Add Helm chart for installing Tekton Operator

Signed-off-by: Jack Henschel <jackdev@mailbox.org>

.yamllint

@@ -1,6 +1,7 @@
 ignore: |
   /vendor
   test/**/**
+  /chart/templates/**
 
 rules:
   braces: enable

chart/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

chart/Chart.yaml

@@ -0,0 +1,13 @@
+apiVersion: v2
+name: tekton-operator
+description: A Helm chart to deploy the Tekton Operator and its CRDs
+type: application
+version: 0.1.0
+# corresponds to the version of tekton-operator
+# https://github.com/tektoncd/operator/releases
+appVersion: "v0.57.0"
+maintainers:
+  - name: Jack Henschel
+    email: jack.henschel@cern.ch
+sources:
+  - https://github.com/tektoncd/operator

chart/README.md

@@ -0,0 +1,65 @@
+# Tekton Operator Helm Chart
+
+This Helm chart installs the [Tekton Operator](https://tekton.dev/docs/operator/) into your Kubernetes (v1.16+) or Openshift cluster (v4.3+).
+
+## TL;DR
+
+```sh
+git clone https://github.com/tektoncd/operator.git
+helm install tekton-operator \
+  -n tekton-operator \
+  --create-namespace \
+  --set installCRDs=true \
+  ./operator/chart
+
+# or install the Openshift flavor:
+helm install tekton-operator \
+  -n openshift-operators \
+  --set openshift.enabled=true \
+  --set installCRDs=true \
+  ./operator/chart
+```
+
+## Introduction
+
+The Tekton operator is installed into the `tekton-operator` namespace for Kubernetes clusters and into `openshift-operators` for Openshift clusters (`openshift.enabled=true`).
+
+The Tekton Custom Resource Definitions (CRDs) can either be installed manually (the recommended approach, see the [Tekton Operator Releases page](https://github.com/tektoncd/operator/releases)) or as part of the Helm chart (`installCRDs=true`).
+Installing the CRDs as part of the Helm chart is not recommended for production setups, since uninstalling the Helm chart will also uninstall the CRDs and subsequently delete any remaining CRs.
+The CRDs allow you to configure individual parts of your Tekton setup:
+
+* [`TektonConfig`](https://tekton.dev/docs/operator/tektonconfig/)
+* [`TektonPipeline`](https://tekton.dev/docs/operator/tektonpipeline/)
+* [`TektonTrigger`](https://tekton.dev/docs/operator/tektontrigger/)
+* [`TektonDashboard`](https://tekton.dev/docs/operator/tektondashboard/)
+* [`TektonResult`](https://tekton.dev/docs/operator/tektonresult/)
+* [`TektonAddon`](https://tekton.dev/docs/operator/tektonaddon/)
+
+After the installation of the Tekton-operater chart, you can start inject the Custom Resources (CRs) into your cluster.
+The Tekton operator will then automatically start installing the components.
+Please see the documentation of each CR for details.
+
+## Uninstalling
+
+Before removing the Tekton operator from your cluster, you should first make sure that there are no instances of resources managed by the operator left:
+
+```sh
+kubectl get TektonConfig,TektonPipeline,TektonDashboard,TektonInstallerSet,TektonResults,TektonTrigger,TektonAddon --all-namespaces
+```
+
+Now you can use Helm to uninstall the Tekton operator:
+
+```sh
+# for Kubernetes:
+helm uninstall --namespace tekton-operator tekton-operator --wait
+kubectl delete namespace tekton-operator
+# for Openshift:
+helm uninstall --namespace openshift-operators --wait
+```
+
+**Important:** if you installed the CRDs with the Helm chart (by setting `installCRDs=true`), the CRDs will be removed as well: this means any remaining Tekton resources (e.g. Tekton Pipelines) in the cluster will be deleted!
+
+If you installed the CRDs manually, you can use the following command to remove them (*this will remove all Tekton resources from your cluster*):
+```
+kubectl delete crd TektonConfig TektonPipeline TektonDashboard TektonInstallerSet TektonResults TektonTrigger TektonAddon --ignore-not-found
+```

chart/templates/_helpers.tpl

@@ -0,0 +1,132 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "tekton-operator.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "tekton-operator.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "tekton-operator.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "tekton-operator.labels" -}}
+helm.sh/chart: {{ include "tekton-operator.chart" . }}
+app.kubernetes.io/name: {{ include "tekton-operator.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels for operator component
+*/}}
+{{- define "tekton-operator.operator.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "tekton-operator.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+app.kubernetes.io/component: operator
+{{- end }}
+
+{{/*
+Selector labels for webhook component
+*/}}
+{{- define "tekton-operator.webhook.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "tekton-operator.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+app.kubernetes.io/component: webhook
+{{- end }}
+
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "tekton-operator.serviceAccountName" -}}
+{{- if .Values.rbac.create }}
+{{- default (include "tekton-operator.fullname" .) .Values.rbac.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+{{- define "tekton-operator.operator-name" -}}
+{{- if .Values.operator.operatorName -}}
+{{- .Values.operator.operatorName -}}
+{{- else -}}
+{{- if .Values.openshift.enabled -}}
+redhat-openshift-pipelines-operator
+{{- else -}}
+tekton-operator
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "tekton-operator.operator-image" -}}
+{{- $tag := default .Chart.AppVersion .Values.operator.image.tag -}}
+{{- $image := "" -}}
+{{- if .Values.operator.image.repository -}}
+  {{- $image = .Values.operator.image.repository }}
+{{- else -}}
+{{- if .Values.openshift.enabled -}}
+  {{- $image = "gcr.io/tekton-releases/github.com/tektoncd/operator/cmd/openshift/operator" -}}
+{{- else -}}
+  {{- $image = "gcr.io/tekton-releases/github.com/tektoncd/operator/cmd/kubernetes/operator" -}}
+{{- end -}}
+{{- end -}}
+{{- printf "%s:%s" $image $tag -}}
+{{- end -}}
+
+{{- define "tekton-operator.webhook-image" -}}
+{{- $tag := default .Chart.AppVersion .Values.webhook.image.tag -}}
+{{- $image := "" -}}
+{{- if .Values.webhook.image.repository -}}
+  {{- $image = .Values.webhook.image.repository }}
+{{- else -}}
+{{- if .Values.openshift.enabled -}}
+  {{- $image = "gcr.io/tekton-releases/github.com/tektoncd/operator/cmd/openshift/webhook" -}}
+{{- else -}}
+  {{- $image = "gcr.io/tekton-releases/github.com/tektoncd/operator/cmd/kubernetes/webhook" -}}
+{{- end -}}
+{{- end -}}
+{{- printf "%s:%s" $image $tag -}}
+{{- end -}}
+
+
+{{- define "tekton-operator.webhook-proxy-image" -}}
+{{- $tag := default .Chart.AppVersion .Values.webhookProxy.image.tag -}}
+{{- $image := "" -}}
+{{- if .Values.webhookProxy.image.repository -}}
+  {{- $image = .Values.webhookProxy.image.repository }}
+{{- else -}}
+{{- if .Values.openshift.enabled -}}
+  {{- $image = "gcr.io/tekton-releases/github.com/tektoncd/operator/cmd/openshift/proxy-webhook" -}}
+{{- else -}}
+  {{- $image = "gcr.io/tekton-releases/github.com/tektoncd/operator/cmd/kubernetes/proxy-webhook" -}}
+{{- end -}}
+{{- end -}}
+{{- printf "%s:%s" $image $tag -}}
+{{- end -}}

chart/templates/config.yaml

@@ -0,0 +1,110 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "tekton-operator.fullname" . }}-config-logging
+  labels:
+    {{- include "tekton-operator.labels" . | nindent 4 }}
+data:
+  _example: |
+    ################################
+    #                              #
+    #    EXAMPLE CONFIGURATION     #
+    #                              #
+    ################################
+
+    # This block is not actually functional configuration,
+    # but serves to illustrate the available configuration
+    # options and document them in a way that is accessible
+    # to users that `kubectl edit` this config map.
+    #
+    # These sample configuration options may be copied out of
+    # this example block and unindented to be in the data block
+    # to actually change the configuration.
+
+    # Common configuration for all Knative codebase
+    zap-logger-config: |
+      {
+        "level": "info",
+        "development": false,
+        "outputPaths": ["stdout"],
+        "errorOutputPaths": ["stderr"],
+        "encoding": "json",
+        "encoderConfig": {
+          "timeKey": "ts",
+          "levelKey": "level",
+          "nameKey": "logger",
+          "callerKey": "caller",
+          "messageKey": "msg",
+          "stacktraceKey": "stacktrace",
+          "lineEnding": "",
+          "levelEncoder": "",
+          "timeEncoder": "iso8601",
+          "durationEncoder": "",
+          "callerEncoder": ""
+        }
+      }
+  loglevel.controller: {{ .Values.operator.logLevel }}
+  loglevel.webhook: {{ .Values.webhook.logLevel }}
+  zap-logger-config: |
+    {
+      "level": "debug",
+      "development": true,
+      "sampling": {
+        "initial": 100,
+        "thereafter": 100
+      },
+      "outputPaths": ["stdout"],
+      "errorOutputPaths": ["stderr"],
+      "encoding": "json",
+      "encoderConfig": {
+        "timeKey": "",
+        "levelKey": "level",
+        "nameKey": "logger",
+        "callerKey": "caller",
+        "messageKey": "msg",
+        "stacktraceKey": "stacktrace",
+        "lineEnding": "",
+        "levelEncoder": "",
+        "timeEncoder": "",
+        "durationEncoder": "",
+        "callerEncoder": ""
+      }
+    }
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "tekton-operator.fullname" . }}-observability
+  labels:
+    {{- include "tekton-operator.labels" . | nindent 4 }}
+data:
+  _example: |
+    ################################
+    #                              #
+    #    EXAMPLE CONFIGURATION     #
+    #                              #
+    ################################
+    # This block is not actually functional configuration,
+    # but serves to illustrate the available configuration
+    # options and document them in a way that is accessible
+    # to users that `kubectl edit` this config map.
+    #
+    # These sample configuration options may be copied out of
+    # this example block and unindented to be in the data block
+    # to actually change the configuration.
+    # metrics.backend-destination field specifies the system metrics destination.
+    # It supports either prometheus (the default) or stackdriver.
+    # Note: Using Stackdriver will incur additional charges.
+    metrics.backend-destination: prometheus
+    # metrics.stackdriver-project-id field specifies the Stackdriver project ID. This
+    # field is optional. When running on GCE, application default credentials will be
+    # used and metrics will be sent to the cluster's project if this field is
+    # not provided.
+    metrics.stackdriver-project-id: "<your stackdriver project id>"
+    # metrics.allow-stackdriver-custom-metrics indicates whether it is allowed
+    # to send metrics to Stackdriver using "global" resource type and custom
+    # metric type. Setting this flag to "true" could cause extra Stackdriver
+    # charge.  If metrics.backend-destination is not Stackdriver, this is
+    # ignored.
+    metrics.allow-stackdriver-custom-metrics: "false"