update charts
diff --git a/charts/k8s-gerrit/helm-charts/gerrit-operator/.helmignore b/charts/k8s-gerrit/helm-charts/gerrit-operator/.helmignore
new file mode 100644
index 0000000..0e8a0eb
--- /dev/null
+++ b/charts/k8s-gerrit/helm-charts/gerrit-operator/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/k8s-gerrit/helm-charts/gerrit-operator/Chart.yaml b/charts/k8s-gerrit/helm-charts/gerrit-operator/Chart.yaml
new file mode 100644
index 0000000..21ce467
--- /dev/null
+++ b/charts/k8s-gerrit/helm-charts/gerrit-operator/Chart.yaml
@@ -0,0 +1,12 @@
+apiVersion: v2
+name: gerrit-operator
+description: |
+ This helm chart creates a Deployment for the gerrit-operator. A corresponding
+ Service for the operator is implicitly created.
+sources:
+- https://gerrit.googlesource.com/k8s-gerrit/+/refs/heads/master/operator
+version : 0.1.0
+dependencies:
+- name: gerrit-operator-crds
+ version: 0.1.0
+ repository: "file://../gerrit-operator-crds"
diff --git a/charts/k8s-gerrit/helm-charts/gerrit-operator/templates/operator.yaml b/charts/k8s-gerrit/helm-charts/gerrit-operator/templates/operator.yaml
new file mode 100644
index 0000000..f9ed84f
--- /dev/null
+++ b/charts/k8s-gerrit/helm-charts/gerrit-operator/templates/operator.yaml
@@ -0,0 +1,71 @@
+{{- if .Values.externalKeyStore.enabled }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: gerrit-operator-ssl
+ namespace: {{ .Release.Namespace }}
+data:
+ keystore.jks: {{ .Values.externalKeyStore.jks }}
+ keystore.password: {{ .Values.externalKeyStore.password | b64enc }}
+type: Opaque
+{{- end }}
+
+
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: gerrit-operator
+ namespace: {{ .Release.Namespace }}
+spec:
+ selector:
+ matchLabels:
+ app: gerrit-operator
+ template:
+ metadata:
+ labels:
+ app: gerrit-operator
+ spec:
+ serviceAccountName: gerrit-operator
+ {{- with .Values.image.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ containers:
+ - name: operator
+ image: {{ .Values.image.registry | default "docker.io" }}/{{ .Values.image.org }}/{{ .Values.image.name }}:{{ .Values.image.tag | default "latest" }}
+ imagePullPolicy: {{ .Values.image.imagePullPolicy }}
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ - name: INGRESS
+ value: {{ .Values.ingress.type }}
+ ports:
+ - containerPort: 80
+ readinessProbe:
+ httpGet:
+ path: /health
+ port: 8080
+ scheme: HTTPS
+ initialDelaySeconds: 10
+ livenessProbe:
+ httpGet:
+ path: /health
+ port: 8080
+ scheme: HTTPS
+ initialDelaySeconds: 30
+ {{- if .Values.externalKeyStore.enabled }}
+ volumeMounts:
+ - name: ssl
+ readOnly: true
+ mountPath: /operator
+ {{- end }}
+ {{- if .Values.externalKeyStore.enabled }}
+ volumes:
+ - name: ssl
+ secret:
+ secretName: gerrit-operator-ssl
+ {{- end }}
diff --git a/charts/k8s-gerrit/helm-charts/gerrit-operator/templates/rbac.yaml b/charts/k8s-gerrit/helm-charts/gerrit-operator/templates/rbac.yaml
new file mode 100644
index 0000000..fbd2ae7
--- /dev/null
+++ b/charts/k8s-gerrit/helm-charts/gerrit-operator/templates/rbac.yaml
@@ -0,0 +1,87 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: gerrit-operator
+ namespace: {{ .Release.Namespace }}
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: gerrit-operator-admin
+subjects:
+- kind: ServiceAccount
+ name: gerrit-operator
+ namespace: {{ .Release.Namespace }}
+roleRef:
+ kind: ClusterRole
+ name: gerrit-operator
+ apiGroup: ""
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ name: gerrit-operator
+rules:
+- apiGroups:
+ - "batch"
+ resources:
+ - cronjobs
+ verbs:
+ - '*'
+- apiGroups:
+ - "apps"
+ resources:
+ - statefulsets
+ - deployments
+ verbs:
+ - '*'
+- apiGroups:
+ - ""
+ resources:
+ - configmaps
+ - persistentvolumeclaims
+ - secrets
+ - services
+ verbs:
+ - '*'
+- apiGroups:
+ - "storage.k8s.io"
+ resources:
+ - storageclasses
+ verbs:
+ - 'get'
+ - 'list'
+- apiGroups:
+ - "apiextensions.k8s.io"
+ resources:
+ - customresourcedefinitions
+ verbs:
+ - '*'
+- apiGroups:
+ - "networking.k8s.io"
+ resources:
+ - ingresses
+ verbs:
+ - '*'
+- apiGroups:
+ - "gerritoperator.google.com"
+ resources:
+ - '*'
+ verbs:
+ - '*'
+- apiGroups:
+ - "networking.istio.io"
+ resources:
+ - "gateways"
+ - "virtualservices"
+ - "destinationrules"
+ verbs:
+ - '*'
+- apiGroups:
+ - "admissionregistration.k8s.io"
+ resources:
+ - 'validatingwebhookconfigurations'
+ verbs:
+ - '*'
diff --git a/charts/k8s-gerrit/helm-charts/gerrit-operator/values.yaml b/charts/k8s-gerrit/helm-charts/gerrit-operator/values.yaml
new file mode 100644
index 0000000..ebb88af
--- /dev/null
+++ b/charts/k8s-gerrit/helm-charts/gerrit-operator/values.yaml
@@ -0,0 +1,21 @@
+image:
+ registry: docker.io
+ org: k8sgerrit
+ name: gerrit-operator
+ tag: latest
+ imagePullPolicy: Always
+ imagePullSecrets: []
+ # - name: my-secret-1
+
+ingress:
+ # Which ingress provider to use (options: NONE, INGRESS, ISTIO)
+ type: NONE
+
+## Required to use an external/persistent keystore, otherwise a keystore using
+## self-signed certificates will be generated
+externalKeyStore:
+ enabled: false
+ # base64-encoded Java keystore
+ jks: ""
+ # Java keystore password (not base64-encoded)
+ password: ""