added acm sdtuff

Author: foster-rh

charts/portworx-operator/Chart.yaml

@@ -0,0 +1,14 @@
+apiVersion: v2
+name: portworx-operator
+description: Helm chart for deploying Portworx Enterprise operator on ROSA HCP with workload identity (IRSA)
+type: application
+version: 0.1.0
+appVersion: "3.2"
+dependencies:
+  - name: helper-status-checker
+    version: 4.4.3
+    repository: https://rosa-hcp-dedicated-vpc.github.io/helm-repository/
+    condition: helper-status-checker.enabled
+home: https://rh-mobb.github.io/validated-pattern-helm-charts/
+maintainers:
+  - name: rh-mobb

charts/portworx-operator/templates/configmap-monitoring.yaml

@@ -0,0 +1,13 @@
+{{- if .Values.monitoring.enableUserWorkload }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: cluster-monitoring-config
+  namespace: openshift-monitoring
+  annotations:
+    argocd.argoproj.io/sync-wave: "0"
+    argocd.argoproj.io/sync-options: Replace=true
+data:
+  config.yaml: |
+    enableUserWorkload: true
+{{- end }}

charts/portworx-operator/templates/namespace.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: {{ .Values.namespace }}
+  annotations:
+    argocd.argoproj.io/sync-wave: "-1"
+  labels:
+    openshift.io/cluster-monitoring: "true"
+    pod-security.kubernetes.io/audit: privileged
+    pod-security.kubernetes.io/enforce: privileged
+    pod-security.kubernetes.io/warn: privileged
+    security.openshift.io/scc.podSecurityLabelSync: "false"

charts/portworx-operator/templates/operatorgroup.yaml

@@ -0,0 +1,13 @@
+{{- if .Values.operatorGroup.create }}
+apiVersion: operators.coreos.com/v1
+kind: OperatorGroup
+metadata:
+  name: {{ .Values.operatorGroup.name | default .Values.subscription.name }}
+  namespace: {{ .Values.namespace }}
+  annotations:
+    argocd.argoproj.io/sync-wave: "0"
+spec:
+  targetNamespaces:
+    - {{ .Values.namespace }}
+  upgradeStrategy: Default
+{{- end }}

charts/portworx-operator/templates/storagecluster.yaml

@@ -0,0 +1,31 @@
+{{- if .Values.storageCluster.enabled }}
+apiVersion: core.libopenstorage.org/v1
+kind: StorageCluster
+metadata:
+  name: {{ .Values.storageCluster.name }}
+  namespace: {{ .Values.namespace }}
+  annotations:
+    argocd.argoproj.io/sync-wave: {{ .Values.storageCluster.syncWave | default "5" | quote }}
+    argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true,Validate=false
+    portworx.io/service-account: portworx
+spec:
+  image: portworx/oci-monitor:{{ .Values.storageCluster.imageVersion }}
+  imagePullPolicy: Always
+  cloudStorage:
+    deviceSpecs:
+    {{- range .Values.storageCluster.cloudStorage.deviceSpecs }}
+      - type={{ .type }},size={{ .size }},iops={{ .iops }}
+    {{- end }}
+    maxStorageNodesPerZone: {{ .Values.storageCluster.cloudStorage.maxStorageNodesPerZone }}
+    kvdbDeviceSpec: {{ .Values.storageCluster.cloudStorage.kvdbDeviceSpec | quote }}
+  secretsProvider: k8s
+  stork:
+    enabled: true
+  autopilot:
+    enabled: true
+  {{- if .Values.storageCluster.iamRoleArn }}
+  env:
+    - name: PX_CLOUD_IDENTITY
+      value: {{ .Values.storageCluster.iamRoleArn | quote }}
+  {{- end }}
+{{- end }}

charts/portworx-operator/templates/subscription.yaml

@@ -0,0 +1,17 @@
+apiVersion: operators.coreos.com/v1alpha1
+kind: Subscription
+metadata:
+  name: {{ .Values.subscription.name }}
+  namespace: {{ .Values.namespace }}
+  annotations:
+    argocd.argoproj.io/sync-wave: "0"
+    argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
+spec:
+  channel: {{ .Values.subscription.channel }}
+  installPlanApproval: {{ .Values.subscription.installPlanApproval }}
+  name: {{ .Values.subscription.name }}
+  source: {{ .Values.subscription.source }}
+  sourceNamespace: {{ .Values.subscription.sourceNamespace }}
+  {{- if .Values.subscription.startingCSV }}
+  startingCSV: {{ .Values.subscription.startingCSV }}
+  {{- end }}

charts/portworx-operator/values.yaml

@@ -0,0 +1,44 @@
+namespace: portworx
+
+subscription:
+  name: portworx-certified
+  channel: stable
+  installPlanApproval: Manual
+  source: certified-operators
+  sourceNamespace: openshift-marketplace
+  startingCSV: ""
+
+operatorGroup:
+  create: true
+  name: portworx-operator-group
+
+storageCluster:
+  enabled: true
+  name: px-cluster
+  # Required: IAM role ARN for Portworx workload identity (from terraform output portworx_role_arn)
+  iamRoleArn: ""
+  imageVersion: "3.2.1"
+  syncWave: 5
+  cloudStorage:
+    deviceSpecs:
+      - type: gp3
+        size: 150
+        iops: 3000
+    maxStorageNodesPerZone: 3
+    kvdbDeviceSpec: "type=gp3,size=150,iops=3000"
+
+monitoring:
+  enableUserWorkload: true
+
+helper-status-checker:
+  enabled: true
+  approver: true
+  checks:
+    - operatorName: portworx-certified
+      subscriptionName: portworx-certified
+      namespace:
+        name: portworx
+      sleeptimer: 10
+      maxretries: 60
+      serviceAccount:
+        name: "portworx-status-checker"