From 4c922778edbc598751f09ace618bd9ad0a15116c Mon Sep 17 00:00:00 2001
From: Josh Thornton <josh@speedscale.com>
Date: Fri, 17 Jun 2022 11:06:52 -0400
Subject: [PATCH 1/3] make prepare

---
 .../speedscale-operator/charts/.helmignore    |  23 ++
 .../speedscale-operator/charts/Chart.yaml     |  26 ++
 packages/speedscale-operator/charts/LICENSE   | 201 +++++++++++++
 packages/speedscale-operator/charts/README.md | 130 +++++++++
 .../speedscale-operator/charts/app-readme.md  | 130 +++++++++
 .../speedscale-operator/charts/questions.yaml |   9 +
 .../charts/templates/admission.yaml           | 127 ++++++++
 .../charts/templates/configmap.yaml           |  24 ++
 .../charts/templates/crds/trafficreplays.yaml | 273 ++++++++++++++++++
 .../charts/templates/deployments.yaml         | 114 ++++++++
 .../charts/templates/hooks.yaml               | 103 +++++++
 .../charts/templates/rbac.yaml                | 192 ++++++++++++
 .../charts/templates/secrets.yaml             |  21 ++
 .../charts/templates/services.yaml            |  20 ++
 .../charts/templates/tls.yaml                 |  25 ++
 .../speedscale-operator/charts/values.yaml    |  35 +++
 packages/speedscale-operator/package.yaml     |   2 +-
 17 files changed, 1454 insertions(+), 1 deletion(-)
 create mode 100644 packages/speedscale-operator/charts/.helmignore
 create mode 100644 packages/speedscale-operator/charts/Chart.yaml
 create mode 100644 packages/speedscale-operator/charts/LICENSE
 create mode 100644 packages/speedscale-operator/charts/README.md
 create mode 100644 packages/speedscale-operator/charts/app-readme.md
 create mode 100644 packages/speedscale-operator/charts/questions.yaml
 create mode 100644 packages/speedscale-operator/charts/templates/admission.yaml
 create mode 100644 packages/speedscale-operator/charts/templates/configmap.yaml
 create mode 100644 packages/speedscale-operator/charts/templates/crds/trafficreplays.yaml
 create mode 100644 packages/speedscale-operator/charts/templates/deployments.yaml
 create mode 100644 packages/speedscale-operator/charts/templates/hooks.yaml
 create mode 100644 packages/speedscale-operator/charts/templates/rbac.yaml
 create mode 100644 packages/speedscale-operator/charts/templates/secrets.yaml
 create mode 100644 packages/speedscale-operator/charts/templates/services.yaml
 create mode 100644 packages/speedscale-operator/charts/templates/tls.yaml
 create mode 100644 packages/speedscale-operator/charts/values.yaml

diff --git a/packages/speedscale-operator/charts/.helmignore b/packages/speedscale-operator/charts/.helmignore
new file mode 100644
index 000000000..0e8a0eb36
--- /dev/null
+++ b/packages/speedscale-operator/charts/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/packages/speedscale-operator/charts/Chart.yaml b/packages/speedscale-operator/charts/Chart.yaml
new file mode 100644
index 000000000..f357c028d
--- /dev/null
+++ b/packages/speedscale-operator/charts/Chart.yaml
@@ -0,0 +1,26 @@
+annotations:
+  catalog.cattle.io/certified: partner
+  catalog.cattle.io/display-name: Speedscale Operator
+  catalog.cattle.io/release-name: speedscale-operator
+apiVersion: v1
+appVersion: 1.0.29
+description: Stress test your APIs with real world scenarios.  Collect and replay
+  traffic without scripting.
+home: https://speedscale.com
+icon: https://raw.githubusercontent.com/speedscale/assets/main/logo/gold_logo_only.png
+keywords:
+- speedscale
+- test
+- testing
+- regression
+- reliability
+- load
+- replay
+- network
+- traffic
+kubeVersion: '>= 1.17.0-0'
+maintainers:
+- email: support@speedscale.com
+  name: Speedscale Support
+name: speedscale-operator
+version: 1.0.3
diff --git a/packages/speedscale-operator/charts/LICENSE b/packages/speedscale-operator/charts/LICENSE
new file mode 100644
index 000000000..b78723d62
--- /dev/null
+++ b/packages/speedscale-operator/charts/LICENSE
@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright 2021 Speedscale
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
diff --git a/packages/speedscale-operator/charts/README.md b/packages/speedscale-operator/charts/README.md
new file mode 100644
index 000000000..c8d27ddcf
--- /dev/null
+++ b/packages/speedscale-operator/charts/README.md
@@ -0,0 +1,130 @@
+# Speedscale Operator
+
+The [Speedscale](https://www.speedscale.com) Operator is a [Kubernetes operator](https://kubernetes.io/docs/concepts/extend-kubernetes/operator/)
+that watches for deployments to be applied to the cluster and takes action based on annotations. The operator
+can inject a proxy to capture traffic into or out of applications, or setup an isolation test environment around
+a deployment for testing. The operator itself is a deployment that will be always present on the cluster once
+the helm chart is installed.
+
+## Prerequisites
+
+- Kubernetes 1.16+
+- Helm 3+
+- Appropriate [network and firewall configuration](http://docs.speedscale.com/reference/networking) for Speedscale cloud and webhook traffic
+
+## Get Repo Info
+
+```bash
+helm repo add speedscale https://speedscale.github.io/operator-helm/
+helm repo update
+```
+
+_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._
+
+## Install Chart
+
+An API key is required. Sign up for a [free Speedscale trial](https://speedscale.com/free-trial/) if you do not have one.
+
+```bash
+helm install speedscale-operator speedscale/speedscale-operator \
+	-n speedscale \
+	--create-namespace \
+	--set apiKey=<YOUR-SPEEDSCALE-API-KEY> \
+	--set clusterName=<YOUR-CLUSTER-NAME>
+```
+
+_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._
+
+### Pre-install job failure
+
+We use pre-install job to check provided API key and provision some of the required resources.
+
+If the job failed during the installation, you'll see the following error during install:
+
+```
+Error: INSTALLATION FAILED: failed pre-install: job failed: BackoffLimitExceeded
+```
+
+You can inspect the logs using this command:
+
+```bash
+kubectl -n speedscale logs job/speedscale-operator-pre-install
+```
+
+After fixing the error, uninstall the helm release, delete the failed job
+and try installing again:
+
+```bash
+helm -n speedscale uninstall speedscale-operator
+kubectl -n speedscale delete job speedscale-operator-pre-install
+```
+
+## Uninstall Chart
+
+```bash
+helm -n speedscale uninstall speedscale-operator
+```
+
+This removes all the Kubernetes components associated with the chart and deletes the release.
+
+_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._
+
+CRDs created by this chart are not removed by default and should be manually cleaned up:
+
+```bash
+kubectl delete crd trafficreplays.speedscale.com
+```
+
+## Upgrading Chart
+
+```bash
+helm repo update
+helm -n speedscale upgrade speedscale-operator speedscale/speedscale-operator
+```
+
+With Helm v3, CRDs created by this chart are not updated by default
+and should be manually updated.
+Consult also the [Helm Documentation on CRDs](https://helm.sh/docs/chart_best_practices/custom_resource_definitions).
+
+_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._
+
+### Upgrading an existing Release to a new version
+
+A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an
+incompatible breaking change needing manual actions.
+
+### Upgrade to 1.0.3
+
+BEFORE UPGRADE:
+
+```bash
+kubectl -n speedscale delete secret speedscale-gcrcreds speedscale-apikey
+kubectl delete validatingwebhookconfigurations.admissionregistration.k8s.io speedscale-operator
+kubectl delete mutatingwebhookconfigurations.admissionregistration.k8s.io speedscale-operator
+```
+
+```bash
+kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.0.3/templates/crds/trafficreplays.yaml
+```
+
+### Upgrade to 1.0.0
+
+```bash
+kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.0.0/templates/crds/trafficreplays.yaml
+```
+
+### Upgrade to 0.12.3
+
+```bash
+kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/0.12.3/templates/crds/trafficreplays.yaml
+```
+
+### From version below 0.12.0 to 0.12.x
+This upgrades speedscale-operator to v0.12.x.
+
+Uninstall the previous release and install the chart from scratch.
+
+## Help
+
+Speedscale docs information available at [docs.speedscale.com](https://docs.speedscale.com) or join us
+on the [Speedscale community Slack](https://join.slack.com/t/speedscalecommunity/shared_invite/zt-x5rcrzn4-XHG1QqcHNXIM~4yozRrz8A)!
diff --git a/packages/speedscale-operator/charts/app-readme.md b/packages/speedscale-operator/charts/app-readme.md
new file mode 100644
index 000000000..c8d27ddcf
--- /dev/null
+++ b/packages/speedscale-operator/charts/app-readme.md
@@ -0,0 +1,130 @@
+# Speedscale Operator
+
+The [Speedscale](https://www.speedscale.com) Operator is a [Kubernetes operator](https://kubernetes.io/docs/concepts/extend-kubernetes/operator/)
+that watches for deployments to be applied to the cluster and takes action based on annotations. The operator
+can inject a proxy to capture traffic into or out of applications, or setup an isolation test environment around
+a deployment for testing. The operator itself is a deployment that will be always present on the cluster once
+the helm chart is installed.
+
+## Prerequisites
+
+- Kubernetes 1.16+
+- Helm 3+
+- Appropriate [network and firewall configuration](http://docs.speedscale.com/reference/networking) for Speedscale cloud and webhook traffic
+
+## Get Repo Info
+
+```bash
+helm repo add speedscale https://speedscale.github.io/operator-helm/
+helm repo update
+```
+
+_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._
+
+## Install Chart
+
+An API key is required. Sign up for a [free Speedscale trial](https://speedscale.com/free-trial/) if you do not have one.
+
+```bash
+helm install speedscale-operator speedscale/speedscale-operator \
+	-n speedscale \
+	--create-namespace \
+	--set apiKey=<YOUR-SPEEDSCALE-API-KEY> \
+	--set clusterName=<YOUR-CLUSTER-NAME>
+```
+
+_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._
+
+### Pre-install job failure
+
+We use pre-install job to check provided API key and provision some of the required resources.
+
+If the job failed during the installation, you'll see the following error during install:
+
+```
+Error: INSTALLATION FAILED: failed pre-install: job failed: BackoffLimitExceeded
+```
+
+You can inspect the logs using this command:
+
+```bash
+kubectl -n speedscale logs job/speedscale-operator-pre-install
+```
+
+After fixing the error, uninstall the helm release, delete the failed job
+and try installing again:
+
+```bash
+helm -n speedscale uninstall speedscale-operator
+kubectl -n speedscale delete job speedscale-operator-pre-install
+```
+
+## Uninstall Chart
+
+```bash
+helm -n speedscale uninstall speedscale-operator
+```
+
+This removes all the Kubernetes components associated with the chart and deletes the release.
+
+_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._
+
+CRDs created by this chart are not removed by default and should be manually cleaned up:
+
+```bash
+kubectl delete crd trafficreplays.speedscale.com
+```
+
+## Upgrading Chart
+
+```bash
+helm repo update
+helm -n speedscale upgrade speedscale-operator speedscale/speedscale-operator
+```
+
+With Helm v3, CRDs created by this chart are not updated by default
+and should be manually updated.
+Consult also the [Helm Documentation on CRDs](https://helm.sh/docs/chart_best_practices/custom_resource_definitions).
+
+_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._
+
+### Upgrading an existing Release to a new version
+
+A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an
+incompatible breaking change needing manual actions.
+
+### Upgrade to 1.0.3
+
+BEFORE UPGRADE:
+
+```bash
+kubectl -n speedscale delete secret speedscale-gcrcreds speedscale-apikey
+kubectl delete validatingwebhookconfigurations.admissionregistration.k8s.io speedscale-operator
+kubectl delete mutatingwebhookconfigurations.admissionregistration.k8s.io speedscale-operator
+```
+
+```bash
+kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.0.3/templates/crds/trafficreplays.yaml
+```
+
+### Upgrade to 1.0.0
+
+```bash
+kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.0.0/templates/crds/trafficreplays.yaml
+```
+
+### Upgrade to 0.12.3
+
+```bash
+kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/0.12.3/templates/crds/trafficreplays.yaml
+```
+
+### From version below 0.12.0 to 0.12.x
+This upgrades speedscale-operator to v0.12.x.
+
+Uninstall the previous release and install the chart from scratch.
+
+## Help
+
+Speedscale docs information available at [docs.speedscale.com](https://docs.speedscale.com) or join us
+on the [Speedscale community Slack](https://join.slack.com/t/speedscalecommunity/shared_invite/zt-x5rcrzn4-XHG1QqcHNXIM~4yozRrz8A)!
diff --git a/packages/speedscale-operator/charts/questions.yaml b/packages/speedscale-operator/charts/questions.yaml
new file mode 100644
index 000000000..29aee3895
--- /dev/null
+++ b/packages/speedscale-operator/charts/questions.yaml
@@ -0,0 +1,9 @@
+questions:
+- variable: apiKey
+  default: "fffffffffffffffffffffffffffffffffffffffffffff"
+  description: "An API key is required to connect to the Speedscale cloud."
+  required: true
+  type: string
+  label: API Key
+  group: Authentication
+
diff --git a/packages/speedscale-operator/charts/templates/admission.yaml b/packages/speedscale-operator/charts/templates/admission.yaml
new file mode 100644
index 000000000..649547435
--- /dev/null
+++ b/packages/speedscale-operator/charts/templates/admission.yaml
@@ -0,0 +1,127 @@
+{{- $cacrt := "" -}}
+{{- $crt := "" -}}
+{{- $key := "" -}}
+{{- $s := (lookup "v1" "Secret" .Release.Namespace "speedscale-webhook-certs") -}}
+{{- if $s -}}
+{{- $cacrt = index $s.data "ca.crt" | default (index $s.data "tls.crt") | b64dec -}}
+{{- $crt = index $s.data "tls.crt" | b64dec -}}
+{{- $key = index $s.data "tls.key" | b64dec -}}
+{{ else }}
+{{- $altNames := list ( printf "speedscale-operator.%s" .Release.Namespace ) ( printf "speedscale-operator.%s.svc" .Release.Namespace ) -}}
+{{- $ca := genCA "speedscale-operator" 3650 -}}
+{{- $cert := genSignedCert "speedscale-operator" nil $altNames 3650 $ca -}}
+{{- $cacrt = $ca.Cert -}}	
+{{- $crt = $cert.Cert -}}
+{{- $key = $cert.Key -}}
+{{- end -}}
+---
+apiVersion: v1
+data:
+  ca.crt: {{ $cacrt | b64enc }}
+  tls.crt: {{ $crt | b64enc }}
+  tls.key: {{ $key | b64enc }}
+kind: Secret
+metadata:
+  annotations:
+    helm.sh/hook: pre-install
+    helm.sh/hook-delete-policy: before-hook-creation
+  creationTimestamp: null
+  name: speedscale-webhook-certs
+  namespace: {{ .Release.Namespace }}
+type: kubernetes.io/tls
+---
+apiVersion: admissionregistration.k8s.io/v1
+kind: MutatingWebhookConfiguration
+metadata:
+  creationTimestamp: null
+  name: speedscale-operator
+webhooks:
+- admissionReviewVersions:
+  - v1
+  clientConfig:
+    caBundle: {{ $cacrt | b64enc }}
+    service:
+      name: speedscale-operator
+      namespace: {{ .Release.Namespace }}
+      path: /mutate
+  failurePolicy: Ignore
+  name: sidecar.speedscale.com
+  namespaceSelector: {}
+  rules:
+  - apiGroups:
+    - apps
+    - batch
+    apiVersions:
+    - v1
+    operations:
+    - CREATE
+    - UPDATE
+    - DELETE
+    resources:
+    - deployments
+    - statefulsets
+    - daemonsets
+    - jobs
+    - replicasets
+  sideEffects: None
+  timeoutSeconds: 10
+---
+apiVersion: admissionregistration.k8s.io/v1
+kind: ValidatingWebhookConfiguration
+metadata:
+  creationTimestamp: null
+  name: speedscale-operator-replay
+webhooks:
+- admissionReviewVersions:
+  - v1
+  clientConfig:
+    caBundle: {{ $cacrt | b64enc }}
+    service:
+      name: speedscale-operator
+      namespace: {{ .Release.Namespace }}
+      path: /validate-speedscale-com-v1-trafficreplay
+  failurePolicy: Fail
+  name: replay.speedscale.com
+  namespaceSelector: {}
+  rules:
+  - apiGroups:
+    - speedscale.com
+    apiVersions:
+    - v1
+    operations:
+    - CREATE
+    - UPDATE
+    resources:
+    - trafficreplays
+  sideEffects: None
+  timeoutSeconds: 10
+---
+apiVersion: admissionregistration.k8s.io/v1
+kind: MutatingWebhookConfiguration
+metadata:
+  creationTimestamp: null
+  name: speedscale-operator-replay
+webhooks:
+- admissionReviewVersions:
+  - v1
+  clientConfig:
+    caBundle: {{ $cacrt | b64enc }}
+    service:
+      name: speedscale-operator
+      namespace: {{ .Release.Namespace }}
+      path: /mutate-speedscale-com-v1-trafficreplay
+  failurePolicy: Fail
+  name: replay.speedscale.com
+  namespaceSelector: {}
+  rules:
+  - apiGroups:
+    - speedscale.com
+    apiVersions:
+    - v1
+    operations:
+    - CREATE
+    - UPDATE
+    resources:
+    - trafficreplays
+  sideEffects: None
+  timeoutSeconds: 10
diff --git a/packages/speedscale-operator/charts/templates/configmap.yaml b/packages/speedscale-operator/charts/templates/configmap.yaml
new file mode 100644
index 000000000..5d3d90237
--- /dev/null
+++ b/packages/speedscale-operator/charts/templates/configmap.yaml
@@ -0,0 +1,24 @@
+---
+apiVersion: v1
+data:
+  CLI_VERSION: v1.0.29
+  CLUSTER_NAME: {{ .Values.clusterName }}
+  IMAGE_PULL_POLICY: {{ .Values.image.pullPolicy }}
+  IMAGE_PULL_SECRETS: ""
+  IMAGE_REGISTRY: {{ .Values.image.registry }}
+  IMAGE_TAG: {{ .Values.image.tag }}
+  INSTALL_SOURCE: helm
+  INSTANCE_ID: '{{- $cm := (lookup "v1" "ConfigMap" .Release.Namespace "speedscale-operator")
+    -}}{{ if $cm }}{{ $cm.data.INSTANCE_ID }}{{ else }}{{ ( printf "%s-%s-%s" .Values.clusterName
+    .Release.Namespace uuidv4 ) }}{{ end }}'
+  LOG_LEVEL: {{ .Values.logLevel }}
+  SPEEDSCALE_DLP_CONFIG: {{ .Values.dlp.config }}
+  SPEEDSCALE_FILTER_RULE: {{ .Values.filterRule }}
+  TELEMETRY_INTERVAL: 2s
+  WITH_DLP: {{ .Values.dlp.enabled | quote }}
+  WITH_INSPECTOR: {{ .Values.dashboardAccess | quote }}
+kind: ConfigMap
+metadata:
+  creationTimestamp: null
+  name: speedscale-operator
+  namespace: {{ .Release.Namespace }}
diff --git a/packages/speedscale-operator/charts/templates/crds/trafficreplays.yaml b/packages/speedscale-operator/charts/templates/crds/trafficreplays.yaml
new file mode 100644
index 000000000..886af2a69
--- /dev/null
+++ b/packages/speedscale-operator/charts/templates/crds/trafficreplays.yaml
@@ -0,0 +1,273 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.8.0
+  creationTimestamp: null
+  name: trafficreplays.speedscale.com
+spec:
+  group: speedscale.com
+  names:
+    kind: TrafficReplay
+    listKind: TrafficReplayList
+    plural: trafficreplays
+    shortNames:
+    - replay
+    singular: trafficreplay
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .status.active
+      name: Active
+      type: boolean
+    - jsonPath: .spec.mode
+      name: Mode
+      type: string
+    - jsonPath: .status.conditions[-1:].message
+      name: Status
+      type: string
+    - jsonPath: .metadata.creationTimestamp
+      name: Age
+      type: date
+    name: v1
+    schema:
+      openAPIV3Schema:
+        description: TrafficReplay is the Schema for the trafficreplays API
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: TrafficReplaySpec defines the desired state of TrafficReplay
+            properties:
+              buildTag:
+                description: BuildTag links a unique tag, build hash, etc. to the
+                  generated traffic replay report. That way you can connect the report
+                  results to the version of the code that was tested.
+                type: string
+              cleanup:
+                description: Cleanup is the name of cleanup mode used for this TrafficReplay.
+                enum:
+                - inventory
+                - all
+                - none
+                type: string
+              collectLogs:
+                description: CollectLogs enables or disables log collection from target
+                  workload. Defaults to true.
+                type: boolean
+              configChecksum:
+                description: ConfigChecksum is the SHA1 checksum of the configuration.
+                type: string
+              customURL:
+                description: CustomURL allows to specify custom URL to SUT.
+                type: string
+              generatorLowData:
+                description: Setting GeneratorLowData to 'true' forces the generator
+                  into a high efficiency/low data output mode. This is ideal for high
+                  volume performance tests. Defaults to false.
+                type: boolean
+              injectSidecar:
+                description: InjectSidecar enables or disables sidecar injection during
+                  the replay. Defaults to false.
+                type: boolean
+              mode:
+                description: Mode is the name of replay mode used for this TrafficReplay.
+                enum:
+                - full-replay
+                - responder-only
+                - generator-only
+                type: string
+              proxyMode:
+                description: ProxyMode defines proxy operational mode used with injected
+                  sidecar.
+                type: string
+              responderLowData:
+                description: Setting ResponderLowData to 'true' forces the responder
+                  into a high efficiency/low data output mode. This is ideal for high
+                  volume performance tests. Defaults to false.
+                type: boolean
+              secretRefs:
+                description: SecretRefs hold the references to the secrets which contain
+                  various secrets like (e.g. short-lived JWTs to be used by the generator
+                  for authorization with HTTP calls).
+                items:
+                  description: LocalObjectReference contains enough information to
+                    locate the referenced Kubernetes resource object.
+                  properties:
+                    name:
+                      description: Name of the referent.
+                      type: string
+                  required:
+                  - name
+                  type: object
+                type: array
+              snapshotID:
+                description: SnapshotID is the id of the traffic snapshot for this
+                  TrafficReplay.
+                type: string
+              testConfigID:
+                description: TestConfigID is the id of the replay configuration to
+                  be used by the generator and responder for the TrafficReplay.
+                type: string
+              timeout:
+                description: Timeout is the time to wait for replay test to finish.
+                  Defaults to value of the `TIMEOUT` setting of the operator.
+                type: string
+              ttlAfterReady:
+                description: TTLAfterReady provides a TTL (time to live) mechanism
+                  to limit the lifetime of TrafficReplay object that have finished
+                  the execution and reached its final state (either complete or failed).
+                type: string
+              workloadRef:
+                description: The reference to the target workload (SUT - system under
+                  test) for TrafficReplay. The operations will be performed in the
+                  namespace of the target object.
+                properties:
+                  apiVersion:
+                    description: API version of the referent
+                    type: string
+                  kind:
+                    description: Kind of the referent
+                    type: string
+                  name:
+                    description: Name of the referent
+                    type: string
+                  namespace:
+                    description: Namespace of the referent, defaults to the TrafficReplay
+                      namespace
+                    type: string
+                required:
+                - kind
+                - name
+                type: object
+            required:
+            - snapshotID
+            - workloadRef
+            type: object
+          status:
+            default:
+              observedGeneration: -1
+            description: TrafficReplayStatus defines the observed state of TrafficReplay
+            properties:
+              active:
+                description: Active indicates whether this traffic replay is currently
+                  underway or not.
+                type: boolean
+              conditions:
+                items:
+                  description: "Condition contains details for one aspect of the current
+                    state of this API Resource. --- This struct is intended for direct
+                    use as an array at the field path .status.conditions.  For example,
+                    type FooStatus struct{ // Represents the observations of a foo's
+                    current state. // Known .status.conditions.type are: \"Available\",
+                    \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+                    // +listType=map // +listMapKey=type Conditions []metav1.Condition
+                    `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+                    protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
+                  properties:
+                    lastTransitionTime:
+                      description: lastTransitionTime is the last time the condition
+                        transitioned from one status to another. This should be when
+                        the underlying condition changed.  If that is not known, then
+                        using the time when the API field changed is acceptable.
+                      format: date-time
+                      type: string
+                    message:
+                      description: message is a human readable message indicating
+                        details about the transition. This may be an empty string.
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      description: observedGeneration represents the .metadata.generation
+                        that the condition was set based upon. For instance, if .metadata.generation
+                        is currently 12, but the .status.conditions[x].observedGeneration
+                        is 9, the condition is out of date with respect to the current
+                        state of the instance.
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      description: reason contains a programmatic identifier indicating
+                        the reason for the condition's last transition. Producers
+                        of specific condition types may define expected values and
+                        meanings for this field, and whether the values are considered
+                        a guaranteed API. The value should be a CamelCase string.
+                        This field may not be empty.
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      description: status of the condition, one of True, False, Unknown.
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      description: type of condition in CamelCase or in foo.example.com/CamelCase.
+                        --- Many .condition.type values are consistent across resources
+                        like Available, but because arbitrary conditions can be useful
+                        (see .node.status.conditions), the ability to deconflict is
+                        important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+              finishedTime:
+                description: Information when the traffic replay has finished.
+                format: date-time
+                type: string
+              initializedTime:
+                description: Information when the test environment was successfully
+                  prepared.
+                format: date-time
+                type: string
+              observedGeneration:
+                description: ObservedGeneration is the last observed generation.
+                format: int64
+                type: integer
+              reportID:
+                description: The id of the traffic replay report created.
+                type: string
+              reportURL:
+                description: The url to the traffic replay report.
+                type: string
+              startedTime:
+                description: Information when the traffic replay has started.
+                format: date-time
+                type: string
+              workloadHost:
+                description: WorkloadHost is the host address which is targeted during
+                  the traffic replay.
+                type: string
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []
diff --git a/packages/speedscale-operator/charts/templates/deployments.yaml b/packages/speedscale-operator/charts/templates/deployments.yaml
new file mode 100644
index 000000000..1575711be
--- /dev/null
+++ b/packages/speedscale-operator/charts/templates/deployments.yaml
@@ -0,0 +1,114 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  annotations:
+    operator.speedscale.com/ignore: "true"
+  creationTimestamp: null
+  labels:
+    app: speedscale-operator
+    controlplane.speedscale.com/component: operator
+  name: speedscale-operator
+  namespace: {{ .Release.Namespace }}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: speedscale-operator
+      controlplane.speedscale.com/component: operator
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      annotations:
+        checksum/config: |
+          {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+      creationTimestamp: null
+      labels:
+        app: speedscale-operator
+        controlplane.speedscale.com/component: operator
+    spec:
+      containers:
+      - command:
+        - /operator
+        env:
+        - name: POD_NAME
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: metadata.name
+        - name: POD_NAMESPACE
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: metadata.namespace
+        envFrom:
+        - configMapRef:
+            name: speedscale-operator
+        - secretRef:
+            name: speedscale-apikey
+            optional: false
+        image: '{{ .Values.image.registry }}/operator:{{ .Values.image.tag }}'
+        imagePullPolicy: {{ .Values.image.pullPolicy }}
+        livenessProbe:
+          failureThreshold: 3
+          httpGet:
+            path: /healthz
+            port: health-check
+            scheme: HTTP
+          initialDelaySeconds: 1
+          periodSeconds: 10
+          successThreshold: 1
+          timeoutSeconds: 2
+        name: operator
+        ports:
+        - containerPort: 9443
+          name: webhook-server
+        - containerPort: 8081
+          name: health-check
+        readinessProbe:
+          failureThreshold: 5
+          httpGet:
+            path: /readyz
+            port: health-check
+            scheme: HTTP
+          initialDelaySeconds: 5
+          periodSeconds: 1
+          successThreshold: 1
+          timeoutSeconds: 2
+        resources:
+          limits:
+            cpu: 100m
+            memory: 512Mi
+          requests:
+            cpu: 100m
+            memory: 128Mi
+        securityContext:
+          allowPrivilegeEscalation: false
+          privileged: false
+          readOnlyRootFilesystem: true
+          runAsNonRoot: true
+          runAsUser: 2100
+        volumeMounts:
+        - mountPath: /tmp
+          name: tmp
+        - mountPath: /tmp/k8s-webhook-server/serving-certs
+          name: webhook-certs
+          readOnly: true
+        - mountPath: /etc/ssl/speedscale
+          name: speedscale-tls-out
+          readOnly: true
+      securityContext:
+        runAsNonRoot: true
+      serviceAccountName: speedscale-operator
+      terminationGracePeriodSeconds: 10
+      volumes:
+      - emptyDir: {}
+        name: tmp
+      - name: webhook-certs
+        secret:
+          secretName: speedscale-webhook-certs
+      - name: speedscale-tls-out
+        secret:
+          secretName: speedscale-certs
+status: {}
diff --git a/packages/speedscale-operator/charts/templates/hooks.yaml b/packages/speedscale-operator/charts/templates/hooks.yaml
new file mode 100644
index 000000000..7ba9e8c0f
--- /dev/null
+++ b/packages/speedscale-operator/charts/templates/hooks.yaml
@@ -0,0 +1,103 @@
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  annotations:
+    helm.sh/hook: pre-install
+    helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
+    helm.sh/hook-weight: "4"
+  creationTimestamp: null
+  name: speedscale-operator-pre-install
+  namespace: {{ .Release.Namespace }}
+spec:
+  backoffLimit: 0
+  template:
+    metadata:
+      creationTimestamp: null
+    spec:
+      containers:
+      - args:
+        - |-
+          speedctl init --overwrite --no-rcfile-update \
+          --api-key {{ required "A valid .Values.apiKey is required!" .Values.apiKey }} \
+          --app-url {{ required "A valid .Values.appUrl is required!" .Values.appUrl }}
+        command:
+        - sh
+        - -c
+        image: '{{ .Values.image.registry }}/speedscale-cli:{{ .Values.image.tag }}'
+        imagePullPolicy: {{ .Values.image.pullPolicy }}
+        name: speedscale-cli
+        resources: {}
+      restartPolicy: Never
+status: {}
+---
+apiVersion: v1
+automountServiceAccountToken: true
+kind: ServiceAccount
+metadata:
+  annotations:
+    helm.sh/hook: pre-install
+    helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
+    helm.sh/hook-weight: "1"
+  creationTimestamp: null
+  labels:
+    app: speedscale-operator
+    controlplane.speedscale.com/component: operator
+  name: speedscale-operator-provisioning
+  namespace: {{ .Release.Namespace }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  annotations:
+    helm.sh/hook: pre-install
+    helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
+    helm.sh/hook-weight: "2"
+  creationTimestamp: null
+  name: speedscale-operator-provisioning
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - secrets
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - admissionregistration.k8s.io
+  resources:
+  - mutatingwebhookconfigurations
+  - validatingwebhookconfigurations
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  annotations:
+    helm.sh/hook: pre-install
+    helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
+    helm.sh/hook-weight: "3"
+  creationTimestamp: null
+  name: speedscale-operator-provisioning
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: speedscale-operator-provisioning
+subjects:
+- kind: ServiceAccount
+  name: speedscale-operator-provisioning
+  namespace: {{ .Release.Namespace }}
diff --git a/packages/speedscale-operator/charts/templates/rbac.yaml b/packages/speedscale-operator/charts/templates/rbac.yaml
new file mode 100644
index 000000000..e6c532b9c
--- /dev/null
+++ b/packages/speedscale-operator/charts/templates/rbac.yaml
@@ -0,0 +1,192 @@
+---
+apiVersion: v1
+automountServiceAccountToken: true
+imagePullSecrets:
+- name: speedscale-gcrcreds
+kind: ServiceAccount
+metadata:
+  creationTimestamp: null
+  labels:
+    app: speedscale-operator
+    controlplane.speedscale.com/component: operator
+  name: speedscale-operator
+  namespace: {{ .Release.Namespace }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  creationTimestamp: null
+  name: speedscale-operator
+rules:
+- apiGroups:
+  - apps
+  resources:
+  - deployments
+  - statefulsets
+  - daemonsets
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - apps
+  resources:
+  - replicasets
+  verbs:
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - batch
+  resources:
+  - jobs
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - namespaces
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  - secrets
+  - pods
+  - services
+  - serviceaccounts
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - pods/log
+  verbs:
+  - get
+  - list
+- apiGroups:
+  - ""
+  resources:
+  - nodes
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - metrics.k8s.io
+  resources:
+  - pods
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - policy
+  resources:
+  - podsecuritypolicies
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - use
+- apiGroups:
+  - rbac.authorization.k8s.io
+  resources:
+  - rolebindings
+  - roles
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - networking.istio.io
+  resources:
+  - envoyfilters
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - coordination.k8s.io
+  resources:
+  - leases
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - speedscale.com
+  resources:
+  - trafficreplays
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - speedscale.com
+  resources:
+  - trafficreplays/status
+  verbs:
+  - get
+  - update
+  - patch
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  creationTimestamp: null
+  name: speedscale-operator
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: speedscale-operator
+subjects:
+- kind: ServiceAccount
+  name: speedscale-operator
+  namespace: {{ .Release.Namespace }}
diff --git a/packages/speedscale-operator/charts/templates/secrets.yaml b/packages/speedscale-operator/charts/templates/secrets.yaml
new file mode 100644
index 000000000..097e29312
--- /dev/null
+++ b/packages/speedscale-operator/charts/templates/secrets.yaml
@@ -0,0 +1,21 @@
+---
+apiVersion: v1
+data:
+  .dockerconfigjson: eyJhdXRocyI6eyJnY3IuaW8iOnsidXNlcm5hbWUiOiJfanNvbl9rZXkiLCJwYXNzd29yZCI6IntcbiAgXCJ0eXBlXCI6IFwic2VydmljZV9hY2NvdW50XCIsXG4gIFwicHJvamVjdF9pZFwiOiBcInNwZWVkc2NhbGVcIixcbiAgXCJwcml2YXRlX2tleV9pZFwiOiBcIjQyNzU2ZWQ2NWU0ZGE3ZTE2ODEyOTgxOTk4ODFiZGZmOGZlODY1Y2NcIixcbiAgXCJwcml2YXRlX2tleVwiOiBcIi0tLS0tQkVHSU4gUFJJVkFURSBLRVktLS0tLVxcbk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRQzRwbHZ3TTEvek0xeWhcXG5hUFZvRDBQZjNMb0lnTDNDM2xNMGM0TVFNL2lsb2JSS3NObTA1WnRiVFhUVGx3RklxODJDVnl2NlU2U0hXM0V1XFxuaDdyQllFUmRTRHJLSTNNNEUyV3AxY3c5TkdKYTNuc1hGSWhLRmU3ZThSandsUk92eXlYLzE0UEVmN3NOdGlMVFxcbmtPK2JqckpxVEVpU2NCUFloUkQvRnFFZmJWQm9NYnZpdkVDQkY2dGRqcTVwRiswVmdiT2FEdnJqZ2dRdnVWdHVcXG5VYzlRcW5QaE1CU3Z3dE5oOTZGc2dncnVFQ1N6Z2UyYTVJRE5wYmYwb2U3ZTVycFU0c0hSb3l1ZWlOeU1ZSHpYXFxuUjQraGRFNTJnOXFLN3dYTStHUi9OREdMUkgxeDlhdjRZYlBURTZnOGtkcWdCQVp0c05KaDRwVUp6Y1VWMENJV1xcbmZuRFNlNkhGQWdNQkFBRUNnZ0VBSFNEdFB2cXp4N2RTQlFwOE1ESzhSOXZYb3hEQUhyWVkxUnpsejVBTFNRRzFcXG40ZFI5TzRxL0U4dW53dHMrOGhwY0hKUW8xV0FOZytiYWQzY2s4RzJCeTE5aUd0STEwbUpJOXQ1SnpsdnRxaDBQXFxudU9mZHlpWWtuUm5XajlsTWxqNUxXODFCTmFYYXVjS0NRdkxKd2JYa2tsMC9VNDZIcXUvdTZ2YkVheU5BL0hhYlxcblF0K1ROZlpaQW9MWmE0dnZrd0xLQ1VGNUkvenZnK21OTytZWllwV0V5QjR0U3JtMnpiWm96c3hMVFZ5TFR2WFVcXG5JZkFNYUE4UktyMGxIVXZ5WEZvd2l5N0F3bU5sanFCQlkyRkFXM3VyU3VOZ1YxdXdhQnRwN2w5OStaaCtiKzhPXFxuYW01QStuS2lvQk00TG54cGVwZThuVGkxU1Fsa3dZaG0zR0s5MktyZ3NRS0JnUURwWG1nZEZPbnpyaXhKYXRPZVxcbmt2RDR5L2d2WmNSdmJ1dDVwL0pZeFpBUnN5SytIM1RPMzJvK09sTm4rcG8vL2lPK0lvMTRaUUFKMm1MTU4vakhcXG5iM0hnTm1aV2dHRWk2blNBQ3QvYklPYUh2SHh5L0NtTEwzbTBUbjJnNzBScVZtVUpIMXZMQjhVUWlNY0ZHQnA3XFxuNFB4Tk4xeTZBY1BvUVRPVWlDT2tPZWZOeVFLQmdRREtqblhXVFEweGpjazdaVjIvRjBhYW8ybHRlTFpHdUZXQ1xcbjJnbTB0QSs5UUIzckhMcVZ4dWJwenZpd3dIclJHTlV0RDhRdjBJWU52TW11YSt1cXRVcFVaOE5LWXVDeWZQZ3VcXG5yWUxqUHlVVGxmOE4yaXVkYVIyZStVWDZCOWE0dXBYanJLdWtkWDM4SVlwZmJLS0RTQ3ZuZFlzT0x1ai9GeDRyXFxuMmVtdWRvL0NIUUtCZ0VTRmx0WnJMS0tEVXJlZjZWRVhYaS8vVy9rMnpXM1d5TWRvMjh6YS9ZbGs2dCtlUnVMelxcblVMUEMxbmlpYWFZK2plb25KUmpqdHhZdGpITGdRR2oydlI0VGV3c05HUGh5bFJCL29Pa3JpT1QwSUNwM0JnKzdcXG5PZVlLWWZMZUxsMTJ6cVhXRWxMVURqWGpvMlJJaG9ZM01uM05zcWxmR1ZIWnl6WmludXg2b0NpWkFvR0Fkb2R5XFxuc1JxWms5dlNXNjF2ZERqY21mVHg1cHR5bm1PVHRtUjh0WCtBamxBTXNkNDMyUmx4V25SQTFyMXJvUndVOHE5OVxcbk1EV25uRFpURm53VWhlcGNPcFFWbFZ2Uy9OOWdJNEJwVFMxUU51dlpPblBtZmRCYkF3SC9UdFp6Y2RuTmlGTXNcXG5oYW96Tk8wem1hOXFVY1JUM0xmTnpWanFBd3UySGhjQVJaVWZmb2tDZ1lFQWdhVEZhb1dnbENOazZtU0JlSXR2XFxuVjUxN3BOSFlXeHlpRzlwTDJIUUxFeDhwdkdWZFp1dUlONHdGdk13UzRldm1VeWN0dmkvMmc2R1FXdS9nYUFPVlxcblhuVXVtMi9xZ1grcTFjNEZFN0J4K3BGTFBCQkVBb1hodUwzSUZxczlRcGoxZG0wTG1tQjg0UHlFU0JEUzh1WGtcXG5lUWF3UkZHSHhpVzhhT1VnbWcxZ0FRQT1cXG4tLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tXFxuXCIsXG4gIFwiY2xpZW50X2VtYWlsXCI6IFwiZ2NycHVsbDJAc3BlZWRzY2FsZS5pYW0uZ3NlcnZpY2VhY2NvdW50LmNvbVwiLFxuICBcImNsaWVudF9pZFwiOiBcIjEwNzc4NTY0MDY5MzQzMzQ1MTc5OFwiLFxuICBcImF1dGhfdXJpXCI6IFwiaHR0cHM6Ly9hY2NvdW50cy5nb29nbGUuY29tL28vb2F1dGgyL2F1dGhcIixcbiAgXCJ0b2tlbl91cmlcIjogXCJodHRwczovL29hdXRoMi5nb29nbGVhcGlzLmNvbS90b2tlblwiLFxuICBcImF1dGhfcHJvdmlkZXJfeDUwOV9jZXJ0X3VybFwiOiBcImh0dHBzOi8vd3d3Lmdvb2dsZWFwaXMuY29tL29hdXRoMi92MS9jZXJ0c1wiLFxuICBcImNsaWVudF94NTA5X2NlcnRfdXJsXCI6IFwiaHR0cHM6Ly93d3cuZ29vZ2xlYXBpcy5jb20vcm9ib3QvdjEvbWV0YWRhdGEveDUwOS9nY3JwdWxsMiU0MHNwZWVkc2NhbGUuaWFtLmdzZXJ2aWNlYWNjb3VudC5jb21cIlxufSIsImVtYWlsIjoiZ2NycHVsbEBzcGVlZHNjYWxlLmlhbS5nc2VydmljZWFjY291bnQuY29tIiwiYXV0aCI6IlgycHpiMjVmYTJWNU9uc0tJQ0FpZEhsd1pTSTZJQ0p6WlhKMmFXTmxYMkZqWTI5MWJuUWlMQW9nSUNKd2NtOXFaV04wWDJsa0lqb2dJbk53WldWa2MyTmhiR1VpTEFvZ0lDSndjbWwyWVhSbFgydGxlVjlwWkNJNklDSTBNamMxTm1Wa05qVmxOR1JoTjJVeE5qZ3hNams0TVRrNU9EZ3hZbVJtWmpobVpUZzJOV05qSWl3S0lDQWljSEpwZG1GMFpWOXJaWGtpT2lBaUxTMHRMUzFDUlVkSlRpQlFVa2xXUVZSRklFdEZXUzB0TFMwdFhHNU5TVWxGZGxGSlFrRkVRVTVDWjJ0eGFHdHBSemwzTUVKQlVVVkdRVUZUUTBKTFkzZG5aMU5xUVdkRlFVRnZTVUpCVVVNMGNHeDJkMDB4TDNwTk1YbG9YRzVoVUZadlJEQlFaak5NYjBsblRETkRNMnhOTUdNMFRWRk5MMmxzYjJKU1MzTk9iVEExV25SaVZGaFVWR3gzUmtseE9ESkRWbmwyTmxVMlUwaFhNMFYxWEc1b04zSkNXVVZTWkZORWNrdEpNMDAwUlRKWGNERmpkemxPUjBwaE0yNXpXRVpKYUV0R1pUZGxPRkpxZDJ4U1QzWjVlVmd2TVRSUVJXWTNjMDUwYVV4VVhHNXJUeXRpYW5KS2NWUkZhVk5qUWxCWmFGSkVMMFp4UldaaVZrSnZUV0oyYVhaRlEwSkdOblJrYW5FMWNFWXJNRlpuWWs5aFJIWnlhbWRuVVhaMVZuUjFYRzVWWXpsUmNXNVFhRTFDVTNaM2RFNW9PVFpHYzJkbmNuVkZRMU42WjJVeVlUVkpSRTV3WW1Zd2IyVTNaVFZ5Y0ZVMGMwaFNiM2wxWldsT2VVMVpTSHBZWEc1U05DdG9aRVUxTW1jNWNVczNkMWhOSzBkU0wwNUVSMHhTU0RGNE9XRjJORmxpVUZSRk5tYzRhMlJ4WjBKQlduUnpUa3BvTkhCVlNucGpWVll3UTBsWFhHNW1ia1JUWlRaSVJrRm5UVUpCUVVWRFoyZEZRVWhUUkhSUWRuRjZlRGRrVTBKUmNEaE5SRXM0VWpsMldHOTRSRUZJY2xsWk1WSjZiSG8xUVV4VFVVY3hYRzQwWkZJNVR6UnhMMFU0ZFc1M2RITXJPR2h3WTBoS1VXOHhWMEZPWnl0aVlXUXpZMnM0UnpKQ2VURTVhVWQwU1RFd2JVcEpPWFExU25wc2RuUnhhREJRWEc1MVQyWmtlV2xaYTI1U2JsZHFPV3hOYkdvMVRGYzRNVUpPWVZoaGRXTkxRMUYyVEVwM1lsaHJhMnd3TDFVME5raHhkUzkxTm5aaVJXRjVUa0V2U0dGaVhHNVJkQ3RVVG1aYVdrRnZURnBoTkhaMmEzZE1TME5WUmpWSkwzcDJaeXR0VGs4cldWcFpjRmRGZVVJMGRGTnliVEo2WWxwdmVuTjRURlJXZVV4VWRsaFZYRzVKWmtGTllVRTRVa3R5TUd4SVZYWjVXRVp2ZDJsNU4wRjNiVTVzYW5GQ1Fsa3lSa0ZYTTNWeVUzVk9aMVl4ZFhkaFFuUndOMnc1T1N0YWFDdGlLemhQWEc1aGJUVkJLMjVMYVc5Q1RUUk1ibmh3WlhCbE9HNVVhVEZUVVd4cmQxbG9iVE5IU3preVMzSm5jMUZMUW1kUlJIQlliV2RrUms5dWVuSnBlRXBoZEU5bFhHNXJka1EwZVM5bmRscGpVblppZFhRMWNDOUtXWGhhUVZKemVVc3JTRE5VVHpNeWJ5dFBiRTV1SzNCdkx5OXBUeXRKYnpFMFdsRkJTakp0VEUxT0wycElYRzVpTTBoblRtMWFWMmRIUldrMmJsTkJRM1F2WWtsUFlVaDJTSGg1TDBOdFRFd3piVEJVYmpKbk56QlNjVlp0VlVwSU1YWk1RamhWVVdsTlkwWkhRbkEzWEc0MFVIaE9UakY1TmtGalVHOVJWRTlWYVVOUGEwOWxaazU1VVV0Q1oxRkVTMnB1V0ZkVVVUQjRhbU5yTjFwV01pOUdNR0ZoYnpKc2RHVk1Xa2QxUmxkRFhHNHlaMjB3ZEVFck9WRkNNM0pJVEhGV2VIVmljSHAyYVhkM1NISlNSMDVWZEVRNFVYWXdTVmxPZGsxdGRXRXJkWEYwVlhCVldqaE9TMWwxUTNsbVVHZDFYRzV5V1V4cVVIbFZWR3htT0U0eWFYVmtZVkl5WlN0VldEWkNPV0UwZFhCWWFuSkxkV3RrV0RNNFNWbHdabUpMUzBSVFEzWnVaRmx6VDB4MWFpOUdlRFJ5WEc0eVpXMTFaRzh2UTBoUlMwSm5SVk5HYkhSYWNreExTMFJWY21WbU5sWkZXRmhwTHk5WEwyc3llbGN6VjNsTlpHOHlPSHBoTDFsc2F6WjBLMlZTZFV4NlhHNVZURkJETVc1cGFXRmhXU3RxWlc5dVNsSnFhblI0V1hScVNFeG5VVWRxTW5aU05GUmxkM05PUjFCb2VXeFNRaTl2VDJ0eWFVOVVNRWxEY0ROQ1p5czNYRzVQWlZsTFdXWk1aVXhzTVRKNmNWaFhSV3hNVlVScVdHcHZNbEpKYUc5Wk0wMXVNMDV6Y1d4bVIxWklXbmw2V21sdWRYZzJiME5wV2tGdlIwRmtiMlI1WEc1elVuRmFhemwyVTFjMk1YWmtSR3BqYldaVWVEVndkSGx1YlU5VWRHMVNPSFJZSzBGcWJFRk5jMlEwTXpKU2JIaFhibEpCTVhJeGNtOVNkMVU0Y1RrNVhHNU5SRmR1YmtSYVZFWnVkMVZvWlhCalQzQlJWbXhXZGxNdlRqbG5TVFJDY0ZSVE1WRk9kWFphVDI1UWJXWmtRbUpCZDBndlZIUmFlbU5rYms1cFJrMXpYRzVvWVc5NlRrOHdlbTFoT1hGVlkxSlVNMHhtVG5wV2FuRkJkM1V5U0doalFWSmFWV1ptYjJ0RFoxbEZRV2RoVkVaaGIxZG5iRU5PYXpadFUwSmxTWFIyWEc1V05URTNjRTVJV1ZkNGVXbEhPWEJNTWtoUlRFVjRPSEIyUjFaa1duVjFTVTQwZDBaMlRYZFROR1YyYlZWNVkzUjJhUzh5WnpaSFVWZDFMMmRoUVU5V1hHNVlibFYxYlRJdmNXZFlLM0V4WXpSR1JUZENlQ3R3Umt4UVFrSkZRVzlZYUhWTU0wbEdjWE01VVhCcU1XUnRNRXh0YlVJNE5GQjVSVk5DUkZNNGRWaHJYRzVsVVdGM1VrWkhTSGhwVnpoaFQxVm5iV2N4WjBGUlFUMWNiaTB0TFMwdFJVNUVJRkJTU1ZaQlZFVWdTMFZaTFMwdExTMWNiaUlzQ2lBZ0ltTnNhV1Z1ZEY5bGJXRnBiQ0k2SUNKblkzSndkV3hzTWtCemNHVmxaSE5qWVd4bExtbGhiUzVuYzJWeWRtbGpaV0ZqWTI5MWJuUXVZMjl0SWl3S0lDQWlZMnhwWlc1MFgybGtJam9nSWpFd056YzROVFkwTURZNU16UXpNelExTVRjNU9DSXNDaUFnSW1GMWRHaGZkWEpwSWpvZ0ltaDBkSEJ6T2k4dllXTmpiM1Z1ZEhNdVoyOXZaMnhsTG1OdmJTOXZMMjloZFhSb01pOWhkWFJvSWl3S0lDQWlkRzlyWlc1ZmRYSnBJam9nSW1oMGRIQnpPaTh2YjJGMWRHZ3lMbWR2YjJkc1pXRndhWE11WTI5dEwzUnZhMlZ1SWl3S0lDQWlZWFYwYUY5d2NtOTJhV1JsY2w5NE5UQTVYMk5sY25SZmRYSnNJam9nSW1oMGRIQnpPaTh2ZDNkM0xtZHZiMmRzWldGd2FYTXVZMjl0TDI5aGRYUm9NaTkyTVM5alpYSjBjeUlzQ2lBZ0ltTnNhV1Z1ZEY5NE5UQTVYMk5sY25SZmRYSnNJam9nSW1oMGRIQnpPaTh2ZDNkM0xtZHZiMmRzWldGd2FYTXVZMjl0TDNKdlltOTBMM1l4TDIxbGRHRmtZWFJoTDNnMU1Ea3ZaMk55Y0hWc2JESWxOREJ6Y0dWbFpITmpZV3hsTG1saGJTNW5jMlZ5ZG1salpXRmpZMjkxYm5RdVkyOXRJZ3A5In19fQ==
+kind: Secret
+metadata:
+  creationTimestamp: null
+  name: speedscale-gcrcreds
+  namespace: {{ .Release.Namespace }}
+type: kubernetes.io/dockerconfigjson
+---
+apiVersion: v1
+data:
+  SPEEDSCALE_API_KEY: {{ .Values.apiKey | b64enc }}
+  SPEEDSCALE_APP_URL: {{ .Values.appUrl | b64enc }}
+kind: Secret
+metadata:
+  creationTimestamp: null
+  name: speedscale-apikey
+  namespace: {{ .Release.Namespace }}
+type: Opaque
diff --git a/packages/speedscale-operator/charts/templates/services.yaml b/packages/speedscale-operator/charts/templates/services.yaml
new file mode 100644
index 000000000..d6169bbf3
--- /dev/null
+++ b/packages/speedscale-operator/charts/templates/services.yaml
@@ -0,0 +1,20 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  creationTimestamp: null
+  labels:
+    app: speedscale-operator
+    controlplane.speedscale.com/component: operator
+  name: speedscale-operator
+  namespace: {{ .Release.Namespace }}
+spec:
+  ports:
+  - port: 443
+    protocol: TCP
+    targetPort: 9443
+  selector:
+    app: speedscale-operator
+    controlplane.speedscale.com/component: operator
+status:
+  loadBalancer: {}
diff --git a/packages/speedscale-operator/charts/templates/tls.yaml b/packages/speedscale-operator/charts/templates/tls.yaml
new file mode 100644
index 000000000..54404314f
--- /dev/null
+++ b/packages/speedscale-operator/charts/templates/tls.yaml
@@ -0,0 +1,25 @@
+{{- $crt := "" -}}
+{{- $key := "" -}}
+{{- $s := (lookup "v1" "Secret" .Release.Namespace "speedscale-certs") -}}
+{{- if $s -}}
+{{- $crt = index $s.data "tls.crt" | b64dec -}}
+{{- $key = index $s.data "tls.key" | b64dec -}}
+{{ else }}
+{{- $cert := genCA "Speedscale" 3650 -}}
+{{- $crt = $cert.Cert -}}
+{{- $key = $cert.Key -}}
+{{- end -}}
+---
+apiVersion: v1
+data:
+  tls.crt: {{ $crt | b64enc }}
+  tls.key: {{ $key | b64enc }}
+kind: Secret
+metadata:
+  annotations:
+    helm.sh/hook: pre-install
+    helm.sh/hook-delete-policy: before-hook-creation
+  creationTimestamp: null
+  name: speedscale-certs
+  namespace: {{ .Release.Namespace }}
+type: kubernetes.io/tls
diff --git a/packages/speedscale-operator/charts/values.yaml b/packages/speedscale-operator/charts/values.yaml
new file mode 100644
index 000000000..e0aab2836
--- /dev/null
+++ b/packages/speedscale-operator/charts/values.yaml
@@ -0,0 +1,35 @@
+# An API key is required to connect to the Speedscale cloud.
+# If you need a key email support@speedscale.com.
+apiKey: ""
+# Speedscale domain to use.
+appUrl: "app.speedscale.com"
+
+# The name of your cluster.
+clusterName: "my-cluster"
+
+# Speedscale components image settings.
+image:
+    registry: gcr.io/speedscale
+    tag: v1.0.29
+    pullPolicy: Always
+
+# Log level for Speedscale components.
+logLevel: "info"
+
+# Namespaces to be watched by Speedscale Operator.
+namespaceSelector: {}
+
+# Instructs operator to deploy resources necessary to interact with your cluster from the Speedscale dashboard.
+dashboardAccess: true
+
+# Filter Rule to apply to the Speedscale Forwarder
+filterRule: "standard"
+
+# Data Loss Prevention settings.
+dlp:
+    
+    # Instructs operator to enable data loss prevention features
+    enabled: false
+    
+    # Configuration for data loss prevention
+    config: "standard"
diff --git a/packages/speedscale-operator/package.yaml b/packages/speedscale-operator/package.yaml
index 60c244b40..33b64923c 100644
--- a/packages/speedscale-operator/package.yaml
+++ b/packages/speedscale-operator/package.yaml
@@ -1,2 +1,2 @@
-url: https://github.com/speedscale/operator-helm/raw/main/speedscale-operator-0.11.43.tgz
+url: https://github.com/speedscale/operator-helm/raw/main/speedscale-operator-1.0.3.tgz
 packageVersion: 00

From b57ee9570b754d4705b3a2b19254d5be9770bdb7 Mon Sep 17 00:00:00 2001
From: Josh Thornton <josh@speedscale.com>
Date: Fri, 17 Jun 2022 11:07:18 -0400
Subject: [PATCH 2/3] make charts

---
 .../speedscale-operator-1.0.300.tgz           | Bin 0 -> 18744 bytes
 .../speedscale-operator/1.0.300/.helmignore   |  23 ++
 .../speedscale-operator/1.0.300/Chart.yaml    |  26 ++
 .../speedscale-operator/1.0.300/LICENSE       | 201 +++++++++++++
 .../speedscale-operator/1.0.300/README.md     | 130 +++++++++
 .../speedscale-operator/1.0.300/app-readme.md | 130 +++++++++
 .../1.0.300/questions.yaml                    |   9 +
 .../1.0.300/templates/admission.yaml          | 127 ++++++++
 .../1.0.300/templates/configmap.yaml          |  24 ++
 .../templates/crds/trafficreplays.yaml        | 273 ++++++++++++++++++
 .../1.0.300/templates/deployments.yaml        | 114 ++++++++
 .../1.0.300/templates/hooks.yaml              | 103 +++++++
 .../1.0.300/templates/rbac.yaml               | 192 ++++++++++++
 .../1.0.300/templates/secrets.yaml            |  21 ++
 .../1.0.300/templates/services.yaml           |  20 ++
 .../1.0.300/templates/tls.yaml                |  25 ++
 .../speedscale-operator/1.0.300/values.yaml   |  35 +++
 index.yaml                                    |  30 ++
 18 files changed, 1483 insertions(+)
 create mode 100644 assets/speedscale-operator/speedscale-operator-1.0.300.tgz
 create mode 100644 charts/speedscale-operator/speedscale-operator/1.0.300/.helmignore
 create mode 100644 charts/speedscale-operator/speedscale-operator/1.0.300/Chart.yaml
 create mode 100644 charts/speedscale-operator/speedscale-operator/1.0.300/LICENSE
 create mode 100644 charts/speedscale-operator/speedscale-operator/1.0.300/README.md
 create mode 100644 charts/speedscale-operator/speedscale-operator/1.0.300/app-readme.md
 create mode 100644 charts/speedscale-operator/speedscale-operator/1.0.300/questions.yaml
 create mode 100644 charts/speedscale-operator/speedscale-operator/1.0.300/templates/admission.yaml
 create mode 100644 charts/speedscale-operator/speedscale-operator/1.0.300/templates/configmap.yaml
 create mode 100644 charts/speedscale-operator/speedscale-operator/1.0.300/templates/crds/trafficreplays.yaml
 create mode 100644 charts/speedscale-operator/speedscale-operator/1.0.300/templates/deployments.yaml
 create mode 100644 charts/speedscale-operator/speedscale-operator/1.0.300/templates/hooks.yaml
 create mode 100644 charts/speedscale-operator/speedscale-operator/1.0.300/templates/rbac.yaml
 create mode 100644 charts/speedscale-operator/speedscale-operator/1.0.300/templates/secrets.yaml
 create mode 100644 charts/speedscale-operator/speedscale-operator/1.0.300/templates/services.yaml
 create mode 100644 charts/speedscale-operator/speedscale-operator/1.0.300/templates/tls.yaml
 create mode 100644 charts/speedscale-operator/speedscale-operator/1.0.300/values.yaml

diff --git a/assets/speedscale-operator/speedscale-operator-1.0.300.tgz b/assets/speedscale-operator/speedscale-operator-1.0.300.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..0a9d242273fe795068470fc3cad88962c70d8f2c
GIT binary patch
literal 18744
zcmV)7K*zryiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0POvFccVzQD2n&L*PkMetM97JzLpG<m0kAv)j2=g60(#A*$4uO
zs(RT0gajfOl0k#3>wfmPA_5Q^Y-iSx)qP&FYE@bg!;T$$j$x-U#!hM@f*Vnc6O={C
z`K^nRthqq}`OEL}2!bHIySQNg3WBizuh?q0{vuwqI&D$BXtgf>B8VNa_3ke~_<g#6
z`N`7^C4Uiqb6@*|`!{(|7)BY&yeLesP5`h`hDbDT+9=BiZhFzVjg!oqdDyuEF-o!!
zCr67pUK$g$X@n@iS72OG6&Mv%b+lH32}UU{Y8|1)6BK(8C#e^OS70fgpg696icO)}
zx;$}kYA0Ttv3KJv!D$LIoMvDX<q5cc7^Gn3WiCiCB48CI!~v;|LzH+?+63S>A_UtR
zK%oN?Ovi8nK$f7{%(Gd=D9=FALpX1qxDf@_&9XSXIzQin+_a<M#Iq?7<;MiAnsYC6
zb1P4AVn<<y!;F@zRXay%inH`QKwfxGqIq;akBIYu{`DaW$)*{H^AjI$R#D=lS0{}c
zl1>_IoW(z0I6rBC1kWh~yeMQph=(kXc-iKp0Z4=#_L7aU0YaRuqQs}w`Djo4+`<)h
zzx}W8f!GxP-V_?bw<i?540$0=7!Wu>9=QT(9>-CV{r~r{0KfqijCskE=O=nupVqb@
zoc!6G@&AqInEYQNlH>IEQvk2Y|9670FaO)`+F#}Wmw3Jb*C7>>z{eZlr69o{b1%UT
z$Rc1zVMs+|7J<ygb#}H%lsnCnZ@^$i#ViOhb^u~+FwyXgWN1=x{vL0x!0GA9H}wXc
zh)NjRQ=Vd4EY=fp1x`^MH+S1OJvsRXXf9?l21GM1=53Ov8BUrf#UBcjGpE6(QM_Q)
z>LZAPI0|u?rN9f&9D@{RREDO_6ZV@bLqNr;muAW43e4?<Dy*9HrQb6&r)r5SBKjiE
z33-T!XK${+HCdreO8dQ!=78WOCSVpN$DwGRkZ68S%Upp|FPudTU^<L6MmA0<YAg&^
zD6?Jc0Bdth$2OUKWfjJlYPBf20zdykTN;FEmgIJpf|AW?iw=%Sv;hfDqdcL#gxJPu
zijoce>V+9jkezY;S;sS&B~h?X6b?#VD?*9WJgNS?wrP7;AWL#g!H_&ctE)M|v<DQ&
zWOIbRq$pXT#KFnQj8&lJufS=Vq0m8z!*J6@83OlFnu3P}FL6i>fZ8lNB<6F-{`VXL
zaEL4hdWHa@ZN=NRW*B98f>YK2FX&u>86qjJH+&m~GjE<Jh*ye|qph*RHY>U_kUyLM
zkIDZG2QfhzPS24Oc+8skP0HXE`TtH3#9jH{5`>QMRsMg8=jWdr;IB5alMGya4^B@(
z<CkAf_{+mrRKD-MO6iL?B#Qhz2B%B$6r7H+o#5;gG*xchH!CRyPHW`0!j>CFeuFv~
z>FL|5NpD75-Gaej`yP0qgV*4%X_Il+sg0U;lAVHo0te4fPBQRjuS7;tR^%=CC$QdK
zIN07D+d-3Mg(KzZz>k*q@#dgBz$C?>tcpm+#!vA?yfg!EK%97CHrqi)$$QQJogPKp
z+gGbK)201P)fz4-6muNjULS4d6tv%Ugj#vbX<&}Su{RH~b4y<wuNiuzHdxjU?eAb7
z|7xQqYo_tbFaN7P8?3kLQyuU8%X_@3KH$({e>WP9eGie&4fkZ}WL|-ve=hrG(}Y8t
zP7MIXY!?NNe)g%QLO)Y5>YsftbglrW^OFE)sO)sln+CweBxt7YIi>U~sty`nm}ZEO
zgRcz-6P)2jTv!hlo<#|6a2820DwIh1r{)DX%}@|ufiP#y9k^CI3|16iB*6xCgi?O_
z<s{q0_zF-*FbQ#nQ)=^MBt1ZMr5FkeiNVzLzhf1aVu2w!r^pEB28U!vQ|{pHGe%W8
zjK%PnKU#sK;-!aI1(<9O8k8siu!)Dmj6=Yu#zr@J=n(uoi2#t|Wa-(3G58WN+wZSo
zn3s%E=3asGfFg)m6EozIJi(>uIGBe~g15u>9BiYcdDPE7H1_~Va)OJ|quA>wQ63ir
zNngZi@ux+tN%r@4ZmV((ZJ@B0>K|^^-nG^%e&`R~?T>EnzE}LHOv<trH#Gxl>lSZP
zI`&ykQe3@q5DucS_F@rP<(~<TiD#qYBSlGXHp6z7UI8TvDY7yzz)_x!u^oj@dIdz`
zSJEv+#B=^I%54-OnEwd`yyTd|jar*_6f~A%qlhY1F||Dsmyox`5-;@o(Dy+jzYldE
z5cJOY{&14~BSq=|B!c7;^(#4kGCBU)4#?N%PkmnY|9QY7K=B{x|BIc!cMkmji?9Cw
z7kOUrpl<I6A7D=%4@OEo$a#COkF}oqLAjQDTq;ApUQi3Ya<M#+ulv0Z5BmN6hlkPq
z;C8xGoP}AN+kojoopJA0?P+5cEG|E&z5ZaVsmEF>W3}~mwCnznk{Oy8g_N;&O?w*Y
z>TU0e`D5j4<+k@>(7giRau+o?jB{|+C!_e)P)Fq@zvaUEmtTJVnZ-Hm0I<LRY6mQ+
z(5!XMzZ9{ApMS0e0RDH{VE>&SLp|%^2t0Z2Im-+1wrDnVz%Rdidji1ysQ=-<2YdHB
zh$@5898cqiUavd8y}s{#=-xkkxE(3dU>C6tiJM$l9Mq5o_mo^z{eG8Rwvk<4MeE)7
z<esKZKMWMDr^4&|E6}2f%ou2QwBLgci<m6<C-|60S<wtDJy6CEy<2Uh?$+6jO4sXg
zBdeOx-|U=zn&t9mGym)IKXKCYUCZKEXo8pJe_Lo>?5+Q`T0*<?RsMg8=fE3@J-p6v
z$gI-?FXT2)vnWst+p~*jUg#ZoAO}G(I|{QTA_OOmIS!kCZec6;h=bXZTD9=M6q?^P
zg->9(J%Ze`u+tdZwBI>3!><nQZ^oD$Fg_@aH>Z}K0bp_3_lMu^y)@&id?Zg0*$0IC
zH*S>h80b|kZc((Gdf_}LDA}t?jdeSU@zr*{&p82Lx#M#o$6=^O<RM`TbGH%6gRP^m
zNTcw9`9RGyLs_0Sk)3%<yyIwH*I)5ipA|&}qwq*8F}9mQ<m|Q}Z(s2GX_k25{8=EV
zqru=#e`ttTKQ#lKrf9y~=9m@zq*hBhYaY<Z?l|YWKsr3iR(>wLt<-jLfJ#?1ig9@T
zFo5mx&T9a6HW=*?1n^S6a>;72wLkiEmn^{b!=P#_PN<a4yplZlQ)9r|+r6H@rNHr0
zz@eOndFKV0V5b-lh-M&j*;0O-;1q`$sum!(Pc#E41d+ACcGd)AoX}<{_2$H(47<ch
z1`=#X^U!;$+D^;0TBaVdy*3$HhKK;Rf#i&BsS3~rB$)OB^03xkvBw0+QG$UN&Z6zM
zskxVxg2#@6AP>E4bIxRlXXROxq~{JbP0mwq-av`%dKtE}Ji+HE_8JUyw&I#L1LvE{
zP5yQV)&nBr50eKk%m9@Mbk0#xm5*YJX!?p`N9~QZ%0p+9v5$R*_ie>=I|USBUO2-E
zpTugR9fwXFd11zW@Yu^<qiJphUdFd@;54Ii)daUp8UqW1Jf>XWG{GPQw<y5mmf9nK
z^aM~$rwxkOPn&|eBH1s@u~z#~iuz~fYlm0IF}8R3#=$Au=)%I#lphZDK=~Z!TKX_O
zrlI-%`#nf*iei9xp-<^25512$1{s>4@iu^qQuhqt%x)GucF-aKa~x6=4Lj8aMJ{9L
zKT(o3f##wNtk8yS%CS+n-NNJIqR^3M6P)HGt9ZK*C|r(UU`Gz6Vb(C;S&5zIK`YNp
zCw*+HU-I}B6y5StrARGz_Y{=@RYV|9u~SG{FWsH5Lx^yg2Zwz&fXC=FN;XHnl?!vb
zZ$lnD`}6_xEv5I-{D5Be2fZy>>@Z0|lmN#|`QId(m#wkQB}^EgWR8zb<0?vg5+SDv
zx_n8T&uEh4=ccQ!`|IFSFX-0Awx1qD;ob=9g)4=4cP#?Dd|44vEoS|B6vWI<UA=z|
zn6ez5$Y{mJPi2HR+Z1g8`Z0^ZSl2!af`ap+<UU$;55&^}AY;A_3H0}>(XPLxGx9AZ
zW4n+<RpUn{)eEx-AmDm)7hp>69uDozIf+($n^BZ!ah@^upzQCZbP7BNBfi&+);rSb
zlG=_K#5kEnNq|DCrKrl-B^|ca>GNpE3#o`6^YzMCkTj^5Jxcz?x@XZUGko$Rlf!`G
z0**?8-#P}0%U3|BR`9;0Dn#+`C#YsQA&ulv8-c>DNaHAUaMFlEa;!i_RmTgwK<sf6
ztvB-PSa>MQReF`x+^%9EQbPyZM9627xi|Yyxyb!FkXA_eJhoK#svT#`s_}n+woKVp
z6&253Q%K{gAaEn%6nL271c${YRQiTDmx7h+*)DVMk+<I^8xKmnC{L^M#PczDgPZdv
z_mdmMTVe+c4XxbY$|%L!yebwc5>cMHQQ|%EjhBqP?lkQI*octy?ID7^3<pQXzlVYQ
z$VOzuEKRi>csWF>q@#T9GJ81*c*j|Eq)7lsWK+9x2Z0WFU+t{f`Uiy*cBGZ(?N0tM
zZ}#Yyy+J93jH*F%v_tSRy8*^>e1rJ0ej5y;W77G!{a*iwlH@?nr6Gz_H_8Ux*T}Xi
zSW0EjDaTuy%4K7fTs{KlE0X#J)KEU<w$Q7<YPF(=;1+6R$5=W}W6!Zmag?bLUR6}$
zH;j$18oxFyUaA}stwfo6g*=Y(VqolO7L{UN=%wy4BCN|g?qC<F`G+=;dm~-@N4d?r
z{7`L!{H#%B<a(CjM8(M2yf!xNep{BZ<<fI7_2V?{9=s`sN~PIb5MbLyp_c~7_<$A)
zJnoMXZ-!abec!VT4=|_8MN3>D>!{jfv4J(Vb4Dn9>Jd95;AJVTh)Ch$zQJDR;)ESK
zAej2R3EKsMog>2X1;mwphKgsep{*|bO69@*m#P);W~^(V0n$yH;Q-{%C|pW5Zy6o!
z(lP5}yKMrjJVGdE6grfmA$-Q0u2yI&Nx>m|P9DE3jh~C*9YxIb!(iXdF2(ZE%CE@e
z!?@MaURn6+cj)eUwezad`L*5gm9$Umb7xM=j?c<{;*}Bee7NUG*Pjpf^Lnzu=IdCT
z;h6G#R&^flpixtrdmn0i`$@qy7M0%*uQ43%k14WJoGh_ZxVvm78seu0=2$;Fp}DfX
z-xizW>mRR(D83>BywLHey+&<X%%mjq-1fq3UJC3yq2zSLp#ofXt*HD?Ko}j7Ag@GS
ziiMIxh(FD8J-scP*xIWO&X7k^COD%I1C+*8vy>4TKA5A#U7?;Kf(op1*{=y2jRtpW
z_>n5++k_boox<yNyyTdn$8eNVAOH%v!3Pl6g)<Kmhwb4zvU1b}K#CH8*N7^vvuAk`
zNKsT!69?>PaDEQdD#%`=twLKwGl0M>ioQK&41y9r92ZU6*!wVAg~vc-{i6h5fgew=
zm&hZ?BKXJC<G}uS`jABYpmsR_@szKW{CL{M^8`8A`SFx?^?zcN*{+O}Iew2f-?I*?
z*W)Zf8J=&x59s%!ozSwxOEYZ~<L?6$S1)7~R}EGqlY$?93UG#&VzYX8wAp_w(kQ(8
z@pL=(vnZeh8fTjyPr(j!S3jOI_{#U?V6J{VrM>@ndbEc)iL%JbXIDR-TAK`~XX06c
z<1;E9zu)%y<LN)Zk0BjY#Q2p_PzruI*5+$|6hUdGB`8e2a!K)%ysE=$rSVI@6c#WK
ze7=BC`eaorl!KBeV9d&?jGdDV*&vHhLa|C`VJfU%Xw=1AB#{lZmF=x`a8WqNP7{E^
zj2oF=N(C11DRrOGiqE&2r{yXa8y|&${h|_rb8*o;TPU+_9A}gjp7S=jAI(>28??n=
z=am9bEG&Q0#1&=vQl6U!D5OTS!;XSh-?&D2t~=f)7p};neox_R7V}t4Re&~ho=^xF
zgA@aJ4jBPj-{WwexmTdw`un@@el0GJ=;Kd8%VD+J3MCugcKv-`m3e{w3gNz`ycJ5R
z?*=SH9oIajc%q`69f}HVd<MMP=XFw7$v|wK0jrpbBO4IbKQ#}B_)^Q4XM6B_DWFpw
z%^1Cw_lj_xT9}nD=~S?*S8+A&*SNzAvv(KI5sepmK^|NI;YD(x3VMFjwW6jZN<WcC
zc+stafv9kuCnyL|=Gnk=aLBHUNj`;vxPi_ZETa?^uD?wSDOzKxha_@x8z;xLHQ?JC
z_=1mT*QSjvLNi|ERwlsfn1!K>Z3tBVKHFq~QRs#9bQ{lSVvZ~At+j}&wh}gq)N^oh
z)MMul0`nXtD9kW+sPN>TERT0=1w7g=)xRP;02er11k<4w%l=I6e1gCch1LrcR+W0D
zNQ|-!C*c+Ne}1@bn5gme)0^TCp>g@)?CPh#)qei;_P_u7Yem~JuVnk|kZPemx2unw
z8qSz*Wj;lY&wzwTiqC)^GUfLiqK>c8@TUPzX;a6I8TOg=@%;Cq?_Y}&R^U?*!YsaM
zR+neBtssEOVQLLG3rm|_RkYnI@+{#|cR)tr25f~bw}<yRBF(5ZjqD^!xAE`inVBsY
zRK_$H?H0BX^C1$;%Mz4qYK{}z@xY^^v;1%&zkJ@L7=vaQIrvaVyyX(VxHXAikzq&S
zjCjn=d0trrag<~z%$h~eYmV2z%Rs>H>tL%tZ=5g{#a4TqTl}^YDag*>{`Z@YIU?+W
zEd>Qw3bMDKU>u0=Ugg6#KX7jQ>CF#~;;+AzuipOmn;)Amet-Kn3R;bafBK=ZW#Hyd
ze|!7iwQp~KB|E>omT+iZA1$`Kqj2{dS1w0CrS(mRyPqi3zuzK88M{61R_v{aZ<m!S
z!+I|U;i9x^@{lE8H>Y2i61JHa5%1|Y0E^QM;Be_BQ5aBWXBJ=1_S?^Lax`obCpbpQ
z?>?GOF@kpnG&(eY>+W0?l-gRQ&qI9NV0+0D<GZt7UpzXxwzabjjPIZR%uQOn>g!u<
zX#aUas$l-neQ2N4ahjnd`(3%CXz_O@r!sna7p1SQgc-G>B?-CoZ{#@adP2T#PQS1f
z2kgAOuVr_PpMl+@66@e4C+p&lCO#!mLS5<Fo7~zva9UYn;OAdXwniCu__;3I*<^pp
z&7X4TJo{M-d4eB)I^i8-r#c%;U;f$WBmSp9FQ5OZUE1&)PJq68|5K;EfBy5Leew1D
z&zE=(&;P{f_PkHGn*Wzi_*4t<yQgi=J$8@D6*$cb2kH5vJp@^p6wRSHe*RK`;xtiA
zP>A>YtM1dg0((dCe#<eva+`U10||G7)A9}g1{E{(?`vatWfZ?=9BCO=KiSH06?1KW
z0zk>O1weZn=?~_N!BA|`Juh#j`)5sm{QNWULYw3c25;EWQ}EZOR`k)lK`DMfnF~($
z4vC+>1x@fzkh-YVd6(wF_J)S%=N^FF`Tqp${Tlr39vCP>SnNhy{-y!!C<st}ExiHG
z4?4!-vR;5w*TbmGPDI!6$Gl%DiS_~qEJAZ+@5J6I?A?#75<de~MMrm*i}&FeKV08_
zX<&9&%5k{d?XOX6YLZcW(Bo_OfH04(+?)7HRTO(Z-gPvhm~Tg|U*8Cr+s^EqZ(ll0
zUJ=06GY84P-EHonb_M9G$KCluyd@5Cnm#0vwPOVrmy~F3f>Spl&J}3azPec!_wk-J
zTHJ%;Vnj0cY4=l<WLJQHX)xB``OJ=Z;VZU@vi70y3cHw~&GzDuT7eiRUgXs86sfhz
zUBB7@>NWSTBWa!NPU-;>&=I726vdhNfsO6*;-Zcq-b#578nbhg=PQ3Fd?y}MK8mdb
zBggy13F~~~gwZxPf7pC=UYM`nVY&{S1Hh;{@Up#7tsUo-LWJGTaRCmZWOD^NVoUaF
zU&@ngpVNle`mWYSitRk{vdwK2W_Z1Wd3HqPA@P<T!E@ZBvZL6#vMVD1h|5CG;Ws*M
zqmXRWD9R*{V7`s5<~kL{^6)xUqL3Cl{!veHas^tVuw@^<9bAs`aF^%<`i9Hj^Q=1g
z3M!hdzdI;>?thmyc3I+_UCI>BtD6FMo7=xfaDV7~<Js*IXZCrTlKqR5>+RP>cSh1i
zlxMGX^6acWi{|3mscYM&uqm%-n+zv`7cy$-C&<PR&qz2vK{fk<Ew*&M@?NOplhSw*
zuUyO336;M&fcaSU#_K5k<o0>HH820qc2&MUf57vy|Ie<2`^|{}Uh)4g{(iA{|Fih_
zmiRUQ%NKd}{eN~P=r#Z_jI1wt!R;B>O4JI$PO*5t)5Z#Wb2qyJrx!0r6P~~8a2LeS
zasMr3`_XK6Pt6*>+u~)9`z3$(HAfUB^BtA{&qiHf(_z^eVWu8vG@>O=R*9Ek&}f8F
zBe7>5!3}=iAN*LW*r2{q!^ays*ecV*=`~>2cvh|oPts7&2Js)K`yYS#<)G!bktgJ}
zmSa63&$i4y*8HL)?s)3fel+aQ^W^H<jd*{YKX*WVHt~+w%3C8L!EDi@>_)-VQK_lk
zBe%4nJd2p2HQq68w8+O{VfvKURM)@%YjU&ruNNC^uv0!1-F#K$QzXUyG$j_Yn>)u8
z4{ucBH@B$~!T*|5)B5#-wuZmrhSa_LQ5$?6Xvcdj<2)(90m&*}R#DCd;KQr^xxFFb
zgdcp)*uR8d*VN#9kJ(>bCbB<SCY3{gUb>C<5Y(W!mAA0PcMk2P{HomQD(UCSe1Sp!
zCbGQoLWfS_za(|Ge;?|M2rlA^B{{r+rIT_^v(CGp+*g{jl~=|LM+NlnER$Zb|6aEL
z84iAP9<W#J|Bm?XV&DE3gw|L4|4Tf-&a$WsBYs~1Bjy9Do!g0>U?+Xu4*A#8{9j(#
z|C$>{pVO#CdWStlwVQq6Aos#v=7m2)?;ZtvH|IkQtUnZ%GA+g)FhwqkKLI(%tfY!W
z_h35c=rh`^R&vulL#zSf$SGekHs1MxI8XlzVTXcyPNMk>xcM|JN6xQBaDcPKv(sm7
z#{#3jqGfJ69dEISjI$!%KIoq@BYBDsJATO|+UMMeV2fLhY4zeyB9J1}tryOlUYdE)
zQGju{j5hpE>OTogJBkvgSax_8uS^mBNdO*PrMm~)!F9O*@-UuPyTFgIVXd?H5Avga
zmE!+Hot59@pZxn=d;aw)o|pZ<!UFh>F5t`lpZNFoLH_^0cP_r>fBquR3;92qPGtKm
zZ~e@hvs3>7Z-%ZjQ6qaZc!xK`aM~W^$oS41g{kLE6k-P**D`c(<PB#iRF)RGOw5Vz
z-QNyZ(~0urv@SR1?cm)Y%xufMo=<Lv0-oHE34JH6Ji7%qPCynWymY56W$73lVRAc2
zC;f{#`+hfEq5v)&=`uE@l{fNk>_MokOauCMOL46}v<Ke0Y<pz~q&1zWWYWqAhP672
z$Bpu&w@l-)r5L(k_Iqtp>$OJR-e#oD*CWlp7<DDj?3=-;Z<0}WDo$I<3vCzedO~(T
z7P3bl-i`H(xh@Td(3f;|d~>ftpMATBYuob0;aG<)T_?AXx_YDe!w|Kl2(`%FXkxD(
zeMwby^X3sM-A6xLI4vjCTk(x4z?(<oa!9{FKB+6~&TMO1Z;5?jjSbhH^gFIDnM<{M
z^Jp#<*%C;ob(OB%S}Ss27Bna+_brlIt>JjwRz{X~EgGTfLCMu&f8ADnvL1DZT^N#<
zLiCm{xD#1`;zU~KsOxMV36b<b)zrJ;{a8~JrKfLT`+7ZX+a1k!-cL0pw?(%<Hr#tP
z(A%cwj#22Ox_{Zi6EeMj>Ir%e21;8QIej8SX>D6U_VB(n{Al~}8unnUx0G95B9ZPt
zF4a(y%wT9d2A9e-G-Jny-A8}ga{B5=TZ1drOII*(Jgp`5oN)NjY&ohELc_U(6c=#%
zL{!`8Jffa>tGCUz)9XYd&FtGPC$vK-J&MXZv!!pQ8XT&<&T1M=S5}L{4L7!=3%1~n
ztu_%&gN(2)n&Z28N^zkt9uw48B}E&Cqlt8{w4JFo&hB*Ya-{YgS@-8_+$FBFP|Yd1
z(N)b1NBzvV4d?a|#)2($-lML%f_nUJDndi<DMKhyT$s5kDMazz{-fb2kG^!H>PkrG
zeJm+GN4ja*llVeusoEovR->NS8$Y?@(ZrluZMXNRyBh=gYdwrpynr{Fq^RnXWKa4R
zf+-C;+LOAz7xW9q=(L?XIT`ic)l_ib>&AC$C`co7lX+9)@oCyhFVv^uE!KJ+q&vb`
z>#Zz39*!oD;y8>`Csfy{d-F(f;pmrvc}HTy$Z|dCOwfX)nz8<<=<CU-E8S{=G@VZ1
zVk{`C<FDU4t>F~4vQ)mkgi6;O*b{x}Xl85bLl^6vn|r}^r(|tgL=xVM>c}K9dNeL&
zBj^cEXeN%ZzJC;9U(x*~4$bg=OB`vN%rppDK>>Ci7pkDQhnXD4o)KKWv)ir=C9|VR
zYRixqT?|cMQl@(ELie+c++Ppi#OxS7bLq55M-im9rFT*kO1F>1->AMck=t;ix8cYX
zr)y{8xR0T_Qd+CdXq+K*n|be_+y{z_sUe7u<18Py$nwz_1g+n>u={XjYHkku{#qBM
z6tx`_^@S%@NISBhZOpc!j)h^U>*~tri=o*wAFMFmpo#l_I#C}?$atiscGb>(%V`;b
zGIoNY=yc)gUWiRB#W#AWbjF)(AdBjQ{4`v?7cNsRxJc~&cgy=0d3Z07rL3t)*QNJz
zAj+D4u|z(T7oIG*p%#b;wwycF@LLv9ZXVl@%c)Nurn=i2-?^Q8LCLh<>dDe>bZapT
zm8YAr4b2Sd@j#xK^5epVx<QnwVBS53*KLXmMY_4r{EIc#%$uorv(%yb01eXBTG@kX
zm?I3O`^Ugh)n4||BJKoAy%p}q3-sh5xEL(e#f>{PzS~%LD$%6)&e6@uBju6BFtoHA
z;c=XHbbat-`>t$5^TIKPD@<iX+Zotoc&8C4s9jfe7B@pf@3b^S6sO}%v?nUGC5T47
z&b={#U2K?-W}DH)#?aRv^*aJ#e;tf^7aKHz{uB;2<~V~!*SsAWJ;9mWOi?(zcZ|$8
zy7I*sl9d?@@5h3wJ+{r<l*p4NtVQHq_HkF;P+Z6X%p5~q-V4e=*RxwwfSMYt1tT2F
zV<GFo$&i=}(@>#1MdR<5aC4c+VLXvVr=uC_QeL?4rsGS~>ZdK|HY0inWz2X4%6d;;
zTLFouhGf2P#l&iL-s?g9(YbR?rymcrzN4zGXycH90Q<0Q3!OW??{+L{czfTvd_e7C
ztcj1Sv97FSVHm!DawskyOi1nx!<0>ZoyywqoekZIYOH0bs~?Siyp+jsi29eNEQq-*
zbe?Qu9jKx?FhcUq2uSWs<}FK5V#Ak~sv!AROYKlx*y3<)1Zl@1%0yX6EwiV7oVLUO
z-pxh(PVHEM_yF(JOkcQyahu(sV11)a6kqAe8$DQGz*cAcs7V`nGF<AR14nng&WP*O
z9&B}TRf=^r=(M5X61%TF*pg&e5|#3oqmkhZmELd#C3&su9nm52gGFvKGf;1*zSJJy
zUh0k%zniwyTnk8Fn<x|)(bTwnr}^Kla3H#)i3F$OP?v>upoOu4Lg~h7>zi@kT|B}e
zf`%Dbt*mQ`M0zwF7xqlo5}nZMDI@e`X1XvW<B8g$xPS|Nt+a1OV~I@g9f{Q^veLT4
zfv&G5+;vxu?--^Oi;hl4%AM19e6g)Rsl*9Hhz&(>0)Ht7c1sndi8H<or@Hh28C|$J
zoWM->F4v|wPi#$EC_PhBgyF^e_Dx@tZf+lacw>of<mjuXv2Lzysw?}^+UyG}tuJPe
zi@BiR5lI(@J^jfQjebUPL3BfE>%Mt6zH?*v<hq&&L(8z&rXZ=0nn-mGw{vtjQg3e_
zb)OiIP?ZL~OftsYKB8l<+jY~{IyR}T*Miy9AZck2nk{8x-@(-C4zKO@4KWS%Y1)!f
zbKHrihLD?Wh1j7PPg}6E7w-dQX~C6uFRk;z?TtMMloS~--?14Ny_NE0UntsCkh{~4
z{Pg%FKRt@FW_LzXy{;rWeRt+ehH(iKx>E)FPJVa4+1jY~rW0DN%h2lU`LuPJ-M7A5
zS}j_4zPV@rx^>%8uv!_h$falp#2zdn`Yv+r)Rp}dE$>^G%*K|zvQ6mPee%S{HNGtB
z9>Pd%V<#ZKIT_AyS6_|b<-(i{g-IK3ta99eD>!#IPb2TUrPFrW_kpvtT25*j(h5!F
z0`{{1%a%OmZP?;bd|oKpb!XC|bD&ZjrAKhocG`Aswl0@uYfYw;o7moT7FJ7G+QFq~
zwI7$xqPMgRC`=92b^5&}gPqcHd$@9pbt-$hAm7z(d_6~ol-&o;lQ|i-kfD&Np)9O6
z%$-}>wrCH?I-iXP=^)_rG+0DiTI$_A*?maNJ7qC7*5p1Qt~Kt2mG5Cli)rgpw8BS*
zkAb)HrV}V2IyN%j*mtofFJLg$hK8bF=C+Ux9|b8kdv5B8u{PGs;iC}0Gl=_M4y1_|
ztf#VXel)Z}M>dAJZV>s=xD3a-^4@7F*=QmmC|s<J?l46H`DnGAq2+hl25}73k~do5
zda4LxttTx_fpo{Av#^ZS#(?hFlI9zyzb0@&R)(((6`yp++Kqw&d94MafrQRS7_3LC
zIE=K#5aM3vquF*96r_R%)kM)RduH1;EjY}KAdV~;>*mvN1clDWu|e8nfpi}YvKaT`
zmDv~jvJ@Mm$q*U+EY@1&2I*@}zEfrWN$TnZ`eUNTk3@o~wVvqE9IHN&oSr$+pKb(A
zl2?x8-YI%VgT}gV_SgL}krLI1D%4=tSPTW+m+qXqn=uYnPnr(jKN1L`@2F5WbzQr8
zuSx!s+3z4(@2qv`_$ra08k!o^<68)!BKMU$+#ULI_vS+DDl5$wr&j-Rsy@L8>Lzl?
zu=hwLg#3;&UEHJ=QG1%NDst$KG~H2TNi|fzBg?`1X}TD`*G2hB^DjNv>#eEYLD1|Y
z2^wm9{-g(4ihGy6v9B6du-a(B8p=dpA<0!_X}UIgwrB|#Ph(%1Kxk@)Z;n($Nt|A+
z$ldFePSp2CU+Jkq?Bihlpf7G#s3&ZcNjy<u{C=uKK^0@&?5`hGKVF;N;e{?fJ{b#0
zVBoYgsE&0woEVz2kh}V73gHEW?wv9j>Ug5YQ={{KOubv*bfMq*s2l5BBar%IAIh>6
zU+Ba^2%5<_G<7IMn<;dWN_wlY?~E)mOr}Ohk_|;NCPPIfac&rC2T4P!-(Aa4a|m4|
zLo?SG62-4!OyX1zl!*c*SJk90)D$GQR7o)|AD|T9O`nFo6(~9MO;y$}S_Y*@NOb7O
zV^xD~!w^lUHQ3O4)Lx$oCY1Z~3Q3A5w^nO|IH}fxP=>KKzPm9ges!VKb^4b`h5A}E
z#D!ug(0)>U*>FeWryE}vRx3q^WBJb2bV2Pay~~NZ7>?9n9YdYcXD6FJsjf_h7sle|
z{UdR5J&bkKzFBI%dkcw@+x^&pgtT?-CN(Ji8ls29p>7Zrjo~m+gN{z=PlwP@rD$XJ
zOcffguKVs-H`H8Rm_+TX3Dj=h>w(fkz0O#rUbPXYGI8!knmSf>b2x3SQ^OaH@xt`R
z{qNQ~olgnEY1^HuPme3ZH-`#T-|3+%%aSgbk}b+Db)Zd#4{FP88`@1Y7U5)c=NfX)
zd@w>HAV?<qBsS$x7W6QF|JZ`MszDbTk1JhNC8srnb}xP~q~2O@byjvu&GpcA)!tC0
z_?6+~#t1S3TWd7c2BO{?rskdW0Nd_p>N`srs{QGcsz5z{FrXQszB<wTwJPh=4eY^{
zERq!64P7~O+FDnFa<7x1JJ;8r{IwQz5Q4*rx_~+oU`rRAKBDvshyG(*g|IK8DRdGw
zG<7w+i8S9ua?pD+d!i=yI))y^#@Jsy+1(++6IFoy^ui{NVN3Bs4b;8~;ZW|YeJvy&
z>_siZSg)J_=GsElRWh8I6u*X=BFUum``!q$zD5XCH5H<^+R=39Vhqixv4E5xTV{8d
zD*DArT__&Z;M3IT^dFf&N5)7nr<$f180t^ZzeF-57pCO;NRo0rbVhP$i<+niQ$y-H
zeR7Wj_mSck^@lq2hxhUV%2Q}}9z|8xebKW5w`~yj*6Ll}DG*W{QissFu!G07)u-~P
zGtk>{f}#904mt~2H)Y)reVq&kkA!%zr6xMHu??7y!yBSbZX&a%cPxp?2Oo*Ol?mmJ
z6{xA*kD*24*pysVHk9s2&n8CSb#-XI#{q<Pd#I_s4up5Hf{kIvk#0OygW~u}xpn+?
zXEeE?^5*?Cj3rreQq>=7$d3is)7P4?+Solp@f&N}O=J-@lMTs`19hMiCy|3;s`*1z
z7NwS9WT`F@h`K{<+@FhD_h#fss^qj|5B7#|8pQ7{zw_>qC<{np0TQ?x>*Cb#MHL0E
z0ily>#9tY{t6F~V$>`aFEWrWlUFyi6idvBM5rKCjI5bp^7*hyGdcU_C8Eb@|bP+-*
zJc`j;^`Rz*HzE{FA3~@<E>zdjI~#2wt)L*rBi&I{!HlM1{N8S<chDCnsP(wkgSD?x
z{N52HFK*gq4@$OwX{f%U$U;1XJ+}{AZ~z0c7~fq}dF#ufG8hwOEO(({_MoaraB55(
z4F>B6v!AY=zB*ASL*M94SCCM7<a|WEOHDRbYh6=P3&K0I%j9nditxgQa9~NMp|;&j
z6LbL^(i8@n34PKrh$2AZ^bB8lfP%g<CHK}aq<rkJeb`nLD5#1eDTa0DAWM&B{pn^5
zrQVYfLZk-kcd&bNAsZ4MKT)M&hvFB*cp_^OQlH$GuH8gBkyqoOGlqWWZtA<^si7pe
zx7K87XiQt8Vd<UJ@Xd)DxGU|>?-;$+#%>d0^_6#Up`;p#??!jzVSINJX<aF`ThcpY
zadR&dQ!^!ap%5w`OkMSdJq_BT-Ir)v6TPjj4Ptj3sHEdiaxLoXitgBkiiG<eDw)@s
z(LuV<>C<_Vh0cS%kZ!FOoM1^&kw#juJEZu6BM24MSofxaI(ii2j{T%i{5~4QOf|`w
z7`}+$#C_7B`d$eX14-@}wp|4hIJTj4XWyBM)uZ~`?ijwXk|$7+yYSsqbS^A7SQ|c>
zSi!0VTVm=M>ePH1dUCI`f~~CYkikj~GEXK0k;(^5V6Fy|i-Xk$YSKdX#i<cwW3_$r
zaY`Hn4cLRB<B$7maZ2<KG}Jp8Di336XpWz5`nEBYRKK&3NpGc1;`e%MI6#u?S-tpH
zgYFRbm23nRUxvCc71cz6%sv~dfhtaeY&?agWQ5R{p}C~;2$9F9M=~_5i90d-YsDez
zN2}k_pfv1G1#=90qM`biz9Gdf><&cT7*32JQ!PEdHM=*VL(G95NW{`R$uvksTN)<v
zB&PUX8qn@2L`_C_4zV;T(nPlpiN78bsK|G22Ky98Qm*<#Ulw6U7n}$Y$ruNc0mV3*
zE{1|CMQe-d-<BFdA0pHrtj&JMQ}xcnbP^*+(pTePtr^l_L-7lRj;?CTLe=09il(ph
z;l%2>4@PgOXhs(4M3vw|eHix!8+{=mBsw`<NE*~0S7!GH$wZx+k~&hw>1IkyLxKL2
zz8JdtliM-E7>y-pm|aPh12xj2-hm>eU*cKPbUh{N&<T`@DUo|wfEUIj9;@O|H+u?s
zY^!ZO$S!m!C1c-I;S({Zx@%~<u(Ep2!srPigzl}aixWLm6?NhYQv!!duhV~AK+1nz
z-8U7buNvrXNb#FO==5a~CWh~7<G#CsVH_dpaSelx2U`lYfBHI+blFfmq?Pvi5Gpzx
zQkkxcCVC{M1Pw=%B@?mll(%Vlojg6Z$c-tGObZnkil%7xrX8z4oT%ZA_bB)+>hD;@
ze;S9558LjOW@NWGQ0`!`M&n-RqXC@@tGCXqzU%2vFrPjR4Q!~H)sGPrYW~v%n(~4O
zHUGqvLw98mTa=~w#_DH76kLX5BbFSY^KSa2j-cePG+i|nU3{lcVg-}lT7&9B(J#B>
ziPA;76pjtCFB|F|>YKjNi&tYKrv6rjx;Or~H+-kH{0oPWi5A43%*N*`4vaRViHYRU
zO|`x_a)O~YnwYY@AdxA#V~gqw!}SemxU9kJt50M@;WYzwIu36Nc*RKWtAocden6Vr
znl6S69<xnk%TVcW-xlME8al4g6Ge&-r?-02L(`RsDc12}NYm9+pLUpksSRBy4%2CC
z)lqsK{ZWHc+3%#&R%gunSB~~?b`@V1)|q){dUBvX8N}&3EorJ1_}99F4(h8@J-Aem
z=5I78cMyrE<HgMaKSK|{Z~w}BhmdTf-N>>?F0}4oZS~bVHONdu8b(@I31waEp|*)+
zztfotu3@)^y|J+#slDO5so)rv6c4l@Hes91UyAxeO);pvG&?5!P2!0f#HPIP*VCY*
zI?&&YChE{^Uv~zfcsYCg{`+cstDWFa-PZd2UfECELBa2S@vCG~O)om%U#&fMXsCp&
zmY)CmVesL7Z@P1~sW{{HPhh>fz@dGR(*OG5;e)Q;@6}<ax9W9%55!cLd3-urMlt%B
z<FC6+KIwUF{|Ddf`P(*tyt4mac-MZnzyIU!;@ABDU*tI=BzAUv{rm6JFOS+*cgHk}
zi&e_IVpzTjJ0e#=yX6<D@M{@&u9Vrm?dx|P;`a7L5+UaX5fs`u`9fDNyv+X@`R%9w
zU*&(X)!MuNPki_8-B<qqBG1o1H^5)*Bm-C9gVR&c_~n-q_R7bb{Z}b{@rFc^pU2>I
zDV~B;uG>$Kao*|vRU)TvtERjeZLMmUcK<!_LI<zGU(+T_pn6J4&rY&aZc#Yc-i7UG
zc^_{M$^%SNCI@&|m=AT1!`o|cI<8<m1?_hoVIL+|zIjV4?e)&TP%EkYfJ2A<{esz5
zjEM;=*2AuaRSbcD_V*01XN{>p_$=n<nQP@`G{4q}%}DyyaQl+aG5O!5G{Ud${9XEZ
z&Hn4OJA3lK)4mYC%KtC%d;=bM$^e#UicdPfUE9h%;&|a4#K`v19H-5bZ;Jd=dCZI{
zkh+)<Fej14??3gz`58zsK`f^p%jULyk3#3<8xZ0-zrp)WoZy+aE)#?Q$J-_tg=E8$
za}-$&K#UVWybw1}n%(h-aTX=`<Qs4s1wj-7csmA;m!v1nxtE=@|8ww9n$}Zt&i-G%
zaOdarf920~8J=$&vXD(R+RP(3J^5QRUBxGVYg))Z`CBs!=-*M|%}@UJe^0&vut;b<
z==Rc+W}HOq678nvV06xlC(+`hxlHZI!RP-DlI$4&-w$qk%DDHt_3<+Qx88~3{`v2V
zmiYDl=P&Yr*PiPb*)9h6o{huwx$JE0DJ&k)Y6@pyh{7Bt8_*Jj=h6!C`!KK0&sVEe
z6R~cZQ8GU#ysPy5gjUpgsyqhQN*COYl<q(qjFd5uMk>(9y)&Tp9@J4+zooCwSgGz{
ztf_+=oxWiWh%9?PyA?AE)8<J5&1o^BQ;@od5SHetNMVr#EF)Asv&<|?K%U|=mJls+
za&}s+Ozud_I$oM3o>gRFF4LK^<lJL^wk-uB$lQeGkH4%EYdVpg2P_-=E?iM^0GJ)c
zo5Y*D8HiRPPC%3Z9A;j&sWRcS{>nQHkJKo0{ml~;W@Q?`0uMC+@Ej4)V@)3bk%zUM
z#mHu@lu(2YK-GQDJS!vn<gv7_C@VeVvoa$P{XrPeXLL05ElXI)E`F-=wiE@qo?z|p
z4teT03P+qLag^e8i`8nv%Q-qNS~+DyNx>WMEw37_aB@~;EafSX_}^z#AM#v7+w{@=
z6T?6P0u-V-W?4?68Ax;6EdV>K(t=qV4n1OR*D<s5C^bb1c;k6*`Shf&7t@wz-YnZt
z-DlIL-*klk{g!n{H8V$i*-)OP8Dggj=`<xcEnD>70t<(D=Gh)1yRFyY+)nv4%1^<Y
zC}Dpkr*G@CjzWf$rRU_dtpwERqi6uHabkNcGh~dD;s%|9&dLn+UV2DsV|Fz2lx61F
zr?i-*Zccbg*?@6ifPC6T5INqA<(7-Ww47jmRXP1^<rzzU#_pfR4xPs|nq@0WUi>U5
zpz8Uo;=OtvKwjXi<o{X@er6wRK_9VWl82z9aKqmvIL!&;50=ogNDFVHl0jHvyKP1j
zO3L&NDSplX0vtW8xwG8?7H#Ye(~g4JqYPCfkmtiJ^3`BxcffV&Wk+F=j+~i+oOc84
zc!=lD+YZ}^68}IbtfItc5HmSMDQ(LFURVyJVgQc1VpsukFhFIJuY&(;a_Njp(=t6X
zBPCSHg;KhOQRdmW5^u$=^(^%}6)RcB6XF*+Ybdlu6K_yhrWK|Yi^TqA&UkPg$2fGn
zHLx&=R&Tdh=;Fj%ax0f2Bt6}y0NTfK92BE3TH-h;0q1Eksc{@7z@dE<>0r66qFu4+
zqP)O!$ZUlHcDyV~D7z<^-w~9a)nfx^025?IN%<>E%4x21Q*|F*k@k~eAAyw{5yljN
z+QMFl$dNfel*gr<n(eUv8Q4c(fjvsiWyXOOd(RM)-~f3Qf8rP=j8Z6G*f0W|V6vf(
zg3l0Vc_E{d5C!;cIq6=Q;bewvrX<d4I<i9Q0Z<e>IGSx|{g#UILdPGS@qHesShm(*
zg}}Z1{}mjxv7I?#H0%_XNZC@val>jw$+N(p)tDlqQa=jOHVappTY;Aq!lSf17<Dno
z(;`J+1s;>*2WCY%%S_$9s4eP-3YE&NdrI#Xb`hC@X!gAE@@d*0oK|Bh^DT0HUy0>t
z23RORi9*jlW9R-6VRW=gXuXgbA9+|{AEeu4t_3Moh@yDP(k-(v{HJFxs-jAE)%%FT
z8cZNS9-)<qmuBf%U1e3K5Wi(St&4CkO>>qi%4RyUD8Z+nYCdkQRJK+f>1Q=DvO@(m
zY_puVUTWtoXF2aNVDhpsBMm0;wyFuQOC;=$wWLQo3e(uL^C(Zr1_UVaspw0#)=_D4
z;nbUlO!j*rn<IwUqm)R6)u|F?0D(HMHct;(c+bABhFx;tt0qq!fmA*Qd!4dWWERFD
zNU)8WB)2v@{cM>q#UFE?!PpD!D2XGkuBpLWV?Qp4T20WWW)<!Bwi<qES%ERXzM;y`
zcFdWnu~}UzV`RIah9E#ih_&HX9J33iQ4SEb@M4_hh?L~FiW1_iJZfu%QP^NJpL$F7
zvthd^nN!Cp+8~l`8nXoBGvFl&UPd+*<OkZk@c(FsrMHF8$}EA0l5Q)`<J=;iO*WKJ
zV}dqk+cz;zxT;Oro5HZD`)zeIzmmnwSU%|Sh&pGog-=ksHbD=FWjy`&pPe^&ZR0ot
zJiT64nn+#>QtlAF1u-9MZT14><1^r*C1zG$2@vz6quGqwc@ao4A!o(^c@|YZF_j!B
z4CTTqWMZZq8ASn~qq0{N$Ar3@QAjo%%T#t1pxFd@L0Xip4bIx|M(WtD<YtI%oTe!8
z7<bMRFPxVi4faaiS7-b;>05vZ%Q0LyfPq!q>Qm@?FWIk94v2fWg|^M2!pPeNuIPd%
z)+}^g6AWf_{wrT7&Ag1#bTuiNSHxY>9MR8A$Q6$Jo2|mCZ0jUS(*{Er9R|Dk1t<Ks
z7XkzbTBW&{(V-GN=SrYR_ik+MYbxk=rQ%Bhj_Cvrcv`sH+ji{j<ZQ}emGcoWOEq&b
zH^p`-u{4=VXSCpy($U!RSfTPttBPxfG8IHgE2v5+&2HB&h_Avf%fL;r!$rYG6R5Zz
z8EUew1D+|9OSXL}WJj@A+BQ4#=mjf}O$jv{vE${z8K)y^(Ri7=&Hb?JHggsJj3hhT
zx<U*gTha<J=CeGD2#Ho)zgKA-Pb$CaEgxx~W?)X?rQmUYBf+*8dzcEXy6GF$6QUjr
z6fym<?@9b8Q=?^{R;|w>NpxjOQ$LFO?>wlJP!dX_zzZpzaPP66*(Bw+`c`8H)ODXT
zWMJOTZqIhD=LBcS3(rcsx#q$%?;zY946fF3)!~*P&M1d%wc}Yq-DgxRI+)r`XM5@E
zQMP5bVr)DFaRi=yk-BTSap_sM!GLojX3)ksp~Ix;<Q$h|Tg3$m3x0o~yGV21QlVAN
zf8qGisXkRk+TgZ#3NpOT7``dn6@5^XyVg&gyJ{lf2&Wuimd#hKsnYdCEa?pMF}FmA
zkD|4_y1$P8LZ~sxzz4#HaP}#9tu=ET!$<MThz(`zZaC^r)uZ%9l`Xf%1hKp43oua$
z;}+Lj4DC==`XUVfSr_IzL{{hP-2fEuW?MN!RpxxF0T0`clCwiBqte!^MY#&!;0Tsx
zdz``yh$T+=WM!_GI1M_;O*J=RlmygariKMZ3D53MXT7*dbq~$8`DVrgccrT!A0jp9
zm0Bpf;1s;YB-UmpHeaa?<T&*2g!(&mimbI#f?i<gQ#j#_V?Xtr9nxX`6bfmlICS!$
zG+TElrW7pP|0}0+U#2kxmq83fjx!UBRsjohJ0QvT>5n7kxpj-9DB5}z%xq=BdTs#h
z1-@!iK^rN?Q3p9nfa6iCb;rs*V!>}idq<Xxcr&%NqG)ymnzJq2%$T#ddBzo~N9QV5
zV(rncYtg(d00*m8J6gE1y6q_7rZlCaov=*hsqA?II}_4j&Q7rsz<t%N6__@G9ul0U
zY|`*LCZ6q4_m{O;TOg_88=HMAvKGv$g|VIuU2QFW+T(s8hnsp<J^K7Pu32GbF)(Wc
z!<*oyt5dE%^7=}Y(Mr|o4bv}H#GNwAwsYp*Q8mIqOY;~fDRwYl2%>CIo06g<Ze8#I
zX@<8h(LBMN@HYjAFpmtcv0W4KOz>6+N$?ycd|heZ_bAo^-Zg<%8X#$t?+YpIXeVNl
zGvg+AZAFM8zF1J>=1aMZfdZV?ESmJJyjd6&KcfT`G|UT^L|a09wv9R!Zfcc;X2!;Y
z(kNsqolR+;W>J8W4THuDi}dYQF%^~5;my6n_-x5d<-8Tz;D`#~nEHDYbiI_hPB@{Z
z43tp3Y$_(GK(#j9fn}aIb+NW$fXyOvUba!Nv+aZxyq|7CeM4cz$aeQ#)Ou+zOLr&t
zEr{5P-|6)j492J6=6XCBm&i2++TBRkfN`y=*NQgijloE*FUyZ4aIH+i`+?Fu1K8s$
z!0VXhyst*$F}dQ@!lYXcVsTPb%Bc-laa1vfC^;0d(F|w<?Y?&gl#$XHD3Ur*`aQX)
zXlFp~ske96igtZ7xF2X!Mncj+Q+i{*ec-xi<KbG>2DkeCwF(||^<gybac#?23kfFF
zS4-n4Og*;hz*c6sSGY?qD2|gTPCRO!vjNXQ&SIsE{<adg7BA(|#x%_X=Bt$A+Dn;a
zPb1r_++;4)i*;5Ojjb=V9y+s}_P%R^`wFGB(!GZ)kFdq_0oA+!FDdO(ICvXj1PBXu
zW-gABO)b<?u4H9VlGQ^7A)XU&jzb&2J*!r`&vrt&RpjSYdVj+Wg%miLcosA07;y6>
zO4DlHqU<sQ$j(x>I)0o#xb)mnA5j9Va>|IuIxZptY-&+}=DRU`TD#m5u-zPx#@P0@
zK{hY6J%<{$d?|q%Fg&K~AyPJ4N@&|f6h$}zDB)}7REt--I?YM8@8~jY=9P@e`5P}R
zCbK42>k)%DFRqD~P|;zNh!gBQiky{4>ajx~q*)ZlXpYaAO^{Q-i!`@<7X+E*;nuie
zO7O@|5IYJ2O1yP^@Q!i%_KeXXHPH71aYY+dFdaEdk1dkUitQU|>J>;RH#Zc`a}Ky{
zf@_=V1d4@H^3tBKw~D#}015y0#uSE2P4``P-Crzxak;IuLTxvScodXHI(HV^S<Dq6
zFvCoqoB_ljM4^rOAYvW{Eu`Ou(H#y#FRS>mTD>JD>>#p85rtxQ%Q+Q0)biy^Endo$
zRN-HF>CSQwZi2gLMLi+zN>&JC_^dU&9Ut4#5|Y|#NM&;u%OWg@TfC-%bSp*~yv)+s
zuA*!u`ZiKjBZDF)OnoMA#^p0*c+T$(H?s;i4xZuA;WgZdI7dR~C<&M(Dvj$3i(7Wi
zlVrPERz!|bn&O1APZ2~tJB%A!o5I-G4roI$u*GR*%&%(HSTh?dSU3UqlrGh)$F{+-
z@7E6xJ*7LCT+u0H(SkT8n_~Myed`|m#z0wBYe@hA?Gr1U727CwqY0&19eD&N?95Q%
z&7EyMd6q3c1vs=xlyaeOCCK)1mV(nCemdPcDFoT2w%e4%#H4EB_0>G-CV110!f&hn
z0yQ2j8~=~DfO+f8O-<b>Ck{37D>w@8pr*EKYqOMB(oLA5b+r)6oO%vG6BrmEl13oG
zymS#KEu}as%jqUfnZ?T8E@o!Nr7|v;RxP~UvcgtKtE|Pe;%S_CEO1R_@F~?5yDOi?
z<`)VkMyXe=#}}9@*Ildd%r?k@65I8brKH?0Cboo@2)0LK*w=z4oSKWYOD$*h{h#0s
zEl_Q-eEXlYiPHU`e9yI25iKvRb}uZvP9_N}0;(*Unv)+{EI5XCB6KC)qO7Fu*LIi|
zJDnS?rogIvib4LIsZne(JE;dHckoq$=cPLZo-??AqqSYy*$i!CjCVjNX_{FvGtUMD
zh4UQEF_=e7oP_%u`HJAk);v!S$JP9I*zW%I*?W%d|5tn0UAfl`oZqRBSML88S{M80
zzb`Jnp8xzZ&o?ze4@TvY<P)kmf7pKc=?xX6X(35>&osZSs!_>?zz^@M6MfYg=WYFi
zJ1f$2I|`}zPtWl>!=cmI7CEm-^6d%JuPo_H;j`3Ino(J7m5cw?K2MuxJYkwQLq1N~
zesy->CoSb}wLOwY_Nz15HrvO>)<Y49lW4u+D~EAL-JT+e4Ddo~-&d|#p(?f;EK{82
zG20TCM#a9~45t~u;nGW@kXachiSp1nLACL4@r+ZdSa#t8UY24q<A|<R;K=cK5EGFV
z+N7Y^lvY?26*efcPv{F5lYsdm#r8mUM3k*ufAbA^NH9}^sh8pO<fH*=lPWgFcmL<4
z0q$r6ZTi>s)`kK<6xo*eMpZAtE53eN+e*!;;p&`C|NaSiw(A>*Ha_2`ZF<WvQX^EG
zM7hIyD6*=SQ^J7n;|!=cj=&(CMJFf!_{Tpil)5KuzzKbi9H(|@6_m7DgJkYyZf;Q$
zt#WVD>gTmaiu6GL_{Tp^PCift`$P3@OYY@qTSn-t1^T}aw9q*pRgvR*cWJEofemE9
zCk5QnSvonn4#D-q0QkGPxtn0@%|npK+?xSE%&22jLsph}h-^XH!#6G6U`5W~Qs0VN
zX~jYmixWp7Ztmf*pp|16Ak^NSAN%~{$^UAEb==bz{H!r<RELK7+Z1Pj-$e8M|8F|d
z)yDP)n#T3Rpz*#p{jY7wg1!|L;G+2Ly*}1@YD2k}d;fJXPsJc!ovNbT>$Am}raWp5
z7Lip(Nls1-9<qt|zEg?fV%y)Y+?3NxyQp%#f;0-slOJ2tw90GMJUJ=W(aS!u1Drf5
z1C2$GMO1YY<=@h&D-6Qzx-d=>DpYyBqRthY_>&&}bOi>=Si8QzzoynFkgf;!z3x@n
zUu|etH8`%oO)Y7DZ(Zc`WplyyRWLD2tx&$HghcbSh?+9*ph^H=5g=6#c1FN16|s7Y
z$T~)II~o63&(|{+!}8W8irCoCKpvK}Q_07KA6!2xGL><h@gXlF>x8M6WK-gcx%YGA
zg;#qVvkUFEpJP{u93NrPKSk{)jq#grfL?V|$d6wQ5^Iqy@gz8imQ<4#NUEuY>S~k2
z*frBXOw({Ln6L_*ocYB7JFHm&^D1*zC0}FDTeX`OIq0^>kqVF!7PKga#=bguhH}E8
z-9`=q6y|Kb(Iyy$)U}I`5N0t^cH->in%h%!+i8mD31UIoW7AYuHOJ<SRmQ(U6!ZQK
zIz3F0FWYC}6R^ZVsblHn87vhgn<uwX$YR<oU_vMT2i9S?K1b9_p}jvd;|zum7EZGd
zaYC&)8>i=d74JhS2tRC(0i<vD2#RCrb#mh6K1J4VXN?^p@|dv(ihC|t7!HJZRUYy<
zIk^S_TF^!rHp{agd|w%OLp&dYrPypW+o17ZVA*O4P2p{I>?y4_S0*fcfWi|mr2K|5
zwkTyKn4gR*+6ysepz*mV%-*zFhn&GEHic&U<m9F&jnp2{ANuNbxA&^BEhwDlhC6nN
z-I4p-_PFDftoY5BvhcqsG>i6M%*+4ztut2HM+y&{QsX08;-ry!4hD@`WlSb$RalXE
z%C6<haF{WRtHzhR#$|xK@SM#_?FuG4ankcWNwPsfCFTz%RQRHx3cnUqp((Z~@qHm!
zd3T=$tdvAS#i{HBAO~8gz+ZEvScr}Es1(j3u;hiCCnx%jg%Kxs$*z+qv|zC%cUyo9
z3%127wG-<5a_{U8llbJMX5v#hRu7NY4pgEH{BXq2+RDNsAK8lPBJx6zrzeH~_(R?O
z;wO5t4Hy$-``fl?on}hku_?)FlTy_=XGfKt4_>(RGJO7&HP)TPPM*Sx#^kOqK7O?C
zl*vH;zZaY6Nll)<yMFs0Un7fu*mErYhvK-AVB`e&_lW_1e*CZVHUH-qdcMa0zQ+H)
z#{a&?|GvimzQ+H)#{a&?|GvimzQ+H)#{a&?|GvimzQ+H)#{a&?|Gvim{%1eO;(s4=
zoN`I|+jBqs<rD7zZg>8^pZ`H@z55#f`w~wz*H<SEutW(v5p`Ag-6x<l@~*(?>~o$|
zR<+vgeg#gC2QT=om0?)B6lp)q)1+;c<*z`N<oE;to;)DU5`GGS<)67?J#e_^NtDM|
n;5yG-9A-sS?&PZ=`TBf)zCK@{^7(%Q00960kOc?~01yEHZ(HV)

literal 0
HcmV?d00001

diff --git a/charts/speedscale-operator/speedscale-operator/1.0.300/.helmignore b/charts/speedscale-operator/speedscale-operator/1.0.300/.helmignore
new file mode 100644
index 000000000..0e8a0eb36
--- /dev/null
+++ b/charts/speedscale-operator/speedscale-operator/1.0.300/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/speedscale-operator/speedscale-operator/1.0.300/Chart.yaml b/charts/speedscale-operator/speedscale-operator/1.0.300/Chart.yaml
new file mode 100644
index 000000000..37fcd1510
--- /dev/null
+++ b/charts/speedscale-operator/speedscale-operator/1.0.300/Chart.yaml
@@ -0,0 +1,26 @@
+annotations:
+  catalog.cattle.io/certified: partner
+  catalog.cattle.io/display-name: Speedscale Operator
+  catalog.cattle.io/release-name: speedscale-operator
+apiVersion: v1
+appVersion: 1.0.29
+description: Stress test your APIs with real world scenarios.  Collect and replay
+  traffic without scripting.
+home: https://speedscale.com
+icon: https://raw.githubusercontent.com/speedscale/assets/main/logo/gold_logo_only.png
+keywords:
+- speedscale
+- test
+- testing
+- regression
+- reliability
+- load
+- replay
+- network
+- traffic
+kubeVersion: '>= 1.17.0-0'
+maintainers:
+- email: support@speedscale.com
+  name: Speedscale Support
+name: speedscale-operator
+version: 1.0.300
diff --git a/charts/speedscale-operator/speedscale-operator/1.0.300/LICENSE b/charts/speedscale-operator/speedscale-operator/1.0.300/LICENSE
new file mode 100644
index 000000000..b78723d62
--- /dev/null
+++ b/charts/speedscale-operator/speedscale-operator/1.0.300/LICENSE
@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright 2021 Speedscale
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
diff --git a/charts/speedscale-operator/speedscale-operator/1.0.300/README.md b/charts/speedscale-operator/speedscale-operator/1.0.300/README.md
new file mode 100644
index 000000000..c8d27ddcf
--- /dev/null
+++ b/charts/speedscale-operator/speedscale-operator/1.0.300/README.md
@@ -0,0 +1,130 @@
+# Speedscale Operator
+
+The [Speedscale](https://www.speedscale.com) Operator is a [Kubernetes operator](https://kubernetes.io/docs/concepts/extend-kubernetes/operator/)
+that watches for deployments to be applied to the cluster and takes action based on annotations. The operator
+can inject a proxy to capture traffic into or out of applications, or setup an isolation test environment around
+a deployment for testing. The operator itself is a deployment that will be always present on the cluster once
+the helm chart is installed.
+
+## Prerequisites
+
+- Kubernetes 1.16+
+- Helm 3+
+- Appropriate [network and firewall configuration](http://docs.speedscale.com/reference/networking) for Speedscale cloud and webhook traffic
+
+## Get Repo Info
+
+```bash
+helm repo add speedscale https://speedscale.github.io/operator-helm/
+helm repo update
+```
+
+_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._
+
+## Install Chart
+
+An API key is required. Sign up for a [free Speedscale trial](https://speedscale.com/free-trial/) if you do not have one.
+
+```bash
+helm install speedscale-operator speedscale/speedscale-operator \
+	-n speedscale \
+	--create-namespace \
+	--set apiKey=<YOUR-SPEEDSCALE-API-KEY> \
+	--set clusterName=<YOUR-CLUSTER-NAME>
+```
+
+_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._
+
+### Pre-install job failure
+
+We use pre-install job to check provided API key and provision some of the required resources.
+
+If the job failed during the installation, you'll see the following error during install:
+
+```
+Error: INSTALLATION FAILED: failed pre-install: job failed: BackoffLimitExceeded
+```
+
+You can inspect the logs using this command:
+
+```bash
+kubectl -n speedscale logs job/speedscale-operator-pre-install
+```
+
+After fixing the error, uninstall the helm release, delete the failed job
+and try installing again:
+
+```bash
+helm -n speedscale uninstall speedscale-operator
+kubectl -n speedscale delete job speedscale-operator-pre-install
+```
+
+## Uninstall Chart
+
+```bash
+helm -n speedscale uninstall speedscale-operator
+```
+
+This removes all the Kubernetes components associated with the chart and deletes the release.
+
+_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._
+
+CRDs created by this chart are not removed by default and should be manually cleaned up:
+
+```bash
+kubectl delete crd trafficreplays.speedscale.com
+```
+
+## Upgrading Chart
+
+```bash
+helm repo update
+helm -n speedscale upgrade speedscale-operator speedscale/speedscale-operator
+```
+
+With Helm v3, CRDs created by this chart are not updated by default
+and should be manually updated.
+Consult also the [Helm Documentation on CRDs](https://helm.sh/docs/chart_best_practices/custom_resource_definitions).
+
+_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._
+
+### Upgrading an existing Release to a new version
+
+A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an
+incompatible breaking change needing manual actions.
+
+### Upgrade to 1.0.3
+
+BEFORE UPGRADE:
+
+```bash
+kubectl -n speedscale delete secret speedscale-gcrcreds speedscale-apikey
+kubectl delete validatingwebhookconfigurations.admissionregistration.k8s.io speedscale-operator
+kubectl delete mutatingwebhookconfigurations.admissionregistration.k8s.io speedscale-operator
+```
+
+```bash
+kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.0.3/templates/crds/trafficreplays.yaml
+```
+
+### Upgrade to 1.0.0
+
+```bash
+kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.0.0/templates/crds/trafficreplays.yaml
+```
+
+### Upgrade to 0.12.3
+
+```bash
+kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/0.12.3/templates/crds/trafficreplays.yaml
+```
+
+### From version below 0.12.0 to 0.12.x
+This upgrades speedscale-operator to v0.12.x.
+
+Uninstall the previous release and install the chart from scratch.
+
+## Help
+
+Speedscale docs information available at [docs.speedscale.com](https://docs.speedscale.com) or join us
+on the [Speedscale community Slack](https://join.slack.com/t/speedscalecommunity/shared_invite/zt-x5rcrzn4-XHG1QqcHNXIM~4yozRrz8A)!
diff --git a/charts/speedscale-operator/speedscale-operator/1.0.300/app-readme.md b/charts/speedscale-operator/speedscale-operator/1.0.300/app-readme.md
new file mode 100644
index 000000000..c8d27ddcf
--- /dev/null
+++ b/charts/speedscale-operator/speedscale-operator/1.0.300/app-readme.md
@@ -0,0 +1,130 @@
+# Speedscale Operator
+
+The [Speedscale](https://www.speedscale.com) Operator is a [Kubernetes operator](https://kubernetes.io/docs/concepts/extend-kubernetes/operator/)
+that watches for deployments to be applied to the cluster and takes action based on annotations. The operator
+can inject a proxy to capture traffic into or out of applications, or setup an isolation test environment around
+a deployment for testing. The operator itself is a deployment that will be always present on the cluster once
+the helm chart is installed.
+
+## Prerequisites
+
+- Kubernetes 1.16+
+- Helm 3+
+- Appropriate [network and firewall configuration](http://docs.speedscale.com/reference/networking) for Speedscale cloud and webhook traffic
+
+## Get Repo Info
+
+```bash
+helm repo add speedscale https://speedscale.github.io/operator-helm/
+helm repo update
+```
+
+_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._
+
+## Install Chart
+
+An API key is required. Sign up for a [free Speedscale trial](https://speedscale.com/free-trial/) if you do not have one.
+
+```bash
+helm install speedscale-operator speedscale/speedscale-operator \
+	-n speedscale \
+	--create-namespace \
+	--set apiKey=<YOUR-SPEEDSCALE-API-KEY> \
+	--set clusterName=<YOUR-CLUSTER-NAME>
+```
+
+_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._
+
+### Pre-install job failure
+
+We use pre-install job to check provided API key and provision some of the required resources.
+
+If the job failed during the installation, you'll see the following error during install:
+
+```
+Error: INSTALLATION FAILED: failed pre-install: job failed: BackoffLimitExceeded
+```
+
+You can inspect the logs using this command:
+
+```bash
+kubectl -n speedscale logs job/speedscale-operator-pre-install
+```
+
+After fixing the error, uninstall the helm release, delete the failed job
+and try installing again:
+
+```bash
+helm -n speedscale uninstall speedscale-operator
+kubectl -n speedscale delete job speedscale-operator-pre-install
+```
+
+## Uninstall Chart
+
+```bash
+helm -n speedscale uninstall speedscale-operator
+```
+
+This removes all the Kubernetes components associated with the chart and deletes the release.
+
+_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._
+
+CRDs created by this chart are not removed by default and should be manually cleaned up:
+
+```bash
+kubectl delete crd trafficreplays.speedscale.com
+```
+
+## Upgrading Chart
+
+```bash
+helm repo update
+helm -n speedscale upgrade speedscale-operator speedscale/speedscale-operator
+```
+
+With Helm v3, CRDs created by this chart are not updated by default
+and should be manually updated.
+Consult also the [Helm Documentation on CRDs](https://helm.sh/docs/chart_best_practices/custom_resource_definitions).
+
+_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._
+
+### Upgrading an existing Release to a new version
+
+A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an
+incompatible breaking change needing manual actions.
+
+### Upgrade to 1.0.3
+
+BEFORE UPGRADE:
+
+```bash
+kubectl -n speedscale delete secret speedscale-gcrcreds speedscale-apikey
+kubectl delete validatingwebhookconfigurations.admissionregistration.k8s.io speedscale-operator
+kubectl delete mutatingwebhookconfigurations.admissionregistration.k8s.io speedscale-operator
+```
+
+```bash
+kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.0.3/templates/crds/trafficreplays.yaml
+```
+
+### Upgrade to 1.0.0
+
+```bash
+kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.0.0/templates/crds/trafficreplays.yaml
+```
+
+### Upgrade to 0.12.3
+
+```bash
+kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/0.12.3/templates/crds/trafficreplays.yaml
+```
+
+### From version below 0.12.0 to 0.12.x
+This upgrades speedscale-operator to v0.12.x.
+
+Uninstall the previous release and install the chart from scratch.
+
+## Help
+
+Speedscale docs information available at [docs.speedscale.com](https://docs.speedscale.com) or join us
+on the [Speedscale community Slack](https://join.slack.com/t/speedscalecommunity/shared_invite/zt-x5rcrzn4-XHG1QqcHNXIM~4yozRrz8A)!
diff --git a/charts/speedscale-operator/speedscale-operator/1.0.300/questions.yaml b/charts/speedscale-operator/speedscale-operator/1.0.300/questions.yaml
new file mode 100644
index 000000000..29aee3895
--- /dev/null
+++ b/charts/speedscale-operator/speedscale-operator/1.0.300/questions.yaml
@@ -0,0 +1,9 @@
+questions:
+- variable: apiKey
+  default: "fffffffffffffffffffffffffffffffffffffffffffff"
+  description: "An API key is required to connect to the Speedscale cloud."
+  required: true
+  type: string
+  label: API Key
+  group: Authentication
+
diff --git a/charts/speedscale-operator/speedscale-operator/1.0.300/templates/admission.yaml b/charts/speedscale-operator/speedscale-operator/1.0.300/templates/admission.yaml
new file mode 100644
index 000000000..649547435
--- /dev/null
+++ b/charts/speedscale-operator/speedscale-operator/1.0.300/templates/admission.yaml
@@ -0,0 +1,127 @@
+{{- $cacrt := "" -}}
+{{- $crt := "" -}}
+{{- $key := "" -}}
+{{- $s := (lookup "v1" "Secret" .Release.Namespace "speedscale-webhook-certs") -}}
+{{- if $s -}}
+{{- $cacrt = index $s.data "ca.crt" | default (index $s.data "tls.crt") | b64dec -}}
+{{- $crt = index $s.data "tls.crt" | b64dec -}}
+{{- $key = index $s.data "tls.key" | b64dec -}}
+{{ else }}
+{{- $altNames := list ( printf "speedscale-operator.%s" .Release.Namespace ) ( printf "speedscale-operator.%s.svc" .Release.Namespace ) -}}
+{{- $ca := genCA "speedscale-operator" 3650 -}}
+{{- $cert := genSignedCert "speedscale-operator" nil $altNames 3650 $ca -}}
+{{- $cacrt = $ca.Cert -}}	
+{{- $crt = $cert.Cert -}}
+{{- $key = $cert.Key -}}
+{{- end -}}
+---
+apiVersion: v1
+data:
+  ca.crt: {{ $cacrt | b64enc }}
+  tls.crt: {{ $crt | b64enc }}
+  tls.key: {{ $key | b64enc }}
+kind: Secret
+metadata:
+  annotations:
+    helm.sh/hook: pre-install
+    helm.sh/hook-delete-policy: before-hook-creation
+  creationTimestamp: null
+  name: speedscale-webhook-certs
+  namespace: {{ .Release.Namespace }}
+type: kubernetes.io/tls
+---
+apiVersion: admissionregistration.k8s.io/v1
+kind: MutatingWebhookConfiguration
+metadata:
+  creationTimestamp: null
+  name: speedscale-operator
+webhooks:
+- admissionReviewVersions:
+  - v1
+  clientConfig:
+    caBundle: {{ $cacrt | b64enc }}
+    service:
+      name: speedscale-operator
+      namespace: {{ .Release.Namespace }}
+      path: /mutate
+  failurePolicy: Ignore
+  name: sidecar.speedscale.com
+  namespaceSelector: {}
+  rules:
+  - apiGroups:
+    - apps
+    - batch
+    apiVersions:
+    - v1
+    operations:
+    - CREATE
+    - UPDATE
+    - DELETE
+    resources:
+    - deployments
+    - statefulsets
+    - daemonsets
+    - jobs
+    - replicasets
+  sideEffects: None
+  timeoutSeconds: 10
+---
+apiVersion: admissionregistration.k8s.io/v1
+kind: ValidatingWebhookConfiguration
+metadata:
+  creationTimestamp: null
+  name: speedscale-operator-replay
+webhooks:
+- admissionReviewVersions:
+  - v1
+  clientConfig:
+    caBundle: {{ $cacrt | b64enc }}
+    service:
+      name: speedscale-operator
+      namespace: {{ .Release.Namespace }}
+      path: /validate-speedscale-com-v1-trafficreplay
+  failurePolicy: Fail
+  name: replay.speedscale.com
+  namespaceSelector: {}
+  rules:
+  - apiGroups:
+    - speedscale.com
+    apiVersions:
+    - v1
+    operations:
+    - CREATE
+    - UPDATE
+    resources:
+    - trafficreplays
+  sideEffects: None
+  timeoutSeconds: 10
+---
+apiVersion: admissionregistration.k8s.io/v1
+kind: MutatingWebhookConfiguration
+metadata:
+  creationTimestamp: null
+  name: speedscale-operator-replay
+webhooks:
+- admissionReviewVersions:
+  - v1
+  clientConfig:
+    caBundle: {{ $cacrt | b64enc }}
+    service:
+      name: speedscale-operator
+      namespace: {{ .Release.Namespace }}
+      path: /mutate-speedscale-com-v1-trafficreplay
+  failurePolicy: Fail
+  name: replay.speedscale.com
+  namespaceSelector: {}
+  rules:
+  - apiGroups:
+    - speedscale.com
+    apiVersions:
+    - v1
+    operations:
+    - CREATE
+    - UPDATE
+    resources:
+    - trafficreplays
+  sideEffects: None
+  timeoutSeconds: 10
diff --git a/charts/speedscale-operator/speedscale-operator/1.0.300/templates/configmap.yaml b/charts/speedscale-operator/speedscale-operator/1.0.300/templates/configmap.yaml
new file mode 100644
index 000000000..5d3d90237
--- /dev/null
+++ b/charts/speedscale-operator/speedscale-operator/1.0.300/templates/configmap.yaml
@@ -0,0 +1,24 @@
+---
+apiVersion: v1
+data:
+  CLI_VERSION: v1.0.29
+  CLUSTER_NAME: {{ .Values.clusterName }}
+  IMAGE_PULL_POLICY: {{ .Values.image.pullPolicy }}
+  IMAGE_PULL_SECRETS: ""
+  IMAGE_REGISTRY: {{ .Values.image.registry }}
+  IMAGE_TAG: {{ .Values.image.tag }}
+  INSTALL_SOURCE: helm
+  INSTANCE_ID: '{{- $cm := (lookup "v1" "ConfigMap" .Release.Namespace "speedscale-operator")
+    -}}{{ if $cm }}{{ $cm.data.INSTANCE_ID }}{{ else }}{{ ( printf "%s-%s-%s" .Values.clusterName
+    .Release.Namespace uuidv4 ) }}{{ end }}'
+  LOG_LEVEL: {{ .Values.logLevel }}
+  SPEEDSCALE_DLP_CONFIG: {{ .Values.dlp.config }}
+  SPEEDSCALE_FILTER_RULE: {{ .Values.filterRule }}
+  TELEMETRY_INTERVAL: 2s
+  WITH_DLP: {{ .Values.dlp.enabled | quote }}
+  WITH_INSPECTOR: {{ .Values.dashboardAccess | quote }}
+kind: ConfigMap
+metadata:
+  creationTimestamp: null
+  name: speedscale-operator
+  namespace: {{ .Release.Namespace }}
diff --git a/charts/speedscale-operator/speedscale-operator/1.0.300/templates/crds/trafficreplays.yaml b/charts/speedscale-operator/speedscale-operator/1.0.300/templates/crds/trafficreplays.yaml
new file mode 100644
index 000000000..886af2a69
--- /dev/null
+++ b/charts/speedscale-operator/speedscale-operator/1.0.300/templates/crds/trafficreplays.yaml
@@ -0,0 +1,273 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.8.0
+  creationTimestamp: null
+  name: trafficreplays.speedscale.com
+spec:
+  group: speedscale.com
+  names:
+    kind: TrafficReplay
+    listKind: TrafficReplayList
+    plural: trafficreplays
+    shortNames:
+    - replay
+    singular: trafficreplay
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .status.active
+      name: Active
+      type: boolean
+    - jsonPath: .spec.mode
+      name: Mode
+      type: string
+    - jsonPath: .status.conditions[-1:].message
+      name: Status
+      type: string
+    - jsonPath: .metadata.creationTimestamp
+      name: Age
+      type: date
+    name: v1
+    schema:
+      openAPIV3Schema:
+        description: TrafficReplay is the Schema for the trafficreplays API
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: TrafficReplaySpec defines the desired state of TrafficReplay
+            properties:
+              buildTag:
+                description: BuildTag links a unique tag, build hash, etc. to the
+                  generated traffic replay report. That way you can connect the report
+                  results to the version of the code that was tested.
+                type: string
+              cleanup:
+                description: Cleanup is the name of cleanup mode used for this TrafficReplay.
+                enum:
+                - inventory
+                - all
+                - none
+                type: string
+              collectLogs:
+                description: CollectLogs enables or disables log collection from target
+                  workload. Defaults to true.
+                type: boolean
+              configChecksum:
+                description: ConfigChecksum is the SHA1 checksum of the configuration.
+                type: string
+              customURL:
+                description: CustomURL allows to specify custom URL to SUT.
+                type: string
+              generatorLowData:
+                description: Setting GeneratorLowData to 'true' forces the generator
+                  into a high efficiency/low data output mode. This is ideal for high
+                  volume performance tests. Defaults to false.
+                type: boolean
+              injectSidecar:
+                description: InjectSidecar enables or disables sidecar injection during
+                  the replay. Defaults to false.
+                type: boolean
+              mode:
+                description: Mode is the name of replay mode used for this TrafficReplay.
+                enum:
+                - full-replay
+                - responder-only
+                - generator-only
+                type: string
+              proxyMode:
+                description: ProxyMode defines proxy operational mode used with injected
+                  sidecar.
+                type: string
+              responderLowData:
+                description: Setting ResponderLowData to 'true' forces the responder
+                  into a high efficiency/low data output mode. This is ideal for high
+                  volume performance tests. Defaults to false.
+                type: boolean
+              secretRefs:
+                description: SecretRefs hold the references to the secrets which contain
+                  various secrets like (e.g. short-lived JWTs to be used by the generator
+                  for authorization with HTTP calls).
+                items:
+                  description: LocalObjectReference contains enough information to
+                    locate the referenced Kubernetes resource object.
+                  properties:
+                    name:
+                      description: Name of the referent.
+                      type: string
+                  required:
+                  - name
+                  type: object
+                type: array
+              snapshotID:
+                description: SnapshotID is the id of the traffic snapshot for this
+                  TrafficReplay.
+                type: string
+              testConfigID:
+                description: TestConfigID is the id of the replay configuration to
+                  be used by the generator and responder for the TrafficReplay.
+                type: string
+              timeout:
+                description: Timeout is the time to wait for replay test to finish.
+                  Defaults to value of the `TIMEOUT` setting of the operator.
+                type: string
+              ttlAfterReady:
+                description: TTLAfterReady provides a TTL (time to live) mechanism
+                  to limit the lifetime of TrafficReplay object that have finished
+                  the execution and reached its final state (either complete or failed).
+                type: string
+              workloadRef:
+                description: The reference to the target workload (SUT - system under
+                  test) for TrafficReplay. The operations will be performed in the
+                  namespace of the target object.
+                properties:
+                  apiVersion:
+                    description: API version of the referent
+                    type: string
+                  kind:
+                    description: Kind of the referent
+                    type: string
+                  name:
+                    description: Name of the referent
+                    type: string
+                  namespace:
+                    description: Namespace of the referent, defaults to the TrafficReplay
+                      namespace
+                    type: string
+                required:
+                - kind
+                - name
+                type: object
+            required:
+            - snapshotID
+            - workloadRef
+            type: object
+          status:
+            default:
+              observedGeneration: -1
+            description: TrafficReplayStatus defines the observed state of TrafficReplay
+            properties:
+              active:
+                description: Active indicates whether this traffic replay is currently
+                  underway or not.
+                type: boolean
+              conditions:
+                items:
+                  description: "Condition contains details for one aspect of the current
+                    state of this API Resource. --- This struct is intended for direct
+                    use as an array at the field path .status.conditions.  For example,
+                    type FooStatus struct{ // Represents the observations of a foo's
+                    current state. // Known .status.conditions.type are: \"Available\",
+                    \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
+                    // +listType=map // +listMapKey=type Conditions []metav1.Condition
+                    `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
+                    protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
+                  properties:
+                    lastTransitionTime:
+                      description: lastTransitionTime is the last time the condition
+                        transitioned from one status to another. This should be when
+                        the underlying condition changed.  If that is not known, then
+                        using the time when the API field changed is acceptable.
+                      format: date-time
+                      type: string
+                    message:
+                      description: message is a human readable message indicating
+                        details about the transition. This may be an empty string.
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      description: observedGeneration represents the .metadata.generation
+                        that the condition was set based upon. For instance, if .metadata.generation
+                        is currently 12, but the .status.conditions[x].observedGeneration
+                        is 9, the condition is out of date with respect to the current
+                        state of the instance.
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      description: reason contains a programmatic identifier indicating
+                        the reason for the condition's last transition. Producers
+                        of specific condition types may define expected values and
+                        meanings for this field, and whether the values are considered
+                        a guaranteed API. The value should be a CamelCase string.
+                        This field may not be empty.
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      description: status of the condition, one of True, False, Unknown.
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      description: type of condition in CamelCase or in foo.example.com/CamelCase.
+                        --- Many .condition.type values are consistent across resources
+                        like Available, but because arbitrary conditions can be useful
+                        (see .node.status.conditions), the ability to deconflict is
+                        important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+              finishedTime:
+                description: Information when the traffic replay has finished.
+                format: date-time
+                type: string
+              initializedTime:
+                description: Information when the test environment was successfully
+                  prepared.
+                format: date-time
+                type: string
+              observedGeneration:
+                description: ObservedGeneration is the last observed generation.
+                format: int64
+                type: integer
+              reportID:
+                description: The id of the traffic replay report created.
+                type: string
+              reportURL:
+                description: The url to the traffic replay report.
+                type: string
+              startedTime:
+                description: Information when the traffic replay has started.
+                format: date-time
+                type: string
+              workloadHost:
+                description: WorkloadHost is the host address which is targeted during
+                  the traffic replay.
+                type: string
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []
diff --git a/charts/speedscale-operator/speedscale-operator/1.0.300/templates/deployments.yaml b/charts/speedscale-operator/speedscale-operator/1.0.300/templates/deployments.yaml
new file mode 100644
index 000000000..1575711be
--- /dev/null
+++ b/charts/speedscale-operator/speedscale-operator/1.0.300/templates/deployments.yaml
@@ -0,0 +1,114 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  annotations:
+    operator.speedscale.com/ignore: "true"
+  creationTimestamp: null
+  labels:
+    app: speedscale-operator
+    controlplane.speedscale.com/component: operator
+  name: speedscale-operator
+  namespace: {{ .Release.Namespace }}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: speedscale-operator
+      controlplane.speedscale.com/component: operator
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      annotations:
+        checksum/config: |
+          {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+      creationTimestamp: null
+      labels:
+        app: speedscale-operator
+        controlplane.speedscale.com/component: operator
+    spec:
+      containers:
+      - command:
+        - /operator
+        env:
+        - name: POD_NAME
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: metadata.name
+        - name: POD_NAMESPACE
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: metadata.namespace
+        envFrom:
+        - configMapRef:
+            name: speedscale-operator
+        - secretRef:
+            name: speedscale-apikey
+            optional: false
+        image: '{{ .Values.image.registry }}/operator:{{ .Values.image.tag }}'
+        imagePullPolicy: {{ .Values.image.pullPolicy }}
+        livenessProbe:
+          failureThreshold: 3
+          httpGet:
+            path: /healthz
+            port: health-check
+            scheme: HTTP
+          initialDelaySeconds: 1
+          periodSeconds: 10
+          successThreshold: 1
+          timeoutSeconds: 2
+        name: operator
+        ports:
+        - containerPort: 9443
+          name: webhook-server
+        - containerPort: 8081
+          name: health-check
+        readinessProbe:
+          failureThreshold: 5
+          httpGet:
+            path: /readyz
+            port: health-check
+            scheme: HTTP
+          initialDelaySeconds: 5
+          periodSeconds: 1
+          successThreshold: 1
+          timeoutSeconds: 2
+        resources:
+          limits:
+            cpu: 100m
+            memory: 512Mi
+          requests:
+            cpu: 100m
+            memory: 128Mi
+        securityContext:
+          allowPrivilegeEscalation: false
+          privileged: false
+          readOnlyRootFilesystem: true
+          runAsNonRoot: true
+          runAsUser: 2100
+        volumeMounts:
+        - mountPath: /tmp
+          name: tmp
+        - mountPath: /tmp/k8s-webhook-server/serving-certs
+          name: webhook-certs
+          readOnly: true
+        - mountPath: /etc/ssl/speedscale
+          name: speedscale-tls-out
+          readOnly: true
+      securityContext:
+        runAsNonRoot: true
+      serviceAccountName: speedscale-operator
+      terminationGracePeriodSeconds: 10
+      volumes:
+      - emptyDir: {}
+        name: tmp
+      - name: webhook-certs
+        secret:
+          secretName: speedscale-webhook-certs
+      - name: speedscale-tls-out
+        secret:
+          secretName: speedscale-certs
+status: {}
diff --git a/charts/speedscale-operator/speedscale-operator/1.0.300/templates/hooks.yaml b/charts/speedscale-operator/speedscale-operator/1.0.300/templates/hooks.yaml
new file mode 100644
index 000000000..7ba9e8c0f
--- /dev/null
+++ b/charts/speedscale-operator/speedscale-operator/1.0.300/templates/hooks.yaml
@@ -0,0 +1,103 @@
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  annotations:
+    helm.sh/hook: pre-install
+    helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
+    helm.sh/hook-weight: "4"
+  creationTimestamp: null
+  name: speedscale-operator-pre-install
+  namespace: {{ .Release.Namespace }}
+spec:
+  backoffLimit: 0
+  template:
+    metadata:
+      creationTimestamp: null
+    spec:
+      containers:
+      - args:
+        - |-
+          speedctl init --overwrite --no-rcfile-update \
+          --api-key {{ required "A valid .Values.apiKey is required!" .Values.apiKey }} \
+          --app-url {{ required "A valid .Values.appUrl is required!" .Values.appUrl }}
+        command:
+        - sh
+        - -c
+        image: '{{ .Values.image.registry }}/speedscale-cli:{{ .Values.image.tag }}'
+        imagePullPolicy: {{ .Values.image.pullPolicy }}
+        name: speedscale-cli
+        resources: {}
+      restartPolicy: Never
+status: {}
+---
+apiVersion: v1
+automountServiceAccountToken: true
+kind: ServiceAccount
+metadata:
+  annotations:
+    helm.sh/hook: pre-install
+    helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
+    helm.sh/hook-weight: "1"
+  creationTimestamp: null
+  labels:
+    app: speedscale-operator
+    controlplane.speedscale.com/component: operator
+  name: speedscale-operator-provisioning
+  namespace: {{ .Release.Namespace }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  annotations:
+    helm.sh/hook: pre-install
+    helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
+    helm.sh/hook-weight: "2"
+  creationTimestamp: null
+  name: speedscale-operator-provisioning
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - secrets
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - admissionregistration.k8s.io
+  resources:
+  - mutatingwebhookconfigurations
+  - validatingwebhookconfigurations
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  annotations:
+    helm.sh/hook: pre-install
+    helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
+    helm.sh/hook-weight: "3"
+  creationTimestamp: null
+  name: speedscale-operator-provisioning
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: speedscale-operator-provisioning
+subjects:
+- kind: ServiceAccount
+  name: speedscale-operator-provisioning
+  namespace: {{ .Release.Namespace }}
diff --git a/charts/speedscale-operator/speedscale-operator/1.0.300/templates/rbac.yaml b/charts/speedscale-operator/speedscale-operator/1.0.300/templates/rbac.yaml
new file mode 100644
index 000000000..e6c532b9c
--- /dev/null
+++ b/charts/speedscale-operator/speedscale-operator/1.0.300/templates/rbac.yaml
@@ -0,0 +1,192 @@
+---
+apiVersion: v1
+automountServiceAccountToken: true
+imagePullSecrets:
+- name: speedscale-gcrcreds
+kind: ServiceAccount
+metadata:
+  creationTimestamp: null
+  labels:
+    app: speedscale-operator
+    controlplane.speedscale.com/component: operator
+  name: speedscale-operator
+  namespace: {{ .Release.Namespace }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  creationTimestamp: null
+  name: speedscale-operator
+rules:
+- apiGroups:
+  - apps
+  resources:
+  - deployments
+  - statefulsets
+  - daemonsets
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - apps
+  resources:
+  - replicasets
+  verbs:
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - batch
+  resources:
+  - jobs
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - namespaces
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  - secrets
+  - pods
+  - services
+  - serviceaccounts
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - ""
+  resources:
+  - pods/log
+  verbs:
+  - get
+  - list
+- apiGroups:
+  - ""
+  resources:
+  - nodes
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - metrics.k8s.io
+  resources:
+  - pods
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - policy
+  resources:
+  - podsecuritypolicies
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - use
+- apiGroups:
+  - rbac.authorization.k8s.io
+  resources:
+  - rolebindings
+  - roles
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - networking.istio.io
+  resources:
+  - envoyfilters
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - coordination.k8s.io
+  resources:
+  - leases
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - speedscale.com
+  resources:
+  - trafficreplays
+  verbs:
+  - create
+  - delete
+  - deletecollection
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - speedscale.com
+  resources:
+  - trafficreplays/status
+  verbs:
+  - get
+  - update
+  - patch
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  creationTimestamp: null
+  name: speedscale-operator
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: speedscale-operator
+subjects:
+- kind: ServiceAccount
+  name: speedscale-operator
+  namespace: {{ .Release.Namespace }}
diff --git a/charts/speedscale-operator/speedscale-operator/1.0.300/templates/secrets.yaml b/charts/speedscale-operator/speedscale-operator/1.0.300/templates/secrets.yaml
new file mode 100644
index 000000000..097e29312
--- /dev/null
+++ b/charts/speedscale-operator/speedscale-operator/1.0.300/templates/secrets.yaml
@@ -0,0 +1,21 @@
+---
+apiVersion: v1
+data:
+  .dockerconfigjson: eyJhdXRocyI6eyJnY3IuaW8iOnsidXNlcm5hbWUiOiJfanNvbl9rZXkiLCJwYXNzd29yZCI6IntcbiAgXCJ0eXBlXCI6IFwic2VydmljZV9hY2NvdW50XCIsXG4gIFwicHJvamVjdF9pZFwiOiBcInNwZWVkc2NhbGVcIixcbiAgXCJwcml2YXRlX2tleV9pZFwiOiBcIjQyNzU2ZWQ2NWU0ZGE3ZTE2ODEyOTgxOTk4ODFiZGZmOGZlODY1Y2NcIixcbiAgXCJwcml2YXRlX2tleVwiOiBcIi0tLS0tQkVHSU4gUFJJVkFURSBLRVktLS0tLVxcbk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRQzRwbHZ3TTEvek0xeWhcXG5hUFZvRDBQZjNMb0lnTDNDM2xNMGM0TVFNL2lsb2JSS3NObTA1WnRiVFhUVGx3RklxODJDVnl2NlU2U0hXM0V1XFxuaDdyQllFUmRTRHJLSTNNNEUyV3AxY3c5TkdKYTNuc1hGSWhLRmU3ZThSandsUk92eXlYLzE0UEVmN3NOdGlMVFxcbmtPK2JqckpxVEVpU2NCUFloUkQvRnFFZmJWQm9NYnZpdkVDQkY2dGRqcTVwRiswVmdiT2FEdnJqZ2dRdnVWdHVcXG5VYzlRcW5QaE1CU3Z3dE5oOTZGc2dncnVFQ1N6Z2UyYTVJRE5wYmYwb2U3ZTVycFU0c0hSb3l1ZWlOeU1ZSHpYXFxuUjQraGRFNTJnOXFLN3dYTStHUi9OREdMUkgxeDlhdjRZYlBURTZnOGtkcWdCQVp0c05KaDRwVUp6Y1VWMENJV1xcbmZuRFNlNkhGQWdNQkFBRUNnZ0VBSFNEdFB2cXp4N2RTQlFwOE1ESzhSOXZYb3hEQUhyWVkxUnpsejVBTFNRRzFcXG40ZFI5TzRxL0U4dW53dHMrOGhwY0hKUW8xV0FOZytiYWQzY2s4RzJCeTE5aUd0STEwbUpJOXQ1SnpsdnRxaDBQXFxudU9mZHlpWWtuUm5XajlsTWxqNUxXODFCTmFYYXVjS0NRdkxKd2JYa2tsMC9VNDZIcXUvdTZ2YkVheU5BL0hhYlxcblF0K1ROZlpaQW9MWmE0dnZrd0xLQ1VGNUkvenZnK21OTytZWllwV0V5QjR0U3JtMnpiWm96c3hMVFZ5TFR2WFVcXG5JZkFNYUE4UktyMGxIVXZ5WEZvd2l5N0F3bU5sanFCQlkyRkFXM3VyU3VOZ1YxdXdhQnRwN2w5OStaaCtiKzhPXFxuYW01QStuS2lvQk00TG54cGVwZThuVGkxU1Fsa3dZaG0zR0s5MktyZ3NRS0JnUURwWG1nZEZPbnpyaXhKYXRPZVxcbmt2RDR5L2d2WmNSdmJ1dDVwL0pZeFpBUnN5SytIM1RPMzJvK09sTm4rcG8vL2lPK0lvMTRaUUFKMm1MTU4vakhcXG5iM0hnTm1aV2dHRWk2blNBQ3QvYklPYUh2SHh5L0NtTEwzbTBUbjJnNzBScVZtVUpIMXZMQjhVUWlNY0ZHQnA3XFxuNFB4Tk4xeTZBY1BvUVRPVWlDT2tPZWZOeVFLQmdRREtqblhXVFEweGpjazdaVjIvRjBhYW8ybHRlTFpHdUZXQ1xcbjJnbTB0QSs5UUIzckhMcVZ4dWJwenZpd3dIclJHTlV0RDhRdjBJWU52TW11YSt1cXRVcFVaOE5LWXVDeWZQZ3VcXG5yWUxqUHlVVGxmOE4yaXVkYVIyZStVWDZCOWE0dXBYanJLdWtkWDM4SVlwZmJLS0RTQ3ZuZFlzT0x1ai9GeDRyXFxuMmVtdWRvL0NIUUtCZ0VTRmx0WnJMS0tEVXJlZjZWRVhYaS8vVy9rMnpXM1d5TWRvMjh6YS9ZbGs2dCtlUnVMelxcblVMUEMxbmlpYWFZK2plb25KUmpqdHhZdGpITGdRR2oydlI0VGV3c05HUGh5bFJCL29Pa3JpT1QwSUNwM0JnKzdcXG5PZVlLWWZMZUxsMTJ6cVhXRWxMVURqWGpvMlJJaG9ZM01uM05zcWxmR1ZIWnl6WmludXg2b0NpWkFvR0Fkb2R5XFxuc1JxWms5dlNXNjF2ZERqY21mVHg1cHR5bm1PVHRtUjh0WCtBamxBTXNkNDMyUmx4V25SQTFyMXJvUndVOHE5OVxcbk1EV25uRFpURm53VWhlcGNPcFFWbFZ2Uy9OOWdJNEJwVFMxUU51dlpPblBtZmRCYkF3SC9UdFp6Y2RuTmlGTXNcXG5oYW96Tk8wem1hOXFVY1JUM0xmTnpWanFBd3UySGhjQVJaVWZmb2tDZ1lFQWdhVEZhb1dnbENOazZtU0JlSXR2XFxuVjUxN3BOSFlXeHlpRzlwTDJIUUxFeDhwdkdWZFp1dUlONHdGdk13UzRldm1VeWN0dmkvMmc2R1FXdS9nYUFPVlxcblhuVXVtMi9xZ1grcTFjNEZFN0J4K3BGTFBCQkVBb1hodUwzSUZxczlRcGoxZG0wTG1tQjg0UHlFU0JEUzh1WGtcXG5lUWF3UkZHSHhpVzhhT1VnbWcxZ0FRQT1cXG4tLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tXFxuXCIsXG4gIFwiY2xpZW50X2VtYWlsXCI6IFwiZ2NycHVsbDJAc3BlZWRzY2FsZS5pYW0uZ3NlcnZpY2VhY2NvdW50LmNvbVwiLFxuICBcImNsaWVudF9pZFwiOiBcIjEwNzc4NTY0MDY5MzQzMzQ1MTc5OFwiLFxuICBcImF1dGhfdXJpXCI6IFwiaHR0cHM6Ly9hY2NvdW50cy5nb29nbGUuY29tL28vb2F1dGgyL2F1dGhcIixcbiAgXCJ0b2tlbl91cmlcIjogXCJodHRwczovL29hdXRoMi5nb29nbGVhcGlzLmNvbS90b2tlblwiLFxuICBcImF1dGhfcHJvdmlkZXJfeDUwOV9jZXJ0X3VybFwiOiBcImh0dHBzOi8vd3d3Lmdvb2dsZWFwaXMuY29tL29hdXRoMi92MS9jZXJ0c1wiLFxuICBcImNsaWVudF94NTA5X2NlcnRfdXJsXCI6IFwiaHR0cHM6Ly93d3cuZ29vZ2xlYXBpcy5jb20vcm9ib3QvdjEvbWV0YWRhdGEveDUwOS9nY3JwdWxsMiU0MHNwZWVkc2NhbGUuaWFtLmdzZXJ2aWNlYWNjb3VudC5jb21cIlxufSIsImVtYWlsIjoiZ2NycHVsbEBzcGVlZHNjYWxlLmlhbS5nc2VydmljZWFjY291bnQuY29tIiwiYXV0aCI6IlgycHpiMjVmYTJWNU9uc0tJQ0FpZEhsd1pTSTZJQ0p6WlhKMmFXTmxYMkZqWTI5MWJuUWlMQW9nSUNKd2NtOXFaV04wWDJsa0lqb2dJbk53WldWa2MyTmhiR1VpTEFvZ0lDSndjbWwyWVhSbFgydGxlVjlwWkNJNklDSTBNamMxTm1Wa05qVmxOR1JoTjJVeE5qZ3hNams0TVRrNU9EZ3hZbVJtWmpobVpUZzJOV05qSWl3S0lDQWljSEpwZG1GMFpWOXJaWGtpT2lBaUxTMHRMUzFDUlVkSlRpQlFVa2xXUVZSRklFdEZXUzB0TFMwdFhHNU5TVWxGZGxGSlFrRkVRVTVDWjJ0eGFHdHBSemwzTUVKQlVVVkdRVUZUUTBKTFkzZG5aMU5xUVdkRlFVRnZTVUpCVVVNMGNHeDJkMDB4TDNwTk1YbG9YRzVoVUZadlJEQlFaak5NYjBsblRETkRNMnhOTUdNMFRWRk5MMmxzYjJKU1MzTk9iVEExV25SaVZGaFVWR3gzUmtseE9ESkRWbmwyTmxVMlUwaFhNMFYxWEc1b04zSkNXVVZTWkZORWNrdEpNMDAwUlRKWGNERmpkemxPUjBwaE0yNXpXRVpKYUV0R1pUZGxPRkpxZDJ4U1QzWjVlVmd2TVRSUVJXWTNjMDUwYVV4VVhHNXJUeXRpYW5KS2NWUkZhVk5qUWxCWmFGSkVMMFp4UldaaVZrSnZUV0oyYVhaRlEwSkdOblJrYW5FMWNFWXJNRlpuWWs5aFJIWnlhbWRuVVhaMVZuUjFYRzVWWXpsUmNXNVFhRTFDVTNaM2RFNW9PVFpHYzJkbmNuVkZRMU42WjJVeVlUVkpSRTV3WW1Zd2IyVTNaVFZ5Y0ZVMGMwaFNiM2wxWldsT2VVMVpTSHBZWEc1U05DdG9aRVUxTW1jNWNVczNkMWhOSzBkU0wwNUVSMHhTU0RGNE9XRjJORmxpVUZSRk5tYzRhMlJ4WjBKQlduUnpUa3BvTkhCVlNucGpWVll3UTBsWFhHNW1ia1JUWlRaSVJrRm5UVUpCUVVWRFoyZEZRVWhUUkhSUWRuRjZlRGRrVTBKUmNEaE5SRXM0VWpsMldHOTRSRUZJY2xsWk1WSjZiSG8xUVV4VFVVY3hYRzQwWkZJNVR6UnhMMFU0ZFc1M2RITXJPR2h3WTBoS1VXOHhWMEZPWnl0aVlXUXpZMnM0UnpKQ2VURTVhVWQwU1RFd2JVcEpPWFExU25wc2RuUnhhREJRWEc1MVQyWmtlV2xaYTI1U2JsZHFPV3hOYkdvMVRGYzRNVUpPWVZoaGRXTkxRMUYyVEVwM1lsaHJhMnd3TDFVME5raHhkUzkxTm5aaVJXRjVUa0V2U0dGaVhHNVJkQ3RVVG1aYVdrRnZURnBoTkhaMmEzZE1TME5WUmpWSkwzcDJaeXR0VGs4cldWcFpjRmRGZVVJMGRGTnliVEo2WWxwdmVuTjRURlJXZVV4VWRsaFZYRzVKWmtGTllVRTRVa3R5TUd4SVZYWjVXRVp2ZDJsNU4wRjNiVTVzYW5GQ1Fsa3lSa0ZYTTNWeVUzVk9aMVl4ZFhkaFFuUndOMnc1T1N0YWFDdGlLemhQWEc1aGJUVkJLMjVMYVc5Q1RUUk1ibmh3WlhCbE9HNVVhVEZUVVd4cmQxbG9iVE5IU3preVMzSm5jMUZMUW1kUlJIQlliV2RrUms5dWVuSnBlRXBoZEU5bFhHNXJka1EwZVM5bmRscGpVblppZFhRMWNDOUtXWGhhUVZKemVVc3JTRE5VVHpNeWJ5dFBiRTV1SzNCdkx5OXBUeXRKYnpFMFdsRkJTakp0VEUxT0wycElYRzVpTTBoblRtMWFWMmRIUldrMmJsTkJRM1F2WWtsUFlVaDJTSGg1TDBOdFRFd3piVEJVYmpKbk56QlNjVlp0VlVwSU1YWk1RamhWVVdsTlkwWkhRbkEzWEc0MFVIaE9UakY1TmtGalVHOVJWRTlWYVVOUGEwOWxaazU1VVV0Q1oxRkVTMnB1V0ZkVVVUQjRhbU5yTjFwV01pOUdNR0ZoYnpKc2RHVk1Xa2QxUmxkRFhHNHlaMjB3ZEVFck9WRkNNM0pJVEhGV2VIVmljSHAyYVhkM1NISlNSMDVWZEVRNFVYWXdTVmxPZGsxdGRXRXJkWEYwVlhCVldqaE9TMWwxUTNsbVVHZDFYRzV5V1V4cVVIbFZWR3htT0U0eWFYVmtZVkl5WlN0VldEWkNPV0UwZFhCWWFuSkxkV3RrV0RNNFNWbHdabUpMUzBSVFEzWnVaRmx6VDB4MWFpOUdlRFJ5WEc0eVpXMTFaRzh2UTBoUlMwSm5SVk5HYkhSYWNreExTMFJWY21WbU5sWkZXRmhwTHk5WEwyc3llbGN6VjNsTlpHOHlPSHBoTDFsc2F6WjBLMlZTZFV4NlhHNVZURkJETVc1cGFXRmhXU3RxWlc5dVNsSnFhblI0V1hScVNFeG5VVWRxTW5aU05GUmxkM05PUjFCb2VXeFNRaTl2VDJ0eWFVOVVNRWxEY0ROQ1p5czNYRzVQWlZsTFdXWk1aVXhzTVRKNmNWaFhSV3hNVlVScVdHcHZNbEpKYUc5Wk0wMXVNMDV6Y1d4bVIxWklXbmw2V21sdWRYZzJiME5wV2tGdlIwRmtiMlI1WEc1elVuRmFhemwyVTFjMk1YWmtSR3BqYldaVWVEVndkSGx1YlU5VWRHMVNPSFJZSzBGcWJFRk5jMlEwTXpKU2JIaFhibEpCTVhJeGNtOVNkMVU0Y1RrNVhHNU5SRmR1YmtSYVZFWnVkMVZvWlhCalQzQlJWbXhXZGxNdlRqbG5TVFJDY0ZSVE1WRk9kWFphVDI1UWJXWmtRbUpCZDBndlZIUmFlbU5rYms1cFJrMXpYRzVvWVc5NlRrOHdlbTFoT1hGVlkxSlVNMHhtVG5wV2FuRkJkM1V5U0doalFWSmFWV1ptYjJ0RFoxbEZRV2RoVkVaaGIxZG5iRU5PYXpadFUwSmxTWFIyWEc1V05URTNjRTVJV1ZkNGVXbEhPWEJNTWtoUlRFVjRPSEIyUjFaa1duVjFTVTQwZDBaMlRYZFROR1YyYlZWNVkzUjJhUzh5WnpaSFVWZDFMMmRoUVU5V1hHNVlibFYxYlRJdmNXZFlLM0V4WXpSR1JUZENlQ3R3Umt4UVFrSkZRVzlZYUhWTU0wbEdjWE01VVhCcU1XUnRNRXh0YlVJNE5GQjVSVk5DUkZNNGRWaHJYRzVsVVdGM1VrWkhTSGhwVnpoaFQxVm5iV2N4WjBGUlFUMWNiaTB0TFMwdFJVNUVJRkJTU1ZaQlZFVWdTMFZaTFMwdExTMWNiaUlzQ2lBZ0ltTnNhV1Z1ZEY5bGJXRnBiQ0k2SUNKblkzSndkV3hzTWtCemNHVmxaSE5qWVd4bExtbGhiUzVuYzJWeWRtbGpaV0ZqWTI5MWJuUXVZMjl0SWl3S0lDQWlZMnhwWlc1MFgybGtJam9nSWpFd056YzROVFkwTURZNU16UXpNelExTVRjNU9DSXNDaUFnSW1GMWRHaGZkWEpwSWpvZ0ltaDBkSEJ6T2k4dllXTmpiM1Z1ZEhNdVoyOXZaMnhsTG1OdmJTOXZMMjloZFhSb01pOWhkWFJvSWl3S0lDQWlkRzlyWlc1ZmRYSnBJam9nSW1oMGRIQnpPaTh2YjJGMWRHZ3lMbWR2YjJkc1pXRndhWE11WTI5dEwzUnZhMlZ1SWl3S0lDQWlZWFYwYUY5d2NtOTJhV1JsY2w5NE5UQTVYMk5sY25SZmRYSnNJam9nSW1oMGRIQnpPaTh2ZDNkM0xtZHZiMmRzWldGd2FYTXVZMjl0TDI5aGRYUm9NaTkyTVM5alpYSjBjeUlzQ2lBZ0ltTnNhV1Z1ZEY5NE5UQTVYMk5sY25SZmRYSnNJam9nSW1oMGRIQnpPaTh2ZDNkM0xtZHZiMmRzWldGd2FYTXVZMjl0TDNKdlltOTBMM1l4TDIxbGRHRmtZWFJoTDNnMU1Ea3ZaMk55Y0hWc2JESWxOREJ6Y0dWbFpITmpZV3hsTG1saGJTNW5jMlZ5ZG1salpXRmpZMjkxYm5RdVkyOXRJZ3A5In19fQ==
+kind: Secret
+metadata:
+  creationTimestamp: null
+  name: speedscale-gcrcreds
+  namespace: {{ .Release.Namespace }}
+type: kubernetes.io/dockerconfigjson
+---
+apiVersion: v1
+data:
+  SPEEDSCALE_API_KEY: {{ .Values.apiKey | b64enc }}
+  SPEEDSCALE_APP_URL: {{ .Values.appUrl | b64enc }}
+kind: Secret
+metadata:
+  creationTimestamp: null
+  name: speedscale-apikey
+  namespace: {{ .Release.Namespace }}
+type: Opaque
diff --git a/charts/speedscale-operator/speedscale-operator/1.0.300/templates/services.yaml b/charts/speedscale-operator/speedscale-operator/1.0.300/templates/services.yaml
new file mode 100644
index 000000000..d6169bbf3
--- /dev/null
+++ b/charts/speedscale-operator/speedscale-operator/1.0.300/templates/services.yaml
@@ -0,0 +1,20 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  creationTimestamp: null
+  labels:
+    app: speedscale-operator
+    controlplane.speedscale.com/component: operator
+  name: speedscale-operator
+  namespace: {{ .Release.Namespace }}
+spec:
+  ports:
+  - port: 443
+    protocol: TCP
+    targetPort: 9443
+  selector:
+    app: speedscale-operator
+    controlplane.speedscale.com/component: operator
+status:
+  loadBalancer: {}
diff --git a/charts/speedscale-operator/speedscale-operator/1.0.300/templates/tls.yaml b/charts/speedscale-operator/speedscale-operator/1.0.300/templates/tls.yaml
new file mode 100644
index 000000000..54404314f
--- /dev/null
+++ b/charts/speedscale-operator/speedscale-operator/1.0.300/templates/tls.yaml
@@ -0,0 +1,25 @@
+{{- $crt := "" -}}
+{{- $key := "" -}}
+{{- $s := (lookup "v1" "Secret" .Release.Namespace "speedscale-certs") -}}
+{{- if $s -}}
+{{- $crt = index $s.data "tls.crt" | b64dec -}}
+{{- $key = index $s.data "tls.key" | b64dec -}}
+{{ else }}
+{{- $cert := genCA "Speedscale" 3650 -}}
+{{- $crt = $cert.Cert -}}
+{{- $key = $cert.Key -}}
+{{- end -}}
+---
+apiVersion: v1
+data:
+  tls.crt: {{ $crt | b64enc }}
+  tls.key: {{ $key | b64enc }}
+kind: Secret
+metadata:
+  annotations:
+    helm.sh/hook: pre-install
+    helm.sh/hook-delete-policy: before-hook-creation
+  creationTimestamp: null
+  name: speedscale-certs
+  namespace: {{ .Release.Namespace }}
+type: kubernetes.io/tls
diff --git a/charts/speedscale-operator/speedscale-operator/1.0.300/values.yaml b/charts/speedscale-operator/speedscale-operator/1.0.300/values.yaml
new file mode 100644
index 000000000..e0aab2836
--- /dev/null
+++ b/charts/speedscale-operator/speedscale-operator/1.0.300/values.yaml
@@ -0,0 +1,35 @@
+# An API key is required to connect to the Speedscale cloud.
+# If you need a key email support@speedscale.com.
+apiKey: ""
+# Speedscale domain to use.
+appUrl: "app.speedscale.com"
+
+# The name of your cluster.
+clusterName: "my-cluster"
+
+# Speedscale components image settings.
+image:
+    registry: gcr.io/speedscale
+    tag: v1.0.29
+    pullPolicy: Always
+
+# Log level for Speedscale components.
+logLevel: "info"
+
+# Namespaces to be watched by Speedscale Operator.
+namespaceSelector: {}
+
+# Instructs operator to deploy resources necessary to interact with your cluster from the Speedscale dashboard.
+dashboardAccess: true
+
+# Filter Rule to apply to the Speedscale Forwarder
+filterRule: "standard"
+
+# Data Loss Prevention settings.
+dlp:
+    
+    # Instructs operator to enable data loss prevention features
+    enabled: false
+    
+    # Configuration for data loss prevention
+    config: "standard"
diff --git a/index.yaml b/index.yaml
index c4243c608..e78d7205c 100755
--- a/index.yaml
+++ b/index.yaml
@@ -4348,6 +4348,36 @@ entries:
     - assets/shipa/shipa-1.4.0.tgz
     version: 1.4.0
   speedscale-operator:
+  - annotations:
+      catalog.cattle.io/certified: partner
+      catalog.cattle.io/display-name: Speedscale Operator
+      catalog.cattle.io/release-name: speedscale-operator
+    apiVersion: v1
+    appVersion: 1.0.29
+    created: "2022-06-17T11:07:00.560628-04:00"
+    description: Stress test your APIs with real world scenarios.  Collect and replay
+      traffic without scripting.
+    digest: db6d5a97c019690c174b094d2dc473e606ebc7ccf61c6ade4069e90aac9ae085
+    home: https://speedscale.com
+    icon: https://raw.githubusercontent.com/speedscale/assets/main/logo/gold_logo_only.png
+    keywords:
+    - speedscale
+    - test
+    - testing
+    - regression
+    - reliability
+    - load
+    - replay
+    - network
+    - traffic
+    kubeVersion: '>= 1.17.0-0'
+    maintainers:
+    - email: support@speedscale.com
+      name: Speedscale Support
+    name: speedscale-operator
+    urls:
+    - assets/speedscale-operator/speedscale-operator-1.0.300.tgz
+    version: 1.0.300
   - annotations:
       catalog.cattle.io/certified: partner
       catalog.cattle.io/display-name: Speedscale Operator

From 97ff1429967cf935061ba84e932f18ce197d5ee9 Mon Sep 17 00:00:00 2001
From: Josh Thornton <josh@speedscale.com>
Date: Fri, 17 Jun 2022 11:17:56 -0400
Subject: [PATCH 3/3] make clean

---
 .../speedscale-operator/charts/.helmignore    |  23 --
 .../speedscale-operator/charts/Chart.yaml     |  26 --
 packages/speedscale-operator/charts/LICENSE   | 201 -------------
 packages/speedscale-operator/charts/README.md | 130 ---------
 .../speedscale-operator/charts/app-readme.md  | 130 ---------
 .../speedscale-operator/charts/questions.yaml |   9 -
 .../charts/templates/admission.yaml           | 127 --------
 .../charts/templates/configmap.yaml           |  24 --
 .../charts/templates/crds/trafficreplays.yaml | 273 ------------------
 .../charts/templates/deployments.yaml         | 114 --------
 .../charts/templates/hooks.yaml               | 103 -------
 .../charts/templates/rbac.yaml                | 192 ------------
 .../charts/templates/secrets.yaml             |  21 --
 .../charts/templates/services.yaml            |  20 --
 .../charts/templates/tls.yaml                 |  25 --
 .../speedscale-operator/charts/values.yaml    |  35 ---
 16 files changed, 1453 deletions(-)
 delete mode 100644 packages/speedscale-operator/charts/.helmignore
 delete mode 100644 packages/speedscale-operator/charts/Chart.yaml
 delete mode 100644 packages/speedscale-operator/charts/LICENSE
 delete mode 100644 packages/speedscale-operator/charts/README.md
 delete mode 100644 packages/speedscale-operator/charts/app-readme.md
 delete mode 100644 packages/speedscale-operator/charts/questions.yaml
 delete mode 100644 packages/speedscale-operator/charts/templates/admission.yaml
 delete mode 100644 packages/speedscale-operator/charts/templates/configmap.yaml
 delete mode 100644 packages/speedscale-operator/charts/templates/crds/trafficreplays.yaml
 delete mode 100644 packages/speedscale-operator/charts/templates/deployments.yaml
 delete mode 100644 packages/speedscale-operator/charts/templates/hooks.yaml
 delete mode 100644 packages/speedscale-operator/charts/templates/rbac.yaml
 delete mode 100644 packages/speedscale-operator/charts/templates/secrets.yaml
 delete mode 100644 packages/speedscale-operator/charts/templates/services.yaml
 delete mode 100644 packages/speedscale-operator/charts/templates/tls.yaml
 delete mode 100644 packages/speedscale-operator/charts/values.yaml

diff --git a/packages/speedscale-operator/charts/.helmignore b/packages/speedscale-operator/charts/.helmignore
deleted file mode 100644
index 0e8a0eb36..000000000
--- a/packages/speedscale-operator/charts/.helmignore
+++ /dev/null
@@ -1,23 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*.orig
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/
diff --git a/packages/speedscale-operator/charts/Chart.yaml b/packages/speedscale-operator/charts/Chart.yaml
deleted file mode 100644
index f357c028d..000000000
--- a/packages/speedscale-operator/charts/Chart.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-annotations:
-  catalog.cattle.io/certified: partner
-  catalog.cattle.io/display-name: Speedscale Operator
-  catalog.cattle.io/release-name: speedscale-operator
-apiVersion: v1
-appVersion: 1.0.29
-description: Stress test your APIs with real world scenarios.  Collect and replay
-  traffic without scripting.
-home: https://speedscale.com
-icon: https://raw.githubusercontent.com/speedscale/assets/main/logo/gold_logo_only.png
-keywords:
-- speedscale
-- test
-- testing
-- regression
-- reliability
-- load
-- replay
-- network
-- traffic
-kubeVersion: '>= 1.17.0-0'
-maintainers:
-- email: support@speedscale.com
-  name: Speedscale Support
-name: speedscale-operator
-version: 1.0.3
diff --git a/packages/speedscale-operator/charts/LICENSE b/packages/speedscale-operator/charts/LICENSE
deleted file mode 100644
index b78723d62..000000000
--- a/packages/speedscale-operator/charts/LICENSE
+++ /dev/null
@@ -1,201 +0,0 @@
-                                 Apache License
-                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
-
-   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
-   1. Definitions.
-
-      "License" shall mean the terms and conditions for use, reproduction,
-      and distribution as defined by Sections 1 through 9 of this document.
-
-      "Licensor" shall mean the copyright owner or entity authorized by
-      the copyright owner that is granting the License.
-
-      "Legal Entity" shall mean the union of the acting entity and all
-      other entities that control, are controlled by, or are under common
-      control with that entity. For the purposes of this definition,
-      "control" means (i) the power, direct or indirect, to cause the
-      direction or management of such entity, whether by contract or
-      otherwise, or (ii) ownership of fifty percent (50%) or more of the
-      outstanding shares, or (iii) beneficial ownership of such entity.
-
-      "You" (or "Your") shall mean an individual or Legal Entity
-      exercising permissions granted by this License.
-
-      "Source" form shall mean the preferred form for making modifications,
-      including but not limited to software source code, documentation
-      source, and configuration files.
-
-      "Object" form shall mean any form resulting from mechanical
-      transformation or translation of a Source form, including but
-      not limited to compiled object code, generated documentation,
-      and conversions to other media types.
-
-      "Work" shall mean the work of authorship, whether in Source or
-      Object form, made available under the License, as indicated by a
-      copyright notice that is included in or attached to the work
-      (an example is provided in the Appendix below).
-
-      "Derivative Works" shall mean any work, whether in Source or Object
-      form, that is based on (or derived from) the Work and for which the
-      editorial revisions, annotations, elaborations, or other modifications
-      represent, as a whole, an original work of authorship. For the purposes
-      of this License, Derivative Works shall not include works that remain
-      separable from, or merely link (or bind by name) to the interfaces of,
-      the Work and Derivative Works thereof.
-
-      "Contribution" shall mean any work of authorship, including
-      the original version of the Work and any modifications or additions
-      to that Work or Derivative Works thereof, that is intentionally
-      submitted to Licensor for inclusion in the Work by the copyright owner
-      or by an individual or Legal Entity authorized to submit on behalf of
-      the copyright owner. For the purposes of this definition, "submitted"
-      means any form of electronic, verbal, or written communication sent
-      to the Licensor or its representatives, including but not limited to
-      communication on electronic mailing lists, source code control systems,
-      and issue tracking systems that are managed by, or on behalf of, the
-      Licensor for the purpose of discussing and improving the Work, but
-      excluding communication that is conspicuously marked or otherwise
-      designated in writing by the copyright owner as "Not a Contribution."
-
-      "Contributor" shall mean Licensor and any individual or Legal Entity
-      on behalf of whom a Contribution has been received by Licensor and
-      subsequently incorporated within the Work.
-
-   2. Grant of Copyright License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      copyright license to reproduce, prepare Derivative Works of,
-      publicly display, publicly perform, sublicense, and distribute the
-      Work and such Derivative Works in Source or Object form.
-
-   3. Grant of Patent License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      (except as stated in this section) patent license to make, have made,
-      use, offer to sell, sell, import, and otherwise transfer the Work,
-      where such license applies only to those patent claims licensable
-      by such Contributor that are necessarily infringed by their
-      Contribution(s) alone or by combination of their Contribution(s)
-      with the Work to which such Contribution(s) was submitted. If You
-      institute patent litigation against any entity (including a
-      cross-claim or counterclaim in a lawsuit) alleging that the Work
-      or a Contribution incorporated within the Work constitutes direct
-      or contributory patent infringement, then any patent licenses
-      granted to You under this License for that Work shall terminate
-      as of the date such litigation is filed.
-
-   4. Redistribution. You may reproduce and distribute copies of the
-      Work or Derivative Works thereof in any medium, with or without
-      modifications, and in Source or Object form, provided that You
-      meet the following conditions:
-
-      (a) You must give any other recipients of the Work or
-          Derivative Works a copy of this License; and
-
-      (b) You must cause any modified files to carry prominent notices
-          stating that You changed the files; and
-
-      (c) You must retain, in the Source form of any Derivative Works
-          that You distribute, all copyright, patent, trademark, and
-          attribution notices from the Source form of the Work,
-          excluding those notices that do not pertain to any part of
-          the Derivative Works; and
-
-      (d) If the Work includes a "NOTICE" text file as part of its
-          distribution, then any Derivative Works that You distribute must
-          include a readable copy of the attribution notices contained
-          within such NOTICE file, excluding those notices that do not
-          pertain to any part of the Derivative Works, in at least one
-          of the following places: within a NOTICE text file distributed
-          as part of the Derivative Works; within the Source form or
-          documentation, if provided along with the Derivative Works; or,
-          within a display generated by the Derivative Works, if and
-          wherever such third-party notices normally appear. The contents
-          of the NOTICE file are for informational purposes only and
-          do not modify the License. You may add Your own attribution
-          notices within Derivative Works that You distribute, alongside
-          or as an addendum to the NOTICE text from the Work, provided
-          that such additional attribution notices cannot be construed
-          as modifying the License.
-
-      You may add Your own copyright statement to Your modifications and
-      may provide additional or different license terms and conditions
-      for use, reproduction, or distribution of Your modifications, or
-      for any such Derivative Works as a whole, provided Your use,
-      reproduction, and distribution of the Work otherwise complies with
-      the conditions stated in this License.
-
-   5. Submission of Contributions. Unless You explicitly state otherwise,
-      any Contribution intentionally submitted for inclusion in the Work
-      by You to the Licensor shall be under the terms and conditions of
-      this License, without any additional terms or conditions.
-      Notwithstanding the above, nothing herein shall supersede or modify
-      the terms of any separate license agreement you may have executed
-      with Licensor regarding such Contributions.
-
-   6. Trademarks. This License does not grant permission to use the trade
-      names, trademarks, service marks, or product names of the Licensor,
-      except as required for reasonable and customary use in describing the
-      origin of the Work and reproducing the content of the NOTICE file.
-
-   7. Disclaimer of Warranty. Unless required by applicable law or
-      agreed to in writing, Licensor provides the Work (and each
-      Contributor provides its Contributions) on an "AS IS" BASIS,
-      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-      implied, including, without limitation, any warranties or conditions
-      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-      PARTICULAR PURPOSE. You are solely responsible for determining the
-      appropriateness of using or redistributing the Work and assume any
-      risks associated with Your exercise of permissions under this License.
-
-   8. Limitation of Liability. In no event and under no legal theory,
-      whether in tort (including negligence), contract, or otherwise,
-      unless required by applicable law (such as deliberate and grossly
-      negligent acts) or agreed to in writing, shall any Contributor be
-      liable to You for damages, including any direct, indirect, special,
-      incidental, or consequential damages of any character arising as a
-      result of this License or out of the use or inability to use the
-      Work (including but not limited to damages for loss of goodwill,
-      work stoppage, computer failure or malfunction, or any and all
-      other commercial damages or losses), even if such Contributor
-      has been advised of the possibility of such damages.
-
-   9. Accepting Warranty or Additional Liability. While redistributing
-      the Work or Derivative Works thereof, You may choose to offer,
-      and charge a fee for, acceptance of support, warranty, indemnity,
-      or other liability obligations and/or rights consistent with this
-      License. However, in accepting such obligations, You may act only
-      on Your own behalf and on Your sole responsibility, not on behalf
-      of any other Contributor, and only if You agree to indemnify,
-      defend, and hold each Contributor harmless for any liability
-      incurred by, or claims asserted against, such Contributor by reason
-      of your accepting any such warranty or additional liability.
-
-   END OF TERMS AND CONDITIONS
-
-   APPENDIX: How to apply the Apache License to your work.
-
-      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "[]"
-      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
-
-   Copyright 2021 Speedscale
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
diff --git a/packages/speedscale-operator/charts/README.md b/packages/speedscale-operator/charts/README.md
deleted file mode 100644
index c8d27ddcf..000000000
--- a/packages/speedscale-operator/charts/README.md
+++ /dev/null
@@ -1,130 +0,0 @@
-# Speedscale Operator
-
-The [Speedscale](https://www.speedscale.com) Operator is a [Kubernetes operator](https://kubernetes.io/docs/concepts/extend-kubernetes/operator/)
-that watches for deployments to be applied to the cluster and takes action based on annotations. The operator
-can inject a proxy to capture traffic into or out of applications, or setup an isolation test environment around
-a deployment for testing. The operator itself is a deployment that will be always present on the cluster once
-the helm chart is installed.
-
-## Prerequisites
-
-- Kubernetes 1.16+
-- Helm 3+
-- Appropriate [network and firewall configuration](http://docs.speedscale.com/reference/networking) for Speedscale cloud and webhook traffic
-
-## Get Repo Info
-
-```bash
-helm repo add speedscale https://speedscale.github.io/operator-helm/
-helm repo update
-```
-
-_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._
-
-## Install Chart
-
-An API key is required. Sign up for a [free Speedscale trial](https://speedscale.com/free-trial/) if you do not have one.
-
-```bash
-helm install speedscale-operator speedscale/speedscale-operator \
-	-n speedscale \
-	--create-namespace \
-	--set apiKey=<YOUR-SPEEDSCALE-API-KEY> \
-	--set clusterName=<YOUR-CLUSTER-NAME>
-```
-
-_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._
-
-### Pre-install job failure
-
-We use pre-install job to check provided API key and provision some of the required resources.
-
-If the job failed during the installation, you'll see the following error during install:
-
-```
-Error: INSTALLATION FAILED: failed pre-install: job failed: BackoffLimitExceeded
-```
-
-You can inspect the logs using this command:
-
-```bash
-kubectl -n speedscale logs job/speedscale-operator-pre-install
-```
-
-After fixing the error, uninstall the helm release, delete the failed job
-and try installing again:
-
-```bash
-helm -n speedscale uninstall speedscale-operator
-kubectl -n speedscale delete job speedscale-operator-pre-install
-```
-
-## Uninstall Chart
-
-```bash
-helm -n speedscale uninstall speedscale-operator
-```
-
-This removes all the Kubernetes components associated with the chart and deletes the release.
-
-_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._
-
-CRDs created by this chart are not removed by default and should be manually cleaned up:
-
-```bash
-kubectl delete crd trafficreplays.speedscale.com
-```
-
-## Upgrading Chart
-
-```bash
-helm repo update
-helm -n speedscale upgrade speedscale-operator speedscale/speedscale-operator
-```
-
-With Helm v3, CRDs created by this chart are not updated by default
-and should be manually updated.
-Consult also the [Helm Documentation on CRDs](https://helm.sh/docs/chart_best_practices/custom_resource_definitions).
-
-_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._
-
-### Upgrading an existing Release to a new version
-
-A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an
-incompatible breaking change needing manual actions.
-
-### Upgrade to 1.0.3
-
-BEFORE UPGRADE:
-
-```bash
-kubectl -n speedscale delete secret speedscale-gcrcreds speedscale-apikey
-kubectl delete validatingwebhookconfigurations.admissionregistration.k8s.io speedscale-operator
-kubectl delete mutatingwebhookconfigurations.admissionregistration.k8s.io speedscale-operator
-```
-
-```bash
-kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.0.3/templates/crds/trafficreplays.yaml
-```
-
-### Upgrade to 1.0.0
-
-```bash
-kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.0.0/templates/crds/trafficreplays.yaml
-```
-
-### Upgrade to 0.12.3
-
-```bash
-kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/0.12.3/templates/crds/trafficreplays.yaml
-```
-
-### From version below 0.12.0 to 0.12.x
-This upgrades speedscale-operator to v0.12.x.
-
-Uninstall the previous release and install the chart from scratch.
-
-## Help
-
-Speedscale docs information available at [docs.speedscale.com](https://docs.speedscale.com) or join us
-on the [Speedscale community Slack](https://join.slack.com/t/speedscalecommunity/shared_invite/zt-x5rcrzn4-XHG1QqcHNXIM~4yozRrz8A)!
diff --git a/packages/speedscale-operator/charts/app-readme.md b/packages/speedscale-operator/charts/app-readme.md
deleted file mode 100644
index c8d27ddcf..000000000
--- a/packages/speedscale-operator/charts/app-readme.md
+++ /dev/null
@@ -1,130 +0,0 @@
-# Speedscale Operator
-
-The [Speedscale](https://www.speedscale.com) Operator is a [Kubernetes operator](https://kubernetes.io/docs/concepts/extend-kubernetes/operator/)
-that watches for deployments to be applied to the cluster and takes action based on annotations. The operator
-can inject a proxy to capture traffic into or out of applications, or setup an isolation test environment around
-a deployment for testing. The operator itself is a deployment that will be always present on the cluster once
-the helm chart is installed.
-
-## Prerequisites
-
-- Kubernetes 1.16+
-- Helm 3+
-- Appropriate [network and firewall configuration](http://docs.speedscale.com/reference/networking) for Speedscale cloud and webhook traffic
-
-## Get Repo Info
-
-```bash
-helm repo add speedscale https://speedscale.github.io/operator-helm/
-helm repo update
-```
-
-_See [helm repo](https://helm.sh/docs/helm/helm_repo/) for command documentation._
-
-## Install Chart
-
-An API key is required. Sign up for a [free Speedscale trial](https://speedscale.com/free-trial/) if you do not have one.
-
-```bash
-helm install speedscale-operator speedscale/speedscale-operator \
-	-n speedscale \
-	--create-namespace \
-	--set apiKey=<YOUR-SPEEDSCALE-API-KEY> \
-	--set clusterName=<YOUR-CLUSTER-NAME>
-```
-
-_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._
-
-### Pre-install job failure
-
-We use pre-install job to check provided API key and provision some of the required resources.
-
-If the job failed during the installation, you'll see the following error during install:
-
-```
-Error: INSTALLATION FAILED: failed pre-install: job failed: BackoffLimitExceeded
-```
-
-You can inspect the logs using this command:
-
-```bash
-kubectl -n speedscale logs job/speedscale-operator-pre-install
-```
-
-After fixing the error, uninstall the helm release, delete the failed job
-and try installing again:
-
-```bash
-helm -n speedscale uninstall speedscale-operator
-kubectl -n speedscale delete job speedscale-operator-pre-install
-```
-
-## Uninstall Chart
-
-```bash
-helm -n speedscale uninstall speedscale-operator
-```
-
-This removes all the Kubernetes components associated with the chart and deletes the release.
-
-_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._
-
-CRDs created by this chart are not removed by default and should be manually cleaned up:
-
-```bash
-kubectl delete crd trafficreplays.speedscale.com
-```
-
-## Upgrading Chart
-
-```bash
-helm repo update
-helm -n speedscale upgrade speedscale-operator speedscale/speedscale-operator
-```
-
-With Helm v3, CRDs created by this chart are not updated by default
-and should be manually updated.
-Consult also the [Helm Documentation on CRDs](https://helm.sh/docs/chart_best_practices/custom_resource_definitions).
-
-_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._
-
-### Upgrading an existing Release to a new version
-
-A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an
-incompatible breaking change needing manual actions.
-
-### Upgrade to 1.0.3
-
-BEFORE UPGRADE:
-
-```bash
-kubectl -n speedscale delete secret speedscale-gcrcreds speedscale-apikey
-kubectl delete validatingwebhookconfigurations.admissionregistration.k8s.io speedscale-operator
-kubectl delete mutatingwebhookconfigurations.admissionregistration.k8s.io speedscale-operator
-```
-
-```bash
-kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.0.3/templates/crds/trafficreplays.yaml
-```
-
-### Upgrade to 1.0.0
-
-```bash
-kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.0.0/templates/crds/trafficreplays.yaml
-```
-
-### Upgrade to 0.12.3
-
-```bash
-kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/0.12.3/templates/crds/trafficreplays.yaml
-```
-
-### From version below 0.12.0 to 0.12.x
-This upgrades speedscale-operator to v0.12.x.
-
-Uninstall the previous release and install the chart from scratch.
-
-## Help
-
-Speedscale docs information available at [docs.speedscale.com](https://docs.speedscale.com) or join us
-on the [Speedscale community Slack](https://join.slack.com/t/speedscalecommunity/shared_invite/zt-x5rcrzn4-XHG1QqcHNXIM~4yozRrz8A)!
diff --git a/packages/speedscale-operator/charts/questions.yaml b/packages/speedscale-operator/charts/questions.yaml
deleted file mode 100644
index 29aee3895..000000000
--- a/packages/speedscale-operator/charts/questions.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-questions:
-- variable: apiKey
-  default: "fffffffffffffffffffffffffffffffffffffffffffff"
-  description: "An API key is required to connect to the Speedscale cloud."
-  required: true
-  type: string
-  label: API Key
-  group: Authentication
-
diff --git a/packages/speedscale-operator/charts/templates/admission.yaml b/packages/speedscale-operator/charts/templates/admission.yaml
deleted file mode 100644
index 649547435..000000000
--- a/packages/speedscale-operator/charts/templates/admission.yaml
+++ /dev/null
@@ -1,127 +0,0 @@
-{{- $cacrt := "" -}}
-{{- $crt := "" -}}
-{{- $key := "" -}}
-{{- $s := (lookup "v1" "Secret" .Release.Namespace "speedscale-webhook-certs") -}}
-{{- if $s -}}
-{{- $cacrt = index $s.data "ca.crt" | default (index $s.data "tls.crt") | b64dec -}}
-{{- $crt = index $s.data "tls.crt" | b64dec -}}
-{{- $key = index $s.data "tls.key" | b64dec -}}
-{{ else }}
-{{- $altNames := list ( printf "speedscale-operator.%s" .Release.Namespace ) ( printf "speedscale-operator.%s.svc" .Release.Namespace ) -}}
-{{- $ca := genCA "speedscale-operator" 3650 -}}
-{{- $cert := genSignedCert "speedscale-operator" nil $altNames 3650 $ca -}}
-{{- $cacrt = $ca.Cert -}}	
-{{- $crt = $cert.Cert -}}
-{{- $key = $cert.Key -}}
-{{- end -}}
----
-apiVersion: v1
-data:
-  ca.crt: {{ $cacrt | b64enc }}
-  tls.crt: {{ $crt | b64enc }}
-  tls.key: {{ $key | b64enc }}
-kind: Secret
-metadata:
-  annotations:
-    helm.sh/hook: pre-install
-    helm.sh/hook-delete-policy: before-hook-creation
-  creationTimestamp: null
-  name: speedscale-webhook-certs
-  namespace: {{ .Release.Namespace }}
-type: kubernetes.io/tls
----
-apiVersion: admissionregistration.k8s.io/v1
-kind: MutatingWebhookConfiguration
-metadata:
-  creationTimestamp: null
-  name: speedscale-operator
-webhooks:
-- admissionReviewVersions:
-  - v1
-  clientConfig:
-    caBundle: {{ $cacrt | b64enc }}
-    service:
-      name: speedscale-operator
-      namespace: {{ .Release.Namespace }}
-      path: /mutate
-  failurePolicy: Ignore
-  name: sidecar.speedscale.com
-  namespaceSelector: {}
-  rules:
-  - apiGroups:
-    - apps
-    - batch
-    apiVersions:
-    - v1
-    operations:
-    - CREATE
-    - UPDATE
-    - DELETE
-    resources:
-    - deployments
-    - statefulsets
-    - daemonsets
-    - jobs
-    - replicasets
-  sideEffects: None
-  timeoutSeconds: 10
----
-apiVersion: admissionregistration.k8s.io/v1
-kind: ValidatingWebhookConfiguration
-metadata:
-  creationTimestamp: null
-  name: speedscale-operator-replay
-webhooks:
-- admissionReviewVersions:
-  - v1
-  clientConfig:
-    caBundle: {{ $cacrt | b64enc }}
-    service:
-      name: speedscale-operator
-      namespace: {{ .Release.Namespace }}
-      path: /validate-speedscale-com-v1-trafficreplay
-  failurePolicy: Fail
-  name: replay.speedscale.com
-  namespaceSelector: {}
-  rules:
-  - apiGroups:
-    - speedscale.com
-    apiVersions:
-    - v1
-    operations:
-    - CREATE
-    - UPDATE
-    resources:
-    - trafficreplays
-  sideEffects: None
-  timeoutSeconds: 10
----
-apiVersion: admissionregistration.k8s.io/v1
-kind: MutatingWebhookConfiguration
-metadata:
-  creationTimestamp: null
-  name: speedscale-operator-replay
-webhooks:
-- admissionReviewVersions:
-  - v1
-  clientConfig:
-    caBundle: {{ $cacrt | b64enc }}
-    service:
-      name: speedscale-operator
-      namespace: {{ .Release.Namespace }}
-      path: /mutate-speedscale-com-v1-trafficreplay
-  failurePolicy: Fail
-  name: replay.speedscale.com
-  namespaceSelector: {}
-  rules:
-  - apiGroups:
-    - speedscale.com
-    apiVersions:
-    - v1
-    operations:
-    - CREATE
-    - UPDATE
-    resources:
-    - trafficreplays
-  sideEffects: None
-  timeoutSeconds: 10
diff --git a/packages/speedscale-operator/charts/templates/configmap.yaml b/packages/speedscale-operator/charts/templates/configmap.yaml
deleted file mode 100644
index 5d3d90237..000000000
--- a/packages/speedscale-operator/charts/templates/configmap.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
----
-apiVersion: v1
-data:
-  CLI_VERSION: v1.0.29
-  CLUSTER_NAME: {{ .Values.clusterName }}
-  IMAGE_PULL_POLICY: {{ .Values.image.pullPolicy }}
-  IMAGE_PULL_SECRETS: ""
-  IMAGE_REGISTRY: {{ .Values.image.registry }}
-  IMAGE_TAG: {{ .Values.image.tag }}
-  INSTALL_SOURCE: helm
-  INSTANCE_ID: '{{- $cm := (lookup "v1" "ConfigMap" .Release.Namespace "speedscale-operator")
-    -}}{{ if $cm }}{{ $cm.data.INSTANCE_ID }}{{ else }}{{ ( printf "%s-%s-%s" .Values.clusterName
-    .Release.Namespace uuidv4 ) }}{{ end }}'
-  LOG_LEVEL: {{ .Values.logLevel }}
-  SPEEDSCALE_DLP_CONFIG: {{ .Values.dlp.config }}
-  SPEEDSCALE_FILTER_RULE: {{ .Values.filterRule }}
-  TELEMETRY_INTERVAL: 2s
-  WITH_DLP: {{ .Values.dlp.enabled | quote }}
-  WITH_INSPECTOR: {{ .Values.dashboardAccess | quote }}
-kind: ConfigMap
-metadata:
-  creationTimestamp: null
-  name: speedscale-operator
-  namespace: {{ .Release.Namespace }}
diff --git a/packages/speedscale-operator/charts/templates/crds/trafficreplays.yaml b/packages/speedscale-operator/charts/templates/crds/trafficreplays.yaml
deleted file mode 100644
index 886af2a69..000000000
--- a/packages/speedscale-operator/charts/templates/crds/trafficreplays.yaml
+++ /dev/null
@@ -1,273 +0,0 @@
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.8.0
-  creationTimestamp: null
-  name: trafficreplays.speedscale.com
-spec:
-  group: speedscale.com
-  names:
-    kind: TrafficReplay
-    listKind: TrafficReplayList
-    plural: trafficreplays
-    shortNames:
-    - replay
-    singular: trafficreplay
-  scope: Namespaced
-  versions:
-  - additionalPrinterColumns:
-    - jsonPath: .status.active
-      name: Active
-      type: boolean
-    - jsonPath: .spec.mode
-      name: Mode
-      type: string
-    - jsonPath: .status.conditions[-1:].message
-      name: Status
-      type: string
-    - jsonPath: .metadata.creationTimestamp
-      name: Age
-      type: date
-    name: v1
-    schema:
-      openAPIV3Schema:
-        description: TrafficReplay is the Schema for the trafficreplays API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: TrafficReplaySpec defines the desired state of TrafficReplay
-            properties:
-              buildTag:
-                description: BuildTag links a unique tag, build hash, etc. to the
-                  generated traffic replay report. That way you can connect the report
-                  results to the version of the code that was tested.
-                type: string
-              cleanup:
-                description: Cleanup is the name of cleanup mode used for this TrafficReplay.
-                enum:
-                - inventory
-                - all
-                - none
-                type: string
-              collectLogs:
-                description: CollectLogs enables or disables log collection from target
-                  workload. Defaults to true.
-                type: boolean
-              configChecksum:
-                description: ConfigChecksum is the SHA1 checksum of the configuration.
-                type: string
-              customURL:
-                description: CustomURL allows to specify custom URL to SUT.
-                type: string
-              generatorLowData:
-                description: Setting GeneratorLowData to 'true' forces the generator
-                  into a high efficiency/low data output mode. This is ideal for high
-                  volume performance tests. Defaults to false.
-                type: boolean
-              injectSidecar:
-                description: InjectSidecar enables or disables sidecar injection during
-                  the replay. Defaults to false.
-                type: boolean
-              mode:
-                description: Mode is the name of replay mode used for this TrafficReplay.
-                enum:
-                - full-replay
-                - responder-only
-                - generator-only
-                type: string
-              proxyMode:
-                description: ProxyMode defines proxy operational mode used with injected
-                  sidecar.
-                type: string
-              responderLowData:
-                description: Setting ResponderLowData to 'true' forces the responder
-                  into a high efficiency/low data output mode. This is ideal for high
-                  volume performance tests. Defaults to false.
-                type: boolean
-              secretRefs:
-                description: SecretRefs hold the references to the secrets which contain
-                  various secrets like (e.g. short-lived JWTs to be used by the generator
-                  for authorization with HTTP calls).
-                items:
-                  description: LocalObjectReference contains enough information to
-                    locate the referenced Kubernetes resource object.
-                  properties:
-                    name:
-                      description: Name of the referent.
-                      type: string
-                  required:
-                  - name
-                  type: object
-                type: array
-              snapshotID:
-                description: SnapshotID is the id of the traffic snapshot for this
-                  TrafficReplay.
-                type: string
-              testConfigID:
-                description: TestConfigID is the id of the replay configuration to
-                  be used by the generator and responder for the TrafficReplay.
-                type: string
-              timeout:
-                description: Timeout is the time to wait for replay test to finish.
-                  Defaults to value of the `TIMEOUT` setting of the operator.
-                type: string
-              ttlAfterReady:
-                description: TTLAfterReady provides a TTL (time to live) mechanism
-                  to limit the lifetime of TrafficReplay object that have finished
-                  the execution and reached its final state (either complete or failed).
-                type: string
-              workloadRef:
-                description: The reference to the target workload (SUT - system under
-                  test) for TrafficReplay. The operations will be performed in the
-                  namespace of the target object.
-                properties:
-                  apiVersion:
-                    description: API version of the referent
-                    type: string
-                  kind:
-                    description: Kind of the referent
-                    type: string
-                  name:
-                    description: Name of the referent
-                    type: string
-                  namespace:
-                    description: Namespace of the referent, defaults to the TrafficReplay
-                      namespace
-                    type: string
-                required:
-                - kind
-                - name
-                type: object
-            required:
-            - snapshotID
-            - workloadRef
-            type: object
-          status:
-            default:
-              observedGeneration: -1
-            description: TrafficReplayStatus defines the observed state of TrafficReplay
-            properties:
-              active:
-                description: Active indicates whether this traffic replay is currently
-                  underway or not.
-                type: boolean
-              conditions:
-                items:
-                  description: "Condition contains details for one aspect of the current
-                    state of this API Resource. --- This struct is intended for direct
-                    use as an array at the field path .status.conditions.  For example,
-                    type FooStatus struct{ // Represents the observations of a foo's
-                    current state. // Known .status.conditions.type are: \"Available\",
-                    \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
-                    // +listType=map // +listMapKey=type Conditions []metav1.Condition
-                    `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
-                    protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
-                  properties:
-                    lastTransitionTime:
-                      description: lastTransitionTime is the last time the condition
-                        transitioned from one status to another. This should be when
-                        the underlying condition changed.  If that is not known, then
-                        using the time when the API field changed is acceptable.
-                      format: date-time
-                      type: string
-                    message:
-                      description: message is a human readable message indicating
-                        details about the transition. This may be an empty string.
-                      maxLength: 32768
-                      type: string
-                    observedGeneration:
-                      description: observedGeneration represents the .metadata.generation
-                        that the condition was set based upon. For instance, if .metadata.generation
-                        is currently 12, but the .status.conditions[x].observedGeneration
-                        is 9, the condition is out of date with respect to the current
-                        state of the instance.
-                      format: int64
-                      minimum: 0
-                      type: integer
-                    reason:
-                      description: reason contains a programmatic identifier indicating
-                        the reason for the condition's last transition. Producers
-                        of specific condition types may define expected values and
-                        meanings for this field, and whether the values are considered
-                        a guaranteed API. The value should be a CamelCase string.
-                        This field may not be empty.
-                      maxLength: 1024
-                      minLength: 1
-                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
-                      type: string
-                    status:
-                      description: status of the condition, one of True, False, Unknown.
-                      enum:
-                      - "True"
-                      - "False"
-                      - Unknown
-                      type: string
-                    type:
-                      description: type of condition in CamelCase or in foo.example.com/CamelCase.
-                        --- Many .condition.type values are consistent across resources
-                        like Available, but because arbitrary conditions can be useful
-                        (see .node.status.conditions), the ability to deconflict is
-                        important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
-                      maxLength: 316
-                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
-                      type: string
-                  required:
-                  - lastTransitionTime
-                  - message
-                  - reason
-                  - status
-                  - type
-                  type: object
-                type: array
-              finishedTime:
-                description: Information when the traffic replay has finished.
-                format: date-time
-                type: string
-              initializedTime:
-                description: Information when the test environment was successfully
-                  prepared.
-                format: date-time
-                type: string
-              observedGeneration:
-                description: ObservedGeneration is the last observed generation.
-                format: int64
-                type: integer
-              reportID:
-                description: The id of the traffic replay report created.
-                type: string
-              reportURL:
-                description: The url to the traffic replay report.
-                type: string
-              startedTime:
-                description: Information when the traffic replay has started.
-                format: date-time
-                type: string
-              workloadHost:
-                description: WorkloadHost is the host address which is targeted during
-                  the traffic replay.
-                type: string
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
diff --git a/packages/speedscale-operator/charts/templates/deployments.yaml b/packages/speedscale-operator/charts/templates/deployments.yaml
deleted file mode 100644
index 1575711be..000000000
--- a/packages/speedscale-operator/charts/templates/deployments.yaml
+++ /dev/null
@@ -1,114 +0,0 @@
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  annotations:
-    operator.speedscale.com/ignore: "true"
-  creationTimestamp: null
-  labels:
-    app: speedscale-operator
-    controlplane.speedscale.com/component: operator
-  name: speedscale-operator
-  namespace: {{ .Release.Namespace }}
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: speedscale-operator
-      controlplane.speedscale.com/component: operator
-  strategy:
-    type: Recreate
-  template:
-    metadata:
-      annotations:
-        checksum/config: |
-          {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
-      creationTimestamp: null
-      labels:
-        app: speedscale-operator
-        controlplane.speedscale.com/component: operator
-    spec:
-      containers:
-      - command:
-        - /operator
-        env:
-        - name: POD_NAME
-          valueFrom:
-            fieldRef:
-              apiVersion: v1
-              fieldPath: metadata.name
-        - name: POD_NAMESPACE
-          valueFrom:
-            fieldRef:
-              apiVersion: v1
-              fieldPath: metadata.namespace
-        envFrom:
-        - configMapRef:
-            name: speedscale-operator
-        - secretRef:
-            name: speedscale-apikey
-            optional: false
-        image: '{{ .Values.image.registry }}/operator:{{ .Values.image.tag }}'
-        imagePullPolicy: {{ .Values.image.pullPolicy }}
-        livenessProbe:
-          failureThreshold: 3
-          httpGet:
-            path: /healthz
-            port: health-check
-            scheme: HTTP
-          initialDelaySeconds: 1
-          periodSeconds: 10
-          successThreshold: 1
-          timeoutSeconds: 2
-        name: operator
-        ports:
-        - containerPort: 9443
-          name: webhook-server
-        - containerPort: 8081
-          name: health-check
-        readinessProbe:
-          failureThreshold: 5
-          httpGet:
-            path: /readyz
-            port: health-check
-            scheme: HTTP
-          initialDelaySeconds: 5
-          periodSeconds: 1
-          successThreshold: 1
-          timeoutSeconds: 2
-        resources:
-          limits:
-            cpu: 100m
-            memory: 512Mi
-          requests:
-            cpu: 100m
-            memory: 128Mi
-        securityContext:
-          allowPrivilegeEscalation: false
-          privileged: false
-          readOnlyRootFilesystem: true
-          runAsNonRoot: true
-          runAsUser: 2100
-        volumeMounts:
-        - mountPath: /tmp
-          name: tmp
-        - mountPath: /tmp/k8s-webhook-server/serving-certs
-          name: webhook-certs
-          readOnly: true
-        - mountPath: /etc/ssl/speedscale
-          name: speedscale-tls-out
-          readOnly: true
-      securityContext:
-        runAsNonRoot: true
-      serviceAccountName: speedscale-operator
-      terminationGracePeriodSeconds: 10
-      volumes:
-      - emptyDir: {}
-        name: tmp
-      - name: webhook-certs
-        secret:
-          secretName: speedscale-webhook-certs
-      - name: speedscale-tls-out
-        secret:
-          secretName: speedscale-certs
-status: {}
diff --git a/packages/speedscale-operator/charts/templates/hooks.yaml b/packages/speedscale-operator/charts/templates/hooks.yaml
deleted file mode 100644
index 7ba9e8c0f..000000000
--- a/packages/speedscale-operator/charts/templates/hooks.yaml
+++ /dev/null
@@ -1,103 +0,0 @@
----
-apiVersion: batch/v1
-kind: Job
-metadata:
-  annotations:
-    helm.sh/hook: pre-install
-    helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
-    helm.sh/hook-weight: "4"
-  creationTimestamp: null
-  name: speedscale-operator-pre-install
-  namespace: {{ .Release.Namespace }}
-spec:
-  backoffLimit: 0
-  template:
-    metadata:
-      creationTimestamp: null
-    spec:
-      containers:
-      - args:
-        - |-
-          speedctl init --overwrite --no-rcfile-update \
-          --api-key {{ required "A valid .Values.apiKey is required!" .Values.apiKey }} \
-          --app-url {{ required "A valid .Values.appUrl is required!" .Values.appUrl }}
-        command:
-        - sh
-        - -c
-        image: '{{ .Values.image.registry }}/speedscale-cli:{{ .Values.image.tag }}'
-        imagePullPolicy: {{ .Values.image.pullPolicy }}
-        name: speedscale-cli
-        resources: {}
-      restartPolicy: Never
-status: {}
----
-apiVersion: v1
-automountServiceAccountToken: true
-kind: ServiceAccount
-metadata:
-  annotations:
-    helm.sh/hook: pre-install
-    helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
-    helm.sh/hook-weight: "1"
-  creationTimestamp: null
-  labels:
-    app: speedscale-operator
-    controlplane.speedscale.com/component: operator
-  name: speedscale-operator-provisioning
-  namespace: {{ .Release.Namespace }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  annotations:
-    helm.sh/hook: pre-install
-    helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
-    helm.sh/hook-weight: "2"
-  creationTimestamp: null
-  name: speedscale-operator-provisioning
-rules:
-- apiGroups:
-  - ""
-  resources:
-  - secrets
-  verbs:
-  - create
-  - delete
-  - deletecollection
-  - get
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - admissionregistration.k8s.io
-  resources:
-  - mutatingwebhookconfigurations
-  - validatingwebhookconfigurations
-  verbs:
-  - create
-  - delete
-  - deletecollection
-  - get
-  - list
-  - patch
-  - update
-  - watch
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  annotations:
-    helm.sh/hook: pre-install
-    helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
-    helm.sh/hook-weight: "3"
-  creationTimestamp: null
-  name: speedscale-operator-provisioning
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: speedscale-operator-provisioning
-subjects:
-- kind: ServiceAccount
-  name: speedscale-operator-provisioning
-  namespace: {{ .Release.Namespace }}
diff --git a/packages/speedscale-operator/charts/templates/rbac.yaml b/packages/speedscale-operator/charts/templates/rbac.yaml
deleted file mode 100644
index e6c532b9c..000000000
--- a/packages/speedscale-operator/charts/templates/rbac.yaml
+++ /dev/null
@@ -1,192 +0,0 @@
----
-apiVersion: v1
-automountServiceAccountToken: true
-imagePullSecrets:
-- name: speedscale-gcrcreds
-kind: ServiceAccount
-metadata:
-  creationTimestamp: null
-  labels:
-    app: speedscale-operator
-    controlplane.speedscale.com/component: operator
-  name: speedscale-operator
-  namespace: {{ .Release.Namespace }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  creationTimestamp: null
-  name: speedscale-operator
-rules:
-- apiGroups:
-  - apps
-  resources:
-  - deployments
-  - statefulsets
-  - daemonsets
-  verbs:
-  - create
-  - delete
-  - deletecollection
-  - get
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - apps
-  resources:
-  - replicasets
-  verbs:
-  - delete
-  - deletecollection
-  - get
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - batch
-  resources:
-  - jobs
-  verbs:
-  - create
-  - delete
-  - deletecollection
-  - get
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - ""
-  resources:
-  - namespaces
-  verbs:
-  - get
-  - list
-  - watch
-- apiGroups:
-  - ""
-  resources:
-  - configmaps
-  - secrets
-  - pods
-  - services
-  - serviceaccounts
-  verbs:
-  - create
-  - delete
-  - deletecollection
-  - get
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - ""
-  resources:
-  - pods/log
-  verbs:
-  - get
-  - list
-- apiGroups:
-  - ""
-  resources:
-  - nodes
-  verbs:
-  - get
-  - list
-  - watch
-- apiGroups:
-  - metrics.k8s.io
-  resources:
-  - pods
-  verbs:
-  - get
-  - list
-  - watch
-- apiGroups:
-  - policy
-  resources:
-  - podsecuritypolicies
-  verbs:
-  - create
-  - delete
-  - deletecollection
-  - use
-- apiGroups:
-  - rbac.authorization.k8s.io
-  resources:
-  - rolebindings
-  - roles
-  verbs:
-  - create
-  - delete
-  - deletecollection
-  - get
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - networking.istio.io
-  resources:
-  - envoyfilters
-  verbs:
-  - create
-  - delete
-  - deletecollection
-  - get
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - coordination.k8s.io
-  resources:
-  - leases
-  verbs:
-  - create
-  - delete
-  - deletecollection
-  - get
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - speedscale.com
-  resources:
-  - trafficreplays
-  verbs:
-  - create
-  - delete
-  - deletecollection
-  - get
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - speedscale.com
-  resources:
-  - trafficreplays/status
-  verbs:
-  - get
-  - update
-  - patch
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  creationTimestamp: null
-  name: speedscale-operator
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: speedscale-operator
-subjects:
-- kind: ServiceAccount
-  name: speedscale-operator
-  namespace: {{ .Release.Namespace }}
diff --git a/packages/speedscale-operator/charts/templates/secrets.yaml b/packages/speedscale-operator/charts/templates/secrets.yaml
deleted file mode 100644
index 097e29312..000000000
--- a/packages/speedscale-operator/charts/templates/secrets.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
----
-apiVersion: v1
-data:
-  .dockerconfigjson: eyJhdXRocyI6eyJnY3IuaW8iOnsidXNlcm5hbWUiOiJfanNvbl9rZXkiLCJwYXNzd29yZCI6IntcbiAgXCJ0eXBlXCI6IFwic2VydmljZV9hY2NvdW50XCIsXG4gIFwicHJvamVjdF9pZFwiOiBcInNwZWVkc2NhbGVcIixcbiAgXCJwcml2YXRlX2tleV9pZFwiOiBcIjQyNzU2ZWQ2NWU0ZGE3ZTE2ODEyOTgxOTk4ODFiZGZmOGZlODY1Y2NcIixcbiAgXCJwcml2YXRlX2tleVwiOiBcIi0tLS0tQkVHSU4gUFJJVkFURSBLRVktLS0tLVxcbk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRQzRwbHZ3TTEvek0xeWhcXG5hUFZvRDBQZjNMb0lnTDNDM2xNMGM0TVFNL2lsb2JSS3NObTA1WnRiVFhUVGx3RklxODJDVnl2NlU2U0hXM0V1XFxuaDdyQllFUmRTRHJLSTNNNEUyV3AxY3c5TkdKYTNuc1hGSWhLRmU3ZThSandsUk92eXlYLzE0UEVmN3NOdGlMVFxcbmtPK2JqckpxVEVpU2NCUFloUkQvRnFFZmJWQm9NYnZpdkVDQkY2dGRqcTVwRiswVmdiT2FEdnJqZ2dRdnVWdHVcXG5VYzlRcW5QaE1CU3Z3dE5oOTZGc2dncnVFQ1N6Z2UyYTVJRE5wYmYwb2U3ZTVycFU0c0hSb3l1ZWlOeU1ZSHpYXFxuUjQraGRFNTJnOXFLN3dYTStHUi9OREdMUkgxeDlhdjRZYlBURTZnOGtkcWdCQVp0c05KaDRwVUp6Y1VWMENJV1xcbmZuRFNlNkhGQWdNQkFBRUNnZ0VBSFNEdFB2cXp4N2RTQlFwOE1ESzhSOXZYb3hEQUhyWVkxUnpsejVBTFNRRzFcXG40ZFI5TzRxL0U4dW53dHMrOGhwY0hKUW8xV0FOZytiYWQzY2s4RzJCeTE5aUd0STEwbUpJOXQ1SnpsdnRxaDBQXFxudU9mZHlpWWtuUm5XajlsTWxqNUxXODFCTmFYYXVjS0NRdkxKd2JYa2tsMC9VNDZIcXUvdTZ2YkVheU5BL0hhYlxcblF0K1ROZlpaQW9MWmE0dnZrd0xLQ1VGNUkvenZnK21OTytZWllwV0V5QjR0U3JtMnpiWm96c3hMVFZ5TFR2WFVcXG5JZkFNYUE4UktyMGxIVXZ5WEZvd2l5N0F3bU5sanFCQlkyRkFXM3VyU3VOZ1YxdXdhQnRwN2w5OStaaCtiKzhPXFxuYW01QStuS2lvQk00TG54cGVwZThuVGkxU1Fsa3dZaG0zR0s5MktyZ3NRS0JnUURwWG1nZEZPbnpyaXhKYXRPZVxcbmt2RDR5L2d2WmNSdmJ1dDVwL0pZeFpBUnN5SytIM1RPMzJvK09sTm4rcG8vL2lPK0lvMTRaUUFKMm1MTU4vakhcXG5iM0hnTm1aV2dHRWk2blNBQ3QvYklPYUh2SHh5L0NtTEwzbTBUbjJnNzBScVZtVUpIMXZMQjhVUWlNY0ZHQnA3XFxuNFB4Tk4xeTZBY1BvUVRPVWlDT2tPZWZOeVFLQmdRREtqblhXVFEweGpjazdaVjIvRjBhYW8ybHRlTFpHdUZXQ1xcbjJnbTB0QSs5UUIzckhMcVZ4dWJwenZpd3dIclJHTlV0RDhRdjBJWU52TW11YSt1cXRVcFVaOE5LWXVDeWZQZ3VcXG5yWUxqUHlVVGxmOE4yaXVkYVIyZStVWDZCOWE0dXBYanJLdWtkWDM4SVlwZmJLS0RTQ3ZuZFlzT0x1ai9GeDRyXFxuMmVtdWRvL0NIUUtCZ0VTRmx0WnJMS0tEVXJlZjZWRVhYaS8vVy9rMnpXM1d5TWRvMjh6YS9ZbGs2dCtlUnVMelxcblVMUEMxbmlpYWFZK2plb25KUmpqdHhZdGpITGdRR2oydlI0VGV3c05HUGh5bFJCL29Pa3JpT1QwSUNwM0JnKzdcXG5PZVlLWWZMZUxsMTJ6cVhXRWxMVURqWGpvMlJJaG9ZM01uM05zcWxmR1ZIWnl6WmludXg2b0NpWkFvR0Fkb2R5XFxuc1JxWms5dlNXNjF2ZERqY21mVHg1cHR5bm1PVHRtUjh0WCtBamxBTXNkNDMyUmx4V25SQTFyMXJvUndVOHE5OVxcbk1EV25uRFpURm53VWhlcGNPcFFWbFZ2Uy9OOWdJNEJwVFMxUU51dlpPblBtZmRCYkF3SC9UdFp6Y2RuTmlGTXNcXG5oYW96Tk8wem1hOXFVY1JUM0xmTnpWanFBd3UySGhjQVJaVWZmb2tDZ1lFQWdhVEZhb1dnbENOazZtU0JlSXR2XFxuVjUxN3BOSFlXeHlpRzlwTDJIUUxFeDhwdkdWZFp1dUlONHdGdk13UzRldm1VeWN0dmkvMmc2R1FXdS9nYUFPVlxcblhuVXVtMi9xZ1grcTFjNEZFN0J4K3BGTFBCQkVBb1hodUwzSUZxczlRcGoxZG0wTG1tQjg0UHlFU0JEUzh1WGtcXG5lUWF3UkZHSHhpVzhhT1VnbWcxZ0FRQT1cXG4tLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tXFxuXCIsXG4gIFwiY2xpZW50X2VtYWlsXCI6IFwiZ2NycHVsbDJAc3BlZWRzY2FsZS5pYW0uZ3NlcnZpY2VhY2NvdW50LmNvbVwiLFxuICBcImNsaWVudF9pZFwiOiBcIjEwNzc4NTY0MDY5MzQzMzQ1MTc5OFwiLFxuICBcImF1dGhfdXJpXCI6IFwiaHR0cHM6Ly9hY2NvdW50cy5nb29nbGUuY29tL28vb2F1dGgyL2F1dGhcIixcbiAgXCJ0b2tlbl91cmlcIjogXCJodHRwczovL29hdXRoMi5nb29nbGVhcGlzLmNvbS90b2tlblwiLFxuICBcImF1dGhfcHJvdmlkZXJfeDUwOV9jZXJ0X3VybFwiOiBcImh0dHBzOi8vd3d3Lmdvb2dsZWFwaXMuY29tL29hdXRoMi92MS9jZXJ0c1wiLFxuICBcImNsaWVudF94NTA5X2NlcnRfdXJsXCI6IFwiaHR0cHM6Ly93d3cuZ29vZ2xlYXBpcy5jb20vcm9ib3QvdjEvbWV0YWRhdGEveDUwOS9nY3JwdWxsMiU0MHNwZWVkc2NhbGUuaWFtLmdzZXJ2aWNlYWNjb3VudC5jb21cIlxufSIsImVtYWlsIjoiZ2NycHVsbEBzcGVlZHNjYWxlLmlhbS5nc2VydmljZWFjY291bnQuY29tIiwiYXV0aCI6IlgycHpiMjVmYTJWNU9uc0tJQ0FpZEhsd1pTSTZJQ0p6WlhKMmFXTmxYMkZqWTI5MWJuUWlMQW9nSUNKd2NtOXFaV04wWDJsa0lqb2dJbk53WldWa2MyTmhiR1VpTEFvZ0lDSndjbWwyWVhSbFgydGxlVjlwWkNJNklDSTBNamMxTm1Wa05qVmxOR1JoTjJVeE5qZ3hNams0TVRrNU9EZ3hZbVJtWmpobVpUZzJOV05qSWl3S0lDQWljSEpwZG1GMFpWOXJaWGtpT2lBaUxTMHRMUzFDUlVkSlRpQlFVa2xXUVZSRklFdEZXUzB0TFMwdFhHNU5TVWxGZGxGSlFrRkVRVTVDWjJ0eGFHdHBSemwzTUVKQlVVVkdRVUZUUTBKTFkzZG5aMU5xUVdkRlFVRnZTVUpCVVVNMGNHeDJkMDB4TDNwTk1YbG9YRzVoVUZadlJEQlFaak5NYjBsblRETkRNMnhOTUdNMFRWRk5MMmxzYjJKU1MzTk9iVEExV25SaVZGaFVWR3gzUmtseE9ESkRWbmwyTmxVMlUwaFhNMFYxWEc1b04zSkNXVVZTWkZORWNrdEpNMDAwUlRKWGNERmpkemxPUjBwaE0yNXpXRVpKYUV0R1pUZGxPRkpxZDJ4U1QzWjVlVmd2TVRSUVJXWTNjMDUwYVV4VVhHNXJUeXRpYW5KS2NWUkZhVk5qUWxCWmFGSkVMMFp4UldaaVZrSnZUV0oyYVhaRlEwSkdOblJrYW5FMWNFWXJNRlpuWWs5aFJIWnlhbWRuVVhaMVZuUjFYRzVWWXpsUmNXNVFhRTFDVTNaM2RFNW9PVFpHYzJkbmNuVkZRMU42WjJVeVlUVkpSRTV3WW1Zd2IyVTNaVFZ5Y0ZVMGMwaFNiM2wxWldsT2VVMVpTSHBZWEc1U05DdG9aRVUxTW1jNWNVczNkMWhOSzBkU0wwNUVSMHhTU0RGNE9XRjJORmxpVUZSRk5tYzRhMlJ4WjBKQlduUnpUa3BvTkhCVlNucGpWVll3UTBsWFhHNW1ia1JUWlRaSVJrRm5UVUpCUVVWRFoyZEZRVWhUUkhSUWRuRjZlRGRrVTBKUmNEaE5SRXM0VWpsMldHOTRSRUZJY2xsWk1WSjZiSG8xUVV4VFVVY3hYRzQwWkZJNVR6UnhMMFU0ZFc1M2RITXJPR2h3WTBoS1VXOHhWMEZPWnl0aVlXUXpZMnM0UnpKQ2VURTVhVWQwU1RFd2JVcEpPWFExU25wc2RuUnhhREJRWEc1MVQyWmtlV2xaYTI1U2JsZHFPV3hOYkdvMVRGYzRNVUpPWVZoaGRXTkxRMUYyVEVwM1lsaHJhMnd3TDFVME5raHhkUzkxTm5aaVJXRjVUa0V2U0dGaVhHNVJkQ3RVVG1aYVdrRnZURnBoTkhaMmEzZE1TME5WUmpWSkwzcDJaeXR0VGs4cldWcFpjRmRGZVVJMGRGTnliVEo2WWxwdmVuTjRURlJXZVV4VWRsaFZYRzVKWmtGTllVRTRVa3R5TUd4SVZYWjVXRVp2ZDJsNU4wRjNiVTVzYW5GQ1Fsa3lSa0ZYTTNWeVUzVk9aMVl4ZFhkaFFuUndOMnc1T1N0YWFDdGlLemhQWEc1aGJUVkJLMjVMYVc5Q1RUUk1ibmh3WlhCbE9HNVVhVEZUVVd4cmQxbG9iVE5IU3preVMzSm5jMUZMUW1kUlJIQlliV2RrUms5dWVuSnBlRXBoZEU5bFhHNXJka1EwZVM5bmRscGpVblppZFhRMWNDOUtXWGhhUVZKemVVc3JTRE5VVHpNeWJ5dFBiRTV1SzNCdkx5OXBUeXRKYnpFMFdsRkJTakp0VEUxT0wycElYRzVpTTBoblRtMWFWMmRIUldrMmJsTkJRM1F2WWtsUFlVaDJTSGg1TDBOdFRFd3piVEJVYmpKbk56QlNjVlp0VlVwSU1YWk1RamhWVVdsTlkwWkhRbkEzWEc0MFVIaE9UakY1TmtGalVHOVJWRTlWYVVOUGEwOWxaazU1VVV0Q1oxRkVTMnB1V0ZkVVVUQjRhbU5yTjFwV01pOUdNR0ZoYnpKc2RHVk1Xa2QxUmxkRFhHNHlaMjB3ZEVFck9WRkNNM0pJVEhGV2VIVmljSHAyYVhkM1NISlNSMDVWZEVRNFVYWXdTVmxPZGsxdGRXRXJkWEYwVlhCVldqaE9TMWwxUTNsbVVHZDFYRzV5V1V4cVVIbFZWR3htT0U0eWFYVmtZVkl5WlN0VldEWkNPV0UwZFhCWWFuSkxkV3RrV0RNNFNWbHdabUpMUzBSVFEzWnVaRmx6VDB4MWFpOUdlRFJ5WEc0eVpXMTFaRzh2UTBoUlMwSm5SVk5HYkhSYWNreExTMFJWY21WbU5sWkZXRmhwTHk5WEwyc3llbGN6VjNsTlpHOHlPSHBoTDFsc2F6WjBLMlZTZFV4NlhHNVZURkJETVc1cGFXRmhXU3RxWlc5dVNsSnFhblI0V1hScVNFeG5VVWRxTW5aU05GUmxkM05PUjFCb2VXeFNRaTl2VDJ0eWFVOVVNRWxEY0ROQ1p5czNYRzVQWlZsTFdXWk1aVXhzTVRKNmNWaFhSV3hNVlVScVdHcHZNbEpKYUc5Wk0wMXVNMDV6Y1d4bVIxWklXbmw2V21sdWRYZzJiME5wV2tGdlIwRmtiMlI1WEc1elVuRmFhemwyVTFjMk1YWmtSR3BqYldaVWVEVndkSGx1YlU5VWRHMVNPSFJZSzBGcWJFRk5jMlEwTXpKU2JIaFhibEpCTVhJeGNtOVNkMVU0Y1RrNVhHNU5SRmR1YmtSYVZFWnVkMVZvWlhCalQzQlJWbXhXZGxNdlRqbG5TVFJDY0ZSVE1WRk9kWFphVDI1UWJXWmtRbUpCZDBndlZIUmFlbU5rYms1cFJrMXpYRzVvWVc5NlRrOHdlbTFoT1hGVlkxSlVNMHhtVG5wV2FuRkJkM1V5U0doalFWSmFWV1ptYjJ0RFoxbEZRV2RoVkVaaGIxZG5iRU5PYXpadFUwSmxTWFIyWEc1V05URTNjRTVJV1ZkNGVXbEhPWEJNTWtoUlRFVjRPSEIyUjFaa1duVjFTVTQwZDBaMlRYZFROR1YyYlZWNVkzUjJhUzh5WnpaSFVWZDFMMmRoUVU5V1hHNVlibFYxYlRJdmNXZFlLM0V4WXpSR1JUZENlQ3R3Umt4UVFrSkZRVzlZYUhWTU0wbEdjWE01VVhCcU1XUnRNRXh0YlVJNE5GQjVSVk5DUkZNNGRWaHJYRzVsVVdGM1VrWkhTSGhwVnpoaFQxVm5iV2N4WjBGUlFUMWNiaTB0TFMwdFJVNUVJRkJTU1ZaQlZFVWdTMFZaTFMwdExTMWNiaUlzQ2lBZ0ltTnNhV1Z1ZEY5bGJXRnBiQ0k2SUNKblkzSndkV3hzTWtCemNHVmxaSE5qWVd4bExtbGhiUzVuYzJWeWRtbGpaV0ZqWTI5MWJuUXVZMjl0SWl3S0lDQWlZMnhwWlc1MFgybGtJam9nSWpFd056YzROVFkwTURZNU16UXpNelExTVRjNU9DSXNDaUFnSW1GMWRHaGZkWEpwSWpvZ0ltaDBkSEJ6T2k4dllXTmpiM1Z1ZEhNdVoyOXZaMnhsTG1OdmJTOXZMMjloZFhSb01pOWhkWFJvSWl3S0lDQWlkRzlyWlc1ZmRYSnBJam9nSW1oMGRIQnpPaTh2YjJGMWRHZ3lMbWR2YjJkc1pXRndhWE11WTI5dEwzUnZhMlZ1SWl3S0lDQWlZWFYwYUY5d2NtOTJhV1JsY2w5NE5UQTVYMk5sY25SZmRYSnNJam9nSW1oMGRIQnpPaTh2ZDNkM0xtZHZiMmRzWldGd2FYTXVZMjl0TDI5aGRYUm9NaTkyTVM5alpYSjBjeUlzQ2lBZ0ltTnNhV1Z1ZEY5NE5UQTVYMk5sY25SZmRYSnNJam9nSW1oMGRIQnpPaTh2ZDNkM0xtZHZiMmRzWldGd2FYTXVZMjl0TDNKdlltOTBMM1l4TDIxbGRHRmtZWFJoTDNnMU1Ea3ZaMk55Y0hWc2JESWxOREJ6Y0dWbFpITmpZV3hsTG1saGJTNW5jMlZ5ZG1salpXRmpZMjkxYm5RdVkyOXRJZ3A5In19fQ==
-kind: Secret
-metadata:
-  creationTimestamp: null
-  name: speedscale-gcrcreds
-  namespace: {{ .Release.Namespace }}
-type: kubernetes.io/dockerconfigjson
----
-apiVersion: v1
-data:
-  SPEEDSCALE_API_KEY: {{ .Values.apiKey | b64enc }}
-  SPEEDSCALE_APP_URL: {{ .Values.appUrl | b64enc }}
-kind: Secret
-metadata:
-  creationTimestamp: null
-  name: speedscale-apikey
-  namespace: {{ .Release.Namespace }}
-type: Opaque
diff --git a/packages/speedscale-operator/charts/templates/services.yaml b/packages/speedscale-operator/charts/templates/services.yaml
deleted file mode 100644
index d6169bbf3..000000000
--- a/packages/speedscale-operator/charts/templates/services.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
-  creationTimestamp: null
-  labels:
-    app: speedscale-operator
-    controlplane.speedscale.com/component: operator
-  name: speedscale-operator
-  namespace: {{ .Release.Namespace }}
-spec:
-  ports:
-  - port: 443
-    protocol: TCP
-    targetPort: 9443
-  selector:
-    app: speedscale-operator
-    controlplane.speedscale.com/component: operator
-status:
-  loadBalancer: {}
diff --git a/packages/speedscale-operator/charts/templates/tls.yaml b/packages/speedscale-operator/charts/templates/tls.yaml
deleted file mode 100644
index 54404314f..000000000
--- a/packages/speedscale-operator/charts/templates/tls.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-{{- $crt := "" -}}
-{{- $key := "" -}}
-{{- $s := (lookup "v1" "Secret" .Release.Namespace "speedscale-certs") -}}
-{{- if $s -}}
-{{- $crt = index $s.data "tls.crt" | b64dec -}}
-{{- $key = index $s.data "tls.key" | b64dec -}}
-{{ else }}
-{{- $cert := genCA "Speedscale" 3650 -}}
-{{- $crt = $cert.Cert -}}
-{{- $key = $cert.Key -}}
-{{- end -}}
----
-apiVersion: v1
-data:
-  tls.crt: {{ $crt | b64enc }}
-  tls.key: {{ $key | b64enc }}
-kind: Secret
-metadata:
-  annotations:
-    helm.sh/hook: pre-install
-    helm.sh/hook-delete-policy: before-hook-creation
-  creationTimestamp: null
-  name: speedscale-certs
-  namespace: {{ .Release.Namespace }}
-type: kubernetes.io/tls
diff --git a/packages/speedscale-operator/charts/values.yaml b/packages/speedscale-operator/charts/values.yaml
deleted file mode 100644
index e0aab2836..000000000
--- a/packages/speedscale-operator/charts/values.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-# An API key is required to connect to the Speedscale cloud.
-# If you need a key email support@speedscale.com.
-apiKey: ""
-# Speedscale domain to use.
-appUrl: "app.speedscale.com"
-
-# The name of your cluster.
-clusterName: "my-cluster"
-
-# Speedscale components image settings.
-image:
-    registry: gcr.io/speedscale
-    tag: v1.0.29
-    pullPolicy: Always
-
-# Log level for Speedscale components.
-logLevel: "info"
-
-# Namespaces to be watched by Speedscale Operator.
-namespaceSelector: {}
-
-# Instructs operator to deploy resources necessary to interact with your cluster from the Speedscale dashboard.
-dashboardAccess: true
-
-# Filter Rule to apply to the Speedscale Forwarder
-filterRule: "standard"
-
-# Data Loss Prevention settings.
-dlp:
-    
-    # Instructs operator to enable data loss prevention features
-    enabled: false
-    
-    # Configuration for data loss prevention
-    config: "standard"