From f394096baa8d57884a6ce2f239a692ad3330bd01 Mon Sep 17 00:00:00 2001 From: "Georgi N. Georgiev" Date: Fri, 20 Oct 2023 21:50:56 +0000 Subject: [PATCH] operator gitlab-runner-operator (1.18.1) Signed-off-by: Georgi N. Georgiev --- .../manifests/apps.gitlab.com_runners.yaml | 235 ++++++++ ...ole_rbac.authorization.k8s.io_v1_role.yaml | 28 + ...c.authorization.k8s.io_v1_rolebinding.yaml | 11 + ...er-manager-metrics-service_v1_service.yaml | 18 + ...c.authorization.k8s.io_v1_clusterrole.yaml | 10 + ...runner-operator.clusterserviceversion.yaml | 568 ++++++++++++++++++ .../gitlab-runner-sa_v1_serviceaccount.yaml | 5 + ...lab-runner-webhook-service_v1_service.yaml | 17 + .../1.18.1/metadata/annotations.yaml | 15 + .../1.18.1/tests/scorecard/config.yaml | 70 +++ 10 files changed, 977 insertions(+) create mode 100644 operators/gitlab-runner-operator/1.18.1/manifests/apps.gitlab.com_runners.yaml create mode 100644 operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-app-role_rbac.authorization.k8s.io_v1_role.yaml create mode 100644 operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-app-rolebinding_rbac.authorization.k8s.io_v1_rolebinding.yaml create mode 100644 operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-controller-manager-metrics-service_v1_service.yaml create mode 100644 operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml create mode 100644 operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-operator.clusterserviceversion.yaml create mode 100644 operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-sa_v1_serviceaccount.yaml create mode 100644 operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-webhook-service_v1_service.yaml create mode 100644 operators/gitlab-runner-operator/1.18.1/metadata/annotations.yaml create mode 100644 operators/gitlab-runner-operator/1.18.1/tests/scorecard/config.yaml diff --git a/operators/gitlab-runner-operator/1.18.1/manifests/apps.gitlab.com_runners.yaml b/operators/gitlab-runner-operator/1.18.1/manifests/apps.gitlab.com_runners.yaml new file mode 100644 index 00000000000..da3d83645af --- /dev/null +++ b/operators/gitlab-runner-operator/1.18.1/manifests/apps.gitlab.com_runners.yaml @@ -0,0 +1,235 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.1 + creationTimestamp: null + name: runners.apps.gitlab.com +spec: + group: apps.gitlab.com + names: + kind: Runner + listKind: RunnerList + plural: runners + singular: runner + scope: Namespaced + versions: + - name: v1beta2 + schema: + openAPIV3Schema: + description: Runner is the open source project used to run your jobs and send + the results back to GitLab + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of the desired behavior of a GitLab Runner + instance + properties: + azure: + description: options used to setup Azure blob storage as GitLab Runner + Cache + properties: + container: + description: Name of the Azure container in which the cache will + be stored + type: string + credentials: + description: Credentials secret contains 'accountName' and 'privateKey' + used to authenticate against Azure blob storage + type: string + storageDomain: + description: The domain name of the Azure blob storage e.g. blob.core.windows.net + type: string + type: object + buildImage: + description: The name of the default image to use to run build jobs, + when none is specified + type: string + ca: + description: Name of tls secret containing the custom certificate + authority (CA) certificates + type: string + cachePath: + description: Path defines the Runner Cache path + type: string + cacheShared: + description: Enable sharing of cache between Runners + type: boolean + cacheType: + description: 'Type of cache used for Runner artifacts Options are: + gcs, s3, azure' + type: string + cloneURL: + description: If specified, overrides the default URL used to clone + or fetch the Git ref + type: string + concurrent: + description: Option to limit the number of jobs globally that can + run concurrently. The operator sets this to 10, if not specified + format: int32 + type: integer + config: + description: allow user to provide configmap name containing the user + provided config.toml + type: string + env: + description: Accepts configmap name. Provides user mechanism to inject + environment variables in the GitLab Runner pod via the key value + pairs in the ConfigMap + type: string + gcs: + description: options used to setup GCS (Google Container Storage) + as GitLab Runner Cache + properties: + bucket: + description: Name of the bucket in which the cache will be stored + type: string + credentials: + description: contains the GCS 'access-id' and 'private-key' + type: string + credentialsFile: + description: Takes GCS credentials file, 'keys.json' + type: string + type: object + gitlabUrl: + description: The fully qualified domain name for the GitLab instance. + For example, https://gitlab.example.com + type: string + helperImage: + description: If specified, overrides the default GitLab Runner helper + image + type: string + imagePullPolicy: + description: 'ImagePullPolicy sets the Image pull policy. One of Always, + Never, IfNotPresent. Defaults to Always if :latest tag is specified, + or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + interval: + description: Option to define the number of seconds between checks + for new jobs. This is set to a default of 30s by operator if not + set + format: int32 + type: integer + locked: + description: Specify whether the runner should be locked to a specific + project. Defaults to false. + type: boolean + podSpec: + items: + description: KubernetesPodSpec represents the structure expected + when adding a custom PodSpec to configure the Pod running the + GitLab Runner Manager + properties: + name: + description: Name is the name given to the custom Pod Spec + type: string + patch: + description: A JSON or YAML format string that describes the + changes which must be applied to the final PodSpec object + before it is generated. You cannot set the patch_path and + patch in the same pod_spec configuration, otherwise an error + occurs. + type: string + patchFile: + description: Path to the file that defines the changes to apply + to the final PodSpec object before it is generated. The file + must be a JSON or YAML file. You cannot set the patch_path + and patch in the same pod_spec configuration, otherwise an + error occurs. + type: string + patchType: + description: The strategy the runner uses to apply the specified + changes to the PodSpec object generated by GitLab Runner. + The accepted values are merge, json, and strategic (default + value). + type: string + required: + - name + - patchType + type: object + type: array + protected: + description: Specify whether the runner should only run protected + branches. Defaults to false. + type: boolean + runUntagged: + description: Specify if jobs without tags should be run. If not specified, + runner will default to true if no tags were specified. In other + case it will default to false. + type: boolean + runnerImage: + description: If specified, overrides the default GitLab Runner image. + Default is the Runner image the operator was bundled with. + type: string + s3: + description: options used to setup S3 object store as GitLab Runner + Cache + properties: + bucket: + description: Name of the bucket in which the cache will be stored + type: string + credentials: + description: Name of the secret containing the 'accesskey' and + 'secretkey' used to access the object storage + type: string + insecure: + description: Use insecure connections or HTTP + type: boolean + location: + description: Name of the S3 region in use + type: string + server: + type: string + type: object + serviceaccount: + description: allow user to override service account used by GitLab + Runner + type: string + tags: + description: 'List of comma separated tags to be applied to the runner + More info: https://docs.gitlab.com/ee/ci/runners/#use-tags-to-limit-the-number-of-jobs-using-the-runner' + type: string + token: + description: Name of secret containing the 'runner-registration-token' + key used to register the runner + type: string + required: + - gitlabUrl + - token + type: object + status: + description: Most recently observed status of the GitLab Runner. It is + read-only to the user + properties: + message: + description: Additional information of GitLab Runner registration + type: string + phase: + description: Reports status of the GitLab Runner instance + type: string + registration: + description: Reports status of GitLab Runner registration + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-app-role_rbac.authorization.k8s.io_v1_role.yaml b/operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-app-role_rbac.authorization.k8s.io_v1_role.yaml new file mode 100644 index 00000000000..47f02107868 --- /dev/null +++ b/operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-app-role_rbac.authorization.k8s.io_v1_role.yaml @@ -0,0 +1,28 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + creationTimestamp: null + name: gitlab-runner-app-role +rules: +- apiGroups: + - "" + resources: + - secrets + - pods + - services + - services/status + - services/proxy + - services/finalizers + - pods/attach + - pods/exec + - pods/log + - persistentvolumeclaims + - configmaps + verbs: + - create + - get + - list + - watch + - delete + - patch + - update diff --git a/operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-app-rolebinding_rbac.authorization.k8s.io_v1_rolebinding.yaml b/operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-app-rolebinding_rbac.authorization.k8s.io_v1_rolebinding.yaml new file mode 100644 index 00000000000..783fd401118 --- /dev/null +++ b/operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-app-rolebinding_rbac.authorization.k8s.io_v1_rolebinding.yaml @@ -0,0 +1,11 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: gitlab-runner-app-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: gitlab-runner-app-role +subjects: +- kind: ServiceAccount + name: gitlab-runner-sa diff --git a/operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-controller-manager-metrics-service_v1_service.yaml b/operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-controller-manager-metrics-service_v1_service.yaml new file mode 100644 index 00000000000..e7ee96b58dd --- /dev/null +++ b/operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-controller-manager-metrics-service_v1_service.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: controller-manager + app.kubernetes.io/managed-by: olm + app.kubernetes.io/name: gitlab-runner-operator + name: gitlab-runner-controller-manager-metrics-service +spec: + ports: + - name: https + port: 8443 + targetPort: https + selector: + app.kubernetes.io/name: gitlab-runner-operator +status: + loadBalancer: {} diff --git a/operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml b/operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml new file mode 100644 index 00000000000..a95da2b8f1a --- /dev/null +++ b/operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -0,0 +1,10 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: gitlab-runner-metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get diff --git a/operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-operator.clusterserviceversion.yaml b/operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-operator.clusterserviceversion.yaml new file mode 100644 index 00000000000..3018e4e9aeb --- /dev/null +++ b/operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-operator.clusterserviceversion.yaml @@ -0,0 +1,568 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "apps.gitlab.com/v1beta2", + "kind": "Runner", + "metadata": { + "name": "example" + }, + "spec": { + "gitlabUrl": "https://gitlab.com", + "imagePullPolicy": "Always", + "tags": "openshift, test", + "token": "gitlab-dev-runner-secret" + } + } + ] + capabilities: Deep Insights + categories: Integration & Delivery, Developer Tools + certified: "true" + containerImage: registry.gitlab.com/gitlab-org/gl-openshift/gitlab-runner-operator/gitlab-runner-operator@sha256:3f2486e677e306081205af96528e46f90fa4968ef3dd226905eb0bb42baf449a + createdAt: "2023-10-20T21:49:52Z" + description: GitLab Runner operator manages lifecycle of GitLab Runner instances + operators.openshift.io/infrastructure-features: '["Disconnected"]' + operators.operatorframework.io/builder: operator-sdk-v1.25.2 + operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 + repository: https://gitlab.com/gitlab-org/gl-openshift/gitlab-runner-operator + support: GitLab, Inc. + olm.skipRange: '>=1.11.0 <1.18.1' + labels: + operatorframework.io/arch.amd64: supported + operatorframework.io/arch.ppc64le: supported + name: gitlab-runner-operator.v1.18.1 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: Runner is the open source project used to run your jobs and send the results back to GitLab + displayName: GitLab Runner + kind: Runner + name: runners.apps.gitlab.com + resources: + - kind: ConfigMap + name: "" + version: v1 + - kind: Deployment + name: "" + version: v1 + - kind: PersistentVolumeClaim + name: "" + version: v1 + - kind: Pod + name: "" + version: v1 + - kind: Secret + name: "" + version: v1 + - kind: Service + name: "" + version: v1 + specDescriptors: + - description: Option to limit the number of jobs globally that can run concurrently. The operator sets this to 10, if not specified + displayName: Concurrent + path: concurrent + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - description: The fully qualified domain name for the GitLab instance. For example, https://gitlab.example.com + displayName: GitLab URL + path: gitlabUrl + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - description: Option to define the number of seconds between checks for new jobs. This is set to a default of 30s by operator if not set + displayName: Check Interval + path: interval + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - description: 'List of comma separated tags to be applied to the runner More info: https://docs.gitlab.com/ee/ci/runners/#use-tags-to-limit-the-number-of-jobs-using-the-runner' + displayName: Tags + path: tags + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - description: Name of secret containing the 'runner-registration-token' key used to register the runner + displayName: Registration Token + path: token + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:selector:core:v1:Secret + statusDescriptors: + - description: Additional information of GitLab Runner registration + displayName: Message + path: message + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - description: Reports status of the GitLab Runner instance + displayName: Phase + path: phase + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + - description: Reports status of GitLab Runner registration + displayName: Registration + path: registration + x-descriptors: + - urn:alm:descriptor:com.tectonic.ui:text + version: v1beta2 + description: | + GitLab Runner is the lightweight, highly-scalable agent that runs your build jobs and sends the results back to a GitLab instance. GitLab Runner works in conjunction with GitLab CI/CD, the open-source continuous integration service included with GitLab. + + The GitLab Runner operator manages the lifecycle of GitLab Runner in Kubernetes or Openshift clusters. The operator aims to automate the tasks needed to run your CI/CD jobs in your container orchestration platform. + + ## Prerequisites + + For Kubernetes cluster, install cert-manager: + + ```shell + kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.7.1/cert-manager.yaml + ``` + + ## GitLab Runner version + + This version of **GitLab Runner Operator** ships with **GitLab Runner v16.4.1**. + + To use a different version of **GitLab Runner** change the [`runnerImage` and `helperImage` properties](https://docs.gitlab.com/runner/configuration/configuring_runner_operator.html#operator-properties). + + ## Usage + + To link a GitLab Runner instance to a self-hosted GitLab instance or the hosted [GitLab](https://gitlab.com), you first need to: + + 1. Create a secret containing the `runner-registration-token` from your GitLab project. + + ``` + cat > gitlab-runner-secret.yml << EOF + apiVersion: v1 + kind: Secret + metadata: + name: gitlab-runner-secret + type: Opaque + stringData: + runner-registration-token: REPLACE_ME # your project runner secret + EOF + ``` + + ``` + oc apply -f gitlab-runner-secret.yml + ``` + + 2. Create the Custom Resource Definition (CRD) file and include the following information. The tags value must be openshift for the job to run. + + ``` + cat > gitlab-runner.yml << EOF + apiVersion: apps.gitlab.com/v1beta2 + kind: Runner + metadata: + name: gitlab-runner + spec: + gitlabUrl: https://gitlab.example.com + buildImage: alpine + token: gitlab-runner-secret + tags: openshift + EOF + ``` + + ``` + oc apply -f gitlab-runner.yml + ``` + + ## Full documentation + + Visit [Install GitLab Runner Operator](https://docs.gitlab.com/runner/install/operator.html) + displayName: GitLab Runner + icon: + - base64data:  + mediatype: image/png + install: + spec: + clusterPermissions: + - rules: + - apiGroups: + - apps + resources: + - deployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - apps.gitlab.com + resources: + - runners + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - apps.gitlab.com + resources: + - runners/finalizers + verbs: + - delete + - patch + - update + - apiGroups: + - apps.gitlab.com + resources: + - runners/status + verbs: + - get + - patch + - update + - apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - pods/attach + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - pods/exec + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - pods/log + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - resourcequotas + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - serviceaccounts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - services/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - services/proxy + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - services/status + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - rbac.authorization.k8s.io + resources: + - roles + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + serviceAccountName: default + deployments: + - label: + app.kubernetes.io/component: controller-manager + app.kubernetes.io/managed-by: olm + app.kubernetes.io/name: gitlab-runner-operator + name: gitlab-runner-controller-manager + spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: gitlab-runner-operator + strategy: {} + template: + metadata: + labels: + app.kubernetes.io/component: controller-manager + app.kubernetes.io/managed-by: olm + app.kubernetes.io/name: gitlab-runner-operator + spec: + containers: + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=10 + image: registry.gitlab.com/gitlab-org/gl-openshift/gitlab-runner-operator/openshift4/ose-kube-rbac-proxy@sha256:4564ca3dc5bac80d6faddaf94c817fbbc270698a9399d8a21ee1005d85ceda56 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + resources: {} + - args: + - --metrics-addr=127.0.0.1:8080 + - --enable-leader-election + command: + - /manager + env: + - name: ENABLE_WEBHOOK + value: "false" + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.annotations['olm.operatorNamespace'] + - name: WATCH_NAMESPACES + valueFrom: + fieldRef: + fieldPath: metadata.annotations['olm.targetNamespaces'] + - name: ENABLE_WEBHOOKS + value: 'false' + image: registry.gitlab.com/gitlab-org/gl-openshift/gitlab-runner-operator/gitlab-runner-operator@sha256:3f2486e677e306081205af96528e46f90fa4968ef3dd226905eb0bb42baf449a + name: manager + resources: + limits: + cpu: 150m + memory: 300Mi + requests: + cpu: 100m + memory: 180Mi + terminationGracePeriodSeconds: 10 + permissions: + - rules: + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - configmaps/status + verbs: + - get + - update + - patch + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + serviceAccountName: default + strategy: deployment + installModes: + - supported: true + type: OwnNamespace + - supported: false + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: true + type: AllNamespaces + keywords: + - GitLab + - CI/CD + - DevOps + - SAST + - DAST + links: + - name: Gitlab Runner Operator + url: https://gitlab.com/gitlab-org/gl-openshift/gitlab-runner-operator + - name: GitLab Docs + url: https://docs.gitlab.com + - name: GitLab Runner + url: https://docs.gitlab.com/runner/ + - name: GitLab CI/CD + url: https://docs.gitlab.com/ee/ci/quick_start/ + maintainers: + - email: support@gitlab.com + name: Georgi N. Georgiev + maturity: stable + minKubeVersion: 1.21.0 + provider: + name: GitLab, Inc. + relatedImages: + - image: registry.gitlab.com/gitlab-org/ci-cd/gitlab-runner-ubi-images/gitlab-runner-ocp@sha256:0131316e26a40001ee4d37bb2d7c4e590ca182e648185002a8382ae9a43eb0c1 + name: gitlab-runner + - image: registry.gitlab.com/gitlab-org/ci-cd/gitlab-runner-ubi-images/gitlab-runner-helper-ocp@sha256:e25b383c2c786ae1ce650eb41803e705e03c4123d9d1772f87ded5624d159647 + name: gitlab-runner-helper + - image: registry.gitlab.com/gitlab-org/gl-openshift/gitlab-runner-operator/gitlab-runner-operator@sha256:3f2486e677e306081205af96528e46f90fa4968ef3dd226905eb0bb42baf449a + name: gitlab-runner-operator + - image: registry.gitlab.com/gitlab-org/gl-openshift/gitlab-runner-operator/openshift4/ose-kube-rbac-proxy@sha256:4564ca3dc5bac80d6faddaf94c817fbbc270698a9399d8a21ee1005d85ceda56 + name: kube-rbac-proxy + replaces: gitlab-runner-operator.v1.18.0 + version: 1.18.1 diff --git a/operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-sa_v1_serviceaccount.yaml b/operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-sa_v1_serviceaccount.yaml new file mode 100644 index 00000000000..53618a0d22f --- /dev/null +++ b/operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-sa_v1_serviceaccount.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + creationTimestamp: null + name: gitlab-runner-sa diff --git a/operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-webhook-service_v1_service.yaml b/operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-webhook-service_v1_service.yaml new file mode 100644 index 00000000000..1a9e67bd84b --- /dev/null +++ b/operators/gitlab-runner-operator/1.18.1/manifests/gitlab-runner-webhook-service_v1_service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: controller-manager + app.kubernetes.io/managed-by: olm + app.kubernetes.io/name: gitlab-runner-operator + name: gitlab-runner-webhook-service +spec: + ports: + - port: 443 + targetPort: 9443 + selector: + app.kubernetes.io/name: gitlab-runner-operator +status: + loadBalancer: {} diff --git a/operators/gitlab-runner-operator/1.18.1/metadata/annotations.yaml b/operators/gitlab-runner-operator/1.18.1/metadata/annotations.yaml new file mode 100644 index 00000000000..3549fc8c602 --- /dev/null +++ b/operators/gitlab-runner-operator/1.18.1/metadata/annotations.yaml @@ -0,0 +1,15 @@ +annotations: + # Core bundle annotations. + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: gitlab-runner-operator + operators.operatorframework.io.bundle.channels.v1: stable + operators.operatorframework.io.bundle.channel.default.v1: stable + operators.operatorframework.io.metrics.builder: operator-sdk-v1.25.2 + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: go.kubebuilder.io/v3 + # Annotations for testing. + operators.operatorframework.io.test.mediatype.v1: scorecard+v1 + operators.operatorframework.io.test.config.v1: tests/scorecard/ + com.redhat.openshift.versions: v4.8-v4.13 diff --git a/operators/gitlab-runner-operator/1.18.1/tests/scorecard/config.yaml b/operators/gitlab-runner-operator/1.18.1/tests/scorecard/config.yaml new file mode 100644 index 00000000000..ffc0447e073 --- /dev/null +++ b/operators/gitlab-runner-operator/1.18.1/tests/scorecard/config.yaml @@ -0,0 +1,70 @@ +apiVersion: scorecard.operatorframework.io/v1alpha3 +kind: Configuration +metadata: + name: config +stages: +- parallel: true + tests: + - entrypoint: + - scorecard-test + - basic-check-spec + image: quay.io/operator-framework/scorecard-test:v1.2.0 + labels: + suite: basic + test: basic-check-spec-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-bundle-validation + image: quay.io/operator-framework/scorecard-test:v1.2.0 + labels: + suite: olm + test: olm-bundle-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-validation + image: quay.io/operator-framework/scorecard-test:v1.2.0 + labels: + suite: olm + test: olm-crds-have-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-resources + image: quay.io/operator-framework/scorecard-test:v1.2.0 + labels: + suite: olm + test: olm-crds-have-resources-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-spec-descriptors + image: quay.io/operator-framework/scorecard-test:v1.2.0 + labels: + suite: olm + test: olm-spec-descriptors-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-status-descriptors + image: quay.io/operator-framework/scorecard-test:v1.2.0 + labels: + suite: olm + test: olm-status-descriptors-test + storage: + spec: + mountPath: {} +storage: + spec: + mountPath: {}