add sample

bundle/manifests/csm-config-params_v1_configmap.yaml

@@ -0,0 +1,10 @@
+apiVersion: v1
+data:
+  csm-config-params.yaml: |-
+    CONCURRENT_POWERFLEX_REQUESTS: 10
+    CONCURRENT_POWERSCALE_REQUESTS: 10
+    LOG_LEVEL: debug
+    STORAGE_CAPACITY_POLL_INTERVAL: 5m
+kind: ConfigMap
+metadata:
+  name: csm-config-params

config/samples/storage_v1_csm_authorization_v2.yaml

@@ -0,0 +1,114 @@
+apiVersion: storage.dell.com/v1
+kind: ContainerStorageModule
+metadata:
+  name: authorization
+  namespace: authorization
+spec:
+  modules:
+    # Authorization: enable csm-authorization proxy server for RBAC
+    - name: authorization-proxy-server
+      # enable: Enable/Disable csm-authorization
+      enabled: true
+      configVersion: v2.0.0
+      forceRemoveModule: true
+      components:
+        # For Kubernetes Container Platform only
+        # enabled: Enable/Disable NGINX Ingress Controller
+        # Allowed values:
+        #   true: enable deployment of NGINX Ingress Controller
+        #   false: disable deployment of NGINX Ingress Controller only if you have your own ingress controller. Set the appropriate annotations for the ingresses in the proxy-server section
+        # Default value: true
+        - name: nginx
+          enabled: true
+        # enabled: Enable/Disable cert-manager
+        # Allowed values:
+        #   true: enable deployment of cert-manager
+        #   false: disable deployment of cert-manager only if it's already deployed
+        # Default value: true
+        - name: cert-manager
+          enabled: true
+        - name: proxy-server
+          # enable: Enable/Disable csm-authorization proxy server
+          enabled: true
+          proxyService: quay.io/dell/container-storage-modules/csm-authorization-proxy:v2.0.0
+          proxyServiceReplicas: 1
+          tenantService: quay.io/dell/container-storage-modules/csm-authorization-tenant:v2.0.0
+          tenantServiceReplicas: 1
+          roleService: quay.io/dell/container-storage-modules/csm-authorization-role:v2.0.0
+          roleServiceReplicas: 1
+          storageService: quay.io/dell/container-storage-modules/csm-authorization-storage:v2.0.0
+          storageServiceReplicas: 1
+          opa: docker.io/openpolicyagent/opa:latest
+          opaKubeMgmt: docker.io/openpolicyagent/kube-mgmt:8.5.7
+          authorizationController: quay.io/dell/container-storage-modules/csm-authorization-controller:v2.0.0
+          authorizationControllerReplicas: 1
+          leaderElection: true
+          # controllerReconcileInterval: interval for the authorization controllers to reconcile with Redis.
+          controllerReconcileInterval: 5m
+          # certificate: base64-encoded certificate for cert/private-key pair -- add certificate here to use custom certificates
+          # for self-signed certs, leave empty string
+          # Allowed values: string
+          certificate: ""
+          # privateKey: base64-encoded private key for cert/private-key pair -- add private key here to use custom certificates
+          # for self-signed certs, leave empty string
+          # Allowed values: string
+          privateKey: ""
+          # proxy-server ingress will use this hostname
+          # NOTE: an additional hostname can be configured in proxyServerIngress.hosts
+          # NOTE: proxy-server ingress is configured to accept IP address connections so hostnames are not required
+          hostname: "csm-authorization.com"
+          # proxy-server ingress configuration
+          proxyServerIngress:
+            - ingressClassName: nginx
+              # additional host rules for the proxy-server ingress
+              hosts: []
+              # - [application name]-ingress-nginx-controller.[namespace].svc.cluster.local
+
+              # additional annotations for the proxy-server ingress
+              annotations: {}
+          # openTelemetryCollectorAddress: the OTLP receiving endpoint using gRPC
+          openTelemetryCollectorAddress: ""
+        - name: redis
+          redis: docker.io/redis:7.4.0-alpine
+          commander: docker.io/rediscommander/redis-commander:latest
+          redisName: redis-csm
+          redisCommander: rediscommander
+          sentinel: sentinel
+          redisReplicas: 5
+        - name: vault
+          vaultConfigurations:
+            - identifier: vault0
+              address: https://10.0.0.1:8400
+              role: csm-authorization
+              skipCertificateValidation: true
+              # clientCertificate: base64-encoded certificate for cert/private-key pair -- add certificate here to use custom certificates
+              # for self-signed certs, leave empty string
+              # Allowed values: string
+              clientCertificate: ""
+              # clientKey: base64-encoded private key for cert/private-key pair -- add private key here to use custom certificates
+              # for self-signed certs, leave empty string
+              # Allowed values: string
+              clientKey: ""
+              # certificateAuthority: base64-encoded certificate authority for validating vault server certificate -- add certificate authority here to use custom certificates
+              #  for self-signed certs, leave empty string
+              # Allowed values: string
+              certificateAuthority: ""
+#            - identifier: vault0
+#              address: https://10.0.0.1:8400
+#              role: csm-authorization
+#              skipCertificateValidation: true
+#              clientCertificate:
+#              clientKey:
+#              certificateAuthority:
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: csm-config-params
+  namespace: authorization
+data:
+  csm-config-params.yaml: |-
+    CONCURRENT_POWERFLEX_REQUESTS: 10
+    CONCURRENT_POWERSCALE_REQUESTS: 10
+    LOG_LEVEL: debug
+    STORAGE_CAPACITY_POLL_INTERVAL: 5m