From f27c303dbfad2891b1ff6ab9f913b01dbe9547aa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20Mass=C3=A9?= Date: Tue, 13 Jun 2023 16:45:01 +0200 Subject: [PATCH] wip --- README.md | 36 +- infrastructure.yaml.sample | 4 +- infrastructure/templates/crunchy.yaml | 14 - infrastructure/templates/eshop-dev.yaml | 167 +++++++++ .../{fruits-prod.yaml => eshop-prod.yaml} | 8 +- .../{fruits-test.yaml => eshop-test.yaml} | 8 +- infrastructure/templates/fruits-dev.yaml | 350 ------------------ .../templates/helmchartrepository.yaml | 133 ++++++- infrastructure/templates/kubevirt.yaml | 41 -- infrastructure/templates/servicebinding.yaml | 14 - 10 files changed, 307 insertions(+), 468 deletions(-) delete mode 100644 infrastructure/templates/crunchy.yaml create mode 100644 infrastructure/templates/eshop-dev.yaml rename infrastructure/templates/{fruits-prod.yaml => eshop-prod.yaml} (81%) rename infrastructure/templates/{fruits-test.yaml => eshop-test.yaml} (81%) delete mode 100644 infrastructure/templates/fruits-dev.yaml delete mode 100644 infrastructure/templates/kubevirt.yaml delete mode 100644 infrastructure/templates/servicebinding.yaml diff --git a/README.md b/README.md index d86a1f7..9501b82 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# GitOps Artefacts for the MAD Roadshow France 2023 +# GitOps Artefacts for the eShopOnWeb demo ## Deploy OpenShift resources with OpenShift GitOps @@ -31,37 +31,3 @@ oc adm policy add-cluster-role-to-user cluster-admin system:serviceaccount:opens cp infrastructure.yaml.sample infrastructure.yaml oc apply -f infrastructure.yaml -n openshift-gitops ``` - -## Create the Helm repository - -```sh -sudo dnf install awscli2 rclone -aws configure -aws s3api list-buckets --output text -aws s3api create-bucket --bucket mad-roadshow-france-2023-helm-charts --create-bucket-configuration LocationConstraint=eu-west-3 --region eu-west-3 -aws s3api put-public-access-block --bucket "mad-roadshow-france-2023-helm-charts" --public-access-block-configuration "BlockPublicPolicy=false" -aws s3api put-bucket-policy --bucket mad-roadshow-france-2023-helm-charts --policy '{ - "Version": "2012-10-17", - "Statement": [ - { - "Sid": "PublicReadGetObject", - "Effect": "Allow", - "Principal": "*", - "Action": [ - "s3:GetObject" - ], - "Resource": [ - "arn:aws:s3:::mad-roadshow-france-2023-helm-charts/*" - ] - } - ] -}' -rclone config -rclone ls aws:mad-roadshow-france-2023-helm-charts -mkdir -p /tmp/mad-roadshow-france-2023-helm-charts -helm package -d /tmp/mad-roadshow-france-2023-helm-charts fruits-chart -helm repo index --url "https://mad-roadshow-france-2023-helm-charts.s3.eu-west-3.amazonaws.com/" "/tmp/mad-roadshow-france-2023-helm-charts" -rclone sync --delete-after /tmp/mad-roadshow-france-2023-helm-charts aws:mad-roadshow-france-2023-helm-charts -rclone ls aws:mad-roadshow-france-2023-helm-charts -curl https://mad-roadshow-france-2023-helm-charts.s3.eu-west-3.amazonaws.com/index.yaml -``` diff --git a/infrastructure.yaml.sample b/infrastructure.yaml.sample index 9b39600..389282d 100644 --- a/infrastructure.yaml.sample +++ b/infrastructure.yaml.sample @@ -1,7 +1,7 @@ apiVersion: argoproj.io/v1alpha1 kind: Application metadata: - name: mad-roadshow-france-2023 + name: eshop namespace: openshift-gitops spec: destination: @@ -9,7 +9,7 @@ spec: server: 'https://kubernetes.default.svc' source: path: infrastructure - repoURL: 'https://github.com/MAD-Roadshow-France-2023/gitops.git' + repoURL: 'https://github.com/nmasse-itix/eShopOnWeb-gitops.git' targetRevision: main helm: parameters: diff --git a/infrastructure/templates/crunchy.yaml b/infrastructure/templates/crunchy.yaml deleted file mode 100644 index fcb2df9..0000000 --- a/infrastructure/templates/crunchy.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: operators.coreos.com/v1alpha1 -kind: Subscription -metadata: - annotations: - argocd.argoproj.io/sync-wave: "10" - name: crunchy-postgres-operator - namespace: openshift-operators -spec: - channel: v5 - installPlanApproval: Automatic - name: crunchy-postgres-operator - source: certified-operators - sourceNamespace: openshift-marketplace - startingCSV: postgresoperator.v5.3.0 diff --git a/infrastructure/templates/eshop-dev.yaml b/infrastructure/templates/eshop-dev.yaml new file mode 100644 index 0000000..c8c17b3 --- /dev/null +++ b/infrastructure/templates/eshop-dev.yaml @@ -0,0 +1,167 @@ +apiVersion: project.openshift.io/v1 +kind: Project +metadata: + annotations: + argocd.argoproj.io/sync-wave: "0" + openshift.io/description: "" + openshift.io/display-name: "" + labels: + kubernetes.io/metadata.name: eshop-dev + name: eshop-dev +spec: + finalizers: + - kubernetes +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + annotations: + argocd.argoproj.io/sync-wave: "20" + name: cosign-hook + namespace: eshop-dev +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + annotations: + argocd.argoproj.io/sync-wave: "20" + name: cosign-hook + namespace: eshop-dev +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: edit +subjects: +- kind: ServiceAccount + name: cosign-hook + namespace: eshop-dev +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + annotations: + argocd.argoproj.io/sync-wave: "20" + name: secret-reader + namespace: eshop-dev +rules: +- apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch"] +--- +# The stackrox hook needs to be able to read the cosign public key in order to create the sigstore policy +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + annotations: + argocd.argoproj.io/sync-wave: "20" + name: stackrox-hook + namespace: eshop-dev +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: secret-reader +subjects: +- kind: ServiceAccount + name: stackrox-hook + namespace: stackrox +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + annotations: + argocd.argoproj.io/sync-wave: "20" + name: test-can-pull + namespace: eshop-dev +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:image-puller +subjects: +- kind: ServiceAccount + name: default + namespace: eshop-test +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + annotations: + argocd.argoproj.io/sync-wave: "20" + name: prod-can-pull + namespace: eshop-dev +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: system:image-puller +subjects: +- kind: ServiceAccount + name: default + namespace: eshop-prod +--- +apiVersion: v1 +kind: ConfigMap +metadata: + annotations: + argocd.argoproj.io/sync-wave: "20" + name: cosign-hook + namespace: eshop-dev +data: +{{ (.Files.Glob "files/cosign-hook/*").AsConfig | indent 2 }} +--- +apiVersion: batch/v1 +kind: Job +metadata: + annotations: + argocd.argoproj.io/sync-wave: "20" + name: cosign-hook + namespace: eshop-dev +spec: + backoffLimit: 30 + template: + spec: + containers: + - name: hook + command: + - /entrypoint/cosign.sh + args: [] + image: registry.redhat.io/openshift4/ose-cli:v4.13 + imagePullPolicy: IfNotPresent + env: + - name: USER + value: openshift + - name: HOME + value: /tmp + volumeMounts: + - mountPath: /entrypoint + name: cosign-hook + readOnly: true + serviceAccountName: cosign-hook + serviceAccount: cosign-hook + restartPolicy: OnFailure + terminationGracePeriodSeconds: 30 + volumes: + - name: cosign-hook + configMap: + name: cosign-hook + defaultMode: 0755 +--- +apiVersion: image.openshift.io/v1 +kind: ImageStream +metadata: + annotations: + argocd.argoproj.io/sync-wave: "20" + name: eshop-web + namespace: eshop-dev +spec: + lookupPolicy: + local: false +--- +apiVersion: image.openshift.io/v1 +kind: ImageStream +metadata: + annotations: + argocd.argoproj.io/sync-wave: "20" + name: eshop-api + namespace: eshop-dev +spec: + lookupPolicy: + local: false diff --git a/infrastructure/templates/fruits-prod.yaml b/infrastructure/templates/eshop-prod.yaml similarity index 81% rename from infrastructure/templates/fruits-prod.yaml rename to infrastructure/templates/eshop-prod.yaml index d2d66fe..9ba6aa3 100644 --- a/infrastructure/templates/fruits-prod.yaml +++ b/infrastructure/templates/eshop-prod.yaml @@ -6,8 +6,8 @@ metadata: openshift.io/description: "" openshift.io/display-name: "" labels: - kubernetes.io/metadata.name: fruits-prod - name: fruits-prod + kubernetes.io/metadata.name: eshop-prod + name: eshop-prod spec: finalizers: - kubernetes @@ -18,7 +18,7 @@ metadata: annotations: argocd.argoproj.io/sync-wave: "20" name: tekton-is-admin - namespace: fruits-prod + namespace: eshop-prod roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -26,4 +26,4 @@ roleRef: subjects: - kind: ServiceAccount name: pipeline - namespace: fruits-dev + namespace: eshop-dev diff --git a/infrastructure/templates/fruits-test.yaml b/infrastructure/templates/eshop-test.yaml similarity index 81% rename from infrastructure/templates/fruits-test.yaml rename to infrastructure/templates/eshop-test.yaml index 962f980..64c8bc0 100644 --- a/infrastructure/templates/fruits-test.yaml +++ b/infrastructure/templates/eshop-test.yaml @@ -6,8 +6,8 @@ metadata: openshift.io/description: "" openshift.io/display-name: "" labels: - kubernetes.io/metadata.name: fruits-test - name: fruits-test + kubernetes.io/metadata.name: eshop-test + name: eshop-test spec: finalizers: - kubernetes @@ -18,7 +18,7 @@ metadata: annotations: argocd.argoproj.io/sync-wave: "20" name: tekton-is-admin - namespace: fruits-test + namespace: eshop-test roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -26,4 +26,4 @@ roleRef: subjects: - kind: ServiceAccount name: pipeline - namespace: fruits-dev + namespace: eshop-dev diff --git a/infrastructure/templates/fruits-dev.yaml b/infrastructure/templates/fruits-dev.yaml deleted file mode 100644 index b278a67..0000000 --- a/infrastructure/templates/fruits-dev.yaml +++ /dev/null @@ -1,350 +0,0 @@ -apiVersion: project.openshift.io/v1 -kind: Project -metadata: - annotations: - argocd.argoproj.io/sync-wave: "0" - openshift.io/description: "" - openshift.io/display-name: "" - labels: - kubernetes.io/metadata.name: fruits-dev - name: fruits-dev -spec: - finalizers: - - kubernetes ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - annotations: - argocd.argoproj.io/sync-wave: "20" - name: cosign-hook - namespace: fruits-dev ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - annotations: - argocd.argoproj.io/sync-wave: "20" - name: cosign-hook - namespace: fruits-dev -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: edit -subjects: -- kind: ServiceAccount - name: cosign-hook - namespace: fruits-dev ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - annotations: - argocd.argoproj.io/sync-wave: "20" - name: secret-reader - namespace: fruits-dev -rules: -- apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch"] ---- -# The stackrox hook needs to be able to read the cosign public key in order to create the sigstore policy -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - annotations: - argocd.argoproj.io/sync-wave: "20" - name: stackrox-hook - namespace: fruits-dev -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: secret-reader -subjects: -- kind: ServiceAccount - name: stackrox-hook - namespace: stackrox ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - annotations: - argocd.argoproj.io/sync-wave: "20" - name: test-can-pull - namespace: fruits-dev -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: system:image-puller -subjects: -- kind: ServiceAccount - name: default - namespace: fruits-test ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - annotations: - argocd.argoproj.io/sync-wave: "20" - name: prod-can-pull - namespace: fruits-dev -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: system:image-puller -subjects: -- kind: ServiceAccount - name: default - namespace: fruits-prod ---- -apiVersion: v1 -kind: ConfigMap -metadata: - annotations: - argocd.argoproj.io/sync-wave: "20" - name: cosign-hook - namespace: fruits-dev -data: -{{ (.Files.Glob "files/cosign-hook/*").AsConfig | indent 2 }} ---- -apiVersion: batch/v1 -kind: Job -metadata: - annotations: - argocd.argoproj.io/sync-wave: "20" - name: cosign-hook - namespace: fruits-dev -spec: - backoffLimit: 30 - template: - spec: - containers: - - name: hook - command: - - /entrypoint/cosign.sh - args: [] - image: registry.redhat.io/openshift4/ose-cli:v4.13 - imagePullPolicy: IfNotPresent - env: - - name: USER - value: openshift - - name: HOME - value: /tmp - volumeMounts: - - mountPath: /entrypoint - name: cosign-hook - readOnly: true - serviceAccountName: cosign-hook - serviceAccount: cosign-hook - restartPolicy: OnFailure - terminationGracePeriodSeconds: 30 - volumes: - - name: cosign-hook - configMap: - name: cosign-hook - defaultMode: 0755 ---- -apiVersion: tekton.dev/v1beta1 -kind: Task -metadata: - annotations: - argocd.argoproj.io/sync-wave: "20" - argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true - name: slack-approval - namespace: fruits-dev -spec: - params: - - name: slackChannel - type: string - - name: slackSecretName - type: string - - name: pipelineId - type: string - steps: - - name: slack-approval - image: quay.io/madroadshowfrance2023/tekton-pipeline-slack-bot:latest - env: - - name: SLACK_CHANNEL - value: "$(params.slackChannel)" - - name: TEKTON_PIPELINE_ID - value: "$(params.pipelineId)" - - name: SLACK_BOT_TOKEN - valueFrom: - secretKeyRef: - name: $(params.slackSecretName) - key: "bot-token" - - name: SLACK_APP_TOKEN - valueFrom: - secretKeyRef: - name: $(params.slackSecretName) - key: "app-token" ---- -apiVersion: tekton.dev/v1beta1 -kind: Task -metadata: - annotations: - argocd.argoproj.io/sync-wave: "20" - argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true - name: cosign-sign - namespace: fruits-dev -spec: - params: - - name: cosignKeyRef - type: string - - name: cosignKeyPassword - type: string - - name: image - type: string - steps: - - name: cosign - image: gcr.io/projectsigstore/cosign:v2.0.2 - args: - - sign - - -y - - --tlog-upload=false - - --key=$(params.cosignKeyRef) - - $(params.image) - env: - - name: COSIGN_PASSWORD - value: "$(params.cosignKeyPassword)" ---- -apiVersion: v1 -kind: Secret -metadata: - annotations: - argocd.argoproj.io/sync-wave: "20" - name: tekton-tokens - namespace: fruits-dev -type: Opaque -data: - bot-token: {{ .Values.slackBotToken | b64enc | quote }} - app-token: {{ .Values.slackAppToken | b64enc | quote }} ---- -apiVersion: tekton.dev/v1beta1 -kind: Pipeline -metadata: - annotations: - argocd.argoproj.io/sync-wave: "20" - argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true - labels: - app.kubernetes.io/instance: fruits - app.kubernetes.io/name: fruits - operator.tekton.dev/operand-name: openshift-pipelines-addons - pipeline.openshift.io/runtime: java - pipeline.openshift.io/runtime-version: openjdk-17-ubi8 - pipeline.openshift.io/type: kubernetes - name: fruits - namespace: fruits-dev -spec: - params: - - default: fruits - name: APP_NAME - type: string - - default: 'https://github.com/MAD-Roadshow-France-2023/devspaces' - name: GIT_REPO - type: string - - default: main - name: GIT_REVISION - type: string - - default: >- - image-registry.openshift-image-registry.svc:5000/fruits-dev/fruits:latest - name: IMAGE_NAME - type: string - - default: . - name: PATH_CONTEXT - type: string - - default: openjdk-17-ubi8 - name: VERSION - type: string - tasks: - - name: fetch-repository - params: - - name: url - value: $(params.GIT_REPO) - - name: revision - value: $(params.GIT_REVISION) - - name: subdirectory - value: '' - - name: deleteExisting - value: 'true' - taskRef: - kind: ClusterTask - name: git-clone - workspaces: - - name: output - workspace: workspace - - name: build - params: - - name: IMAGE - value: $(params.IMAGE_NAME) - - name: TLSVERIFY - value: 'false' - - name: PATH_CONTEXT - value: $(params.PATH_CONTEXT) - - name: VERSION - value: $(params.VERSION) - runAfter: - - fetch-repository - taskRef: - kind: ClusterTask - name: s2i-java - workspaces: - - name: source - workspace: workspace - - name: cosign-sign - params: - - name: cosignKeyRef - value: k8s://fruits-dev/code-signature - - name: cosignKeyPassword - value: dummy - - name: image - value: $(params.IMAGE_NAME) - runAfter: - - build - taskRef: - kind: Task - name: cosign-sign - - name: deploy-in-test - params: - - name: SCRIPT - value: oc delete pods -l deployment=$(params.APP_NAME) -n fruits-test - runAfter: - - cosign-sign - taskRef: - kind: ClusterTask - name: openshift-client - - name: slack-approval - params: - - name: slackChannel - value: "#mad-roadshow-france-2023" - - name: slackSecretName - value: "tekton-tokens" - - name: pipelineId - value: "$(context.pipelineRun.name)" - runAfter: - - deploy-in-test - taskRef: - name: slack-approval - - name: deploy-in-prod - params: - - name: SCRIPT - value: oc delete pods -l deployment=$(params.APP_NAME) -n fruits-prod - runAfter: - - slack-approval - taskRef: - kind: ClusterTask - name: openshift-client - - workspaces: - - name: workspace ---- -apiVersion: image.openshift.io/v1 -kind: ImageStream -metadata: - annotations: - argocd.argoproj.io/sync-wave: "20" - name: fruits - namespace: fruits-dev -spec: - lookupPolicy: - local: false diff --git a/infrastructure/templates/helmchartrepository.yaml b/infrastructure/templates/helmchartrepository.yaml index 907001b..a1a4398 100644 --- a/infrastructure/templates/helmchartrepository.yaml +++ b/infrastructure/templates/helmchartrepository.yaml @@ -1,10 +1,135 @@ +apiVersion: project.openshift.io/v1 +kind: Project +metadata: + annotations: + argocd.argoproj.io/sync-wave: "0" + openshift.io/description: "" + openshift.io/display-name: "" + labels: + kubernetes.io/metadata.name: eshop-infra + name: eshop-infra +spec: + finalizers: + - kubernetes +--- +apiVersion: image.openshift.io/v1 +kind: ImageStream +metadata: + annotations: + argocd.argoproj.io/sync-wave: "20" + name: helm-repository + namespace: eshop-infra +spec: + lookupPolicy: + local: false +--- +kind: BuildConfig +apiVersion: build.openshift.io/v1 +metadata: + annotations: + argocd.argoproj.io/sync-wave: "20" + app.openshift.io/vcs-uri: 'https://github.com/nmasse-itix/eShopOnWeb-gitops.git' + name: helm-repository + namespace: eshop-infra + labels: + app: helm-repository + app.kubernetes.io/component: helm-repository + app.kubernetes.io/instance: helm-repository + app.kubernetes.io/name: helm-repository + app.kubernetes.io/part-of: helm-repository +spec: + nodeSelector: null + output: + to: + kind: ImageStreamTag + name: 'helm-repository:latest' + resources: {} + successfulBuildsHistoryLimit: 1 + failedBuildsHistoryLimit: 1 + strategy: + type: Docker + dockerStrategy: + dockerfilePath: Containerfile + source: + type: Git + git: + uri: 'https://github.com/nmasse-itix/eShopOnWeb-gitops.git' + contextDir: /charts + triggers: + - type: ConfigChange + - type: ImageChange + runPolicy: Serial +--- +apiVersion: v1 +kind: Service +metadata: + annotations: + argocd.argoproj.io/sync-wave: "20" + labels: + app: helm-repository + name: helm-repository + namespace: eshop-infra +spec: + ports: + - port: 8080 + protocol: TCP + targetPort: 8080 + selector: + app: helm-repository + sessionAffinity: None + type: ClusterIP +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + argocd.argoproj.io/sync-wave: "30" + image.openshift.io/triggers: '[{"from":{"kind":"ImageStreamTag","name":"helm-repository"},"fieldPath":"spec.template.spec.containers[?(@.name==\"nginx\")].image", "paused": false}]' + labels: + app: helm-repository + name: helm-repository + namespace: eshop-infra +spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: helm-repository + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: helm-repository + spec: + containers: + - image: image-registry.openshift-image-registry.svc:5000/eshop-infra/helm-repository:latest + imagePullPolicy: Always + name: nginx + ports: + - containerPort: 8080 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 +--- apiVersion: helm.openshift.io/v1beta1 kind: HelmChartRepository metadata: annotations: - argocd.argoproj.io/sync-wave: "20" - name: fruits-charts + argocd.argoproj.io/sync-wave: "35" + name: eshop-charts spec: - name: fruits-charts + name: eshop-charts connectionConfig: - url: https://mad-roadshow-france-2023-helm-charts.s3.eu-west-3.amazonaws.com + url: http://helm-repository.eshop-infra.svc:8080 diff --git a/infrastructure/templates/kubevirt.yaml b/infrastructure/templates/kubevirt.yaml deleted file mode 100644 index 59fb583..0000000 --- a/infrastructure/templates/kubevirt.yaml +++ /dev/null @@ -1,41 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - annotations: - argocd.argoproj.io/sync-wave: "0" - name: openshift-cnv ---- -apiVersion: operators.coreos.com/v1 -kind: OperatorGroup -metadata: - annotations: - argocd.argoproj.io/sync-wave: "5" - name: kubevirt-hyperconverged-group - namespace: openshift-cnv -spec: - targetNamespaces: - - openshift-cnv ---- -apiVersion: operators.coreos.com/v1alpha1 -kind: Subscription -metadata: - annotations: - argocd.argoproj.io/sync-wave: "10" - name: hco-operatorhub - namespace: openshift-cnv -spec: - source: redhat-operators - sourceNamespace: openshift-marketplace - name: kubevirt-hyperconverged - startingCSV: kubevirt-hyperconverged-operator.v4.13.0 - channel: "stable" ---- -apiVersion: hco.kubevirt.io/v1beta1 -kind: HyperConverged -metadata: - annotations: - argocd.argoproj.io/sync-wave: "15" - argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true - name: kubevirt-hyperconverged - namespace: openshift-cnv -spec: {} diff --git a/infrastructure/templates/servicebinding.yaml b/infrastructure/templates/servicebinding.yaml deleted file mode 100644 index 7add1b0..0000000 --- a/infrastructure/templates/servicebinding.yaml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: operators.coreos.com/v1alpha1 -kind: Subscription -metadata: - annotations: - argocd.argoproj.io/sync-wave: "10" - name: rh-service-binding-operator - namespace: openshift-operators -spec: - channel: stable - installPlanApproval: Automatic - name: rh-service-binding-operator - source: redhat-operators - sourceNamespace: openshift-marketplace - startingCSV: service-binding-operator.v1.3.3