From c6d6d5e5f8373067d1ada06d6ae6bdba9a946d5c Mon Sep 17 00:00:00 2001
From: Geet Samra <amangeet.samra@suse.com>
Date: Mon, 13 Feb 2023 14:33:03 -0800
Subject: [PATCH] forward port fleet-agent-0.3.1000+up0.3.10-security1

---
 ...leet-agent-0.3.1000+up0.3.10-security1.tgz | Bin 0 -> 2622 bytes
 .../0.3.1000+up0.3.10-security1/Chart.yaml    |  13 ++++
 .../templates/_helpers.tpl                    |  22 ++++++
 .../templates/configmap.yaml                  |  12 ++++
 .../templates/deployment.yaml                 |  37 ++++++++++
 .../templates/network_policy_allow_all.yaml   |  15 +++++
 .../patch_default_serviceaccount.yaml         |  28 ++++++++
 .../templates/rbac.yaml                       |  25 +++++++
 .../templates/secret.yaml                     |  10 +++
 .../templates/serviceaccount.yaml             |   4 ++
 .../templates/validate.yaml                   |  11 +++
 .../0.3.1000+up0.3.10-security1/values.yaml   |  63 ++++++++++++++++++
 index.yaml                                    |  17 +++++
 release.yaml                                  |   2 +
 14 files changed, 259 insertions(+)
 create mode 100644 assets/fleet-agent/fleet-agent-0.3.1000+up0.3.10-security1.tgz
 create mode 100644 charts/fleet-agent/0.3.1000+up0.3.10-security1/Chart.yaml
 create mode 100644 charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/_helpers.tpl
 create mode 100644 charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/configmap.yaml
 create mode 100644 charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/deployment.yaml
 create mode 100644 charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/network_policy_allow_all.yaml
 create mode 100644 charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/patch_default_serviceaccount.yaml
 create mode 100644 charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/rbac.yaml
 create mode 100644 charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/secret.yaml
 create mode 100644 charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/serviceaccount.yaml
 create mode 100644 charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/validate.yaml
 create mode 100644 charts/fleet-agent/0.3.1000+up0.3.10-security1/values.yaml

diff --git a/assets/fleet-agent/fleet-agent-0.3.1000+up0.3.10-security1.tgz b/assets/fleet-agent/fleet-agent-0.3.1000+up0.3.10-security1.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..5cfcf0ca66a5e43558894b40870d45a407f16b1f
GIT binary patch
literal 2622
zcmV-E3c>XsiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PGuoZ`(Guf9q2`C>Xl!B3X74cMxy~<kD{FF6$Ldx5Hr@3R-%$
zd7(&+q?~!0zx#otBulaqH(i!q4}O362l?L9BlUiZnlnTlkOgu*x>ypa!!^m+lLv(;
zilXW1sr`<ksQ(>3n~a}~Pfw;N)97p*jh{s0lauMm6NnyGjA1C0Ch|%2hp*LN+$REr
zbD@c*f~(jANQfp(EW(6n%`l{5l%UjfPBD!^5}qtk4x%k-nj(+E*Rnu=5QUQrRZbF&
z!3_pZ`P5oz%mzt>ih)sH{5m+Bqs*vQL4$RCLwPE0)F8G*hD2dt#E7A#_a4dV4=5EC
zJciZ8BYEEZjlz>~90dxKLQ=gRdnu|!(p=lwuMHFUj&QO-3Fn3x1n>>j|I8H-4Oa<a
z=+VUBF15~8JQ^j&$W&PEr4fuMg<6f6SO_(;a)oNO@OI@~b)|};zZCh7fcL!rZTnvl
zR-k%#2e8NfPfo_q`u0DaoE_}{F@R=dfyVNU5&4z<99wHLRxB|WifSR(jrot-DhZ&;
zB8JtD8hS_Yc8QP|Ge#5m{>>$bIp`(AKZ+Sjjv5u5zkUe{<q9Rpf^*6j7NcubS)nw{
z5EN=yqD1cqUi?b3oZ;4{&<%u%$l~eg>4~xEE6e!%H<vN^el3n+pJN8d6Om#HR^w~Q
zF3vwt#?U*0mvdk^*MM2B*FZH;1w^SL!xZ$Asy@%RmsbWw(FMm8W@{jDgN(s77dIR(
z&cp2*F3#IaNLZn?kp>r3X=z=zTZgB`wROQ3_ma$zDbNB)nwl@&A}(^lyBq{(>(E?a
z4MZYvp$#3TK<0+P5YI`XL+^-L#<6z<Fc%_*8IfDrsBwWWpVu2%U(ZOPlt?Ji2sczO
zJ%{@8d3$M1fasIopcTpqZ2mhAcJkFWstj>T1lNQ%_pKsQ-Nh?RBx>ckNc5&P)#C2d
zzGhHIE$;|k+qeR$u)CHl312u(n;{c7Msc;de8Cwi1#3}&M8eqG-fOs75^V>~3R6M(
z!lPWH<b)ZsbeGu?qluZBRl)R)3vRD=Vn)3oBE>6Ym}nt^aH9|m-4Yedg}cF)0#eMG
zSZ9XVGO}UKh;noUuSAOA6u?sDA~iRbE_mj=!O;=C!THuQuN$p5kuDX98Wjp<uqbGX
zBO_IytXNd=k)`*bBWw)i#__$RN*l#6vtaJ2w%T1S1mSauzZ6tr$JGAzR~U!WFN~ks
zE;xoCfA)-IiDv&_3-bU1xW;vCnS}`xMVd>oqAAL-D{{dpr<xK*f5X%R01&z1V<hum
z{8A9++fnOUT6rA+&gYou7+#61WQl3P(DN2d%$&lyge$g~PD`KToD@t~X0^6<3eejB
z;V@Gn*m)OZ#^Gcfo_Su1vtkj$oG^v%&n2#q#Sq;$`#C^6|I?V|jA&G&cS~eBN)_t-
z0aC#|`QJF2p7!#;vu9_|4*B0>Kv@Qm;+%2>-<j*X)Y<F1Dnzb*2sRtfAksO6Ke!^n
z8GKz{4H|kwmP^X@9Q@DJ$p0V)$P_kz{H;95)1BX5S&qK+{^b(cZ3aOZvx!i(IOk`r
ztGBtX^_S|{Gbk=>yWw`2)B<jVyk>%=3KCJU)aIp?53F)5p|H)-`*KvtS8uYN3~YdC
zF?VaKe7D~&fQ_%LeQ=YO*Dl!K`d~A>>%n_FGbo0tB9fD#8zr^{c#G4=*4YC*91Q#a
zMDRIXWF&u(X28Dw-^oee|4%1}{@>%kHRWjx7xsRCNAhkjZ0u#INlG*^Y1(c>s-AJ`
z62tF-&DKi$2~d{ph*4$Nn@u(Ay8%BgOD(=tg7+{to8v7X<9W7}b@AxOep%L3_26dX
z($vi%8GH{Iw*PGn_z(_YkNr=gNx%O$J&VQ%`+p2*+dIi~HCl~5=M$c9`v7-)0hME7
zTNQO>Yt1hsI$2&;y&`9~B+t8)0JX|hG_C6xU>)*71_1Tt4OHD8lns$dT2@;QK_&mI
z^Y30<y*|Hq(acm?*4I*GacdA@PLZXi_V0{V<FAQc#*N%z(|2lcU4IpxmSwZnI}+^>
zHk++Sv$Wy1Hr{OF{-h?0&E{!ywcVRj&m<zt2v6HPVbQu+y(Hh()?2@8h=RZl?v4b^
z)Znf0vV>m>p|Q)&R_bk*bza#FDU>Uk;CYgWg6rLmR<+V@E2RX=6IP_RWws&w4xI87
zxrVP`x18B_y24JY%wmET|0WsRi~KwEuh3aorvr71#GR7h9zwV4lzlR{ac>j(W4omT
zJQ57Ye~#Ley6<wqXtI7s7!x<<^TV=%z4`xi(vAO<@#*-`|9KP$f}oT0S9hNBMR@&{
zZ2>e1!7DfQ+UmqWPEdujz-o*6tY)eQ7iHNvqxu0y*n7HRd{7<EbCLF1<&-ZZs;bFt
zN3cKO^!4pJ$7=MYqp`nVxSt<;$N#rr*#2{qyfyhr6_JUH$oKaFd-MOZzWq-o2m5~<
z=-dCy-1)7|e=BAKmTuLfKD|RcfZi!00Dp-r3)OP86yn;CAs0#qlq*dbJ9htyd?87S
zyXZlR3^fMMnEe>+pem9CF~#&4W;hoT13R2ZwAXF?Mz^A97YFZ`SV}Ysp`DjAPH$yT
zJl$4ZxDBzJ&`J3H`y~ARrg-(}tCjkL&HZn~)5K)yepiOq1!MIpc1e3E?ToxG72rp|
zx`2NSzP;z>N7oyek!o4yXONrE@+Y4ZT4V;{s<Z2F#WnJu{OaM|#{YR++sTD8mkhXn
z{GPGm=Rc<wsCRXLAux#f*i}HI1p7*WA;dd`osr~P%;%RhqdJCrA1ph-CjrCpU(QJK
zaOVK`KL3rP{`23-czTHcj{)u2Z|^!O^ioLrn{^O7HNb^?p87^Gyt^w{olpweL()*m
zf|=wz0Fu*hq$u(#Q-Av9Q+wV}i9#mW8C;>9wFbO?&T>Dw|4w;I`QpRG4`vm$`BOCo
z>xJAQhzGE{fA`rnRm}c_iMAW(ICbOdU}LsdeudQ`v9O7un~gVY|L#ECLwSIG_5az)
zq;LPz=y3k`QK0v{uQrG~PeS@-Ih&p$Pny)?4s@574jk6pVbaHOl=Y$39dtY4aC*mm
zcTn5&Jqmlc_I84cbAw-7oH2?$eq$ztHhYkNBKgv7_W#E!{x0mZ|8dl}|7RzYL;Qaf
z=-K~ZY`OdK-^X6T0saUK+y9C%ni7o<lL73_|98*-jH5&U?@^#E=^Qx1ZgTiu-TJbG
zIiU<bug`eCT~Y=19k=GqovQ7JDNt_TGuXbJ@tFdm>{#`7o}FvE7k{r9UpP6Cr|yj7
zz<PFh?7lYfu~xGy$<Ts?9!zH1Li?Qws-Svpz#dF>FHjxZS3feLG%$LNYz>4d(N2c^
g_O(B@ZXVzO2ROh1{yg|^00030|4o7VYyd(40P86)VgLXD

literal 0
HcmV?d00001

diff --git a/charts/fleet-agent/0.3.1000+up0.3.10-security1/Chart.yaml b/charts/fleet-agent/0.3.1000+up0.3.10-security1/Chart.yaml
new file mode 100644
index 000000000..cd07ba5a2
--- /dev/null
+++ b/charts/fleet-agent/0.3.1000+up0.3.10-security1/Chart.yaml
@@ -0,0 +1,13 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/namespace: cattle-fleet-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/release-name: fleet-agent
+apiVersion: v2
+appVersion: 0.3.10-security1
+description: Fleet Manager Agent - GitOps at Scale
+icon: https://charts.rancher.io/assets/logos/fleet.svg
+name: fleet-agent
+version: 0.3.1000+up0.3.10-security1
diff --git a/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/_helpers.tpl b/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/_helpers.tpl
new file mode 100644
index 000000000..6cd96c3ac
--- /dev/null
+++ b/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/_helpers.tpl
@@ -0,0 +1,22 @@
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+kubernetes.io/os: linux
+{{- end -}}
\ No newline at end of file
diff --git a/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/configmap.yaml b/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/configmap.yaml
new file mode 100644
index 000000000..ce61a8756
--- /dev/null
+++ b/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/configmap.yaml
@@ -0,0 +1,12 @@
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: fleet-agent
+data:
+  config: |-
+    {
+      {{ if .Values.labels }}
+      "labels":{{toJson .Values.labels}},
+      {{ end }}
+      "clientID":"{{.Values.clientID}}"
+    }
diff --git a/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/deployment.yaml b/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/deployment.yaml
new file mode 100644
index 000000000..1bf359ef7
--- /dev/null
+++ b/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/deployment.yaml
@@ -0,0 +1,37 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: fleet-agent
+spec:
+  selector:
+    matchLabels:
+      app: fleet-agent
+  template:
+    metadata:
+      labels:
+        app: fleet-agent
+    spec:
+      containers:
+      - env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              fieldPath: metadata.namespace
+        image: '{{ template "system_default_registry" . }}{{.Values.image.repository}}:{{.Values.image.tag}}'
+        name: fleet-agent
+        command:
+        - fleetagent
+        {{- if .Values.debug }}
+        - --debug
+        - --debug-level
+        - {{ quote .Values.debugLevel }}
+        {{- end }}
+      serviceAccountName: fleet-agent
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.fleetAgent.nodeSelector }}
+{{ toYaml .Values.fleetAgent.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.fleetAgent.tolerations }}
+{{ toYaml .Values.fleetAgent.tolerations | indent 8 }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/network_policy_allow_all.yaml b/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/network_policy_allow_all.yaml
new file mode 100644
index 000000000..a72109a06
--- /dev/null
+++ b/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/network_policy_allow_all.yaml
@@ -0,0 +1,15 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: default-allow-all
+  namespace: {{ .Values.internal.systemNamespace }}
+spec:
+  podSelector: {}
+  ingress:
+  - {}
+  egress:
+  - {}
+  policyTypes:
+  - Ingress
+  - Egress
diff --git a/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/patch_default_serviceaccount.yaml b/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/patch_default_serviceaccount.yaml
new file mode 100644
index 000000000..aad4eea41
--- /dev/null
+++ b/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/patch_default_serviceaccount.yaml
@@ -0,0 +1,28 @@
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: patch-fleet-sa
+  annotations:
+    "helm.sh/hook": post-install, post-upgrade
+    "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation
+spec:
+  template:
+    spec:
+      serviceAccountName: fleet-agent
+      restartPolicy: Never
+      containers:
+      - name: sa
+        image: "{{ template "system_default_registry" . }}{{ .Values.global.kubectl.repository }}:{{ .Values.global.kubectl.tag }}"
+        imagePullPolicy: {{ .Values.global.imagePullPolicy }}
+        command: ["kubectl", "patch", "serviceaccount", "default", "-p", "{\"automountServiceAccountToken\": false}"]
+        args: ["-n", {{ .Values.internal.systemNamespace }}]
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.kubectl.nodeSelector }}
+{{ toYaml .Values.kubectl.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.kubectl.tolerations }}
+{{ toYaml .Values.kubectl.tolerations | indent 8 }}
+{{- end }}
+  backoffLimit: 1
diff --git a/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/rbac.yaml b/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/rbac.yaml
new file mode 100644
index 000000000..805949bf2
--- /dev/null
+++ b/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/rbac.yaml
@@ -0,0 +1,25 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: fleet-agent-system-fleet-agent-role
+rules:
+- apiGroups:
+  - '*'
+  resources:
+  - '*'
+  verbs:
+  - '*'
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: fleet-agent-system-fleet-agent-role-binding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: fleet-agent-system-fleet-agent-role
+subjects:
+- kind: ServiceAccount
+  name: fleet-agent
+  namespace: {{.Release.Namespace}}
diff --git a/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/secret.yaml b/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/secret.yaml
new file mode 100644
index 000000000..471588204
--- /dev/null
+++ b/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/secret.yaml
@@ -0,0 +1,10 @@
+apiVersion: v1
+data:
+  systemRegistrationNamespace: "{{b64enc .Values.systemRegistrationNamespace}}"
+  clusterNamespace: "{{b64enc .Values.clusterNamespace}}"
+  token: "{{b64enc .Values.token}}"
+  apiServerURL: "{{b64enc .Values.apiServerURL}}"
+  apiServerCA: "{{b64enc .Values.apiServerCA}}"
+kind: Secret
+metadata:
+  name: fleet-agent-bootstrap
diff --git a/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/serviceaccount.yaml b/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/serviceaccount.yaml
new file mode 100644
index 000000000..73e27f0be
--- /dev/null
+++ b/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/serviceaccount.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: fleet-agent
diff --git a/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/validate.yaml b/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/validate.yaml
new file mode 100644
index 000000000..d53ff1c50
--- /dev/null
+++ b/charts/fleet-agent/0.3.1000+up0.3.10-security1/templates/validate.yaml
@@ -0,0 +1,11 @@
+{{if ne .Release.Namespace .Values.internal.systemNamespace }}
+{{ fail (printf "This chart must be installed in the namespace %s as the release name fleet-agent" .Values.internal.systemNamespace) }}
+{{end}}
+
+{{if ne .Release.Name .Values.internal.managedReleaseName }}
+{{ fail (printf "This chart must be installed in the namespace %s as the release name fleet-agent" .Values.internal.managedReleaseName) }}
+{{end}}
+
+{{if not .Values.apiServerURL }}
+{{ fail "apiServerURL is required to be set, and most likely also apiServerCA" }}
+{{end}}
diff --git a/charts/fleet-agent/0.3.1000+up0.3.10-security1/values.yaml b/charts/fleet-agent/0.3.1000+up0.3.10-security1/values.yaml
new file mode 100644
index 000000000..cfea00e66
--- /dev/null
+++ b/charts/fleet-agent/0.3.1000+up0.3.10-security1/values.yaml
@@ -0,0 +1,63 @@
+image:
+  os: "windows,linux"
+  repository: rancher/fleet-agent
+  tag: v0.3.10-security1
+
+# The public URL of the Kubernetes API server running the Fleet Manager must be set here
+# Example: https://example.com:6443
+apiServerURL: ""
+
+# The the pem encoded value of the CA of the Kubernetes API server running the Fleet Manager.
+# If left empty it is assumed this Kubernetes API TLS is signed by a well known CA.
+apiServerCA: ""
+
+# The cluster registration value
+token: ""
+
+# Labels to add to the cluster upon registration only. They are not added after the fact.
+#labels:
+#  foo: bar
+
+# The client ID of the cluster to associate with
+clientID: ""
+
+# The namespace of the cluster we are register with
+clusterNamespace: ""
+
+# The namespace containing the clusters registration secrets
+systemRegistrationNamespace: fleet-clusters-system
+
+# Please do not change the below setting unless you really know what you are doing
+internal:
+  systemNamespace: fleet-system
+  managedReleaseName: fleet-agent
+
+# The nodeSelector and tolerations for the agent deployment
+fleetAgent:
+  ## Node labels for pod assignment
+  ## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+  ##
+  nodeSelector: {}
+  ## List of node taints to tolerate (requires Kubernetes >= 1.6)
+  tolerations: []
+kubectl:
+  ## Node labels for pod assignment
+  ## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+  ##
+  nodeSelector: {}
+  ## List of node taints to tolerate (requires Kubernetes >= 1.6)
+  tolerations:
+  - key: node.cloudprovider.kubernetes.io/uninitialized
+    operator: "Equal"
+    value: "true"
+    effect: NoSchedule
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+  kubectl:
+    repository: rancher/kubectl
+    tag: v1.21.5
+
+debug: false
+debugLevel: 0
diff --git a/index.yaml b/index.yaml
index 4d922ea56..0bcfd5139 100755
--- a/index.yaml
+++ b/index.yaml
@@ -785,6 +785,23 @@ entries:
     urls:
     - assets/fleet-agent/fleet-agent-100.0.0+up0.3.6.tgz
     version: 100.0.0+up0.3.6
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/namespace: cattle-fleet-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/release-name: fleet-agent
+    apiVersion: v2
+    appVersion: 0.3.10-security1
+    created: "2023-02-13T14:32:51.229741-08:00"
+    description: Fleet Manager Agent - GitOps at Scale
+    digest: 06787ddfc540f4675af4d7622bc02ceea40dee9609f1510e4715e393eeaadfd2
+    icon: https://charts.rancher.io/assets/logos/fleet.svg
+    name: fleet-agent
+    urls:
+    - assets/fleet-agent/fleet-agent-0.3.1000+up0.3.10-security1.tgz
+    version: 0.3.1000+up0.3.10-security1
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"
diff --git a/release.yaml b/release.yaml
index c354091d2..2c3380437 100644
--- a/release.yaml
+++ b/release.yaml
@@ -7,6 +7,8 @@ fleet:
   - 0.3.1000+up0.3.10-security1
 fleet-agent:
 - 102.0.0+up0.6.0-rc.4
+  - 101.1.0+up0.6.0-rc.2
+  - 0.3.1000+up0.3.10-security1
 fleet-crd:
 - 102.0.0+up0.6.0-rc.4
 longhorn: