From 0aa2dc221d9544f114160bb4084c9034e9b4eef0 Mon Sep 17 00:00:00 2001
From: actions <actions@github.com>
Date: Wed, 7 Apr 2021 00:55:12 +0000
Subject: [PATCH] Merge pull request #1087 from
 thedadams/fix-rancher-operator-0.4.1-rc1

Put '-rc1' back in values.yaml
---
 .../rancher-cis-benchmark-1.0.400-rc01.tgz    |  Bin 0 -> 4843 bytes
 ...rancher-cis-benchmark-crd-1.0.400-rc01.tgz |  Bin 0 -> 1452 bytes
 .../rancher-operator-crd-0.1.400-rc02.tgz     |  Bin 0 -> 8637 bytes
 .../rancher-operator-0.1.400-rc02.tgz         |  Bin 0 -> 1094 bytes
 .../1.0.400-rc01/Chart.yaml                   |   10 +
 .../1.0.400-rc01/README.md                    |    2 +
 .../1.0.400-rc01/templates/clusterscan.yaml   |  149 +
 .../templates/clusterscanbenchmark.yaml       |   55 +
 .../templates/clusterscanprofile.yaml         |   37 +
 .../templates/clusterscanreport.yaml          |   40 +
 .../1.0.400-rc01/Chart.yaml                   |   18 +
 .../1.0.400-rc01/README.md                    |    9 +
 .../1.0.400-rc01/app-readme.md                |   15 +
 .../1.0.400-rc01/templates/_helpers.tpl       |   23 +
 .../1.0.400-rc01/templates/alertingrule.yaml  |   14 +
 .../templates/benchmark-cis-1.5.yaml          |    8 +
 .../templates/benchmark-cis-1.6.yaml          |    8 +
 .../templates/benchmark-eks-1.0.yaml          |    8 +
 .../templates/benchmark-gke-1.0.yaml          |    8 +
 .../benchmark-rke-cis-1.5-hardened.yaml       |    8 +
 .../benchmark-rke-cis-1.5-permissive.yaml     |    8 +
 .../benchmark-rke-cis-1.6-hardened.yaml       |    8 +
 .../benchmark-rke-cis-1.6-permissive.yaml     |    8 +
 .../benchmark-rke2-cis-1.5-hardened.yaml      |    8 +
 .../benchmark-rke2-cis-1.5-permissive.yaml    |    8 +
 .../1.0.400-rc01/templates/cis-roles.yaml     |   49 +
 .../1.0.400-rc01/templates/configmap.yaml     |   14 +
 .../1.0.400-rc01/templates/deployment.yaml    |   57 +
 .../templates/network_policy_allow_all.yaml   |   15 +
 .../patch_default_serviceaccount.yaml         |   20 +
 .../1.0.400-rc01/templates/rbac.yaml          |   43 +
 .../templates/scanprofile-cis-1.5.yml         |    9 +
 .../templates/scanprofile-cis-1.6.yaml        |    9 +
 .../scanprofile-rke-1.5-hardened.yml          |    9 +
 .../scanprofile-rke-1.5-permissive.yml        |    9 +
 .../scanprofile-rke-1.6-hardened.yaml         |    9 +
 .../scanprofile-rke-1.6-permissive.yaml       |    9 +
 .../scanprofile-rke2-cis-1.5-hardened.yml     |    9 +
 .../scanprofile-rke2-cis-1.5-permissive.yml   |    9 +
 .../1.0.400-rc01/templates/scanprofileeks.yml |    9 +
 .../1.0.400-rc01/templates/scanprofilegke.yml |    9 +
 .../templates/serviceaccount.yaml             |   14 +
 .../templates/validate-install-crd.yaml       |   17 +
 .../1.0.400-rc01/values.yaml                  |   45 +
 .../0.1.400-rc02/Chart.yaml                   |   11 +
 .../0.1.400-rc02/templates/crds.yaml          | 3302 +++++++++++++++++
 .../rancher-operator/0.1.400-rc02/Chart.yaml  |   14 +
 .../0.1.400-rc02/templates/_helpers.tpl       |    7 +
 .../0.1.400-rc02/templates/deployment.yaml    |   23 +
 .../0.1.400-rc02/templates/rbac.yaml          |   44 +
 .../templates/serviceaccount.yaml             |    4 +
 .../rancher-operator/0.1.400-rc02/values.yaml |    8 +
 index.yaml                                    |   69 +
 53 files changed, 4298 insertions(+)
 create mode 100755 assets/rancher-cis-benchmark/rancher-cis-benchmark-1.0.400-rc01.tgz
 create mode 100755 assets/rancher-cis-benchmark/rancher-cis-benchmark-crd-1.0.400-rc01.tgz
 create mode 100755 assets/rancher-operator-crd/rancher-operator-crd-0.1.400-rc02.tgz
 create mode 100755 assets/rancher-operator/rancher-operator-0.1.400-rc02.tgz
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark-crd/1.0.400-rc01/Chart.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark-crd/1.0.400-rc01/README.md
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark-crd/1.0.400-rc01/templates/clusterscan.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark-crd/1.0.400-rc01/templates/clusterscanbenchmark.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark-crd/1.0.400-rc01/templates/clusterscanprofile.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark-crd/1.0.400-rc01/templates/clusterscanreport.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/Chart.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/README.md
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/app-readme.md
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/_helpers.tpl
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/alertingrule.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-cis-1.5.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-cis-1.6.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-eks-1.0.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-gke-1.0.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-rke-cis-1.5-hardened.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-rke-cis-1.5-permissive.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-rke-cis-1.6-hardened.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-rke-cis-1.6-permissive.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-rke2-cis-1.5-hardened.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-rke2-cis-1.5-permissive.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/cis-roles.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/configmap.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/deployment.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/network_policy_allow_all.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/patch_default_serviceaccount.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/rbac.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-cis-1.5.yml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-cis-1.6.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-rke-1.5-hardened.yml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-rke-1.5-permissive.yml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-rke-1.6-hardened.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-rke-1.6-permissive.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-rke2-cis-1.5-hardened.yml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-rke2-cis-1.5-permissive.yml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofileeks.yml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofilegke.yml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/serviceaccount.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/validate-install-crd.yaml
 create mode 100755 charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/values.yaml
 create mode 100755 charts/rancher-operator-crd/rancher-operator-crd/0.1.400-rc02/Chart.yaml
 create mode 100755 charts/rancher-operator-crd/rancher-operator-crd/0.1.400-rc02/templates/crds.yaml
 create mode 100755 charts/rancher-operator/rancher-operator/0.1.400-rc02/Chart.yaml
 create mode 100755 charts/rancher-operator/rancher-operator/0.1.400-rc02/templates/_helpers.tpl
 create mode 100755 charts/rancher-operator/rancher-operator/0.1.400-rc02/templates/deployment.yaml
 create mode 100755 charts/rancher-operator/rancher-operator/0.1.400-rc02/templates/rbac.yaml
 create mode 100755 charts/rancher-operator/rancher-operator/0.1.400-rc02/templates/serviceaccount.yaml
 create mode 100755 charts/rancher-operator/rancher-operator/0.1.400-rc02/values.yaml

diff --git a/assets/rancher-cis-benchmark/rancher-cis-benchmark-1.0.400-rc01.tgz b/assets/rancher-cis-benchmark/rancher-cis-benchmark-1.0.400-rc01.tgz
new file mode 100755
index 0000000000000000000000000000000000000000..d429cf8ceb5cda20a10f5d0bdae43f40f31ad3ff
GIT binary patch
literal 4843
zcmV<H5)|zpiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PJ0TZ`(MN-+#}aVxT^Uwu?x9iQ^Q;JqKjd+#<J4w@AACV9{rh
z($d)GV~JErDqdeU-{n5beX;{dNtR_herck#T@8xHmdGJF<Zov9HWq~WV-&7Wr8_|8
zk0T-`&C@Xv%A1iW{O$p$)oQhR-LCoDYPHIL+nwIgckOQL@UYWrA9fGFYqgIK+uiS=
z^$>+`qC_epzH5DUS>?ukB}5qGiYUsN>^A^>qDaU`o==nt(WAUc62)E0q#|M1hn2&{
z^+oXah$w%&l7o*z(ILek&%QEQKxG_~nafCoeK<Y8f*-O1R;JhKWK4YQgRTvaQ4qz2
zD`!$+v@#2qeF!N_{#f}o7W{?=DBaPGFg)k)JU>jNLLq&^Wb>xIGQYqOiNv%4D<!ou
zUqW4<M=@u})Vh2mroW<)l(RnEv>POj3tzpK*KGtSeL-Vop1mLAf=~b%8H6Z7B#cou
zGUCm-gG4_ORL#J&4>$t?lVpH`p+c!EZJXbqzUDqwDwh3b)7M%;dTEW#V387)Y=(Tq
zWm8u`bFt0v<jtrt!P%6HK=vDMUTEV!dEI2KG>vSvT;aFcji(09H$<!T{|yNfln-S9
zHt7FO>$p|c|3}@UTK`u;&)_u<NfIiseGWq|R%6j?JcIXRDuGHM@Y~778+XV>M3lk+
zhBQQ-;5GUo5ePR#P^)nihXF#YHA4WDDGoE92v8WsAyFv3MuSFVgvR<%nQ1Kj6+mFj
zB~@I^as|;W>NS%{kx`}vUEyopoT-*8pRo0evQ)0tdIe4`uj6$z7tZ(~;j{G|A}RzI
z7`R!|{KEpfcF#L(Gz3bX2p?r1ZtofZ&)^>jiA+cs&Oo5gqX=05j4LfO8KX~!GYHb&
z$#Vl?fld%2xj|66Lx}DWpEK!Go=C&mA9L!X=}a}&#h~zP?~zb)pv)KAR!Q*3g!%Tb
zP{uxJ^^fd^3eF;AO2U+?F@#i`E5kdl$^pp4AM4^TD5F}{dvHF~{R;tyDPapODP&8S
zZLKnu8}cyZQ_4n$dq|m1LV|xK(!7s!0StYVl8D)XX}`dTo7N-vi3n#f5X8u4s8GQ3
zxu~CeDbt85<KR3406$Lp&~CM&^m~Mn>DG4V)dfwP_$fiTZH@-x0bXH<z8<)`cN>a_
zdW0Ic3O@YaXprHMGOA|w^(f>65~dE93egTR>$#+Oyu=ZeN*Cfd=51<&-x_Oao@t5u
zDqKH4(*z4B>9o8~qd`Ixwt3bw2>LK2p+p0o8x*FdQzDq{mI#%gzI?}p>cgwnt5$7-
zzY$t(|8wo!ydGm1qmZ78_jUy~&i~q-lKnsK9Us^BzY4m&ZGI1DOeO*$pHXQOFVSje
zNg@QT5@ype3WV>QcXy53TUT2q$`BkqQOa{V;NEHDrW1IVc0%O6&H4VB+cRgyoXuv|
zS+yb5pBD<UiLO%)*CJJr^IUWY-mlhkwF)+yWUW-JdA3+kriS4ByKFjpF~Cq_{>52t
zMX5#2?;HQ1EZ|d_>2#RVFa#0=xp)+zOd0cS=BuDBj67)QBm)fjG<{q!GuqTnxtN5U
z1QL9nggPlme~dvAqVXBjm`f~jY%KMrd3mj0UKg0#Hn}iCZI6l*YHf#%=h#p4>IXO+
zqObbkyyaJE`TBA0+ktcTDIuY=AepB|!e5g%>3`!WP&N`ti2Ke5H|YOX_qe^N|2wVY
zZoU3j36=Dw^$We!DYU3}-G$|+h%@bGQa18@E|5#l=TY;f-I!1o^x+*3E^LZMgo*@2
z5$$F!FY?4Za8q9C`*bz$_BNj#E?E~3?(Q0TM$tE(YU*+u2iGh>z99n)rF{U4Yk1AM
z`YBBzV;)>s2ltExF{jLW#xBIh-}R|X{oh<)eLL!E6aEW}yi~ev?`RJtunGU2&S44v
z?aooV#(x!5M)x9Qa#WvMN9D>VY`!YLjPG=e<Oogun|F3)U8M8Yh_avZ)#bcor|q?m
zyq5E=AnWU(UGd+m3jduN|5eaq;J>#w{(Ck4E2i!7j}zUutw+Isx3>RJL=TJqbd0RW
zKTc%r0DMWbJ^n`%tPuZ)_5N=q^sx9($H;p8k0w~-|4X9n@h>KrtpT`WA_8O>Y^Mx1
z;=fy7|2yopS~dQwpohi(sxh)&8HidLJUQ)${}@F?rKC4o?Fnqge|i4j?X-I}{;QzJ
z!~cAY)EeN+rG4<<tHS=*^Z!cdvGCt}0Q+CB20lLRhyM!fe|`R|5_&xRKZO0SHNa!j
zPWbQaw*as^{ttV-`utBN^x*hk9wYa{zjH7CU)A`3WZDz|J2?QG@qbjd|A(!5|GyG?
zMEq~*0Mr`bDQOe_^>e|)&$<k{0sozLtGxf$YIke=S3+g{ivjUHlBh8k^nc9Ze{b?i
zuF?gUJj69efJhKg)(}aE=|Nf&(;o#-;{0T;yQpZ=8*JIFy?LVfwflT<%2jV;!G|=&
zmG4$Q6c}@%?5i6T1KEcUjxUfXbPm8t;voGLV2JipOq4%%4xAAx{dH=;f)i4yoZr{B
zvwYvb)K>W5kT{lx!Th<oGNa$E#Ali~ulH^>O79b{5;tc<I*LeKluQ2h`S;J44ue0)
zaJiv4{R&6RUu+z#=l|3?tfu{Gqy5i@!sFThR<Ctjw*Q^>VQv4bpj1bjUcMl4Ind0q
z!cK1}x~tXcF4uT6zVi?ig;~bClqbX}@@tZ5gdPEE7GneS?4b{Tx<*O;hg~kTYmjM;
z3R4hsEkURI&%bX>*t4uVeQ*{hG)sxiWygu^gM$;9z1I&%x@OL3UV?s@imq=jznV4D
z?B$d7|0etg7>9foA^VJQU>op%c-&p`|GV}1ziOz6ckO@7{kGS6&#!UY3ODF>fjvN2
zxTLq$6}^YP@RwCE<x^;#rf`Af)=UAiYMRd|Zm5qZzRwe;-YyBvO%o8CAge!Ticp54
z;Eb&lxFs7n2c9p;eC;)PE&bcu{HmwP>=i=pc=He<aCg_gH>n~cxVwA4Sd({27{22n
z^=ExJ38!Qx^Y_Mmo{O~5s_bed<dh4+h8ro=BfXtkh(=-ulqF<0%OzZ$o&Iup{{FY?
ztJ9OW*XI`}Kb{qeN^h=zhWv`5h86|5O;xVnpZvJ8I`<S}MZe7b=eIxq@XOD?Jw_YT
zphlb8w@`y^o0joj)2!3;tLu|DXP57<t}o8sU!I>{UBCPJ^8GUB=bOgK^ZR&To&9>I
z`{v#nr);wTIUA~b_V(n5H)pT6;h0^wE`-N0(RdvA6Fwze;mV@k{BrgF?DG2U$;ImK
zULDG!5JsrTb!ir;>GswI#eXAFm@}Klq52aTWdSk;?arLjLMWu1)jXJBISgY~j0rN8
z6;fm}XI-pKq4ZaaDbnlNYdB|NnC40Hz)bs>QVjM~NJE()Cc!;1H5T}<uX8cT$6ms?
z&;D=n{}`$%7nAGQ==Ez7hJ333-^Cl;H2*t1D*JzjhjskFYN))Rm-aVhqoswsxAv8_
z@b}CN%^1=D?-|x1=D|WRH2}&+0%f{7Xr5sCfgPXkXK}WOcy9BU&u8}IQ_K2Gq)qrY
zi{81Tu;{dIs{=ORzkRrL|Et@s@m~#<@juZ0J;(fi^T7(Fn?d19(f}yMj|OnY7)G8P
zH^-b$oIb={sw{r=f&G@mBS8XOPVU;x7T1E=>4SMF6W>P+FgSn#4!J<rJT{v(l(SrK
zEY9jae=;Ue4-J*gXx?hKZ{s}82*px5J9GB(yi=zwjo`R`YF0{Ty=Z6sylgpZDM`^O
z^m!B!Jq$iLX#s_OFmM*7W;e@Bv-C$d*8kuB(;<oCkxp>6&<pSR1ld2GH16bGx|Lx(
zGBGl{4K8yIHd+mxZ9x199}eHph^ju+;h}e-P5R$#@O@?+=uP_n_~^JC|FPYx@BdUn
z+ivC#P?1eLy2XVv635=+tndD?_^WaltHHGISPZSdat+d)QOWj@OS_$R=ejh-%^v1^
z+`I2@uMx=)lm(QHz9`8I(mLtSmpIfF$wYKd8yf)29ll=rG8y~}ePuep=3CVG3t5*e
z?k+P0-AilbzV-2h`&YFyp9RHk4O{P1?9#$QN8Qr}_E~z|W~(k;!v7}yU)bN9M}XVW
z8f={Zw>stc58YmU|Em(({rqRTGrK<eTehpYYId-^YwRtSI7n!yDC>ixM1oH4+~;Gn
zSW~m9`_vNrx@mX(?;Zhe5B&E!_4$uV=;86-s}%pe8vma~yWn4#=sv~EU)$+{jri}B
z&wm|ux;6eQp@+nO@jz8JM$&UvkEsY&1)X_nv3@nQ5B`gnzqZi;8}Wa*wEx#Ts@MN3
zp~u4i(#gxJG(h3j*;C8*YoOinziafDZSdb(+W)VA|EC(N!2b6tLw_OY%u~ztYoUGc
zzgzT|ee8d?RmXp+hAOfDRce6R{_jLP;(t{Hn9q*?ba>cXI{#D0f2)Qb82`(crE-h>
z=qg}E<e8_I?w3z{<9~-mfQ|U?me>EgN9{WPLnZX+_%GPw3N=9O1#C$>;2$S)=dFK3
zoABQ`F2{drw>x$G_e$s?@n5(D{m58Pe`n^Yh4&564)`BUwp{No(?0lb)$t!Ip@+nO
zA>6?u<3IhKnWq-sH$WTlzt@eQMcRb_qow!{?M|=W|Eq*b@m^LQZ!IHz`$!L)kHwbt
z&%@W@3C>=Z+W6Fcd>?JX{|yOgKon-jp<Q2Wz3-RN2K=`VkIM0%JN56sRz%OzAAlbz
zco8Cl7a`}9BnIccqw@|ph4bhRIQrkqm(Vgl82`*%J^$N~CoF*e-yxvBD!h=WvX@TT
z+h`X249DIK+aqTlp>}^3sgtumgG&=Ja5=vqY=q#Ql9&u=NEJotoxD3w^`9)Hq(c}J
z`4i5v@?I!@r37Uo@Ls0r{;gD{g(TXED)2)Vto>$d^|$K-_#6H~rINbeQl1MndV!zv
zB&KN#H4*qJp#lSNF0)Ukm#-xdfnb(n*vNx-MrlH-Pe6?kd@cman41e6It%z?B2;?a
zGfS%9sWFxIrDulS#^x2iJT=t5NLsD`FV9Y1Uz~Z-!<?hr<o|U$rTw3FS0}Iae+Bdm
zF6{__)AK9HH7A^Ej5QkXH98CK8`w}a5=6q70qgnIe0~O5pdv7lRDm-fh1f5796!PW
z7$MUvHTa`Aq}ro`G|VcfF;U<X1_OkEPg%%GfPvR&JcDzq3+&DB#>bBz8)FQkT$`*M
z&fqn{wfDuXvt}Gba9PPSHCM9@&!_H{>S#6oNgTTZNf6;f=ztCQ@3zb5zuQO0of`j@
z&>H+p4gJj2=Ad7Iw}C$&S_7T}JJBW{K4?}iPLb(HLoVQ4e`2WMDrN9;t~2ECFUCs6
zvfpe@r&G_TSs@-5qxsKIH0Nrh`O<4N{)-EUtaC8rA~O0w>zgs3g5r=!G!+{nQHj6<
z5I97k-|$4hhk*Nqa#IX=K98FEP4=L9)A9ajA~QkojYiW?j!gLl>7=?x+5&kP@~M`B
z)@z(0Q?lP^xbUH<YvyH-s2V2&Q*>5pG2u&aVMzy%2@7<0gd}19n6lCT{jV<igBFnm
z@k;*WQ$jM~Hs@(yg5o^1I#(o20s)y&g}QHbM=I3L9%rU`j0Y(7o0*p5PfM!ZgOj1|
zb*uk}lu<c8utTKSf=v1A!j|;^TJ`V3m0|0`i75c6&ad6Y7at3*_s5r(Lx4ldP{MSK
zO!vGJbTmo_dTyVJqjx|g2H8WKJAiDd5>B$}>5ezHBmiO>tCMH-F|9#mtD6V0)iq8T
zt*LaHv|M-V9kU@FB{l?@!IOTPwc-G#W9pAJTm5)$^lq{#MG6OPbP1c8z$kP`{j_5h
z2RWfJP-aWc8F;X2j1w5*G!Ij^ss-RDQt@bh-QGqsW44?a16y!bZzH!T!hjNm;Y{~=
zqPs!ybbQbION(^wq0FaDaI)O&HDb=QuM+g4FOxA+T*D$&ZFATFkub$D)PHqmvrtm%
ztC$E9p+X_kZu=bh&a1v8VJ(=G5QWlJyv*h9X1e{kEO~b%jzj9(N`|PUhO=oU$-!U-
zv~l31KgJ*l@xTlrsb^C*ZlOh15$ayU#=<!_3Ie8tDJ?&1KeAkk8(?EdZ%|JW4VO~E
z8I0tCVZ_jm2xKx5Xa)IU-na|SsN!bctE-raVh0T$<s4j+=1z6}f~=^7SmbMAS^==Y
z^!|rS^ij7*nn#yBQMikRSzG?XfNDN7FC)UpNc(K&-AgmQ&eB;qnNH$~N=2S^%SjMW
z&4+~HY*DZh6@0Xb`)1+bqg4n9Hdqk+c5?AXBQ{)^j&lJvm{VzP{ugqfYpSWHn!Zx{
R{{R30|NnnCu7m)r001-Sy)6I$

literal 0
HcmV?d00001

diff --git a/assets/rancher-cis-benchmark/rancher-cis-benchmark-crd-1.0.400-rc01.tgz b/assets/rancher-cis-benchmark/rancher-cis-benchmark-crd-1.0.400-rc01.tgz
new file mode 100755
index 0000000000000000000000000000000000000000..81e986e04035fa185b59b118d5f8c07f642150b1
GIT binary patch
literal 1452
zcmV;d1ylMTiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PI>{liD^Azh^#$CVj>+f3L&ag`}Od&E<x>rq7GK2kP09M_SV`
zoqqR@Yy-yF7=t0X3H!oGEB)4%e!D9z)*$&Db(;&*o}%RQ0Q5_nYwzuN4w{@L1pdv5
z;<~Oo?Dyke*LCy1?x1^n)9JgtUf1pP`n?;sGjxaD8|I#B_z;N<fxdB1wv~UmS0W&#
zA|Rop8MPSWK;WyH!-2?0N2s?PHHl||-iW1KDI7Kzo`-V8-jI&)P2ms;0h$mvj+kYe
z3Q+?o-8M@@7!*#?=pz_x+o@~&yIgHSD88UJLdg+ZbXp!7u0=?3`=c}jzHb=Kk&P$s
z4SQC)7|Ur@8KPx~BL-pU3m&gpYq7H1aa^bGx^2zfPU~B5>%mg)|Aay41EG1#{m2k%
z!$BSu4=ViscG&H2`+v978(jVWB9iqS2nBv6l(uD@m!FMw!9{0^1fAB4klu)mBSR{f
zpiz<L_#U5y6tNowNZ<j14I+sXWmsbzF3iTQTP8$q2ZHCtv%!DRLK5n+@}nS$L~Zul
z<LCPap!tY7hJYgD_+V%f$wv<IL91us<2?k}Vr*q|oY>3^h?R-g8qz|}N}x>?1fZ7=
zDFQ!(__S`<013gE493H%Sp(u3MD{U$Sv6}wm=_UdARbrE8W8`0mKlh@R?Qj^Qqf%!
zE~kEWtL_!CoZ<k~lmSm7Ktm8@-|vqi)n3RDxnuYoy~sz;a%QaLvzR$tEBToAXUUcC
z&VkRgio!UzWvHG^jv38Z>O&in#=W5*Y4Eolrp1`yD%?=oc0^O1I$nyGEXs)e`(KN(
z1^B{?b5f#IA<Dalk6(KBnFB~V84I;dyd+i_F;41_D=8WikK1;<Z6#we@_oCRBW4c)
zIc09KvY<OVPz$*1VXb6$a#vdcy!WZCXe5+&!N)3+RD_>Qx1ntoZ{fDs<-GGz)8yF4
z+xPBPz@mSaV-<uxQlX8_V@{RwG38_lkPSnTJ{l*{tLfj!sgNE8D#MjV8+e4=;RVVl
z$oI9`I{Ici*YR{C$I!L#F;h1@z=7`ZD_NS~?XcxI-+5dyNXVHbQFC6&l}vK;4zmPd
zP(Zi+RJ3vXNrN;orj60X9I9k|g-a%u{tP`JJg1caje*(O;5C9-#qs9Rclp{RdaOPR
z_MY%@0LejXSZ--NVL~64jb$6uTIupMP!<>WaOt%CWcT?Du(bB$f{<MGx}|$qe70{U
znB`B6&7i8OLA^llSCptT2e16pqV%7hjvJ$%O>gxNAX{hi`qOQqJ>t~!B6c>QdRBZd
zt3S<NVCv2)p=d#Ou4|DgL9JWqWj47&#0tg|-efk}kkU2;Bt4hB|JSVlY)WM{3PBb1
zpYCul$kl&(-ERL{|G9)*r2eyJ&FO_8duLCPAGBHsFLmFo`p=f8vIGza`Fk`)Es@Zq
zi;=<nRHm*5hOc{p%hZ*?Jl=(Ot5r=d&7UC5Rl_QWon$C3<sWEmGxqeF$=X6$@nplc
z@3V@Mqi;j^wLPnUehbOpI*phqa+-#a3mmx#<X3$#sG0x6<Y->+Z=j0&-|62DbNRn}
z+q?e%a}l{n{!dxcO!i;1bT^~ED^i`Fak76U737=M+kKzeCcj(_742U{_=JWItqxXH
z9QM>3j;QRs>VSM<sTuz@hN|{gK~?d8*zM)x|KRra8vidL7m5D~YnloFjsF9D`Ft{o
zm!mA5q>J?<Ws~#NXOo4r+x^3z^2?<>{!c#Kz5n#V3A~eSRDJ*1>34JAe-8TY;2Qrg
zAwTW;*zt}{5*_1n(8OpC#Kg|$l#xM?O_yb#RDSC>yvkLsa+RwT$^QWW0RR7Am{17-
GG5`Qrw&Umk

literal 0
HcmV?d00001

diff --git a/assets/rancher-operator-crd/rancher-operator-crd-0.1.400-rc02.tgz b/assets/rancher-operator-crd/rancher-operator-crd-0.1.400-rc02.tgz
new file mode 100755
index 0000000000000000000000000000000000000000..7f5ae211a0cb6b77029f7a3ac3a174cc7f8bdb81
GIT binary patch
literal 8637
zcmV;uAwu3CiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PKBRcO$0~Zl3)sdhK^Po=f)GYu-GzGjTE(A8TgvjOdcY5e*%n
zWqbD8|NX4K$dWy3F5NW9cJq*|u_V3%imIZjC<J1731Y%?5J+(`!6N<jY>9+AzC#)P
z#Ya0iIXU_F+qc#KPfkuA|NrE--+ue$)!UOdZ(g6gdh_<TUrt{A_WIT9Uy>6q=!RBE
zg~Tr>y|Eq-?uj(S7*|LU&g8qJB*91_$`{8NDMjI!@Lw?qMdk$3cS*x5d%w0MX$tIJ
z@-HO{_}AXAFqDDJ5r+Gowp=Igq=Ibk&$xV-P{NAay`Ku8fFw-H&iC|-MS6sC@*RXE
zoV`odua8ik-~aRE_|@^-qZA|-Bv;j+uInz6FHIN8Ss@kAu0irbU^s_4VWgU`BMs*I
z0m8}2MBtOxN3j=sPusiy6=XR@3goX?q_Vdl(C+`YC;xu?`qiWT|9@VcydC#{h_<^q
zP)^`h0W1F{k5~VZ<px{7nt?*Ej#h-F?^-v*Q3eX7NTE`Q)cXR{LMjmQxM8vFrah85
z;PQ(oO{-rcdL;-`AkH`~vRV>Nl0T<kK3^fVe3u+cg;XJr1)%iqC`mRD*Z2QccR9RE
zq!NTJT7HZv0j8#a1*p#`gPnf<DrSH=o0G-9&K80f`TaiM8Ako{irOS;=BFNX^_QF$
z0@3Y693_dwyzKh(MiQpw--?-N=CkRlCiq?Q-~SyY$r@3TRsy>IkmtZouP(p8nc^j6
zsQzP;<f7ccifsC*`e~+l)AoI*Y?w18IK85X!39fmPMCW5jU-_OrD#UsT~Z48M<2Fz
zT(%{bKXqp8aL+0{LgZp^ul0{gURpG(@c1)6`+tDdgO6Y(&#Kk;HfWTgADo>DNP#JW
zXw7y0ry(UWr|7QaC;y$3tej;?+vj=4IR(Ui`h1nizu?Y4MXO>4f`J0Lky+j$C|@iH
zTYSCC_pNJ^5Cz%Z4=jKU(AK0QA<*4VpE91phf-9z(ye3Ux}_kAfOJZJ>}4}c;&+Fz
ze}~@V5xEKm2Ke<<E?fAu16u3qmTi$2o?zPcUfoEB7I3+D>-ruNVNxN6q1-Yd@F<!A
zZDrMmMumy79VoM+&2gN2bkXiO3x=0p8&kaZ%$j$3*@%W^9KaIW>1r&nz?kcH?a>2P
zFJ`RPJVUp^<X%QtFsxEHRc3UXrP2XWyUGIoDL|@e&edfjpEP{$QSfd|`LAg40%Vlj
zncr5EscsqrB>EWl8&u5@ix~s;3<suO1cw$9#ChYF@PMVI+o)E2K^ex~>ll#>vPKF{
zF$TGJ#Vvbp6O(x{qXY-(e!A;adDss37$;yc$iY@tE(m$Su(-=rKZv%;mw*dF)Lo}z
zXykd9Al3xKHKzl(QZ!2BaA%}VLD;K?U<24I3R^$gIJP`H{Z_>c>Mn<I_qC2^^~SgV
za`i?Q`9h!+rb-|Mi@nYf(~&Y2h_ES$HHgnVZMPrHc6HU$-(0ME_arNF&N#z`5WsM&
z*T;OUxvA*!(3Mu55AO49MW-Ai+5|LC3$<(u4d~baqcafu1z$gj3atEX2jBGkpETSQ
zHZh~W?$_{wEeHeO(S|hT>`y-XN;2Sub6lk9V1Pxc`@LkC7U^ECdbr9D6>14g5scbw
zC6n}%X#bQN#%)FUF8$ggiB(Ugv!c}K07noFu{SVVa=z*XV&mk*2rogiRh$5=MwZku
z);U@HPWD@uLtq*XiQ11#?&pI1=*;{X-@oCl2WcE2&+n6#_BA*EMU)NKZE0pmmgD-P
zC9G~*7?h@><>c*1zGfQQqVxU`q+FgZfT_|h>0u1YWoe!aPHG8KC8G=tq={ns#29`o
zg#<Aqf_95x%8T?$@HI*IQ(@d>H}cHXhxJHoblQUQ8KOGPVi*3aLhmI-lZ`89QiW|M
zge`PpW7BLRB#&^EAXrU)a0U~+1l+3s-64R^9u33Pw?oL!I@Y**f}1p{U=vfAH6SSp
z{d5osLyO=PCP)~fu*0Dj3RJ~{u@<9t3Pyup=Qs{<xz}SLTSSZQ-N0YgAOvZ*VV!8S
z05*OF{U`*4RVoOjXI0K@ZN5l(!-bYt{hpW}!M9r+148REs0IUV_Z|-eT$ww8;WkYC
z9^n<A&voc_3V&a(=Y?oJz&`BVl)AI8_lw({Gx*sZ>ZkWViBj!*ykFnfpoGB??9ll&
zQt**v#9~667W2N}_XS?*_eCG7|L@hbf7ftZxjH|g(zN<r@NB9OOOZ%FzW2DnOw&g>
zO5Y=j7zQz2X%bF-Z*9uk-KE1IX6Tk=MfP!L#McFdGhX=En7JSs5_hL-L@1gOO4Qx7
zzC03cgbfW-j3@*L-(<6WFrA(}!<NSR*RsE`!+nsy5E!~T3<Sr#zxWu^(ow)rSlg<Q
zut`(=v~y8S-=|5;77{)oh8B=sR@Z#g-NokioR`kUsgz{Fw%uQzhnul=rqAd1ju)K!
zOT_CK^38bG!__5Ae}_FIO}ZR>U(p&U_a9z`J;Kf?$E&I00xh(hW$PWC$%)n7fuUR{
zWWl(A$(qw5g9-ZK&snNOA=M;>HNh~+4X16FuC2T-{`}XdP|Hanw0$Lmtq(?%xgo?m
z9C*qzL|8O`Vgql!&odMOxrK{rIP~_s-QlrogDTp}H}LURz7}4whF_X$QNd$Pyp?F*
zbw>CQ@K^v+Fv&P0ifemJoD|@ka-;}bOc<yeE>_W2l+Gp@s3ngFpBv1x!3l_JV`bHu
z?os5}W8}Nx+(`-)Y3`iYZJ;4GBxLAzBFxU<#M)uD+qp8Q*d@<3wpvJ-aIDapX#EU{
zZ#z1(aBkQN+U5$a?K;{shy*0?a>7L<5o0xzl?&3#G?pF3vJZSjp4T#8Lg?6YN~AUu
z$aeN6mZT|fL_sKnOUrr)o92__JmzpAg)lHf{4g2rBzTW+R4c;~AQcypjw6Is#sf^|
z)SO&pZ#cv~-|BLDhefWhY(>K6D4z&kuv7_>Pp~Pjm^f)dU6$*n4V3(qMLe#rvq@3J
zGR?}fU3tt)$>ACw%@NdxE~xLrPb_*&VvcxCgenj{GioiLNq03f)Fo-3gW82TDyW)7
z)_!wNqxlXt`3gDb)GCVc+%#5ygWqs7qDmScrru=Q@d~PGe^SB#iPJ)Hi4g^Hg#>E9
zed+I>Ar~O8KwLvk3AV^LU`0057z`P@?Vr(<5f9mrjHg~lmJ3(|Q&Ykg6s|a7>UTtF
zp%-8_cC&Felp~n}1*~x;KjoW*^$4qr{Dbp5$xron3$4)-TX|Ow?qfN)b0)6@;ex2U
zGm4}Pn@M8BMM;O6T23m$QbG8&pNc$1N?Rku8Q0#gMk!&7ZxsbzRjn-rNiCGWF;wS=
zn&bY?q$Dm@hvk|j7B~7k5gX7a`HU}rSNs<s=d0AYLINgfyO-{%m8mFZbrOmv#(1ig
z9sRJO;uHkZ?lZ##*$GmZ&jA~pYX0@$N>}fD7|6{NE1_|>3poYMS?b&7Fnc=Jh!%m1
zJX>fPFG9!80`g{LTU$Ne?X3*mP79$=qjdsK+>$a}?5udVhkaVYK2phxTq*%5s~)PU
zyi(6X*=xsLCrO`kyaLg`W?q|zK~oXKSQoK&)V@b}1*|m;;xJ9x(up<LA4=s7p!G@F
zkD-||dBrJdFOTR425yx=r=q>4_0v8SRKvSq>tSuND339OHx3%m-v!US0o!{G>QZo@
zQ2rO(U4!=SyE7GTlq5EWa7QW<H`hgC#eLyusXYw(d>jw-*yMdAE}oqvnG>LCe7@Rw
zSnxoWw3--GA(3zdIV|ZWtoi$4EG_0tA;Q|@fW7HS+*daxYa-1T0z#3qS+c{R$AQ=C
zcLGM$^a$aAIQ^-rCaW)o^4nDQ^!Mr>?I&Ka_6L5v*wtAHVOBl<?c5qz@Ek3Sm01P}
zH%2&62ter<Mh&vVmdRx?i?MJG?8R*!*k2rB0}i|Q(2cyHNGgKgZ>j<KV@Z33HkYP?
z8qVN}o9@VwP{b?*5~mbq+wGP(>Xo|0fxhBN-G-VlOTAVVW;{1sR~gEafbf#A#V1X%
z^-dHdZj6-@xw1P73`@he>&uuV#NXl78}t$J?L|Q+8m#J=IP6-}YYYSJ+F=A{eQt}r
z4doIEW6`!@iLm4V4Eb{IFBERS{LTGnixaRh|D*$*b#pp#c3LQ1e#)lVB<LT8xN_f!
zX4#SqyAdlY;`?w8$8qA|1GBl87hix8X1r(fOiwaHZrpLpJpQuPmU%MgwfpF6gq_pm
zVhng*vpcd|8Wz^}hZ}!8IQBcSxU)lD|6G|zitJXWZg$2|Z<4Gh$w3wjXfoQ##^E%N
zee5On2^UKeL&6DSar5<gdtn$);i{NXBA3(Aq}cmq%dCg!-lUCPbE=devqIU-w)-u=
zPJ;+>i1!uLO_G$~up1=O(<_6EcC@<&w7cw6!|K+_u5cwP>5weegS@1ReVDkXkA)}E
z$wEs;tJiK`-E;4HP}gPebjZf*L1EH$`#9z2#URivV=p{~j@$bX&TE!5K$fe!b5lL8
zVS+J`lEQEaz!5xgbkvg{=4aD}CBk-@@+D*-Oo!hm6f>=j`!kA2_7$?6T2zu4_@HJ}
zz_)APWkZZ{rN7j@=SLk+G@BMyj(0?Jww{dDum&K{X)3Bp`Gm8tBm=2XW_<oS29YUH
zD2e<a5QZxdgr`=w)V)#bVx4ZuJ?J@|6NV`HVNrf}+pN!=oA!h@wT)wW(-y!$AZ3}u
z;)Oh?sc7hPIw^Nybc$v`M;);b%SlJnuSulU>2b*I*yZGyboRU?eO4^#x@yVB3uEcx
zKOB0$zluPu6Q9<t=2oXex+h{gOl@6H=gDxcB5v-PSd?~Ro?!afK9bd&ET@^P3apqa
zNyj3N-!Kr@Fb4q)yJ(0}4YjoDVbL$;w4OI7f(Ufm-q74_+s9Cz2*GxD8oZO*fhXKV
zQ%p)N9$z>FLJwOLZQ=#aax0wNmq6zq2{S(X5Q8=+9t=g6Bge@c@L--=j6upzJRMYD
zKcQo{%ic_pLQ}_RUPt1(Sv)8w#y97^k(hKB!S32OJdN&pH#ChM6xl|*IB-=rPNXCw
z?bR>#x4zE4B%Y1dcjcX(D$O&R;|$wkI?iy1A4!Y18XmTwx*<afSA{=7O1D65(!~Vm
zPH5d6E_3X*Ufh}V;n2jo7We)Zm-4D|Wrt<z$QgC(J>;H)_BQD*M&!d^cJQY67KN_V
zR+8hRW8^Lw)y=@_Msa}_VD&K3!xru|zHTa^*(U^tr|vN4&WRy>U#plK+z-$6{x>Zw
z+-(Ei;}|9zQ6aGa_4nVO$I>9l%?+_hmw4XOU@HVD+}4Hk#tWZOC@{Q6wrwx#YT#I>
zqazu~V3%sGB}(;pN(^y=6q51Fm^Ea4`}PD1nk=fkX-T94rXm%hj4y)+DsGymu~~5l
z8EVT}L|sG9V~7DFDi7^YcmFMCKIf9er(#X)@(W_iq53vVl$wgb(wq}b757f~iK_^D
ze&q};*M7;R-}3hMOCNjIRaC`ixjsb3DF=j?C_gRK@|;M_*I*+_T}}d<?x%I6%x~xM
zZ5qOeB1mz|8-@cC@=rwd({S%4E0v2?f^}raqmzBfg+eybn&<858eIh)$w&rs6>R*`
zR~3gIyoQVM&<u-W>&7;ChT5qjsvp^s&GLIs%lB>Vh!}=di5uH2h<M=0mt1i+`n{4o
zeF84Z(#pBvB3_g#{yM$zSCVqU%Wr@onfzH-f3!~M9<2VOW$p8A3s%I=IXAIGGGq57
z*G?&}Ju?=2<V(8Lb=)>D^tu%p*)*4`kJ}b&f;;Ae_PlE4mJ8~7CnoGYFt-<My-?_O
z_1Jldt?L_a+bCPB=30|@+j{Q*K6f7a6fCG){EYfe^^CVI_5eC(<&XN&uJu@*t~Hal
zE$ZIxTv2)3V(*Sl^_I6SKKWg$F>hOJ`a27!!?!J+DXe2KqgCY8#uKNxy&R2t_)=j!
zasEW%z$Z=#VofldV$2JszVa1VpG1PmSX870*x^2@kR))Mle&ncbJgkIq`FEjSD6)Z
zCLP(=>FaTCSN&7)*`4WKfI;FG3%deAPc3F8U_qpcn^diUAr|q)jo432Zz6{WA2$@U
z7!kwx;bM}ZMN|S-a94gSCJ7m5L~)x(44!*(WX^fS47@Qpvm+VFfXSJ0^@k;)5+e$i
zUtXjHUmyiHD5{l{3$6f{hnsVrArdu*e-t5|$VdhhAyU!{R?=co;nQhR>Uu{5=3Ci4
ztXGq96<K%6JE<V*3xh7zlVU3ji&(+4&Jm3LLbOBNp_6;b*|jvjQEd73xXv^e4|^vP
zT<n3TA?j-N#A93`if<i{=3pl>k^#-ZLogF|sjz%aDe^X6%X|p}UhvJ9dpnyFd>8X7
z$|F(^gOlwNETb~9#h0w;GuaADrSdB-TFra2C06zz`*p!U-Egte8Tt-`)hq#95O#aX
z76PO^yMJ`+N)RrHx-%97_Cy3vVQQ#$?^cx1l2a`>)M11g-Za!+eA<J{1z(f2-O=lZ
zNff8eLz=BqV>oZxsVkVz0sA}LTM9wriPk@)-QxoOakmR;mCWKyfccPIJx&mI*rBvn
zk*7$(R0*VD(aKU*P&V78R2PITzE!BY8MU5ITbnXNx8E3ABT{#3Fh-m#7h68Iv09{I
zC7g(}Ak09N_TyDC1HnLn)Z7^|600S$36{5n>`iN*ff5AEX;p+{v{AZ@aI{f+qiCoV
zkW+$D>%2Ii=(N~q3XP`FXbO#{P}4GWJ1vAc5pM`1Xf(tIFvJ?~PZtvjVe+~D^_35e
zXTyRBwCUeIC$+lJj{o3>hbk@N&I6R$a~r2VSXmD98s-Az@+;9hi2cv+Hwogb-FrD4
z=wEuxKMbhJ0q++Tm#_ih?p?Yc`Qjt2K^yq?i=7Idf8>igc`F<&RCpInsr4x(`tY1@
zaEx+OsLL~Cer<78#WUuu0>RGj7|KF&a}7IHNQFdQ%<?OqPKz1S=Y07^U2>^T7r<2b
zja%L7xGE^EBa{(<r^W<3&%kUh(07WoxyQaCr9zZmN=39!mv}}k;jRRqlaL~Lh2|^t
zUhoy@ugN@pyR91O8706}Pz!1YH>eS{DrRt+ldxNdzTri{xvk(XD%FE%bGUluY@DIn
z&pZV=UE>b|<=WH`zmuI|B-J%yi_(IN0XtPF<i=(EK^!9_a0;PqnhJA`L&NfXPT{te
zj#C-Xkg9>h8*nwQ>6X9{m`!L-llwFP@)`t1ci+W4>`|Vt<tNCvxcf*l5^%ivOnemx
zuLxUw=4{GPNbJo)=xkZA)s*}QINzdRA7=U4rs`c#;4eGe9f5+Tiq5AxdS1OTwASBY
z7z978nI{=iRZ1elYKnPCpGpaBmE7$gwv?UW?Vkt8flZ(dw!8xIIjGK(l_;xk9f#E&
z^>xe3fGcdSCF2>-RO-twTp{5UlT&tgvjhQWBH+x{&}WQ9vg8X1e{iWjgJRNr!NWWD
zu4;?`e<jG8P*^}3K`*bfY@0M66xLiS!82rN>v}EbUxSJ)V-^8Mlwck@x{fI?QWKgr
zV&ZKsw!W}nQ$bAcY6hKxIYo@Y3!j8c6+JFFjVZNHd2l%`7VRo%y!10>y6%2$%yjJz
zIcB;xZOk?8M$`?UHH5ZQawO#q4|fvpm2u0{{X@}c7xNsTG!>w81^83xDaR`i)AGL>
zHRca*$)#c_gD-0kg6N!f{xC}!FBqby;ii?M8R*`<ceCKU$5UO#saHchHPlq`H>bHa
zI_M8aaGi=UCTT=mDqV7hl*=kD@U+lX?5O+Emm`vLc?MyYqJh#^8Sx6I&4Tic6lz=w
z5vIHOVB~3AJIm%cG}L_}i`ss}04tKgX_}hrj1B{DaXyJ?(t49$`ijuL_KIOlMi|{V
zashL4+qUN|yKbR97i5hTG#ULZ`?Qx$O5}N6M6{psFdO&&#9kpZsSX}to;+s?kcx}F
zLd3)vnx7_CEFl@n<&tZwTKez_YUfXIg%p&g2ALC#)c(;L$uLb8Mka{FZqDkony#+R
zC=TH^*>15e7YvKL$|K%lo#|&xH(RC^1BF{fm5os}LwHr>XPnK6_OTJ~9xt#fecr(?
zu&Gr_noP4lcwv6v#MTj83L6DXSv*Q@-=%!>-g1c&*XeR8s){fMDGgUJI#H3h*pg+N
z6?kP^WO!&=a3K}X&QN?xpt%<spOQJJhKPO`Is_~%pNAioj=C!H0c;(s^H4=Gn!{I;
zfmA3nzJO;hbjx$7;eu1*ARDcQQ(H9Q++jE@ngC={H$&W1M)aG|d5@pNRWZ0#0-cJ5
zb`-8|@&g#PVZ&6zeoqX6>}RsP7i|5!N4X$c3)@cA8XrUSeDyZuJzvvfBAzeY*qjf%
zUqYzd7akE!y1wwibT@=uyi5ta8Tktk!keK!b2)5W_NLlEA4d*KGa@D7tacO>!k=Mi
z>nA`t(bU)N1f4hq*ogjS*>K2p#;DPaV)<;C+haG_cD=XF`H<=UkeLfN^dc;AJ&xB6
zb5^S23x;`W_0DoM67AlX2~VEQZi_*eKsSd+mbL4pA?sisuyT2BZ)jQ^Cb5H<H$Adv
zg^uVAx|3H0rI+QQNh>VvjA>M)M1AC8gELM#Ww4mToQq6f1ELcNi7Ve_==RiHgg9{u
z>oon=v7JG>Hr24`*0HTL7<NT+WBtC)bhsKiJR@qVOnZH|Sw9|Iw{V)X6Ox_q+%{3r
z!KTXHNG%&R)iC<GbzGCA+qxu;MNk#(a2lHP3^rihhu3+49wybE2^&Dpu0irbVEA_Z
zah%vzOxKBZmx*;7=d`_vhEqdKX*W4qw}s$#2F>HvYaNq5Ynkj!Z&e(r3;CTUx^BHk
z-gE5U=H8X3>(-I8>o!h%w`q5DNNihh!B<ESA4;JzDw9^sE^|6gXDg=bbgn_n#_4Ru
zbeql&k}1H!)qyJOuUe)++a}oArT46XscWRbUv1Z?<y3SFOAYJBvJIgOO9d@C!Acf6
z2rc&`#H<j~%Gp~tH@9WoFv3f)^^10g`Nzdn=>nh*G9>64<LbuLHUj&wCGgA4Y8vxO
zx9#bVGH^<0&eJL2LJ)Ole!9tSx7N2Z<o4=bggbD}?V-pwyGDcPQFC%g4Qdl@9`|;z
zC!7zKU7fuMB%WzstJ~Ll9bx<UrB`ql+QHa|+`8H40qy;De+OsM-^rQW3)`nZlFnY!
zx;;gIF9Ny1*|^Qy+qlg)ZQSNndy3nfq`(wWRykF>&4Ww21GTHbzVkj?yo1we+dQ$7
zn|o>7T#5=jZgJ!JT}5hKsx5EG?`ts$@4Sy|g)!r|Pi8ld_C?ojM*HGX2QSFJ==8H*
zaSNBhbx1&R-p-xZtP`^Znz}LKV};w)cRQnnR3I+%>Mg=>&hrNTGf(0ECB$&(<30Wt
z5cC@F@z-rt%)tC^p55zcm9RJ?X~5_A#?bULX5KM0-3`r7yT(%Pqk4S-8+TN%bt}~?
zZFc}T=+$#3>xX^A?bHo&;P-7uo&Jn>%uCVfb42L$2IXJ08^`X@z5oUSDJb_pVT+xD
z_x<}0Y<mzk7wG<V@XN5^qvi1e#LH-T)UC8Ua=~v~<Ks5A$Eb>*F$=vERUBBwjaudf
z?3_`{)J@_gq(x89@u+2<F$;}arW@L*Wm?*(WgfSuK2XE5Yd<!<!L0X!7#>45j!`>T
z`Ui=7_I)Q6WbGAOO==fma>mFx<domtyJOl|$ZDyLY*Rws2b#lSewgL8-#i@TA6%+%
zXrC|&3HK$RQ@9O{7kUZ5tYs)LniDqYGp$L25ha+PvDW7ryu#dX@>ZSX6;8EQLiGvr
zJB8ctJP6cho(|3r4AB7WP@;t628QVG6fxFb8rLgQ5Po2Y24Dve>YU#&%8}+7Oix%`
zK-&K9h*yx)LUD<a#yjB$E@d)9@}FTrbk8RHL70cwJPpX;!iTVh068$9H6ZU1UO{^q
z2tQb>VmAE7X+T14oCa=6QotwxmSCWHB;Gg9w0R^w$nY{yf?z|6kRK?vAnf)^7h3d$
z!&9Ifqk$z-&eO{WSqa0!-2hs{;Nq`B8QyZZAuQ!L@+#yMYTZFaz7QydsS-%RVlRUl
zX)yUtQlUwQa~Pp6H77&2-xyjWQgzlC(K$s!pA;YB{>{Z|aB0F*I4@`PlI899h^??}
zVofPfQ1G!7E9XdQU%|Iapqg`mJ>+361j29yf^Z+t-!2#zaE>73Yzq2HnT~#3(>N^d
zgWHUuk4yN5uqy#`ayx|UwG~;w90V{7>Hg|yT2LM5N}zxh-@6Ta%d!k9yu7&0OEZ@6
zcJtB@Vz9gLZFnYmh$ux#7HXNiA#vA;7N$U()s0-I8>p7Vbr`TdPGu3db5IuTSQWQ^
zL^EiA$=@yBX*mxT^Xf3ZE>f*s?5yCmXMwXl!Dy;1_6uK?R9l#8R+d<O<SA|4)`d2!
zuBxZn-09hq+(asHAxeGFD)P)~@TQ{2Ls#yMwfE0bAyqt>nzjW(3t*~_F8+LTy?qWb
zCBW3Qs+sY5PX!Py)3q{ObB)Dghn&?y<|j635$Sq9rbw!<0x?<j`IWR)KCuun20>LK
zealm%U`Uh<q-@QF>EFEoB-<*#_V4{?9{1UM_3<EmYqq!rlmD!8`K%IT>4*C6$sR4x
zE_4K-^e0)>w(Iv0{^(EZMhhkDSKEJ8OEjtL1l1ojqBq?crc_*%oLK+mXfl}`?bHrV
zP)^`h0jv5uUj0WN6aMS^)eIDRbyOAhP0p%%$D23z&S6eiwM&mOP$+E<kTnsx;3dKG
zSRjU%AdWFoio!ABM>2=1?Ch>_Qcj#W<Fv>&WBGIX<#TmpNsh}O95-@n+Svcqh-#<@
ze|p3g^=oFy&qOpYGS=%-kM61_x%x{^3xVi%7)MDWF)zFRym`nmE&o=`9u=Qyc1-f$
z{~c9!FG+XUh3CLduP(p8nc^j6_s8vh0&z1*o7N^YA5Dulv&ZHrq%qmeM<DI-$Dbu?
zKJxg(G97b_M;yONkxm0^KV}%rbW78BfB%LfjQ#PYzcR8M#{g#Ivyu6NQ&5oQ6e-XN
zeixy9%_)3s`g|anAAoJeb5qA*P}%&`6UciucDn#XIca+iuT?<wJ6{@p-M&GM59}Tq
z!G>2r50%^}Kx)eqd51-2iyUt4ZC^hxL_W_5O9@-}v(Lqjpf0!Hj)7jv@V>_Rt{!+_
z)848MHe(BJv^T)h3e>`Q->3pVj+lLquXO9FEyyySCdSjmc$(OuBl>CLvDAHMul63%
zZl(7s;aNFEdYivL&%Bk=-#g>`pPlO7-~M{r{raoakH1d)n>qv8Fu#m#Y-1bS%V_^U
P009604O<wl02l%QX#BI3

literal 0
HcmV?d00001

diff --git a/assets/rancher-operator/rancher-operator-0.1.400-rc02.tgz b/assets/rancher-operator/rancher-operator-0.1.400-rc02.tgz
new file mode 100755
index 0000000000000000000000000000000000000000..42f7000c15911f6137878e65f18c4bfbe4c31f70
GIT binary patch
literal 1094
zcmV-M1iAYkiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PI*zZ{s!)^;y4SAfO0PKnnd87Xo@nv)e_1HVv}CUIT_2%j{Al
zK~nCfhW>k@4=c7LJ82R)SXA#~iQ>$VCf}PO4V7$#CQup;b;_Jyt*CL~15L%~tw0DN
z7qeOUO9*NIlEq>^8qdgdIw9lfY(666*=$ZmK;CQwN03=Z&4|1@R(o>a38<9HQOA|E
zkq5x2qe3Miqs|EoxjLtrQvsLOQ6VB|Z<m0X_~(>5w(2!zXdGX1j2p||Zum{3;VDW-
zMFhSx8T!2)S3HhU9_=D&idIvGJ%hCm)?wOfrfdX)%j{e4S8ddq$7q9OZ6aVIvkr|7
z>i|0)*W+G$g953=pcq_tTprc@3mVInj9@+SsMgIZ3CH2gi_tQ}wJV#hlypW3xUJkk
zX1Pq@6L)`V>m7)&-t$LDU>KQrqtU3t|1}jE+BX$|r}#gajNAObSPc9>33y5qESPUl
zE6bfS56$*D?`$IgN0SKF<t_>gD|UP7;U*K}MhVUyBKU22t=x@4i_&>sBGf$<wYE4>
z#sa9A_yLzR6YdrhZe0=B_r3T2L;h#z@ZVvo1$Ai8?^Y;uA#+Z@P70pl|8zoH{9lmC
zeBl2nu-OC<<C04Rzar&bT(R=b)U@;=$aAmg$d?d)sq#Zb>urkbrE_DZ4VP{S{tx!t
ze~|+e7MmCUaXcvF_VauHpWhpf@IOW^)I(8~y|Nm3g8$?3Y|`fcd_EcYe+ulDo>XgF
zRIp#Uj3fBaEWekcqcL@~$lV7DOskO<pDhYxPMIprmnVbY={*WtH9!%h#~fh0?`p%H
zhy}!+kHcO7wgV}^lysC!G>v7U6YEDeK|P)8%RfGTzPY^m*n9yf3*ldlN~4`dfF(x}
z-{Nw=wQj$mZWT3y51X?{)3++O;B2#LCVWJ9L&)>Zrjg9jID9PBAkU-DXGasr^Rp)6
zf%V!O&~EkScRaSbK%V=xxka<)3@;f|nRM6vk=}cU4>*P+`fu(jdy{kEQ~Ez8i<bUh
zOv!A}|5IRB|H}oZnOiBt|0(Z;!mmHs`dXt(3Rl(D$E_0hoUC9nfj062pqhU&D$}J9
z7d2dY;<PF=4C^+F%%HR7GgETOla%V}wb9Yyb&ck}HaYw8tn0hTVqNbs#Z*bV4e(go
zv|I{qUHOn;_4{{uxz(LP=kCX^+EXfNf@Rgz{<IW`t=85kiwSjR=mkOGy?mX1;WFkj
zdDe0%fpu!zPWMPO51_j#4i^a7{a?sjxf?38&wJV9uqD9Go!({>-d2}s;q|sP&xa)Q
zQXJ9$I=j<qeO{3Xo;v@J+xkBtGqM=;{}kA}dfuu>i<!?*j`yC%fB^#r4ET@uHvj<t
M|L^YvT>u~e0OiLU6aWAK

literal 0
HcmV?d00001

diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark-crd/1.0.400-rc01/Chart.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark-crd/1.0.400-rc01/Chart.yaml
new file mode 100755
index 000000000..40039f9e9
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark-crd/1.0.400-rc01/Chart.yaml
@@ -0,0 +1,10 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/namespace: cis-operator-system
+  catalog.cattle.io/release-name: rancher-cis-benchmark-crd
+apiVersion: v1
+description: Installs the CRDs for rancher-cis-benchmark.
+name: rancher-cis-benchmark-crd
+type: application
+version: 1.0.400-rc01
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark-crd/1.0.400-rc01/README.md b/charts/rancher-cis-benchmark/rancher-cis-benchmark-crd/1.0.400-rc01/README.md
new file mode 100755
index 000000000..f6d9ef621
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark-crd/1.0.400-rc01/README.md
@@ -0,0 +1,2 @@
+# rancher-cis-benchmark-crd
+A Rancher chart that installs the CRDs used by rancher-cis-benchmark.
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark-crd/1.0.400-rc01/templates/clusterscan.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark-crd/1.0.400-rc01/templates/clusterscan.yaml
new file mode 100755
index 000000000..beca6e1f8
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark-crd/1.0.400-rc01/templates/clusterscan.yaml
@@ -0,0 +1,149 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterscans.cis.cattle.io
+spec:
+  additionalPrinterColumns:
+  - JSONPath: .status.lastRunScanProfileName
+    name: ClusterScanProfile
+    type: string
+  - JSONPath: .status.summary.total
+    name: Total
+    type: string
+  - JSONPath: .status.summary.pass
+    name: Pass
+    type: string
+  - JSONPath: .status.summary.fail
+    name: Fail
+    type: string
+  - JSONPath: .status.summary.skip
+    name: Skip
+    type: string
+  - JSONPath: .status.summary.warn
+    name: Warn
+    type: string
+  - JSONPath: .status.summary.notApplicable
+    name: Not Applicable
+    type: string
+  - JSONPath: .status.lastRunTimestamp
+    name: LastRunTimestamp
+    type: string
+  - JSONPath: .spec.scheduledScanConfig.cronSchedule
+    name: CronSchedule
+    type: string
+  group: cis.cattle.io
+  names:
+    kind: ClusterScan
+    plural: clusterscans
+  scope: Cluster
+  subresources:
+    status: {}
+  validation:
+    openAPIV3Schema:
+      properties:
+        spec:
+          properties:
+            scanProfileName:
+              nullable: true
+              type: string
+            scheduledScanConfig:
+              nullable: true
+              properties:
+                cronSchedule:
+                  nullable: true
+                  type: string
+                retentionCount:
+                  type: integer
+                scanAlertRule:
+                  nullable: true
+                  properties:
+                    alertOnComplete:
+                      type: boolean
+                    alertOnFailure:
+                      type: boolean
+                  type: object
+              type: object
+            scoreWarning:
+              enum:
+              - pass
+              - fail
+              nullable: true
+              type: string
+          type: object
+        status:
+          properties:
+            NextScanAt:
+              nullable: true
+              type: string
+            ScanAlertingRuleName:
+              nullable: true
+              type: string
+            conditions:
+              items:
+                properties:
+                  lastTransitionTime:
+                    nullable: true
+                    type: string
+                  lastUpdateTime:
+                    nullable: true
+                    type: string
+                  message:
+                    nullable: true
+                    type: string
+                  reason:
+                    nullable: true
+                    type: string
+                  status:
+                    nullable: true
+                    type: string
+                  type:
+                    nullable: true
+                    type: string
+                type: object
+              nullable: true
+              type: array
+            display:
+              nullable: true
+              properties:
+                error:
+                  type: boolean
+                message:
+                  nullable: true
+                  type: string
+                state:
+                  nullable: true
+                  type: string
+                transitioning:
+                  type: boolean
+              type: object
+            lastRunScanProfileName:
+              nullable: true
+              type: string
+            lastRunTimestamp:
+              nullable: true
+              type: string
+            observedGeneration:
+              type: integer
+            summary:
+              nullable: true
+              properties:
+                fail:
+                  type: integer
+                notApplicable:
+                  type: integer
+                pass:
+                  type: integer
+                skip:
+                  type: integer
+                total:
+                  type: integer
+                warn:
+                  type: integer
+              type: object
+          type: object
+      type: object
+  version: v1
+  versions:
+  - name: v1
+    served: true
+    storage: true
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark-crd/1.0.400-rc01/templates/clusterscanbenchmark.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark-crd/1.0.400-rc01/templates/clusterscanbenchmark.yaml
new file mode 100755
index 000000000..aa6fc2218
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark-crd/1.0.400-rc01/templates/clusterscanbenchmark.yaml
@@ -0,0 +1,55 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterscanbenchmarks.cis.cattle.io
+spec:
+  additionalPrinterColumns:
+  - JSONPath: .spec.clusterProvider
+    name: ClusterProvider
+    type: string
+  - JSONPath: .spec.minKubernetesVersion
+    name: MinKubernetesVersion
+    type: string
+  - JSONPath: .spec.maxKubernetesVersion
+    name: MaxKubernetesVersion
+    type: string
+  - JSONPath: .spec.customBenchmarkConfigMapName
+    name: customBenchmarkConfigMapName
+    type: string
+  - JSONPath: .spec.customBenchmarkConfigMapNamespace
+    name: customBenchmarkConfigMapNamespace
+    type: string
+  group: cis.cattle.io
+  names:
+    kind: ClusterScanBenchmark
+    plural: clusterscanbenchmarks
+  scope: Cluster
+  subresources:
+    status: {}
+  validation:
+    openAPIV3Schema:
+      properties:
+        spec:
+          properties:
+            clusterProvider:
+              nullable: true
+              type: string
+            customBenchmarkConfigMapName:
+              nullable: true
+              type: string
+            customBenchmarkConfigMapNamespace:
+              nullable: true
+              type: string
+            maxKubernetesVersion:
+              nullable: true
+              type: string
+            minKubernetesVersion:
+              nullable: true
+              type: string
+          type: object
+      type: object
+  version: v1
+  versions:
+  - name: v1
+    served: true
+    storage: true
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark-crd/1.0.400-rc01/templates/clusterscanprofile.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark-crd/1.0.400-rc01/templates/clusterscanprofile.yaml
new file mode 100755
index 000000000..21bb68396
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark-crd/1.0.400-rc01/templates/clusterscanprofile.yaml
@@ -0,0 +1,37 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterscanprofiles.cis.cattle.io
+spec:
+  additionalPrinterColumns:
+  - JSONPath: .spec.benchmarkVersion
+    name: BenchmarkVersion
+    type: string
+  group: cis.cattle.io
+  names:
+    kind: ClusterScanProfile
+    plural: clusterscanprofiles
+  scope: Cluster
+  subresources:
+    status: {}
+  validation:
+    openAPIV3Schema:
+      properties:
+        spec:
+          properties:
+            benchmarkVersion:
+              nullable: true
+              type: string
+            skipTests:
+              items:
+                nullable: true
+                type: string
+              nullable: true
+              type: array
+          type: object
+      type: object
+  version: v1
+  versions:
+  - name: v1
+    served: true
+    storage: true
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark-crd/1.0.400-rc01/templates/clusterscanreport.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark-crd/1.0.400-rc01/templates/clusterscanreport.yaml
new file mode 100755
index 000000000..017020a95
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark-crd/1.0.400-rc01/templates/clusterscanreport.yaml
@@ -0,0 +1,40 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterscanreports.cis.cattle.io
+spec:
+  additionalPrinterColumns:
+  - JSONPath: .spec.lastRunTimestamp
+    name: LastRunTimestamp
+    type: string
+  - JSONPath: .spec.benchmarkVersion
+    name: BenchmarkVersion
+    type: string
+  group: cis.cattle.io
+  names:
+    kind: ClusterScanReport
+    plural: clusterscanreports
+  scope: Cluster
+  subresources:
+    status: {}
+  validation:
+    openAPIV3Schema:
+      properties:
+        spec:
+          properties:
+            benchmarkVersion:
+              nullable: true
+              type: string
+            lastRunTimestamp:
+              nullable: true
+              type: string
+            reportJSON:
+              nullable: true
+              type: string
+          type: object
+      type: object
+  version: v1
+  versions:
+  - name: v1
+    served: true
+    storage: true
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/Chart.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/Chart.yaml
new file mode 100755
index 000000000..e2589187b
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/Chart.yaml
@@ -0,0 +1,18 @@
+annotations:
+  catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/display-name: CIS Benchmark
+  catalog.cattle.io/namespace: cis-operator-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/provides-gvr: cis.cattle.io.clusterscans/v1
+  catalog.cattle.io/release-name: rancher-cis-benchmark
+  catalog.cattle.io/ui-component: rancher-cis-benchmark
+apiVersion: v1
+appVersion: v1.0.4
+description: The cis-operator enables running CIS benchmark security scans on a kubernetes
+  cluster
+icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg
+keywords:
+- security
+name: rancher-cis-benchmark
+version: 1.0.400-rc01
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/README.md b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/README.md
new file mode 100755
index 000000000..50beab58b
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/README.md
@@ -0,0 +1,9 @@
+# Rancher CIS Benchmark Chart
+
+The cis-operator enables running CIS benchmark security scans on a kubernetes cluster and generate compliance reports that can be downloaded.
+
+# Installation
+
+```
+helm install rancher-cis-benchmark ./ --create-namespace -n cis-operator-system
+```
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/app-readme.md b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/app-readme.md
new file mode 100755
index 000000000..5e495d605
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/app-readme.md
@@ -0,0 +1,15 @@
+# Rancher CIS Benchmarks
+
+This chart enables security scanning of the cluster using [CIS (Center for Internet Security) benchmarks](https://www.cisecurity.org/benchmark/kubernetes/).
+
+For more information on how to use the feature, refer to our [docs](https://rancher.com/docs/rancher/v2.x/en/cis-scans/v2.5/).
+
+This chart installs the following components:
+
+- [cis-operator](https://github.com/rancher/cis-operator) - The cis-operator handles launching the [kube-bench](https://github.com/aquasecurity/kube-bench) tool that runs a suite of CIS tests on the nodes of your Kubernetes cluster. After scans finish, the cis-operator generates a compliance report that can be downloaded.
+- Scans - A scan is a CRD (`ClusterScan`) that defines when to trigger CIS scans on the cluster based on the defined profile. A report is created after the scan is completed.
+- Profiles - A profile is a CRD (`ClusterScanProfile`) that defines the configuration for the CIS scan, which is the benchmark versions to use and any specific tests to skip in that benchmark. This chart installs a few default `ClusterScanProfile` custom resources with no skipped tests, which can immediately be used to launch CIS scans.
+- Benchmark Versions - A benchmark version is a CRD (`ClusterScanBenchmark`) that defines the CIS benchmark version to run using kube-bench as well as the valid configuration parameters for that benchmark. This chart installs a few default `ClusterScanBenchmark` custom resources.
+- Alerting Resources - Rancher's CIS Benchmark application lets you run a cluster scan on a schedule, and send alerts when scans finish.
+    - If you want to enable alerts to be delivered when a cluster scan completes, you need to ensure that [Rancher's Monitoring and Alerting](https://rancher.com/docs/rancher/v2.x/en/monitoring-alerting/v2.5/) application is pre-installed and the [Receivers and Routes](https://rancher.com/docs/rancher/v2.x/en/monitoring-alerting/v2.5/configuration/#alertmanager-config) are configured to send out alerts.
+    - Additionally, you need to set `alerts: true` in the Values YAML while installing or upgrading this chart.
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/_helpers.tpl b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/_helpers.tpl
new file mode 100755
index 000000000..67f4ce116
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/_helpers.tpl
@@ -0,0 +1,23 @@
+{{/* Ensure namespace is set the same everywhere */}}
+{{- define "cis.namespace" -}}
+  {{- .Release.Namespace | default "cis-operator-system" -}}
+{{- end -}}
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+{{- define "linux_node_tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/alertingrule.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/alertingrule.yaml
new file mode 100755
index 000000000..1787c88a0
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/alertingrule.yaml
@@ -0,0 +1,14 @@
+{{- if .Values.alerts.enabled -}}
+---
+apiVersion: monitoring.coreos.com/v1
+kind: PodMonitor
+metadata:
+  name: rancher-cis-pod-monitor
+  namespace: {{ template "cis.namespace" . }}
+spec:
+  selector:
+    matchLabels:
+      cis.cattle.io/operator: cis-operator
+  podMetricsEndpoints:
+  - port: cismetrics
+{{- end }}
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-cis-1.5.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-cis-1.5.yaml
new file mode 100755
index 000000000..39e8b834a
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-cis-1.5.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: cis-1.5
+spec:
+  clusterProvider: ""
+  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-cis-1.6.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-cis-1.6.yaml
new file mode 100755
index 000000000..93ba064f4
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-cis-1.6.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: cis-1.6
+spec:
+  clusterProvider: ""
+  minKubernetesVersion: "1.16.0"
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-eks-1.0.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-eks-1.0.yaml
new file mode 100755
index 000000000..bd2e32cd3
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-eks-1.0.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: eks-1.0
+spec:
+  clusterProvider: eks
+  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-gke-1.0.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-gke-1.0.yaml
new file mode 100755
index 000000000..72122e8c5
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-gke-1.0.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: gke-1.0
+spec:
+  clusterProvider: gke
+  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-rke-cis-1.5-hardened.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-rke-cis-1.5-hardened.yaml
new file mode 100755
index 000000000..b5627f966
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-rke-cis-1.5-hardened.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.5-hardened
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-rke-cis-1.5-permissive.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-rke-cis-1.5-permissive.yaml
new file mode 100755
index 000000000..95f80c0f0
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-rke-cis-1.5-permissive.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.5-permissive
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-rke-cis-1.6-hardened.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-rke-cis-1.6-hardened.yaml
new file mode 100755
index 000000000..d75de8154
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-rke-cis-1.6-hardened.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.6-hardened
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.16.0"
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-rke-cis-1.6-permissive.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-rke-cis-1.6-permissive.yaml
new file mode 100755
index 000000000..52428f4a7
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-rke-cis-1.6-permissive.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.6-permissive
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.16.0"
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-rke2-cis-1.5-hardened.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-rke2-cis-1.5-hardened.yaml
new file mode 100755
index 000000000..3d83e9bd8
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-rke2-cis-1.5-hardened.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.5-hardened
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.18.0"
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-rke2-cis-1.5-permissive.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-rke2-cis-1.5-permissive.yaml
new file mode 100755
index 000000000..f66aa8f6e
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/benchmark-rke2-cis-1.5-permissive.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.5-permissive
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.18.0"
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/cis-roles.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/cis-roles.yaml
new file mode 100755
index 000000000..23c93dc65
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/cis-roles.yaml
@@ -0,0 +1,49 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: cis-admin
+rules:
+  - apiGroups:
+      - cis.cattle.io
+    resources:
+      - clusterscanbenchmarks
+      - clusterscanprofiles
+      - clusterscans
+      - clusterscanreports
+    verbs: ["create", "update", "delete", "patch","get", "watch", "list"]
+  - apiGroups:
+      - catalog.cattle.io
+    resources: ["apps"]
+    resourceNames: ["rancher-cis-benchmark"]
+    verbs: ["get", "watch", "list"]
+  - apiGroups:
+      - ""
+    resources:
+      - configmaps
+    verbs:
+      - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: cis-view
+rules:
+  - apiGroups:
+      - cis.cattle.io
+    resources:
+      - clusterscanbenchmarks
+      - clusterscanprofiles
+      - clusterscans
+      - clusterscanreports
+    verbs: ["get", "watch", "list"]
+  - apiGroups:
+      - catalog.cattle.io
+    resources: ["apps"]
+    resourceNames: ["rancher-cis-benchmark"]
+    verbs: ["get", "watch", "list"]
+  - apiGroups:
+      - ""
+    resources:
+      - configmaps
+    verbs: ["get", "watch", "list"]
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/configmap.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/configmap.yaml
new file mode 100755
index 000000000..16e43f576
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/configmap.yaml
@@ -0,0 +1,14 @@
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: default-clusterscanprofiles
+  namespace: {{ template "cis.namespace" . }}
+data:
+  # Default ClusterScanProfiles per cluster provider type
+  rke: |-
+    <1.16.0: rke-profile-permissive-1.5
+    >=1.16.0: rke-profile-permissive-1.6
+  rke2: "rke2-cis-1.5-profile-permissive"
+  eks: "eks-profile"
+  gke: "gke-profile"
+  default: "cis-1.6-profile"
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/deployment.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/deployment.yaml
new file mode 100755
index 000000000..0d3c75e39
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/deployment.yaml
@@ -0,0 +1,57 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: cis-operator
+  namespace: {{ template "cis.namespace" . }}
+  labels:
+    cis.cattle.io/operator: cis-operator
+spec:
+  selector:
+    matchLabels:
+      cis.cattle.io/operator: cis-operator
+  template:
+    metadata:
+      labels:
+        cis.cattle.io/operator: cis-operator
+    spec:
+      serviceAccountName: cis-operator-serviceaccount
+      containers:
+      - name: cis-operator
+        image: '{{ template "system_default_registry" . }}{{ .Values.image.cisoperator.repository }}:{{ .Values.image.cisoperator.tag }}'
+        imagePullPolicy: Always
+        ports:
+        - name: cismetrics
+          containerPort: {{ .Values.alerts.metricsPort }}
+        env:
+        - name: SECURITY_SCAN_IMAGE
+          value: {{ template "system_default_registry" . }}{{ .Values.image.securityScan.repository }}
+        - name: SECURITY_SCAN_IMAGE_TAG
+          value: {{ .Values.image.securityScan.tag }}
+        - name: SONOBUOY_IMAGE
+          value: {{ template "system_default_registry" . }}{{ .Values.image.sonobuoy.repository }}
+        - name: SONOBUOY_IMAGE_TAG
+          value: {{ .Values.image.sonobuoy.tag }}
+        - name: CIS_ALERTS_METRICS_PORT
+          value: '{{ .Values.alerts.metricsPort }}'
+        - name: CIS_ALERTS_SEVERITY
+          value: {{ .Values.alerts.severity }}
+        - name: CIS_ALERTS_ENABLED
+          value: {{ .Values.alerts.enabled | default "false" | quote }}
+        - name: CLUSTER_NAME
+          value: {{ .Values.global.cattle.clusterName }}
+        resources:
+          {{- toYaml .Values.resources | nindent 12 }}
+      nodeSelector:
+        kubernetes.io/os: linux
+      {{- with .Values.nodeSelector }}
+      {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+      {{- toYaml . | nindent 8 }}
+      {{- end }}
+      tolerations:
+      {{- include "linux_node_tolerations" . | nindent 8}}
+      {{- with .Values.tolerations }}
+      {{- toYaml . | nindent 8 }}
+      {{- end }}
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/network_policy_allow_all.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/network_policy_allow_all.yaml
new file mode 100755
index 000000000..6ed5d645e
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/network_policy_allow_all.yaml
@@ -0,0 +1,15 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: default-allow-all
+  namespace: {{ template "cis.namespace" . }}
+spec:
+  podSelector: {}
+  ingress:
+  - {}
+  egress:
+  - {}
+  policyTypes:
+  - Ingress
+  - Egress
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/patch_default_serviceaccount.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/patch_default_serviceaccount.yaml
new file mode 100755
index 000000000..1efa3ed1c
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/patch_default_serviceaccount.yaml
@@ -0,0 +1,20 @@
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: patch-sa
+  annotations:
+    "helm.sh/hook": post-install, post-upgrade
+    "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation
+spec:
+  template:
+    spec:
+      serviceAccountName: cis-operator-serviceaccount
+      restartPolicy: Never
+      containers:
+      - name: sa
+        image: "{{ template "system_default_registry" . }}{{ .Values.global.kubectl.repository }}:{{ .Values.global.kubectl.tag }}"
+        imagePullPolicy: {{ .Values.global.imagePullPolicy }}
+        command: ["kubectl", "patch", "serviceaccount", "default", "-p", "{\"automountServiceAccountToken\": false}"]
+        args: ["-n", {{ template "cis.namespace" . }}]
+  backoffLimit: 1
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/rbac.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/rbac.yaml
new file mode 100755
index 000000000..816991f23
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/rbac.yaml
@@ -0,0 +1,43 @@
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  name: cis-operator-role
+rules:
+- apiGroups:
+  - '*'
+  resources:
+  - '*'
+  verbs:
+  - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRoleBinding
+metadata:
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  name: cis-operator-rolebinding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cis-operator-role
+subjects:
+- kind: ServiceAccount
+  name: cis-serviceaccount
+  namespace: {{ template "cis.namespace" . }}
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: cis-operator-installer
+subjects:
+- kind: ServiceAccount
+  name: cis-operator-serviceaccount
+  namespace: {{ template "cis.namespace" . }}
+roleRef:
+  kind: ClusterRole
+  name: cluster-admin
+  apiGroup: rbac.authorization.k8s.io
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-cis-1.5.yml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-cis-1.5.yml
new file mode 100755
index 000000000..d69ae9dd5
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-cis-1.5.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: cis-1.5-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: cis-1.5
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-cis-1.6.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-cis-1.6.yaml
new file mode 100755
index 000000000..8a8d8bf88
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-cis-1.6.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: cis-1.6-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: cis-1.6
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-rke-1.5-hardened.yml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-rke-1.5-hardened.yml
new file mode 100755
index 000000000..4eabe158a
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-rke-1.5-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-hardened-1.5
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.5-hardened
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-rke-1.5-permissive.yml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-rke-1.5-permissive.yml
new file mode 100755
index 000000000..1f78751d1
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-rke-1.5-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-permissive-1.5
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.5-permissive
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-rke-1.6-hardened.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-rke-1.6-hardened.yaml
new file mode 100755
index 000000000..d38febd80
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-rke-1.6-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-hardened-1.6
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.6-hardened
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-rke-1.6-permissive.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-rke-1.6-permissive.yaml
new file mode 100755
index 000000000..d31b5b0d2
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-rke-1.6-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-permissive-1.6
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.6-permissive
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-rke2-cis-1.5-hardened.yml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-rke2-cis-1.5-hardened.yml
new file mode 100755
index 000000000..83eb3131e
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-rke2-cis-1.5-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.5-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.5-hardened
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-rke2-cis-1.5-permissive.yml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-rke2-cis-1.5-permissive.yml
new file mode 100755
index 000000000..40dc44bdf
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofile-rke2-cis-1.5-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.5-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.5-permissive
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofileeks.yml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofileeks.yml
new file mode 100755
index 000000000..49c7e0246
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofileeks.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: eks-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: eks-1.0
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofilegke.yml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofilegke.yml
new file mode 100755
index 000000000..2ddd0686f
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/scanprofilegke.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: gke-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: gke-1.0
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/serviceaccount.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/serviceaccount.yaml
new file mode 100755
index 000000000..ec48ec622
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/serviceaccount.yaml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  namespace: {{ template "cis.namespace" . }}
+  name: cis-operator-serviceaccount
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  namespace: {{ template "cis.namespace" . }}
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  name: cis-serviceaccount
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/validate-install-crd.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/validate-install-crd.yaml
new file mode 100755
index 000000000..562295791
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/templates/validate-install-crd.yaml
@@ -0,0 +1,17 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "cis.cattle.io/v1/ClusterScan" false -}}
+# {{- set $found "cis.cattle.io/v1/ClusterScanBenchmark" false -}}
+# {{- set $found "cis.cattle.io/v1/ClusterScanProfile" false -}}
+# {{- set $found "cis.cattle.io/v1/ClusterScanReport" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/values.yaml b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/values.yaml
new file mode 100755
index 000000000..afbbe89c3
--- /dev/null
+++ b/charts/rancher-cis-benchmark/rancher-cis-benchmark/1.0.400-rc01/values.yaml
@@ -0,0 +1,45 @@
+# Default values for rancher-cis-benchmark.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+image:
+  cisoperator:
+    repository: rancher/cis-operator
+    tag: v1.0.4-rc1
+  securityScan:
+    repository: rancher/security-scan
+    tag: v0.2.2
+  sonobuoy:
+    repository: rancher/mirrored-sonobuoy-sonobuoy
+    tag: v0.16.3
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+    clusterName: ""
+  kubectl:
+    repository: rancher/kubectl
+    tag: v1.20.2
+
+alerts:
+  enabled: false
+  severity: warning
+  metricsPort: 8080
diff --git a/charts/rancher-operator-crd/rancher-operator-crd/0.1.400-rc02/Chart.yaml b/charts/rancher-operator-crd/rancher-operator-crd/0.1.400-rc02/Chart.yaml
new file mode 100755
index 000000000..372c3d213
--- /dev/null
+++ b/charts/rancher-operator-crd/rancher-operator-crd/0.1.400-rc02/Chart.yaml
@@ -0,0 +1,11 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/namespace: rancher-operator-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/release-name: rancher-operator-crd
+apiVersion: v2
+appVersion: 0.1.4
+description: Rancher Operator CustomResourceDefinitions
+name: rancher-operator-crd
+version: 0.1.400-rc02
diff --git a/charts/rancher-operator-crd/rancher-operator-crd/0.1.400-rc02/templates/crds.yaml b/charts/rancher-operator-crd/rancher-operator-crd/0.1.400-rc02/templates/crds.yaml
new file mode 100755
index 000000000..127e8d4ef
--- /dev/null
+++ b/charts/rancher-operator-crd/rancher-operator-crd/0.1.400-rc02/templates/crds.yaml
@@ -0,0 +1,3302 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: clusters.rancher.cattle.io
+spec:
+  additionalPrinterColumns:
+  - JSONPath: .status.ready
+    name: Ready
+    type: string
+  - JSONPath: .status.clientSecretName
+    name: Kubeconfig
+    type: string
+  group: rancher.cattle.io
+  names:
+    kind: Cluster
+    plural: clusters
+  scope: Namespaced
+  subresources:
+    status: {}
+  validation:
+    openAPIV3Schema:
+      properties:
+        spec:
+          properties:
+            controlPlaneEndpoint:
+              nullable: true
+              properties:
+                host:
+                  nullable: true
+                  type: string
+                port:
+                  type: integer
+              type: object
+            eksConfig:
+              nullable: true
+              properties:
+                amazonCredentialSecret:
+                  nullable: true
+                  type: string
+                displayName:
+                  nullable: true
+                  type: string
+                imported:
+                  type: boolean
+                kmsKey:
+                  nullable: true
+                  type: string
+                kubernetesVersion:
+                  nullable: true
+                  type: string
+                loggingTypes:
+                  items:
+                    nullable: true
+                    type: string
+                  nullable: true
+                  type: array
+                nodeGroups:
+                  items:
+                    properties:
+                      desiredSize:
+                        nullable: true
+                        type: integer
+                      diskSize:
+                        nullable: true
+                        type: integer
+                      ec2SshKey:
+                        nullable: true
+                        type: string
+                      gpu:
+                        nullable: true
+                        type: boolean
+                      imageId:
+                        nullable: true
+                        type: string
+                      instanceType:
+                        nullable: true
+                        type: string
+                      labels:
+                        additionalProperties:
+                          nullable: true
+                          type: string
+                        nullable: true
+                        type: object
+                      launchTemplate:
+                        nullable: true
+                        properties:
+                          id:
+                            nullable: true
+                            type: string
+                          name:
+                            nullable: true
+                            type: string
+                          version:
+                            nullable: true
+                            type: integer
+                        type: object
+                      maxSize:
+                        nullable: true
+                        type: integer
+                      minSize:
+                        nullable: true
+                        type: integer
+                      nodegroupName:
+                        nullable: true
+                        type: string
+                      requestSpotInstances:
+                        nullable: true
+                        type: boolean
+                      resourceTags:
+                        additionalProperties:
+                          nullable: true
+                          type: string
+                        nullable: true
+                        type: object
+                      spotInstanceTypes:
+                        items:
+                          nullable: true
+                          type: string
+                        nullable: true
+                        type: array
+                      subnets:
+                        items:
+                          nullable: true
+                          type: string
+                        nullable: true
+                        type: array
+                      tags:
+                        additionalProperties:
+                          nullable: true
+                          type: string
+                        nullable: true
+                        type: object
+                      userData:
+                        nullable: true
+                        type: string
+                      version:
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                privateAccess:
+                  nullable: true
+                  type: boolean
+                publicAccess:
+                  nullable: true
+                  type: boolean
+                publicAccessSources:
+                  items:
+                    nullable: true
+                    type: string
+                  nullable: true
+                  type: array
+                region:
+                  nullable: true
+                  type: string
+                secretsEncryption:
+                  nullable: true
+                  type: boolean
+                securityGroups:
+                  items:
+                    nullable: true
+                    type: string
+                  nullable: true
+                  type: array
+                serviceRole:
+                  nullable: true
+                  type: string
+                subnets:
+                  items:
+                    nullable: true
+                    type: string
+                  nullable: true
+                  type: array
+                tags:
+                  additionalProperties:
+                    nullable: true
+                    type: string
+                  nullable: true
+                  type: object
+              type: object
+            importedConfig:
+              nullable: true
+              properties:
+                kubeConfigSecret:
+                  nullable: true
+                  type: string
+              type: object
+            k3sConfig:
+              nullable: true
+              properties:
+                k3supgradeStrategy:
+                  properties:
+                    drainServerNodes:
+                      type: boolean
+                    drainWorkerNodes:
+                      type: boolean
+                    serverConcurrency:
+                      type: integer
+                    workerConcurrency:
+                      type: integer
+                  type: object
+                kubernetesVersion:
+                  nullable: true
+                  type: string
+              type: object
+            localClusterAuthEndpoint:
+              properties:
+                caCerts:
+                  nullable: true
+                  type: string
+                enabled:
+                  type: boolean
+                fqdn:
+                  nullable: true
+                  type: string
+              type: object
+            rancherKubernetesEngineConfig:
+              nullable: true
+              properties:
+                addonJobTimeout:
+                  type: integer
+                addons:
+                  nullable: true
+                  type: string
+                addonsInclude:
+                  items:
+                    nullable: true
+                    type: string
+                  nullable: true
+                  type: array
+                authentication:
+                  properties:
+                    sans:
+                      items:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: array
+                    strategy:
+                      nullable: true
+                      type: string
+                    webhook:
+                      nullable: true
+                      properties:
+                        cacheTimeout:
+                          nullable: true
+                          type: string
+                        configFile:
+                          nullable: true
+                          type: string
+                      type: object
+                  type: object
+                authorization:
+                  properties:
+                    mode:
+                      nullable: true
+                      type: string
+                    options:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: object
+                  type: object
+                bastionHost:
+                  properties:
+                    address:
+                      nullable: true
+                      type: string
+                    port:
+                      nullable: true
+                      type: string
+                    sshAgentAuth:
+                      type: boolean
+                    sshCert:
+                      nullable: true
+                      type: string
+                    sshCertPath:
+                      nullable: true
+                      type: string
+                    sshKey:
+                      nullable: true
+                      type: string
+                    sshKeyPath:
+                      nullable: true
+                      type: string
+                    user:
+                      nullable: true
+                      type: string
+                  type: object
+                cloudProvider:
+                  properties:
+                    awsCloudProvider:
+                      nullable: true
+                      properties:
+                        global:
+                          properties:
+                            disable-security-group-ingress:
+                              type: boolean
+                            disable-strict-zone-check:
+                              type: boolean
+                            elb-security-group:
+                              nullable: true
+                              type: string
+                            kubernetes-cluster-id:
+                              nullable: true
+                              type: string
+                            kubernetes-cluster-tag:
+                              nullable: true
+                              type: string
+                            role-arn:
+                              nullable: true
+                              type: string
+                            routetable-id:
+                              nullable: true
+                              type: string
+                            subnet-id:
+                              nullable: true
+                              type: string
+                            vpc:
+                              nullable: true
+                              type: string
+                            zone:
+                              nullable: true
+                              type: string
+                          type: object
+                        serviceOverride:
+                          nullable: true
+                          type: object
+                      type: object
+                    azureCloudProvider:
+                      nullable: true
+                      properties:
+                        aadClientCertPassword:
+                          nullable: true
+                          type: string
+                        aadClientCertPath:
+                          nullable: true
+                          type: string
+                        aadClientId:
+                          nullable: true
+                          type: string
+                        aadClientSecret:
+                          nullable: true
+                          type: string
+                        cloud:
+                          nullable: true
+                          type: string
+                        cloudProviderBackoff:
+                          type: boolean
+                        cloudProviderBackoffDuration:
+                          type: integer
+                        cloudProviderBackoffExponent:
+                          type: integer
+                        cloudProviderBackoffJitter:
+                          type: integer
+                        cloudProviderBackoffRetries:
+                          type: integer
+                        cloudProviderRateLimit:
+                          type: boolean
+                        cloudProviderRateLimitBucket:
+                          type: integer
+                        cloudProviderRateLimitQPS:
+                          type: integer
+                        excludeMasterFromStandardLB:
+                          nullable: true
+                          type: boolean
+                        loadBalancerSku:
+                          nullable: true
+                          type: string
+                        location:
+                          nullable: true
+                          type: string
+                        maximumLoadBalancerRuleCount:
+                          type: integer
+                        primaryAvailabilitySetName:
+                          nullable: true
+                          type: string
+                        primaryScaleSetName:
+                          nullable: true
+                          type: string
+                        resourceGroup:
+                          nullable: true
+                          type: string
+                        routeTableName:
+                          nullable: true
+                          type: string
+                        securityGroupName:
+                          nullable: true
+                          type: string
+                        subnetName:
+                          nullable: true
+                          type: string
+                        subscriptionId:
+                          nullable: true
+                          type: string
+                        tenantId:
+                          nullable: true
+                          type: string
+                        useInstanceMetadata:
+                          type: boolean
+                        useManagedIdentityExtension:
+                          type: boolean
+                        userAssignedIdentityID:
+                          nullable: true
+                          type: string
+                        vmType:
+                          nullable: true
+                          type: string
+                        vnetName:
+                          nullable: true
+                          type: string
+                        vnetResourceGroup:
+                          nullable: true
+                          type: string
+                      type: object
+                    customCloudProvider:
+                      nullable: true
+                      type: string
+                    name:
+                      nullable: true
+                      type: string
+                    openstackCloudProvider:
+                      nullable: true
+                      properties:
+                        blockStorage:
+                          properties:
+                            bs-version:
+                              nullable: true
+                              type: string
+                            ignore-volume-az:
+                              type: boolean
+                            trust-device-path:
+                              type: boolean
+                          type: object
+                        global:
+                          properties:
+                            auth-url:
+                              nullable: true
+                              type: string
+                            ca-file:
+                              nullable: true
+                              type: string
+                            domain-id:
+                              nullable: true
+                              type: string
+                            domain-name:
+                              nullable: true
+                              type: string
+                            password:
+                              nullable: true
+                              type: string
+                            region:
+                              nullable: true
+                              type: string
+                            tenant-id:
+                              nullable: true
+                              type: string
+                            tenant-name:
+                              nullable: true
+                              type: string
+                            trust-id:
+                              nullable: true
+                              type: string
+                            user-id:
+                              nullable: true
+                              type: string
+                            username:
+                              nullable: true
+                              type: string
+                          type: object
+                        loadBalancer:
+                          properties:
+                            create-monitor:
+                              type: boolean
+                            floating-network-id:
+                              nullable: true
+                              type: string
+                            lb-method:
+                              nullable: true
+                              type: string
+                            lb-provider:
+                              nullable: true
+                              type: string
+                            lb-version:
+                              nullable: true
+                              type: string
+                            manage-security-groups:
+                              type: boolean
+                            monitor-delay:
+                              nullable: true
+                              type: string
+                            monitor-max-retries:
+                              type: integer
+                            monitor-timeout:
+                              nullable: true
+                              type: string
+                            subnet-id:
+                              nullable: true
+                              type: string
+                            use-octavia:
+                              type: boolean
+                          type: object
+                        metadata:
+                          properties:
+                            request-timeout:
+                              type: integer
+                            search-order:
+                              nullable: true
+                              type: string
+                          type: object
+                        route:
+                          properties:
+                            router-id:
+                              nullable: true
+                              type: string
+                          type: object
+                      type: object
+                    vsphereCloudProvider:
+                      nullable: true
+                      properties:
+                        disk:
+                          properties:
+                            scsicontrollertype:
+                              nullable: true
+                              type: string
+                          type: object
+                        global:
+                          properties:
+                            datacenter:
+                              nullable: true
+                              type: string
+                            datacenters:
+                              nullable: true
+                              type: string
+                            datastore:
+                              nullable: true
+                              type: string
+                            insecure-flag:
+                              type: boolean
+                            password:
+                              nullable: true
+                              type: string
+                            port:
+                              nullable: true
+                              type: string
+                            server:
+                              nullable: true
+                              type: string
+                            soap-roundtrip-count:
+                              type: integer
+                            user:
+                              nullable: true
+                              type: string
+                            vm-name:
+                              nullable: true
+                              type: string
+                            vm-uuid:
+                              nullable: true
+                              type: string
+                            working-dir:
+                              nullable: true
+                              type: string
+                          type: object
+                        network:
+                          properties:
+                            public-network:
+                              nullable: true
+                              type: string
+                          type: object
+                        virtualCenter:
+                          nullable: true
+                          type: object
+                        workspace:
+                          properties:
+                            datacenter:
+                              nullable: true
+                              type: string
+                            default-datastore:
+                              nullable: true
+                              type: string
+                            folder:
+                              nullable: true
+                              type: string
+                            resourcepool-path:
+                              nullable: true
+                              type: string
+                            server:
+                              nullable: true
+                              type: string
+                          type: object
+                      type: object
+                  type: object
+                clusterName:
+                  nullable: true
+                  type: string
+                dns:
+                  nullable: true
+                  properties:
+                    linearAutoscalerParams:
+                      nullable: true
+                      properties:
+                        coresPerReplica:
+                          type: number
+                        max:
+                          type: integer
+                        min:
+                          type: integer
+                        nodesPerReplica:
+                          type: number
+                        preventSinglePointFailure:
+                          type: boolean
+                      type: object
+                    nodeSelector:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: object
+                    nodelocal:
+                      nullable: true
+                      properties:
+                        ipAddress:
+                          nullable: true
+                          type: string
+                        nodeLocalDnsPriorityClassName:
+                          nullable: true
+                          type: string
+                        nodeSelector:
+                          additionalProperties:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: object
+                        updateStrategy:
+                          nullable: true
+                          properties:
+                            rollingUpdate:
+                              nullable: true
+                              properties:
+                                maxUnavailable:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            strategy:
+                              nullable: true
+                              type: string
+                          type: object
+                      type: object
+                    options:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: object
+                    provider:
+                      nullable: true
+                      type: string
+                    reversecidrs:
+                      items:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: array
+                    stubdomains:
+                      additionalProperties:
+                        items:
+                          nullable: true
+                          type: string
+                        nullable: true
+                        type: array
+                      nullable: true
+                      type: object
+                    tolerations:
+                      items:
+                        properties:
+                          effect:
+                            nullable: true
+                            type: string
+                          key:
+                            nullable: true
+                            type: string
+                          operator:
+                            nullable: true
+                            type: string
+                          tolerationSeconds:
+                            nullable: true
+                            type: integer
+                          value:
+                            nullable: true
+                            type: string
+                        type: object
+                      nullable: true
+                      type: array
+                    updateStrategy:
+                      nullable: true
+                      properties:
+                        rollingUpdate:
+                          nullable: true
+                          properties:
+                            maxSurge:
+                              nullable: true
+                              type: string
+                            maxUnavailable:
+                              nullable: true
+                              type: string
+                          type: object
+                        strategy:
+                          nullable: true
+                          type: string
+                      type: object
+                    upstreamnameservers:
+                      items:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: array
+                  type: object
+                ignoreDockerVersion:
+                  nullable: true
+                  type: boolean
+                ingress:
+                  properties:
+                    defaultBackend:
+                      nullable: true
+                      type: boolean
+                    defaultHttpBackendPriorityClassName:
+                      nullable: true
+                      type: string
+                    dnsPolicy:
+                      nullable: true
+                      type: string
+                    extraArgs:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: object
+                    extraEnvs:
+                      items:
+                        properties:
+                          name:
+                            nullable: true
+                            type: string
+                          value:
+                            nullable: true
+                            type: string
+                          valueFrom:
+                            nullable: true
+                            properties:
+                              configMapKeyRef:
+                                nullable: true
+                                properties:
+                                  key:
+                                    nullable: true
+                                    type: string
+                                  name:
+                                    nullable: true
+                                    type: string
+                                  optional:
+                                    nullable: true
+                                    type: boolean
+                                type: object
+                              fieldRef:
+                                nullable: true
+                                properties:
+                                  apiVersion:
+                                    nullable: true
+                                    type: string
+                                  fieldPath:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              resourceFieldRef:
+                                nullable: true
+                                properties:
+                                  containerName:
+                                    nullable: true
+                                    type: string
+                                  divisor:
+                                    nullable: true
+                                    type: string
+                                  resource:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              secretKeyRef:
+                                nullable: true
+                                properties:
+                                  key:
+                                    nullable: true
+                                    type: string
+                                  name:
+                                    nullable: true
+                                    type: string
+                                  optional:
+                                    nullable: true
+                                    type: boolean
+                                type: object
+                            type: object
+                        type: object
+                      nullable: true
+                      type: array
+                    extraVolumeMounts:
+                      items:
+                        properties:
+                          mountPath:
+                            nullable: true
+                            type: string
+                          mountPropagation:
+                            nullable: true
+                            type: string
+                          name:
+                            nullable: true
+                            type: string
+                          readOnly:
+                            type: boolean
+                          subPath:
+                            nullable: true
+                            type: string
+                          subPathExpr:
+                            nullable: true
+                            type: string
+                        type: object
+                      nullable: true
+                      type: array
+                    extraVolumes:
+                      items:
+                        properties:
+                          awsElasticBlockStore:
+                            nullable: true
+                            properties:
+                              fsType:
+                                nullable: true
+                                type: string
+                              partition:
+                                type: integer
+                              readOnly:
+                                type: boolean
+                              volumeID:
+                                nullable: true
+                                type: string
+                            type: object
+                          azureDisk:
+                            nullable: true
+                            properties:
+                              cachingMode:
+                                nullable: true
+                                type: string
+                              diskName:
+                                nullable: true
+                                type: string
+                              diskURI:
+                                nullable: true
+                                type: string
+                              fsType:
+                                nullable: true
+                                type: string
+                              kind:
+                                nullable: true
+                                type: string
+                              readOnly:
+                                nullable: true
+                                type: boolean
+                            type: object
+                          azureFile:
+                            nullable: true
+                            properties:
+                              readOnly:
+                                type: boolean
+                              secretName:
+                                nullable: true
+                                type: string
+                              shareName:
+                                nullable: true
+                                type: string
+                            type: object
+                          cephfs:
+                            nullable: true
+                            properties:
+                              monitors:
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              path:
+                                nullable: true
+                                type: string
+                              readOnly:
+                                type: boolean
+                              secretFile:
+                                nullable: true
+                                type: string
+                              secretRef:
+                                nullable: true
+                                properties:
+                                  name:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              user:
+                                nullable: true
+                                type: string
+                            type: object
+                          cinder:
+                            nullable: true
+                            properties:
+                              fsType:
+                                nullable: true
+                                type: string
+                              readOnly:
+                                type: boolean
+                              secretRef:
+                                nullable: true
+                                properties:
+                                  name:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              volumeID:
+                                nullable: true
+                                type: string
+                            type: object
+                          configMap:
+                            nullable: true
+                            properties:
+                              defaultMode:
+                                nullable: true
+                                type: integer
+                              items:
+                                items:
+                                  properties:
+                                    key:
+                                      nullable: true
+                                      type: string
+                                    mode:
+                                      nullable: true
+                                      type: integer
+                                    path:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              name:
+                                nullable: true
+                                type: string
+                              optional:
+                                nullable: true
+                                type: boolean
+                            type: object
+                          csi:
+                            nullable: true
+                            properties:
+                              driver:
+                                nullable: true
+                                type: string
+                              fsType:
+                                nullable: true
+                                type: string
+                              nodePublishSecretRef:
+                                nullable: true
+                                properties:
+                                  name:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              readOnly:
+                                nullable: true
+                                type: boolean
+                              volumeAttributes:
+                                additionalProperties:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: object
+                            type: object
+                          downwardAPI:
+                            nullable: true
+                            properties:
+                              defaultMode:
+                                nullable: true
+                                type: integer
+                              items:
+                                items:
+                                  properties:
+                                    fieldRef:
+                                      nullable: true
+                                      properties:
+                                        apiVersion:
+                                          nullable: true
+                                          type: string
+                                        fieldPath:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                    mode:
+                                      nullable: true
+                                      type: integer
+                                    path:
+                                      nullable: true
+                                      type: string
+                                    resourceFieldRef:
+                                      nullable: true
+                                      properties:
+                                        containerName:
+                                          nullable: true
+                                          type: string
+                                        divisor:
+                                          nullable: true
+                                          type: string
+                                        resource:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                  type: object
+                                nullable: true
+                                type: array
+                            type: object
+                          emptyDir:
+                            nullable: true
+                            properties:
+                              medium:
+                                nullable: true
+                                type: string
+                              sizeLimit:
+                                nullable: true
+                                type: string
+                            type: object
+                          ephemeral:
+                            nullable: true
+                            properties:
+                              readOnly:
+                                type: boolean
+                              volumeClaimTemplate:
+                                nullable: true
+                                properties:
+                                  metadata:
+                                    properties:
+                                      annotations:
+                                        additionalProperties:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: object
+                                      clusterName:
+                                        nullable: true
+                                        type: string
+                                      creationTimestamp:
+                                        nullable: true
+                                        type: string
+                                      deletionGracePeriodSeconds:
+                                        nullable: true
+                                        type: integer
+                                      deletionTimestamp:
+                                        nullable: true
+                                        type: string
+                                      finalizers:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                      generateName:
+                                        nullable: true
+                                        type: string
+                                      generation:
+                                        type: integer
+                                      labels:
+                                        additionalProperties:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: object
+                                      managedFields:
+                                        items:
+                                          properties:
+                                            apiVersion:
+                                              nullable: true
+                                              type: string
+                                            fieldsType:
+                                              nullable: true
+                                              type: string
+                                            fieldsV1:
+                                              nullable: true
+                                              type: object
+                                            manager:
+                                              nullable: true
+                                              type: string
+                                            operation:
+                                              nullable: true
+                                              type: string
+                                            time:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      name:
+                                        nullable: true
+                                        type: string
+                                      namespace:
+                                        nullable: true
+                                        type: string
+                                      ownerReferences:
+                                        items:
+                                          properties:
+                                            apiVersion:
+                                              nullable: true
+                                              type: string
+                                            blockOwnerDeletion:
+                                              nullable: true
+                                              type: boolean
+                                            controller:
+                                              nullable: true
+                                              type: boolean
+                                            kind:
+                                              nullable: true
+                                              type: string
+                                            name:
+                                              nullable: true
+                                              type: string
+                                            uid:
+                                              nullable: true
+                                              type: string
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      resourceVersion:
+                                        nullable: true
+                                        type: string
+                                      selfLink:
+                                        nullable: true
+                                        type: string
+                                      uid:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  spec:
+                                    properties:
+                                      accessModes:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                      dataSource:
+                                        nullable: true
+                                        properties:
+                                          apiGroup:
+                                            nullable: true
+                                            type: string
+                                          kind:
+                                            nullable: true
+                                            type: string
+                                          name:
+                                            nullable: true
+                                            type: string
+                                        type: object
+                                      resources:
+                                        properties:
+                                          limits:
+                                            additionalProperties:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: object
+                                          requests:
+                                            additionalProperties:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: object
+                                        type: object
+                                      selector:
+                                        nullable: true
+                                        properties:
+                                          matchExpressions:
+                                            items:
+                                              properties:
+                                                key:
+                                                  nullable: true
+                                                  type: string
+                                                operator:
+                                                  nullable: true
+                                                  type: string
+                                                values:
+                                                  items:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: array
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          matchLabels:
+                                            additionalProperties:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: object
+                                        type: object
+                                      storageClassName:
+                                        nullable: true
+                                        type: string
+                                      volumeMode:
+                                        nullable: true
+                                        type: string
+                                      volumeName:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                type: object
+                            type: object
+                          fc:
+                            nullable: true
+                            properties:
+                              fsType:
+                                nullable: true
+                                type: string
+                              lun:
+                                nullable: true
+                                type: integer
+                              readOnly:
+                                type: boolean
+                              targetWWNs:
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              wwids:
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                            type: object
+                          flexVolume:
+                            nullable: true
+                            properties:
+                              driver:
+                                nullable: true
+                                type: string
+                              fsType:
+                                nullable: true
+                                type: string
+                              options:
+                                additionalProperties:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: object
+                              readOnly:
+                                type: boolean
+                              secretRef:
+                                nullable: true
+                                properties:
+                                  name:
+                                    nullable: true
+                                    type: string
+                                type: object
+                            type: object
+                          flocker:
+                            nullable: true
+                            properties:
+                              datasetName:
+                                nullable: true
+                                type: string
+                              datasetUUID:
+                                nullable: true
+                                type: string
+                            type: object
+                          gcePersistentDisk:
+                            nullable: true
+                            properties:
+                              fsType:
+                                nullable: true
+                                type: string
+                              partition:
+                                type: integer
+                              pdName:
+                                nullable: true
+                                type: string
+                              readOnly:
+                                type: boolean
+                            type: object
+                          gitRepo:
+                            nullable: true
+                            properties:
+                              directory:
+                                nullable: true
+                                type: string
+                              repository:
+                                nullable: true
+                                type: string
+                              revision:
+                                nullable: true
+                                type: string
+                            type: object
+                          glusterfs:
+                            nullable: true
+                            properties:
+                              endpoints:
+                                nullable: true
+                                type: string
+                              path:
+                                nullable: true
+                                type: string
+                              readOnly:
+                                type: boolean
+                            type: object
+                          hostPath:
+                            nullable: true
+                            properties:
+                              path:
+                                nullable: true
+                                type: string
+                              type:
+                                nullable: true
+                                type: string
+                            type: object
+                          iscsi:
+                            nullable: true
+                            properties:
+                              chapAuthDiscovery:
+                                type: boolean
+                              chapAuthSession:
+                                type: boolean
+                              fsType:
+                                nullable: true
+                                type: string
+                              initiatorName:
+                                nullable: true
+                                type: string
+                              iqn:
+                                nullable: true
+                                type: string
+                              iscsiInterface:
+                                nullable: true
+                                type: string
+                              lun:
+                                type: integer
+                              portals:
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              readOnly:
+                                type: boolean
+                              secretRef:
+                                nullable: true
+                                properties:
+                                  name:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              targetPortal:
+                                nullable: true
+                                type: string
+                            type: object
+                          name:
+                            nullable: true
+                            type: string
+                          nfs:
+                            nullable: true
+                            properties:
+                              path:
+                                nullable: true
+                                type: string
+                              readOnly:
+                                type: boolean
+                              server:
+                                nullable: true
+                                type: string
+                            type: object
+                          persistentVolumeClaim:
+                            nullable: true
+                            properties:
+                              claimName:
+                                nullable: true
+                                type: string
+                              readOnly:
+                                type: boolean
+                            type: object
+                          photonPersistentDisk:
+                            nullable: true
+                            properties:
+                              fsType:
+                                nullable: true
+                                type: string
+                              pdID:
+                                nullable: true
+                                type: string
+                            type: object
+                          portworxVolume:
+                            nullable: true
+                            properties:
+                              fsType:
+                                nullable: true
+                                type: string
+                              readOnly:
+                                type: boolean
+                              volumeID:
+                                nullable: true
+                                type: string
+                            type: object
+                          projected:
+                            nullable: true
+                            properties:
+                              defaultMode:
+                                nullable: true
+                                type: integer
+                              sources:
+                                items:
+                                  properties:
+                                    configMap:
+                                      nullable: true
+                                      properties:
+                                        items:
+                                          items:
+                                            properties:
+                                              key:
+                                                nullable: true
+                                                type: string
+                                              mode:
+                                                nullable: true
+                                                type: integer
+                                              path:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          nullable: true
+                                          type: array
+                                        name:
+                                          nullable: true
+                                          type: string
+                                        optional:
+                                          nullable: true
+                                          type: boolean
+                                      type: object
+                                    downwardAPI:
+                                      nullable: true
+                                      properties:
+                                        items:
+                                          items:
+                                            properties:
+                                              fieldRef:
+                                                nullable: true
+                                                properties:
+                                                  apiVersion:
+                                                    nullable: true
+                                                    type: string
+                                                  fieldPath:
+                                                    nullable: true
+                                                    type: string
+                                                type: object
+                                              mode:
+                                                nullable: true
+                                                type: integer
+                                              path:
+                                                nullable: true
+                                                type: string
+                                              resourceFieldRef:
+                                                nullable: true
+                                                properties:
+                                                  containerName:
+                                                    nullable: true
+                                                    type: string
+                                                  divisor:
+                                                    nullable: true
+                                                    type: string
+                                                  resource:
+                                                    nullable: true
+                                                    type: string
+                                                type: object
+                                            type: object
+                                          nullable: true
+                                          type: array
+                                      type: object
+                                    secret:
+                                      nullable: true
+                                      properties:
+                                        items:
+                                          items:
+                                            properties:
+                                              key:
+                                                nullable: true
+                                                type: string
+                                              mode:
+                                                nullable: true
+                                                type: integer
+                                              path:
+                                                nullable: true
+                                                type: string
+                                            type: object
+                                          nullable: true
+                                          type: array
+                                        name:
+                                          nullable: true
+                                          type: string
+                                        optional:
+                                          nullable: true
+                                          type: boolean
+                                      type: object
+                                    serviceAccountToken:
+                                      nullable: true
+                                      properties:
+                                        audience:
+                                          nullable: true
+                                          type: string
+                                        expirationSeconds:
+                                          nullable: true
+                                          type: integer
+                                        path:
+                                          nullable: true
+                                          type: string
+                                      type: object
+                                  type: object
+                                nullable: true
+                                type: array
+                            type: object
+                          quobyte:
+                            nullable: true
+                            properties:
+                              group:
+                                nullable: true
+                                type: string
+                              readOnly:
+                                type: boolean
+                              registry:
+                                nullable: true
+                                type: string
+                              tenant:
+                                nullable: true
+                                type: string
+                              user:
+                                nullable: true
+                                type: string
+                              volume:
+                                nullable: true
+                                type: string
+                            type: object
+                          rbd:
+                            nullable: true
+                            properties:
+                              fsType:
+                                nullable: true
+                                type: string
+                              image:
+                                nullable: true
+                                type: string
+                              keyring:
+                                nullable: true
+                                type: string
+                              monitors:
+                                items:
+                                  nullable: true
+                                  type: string
+                                nullable: true
+                                type: array
+                              pool:
+                                nullable: true
+                                type: string
+                              readOnly:
+                                type: boolean
+                              secretRef:
+                                nullable: true
+                                properties:
+                                  name:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              user:
+                                nullable: true
+                                type: string
+                            type: object
+                          scaleIO:
+                            nullable: true
+                            properties:
+                              fsType:
+                                nullable: true
+                                type: string
+                              gateway:
+                                nullable: true
+                                type: string
+                              protectionDomain:
+                                nullable: true
+                                type: string
+                              readOnly:
+                                type: boolean
+                              secretRef:
+                                nullable: true
+                                properties:
+                                  name:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              sslEnabled:
+                                type: boolean
+                              storageMode:
+                                nullable: true
+                                type: string
+                              storagePool:
+                                nullable: true
+                                type: string
+                              system:
+                                nullable: true
+                                type: string
+                              volumeName:
+                                nullable: true
+                                type: string
+                            type: object
+                          secret:
+                            nullable: true
+                            properties:
+                              defaultMode:
+                                nullable: true
+                                type: integer
+                              items:
+                                items:
+                                  properties:
+                                    key:
+                                      nullable: true
+                                      type: string
+                                    mode:
+                                      nullable: true
+                                      type: integer
+                                    path:
+                                      nullable: true
+                                      type: string
+                                  type: object
+                                nullable: true
+                                type: array
+                              optional:
+                                nullable: true
+                                type: boolean
+                              secretName:
+                                nullable: true
+                                type: string
+                            type: object
+                          storageos:
+                            nullable: true
+                            properties:
+                              fsType:
+                                nullable: true
+                                type: string
+                              readOnly:
+                                type: boolean
+                              secretRef:
+                                nullable: true
+                                properties:
+                                  name:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              volumeName:
+                                nullable: true
+                                type: string
+                              volumeNamespace:
+                                nullable: true
+                                type: string
+                            type: object
+                          vsphereVolume:
+                            nullable: true
+                            properties:
+                              fsType:
+                                nullable: true
+                                type: string
+                              storagePolicyID:
+                                nullable: true
+                                type: string
+                              storagePolicyName:
+                                nullable: true
+                                type: string
+                              volumePath:
+                                nullable: true
+                                type: string
+                            type: object
+                        type: object
+                      nullable: true
+                      type: array
+                    httpPort:
+                      type: integer
+                    httpsPort:
+                      type: integer
+                    networkMode:
+                      nullable: true
+                      type: string
+                    nginxIngressControllerPriorityClassName:
+                      nullable: true
+                      type: string
+                    nodeSelector:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: object
+                    options:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: object
+                    provider:
+                      nullable: true
+                      type: string
+                    tolerations:
+                      items:
+                        properties:
+                          effect:
+                            nullable: true
+                            type: string
+                          key:
+                            nullable: true
+                            type: string
+                          operator:
+                            nullable: true
+                            type: string
+                          tolerationSeconds:
+                            nullable: true
+                            type: integer
+                          value:
+                            nullable: true
+                            type: string
+                        type: object
+                      nullable: true
+                      type: array
+                    updateStrategy:
+                      nullable: true
+                      properties:
+                        rollingUpdate:
+                          nullable: true
+                          properties:
+                            maxUnavailable:
+                              nullable: true
+                              type: string
+                          type: object
+                        strategy:
+                          nullable: true
+                          type: string
+                      type: object
+                  type: object
+                kubernetesVersion:
+                  nullable: true
+                  type: string
+                monitoring:
+                  properties:
+                    metricsServerPriorityClassName:
+                      nullable: true
+                      type: string
+                    nodeSelector:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: object
+                    options:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: object
+                    provider:
+                      nullable: true
+                      type: string
+                    replicas:
+                      nullable: true
+                      type: integer
+                    tolerations:
+                      items:
+                        properties:
+                          effect:
+                            nullable: true
+                            type: string
+                          key:
+                            nullable: true
+                            type: string
+                          operator:
+                            nullable: true
+                            type: string
+                          tolerationSeconds:
+                            nullable: true
+                            type: integer
+                          value:
+                            nullable: true
+                            type: string
+                        type: object
+                      nullable: true
+                      type: array
+                    updateStrategy:
+                      nullable: true
+                      properties:
+                        rollingUpdate:
+                          nullable: true
+                          properties:
+                            maxSurge:
+                              nullable: true
+                              type: string
+                            maxUnavailable:
+                              nullable: true
+                              type: string
+                          type: object
+                        strategy:
+                          nullable: true
+                          type: string
+                      type: object
+                  type: object
+                network:
+                  properties:
+                    aciNetworkProvider:
+                      nullable: true
+                      properties:
+                        aep:
+                          nullable: true
+                          type: string
+                        apicHosts:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        apicRefreshTime:
+                          nullable: true
+                          type: string
+                        apicUserCrt:
+                          nullable: true
+                          type: string
+                        apicUserKey:
+                          nullable: true
+                          type: string
+                        apicUserName:
+                          nullable: true
+                          type: string
+                        capic:
+                          nullable: true
+                          type: string
+                        controllerLogLevel:
+                          nullable: true
+                          type: string
+                        dropLogEnable:
+                          nullable: true
+                          type: string
+                        enableEndpointSlice:
+                          nullable: true
+                          type: string
+                        encapType:
+                          nullable: true
+                          type: string
+                        epRegistry:
+                          nullable: true
+                          type: string
+                        externDynamic:
+                          nullable: true
+                          type: string
+                        externStatic:
+                          nullable: true
+                          type: string
+                        gbpPodSubnet:
+                          nullable: true
+                          type: string
+                        hostAgentLogLevel:
+                          nullable: true
+                          type: string
+                        imagePullPolicy:
+                          nullable: true
+                          type: string
+                        imagePullSecret:
+                          nullable: true
+                          type: string
+                        infraVlan:
+                          nullable: true
+                          type: string
+                        installIstio:
+                          nullable: true
+                          type: string
+                        istioProfile:
+                          nullable: true
+                          type: string
+                        kafkaBrokers:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        kafkaClientCrt:
+                          nullable: true
+                          type: string
+                        kafkaClientKey:
+                          nullable: true
+                          type: string
+                        kubeApiVlan:
+                          nullable: true
+                          type: string
+                        l3out:
+                          nullable: true
+                          type: string
+                        l3outExternalNetworks:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        maxNodesSvcGraph:
+                          nullable: true
+                          type: string
+                        mcastRangeEnd:
+                          nullable: true
+                          type: string
+                        mcastRangeStart:
+                          nullable: true
+                          type: string
+                        noPriorityClass:
+                          nullable: true
+                          type: string
+                        nodeSubnet:
+                          nullable: true
+                          type: string
+                        nodeSvcSubnet:
+                          nullable: true
+                          type: string
+                        opflexClientSsl:
+                          nullable: true
+                          type: string
+                        opflexLogLevel:
+                          nullable: true
+                          type: string
+                        opflexMode:
+                          nullable: true
+                          type: string
+                        opflexServerPort:
+                          nullable: true
+                          type: string
+                        overlayVrfName:
+                          nullable: true
+                          type: string
+                        ovsMemoryLimit:
+                          nullable: true
+                          type: string
+                        pbrTrackingNonSnat:
+                          nullable: true
+                          type: string
+                        podSubnetChunkSize:
+                          nullable: true
+                          type: string
+                        runGbpContainer:
+                          nullable: true
+                          type: string
+                        runOpflexServerContainer:
+                          nullable: true
+                          type: string
+                        serviceMonitorInterval:
+                          nullable: true
+                          type: string
+                        serviceVlan:
+                          nullable: true
+                          type: string
+                        snatContractScope:
+                          nullable: true
+                          type: string
+                        snatNamespace:
+                          nullable: true
+                          type: string
+                        snatPortRangeEnd:
+                          nullable: true
+                          type: string
+                        snatPortRangeStart:
+                          nullable: true
+                          type: string
+                        snatPortsPerNode:
+                          nullable: true
+                          type: string
+                        subnetDomainName:
+                          nullable: true
+                          type: string
+                        systemId:
+                          nullable: true
+                          type: string
+                        tenant:
+                          nullable: true
+                          type: string
+                        token:
+                          nullable: true
+                          type: string
+                        useAciAnywhereCrd:
+                          nullable: true
+                          type: string
+                        useAciCniPriorityClass:
+                          nullable: true
+                          type: string
+                        useHostNetnsVolume:
+                          nullable: true
+                          type: string
+                        useOpflexServerVolume:
+                          nullable: true
+                          type: string
+                        usePrivilegedContainer:
+                          nullable: true
+                          type: string
+                        vmmController:
+                          nullable: true
+                          type: string
+                        vmmDomain:
+                          nullable: true
+                          type: string
+                        vrfName:
+                          nullable: true
+                          type: string
+                        vrfTenant:
+                          nullable: true
+                          type: string
+                      type: object
+                    calicoNetworkProvider:
+                      nullable: true
+                      properties:
+                        cloudProvider:
+                          nullable: true
+                          type: string
+                      type: object
+                    canalNetworkProvider:
+                      nullable: true
+                      properties:
+                        iface:
+                          nullable: true
+                          type: string
+                      type: object
+                    flannelNetworkProvider:
+                      nullable: true
+                      properties:
+                        iface:
+                          nullable: true
+                          type: string
+                      type: object
+                    mtu:
+                      type: integer
+                    nodeSelector:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: object
+                    options:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: object
+                    plugin:
+                      nullable: true
+                      type: string
+                    tolerations:
+                      items:
+                        properties:
+                          effect:
+                            nullable: true
+                            type: string
+                          key:
+                            nullable: true
+                            type: string
+                          operator:
+                            nullable: true
+                            type: string
+                          tolerationSeconds:
+                            nullable: true
+                            type: integer
+                          value:
+                            nullable: true
+                            type: string
+                        type: object
+                      nullable: true
+                      type: array
+                    updateStrategy:
+                      nullable: true
+                      properties:
+                        rollingUpdate:
+                          nullable: true
+                          properties:
+                            maxUnavailable:
+                              nullable: true
+                              type: string
+                          type: object
+                        strategy:
+                          nullable: true
+                          type: string
+                      type: object
+                    weaveNetworkProvider:
+                      nullable: true
+                      properties:
+                        password:
+                          nullable: true
+                          type: string
+                      type: object
+                  type: object
+                nodes:
+                  items:
+                    properties:
+                      address:
+                        nullable: true
+                        type: string
+                      dockerSocket:
+                        nullable: true
+                        type: string
+                      hostnameOverride:
+                        nullable: true
+                        type: string
+                      internalAddress:
+                        nullable: true
+                        type: string
+                      labels:
+                        additionalProperties:
+                          nullable: true
+                          type: string
+                        nullable: true
+                        type: object
+                      nodeName:
+                        nullable: true
+                        type: string
+                      port:
+                        nullable: true
+                        type: string
+                      role:
+                        items:
+                          nullable: true
+                          type: string
+                        nullable: true
+                        type: array
+                      sshAgentAuth:
+                        type: boolean
+                      sshCert:
+                        nullable: true
+                        type: string
+                      sshCertPath:
+                        nullable: true
+                        type: string
+                      sshKey:
+                        nullable: true
+                        type: string
+                      sshKeyPath:
+                        nullable: true
+                        type: string
+                      taints:
+                        items:
+                          properties:
+                            effect:
+                              nullable: true
+                              type: string
+                            key:
+                              nullable: true
+                              type: string
+                            timeAdded:
+                              nullable: true
+                              type: string
+                            value:
+                              nullable: true
+                              type: string
+                          type: object
+                        nullable: true
+                        type: array
+                      user:
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                prefixPath:
+                  nullable: true
+                  type: string
+                privateRegistries:
+                  items:
+                    properties:
+                      isDefault:
+                        type: boolean
+                      password:
+                        nullable: true
+                        type: string
+                      url:
+                        nullable: true
+                        type: string
+                      user:
+                        nullable: true
+                        type: string
+                    type: object
+                  nullable: true
+                  type: array
+                restore:
+                  properties:
+                    restore:
+                      type: boolean
+                    snapshotName:
+                      nullable: true
+                      type: string
+                  type: object
+                rotateCertificates:
+                  nullable: true
+                  properties:
+                    caCertificates:
+                      type: boolean
+                    services:
+                      items:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: array
+                  type: object
+                rotateEncryptionKey:
+                  type: boolean
+                services:
+                  properties:
+                    etcd:
+                      properties:
+                        backupConfig:
+                          nullable: true
+                          properties:
+                            enabled:
+                              nullable: true
+                              type: boolean
+                            intervalHours:
+                              type: integer
+                            retention:
+                              type: integer
+                            s3BackupConfig:
+                              nullable: true
+                              properties:
+                                accessKey:
+                                  nullable: true
+                                  type: string
+                                bucketName:
+                                  nullable: true
+                                  type: string
+                                customCa:
+                                  nullable: true
+                                  type: string
+                                endpoint:
+                                  nullable: true
+                                  type: string
+                                folder:
+                                  nullable: true
+                                  type: string
+                                region:
+                                  nullable: true
+                                  type: string
+                                secretKey:
+                                  nullable: true
+                                  type: string
+                              type: object
+                            safeTimestamp:
+                              type: boolean
+                            timeout:
+                              type: integer
+                          type: object
+                        caCert:
+                          nullable: true
+                          type: string
+                        cert:
+                          nullable: true
+                          type: string
+                        creation:
+                          nullable: true
+                          type: string
+                        externalUrls:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        extraArgs:
+                          additionalProperties:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: object
+                        extraBinds:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        extraEnv:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        gid:
+                          type: integer
+                        image:
+                          nullable: true
+                          type: string
+                        key:
+                          nullable: true
+                          type: string
+                        path:
+                          nullable: true
+                          type: string
+                        retention:
+                          nullable: true
+                          type: string
+                        snapshot:
+                          nullable: true
+                          type: boolean
+                        uid:
+                          type: integer
+                        winExtraArgs:
+                          additionalProperties:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: object
+                        winExtraBinds:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        winExtraEnv:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                      type: object
+                    kubeApi:
+                      properties:
+                        admissionConfiguration:
+                          nullable: true
+                          properties:
+                            apiVersion:
+                              nullable: true
+                              type: string
+                            kind:
+                              nullable: true
+                              type: string
+                            plugins:
+                              items:
+                                properties:
+                                  configuration:
+                                    nullable: true
+                                    properties:
+                                      apiVersion:
+                                        nullable: true
+                                        type: string
+                                      contentEncoding:
+                                        nullable: true
+                                        type: string
+                                      contentType:
+                                        nullable: true
+                                        type: string
+                                      kind:
+                                        nullable: true
+                                        type: string
+                                      raw:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  name:
+                                    nullable: true
+                                    type: string
+                                  path:
+                                    nullable: true
+                                    type: string
+                                type: object
+                              nullable: true
+                              type: array
+                          type: object
+                        alwaysPullImages:
+                          type: boolean
+                        auditLog:
+                          nullable: true
+                          properties:
+                            configuration:
+                              nullable: true
+                              properties:
+                                format:
+                                  nullable: true
+                                  type: string
+                                maxAge:
+                                  type: integer
+                                maxBackup:
+                                  type: integer
+                                maxSize:
+                                  type: integer
+                                path:
+                                  nullable: true
+                                  type: string
+                                policy:
+                                  nullable: true
+                                  properties:
+                                    omitStages:
+                                      items:
+                                        nullable: true
+                                        type: string
+                                      nullable: true
+                                      type: array
+                                    rules:
+                                      items:
+                                        properties:
+                                          level:
+                                            nullable: true
+                                            type: string
+                                          namespaces:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                          nonResourceURLs:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                          omitStages:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                          resources:
+                                            items:
+                                              properties:
+                                                group:
+                                                  nullable: true
+                                                  type: string
+                                                resourceNames:
+                                                  items:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: array
+                                                resources:
+                                                  items:
+                                                    nullable: true
+                                                    type: string
+                                                  nullable: true
+                                                  type: array
+                                              type: object
+                                            nullable: true
+                                            type: array
+                                          userGroups:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                          users:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                          verbs:
+                                            items:
+                                              nullable: true
+                                              type: string
+                                            nullable: true
+                                            type: array
+                                        type: object
+                                      nullable: true
+                                      type: array
+                                  type: object
+                              type: object
+                            enabled:
+                              type: boolean
+                          type: object
+                        eventRateLimit:
+                          nullable: true
+                          properties:
+                            configuration:
+                              nullable: true
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                kind:
+                                  nullable: true
+                                  type: string
+                                limits:
+                                  items:
+                                    properties:
+                                      burst:
+                                        type: integer
+                                      cacheSize:
+                                        type: integer
+                                      qps:
+                                        type: integer
+                                      type:
+                                        nullable: true
+                                        type: string
+                                    type: object
+                                  nullable: true
+                                  type: array
+                              type: object
+                            enabled:
+                              type: boolean
+                          type: object
+                        extraArgs:
+                          additionalProperties:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: object
+                        extraBinds:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        extraEnv:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        image:
+                          nullable: true
+                          type: string
+                        podSecurityPolicy:
+                          type: boolean
+                        secretsEncryptionConfig:
+                          nullable: true
+                          properties:
+                            customConfig:
+                              nullable: true
+                              properties:
+                                apiVersion:
+                                  nullable: true
+                                  type: string
+                                kind:
+                                  nullable: true
+                                  type: string
+                                resources:
+                                  items:
+                                    properties:
+                                      providers:
+                                        items:
+                                          properties:
+                                            aescbc:
+                                              nullable: true
+                                              properties:
+                                                keys:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        nullable: true
+                                                        type: string
+                                                      secret:
+                                                        nullable: true
+                                                        type: string
+                                                    type: object
+                                                  nullable: true
+                                                  type: array
+                                              type: object
+                                            aesgcm:
+                                              nullable: true
+                                              properties:
+                                                keys:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        nullable: true
+                                                        type: string
+                                                      secret:
+                                                        nullable: true
+                                                        type: string
+                                                    type: object
+                                                  nullable: true
+                                                  type: array
+                                              type: object
+                                            identity:
+                                              nullable: true
+                                              type: object
+                                            kms:
+                                              nullable: true
+                                              properties:
+                                                cacheSize:
+                                                  nullable: true
+                                                  type: integer
+                                                endpoint:
+                                                  nullable: true
+                                                  type: string
+                                                name:
+                                                  nullable: true
+                                                  type: string
+                                                timeout:
+                                                  nullable: true
+                                                  type: string
+                                              type: object
+                                            secretbox:
+                                              nullable: true
+                                              properties:
+                                                keys:
+                                                  items:
+                                                    properties:
+                                                      name:
+                                                        nullable: true
+                                                        type: string
+                                                      secret:
+                                                        nullable: true
+                                                        type: string
+                                                    type: object
+                                                  nullable: true
+                                                  type: array
+                                              type: object
+                                          type: object
+                                        nullable: true
+                                        type: array
+                                      resources:
+                                        items:
+                                          nullable: true
+                                          type: string
+                                        nullable: true
+                                        type: array
+                                    type: object
+                                  nullable: true
+                                  type: array
+                              type: object
+                            enabled:
+                              type: boolean
+                          type: object
+                        serviceClusterIpRange:
+                          nullable: true
+                          type: string
+                        serviceNodePortRange:
+                          nullable: true
+                          type: string
+                        winExtraArgs:
+                          additionalProperties:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: object
+                        winExtraBinds:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        winExtraEnv:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                      type: object
+                    kubeController:
+                      properties:
+                        clusterCidr:
+                          nullable: true
+                          type: string
+                        extraArgs:
+                          additionalProperties:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: object
+                        extraBinds:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        extraEnv:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        image:
+                          nullable: true
+                          type: string
+                        serviceClusterIpRange:
+                          nullable: true
+                          type: string
+                        winExtraArgs:
+                          additionalProperties:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: object
+                        winExtraBinds:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        winExtraEnv:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                      type: object
+                    kubelet:
+                      properties:
+                        clusterDnsServer:
+                          nullable: true
+                          type: string
+                        clusterDomain:
+                          nullable: true
+                          type: string
+                        extraArgs:
+                          additionalProperties:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: object
+                        extraBinds:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        extraEnv:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        failSwapOn:
+                          type: boolean
+                        generateServingCertificate:
+                          type: boolean
+                        image:
+                          nullable: true
+                          type: string
+                        infraContainerImage:
+                          nullable: true
+                          type: string
+                        winExtraArgs:
+                          additionalProperties:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: object
+                        winExtraBinds:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        winExtraEnv:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                      type: object
+                    kubeproxy:
+                      properties:
+                        extraArgs:
+                          additionalProperties:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: object
+                        extraBinds:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        extraEnv:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        image:
+                          nullable: true
+                          type: string
+                        winExtraArgs:
+                          additionalProperties:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: object
+                        winExtraBinds:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        winExtraEnv:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                      type: object
+                    scheduler:
+                      properties:
+                        extraArgs:
+                          additionalProperties:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: object
+                        extraBinds:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        extraEnv:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        image:
+                          nullable: true
+                          type: string
+                        winExtraArgs:
+                          additionalProperties:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: object
+                        winExtraBinds:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                        winExtraEnv:
+                          items:
+                            nullable: true
+                            type: string
+                          nullable: true
+                          type: array
+                      type: object
+                  type: object
+                sshAgentAuth:
+                  type: boolean
+                sshCertPath:
+                  nullable: true
+                  type: string
+                sshKeyPath:
+                  nullable: true
+                  type: string
+                systemImages:
+                  properties:
+                    aciCniDeployContainer:
+                      nullable: true
+                      type: string
+                    aciControllerContainer:
+                      nullable: true
+                      type: string
+                    aciGbpServerContainer:
+                      nullable: true
+                      type: string
+                    aciHostContainer:
+                      nullable: true
+                      type: string
+                    aciMcastContainer:
+                      nullable: true
+                      type: string
+                    aciOpflexContainer:
+                      nullable: true
+                      type: string
+                    aciOpflexServerContainer:
+                      nullable: true
+                      type: string
+                    aciOvsContainer:
+                      nullable: true
+                      type: string
+                    alpine:
+                      nullable: true
+                      type: string
+                    calicoCni:
+                      nullable: true
+                      type: string
+                    calicoControllers:
+                      nullable: true
+                      type: string
+                    calicoCtl:
+                      nullable: true
+                      type: string
+                    calicoFlexVol:
+                      nullable: true
+                      type: string
+                    calicoNode:
+                      nullable: true
+                      type: string
+                    canalCni:
+                      nullable: true
+                      type: string
+                    canalControllers:
+                      nullable: true
+                      type: string
+                    canalFlannel:
+                      nullable: true
+                      type: string
+                    canalFlexVol:
+                      nullable: true
+                      type: string
+                    canalNode:
+                      nullable: true
+                      type: string
+                    certDownloader:
+                      nullable: true
+                      type: string
+                    coredns:
+                      nullable: true
+                      type: string
+                    corednsAutoscaler:
+                      nullable: true
+                      type: string
+                    dnsmasq:
+                      nullable: true
+                      type: string
+                    etcd:
+                      nullable: true
+                      type: string
+                    flannel:
+                      nullable: true
+                      type: string
+                    flannelCni:
+                      nullable: true
+                      type: string
+                    ingress:
+                      nullable: true
+                      type: string
+                    ingressBackend:
+                      nullable: true
+                      type: string
+                    kubedns:
+                      nullable: true
+                      type: string
+                    kubednsAutoscaler:
+                      nullable: true
+                      type: string
+                    kubednsSidecar:
+                      nullable: true
+                      type: string
+                    kubernetes:
+                      nullable: true
+                      type: string
+                    kubernetesServicesSidecar:
+                      nullable: true
+                      type: string
+                    metricsServer:
+                      nullable: true
+                      type: string
+                    nginxProxy:
+                      nullable: true
+                      type: string
+                    nodelocal:
+                      nullable: true
+                      type: string
+                    podInfraContainer:
+                      nullable: true
+                      type: string
+                    weaveCni:
+                      nullable: true
+                      type: string
+                    weaveNode:
+                      nullable: true
+                      type: string
+                    windowsPodInfraContainer:
+                      nullable: true
+                      type: string
+                  type: object
+                upgradeStrategy:
+                  nullable: true
+                  properties:
+                    drain:
+                      nullable: true
+                      type: boolean
+                    maxUnavailableControlplane:
+                      nullable: true
+                      type: string
+                    maxUnavailableWorker:
+                      nullable: true
+                      type: string
+                    nodeDrainInput:
+                      nullable: true
+                      properties:
+                        deleteLocalData:
+                          type: boolean
+                        force:
+                          type: boolean
+                        gracePeriod:
+                          type: integer
+                        ignoreDaemonSets:
+                          nullable: true
+                          type: boolean
+                        timeout:
+                          type: integer
+                      type: object
+                  type: object
+                winPrefixPath:
+                  nullable: true
+                  type: string
+              type: object
+            referencedConfig:
+              nullable: true
+              properties:
+                selector:
+                  nullable: true
+                  properties:
+                    matchExpressions:
+                      items:
+                        properties:
+                          key:
+                            nullable: true
+                            type: string
+                          operator:
+                            nullable: true
+                            type: string
+                          values:
+                            items:
+                              nullable: true
+                              type: string
+                            nullable: true
+                            type: array
+                        type: object
+                      nullable: true
+                      type: array
+                    matchLabels:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: object
+                  type: object
+              type: object
+            rke2Config:
+              nullable: true
+              properties:
+                kubernetesVersion:
+                  nullable: true
+                  type: string
+                rke2upgradeStrategy:
+                  properties:
+                    drainServerNodes:
+                      type: boolean
+                    drainWorkerNodes:
+                      type: boolean
+                    serverConcurrency:
+                      type: integer
+                    workerConcurrency:
+                      type: integer
+                  type: object
+              type: object
+          type: object
+        status:
+          properties:
+            agentDeployed:
+              type: boolean
+            clientSecretName:
+              nullable: true
+              type: string
+            clusterName:
+              nullable: true
+              type: string
+            conditions:
+              items:
+                properties:
+                  lastTransitionTime:
+                    nullable: true
+                    type: string
+                  lastUpdateTime:
+                    nullable: true
+                    type: string
+                  message:
+                    nullable: true
+                    type: string
+                  reason:
+                    nullable: true
+                    type: string
+                  status:
+                    nullable: true
+                    type: string
+                  type:
+                    nullable: true
+                    type: string
+                type: object
+              nullable: true
+              type: array
+            observedGeneration:
+              type: integer
+            ready:
+              type: boolean
+          type: object
+      type: object
+  version: v1
+  versions:
+  - name: v1
+    served: true
+    storage: true
+
+---
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: projects.rancher.cattle.io
+spec:
+  additionalPrinterColumns:
+  - JSONPath: .spec.clusterSelector
+    name: Selector
+    type: string
+  group: rancher.cattle.io
+  names:
+    kind: Project
+    plural: projects
+  scope: Namespaced
+  subresources:
+    status: {}
+  validation:
+    openAPIV3Schema:
+      properties:
+        spec:
+          properties:
+            clusterSelector:
+              nullable: true
+              properties:
+                matchExpressions:
+                  items:
+                    properties:
+                      key:
+                        nullable: true
+                        type: string
+                      operator:
+                        nullable: true
+                        type: string
+                      values:
+                        items:
+                          nullable: true
+                          type: string
+                        nullable: true
+                        type: array
+                    type: object
+                  nullable: true
+                  type: array
+                matchLabels:
+                  additionalProperties:
+                    nullable: true
+                    type: string
+                  nullable: true
+                  type: object
+              type: object
+          type: object
+        status:
+          type: object
+      type: object
+  version: v1
+  versions:
+  - name: v1
+    served: true
+    storage: true
+
+---
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: roletemplates.rancher.cattle.io
+spec:
+  group: rancher.cattle.io
+  names:
+    kind: RoleTemplate
+    plural: roletemplates
+  scope: Cluster
+  subresources:
+    status: {}
+  validation:
+    openAPIV3Schema:
+      properties:
+        rules:
+          items:
+            properties:
+              apiGroups:
+                items:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: array
+              nonResourceURLs:
+                items:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: array
+              resourceNames:
+                items:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: array
+              resources:
+                items:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: array
+              verbs:
+                items:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: array
+            type: object
+          nullable: true
+          type: array
+        status:
+          type: object
+      type: object
+  version: v1
+  versions:
+  - name: v1
+    served: true
+    storage: true
+
+---
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: roletemplatebindings.rancher.cattle.io
+spec:
+  additionalPrinterColumns:
+  - JSONPath: .spec.roleTemplateName
+    name: Role
+    type: string
+  group: rancher.cattle.io
+  names:
+    kind: RoleTemplateBinding
+    plural: roletemplatebindings
+  scope: Namespaced
+  subresources:
+    status: {}
+  validation:
+    openAPIV3Schema:
+      properties:
+        bindingScope:
+          properties:
+            apiGroup:
+              nullable: true
+              type: string
+            kind:
+              nullable: true
+              type: string
+            selector:
+              nullable: true
+              properties:
+                matchExpressions:
+                  items:
+                    properties:
+                      key:
+                        nullable: true
+                        type: string
+                      operator:
+                        nullable: true
+                        type: string
+                      values:
+                        items:
+                          nullable: true
+                          type: string
+                        nullable: true
+                        type: array
+                    type: object
+                  nullable: true
+                  type: array
+                matchLabels:
+                  additionalProperties:
+                    nullable: true
+                    type: string
+                  nullable: true
+                  type: object
+              type: object
+          type: object
+        roleTemplateName:
+          nullable: true
+          type: string
+        status:
+          type: object
+        subjects:
+          items:
+            properties:
+              apiGroup:
+                nullable: true
+                type: string
+              kind:
+                nullable: true
+                type: string
+              name:
+                nullable: true
+                type: string
+              namespace:
+                nullable: true
+                type: string
+            type: object
+          nullable: true
+          type: array
+      type: object
+  version: v1
+  versions:
+  - name: v1
+    served: true
+    storage: true
diff --git a/charts/rancher-operator/rancher-operator/0.1.400-rc02/Chart.yaml b/charts/rancher-operator/rancher-operator/0.1.400-rc02/Chart.yaml
new file mode 100755
index 000000000..aeae11e81
--- /dev/null
+++ b/charts/rancher-operator/rancher-operator/0.1.400-rc02/Chart.yaml
@@ -0,0 +1,14 @@
+annotations:
+  catalog.cattle.io/auto-install: rancher-operator-crd=match
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/experimental: "true"
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/namespace: rancher-operator-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/provides-gvr: clusters.rancher.cattle.io/v1
+  catalog.cattle.io/release-name: rancher-operator
+apiVersion: v2
+appVersion: 0.1.4
+description: Control Rancher using GitOps
+name: rancher-operator
+version: 0.1.400-rc02
diff --git a/charts/rancher-operator/rancher-operator/0.1.400-rc02/templates/_helpers.tpl b/charts/rancher-operator/rancher-operator/0.1.400-rc02/templates/_helpers.tpl
new file mode 100755
index 000000000..f652b5643
--- /dev/null
+++ b/charts/rancher-operator/rancher-operator/0.1.400-rc02/templates/_helpers.tpl
@@ -0,0 +1,7 @@
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
\ No newline at end of file
diff --git a/charts/rancher-operator/rancher-operator/0.1.400-rc02/templates/deployment.yaml b/charts/rancher-operator/rancher-operator/0.1.400-rc02/templates/deployment.yaml
new file mode 100755
index 000000000..25c7b93ed
--- /dev/null
+++ b/charts/rancher-operator/rancher-operator/0.1.400-rc02/templates/deployment.yaml
@@ -0,0 +1,23 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: rancher-operator
+spec:
+  selector:
+    matchLabels:
+      app: rancher-operator
+  template:
+    metadata:
+      labels:
+        app: rancher-operator
+    spec:
+      containers:
+      - env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        image: '{{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}'
+        name: rancher-operator
+        imagePullPolicy: "{{ .Values.image.imagePullPolicy }}"
+      serviceAccountName: rancher-operator
diff --git a/charts/rancher-operator/rancher-operator/0.1.400-rc02/templates/rbac.yaml b/charts/rancher-operator/rancher-operator/0.1.400-rc02/templates/rbac.yaml
new file mode 100755
index 000000000..9fe9ad9a7
--- /dev/null
+++ b/charts/rancher-operator/rancher-operator/0.1.400-rc02/templates/rbac.yaml
@@ -0,0 +1,44 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: rancher-operator
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - secrets
+  - configmaps
+  - namespaces
+  verbs:
+  - '*'
+- apiGroups:
+  - apps
+  resources:
+  - daemonsets
+  - deployments
+  verbs:
+  - list
+  - get
+  - watch
+- apiGroups:
+  - "rancher.cattle.io"
+  - "management.cattle.io"
+  - "fleet.cattle.io"
+  resources:
+  - '*'
+  verbs:
+  - '*'
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: rancher-operator
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: rancher-operator
+subjects:
+- kind: ServiceAccount
+  name: rancher-operator
+  namespace: {{.Release.Namespace}}
diff --git a/charts/rancher-operator/rancher-operator/0.1.400-rc02/templates/serviceaccount.yaml b/charts/rancher-operator/rancher-operator/0.1.400-rc02/templates/serviceaccount.yaml
new file mode 100755
index 000000000..a6370fcdf
--- /dev/null
+++ b/charts/rancher-operator/rancher-operator/0.1.400-rc02/templates/serviceaccount.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: rancher-operator
diff --git a/charts/rancher-operator/rancher-operator/0.1.400-rc02/values.yaml b/charts/rancher-operator/rancher-operator/0.1.400-rc02/values.yaml
new file mode 100755
index 000000000..8552991d6
--- /dev/null
+++ b/charts/rancher-operator/rancher-operator/0.1.400-rc02/values.yaml
@@ -0,0 +1,8 @@
+image:
+  repository: rancher/rancher-operator
+  tag: v0.1.4-rc1
+  imagePullPolicy: IfNotPresent
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
diff --git a/index.yaml b/index.yaml
index 8e05a5ebd..4aefd15f9 100755
--- a/index.yaml
+++ b/index.yaml
@@ -1937,6 +1937,28 @@ entries:
     - released/assets/rancher-backup/rancher-backup-crd-1.0.200.tgz
     version: 1.0.200
   rancher-cis-benchmark:
+  - annotations:
+      catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/display-name: CIS Benchmark
+      catalog.cattle.io/namespace: cis-operator-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/provides-gvr: cis.cattle.io.clusterscans/v1
+      catalog.cattle.io/release-name: rancher-cis-benchmark
+      catalog.cattle.io/ui-component: rancher-cis-benchmark
+    apiVersion: v1
+    appVersion: v1.0.4
+    created: "2021-04-07T00:55:11.850459197Z"
+    description: The cis-operator enables running CIS benchmark security scans on
+      a kubernetes cluster
+    digest: 8cedf45ecfa58199f30567dc1bda4c706ef0b3f78a158f85603f99656702d5e3
+    icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg
+    keywords:
+    - security
+    name: rancher-cis-benchmark
+    urls:
+    - assets/rancher-cis-benchmark/rancher-cis-benchmark-1.0.400-rc01.tgz
+    version: 1.0.400-rc01
   - annotations:
       catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
       catalog.cattle.io/certified: rancher
@@ -2069,6 +2091,20 @@ entries:
     - released/assets/rancher-cis-benchmark/rancher-cis-benchmark-1.0.100.tgz
     version: 1.0.100
   rancher-cis-benchmark-crd:
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/namespace: cis-operator-system
+      catalog.cattle.io/release-name: rancher-cis-benchmark-crd
+    apiVersion: v1
+    created: "2021-04-07T00:55:11.851433409Z"
+    description: Installs the CRDs for rancher-cis-benchmark.
+    digest: 9554f4ad162bca2ba60dc59ef803ee901fe7029f8f4c700e3f5328af0b8358b8
+    name: rancher-cis-benchmark-crd
+    type: application
+    urls:
+    - assets/rancher-cis-benchmark/rancher-cis-benchmark-crd-1.0.400-rc01.tgz
+    version: 1.0.400-rc01
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"
@@ -6025,6 +6061,24 @@ entries:
     - released/assets/rancher-monitoring/rancher-monitoring-crd-9.4.200.tgz
     version: 9.4.200
   rancher-operator:
+  - annotations:
+      catalog.cattle.io/auto-install: rancher-operator-crd=match
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/experimental: "true"
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/namespace: rancher-operator-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/provides-gvr: clusters.rancher.cattle.io/v1
+      catalog.cattle.io/release-name: rancher-operator
+    apiVersion: v2
+    appVersion: 0.1.4
+    created: "2021-04-07T00:55:12.217551206Z"
+    description: Control Rancher using GitOps
+    digest: ffbce9b2b0886047cab39b3131a428c5c5175769ec1c09f3766efeb5740b2472
+    name: rancher-operator
+    urls:
+    - assets/rancher-operator/rancher-operator-0.1.400-rc02.tgz
+    version: 0.1.400-rc02
   - annotations:
       catalog.cattle.io/auto-install: rancher-operator-crd=match
       catalog.cattle.io/certified: rancher
@@ -6315,6 +6369,21 @@ entries:
     urls:
     - assets/rancher-operator/rancher-operator-crd-0.2.0-alpha01-rc01.tgz
     version: 0.2.0-alpha01-rc01
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/namespace: rancher-operator-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/release-name: rancher-operator-crd
+    apiVersion: v2
+    appVersion: 0.1.4
+    created: "2021-04-07T00:55:12.221100449Z"
+    description: Rancher Operator CustomResourceDefinitions
+    digest: 0e44f3664a6e21c659e570df732dc62204fe8f3fef443ec91f451ea7a57898cc
+    name: rancher-operator-crd
+    urls:
+    - assets/rancher-operator-crd/rancher-operator-crd-0.1.400-rc02.tgz
+    version: 0.1.400-rc02
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"