Base copy of OPA gatekeeper helm chart

charts/rancher-gatekeeper-operator/v3.1.0-beta.700/.helmignore

+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj

charts/rancher-gatekeeper-operator/v3.1.0-beta.700/Chart.yaml

+apiVersion: v1
+description: A Helm chart for Gatekeeper
+name: gatekeeper-operator
+keywords:
+  - open policy agent
+version: v3.1.0-beta.7
+home: https://github.com/open-policy-agent/gatekeeper
+sources:
+  - https://github.com/open-policy-agent/gatekeeper.git
+appVersion: v3.1.0-beta.7

charts/rancher-gatekeeper-operator/v3.1.0-beta.700/generate_helm_template.sh

+#!/bin/bash
+scriptdir="$(dirname "$0")"
+cd "$scriptdir"
+cp ./../../deploy/gatekeeper.yaml ${PWD}/helm-modifications/_temp.yaml
+kustomize build helm-modifications -o templates/gatekeeper.yaml
+sed -i -E "s/HELMSUBST_DEPLOYMENT_CONTAINER_RESOURCES/\
+\n{{ toYaml .Values.resources | indent 10 }}/" templates/gatekeeper.yaml
+sed -i -E "s/HELMSUBST_DEPLOYMENT_POD_SCHEDULING/\
+\n{{ toYaml .Values.nodeSelector | indent 8 }}\
+\n      affinity:\
+\n{{ toYaml .Values.affinity | indent 8 }}\
+\n      tolerations:\
+\n{{ toYaml .Values.tolerations | indent 8 }}/" templates/gatekeeper.yaml
+sed -i "s/HELMSUBST_DEPLOYMENT_REPLICAS/{{ .Values.replicas }}/g" templates/gatekeeper.yaml
+rm ./helm-modifications/_temp.yaml
+echo "Helm template created under '$PWD/templates'"

charts/rancher-gatekeeper-operator/v3.1.0-beta.700/helm-modifications/helm-modifications.yaml

+apiVersion: v1
+kind: Service
+metadata:
+  name: gatekeeper-webhook-service
+  namespace: gatekeeper-system
+spec:
+  selector:
+    app: GATEKEEPER_APP_LABEL
+---
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: configs.config.gatekeeper.sh
+  annotations:
+    helm.sh/hook: crd-install
+    helm.sh/hook-delete-policy: before-hook-creation
+status: null
+spec:
+  names:
+    shortNames:
+      - config # add shortName to CRD until https://github.com/kubernetes-sigs/kubebuilder/issues/404 is solved
+---
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: constrainttemplates.templates.gatekeeper.sh
+  annotations:
+    helm.sh/hook: crd-install
+    helm.sh/hook-delete-policy: before-hook-creation
+status: null
+spec:
+  names:
+    shortNames:
+      - constraints # add shortName to CRD until https://github.com/kubernetes-sigs/kubebuilder/issues/404 is solved
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: gatekeeper-controller-manager
+  namespace: gatekeeper-system
+spec:
+  replicas: HELMSUBST_DEPLOYMENT_REPLICAS
+  selector:
+    matchLabels:
+      app: gatekeeper-operator
+      release: RELEASE_NAME
+  template:
+    spec:
+      containers:
+        - name: manager
+          args:
+            - --audit-interval={{ .Values.auditInterval }}
+            - --port=8443
+            - --logtostderr
+            - --constraint-violations-limit={{ .Values.constraintViolationsLimit }}
+            - --audit-from-cache={{ .Values.auditFromCache }}
+            - --exempt-namespace=gatekeeper-system
+          imagePullPolicy: "{{ .Values.image.pullPolicy }}"
+          image: "{{ .Values.image.repository }}:{{ .Values.image.release }}"
+          resources: HELMSUBST_DEPLOYMENT_CONTAINER_RESOURCES
+      nodeSelector: HELMSUBST_DEPLOYMENT_POD_SCHEDULING

charts/rancher-gatekeeper-operator/v3.1.0-beta.700/helm-modifications/kustomization.yaml

+commonLabels:
+  app: '{{ template "gatekeeper-operator.name" . }}'
+  chart: '{{ template "gatekeeper-operator.name" . }}'
+  release: '{{ .Release.Name }}'
+  heritage: '{{ .Release.Service }}'
+resources:
+  - _temp.yaml
+patchesStrategicMerge:
+  - helm-modifications.yaml

charts/rancher-gatekeeper-operator/v3.1.0-beta.700/templates/_helpers.tpl

+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "gatekeeper-operator.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "gatekeeper-operator.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "gatekeeper-operator.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Common labels
+*/}}
+{{- define "gatekeeper-operator.labels" -}}
+app.kubernetes.io/name: {{ include "gatekeeper-operator.name" . }}
+helm.sh/chart: {{ include "gatekeeper-operator.chart" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end -}}

charts/rancher-gatekeeper-operator/v3.1.0-beta.700/values.yaml

+replicas: 1
+auditInterval: 60
+constraintViolationsLimit: 20
+auditFromCache: false
+image:
+  repository: quay.io/open-policy-agent/gatekeeper
+  release: v3.1.0-beta.7
+  pullPolicy: IfNotPresent
+nodeSelector: {}
+tolerations: []
+resources:
+  limits:
+    cpu: 1000m
+    memory: 512Mi
+  requests:
+    cpu: 100m
+    memory: 256Mi