CAPM3, BMO and Ironic manifests

The below PS has manifests files related to
capm3, bmo and ironic for v0.5.0 versions.

Relates-To: #518 #558 #560
Change-Id: Id9240320bc8dec32d5e5384c39e26ba04f55f9bd

manifests/function/baremetal-operator/v0.5.0/kustomization.yaml

@@ -0,0 +1,12 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: metal3
+resources:
+- upstream/default
+
+patchesStrategicMerge:
+- operator_nodeselector_patch.yaml
+- operator_tolerations_patch.yaml
+- label_baremetalhosts_crd_patch.yaml
+- label_firmwareschemas_crd_patch.yaml
+- label_hostfirmwaresettings_crd_patch.yaml

manifests/function/baremetal-operator/v0.5.0/label_baremetalhosts_crd_patch.yaml

@@ -0,0 +1,9 @@
+# The following patch adds a directive for certmanager to inject CA into the CRD
+# CRD conversion requires k8s 1.13 or later.
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  labels:
+    clusterctl.cluster.x-k8s.io: ""
+    cluster.x-k8s.io/provider: "metal3"
+  name: baremetalhosts.metal3.io

manifests/function/baremetal-operator/v0.5.0/label_firmwareschemas_crd_patch.yaml

@@ -0,0 +1,9 @@
+# The following patch adds a directive for certmanager to inject CA into the CRD
+# CRD conversion requires k8s 1.13 or later.
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  labels:
+    clusterctl.cluster.x-k8s.io: ""
+    cluster.x-k8s.io/provider: "metal3"
+  name: firmwareschemas.metal3.io

manifests/function/baremetal-operator/v0.5.0/label_hostfirmwaresettings_crd_patch.yaml

@@ -0,0 +1,9 @@
+# The following patch adds a directive for certmanager to inject CA into the CRD
+# CRD conversion requires k8s 1.13 or later.
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  labels:
+    clusterctl.cluster.x-k8s.io: ""
+    cluster.x-k8s.io/provider: "metal3"
+  name: hostfirmwaresettings.metal3.io

manifests/function/baremetal-operator/v0.5.0/operator_nodeselector_patch.yaml

@@ -0,0 +1,10 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: controller-manager
+  namespace: system
+spec:
+  template:
+    spec:
+      nodeSelector:
+        kubernetes.io/os: linux

manifests/function/baremetal-operator/v0.5.0/operator_tolerations_patch.yaml

@@ -0,0 +1,14 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: controller-manager
+  namespace: system
+spec:
+  template:
+    spec:
+      tolerations:
+      # Mark the pod as a critical add-on for rescheduling.
+      - key: CriticalAddonsOnly
+        operator: Exists
+      - key: node-role.kubernetes.io/master
+        effect: NoSchedule

manifests/function/baremetal-operator/v0.5.0/replacements/ironic-env-vars.yaml

@@ -0,0 +1,65 @@
+# These rules inject env vars into the baremetal-operator function.
+apiVersion: airshipit.org/v1alpha1
+kind: ReplacementTransformer
+metadata:
+  name: baremetal-operator-env-vars-replacements
+  annotations:
+    config.kubernetes.io/function: |-
+      container:
+        image: localhost/replacement-transformer
+replacements:
+# Replace the proxy vars
+- source:
+    objref:
+      name: env-vars-catalogue
+    fieldref: env.HTTP_PROXY
+  target:
+    objref:
+      kind: ConfigMap
+      name: baremetal-operator-ironic
+    fieldrefs: ["data.HTTP_PROXY"]
+- source:
+    objref:
+      name: env-vars-catalogue
+    fieldref: env.HTTPS_PROXY
+  target:
+    objref:
+      kind: ConfigMap
+      name: baremetal-operator-ironic
+    fieldrefs: ["data.HTTPS_PROXY"]
+- source:
+    objref:
+      name: env-vars-catalogue
+    fieldref: env.http_proxy
+  target:
+    objref:
+      kind: ConfigMap
+      name: baremetal-operator-ironic
+    fieldrefs: ["data.http_proxy"]
+- source:
+    objref:
+      name: env-vars-catalogue
+    fieldref: env.https_proxy
+  target:
+    objref:
+      kind: ConfigMap
+      name: baremetal-operator-ironic
+    fieldrefs: ["data.https_proxy"]
+- source:
+    objref:
+      name: env-vars-catalogue
+    fieldref: env.NO_PROXY
+  target:
+    objref:
+      kind: ConfigMap
+      name: baremetal-operator-ironic
+    fieldrefs: ["data.NO_PROXY"]
+- source:
+    objref:
+      name: env-vars-catalogue
+    fieldref: env.no_proxy
+  target:
+    objref:
+      kind: ConfigMap
+      name: baremetal-operator-ironic
+    fieldrefs: ["data.no_proxy"]

manifests/function/baremetal-operator/v0.5.0/replacements/kustomization.yaml

@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - versions.yaml
+  - ironic-env-vars.yaml
+  - networking.yaml

manifests/function/baremetal-operator/v0.5.0/replacements/networking.yaml

@@ -0,0 +1,112 @@
+# These rules inject networking info into the baremetal-operator  function.
+apiVersion: airshipit.org/v1alpha1
+kind: ReplacementTransformer
+metadata:
+  name: baremetal-operator-networking-replacements
+  annotations:
+    config.kubernetes.io/function: |-
+      container:
+        image: localhost/replacement-transformer
+replacements:
+# Replace the pod & service networks
+- source:
+    objref:
+      kind: NetworkCatalogue
+      name: networking
+    fieldref: spec.ironic.provisioningInterface
+  target:
+    objref:
+      kind: ConfigMap
+      name: baremetal-operator-ironic
+    fieldrefs: ["data.PROVISIONING_INTERFACE"]
+- source:
+    objref:
+      kind: NetworkCatalogue
+      name: networking
+    fieldref: spec.ironic.provisioningIp
+  target:
+    objref:
+      kind: ConfigMap
+      name: baremetal-operator-ironic
+    fieldrefs: ["data.PROVISIONING_IP"]
+- source:
+    objref:
+      kind: NetworkCatalogue
+      name: networking
+    fieldref: spec.ironic.httpPort
+  target:
+    objref:
+      kind: ConfigMap
+      name: baremetal-operator-ironic
+    fieldrefs: ["data.HTTP_PORT"]
+- source:
+    objref:
+      kind: NetworkCatalogue
+      name: networking
+    fieldref: spec.ironic.provisioningIp
+  target:
+    objref:
+      kind: ConfigMap
+      name: baremetal-operator-ironic
+    fieldrefs: ["data.DEPLOY_KERNEL_URL%PROVISIONING_IP%"]
+- source:
+    objref:
+      kind: NetworkCatalogue
+      name: networking
+    fieldref: spec.ironic.httpPort
+  target:
+    objref:
+      kind: ConfigMap
+      name: baremetal-operator-ironic
+    fieldrefs: ["data.DEPLOY_KERNEL_URL%HTTP_PORT%"]
+- source:
+    objref:
+      kind: NetworkCatalogue
+      name: networking
+    fieldref: spec.ironic.provisioningIp
+  target:
+    objref:
+      kind: ConfigMap
+      name: baremetal-operator-ironic
+    fieldrefs: ["data.DEPLOY_RAMDISK_URL%PROVISIONING_IP%"]
+- source:
+    objref:
+      kind: NetworkCatalogue
+      name: networking
+    fieldref: spec.ironic.httpPort
+  target:
+    objref:
+      kind: ConfigMap
+      name: baremetal-operator-ironic
+    fieldrefs: ["data.DEPLOY_RAMDISK_URL%HTTP_PORT%"]
+- source:
+    objref:
+      kind: NetworkCatalogue
+      name: networking
+    fieldref: spec.ironic.provisioningIp
+  target:
+    objref:
+      kind: ConfigMap
+      name: baremetal-operator-ironic
+    fieldrefs: ["data.IRONIC_ENDPOINT%PROVISIONING_IP%"]
+- source:
+    objref:
+      kind: NetworkCatalogue
+      name: networking
+    fieldref: spec.ironic.provisioningIp
+  target:
+    objref:
+      kind: ConfigMap
+      name: baremetal-operator-ironic
+    fieldrefs: ["data.IRONIC_INSPECTOR_ENDPOINT%PROVISIONING_IP%"]
+- source:
+    objref:
+      kind: NetworkCatalogue
+      name: networking
+    fieldref: spec.ironic.ironicFastTrack
+  target:
+    objref:
+      kind: ConfigMap
+      name: baremetal-operator-ironic
+    fieldrefs: ["data.IRONIC_FAST_TRACK"]
+

manifests/function/baremetal-operator/v0.5.0/replacements/versions.yaml

@@ -0,0 +1,30 @@
+apiVersion: airshipit.org/v1alpha1
+kind: ReplacementTransformer
+metadata:
+  name: baremetal-operator-versions-replacements
+  annotations:
+    config.kubernetes.io/function: |-
+      container:
+        image: localhost/replacement-transformer
+replacements:
+# Container versions for the ironic Deployment
+- source:
+    objref:
+      kind: VersionsCatalogue
+      name: versions-airshipctl
+    fieldref: "{.spec.images.baremetal_operator.metal3_baremetal_operator.baremetal_operator.image}"
+  target:
+    objref:
+      kind: Deployment
+      name: baremetal-operator-controller-manager
+    fieldrefs: ["{.spec.template.spec.containers[?(.name == 'manager')].image}"]
+- source:
+    objref:
+      kind: VersionsCatalogue
+      name: versions-airshipctl
+    fieldref: "{.spec.images.baremetal_operator.metal3_baremetal_operator.kube_rbac_proxy.image}"
+  target:
+    objref:
+      kind: Deployment
+      name: baremetal-operator-controller-manager
+    fieldrefs: ["{.spec.template.spec.containers[?(.name == 'kube-rbac-proxy')].image}"]

manifests/function/baremetal-operator/v0.5.0/upstream/basic-auth/default/credentials_patch.yaml

@@ -0,0 +1,24 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: controller-manager
+  namespace: system
+spec:
+  template:
+    spec:
+      containers:
+      - name: manager
+        volumeMounts:
+        - name: ironic-credentials
+          mountPath: "/opt/metal3/auth/ironic"
+          readOnly: true
+        - name: ironic-inspector-credentials
+          mountPath: "/opt/metal3/auth/ironic-inspector"
+          readOnly: true
+      volumes:
+      - name: ironic-credentials
+        secret:
+          secretName: ironic-credentials
+      - name: ironic-inspector-credentials
+        secret:
+          secretName: ironic-inspector-credentials

manifests/function/baremetal-operator/v0.5.0/upstream/basic-auth/default/kustomization.yaml

@@ -0,0 +1,19 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: baremetal-operator-system
+resources:
+- ../../default
+- ../../namespace
+
+secretGenerator:
+  - name: ironic-credentials
+    files:
+    - username=ironic-username
+    - password=ironic-password
+  - name: ironic-inspector-credentials
+    files:
+    - username=ironic-inspector-username
+    - password=ironic-inspector-password
+
+patchesStrategicMerge:
+- credentials_patch.yaml

manifests/function/baremetal-operator/v0.5.0/upstream/basic-auth/tls/credentials_patch.yaml

@@ -0,0 +1,24 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: controller-manager
+  namespace: system
+spec:
+  template:
+    spec:
+      containers:
+      - name: manager
+        volumeMounts:
+        - name: ironic-credentials
+          mountPath: "/opt/metal3/auth/ironic"
+          readOnly: true
+        - name: ironic-inspector-credentials
+          mountPath: "/opt/metal3/auth/ironic-inspector"
+          readOnly: true
+      volumes:
+      - name: ironic-credentials
+        secret:
+          secretName: ironic-credentials
+      - name: ironic-inspector-credentials
+        secret:
+          secretName: ironic-inspector-credentials

manifests/function/baremetal-operator/v0.5.0/upstream/basic-auth/tls/kustomization.yaml

@@ -0,0 +1,18 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: baremetal-operator-system
+resources:
+- ../../tls
+
+secretGenerator:
+  - name: ironic-credentials
+    files:
+    - username=ironic-username
+    - password=ironic-password
+  - name: ironic-inspector-credentials
+    files:
+    - username=ironic-inspector-username
+    - password=ironic-inspector-password
+
+patchesStrategicMerge:
+- credentials_patch.yaml