions: + owned: + - name: hpegreenlakefilecsidrivers.storage.hpe.com + displayName: HPEGreenLakeFileCSIDriver + kind: HPEGreenLakeFileCSIDriver + version: v1 + description: HPE GreenLake File Storage CSI Driver + resources: + - version: v1 + kind: Deployment + - version: v1 + kind: Service + - version: v1 + kind: ReplicaSet + - version: v1 + kind: Pod + - version: v1 + kind: Secret + specDescriptors: + - displayName: ImagePullPolicy + description: Image pull policy for all images used in the HPE GreenLake for File Storage CSI Driver deployment + path: imagePullPolicy + x-descriptors: + - "urn:alm:descriptor:com.tectonic.ui:imagePullPolicy" + - displayName: Disable Node Conformance + description: "Disables automatic installation of NFS utilities (default: false)" + path: disableNodeConformance + x-descriptors: + - "urn:alm:descriptor:com.tectonic.ui:booleanSwitch" + - displayName: Kubelet root dir + description: "The kubelet root directory path" + path: kubeletRootDir + x-descriptors: + - "urn:alm:descriptor:com.tectonic.ui:text" + - displayName: CSI controller configuration + description: "Configure CSI controller decorations" + path: controller + - displayName: CSI controller nodeSelector + description: "Sets a nodeSelector on the CSI controller Pod" + path: controller.nodeSelector + - displayName: CSI controller tolerations + description: "Sets tolerations on the CSI controller Pod" + path: controller.tolerations + - displayName: CSI controller labels + description: "Labels the CSI controller Pod" + path: controller.labels + - displayName: CSI controller affinity rules + description: "Sets affinity rules on the CSI controller Pod" + path: controller.affinity + x-descriptors: + - "urn:alm:descriptor:com.tectonic.ui:nodeAffinity" + - displayName: CSI controller resource requirements + description: Limits describes the minimum/maximum amount of compute resources required/allowed + path: controller.resources + x-descriptors: + - "urn:alm:descriptor:com.tectonic.ui:resourceRequirements" + - displayName: CSI node driver configuration + description: "Configure CSI node driver decorations" + path: node + - displayName: CSI node driver nodeSelector + description: "Sets a nodeSelector on the CSI node driver Pods" + path: node.nodeSelector + - displayName: CSI node driver tolerations + description: "Sets tolerations on the CSI node driver Pods" + path: node.tolerations + - displayName: CSI node driver labels + description: "Labels the CSI node driver Pods" + path: node.labels + - displayName: CSI node driver affinity rules + description: "Sets affinity rules on the CSI node driver Pods" + path: node.affinity + x-descriptors: + - "urn:alm:descriptor:com.tectonic.ui:nodeAffinity" + - displayName: CSI node resource requirements + description: Limits describes the minimum/maximum amount of compute resources required/allowed + path: node.resources + x-descriptors: + - "urn:alm:descriptor:com.tectonic.ui:resourceRequirements" + - displayName: HPE GreenLake for File Storage CSI Operator images + description: Set images for sidecars, controller and node + path: images + - displayName: CSI Node Driver Image + description: HPE GreenLake for File Storage CSI Driver Node Driver container image + path: images.csiNodeDriver + x-descriptors: + - "urn:alm:descriptor:com.tectonic.ui:text" + - displayName: CSI Node Init Image + description: HPE GreenLake for File Storge CSI Init container image + path: images.csiNodeInit + x-descriptors: + - "urn:alm:descriptor:com.tectonic.ui:text" + - displayName: CSI Controller Driver Image + description: HPE GreenLake for File Storage CSI Driver Controller Driver container image + path: images.csiControllerDriver + x-descriptors: + - "urn:alm:descriptor:com.tectonic.ui:text" + - displayName: CSI Attacher Image + description: The SIG Storage CSI Attacher container image + path: images.csiAttacher + x-descriptors: + - "urn:alm:descriptor:com.tectonic.ui:text" + - displayName: CSI Node Driver Registrar Image + description: The SIG Storage CSI Node Driver Registrar container image + path: images.csiNodeDriverRegistrar + x-descriptors: + - "urn:alm:descriptor:com.tectonic.ui:text" + - displayName: CSI Provisioner Image + description: The SIG Storage CSI Provisioner container image + path: images.csiProvisioner + x-descriptors: + - "urn:alm:descriptor:com.tectonic.ui:text" + - displayName: CSI Resizer Image + description: The SIG Storage CSI Provisioner container image + path: images.csiResizer + x-descriptors: + - "urn:alm:descriptor:com.tectonic.ui:text" + - displayName: CSI Snapshotter Image + description: The SIG Storage CSI External Snapshotter container image + path: images.csiSnapshotter + x-descriptors: + - "urn:alm:descriptor:com.tectonic.ui:text" + statusDescriptors: + - displayName: Conditions + description: HPE GreenLake for File Storage CSI Driver Helm release status + path: conditions + x-descriptors: + - "urn:alm:descriptor:io.kubernetes.conditions" + - displayName: DeployedRelease + description: HPE GreenLake for File Storage CSI Driver Helm release + path: deployedRelease + x-descriptors: + - "urn:alm:descriptor:text" + installModes: + - supported: true + type: OwnNamespace + - supported: true + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: false + type: AllNamespaces diff --git a/operators/hpe-greenlake-file-csi-operator/sources/hpegreenlakefilecsidrivers.storage.hpe.com.crd.yaml b/operators/hpe-greenlake-file-csi-operator/sources/hpegreenlakefilecsidrivers.storage.hpe.com.crd.yaml new file mode 100644 index 0000000..19665cf --- /dev/null +++ b/operators/hpe-greenlake-file-csi-operator/sources/hpegreenlakefilecsidrivers.storage.hpe.com.crd.yaml @@ -0,0 +1,907 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + creationTimestamp: null + name: hpegreenlakefilecsidrivers.storage.hpe.com +spec: + group: storage.hpe.com + names: + kind: HPEGreenLakeFileCSIDriver + listKind: HPEGreenLakeFileCSIDriverList + plural: hpegreenlakefilecsidrivers + singular: hpegreenlakefilecsidriver + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: HPEGreenLakeFileCSIDriver is the Schema for the hpegreenlakefilecsidrivers API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HPEGreenLakeFileCSIDriverSpec defines the desired state of HPEGreenLakeFileCSIDriver + properties: + disableNodeConformance: + description: DisableNodeConformance disables automatic installation + of NFS client packages and services + type: boolean + imagePullPolicy: + description: Image Pull Policy for HPE GreenLake for File Storage CSI Driver images + type: string + images: + description: HPE GreenLake for File Storage CSI Operator Images + properties: + csiNodeDriver: + type: string + csiNodeInit: + type: string + csiControllerDriver: + type: string + csiAttacher: + type: string + csiNodeDriverRegistrar: + type: string + csiProvisioner: + type: string + csiResizer: + type: string + csiSnapshotter: + type: string + required: + - csiNodeDriver + - csiNodeInit + - csiControllerDriver + - csiAttacher + - csiNodeDriverRegistrar + - csiProvisioner + - csiResizer + - csiSnapshotter + type: object + kubeletRootDir: + description: Kubelet root directory path + type: string + controller: + description: Controller parameters to be configured + properties: + resources: + description: Resources the HPE GreenLake for File Storage CSI Operator controller and sidecar containers will use. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed" + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required" + type: object + type: object + labels: + type: object + nodeSelector: + additionalProperties: + type: string + description: Node selector to control the selection of nodes (optional) + type: object + tolerations: + description: Set tolerations for the controller pods(optional) + items: + properties: + key: + type: string + operator: + type: string + effect: + type: string + tolerationSeconds: + type: integer + value: + type: string + type: object + type: array + affinity: + description: Node affinity for controller plugin (optional) + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated with the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements by node's fields. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The terms are ORed. + items: + description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements by node's fields. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + type: object + node: + description: Node parameters to be configured + properties: + resources: + description: Resources the HPE GreenLake for File Storage CSI Operator node containers will use. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "Limits describes the maximum amount of compute resources allowed" + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "Requests describes the minimum amount of compute resources required" + type: object + type: object + labels: + type: object + nodeSelector: + additionalProperties: + type: string + description: Node selector to control the selection of nodes (optional) + type: object + tolerations: + description: Set tolerations for the node pods(optional) + items: + properties: + key: + type: string + operator: + type: string + effect: + type: string + tolerationSeconds: + type: integer + value: + type: string + type: object + type: array + affinity: + description: Node affinity for node plugin (optional) + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + properties: + preference: + description: A node selector term, associated with the corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements by node's fields. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The terms are ORed. + items: + description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements by node's fields. + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + type: object + required: + - disableNodeConformance + - imagePullPolicy + - images + - kubeletRootDir + - controller + - node + type: object + status: + description: HPEGreenLakeFileCSIDriverStatus defines the observed state of HPEGreenLakeFileCSIDriver + properties: + conditions: + description: HPE GreenLake for File Storage CSI Driver helm release status + items: + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + deployedRelease: + description: HPE GreenLake for File Storage CSI Driver helm release + properties: + manifest: + type: string + name: + type: string + type: object + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/operators/hpe-greenlake-file-csi-operator/sources/operator.Dockerfile b/operators/hpe-greenlake-file-csi-operator/sources/operator.Dockerfile new file mode 100644 index 0000000..e251d69 --- /dev/null +++ b/operators/hpe-greenlake-file-csi-operator/sources/operator.Dockerfile @@ -0,0 +1,17 @@ +# Build the manager binary +%FROM% +LABEL name="filex-csi-driver-operator" \ + maintainer="HPE Storage Containers Team" \ + vendor="HPE" \ + version="%SEMVER%" \ + release="%SEMVER%" \ + summary="HPE GreenLake for File Storage CSI Operator" \ + description="HPE GreenLake for File Storage CSI Operator" \ + io.k8s.display-name="HPE GreenLake for File Storage CSI Operator" \ + io.k8s.description="The HPE GreenLake for File Storage CSI Operatorenables container orchestrators, such as Kubernetes and OpenShift, to manage the life-cycle of persistent storage." \ + io.openshift.tags=hpe,csi,hpe-greenlake-file-csi-driver +ENV HOME=/opt/helm +COPY watches.yaml ${HOME}/watches.yaml +COPY helm-charts ${HOME}/helm-charts +COPY LICENSE /licenses/ +WORKDIR ${HOME} diff --git a/operators/hpe-greenlake-file-csi-operator/sources/role.yaml b/operators/hpe-greenlake-file-csi-operator/sources/role.yaml new file mode 100644 index 0000000..b4db16c --- /dev/null +++ b/operators/hpe-greenlake-file-csi-operator/sources/role.yaml @@ -0,0 +1,134 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: manager-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: hpe-filex-csi-operator + app.kubernetes.io/part-of: hpe-filex-csi-operator + app.kubernetes.io/managed-by: kustomize + name: manager-role +rules: + - apiGroups: ["storage.hpe.com"] + resources: ["*"] + verbs: + ["get", "watch", "list", "delete", "update", "create", "patch"] + - apiGroups: [""] + resources: + [ + "namespaces", + "pods", + "services", + "endpoints", + "configmaps", + "secrets", + "serviceaccounts", + ] + verbs: + ["get", "watch", "list", "delete", "update", "create", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: + ["get", "watch", "list", "delete", "update", "create", "patch"] + # CSI operator needs to create/delete a ClusterRole and ClusterRoleBinding for provisioning PVs + - apiGroups: ["rbac.authorization.k8s.io"] + resources: + ["clusterrolebindings", "clusterroles", "roles", "rolebindings"] + verbs: + ["get", "watch", "list", "delete", "update", "create", "patch"] + # On Openshift ClusterRoleBindings belong to a different apiGroup. + - apiGroups: ["authorization.openshift.io"] + resources: ["clusterrolebindings", "clusterroles"] + verbs: + ["get", "watch", "list", "delete", "update", "create", "patch"] + # Need the same permissions as external-provisioner to be able to create it + - apiGroups: [""] + resources: ["secrets"] + verbs: + ["get", "watch", "list", "delete", "update", "create", "patch"] + - apiGroups: [""] + resources: ["namespaces"] + verbs: ["get", "list", "create"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list"] + - apiGroups: [""] + resources: ["persistentvolumes"] + verbs: + ["get", "list", "watch", "create", "delete", "update", "patch"] + - apiGroups: [""] + resources: ["persistentvolumeclaims"] + verbs: + ["get", "watch", "list", "delete", "update", "create", "patch"] + - apiGroups: [""] + resources: ["services"] + verbs: + ["get", "watch", "list", "delete", "update", "create", "patch"] + - apiGroups: ["apps"] + resources: ["deployments", "daemonsets"] + verbs: + ["get", "watch", "list", "delete", "update", "create", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: + ["get", "watch", "list", "delete", "update", "create", "patch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "list", "watch", "create", "update", "patch"] + # Need the same permissions as external-attacher clusterrole to be able to create it + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments"] + verbs: ["get", "list", "watch", "update", "patch", "delete"] + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattachments/status"] + verbs: + ["get", "list", "watch", "update", "create", "delete", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["csinodes"] + verbs: ["get", "list", "watch"] + # Need the same permissions as external-snapshotter clusterrole to be able to create it + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots"] + verbs: ["create", "update", "delete", "get", "list", "watch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots/status"] + verbs: ["update"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents"] + verbs: + ["create", "update", "delete", "get", "list", "watch", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotcontents/status"] + verbs: + ["create", "get", "list", "watch", "update", "delete", "patch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshotclasses"] + verbs: ["get", "list", "watch"] + # Need the same permissions as driver-registrar clusterrole to be able to create it. + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "watch", "list", "delete", "update", "create"] + - apiGroups: ["csi.storage.k8s.io"] + resources: ["csidrivers"] + verbs: + ["get", "watch", "list", "delete", "update", "create", "patch"] + - apiGroups: ["storage.k8s.io"] + resources: ["csidrivers"] + verbs: + ["get", "watch", "list", "delete", "update", "create", "patch"] + # Need the same permissions as external-resizer to be able to create it. + - apiGroups: [""] + resources: ["persistentvolumeclaims/status"] + verbs: + ["create", "get", "list", "watch", "update", "delete", "patch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: + ["get", "watch", "list", "delete", "update", "create", "patch"] + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["get", "watch", "list", "delete", "update", "create"]