Adding Helm functionality

.github/workflows/helm-release.yaml

@@ -0,0 +1,41 @@
+name: helm-release
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: Configure Git
+        run: |
+          git config user.name "$GITHUB_ACTOR"
+          git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
+
+      - name: Install Helm
+        uses: azure/setup-helm@v1
+        with:
+          version: v3.7.1
+
+      - name: Create Helm chart
+        run: |
+          echo VERSION: $VERSION
+          make helm-chart
+        env:
+          VERSION: ${{ github.ref_name }}
+
+      # Reinventing the wheel if/until https://github.com/helm/chart-releaser-action/pull/96 is merged
+      - name: Release Helm chart
+        run: |
+          echo VERSION: $VERSION
+          make helm-release
+        env:
+          VERSION: ${{ github.ref_name }}
+          CR_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.helm/starter/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

.helm/starter/Chart.yaml

@@ -0,0 +1,6 @@
+apiVersion: v2
+appVersion: 0.1.0
+description: A Helm chart for Kubernetes
+name: starter
+type: application
+version: 0.1.0

Makefile

@@ -7,6 +7,13 @@ VERSION ?= $(shell git describe --tags)
 
 CONTAINER_CMD ?= docker
 
+# GNU vs BSD in-place sed
+ifeq ($(shell sed --version 2>/dev/null | grep -q GNU && echo gnu),gnu)
+	SED_I := sed -i
+else
+	SED_I := sed -i ''
+endif
+
 # CHANNELS define the bundle channels used in the bundle.
 # Add a new line here if you would like to change its default config. (E.g CHANNELS = "candidate,fast,stable")
 # To re-generate a bundle for other specific channels without changing the standard setup, you can:
@@ -41,6 +48,14 @@ BUNDLE_IMG ?= $(IMAGE_TAG_BASE)-bundle:v$(VERSION)
 IMG ?= $(IMAGE_TAG_BASE):$(VERSION)
 NAMESPACE ?= awx
 
+# Helm variables
+CHART_NAME ?= awx-operator
+CHART_DESCRIPTION ?= A Helm chart for the AWX Operator
+CHART_OWNER ?= ansible
+CHART_REPO ?= awx-operator
+CHART_BRANCH ?= gh-pages
+CHART_INDEX ?= index.yaml
+
 all: docker-build
 
 ##@ General
@@ -103,7 +118,7 @@ ifeq (,$(shell which kustomize 2>/dev/null))
 	@{ \
 	set -e ;\
 	mkdir -p $(dir $(KUSTOMIZE)) ;\
-	curl -sSLo - https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v3.8.7/kustomize_v3.8.7_$(OS)_$(ARCH).tar.gz | \
+	curl -sSLo - https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v4.5.2/kustomize_v4.5.2_$(OS)_$(ARCH).tar.gz | \
 	tar xzf - -C bin/ ;\
 	}
 else
@@ -181,3 +196,123 @@ catalog-build: opm ## Build a catalog image.
 .PHONY: catalog-push
 catalog-push: ## Push a catalog image.
 	$(MAKE) docker-push IMG=$(CATALOG_IMG)
+
+.PHONY: kubectl-slice
+KUBECTL_SLICE = $(shell pwd)/bin/kubectl-slice
+kubectl-slice: ## Download kubectl-slice locally if necessary.
+ifeq (,$(wildcard $(KUBECTL_SLICE)))
+ifeq (,$(shell which kubectl-slice 2>/dev/null))
+	@{ \
+	set -e ;\
+	mkdir -p $(dir $(KUBECTL_SLICE)) ;\
+	curl -sSLo - https://github.com/patrickdappollonio/kubectl-slice/releases/download/v1.1.0/kubectl-slice_1.1.0_$(OS)_$(ARCH).tar.gz | \
+	tar xzf - -C bin/ kubectl-slice ;\
+	}
+else
+KUBECTL_SLICE = $(shell which kubectl-slice)
+endif
+endif
+
+.PHONY: helm
+HELM = $(shell pwd)/bin/helm
+helm: ## Download helm locally if necessary.
+ifeq (,$(wildcard $(HELM)))
+ifeq (,$(shell which helm 2>/dev/null))
+	@{ \
+	set -e ;\
+	mkdir -p $(dir $(HELM)) ;\
+	curl -sSLo - https://get.helm.sh/helm-v3.8.0-$(OS)-$(ARCH).tar.gz | \
+	tar xzf - -C bin/ $(OS)-$(ARCH)/helm ;\
+	mv bin/$(OS)-$(ARCH)/helm bin/helm ;\
+	rmdir bin/$(OS)-$(ARCH) ;\
+	}
+else
+HELM = $(shell which helm)
+endif
+endif
+
+.PHONY: yq
+YQ = $(shell pwd)/bin/yq
+yq: ## Download yq locally if necessary.
+ifeq (,$(wildcard $(YQ)))
+ifeq (,$(shell which yq 2>/dev/null))
+	@{ \
+	set -e ;\
+	mkdir -p $(dir $(HELM)) ;\
+	curl -sSLo - https://github.com/mikefarah/yq/releases/download/v4.20.2/yq_$(OS)_$(ARCH).tar.gz | \
+	tar xzf - -C bin/ yq_$(OS)_$(ARCH) ;\
+	mv bin/yq_$(OS)_$(ARCH) bin/yq ;\
+	}
+else
+YQ = $(shell which yq)
+endif
+endif
+
+PHONY: cr
+CR = $(shell pwd)/bin/cr
+cr: ## Download cr locally if necessary.
+ifeq (,$(wildcard $(CR)))
+ifeq (,$(shell which cr 2>/dev/null))
+	@{ \
+	set -e ;\
+	mkdir -p $(dir $(CR)) ;\
+	curl -sSLo - https://github.com/helm/chart-releaser/releases/download/v1.3.0/chart-releaser_1.3.0_$(OS)_$(ARCH).tar.gz | \
+	tar xzf - -C bin/ cr ;\
+	}
+else
+CR = $(shell which cr)
+endif
+endif
+
+.PHONY: helm-chart
+helm-chart: kustomize helm kubectl-slice yq
+	@echo "== KUSTOMIZE (image and namespace) =="
+	cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG}
+	cd config/default && $(KUSTOMIZE) edit set namespace ${NAMESPACE}
+
+	@echo "== HELM =="
+	cd charts && \
+		$(HELM) create awx-operator --starter $(shell pwd)/.helm/starter ;\
+		$(YQ) -i '.version = "$(VERSION)"' $(CHART_NAME)/Chart.yaml ;\
+		$(YQ) -i '.appVersion = "$(VERSION)" | .appVersion style="double"' $(CHART_NAME)/Chart.yaml ;\
+		$(YQ) -i '.description = "$(CHART_DESCRIPTION)"' $(CHART_NAME)/Chart.yaml ;\
+
+	@cat charts/$(CHART_NAME)/Chart.yaml
+
+	@echo "== KUSTOMIZE (annotation) =="
+	cd config/manager && $(KUSTOMIZE) edit set annotation helm.sh/chart:$(CHART_NAME)-$(VERSION)
+	cd config/default && $(KUSTOMIZE) edit set annotation helm.sh/chart:$(CHART_NAME)-$(VERSION)
+
+	@echo "== SLICE =="
+	$(KUSTOMIZE) build config/default | \
+		$(KUBECTL_SLICE) --input-file=- \
+			--output-dir=charts/$(CHART_NAME)/templates \
+			--sort-by-kind
+	@echo "Helm Chart $(VERSION)" > charts/$(CHART_NAME)/templates/NOTES.txt
+
+.PHONY: helm-release
+helm-release: cr helm-chart
+	$(CR) version
+	@echo "== CHART RELEASER (package) =="
+	$(CR) package ./charts/awx-operator
+	@echo "== CHART RELEASER (upload) =="
+	$(CR) upload \
+		--owner "$(CHART_OWNER)" \
+		--git-repo "$(CHART_REPO)" \
+		--token "$(CR_TOKEN)" \
+		--skip-existing
+
+	@echo "== CHART RELEASER (httpsorigin) =="
+	git remote add httpsorigin "https://github.com/$(CHART_OWNER)/$(CHART_REPO).git"
+	git fetch --all
+
+	@echo "== CHART RELEASER (index) =="
+	$(CR) index \
+		--owner "$(CHART_OWNER)" \
+		--git-repo "$(CHART_REPO)" \
+		--token "$(CR_TOKEN)" \
+		--pages-branch "$(CHART_BRANCH)" \
+		--index-path "./charts/$(CHART_INDEX)" \
+		--charts-repo "https://$(CHART_OWNER).github.io/$(CHART_REPO)/$(CHART_INDEX)" \
+		--remote httpsorigin \
+		--push

README.md

@@ -8,46 +8,51 @@ An [Ansible AWX](https://github.com/ansible/awx) operator for Kubernetes built w
 <!-- Regenerate this table of contents using https://github.com/ekalinin/github-markdown-toc -->
 <!-- gh-md-toc --insert README.md -->
 <!--ts-->
-- [AWX Operator](#awx-operator)
-- [Table of Contents](#table-of-contents)
-  - [Purpose](#purpose)
-  - [Usage](#usage)
-    - [Creating a minikube cluster for testing](#creating-a-minikube-cluster-for-testing)
-    - [Basic Install](#basic-install)
-    - [Admin user account configuration](#admin-user-account-configuration)
-    - [Network and TLS Configuration](#network-and-tls-configuration)
-      - [Service Type](#service-type)
-      - [Ingress Type](#ingress-type)
-    - [Database Configuration](#database-configuration)
-      - [External PostgreSQL Service](#external-postgresql-service)
-      - [Migrating data from an old AWX instance](#migrating-data-from-an-old-awx-instance)
-      - [Managed PostgreSQL Service](#managed-postgresql-service)
-    - [Advanced Configuration](#advanced-configuration)
-      - [Deploying a specific version of AWX](#deploying-a-specific-version-of-awx)
-      - [Redis container capabilities](#redis-container-capabilities)
-      - [Privileged Tasks](#privileged-tasks)
-      - [Containers Resource Requirements](#containers-resource-requirements)
-      - [Assigning AWX pods to specific nodes](#assigning-awx-pods-to-specific-nodes)
-      - [Trusting a Custom Certificate Authority](#trusting-a-custom-certificate-authority)
-      - [Enabling LDAP Integration at AWX bootstrap](#enabling-ldap-integration-at-awx-bootstrap)
-      - [Persisting Projects Directory](#persisting-projects-directory)
-      - [Custom Volume and Volume Mount Options](#custom-volume-and-volume-mount-options)
-      - [Default execution environments from private registries](#default-execution-environments-from-private-registries)
-        - [Control plane ee from private registry](#control-plane-ee-from-private-registry)
-      - [Exporting Environment Variables to Containers](#exporting-environment-variables-to-containers)
-      - [Extra Settings](#extra-settings)
-      - [Service Account](#service-account)
-    - [Uninstall](#uninstall)
-    - [Upgrading](#upgrading)
-      - [v0.14.0](#v0140)
-        - [Cluster-scope to Namespace-scope considerations](#cluster-scope-to-namespace-scope-considerations)
-        - [Project is now based on v1.x of the operator-sdk project](#project-is-now-based-on-v1x-of-the-operator-sdk-project)
-        - [Steps to upgrade](#steps-to-upgrade)
-  - [Contributing](#contributing)
-  - [Release Process](#release-process)
-  - [Author](#author)
+* [AWX Operator](#awx-operator)
+* [Table of Contents](#table-of-contents)
+   * [Purpose](#purpose)
+   * [Usage](#usage)
+      * [Creating a minikube cluster for testing](#creating-a-minikube-cluster-for-testing)
+      * [Basic Install](#basic-install)
+      * [Helm Install on existing cluster](#helm-install-on-existing-cluster)
+      * [Admin user account configuration](#admin-user-account-configuration)
+      * [Network and TLS Configuration](#network-and-tls-configuration)
+         * [Service Type](#service-type)
+         * [Ingress Type](#ingress-type)
+      * [Database Configuration](#database-configuration)
+         * [External PostgreSQL Service](#external-postgresql-service)
+         * [Migrating data from an old AWX instance](#migrating-data-from-an-old-awx-instance)
+         * [Managed PostgreSQL Service](#managed-postgresql-service)
+      * [Advanced Configuration](#advanced-configuration)
+         * [Deploying a specific version of AWX](#deploying-a-specific-version-of-awx)
+         * [Redis container capabilities](#redis-container-capabilities)
+         * [Privileged Tasks](#privileged-tasks)
+         * [Containers Resource Requirements](#containers-resource-requirements)
+         * [Priority Classes](#priority-classes)
+         * [Assigning AWX pods to specific nodes](#assigning-awx-pods-to-specific-nodes)
+         * [Trusting a Custom Certificate Authority](#trusting-a-custom-certificate-authority)
+         * [Enabling LDAP Integration at AWX bootstrap](#enabling-ldap-integration-at-awx-bootstrap)
+         * [Persisting Projects Directory](#persisting-projects-directory)
+         * [Custom Volume and Volume Mount Options](#custom-volume-and-volume-mount-options)
+         * [Default execution environments from private registries](#default-execution-environments-from-private-registries)
+            * [Control plane ee from private registry](#control-plane-ee-from-private-registry)
+         * [Exporting Environment Variables to Containers](#exporting-environment-variables-to-containers)
+         * [CSRF Cookie Secure Setting](#csrf-cookie-secure-setting)
+         * [Session Cookie Secure Setting](#session-cookie-secure-setting)
+         * [Extra Settings](#extra-settings)
+         * [Service Account](#service-account)
+      * [Uninstall](#uninstall)
+      * [Upgrading](#upgrading)
+         * [v0.14.0](#v0140)
+            * [Cluster-scope to Namespace-scope considerations](#cluster-scope-to-namespace-scope-considerations)
+            * [Project is now based on v1.x of the operator-sdk project](#project-is-now-based-on-v1x-of-the-operator-sdk-project)
+            * [Steps to upgrade](#steps-to-upgrade)
+   * [Contributing](#contributing)
+   * [Release Process](#release-process)
+   * [Author](#author)
 
 <!-- Created by https://github.com/ekalinin/github-markdown-toc -->
+
 <!--te-->
 
 ## Purpose
@@ -237,6 +242,34 @@ You just completed the most basic install of an AWX instance via this operator.
 For an example using the Nginx Controller in Minukube, don't miss our [demo video](https://asciinema.org/a/416946).
 
 
+### Helm Install on existing cluster
+
+For those that wish to use [Helm](https://helm.sh/) to install the awx-operator to an existing K8s cluster:
+
+```bash
+$ helm repo add awx-operator https://ansible.github.io/awx-operator/
+"awx-operator" has been added to your repositories
+
+$ helm repo update
+Hang tight while we grab the latest from your chart repositories...
+...Successfully got an update from the "awx-operator" chart repository
+Update Complete. ⎈Happy Helming!⎈
+
+$ helm search repo awx-operator
+NAME                            CHART VERSION   APP VERSION     DESCRIPTION
+awx-operator/awx-operator       0.17.1          0.17.1          A Helm chart for the AWX Operator
+
+$ helm install my-awx-operator awx-operator/awx-operator
+NAME: my-awx-operator
+LAST DEPLOYED: Thu Feb 17 22:09:05 2022
+NAMESPACE: default
+STATUS: deployed
+REVISION: 1
+TEST SUITE: None
+NOTES:
+Helm Chart 0.17.1
+```
+
 ### Admin user account configuration
 
 There are three variables that are customizable for the admin user account creation.
@@ -591,7 +624,7 @@ spec:
 
 The AWX and Postgres pods can be assigned a custom PriorityClass to rank their importance compared to other pods in your cluster, which determines which pods get evicted first if resources are running low.
 First, [create your PriorityClass](https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/#priorityclass) if needed.
-Then set the name of your priority class to the control plane and postgres pods as shown below.  
+Then set the name of your priority class to the control plane and postgres pods as shown below.
 
 ```yaml
 ---
@@ -1053,6 +1086,8 @@ If you need to do an independent release of the operator, you can run the [Stage
 
 After the draft release is created, publish it and the [Promote AWX Operator image](https://github.com/ansible/awx-operator/blob/devel/.github/workflows/promote.yaml) will run, publishing the image to Quay.
 
+The [Helm release](https://github.com/ansible/awx-operator/blob/devel/.github/workflows/helm-release.yaml) workflow will create and publish a release for every tag.
+
 ## Author
 
 This operator was originally built in 2019 by [Jeff Geerling](https://www.jeffgeerling.com) and is now maintained by the Ansible Team