Add operator

chart/Chart.yaml

@@ -0,0 +1,13 @@
+apiVersion: v2
+name: rancheros-operator
+description: RancherOS Operator
+version: 0.0.0
+appVersion: 0.0.0
+icon: https://charts.rancher.io/assets/logos/rancheros-operator.svg
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/experimental: "true"
+  catalog.cattle.io/namespace: cattle-rancheros-operator-system
+  catalog.cattle.io/release-name: rancheros-operator
+  catalog.cattle.io/provides-gvr: managedoses.rancheros.cattle.io/v1
+  catalog.cattle.io/os: linux

chart/templates/_helpers.tpl

@@ -0,0 +1,7 @@
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}

chart/templates/apiservice.yaml

@@ -0,0 +1,9 @@
+kind: APIService
+apiVersion: management.cattle.io/v3
+metadata:
+  name: rancheros-operator
+spec:
+  secretName: rancheros-operator
+  secretNamespace: {{ .Release.Namespace }}
+  pathPrefixes:
+  - /v1-rancheros/

chart/templates/deployment.yaml

@@ -0,0 +1,37 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: rancheros-operator
+spec:
+  selector:
+    matchLabels:
+      app: rancheros-operator
+  template:
+    metadata:
+      labels:
+        app: rancheros-operator
+    spec:
+      containers:
+      - env:
+        {{- if .Values.proxy }}
+        - name: HTTP_PROXY
+          value: {{ .Values.proxy }}
+        - name: HTTPS_PROXY
+          value: {{ .Values.proxy }}
+        - name: NO_PROXY
+          value: {{ .Values.noProxy }}
+        {{- end }}
+        image: '{{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}'
+        name: rancheros-operator
+        imagePullPolicy: "{{ .Values.image.imagePullPolicy }}"
+        command:
+        - /usr/sbin/ros-operator
+      serviceAccountName: rancheros-operator
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}

chart/templates/rbac.yaml

@@ -0,0 +1,54 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: rancheros-operator
+rules:
+- apiGroups:
+  - rancheros.cattle.io
+  resources:
+  - '*'
+  verbs:
+  - '*'
+- apiGroups:
+  - fleet.cattle.io
+  resources:
+  - 'bundles'
+  verbs:
+  - '*'
+- apiGroups:
+  - management.cattle.io
+  resources:
+  - 'settings'
+  verbs:
+  - 'get'
+  - 'watch'
+  - 'list'
+- apiGroups:
+  - apiextensions.k8s.io
+  resources:
+  - customresourcedefinitions
+    #resourceNames:
+    #- managedosimages.rancheros.cattle.io
+  verbs:
+  - '*'
+- apiGroups:
+  - apiextensions.k8s.io
+  resources:
+  - customresourcedefinitions
+  verbs:
+  - 'list'
+  - 'get'
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: rancheros-operator
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: rancheros-operator
+subjects:
+- kind: ServiceAccount
+  name: rancheros-operator
+  namespace: {{.Release.Namespace}}

chart/templates/serviceaccount.yaml

@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: rancheros-operator

chart/values.yaml

@@ -0,0 +1,23 @@
+image:
+  repository: rancher/os
+  tag: dev
+  imagePullPolicy: IfNotPresent
+
+# http[s] proxy server
+# proxy: http://<username>@<password>:<url>:<port>
+
+# comma separated list of domains or ip addresses that will not use the proxy
+noProxy: 127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,.svc,.cluster.local
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+
+nodeSelector:
+  kubernetes.io/os: linux
+
+tolerations:
+  - key: cattle.io/os
+    operator: "Equal"
+    value: "linux"
+    effect: NoSchedule