From 99dd2e8bb48dc2e47ae548c80c226c11c9b27f9b Mon Sep 17 00:00:00 2001 From: Eliyam Levy Date: Mon, 19 Dec 2022 15:08:14 -0500 Subject: [PATCH 1/3] make remove rancher-backup/3.0.1-rc1 --- .../rancher-backup-crd-3.0.1-rc1.tgz | Bin 1770 -> 0 bytes .../rancher-backup-3.0.1-rc1.tgz | Bin 10598 -> 0 bytes .../rancher-backup-crd/3.0.1-rc1/Chart.yaml | 11 - charts/rancher-backup-crd/3.0.1-rc1/README.md | 3 - .../3.0.1-rc1/templates/backup.yaml | 141 ------------ .../3.0.1-rc1/templates/resourceset.yaml | 118 ---------- .../3.0.1-rc1/templates/restore.yaml | 122 ---------- charts/rancher-backup/3.0.1-rc1/Chart.yaml | 26 --- charts/rancher-backup/3.0.1-rc1/README.md | 72 ------ charts/rancher-backup/3.0.1-rc1/app-readme.md | 15 -- .../default-resourceset-contents/aks.yaml | 25 -- .../default-resourceset-contents/eks.yaml | 17 -- .../elemental.yaml | 49 ---- .../default-resourceset-contents/fleet.yaml | 50 ---- .../default-resourceset-contents/gke.yaml | 17 -- .../provisioningv2.yaml | 20 -- .../rancher-operator.yaml | 28 --- .../default-resourceset-contents/rancher.yaml | 54 ----- .../3.0.1-rc1/templates/_helpers.tpl | 87 ------- .../templates/clusterrolebinding.yaml | 14 -- .../3.0.1-rc1/templates/deployment.yaml | 79 ------- .../3.0.1-rc1/templates/hardened.yaml | 120 ---------- .../3.0.1-rc1/templates/psp.yaml | 29 --- .../3.0.1-rc1/templates/pvc.yaml | 27 --- .../templates/rancher-resourceset.yaml | 13 -- .../3.0.1-rc1/templates/s3-secret.yaml | 31 --- .../3.0.1-rc1/templates/serviceaccount.yaml | 11 - .../templates/validate-install-crd.yaml | 16 -- .../3.0.1-rc1/tests/deployment_test.yaml | 216 ------------------ .../3.0.1-rc1/tests/pvc_test.yaml | 105 --------- .../3.0.1-rc1/tests/s3-secret_test.yaml | 141 ------------ charts/rancher-backup/3.0.1-rc1/values.yaml | 79 ------- index.yaml | 45 ---- 33 files changed, 1781 deletions(-) delete mode 100644 assets/rancher-backup-crd/rancher-backup-crd-3.0.1-rc1.tgz delete mode 100644 assets/rancher-backup/rancher-backup-3.0.1-rc1.tgz delete mode 100644 charts/rancher-backup-crd/3.0.1-rc1/Chart.yaml delete mode 100644 charts/rancher-backup-crd/3.0.1-rc1/README.md delete mode 100644 charts/rancher-backup-crd/3.0.1-rc1/templates/backup.yaml delete mode 100644 charts/rancher-backup-crd/3.0.1-rc1/templates/resourceset.yaml delete mode 100644 charts/rancher-backup-crd/3.0.1-rc1/templates/restore.yaml delete mode 100644 charts/rancher-backup/3.0.1-rc1/Chart.yaml delete mode 100644 charts/rancher-backup/3.0.1-rc1/README.md delete mode 100644 charts/rancher-backup/3.0.1-rc1/app-readme.md delete mode 100644 charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/aks.yaml delete mode 100644 charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/eks.yaml delete mode 100644 charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/elemental.yaml delete mode 100644 charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/fleet.yaml delete mode 100644 charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/gke.yaml delete mode 100644 charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/provisioningv2.yaml delete mode 100644 charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/rancher-operator.yaml delete mode 100644 charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/rancher.yaml delete mode 100644 charts/rancher-backup/3.0.1-rc1/templates/_helpers.tpl delete mode 100644 charts/rancher-backup/3.0.1-rc1/templates/clusterrolebinding.yaml delete mode 100644 charts/rancher-backup/3.0.1-rc1/templates/deployment.yaml delete mode 100644 charts/rancher-backup/3.0.1-rc1/templates/hardened.yaml delete mode 100644 charts/rancher-backup/3.0.1-rc1/templates/psp.yaml delete mode 100644 charts/rancher-backup/3.0.1-rc1/templates/pvc.yaml delete mode 100644 charts/rancher-backup/3.0.1-rc1/templates/rancher-resourceset.yaml delete mode 100644 charts/rancher-backup/3.0.1-rc1/templates/s3-secret.yaml delete mode 100644 charts/rancher-backup/3.0.1-rc1/templates/serviceaccount.yaml delete mode 100644 charts/rancher-backup/3.0.1-rc1/templates/validate-install-crd.yaml delete mode 100644 charts/rancher-backup/3.0.1-rc1/tests/deployment_test.yaml delete mode 100644 charts/rancher-backup/3.0.1-rc1/tests/pvc_test.yaml delete mode 100644 charts/rancher-backup/3.0.1-rc1/tests/s3-secret_test.yaml delete mode 100644 charts/rancher-backup/3.0.1-rc1/values.yaml diff --git a/assets/rancher-backup-crd/rancher-backup-crd-3.0.1-rc1.tgz b/assets/rancher-backup-crd/rancher-backup-crd-3.0.1-rc1.tgz deleted file mode 100644 index 6326b83a91cfef79a0b32679bf96a41f662c4387..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1770 zcmVDc zVQyr3R8em|NM&qo0PI^|Z`(K$&$B-Tk$dRf0e0osaSsNHYt~5@#da5ko$bqFfzs4i zW; zyOQ)fJ}4q-q?6%KTxrahLV5{kGQCx3A!H7^*C}MER}qX6jv_`$qPouGKEr={V{4Mb z|22dW!y44vR1?oV3d;Sz?+v_B&i~(egX`A+&p}z|!4ZWg4cz>tdJq3o#{C}qod?SO zF`C3mi*TB{>@6%Pr-|{0ps|lNHs^=+8EZGHxAE_-J9ktB#LNt&h@&xbO|dY^d4!N< z{zHP83`8uJm~EIOV~X-1W>~IAI|wNvjF(PWtaNf_r9PU#b`kddM0(7=NXj+HiC}Ta zQ>I*W~rl*T$%J*9=j0elvz&!dFwf^&oRfKXae9u(qPN$*z?>_BA(YQZch z1M}vtJjQ)>H>0&mvJox6?>MvStPNY^VqjWM3xZZaXME-z;C{M z`Z}2H3?mdt5t*2{Hc(4zv)+<>o+02wu98qR5qv>|84zhTo}Y=(PTVq6kXR&P%f5t& z;2Kj-d60~5q0N&84fX(e%ov_C7$Xy@_a5)5XiGWkI6&5n?V!mNX@Oz|Nz9#REwmXS zHE^rinCpERL&|9whhx+)KsAR!kQ^9UGPdEztZLB{DfnitO)7xI(#W}UUS$cMa2UCe z5xPyWg;Zno=0iw*PJ^X>LzIZRULj=D__(P?ztWj@RVo9NZRy z`5@21iE?Gm4Y>b2n>|o-pP`FYF=LB37lHxi1+ydsPG4fJ7VWsaS=8CS%1(TASlg>cX|00!xWkxo7K(N|SzOOmxO^ zq?SV8JG6d0GKZ%P@{J>w9gi&L3gjdBKLQ6?kU*8DqR-5}$`ZRc46$?snqwiImb5o$ z^^w6&mzW)i=bK8wTD;WN(4T+3mSWorq|*A|M&d{XDk0?RVM%tkpv zc4gQv4f*b{+yrXjt@C-%5|VE(&OECuc5aJUP0Li6GnIh4bEWN-hXF}SKQGsC;EAx< zho30-oqJJu*Qu4LR-~ylMR(<*8_Cy4in&})A%Lf-c_lr(KJ6qTpGqGL&w&+KcTN1N zt8$1nS>8QG5|nb^!Y!5TKpi%g9-yQ&Q)@X}s!q@BtjFcqP{Q*?2{v-m;%7t8KEmLgWGKE7VhYIboe7oa(gMFnDE0 zuslO#%JO(s>NzIcDk?E=^P|e-Y#*Y#pRT>GI!D$0UkeG(Z2+pc|0m5px&EK4QG5SC z3!UozZ|tVwyT5_V-}@6b`*;3yYU4dX)=OrIz^QlI728gm?#`1M4L26=qpO7{MKsT9 z;kErX72o(ip5Xg~4-D+*F%jz-7=1ayWr&~Bo)fPC++D3Wq)+JhHPC?sJ zQjy*mCL)X&Bp%RcFG<^0(b7vLNBw7dcXRvmT`%;T;!*Yc&;HfB{O>>eqxSb-XQ6+g zskMN#;D9F6+fL_ZGfI|NYNVG~o76G)tI1e_kLD}%ZP$vv_1cr8rIuQ1>7~=(0RRC1 M|8HsyxBx-`0K<%ShX4Qo diff --git a/assets/rancher-backup/rancher-backup-3.0.1-rc1.tgz b/assets/rancher-backup/rancher-backup-3.0.1-rc1.tgz deleted file mode 100644 index 9a6f1537d5a5ca2491ed7a91312743723bfdb059..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 10598 zcmV-sDVf$EiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PKBfciXtKV1FI`3LGYHI=N%gq+~mZreB|tWy$d-+te02w>u4y zkVK0j83L3o$Nk^uVBtTfW{>7HtS>P6J-vk z_AgJDR8>`Xwzk+`RaLWpwRi7!e$lonTU%ROm2GwV7ggI*-@W?3eOwhEjn2W2xww&Om@T-UXsYS3H<=VKm z9Mionrrz`2nPnm@k7j-qMCjujO7sqq&6!pRBy5Nj7s|>z!GyB%elZVxWFv@?V0gMo z3kzVw^-vW|p#w)~iX2jyi_B>z!wxV(zD!)#F3c8Kvf)lW*Fg?h3wz*U;v+bX>snSc zMJqwi>V`<0chKR!vjOhrUK(5NRSBz zb0%+#aN!E24mogO(}83NZH!6)yn00en8+a(wA;w=5oy6G0@e^-KwP*6N_p> zYd8b|x_6|5gbsJ*LdG%ZJ)$dUW)=n;vWT~i-ByE7}v1N>bX<>>I19R@csbv5*JX1x< zH9dzGID!K3hV~(oclEb`c5sf!32b`F_|meP6F!~b_FLkG4y+AOQu`%U%TrdHkzOUikk$^mV3IWE6R`D)#wDk$$;rP3=< zGfiN-BVeN$vcb@XBOF>Ov34w(Xb_A-At64~D50n`DnH{tD06NoyZssRfk*3R#-M;< zThx$y#j{1K;Ww%XC_8`uf4|W()E4=@`di@JzgK_rT%Y_-Q5f!Y3IRqQ^qCH~Eleo? zO?L_{2UD@IJOEA8M~tOp3<*~bj!T$Yr7guUmmK$uQ=paKDJuPM^ZkaV#y{VcnO&o( zn_788`#_)G^T(YH1<#BPMc7`7?HbT7l}5HZfVP;<5Su9$0JwE81}PnlEKKNF$FwJH z5QEq}W6?+`GO+J_?9-I8rhH(kwdI-!*l>Vs%!WMAH37uf8ad2X=JHrwCXNa1>$oP8 zF|v_C%|5DmOY~Kny>b02`1UtLdMsE@KLXl~3F|1twW%&f;Ej*I29}R-(nw`S;?CQW z$i-%T;PW4)5*!XK$0BnMp7t5bKsCdlikosJIZb3)Jl}GCi_B9xm3EEO8S;H9lgzR> z3vBz$wJl@LIK$qRUIEt=plbFtoZ}79LNnxVfP-PnC1*auylaZaVin^#OBtwDAn^|p zW6CLm3vB>>AI>RzqWpXW#>sKt^Q{?Wl`lF&(g;|m)d<8Brb>s_DDaW&xuz_@BY)Ei zY+GjNWr0Wz5p9;TWU*HG5%yok{wHYa*^nxxFJoj=1*Q=1u~UIn_W#y)C1d~ZZ0&5n z*#FOwzI~I0aRnr3E{!6PuP-MOkM54~NL0lYy4o7WnDw&=9Wzsqr;{wv=T}AsJYVEvbgaXgWiF-JN>S zM?m^bQ?xBvm4H%*9(SKu2rEai4?@|ui1^9i3=n}zT5HB$v{b7u&9tzI>)|vbY|>$1 z+jBsx&76(^dLAGHcdD##<%d+FY;d!ofpHq`+fNE8OGGCJJ|)N=hI7X-(U~aA@5y z%Q(S;EC-m6iPKDNX5r=m5K}`dnqTu=%t~2FCd(@o$gligSW1yBeuwRTM~x>N8VE@L zM*`9p>Hc+cr&HGv*3>FGc`i=q7}-+=kGaRK3ch^f zkXO1EIUMOX=y{pm9{Jn8eJdz(2fhX_K^Z3Gp>U_GDG%lxkj|aAN}Jngg-i^M#WmTO zt*cx}2=^&2=2+afmExMPMFcv}Pt}8Uqrd+y75Kq7V|A99|0HXil7+0ZM_94|a#NN{ zaDdTjh9vFZRzhIctbB&Pg?K8lUuZ3HlW;|P3L)dnI_uRrv)HT@h-Crc3FmWm-~`hF zwaf#@Mi>K_m`(!=gON2u&Psja&5U#vts%n_+5!nDkdlC(sw{Dres!ZPVF-|K@5rHNouv!A(o?`?M0~GhWFvU<@ z&W=XmJK$Ijouq>;3IPX$D`XJ1TE?r=PU-G7Xev_ng1W?FadyaJui3ce+DJ!3T7?`h zBkbX#C^V;*Qvv{b*1qos-V)Y6le$?b|0eQmcRoeV<`lkv|L!Trvi@!hoOkQmcVt`6p|hB$W>I zJWTZqm#V#}J3da~tRvD-pq4yj(9)r0%^|U!GRFzfOM&NSATg31PG%^r0(^omG}$Rk z561PLVd2qOrPQ4rk>2j%p*v5}KUHB-)p6Kw#At?YP7dNg17>jg?j6 z^&0T^-__h_0!KM~$pwUO-y#oExR#J-y;#FYz=8eJGwl0^}{%8_!&8~Y9cRZas6XW?|f<1P8#jATD=i{kGzLV^j%6t42wpB6mcBkUZYv- z9(TU9D_?eN^`q|Dmv-k=ukAO!9G})}orBX>Aq|VY_7Fz&HNw7HIvvWCViWk>=tX$oO*0h?) z0DwVXtE-6O$+CLW9Xa6LFNTdx|U#AINvImnn>Y- z(Aae+QWbbECgC}T4gM5(BOjV5pItVQjR=xGX7x!`z+U3OFc314xd8@f==w-zui17- z%XOkjAEntH4v(#=MXEr{&C?z}_gKtf4$BCbrS3We-H=$#`+-x#E!WXqmsA1q1C;*M z#mKJ$O;uI#-bYj@NN6Fm%{l*sLGULXoP;%!n;fO4M-OUpkeWb6Al98fi9Hx%bKByH zR3=|$MpZDUO6}uH7-a5r3aM)OED2cB29RV&+E}0$;ziO8AhEjB0zzoSnjU>4YRaH_ z^xtp)mS8|!W|5{n!X0;loPSGVzvSQ2A0=6q(`QLS1((Q|v=>84(xIPrFW4&}G)|KK_s&&?$maS#opMCKn9qkAUmgyeT zI_qiGY=7b$+?;6xL}1v1&RnxCx;r1tUOG_9xb=K%X4z1qJ-OZpY*Yomo&=ca34`@lwv2L24Y*W3mZ#>-+4sQnY<4ge+Crxlg8Y@g zh0Z9cnWmP*&2*lo@TLlOwzn(WB>;w)%gPgh^AR*p9eYkI*0gNI4YimhDHoUwe&uT< zzvjBG!?|raqnrv94e|KSD{Ly69fzU+u4%kPJ%vhA;?M#BXyhXtRgS&lov<_a;z}Pl zESq?0@P{8gP5zHf3;jPH_MYk(@T&L^+V*zF|FgYQe)0c2OM2!35qpmt3zrQ;Oi`VM z9~#(zHst62Uk0l0Jx~>{#{8Nc#(s2Xe@VHtSpSP16i|^ff>@ULF_g*St#Dx<%RZAJz~ksT1+>`#0z-+sU8${+44Zifj;XfnSh?(U8Pd zd={l(ze;+mefn%Yg_`)j7R;B`+aH}4>i_UVA{Ny{$AeY-|F?HC`oFBHTKPr)KSxSA zSPPC|MT%Y*AKR#CB_!KhWQ<73a2?{iwvBuiK7;DV*qt3=mBdD0Ddjz`0x8~sE_M%b zRFc3YWgUOw)T{{OCPgR8LNA2auE)$^@Y;i9ya8T+0oDHo3Nvw)ecK%XiA5*c480$T z?$6HlQ))K<#rKx7QIU@auR{=saL|eIrkp##`lA~?krv8-dWY_#aIBF3az)L?|JvE9 zyqy1emb7@s=R%W@@6)`OjaRt2^LY$C9+mLagI@zw!o;_n(Vn0>XUO3Sh$Naar7*%6 z%TXNki&kSn8L&JY*tc&$#A`8u)E^^9gf?Q4(+WbCwJXVBB^v;O8MLj~hF^#ZOan~7 z0EMBGOsSaUL<^*LGK8$*q09KYFpL?kzIdOo{xSfPVa`&uu4SqaX9O0G^9@};I${!X z!kv1MSOXh{#x8(36<;GY;6cw3cDE z?^(wPM_~=)P;#Q1CS%Lds^&5jc8J0NbUe#~*mM+jajC^zP0b%(rVo!#i^u=ehJr^K z0W0nQ{P|zC@^b#~S<+K)e0t<*+RUl7hYa{xizY>ol2}S#u(qDu6u%lq0rG#8R$3_k zY?y)sh1&{b!++>r@Rk1Gt*zYr|7HE}dD1H(E+Yco*vJ8IY}ch`gtTn8l?0^3&L9a$ z^#8YSfyyQgulS63=mw5SXV<1>ki-W}r^x)HRP1rsJ`{W1n9_f!GSY$OMm_K*8t)%iy+6Ku|Scb zU~o<>yw4#~D)6YiM8Tzy9SD8Nj=!gog{m}vt4bREWuD?W%Uh@BgMb(S91e8V1SqwjD%9jB945gI{y)(sDNF5pT-+K=^<=aHdr`y?ogy} zSPQ<*f=#(NldUG8X0k_~&0T8kiKlCej4dZw>P^^;IeZCsV}&z#7_Lce(i)4|zZ6=Et{ChhMN zCXX0%2ik~;-$NUY7?tS}1jNhXsb=A^V>kf*`lp60zd5<71G5iB#-ex2&@mIodBGj{{0GAkg}!*g+JrC}Qs@v%PGAvr zTk0mPC7y`O%;b42-exXRt$>;`u=G9rXoLBc;hXp^!2Es*ZZbPV*Pn7Gx(=WDvl~0& zNqcBJVg=M}>;nIBL~Iftq0K3zbAU~B1F6l9--d%tVlc(*6PQBB8Y1Sq5UQUN85#AI zIbC+%iMb*2hPF5iRb*%{F>sd@UDGaRggI7f29Tl5Szwi~q-#OJRh44Y#q+<+{2zL> zv7k9cPv`?!G5@b@?PTwN*xFWK_J2J~S~~yd)=p~rZ$OW**p6c86vJWB>_6!t82av% zX2em+&@g6*gn1l@D~hJph}~fmLS?002Nie_m@WmTHDnviNU@Kh>H1*G9g- zvw&7&h#;-ohR|-r1#aMj&vdkim0URWr&^AUBcZCBm6e-KE$Oq+vIPj!9dUmY~=Jk6q4};9R6MSR2OULD(LA%;H~p ze0m(UFf(!Oi22mc9YJc}V$uFF@WC8>4Uj(%4Z;KkwX*|pbJYg$pfO=6La%cSA!!~H z=nrU)p=I+J<`~Wp1{Mh|+bA%pxoEG1l4q9anTfK5U-1@;faQR8MNUk?U3T1==fVI7 z#+XhAYW;R;=Evdhj zN?8n(^on~S=*1@l(pmpZoDp~}CHELbr@6AH0ty4v$c!$TE9uB~%F(fOPeh)$#1$Hx zy2Y5k14?mg$Ad8!!q0>mdN|K>*nhMj{0~j{*Z=6L^}qTq8~?Lh-mbiy|9zH}5qk7p zwR5o+LThN=Cm5H|@^R_==yvqObURv4yFNhv!vGd*Yk?K=Uw*fpwf`zF_dh*T`VMjy z^^av%;1gJM5u%m0U7YioO}p=kcpW9M8vhfRc~9C9+@Hwqok|Qul>#DpR9ec3$8lhN zjL@?LXL1o~Z+O=je|~I#<30TD&s>LN=PwdR zt3i0dQRBw*5ytU>ittk7qDqU~O~czE689G$IN?jN%L{y#h#&AMqff?-1-+l$v-A3{ zP!9f~6b1@|DPkRBM-6WU##|?MBpB$=DzgdnzD63b#z8pp_s7YO;I$L9wy4&AUbc6wpU3T==d#fl9S zHj|q|@3B;Ur*Z2?5wwosmY1fHMXubzQzBoDb+IwUsreq0^NjSozT>Et*-%-5n`zMY z#tRInOxY~-@8^epfG|FB+bkkk=#ZzSH&4%x9^hWm(sY0OZ!|&A;QuYZ*niKGo?eyH z{;@=Dr#?TEhj}zXKWJ@_V*W9%pETx$?SFsyPi|zNmDf=PtJeQ3x%2;9@3vmfe?Cik zdihWGkEBKCPmnx?#@KQ~VO;Pv^E&w$?kc>IIca(IQjC2~J+q9&`-6B$*?X7CawIf^ zw;ot{u@CaT6Zyi<5pvhFp~D*;6G+hOyYNHi(e$ku@L&ZHW?r6g&tliEMEeAWM6NHc>49A0u3n>+f3!e8b9%7;zlRTC)%wrQPB#8urSk4Y z|36E5vh^R~F1-8GlkfgCV>X0uc--(?x?C_8*DmC&4azOL@&$jwh%;%&gx%<=e-793UbqEpSh(o+D_w#jn z0)wS!Bhl+SL2}BC0SUC-wErU?jxaAdYwuK25RYhd8 zFF%@WMns|Px;JxxoSEgj4vVQZgTBSWrKF|Uy`kMGJh`ux-zlo1Dq6LomEYg1Lp`uw z$eCrT71>EVmjB02=j_Xwe){PmZ9pxh`umd8{)y;moh~3IBtqSMzoDt|&v#`-+hGq{ zc|-d^pWgGwoec%gj147Rc8lB}>-Q}ll4I(cJVb@#vb^`}aR4~(naGu-ue|kB^vA^v z&(NCZTjCzhVrk4ra(p)Zva;TLjb^QT-1&0W(Ax*?PNP+Cd}*|5yT^^a94itPkwrxw zB?Ub0%n5T8EuxY|k33`Wq-^v^DN`58o5>=YjC7CDP=vps6creCkA_)zNp%WIR1JfE z;#Qa5IBwM14VhYUvYPL8EGrLxWCWPFQ-BF1mXWv|b=^J)76i1c0_jX|>@}JPt;U|* zJ3a26G^AYqWKhm@iFW5yukAPL$F+95pqzCZVmJ`_YbT9bTR!Wx4=x)&g;IDD;drJF zlWVF%%YOz5VmGH@;;*ulqt3$}b)mn2yFx`sYh8e<0%2lRbgh$_)ujdgIq< zI79|vj$_d_sL-$6phOlJnnLK-uX;SEjf-T?i1Hw~@&wHb&V)AD#XaGN1?2x@`TH<> zwWahH@N)@A7m&PE-AB$Eeg(k2djFbgKZjzmFDoV@@5~b4!VVXj=z(nuFYb46Y-N!z zvgwmV{AgeJ|HM?d{^QMzCt3IrX~q7Zt+KYAz5iQ%+5h=GDY^c0)~lx%ejdH569Fim z0Eb#6I}d)$(ocH2zV_13b5MHU^&x&`%?X_gJqNAa-i>i)Edn6v2%3H0BIwj9bc$o^ z_F1^fD2}POE~IVFV-{ll*~QHMe%fQY0m- zlmhl2?P+bS^tApIx^o$+5AL`N`SqiXq5pxY(Eg9M_dLxkV8#Bgt#ajEcK_E){HJG1 zN&CND5!V@}X92m*UJsiKWWXe}8m=rGZQ|<-t3aB&fzMw=&Mb;hOjcazDuvi7XvA5`c2Oin`kv*@PGpSAvl1}(dCeUGxBuqt^AE6y(&`lUa(*k_Pt?r!>DPkzTu=V# zDn%0~imhPtpZDxwQKga%9>XeZU4H5APsE7(w5}jN*SbGlr2tzL9r1$?0hX^3CbD+V z=8bBVY~BR0!uE~t6aI;t5R8pU4hwZNZ5l&ir=Y8||Qf*e+-NW5W)jm4!60hI9^jZyXcc30_ce;&h zU2S!YuGwk#4{r5lvw1#gReIfK>wIEw>0N!dqaHdP`{L+)(rk6Q2e;kn&DDw4RQsL7 zrm2qI3w65%C(TMn)mx^jbuTOSX|LJPdgbv|XQF*Q|1@stjfvLj=?>~{ce|b5Cpc+# zI=#bP^V(}%YIdV%H+8+C?_Tch!hU1xy3;gIVT0D=@DNU#r{`1CH~M2Ac8zWGcDH`s zYc};sbGM_mcDtSNZl`M>o=;j%n?84YyY;Kumg)2==j98v-53+Sd|rmPy;f)H-s=7B z*6F^gcFMZft{AuNeSB+bE&H@$IB&wIBQ+x@-E8|3VcTjhiDNu^spR=1}o&g7`= zT=rXgy|3t#XY0+~ok8<(Zd}>kpyBml?^0_uTVMNj^UB=+aMhnS>#*0t$Lh`ApwZkj zCr#M3FJ?!#Ew$6^buQajyWG1_&(FQS(H-xd+n1+yqp~|cR}af(|K_kiy~Mpwy+)^3o7Ww^-l>xv zXNN;*l?mI2g*`HjWT$#b3V(#mThhFz;cdI`kmfqdkKGwRo169*dw|6x7csVyFA1>PE z%b>g0y&g>7&yD>SJa;bZgNoPfw8_P#qtDJYbGz$|kGj)?ZKK)h=r!-?{K}qo8%=V2 z+qyKG-pR?nesodBH@Y^iw7dFlx7(}_Zd)z0-0Gh9_4=i{-ETJ=s@}bHy1njp>tlDT z|H(cvr;YMS=g{eB-n>5D+B$da=6Sgl7`^6|sWqK`SMPVPcE6ra^jlN?aCyF+P3>%6o3@my=&=+|CW26tNxoA&jFt{v)^ znoi7Hv)B5hpX(oM+vjBupMJ8B_5O#RS@tga{gZOnu3ei`ZNL4|3kIJKD`vNMT)%4i zok{PobxY;sT03cYLA(5+exce|y}ecg?VndV`{u!*)2i!@?P;$!E<>m0x17tb@YDG4 z;*(zP_Q$y0Z1rIOV19XZh})gXQLk}w)4J`=TXmwJHYc~pHZ*+s=W z?Cg)Xk@cYhKk9p3yE!>8f3Vw{`RQ`fvT`w)bE{NXqWxLr`@mmRIOa7 zm#6KCv2{_tyfD@CTcgpu?p=+0r~56}=v?lj=I+PNq&Mp~FCD`^Il9n#`pLwGT~$9c zwPy38(wwz#n@8<^v)=7rm-SD(u-o(cCw*;CpV+?H+`Vp}yG&0XcYCLLy;z6eb2v{8 zUdbW-WxRM9FJ8urm+|6dy!cNaFA8UDmV=QI_^5N-Zci+)hkR=||B2=|_nEvE*CoG= z?)>L!f<4)#YckG!Op^palEe{A~y0RRC1|3wL=rU3c?0LDGh A+W-In diff --git a/charts/rancher-backup-crd/3.0.1-rc1/Chart.yaml b/charts/rancher-backup-crd/3.0.1-rc1/Chart.yaml deleted file mode 100644 index d3e16bb9d..000000000 --- a/charts/rancher-backup-crd/3.0.1-rc1/Chart.yaml +++ /dev/null @@ -1,11 +0,0 @@ -annotations: - catalog.cattle.io/certified: rancher - catalog.cattle.io/hidden: "true" - catalog.cattle.io/namespace: cattle-resources-system - catalog.cattle.io/release-name: rancher-backup-crd -apiVersion: v2 -appVersion: 3.0.1-rc1 -description: Installs the CRDs for rancher-backup. -name: rancher-backup-crd -type: application -version: 3.0.1-rc1 diff --git a/charts/rancher-backup-crd/3.0.1-rc1/README.md b/charts/rancher-backup-crd/3.0.1-rc1/README.md deleted file mode 100644 index 046410962..000000000 --- a/charts/rancher-backup-crd/3.0.1-rc1/README.md +++ /dev/null @@ -1,3 +0,0 @@ -# Rancher Backup CRD - -A Rancher chart that installs the CRDs used by `rancher-backup`. diff --git a/charts/rancher-backup-crd/3.0.1-rc1/templates/backup.yaml b/charts/rancher-backup-crd/3.0.1-rc1/templates/backup.yaml deleted file mode 100644 index 75ad5bf7b..000000000 --- a/charts/rancher-backup-crd/3.0.1-rc1/templates/backup.yaml +++ /dev/null @@ -1,141 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: backups.resources.cattle.io -spec: - group: resources.cattle.io - names: - kind: Backup - plural: backups - singular: backup - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .status.storageLocation - name: Location - type: string - - jsonPath: .status.backupType - name: Type - type: string - - jsonPath: .status.filename - name: Latest-Backup - type: string - - jsonPath: .spec.resourceSetName - name: ResourceSet - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1 - schema: - openAPIV3Schema: - properties: - spec: - properties: - encryptionConfigSecretName: - description: Name of the Secret containing the encryption config - nullable: true - type: string - resourceSetName: - description: Name of the ResourceSet CR to use for backup - nullable: true - type: string - retentionCount: - minimum: 1 - type: integer - schedule: - description: Cron schedule for recurring backups - example: - Descriptors: '@midnight' - Standard crontab specs: 0 0 * * * - nullable: true - type: string - storageLocation: - nullable: true - properties: - s3: - nullable: true - properties: - bucketName: - nullable: true - type: string - credentialSecretName: - nullable: true - type: string - credentialSecretNamespace: - nullable: true - type: string - endpoint: - nullable: true - type: string - endpointCA: - nullable: true - type: string - folder: - nullable: true - type: string - insecureTLSSkipVerify: - type: boolean - region: - nullable: true - type: string - type: object - type: object - required: - - resourceSetName - type: object - status: - properties: - backupType: - nullable: true - type: string - conditions: - items: - properties: - lastTransitionTime: - nullable: true - type: string - lastUpdateTime: - nullable: true - type: string - message: - nullable: true - type: string - reason: - nullable: true - type: string - status: - nullable: true - type: string - type: - nullable: true - type: string - type: object - nullable: true - type: array - filename: - nullable: true - type: string - lastSnapshotTs: - nullable: true - type: string - nextSnapshotAt: - nullable: true - type: string - observedGeneration: - type: integer - storageLocation: - nullable: true - type: string - summary: - nullable: true - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} diff --git a/charts/rancher-backup-crd/3.0.1-rc1/templates/resourceset.yaml b/charts/rancher-backup-crd/3.0.1-rc1/templates/resourceset.yaml deleted file mode 100644 index 4b71d7ecb..000000000 --- a/charts/rancher-backup-crd/3.0.1-rc1/templates/resourceset.yaml +++ /dev/null @@ -1,118 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: resourcesets.resources.cattle.io -spec: - group: resources.cattle.io - names: - kind: ResourceSet - plural: resourcesets - singular: resourceset - scope: Cluster - versions: - - name: v1 - schema: - openAPIV3Schema: - properties: - controllerReferences: - items: - properties: - apiVersion: - nullable: true - type: string - name: - nullable: true - type: string - namespace: - nullable: true - type: string - replicas: - type: integer - resource: - nullable: true - type: string - type: object - nullable: true - type: array - resourceSelectors: - items: - properties: - apiVersion: - nullable: true - type: string - excludeKinds: - items: - nullable: true - type: string - nullable: true - type: array - excludeResourceNameRegexp: - nullable: true - type: string - kinds: - items: - nullable: true - type: string - nullable: true - type: array - kindsRegexp: - nullable: true - type: string - labelSelectors: - nullable: true - properties: - matchExpressions: - items: - properties: - key: - nullable: true - type: string - operator: - nullable: true - type: string - values: - items: - nullable: true - type: string - nullable: true - type: array - type: object - nullable: true - type: array - matchLabels: - additionalProperties: - nullable: true - type: string - nullable: true - type: object - type: object - namespaceRegexp: - nullable: true - type: string - namespaces: - items: - nullable: true - type: string - nullable: true - type: array - resourceNameRegexp: - nullable: true - type: string - resourceNames: - items: - nullable: true - type: string - nullable: true - type: array - type: object - nullable: true - required: - - apiVersion - type: array - required: - - resourceSelectors - type: object - served: true - storage: true - subresources: - status: {} diff --git a/charts/rancher-backup-crd/3.0.1-rc1/templates/restore.yaml b/charts/rancher-backup-crd/3.0.1-rc1/templates/restore.yaml deleted file mode 100644 index 0f39ecf06..000000000 --- a/charts/rancher-backup-crd/3.0.1-rc1/templates/restore.yaml +++ /dev/null @@ -1,122 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: restores.resources.cattle.io -spec: - group: resources.cattle.io - names: - kind: Restore - plural: restores - singular: restore - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .status.backupSource - name: Backup-Source - type: string - - jsonPath: .spec.backupFilename - name: Backup-File - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - type: string - name: v1 - schema: - openAPIV3Schema: - properties: - spec: - properties: - backupFilename: - nullable: true - type: string - deleteTimeoutSeconds: - maximum: 10 - type: integer - encryptionConfigSecretName: - nullable: true - type: string - ignoreErrors: - type: boolean - prune: - nullable: true - type: boolean - storageLocation: - nullable: true - properties: - s3: - nullable: true - properties: - bucketName: - nullable: true - type: string - credentialSecretName: - nullable: true - type: string - credentialSecretNamespace: - nullable: true - type: string - endpoint: - nullable: true - type: string - endpointCA: - nullable: true - type: string - folder: - nullable: true - type: string - insecureTLSSkipVerify: - type: boolean - region: - nullable: true - type: string - type: object - type: object - required: - - backupFilename - type: object - status: - properties: - backupSource: - nullable: true - type: string - conditions: - items: - properties: - lastTransitionTime: - nullable: true - type: string - lastUpdateTime: - nullable: true - type: string - message: - nullable: true - type: string - reason: - nullable: true - type: string - status: - nullable: true - type: string - type: - nullable: true - type: string - type: object - nullable: true - type: array - observedGeneration: - type: integer - restoreCompletionTs: - nullable: true - type: string - summary: - nullable: true - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} diff --git a/charts/rancher-backup/3.0.1-rc1/Chart.yaml b/charts/rancher-backup/3.0.1-rc1/Chart.yaml deleted file mode 100644 index a6fe7796d..000000000 --- a/charts/rancher-backup/3.0.1-rc1/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -annotations: - catalog.cattle.io/auto-install: rancher-backup-crd=match - catalog.cattle.io/certified: rancher - catalog.cattle.io/display-name: Rancher Backups - catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.25.0-0' - catalog.cattle.io/namespace: cattle-resources-system - catalog.cattle.io/os: linux - catalog.cattle.io/permits-os: linux,windows - catalog.cattle.io/provides-gvr: resources.cattle.io.resourceset/v1 - catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0' - catalog.cattle.io/release-name: rancher-backup - catalog.cattle.io/scope: management - catalog.cattle.io/type: cluster-tool - catalog.cattle.io/ui-component: rancher-backup - catalog.cattle.io/upstream-version: 2.1.1 -apiVersion: v2 -appVersion: 3.0.1-rc1 -description: Provides ability to back up and restore the Rancher application running - on any Kubernetes cluster -icon: https://charts.rancher.io/assets/logos/backup-restore.svg -keywords: -- applications -- infrastructure -kubeVersion: '>= 1.16.0-0' -name: rancher-backup -version: 3.0.1-rc1 diff --git a/charts/rancher-backup/3.0.1-rc1/README.md b/charts/rancher-backup/3.0.1-rc1/README.md deleted file mode 100644 index 54b8d7feb..000000000 --- a/charts/rancher-backup/3.0.1-rc1/README.md +++ /dev/null @@ -1,72 +0,0 @@ -# Rancher Backup - -This chart provides ability to back up and restore the Rancher application running on any Kubernetes cluster. - -Refer [this](https://github.com/rancher/backup-restore-operator) repository for implementation details. - ------ - -### Get Repo Info -```bash -helm repo add rancher-chart https://charts.rancher.io -helm repo update -``` - ------ - -### Install Chart -```bash -helm install rancher-backup-crd rancher-chart/rancher-backup-crd -n cattle-resources-system --create-namespace -helm install rancher-backup rancher-chart/rancher-backup -n cattle-resources-system -``` - ------ - -### Configuration -The following table lists the configurable parameters of the rancher-backup chart and their default values: - -| Parameter | Description | Default | -|----------|---------------|-------| -| image.repository | Container image repository | rancher/backup-restore-operator | -| image.tag | Container image tag | v0.1.0-rc1 | -| s3.enabled | Configure S3 compatible default storage location. Current version supports S3 and MinIO | false | -| s3.credentialSecretName | Name of the Secret containing S3 credentials. This is an optional field. Skip this field in order to use IAM Role authentication. The Secret must contain following two keys, `accessKey` and `secretKey` | "" | -| s3.credentialSecretNamespace | Namespace of the Secret containing S3 credentials. This can be any namespace. | "" | -| s3.region | Region of the S3 Bucket (Required for S3, not valid for MinIO) | "" | -| s3.bucketName | Name of the Bucket | "" | -| s3.folder | Base folder within the Bucket (optional) | "" | -| s3.endpoint | Endpoint for the S3 storage provider | "" | -| s3.endpointCA | Base64 encoded CA cert for the S3 storage provider (optional) | "" | -| s3.insecureTLSSkipVerify | Skip SSL verification | false | -| persistence.enabled | Configure a Persistent Volume as the default storage location. It accepts either a StorageClass name to create a PVC, or directly accepts the PV to use. The Persistent Volume is mounted at `/var/lib/backups` in the operator pod | false | -| persistence.storageClass | StorageClass to use for dynamically provisioning the Persistent Volume, which will be used for storing backups | "" | -| persistence.volumeName | Persistent Volume to use for storing backups | "" | -| persistence.size | Requested size of the Persistent Volume (Applicable when using dynamic provisioning) | "" | -| debug | Set debug flag for backup-restore deployment | false | -| trace | Set trace flag for backup-restore deployment | false | -| nodeSelector | https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector | {} | -| tolerations | https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration | [] | -| affinity | https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity | {} | -| serviceAccount.annotations | Annotations to apply to created service account | {} | - ------ - -### CRDs - -Refer [this](https://github.com/rancher/backup-restore-operator#crds) section for information on CRDs that this chart installs. Also refer [this](https://github.com/rancher/backup-restore-operator/tree/master/examples) folder containing sample manifests for the CRDs. - ------ -### Upgrading Chart -```bash -helm upgrade rancher-backup-crd -n cattle-resources-system -helm upgrade rancher-backup -n cattle-resources-system -``` - ------ -### Uninstall Chart - -```bash -helm uninstall rancher-backup -n cattle-resources-system -helm uninstall rancher-backup-crd -n cattle-resources-system -``` - diff --git a/charts/rancher-backup/3.0.1-rc1/app-readme.md b/charts/rancher-backup/3.0.1-rc1/app-readme.md deleted file mode 100644 index 15a021cdb..000000000 --- a/charts/rancher-backup/3.0.1-rc1/app-readme.md +++ /dev/null @@ -1,15 +0,0 @@ -# Rancher Backup - -This chart enables ability to capture backups of the Rancher application and restore from these backups. This chart can be used to migrate Rancher from one Kubernetes cluster to a different Kubernetes cluster. - -For more information on how to use the feature, refer to our [docs](https://rancher.com/docs/rancher/v2.x/en/backups/v2.5/). - -This chart installs the following components: - -- [backup-restore-operator](https://github.com/rancher/backup-restore-operator) - - The operator handles backing up all Kubernetes resources and CRDs that Rancher creates and manages from the local cluster. It gathers these resources by querying the Kubernetes API server, packages all the resources to create a tarball file and saves it in the configured backup storage location. - - The operator can be configured to store backups in S3-compatible object stores such as AWS S3 and MinIO, and in persistent volumes. During deployment, you can create a default storage location, but there is always the option to override the default storage location with each backup, but will be limited to using an S3-compatible object store. - - It preserves the ownerReferences on all resources, hence maintaining dependencies between objects. - - This operator provides encryption support, to encrypt user specified resources before saving them in the backup file. It uses the same encryption configuration that is used to enable [Kubernetes Encryption at Rest](https://kubernetes.io/docs/tasks/administer-cluster/encrypt-data/). -- Backup - A backup is a CRD (`Backup`) that defines when to take backups, where to store the backup and what encryption to use (optional). Backups can be taken ad hoc or scheduled to be taken in intervals. -- Restore - A restore is a CRD (`Restore`) that defines which backup to use to restore the Rancher application to. diff --git a/charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/aks.yaml b/charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/aks.yaml deleted file mode 100644 index 779742058..000000000 --- a/charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/aks.yaml +++ /dev/null @@ -1,25 +0,0 @@ -- apiVersion: "apiextensions.k8s.io/v1" - kindsRegexp: "." - resourceNameRegexp: "aks.cattle.io$" -- apiVersion: "aks.cattle.io/v1" - kindsRegexp: "." -- apiVersion: "apps/v1" - kindsRegexp: "^deployments$" - namespaces: - - "cattle-system" - resourceNames: - - "aks-config-operator" -- apiVersion: "rbac.authorization.k8s.io/v1" - kindsRegexp: "^clusterroles$" - resourceNames: - - "aks-operator" -- apiVersion: "rbac.authorization.k8s.io/v1" - kindsRegexp: "^clusterrolebindings$" - resourceNames: - - "aks-operator" -- apiVersion: "v1" - kindsRegexp: "^serviceaccounts$" - namespaces: - - "cattle-system" - resourceNames: - - "aks-operator" diff --git a/charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/eks.yaml b/charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/eks.yaml deleted file mode 100644 index ae57baddf..000000000 --- a/charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/eks.yaml +++ /dev/null @@ -1,17 +0,0 @@ -- apiVersion: "eks.cattle.io/v1" - kindsRegexp: "." -- apiVersion: "apps/v1" - kindsRegexp: "^deployments$" - resourceNames: - - "eks-config-operator" -- apiVersion: "apiextensions.k8s.io/v1" - kindsRegexp: "." - resourceNameRegexp: "eks.cattle.io$" -- apiVersion: "rbac.authorization.k8s.io/v1" - kindsRegexp: "^clusterroles$" - resourceNames: - - "eks-operator" -- apiVersion: "rbac.authorization.k8s.io/v1" - kindsRegexp: "^clusterrolebindings$" - resourceNames: - - "eks-operator" diff --git a/charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/elemental.yaml b/charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/elemental.yaml deleted file mode 100644 index b59046233..000000000 --- a/charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/elemental.yaml +++ /dev/null @@ -1,49 +0,0 @@ -- apiVersion: "apiextensions.k8s.io/v1" - kindsRegexp: "." - resourceNameRegexp: "elemental.cattle.io$" -- apiVersion: "apps/v1" - kindsRegexp: "^deployments$" - namespaces: - - "cattle-elemental-system" - resourceNames: - - "elemental-operator" -- apiVersion: "rbac.authorization.k8s.io/v1" - kindsRegexp: "^clusterroles$" - resourceNames: - - "elemental-operator" -- apiVersion: "rbac.authorization.k8s.io/v1" - kindsRegexp: "^clusterrolebindings$" - resourceNames: - - "elemental-operator" -- apiVersion: "v1" - kindsRegexp: "^serviceaccounts$" - namespaces: - - "cattle-elemental-system" - resourceNames: - - "elemental-operator" -- apiVersion: "management.cattle.io/v3" - kindsRegexp: "^globalrole$" - resourceNames: - - "elemental-operator" -- apiVersion: "management.cattle.io/v3" - kindsRegexp: "^apiservice$" - resourceNameRegexp: "elemental.cattle.io$" -- apiVersion: "elemental.cattle.io/v1beta1" - kindsRegexp: "." - namespaceRegexp: "^cattle-fleet-|^fleet-|^cluster-fleet-" -- apiVersion: "rbac.authorization.k8s.io/v1" - kindsRegexp: "^roles$|^rolebindings$" - labelSelectors: - matchExpressions: - - key: "elemental.cattle.io/managed" - operator: "In" - values: ["true"] - namespaceRegexp: "^cattle-fleet-|^fleet-|^cluster-fleet-" -- apiVersion: "v1" - kindsRegexp: "^secrets$|^serviceaccounts$" - labelSelectors: - matchExpressions: - - key: "elemental.cattle.io/managed" - operator: "In" - values: ["true"] - namespaceRegexp: "^cattle-fleet-|^fleet-|^cluster-fleet-" diff --git a/charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/fleet.yaml b/charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/fleet.yaml deleted file mode 100644 index 9e57c4b45..000000000 --- a/charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/fleet.yaml +++ /dev/null @@ -1,50 +0,0 @@ -- apiVersion: "v1" - kindsRegexp: "^namespaces$" - resourceNameRegexp: "^fleet-|^cluster-fleet-" -- apiVersion: "v1" - kindsRegexp: "^secrets$" - namespaceRegexp: "^cattle-fleet-|^fleet-|^cluster-fleet-" - labelSelectors: - matchExpressions: - - key: "owner" - operator: "NotIn" - values: ["helm"] - - key: "fleet.cattle.io/managed" - operator: "In" - values: ["true"] -- apiVersion: "v1" - kindsRegexp: "^serviceaccounts$" - namespaceRegexp: "^cattle-fleet-|^fleet-|^cluster-fleet-" - excludeResourceNameRegexp: "^default$" -- apiVersion: "v1" - kindsRegexp: "^configmaps$" - namespaceRegexp: "^cattle-fleet-|^fleet-|^cluster-fleet-" -- apiVersion: "rbac.authorization.k8s.io/v1" - kindsRegexp: "^roles$|^rolebindings$" - namespaceRegexp: "^cattle-fleet-|^fleet-|^cluster-fleet-" -- apiVersion: "rbac.authorization.k8s.io/v1" - kindsRegexp: "^clusterrolebindings$" - resourceNameRegexp: "^fleet-|^gitjob-" -- apiVersion: "rbac.authorization.k8s.io/v1" - kindsRegexp: "^clusterroles$" - resourceNameRegexp: "^fleet-" - resourceNames: - - "gitjob" -- apiVersion: "apiextensions.k8s.io/v1" - kindsRegexp: "." - resourceNameRegexp: "fleet.cattle.io$|gitjob.cattle.io$" -- apiVersion: "fleet.cattle.io/v1alpha1" - kindsRegexp: "." -- apiVersion: "gitjob.cattle.io/v1" - kindsRegexp: "." -- apiVersion: "apps/v1" - kindsRegexp: "^deployments$" - namespaceRegexp: "^cattle-fleet-|^fleet-|^cluster-fleet-" - resourceNameRegexp: "^fleet-" - resourceNames: - - "gitjob" -- apiVersion: "apps/v1" - kindsRegexp: "^services$" - namespaceRegexp: "^cattle-fleet-|^fleet-|^cluster-fleet-" - resourceNames: - - "gitjob" diff --git a/charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/gke.yaml b/charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/gke.yaml deleted file mode 100644 index a87eef364..000000000 --- a/charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/gke.yaml +++ /dev/null @@ -1,17 +0,0 @@ -- apiVersion: "apiextensions.k8s.io/v1" - kindsRegexp: "." - resourceNameRegexp: "gke.cattle.io$" -- apiVersion: "gke.cattle.io/v1" - kindsRegexp: "." -- apiVersion: "apps/v1" - kindsRegexp: "^deployments$" - resourceNames: - - "gke-config-operator" -- apiVersion: "rbac.authorization.k8s.io/v1" - kindsRegexp: "^clusterroles$" - resourceNames: - - "gke-operator" -- apiVersion: "rbac.authorization.k8s.io/v1" - kindsRegexp: "^clusterrolebindings$" - resourceNames: - - "gke-operator" diff --git a/charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/provisioningv2.yaml b/charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/provisioningv2.yaml deleted file mode 100644 index e5d4968bb..000000000 --- a/charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/provisioningv2.yaml +++ /dev/null @@ -1,20 +0,0 @@ -- apiVersion: "apiextensions.k8s.io/v1" - kindsRegexp: "." - resourceNameRegexp: "provisioning.cattle.io$|rke-machine-config.cattle.io$|rke-machine.cattle.io$|rke.cattle.io$|cluster.x-k8s.io$" -- apiVersion: "provisioning.cattle.io/v1" - kindsRegexp: "." -- apiVersion: "rke-machine-config.cattle.io/v1" - kindsRegexp: "." -- apiVersion: "rke-machine.cattle.io/v1" - kindsRegexp: "." -- apiVersion: "rke.cattle.io/v1" - kindsRegexp: "." -- apiVersion: "cluster.x-k8s.io/v1alpha4" - kindsRegexp: "." -- apiVersion: "cluster.x-k8s.io/v1beta1" - kindsRegexp: "." -- apiVersion: "v1" - kindsRegexp: "^secrets$" - resourceNameRegexp: "machine-plan$|rke-state$|machine-state$|machine-driver-secret$|machine-provision$" - namespaces: - - "fleet-default" diff --git a/charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/rancher-operator.yaml b/charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/rancher-operator.yaml deleted file mode 100644 index f30c2fd96..000000000 --- a/charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/rancher-operator.yaml +++ /dev/null @@ -1,28 +0,0 @@ -- apiVersion: "rancher.cattle.io/v1" - kindsRegexp: "." -- apiVersion: "apps/v1" - kindsRegexp: "^deployments$" - resourceNames: - - "rancher-operator" - namespaces: - - "rancher-operator-system" -- apiVersion: "v1" - kindsRegexp: "^serviceaccounts$" - namespaces: - - "rancher-operator-system" - excludeResourceNameRegexp: "^default$" -- apiVersion: "rbac.authorization.k8s.io/v1" - kindsRegexp: "^clusterrolebindings$" - resourceNames: - - "rancher-operator" -- apiVersion: "rbac.authorization.k8s.io/v1" - kindsRegexp: "^clusterroles$" - resourceNames: - - "rancher-operator" -- apiVersion: "apiextensions.k8s.io/v1" - kindsRegexp: "." - resourceNameRegexp: "rancher.cattle.io$" -- apiVersion: "v1" - kindsRegexp: "^namespaces$" - resourceNames: - - "rancher-operator-system" diff --git a/charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/rancher.yaml b/charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/rancher.yaml deleted file mode 100644 index ba681c5b2..000000000 --- a/charts/rancher-backup/3.0.1-rc1/files/default-resourceset-contents/rancher.yaml +++ /dev/null @@ -1,54 +0,0 @@ -- apiVersion: "v1" - kindsRegexp: "^namespaces$" - resourceNameRegexp: "^cattle-|^p-|^c-|^user-|^u-" - resourceNames: - - "local" -- apiVersion: "v1" - kindsRegexp: "^secrets$" - namespaceRegexp: "^cattle-|^p-|^c-|^local$|^user-|^u-" - labelSelectors: - matchExpressions: - - key: "owner" - operator: "NotIn" - values: ["helm"] - excludeResourceNameRegexp: "^bootstrap-secret$|^rancher-csp-adapter|^csp-adapter-cache$" -- apiVersion: "v1" - kindsRegexp: "^serviceaccounts$" - namespaceRegexp: "^cattle-|^p-|^c-|^local$|^user-|^u-" - excludeResourceNameRegexp: "^default$|^rancher-csp-adapter$" -- apiVersion: "v1" - kindsRegexp: "^configmaps$" - namespaces: - - "cattle-system" -- apiVersion: "rbac.authorization.k8s.io/v1" - kindsRegexp: "^roles$|^rolebindings$" - namespaceRegexp: "^cattle-|^p-|^c-|^local$|^user-|^u-" - excludeResourceNameRegexp: "^rancher-csp-adapter" -- apiVersion: "rbac.authorization.k8s.io/v1" - kindsRegexp: "^clusterrolebindings$" - resourceNameRegexp: "^cattle-|^clusterrolebinding-|^globaladmin-user-|^grb-u-|^crb-" -- apiVersion: "rbac.authorization.k8s.io/v1" - kindsRegexp: "^clusterroles$" - resourceNameRegexp: "^cattle-|^p-|^c-|^local-|^user-|^u-|^project-|^create-ns$" - excludeResourceNameRegexp: "^rancher-csp-adapter-" -- apiVersion: "apiextensions.k8s.io/v1" - kindsRegexp: "." - resourceNameRegexp: "management.cattle.io$|project.cattle.io$|catalog.cattle.io$|resources.cattle.io$" -- apiVersion: "management.cattle.io/v3" - kindsRegexp: "." - excludeKinds: - - "tokens" - - "rancherusernotifications" -- apiVersion: "management.cattle.io/v3" - kindsRegexp: "^tokens$" - labelSelectors: - matchExpressions: - - key: "authn.management.cattle.io/kind" - operator: "NotIn" - values: [ "provisioning" ] -- apiVersion: "project.cattle.io/v3" - kindsRegexp: "." -- apiVersion: "catalog.cattle.io/v1" - kindsRegexp: "^clusterrepos$" -- apiVersion: "resources.cattle.io/v1" - kindsRegexp: "^ResourceSet$" diff --git a/charts/rancher-backup/3.0.1-rc1/templates/_helpers.tpl b/charts/rancher-backup/3.0.1-rc1/templates/_helpers.tpl deleted file mode 100644 index a5e485243..000000000 --- a/charts/rancher-backup/3.0.1-rc1/templates/_helpers.tpl +++ /dev/null @@ -1,87 +0,0 @@ -{{- define "system_default_registry" -}} -{{- if .Values.global.cattle.systemDefaultRegistry -}} -{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} -{{- else -}} -{{- "" -}} -{{- end -}} -{{- end -}} - -{{/* -Windows cluster will add default taint for linux nodes, -add below linux tolerations to workloads could be scheduled to those linux nodes -*/}} -{{- define "linux-node-tolerations" -}} -- key: "cattle.io/os" - value: "linux" - effect: "NoSchedule" - operator: "Equal" -{{- end -}} - -{{- define "linux-node-selector" -}} -{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}} -beta.kubernetes.io/os: linux -{{- else -}} -kubernetes.io/os: linux -{{- end -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "backupRestore.fullname" -}} -{{- .Chart.Name | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "backupRestore.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "backupRestore.labels" -}} -helm.sh/chart: {{ include "backupRestore.chart" . }} -{{ include "backupRestore.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "backupRestore.selectorLabels" -}} -app.kubernetes.io/name: {{ include "backupRestore.fullname" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -resources.cattle.io/operator: backup-restore -{{- end }} - - -{{/* -Create the name of the service account to use -*/}} -{{- define "backupRestore.serviceAccountName" -}} -{{ include "backupRestore.fullname" . }} -{{- end }} - - -{{- define "backupRestore.s3SecretName" -}} -{{- printf "%s-%s" .Chart.Name "s3" | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create PVC name using release and revision number, unless a volumeName is given. -*/}} -{{- define "backupRestore.pvcName" -}} -{{- if and .Values.persistence.volumeName }} -{{- printf "%s" .Values.persistence.volumeName }} -{{- else -}} -{{- printf "%s-%d" .Release.Name .Release.Revision }} -{{- end }} -{{- end }} - diff --git a/charts/rancher-backup/3.0.1-rc1/templates/clusterrolebinding.yaml b/charts/rancher-backup/3.0.1-rc1/templates/clusterrolebinding.yaml deleted file mode 100644 index cf4abf670..000000000 --- a/charts/rancher-backup/3.0.1-rc1/templates/clusterrolebinding.yaml +++ /dev/null @@ -1,14 +0,0 @@ -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: {{ include "backupRestore.fullname" . }} - labels: - {{- include "backupRestore.labels" . | nindent 4 }} -subjects: -- kind: ServiceAccount - name: {{ include "backupRestore.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} -roleRef: - kind: ClusterRole - name: cluster-admin - apiGroup: rbac.authorization.k8s.io diff --git a/charts/rancher-backup/3.0.1-rc1/templates/deployment.yaml b/charts/rancher-backup/3.0.1-rc1/templates/deployment.yaml deleted file mode 100644 index 631fa458b..000000000 --- a/charts/rancher-backup/3.0.1-rc1/templates/deployment.yaml +++ /dev/null @@ -1,79 +0,0 @@ -{{- if and .Values.s3.enabled .Values.persistence.enabled }} -{{- fail "\n\nCannot configure both s3 and PV for storing backups" }} -{{- end }} -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "backupRestore.fullname" . }} - namespace: {{ .Release.Namespace }} - labels: - {{- include "backupRestore.labels" . | nindent 4 }} -spec: - selector: - matchLabels: - {{- include "backupRestore.selectorLabels" . | nindent 6 }} - template: - metadata: - labels: - {{- include "backupRestore.selectorLabels" . | nindent 8 }} - annotations: - checksum/s3: {{ include (print $.Template.BasePath "/s3-secret.yaml") . | sha256sum }} - checksum/pvc: {{ include (print $.Template.BasePath "/pvc.yaml") . | sha256sum }} - spec: - serviceAccountName: {{ include "backupRestore.serviceAccountName" . }} - {{- if .Values.imagePullSecrets }} - imagePullSecrets: - {{ toYaml .Values.imagePullSecrets | indent 6 }} - {{- end }} - {{- if .Values.priorityClassName }} - priorityClassName: {{ .Values.priorityClassName }} - {{- end }} - containers: - - name: {{ .Chart.Name }} - image: {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }} - imagePullPolicy: {{ default "Always" .Values.imagePullPolicy }} - args: -{{- if .Values.debug }} - - "--debug" -{{- end }} -{{- if .Values.trace }} - - "--trace" -{{- end }} - env: - - name: CHART_NAMESPACE - value: {{ .Release.Namespace }} - {{- if .Values.s3.enabled }} - - name: DEFAULT_S3_BACKUP_STORAGE_LOCATION - value: {{ include "backupRestore.s3SecretName" . }} - {{- end }} - {{- if .Values.proxy }} - - name: HTTP_PROXY - value: {{ .Values.proxy }} - - name: HTTPS_PROXY - value: {{ .Values.proxy }} - - name: NO_PROXY - value: {{ .Values.noProxy }} - {{- end }} - {{- if .Values.persistence.enabled }} - - name: DEFAULT_PERSISTENCE_ENABLED - value: "persistence-enabled" - volumeMounts: - - mountPath: "/var/lib/backups" - name: pv-storage - volumes: - - name: pv-storage - persistentVolumeClaim: - claimName: {{ include "backupRestore.pvcName" . }} - {{- end }} - nodeSelector: {{ include "linux-node-selector" . | nindent 8 }} -{{- if .Values.nodeSelector }} -{{ toYaml .Values.nodeSelector | indent 8 }} -{{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - tolerations: {{ include "linux-node-tolerations" . | nindent 8 }} -{{- if .Values.tolerations }} -{{ toYaml .Values.tolerations | indent 8 }} -{{- end }} diff --git a/charts/rancher-backup/3.0.1-rc1/templates/hardened.yaml b/charts/rancher-backup/3.0.1-rc1/templates/hardened.yaml deleted file mode 100644 index 218879195..000000000 --- a/charts/rancher-backup/3.0.1-rc1/templates/hardened.yaml +++ /dev/null @@ -1,120 +0,0 @@ -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ include "backupRestore.fullname" . }}-patch-sa - namespace: {{ .Release.Namespace }} - labels: {{ include "backupRestore.labels" . | nindent 4 }} - annotations: - "helm.sh/hook": post-install, post-upgrade - "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation -spec: - backoffLimit: 1 - template: - spec: - serviceAccountName: {{ include "backupRestore.fullname" . }}-patch-sa - securityContext: - runAsNonRoot: true - runAsUser: 1000 - restartPolicy: Never - nodeSelector: {{ include "linux-node-selector" . | nindent 8 }} -{{- if .Values.nodeSelector }} -{{ toYaml .Values.nodeSelector | indent 8 }} -{{- end }} - tolerations: {{ include "linux-node-tolerations" . | nindent 8 }} -{{- if .Values.tolerations }} -{{ toYaml .Values.tolerations | indent 8 }} -{{- end }} - containers: - - name: {{ include "backupRestore.fullname" . }}-patch-sa - image: {{ include "system_default_registry" . }}{{ .Values.global.kubectl.repository }}:{{ .Values.global.kubectl.tag }} - imagePullPolicy: IfNotPresent - command: ["kubectl", "-n", {{ .Release.Namespace | quote }}, "patch", "serviceaccount", "default", "-p", "{\"automountServiceAccountToken\": false}"] ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "backupRestore.fullname" . }}-patch-sa - namespace: {{ .Release.Namespace }} - labels: {{ include "backupRestore.labels" . | nindent 4 }} - annotations: - "helm.sh/hook": post-install, post-upgrade - "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ include "backupRestore.fullname" . }}-patch-sa - labels: {{ include "backupRestore.labels" . | nindent 4 }} - annotations: - "helm.sh/hook": post-install, post-upgrade - "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation -rules: - - apiGroups: [""] - resources: ["serviceaccounts"] - verbs: ["get", "patch"] - - apiGroups: ["policy"] - resources: ["podsecuritypolicies"] - verbs: ["use"] - resourceNames: - - {{ include "backupRestore.fullname" . }}-patch-sa ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ include "backupRestore.fullname" . }}-patch-sa - labels: {{ include "backupRestore.labels" . | nindent 4 }} - annotations: - "helm.sh/hook": post-install, post-upgrade - "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ include "backupRestore.fullname" . }}-patch-sa -subjects: - - kind: ServiceAccount - name: {{ include "backupRestore.fullname" . }}-patch-sa - namespace: {{ .Release.Namespace }} ---- -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: {{ include "backupRestore.fullname" . }}-patch-sa - labels: {{ include "backupRestore.labels" . | nindent 4 }} - annotations: - "helm.sh/hook": post-install, post-upgrade - "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation -spec: - privileged: false - hostNetwork: false - hostIPC: false - hostPID: false - runAsUser: - rule: 'MustRunAsNonRoot' - seLinux: - rule: 'RunAsAny' - supplementalGroups: - rule: 'MustRunAs' - ranges: - - min: 1 - max: 65535 - fsGroup: - rule: 'MustRunAs' - ranges: - - min: 1 - max: 65535 - readOnlyRootFilesystem: false - volumes: - - 'secret' ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: {{ include "backupRestore.fullname" . }}-default-allow-all - namespace: {{ .Release.Namespace }} -spec: - podSelector: {} - egress: - - {} - policyTypes: - - Ingress - - Egress diff --git a/charts/rancher-backup/3.0.1-rc1/templates/psp.yaml b/charts/rancher-backup/3.0.1-rc1/templates/psp.yaml deleted file mode 100644 index a756eef2d..000000000 --- a/charts/rancher-backup/3.0.1-rc1/templates/psp.yaml +++ /dev/null @@ -1,29 +0,0 @@ -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: {{ include "backupRestore.fullname" . }}-psp - labels: {{ include "backupRestore.labels" . | nindent 4 }} -spec: - privileged: false - allowPrivilegeEscalation: false - hostNetwork: false - hostIPC: false - hostPID: false - runAsUser: - rule: 'MustRunAsNonRoot' - seLinux: - rule: 'RunAsAny' - supplementalGroups: - rule: 'MustRunAs' - ranges: - - min: 1 - max: 65535 - fsGroup: - rule: 'MustRunAs' - ranges: - - min: 1 - max: 65535 - readOnlyRootFilesystem: false - volumes: - - 'persistentVolumeClaim' - - 'secret' diff --git a/charts/rancher-backup/3.0.1-rc1/templates/pvc.yaml b/charts/rancher-backup/3.0.1-rc1/templates/pvc.yaml deleted file mode 100644 index ff57e4dab..000000000 --- a/charts/rancher-backup/3.0.1-rc1/templates/pvc.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{- if and .Values.persistence.enabled -}} -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: {{ include "backupRestore.pvcName" . }} - namespace: {{ .Release.Namespace }} - labels: - {{- include "backupRestore.labels" . | nindent 4 }} -spec: - accessModes: - - ReadWriteOnce - resources: - {{- with .Values.persistence }} - requests: - storage: {{ .size | quote }} -{{- if .storageClass }} -{{- if (eq "-" .storageClass) }} - storageClassName: "" -{{- else }} - storageClassName: {{ .storageClass | quote }} -{{- end }} -{{- end }} -{{- if .volumeName }} - volumeName: {{ .volumeName | quote }} -{{- end }} -{{- end }} -{{- end }} diff --git a/charts/rancher-backup/3.0.1-rc1/templates/rancher-resourceset.yaml b/charts/rancher-backup/3.0.1-rc1/templates/rancher-resourceset.yaml deleted file mode 100644 index 05add8824..000000000 --- a/charts/rancher-backup/3.0.1-rc1/templates/rancher-resourceset.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: resources.cattle.io/v1 -kind: ResourceSet -metadata: - name: rancher-resource-set -controllerReferences: - - apiVersion: "apps/v1" - resource: "deployments" - name: "rancher" - namespace: "cattle-system" -resourceSelectors: -{{- range $path, $_ := .Files.Glob "files/default-resourceset-contents/*.yaml" -}} - {{- $.Files.Get $path | nindent 2 -}} -{{- end -}} diff --git a/charts/rancher-backup/3.0.1-rc1/templates/s3-secret.yaml b/charts/rancher-backup/3.0.1-rc1/templates/s3-secret.yaml deleted file mode 100644 index 726509730..000000000 --- a/charts/rancher-backup/3.0.1-rc1/templates/s3-secret.yaml +++ /dev/null @@ -1,31 +0,0 @@ -{{- if .Values.s3.enabled -}} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "backupRestore.s3SecretName" . }} - namespace: {{ .Release.Namespace }} - labels: - {{- include "backupRestore.labels" . | nindent 4 }} -type: Opaque -stringData: - {{- with .Values.s3 }} - {{- if .credentialSecretName }} - credentialSecretName: {{ .credentialSecretName }} - credentialSecretNamespace: {{ required "When providing a Secret containing S3 credentials, a valid .Values.credentialSecretNamespace must be provided" .credentialSecretNamespace }} - {{- end }} - {{- if .region }} - region: {{ .region | quote }} - {{- end }} - bucketName: {{ required "A valid .Values.bucketName is required for configuring S3 compatible storage as the default backup storage location" .bucketName | quote }} - {{- if .folder }} - folder: {{ .folder | quote }} - {{- end }} - endpoint: {{ required "A valid .Values.endpoint is required for configuring S3 compatible storage as the default backup storage location" .endpoint | quote }} - {{- if .endpointCA }} - endpointCA: {{ .endpointCA }} - {{- end }} - {{- if .insecureTLSSkipVerify }} - insecureTLSSkipVerify: {{ .insecureTLSSkipVerify | quote }} - {{- end }} - {{- end }} -{{ end }} diff --git a/charts/rancher-backup/3.0.1-rc1/templates/serviceaccount.yaml b/charts/rancher-backup/3.0.1-rc1/templates/serviceaccount.yaml deleted file mode 100644 index 754e1fe89..000000000 --- a/charts/rancher-backup/3.0.1-rc1/templates/serviceaccount.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "backupRestore.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} - labels: - {{- include "backupRestore.labels" . | nindent 4 }} -{{- if .Values.serviceAccount.annotations }} - annotations: - {{- toYaml .Values.serviceAccount.annotations | nindent 4 }} -{{- end }} diff --git a/charts/rancher-backup/3.0.1-rc1/templates/validate-install-crd.yaml b/charts/rancher-backup/3.0.1-rc1/templates/validate-install-crd.yaml deleted file mode 100644 index f63fd2e2e..000000000 --- a/charts/rancher-backup/3.0.1-rc1/templates/validate-install-crd.yaml +++ /dev/null @@ -1,16 +0,0 @@ -#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}} -# {{- $found := dict -}} -# {{- set $found "resources.cattle.io/v1/Backup" false -}} -# {{- set $found "resources.cattle.io/v1/ResourceSet" false -}} -# {{- set $found "resources.cattle.io/v1/Restore" false -}} -# {{- range .Capabilities.APIVersions -}} -# {{- if hasKey $found (toString .) -}} -# {{- set $found (toString .) true -}} -# {{- end -}} -# {{- end -}} -# {{- range $_, $exists := $found -}} -# {{- if (eq $exists false) -}} -# {{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}} -# {{- end -}} -# {{- end -}} -#{{- end -}} \ No newline at end of file diff --git a/charts/rancher-backup/3.0.1-rc1/tests/deployment_test.yaml b/charts/rancher-backup/3.0.1-rc1/tests/deployment_test.yaml deleted file mode 100644 index 671d415db..000000000 --- a/charts/rancher-backup/3.0.1-rc1/tests/deployment_test.yaml +++ /dev/null @@ -1,216 +0,0 @@ -suite: Test Deployment -templates: -- deployment.yaml -- s3-secret.yaml -- pvc.yaml -- _helpers.tpl -tests: -- it: should set name - template: deployment.yaml - asserts: - - equal: - path: metadata.name - value: "rancher-backup" -- it: should set namespace - template: deployment.yaml - asserts: - - equal: - path: metadata.namespace - value: "NAMESPACE" -- it: should set priorityClassName - set: - priorityClassName: "testClass" - template: deployment.yaml - asserts: - - equal: - path: spec.template.spec.priorityClassName - value: "testClass" -- it: should set default imagePullPolicy - template: deployment.yaml - asserts: - - equal: - path: spec.template.spec.containers[0].imagePullPolicy - value: "Always" -- it: should set imagePullPolicy - set: - imagePullPolicy: "IfNotPresent" - template: deployment.yaml - asserts: - - equal: - path: spec.template.spec.containers[0].imagePullPolicy - value: "IfNotPresent" -- it: should set debug loglevel - set: - debug: true - template: deployment.yaml - asserts: - - contains: - path: spec.template.spec.containers[0].args - content: "--debug" -- it: should set trace loglevel - set: - trace: true - template: deployment.yaml - asserts: - - contains: - path: spec.template.spec.containers[0].args - content: "--trace" -- it: should set proxy environment variables - set: - proxy: "https://127.0.0.1:3128" - template: deployment.yaml - asserts: - - contains: - path: spec.template.spec.containers[0].env - content: - name: HTTP_PROXY - value: "https://127.0.0.1:3128" - - contains: - path: spec.template.spec.containers[0].env - content: - name: HTTPS_PROXY - value: "https://127.0.0.1:3128" - - contains: - path: spec.template.spec.containers[0].env - content: - name: NO_PROXY - value: "127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,.svc,.cluster.local" -- it: should set proxy environment variables with modified noproxy - set: - proxy: "https://127.0.0.1:3128" - noProxy: "192.168.0.0/24" - template: deployment.yaml - asserts: - - contains: - path: spec.template.spec.containers[0].env - content: - name: NO_PROXY - value: "192.168.0.0/24" -- it: should set persistence variables - set: - persistence.enabled: true - template: deployment.yaml - asserts: - - contains: - path: spec.template.spec.containers[0].env - content: - name: DEFAULT_PERSISTENCE_ENABLED - value: "persistence-enabled" - - contains: - path: spec.template.spec.containers[0].volumeMounts - content: - mountPath: "/var/lib/backups" - name: "pv-storage" - - equal: - path: spec.template.spec.volumes[0].name - value: "pv-storage" - - equal: - path: spec.template.spec.volumes[0].persistentVolumeClaim - value: - claimName: RELEASE-NAME-0 -- it: should set claim from custom static volumeName - set: - persistence.enabled: true - persistence.volumeName: "PREDEFINED-VOLUME" - persistence.storageClass: "PREDEFINED-STORAGECLASS" - persistence.size: "PREDIFINED-SAMEAS-PVSIZE" - template: deployment.yaml - asserts: - - contains: - path: spec.template.spec.containers[0].env - content: - name: DEFAULT_PERSISTENCE_ENABLED - value: "persistence-enabled" - - equal: - path: spec.template.spec.volumes[0].persistentVolumeClaim - value: - claimName: PREDEFINED-VOLUME -- it: should set private registry - template: deployment.yaml - set: - global.cattle.systemDefaultRegistry: "my.registry.local:3000" - asserts: - - matchRegex: - path: spec.template.spec.containers[0].image - pattern: ^my.registry.local:3000/rancher/backup-restore-operator:.*$ -- it: should set nodeselector - template: deployment.yaml - asserts: - - equal: - path: spec.template.spec.nodeSelector - value: - kubernetes.io/os: linux -- it: should not set default affinity - template: deployment.yaml - asserts: - - isNull: - path: spec.template.spec.affinity -- it: should set custom affinity - template: deployment.yaml - set: - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: disktype - operator: In - values: - - ssd - asserts: - - equal: - path: spec.template.spec.affinity - value: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: disktype - operator: In - values: - - ssd -- it: should set tolerations - template: deployment.yaml - asserts: - - equal: - path: spec.template.spec.tolerations[0] - value: - key: "cattle.io/os" - value: "linux" - effect: "NoSchedule" - operator: "Equal" -- it: should set custom tolerations - template: deployment.yaml - set: - tolerations: - - key: "example-key" - operator: "Exists" - effect: "NoSchedule" - asserts: - - equal: - path: spec.template.spec.tolerations[0] - value: - key: "cattle.io/os" - value: "linux" - effect: "NoSchedule" - operator: "Equal" - - equal: - path: spec.template.spec.tolerations[1] - value: - key: "example-key" - operator: "Exists" - effect: "NoSchedule" -- it: should not set default imagePullSecrets - template: deployment.yaml - asserts: - - isNull: - path: spec.template.spec.imagePullSecrets -- it: should set imagePullSecrets - set: - imagePullSecrets: - - name: "pull-secret" - template: deployment.yaml - asserts: - - equal: - path: spec.template.spec.imagePullSecrets[0].name - value: "pull-secret" diff --git a/charts/rancher-backup/3.0.1-rc1/tests/pvc_test.yaml b/charts/rancher-backup/3.0.1-rc1/tests/pvc_test.yaml deleted file mode 100644 index 30d64e7a0..000000000 --- a/charts/rancher-backup/3.0.1-rc1/tests/pvc_test.yaml +++ /dev/null @@ -1,105 +0,0 @@ -suite: Test PVC -templates: -- pvc.yaml -- _helpers.tpl -tests: -- it: should set name - template: pvc.yaml - set: - persistence: - enabled: true - asserts: - - equal: - path: metadata.name - value: "RELEASE-NAME-0" -- it: should set namespace - template: pvc.yaml - set: - persistence: - enabled: true - asserts: - - equal: - path: metadata.namespace - value: "NAMESPACE" -- it: should set accessModes - template: pvc.yaml - set: - persistence: - enabled: true - asserts: - - equal: - path: spec.accessModes[0] - value: "ReadWriteOnce" -- it: should set size - template: pvc.yaml - set: - persistence: - enabled: true - asserts: - - equal: - path: spec.resources.requests.storage - value: "2Gi" -- it: should set size - template: pvc.yaml - set: - persistence: - enabled: true - size: "10Gi" - asserts: - - equal: - path: spec.resources.requests.storage - value: "10Gi" -- it: should not set volumeName - template: pvc.yaml - set: - persistence: - enabled: true - asserts: - - isNull: - path: spec.volumeName -- it: should set default storageClass - template: pvc.yaml - set: - persistence: - enabled: true - asserts: - - equal: - path: spec.storageClassName - value: "" -- it: should set custom storageClass - template: pvc.yaml - set: - persistence: - enabled: true - storageClass: "storage-class" - asserts: - - equal: - path: spec.storageClassName - value: "storage-class" -- it: should set custom volumeName - template: pvc.yaml - set: - persistence: - enabled: true - volumeName: "volume-name" - asserts: - - equal: - path: spec.volumeName - value: "volume-name" -- it: should set claim from custom static volumeName - set: - persistence.enabled: true - persistence.volumeName: "PREDEFINED-VOLUME" - persistence.storageClass: "PREDEFINED-STORAGECLASS" - persistence.size: "PREDEFINED-SAMEAS-PVSIZE" - template: pvc.yaml - set: - persistence: - enabled: true - asserts: - - equal: - path: spec.resources.requests.storage - value: "PREDEFINED-SAMEAS-PVSIZE" - - equal: - path: spec.storageClassName - value: "PREDEFINED-STORAGECLASS" diff --git a/charts/rancher-backup/3.0.1-rc1/tests/s3-secret_test.yaml b/charts/rancher-backup/3.0.1-rc1/tests/s3-secret_test.yaml deleted file mode 100644 index af130dd29..000000000 --- a/charts/rancher-backup/3.0.1-rc1/tests/s3-secret_test.yaml +++ /dev/null @@ -1,141 +0,0 @@ -suite: Test S3 Secret -templates: -- s3-secret.yaml -- _helpers.tpl -tests: -- it: should set name - template: s3-secret.yaml - set: - s3: - enabled: true - bucketName: "yourbucket" - endpoint: "https://s3.amazonaws.com" - asserts: - - equal: - path: metadata.name - value: "rancher-backup-s3" -- it: should set namespace - template: s3-secret.yaml - set: - s3: - enabled: true - bucketName: "yourbucket" - endpoint: "https://s3.amazonaws.com" - asserts: - - equal: - path: metadata.namespace - value: "NAMESPACE" -- it: should not set credentialSecretName - template: s3-secret.yaml - set: - s3: - enabled: true - bucketName: "yourbucket" - endpoint: "https://s3.amazonaws.com" - asserts: - - isNull: - path: stringData.credentialSecretName -- it: should set credentialSecretName - template: s3-secret.yaml - set: - s3: - enabled: true - bucketName: "yourbucket" - endpoint: "https://s3.amazonaws.com" - credentialSecretName: "credential-secret-name" - credentialSecretNamespace: "credential-secret-namespace" - asserts: - - equal: - path: stringData.credentialSecretName - value: "credential-secret-name" - - equal: - path: stringData.credentialSecretNamespace - value: "credential-secret-namespace" -- it: should not set folder - template: s3-secret.yaml - set: - s3: - enabled: true - bucketName: "yourbucket" - endpoint: "https://s3.amazonaws.com" - asserts: - - isNull: - path: stringData.folder -- it: should set folder - template: s3-secret.yaml - set: - s3: - enabled: true - bucketName: "yourbucket" - endpoint: "https://s3.amazonaws.com" - folder: "myfolder" - asserts: - - equal: - path: stringData.folder - value: "myfolder" -- it: should not set region - template: s3-secret.yaml - set: - s3: - enabled: true - bucketName: "yourbucket" - endpoint: "https://s3.amazonaws.com" - asserts: - - isNull: - path: stringData.region -- it: should set region - template: s3-secret.yaml - set: - s3: - enabled: true - bucketName: "yourbucket" - endpoint: "https://s3.amazonaws.com" - region: "us-west-1" - asserts: - - equal: - path: stringData.region - value: "us-west-1" -- it: should not set endpointCA - template: s3-secret.yaml - set: - s3: - enabled: true - bucketName: "yourbucket" - endpoint: "https://s3.amazonaws.com" - asserts: - - isNull: - path: stringData.endpointCA -- it: should set endpointCA - template: s3-secret.yaml - set: - s3: - enabled: true - bucketName: "yourbucket" - endpoint: "https://s3.amazonaws.com" - endpointCA: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURHakNDQWdLZ0F3SUJBZ0lKQUtpWFZpNEpBb0J5TUEwR0NTcUdTSWIzRFFFQkN3VUFNQkl4RURBT0JnTlYKQkFNTUIzUmxjM1F0WTJFd0hoY05NakF3T0RNd01UZ3lOVFE1V2hjTk1qQXhNREk1TVRneU5UUTVXakFTTVJBdwpEZ1lEVlFRRERBZDBaWE4wTFdOaE1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBCjA4dnV3Q2Y0SEhtR2Q2azVNTmozRW5NOG00T2RpS3czSGszd1NlOUlXQkwyVzY5WDZxenBhN2I2M3U2L05mMnkKSnZWNDVqeXplRFB6bFJycjlpbEpWaVZ1NFNqWlFjdG9jWmFCaVNsL0xDbEFDdkFaUlYvKzN0TFVTZSs1ZDY0QQpWcUhDQlZObU5xM3E3aVY0TE1aSVpRc3N6K0FxaU1Sd0pOMVVKQTZ6V0tUc2Yzc3ByQ0J2dWxJWmZsVXVETVAyCnRCTCt6cXZEc0pDdWlhNEEvU2JNT29tVmM2WnNtTGkwMjdub3dGRld3MnRpSkM5d0xMRE14NnJoVHQ4a3VvVHYKQXJpUjB4WktiRU45L1Uzb011eUVKbHZyck9YS2ZuUDUwbk8ycGNaQnZCb3pUTStYZnRvQ1d5UnhKUmI5cFNTRApKQjlmUEFtLzNZcFpMMGRKY2sxR1h3SURBUUFCbzNNd2NUQWRCZ05WSFE0RUZnUVU5NHU4WXlMdmE2MTJnT1pyCm44QnlFQ2NucVFjd1FnWURWUjBqQkRzd09ZQVU5NHU4WXlMdmE2MTJnT1pybjhCeUVDY25xUWVoRnFRVU1CSXgKRURBT0JnTlZCQU1NQjNSbGMzUXRZMkdDQ1FDb2wxWXVDUUtBY2pBTUJnTlZIUk1FQlRBREFRSC9NQTBHQ1NxRwpTSWIzRFFFQkN3VUFBNElCQVFER1JRZ1RtdzdVNXRQRHA5Q2psOXlLRW9Vd2pYWWM2UlAwdm1GSHpubXJ3dUVLCjFrTkVJNzhBTUw1MEpuS29CY0ljVDNEeGQ3TGdIbTNCRE5mVVh2anArNnZqaXhJYXR2UWhsSFNVaWIyZjJsSTkKVEMxNzVyNCtROFkzelc1RlFXSDdLK08vY3pJTGh5ei93aHRDUlFkQ29lS1dXZkFiby8wd0VSejZzNkhkVFJzNwpHcWlGNWZtWGp6S0lOcTBjMHRyZ0xtalNKd1hwSnU0ZnNGOEcyZUh4b2pOKzdJQ1FuSkg5cGRIRVpUQUtOL2ppCnIvem04RlZtd1kvdTBndEZneWVQY1ZWbXBqRm03Y0ZOSkc4Y2ZYd0QzcEFwVjhVOGNocTZGeFBHTkVvWFZnclMKY1VRMklaU0RJd1FFY3FvSzFKSGdCUWw2RXBaUVpWMW1DRklrdFBwSQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0t" - asserts: - - equal: - path: stringData.endpointCA - value: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURHakNDQWdLZ0F3SUJBZ0lKQUtpWFZpNEpBb0J5TUEwR0NTcUdTSWIzRFFFQkN3VUFNQkl4RURBT0JnTlYKQkFNTUIzUmxjM1F0WTJFd0hoY05NakF3T0RNd01UZ3lOVFE1V2hjTk1qQXhNREk1TVRneU5UUTVXakFTTVJBdwpEZ1lEVlFRRERBZDBaWE4wTFdOaE1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBCjA4dnV3Q2Y0SEhtR2Q2azVNTmozRW5NOG00T2RpS3czSGszd1NlOUlXQkwyVzY5WDZxenBhN2I2M3U2L05mMnkKSnZWNDVqeXplRFB6bFJycjlpbEpWaVZ1NFNqWlFjdG9jWmFCaVNsL0xDbEFDdkFaUlYvKzN0TFVTZSs1ZDY0QQpWcUhDQlZObU5xM3E3aVY0TE1aSVpRc3N6K0FxaU1Sd0pOMVVKQTZ6V0tUc2Yzc3ByQ0J2dWxJWmZsVXVETVAyCnRCTCt6cXZEc0pDdWlhNEEvU2JNT29tVmM2WnNtTGkwMjdub3dGRld3MnRpSkM5d0xMRE14NnJoVHQ4a3VvVHYKQXJpUjB4WktiRU45L1Uzb011eUVKbHZyck9YS2ZuUDUwbk8ycGNaQnZCb3pUTStYZnRvQ1d5UnhKUmI5cFNTRApKQjlmUEFtLzNZcFpMMGRKY2sxR1h3SURBUUFCbzNNd2NUQWRCZ05WSFE0RUZnUVU5NHU4WXlMdmE2MTJnT1pyCm44QnlFQ2NucVFjd1FnWURWUjBqQkRzd09ZQVU5NHU4WXlMdmE2MTJnT1pybjhCeUVDY25xUWVoRnFRVU1CSXgKRURBT0JnTlZCQU1NQjNSbGMzUXRZMkdDQ1FDb2wxWXVDUUtBY2pBTUJnTlZIUk1FQlRBREFRSC9NQTBHQ1NxRwpTSWIzRFFFQkN3VUFBNElCQVFER1JRZ1RtdzdVNXRQRHA5Q2psOXlLRW9Vd2pYWWM2UlAwdm1GSHpubXJ3dUVLCjFrTkVJNzhBTUw1MEpuS29CY0ljVDNEeGQ3TGdIbTNCRE5mVVh2anArNnZqaXhJYXR2UWhsSFNVaWIyZjJsSTkKVEMxNzVyNCtROFkzelc1RlFXSDdLK08vY3pJTGh5ei93aHRDUlFkQ29lS1dXZkFiby8wd0VSejZzNkhkVFJzNwpHcWlGNWZtWGp6S0lOcTBjMHRyZ0xtalNKd1hwSnU0ZnNGOEcyZUh4b2pOKzdJQ1FuSkg5cGRIRVpUQUtOL2ppCnIvem04RlZtd1kvdTBndEZneWVQY1ZWbXBqRm03Y0ZOSkc4Y2ZYd0QzcEFwVjhVOGNocTZGeFBHTkVvWFZnclMKY1VRMklaU0RJd1FFY3FvSzFKSGdCUWw2RXBaUVpWMW1DRklrdFBwSQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0t" -- it: should not set insecureTLSSkipVerify - template: s3-secret.yaml - set: - s3: - enabled: true - bucketName: "yourbucket" - endpoint: "https://s3.amazonaws.com" - asserts: - - isNull: - path: stringData.insecureTLSSkipVerify -- it: should set insecureTLSSkipVerify - template: s3-secret.yaml - set: - s3: - enabled: true - bucketName: "yourbucket" - endpoint: "https://s3.amazonaws.com" - insecureTLSSkipVerify: "true" - asserts: - - equal: - path: stringData.insecureTLSSkipVerify - value: "true" diff --git a/charts/rancher-backup/3.0.1-rc1/values.yaml b/charts/rancher-backup/3.0.1-rc1/values.yaml deleted file mode 100644 index 45992a52e..000000000 --- a/charts/rancher-backup/3.0.1-rc1/values.yaml +++ /dev/null @@ -1,79 +0,0 @@ -image: - repository: rancher/backup-restore-operator - tag: v3.0.1-rc1 - -## Default s3 bucket for storing all backup files created by the backup-restore-operator -s3: - enabled: false - ## credentialSecretName if set, should be the name of the Secret containing AWS credentials. - ## To use IAM Role, don't set this field - credentialSecretName: "" - credentialSecretNamespace: "" - region: "" - bucketName: "" - folder: "" - endpoint: "" - endpointCA: "" - insecureTLSSkipVerify: false - -## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ -## If persistence is enabled, operator will create a PVC with mountPath /var/lib/backups -persistence: - enabled: false - - ## If defined, storageClassName: - ## If set to "-", storageClassName: "", which disables dynamic provisioning - ## If undefined (the default) or set to null, no storageClassName spec is - ## set, choosing the default provisioner. (gp2 on AWS, standard on - ## GKE, AWS & OpenStack). - ## Refer https://kubernetes.io/docs/concepts/storage/persistent-volumes/#class-1 - ## - storageClass: "-" - - ## If you want to disable dynamic provisioning by setting storageClass to "-" above, - ## and want to target a particular PV, provide name of the target volume - volumeName: "" - - ## Only certain StorageClasses allow resizing PVs; Refer https://kubernetes.io/blog/2018/07/12/resizing-persistent-volumes-using-kubernetes/ - size: 2Gi - -# Add log level flags to backup-restore -debug: false -trace: false - -# http[s] proxy server passed to backup client -# proxy: http://@:: - -# comma separated list of domains or ip addresses that will not use the proxy -noProxy: 127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,.svc,.cluster.local - -global: - cattle: - systemDefaultRegistry: "" - kubectl: - repository: rancher/kubectl - tag: v1.21.9 - -## Node labels for pod assignment -## Ref: https://kubernetes.io/docs/user-guide/node-selection/ -## -nodeSelector: {} - -## List of node taints to tolerate (requires Kubernetes >= 1.6) -tolerations: [] - -affinity: {} - -serviceAccount: - annotations: {} - -priorityClassName: "" - -# Override imagePullPolicy for image -# options: Always, Never, IfNotPresent -# Defaults to Always -imagePullPolicy: "Always" - -## Optional array of imagePullSecrets containing private registry credentials -## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ -imagePullSecrets: [] diff --git a/index.yaml b/index.yaml index 5343101b4..bb7cdd9b6 100755 --- a/index.yaml +++ b/index.yaml @@ -3659,36 +3659,6 @@ entries: - assets/rancher-alerting-drivers/rancher-alerting-drivers-1.0.100.tgz version: 1.0.100 rancher-backup: - - annotations: - catalog.cattle.io/auto-install: rancher-backup-crd=match - catalog.cattle.io/certified: rancher - catalog.cattle.io/display-name: Rancher Backups - catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.25.0-0' - catalog.cattle.io/namespace: cattle-resources-system - catalog.cattle.io/os: linux - catalog.cattle.io/permits-os: linux,windows - catalog.cattle.io/provides-gvr: resources.cattle.io.resourceset/v1 - catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0' - catalog.cattle.io/release-name: rancher-backup - catalog.cattle.io/scope: management - catalog.cattle.io/type: cluster-tool - catalog.cattle.io/ui-component: rancher-backup - catalog.cattle.io/upstream-version: 2.1.1 - apiVersion: v2 - appVersion: 3.0.1-rc1 - created: "2022-12-08T15:21:25.229237-05:00" - description: Provides ability to back up and restore the Rancher application running - on any Kubernetes cluster - digest: cef8ab484f24951e44f10706a8d84f6da996a635939f16de448ff0c6d3101a98 - icon: https://charts.rancher.io/assets/logos/backup-restore.svg - keywords: - - applications - - infrastructure - kubeVersion: '>= 1.16.0-0' - name: rancher-backup - urls: - - assets/rancher-backup/rancher-backup-3.0.1-rc1.tgz - version: 3.0.1-rc1 - annotations: catalog.cattle.io/auto-install: rancher-backup-crd=match catalog.cattle.io/certified: rancher @@ -4097,21 +4067,6 @@ entries: - assets/rancher-backup/rancher-backup-1.0.200.tgz version: 1.0.200 rancher-backup-crd: - - annotations: - catalog.cattle.io/certified: rancher - catalog.cattle.io/hidden: "true" - catalog.cattle.io/namespace: cattle-resources-system - catalog.cattle.io/release-name: rancher-backup-crd - apiVersion: v2 - appVersion: 3.0.1-rc1 - created: "2022-12-08T15:21:26.59275-05:00" - description: Installs the CRDs for rancher-backup. - digest: 54a5680f43e55eeca1828406fe150f92e055f0cdcf18dec7b5eddc08c42ae807 - name: rancher-backup-crd - type: application - urls: - - assets/rancher-backup-crd/rancher-backup-crd-3.0.1-rc1.tgz - version: 3.0.1-rc1 - annotations: catalog.cattle.io/certified: rancher catalog.cattle.io/hidden: "true" From 6e4bf9d2d62cb9311f22616daa4258ae7469819c Mon Sep 17 00:00:00 2001 From: Eliyam Levy Date: Mon, 19 Dec 2022 15:11:39 -0500 Subject: [PATCH 2/3] Updated package and release yamls --- packages/rancher-backup/rancher-backup-crd/package.yaml | 4 ++-- packages/rancher-backup/rancher-backup/package.yaml | 4 ++-- release.yaml | 6 +++--- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/packages/rancher-backup/rancher-backup-crd/package.yaml b/packages/rancher-backup/rancher-backup-crd/package.yaml index b8853af68..3470851cf 100644 --- a/packages/rancher-backup/rancher-backup-crd/package.yaml +++ b/packages/rancher-backup/rancher-backup-crd/package.yaml @@ -1,2 +1,2 @@ -url: https://github.com/rancher/backup-restore-operator/releases/download/v3.0.1-rc1/rancher-backup-crd-3.0.1-rc1.tgz -version: 3.0.1-rc1 +url: https://github.com/rancher/backup-restore-operator/releases/download/v3.0.1-rc2/rancher-backup-crd-3.0.1-rc2.tgz +version: 3.0.1-rc2 diff --git a/packages/rancher-backup/rancher-backup/package.yaml b/packages/rancher-backup/rancher-backup/package.yaml index e8306782f..7342f5dff 100644 --- a/packages/rancher-backup/rancher-backup/package.yaml +++ b/packages/rancher-backup/rancher-backup/package.yaml @@ -1,2 +1,2 @@ -url: https://github.com/rancher/backup-restore-operator/releases/download/v3.0.1-rc1/rancher-backup-3.0.1-rc1.tgz -version: 3.0.1-rc1 +url: https://github.com/rancher/backup-restore-operator/releases/download/v3.0.1-rc2/rancher-backup-3.0.1-rc2.tgz +version: 3.0.1-rc2 diff --git a/release.yaml b/release.yaml index 5b14a7e8e..2c0cb49f5 100644 --- a/release.yaml +++ b/release.yaml @@ -39,9 +39,9 @@ rancher-vsphere-cpi: rancher-vsphere-csi: - 101.1.0+up2.6.2-rancher1 rancher-backup: -- 3.0.1-rc1 +- 3.0.1-rc2 rancher-backup-crd: -- 3.0.1-rc1 +- 3.0.1-rc2 rancher-cis-benchmark: - 3.0.1-rc2 rancher-cis-benchmark-crd: @@ -55,4 +55,4 @@ rancher-logging: sriov: - 101.0.2+up0.1.0 sriov-crd: -- 101.0.2+up0.1.0 \ No newline at end of file +- 101.0.2+up0.1.0 From d5fc0420d2c71a2e818c171f3d08b4e094e18ad6 Mon Sep 17 00:00:00 2001 From: Eliyam Levy Date: Mon, 19 Dec 2022 15:18:06 -0500 Subject: [PATCH 3/3] Make charts --- .../rancher-backup-crd-3.0.1-rc2.tgz | Bin 0 -> 1770 bytes .../rancher-backup-3.0.1-rc2.tgz | Bin 0 -> 10660 bytes .../rancher-backup-crd/3.0.1-rc2/Chart.yaml | 11 + charts/rancher-backup-crd/3.0.1-rc2/README.md | 3 + .../3.0.1-rc2/templates/backup.yaml | 141 ++++++++++++ .../3.0.1-rc2/templates/resourceset.yaml | 118 ++++++++++ .../3.0.1-rc2/templates/restore.yaml | 122 ++++++++++ charts/rancher-backup/3.0.1-rc2/Chart.yaml | 26 +++ charts/rancher-backup/3.0.1-rc2/README.md | 72 ++++++ charts/rancher-backup/3.0.1-rc2/app-readme.md | 15 ++ .../default-resourceset-contents/aks.yaml | 25 ++ .../default-resourceset-contents/eks.yaml | 17 ++ .../elemental.yaml | 49 ++++ .../default-resourceset-contents/fleet.yaml | 50 ++++ .../default-resourceset-contents/gke.yaml | 17 ++ .../provisioningv2.yaml | 20 ++ .../rancher-operator.yaml | 28 +++ .../default-resourceset-contents/rancher.yaml | 54 +++++ .../3.0.1-rc2/templates/_helpers.tpl | 87 +++++++ .../templates/clusterrolebinding.yaml | 14 ++ .../3.0.1-rc2/templates/deployment.yaml | 79 +++++++ .../3.0.1-rc2/templates/hardened.yaml | 124 ++++++++++ .../3.0.1-rc2/templates/psp.yaml | 31 +++ .../3.0.1-rc2/templates/pvc.yaml | 27 +++ .../templates/rancher-resourceset.yaml | 13 ++ .../3.0.1-rc2/templates/s3-secret.yaml | 31 +++ .../3.0.1-rc2/templates/serviceaccount.yaml | 11 + .../templates/validate-install-crd.yaml | 16 ++ .../3.0.1-rc2/tests/deployment_test.yaml | 216 ++++++++++++++++++ .../3.0.1-rc2/tests/pvc_test.yaml | 105 +++++++++ .../3.0.1-rc2/tests/s3-secret_test.yaml | 141 ++++++++++++ charts/rancher-backup/3.0.1-rc2/values.yaml | 79 +++++++ index.yaml | 45 ++++ 33 files changed, 1787 insertions(+) create mode 100644 assets/rancher-backup-crd/rancher-backup-crd-3.0.1-rc2.tgz create mode 100644 assets/rancher-backup/rancher-backup-3.0.1-rc2.tgz create mode 100644 charts/rancher-backup-crd/3.0.1-rc2/Chart.yaml create mode 100644 charts/rancher-backup-crd/3.0.1-rc2/README.md create mode 100644 charts/rancher-backup-crd/3.0.1-rc2/templates/backup.yaml create mode 100644 charts/rancher-backup-crd/3.0.1-rc2/templates/resourceset.yaml create mode 100644 charts/rancher-backup-crd/3.0.1-rc2/templates/restore.yaml create mode 100644 charts/rancher-backup/3.0.1-rc2/Chart.yaml create mode 100644 charts/rancher-backup/3.0.1-rc2/README.md create mode 100644 charts/rancher-backup/3.0.1-rc2/app-readme.md create mode 100644 charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/aks.yaml create mode 100644 charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/eks.yaml create mode 100644 charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/elemental.yaml create mode 100644 charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/fleet.yaml create mode 100644 charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/gke.yaml create mode 100644 charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/provisioningv2.yaml create mode 100644 charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/rancher-operator.yaml create mode 100644 charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/rancher.yaml create mode 100644 charts/rancher-backup/3.0.1-rc2/templates/_helpers.tpl create mode 100644 charts/rancher-backup/3.0.1-rc2/templates/clusterrolebinding.yaml create mode 100644 charts/rancher-backup/3.0.1-rc2/templates/deployment.yaml create mode 100644 charts/rancher-backup/3.0.1-rc2/templates/hardened.yaml create mode 100644 charts/rancher-backup/3.0.1-rc2/templates/psp.yaml create mode 100644 charts/rancher-backup/3.0.1-rc2/templates/pvc.yaml create mode 100644 charts/rancher-backup/3.0.1-rc2/templates/rancher-resourceset.yaml create mode 100644 charts/rancher-backup/3.0.1-rc2/templates/s3-secret.yaml create mode 100644 charts/rancher-backup/3.0.1-rc2/templates/serviceaccount.yaml create mode 100644 charts/rancher-backup/3.0.1-rc2/templates/validate-install-crd.yaml create mode 100644 charts/rancher-backup/3.0.1-rc2/tests/deployment_test.yaml create mode 100644 charts/rancher-backup/3.0.1-rc2/tests/pvc_test.yaml create mode 100644 charts/rancher-backup/3.0.1-rc2/tests/s3-secret_test.yaml create mode 100644 charts/rancher-backup/3.0.1-rc2/values.yaml diff --git a/assets/rancher-backup-crd/rancher-backup-crd-3.0.1-rc2.tgz b/assets/rancher-backup-crd/rancher-backup-crd-3.0.1-rc2.tgz new file mode 100644 index 0000000000000000000000000000000000000000..0846306b0805c5208268c28715741eec7eb0be9f GIT binary patch literal 1770 zcmVDc zVQyr3R8em|NM&qo0PI^|Z`(K$&$B-Tk$dRf0aoQWNe>2!Yt~5@#da5ko$bqFfzs4i zWkBYYhq^5HU!3brx;+(diK>&P&&b3V7+&P8g z2vm#-jF27dOHd+_1XN!wm4?Xqngj+|LEpT-mLX@aJsi`oAQcsSgdQ(?IF8qU4n5x+ z^d-6I1)zweu}+6SaiuY13h4!)@#I#axsU~DuUE=YFJl-X9LJ23RCT?_U55Yk#x^8} z|7(b1hBc_SnI@il6jb~Fz#sb81^<8NU-+H>pMvtvgJTL$8o2pOc@O_n#{C`#y$8yJ z5gI2-i)fO$>@CbGr>XHrpmBgTHs^=+8EZGnTl@FMoqH+HRW>EvVc;BbYg5 zVBXx8$GETV=d@Of76V!D*A(}mRDnZ$O^mbSwMtG*<29=zxnd% z>u|a?j8H5^Y+~ZdKrOAzdPDAchJX{fOheIF@Hq{qK%~`paVA1ram!3WVxERA`w}98 zYfL%iVLG~jHc#d>+yUeXV|d13giNH~dAy^d4Hc|o4_R}zgT@o21xgg8F?W`?&~}8> zz^!T%u6JdOD5p^pjnJS3)f@(4dSK+q*hY}Bx2W9n369$*P|0)mA;plE4oUj%67BSUe@lU z;rDB760+m-%2K!EGLe8)xeK(z!)1MK^UzLfZI45x3pa8KEG1qRo~$FdTOEzf;gr z>VG-AX|o7eEJ3X*fq8cJv{;t|bC2q4g6&mVRMeu5!}k%hq*@uZI^A2e z#=;%2V7K*e&ndYF@4>N-S8A=FjaQWFE&sW)-X_~CMDDS^Qax3d6IMyWu}+&cgI9J0 z%M(PVJdanUoDue6bJX4cwUF@K2B4bz|2uzpRqX${xa{u# zC!u5A|BcMmg$a={%6*%)wyJFjE)8Bg1py9^ieRQ?(WQgWj zBfPHPrsf;p$0K}y2!Mh8JSGx71*0!VxQy^q)^p;QfV-;|`}7GNz6Kg{A>mF+=Vh$w z({d~meyAvJ#ICahb)6+$XUP#cb)6+C^^r65R$?8}STZdsHg~NhU2Dm{Ji6ABvU0$4 zTPm^}!&pQygVY0B?Ir2jDmr?pzVo7>Egp5h{~TPrEB^j-aMk_(>m>9q zG_e+t6&%oba@*_OtVhWLOO5mbYm+(_el?jW2+(YazHM94H?KQ6I_jvSj$S(b9RL9T M|8(kncK|{F0AcoOH2?qr literal 0 HcmV?d00001 diff --git a/assets/rancher-backup/rancher-backup-3.0.1-rc2.tgz b/assets/rancher-backup/rancher-backup-3.0.1-rc2.tgz new file mode 100644 index 0000000000000000000000000000000000000000..79febb4d51f76f60707b31571db5f8c910d43ebb GIT binary patch literal 10660 zcmV;VDO=VbiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PKBfciXtKV1FI`3LGYHI=N%Yl;kDR^y@RSEIHm}o7!UMcBdf{ zk{D4WLx8g7xc~bcEZj*gw&JAkGrCVK5aFpbtwFgLjB*&q|p<{Emomp$Re4g$eb3^Ob-*}%EY$K%wnD)YxdN!Eo70EuzLt2= zSSmor==pDE?vutfjw?3H$s`oB_s(f`kqj42!;s`*{y*w`SpI}ZjKN$RlzJANQGCgz#$q!&m;g>z`)Zch=8H(0$SCuMgW>7;PAlEFsZ<}2oj`& z!JNrk9xhy=)FBHFOgfPap@~refLE_503BJxfMy$ME+Q>BMZg#WjK~(iW7{)zFyO*W zIwUK1}23nR^QQRl4Po)}aU z8pFBIF4{XT8gjK%-DdMAS6giUwKcr$VdTmq&(IN_&9H$9vWPshO>c_uHU)4z1VN65 zfPwu^*#drNfm_2gMaKdNE_-!wYmhOR+MY!&AsK`18FaTzV<3hWE<`|P^fT{?;~~(| z(6A^fIy&G8)lG;o=hbh~SHA}}SU=f7lBKLllC%YG$A&frx`8Q54D`7Lr-laD^h^~c z*Yq5kX9)_x8#;z`KGfd=I>0$1%QMX_VA&~T06Rzn2IjB;AD-ISwlN)h5ojT1apPSmqp1`xF`$Xh$fa#(`2cIVgZ0#_hOP#(a6Ar&UH+C z(hkvx$qQ!9grWe;=W}1FSS}UcGu7I%bp%W}Kqh8Wo@46(Vr+~oW-D`ftS%DAi1xK? z9myD(NTX&S)w~7zs?FZmZWVm{n;|_DET@@(4r9Uw3b9S9ixGI^qOYFeA{;eRnUT2n zwjfHeRUi2DN1*_RL&Gx2oP(!h#?Vkr)2QO6T!}6dSrNxIY}X+3m`nwBqpWhpV2Bz4tMnRyc*0ca&=`3xk{w%@1$g9c zJDzFE481H6$v&d(LXs@j3qQjCOW6MeO&t?b#q@cMOsc?&#ChscV43~Dvs+2n|9d-o zyD#?tbEI$IWMNzZiEGHu!W{YRk5&oDfB#*e1&tvn_V@~s>sWu4o~c`dYL07IWC*1H z!rRiL03Z{i;6V!ML6)BSUHJBG`(K4V_rLh7az6J!T@P$6rZJgLVh$UoM)4LX&@ux= z4FLW=qA95sy0zVjX+xdr5wX6&+8F7c$tPDbwlRu=Ec|O*5a@H6Wy(y=M}YH2$zX!0 zPK!F8=={W%`r0?dt3Yae^`I#wS(8Zy7IRCiqcNJ!kXyH> z4s;Qaek&DAJF+5yVjVi%ePSS7JPmyi#Uq1=pA60b5m=0C&CrV$>(zyYa=W5X0qL`}ew*y+)V72*wTw<)iW53U=Cp{%+~ZaS-@XCE(o9d!Yh00|&nxB2#F;=* z1Q8v`8(j+=jx-NCPGYnN{)vhGKlYTqU0+W*3Ga%~e03`;kx(W7?-me~KwUZotj|I5mLS$VPlpCe5S zORs`D?`+jJ(E;!5*zTG;fLalHWNf>}J+oJflXrZMD;1`QKphfTEda3Q909}x#r-Z! zF=W>>gIV|iScXLx>0pOKz~0~s(g@ov<4tMDboUB0Whr|>U1YO3Ic2feY~Hd>q@p2h zLW-9Gc7Ib8>Qloi00151$hAFZ0c)R0-Q>!@jvUjTPm%TX;~-1qf48FSC)WS_Wo7S0 z{+}ad%*MD<6x%SF)2*K;X2&5kOd$Q+`nOeQPC^j)!@$5MV}L6R_+>A)8z{DalIBTN z=|IQ9RKIYkIt+&6(-h7sBE12%%)>6u6!yQ%PXdE2F~xGHF7AS(RECufB69f)@;#_3mlP@(Gl8M z-D0?31OEQIn#v|{l)@L?K=}48@F4kn32D}gJ&Xt(=#FqT=@n)Ba?w&UkYt&?m6FSf zNHw;Dm#W6z#;W<*$eL9nWjTxMA8KmnbE|gVXkXUqjUYep9xl*#F%>b)nh9dWafFAB zX03bH`P{C2KB(1CyO*EaoeQ;g)cAaMQLlB5FIt&25Ix(SVG zHBtZojlNo@&ja5??vMlGZDJcX0x{E={3WC$@8(!-Lqi#xgcUH&`;c5G|0)gdc52|6^0``fm(f9a%`< zz**2G>%aZoQgZ#bx2L@9|2|8KuDAwteG)FYPVB)G)>^Vdp~)DoyXabgA$Pr%u{4qV z4WY4ZPoyevY)t&`7`FJ6=ZsvaqjYguM4YzDdwQW)b#Pv`- ztBa9a1tmpM#CsP}p&-76%ns-L6DGl*baE2bNNRBuTOK{C%Ry`b6@XZE{Upv{h{J99 z3#ml8#EL3oO%*%G6*0){=@e4c@<|e~q%9!Hmb8_l7s5@_Eg-SB(+Wap#GW2~BU;L! zIrQIe|CXRfY-W+hJ;EJ(f~C zg^M2`1`?-sdsZ4C0!!PMw%!&~43~3>F)BfvXkrG5j;;Gs6f0z)1er8_l01wOwV7;$ z9;Nk%g3!f(|NX>q>F=UKyo{A&Wop)(<$I1}vd?CrDfDC}$Y1$eXpN%UZfaP35y8_G-c`Zg z?rvqb0KgD)soM}Z7eW2PGUv2mO~XXoj0{;4bI{4)SH6Su>jL#^alRYYD5X|KmppwK z3)@d-pY70pS2VJMF+*i4@^J+KXyhUsG?TsJ!?81W!sZ`ateALe@P{A0oL@WT`hOhk zZ0a-MW$_;>%5K8{v%6O=zxaQiBW-B%5@$xAb^5~2(`K$klLk{JmwrYAYtV!|hQQ0T z^1Y{(%$=QIb0!@&@P4!q{ex4!{ud`GHh^Q9{x4_ff8{0q!?UC%r?LGF<)nHK%(%-e zVO>kDCpTc9_kF8b;r9Bz+` z{cGMNY}}*d_aAf)j(rgyzJG(hvXlI={I?uaR%Cc;rm0-T?-u~#6tN;CsNGz(y&IilR|L^W4^nbaelwR!rXGt+Io{_0*F*JGwDcbgX({SA~Q>iN2Wah5{pi>?Rym>!=HWIPpR4d7e8Cd zW<@?9y!JsL!a+yon{w&{)*s#Jk(4X{@e{gF!m&jD%M~RV|7&lr^78%9v!whJpSdO< zKc~5tjhA`2^LY$C9+mLIfnPmTz{EAI(V?I^Wys+Q2qc;^B{RYpE0G=ai#8*t4pW`5nLL0HjX&E8Q+LdUqk}Uwi44Ou0!{?#`Qx6j`Kz`^XUCJgo(gU%R z3_fdk=raD!4`W7~FWyJ2zXX72n6p@`Yl$X=1%ZLXazonxJL9{IVZ&4VgRAc`eLGi@gi!p7hE0oiCf#rynrh5_3aw$d;5J=+-I$ZTO4N=^*Z zXlyy!)Kr1Y0g)Miju**^O-Es8*UIN=Z2j=Ee0X}wpZ{YA3Z7&HEVcjB-~TF=m+$|c zC2jiP(-Xg@O?m-?O1bjSrYT5}zi}^X?qkn_ zFZKWK?4;KJ<(Ko{&yrpVaTyWt#zYo)W7;+~Bcw$qqa+|jPVq=UqW`~r3lz3!c*R%5 zL))`-y1Ld4jYKjqT_W>LDcj?)&11hye1~Ygsu4HEW9w7(lCI0$2D$sBk&?y`j3GWn zb060mVz=4C0~Ftia{ntqPOJ!Vy(nhiYmoIMoEe|Dz-x48V1g;b1`Rq z5N->b7kT*6GV-6C68c|l)DF)Z#i_nY982{7-u_KaHCM@1d{6e z2%dUhLjG+D#X^BcR{liw!yj+_V5=j8jJ-iov!~ljV$r{igzFU{X8ltUj07DKXqdQI zD9AJw3a?(h0!N4d6*)FIwuW}$ufP5pKs;s<dB7$7(hiyv`!TW%YI5I|t8@N39Z57o*;Q?IwFaQ7# ze9!eTy!wN`cmTm21rLP>IY^P8vFC@v14xA!cmTAa{7W953u3uT#w!Sc5;)?dCgITx zmNQd|rJ^FcT8UMQIAE$mdPc4^#wo&vofS#SajPJ;$+Kf++yX+jGM@zTgyb z<454k^k_bS*1|g#;tt9pU|Pk%09qpWGc0x&FKyE<}3u)g3120*P* z3eay*C&bLWngV@v*xlM-g64P&{KYr=Ptp7@*4V%J<_3FaO_roZ?e#xL3V*NHat&Hw zfS48xgtC}K9QaOE{=-L60SEj(jW=r4L)fltv2g0#p-A7b9(A=o@eBOiV3_8AomW9ZLZ4-pZ_IuFCOfDk|!IRyjwF_@%tHZ6_Egq=Nc2nNU? zZ03wzM8G365<7OC#ul($pc^jIh&d1HQ$&|NAue1j(gYcp$7et~fCT)NjL+~F5ZxOn zD#zAy*^oFr5+_`UE$t+62Lv?DdHfy-l0~C`B?k-EJU~2rZAR3nuw!$=Kt6yB21LkO z37$Bm15|#L2kGph248m4@ZZ$95LGrz!Td^db^I1!e!m1anXRGiPB{~8i?96IjUC~l-M1Za5!6g<1NUh}Y!eru z?J1;dfNgXKsm+ex`jbs$GQ}(lOrd2A5%XOL)lZ2GjC#tPF8iX0xgpYqw)osA%g|n6 z;4Y}TqFu}gvy9jZAVHaxW0fzZE2rYJMltHb^Z-Wb^#jrrTB1cy1Hv5X1 zm%;#h+L*2!YW;R>QNG1~8dfCeng7*H5ghU}BB6D+#jazc)M&{oGLo&>0t1gu^T=fj z1jxc4ie&&35-J1!g-(msGyEJCg4$TLl|%L|`N#zt+$x5P7{PgaOn~De*0X}7TPu2! zlzA2D^yhc+78tW5_)}^e3j0Av4zhG)X$Boch}}8 zElRz3O;v`=0{QT(Mj`{1?|fi56GL_CkEzJzmu#qeShNe%B})XK7WJcXX)J64~h%8Nsj)rVD$i^PAYkf4~`lg#EX|;b%Bm z_kQ4|`~Rghdvv2bAL0jz?q8gr5jA^mv}9u>WX5_#c|q*Z*kK`d``K*-z>J%FFk^&yo^C zkG`vR&elR`16y}Z zkh5TXEV2SOV9^DLmfCh<$!9k0zANHYl)!TQ8!+=W+7aAI$nKqrOhlCoB6(C=%893O zV0DbpF$8B)7}p#A8HM~%Njahxa6d8>IQNGpLPUP})Bo$=HO8NxI^OsQfA}*s;Mn&U zkx#3Ef5B1X&T$dO;RhA|rN&u}7Pp)Fw?jnkFFv;Xm*SKc_#_e6PTSe+F=^6~MCnztT=>{#SNh_WzzGts)Ph=FeAq8xgptDY|t;GZap? zs}SB!6A{FgO+s0WO5+%rQxT##gu}%mSHN>bJVVHzJU>5zap;bHW2a{Jtk4GOSuEQ? zVJo>Qbe>Apcbd0;6hW&PZfR*68RUyS*d+4hSo4i3PR;jNoF}B`^#ez>$c9P^+^hsm zXPjd|CF&-je?LF;BZP6oeUnGB&>@?pH%-rvp5R{6!nD5qH=3Yl@c))y?7wG8n^)y@ zd@NAgvFvB^Fpnna2kq@q%s;3~{`YJ6lgsiMV442kDJT7ZyXBYjU(b`0D#$;{{>&Cya!}=LI3fw|JmdgQHY&^ex0D=x%Y<_ z&KCpQCYZR;39Q>cgGemck)aM9g4~BcBM-6$wJ};z4X(FGw1jgj&3u^+c;dEE?wR6e z-yV7jhcfu`y!%N(8`9O}2XT^yeGw#!MvdHo?9uY>v+X`*^Es+X9{zM(`wP<8K7Xr}`$3n@Pt>vI7?neB{_T zV_lFLfieS3B&Ox-O&h4G_^+5y`_EsqeWov-dIQ8_`>#|fmy-8C?C&Tq@&BGBVb36_ z3OWcAa2RxZA&3K9Ey$5ii`hsh$RK_>NI?evZE*z|d>$jyK`t&5$1D(j36=~DQU!Qy zd#299p3-Ty0DzCCn!*79#2C5$1<&ZK2Tfm9IFO91z>i8@6tDux50{Q&R7=_Td1Sl| z65#`kQqroOH`hb^02 zx(FkSdX3CYm8L+A5Y)WnqQaX@Q^(uh|Ibjc5v1> zOtB);5LqZ)T96bgXi(00jdtfktsOP$XSH@aqn>f^V>lM&Yv+wxTfXeIk8c`3 zg;Lmva6Hq1Np)4Gen8N52sUubGnZ2wfKF>4u5wny9SkJDypNf(q?ULGf@?u|h_QAMC-rz_ z*}?0^9nw5v*j88%#DdCpkUPcEOgYyH=;t$6pl;v^nL8+!7xnucTZt?`9(??*3^3LK zc-&ZtFg9bHWV7ulj9bFG<;+{gzJ(0TV`0d|^!hCf=(~AIjR60o{E;K8%xxUHP;D%w zrUWLv;cGM;B8@P|vFIC==~r%0A~Ot4A#|%ZJzUd-1ww|<_3(slQT_?0#1bS?B8v~qhl#F?}RfTSX*_g#aa z3oFwpj*a_g;VPpv+&*{t4IS9`fF!6c9~s|~R+@wdrKC_ynOhN9Pio8DqzX^ubpybKY9M^ zCH~VhrKtViu88Xlo3MtDh#5ab@LI#XqRc>nu)u`!nmN%%8RWnFcMpa{Z99AhRiH3*_f+ zFilw`R)G}076b+sTV5qLAaZN6+?5QzB|MIgxO_4n13YU?FKkZcDCf7*{Y2fo&bSuD zr$+Km*C?7eQEUgB|6Fr`1&xY!cnB-Aclo8eKM^C=>0Lp5s&{|7Mgg`dI^rKbcv!wg zn8>9yyEkZ6w0k4KGW$2YPxvQd$2xr+X+WxLxkcTWy(6!Y||OPqf5#%VR2gMo6g z+vzrLRi)L@x_YPGKfYI+&F0mlRq1t`t*eQ-qjuGUj&fpk%rCxdbr86mgz4|zAsf|gg(^D~wl32l}nkxG9;9p4n8@hI(*wcmVs2o!d@Rzkm(ej*}BOX zdTvcl+ty9Lb=dogK02n_JlGpFPv+Ve(-}0JKJ49;TFutizS;buAHDz5pEm2T*TQGY z-Ql3oJk%#m*fp3%ub=}(BEc6WBqO5OW`QYxWt?{x6t zX0A=%U$@IQUiYwjJD9wiYey}3W!=;V6{p*2lj|Exon4jm-L5r0?M{z(wPvfM)|}I; zFXpt{Xp*!0){WM5&d-n3)9W(6Q%mDYyQ>~_yUqIGzSYvpt?pG{t=}lS{dTjVsNEZ@ z+w1POK6H2bAI)=p+9;oQPOMJJnb)T~J6D$3yehXmt=Igbmzq|;tMnckpFgN8R4xb$R!$+wa+`)l_@kQoa3gbQ;RVP5r7{YF&M4wFgJ%_uY@`&G|$> zyec&h2j$zl{>R>7w@VJL%g#Zk%gP^jC#B|cU1@2vi%>2@Z)lh!?zliSjH!|~eX_w{SV{L(vYHPF#jrE{bo4?3;7+Sr};dgC&* zYHrKA`3gUdPp&_z9x_9oBP&eJn1!0 z?pwFc2d!@&wfZ-tf8^}774t&t9DF(dpw4fUI|9wtsa_i2wymymW3`Sh8ruA(JKh2aWyh&o$1^llc2x6*=%vX_?;Kcq@S!v5&HBw7OEb?; zuS-4kd}6|`qMqobX7jqzoVD+pr|l!X-tFI()sF|T+jIKo{nDX2F= 1.16.0-0 < 1.26.0-0' + catalog.cattle.io/namespace: cattle-resources-system + catalog.cattle.io/os: linux + catalog.cattle.io/permits-os: linux,windows + catalog.cattle.io/provides-gvr: resources.cattle.io.resourceset/v1 + catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0' + catalog.cattle.io/release-name: rancher-backup + catalog.cattle.io/scope: management + catalog.cattle.io/type: cluster-tool + catalog.cattle.io/ui-component: rancher-backup + catalog.cattle.io/upstream-version: 2.1.1 +apiVersion: v2 +appVersion: 3.0.1-rc2 +description: Provides ability to back up and restore the Rancher application running + on any Kubernetes cluster +icon: https://charts.rancher.io/assets/logos/backup-restore.svg +keywords: +- applications +- infrastructure +kubeVersion: '>= 1.16.0-0' +name: rancher-backup +version: 3.0.1-rc2 diff --git a/charts/rancher-backup/3.0.1-rc2/README.md b/charts/rancher-backup/3.0.1-rc2/README.md new file mode 100644 index 000000000..54b8d7feb --- /dev/null +++ b/charts/rancher-backup/3.0.1-rc2/README.md @@ -0,0 +1,72 @@ +# Rancher Backup + +This chart provides ability to back up and restore the Rancher application running on any Kubernetes cluster. + +Refer [this](https://github.com/rancher/backup-restore-operator) repository for implementation details. + +----- + +### Get Repo Info +```bash +helm repo add rancher-chart https://charts.rancher.io +helm repo update +``` + +----- + +### Install Chart +```bash +helm install rancher-backup-crd rancher-chart/rancher-backup-crd -n cattle-resources-system --create-namespace +helm install rancher-backup rancher-chart/rancher-backup -n cattle-resources-system +``` + +----- + +### Configuration +The following table lists the configurable parameters of the rancher-backup chart and their default values: + +| Parameter | Description | Default | +|----------|---------------|-------| +| image.repository | Container image repository | rancher/backup-restore-operator | +| image.tag | Container image tag | v0.1.0-rc1 | +| s3.enabled | Configure S3 compatible default storage location. Current version supports S3 and MinIO | false | +| s3.credentialSecretName | Name of the Secret containing S3 credentials. This is an optional field. Skip this field in order to use IAM Role authentication. The Secret must contain following two keys, `accessKey` and `secretKey` | "" | +| s3.credentialSecretNamespace | Namespace of the Secret containing S3 credentials. This can be any namespace. | "" | +| s3.region | Region of the S3 Bucket (Required for S3, not valid for MinIO) | "" | +| s3.bucketName | Name of the Bucket | "" | +| s3.folder | Base folder within the Bucket (optional) | "" | +| s3.endpoint | Endpoint for the S3 storage provider | "" | +| s3.endpointCA | Base64 encoded CA cert for the S3 storage provider (optional) | "" | +| s3.insecureTLSSkipVerify | Skip SSL verification | false | +| persistence.enabled | Configure a Persistent Volume as the default storage location. It accepts either a StorageClass name to create a PVC, or directly accepts the PV to use. The Persistent Volume is mounted at `/var/lib/backups` in the operator pod | false | +| persistence.storageClass | StorageClass to use for dynamically provisioning the Persistent Volume, which will be used for storing backups | "" | +| persistence.volumeName | Persistent Volume to use for storing backups | "" | +| persistence.size | Requested size of the Persistent Volume (Applicable when using dynamic provisioning) | "" | +| debug | Set debug flag for backup-restore deployment | false | +| trace | Set trace flag for backup-restore deployment | false | +| nodeSelector | https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector | {} | +| tolerations | https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration | [] | +| affinity | https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity | {} | +| serviceAccount.annotations | Annotations to apply to created service account | {} | + +----- + +### CRDs + +Refer [this](https://github.com/rancher/backup-restore-operator#crds) section for information on CRDs that this chart installs. Also refer [this](https://github.com/rancher/backup-restore-operator/tree/master/examples) folder containing sample manifests for the CRDs. + +----- +### Upgrading Chart +```bash +helm upgrade rancher-backup-crd -n cattle-resources-system +helm upgrade rancher-backup -n cattle-resources-system +``` + +----- +### Uninstall Chart + +```bash +helm uninstall rancher-backup -n cattle-resources-system +helm uninstall rancher-backup-crd -n cattle-resources-system +``` + diff --git a/charts/rancher-backup/3.0.1-rc2/app-readme.md b/charts/rancher-backup/3.0.1-rc2/app-readme.md new file mode 100644 index 000000000..605c30eef --- /dev/null +++ b/charts/rancher-backup/3.0.1-rc2/app-readme.md @@ -0,0 +1,15 @@ +# Rancher Backup + +This chart enables ability to capture backups of the Rancher application and restore from these backups. This chart can be used to migrate Rancher from one Kubernetes cluster to a different Kubernetes cluster. + +For more information on how to use the feature, refer to our [docs](https://ranchermanager.docs.rancher.com/pages-for-subheaders/backup-restore-and-disaster-recovery). + +This chart installs the following components: + +- [backup-restore-operator](https://github.com/rancher/backup-restore-operator) + - The operator handles backing up all Kubernetes resources and CRDs that Rancher creates and manages from the local cluster. It gathers these resources by querying the Kubernetes API server, packages all the resources to create a tarball file and saves it in the configured backup storage location. + - The operator can be configured to store backups in S3-compatible object stores such as AWS S3 and MinIO, and in persistent volumes. During deployment, you can create a default storage location, but there is always the option to override the default storage location with each backup, but will be limited to using an S3-compatible object store. + - It preserves the ownerReferences on all resources, hence maintaining dependencies between objects. + - This operator provides encryption support, to encrypt user specified resources before saving them in the backup file. It uses the same encryption configuration that is used to enable [Kubernetes Encryption at Rest](https://kubernetes.io/docs/tasks/administer-cluster/encrypt-data/). +- Backup - A backup is a CRD (`Backup`) that defines when to take backups, where to store the backup and what encryption to use (optional). Backups can be taken ad hoc or scheduled to be taken in intervals. +- Restore - A restore is a CRD (`Restore`) that defines which backup to use to restore the Rancher application to. diff --git a/charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/aks.yaml b/charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/aks.yaml new file mode 100644 index 000000000..779742058 --- /dev/null +++ b/charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/aks.yaml @@ -0,0 +1,25 @@ +- apiVersion: "apiextensions.k8s.io/v1" + kindsRegexp: "." + resourceNameRegexp: "aks.cattle.io$" +- apiVersion: "aks.cattle.io/v1" + kindsRegexp: "." +- apiVersion: "apps/v1" + kindsRegexp: "^deployments$" + namespaces: + - "cattle-system" + resourceNames: + - "aks-config-operator" +- apiVersion: "rbac.authorization.k8s.io/v1" + kindsRegexp: "^clusterroles$" + resourceNames: + - "aks-operator" +- apiVersion: "rbac.authorization.k8s.io/v1" + kindsRegexp: "^clusterrolebindings$" + resourceNames: + - "aks-operator" +- apiVersion: "v1" + kindsRegexp: "^serviceaccounts$" + namespaces: + - "cattle-system" + resourceNames: + - "aks-operator" diff --git a/charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/eks.yaml b/charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/eks.yaml new file mode 100644 index 000000000..ae57baddf --- /dev/null +++ b/charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/eks.yaml @@ -0,0 +1,17 @@ +- apiVersion: "eks.cattle.io/v1" + kindsRegexp: "." +- apiVersion: "apps/v1" + kindsRegexp: "^deployments$" + resourceNames: + - "eks-config-operator" +- apiVersion: "apiextensions.k8s.io/v1" + kindsRegexp: "." + resourceNameRegexp: "eks.cattle.io$" +- apiVersion: "rbac.authorization.k8s.io/v1" + kindsRegexp: "^clusterroles$" + resourceNames: + - "eks-operator" +- apiVersion: "rbac.authorization.k8s.io/v1" + kindsRegexp: "^clusterrolebindings$" + resourceNames: + - "eks-operator" diff --git a/charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/elemental.yaml b/charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/elemental.yaml new file mode 100644 index 000000000..b59046233 --- /dev/null +++ b/charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/elemental.yaml @@ -0,0 +1,49 @@ +- apiVersion: "apiextensions.k8s.io/v1" + kindsRegexp: "." + resourceNameRegexp: "elemental.cattle.io$" +- apiVersion: "apps/v1" + kindsRegexp: "^deployments$" + namespaces: + - "cattle-elemental-system" + resourceNames: + - "elemental-operator" +- apiVersion: "rbac.authorization.k8s.io/v1" + kindsRegexp: "^clusterroles$" + resourceNames: + - "elemental-operator" +- apiVersion: "rbac.authorization.k8s.io/v1" + kindsRegexp: "^clusterrolebindings$" + resourceNames: + - "elemental-operator" +- apiVersion: "v1" + kindsRegexp: "^serviceaccounts$" + namespaces: + - "cattle-elemental-system" + resourceNames: + - "elemental-operator" +- apiVersion: "management.cattle.io/v3" + kindsRegexp: "^globalrole$" + resourceNames: + - "elemental-operator" +- apiVersion: "management.cattle.io/v3" + kindsRegexp: "^apiservice$" + resourceNameRegexp: "elemental.cattle.io$" +- apiVersion: "elemental.cattle.io/v1beta1" + kindsRegexp: "." + namespaceRegexp: "^cattle-fleet-|^fleet-|^cluster-fleet-" +- apiVersion: "rbac.authorization.k8s.io/v1" + kindsRegexp: "^roles$|^rolebindings$" + labelSelectors: + matchExpressions: + - key: "elemental.cattle.io/managed" + operator: "In" + values: ["true"] + namespaceRegexp: "^cattle-fleet-|^fleet-|^cluster-fleet-" +- apiVersion: "v1" + kindsRegexp: "^secrets$|^serviceaccounts$" + labelSelectors: + matchExpressions: + - key: "elemental.cattle.io/managed" + operator: "In" + values: ["true"] + namespaceRegexp: "^cattle-fleet-|^fleet-|^cluster-fleet-" diff --git a/charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/fleet.yaml b/charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/fleet.yaml new file mode 100644 index 000000000..9e57c4b45 --- /dev/null +++ b/charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/fleet.yaml @@ -0,0 +1,50 @@ +- apiVersion: "v1" + kindsRegexp: "^namespaces$" + resourceNameRegexp: "^fleet-|^cluster-fleet-" +- apiVersion: "v1" + kindsRegexp: "^secrets$" + namespaceRegexp: "^cattle-fleet-|^fleet-|^cluster-fleet-" + labelSelectors: + matchExpressions: + - key: "owner" + operator: "NotIn" + values: ["helm"] + - key: "fleet.cattle.io/managed" + operator: "In" + values: ["true"] +- apiVersion: "v1" + kindsRegexp: "^serviceaccounts$" + namespaceRegexp: "^cattle-fleet-|^fleet-|^cluster-fleet-" + excludeResourceNameRegexp: "^default$" +- apiVersion: "v1" + kindsRegexp: "^configmaps$" + namespaceRegexp: "^cattle-fleet-|^fleet-|^cluster-fleet-" +- apiVersion: "rbac.authorization.k8s.io/v1" + kindsRegexp: "^roles$|^rolebindings$" + namespaceRegexp: "^cattle-fleet-|^fleet-|^cluster-fleet-" +- apiVersion: "rbac.authorization.k8s.io/v1" + kindsRegexp: "^clusterrolebindings$" + resourceNameRegexp: "^fleet-|^gitjob-" +- apiVersion: "rbac.authorization.k8s.io/v1" + kindsRegexp: "^clusterroles$" + resourceNameRegexp: "^fleet-" + resourceNames: + - "gitjob" +- apiVersion: "apiextensions.k8s.io/v1" + kindsRegexp: "." + resourceNameRegexp: "fleet.cattle.io$|gitjob.cattle.io$" +- apiVersion: "fleet.cattle.io/v1alpha1" + kindsRegexp: "." +- apiVersion: "gitjob.cattle.io/v1" + kindsRegexp: "." +- apiVersion: "apps/v1" + kindsRegexp: "^deployments$" + namespaceRegexp: "^cattle-fleet-|^fleet-|^cluster-fleet-" + resourceNameRegexp: "^fleet-" + resourceNames: + - "gitjob" +- apiVersion: "apps/v1" + kindsRegexp: "^services$" + namespaceRegexp: "^cattle-fleet-|^fleet-|^cluster-fleet-" + resourceNames: + - "gitjob" diff --git a/charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/gke.yaml b/charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/gke.yaml new file mode 100644 index 000000000..a87eef364 --- /dev/null +++ b/charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/gke.yaml @@ -0,0 +1,17 @@ +- apiVersion: "apiextensions.k8s.io/v1" + kindsRegexp: "." + resourceNameRegexp: "gke.cattle.io$" +- apiVersion: "gke.cattle.io/v1" + kindsRegexp: "." +- apiVersion: "apps/v1" + kindsRegexp: "^deployments$" + resourceNames: + - "gke-config-operator" +- apiVersion: "rbac.authorization.k8s.io/v1" + kindsRegexp: "^clusterroles$" + resourceNames: + - "gke-operator" +- apiVersion: "rbac.authorization.k8s.io/v1" + kindsRegexp: "^clusterrolebindings$" + resourceNames: + - "gke-operator" diff --git a/charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/provisioningv2.yaml b/charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/provisioningv2.yaml new file mode 100644 index 000000000..1fd792434 --- /dev/null +++ b/charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/provisioningv2.yaml @@ -0,0 +1,20 @@ +- apiVersion: "apiextensions.k8s.io/v1" + kindsRegexp: "." + resourceNameRegexp: "provisioning.cattle.io$|rke-machine-config.cattle.io$|rke-machine.cattle.io$|rke.cattle.io$|cluster.x-k8s.io$" +- apiVersion: "provisioning.cattle.io/v1" + kindsRegexp: "." +- apiVersion: "rke-machine-config.cattle.io/v1" + kindsRegexp: "." +- apiVersion: "rke-machine.cattle.io/v1" + kindsRegexp: "." +- apiVersion: "rke.cattle.io/v1" + kindsRegexp: "." +- apiVersion: "cluster.x-k8s.io/v1alpha4" + kindsRegexp: "." +- apiVersion: "cluster.x-k8s.io/v1beta1" + kindsRegexp: "." +- apiVersion: "v1" + kindsRegexp: "^secrets$" + resourceNameRegexp: "machine-plan$|rke-state$|machine-state$|machine-driver-secret$|machine-provision$|^harvesterconfig" + namespaces: + - "fleet-default" diff --git a/charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/rancher-operator.yaml b/charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/rancher-operator.yaml new file mode 100644 index 000000000..f30c2fd96 --- /dev/null +++ b/charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/rancher-operator.yaml @@ -0,0 +1,28 @@ +- apiVersion: "rancher.cattle.io/v1" + kindsRegexp: "." +- apiVersion: "apps/v1" + kindsRegexp: "^deployments$" + resourceNames: + - "rancher-operator" + namespaces: + - "rancher-operator-system" +- apiVersion: "v1" + kindsRegexp: "^serviceaccounts$" + namespaces: + - "rancher-operator-system" + excludeResourceNameRegexp: "^default$" +- apiVersion: "rbac.authorization.k8s.io/v1" + kindsRegexp: "^clusterrolebindings$" + resourceNames: + - "rancher-operator" +- apiVersion: "rbac.authorization.k8s.io/v1" + kindsRegexp: "^clusterroles$" + resourceNames: + - "rancher-operator" +- apiVersion: "apiextensions.k8s.io/v1" + kindsRegexp: "." + resourceNameRegexp: "rancher.cattle.io$" +- apiVersion: "v1" + kindsRegexp: "^namespaces$" + resourceNames: + - "rancher-operator-system" diff --git a/charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/rancher.yaml b/charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/rancher.yaml new file mode 100644 index 000000000..ba681c5b2 --- /dev/null +++ b/charts/rancher-backup/3.0.1-rc2/files/default-resourceset-contents/rancher.yaml @@ -0,0 +1,54 @@ +- apiVersion: "v1" + kindsRegexp: "^namespaces$" + resourceNameRegexp: "^cattle-|^p-|^c-|^user-|^u-" + resourceNames: + - "local" +- apiVersion: "v1" + kindsRegexp: "^secrets$" + namespaceRegexp: "^cattle-|^p-|^c-|^local$|^user-|^u-" + labelSelectors: + matchExpressions: + - key: "owner" + operator: "NotIn" + values: ["helm"] + excludeResourceNameRegexp: "^bootstrap-secret$|^rancher-csp-adapter|^csp-adapter-cache$" +- apiVersion: "v1" + kindsRegexp: "^serviceaccounts$" + namespaceRegexp: "^cattle-|^p-|^c-|^local$|^user-|^u-" + excludeResourceNameRegexp: "^default$|^rancher-csp-adapter$" +- apiVersion: "v1" + kindsRegexp: "^configmaps$" + namespaces: + - "cattle-system" +- apiVersion: "rbac.authorization.k8s.io/v1" + kindsRegexp: "^roles$|^rolebindings$" + namespaceRegexp: "^cattle-|^p-|^c-|^local$|^user-|^u-" + excludeResourceNameRegexp: "^rancher-csp-adapter" +- apiVersion: "rbac.authorization.k8s.io/v1" + kindsRegexp: "^clusterrolebindings$" + resourceNameRegexp: "^cattle-|^clusterrolebinding-|^globaladmin-user-|^grb-u-|^crb-" +- apiVersion: "rbac.authorization.k8s.io/v1" + kindsRegexp: "^clusterroles$" + resourceNameRegexp: "^cattle-|^p-|^c-|^local-|^user-|^u-|^project-|^create-ns$" + excludeResourceNameRegexp: "^rancher-csp-adapter-" +- apiVersion: "apiextensions.k8s.io/v1" + kindsRegexp: "." + resourceNameRegexp: "management.cattle.io$|project.cattle.io$|catalog.cattle.io$|resources.cattle.io$" +- apiVersion: "management.cattle.io/v3" + kindsRegexp: "." + excludeKinds: + - "tokens" + - "rancherusernotifications" +- apiVersion: "management.cattle.io/v3" + kindsRegexp: "^tokens$" + labelSelectors: + matchExpressions: + - key: "authn.management.cattle.io/kind" + operator: "NotIn" + values: [ "provisioning" ] +- apiVersion: "project.cattle.io/v3" + kindsRegexp: "." +- apiVersion: "catalog.cattle.io/v1" + kindsRegexp: "^clusterrepos$" +- apiVersion: "resources.cattle.io/v1" + kindsRegexp: "^ResourceSet$" diff --git a/charts/rancher-backup/3.0.1-rc2/templates/_helpers.tpl b/charts/rancher-backup/3.0.1-rc2/templates/_helpers.tpl new file mode 100644 index 000000000..a5e485243 --- /dev/null +++ b/charts/rancher-backup/3.0.1-rc2/templates/_helpers.tpl @@ -0,0 +1,87 @@ +{{- define "system_default_registry" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} + +{{/* +Windows cluster will add default taint for linux nodes, +add below linux tolerations to workloads could be scheduled to those linux nodes +*/}} +{{- define "linux-node-tolerations" -}} +- key: "cattle.io/os" + value: "linux" + effect: "NoSchedule" + operator: "Equal" +{{- end -}} + +{{- define "linux-node-selector" -}} +{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}} +beta.kubernetes.io/os: linux +{{- else -}} +kubernetes.io/os: linux +{{- end -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "backupRestore.fullname" -}} +{{- .Chart.Name | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "backupRestore.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "backupRestore.labels" -}} +helm.sh/chart: {{ include "backupRestore.chart" . }} +{{ include "backupRestore.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "backupRestore.selectorLabels" -}} +app.kubernetes.io/name: {{ include "backupRestore.fullname" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +resources.cattle.io/operator: backup-restore +{{- end }} + + +{{/* +Create the name of the service account to use +*/}} +{{- define "backupRestore.serviceAccountName" -}} +{{ include "backupRestore.fullname" . }} +{{- end }} + + +{{- define "backupRestore.s3SecretName" -}} +{{- printf "%s-%s" .Chart.Name "s3" | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create PVC name using release and revision number, unless a volumeName is given. +*/}} +{{- define "backupRestore.pvcName" -}} +{{- if and .Values.persistence.volumeName }} +{{- printf "%s" .Values.persistence.volumeName }} +{{- else -}} +{{- printf "%s-%d" .Release.Name .Release.Revision }} +{{- end }} +{{- end }} + diff --git a/charts/rancher-backup/3.0.1-rc2/templates/clusterrolebinding.yaml b/charts/rancher-backup/3.0.1-rc2/templates/clusterrolebinding.yaml new file mode 100644 index 000000000..cf4abf670 --- /dev/null +++ b/charts/rancher-backup/3.0.1-rc2/templates/clusterrolebinding.yaml @@ -0,0 +1,14 @@ +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ include "backupRestore.fullname" . }} + labels: + {{- include "backupRestore.labels" . | nindent 4 }} +subjects: +- kind: ServiceAccount + name: {{ include "backupRestore.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +roleRef: + kind: ClusterRole + name: cluster-admin + apiGroup: rbac.authorization.k8s.io diff --git a/charts/rancher-backup/3.0.1-rc2/templates/deployment.yaml b/charts/rancher-backup/3.0.1-rc2/templates/deployment.yaml new file mode 100644 index 000000000..631fa458b --- /dev/null +++ b/charts/rancher-backup/3.0.1-rc2/templates/deployment.yaml @@ -0,0 +1,79 @@ +{{- if and .Values.s3.enabled .Values.persistence.enabled }} +{{- fail "\n\nCannot configure both s3 and PV for storing backups" }} +{{- end }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "backupRestore.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "backupRestore.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "backupRestore.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "backupRestore.selectorLabels" . | nindent 8 }} + annotations: + checksum/s3: {{ include (print $.Template.BasePath "/s3-secret.yaml") . | sha256sum }} + checksum/pvc: {{ include (print $.Template.BasePath "/pvc.yaml") . | sha256sum }} + spec: + serviceAccountName: {{ include "backupRestore.serviceAccountName" . }} + {{- if .Values.imagePullSecrets }} + imagePullSecrets: + {{ toYaml .Values.imagePullSecrets | indent 6 }} + {{- end }} + {{- if .Values.priorityClassName }} + priorityClassName: {{ .Values.priorityClassName }} + {{- end }} + containers: + - name: {{ .Chart.Name }} + image: {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }} + imagePullPolicy: {{ default "Always" .Values.imagePullPolicy }} + args: +{{- if .Values.debug }} + - "--debug" +{{- end }} +{{- if .Values.trace }} + - "--trace" +{{- end }} + env: + - name: CHART_NAMESPACE + value: {{ .Release.Namespace }} + {{- if .Values.s3.enabled }} + - name: DEFAULT_S3_BACKUP_STORAGE_LOCATION + value: {{ include "backupRestore.s3SecretName" . }} + {{- end }} + {{- if .Values.proxy }} + - name: HTTP_PROXY + value: {{ .Values.proxy }} + - name: HTTPS_PROXY + value: {{ .Values.proxy }} + - name: NO_PROXY + value: {{ .Values.noProxy }} + {{- end }} + {{- if .Values.persistence.enabled }} + - name: DEFAULT_PERSISTENCE_ENABLED + value: "persistence-enabled" + volumeMounts: + - mountPath: "/var/lib/backups" + name: pv-storage + volumes: + - name: pv-storage + persistentVolumeClaim: + claimName: {{ include "backupRestore.pvcName" . }} + {{- end }} + nodeSelector: {{ include "linux-node-selector" . | nindent 8 }} +{{- if .Values.nodeSelector }} +{{ toYaml .Values.nodeSelector | indent 8 }} +{{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + tolerations: {{ include "linux-node-tolerations" . | nindent 8 }} +{{- if .Values.tolerations }} +{{ toYaml .Values.tolerations | indent 8 }} +{{- end }} diff --git a/charts/rancher-backup/3.0.1-rc2/templates/hardened.yaml b/charts/rancher-backup/3.0.1-rc2/templates/hardened.yaml new file mode 100644 index 000000000..3e23d3093 --- /dev/null +++ b/charts/rancher-backup/3.0.1-rc2/templates/hardened.yaml @@ -0,0 +1,124 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "backupRestore.fullname" . }}-patch-sa + namespace: {{ .Release.Namespace }} + labels: {{ include "backupRestore.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": post-install, post-upgrade + "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation +spec: + backoffLimit: 1 + template: + spec: + serviceAccountName: {{ include "backupRestore.fullname" . }}-patch-sa + securityContext: + runAsNonRoot: true + runAsUser: 1000 + restartPolicy: Never + nodeSelector: {{ include "linux-node-selector" . | nindent 8 }} +{{- if .Values.nodeSelector }} +{{ toYaml .Values.nodeSelector | indent 8 }} +{{- end }} + tolerations: {{ include "linux-node-tolerations" . | nindent 8 }} +{{- if .Values.tolerations }} +{{ toYaml .Values.tolerations | indent 8 }} +{{- end }} + containers: + - name: {{ include "backupRestore.fullname" . }}-patch-sa + image: {{ include "system_default_registry" . }}{{ .Values.global.kubectl.repository }}:{{ .Values.global.kubectl.tag }} + imagePullPolicy: IfNotPresent + command: ["kubectl", "-n", {{ .Release.Namespace | quote }}, "patch", "serviceaccount", "default", "-p", "{\"automountServiceAccountToken\": false}"] +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "backupRestore.fullname" . }}-patch-sa + namespace: {{ .Release.Namespace }} + labels: {{ include "backupRestore.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": post-install, post-upgrade + "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "backupRestore.fullname" . }}-patch-sa + labels: {{ include "backupRestore.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": post-install, post-upgrade + "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation +rules: + - apiGroups: [""] + resources: ["serviceaccounts"] + verbs: ["get", "patch"] +{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy"}} + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: + - {{ include "backupRestore.fullname" . }}-patch-sa +{{- end}} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "backupRestore.fullname" . }}-patch-sa + labels: {{ include "backupRestore.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": post-install, post-upgrade + "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "backupRestore.fullname" . }}-patch-sa +subjects: + - kind: ServiceAccount + name: {{ include "backupRestore.fullname" . }}-patch-sa + namespace: {{ .Release.Namespace }} +--- +{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy"}} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ include "backupRestore.fullname" . }}-patch-sa + labels: {{ include "backupRestore.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": post-install, post-upgrade + "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation +spec: + privileged: false + hostNetwork: false + hostIPC: false + hostPID: false + runAsUser: + rule: 'MustRunAsNonRoot' + seLinux: + rule: 'RunAsAny' + supplementalGroups: + rule: 'MustRunAs' + ranges: + - min: 1 + max: 65535 + fsGroup: + rule: 'MustRunAs' + ranges: + - min: 1 + max: 65535 + readOnlyRootFilesystem: false + volumes: + - 'secret' +{{- end}} +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ include "backupRestore.fullname" . }}-default-allow-all + namespace: {{ .Release.Namespace }} +spec: + podSelector: {} + egress: + - {} + policyTypes: + - Ingress + - Egress diff --git a/charts/rancher-backup/3.0.1-rc2/templates/psp.yaml b/charts/rancher-backup/3.0.1-rc2/templates/psp.yaml new file mode 100644 index 000000000..d6385e14a --- /dev/null +++ b/charts/rancher-backup/3.0.1-rc2/templates/psp.yaml @@ -0,0 +1,31 @@ +{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" -}} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ include "backupRestore.fullname" . }}-psp + labels: {{ include "backupRestore.labels" . | nindent 4 }} +spec: + privileged: false + allowPrivilegeEscalation: false + hostNetwork: false + hostIPC: false + hostPID: false + runAsUser: + rule: 'MustRunAsNonRoot' + seLinux: + rule: 'RunAsAny' + supplementalGroups: + rule: 'MustRunAs' + ranges: + - min: 1 + max: 65535 + fsGroup: + rule: 'MustRunAs' + ranges: + - min: 1 + max: 65535 + readOnlyRootFilesystem: false + volumes: + - 'persistentVolumeClaim' + - 'secret' +{{- end -}} diff --git a/charts/rancher-backup/3.0.1-rc2/templates/pvc.yaml b/charts/rancher-backup/3.0.1-rc2/templates/pvc.yaml new file mode 100644 index 000000000..ff57e4dab --- /dev/null +++ b/charts/rancher-backup/3.0.1-rc2/templates/pvc.yaml @@ -0,0 +1,27 @@ +{{- if and .Values.persistence.enabled -}} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ include "backupRestore.pvcName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "backupRestore.labels" . | nindent 4 }} +spec: + accessModes: + - ReadWriteOnce + resources: + {{- with .Values.persistence }} + requests: + storage: {{ .size | quote }} +{{- if .storageClass }} +{{- if (eq "-" .storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: {{ .storageClass | quote }} +{{- end }} +{{- end }} +{{- if .volumeName }} + volumeName: {{ .volumeName | quote }} +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/rancher-backup/3.0.1-rc2/templates/rancher-resourceset.yaml b/charts/rancher-backup/3.0.1-rc2/templates/rancher-resourceset.yaml new file mode 100644 index 000000000..05add8824 --- /dev/null +++ b/charts/rancher-backup/3.0.1-rc2/templates/rancher-resourceset.yaml @@ -0,0 +1,13 @@ +apiVersion: resources.cattle.io/v1 +kind: ResourceSet +metadata: + name: rancher-resource-set +controllerReferences: + - apiVersion: "apps/v1" + resource: "deployments" + name: "rancher" + namespace: "cattle-system" +resourceSelectors: +{{- range $path, $_ := .Files.Glob "files/default-resourceset-contents/*.yaml" -}} + {{- $.Files.Get $path | nindent 2 -}} +{{- end -}} diff --git a/charts/rancher-backup/3.0.1-rc2/templates/s3-secret.yaml b/charts/rancher-backup/3.0.1-rc2/templates/s3-secret.yaml new file mode 100644 index 000000000..726509730 --- /dev/null +++ b/charts/rancher-backup/3.0.1-rc2/templates/s3-secret.yaml @@ -0,0 +1,31 @@ +{{- if .Values.s3.enabled -}} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "backupRestore.s3SecretName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "backupRestore.labels" . | nindent 4 }} +type: Opaque +stringData: + {{- with .Values.s3 }} + {{- if .credentialSecretName }} + credentialSecretName: {{ .credentialSecretName }} + credentialSecretNamespace: {{ required "When providing a Secret containing S3 credentials, a valid .Values.credentialSecretNamespace must be provided" .credentialSecretNamespace }} + {{- end }} + {{- if .region }} + region: {{ .region | quote }} + {{- end }} + bucketName: {{ required "A valid .Values.bucketName is required for configuring S3 compatible storage as the default backup storage location" .bucketName | quote }} + {{- if .folder }} + folder: {{ .folder | quote }} + {{- end }} + endpoint: {{ required "A valid .Values.endpoint is required for configuring S3 compatible storage as the default backup storage location" .endpoint | quote }} + {{- if .endpointCA }} + endpointCA: {{ .endpointCA }} + {{- end }} + {{- if .insecureTLSSkipVerify }} + insecureTLSSkipVerify: {{ .insecureTLSSkipVerify | quote }} + {{- end }} + {{- end }} +{{ end }} diff --git a/charts/rancher-backup/3.0.1-rc2/templates/serviceaccount.yaml b/charts/rancher-backup/3.0.1-rc2/templates/serviceaccount.yaml new file mode 100644 index 000000000..754e1fe89 --- /dev/null +++ b/charts/rancher-backup/3.0.1-rc2/templates/serviceaccount.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "backupRestore.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "backupRestore.labels" . | nindent 4 }} +{{- if .Values.serviceAccount.annotations }} + annotations: + {{- toYaml .Values.serviceAccount.annotations | nindent 4 }} +{{- end }} diff --git a/charts/rancher-backup/3.0.1-rc2/templates/validate-install-crd.yaml b/charts/rancher-backup/3.0.1-rc2/templates/validate-install-crd.yaml new file mode 100644 index 000000000..f63fd2e2e --- /dev/null +++ b/charts/rancher-backup/3.0.1-rc2/templates/validate-install-crd.yaml @@ -0,0 +1,16 @@ +#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}} +# {{- $found := dict -}} +# {{- set $found "resources.cattle.io/v1/Backup" false -}} +# {{- set $found "resources.cattle.io/v1/ResourceSet" false -}} +# {{- set $found "resources.cattle.io/v1/Restore" false -}} +# {{- range .Capabilities.APIVersions -}} +# {{- if hasKey $found (toString .) -}} +# {{- set $found (toString .) true -}} +# {{- end -}} +# {{- end -}} +# {{- range $_, $exists := $found -}} +# {{- if (eq $exists false) -}} +# {{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}} +# {{- end -}} +# {{- end -}} +#{{- end -}} \ No newline at end of file diff --git a/charts/rancher-backup/3.0.1-rc2/tests/deployment_test.yaml b/charts/rancher-backup/3.0.1-rc2/tests/deployment_test.yaml new file mode 100644 index 000000000..671d415db --- /dev/null +++ b/charts/rancher-backup/3.0.1-rc2/tests/deployment_test.yaml @@ -0,0 +1,216 @@ +suite: Test Deployment +templates: +- deployment.yaml +- s3-secret.yaml +- pvc.yaml +- _helpers.tpl +tests: +- it: should set name + template: deployment.yaml + asserts: + - equal: + path: metadata.name + value: "rancher-backup" +- it: should set namespace + template: deployment.yaml + asserts: + - equal: + path: metadata.namespace + value: "NAMESPACE" +- it: should set priorityClassName + set: + priorityClassName: "testClass" + template: deployment.yaml + asserts: + - equal: + path: spec.template.spec.priorityClassName + value: "testClass" +- it: should set default imagePullPolicy + template: deployment.yaml + asserts: + - equal: + path: spec.template.spec.containers[0].imagePullPolicy + value: "Always" +- it: should set imagePullPolicy + set: + imagePullPolicy: "IfNotPresent" + template: deployment.yaml + asserts: + - equal: + path: spec.template.spec.containers[0].imagePullPolicy + value: "IfNotPresent" +- it: should set debug loglevel + set: + debug: true + template: deployment.yaml + asserts: + - contains: + path: spec.template.spec.containers[0].args + content: "--debug" +- it: should set trace loglevel + set: + trace: true + template: deployment.yaml + asserts: + - contains: + path: spec.template.spec.containers[0].args + content: "--trace" +- it: should set proxy environment variables + set: + proxy: "https://127.0.0.1:3128" + template: deployment.yaml + asserts: + - contains: + path: spec.template.spec.containers[0].env + content: + name: HTTP_PROXY + value: "https://127.0.0.1:3128" + - contains: + path: spec.template.spec.containers[0].env + content: + name: HTTPS_PROXY + value: "https://127.0.0.1:3128" + - contains: + path: spec.template.spec.containers[0].env + content: + name: NO_PROXY + value: "127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,.svc,.cluster.local" +- it: should set proxy environment variables with modified noproxy + set: + proxy: "https://127.0.0.1:3128" + noProxy: "192.168.0.0/24" + template: deployment.yaml + asserts: + - contains: + path: spec.template.spec.containers[0].env + content: + name: NO_PROXY + value: "192.168.0.0/24" +- it: should set persistence variables + set: + persistence.enabled: true + template: deployment.yaml + asserts: + - contains: + path: spec.template.spec.containers[0].env + content: + name: DEFAULT_PERSISTENCE_ENABLED + value: "persistence-enabled" + - contains: + path: spec.template.spec.containers[0].volumeMounts + content: + mountPath: "/var/lib/backups" + name: "pv-storage" + - equal: + path: spec.template.spec.volumes[0].name + value: "pv-storage" + - equal: + path: spec.template.spec.volumes[0].persistentVolumeClaim + value: + claimName: RELEASE-NAME-0 +- it: should set claim from custom static volumeName + set: + persistence.enabled: true + persistence.volumeName: "PREDEFINED-VOLUME" + persistence.storageClass: "PREDEFINED-STORAGECLASS" + persistence.size: "PREDIFINED-SAMEAS-PVSIZE" + template: deployment.yaml + asserts: + - contains: + path: spec.template.spec.containers[0].env + content: + name: DEFAULT_PERSISTENCE_ENABLED + value: "persistence-enabled" + - equal: + path: spec.template.spec.volumes[0].persistentVolumeClaim + value: + claimName: PREDEFINED-VOLUME +- it: should set private registry + template: deployment.yaml + set: + global.cattle.systemDefaultRegistry: "my.registry.local:3000" + asserts: + - matchRegex: + path: spec.template.spec.containers[0].image + pattern: ^my.registry.local:3000/rancher/backup-restore-operator:.*$ +- it: should set nodeselector + template: deployment.yaml + asserts: + - equal: + path: spec.template.spec.nodeSelector + value: + kubernetes.io/os: linux +- it: should not set default affinity + template: deployment.yaml + asserts: + - isNull: + path: spec.template.spec.affinity +- it: should set custom affinity + template: deployment.yaml + set: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: disktype + operator: In + values: + - ssd + asserts: + - equal: + path: spec.template.spec.affinity + value: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: disktype + operator: In + values: + - ssd +- it: should set tolerations + template: deployment.yaml + asserts: + - equal: + path: spec.template.spec.tolerations[0] + value: + key: "cattle.io/os" + value: "linux" + effect: "NoSchedule" + operator: "Equal" +- it: should set custom tolerations + template: deployment.yaml + set: + tolerations: + - key: "example-key" + operator: "Exists" + effect: "NoSchedule" + asserts: + - equal: + path: spec.template.spec.tolerations[0] + value: + key: "cattle.io/os" + value: "linux" + effect: "NoSchedule" + operator: "Equal" + - equal: + path: spec.template.spec.tolerations[1] + value: + key: "example-key" + operator: "Exists" + effect: "NoSchedule" +- it: should not set default imagePullSecrets + template: deployment.yaml + asserts: + - isNull: + path: spec.template.spec.imagePullSecrets +- it: should set imagePullSecrets + set: + imagePullSecrets: + - name: "pull-secret" + template: deployment.yaml + asserts: + - equal: + path: spec.template.spec.imagePullSecrets[0].name + value: "pull-secret" diff --git a/charts/rancher-backup/3.0.1-rc2/tests/pvc_test.yaml b/charts/rancher-backup/3.0.1-rc2/tests/pvc_test.yaml new file mode 100644 index 000000000..30d64e7a0 --- /dev/null +++ b/charts/rancher-backup/3.0.1-rc2/tests/pvc_test.yaml @@ -0,0 +1,105 @@ +suite: Test PVC +templates: +- pvc.yaml +- _helpers.tpl +tests: +- it: should set name + template: pvc.yaml + set: + persistence: + enabled: true + asserts: + - equal: + path: metadata.name + value: "RELEASE-NAME-0" +- it: should set namespace + template: pvc.yaml + set: + persistence: + enabled: true + asserts: + - equal: + path: metadata.namespace + value: "NAMESPACE" +- it: should set accessModes + template: pvc.yaml + set: + persistence: + enabled: true + asserts: + - equal: + path: spec.accessModes[0] + value: "ReadWriteOnce" +- it: should set size + template: pvc.yaml + set: + persistence: + enabled: true + asserts: + - equal: + path: spec.resources.requests.storage + value: "2Gi" +- it: should set size + template: pvc.yaml + set: + persistence: + enabled: true + size: "10Gi" + asserts: + - equal: + path: spec.resources.requests.storage + value: "10Gi" +- it: should not set volumeName + template: pvc.yaml + set: + persistence: + enabled: true + asserts: + - isNull: + path: spec.volumeName +- it: should set default storageClass + template: pvc.yaml + set: + persistence: + enabled: true + asserts: + - equal: + path: spec.storageClassName + value: "" +- it: should set custom storageClass + template: pvc.yaml + set: + persistence: + enabled: true + storageClass: "storage-class" + asserts: + - equal: + path: spec.storageClassName + value: "storage-class" +- it: should set custom volumeName + template: pvc.yaml + set: + persistence: + enabled: true + volumeName: "volume-name" + asserts: + - equal: + path: spec.volumeName + value: "volume-name" +- it: should set claim from custom static volumeName + set: + persistence.enabled: true + persistence.volumeName: "PREDEFINED-VOLUME" + persistence.storageClass: "PREDEFINED-STORAGECLASS" + persistence.size: "PREDEFINED-SAMEAS-PVSIZE" + template: pvc.yaml + set: + persistence: + enabled: true + asserts: + - equal: + path: spec.resources.requests.storage + value: "PREDEFINED-SAMEAS-PVSIZE" + - equal: + path: spec.storageClassName + value: "PREDEFINED-STORAGECLASS" diff --git a/charts/rancher-backup/3.0.1-rc2/tests/s3-secret_test.yaml b/charts/rancher-backup/3.0.1-rc2/tests/s3-secret_test.yaml new file mode 100644 index 000000000..af130dd29 --- /dev/null +++ b/charts/rancher-backup/3.0.1-rc2/tests/s3-secret_test.yaml @@ -0,0 +1,141 @@ +suite: Test S3 Secret +templates: +- s3-secret.yaml +- _helpers.tpl +tests: +- it: should set name + template: s3-secret.yaml + set: + s3: + enabled: true + bucketName: "yourbucket" + endpoint: "https://s3.amazonaws.com" + asserts: + - equal: + path: metadata.name + value: "rancher-backup-s3" +- it: should set namespace + template: s3-secret.yaml + set: + s3: + enabled: true + bucketName: "yourbucket" + endpoint: "https://s3.amazonaws.com" + asserts: + - equal: + path: metadata.namespace + value: "NAMESPACE" +- it: should not set credentialSecretName + template: s3-secret.yaml + set: + s3: + enabled: true + bucketName: "yourbucket" + endpoint: "https://s3.amazonaws.com" + asserts: + - isNull: + path: stringData.credentialSecretName +- it: should set credentialSecretName + template: s3-secret.yaml + set: + s3: + enabled: true + bucketName: "yourbucket" + endpoint: "https://s3.amazonaws.com" + credentialSecretName: "credential-secret-name" + credentialSecretNamespace: "credential-secret-namespace" + asserts: + - equal: + path: stringData.credentialSecretName + value: "credential-secret-name" + - equal: + path: stringData.credentialSecretNamespace + value: "credential-secret-namespace" +- it: should not set folder + template: s3-secret.yaml + set: + s3: + enabled: true + bucketName: "yourbucket" + endpoint: "https://s3.amazonaws.com" + asserts: + - isNull: + path: stringData.folder +- it: should set folder + template: s3-secret.yaml + set: + s3: + enabled: true + bucketName: "yourbucket" + endpoint: "https://s3.amazonaws.com" + folder: "myfolder" + asserts: + - equal: + path: stringData.folder + value: "myfolder" +- it: should not set region + template: s3-secret.yaml + set: + s3: + enabled: true + bucketName: "yourbucket" + endpoint: "https://s3.amazonaws.com" + asserts: + - isNull: + path: stringData.region +- it: should set region + template: s3-secret.yaml + set: + s3: + enabled: true + bucketName: "yourbucket" + endpoint: "https://s3.amazonaws.com" + region: "us-west-1" + asserts: + - equal: + path: stringData.region + value: "us-west-1" +- it: should not set endpointCA + template: s3-secret.yaml + set: + s3: + enabled: true + bucketName: "yourbucket" + endpoint: "https://s3.amazonaws.com" + asserts: + - isNull: + path: stringData.endpointCA +- it: should set endpointCA + template: s3-secret.yaml + set: + s3: + enabled: true + bucketName: "yourbucket" + endpoint: "https://s3.amazonaws.com" + endpointCA: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURHakNDQWdLZ0F3SUJBZ0lKQUtpWFZpNEpBb0J5TUEwR0NTcUdTSWIzRFFFQkN3VUFNQkl4RURBT0JnTlYKQkFNTUIzUmxjM1F0WTJFd0hoY05NakF3T0RNd01UZ3lOVFE1V2hjTk1qQXhNREk1TVRneU5UUTVXakFTTVJBdwpEZ1lEVlFRRERBZDBaWE4wTFdOaE1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBCjA4dnV3Q2Y0SEhtR2Q2azVNTmozRW5NOG00T2RpS3czSGszd1NlOUlXQkwyVzY5WDZxenBhN2I2M3U2L05mMnkKSnZWNDVqeXplRFB6bFJycjlpbEpWaVZ1NFNqWlFjdG9jWmFCaVNsL0xDbEFDdkFaUlYvKzN0TFVTZSs1ZDY0QQpWcUhDQlZObU5xM3E3aVY0TE1aSVpRc3N6K0FxaU1Sd0pOMVVKQTZ6V0tUc2Yzc3ByQ0J2dWxJWmZsVXVETVAyCnRCTCt6cXZEc0pDdWlhNEEvU2JNT29tVmM2WnNtTGkwMjdub3dGRld3MnRpSkM5d0xMRE14NnJoVHQ4a3VvVHYKQXJpUjB4WktiRU45L1Uzb011eUVKbHZyck9YS2ZuUDUwbk8ycGNaQnZCb3pUTStYZnRvQ1d5UnhKUmI5cFNTRApKQjlmUEFtLzNZcFpMMGRKY2sxR1h3SURBUUFCbzNNd2NUQWRCZ05WSFE0RUZnUVU5NHU4WXlMdmE2MTJnT1pyCm44QnlFQ2NucVFjd1FnWURWUjBqQkRzd09ZQVU5NHU4WXlMdmE2MTJnT1pybjhCeUVDY25xUWVoRnFRVU1CSXgKRURBT0JnTlZCQU1NQjNSbGMzUXRZMkdDQ1FDb2wxWXVDUUtBY2pBTUJnTlZIUk1FQlRBREFRSC9NQTBHQ1NxRwpTSWIzRFFFQkN3VUFBNElCQVFER1JRZ1RtdzdVNXRQRHA5Q2psOXlLRW9Vd2pYWWM2UlAwdm1GSHpubXJ3dUVLCjFrTkVJNzhBTUw1MEpuS29CY0ljVDNEeGQ3TGdIbTNCRE5mVVh2anArNnZqaXhJYXR2UWhsSFNVaWIyZjJsSTkKVEMxNzVyNCtROFkzelc1RlFXSDdLK08vY3pJTGh5ei93aHRDUlFkQ29lS1dXZkFiby8wd0VSejZzNkhkVFJzNwpHcWlGNWZtWGp6S0lOcTBjMHRyZ0xtalNKd1hwSnU0ZnNGOEcyZUh4b2pOKzdJQ1FuSkg5cGRIRVpUQUtOL2ppCnIvem04RlZtd1kvdTBndEZneWVQY1ZWbXBqRm03Y0ZOSkc4Y2ZYd0QzcEFwVjhVOGNocTZGeFBHTkVvWFZnclMKY1VRMklaU0RJd1FFY3FvSzFKSGdCUWw2RXBaUVpWMW1DRklrdFBwSQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0t" + asserts: + - equal: + path: stringData.endpointCA + value: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURHakNDQWdLZ0F3SUJBZ0lKQUtpWFZpNEpBb0J5TUEwR0NTcUdTSWIzRFFFQkN3VUFNQkl4RURBT0JnTlYKQkFNTUIzUmxjM1F0WTJFd0hoY05NakF3T0RNd01UZ3lOVFE1V2hjTk1qQXhNREk1TVRneU5UUTVXakFTTVJBdwpEZ1lEVlFRRERBZDBaWE4wTFdOaE1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBCjA4dnV3Q2Y0SEhtR2Q2azVNTmozRW5NOG00T2RpS3czSGszd1NlOUlXQkwyVzY5WDZxenBhN2I2M3U2L05mMnkKSnZWNDVqeXplRFB6bFJycjlpbEpWaVZ1NFNqWlFjdG9jWmFCaVNsL0xDbEFDdkFaUlYvKzN0TFVTZSs1ZDY0QQpWcUhDQlZObU5xM3E3aVY0TE1aSVpRc3N6K0FxaU1Sd0pOMVVKQTZ6V0tUc2Yzc3ByQ0J2dWxJWmZsVXVETVAyCnRCTCt6cXZEc0pDdWlhNEEvU2JNT29tVmM2WnNtTGkwMjdub3dGRld3MnRpSkM5d0xMRE14NnJoVHQ4a3VvVHYKQXJpUjB4WktiRU45L1Uzb011eUVKbHZyck9YS2ZuUDUwbk8ycGNaQnZCb3pUTStYZnRvQ1d5UnhKUmI5cFNTRApKQjlmUEFtLzNZcFpMMGRKY2sxR1h3SURBUUFCbzNNd2NUQWRCZ05WSFE0RUZnUVU5NHU4WXlMdmE2MTJnT1pyCm44QnlFQ2NucVFjd1FnWURWUjBqQkRzd09ZQVU5NHU4WXlMdmE2MTJnT1pybjhCeUVDY25xUWVoRnFRVU1CSXgKRURBT0JnTlZCQU1NQjNSbGMzUXRZMkdDQ1FDb2wxWXVDUUtBY2pBTUJnTlZIUk1FQlRBREFRSC9NQTBHQ1NxRwpTSWIzRFFFQkN3VUFBNElCQVFER1JRZ1RtdzdVNXRQRHA5Q2psOXlLRW9Vd2pYWWM2UlAwdm1GSHpubXJ3dUVLCjFrTkVJNzhBTUw1MEpuS29CY0ljVDNEeGQ3TGdIbTNCRE5mVVh2anArNnZqaXhJYXR2UWhsSFNVaWIyZjJsSTkKVEMxNzVyNCtROFkzelc1RlFXSDdLK08vY3pJTGh5ei93aHRDUlFkQ29lS1dXZkFiby8wd0VSejZzNkhkVFJzNwpHcWlGNWZtWGp6S0lOcTBjMHRyZ0xtalNKd1hwSnU0ZnNGOEcyZUh4b2pOKzdJQ1FuSkg5cGRIRVpUQUtOL2ppCnIvem04RlZtd1kvdTBndEZneWVQY1ZWbXBqRm03Y0ZOSkc4Y2ZYd0QzcEFwVjhVOGNocTZGeFBHTkVvWFZnclMKY1VRMklaU0RJd1FFY3FvSzFKSGdCUWw2RXBaUVpWMW1DRklrdFBwSQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0t" +- it: should not set insecureTLSSkipVerify + template: s3-secret.yaml + set: + s3: + enabled: true + bucketName: "yourbucket" + endpoint: "https://s3.amazonaws.com" + asserts: + - isNull: + path: stringData.insecureTLSSkipVerify +- it: should set insecureTLSSkipVerify + template: s3-secret.yaml + set: + s3: + enabled: true + bucketName: "yourbucket" + endpoint: "https://s3.amazonaws.com" + insecureTLSSkipVerify: "true" + asserts: + - equal: + path: stringData.insecureTLSSkipVerify + value: "true" diff --git a/charts/rancher-backup/3.0.1-rc2/values.yaml b/charts/rancher-backup/3.0.1-rc2/values.yaml new file mode 100644 index 000000000..a24619255 --- /dev/null +++ b/charts/rancher-backup/3.0.1-rc2/values.yaml @@ -0,0 +1,79 @@ +image: + repository: rancher/backup-restore-operator + tag: v3.0.1-rc2 + +## Default s3 bucket for storing all backup files created by the backup-restore-operator +s3: + enabled: false + ## credentialSecretName if set, should be the name of the Secret containing AWS credentials. + ## To use IAM Role, don't set this field + credentialSecretName: "" + credentialSecretNamespace: "" + region: "" + bucketName: "" + folder: "" + endpoint: "" + endpointCA: "" + insecureTLSSkipVerify: false + +## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/ +## If persistence is enabled, operator will create a PVC with mountPath /var/lib/backups +persistence: + enabled: false + + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack). + ## Refer https://kubernetes.io/docs/concepts/storage/persistent-volumes/#class-1 + ## + storageClass: "-" + + ## If you want to disable dynamic provisioning by setting storageClass to "-" above, + ## and want to target a particular PV, provide name of the target volume + volumeName: "" + + ## Only certain StorageClasses allow resizing PVs; Refer https://kubernetes.io/blog/2018/07/12/resizing-persistent-volumes-using-kubernetes/ + size: 2Gi + +# Add log level flags to backup-restore +debug: false +trace: false + +# http[s] proxy server passed to backup client +# proxy: http://@:: + +# comma separated list of domains or ip addresses that will not use the proxy +noProxy: 127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,.svc,.cluster.local + +global: + cattle: + systemDefaultRegistry: "" + kubectl: + repository: rancher/kubectl + tag: v1.21.9 + +## Node labels for pod assignment +## Ref: https://kubernetes.io/docs/user-guide/node-selection/ +## +nodeSelector: {} + +## List of node taints to tolerate (requires Kubernetes >= 1.6) +tolerations: [] + +affinity: {} + +serviceAccount: + annotations: {} + +priorityClassName: "" + +# Override imagePullPolicy for image +# options: Always, Never, IfNotPresent +# Defaults to Always +imagePullPolicy: "Always" + +## Optional array of imagePullSecrets containing private registry credentials +## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ +imagePullSecrets: [] diff --git a/index.yaml b/index.yaml index bb7cdd9b6..74dfade24 100755 --- a/index.yaml +++ b/index.yaml @@ -3659,6 +3659,36 @@ entries: - assets/rancher-alerting-drivers/rancher-alerting-drivers-1.0.100.tgz version: 1.0.100 rancher-backup: + - annotations: + catalog.cattle.io/auto-install: rancher-backup-crd=match + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: Rancher Backups + catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.26.0-0' + catalog.cattle.io/namespace: cattle-resources-system + catalog.cattle.io/os: linux + catalog.cattle.io/permits-os: linux,windows + catalog.cattle.io/provides-gvr: resources.cattle.io.resourceset/v1 + catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0' + catalog.cattle.io/release-name: rancher-backup + catalog.cattle.io/scope: management + catalog.cattle.io/type: cluster-tool + catalog.cattle.io/ui-component: rancher-backup + catalog.cattle.io/upstream-version: 2.1.1 + apiVersion: v2 + appVersion: 3.0.1-rc2 + created: "2022-12-19T15:17:03.546578-05:00" + description: Provides ability to back up and restore the Rancher application running + on any Kubernetes cluster + digest: 99d7f3f9da53cde3fed861647c6b6ce874478ce2958a907ea1fca25fc88e7069 + icon: https://charts.rancher.io/assets/logos/backup-restore.svg + keywords: + - applications + - infrastructure + kubeVersion: '>= 1.16.0-0' + name: rancher-backup + urls: + - assets/rancher-backup/rancher-backup-3.0.1-rc2.tgz + version: 3.0.1-rc2 - annotations: catalog.cattle.io/auto-install: rancher-backup-crd=match catalog.cattle.io/certified: rancher @@ -4067,6 +4097,21 @@ entries: - assets/rancher-backup/rancher-backup-1.0.200.tgz version: 1.0.200 rancher-backup-crd: + - annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/hidden: "true" + catalog.cattle.io/namespace: cattle-resources-system + catalog.cattle.io/release-name: rancher-backup-crd + apiVersion: v2 + appVersion: 3.0.1-rc2 + created: "2022-12-19T15:17:04.784921-05:00" + description: Installs the CRDs for rancher-backup. + digest: d5bcca5a84775659375363d5162a0c580f73847aeced85f459b16807e55ca5dc + name: rancher-backup-crd + type: application + urls: + - assets/rancher-backup-crd/rancher-backup-crd-3.0.1-rc2.tgz + version: 3.0.1-rc2 - annotations: catalog.cattle.io/certified: rancher catalog.cattle.io/hidden: "true"