Release operator version visionone-containersecurity (0.0.3) (#7970)

Signed-off-by: Vision One Container Security Bot <[email protected]>
Co-authored-by: Vision One Container Security Bot <[email protected]>

Author: ethanw-tm

operators/visionone-containersecurity/0.0.3/manifests/container-security.trendmicro.com_visiononecontainersecurities.yaml

@@ -0,0 +1,145 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  creationTimestamp: null
+  name: visiononecontainersecurities.container-security.trendmicro.com
+spec:
+  group: container-security.trendmicro.com
+  names:
+    kind: VisionOneContainerSecurity
+    listKind: VisionOneContainerSecurityList
+    plural: visiononecontainersecurities
+    singular: visiononecontainersecurity
+  scope: Namespaced
+  versions:
+  - name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        description: VisionOneContainerSecurity is the Schema for the visiononecontainersecurities
+          API
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: VisionOneContainerSecuritySpec defines the desired state
+              of VisionOneContainerSecurity.
+            properties:
+              visionOne:
+                properties:
+                  bootstrapToken:
+                    type: string
+                  clusterName:
+                    type: string
+                  clusterNamePrefix:
+                    type: string
+                  clusterRegistrationKey:
+                    type: boolean
+                  endpoint:
+                    type: string
+                  exclusion:
+                    properties:
+                      namespaces:
+                        items:
+                          type: string
+                        type: array
+                      osNsPrefixes:
+                        items:
+                          type: string
+                        type: array
+                    type: object
+                  groupId:
+                    type: string
+                  inventoryCollection:
+                    properties:
+                      enabled:
+                        type: boolean
+                    type: object
+                  malwareScanning:
+                    properties:
+                      enabled:
+                        type: boolean
+                      excludedPaths:
+                        items:
+                          type: string
+                        type: array
+                      scanTimeoutSeconds:
+                        type: integer
+                    type: object
+                  policyId:
+                    type: string
+                  policyOperator:
+                    properties:
+                      clusterPolicyName:
+                        type: string
+                    type: object
+                  runtimeSecurity:
+                    properties:
+                      enabled:
+                        type: boolean
+                    type: object
+                  secretScanning:
+                    properties:
+                      enabled:
+                        type: boolean
+                    type: object
+                  vulnerabilityScanning:
+                    properties:
+                      enabled:
+                        type: boolean
+                    type: object
+                required:
+                - endpoint
+                type: object
+            required:
+            - visionOne
+            type: object
+          status:
+            description: Status defines the observed state of VisionOneContainerSecurity
+            properties:
+              conditions:
+                description: Conditions represent the latest available observations
+                  of an object's state.
+                items:
+                  properties:
+                    lastTransitionTime:
+                      format: date-time
+                      type: string
+                    message:
+                      type: string
+                    reason:
+                      type: string
+                    status:
+                      type: string
+                    type:
+                      type: string
+                  required:
+                  - type
+                  - status
+                  type: object
+                type: array
+              deployedRelease:
+                description: Information about the deployed Helm release
+                type: object
+                x-kubernetes-preserve-unknown-fields: true
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: null
+  storedVersions: null

operators/visionone-containersecurity/0.0.3/manifests/visionone-containersecurity-controller-manager-metrics-service_v1_service.yaml

@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Service
+metadata:
+  creationTimestamp: null
+  labels:
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: visionone-containersecurity
+    control-plane: controller-manager
+  name: visionone-containersecurity-controller-manager-metrics-service
+spec:
+  ports:
+  - name: https
+    port: 8443
+    protocol: TCP
+    targetPort: 8443
+  selector:
+    control-plane: controller-manager
+status:
+  loadBalancer: {}

operators/visionone-containersecurity/0.0.3/manifests/visionone-containersecurity-crd-admin-role-binding_rbac.authorization.k8s.io_v1_clusterrolebinding.yaml

@@ -0,0 +1,13 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  creationTimestamp: null
+  name: visionone-containersecurity-crd-admin-role-binding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cluster-admin
+subjects:
+- kind: ServiceAccount
+  name: visionone-containersecurity-controller-manager
+  namespace: trendmicro-system

operators/visionone-containersecurity/0.0.3/manifests/visionone-containersecurity-editor-role_rbac.authorization.k8s.io_v1_clusterrole.yaml

@@ -0,0 +1,27 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  creationTimestamp: null
+  labels:
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: visionone-containersecurity
+  name: visionone-containersecurity-editor-role
+rules:
+- apiGroups:
+  - container-security.trendmicro.com
+  resources:
+  - visiononecontainersecurities
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - container-security.trendmicro.com
+  resources:
+  - visiononecontainersecurities/status
+  verbs:
+  - get

operators/visionone-containersecurity/0.0.3/manifests/visionone-containersecurity-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml

@@ -0,0 +1,10 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  creationTimestamp: null
+  name: visionone-containersecurity-metrics-reader
+rules:
+- nonResourceURLs:
+  - /metrics
+  verbs:
+  - get

operators/visionone-containersecurity/0.0.3/manifests/visionone-containersecurity-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml

@@ -0,0 +1,23 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  creationTimestamp: null
+  labels:
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: visionone-containersecurity
+  name: visionone-containersecurity-viewer-role
+rules:
+- apiGroups:
+  - container-security.trendmicro.com
+  resources:
+  - visiononecontainersecurities
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - container-security.trendmicro.com
+  resources:
+  - visiononecontainersecurities/status
+  verbs:
+  - get