From 29f097bf9e3c3a0d5f61add253d97c962efa5afe Mon Sep 17 00:00:00 2001
From: Alexander Andryashin <aandryashin@gmail.com>
Date: Tue, 5 Jul 2022 19:39:30 +0300
Subject: [PATCH 1/2] Implemented license secrets.

---
 README-license-ops.md                         |  9 ++++++++
 license-ops/Chart.yaml                        |  6 ++++++
 .../templates/cluster-role-binding.yaml       | 14 +++++++++++++
 license-ops/templates/cluster-role.yaml       | 14 +++++++++++++
 license-ops/templates/cron-job.yaml           | 21 +++++++++++++++++++
 license-ops/templates/role-binding.yaml       | 14 +++++++++++++
 license-ops/templates/role.yaml               | 13 ++++++++++++
 license-ops/templates/service-account.yaml    |  7 +++++++
 license-ops/values.yaml                       | 20 ++++++++++++++++++
 9 files changed, 118 insertions(+)
 create mode 100644 README-license-ops.md
 create mode 100644 license-ops/Chart.yaml
 create mode 100644 license-ops/templates/cluster-role-binding.yaml
 create mode 100644 license-ops/templates/cluster-role.yaml
 create mode 100644 license-ops/templates/cron-job.yaml
 create mode 100644 license-ops/templates/role-binding.yaml
 create mode 100644 license-ops/templates/role.yaml
 create mode 100644 license-ops/templates/service-account.yaml
 create mode 100644 license-ops/values.yaml

diff --git a/README-license-ops.md b/README-license-ops.md
new file mode 100644
index 0000000..fac11ca
--- /dev/null
+++ b/README-license-ops.md
@@ -0,0 +1,9 @@
+Installation from chart:
+```
+helm upgrade --install -n moon license-ops aerokube/license-ops
+```
+
+Installation from sources:
+```
+helm upgrade --install -n moon license-ops license-ops
+```
diff --git a/license-ops/Chart.yaml b/license-ops/Chart.yaml
new file mode 100644
index 0000000..01e5513
--- /dev/null
+++ b/license-ops/Chart.yaml
@@ -0,0 +1,6 @@
+apiVersion: v1
+name: license-ops
+version: 1.0.0
+appVersion: 1.0.0
+description: License Operations chart
+icon: https://aerokube.com/img/aerokube_logo.svg
diff --git a/license-ops/templates/cluster-role-binding.yaml b/license-ops/templates/cluster-role-binding.yaml
new file mode 100644
index 0000000..2471805
--- /dev/null
+++ b/license-ops/templates/cluster-role-binding.yaml
@@ -0,0 +1,14 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ .Release.Name }}
+  namespace: {{ .Release.Namespace }}
+roleRef:
+  kind: ClusterRole
+  name: {{ .Release.Name }}
+  apiGroup: rbac.authorization.k8s.io
+subjects:
+- kind: ServiceAccount
+  name: {{ .Release.Name }}
+  namespace: {{ .Release.Namespace }}
diff --git a/license-ops/templates/cluster-role.yaml b/license-ops/templates/cluster-role.yaml
new file mode 100644
index 0000000..fdb74d9
--- /dev/null
+++ b/license-ops/templates/cluster-role.yaml
@@ -0,0 +1,14 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ .Release.Name }}
+  namespace: {{ .Release.Namespace }}
+rules:
+- apiGroups:
+  - moon.aerokube.com
+  resources:
+  - licenses
+  verbs:
+  - get
+  - patch
diff --git a/license-ops/templates/cron-job.yaml b/license-ops/templates/cron-job.yaml
new file mode 100644
index 0000000..2588f51
--- /dev/null
+++ b/license-ops/templates/cron-job.yaml
@@ -0,0 +1,21 @@
+---
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  name: {{ .Release.Name }}
+  namespace: {{ .Release.Namespace }}
+spec:
+  schedule: {{ .Values.schedule | quote }}
+  concurrencyPolicy: Forbid
+  jobTemplate:
+    spec:
+      ttlSecondsAfterFinished: 0
+      template:
+        spec:
+          serviceAccountName: {{ .Release.Name }}
+          containers:
+          - name: license-ops
+            image: bitnami/kubectl:{{ .Values.version }}
+            command: ["/bin/bash", "-c"]
+            args: ["kubectl patch license {{ .Values.licenseName }} --type='json' -p=\"[{\\\"op\\\": \\\"replace\\\", \\\"path\\\": \\\"/spec/data\\\", \\\"value\\\":\\\"$(kubectl get secret {{ .Values.secretName }} -n {{ .Release.Namespace }} -o yaml -o=jsonpath='{.data.license\\.key}' | base64 -d)\\\"}]\""]
+          restartPolicy: Never
diff --git a/license-ops/templates/role-binding.yaml b/license-ops/templates/role-binding.yaml
new file mode 100644
index 0000000..c616aa0
--- /dev/null
+++ b/license-ops/templates/role-binding.yaml
@@ -0,0 +1,14 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: {{ .Release.Name }}
+  namespace: {{ .Release.Namespace }}
+roleRef:
+  kind: Role
+  name: {{ .Release.Name }}
+  apiGroup: rbac.authorization.k8s.io
+subjects:
+- kind: ServiceAccount
+  name: {{ .Release.Name }}
+  namespace: {{ .Release.Namespace }}
diff --git a/license-ops/templates/role.yaml b/license-ops/templates/role.yaml
new file mode 100644
index 0000000..0c88132
--- /dev/null
+++ b/license-ops/templates/role.yaml
@@ -0,0 +1,13 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: {{ .Release.Name }}
+  namespace: {{ .Release.Namespace }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - secrets
+  verbs:
+  - get
diff --git a/license-ops/templates/service-account.yaml b/license-ops/templates/service-account.yaml
new file mode 100644
index 0000000..4f61a9e
--- /dev/null
+++ b/license-ops/templates/service-account.yaml
@@ -0,0 +1,7 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Release.Name }}
+  namespace: {{ .Release.Namespace }}
+
diff --git a/license-ops/values.yaml b/license-ops/values.yaml
new file mode 100644
index 0000000..368ab97
--- /dev/null
+++ b/license-ops/values.yaml
@@ -0,0 +1,20 @@
+##
+## License name.
+##
+licenseName: moon
+
+##
+## Secret name.
+##
+secretName: licensekey
+
+##
+## Schedule
+##
+schedule: "* * * * *"
+
+##
+## Kubernetes version
+##
+version: 1.23
+

From 0198b11589ce055deab20c7ce9e16fa8246762f0 Mon Sep 17 00:00:00 2001
From: Alexander Andryashin <aandryashin@gmail.com>
Date: Tue, 5 Jul 2022 19:56:00 +0300
Subject: [PATCH 2/2] Add ci scripts.

---
 ci/build.sh | 1 +
 ci/test.sh  | 1 +
 2 files changed, 2 insertions(+)

diff --git a/ci/build.sh b/ci/build.sh
index 190701b..1ced521 100755
--- a/ci/build.sh
+++ b/ci/build.sh
@@ -15,6 +15,7 @@ mkdir -p "$output_dir"
 helm package moon --destination "$output_dir"
 helm package moon2 --destination "$output_dir" --version "$version"
 helm package browser-ops --destination "$output_dir" --version "$version"
+helm package license-ops --destination "$output_dir" --version "$version"
 cd "$output_dir"
 wget "$CHARTS_REPO/index.yaml" || true
 helm repo index . --url "$CHARTS_REPO" --merge index.yaml
diff --git a/ci/test.sh b/ci/test.sh
index da4685c..b4c598e 100755
--- a/ci/test.sh
+++ b/ci/test.sh
@@ -3,3 +3,4 @@
 helm lint moon
 helm lint moon2
 helm lint browser-ops
+helm lint license-ops