rancher · mjura · Aug 23, 2023 · Aug 21, 2023 · Aug 21, 2023
diff --git a/assets/rancher-eks-operator-crd/rancher-eks-operator-crd-103.0.0+up1.3.0-rc1.tgz b/assets/rancher-eks-operator-crd/rancher-eks-operator-crd-103.0.0+up1.3.0-rc1.tgz
diff --git a/assets/rancher-eks-operator/rancher-eks-operator-103.0.0+up1.3.0-rc1.tgz b/assets/rancher-eks-operator/rancher-eks-operator-103.0.0+up1.3.0-rc1.tgz
diff --git a/charts/rancher-eks-operator-crd/103.0.0+up1.3.0-rc1/Chart.yaml b/charts/rancher-eks-operator-crd/103.0.0+up1.3.0-rc1/Chart.yaml
@@ -0,0 +1,12 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/namespace: cattle-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/release-name: rancher-eks-operator-crd
+apiVersion: v2
+appVersion: 1.3.0-rc1
+description: EKS Operator CustomResourceDefinitions
+name: rancher-eks-operator-crd
+version: 103.0.0+up1.3.0-rc1
diff --git a/charts/rancher-eks-operator-crd/103.0.0+up1.3.0-rc1/templates/crds.yaml b/charts/rancher-eks-operator-crd/103.0.0+up1.3.0-rc1/templates/crds.yaml
@@ -0,0 +1,226 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    helm.sh/resource-policy: keep
+  name: eksclusterconfigs.eks.cattle.io
+spec:
+  group: eks.cattle.io
+  names:
+    kind: EKSClusterConfig
+    plural: eksclusterconfigs
+    shortNames:
+    - ekscc
+    singular: eksclusterconfig
+  preserveUnknownFields: false
+  scope: Namespaced
+  versions:
+  - name: v1
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              amazonCredentialSecret:
+                nullable: true
+                type: string
+              displayName:
+                nullable: true
+                type: string
+              ebsCSIDriver:
+                nullable: true
+                type: boolean
+              imported:
+                type: boolean
+              kmsKey:
+                nullable: true
+                type: string
+              kubernetesVersion:
+                nullable: true
+                type: string
+              loggingTypes:
+                items:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: array
+              nodeGroups:
+                items:
+                  properties:
+                    desiredSize:
+                      nullable: true
+                      type: integer
+                    diskSize:
+                      nullable: true
+                      type: integer
+                    ec2SshKey:
+                      nullable: true
+                      type: string
+                    gpu:
+                      nullable: true
+                      type: boolean
+                    imageId:
+                      nullable: true
+                      type: string
+                    instanceType:
+                      nullable: true
+                      type: string
+                    labels:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: object
+                    launchTemplate:
+                      nullable: true
+                      properties:
+                        id:
+                          nullable: true
+                          type: string
+                        name:
+                          nullable: true
+                          type: string
+                        version:
+                          nullable: true
+                          type: integer
+                      type: object
+                    maxSize:
+                      nullable: true
+                      type: integer
+                    minSize:
+                      nullable: true
+                      type: integer
+                    nodeRole:
+                      nullable: true
+                      type: string
+                    nodegroupName:
+                      nullable: true
+                      type: string
+                    requestSpotInstances:
+                      nullable: true
+                      type: boolean
+                    resourceTags:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: object
+                    spotInstanceTypes:
+                      items:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: array
+                    subnets:
+                      items:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: array
+                    tags:
+                      additionalProperties:
+                        nullable: true
+                        type: string
+                      nullable: true
+                      type: object
+                    userData:
+                      nullable: true
+                      type: string
+                    version:
+                      nullable: true
+                      type: string
+                  required:
+                  - nodegroupName
+                  type: object
+                nullable: true
+                type: array
+              privateAccess:
+                nullable: true
+                type: boolean
+              publicAccess:
+                nullable: true
+                type: boolean
+              publicAccessSources:
+                items:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: array
+              region:
+                nullable: true
+                type: string
+              secretsEncryption:
+                nullable: true
+                type: boolean
+              securityGroups:
+                items:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: array
+              serviceRole:
+                nullable: true
+                type: string
+              subnets:
+                items:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: array
+              tags:
+                additionalProperties:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: object
+            type: object
+          status:
+            properties:
+              failureMessage:
+                nullable: true
+                type: string
+              generatedNodeRole:
+                nullable: true
+                type: string
+              managedLaunchTemplateID:
+                nullable: true
+                type: string
+              managedLaunchTemplateVersions:
+                additionalProperties:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: object
+              networkFieldsSource:
+                nullable: true
+                type: string
+              phase:
+                nullable: true
+                type: string
+              securityGroups:
+                items:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: array
+              subnets:
+                items:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: array
+              templateVersionsToDelete:
+                items:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: array
+              virtualNetwork:
+                nullable: true
+                type: string
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/charts/rancher-eks-operator/103.0.0+up1.3.0-rc1/Chart.yaml b/charts/rancher-eks-operator/103.0.0+up1.3.0-rc1/Chart.yaml
@@ -0,0 +1,20 @@
+annotations:
+  catalog.cattle.io/auto-install: rancher-eks-operator-crd=match
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/kube-version: '>= 1.20.0-0 < 1.28.0-0'
+  catalog.cattle.io/namespace: cattle-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/provides-gvr: eksclusterconfigs.eks.cattle.io/v1
+  catalog.cattle.io/rancher-version: '>= 2.8.0-0 < 2.9.0-0'
+  catalog.cattle.io/release-name: rancher-eks-operator
+  catalog.cattle.io/scope: management
+apiVersion: v2
+appVersion: 1.3.0-rc1
+description: A Helm chart for provisioning EKS clusters
+home: https://github.com/rancher/eks-operator
+name: rancher-eks-operator
+sources:
+- https://github.com/rancher/eks-operator
+version: 103.0.0+up1.3.0-rc1
diff --git a/charts/rancher-eks-operator/103.0.0+up1.3.0-rc1/templates/NOTES.txt b/charts/rancher-eks-operator/103.0.0+up1.3.0-rc1/templates/NOTES.txt
@@ -0,0 +1,4 @@
+You have deployed the Rancher EKS operator
+Version: {{ .Chart.AppVersion }}
+Description: This operator provisions EKS clusters
+from EKSClusterConfig CRs.
diff --git a/charts/rancher-eks-operator/103.0.0+up1.3.0-rc1/templates/_helpers.tpl b/charts/rancher-eks-operator/103.0.0+up1.3.0-rc1/templates/_helpers.tpl
@@ -0,0 +1,25 @@
+{{/* vim: set filetype=mustache: */}}
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+kubernetes.io/os: linux
+{{- end -}}
+
diff --git a/charts/rancher-eks-operator/103.0.0+up1.3.0-rc1/templates/clusterrole.yaml b/charts/rancher-eks-operator/103.0.0+up1.3.0-rc1/templates/clusterrole.yaml
@@ -0,0 +1,15 @@
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: eks-operator
+  namespace: cattle-system
+rules:
+  - apiGroups: ['']
+    resources: ['secrets']
+    verbs: ['get', 'list', 'create', 'watch']
+  - apiGroups: ['eks.cattle.io']
+    resources: ['eksclusterconfigs']
+    verbs: ['get', 'list', 'update', 'watch']
+  - apiGroups: ['eks.cattle.io']
+    resources: ['eksclusterconfigs/status']
+    verbs: ['update']
diff --git a/charts/rancher-eks-operator/103.0.0+up1.3.0-rc1/templates/clusterrolebinding.yaml b/charts/rancher-eks-operator/103.0.0+up1.3.0-rc1/templates/clusterrolebinding.yaml
@@ -0,0 +1,13 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name:  eks-operator
+  namespace: cattle-system
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: eks-operator
+subjects:
+- kind: ServiceAccount
+  name: eks-operator
+  namespace: cattle-system
diff --git a/charts/rancher-eks-operator/103.0.0+up1.3.0-rc1/templates/deployment.yaml b/charts/rancher-eks-operator/103.0.0+up1.3.0-rc1/templates/deployment.yaml
@@ -0,0 +1,61 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: eks-config-operator
+  namespace: cattle-system
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      ke.cattle.io/operator: eks
+  template:
+    metadata:
+      labels:
+        ke.cattle.io/operator: eks
+    spec:
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 8 }}
+{{- end }}
+      serviceAccountName: eks-operator
+      {{- if .Values.priorityClassName }}
+      priorityClassName: "{{.Values.priorityClassName}}"
+      {{- end }}
+      securityContext:
+        fsGroup: 1007
+        runAsUser: 1007
+      containers:
+      - name: eks-operator
+        image: {{ template "system_default_registry" . }}{{ .Values.eksOperator.image.repository }}:{{ .Values.eksOperator.image.tag }}
+        imagePullPolicy: IfNotPresent
+        env:
+        - name: HTTP_PROXY
+          value: {{ .Values.httpProxy }}
+        - name: HTTPS_PROXY
+          value: {{ .Values.httpsProxy }}
+        - name: NO_PROXY
+          value: {{ .Values.noProxy }}
+{{- if .Values.additionalTrustedCAs }}
+        # eks-operator mounts the additional CAs in two places:
+        volumeMounts:
+            # This directory is owned by the eks-operator user so c_rehash works here.
+          - mountPath: /etc/rancher/ssl/ca-additional.pem
+            name: tls-ca-additional-volume
+            subPath: ca-additional.pem
+            readOnly: true
+            # This directory is root-owned so c_rehash doesn't work here,
+            # but the cert is here in case update-ca-certificates is called in the future or by the OS.
+          - mountPath: /etc/pki/trust/anchors/ca-additional.pem
+            name: tls-ca-additional-volume
+            subPath: ca-additional.pem
+            readOnly: true
+      volumes:
+        - name: tls-ca-additional-volume
+          secret:
+            defaultMode: 0400
+            secretName: tls-ca-additional
+  {{- end }}
diff --git a/charts/rancher-eks-operator/103.0.0+up1.3.0-rc1/templates/serviceaccount.yaml b/charts/rancher-eks-operator/103.0.0+up1.3.0-rc1/templates/serviceaccount.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  namespace: cattle-system
+  name: eks-operator