diff --git a/Makefile b/Makefile index 6e4ff2a3b..d91b4180d 100644 --- a/Makefile +++ b/Makefile @@ -38,6 +38,7 @@ VERSION ?= $(shell git describe --exact-match 2> /dev/null || \ RELEASE_VERSION ?= $(shell cat ./version/version.go | grep "Version =" | awk '{ print $$3}' | tr -d '"') PREVIOUS_VERSION := 3.23.0 LATEST_VERSION ?= latest +DESCRIPTION ?= "A Helm chart for the IBM Common Service Operator" LOCAL_OS := $(shell uname) ifeq ($(LOCAL_OS),Linux) @@ -255,8 +256,10 @@ deploy-dryrun: manifests kustomize ## Deploy controller to the K8s cluster speci .PHONY: helm helm: deploy-dryrun kustohelmize - $(KUSTOHELMIZE) create --from=config/ibm-common-service-operator.yaml helm/ibm-common-service-operator - helm lint helm/ibm-common-service-operator + $(KUSTOHELMIZE) create --from=config/ibm-common-service-operator.yaml generate-helm/ibm-common-service-operator --version=$(RELEASE_VERSION) --app-version=$(RELEASE_VERSION) --description=$(DESCRIPTION) + helm lint generate-helm/ibm-common-service-operator + bash scripts/restructure_helm.sh + helm lint helm KUBERNETES-SPLIT-YAML ?= $(LOCALBIN)/kubernetes-split-yaml KUSTOHELMIZE ?= $(LOCALBIN)/kustohelmize diff --git a/config/ibm-common-service-operator.yaml b/config/ibm-common-service-operator.yaml index aeb2ef544..595acacf0 100644 --- a/config/ibm-common-service-operator.yaml +++ b/config/ibm-common-service-operator.yaml @@ -696,6 +696,7 @@ spec: app.kubernetes.io/instance: ibm-common-service-operator app.kubernetes.io/managed-by: ibm-common-service-operator app.kubernetes.io/name: ibm-common-service-operator + intent: projected name: ibm-common-service-operator productName: IBM_Cloud_Platform_Common_Services spec: @@ -768,6 +769,8 @@ spec: runAsNonRoot: true seccompProfile: type: RuntimeDefault + imagePullSecrets: + - name: ibm-entitlement-key serviceAccountName: ibm-common-service-operator terminationGracePeriodSeconds: 10 --- diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index eca1924f8..cc4f916e1 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -23,6 +23,7 @@ spec: app.kubernetes.io/managed-by: "ibm-common-service-operator" app.kubernetes.io/name: "ibm-common-service-operator" productName: IBM_Cloud_Platform_Common_Services + intent: projected annotations: productName: "IBM Cloud Platform Common Services" productID: "068a62892a1e4db39641342e592daa25" @@ -98,4 +99,6 @@ spec: privileged: false readOnlyRootFilesystem: true runAsNonRoot: true + imagePullSecrets: + - name: ibm-entitlement-key terminationGracePeriodSeconds: 10 diff --git a/generate-helm/ibm-common-service-operator.config b/generate-helm/ibm-common-service-operator.config new file mode 100644 index 000000000..794da89d6 --- /dev/null +++ b/generate-helm/ibm-common-service-operator.config @@ -0,0 +1,52 @@ +logger: {} +chartname: ibm-common-service-operator +sharedValues: + imagePullPrefix: icr.io + imagePullSecret: ibm-entitlement-key + imageRegistryNamespaceOperand: cpopen/cpfs + imageRegistryNamespaceOperator: cpopen + operatorImage: ibm-common-service-operator + operatorNamespace: operators + servicesNamespace: service + operatorVersion: latest +globalConfig: + metadata.labels: + - strategy: newline + key: ibm-common-service-operator.labels + metadata.name: + - strategy: inline + key: ibm-common-service-operator.fullname + metadata.namespace: + - strategy: inline + key: sharedValues.operatorNamespace +fileConfig: + generate-helm/ibm-common-service-operator-generated/commonservices.operator.ibm.com-crd.yaml: {} + generate-helm/ibm-common-service-operator-generated/ibm-common-service-operator-cr.yaml: {} + generate-helm/ibm-common-service-operator-generated/ibm-common-service-operator-crb.yaml: + subjects[0].namespace: + - strategy: inline + key: sharedValues.operatorNamespace + generate-helm/ibm-common-service-operator-generated/ibm-common-service-operator-deployment.yaml: + spec.template.spec.imagePullSecrets[0].name: + - strategy: inline + key: sharedValues.imagePullSecret + spec.template.spec.containers[0].image: + - strategy: inline + key: sharedValues.imagePullPrefix + - strategy: inline + key: sharedValues.imageRegistryNamespaceOperator + - strategy: inline + key: sharedValues.operatorImage + - strategy: inline + key: sharedValues.operatorVersion + generate-helm/ibm-common-service-operator-generated/ibm-common-service-operator-rb.yaml: + subjects[0].namespace: + - strategy: inline + key: sharedValues.operatorNamespace + generate-helm/ibm-common-service-operator-generated/ibm-common-service-operator-role.yaml: {} + generate-helm/ibm-common-service-operator-generated/ibm-common-service-operator-sa.yaml: {} + generate-helm/ibm-common-service-operator-generated/mutating-webhook-configuration-mutatingwebhookconfiguration.yaml: {} + generate-helm/ibm-common-service-operator-generated/selfsigned-issuer-issuer.yaml: {} + generate-helm/ibm-common-service-operator-generated/serving-cert-certificate.yaml: {} + generate-helm/ibm-common-service-operator-generated/validating-webhook-configuration-validatingwebhookconfiguration.yaml: {} + generate-helm/ibm-common-service-operator-generated/webhook-service-svc.yaml: {} diff --git a/helm-cluster-scoped/Chart.yaml b/helm-cluster-scoped/Chart.yaml index be7eb1986..fd0cecb4b 100644 --- a/helm-cluster-scoped/Chart.yaml +++ b/helm-cluster-scoped/Chart.yaml @@ -1,6 +1,24 @@ apiVersion: v2 -name: ibm-common-service-operator -description: A Helm chart for ibm-common-service-operator +name: ibm-common-service-operator-cluster-scoped +description: A Helm chart for the IBM Common Service Operator + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. type: application -version: 4.6.11 -appVersion: 4.6.11 \ No newline at end of file + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 4.11.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "4.11.0" diff --git a/helm-cluster-scoped/templates/_helpers.tpl b/helm-cluster-scoped/templates/_helpers.tpl new file mode 100644 index 000000000..e234b4519 --- /dev/null +++ b/helm-cluster-scoped/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ibm-common-service-operator.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ibm-common-service-operator.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ibm-common-service-operator.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ibm-common-service-operator.labels" -}} +helm.sh/chart: {{ include "ibm-common-service-operator.chart" . }} +{{ include "ibm-common-service-operator.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ibm-common-service-operator.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ibm-common-service-operator.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ibm-common-service-operator.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ibm-common-service-operator.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm-cluster-scoped/templates/cluster-rbac.yaml b/helm-cluster-scoped/templates/cluster-rbac.yaml index e69de29bb..9b6556dc7 100644 --- a/helm-cluster-scoped/templates/cluster-rbac.yaml +++ b/helm-cluster-scoped/templates/cluster-rbac.yaml @@ -0,0 +1,101 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "ibm-common-service-operator.fullname" . }} + labels: + {{- include "ibm-common-service-operator.labels" . | nindent 4 }} +roleRef: + kind: ClusterRole + apiGroup: rbac.authorization.k8s.io + name: ibm-common-service-operator +subjects: + - kind: ServiceAccount + name: ibm-common-service-operator + namespace: {{ .Values.operatorNamespace }} + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "ibm-common-service-operator.fullname" . }} +rules: + - apiGroups: + - "" + resourceNames: + - common-service-maps + resources: + - configmaps + verbs: + - delete + - update + - apiGroups: + - "" + resourceNames: + - cloud-native-postgresql-image-list + resources: + - configmaps + verbs: + - delete + - apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - get + - list + - watch + - update + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - apiGroups: + - storage.k8s.io + resources: + - storageclasses + verbs: + - get + - list + - watch + - apiGroups: + - admissionregistration.k8s.io + resources: + - mutatingwebhookconfigurations + - validatingwebhookconfigurations + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - config.openshift.io + resources: + - infrastructures + verbs: + - get + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - clusterroles + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ibm-common-service-operator.fullname" . }} + namespace: {{ .Values.operatorNamespace }} diff --git a/helm-cluster-scoped/templates/cluster-webhook.yaml b/helm-cluster-scoped/templates/cluster-webhook.yaml deleted file mode 100644 index e69de29bb..000000000 diff --git a/helm-cluster-scoped/templates/crd.yaml b/helm-cluster-scoped/templates/crds.yaml old mode 100644 new mode 100755 similarity index 100% rename from helm-cluster-scoped/templates/crd.yaml rename to helm-cluster-scoped/templates/crds.yaml diff --git a/helm-cluster-scoped/values.yaml b/helm-cluster-scoped/values.yaml index e9903e51b..f980dcc68 100644 --- a/helm-cluster-scoped/values.yaml +++ b/helm-cluster-scoped/values.yaml @@ -1,12 +1,22 @@ imagePullPrefix: icr.io imagePullSecret: ibm-entitlement-key - -# Note there are no leading or trailing /'s -imageRegistryNamespaceOperator: cpopen imageRegistryNamespaceOperand: cpopen/cpfs - -# other configuration you think you might need for your operator -# following are examples, not required: -operatorNamespace: ibm-common-services +imageRegistryNamespaceOperator: cpopen +operatorImage: ibm-common-service-operator +operatorNamespace: operators +operatorVersion: latest servicesNamespace: service -operatorImage: ibm-common-service-operator \ No newline at end of file + +commonservicesOperatorIbmComCrd: {} +ibmCommonServiceOperatorCr: {} +ibmCommonServiceOperatorCrb: {} +ibmCommonServiceOperatorDeployment: {} +ibmCommonServiceOperatorRb: {} +ibmCommonServiceOperatorRole: {} +ibmCommonServiceOperatorSa: {} +mutatingWebhookConfigurationMutatingwebhookconfiguration: {} +selfsignedIssuerIssuer: {} +servingCertCertificate: {} +validatingWebhookConfigurationValidatingwebhookconfiguration: {} +webhookServiceSvc: {} + diff --git a/helm/Chart.yaml b/helm/Chart.yaml index be7eb1986..cdff13f51 100644 --- a/helm/Chart.yaml +++ b/helm/Chart.yaml @@ -1,6 +1,24 @@ apiVersion: v2 name: ibm-common-service-operator -description: A Helm chart for ibm-common-service-operator +description: A Helm chart for the IBM Common Service Operator + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. type: application -version: 4.6.11 -appVersion: 4.6.11 \ No newline at end of file + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 4.11.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "4.11.0" diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl new file mode 100644 index 000000000..e234b4519 --- /dev/null +++ b/helm/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "ibm-common-service-operator.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ibm-common-service-operator.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ibm-common-service-operator.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "ibm-common-service-operator.labels" -}} +helm.sh/chart: {{ include "ibm-common-service-operator.chart" . }} +{{ include "ibm-common-service-operator.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "ibm-common-service-operator.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ibm-common-service-operator.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "ibm-common-service-operator.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "ibm-common-service-operator.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/helm/templates/operator-deployment.yaml b/helm/templates/operator-deployment.yaml index c6d5375c5..dbbf270eb 100644 --- a/helm/templates/operator-deployment.yaml +++ b/helm/templates/operator-deployment.yaml @@ -1,8 +1,10 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: ibm-common-service-operator + name: {{ include "ibm-common-service-operator.fullname" . }} namespace: {{ .Values.operatorNamespace }} + labels: + {{- include "ibm-common-service-operator.labels" . | nindent 4 }} spec: replicas: 1 selector: @@ -20,8 +22,8 @@ spec: app.kubernetes.io/instance: ibm-common-service-operator app.kubernetes.io/managed-by: ibm-common-service-operator app.kubernetes.io/name: ibm-common-service-operator + intent: projected name: ibm-common-service-operator - intent: protected productName: IBM_Cloud_Platform_Common_Services spec: affinity: @@ -37,7 +39,7 @@ spec: - s390x containers: - name: ibm-common-service-operator - image: {{ .Values.imagePullPrefix}}/{{ .Values.imageRegistryNamespaceOperator}}/{{ .Values.operatorImage }}:latest + image: "{{ .Values.imagePullPrefix }}/{{ .Values.imageRegistryNamespaceOperator }}/{{ .Values.operatorImage }}:{{ .Values.operatorVersion }}" command: - /manager env: @@ -47,8 +49,8 @@ spec: apiVersion: v1 fieldPath: metadata.namespace - name: WATCH_NAMESPACE - valueFrom: - configMapKeyRef: + valueFrom: + configMapKeyRef: key: namespaces name: namespace-scope optional: true @@ -93,7 +95,7 @@ spec: runAsNonRoot: true seccompProfile: type: RuntimeDefault - imagePullSecrets: + imagePullSecrets: - name: {{ .Values.imagePullSecret }} serviceAccountName: ibm-common-service-operator terminationGracePeriodSeconds: 10 diff --git a/helm/templates/rbac.yaml b/helm/templates/rbac.yaml index 24f1df360..d65c917ea 100644 --- a/helm/templates/rbac.yaml +++ b/helm/templates/rbac.yaml @@ -1,9 +1,10 @@ -# Generated by [Kustohelmize](https://github.com/yeahdongcn/kustohelmize) apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: ibm-common-service-operator + name: {{ include "ibm-common-service-operator.fullname" . }} namespace: {{ .Values.operatorNamespace }} + labels: + {{- include "ibm-common-service-operator.labels" . | nindent 4 }} roleRef: kind: Role apiGroup: rbac.authorization.k8s.io @@ -12,12 +13,12 @@ subjects: - kind: ServiceAccount name: ibm-common-service-operator namespace: {{ .Values.operatorNamespace }} ---- +--- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: ibm-common-service-operator + name: {{ include "ibm-common-service-operator.fullname" . }} namespace: {{ .Values.operatorNamespace }} rules: - apiGroups: @@ -205,103 +206,8 @@ rules: - watch --- - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: ibm-common-service-operator -rules: - - apiGroups: - - "" - resourceNames: - - common-service-maps - resources: - - configmaps - verbs: - - delete - - update - - apiGroups: - - "" - resourceNames: - - cloud-native-postgresql-image-list - resources: - - configmaps - verbs: - - delete - - apiGroups: - - "" - resources: - - configmaps - verbs: - - create - - get - - list - - watch - - update - - apiGroups: - - "" - resources: - - secrets - verbs: - - get - - apiGroups: - - storage.k8s.io - resources: - - storageclasses - verbs: - - get - - list - - watch - - apiGroups: - - admissionregistration.k8s.io - resources: - - mutatingwebhookconfigurations - - validatingwebhookconfigurations - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - config.openshift.io - resources: - - infrastructures - verbs: - - get - - apiGroups: - - rbac.authorization.k8s.io - resources: - - clusterrolebindings - - clusterroles - verbs: - - create - - delete - - get - - list - - patch - - update - - watch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: ibm-common-service-operator -roleRef: - kind: ClusterRole - apiGroup: rbac.authorization.k8s.io - name: ibm-common-service-operator -subjects: - - kind: ServiceAccount - name: ibm-common-service-operator - namespace: {{ .Values.operatorNamespace }} - ---- - apiVersion: v1 kind: ServiceAccount metadata: - name: ibm-common-service-operator - namespace: {{ .Values.operatorNamespace }} \ No newline at end of file + name: {{ include "ibm-common-service-operator.fullname" . }} + namespace: {{ .Values.operatorNamespace }} diff --git a/helm/values.yaml b/helm/values.yaml index 6cb4eb69c..f980dcc68 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -1,12 +1,22 @@ imagePullPrefix: icr.io imagePullSecret: ibm-entitlement-key - -# Note there are no leading or trailing /'s -imageRegistryNamespaceOperator: cpopen imageRegistryNamespaceOperand: cpopen/cpfs - -# other configuration you think you might need for your operator -# following are examples, not required: +imageRegistryNamespaceOperator: cpopen +operatorImage: ibm-common-service-operator operatorNamespace: operators -servicesNamespace: services -operatorImage: ibm-common-service-operator \ No newline at end of file +operatorVersion: latest +servicesNamespace: service + +commonservicesOperatorIbmComCrd: {} +ibmCommonServiceOperatorCr: {} +ibmCommonServiceOperatorCrb: {} +ibmCommonServiceOperatorDeployment: {} +ibmCommonServiceOperatorRb: {} +ibmCommonServiceOperatorRole: {} +ibmCommonServiceOperatorSa: {} +mutatingWebhookConfigurationMutatingwebhookconfiguration: {} +selfsignedIssuerIssuer: {} +servingCertCertificate: {} +validatingWebhookConfigurationValidatingwebhookconfiguration: {} +webhookServiceSvc: {} + diff --git a/scripts/restructure_helm.sh b/scripts/restructure_helm.sh new file mode 100755 index 000000000..b293dd02b --- /dev/null +++ b/scripts/restructure_helm.sh @@ -0,0 +1,85 @@ +#!/bin/bash + +# Copyright 2025 IBM Corporation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -e + +# Define source paths +HELM_SRC_DIR="generate-helm/ibm-common-service-operator" +# CONFIG_SRC_DIR="generate-helm/ibm-common-service-operator-generated" + +# Define helm destination paths +HELM_DIR="helm" +CLUSTER_SCOPED_DIR="helm-cluster-scoped" + +# Ensure directories exist +mkdir -p $HELM_DIR/templates +mkdir -p $CLUSTER_SCOPED_DIR/templates + +# Function to merge YAML files with "---" separators +merge_yaml() { + local pattern=$1 + local output_file=$2 + echo "Merging files matching pattern: $pattern into $output_file" + + # Clear output file + > $output_file + local first_file=true + for file in $(grep -l "$pattern" $HELM_SRC_DIR/templates/*.yaml); do + if [ "$first_file" = false ]; then + echo -e "\n---" >> $output_file + fi + cat "$file" >> $output_file + first_file=false + done + + # Add service account to rbac.yaml or cluster-rbac.yaml + if [[ "$pattern" = "kind: Role" ]] || [[ "$pattern" = "kind: ClusterRole" ]]; then + echo -e "\n---" >> $output_file + cat $HELM_SRC_DIR/templates/ibm-common-service-operator-sa.yaml >> $output_file + fi + + sed -i '/^# Generated by \[Kustohelmize\]/d' $output_file +} + +# ----------------- Namespace-scoped resources ----------------- + +# Move and merge namespace-scoped resources +merge_yaml "kind: Role" "$HELM_DIR/templates/rbac.yaml" +merge_yaml "kind: Deployment" "$HELM_DIR/templates/operator-deployment.yaml" +sed -i 's/{{ .Values.imagePullPrefix }}:{{ .Values.imageRegistryNamespaceOperator }}:{{ .Values.operatorImage }}:{{ .Values.operatorVersion }}/{{ .Values.imagePullPrefix }}\/{{ .Values.imageRegistryNamespaceOperator }}\/{{ .Values.operatorImage }}:{{ .Values.operatorVersion }}/g' $HELM_DIR/templates/operator-deployment.yaml + +# ----------------- Cluster-scoped resources ----------------- + +# Move and merge cluster-scoped resources +merge_yaml "kind: ClusterRole" "$CLUSTER_SCOPED_DIR/templates/cluster-rbac.yaml" +cp $HELM_SRC_DIR/crds/* $CLUSTER_SCOPED_DIR/templates/crds.yaml + +# Todo: rest of resources + +# Copy Helm values, Chart.yaml and helper.tpl +# Remove generated comments +sed -i '/^# Generated by \[Kustohelmize\]/d' $HELM_SRC_DIR/values.yaml +for dir in $HELM_DIR $CLUSTER_SCOPED_DIR; do cp $HELM_SRC_DIR/{values.yaml,Chart.yaml} "$dir/"; done +# Rename chart name in cluster-scoped Chart.yaml +sed -i "s/^name: ibm-common-service-operator$/name: ibm-common-service-operator-cluster-scoped/" $CLUSTER_SCOPED_DIR/Chart.yaml +for dir in $HELM_DIR $CLUSTER_SCOPED_DIR; do cp $HELM_SRC_DIR/templates/_helpers.tpl "$dir/templates/"; done + +# Remove generated ibm-common-service-operator and ibm-common-service-operator-generated directories +rm -rf generate-helm/ibm-common-service-operator +rm -rf generate-helm/ibm-common-service-operator-generated + +echo "Helm chart restructuring complete." +