From f6a14d40c0aea199f50f2abe4af1bb2bed24532f Mon Sep 17 00:00:00 2001
From: Rayan Das <rayandas91@gmail.com>
Date: Mon, 26 Sep 2022 16:27:57 +0530
Subject: [PATCH] make charts PACKAGE=rancher-windows-gmsa

---
 .../rancher-windows-gmsa-crd-2.0.0.tgz        | Bin 0 -> 907 bytes
 .../rancher-windows-gmsa-2.0.0.tgz            | Bin 0 -> 4494 bytes
 .../rancher-windows-gmsa-crd/2.0.0/Chart.yaml |  10 ++
 .../2.0.0/templates/crds.yaml                 | 119 ++++++++++++++++++
 charts/rancher-windows-gmsa/2.0.0/Chart.yaml  |  29 +++++
 .../rancher-windows-gmsa/2.0.0/app-readme.md  |   9 ++
 .../rancher-windows-gmsa/2.0.0/questions.yaml |  53 ++++++++
 .../2.0.0/templates/_helpers.tpl              |  48 +++++++
 .../2.0.0/templates/clusterrole.yaml          |  16 +++
 .../2.0.0/templates/clusterrolebinding.yaml   |  15 +++
 .../2.0.0/templates/credentialspec.yaml       |  24 ++++
 .../2.0.0/templates/deployment.yaml           |  68 ++++++++++
 .../2.0.0/templates/issuer.yaml               |  26 ++++
 .../2.0.0/templates/mutatingwebhook.yaml      |  34 +++++
 .../2.0.0/templates/networkpolicy.yaml        |  16 +++
 .../2.0.0/templates/service.yaml              |  13 ++
 .../2.0.0/templates/serviceaccount.yaml       |   8 ++
 .../2.0.0/templates/validate-install-crd.yaml |  14 +++
 .../2.0.0/templates/validatingwebhook.yaml    |  34 +++++
 charts/rancher-windows-gmsa/2.0.0/values.yaml |  42 +++++++
 index.yaml                                    |  47 +++++++
 21 files changed, 625 insertions(+)
 create mode 100644 assets/rancher-windows-gmsa-crd/rancher-windows-gmsa-crd-2.0.0.tgz
 create mode 100644 assets/rancher-windows-gmsa/rancher-windows-gmsa-2.0.0.tgz
 create mode 100644 charts/rancher-windows-gmsa-crd/2.0.0/Chart.yaml
 create mode 100644 charts/rancher-windows-gmsa-crd/2.0.0/templates/crds.yaml
 create mode 100644 charts/rancher-windows-gmsa/2.0.0/Chart.yaml
 create mode 100644 charts/rancher-windows-gmsa/2.0.0/app-readme.md
 create mode 100644 charts/rancher-windows-gmsa/2.0.0/questions.yaml
 create mode 100644 charts/rancher-windows-gmsa/2.0.0/templates/_helpers.tpl
 create mode 100644 charts/rancher-windows-gmsa/2.0.0/templates/clusterrole.yaml
 create mode 100644 charts/rancher-windows-gmsa/2.0.0/templates/clusterrolebinding.yaml
 create mode 100644 charts/rancher-windows-gmsa/2.0.0/templates/credentialspec.yaml
 create mode 100644 charts/rancher-windows-gmsa/2.0.0/templates/deployment.yaml
 create mode 100644 charts/rancher-windows-gmsa/2.0.0/templates/issuer.yaml
 create mode 100644 charts/rancher-windows-gmsa/2.0.0/templates/mutatingwebhook.yaml
 create mode 100644 charts/rancher-windows-gmsa/2.0.0/templates/networkpolicy.yaml
 create mode 100644 charts/rancher-windows-gmsa/2.0.0/templates/service.yaml
 create mode 100644 charts/rancher-windows-gmsa/2.0.0/templates/serviceaccount.yaml
 create mode 100644 charts/rancher-windows-gmsa/2.0.0/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-windows-gmsa/2.0.0/templates/validatingwebhook.yaml
 create mode 100644 charts/rancher-windows-gmsa/2.0.0/values.yaml

diff --git a/assets/rancher-windows-gmsa-crd/rancher-windows-gmsa-crd-2.0.0.tgz b/assets/rancher-windows-gmsa-crd/rancher-windows-gmsa-crd-2.0.0.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..fc013087632fed7117e11b6ae2e9473e837a2980
GIT binary patch
literal 907
zcmV;619bc!iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PI*_Z{j!*?{g%+gT*^ZD75V5tp`%CC$(BFcYDuMXGnZaY|ArY
zk8gi65Lze%wz)rADZiJ<W;`>Ve?J)qTIT2m-;_?xHyUIm!9cn+n&#j*TtQh}wM87q
z@$GoL{>E{9_>FId<E!C#G#roO>(TA#DjwcUCO20iZf*GjRK(z};?}kfFZY80v^ET^
zjHV<ILIOi!vQPqZfuS;yM8|5OFipg^R*s70Dos%*qR+0v{!tMPC6Wb+iP&uJ7agsL
zu{?UxVSzw6@EUe*yeruNton+Ml+lS;4ucd)I%Rpie$d2F6eKuDG5s<lu`o{ju~8xJ
zALn;ra7I0^EG7c1EtFhGELhgouERKtga131AHm7~XDn?2j1)<iQma95rvE47>-eDm
zC%2Qh>;L}(Z+ix;!oL``Us3q-iG1%ZhrQrM=`<13irAE2kWA$y&Tyf$@@>!yN@PfZ
zA?XD|Y`VzTk#v}%W(5UVloW1jY^&MJzMVdPEkqxz8i2LVEHMpVs%LZ>8U2BNBKkSA
zr6h_n#d-A{N>fI!G7;(=w8RoMQ^XE2DuEbX^n#WmQdwQ*(e0<7_Da6r3%rkOCo*R$
zn~3+`Zri<fb+EnaatMXZVYt~9g3vAfxb%~7x5vgohKX1}LA%`)twRa?PFm(zLQ*e<
zFc$UQ=ZCMO`Qa}@Y{rs#{u3p?-M7wIKf96k#D(x_*<JQ6_6DXOiDJ6TpqN{fhX+oX
zZZz+4Cs{3VrW{H(ZZ$P}p|T@#%_h#8@woTdd;|>{rgL;lCGk#5Q)xbRqBaW7!RnNV
zVk}Q9IPdp`-f!^a>#Rwjwnyxg&YC3W(%AO8elf(`C^qCyTo{LoqVTz>GNtc-f0#9T
ze_0$h${w_>_@B^b9K&;gQ<>GX^y5mWC2hPr9*i@k*;JOzc4wvprGGU_|C`-7)6`hZ
z=L0^|^qWI$spY;>X^Z2JAakYbLDJHfC*+@%X&aaMcU|a}yDnm_j+{DjI)#p$I&#`O
z+>uj9P6zlNa*{?b_X?HR0b{mG#FNojKQZehZr-Mz5MKG<l@4rCIVg@kN4)^82acE)
hm47Dog5D4LA5Mo39Xfmje+K{n|Nr)Lr>g)O005=fvuOYT

literal 0
HcmV?d00001

diff --git a/assets/rancher-windows-gmsa/rancher-windows-gmsa-2.0.0.tgz b/assets/rancher-windows-gmsa/rancher-windows-gmsa-2.0.0.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..056ed2746dc51f3ecef0fd7aa45a873c979b46a1
GIT binary patch
literal 4494
zcmV;95pnJxiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PH<$ZyUFk{kj739}dPXV)t63hhK$uyI5Ctd%bO3!*W|(1cgD(
z97(K4!zsy;qfPVQ7ktc!^N^*;j+5Mq9};_bczF0aZ_=E^!325pp2i`&7tQfhkXC;}
zxb){_8h!B;rQL3~j}H&^|Lu0W{D0@9efUM^@St;e(C!`_AAHg79CZ&mUqJgwdS6je
zAqoGY{ph~RgZoShiDM>-q%0P_20%b0iP+c=h?Eifl(k4IS(C;>k|^py-F9gPJp6V_
zWH6~k5FnRyL@~@;*MfyqBoUc6V=~1a{ATdO53dHNwcz+BK~AR_OA__KlRQPQ7Vs_|
zVsnOEP!{*#<$r$*9lzW0+s!uom-_Kg{rIxBsUk%rB)}e+kHuk&xsW)mZOKFrENpFk
zf_zG)Xezjf#_5~=2cbEe(GW#*JmWcD|Lz;%Q|2pD0*)cZl9EUy7>L%aQ;R2CyuxgB
z{S!MGUH_ZqbHOn}BG4{R-8N{Dg#Mago^=}}N%CLY{(;|ageU?|6RAJBD-3-WkLWn%
zdLuSypa3RPCZgAB1&SF7-*&0Dq!1`YD`I0NS}qB`n2j5EIKO8+6um|>>tykh*-*{w
zztcd{8NwOm7)ZwFjVYnABs4~@+vAkbs0V+LDMde-&?usb_#cr9^aG}r-b}}}-PaFH
zj$kPdP$SI-Hl}it4izH3NqLMCMN`mmaZn98Pp}6hNg^7U3Cb6+>$m-O<1y#ImjBO4
zl%jYt0kDGqcMrNpW&VG7e6r>L&rvLQ4v0k2d!dd#a`}qHWQ<(@4zL5~F&Rdvt6*yC
zfW{KX=D_;UcWcCirBMh&1QKy1;T){^zz~Q8IYGGlMnDjyLLxVPpza~;fnwz5Q@+VP
zPkq>di;<?FSwjI(0U;F{$3CP<#7L-t1%yNr*bRsuaJdgM66yyaaj1X3!}%T%p$QTg
zaFmy1ia=vcW-b5}0gLJ$82*oZhP<h|dC_>$STJEdZ<P^+Ofi@LWi&S2&dzQa3xm`1
z0CvtU2XLkVL4D0ZZa88NR)&IW#-srqr!=&ve)#3$%zT`ZU_xU&4FZ<Na)IU-fm{s{
z*hmjovtnYPOv@PMca*sVUY_54cky!#k-~PoGq^ZY2o*9lEp$r8sK?4NVS*|)oAb!l
zlyc5EhKlW379<&qMDy+&D`oF-IAQEgA&_L;gPE2k>Q{~VDvhEm7SUkdgNxB6lUE!C
z#(G7@5gXdoFoMiZxe?rFI3j5zuW?L;R5Y1=rdV+xBMVwbvxP7KhNh0+?fS>&OY#6k
zJ3BDIAmvof`z)6DM#6+ep@4*i%?M{0scoj~fk?^eFqJ6uZVlLU%3=tZl}{j0N*a%a
zuhDWGEkx!*oM_F81)?R1xD&0w%2{lx4s%?stW*67-^iB2`J$1qutcs|$TU6`mn>G>
zt_LF$2{b3PpK^||jOP2m@z0cU3_&slug(}}OhTBV`jjv(VMybU#$&jra$-+hPLiK@
zq;_c!+AkWSL<+opr{+|$2)Wf@;q~w8)5m72pHZom{}QK3q$EP?c7joYT=+8CToqU$
z|Bu@3gOdC|IqtT%^8Y!?PNux7bMy9X6G9x(7{N14@-{SF@|IgR=|S_|I|E5a;Qwkg
zMZ;+`bD@^MF4`rW#&QJSSEA)@h5_TS<`?yA>ucz9BoaZJ4O)V0_Gz^V#fMUXAq?k+
z-)N|a3^DTI>sE#{n*?oCXc&$oJ9PbP58l27-}p(i2!8jjx%gu39{5YikB9^a-akC>
zZar{`c4$6BsVu@6VPQnUi1DJrQ>D+X_DMqRC@rM`3ie9{WMO_q4!v&yL=sU6p1+uX
zR}b_Z9njAv&cR4Wz&PyseUgwNji{t3{L`xoOStg=NkoY@%38CIw+FjwEq2Eeb|Z|-
zr1`h)J!tR2F8&F-G?umXojuqc<C6N0YQLvv*0n~fq+~<ENZ`if8KNXlGpP28L3NJT
z8kHvKNrpzEWJ0>nGq%oJV>1+OIJgXx@tI`Uo^I_T`84AzF5Y`=W6Ms;tfj~)7U!D`
z(>RRKb69yc1-lVrcWDA1ACkZ)shluQ|IgTY`Sf|<^^N&<%_8)a-tT#Pd(d96<u8rB
zq}WZ4Qa2pv?;iNq#-*hBr?#@{nbE@T+AGMOC|ffFum_z*b*_ExX2Pa_3g785TRRS3
zekEQiJ1@8K%$I2@B;Xq=<PzTKSc%mU?5UYpNG7$2F3B;Iusb2*N1W&L<0%8x+j|Py
zsQ{cNa{dIAy8_l8vl`-kZCrcCxK```0Fbr3*MPdixq^DC#k3{`xGsP@obTs805wVf
z2_u%O-zNwo7Den{876l)7nv`>^wfi|#3s{Q80G_WUHD~;vVNway2CCm2j|x}xBc_$
zn~U!+`lmPNx8Gm?{OWda-oHM-S<;hX6CYaz-IkA7R@i^mNyk})o4bQo*njPllTOk8
z>$Z;$4!8E-bCey;+^)Yn?SoomkQ3{owSG5<5kmoz^<Fe~0KNu}Bs8AFAQh5LfuoIW
zSb$)H!5tJ72i0DgUACR#<vLLHqH#y#um_GVQPg-I(m`G{rYMQxi`pq=VlT=DbD1v~
zt3?}lLRZr`h|;iX+xhSp#54{umT;(>@iekN@uo7%e&8%kL=Rqj#R#1Dd*&+4Vm$EL
ztBJ~Ga5LmX1B24r2QL+9s!F}o4ZF6lhy^4P>F^H>Bnbi(g5!+heYM9xo5r5&BU}Ic
zTW{S4Y+%*-KR#-g&VRRke6T(L&rx=?7uFnm!vL6j{9g(X$Y(UbMPQ(EX1_B#;}bf%
z_B3Rt*HAn#134`OI3DU6z{vn8!x*(r^9dH=HI8&&HT-NvC)t^QV8%YAlD6vn7kJo)
zD!{7vZ>QZYo&Qefa4Y|xrIZ}Gi}m(x0Ml3u?#V8SKYg6dwpY@<pCcF~7%V;L)$YpS
zQNJ3sguftS_sAc^8B~vID{Fd8`bVDqQHaaxLus6#VUcqP3!ym6<>N*ayUa$FLBNvr
z5jx>n2g}E%%0{#;hW=DsMd_Hv*|asw)2=?B)d$DVvf%heUF-IX$oZy7e$X-Xbz6^9
z8s<%3)kNMOvHvr)mu^`8F`H%ZJ|h#f=wxhe-3On4St0*JOd>X)V*HqN;1%-!uzOgR
z|Ludr<E{LEj^YY-k|e?r=V$ram&CZ6Gi)<zFbLQ*@v{^SUq>_iVjfDu!XEH6mUN0O
z8&_Vb9<QZ=Z)zoEdH_eATPb?bF_~VGmQ1}YeM$zCpG*gtOe9INl;rI6WX;{FQza^*
zdKei%PNga(b*-A9<H+r5zRX*Y>|bOWJ=A_NN#8iQT#s>v-PMUMAGV_a$Y?}kD(B9y
zV;16R^)uuS|Fe|ScsvLu7^V@8#~0(6<)6>rV36umVz;TmI<O0PgM2DV^-2NJD|-GW
z;V6W&i_2hlIPXDm4>M5*3cwQNL~R+ki0dItPHk;ZrZ=4j?#}l;m6Lp>oGd42R^8mE
z1!mPaTj;gdGtazoF*R2i$flSaKfS-~-hUu}#D{n99F0S_^%r?|@a|o&QZ322u1h!h
zuhOOjQEJbTgfvDWt~eWFX;~&xCO@F8ES3l+sHWqeH#b*<a%Do~qzA1Dl1NS}m5j?C
z93CFH73yPoM>H1;aaGr*!~n$7(+}%$fHH!`cIk9W*s6O*l^KiDDZVNiM#bGDqspn7
zD)=isV_pko&=MkQ)m|>Kjwr8;K`r3VaWr>RhE2hEwuF$Ip9Z%-p8u<iN*~Q0tVKu5
zh7Xr_(7(QUbO!;K84feQb%(Mvtu{be?AuLRcGdhPfy?630#J#y3{-Q*+L?g-BrK_R
z8atz`YaE!o>W{4<{d<=c`acySMgGW}AS?9$&cRXn{>RBtySvr@pQDuhf6LMU3*Nwj
zpkJDU=xcUjJ>m<z@8kS`7VY2qdlvqw8e;rq-TPt|Y}(GZ(KTO3@br}iecZBOLKaTA
z&|lXGSZu)Uo6Y7X>zR@Ci7lnTXf&YX7(;VAVC$+{RaWr-X{rqUcx;uE%>==!_)q)z
zs2u+}INADto~0E0KjD;WgV-8tm8h*b`>*Vt_|5Ez!rk5X;Rx?5dThM3;(RKn#nSi>
z3}iDP%@JqQ<?N>Q09^|^XCsDWk4qMRHq($#Z>H+|#k<RNEb@S_9#=#$mW6mo?sjqA
zD61{>0`INPg$tTkn@k^k^h$mwow&K~g6+B91!595OHP9NtYj-`7CpOG=OQb|2wmfO
zvA4gx{`L9k&3Tsi0szIFno>oUD6Xo$cIyiHH3<vzRGJZ?QOYrMI($#4y$6^t?zPUn
zaWT(2-adHQbpeY=&=Ai@Bb}rGmn^mx><)x1ekt{pITpj0Z!b?@oe!=~`{(71ghA0s
z2@g57tj$%vPnng4^XihxqW{Wzt>ATbyLNlO?%%7dkpD5td&ch)z27%A16SpL9d=JD
z`5*1={l8}^uKc%)P2=%G=v$e8X{rq0Tgdoa#9KFSlSC1_SO2c3@oy$yjlSOi(BTWq
z2H~y3M&q&Ke?2XB^%pFEFnjrCo}m4DVcO`Q&&`j29}c(T{9AS7aSouB=f6{P|99*E
zd6rUmv?o{bZNk$hXWzRKlV&xjA_*U(EW}MpvE1dM*1xG%v)=i)xxXJK|Fd0r|EJsO
zwzu!UJxkfKm)i<C-umjflLcPP|E#cyJfr&4;1++=le}43asFo{q9Ku(y#Uw@c=+C2
zU{(C5>i_F@PPXU&S<23nU;l3Gm}e)<h1%Y?5Yj+86#`{e=~Yt6%`Ny=HIv*k?+iJ3
zIElvyOE3RBkaPsuWn<Itu4DtrX*>ph&%*sjiL?TU<f+@UjVRRqW~ln|b|1dfx5$N>
z0gJOh(Jua(gXp0ZD9P_Ud)L`d{p&LUgd=E2Q#|(JN;A#ubv65b66YuqW*%1RU!U0*
zPKG#QJO@>Eazcfv^gVkY`QhO?zkKXXyDd*v*5m(=ivX>P|8&|F{qJ~t|L=Lq2JxR?
z^F6VR0DYDbpym2@F$R<=f1hg<Xdk>^uFkgcplv*8Tb7kt`A?Fh$&rLp^rzwD`&i}w
zIXXNkzyExEc(j%O&rx=Y53!$SYzuzN_`-|EO>QcHc|k%fo(t|@pY6lKR5PzCRj~MQ
zGeKaZ5e+DbAY?(RpYGRhH|uwpQpq?ak$`~2Fhu(t)9VRx{C)R5UrgWg?OVH79JL`O
zs6?T@RbPBJFCU0B(XM54>lf^`-^{-S*~MRt;9(dA@?%b$ei^v)k58CG)}H@AQxsa5
zKFt&GE6)F6yZru7=eWC#|2$90m)a_-Gs3A7>^-PH1z;2b8|roMT@?SY!vy67IY?%?
z1rW<Ba)fX{!Ps?1==$GWO++i*Yaui6=8q%{8H<oujb&_})$p8twI|6cToZPGE7D;$
z0k?GI4#}x;^~~DoS>x*VLWi;gGu+m?+lvr|*<Afb`(pG$JFHx-)wqs|S7g>5#5kp4
zmF)ac`3j|~Dx<Q(6h9=PqK3}FQZfe%D%~~suq4_P^9q@@&;3_OzI4{#pavSNwjZ46
z?D2$J!d0cEehJ~%jM*ocpPzc?xq}Mz*&i`@XwDswJRD{^@!y~D0?{iB=JmMjF9M5?
zLrVr@jFsVrg)XYGJoh-)v;aBbEFDh@=vOmYr^|;pZ2s2*)?u;r_ZHk0vy)`UR{WD3
zwd<-cDguGU6QU!|ra)rz=&KS&=7HM$-A}av7VnA@NB7N~I9ZFrbEEq0&}{Der-d1|
ze~x5tUsvAzG$_{E%Wr%3iBb!aa5_`fcQ`j7`fry=rnF`EN%M@V%C27w`Fl0w^Wu2l
gcT<0C#bsNzWm~poTOL*ZKL7y#|G#l?2LN;c0GE^6%m4rY

literal 0
HcmV?d00001

diff --git a/charts/rancher-windows-gmsa-crd/2.0.0/Chart.yaml b/charts/rancher-windows-gmsa-crd/2.0.0/Chart.yaml
new file mode 100644
index 000000000..e95462f00
--- /dev/null
+++ b/charts/rancher-windows-gmsa-crd/2.0.0/Chart.yaml
@@ -0,0 +1,10 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/namespace: cattle-windows-gmsa-system
+  catalog.cattle.io/release-name: rancher-windows-gmsa-crd
+apiVersion: v1
+description: Installs the CRDs for Windows GMSA.
+name: rancher-windows-gmsa-crd
+type: application
+version: 2.0.0
diff --git a/charts/rancher-windows-gmsa-crd/2.0.0/templates/crds.yaml b/charts/rancher-windows-gmsa-crd/2.0.0/templates/crds.yaml
new file mode 100644
index 000000000..de31c4561
--- /dev/null
+++ b/charts/rancher-windows-gmsa-crd/2.0.0/templates/crds.yaml
@@ -0,0 +1,119 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: gmsacredentialspecs.windows.k8s.io
+  annotations:
+    "api-approved.kubernetes.io": "https://github.com/kubernetes/enhancements/tree/master/keps/sig-windows/689-windows-gmsa"
+spec:
+  group: windows.k8s.io
+  versions:
+    - name: v1alpha1
+      served: true
+      storage: false
+      deprecated: true
+      schema:
+        openAPIV3Schema:
+          type: object
+          properties:
+            credspec:
+              description: GMSA Credential Spec
+              type: object
+              properties:
+                ActiveDirectoryConfig:
+                  type: object
+                  properties:
+                    GroupManagedServiceAccounts:
+                      type: array
+                      items:
+                        type: object
+                        properties:
+                          Name:
+                            type: string
+                          Scope:
+                            type: string
+                    HostAccountConfig:
+                      type: object
+                      properties:
+                        PluginGUID:
+                          type: string
+                        PluginInput:
+                          type: string
+                        PortableCcgVersion:
+                          type: string
+                CmsPlugins:
+                  type: array
+                  items:
+                    type: string
+                DomainJoinConfig:
+                  type: object
+                  properties:
+                    DnsName:
+                      type: string
+                    DnsTreeName:
+                      type: string
+                    Guid:
+                      type: string
+                    MachineAccountName:
+                      type: string
+                    NetBiosName:
+                      type: string
+                    Sid:
+                      type: string
+    - name: v1
+      served: true
+      storage: true
+      schema:
+        openAPIV3Schema:
+          type: object
+          properties:
+            credspec:
+              description: GMSA Credential Spec
+              type: object
+              properties:
+                ActiveDirectoryConfig:
+                  type: object
+                  properties:
+                    GroupManagedServiceAccounts:
+                      type: array
+                      items:
+                        type: object
+                        properties:
+                          Name:
+                            type: string
+                          Scope:
+                            type: string
+                    HostAccountConfig:
+                      type: object
+                      properties:
+                        PluginGUID:
+                          type: string
+                        PluginInput:
+                          type: string
+                        PortableCcgVersion:
+                          type: string
+                CmsPlugins:
+                  type: array
+                  items:
+                    type: string
+                DomainJoinConfig:
+                  type: object
+                  properties:
+                    DnsName:
+                      type: string
+                    DnsTreeName:
+                      type: string
+                    Guid:
+                      type: string
+                    MachineAccountName:
+                      type: string
+                    NetBiosName:
+                      type: string
+                    Sid:
+                      type: string
+  conversion:
+    strategy: None
+  names:
+    kind: GMSACredentialSpec
+    plural: gmsacredentialspecs
+  scope: Cluster
+
diff --git a/charts/rancher-windows-gmsa/2.0.0/Chart.yaml b/charts/rancher-windows-gmsa/2.0.0/Chart.yaml
new file mode 100644
index 000000000..46730e35b
--- /dev/null
+++ b/charts/rancher-windows-gmsa/2.0.0/Chart.yaml
@@ -0,0 +1,29 @@
+annotations:
+  catalog.cattle.io/auto-install: rancher-windows-gmsa-crd=match
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/display-name: Windows GMSA
+  catalog.cattle.io/experimental: "true"
+  catalog.cattle.io/kube-version: '>= 1.21.0-0 < 1.24.0-0'
+  catalog.cattle.io/namespace: cattle-windows-gmsa-system
+  catalog.cattle.io/os: windows
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/provides-gvr: windows.k8s.io.gmsacredentialspecs/v1
+  catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0'
+  catalog.cattle.io/release-name: rancher-windows-gmsa
+apiVersion: v2
+appVersion: 0.3.0
+description: Windows GMSA Configuration
+icon: https://charts.rancher.io/assets/logos/windows-gmsa.svg
+keywords:
+- Windows
+- Windows GMSA
+- GMSA
+- Active Directory
+maintainers:
+- email: jamie.phillips@suse.com
+  name: Rancher
+name: rancher-windows-gmsa
+sources:
+- https://github.com/kubernetes-sigs/windows-gmsa
+type: application
+version: 2.0.0
diff --git a/charts/rancher-windows-gmsa/2.0.0/app-readme.md b/charts/rancher-windows-gmsa/2.0.0/app-readme.md
new file mode 100644
index 000000000..b6a21b135
--- /dev/null
+++ b/charts/rancher-windows-gmsa/2.0.0/app-readme.md
@@ -0,0 +1,9 @@
+# Windows GMSA Admission Webhook
+
+This chart creates the GMSA CRD, Credential, and Admission Webhook. The official documentation and tutorials can be found [here](https://github.com/kubernetes-sigs/windows-gmsa).
+
+## Prerequisites
+
+- Active Directory that supports Group Managed Service Accounts
+- A Group Managed Service Account
+- Kubernetes v1.21+
diff --git a/charts/rancher-windows-gmsa/2.0.0/questions.yaml b/charts/rancher-windows-gmsa/2.0.0/questions.yaml
new file mode 100644
index 000000000..70f16989e
--- /dev/null
+++ b/charts/rancher-windows-gmsa/2.0.0/questions.yaml
@@ -0,0 +1,53 @@
+questions:
+  - variable: credential.enabled
+    default: true
+    description: Whether to create a GMSA Credential when installing GMSA Webhook
+    label: Whether to create a GMSA Credential
+    type: boolean
+    group: "Credential Spec"
+    show_subquestion_if: true
+    subquestions:
+      - variable: credential.domainJoinConfig.machineAccountName
+        label: GMSA Account Name
+        description: Username of the GMSA account
+        type: string
+        required: true
+      - variable: credential.domainJoinConfig.guid
+        label: GUID
+        description: GUID of the Service Account
+        type: string
+        required: true
+      - variable: credential.domainJoinConfig.sid
+        label: SID
+        description: SID of the GMSA Account
+        type: string
+        required: true
+      - variable: credential.domainJoinConfig.dnsName
+        label: DNS Domain Name
+        description: Name of the domain in DNS
+        type: string
+        required: true
+      - variable: credential.domainJoinConfig.dnsTreeName
+        label: DNS Tree Domain
+        description: Root name of the domain in DNS
+        type: string
+        required: true
+      - variable: credential.domainJoinConfig.netBiosName
+        label: NETBIOS Name
+        description: NETBIOS Name for the domain.
+        type: string
+        required: true
+  - variable: certificates.certManager.enabled
+    default: true
+    description: Use cert-manager to generate certificates for the webhook
+    label: Generate certificate through cert-manager
+    type: boolean
+    group: "Certificates"
+    show_subquestion_if: false
+    subquestions:
+      - variable: certificates.secretName
+        default: webhook-server-cert
+        description: Mount a CA Bundle from an existing Secret in the same namespace as the GMSA webhook. Secret must contain keys for the CA certificate (ca.crt), the TLS certificate (tls.crt), and the TLS private key (tls.key) to be used by the webhook.
+        label: CA Bundle From Existing Secret
+        type: string
+        required: true
diff --git a/charts/rancher-windows-gmsa/2.0.0/templates/_helpers.tpl b/charts/rancher-windows-gmsa/2.0.0/templates/_helpers.tpl
new file mode 100644
index 000000000..61576a7c8
--- /dev/null
+++ b/charts/rancher-windows-gmsa/2.0.0/templates/_helpers.tpl
@@ -0,0 +1,48 @@
+# Rancher
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- end -}}
+{{- end -}}
+
+{{/* Create chart name and version as used by the chart label. */}}
+{{- define "gmsa.chartref" -}}
+chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+{{- end }}
+
+{{/* Determine apiVersion for cert-manager */}}
+{{- define "cert-manager.apiversion" -}}
+  {{- $certmanagerVer :=  split "." .Values.certificates.certManager.version -}}
+  {{- if or (.Capabilities.APIVersions.Has "cert-manager.io/v1") (and (gt (len $certmanagerVer._0) 0) (eq (int $certmanagerVer._0) 1) (ge (int $certmanagerVer._1) 0)) }}
+apiVersion: cert-manager.io/v1
+  {{- else if or (.Capabilities.APIVersions.Has "cert-manager.io/v1beta1") (and (gt (len $certmanagerVer._0) 0) (eq (int $certmanagerVer._0) 0) (ge (int $certmanagerVer._1) 16)) }}
+apiVersion: cert-manager.io/v1beta1
+  {{- else if or (.Capabilities.APIVersions.Has "cert-manager.io/v1alpha2") (and (gt (len $certmanagerVer._0) 0) (eq (int $certmanagerVer._0) 0) (ge (int $certmanagerVer._1) 11)) }}
+apiVersion: cert-manager.io/v1alpha2
+  {{- else if or (.Capabilities.APIVersions.Has "certmanager.k8s.io/v1alpha1") (and (gt (len $certmanagerVer._0) 0) (eq (int $certmanagerVer._0) 0) (lt (int $certmanagerVer._1) 11)) }}
+apiVersion: cert-manager.io/v1alpha1
+  {{- else }}
+apiVersion: cert-manager.io/v1
+  {{- end }}
+{{- end }}
+
+{{- define "certificates.cabundle"}}
+{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+{{- $secret := (lookup "v1" "Secret" .Release.Namespace .Values.certificates.secretName) -}}
+{{- if lt (len $secret) 1 -}}
+{{- required (printf "CA Bundle secret '%s' in namespace '%s' must exist" .Values.certificates.secretName .Release.Namespace) "" -}}
+{{- else -}}
+{{- if not (hasKey $secret "data") -}}
+{{- required (printf "CA Bundle secret '%s' in namespace '%s' is empty" .Values.certificates.secretName .Release.Namespace) "" -}}
+{{- end -}}
+{{- if or (not (hasKey $secret.data "ca.crt")) (not (hasKey $secret.data "tls.crt")) (not (hasKey $secret.data "tls.key")) -}}
+{{- required (printf "CA Bundle secret '%s' in namespace '%s' must contain ca.crt, tls.key, and tls.cert; found the following keys in the secret: %s" .Values.certificates.secretName .Release.Namespace $secret.data) "" -}}
+{{- end -}}
+{{- end -}}
+{{- get $secret.data "ca.crt" }}
+{{- else -}}
+INSERT_CERTIFICATE_FROM_SECRET
+{{- end -}}
+{{- end }}
+
diff --git a/charts/rancher-windows-gmsa/2.0.0/templates/clusterrole.yaml b/charts/rancher-windows-gmsa/2.0.0/templates/clusterrole.yaml
new file mode 100644
index 000000000..6e7667209
--- /dev/null
+++ b/charts/rancher-windows-gmsa/2.0.0/templates/clusterrole.yaml
@@ -0,0 +1,16 @@
+# the RBAC role that the webhook needs to:
+#  * read GMSA custom resources
+#  * check authorizations to use GMSA cred specs
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: {{ .Release.Name }}
+  labels: {{ include "gmsa.chartref" . | nindent 4 }}
+rules:
+  - apiGroups: ["windows.k8s.io"]
+    resources: ["gmsacredentialspecs"]
+    verbs: ["get", "use"]
+  - apiGroups: ["authorization.k8s.io"]
+    resources: ["localsubjectaccessreviews"]
+    verbs: ["create"]
+
diff --git a/charts/rancher-windows-gmsa/2.0.0/templates/clusterrolebinding.yaml b/charts/rancher-windows-gmsa/2.0.0/templates/clusterrolebinding.yaml
new file mode 100644
index 000000000..7f477c426
--- /dev/null
+++ b/charts/rancher-windows-gmsa/2.0.0/templates/clusterrolebinding.yaml
@@ -0,0 +1,15 @@
+# bind that role to the webhook's service account
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: {{ .Release.Name }}
+  labels: {{ include "gmsa.chartref" . | nindent 4 }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ .Release.Name }}
+    namespace: {{ .Release.Namespace }}
+roleRef:
+  kind: ClusterRole
+  name: {{ .Release.Name }}
+  apiGroup: rbac.authorization.k8s.io
+
diff --git a/charts/rancher-windows-gmsa/2.0.0/templates/credentialspec.yaml b/charts/rancher-windows-gmsa/2.0.0/templates/credentialspec.yaml
new file mode 100644
index 000000000..f4ff13efd
--- /dev/null
+++ b/charts/rancher-windows-gmsa/2.0.0/templates/credentialspec.yaml
@@ -0,0 +1,24 @@
+{{- if .Values.credential.enabled -}}
+apiVersion: windows.k8s.io/v1
+kind: GMSACredentialSpec
+metadata:
+  name: {{ .Values.credential.domainJoinConfig.machineAccountName | lower }}
+  labels: {{ include "gmsa.chartref" . | nindent 4 }}
+credspec:
+  ActiveDirectoryConfig:
+    GroupManagedServiceAccounts:
+      - Name: {{ .Values.credential.domainJoinConfig.machineAccountNamename }}
+        Scope: {{ .Values.credential.domainJoinConfig.netBiosName }}
+      - Name: {{ .Values.credential.domainJoinConfig.machineAccountNamename }}
+        Scope: {{ .Values.credential.domainJoinConfig.dnsName }}
+  CmsPlugins:
+    - ActiveDirectory
+  DomainJoinConfig:
+    DnsName: {{ .Values.credential.domainJoinConfig.dnsName }}
+    DnsTreeName:  {{ .Values.credential.domainJoinConfig.dnsName }}
+    Guid:  {{ .Values.credential.domainJoinConfig.guid }}
+    MachineAccountName:  {{ .Values.credential.domainJoinConfig.machineAccountName }}
+    NetBiosName:  {{ .Values.credential.domainJoinConfig.netBiosName }}
+    Sid:  {{ .Values.credential.domainJoinConfig.sid }}
+{{- end -}}
+
diff --git a/charts/rancher-windows-gmsa/2.0.0/templates/deployment.yaml b/charts/rancher-windows-gmsa/2.0.0/templates/deployment.yaml
new file mode 100644
index 000000000..9dc4d7fb5
--- /dev/null
+++ b/charts/rancher-windows-gmsa/2.0.0/templates/deployment.yaml
@@ -0,0 +1,68 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  annotations:
+    seccomp.security.alpha.kubernetes.io/pod: runtime/default
+  name: {{ .Release.Name }}
+  namespace: {{ .Release.Namespace }}
+  labels: {{ include "gmsa.chartref" . | nindent 4 }}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: {{ .Release.Name }}
+  template:
+    metadata:
+      labels:
+        app: {{ .Release.Name }}
+    spec:
+      {{- if .Values.podSecurityContext }}
+      securityContext: {{ toYaml .Values.podSecurityContext | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ .Release.Name }}
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              - matchExpressions:
+                  - key: kubernetes.io/os
+                    operator: In
+                    values:
+                      - linux
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      containers:
+        - name: {{ .Release.Name }}
+          image: {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}
+          imagePullPolicy: {{ .Values.image.imagePullPolicy }}
+          readinessProbe:
+            httpGet:
+              scheme: HTTPS
+              path: /health
+              port: 443
+          ports:
+            - containerPort: 443
+          {{- if .Values.securityContext }}
+          securityContext: {{ toYaml .Values.securityContext | nindent 12 }}
+          {{- end }}
+          volumeMounts:
+            - name: tls
+              mountPath: "/etc/ssl/rancher-windows-gmsa-webhook"
+              readOnly: true
+          env:
+            - name: TLS_KEY
+              value: /etc/ssl/rancher-windows-gmsa-webhook/tls.key
+            - name: TLS_CRT
+              value: /etc/ssl/rancher-windows-gmsa-webhook/tls.crt
+      volumes:
+        - name: tls
+          secret:
+            secretName: {{ .Values.certificates.secretName }}
+            items:
+              - key: tls.key
+                path: tls.key
+              - key: tls.crt
+                path: tls.crt
+
diff --git a/charts/rancher-windows-gmsa/2.0.0/templates/issuer.yaml b/charts/rancher-windows-gmsa/2.0.0/templates/issuer.yaml
new file mode 100644
index 000000000..d100da93b
--- /dev/null
+++ b/charts/rancher-windows-gmsa/2.0.0/templates/issuer.yaml
@@ -0,0 +1,26 @@
+{{- if .Values.certificates.certManager.enabled -}}
+{{ template "cert-manager.apiversion" . }}
+kind: Certificate
+metadata:
+  name: {{ .Release.Name }}
+  namespace: {{ .Release.Namespace }}
+  labels: {{ include "gmsa.chartref" . | nindent 4 }}
+spec:
+  dnsNames:
+    - {{ .Release.Name }}.{{ .Release.Namespace }}.svc
+    - {{ .Release.Name }}.{{ .Release.Namespace }}.svc.cluster.local
+  issuerRef:
+    kind: Issuer
+    name: {{ .Release.Name }}
+  secretName: {{ .Values.certificates.secretName }}
+---
+{{ template "cert-manager.apiversion" . }}
+kind: Issuer
+metadata:
+  name: {{ .Release.Name }}
+  namespace: {{ .Release.Namespace }}
+  labels: {{ include "gmsa.chartref" . | nindent 4 }}
+spec:
+  selfSigned: {}
+{{- end -}}
+
diff --git a/charts/rancher-windows-gmsa/2.0.0/templates/mutatingwebhook.yaml b/charts/rancher-windows-gmsa/2.0.0/templates/mutatingwebhook.yaml
new file mode 100644
index 000000000..321394565
--- /dev/null
+++ b/charts/rancher-windows-gmsa/2.0.0/templates/mutatingwebhook.yaml
@@ -0,0 +1,34 @@
+apiVersion: admissionregistration.k8s.io/v1
+kind: MutatingWebhookConfiguration
+metadata:
+  name: {{ .Release.Name }}
+  {{- if .Values.certificates.certManager.enabled }}
+  annotations:
+    cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ .Release.Name }}
+  {{- end }}
+  labels: {{ include "gmsa.chartref" . | nindent 4 }}
+webhooks:
+  - name: admission-webhook.windows-gmsa.sigs.k8s.io
+    clientConfig:
+      service:
+        name: {{ .Release.Name }}
+        namespace: {{.Release.Namespace}}
+        path: "/mutate"
+      {{- if not (.Values.certificates.certManager.enabled) }}
+      caBundle: {{ template "certificates.cabundle" . }}
+      {{- end }}
+    rules:
+      - operations: ["CREATE"]
+        apiGroups: [""]
+        apiVersions: ["*"]
+        resources: ["pods"]
+    failurePolicy: Fail
+    admissionReviewVersions: ["v1", "v1beta1"]
+    sideEffects: None
+    # don't run on ${NAMESPACE}
+    namespaceSelector:
+      matchExpressions:
+        - key: gmsa-webhook
+          operator: NotIn
+          values: [disabled]
+
diff --git a/charts/rancher-windows-gmsa/2.0.0/templates/networkpolicy.yaml b/charts/rancher-windows-gmsa/2.0.0/templates/networkpolicy.yaml
new file mode 100644
index 000000000..4d60f0915
--- /dev/null
+++ b/charts/rancher-windows-gmsa/2.0.0/templates/networkpolicy.yaml
@@ -0,0 +1,16 @@
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: default-allow-all
+  namespace: {{ .Release.Namespace }}
+  labels: {{ include "gmsa.chartref" . | nindent 4 }}
+spec:
+  podSelector: {}
+  ingress:
+  - {}
+  egress:
+  - {}
+  policyTypes:
+  - Ingress
+  - Egress
+
diff --git a/charts/rancher-windows-gmsa/2.0.0/templates/service.yaml b/charts/rancher-windows-gmsa/2.0.0/templates/service.yaml
new file mode 100644
index 000000000..768f3f25d
--- /dev/null
+++ b/charts/rancher-windows-gmsa/2.0.0/templates/service.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .Release.Name }}
+  namespace: {{ .Release.Namespace }}
+  labels: {{ include "gmsa.chartref" . | nindent 4 }}
+spec:
+  ports:
+    - port: 443
+      targetPort: 443
+  selector:
+    app: {{ .Release.Name }}
+
diff --git a/charts/rancher-windows-gmsa/2.0.0/templates/serviceaccount.yaml b/charts/rancher-windows-gmsa/2.0.0/templates/serviceaccount.yaml
new file mode 100644
index 000000000..d4bfa87c0
--- /dev/null
+++ b/charts/rancher-windows-gmsa/2.0.0/templates/serviceaccount.yaml
@@ -0,0 +1,8 @@
+# the service account for the webhook
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Release.Name }}
+  namespace: {{ .Release.Namespace }}
+  labels: {{ include "gmsa.chartref" . | nindent 4 }}
+
diff --git a/charts/rancher-windows-gmsa/2.0.0/templates/validate-install-crd.yaml b/charts/rancher-windows-gmsa/2.0.0/templates/validate-install-crd.yaml
new file mode 100644
index 000000000..3f1ad6df7
--- /dev/null
+++ b/charts/rancher-windows-gmsa/2.0.0/templates/validate-install-crd.yaml
@@ -0,0 +1,14 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "windows.k8s.io/v1alpha1/GMSACredentialSpec" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
\ No newline at end of file
diff --git a/charts/rancher-windows-gmsa/2.0.0/templates/validatingwebhook.yaml b/charts/rancher-windows-gmsa/2.0.0/templates/validatingwebhook.yaml
new file mode 100644
index 000000000..e13c5b33b
--- /dev/null
+++ b/charts/rancher-windows-gmsa/2.0.0/templates/validatingwebhook.yaml
@@ -0,0 +1,34 @@
+apiVersion: admissionregistration.k8s.io/v1
+kind: ValidatingWebhookConfiguration
+metadata:
+  name: {{ .Release.Name }}
+  {{- if .Values.certificates.certManager.enabled }}
+  annotations:
+    cert-manager.io/inject-ca-from: {{ .Release.Namespace }}/{{ .Release.Name }}
+  {{- end }}
+  labels: {{ include "gmsa.chartref" . | nindent 4 }}
+webhooks:
+  - name: admission-webhook.windows-gmsa.sigs.k8s.io
+    clientConfig:
+      service:
+        name: {{ .Release.Name }}
+        namespace: {{ .Release.Namespace }}
+        path: "/validate"
+      {{- if not (.Values.certificates.certManager.enabled) }}
+      caBundle: {{ template "certificates.cabundle" . }}
+      {{- end }}
+    rules:
+      - operations: ["CREATE", "UPDATE"]
+        apiGroups: [""]
+        apiVersions: ["*"]
+        resources: ["pods"]
+    failurePolicy: Fail
+    admissionReviewVersions: ["v1", "v1beta1"]
+    sideEffects: None
+    # don't run on ${NAMESPACE}
+    namespaceSelector:
+      matchExpressions:
+        - key: gmsa-webhook
+          operator: NotIn
+          values: [disabled]
+
diff --git a/charts/rancher-windows-gmsa/2.0.0/values.yaml b/charts/rancher-windows-gmsa/2.0.0/values.yaml
new file mode 100644
index 000000000..f7ea06ba0
--- /dev/null
+++ b/charts/rancher-windows-gmsa/2.0.0/values.yaml
@@ -0,0 +1,42 @@
+certificates:
+  certManager:
+    # Enable cert manager integration. Cert manager should be already installed at the k8s cluster
+    enabled: true
+    version: ""
+  # If cert-manager integration is disabled, upload certs data (ca.crt, tls.crt and tls.key) as k8s secretName in the namespace
+  secretName: gmsa-server-cert
+
+credential:
+  enabled: true
+  domainJoinConfig:
+    dnsName: ""  #DNS Domain Name
+    dnsTreeName: "" #DNS Domain Name Root
+    guid: ""  #GUID
+    machineAccountName: "" #Username of the GMSA account
+    netBiosName: ""  #NETBIOS Domain Name
+    sid: "" #SID of GMSA
+
+image:
+  repository: rancher/mirrored-sigwindowstools-k8s-gmsa-webhook
+  tag: v0.3.0
+  imagePullPolicy: IfNotPresent
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+  kubectl:
+    repository: rancher/kubectl
+    tag: v1.22.6
+    pullPolicy: IfNotPresent
+
+## SecurityContext holds pod-level security attributes and common container settings.
+## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
+##
+podSecurityContext:
+  runAsNonRoot: false
+  # Currently, required to run as root due to port binding within the container.
+  runAsUser: 0
+securityContext: {}
+
+tolerations: []
+
diff --git a/index.yaml b/index.yaml
index caf791466..df4fce5bf 100755
--- a/index.yaml
+++ b/index.yaml
@@ -9973,6 +9973,39 @@ entries:
     - assets/rancher-windows-exporter/rancher-windows-exporter-0.1.000.tgz
     version: 0.1.000
   rancher-windows-gmsa:
+  - annotations:
+      catalog.cattle.io/auto-install: rancher-windows-gmsa-crd=match
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/display-name: Windows GMSA
+      catalog.cattle.io/experimental: "true"
+      catalog.cattle.io/kube-version: '>= 1.21.0-0 < 1.24.0-0'
+      catalog.cattle.io/namespace: cattle-windows-gmsa-system
+      catalog.cattle.io/os: windows
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/provides-gvr: windows.k8s.io.gmsacredentialspecs/v1
+      catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0'
+      catalog.cattle.io/release-name: rancher-windows-gmsa
+    apiVersion: v2
+    appVersion: 0.3.0
+    created: "2022-09-26T16:24:43.952186869+05:30"
+    description: Windows GMSA Configuration
+    digest: a244c64385be695e3149d55f707b124f95377fd564b369fca364b1896310706c
+    icon: https://charts.rancher.io/assets/logos/windows-gmsa.svg
+    keywords:
+    - Windows
+    - Windows GMSA
+    - GMSA
+    - Active Directory
+    maintainers:
+    - email: jamie.phillips@suse.com
+      name: Rancher
+    name: rancher-windows-gmsa
+    sources:
+    - https://github.com/kubernetes-sigs/windows-gmsa
+    type: application
+    urls:
+    - assets/rancher-windows-gmsa/rancher-windows-gmsa-2.0.0.tgz
+    version: 2.0.0
   - annotations:
       catalog.cattle.io/auto-install: rancher-windows-gmsa-crd=match
       catalog.cattle.io/certified: rancher
@@ -10007,6 +10040,20 @@ entries:
     - assets/rancher-windows-gmsa/rancher-windows-gmsa-1.0.0.tgz
     version: 1.0.0
   rancher-windows-gmsa-crd:
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/namespace: cattle-windows-gmsa-system
+      catalog.cattle.io/release-name: rancher-windows-gmsa-crd
+    apiVersion: v1
+    created: "2022-09-26T16:24:43.952477917+05:30"
+    description: Installs the CRDs for Windows GMSA.
+    digest: 6724e8d4275fcc6fde7bae81779fb487de37676a5d9951fde61d9391ad832c78
+    name: rancher-windows-gmsa-crd
+    type: application
+    urls:
+    - assets/rancher-windows-gmsa-crd/rancher-windows-gmsa-crd-2.0.0.tgz
+    version: 2.0.0
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"