diff --git a/operators/khulnasoft/0.0.1/bundle.Dockerfile b/operators/khulnasoft/0.0.1/bundle.Dockerfile new file mode 100644 index 00000000000..7ef6d3c7c0e --- /dev/null +++ b/operators/khulnasoft/0.0.1/bundle.Dockerfile @@ -0,0 +1,11 @@ +FROM scratch + +LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1 +LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ +LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ +LABEL operators.operatorframework.io.bundle.package.v1=khulnasoft +LABEL operators.operatorframework.io.bundle.channels.v1=alpha +LABEL operators.operatorframework.io.bundle.channel.default.v1=2022.4.0 + +COPY manifests /manifests/ +COPY metadata /metadata/ diff --git a/operators/khulnasoft/0.0.1/manifests/clusterconfigauditreports.khulnasoft.github.io.crd.yaml b/operators/khulnasoft/0.0.1/manifests/clusterconfigauditreports.khulnasoft.github.io.crd.yaml new file mode 100644 index 00000000000..9867d4b5d62 --- /dev/null +++ b/operators/khulnasoft/0.0.1/manifests/clusterconfigauditreports.khulnasoft.github.io.crd.yaml @@ -0,0 +1,51 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: clusterconfigauditreports.khulnasoft.github.io + labels: + app.kubernetes.io/managed-by: starboard +spec: + group: khulnasoft.github.io + names: + kind: ClusterConfigAuditReport + listKind: ClusterConfigAuditReportList + plural: clusterconfigauditreports + singular: clusterconfigauditreport + categories: [] + shortNames: + - clusterconfigaudit + scope: Cluster + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + x-kubernetes-preserve-unknown-fields: true + type: object + additionalPrinterColumns: + - name: Scanner + type: string + description: The name of the config audit scanner + jsonPath: .report.scanner.name + - name: Age + type: date + description: The age of the report + jsonPath: .metadata.creationTimestamp + - name: Danger + type: integer + priority: 1 + description: The number of checks that failed with Danger status + jsonPath: .report.summary.dangerCount + - name: Warning + type: integer + priority: 1 + description: The number of checks that failed with Warning status + jsonPath: .report.summary.warningCount + - name: Pass + type: integer + priority: 1 + description: The number of checks that passed + jsonPath: .report.summary.passCount + served: true + storage: true + subresources: + status: {} diff --git a/operators/khulnasoft/0.0.1/manifests/configauditreports.khulnasoft.github.io.crd.yaml b/operators/khulnasoft/0.0.1/manifests/configauditreports.khulnasoft.github.io.crd.yaml new file mode 100644 index 00000000000..13c39d885e1 --- /dev/null +++ b/operators/khulnasoft/0.0.1/manifests/configauditreports.khulnasoft.github.io.crd.yaml @@ -0,0 +1,51 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: configauditreports.khulnasoft.github.io + labels: + app.kubernetes.io/managed-by: starboard +spec: + group: khulnasoft.github.io + names: + kind: ConfigAuditReport + listKind: ConfigAuditReportList + plural: configauditreports + singular: configauditreport + categories: [] + shortNames: + - configaudit + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + x-kubernetes-preserve-unknown-fields: true + type: object + additionalPrinterColumns: + - name: Scanner + type: string + description: The name of the config audit scanner + jsonPath: .report.scanner.name + - name: Age + type: date + description: The age of the report + jsonPath: .metadata.creationTimestamp + - name: Danger + type: integer + priority: 1 + description: The number of checks that failed with Danger status + jsonPath: .report.summary.dangerCount + - name: Warning + type: integer + priority: 1 + description: The number of checks that failed with Warning status + jsonPath: .report.summary.warningCount + - name: Pass + type: integer + priority: 1 + description: The number of checks that passed + jsonPath: .report.summary.passCount + served: true + storage: true + subresources: + status: {} diff --git a/operators/khulnasoft/0.0.1/manifests/khulnasoft-operator.v0.0.1.clusterserviceversion.yaml b/operators/khulnasoft/0.0.1/manifests/khulnasoft-operator.v0.0.1.clusterserviceversion.yaml new file mode 100644 index 00000000000..bbf83e557dc --- /dev/null +++ b/operators/khulnasoft/0.0.1/manifests/khulnasoft-operator.v0.0.1.clusterserviceversion.yaml @@ -0,0 +1,590 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + name: khulnasoft-operator.v0.0.1 + namespace: placeholder + annotations: + capabilities: Seamless Upgrades + categories: Security + olm.skipRange: ">=1.0.2 <0.0.1" + description: The Khulnasoft Security Operator runs within a Openshift cluster and provides a means to deploy and manage Khulnasoft Security cluster and components. + certified: "false" + containerImage: docker.io/khulnasoft/khulnasoft-operator:0.0.1 + createdAt: 2020-03-25T08:00:00Z + support: Khulnasoft Security, Inc. + repository: https://github.com/khulnasoft/khulnasoft-operator + alm-examples: |- + [ + { + "apiVersion": "operator.khulnasoft.com/v1alpha1", + "kind": "KhulnasoftCsp", + "metadata": { + "name": "khulnasoft", + "namespace": "khulnasoft" + }, + "spec": { + "infra": { + "serviceAccount": "khulnasoft-sa", + "namespace": "khulnasoft", + "version": "6.5", + "requirements": true + }, + "common": { + "imagePullSecret": "khulnasoft-registry", + "dbDiskSize": 10, + "databaseSecret": { + "key": "db-password", + "name": "khulnasoft-database-password" + } + }, + "database": { + "replicas": 1, + "service": "ClusterIP", + "image": { + "registry": "registry.khulnasoft.com", + "repository": "database", + "tag": "<>", + "pullPolicy": "Always" + } + }, + "gateway": { + "replicas": 1, + "service": "ClusterIP", + "image": { + "registry": "registry.khulnasoft.com", + "repository": "gateway", + "tag": "<>", + "pullPolicy": "Always" + } + }, + "server": { + "replicas": 1, + "service": "LoadBalancer", + "image": { + "registry": "registry.khulnasoft.com", + "repository": "console", + "tag": "<>", + "pullPolicy": "Always" + } + }, + "route": true, + "runAsNonRoot": false + } + }, + { + "apiVersion": "operator.khulnasoft.com/v1alpha1", + "kind": "KhulnasoftDatabase", + "metadata": { + "name": "khulnasoft", + "namespace": "khulnasoft" + }, + "spec": { + "infra": { + "serviceAccount": "khulnasoft-sa", + "version": "6.5" + }, + "common": { + "imagePullSecret": "khulnasoft-registry", + "splitDB": false + }, + "deploy": { + "replicas": 1, + "service": "ClusterIP", + "image": { + "registry": "registry.khulnasoft.com", + "repository": "database", + "tag": "<>" + } + }, + "diskSize": 10, + "runAsNonRoot": false + } + }, + { + "apiVersion": "operator.khulnasoft.com/v1alpha1", + "kind": "KhulnasoftEnforcer", + "metadata": { + "name": "khulnasoft" + }, + "spec": { + "infra": { + "serviceAccount": "khulnasoft-sa", + "version": "6.5" + }, + "common": { + "imagePullSecret": "khulnasoft-registry" + }, + "deploy": { + "image": { + "repository": "enforcer", + "registry": "registry.khulnasoft.com", + "tag": "<>", + "pullPolicy": "IfNotPresent" + } + }, + "runAsNonRoot": false, + "gateway": { + "host": "khulnasoft-gateway", + "port": 8443 + }, + "token": "<>" + } + }, + { + "apiVersion": "operator.khulnasoft.com/v1alpha1", + "kind": "KhulnasoftKubeEnforcer", + "metadata": { + "name": "khulnasoft" + }, + "spec": { + "infra": { + "version": "6.5", + "serviceAccount": "khulnasoft-kube-enforcer-sa" + }, + "config": { + "gateway_address": "khulnasoft-gateway.khulnasoft:8443", + "cluster_name": "khulnasoft-secure", + "imagePullSecret": "khulnasoft-registry" + }, + "deploy": { + "service": "ClusterIP", + "image": { + "registry": "registry.khulnasoft.com", + "tag": "<>", + "repository": "kube-enforcer", + "pullPolicy": "Always" + } + }, + "token": "<>", + "starboard": { + "infra": { + "serviceAccount": "starboard-operator" + }, + "config": { + "imagePullSecret": "starboard-registry" + }, + "deploy": { + "replicas": 1 + } + } + } + }, + { + "apiVersion": "operator.khulnasoft.com/v1alpha1", + "kind": "KhulnasoftGateway", + "metadata": { + "name": "khulnasoft", + "namespace": "khulnasoft" + }, + "spec": { + "infra": { + "serviceAccount": "khulnasoft-sa", + "version": "6.5" + }, + "common": { + "databaseSecret": { + "name": "<>", + "key": "<>" + }, + "imagePullSecret": "khulnasoft-registry", + "splitDB": false + }, + "externalDb": { + "host": "<>", + "port": "<>", + "username": "<>", + "password": "<>" + }, + "deploy": { + "replicas": 1, + "service": "ClusterIP", + "image": { + "registry": "registry.khulnasoft.com", + "repository": "gateway", + "tag": "<>" + } + }, + "runAsNonRoot": false + } + }, + { + "apiVersion": "operator.khulnasoft.com/v1alpha1", + "kind": "KhulnasoftScanner", + "metadata": { + "name": "khulnasoft", + "namespace": "khulnasoft" + }, + "spec": { + "infra": { + "serviceAccount": "khulnasoft-sa", + "version": "6.5" + }, + "common": { + "imagePullSecret": "khulnasoft-registry" + }, + "deploy": { + "replicas": 1, + "image": { + "registry": "registry.khulnasoft.com", + "repository": "scanner", + "tag": "<>" + } + }, + "runAsNonRoot": false, + "login": { + "username": "<>", + "password": "<>", + "host": "http://khulnasoft-server:8080" + } + } + }, + { + "apiVersion": "operator.khulnasoft.com/v1alpha1", + "kind": "KhulnasoftServer", + "metadata": { + "name": "khulnasoft", + "namespace": "khulnasoft" + }, + "spec": { + "infra": { + "serviceAccount": "khulnasoft-sa", + "version": "6.5" + }, + "common": { + "databaseSecret": { + "name": "<>", + "key": "<>" + }, + "imagePullSecret": "khulnasoft-registry", + "splitDB": false + }, + "externalDb": { + "host": "<>", + "port": "<>", + "username": "<>", + "password": "<>" + }, + "deploy": { + "replicas": 1, + "service": "LoadBalancer", + "image": { + "registry": "registry.khulnasoft.com", + "repository": "console", + "tag": "<>", + "pullPolicy": "Always" + } + }, + "runAsNonRoot": false + } + } + ] + operators.operatorframework.io/internal-objects: '["khulnasoftstarboards.khulnasoft.github.io","configauditreports.khulnasoft.github.io", "clusterconfigauditreports.khulnasoft.github.io"]' +spec: + displayName: Khulnasoft Security Operator + version: 0.0.1 + replaces: khulnasoft-operator.v6.5.10 + description: |- + The Khulnasoft Security Operator runs within an OpenShift cluster and provides a means to deploy and manage the Khulnasoft Security cluster and components : + * Server (aka “console”) + * Database (for production environments we recommend to use an external database and not the Khulnasoft default database) + * Gateway + * Enforcer (aka “agent”) + * KubeEnforcer + * Scanner + * CSP (package that contains the Server, Database, and Gateway) + + Use the Khulnasoft-Operator to + * Deploy Khulnasoft Security components on OpenShift + * Scale up Khulnasoft Security components with extra replicas + * Assign metadata tags to Khulnasoft Security components + + ## Before You Begin Using the Operator CRDs + + Obtain access to the Khulnasoft registry - https://www.khulnasoft.com/about-us/contact-us/ + + + ## Instructions and exmaples + + Follow instructions and exmaples + [here](https://github.com/khulnasoft/khulnasoft-operator/blob/6.5.0/docs/DeployOpenShiftOperator.md) + + keywords: ["khulnasoft-security", "scanning", "security", "runtime-security"] + maintainers: + - email: support@khulnasoft.com + name: Khulnasoft Support, Khulnasoft Security + provider: + name: Khulnasoft Security, Inc. + maturity: alpha + labels: + name: khulnasoft-operator + selector: + matchLabels: + name: khulnasoft-operator + links: + - name: Khulnasoft Security + url: https://www.khulnasoft.com/ + - name: Khulnasoft Operator Github + url: https://github.com/khulnasoft/khulnasoft-operator + icon: + - base64data: PHN2ZyB3aWR0aD0iMTUwIiBoZWlnaHQ9IjE1MCIgdmlld0JveD0iMCAwIDE1MCAxNTAiIGZpbGw9Im5vbmUiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyI+CjxnIGNsaXAtcGF0aD0idXJsKCNjbGlwMCkiPgo8cGF0aCBkPSJNMTE2LjQ1OCAwLjcwMDkyOEg2NC4xNzA2QzYxLjkyMyAwLjcwMDkyOCA1OS43Njg4IDEuNTg1NzggNTguMTc5MSAzLjE2MzI2TDM2LjAxMjkgMjUuMTU4NUMzNS4xNTc5IDI2LjAwNjkgMzQuMjk5NiAyNi44NTg2IDM0LjI5OTYgMjguODk2OEMzNC4yOTk2IDI4Ljg5NjggMzQuMjk5NiAzMy45OTM3IDM5LjA5MjIgMzMuOTkzN0gxMTYuNDU4VjAuNzAwOTI4WiIgZmlsbD0iI0ZGQzkwMCIvPgo8cGF0aCBvcGFjaXR5PSIwLjg5IiBkPSJNODIuOTM3IDMzLjk5MzdIMTE2LjQ1OFYwLjcwMDkyOEw4Mi45MzcgMzMuOTkzN1oiIGZpbGw9InVybCgjcGFpbnQwX2xpbmVhcikiLz4KPHBhdGggZD0iTTExNi40NTggMC43MDA5MjhMODIuOTM3IDMzLjk5MzdIMTE2LjQ1OFYwLjcwMDkyOFoiIGZpbGw9InVybCgjcGFpbnQxX2xpbmVhcikiLz4KPHBhdGggZD0iTTE0OS4xNTIgMy40OTc5N0MxNDguMiAxLjg3NDA5IDE0Ni4xNDYgMC42Njc3ODMgMTQ0LjE0MiAwLjcwMDkyM0gxMTYuNDU4QzExNi40NTggMC43MDA5MjMgMTE2LjQ1OCA4OC4yMDE1IDExNi40NTggMTEwLjc2M0MxMTYuNDU4IDExNS41MTkgMTIxLjM0MSAxMTUuNTE5IDEyMS41OTggMTE1LjUxOUMxMjMuNjUyIDExNS41MTkgMTI0LjUxMSAxMTQuNjcxIDEyNS4zNjYgMTEzLjgxOUwxNDcuNTMyIDkxLjgyMzdDMTQ5LjEyMiA5MC4yNDYyIDE0OS45OTcgODguMTA4NyAxNDkuOTk3IDg1Ljg3ODNWNi4xMTkzOEMxNTAgNS4yMjQ1OSAxNDkuNjYzIDQuMzMzMTEgMTQ5LjE1MiAzLjQ5Nzk3WiIgZmlsbD0iI0ZGNDQ1RiIvPgo8cGF0aCBkPSJNMzMuNjEzNCAxMTYuMzY3VjM5LjQwODlDMzMuNjEzNCAzNC42NCAyOC40NjM0IDM0LjY0IDI4LjQ2MzQgMzQuNjRDMjYuNDAyNyAzNC42NCAyNS41NDc4IDM1LjQ5MTcgMjQuNjg5NCAzNi4zNDM0TDIuNDY2NDcgNTguMzk1QzAuODczMzk0IDU5Ljk3MjUgMC4wMDE3MDg5OCA2Mi4xMTY2IDAuMDAxNzA4OTggNjQuMzUzNlYxMTYuMzY3SDMzLjYxMzRaIiBmaWxsPSIjMDhCMUQ1Ii8+CjxwYXRoIG9wYWNpdHk9IjAuODIiIGQ9Ik0wIDExNi4zNjdMMzMuNjExNiA4My4wMTgyVjExNi4zNjdIMFoiIGZpbGw9InVybCgjcGFpbnQyX2xpbmVhcikiLz4KPHBhdGggZD0iTTAgMTE2LjM2N0wzMy42MTE2IDgzLjAxODJWMTE2LjM2N0gwWiIgZmlsbD0idXJsKCNwYWludDNfbGluZWFyKSIvPgo8cGF0aCBkPSJNMi44NDU1NSAxNDguNTRDMS4yMDIzNyAxNDcuNTk2IC0wLjAzMDAwODIgMTQ1LjU1MSA0Ljk5MTYzZS0wNSAxNDMuNTYyVjExNi4zNjdDNC45OTE2M2UtMDUgMTE2LjM2NyA4OC41NjEzIDExNi4zNjcgMTExLjE3MiAxMTYuMzY3QzExNS45NzggMTE2LjM2NyAxMTUuOTgxIDEyMC43NjUgMTE1Ljk4MSAxMjEuMDI0QzExNS45ODQgMTIzLjA2OCAxMTUuMTI2IDEyMy45MiAxMTQuMjY4IDEyNC43NzJMOTIuMDQ4IDE0Ni44MkM5MC40NTQ5IDE0OC40MDQgODguMzIwOCAxNDkuMzAyIDg2LjA2OTggMTQ5LjMwMkg1LjQ5NEM0LjU5MjI2IDE0OS4yOTkgMy42ODcxOCAxNDkuMDQ3IDIuODQ1NTUgMTQ4LjU0WiIgZmlsbD0iIzE5MDREQSIvPgo8L2c+CjxkZWZzPgo8bGluZWFyR3JhZGllbnQgaWQ9InBhaW50MF9saW5lYXIiIHgxPSI5My4wMTU3IiB5MT0iNDAuNjExIiB4Mj0iMTI0Ljk0NCIgeTI9IjguNDM0MzYiIGdyYWRpZW50VW5pdHM9InVzZXJTcGFjZU9uVXNlIj4KPHN0b3Agc3RvcC1jb2xvcj0iI0ZGNDQ1RiIgc3RvcC1vcGFjaXR5PSIwIi8+CjxzdG9wIG9mZnNldD0iMSIgc3RvcC1jb2xvcj0iI0ZGNDQ1RiIgc3RvcC1vcGFjaXR5PSIwLjMiLz4KPC9saW5lYXJHcmFkaWVudD4KPGxpbmVhckdyYWRpZW50IGlkPSJwYWludDFfbGluZWFyIiB4MT0iMTE2LjQ1OCIgeTE9IjE3LjM0OTQiIHgyPSI4Mi45MzU1IiB5Mj0iMTcuMzQ5NCIgZ3JhZGllbnRVbml0cz0idXNlclNwYWNlT25Vc2UiPgo8c3RvcCBzdG9wLWNvbG9yPSIjRkY0NDVGIiBzdG9wLW9wYWNpdHk9IjAuNCIvPgo8c3RvcCBvZmZzZXQ9IjAuMDA3NjE2ODIiIHN0b3AtY29sb3I9IiNGRjQ0NUYiIHN0b3Atb3BhY2l0eT0iMC4zODczIi8+CjxzdG9wIG9mZnNldD0iMC4yNDA2IiBzdG9wLWNvbG9yPSIjRkY0NDVGIiBzdG9wLW9wYWNpdHk9IjAiLz4KPC9saW5lYXJHcmFkaWVudD4KPGxpbmVhckdyYWRpZW50IGlkPSJwYWludDJfbGluZWFyIiB4MT0iNi42MzY0NiIgeTE9IjEyNi4zMzciIHgyPSI0MC43ODE4IiB5Mj0iOTIuMDg0NiIgZ3JhZGllbnRVbml0cz0idXNlclNwYWNlT25Vc2UiPgo8c3RvcCBzdG9wLWNvbG9yPSIjMTkwNERBIiBzdG9wLW9wYWNpdHk9IjAuMiIvPgo8c3RvcCBvZmZzZXQ9IjEiIHN0b3AtY29sb3I9IiMxOTA0REEiIHN0b3Atb3BhY2l0eT0iMCIvPgo8L2xpbmVhckdyYWRpZW50Pgo8bGluZWFyR3JhZGllbnQgaWQ9InBhaW50M19saW5lYXIiIHgxPSIxNi44MDYiIHkxPSIxMTYuMzY2IiB4Mj0iMTYuODA2IiB5Mj0iODMuMDE5NiIgZ3JhZGllbnRVbml0cz0idXNlclNwYWNlT25Vc2UiPgo8c3RvcCBzdG9wLWNvbG9yPSIjMTkwNERBIiBzdG9wLW9wYWNpdHk9IjAuMyIvPgo8c3RvcCBvZmZzZXQ9IjAuMDA3NjE2ODIiIHN0b3AtY29sb3I9IiMxOTA0REEiIHN0b3Atb3BhY2l0eT0iMC4yOTA1Ii8+CjxzdG9wIG9mZnNldD0iMC4yNDA2IiBzdG9wLWNvbG9yPSIjMTkwNERBIiBzdG9wLW9wYWNpdHk9IjAiLz4KPC9saW5lYXJHcmFkaWVudD4KPGNsaXBQYXRoIGlkPSJjbGlwMCI+CjxyZWN0IHdpZHRoPSIxNTAiIGhlaWdodD0iMTQ4LjU5OCIgZmlsbD0id2hpdGUiIHRyYW5zZm9ybT0idHJhbnNsYXRlKDAgMC43MDA5MjgpIi8+CjwvY2xpcFBhdGg+CjwvZGVmcz4KPC9zdmc+Cg== + mediatype: image/svg+xml + miniKubeVersion: 1.11.0 + installModes: + - supported: true + type: OwnNamespace + - supported: true + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: false + type: AllNamespaces + install: + strategy: deployment + spec: + clusterPermissions: + - serviceAccountName: khulnasoft-sa + rules: + - apiGroups: + - "security.openshift.io" + resources: + - securitycontextconstraints + verbs: + - use + resourceNames: + - khulnasoft-scc + - privileged + - hostaccess + - serviceAccountName: khulnasoft-kube-enforcer-sa + rules: + - apiGroups: + - "security.openshift.io" + resources: + - securitycontextconstraints + verbs: + - use + resourceNames: + - khulnasoft-kube-enforcer-scc + - privileged + - hostaccess + - serviceAccountName: khulnasoft-operator + rules: + - apiGroups: + - "" + resources: + - pods + - services + - endpoints + - persistentvolumeclaims + - events + - configmaps + - secrets + - serviceaccounts + - nodes + - route + verbs: + - "*" + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - apiGroups: + - apps + - extensions + resources: + - "*" + - deployments + - daemonsets + - replicasets + - statefulsets + - podsecuritypolicies + verbs: + - "*" + - apiGroups: + - monitoring.coreos.com + resources: + - servicemonitors + verbs: + - get + - create + - apiGroups: + - operator.khulnasoft.com + resources: + - "*" + - khulnasoftgateways + - khulnasoftservers + - khulnasoftcsps + - khulnasoftenforcers + - khulnasoftscanners + - khulnasoftkubeenforcers + verbs: + - "*" + - apiGroups: + - khulnasoft.github.io + resources: + - "*" + - khulnasoftstarboards + - configauditreports + - clusterconfigauditreports + verbs: + - "*" + - apiGroups: + - rbac.authorization.k8s.io + - authorization.k8s.io + resources: + - "*" + - clusterroles + - clusterrolebindings + verbs: + - "*" + - apiGroups: + - policy + resources: + - "*" + - podsecuritypolicies + verbs: + - "*" + - apiGroups: + - admissionregistration.k8s.io + resources: + - validatingwebhookconfigurations + - mutatingwebhookconfigurations + verbs: + - "*" + - apiGroups: + - route.openshift.io + resources: + - "*" + - route + verbs: + - "*" + - apiGroups: + - coordination.k8s.io + resources: + - "*" + - leases + verbs: + - "*" + deployments: + - name: khulnasoft-operator + spec: + replicas: 1 + selector: + matchLabels: + name: khulnasoft-operator + template: + metadata: + labels: + name: khulnasoft-operator + spec: + serviceAccountName: khulnasoft-operator + containers: + - name: khulnasoft-operator + image: docker.io/khulnasoft/khulnasoft-operator:0.0.1 + imagePullPolicy: Always + command: + - /manager + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.annotations['olm.targetNamespaces'] + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAME + value: "khulnasoft-operator" + ports: + - containerPort: 60000 + name: metrics + permissions: + - serviceAccountName: khulnasoft-operator + rules: + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + customresourcedefinitions: + owned: + - description: Khulnasoft Security CSP Deployment with Khulnasoft Operator + displayName: KhulnasoftCsp + kind: KhulnasoftCsp + name: khulnasoftcsps.operator.khulnasoft.com + version: v1alpha1 + - description: Khulnasoft Security Database Deployment with Khulnasoft Operator + displayName: KhulnasoftDatabase + kind: KhulnasoftDatabase + name: khulnasoftdatabases.operator.khulnasoft.com + version: v1alpha1 + - description: Khulnasoft Security Enforcer Deployment with Khulnasoft Operator + displayName: KhulnasoftEnforcer + kind: KhulnasoftEnforcer + name: khulnasoftenforcers.operator.khulnasoft.com + version: v1alpha1 + - description: Khulnasoft Security KubeEnforcer Deployment with Khulnasoft Operator + displayName: KhulnasoftKubeEnforcer + kind: KhulnasoftKubeEnforcer + name: khulnasoftkubeenforcers.operator.khulnasoft.com + version: v1alpha1 + - description: Khulnasoft Security Gateway Deployment with Khulnasoft Operator + displayName: KhulnasoftGateway + kind: KhulnasoftGateway + name: khulnasoftgateways.operator.khulnasoft.com + version: v1alpha1 + - description: Khulnasoft Security Scanner Deployment with Khulnasoft Operator + displayName: KhulnasoftScanner + kind: KhulnasoftScanner + name: khulnasoftscanners.operator.khulnasoft.com + version: v1alpha1 + - description: Khulnasoft Security Server Deployment with Khulnasoft Operator + displayName: KhulnasoftServer + kind: KhulnasoftServer + name: khulnasoftservers.operator.khulnasoft.com + version: v1alpha1 + - description: Khulnasoft Starboard for kube-enforcer. + version: v1alpha1 + kind: KhulnasoftStarboard + name: khulnasoftstarboards.khulnasoft.github.io + displayName: KhulnasoftStarboard + group: khulnasoftkubeenforcers.operator.khulnasoft.com + - description: For Khulnasoft Starboard. + version: v1alpha1 + kind: ClusterConfigAuditReport + name: clusterconfigauditreports.khulnasoft.github.io + displayName: ClusterConfigAuditReport + group: khulnasoftkubeenforcers.operator.khulnasoft.com + - description: For Khulnasoft Starboard. + version: v1alpha1 + kind: ConfigAuditReport + name: configauditreports.khulnasoft.github.io + displayName: ConfigAuditReport + group: khulnasoftkubeenforcers.operator.khulnasoft.com diff --git a/operators/khulnasoft/0.0.1/manifests/khulnasoftcsps.operator.khulnasoft.com.crd.yaml b/operators/khulnasoft/0.0.1/manifests/khulnasoftcsps.operator.khulnasoft.com.crd.yaml new file mode 100644 index 00000000000..b176884f915 --- /dev/null +++ b/operators/khulnasoft/0.0.1/manifests/khulnasoftcsps.operator.khulnasoft.com.crd.yaml @@ -0,0 +1,31 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: khulnasoftcsps.operator.khulnasoft.com +spec: + group: operator.khulnasoft.com + names: + kind: KhulnasoftCsp + listKind: KhulnasoftCspList + plural: khulnasoftcsps + singular: khulnasoftcsp + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + x-kubernetes-preserve-unknown-fields: true + type: object + additionalPrinterColumns: + - name: Age + type: date + description: Khulnasoft Csp Age + jsonPath: .metadata.creationTimestamp + - name: Status + type: string + description: Khulnasoft Csp status + jsonPath: .status.state + served: true + storage: true + subresources: + status: {} diff --git a/operators/khulnasoft/0.0.1/manifests/khulnasoftdatabases.operator.khulnasoft.com.crd.yaml b/operators/khulnasoft/0.0.1/manifests/khulnasoftdatabases.operator.khulnasoft.com.crd.yaml new file mode 100644 index 00000000000..8d037cf5ea0 --- /dev/null +++ b/operators/khulnasoft/0.0.1/manifests/khulnasoftdatabases.operator.khulnasoft.com.crd.yaml @@ -0,0 +1,39 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: khulnasoftdatabases.operator.khulnasoft.com +spec: + group: operator.khulnasoft.com + names: + kind: KhulnasoftDatabase + listKind: KhulnasoftDatabaseList + plural: khulnasoftdatabases + singular: khulnasoftdatabase + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + x-kubernetes-preserve-unknown-fields: true + type: object + additionalPrinterColumns: + - name: Replicas + type: integer + description: Replicas Number + jsonPath: .spec.deploy.replicas + - name: Age + type: date + description: Khulnasoft Database Age + jsonPath: .metadata.creationTimestamp + - name: Status + type: string + description: Khulnasoft Database status + jsonPath: .status.state + - name: Nodes + type: string + description: List Of Nodes (Pods) + jsonPath: .status.nodes + served: true + storage: true + subresources: + status: {} diff --git a/operators/khulnasoft/0.0.1/manifests/khulnasoftenforcers.operator.khulnasoft.com.crd.yaml b/operators/khulnasoft/0.0.1/manifests/khulnasoftenforcers.operator.khulnasoft.com.crd.yaml new file mode 100644 index 00000000000..33377b5a365 --- /dev/null +++ b/operators/khulnasoft/0.0.1/manifests/khulnasoftenforcers.operator.khulnasoft.com.crd.yaml @@ -0,0 +1,35 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: khulnasoftenforcers.operator.khulnasoft.com +spec: + group: operator.khulnasoft.com + names: + kind: KhulnasoftEnforcer + listKind: KhulnasoftEnforcerList + plural: khulnasoftenforcers + singular: khulnasoftenforcer + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + x-kubernetes-preserve-unknown-fields: true + type: object + additionalPrinterColumns: + - name: Replicas + type: integer + description: Replicas Number + jsonPath: .spec.deploy.replicas + - name: Age + type: date + description: Khulnasoft Enforcer Age + jsonPath: .metadata.creationTimestamp + - name: Status + type: string + description: Khulnasoft Enforcer status + jsonPath: .status.state + served: true + storage: true + subresources: + status: {} diff --git a/operators/khulnasoft/0.0.1/manifests/khulnasoftgateways.operator.khulnasoft.com.crd.yaml b/operators/khulnasoft/0.0.1/manifests/khulnasoftgateways.operator.khulnasoft.com.crd.yaml new file mode 100644 index 00000000000..9a1b2f32661 --- /dev/null +++ b/operators/khulnasoft/0.0.1/manifests/khulnasoftgateways.operator.khulnasoft.com.crd.yaml @@ -0,0 +1,39 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: khulnasoftgateways.operator.khulnasoft.com +spec: + group: operator.khulnasoft.com + names: + kind: KhulnasoftGateway + listKind: KhulnasoftGatewayList + plural: khulnasoftgateways + singular: khulnasoftgateway + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + x-kubernetes-preserve-unknown-fields: true + type: object + additionalPrinterColumns: + - name: Replicas + type: integer + description: Replicas Number + jsonPath: .spec.deploy.replicas + - name: Age + type: date + description: Khulnasoft Gateway Age + jsonPath: .metadata.creationTimestamp + - name: Status + type: string + description: Khulnasoft Gateway status + jsonPath: .status.state + - name: Nodes + type: string + description: List Of Nodes (Pods) + jsonPath: .status.nodes + served: true + storage: true + subresources: + status: {} diff --git a/operators/khulnasoft/0.0.1/manifests/khulnasoftkubeenforcers.operator.khulnasoft.com.crd.yaml b/operators/khulnasoft/0.0.1/manifests/khulnasoftkubeenforcers.operator.khulnasoft.com.crd.yaml new file mode 100644 index 00000000000..65af05f97ca --- /dev/null +++ b/operators/khulnasoft/0.0.1/manifests/khulnasoftkubeenforcers.operator.khulnasoft.com.crd.yaml @@ -0,0 +1,31 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: khulnasoftkubeenforcers.operator.khulnasoft.com +spec: + group: operator.khulnasoft.com + names: + kind: KhulnasoftKubeEnforcer + listKind: KhulnasoftKubeEnforcerList + plural: khulnasoftkubeenforcers + singular: khulnasoftkubeenforcer + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + x-kubernetes-preserve-unknown-fields: true + type: object + additionalPrinterColumns: + - name: Status + type: string + description: Khulnasoft KubeEnforcer status + jsonPath: .status.state + - name: Age + type: date + description: Khulnasoft KubeEnforcer Age + jsonPath: .metadata.creationTimestamp + served: true + storage: true + subresources: + status: {} diff --git a/operators/khulnasoft/0.0.1/manifests/khulnasoftscanners.operator.khulnasoft.com.crd.yaml b/operators/khulnasoft/0.0.1/manifests/khulnasoftscanners.operator.khulnasoft.com.crd.yaml new file mode 100644 index 00000000000..2153a30a229 --- /dev/null +++ b/operators/khulnasoft/0.0.1/manifests/khulnasoftscanners.operator.khulnasoft.com.crd.yaml @@ -0,0 +1,39 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: khulnasoftscanners.operator.khulnasoft.com +spec: + group: operator.khulnasoft.com + names: + kind: KhulnasoftScanner + listKind: KhulnasoftScannerList + plural: khulnasoftscanners + singular: khulnasoftscanner + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + x-kubernetes-preserve-unknown-fields: true + type: object + additionalPrinterColumns: + - name: Replicas + type: integer + description: Replicas Number + jsonPath: .spec.deploy.replicas + - name: Age + type: date + description: Khulnasoft Scanner Age + jsonPath: .metadata.creationTimestamp + - name: Status + type: string + description: Khulnasoft Scanner status + jsonPath: .status.state + - name: Nodes + type: string + description: List Of Nodes (Pods) + jsonPath: .status.nodes + served: true + storage: true + subresources: + status: {} diff --git a/operators/khulnasoft/0.0.1/manifests/khulnasoftservers.operator.khulnasoft.com.crd.yaml b/operators/khulnasoft/0.0.1/manifests/khulnasoftservers.operator.khulnasoft.com.crd.yaml new file mode 100644 index 00000000000..76f275d3879 --- /dev/null +++ b/operators/khulnasoft/0.0.1/manifests/khulnasoftservers.operator.khulnasoft.com.crd.yaml @@ -0,0 +1,39 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: khulnasoftservers.operator.khulnasoft.com +spec: + group: operator.khulnasoft.com + names: + kind: KhulnasoftServer + listKind: KhulnasoftServerList + plural: khulnasoftservers + singular: khulnasoftserver + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + x-kubernetes-preserve-unknown-fields: true + type: object + additionalPrinterColumns: + - name: Replicas + type: integer + description: Replicas Number + jsonPath: .spec.deploy.replicas + - name: Age + type: date + description: Khulnasoft Server Age + jsonPath: .metadata.creationTimestamp + - name: Status + type: string + description: Khulnasoft Server status + jsonPath: .status.state + - name: Nodes + type: string + description: List Of Nodes (Pods) + jsonPath: .status.nodes + served: true + storage: true + subresources: + status: {} diff --git a/operators/khulnasoft/0.0.1/manifests/khulnasoftstarboards.khulnasoft.github.io.crd.yaml b/operators/khulnasoft/0.0.1/manifests/khulnasoftstarboards.khulnasoft.github.io.crd.yaml new file mode 100644 index 00000000000..f0256ff2360 --- /dev/null +++ b/operators/khulnasoft/0.0.1/manifests/khulnasoftstarboards.khulnasoft.github.io.crd.yaml @@ -0,0 +1,39 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: khulnasoftstarboards.khulnasoft.github.io +spec: + group: khulnasoft.github.io + names: + kind: KhulnasoftStarboard + listKind: KhulnasoftStarboardList + plural: khulnasoftstarboards + singular: khulnasoftstarboard + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + x-kubernetes-preserve-unknown-fields: true + type: object + additionalPrinterColumns: + - name: Replicas + type: integer + description: Replicas Number + jsonPath: .spec.deploy.replicas + - name: Age + type: date + description: Khulnasoft Starboard Age + jsonPath: .metadata.creationTimestamp + - name: Status + type: string + description: Khulnasoft Starboard status + jsonPath: .status.state + - name: Nodes + type: string + description: List Of Nodes (Pods) + jsonPath: .status.nodes + served: true + storage: true + subresources: + status: {} diff --git a/operators/khulnasoft/0.0.1/metadata/annotations.yaml b/operators/khulnasoft/0.0.1/metadata/annotations.yaml new file mode 100644 index 00000000000..e1aaf39a8ed --- /dev/null +++ b/operators/khulnasoft/0.0.1/metadata/annotations.yaml @@ -0,0 +1,7 @@ +annotations: + operators.operatorframework.io.bundle.channel.default.v1: 2022.4.0 + operators.operatorframework.io.bundle.channels.v1: 0.0.1 + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: khulnasoft diff --git a/operators/khulnasoft/ci.yaml b/operators/khulnasoft/ci.yaml new file mode 100644 index 00000000000..043728293a3 --- /dev/null +++ b/operators/khulnasoft/ci.yaml @@ -0,0 +1,6 @@ +--- +# Use `replaces-mode` or `semver-mode`. Once you switch to `semver-mode`, there is no easy way back. +updateGraph: replaces-mode +reviewers: + - khulnasoft-bot +packagemanifestClusterVersionLabel: auto