From 6b06e5abb9a701c151b3f82041f210d1e2f36c5d Mon Sep 17 00:00:00 2001
From: Prachi Damle <prachi@rancher.com>
Date: Wed, 9 Nov 2022 23:44:46 -0800
Subject: [PATCH] make forward-port fleet

---
 assets/fleet/fleet-100.1.0+up0.4.0.tgz        | Bin 0 -> 3642 bytes
 charts/fleet/100.1.0+up0.4.0/Chart.yaml       |  22 ++++
 .../100.1.0+up0.4.0/charts/gitjob/.helmignore |  23 ++++
 .../100.1.0+up0.4.0/charts/gitjob/Chart.yaml  |   5 +
 .../charts/gitjob/templates/_helpers.tpl      |  22 ++++
 .../charts/gitjob/templates/clusterrole.yaml  |  38 ++++++
 .../gitjob/templates/clusterrolebinding.yaml  |  12 ++
 .../charts/gitjob/templates/deployment.yaml   |  45 +++++++
 .../charts/gitjob/templates/leases.yaml       |  23 ++++
 .../charts/gitjob/templates/service.yaml      |  12 ++
 .../gitjob/templates/serviceaccount.yaml      |   4 +
 .../100.1.0+up0.4.0/charts/gitjob/values.yaml |  26 ++++
 .../100.1.0+up0.4.0/templates/_helpers.tpl    |  22 ++++
 .../100.1.0+up0.4.0/templates/configmap.yaml  |  24 ++++
 .../100.1.0+up0.4.0/templates/deployment.yaml |  56 +++++++++
 .../fleet/100.1.0+up0.4.0/templates/rbac.yaml | 112 ++++++++++++++++++
 .../templates/serviceaccount.yaml             |  10 ++
 charts/fleet/100.1.0+up0.4.0/values.yaml      |  60 ++++++++++
 index.yaml                                    |  26 ++++
 release.yaml                                  |   1 +
 20 files changed, 543 insertions(+)
 create mode 100644 assets/fleet/fleet-100.1.0+up0.4.0.tgz
 create mode 100644 charts/fleet/100.1.0+up0.4.0/Chart.yaml
 create mode 100644 charts/fleet/100.1.0+up0.4.0/charts/gitjob/.helmignore
 create mode 100644 charts/fleet/100.1.0+up0.4.0/charts/gitjob/Chart.yaml
 create mode 100644 charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/_helpers.tpl
 create mode 100644 charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/clusterrole.yaml
 create mode 100644 charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/clusterrolebinding.yaml
 create mode 100644 charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/deployment.yaml
 create mode 100644 charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/leases.yaml
 create mode 100644 charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/service.yaml
 create mode 100644 charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/serviceaccount.yaml
 create mode 100644 charts/fleet/100.1.0+up0.4.0/charts/gitjob/values.yaml
 create mode 100644 charts/fleet/100.1.0+up0.4.0/templates/_helpers.tpl
 create mode 100644 charts/fleet/100.1.0+up0.4.0/templates/configmap.yaml
 create mode 100644 charts/fleet/100.1.0+up0.4.0/templates/deployment.yaml
 create mode 100644 charts/fleet/100.1.0+up0.4.0/templates/rbac.yaml
 create mode 100644 charts/fleet/100.1.0+up0.4.0/templates/serviceaccount.yaml
 create mode 100644 charts/fleet/100.1.0+up0.4.0/values.yaml

diff --git a/assets/fleet/fleet-100.1.0+up0.4.0.tgz b/assets/fleet/fleet-100.1.0+up0.4.0.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..0fb2c4a8f31de931aedb3560349b9cc0e2515eb4
GIT binary patch
literal 3642
zcmV-A4#n{wiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PH<$ZyPz1^SOUTos2_vb5`qN+0Hex!TCIyz2Gv5VP|G<u~-CD
zcd5mgB6~=-6t743+YfxG)!k}Yekd|-qYB_yWU*KztBS>9Q64cw-8ml<slyvGVLyBW
z=yto^lfl6L-|cqm|Mvz*gCBZ>qkg|T==J+YKXiNj{>jk~(ES$7)FD@z$RD~-?yEky
z|0h5=7n*1)xQYURm}tU88pcFxh9MOll55eXTxr5s1Xf(yu}uCnAvzv6wun(`I-;0F
zAPJAhC>zo6Ylf0ekZZysXla>as}XTblLYylDA)NA+f$T^3Le3WH-Ca&*gFZk?Jm5A
zUf4f2zrJW}%E<&(Mq-S>6}H_N)s50PX>1}?1dQ_hYh!JOazeFg7g&cg$`dhD&Dc^*
zX@aVqPGtl!%aul{Ld!!5ZQ3I&8<Som4L{4(3FwE5@%O{i^~0CQkSJ`MY4FP%kc|Gi
zAT{j=B+H7A-Ea_gg9J0=3G$etih?%8f+tj4gp_KLsSr6CGE4#hM>wVWix>s~5;LKw
z7V;*75oH*4I$<X^=0|lrQi3X$G;{QRG91Crgp(8{wBgTGf6NpR4OcN?7|_^YjkV5H
z)bWHuKOt6pl|rpLOr%0}+^ni;8kC1yOk1zp4SQkt-}1~2^SO0%7vSvwl&~Dtx7q+U
z*#D!W(|+ClANL1)`@ajI6Ov+7Q%tWvPG155P0|RaPALFvlZ%|O3&Ci76T!RD2ca({
zD&#r{NQzv)+eo%;@g7S20Dcm3VJ1OhN|ly&`vN^i$nqhhG5m7*9>mC&{C7S?$x)+%
zvx|42P)<?8Bv%@S2nscfQDSfaZ@-dB#&Bs%&=rKSm_#Ro!I3eGSGM^tm+vEJwKj8u
z6F?q|1QW0twqWY~?7{548v(<S2ApL22B-$AfGCwuFabTLs!r+C`zwQ@Xv#5x;SCU&
zA!BgO#f-!GS-2d|`PpJLXOQHcf2AemDU5`Kv6z7vY2;v+Oo1AUoF#T?r3M0HBvKEN
zXt(y~V~npUf5$b-somRq#}iBcFJshWlyD<*m=Uf)3m}Y%SuuxsCU|Wk1*i;TI=V3v
zMkO#ZM5e-krd&uocMUH~P2O9C2u6e{G~JpN{hRtbWKw*+@pBv;xQ}kVqfX~_u27n7
z;mv=%&WKVoA(J=J>s+!o(Q7l%H-=O!CKCb*Ga`w`1Q=D?tYso5gmMK!0?mLViA1GP
zfgTeLGs+lnp&?i31jF<kaB<-{==D#-uKCw_b=d1Je?9G6CnoH6di}%Rznf35+{cr{
zP)*~*&`(>)L`+x^4295U7BZuG2k>c(P`EcGR)z@1tBWPtF%X_ut}KyaB^H=&F;HRx
zl>7bM`%6xbUEizy&5Yz)!WPd7j}@ppIwSlL=*UUArD<i`Rwp<jIkPg;?5NoeJ}lX5
zwJe1*E2vh~lEgR;-kAkWC*@g5Fk|Az;H~f%!Y9Lq6;)-43XTSIlrwe%#k9MT9s<=b
zlyQniG+pSEnPk(ctxCj<D=m>s3XjiHrQ8x$W1&NDJN+;e#uByvFtmm=f(bEA1AvU^
zv2seBGBG5~yYiY@8w}v)=tnn$URQ3s)*rwJk)T&AyFQsnjBTMQH{Q9yxWv)YFkTmy
z#yD7sh*ihvPCLzMf*mdrY%63Kn{ju7gM+{nUD*;LBe<O#itoMRm^#pe8oOeqUNAJ8
z1%HtETTUfb44d`qPyQHqEPH5yzx_Q3oY!f_>K)Gr%wZu25*+5~!W7sK?{SJOg73q-
z+YHYC(>Tc((Wp9~$H+2s0@2ylT)|D}|L#fs{69E3KHmF(yMWu<wy~^~Bea~A`0Nes
zXTJ^Kw4gno2L_RjApF%G6`Y+}93&g<OVKQol<N_+{#A8ak0O9fVez50<Og}O@_TT5
z+j$xM#T~h;8;r64#V%q@j<t67jBf3aIt&cT5RFITic6Npn5UVL*G!PaSa;(B86Pbk
zW0EuDhMAp1C@fP9UUocxi%GVXZEGb<#NC+MaE-<+mqQK4;9KW0@@-84jz$=p?cjsB
z^8K4)kr{f%$hO}8mJ`;h&rBm5%A01#L)E%3Lmeeb&n>fi*dEmFzw=rqB->&zV3Ykn
zJ?+)(|8ei+bZ`H60hL%^FSw>WiQwD{!OtWMCa6h5G>M8xo{s<vuBBiMWw5Ark`ux2
z*5kajKLJ|Ha6l`9*6l4UWbKaqCWQI?_I9yTEGdM`Xu^CRHDYLz&gZSe)!vse1<yxA
z<67_mDwIm6e@CGpP^xKcaen3+3{M8gV_0c-ezwAL?F?P(umPh?VZ+I|6~U6$2Hg3)
zpjw=AOnYAl(6VQbDt`rLXe&#s0kq5#u0uC<Rcv?eS%>dxt1aB&s1-qT6IWerQk+@W
z^-~~J+f@&o>l#<FN)(n;JHz2vi0ey?kv2)#YJGXRQ>w@L@R!T?7ZOMGYqe>uaz1a_
zX7k1Ir*8k<DcGF*wzmOnivRYGSM2}M>B-*y?*hv9pJbWp6q~@0g(Tc(7f>0-kquP%
zbG{Wbdr9cyab8?WmNhhoVq5SHOFbH36&mZQ04x|WV5$h^D2tZHhn+6TwEb{Coc;Xv
z>f-GDZBgT$?w_QXM5RK25k;0<;;35c%P)u?M+NgsyHViQPEjr*IiIgE^k1JoU3|W{
z{P;hAt#f3I_x;*mJ%zxBkN0TpBbep(i(^8m$XzkOi-+v}MHjTT?}Od=Yt@>hFrU9D
zdR!x;6^6=p46PN44W2;J+{S=;QkEjyRYOm;<+cH+>TI{$ws5ti&2WmWRDOF4zvV(>
zm6{D_ZCC)$1s57h+d}D@c7-LXOnKX3-9=hqoJ*>2&IQ-_RhN~*MoTXwol=G=zEv?{
z#NFw-XxtK0B1t}Sc5^9&{)sYlvf)E`i+<#k#&{OTB6qv#+V!nP8*hQ~nB~d3Gj9mL
z1E)MeuHhA|20F^*Ts3I%S2AJE7{5cER%OO2k;^r_Rl)+B*eeGp8o4VYY+!EfV#=JK
zsSkpi1*$BIulhxywAbg|YWbg~$TMH@+#B5<8lmq0$sviiod>YV{~H_~)#Jatqwe1S
z+Xa;UKfCrM*JB~+Kdi|JuU{#bezb@T_=BQgcptA&=FDXXk&IenU>&ixPX}72A=%3=
zC2|>~$9VD5Z0A#y!&1Qtom!gIW69WCwOY%<cT@JG-++kQfYc+2x&y1DSVY?HLu~ER
ztoGqU-cm5ndZ}PYc|v*W%9j|msv0vvyWI{RFDL)$2;WOw1VisyFUEgIZvnunP_93q
z<ijr*Yb%Ye*;U1-Sl_a8=Y4w{Ub>XIuym$>)EqrkiJAoLK|&P^Ars2)7AHH_ElI_0
z#Nk`X!4vi19wTlSQKPks?hM+!tlW;Yw#@Xm)8A4rk6ytNjr-{Ib8pQ%fx7=!-RHLB
z32yNJy8WZ$n*VpwKicR2?*tm}e`@-44^zEjZ5~gnq@~Y2Io|;|{jVh8Z~ZmUCjIZN
z-v4&{{k{J00`7e4(F>3I)#n)Jg_^p|Nttu_B8CcvL}3Dgo1-1z6wMi_^7La`Bm3L~
z--CrF{onR$kWKj?y_Nm{xPQ{y>;EpmE%~~a8pX4%#Ul-?x`D=PE%>@duC|?P%2cK4
z>0{E9zn|>=e~L`(O2YMX3-=y2LX-X9b~gAX`@fq1eLCpv^Z#}N`~2^H{`Wrr`}>8v
z?SJX&=n2PxjsAbPTebiF?on?a|Jw;{^*+NN7yR7?K<)Ozr5Ck^M8{*7PF1<baMdrq
zh@o<+T*ZZkud%lr%{14O%S5t<obmo&EI+1L{xma8KBhl^#k<83EbsIlOtgN_zP1yO
zsah)~9i@rReMPP7*2~s&%kLhZ2KToAK0n|w+rXyy@1S3||Gksref)PP@GWkLofx&f
z#BB3c*l#e)8(?FF*4zQFeDzT6&KFiMec}7_ZSU6q?Ysurp#S#Eero<-Z?O0Ob^?!l
z|FKZS2fh06E=B8cuRThwtFJtoa>GkX-}DT`m<|6d;XzLl%lY%hv0D2s!PmQo39VAD
z`-)9kuvmLju*{My6>WM>(Db07F>T)=`ar#%h)UJt=ERX(KPSF^bxtZza$v)=99aJ}
z2kv;D1NVNSv-yz@Y<j2z_j_wor?dKC=MjV&9_}<#X?VQTAS?UV6c2w*@!U53A#nHp
z?~*^CdK0|K|3B%S*5m*E!9M?gC$OEI<@*JG8uE?T2PB;6tqVJBKl^wwge~M8KjD<J
z^Yy=5|GjJVL<6u%|NAH1)%(Bw`|q8=T{)YZ{r*fy?G<z3e~h)x+OHN50S!U~%a2lM
z5epW<r}K-&CQf9E`obex)ar4f;{8AOeEqY*z4ZTy+2EV>zk7OIKmVVe?(hG10*}kt
zey-hW58H+&{SU{;Chm)Yw$jHY{Xbs$`wz$cqka5;CvX54L~E2Tzr`&&%*M!Jm{Vqa
zWynZ;O;S{0aNxcNSLK=A_(6@4F-Vyhx|kp3=^;pDMAIqSZ>24j6P^SIz%g}Si2H}k
zejyPiFr#`5|MJHWK5}+rzW_ILEJ21gJqN=e{PF7Zl@|7^u+PP0A~^hdegz4YDhN}m
zJNBnzKM05akRAJTQ7}$B=Evfrn)1$)(2&H}d1n6_feK!RYL*2r!y&m2UWR&NeixFa
z!OQ;*4&YZJsmK+)`|+&`!b}R|;0Ga1kaQfn6kmdHs$!8~=egH*4|~|d9`1tw3jhHB
M|GE9C)BtJ#0Ko7(T>t<8

literal 0
HcmV?d00001

diff --git a/charts/fleet/100.1.0+up0.4.0/Chart.yaml b/charts/fleet/100.1.0+up0.4.0/Chart.yaml
new file mode 100644
index 000000000..e203823ac
--- /dev/null
+++ b/charts/fleet/100.1.0+up0.4.0/Chart.yaml
@@ -0,0 +1,22 @@
+annotations:
+  catalog.cattle.io/auto-install: fleet-crd=match
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/experimental: "true"
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.25.0-0'
+  catalog.cattle.io/namespace: cattle-fleet-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/provides-gvr: clusters.fleet.cattle.io/v1alpha1
+  catalog.cattle.io/rancher-version: '>= 2.6.0-0 < 2.7.0-0'
+  catalog.cattle.io/release-name: fleet
+apiVersion: v2
+appVersion: 0.4.0
+dependencies:
+- condition: gitops.enabled
+  name: gitjob
+  repository: file://./charts/gitjob
+description: Fleet Manager - GitOps at Scale
+icon: https://charts.rancher.io/assets/logos/fleet.svg
+name: fleet
+version: 100.1.0+up0.4.0
diff --git a/charts/fleet/100.1.0+up0.4.0/charts/gitjob/.helmignore b/charts/fleet/100.1.0+up0.4.0/charts/gitjob/.helmignore
new file mode 100644
index 000000000..691fa13d6
--- /dev/null
+++ b/charts/fleet/100.1.0+up0.4.0/charts/gitjob/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
\ No newline at end of file
diff --git a/charts/fleet/100.1.0+up0.4.0/charts/gitjob/Chart.yaml b/charts/fleet/100.1.0+up0.4.0/charts/gitjob/Chart.yaml
new file mode 100644
index 000000000..5fb993ef1
--- /dev/null
+++ b/charts/fleet/100.1.0+up0.4.0/charts/gitjob/Chart.yaml
@@ -0,0 +1,5 @@
+apiVersion: v2
+appVersion: 0.1.32
+description: Controller that run jobs based on git events
+name: gitjob
+version: 0.1.32
diff --git a/charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/_helpers.tpl b/charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/_helpers.tpl
new file mode 100644
index 000000000..6cd96c3ac
--- /dev/null
+++ b/charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/_helpers.tpl
@@ -0,0 +1,22 @@
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+kubernetes.io/os: linux
+{{- end -}}
\ No newline at end of file
diff --git a/charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/clusterrole.yaml b/charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/clusterrole.yaml
new file mode 100644
index 000000000..bcad90164
--- /dev/null
+++ b/charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/clusterrole.yaml
@@ -0,0 +1,38 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: gitjob
+rules:
+  - apiGroups:
+      - "batch"
+    resources:
+      - 'jobs'
+    verbs:
+      - '*'
+  - apiGroups:
+      - ""
+    resources:
+      - 'pods'
+    verbs:
+      - 'list'
+      - 'get'
+      - 'watch'
+  - apiGroups:
+      - ""
+    resources:
+      - 'secrets'
+    verbs:
+      - '*'
+  - apiGroups:
+      - ""
+    resources:
+      - 'configmaps'
+    verbs:
+      - '*'
+  - apiGroups:
+      - "gitjob.cattle.io"
+    resources:
+      - "gitjobs"
+      - "gitjobs/status"
+    verbs:
+      - "*"
\ No newline at end of file
diff --git a/charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/clusterrolebinding.yaml b/charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/clusterrolebinding.yaml
new file mode 100644
index 000000000..0bf07c4ef
--- /dev/null
+++ b/charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/clusterrolebinding.yaml
@@ -0,0 +1,12 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: gitjob-binding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: gitjob
+subjects:
+  - kind: ServiceAccount
+    name: gitjob
+    namespace: {{ .Release.Namespace }}
\ No newline at end of file
diff --git a/charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/deployment.yaml b/charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/deployment.yaml
new file mode 100644
index 000000000..86bb61edd
--- /dev/null
+++ b/charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/deployment.yaml
@@ -0,0 +1,45 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: gitjob
+spec:
+  selector:
+    matchLabels:
+      app: "gitjob"
+  template:
+    metadata:
+      labels:
+        app: "gitjob"
+    spec:
+      serviceAccountName: gitjob
+      containers:
+        - image: "{{ template "system_default_registry" . }}{{ .Values.gitjob.repository }}:{{ .Values.gitjob.tag }}"
+          name: gitjob
+          command:
+          - gitjob
+          {{- if .Values.debug }}
+          - --debug
+          {{- end }}
+          - --tekton-image
+          - "{{ template "system_default_registry" . }}{{ .Values.tekton.repository }}:{{ .Values.tekton.tag }}"
+          env:
+            - name: NAMESPACE
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.namespace
+          {{- if .Values.proxy }}
+            - name: HTTP_PROXY
+              value: {{ .Values.proxy }}
+            - name: HTTPS_PROXY
+              value: {{ .Values.proxy }}
+            - name: NO_PROXY
+              value: {{ .Values.noProxy }}
+          {{- end }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 8 }}
+{{- end }}
diff --git a/charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/leases.yaml b/charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/leases.yaml
new file mode 100644
index 000000000..51f933950
--- /dev/null
+++ b/charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/leases.yaml
@@ -0,0 +1,23 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: gitjob
+rules:
+  - apiGroups:
+      - "coordination.k8s.io"
+    resources:
+      - "leases"
+    verbs:
+      - "*"
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: gitjob
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: gitjob
+subjects:
+  - kind: ServiceAccount
+    name: gitjob
diff --git a/charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/service.yaml b/charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/service.yaml
new file mode 100644
index 000000000..bf57c1b55
--- /dev/null
+++ b/charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/service.yaml
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: gitjob
+spec:
+  ports:
+    - name: http-80
+      port: 80
+      protocol: TCP
+      targetPort: 8080
+  selector:
+    app: "gitjob"
\ No newline at end of file
diff --git a/charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/serviceaccount.yaml b/charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/serviceaccount.yaml
new file mode 100644
index 000000000..5f8aecb04
--- /dev/null
+++ b/charts/fleet/100.1.0+up0.4.0/charts/gitjob/templates/serviceaccount.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: gitjob
diff --git a/charts/fleet/100.1.0+up0.4.0/charts/gitjob/values.yaml b/charts/fleet/100.1.0+up0.4.0/charts/gitjob/values.yaml
new file mode 100644
index 000000000..23b96c32f
--- /dev/null
+++ b/charts/fleet/100.1.0+up0.4.0/charts/gitjob/values.yaml
@@ -0,0 +1,26 @@
+gitjob:
+  repository: rancher/gitjob
+  tag: v0.1.32
+
+tekton:
+  repository: rancher/tekton-utils
+  tag: v0.1.7
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+
+# http[s] proxy server
+# proxy: http://<username>@<password>:<url>:<port>
+
+# comma separated list of domains or ip addresses that will not use the proxy
+noProxy: 127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,.svc,.cluster.local
+
+## Node labels for pod assignment
+## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+##
+nodeSelector: {}
+## List of node taints to tolerate (requires Kubernetes >= 1.6)
+tolerations: []
+
+debug: false
diff --git a/charts/fleet/100.1.0+up0.4.0/templates/_helpers.tpl b/charts/fleet/100.1.0+up0.4.0/templates/_helpers.tpl
new file mode 100644
index 000000000..6cd96c3ac
--- /dev/null
+++ b/charts/fleet/100.1.0+up0.4.0/templates/_helpers.tpl
@@ -0,0 +1,22 @@
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+kubernetes.io/os: linux
+{{- end -}}
\ No newline at end of file
diff --git a/charts/fleet/100.1.0+up0.4.0/templates/configmap.yaml b/charts/fleet/100.1.0+up0.4.0/templates/configmap.yaml
new file mode 100644
index 000000000..6b8d6f05a
--- /dev/null
+++ b/charts/fleet/100.1.0+up0.4.0/templates/configmap.yaml
@@ -0,0 +1,24 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: fleet-controller
+data:
+  config: |
+    {
+      "agentImage": "{{ template "system_default_registry" . }}{{.Values.agentImage.repository}}:{{.Values.agentImage.tag}}",
+      "agentImagePullPolicy": "{{ .Values.agentImage.imagePullPolicy }}",
+      "apiServerURL": "{{.Values.apiServerURL}}",
+      "apiServerCA": "{{b64enc .Values.apiServerCA}}",
+      "agentCheckinInterval": "{{.Values.agentCheckinInterval}}",
+      "ignoreClusterRegistrationLabels": {{.Values.ignoreClusterRegistrationLabels}},
+      "bootstrap": {
+        "paths": "{{.Values.bootstrap.paths}}",
+        "repo": "{{.Values.bootstrap.repo}}",
+        "secret": "{{.Values.bootstrap.secret}}",
+        "branch":  "{{.Values.bootstrap.branch}}",
+        "namespace": "{{.Values.bootstrap.namespace}}",
+        "agentNamespace": "{{.Values.bootstrap.agentNamespace}}",
+      },
+      "webhookReceiverURL": "{{.Values.webhookReceiverURL}}",
+      "githubURLPrefix": "{{.Values.githubURLPrefix}}"
+    }
diff --git a/charts/fleet/100.1.0+up0.4.0/templates/deployment.yaml b/charts/fleet/100.1.0+up0.4.0/templates/deployment.yaml
new file mode 100644
index 000000000..c2a952f18
--- /dev/null
+++ b/charts/fleet/100.1.0+up0.4.0/templates/deployment.yaml
@@ -0,0 +1,56 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: fleet-controller
+spec:
+  selector:
+    matchLabels:
+      app: fleet-controller
+  template:
+    metadata:
+      labels:
+        app: fleet-controller
+    spec:
+      containers:
+      - env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        {{- if .Values.proxy }}
+        - name: HTTP_PROXY
+          value: {{ .Values.proxy }}
+        - name: HTTPS_PROXY
+          value: {{ .Values.proxy }}
+        - name: NO_PROXY
+          value: {{ .Values.noProxy }}
+        {{- end }}
+        image: '{{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}'
+        name: fleet-controller
+        imagePullPolicy: "{{ .Values.image.imagePullPolicy }}"
+        command:
+        - fleetcontroller
+        {{- if .Values.debug }}
+        - --debug
+        - --debug-level
+        - {{ quote .Values.debugLevel }}
+        {{- end }}
+        {{- if not .Values.gitops.enabled }}
+        - --disable-gitops
+        {{- end }}
+        securityContext:
+          allowPrivilegeEscalation: false
+          readOnlyRootFilesystem: true
+      serviceAccountName: fleet-controller
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 8 }}
+{{- end }}
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+        runAsGroup: 1000
diff --git a/charts/fleet/100.1.0+up0.4.0/templates/rbac.yaml b/charts/fleet/100.1.0+up0.4.0/templates/rbac.yaml
new file mode 100644
index 000000000..d9f9c4a1f
--- /dev/null
+++ b/charts/fleet/100.1.0+up0.4.0/templates/rbac.yaml
@@ -0,0 +1,112 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: fleet-controller
+rules:
+- apiGroups:
+  - gitjob.cattle.io
+  resources:
+  - '*'
+  verbs:
+  - '*'
+- apiGroups:
+  - fleet.cattle.io
+  resources:
+  - '*'
+  verbs:
+  - '*'
+- apiGroups:
+  - ""
+  resources:
+  - namespaces
+  - serviceaccounts
+  verbs:
+  - '*'
+- apiGroups:
+  - ""
+  resources:
+  - secrets
+  - configmaps
+  verbs:
+  - '*'
+- apiGroups:
+  - rbac.authorization.k8s.io
+  resources:
+  - clusterroles
+  - clusterrolebindings
+  - roles
+  - rolebindings
+  verbs:
+  - '*'
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: fleet-controller
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: fleet-controller
+subjects:
+- kind: ServiceAccount
+  name: fleet-controller
+  namespace: {{.Release.Namespace}}
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: fleet-controller
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  verbs:
+  - '*'
+- apiGroups:
+  - coordination.k8s.io
+  resources:
+  - leases
+  verbs:
+  - '*'
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: fleet-controller
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: fleet-controller
+subjects:
+- kind: ServiceAccount
+  name: fleet-controller
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: fleet-controller-bootstrap
+rules:
+- apiGroups:
+  - '*'
+  resources:
+  - '*'
+  verbs:
+  - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: fleet-controller-bootstrap
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: fleet-controller-bootstrap
+subjects:
+- kind: ServiceAccount
+  name: fleet-controller-bootstrap
+  namespace: {{.Release.Namespace}}
diff --git a/charts/fleet/100.1.0+up0.4.0/templates/serviceaccount.yaml b/charts/fleet/100.1.0+up0.4.0/templates/serviceaccount.yaml
new file mode 100644
index 000000000..bd99d9958
--- /dev/null
+++ b/charts/fleet/100.1.0+up0.4.0/templates/serviceaccount.yaml
@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: fleet-controller
+
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: fleet-controller-bootstrap
diff --git a/charts/fleet/100.1.0+up0.4.0/values.yaml b/charts/fleet/100.1.0+up0.4.0/values.yaml
new file mode 100644
index 000000000..558ea4383
--- /dev/null
+++ b/charts/fleet/100.1.0+up0.4.0/values.yaml
@@ -0,0 +1,60 @@
+image:
+  repository: rancher/fleet
+  tag: v0.4.0
+  imagePullPolicy: IfNotPresent
+
+agentImage:
+  repository: rancher/fleet-agent
+  tag: v0.4.0
+  imagePullPolicy: IfNotPresent
+
+# For cluster registration the public URL of the Kubernetes API server must be set here
+# Example: https://example.com:6443
+apiServerURL: ""
+
+# For cluster registration the pem encoded value of the CA of the Kubernetes API server must be set here
+# If left empty it is assumed this Kubernetes API TLS is signed by a well known CA.
+apiServerCA: ""
+
+# A duration string for how often agents should report a heartbeat
+agentCheckinInterval: "15m"
+
+# Whether you want to allow cluster upon registration to specify their labels.
+ignoreClusterRegistrationLabels: false
+
+# http[s] proxy server
+# proxy: http://<username>@<password>:<url>:<port>
+
+# comma separated list of domains or ip addresses that will not use the proxy
+noProxy: 127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,.svc,.cluster.local
+
+bootstrap:
+  # The namespace that will be autocreated and the local cluster will be registered in
+  namespace: fleet-local
+  # The namespace where the fleet agent for the local cluster will be ran, if empty
+  # this will default to cattle-fleet-system
+  agentNamespace: ""
+  # A repo to add at install time that will deploy to the local cluster. This allows
+  # one to fully bootstrap fleet, it's configuration and all it's downstream clusters
+  # in one shot.
+  repo: ""
+  secret: ""
+  branch: master
+  paths: ""
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+
+## Node labels for pod assignment
+## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+##
+nodeSelector: {}
+## List of node taints to tolerate (requires Kubernetes >= 1.6)
+tolerations: []
+
+gitops:
+  enabled: true
+
+debug: false
+debugLevel: 0
diff --git a/index.yaml b/index.yaml
index 1eb845c1a..59af01072 100755
--- a/index.yaml
+++ b/index.yaml
@@ -91,6 +91,32 @@ entries:
     urls:
     - assets/fleet/fleet-101.0.0+up0.5.0-rc4.tgz
     version: 101.0.0+up0.5.0-rc4
+  - annotations:
+      catalog.cattle.io/auto-install: fleet-crd=match
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/experimental: "true"
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.25.0-0'
+      catalog.cattle.io/namespace: cattle-fleet-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/provides-gvr: clusters.fleet.cattle.io/v1alpha1
+      catalog.cattle.io/rancher-version: '>= 2.6.0-0 < 2.7.0-0'
+      catalog.cattle.io/release-name: fleet
+    apiVersion: v2
+    appVersion: 0.4.0
+    created: "2022-11-09T23:44:14.07447-08:00"
+    dependencies:
+    - condition: gitops.enabled
+      name: gitjob
+      repository: file://./charts/gitjob
+    description: Fleet Manager - GitOps at Scale
+    digest: 424cf4f0fb718d547d2488de877fe82ba8d3fa11fdfe4e4f2ee8fa9f4c5ad1d1
+    icon: https://charts.rancher.io/assets/logos/fleet.svg
+    name: fleet
+    urls:
+    - assets/fleet/fleet-100.1.0+up0.4.0.tgz
+    version: 100.1.0+up0.4.0
   - annotations:
       catalog.cattle.io/auto-install: fleet-crd=match
       catalog.cattle.io/certified: rancher
diff --git a/release.yaml b/release.yaml
index 18b6b784c..b8bce42bb 100644
--- a/release.yaml
+++ b/release.yaml
@@ -4,6 +4,7 @@ epinio-crd:
   - 100.0.0+up1.2.1
 fleet:
   - 101.0.0+up0.5.0-rc4
+  - 100.1.0+up0.4.0
 fleet-agent:
   - 101.0.0+up0.5.0-rc4
 fleet-crd: