From 6147bef6c1854c9dbea64e832622cc6060d05364 Mon Sep 17 00:00:00 2001
From: ReSearchITEng <ReSearchITEng@gmail.com>
Date: Tue, 13 Feb 2024 10:06:33 +0200
Subject: [PATCH] calico namespaced,crossplane,rbac-manager

---
 group_vars/all/addons.yaml | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/group_vars/all/addons.yaml b/group_vars/all/addons.yaml
index ea4c939..4901615 100644
--- a/group_vars/all/addons.yaml
+++ b/group_vars/all/addons.yaml
@@ -40,6 +40,8 @@ helm:
   - { name: nfs-ganesha-server-and-external-provisioner, url: 'https://kubernetes-sigs.github.io/nfs-ganesha-server-and-external-provisioner/' }
   - { name: minio, url: 'https://charts.min.io/' }
   - { name: runix, url: 'https://helm.runix.net' }
+  - { name: crossplane-stable, url: 'https://charts.crossplane.io/stable' }
+  - { name: fairwinds-stable, url: 'https://charts.fairwinds.com/stable' } #rbac-manager
   packages_list: # when not defined, namespace defaults to "default" namespace
   # use "--wait" in the options section if you want to wait till min. pods are up.
   ### List helm charts you wish pre-installed every time cluster is deployed:
@@ -49,7 +51,8 @@ helm:
 ## Calico overlay network #
 ###########################
     #- { name: tigera-operator, repo: projectcalico/tigera-operator, namespace: "", options: '--set tigeraOperator.registry={{ images_repo | default ("quay.io") }} --set calicoctl.image={{ images_repo | default ("quay.io") }}/calico/ctl' }
-    - { name: tigera-operator, repo: projectcalico/tigera-operator, namespace: "", options: '--set installation.registry={{ images_repo | default ("docker.io") }} --set tigeraOperator.registry={{ images_repo | default ("quay.io") }} --set calicoctl.image={{ images_repo | default ("quay.io") }}/calico/ctl --set typha.image={{ images_repo | default ("quay.io") }}/calico/typha --set cni.image={{ images_repo | default ("quay.io") }}/calico/cni --set node.image={{ images_repo | default ("quay.io") }}/calico/node --set flexvol.image={{ images_repo | default ("quay.io") }}/calico/pod2daemon-flexvol --set kubeControllers.image={{ images_repo | default ("quay.io") }}/calico/kube-controllers' }
+    #- { name: tigera-operator, repo: projectcalico/tigera-operator, namespace: "", options: '--set installation.registry={{ images_repo | default ("docker.io") }} --set tigeraOperator.registry={{ images_repo | default ("quay.io") }} --set calicoctl.image={{ images_repo | default ("quay.io") }}/calico/ctl --set typha.image={{ images_repo | default ("quay.io") }}/calico/typha --set cni.image={{ images_repo | default ("quay.io") }}/calico/cni --set node.image={{ images_repo | default ("quay.io") }}/calico/node --set flexvol.image={{ images_repo | default ("quay.io") }}/calico/pod2daemon-flexvol --set kubeControllers.image={{ images_repo | default ("quay.io") }}/calico/kube-controllers' }
+    - { name: calico, repo: projectcalico/tigera-operator, namespace: "tigera-operator", options: '--set installation.registry={{ images_repo | default ("docker.io") }} --set tigeraOperator.registry={{ images_repo | default ("quay.io") }} --set calicoctl.image={{ images_repo | default ("quay.io") }}/calico/ctl --set typha.image={{ images_repo | default ("quay.io") }}/calico/typha --set cni.image={{ images_repo | default ("quay.io") }}/calico/cni --set node.image={{ images_repo | default ("quay.io") }}/calico/node --set flexvol.image={{ images_repo | default ("quay.io") }}/calico/pod2daemon-flexvol --set kubeControllers.image={{ images_repo | default ("quay.io") }}/calico/kube-controllers' }
       #- { name: calico, repo: flexkube/calico, namespace: kube-system, options: '--set podCIDR="" --set typha.image.registry={{ images_repo | default ("docker.io") }} --set node.image.registry={{ images_repo | default ("docker.io") }}' } # if autodetect does not work, use '--set podCIDR={{ POD_NETWORK_CIDR }}' } # if not needed, also add --skip-crds
 
 ########################
@@ -88,6 +91,16 @@ helm:
     - { name: cert-manager, repo: jetstack/cert-manager, namespace: cert-manager, options: '--set installCRDs=true --set prometheus.servicemonitor.enabled=true --set prometheus.servicemonitor.namespace=monitoring --set tolerations[0].effect=NoSchedule,tolerations[0].key="node-role.kubernetes.io/infra" --set tolerations[1].effect=PreferNoSchedule,tolerations[1].key="node-role.kubernetes.io/infra" --set nodeSelector."node\-role\.kubernetes\.io/infra=" --set image.repository={{ images_repo | default ("quay.io") }}/jetstack/cert-manager-controller --set webhook.image.repository={{ images_repo | default ("quay.io") }}/jetstack/cert-manager-webhook --set cainjector.image.repository={{ images_repo | default ("quay.io") }}/jetstack/cert-manager-cainjector --set startupapicheck.image.repository={{ images_repo | default ("quay.io") }}/jetstack/cert-manager-ctl --set acmesolver.image.repository={{ images_repo | default ("quay.io") }}/jetstack/cert-manager-acmesolver --set http_proxy={{proxy_env.http_proxy | default ("") }},https_proxy={{proxy_env.https_proxy | default ("") }},no_proxy={{proxy_env.no_proxy | default ("") | replace(",","\\,") }} ' }
       #--set prometheus.servicemonitor.labels=prometheusoperator
 
+#####################
+## RBAC-MANAGER #######
+#####################
+    - { name: rbac-manager, repo: fairwinds-stable/rbac-manager, namespace: "rbac-manager", options: '--set metrics.enabled=true --set image.repository={{ images_repo | default ("quay.io") }}/reactiveops/rbac-manager'}
+
+#####################
+## CROSSPLANE #######
+#####################
+    - { name: crossplane, repo: crossplane-stable/crossplane, namespace: "crossplane-system", options: '--set metrics.enabled=true --set image.repository={{ images_repo | default ("xpkg.upbound.io") }}/crossplane/crossplane '}
+
 ################
 ## DASHBOARD ###
 ################
@@ -141,6 +154,7 @@ helm:
     # - { name: nginx-ingress, repo: stable/nginx-ingress, namespace: kube-system, options: '--set controller.watchIngressWithoutClass=true --set rbac.create=true,serviceAccount.create=true --set controller.stats.enabled=true,controller.metrics.enabled=true,controller.metrics.serviceMonitor.enabled=true --set controller.metrics.serviceMonitor.namespace=monitoring --set controller.metrics.serviceMonitor.additionalLabels.monitoring=prometheusoperator --set controller.service.type=NodePort --set controller.service.nodePorts.http=80 --set controller.service.nodePorts.https=443  --set controller.tolerations[0].effect=NoSchedule,controller.tolerations[0].key="node-role.kubernetes.io/infra" --set controller.tolerations[1].effect=PreferNoSchedule,controller.tolerations[1].key="node-role.kubernetes.io/infra" --set controller.nodeSelector."node\-role\.kubernetes\.io/infra=" --set-string controller.config.server-tokens=false --set controller.config.hide-headers=Server --set controller.kind=Deployment --set controller.image.registry={{ images_repo | default ("registry.k8s.io") }} --set controller.image.registry={{ images_repo | default ("registry.k8s.io") }} --set controller.admissionWebhooks.patch.image.registry={{ images_repo | default ("registry.k8s.io") }} --set defaultBackend.image.image=defaultbackend-{{ HOST_ARCH | default ("amd64") }} ' }
 # --set controller.service.externalTrafficPolicy="Local" # See notes above
 
+
 ####################
 ## ROOK.IO STORAGE #
 ####################