--- apiVersion: v1 kind: Namespace metadata: name: olm --- apiVersion: v1 kind: Namespace metadata: name: operators --- kind: ServiceAccount apiVersion: v1 metadata: name: olm-operator-serviceaccount namespace: olm --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: system:controller:operator-lifecycle-manager rules: - apiGroups: ["*"] resources: ["*"] verbs: ["*"] - nonResourceURLs: ["*"] verbs: ["*"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: olm-operator-binding-olm roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: system:controller:operator-lifecycle-manager subjects: - kind: ServiceAccount name: olm-operator-serviceaccount namespace: olm --- apiVersion: apps/v1 kind: Deployment metadata: name: olm-operator namespace: olm labels: app: olm-operator spec: strategy: type: RollingUpdate replicas: 1 selector: matchLabels: app: olm-operator template: metadata: labels: app: olm-operator spec: serviceAccountName: olm-operator-serviceaccount containers: - name: olm-operator command: - /bin/olm args: - --namespace - $(OPERATOR_NAMESPACE) - --writeStatusName - "" image: quay.io/operator-framework/olm@sha256:e74b2ac57963c7f3ba19122a8c31c9f2a0deb3c0c5cac9e5323ccffd0ca198ed imagePullPolicy: IfNotPresent ports: - containerPort: 8080 - containerPort: 8081 name: metrics protocol: TCP livenessProbe: httpGet: path: /healthz port: 8080 readinessProbe: httpGet: path: /healthz port: 8080 terminationMessagePolicy: FallbackToLogsOnError env: - name: OPERATOR_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - name: OPERATOR_NAME value: olm-operator resources: requests: cpu: 10m memory: 160Mi nodeSelector: kubernetes.io/os: linux --- apiVersion: apps/v1 kind: Deployment metadata: name: catalog-operator namespace: olm labels: app: catalog-operator spec: strategy: type: RollingUpdate replicas: 1 selector: matchLabels: app: catalog-operator template: metadata: labels: app: catalog-operator spec: serviceAccountName: olm-operator-serviceaccount containers: - name: catalog-operator command: - /bin/catalog args: - '-namespace' - olm - -configmapServerImage=quay.io/operator-framework/configmap-operator-registry:latest - -util-image - quay.io/operator-framework/olm@sha256:e74b2ac57963c7f3ba19122a8c31c9f2a0deb3c0c5cac9e5323ccffd0ca198ed image: quay.io/operator-framework/olm@sha256:e74b2ac57963c7f3ba19122a8c31c9f2a0deb3c0c5cac9e5323ccffd0ca198ed imagePullPolicy: IfNotPresent ports: - containerPort: 8080 - containerPort: 8081 name: metrics protocol: TCP livenessProbe: httpGet: path: /healthz port: 8080 readinessProbe: httpGet: path: /healthz port: 8080 terminationMessagePolicy: FallbackToLogsOnError resources: requests: cpu: 10m memory: 80Mi nodeSelector: kubernetes.io/os: linux --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: aggregate-olm-edit labels: rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rules: - apiGroups: ["operators.coreos.com"] resources: ["subscriptions"] verbs: ["create", "update", "patch", "delete"] - apiGroups: ["operators.coreos.com"] resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions"] verbs: ["delete"] --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: name: aggregate-olm-view labels: rbac.authorization.k8s.io/aggregate-to-admin: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-view: "true" rules: - apiGroups: ["operators.coreos.com"] resources: ["clusterserviceversions", "catalogsources", "installplans", "subscriptions", "operatorgroups"] verbs: ["get", "list", "watch"] - apiGroups: ["packages.operators.coreos.com"] resources: ["packagemanifests", "packagemanifests/icon"] verbs: ["get", "list", "watch"] --- apiVersion: operators.coreos.com/v1 kind: OperatorGroup metadata: name: global-operators namespace: operators --- apiVersion: operators.coreos.com/v1 kind: OperatorGroup metadata: name: olm-operators namespace: olm spec: targetNamespaces: - olm --- apiVersion: operators.coreos.com/v1alpha1 kind: ClusterServiceVersion metadata: name: packageserver namespace: olm labels: olm.version: 0.18.3 spec: displayName: Package Server description: Represents an Operator package that is available from a given CatalogSource which will resolve to a ClusterServiceVersion. minKubeVersion: 1.11.0 keywords: ['packagemanifests', 'olm', 'packages'] maintainers: - name: Red Hat email: openshift-operators@redhat.com provider: name: Red Hat links: - name: Package Server url: https://github.com/operator-framework/operator-lifecycle-manager/tree/master/pkg/package-server installModes: - type: OwnNamespace supported: true - type: SingleNamespace supported: true - type: MultiNamespace supported: true - type: AllNamespaces supported: true install: strategy: deployment spec: clusterPermissions: - serviceAccountName: olm-operator-serviceaccount rules: - apiGroups: - authorization.k8s.io resources: - subjectaccessreviews verbs: - create - get - apiGroups: - "" resources: - configmaps verbs: - get - list - watch - apiGroups: - "operators.coreos.com" resources: - catalogsources verbs: - get - list - watch - apiGroups: - "packages.operators.coreos.com" resources: - packagemanifests verbs: - get - list deployments: - name: packageserver spec: strategy: type: RollingUpdate rollingUpdate: maxUnavailable: 1 maxSurge: 1 replicas: 2 selector: matchLabels: app: packageserver template: metadata: labels: app: packageserver spec: serviceAccountName: olm-operator-serviceaccount nodeSelector: kubernetes.io/os: linux containers: - name: packageserver command: - /bin/package-server - -v=4 - --secure-port - "5443" - --global-namespace - olm image: quay.io/operator-framework/olm@sha256:e74b2ac57963c7f3ba19122a8c31c9f2a0deb3c0c5cac9e5323ccffd0ca198ed imagePullPolicy: Always ports: - containerPort: 5443 livenessProbe: httpGet: scheme: HTTPS path: /healthz port: 5443 readinessProbe: httpGet: scheme: HTTPS path: /healthz port: 5443 terminationMessagePolicy: FallbackToLogsOnError resources: requests: cpu: 10m memory: 50Mi securityContext: runAsUser: 1000 volumeMounts: - name: tmpfs mountPath: /tmp volumes: - name: tmpfs emptyDir: {} maturity: alpha version: 0.18.3 apiservicedefinitions: owned: - group: packages.operators.coreos.com version: v1 kind: PackageManifest name: packagemanifests displayName: PackageManifest description: A PackageManifest is a resource generated from existing CatalogSources and their ConfigMaps deploymentName: packageserver containerPort: 5443 --- apiVersion: operators.coreos.com/v1alpha1 kind: CatalogSource metadata: name: operatorhubio-catalog namespace: olm spec: sourceType: grpc image: quay.io/operatorhubio/catalog:latest displayName: Community Operators publisher: OperatorHub.io updateStrategy: registryPoll: interval: 60m