From 91847e8d897e85d1a767232f36ca01726eb34052 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Leon=20Steinh=C3=A4user?= <lsteinha@redhat.com>
Date: Thu, 28 Nov 2024 15:24:27 +0100
Subject: [PATCH] feat: add hcp vault deployment

---
 management_project.yaml                 |  3 ++
 ocp/deployments/helm_hcp_namespace.yaml | 14 ++++++++
 ocp/deployments/helm_hcp_vault.yaml     | 48 +++++++++++++++++++++++++
 3 files changed, 65 insertions(+)
 create mode 100644 ocp/deployments/helm_hcp_namespace.yaml
 create mode 100644 ocp/deployments/helm_hcp_vault.yaml

diff --git a/management_project.yaml b/management_project.yaml
index 69c28a5..3c612ba 100644
--- a/management_project.yaml
+++ b/management_project.yaml
@@ -23,6 +23,9 @@ spec:
   - name: in-cluster
     namespace: example-application-progressive
     server: https://kubernetes.default.svc
+  - name: in-cluster
+    namespace: hcp-operators
+    server: https://kubernetes.default.svc
   - name: in-cluster
     namespace: example-application-helm-progressive
     server: https://kubernetes.default.svc
diff --git a/ocp/deployments/helm_hcp_namespace.yaml b/ocp/deployments/helm_hcp_namespace.yaml
new file mode 100644
index 0000000..c3cf313
--- /dev/null
+++ b/ocp/deployments/helm_hcp_namespace.yaml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  annotations:
+    openshift.io/description: ""
+    openshift.io/display-name: ""
+    openshift.io/requester: kubeadmin
+    #openshift.io/sa.scc.mcs: s0:c26,c20
+    #openshift.io/sa.scc.supplemental-groups: 65535/10000
+    #openshift.io/sa.scc.uid-range: 65535/10000
+    argocd.argoproj.io/sync-wave: "-1"
+  labels:
+    argocd.argoproj.io/managed-by: openshift-gitops
+  name: hcp-operators
diff --git a/ocp/deployments/helm_hcp_vault.yaml b/ocp/deployments/helm_hcp_vault.yaml
new file mode 100644
index 0000000..3c8a1eb
--- /dev/null
+++ b/ocp/deployments/helm_hcp_vault.yaml
@@ -0,0 +1,48 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: hcp-vault
+  namespace: &ns hcp-operators
+  labels:
+    argocd.argoproj.io/sync-wave: "-1"
+spec:
+  destination:
+    namespace: *ns
+    server: https://kubernetes.default.svc
+  project: hashicorp
+  source:
+    chart: vault
+    repoURL: https://helm.releases.hashicorp.com
+    targetRevision: 0.29.1
+    helm:
+      releaseName: hcp-vault
+      valuesObject:
+        global:
+          openshift: true
+        injector:
+          image:
+            repository: "registry.connect.redhat.com/hashicorp/vault-k8s"
+            tag: "1.5.0-ubi"
+          agentImage:
+            repository: "registry.connect.redhat.com/hashicorp/vault"
+            tag: "1.18.1-ubi"
+        server:
+          image:
+            repository: "registry.connect.redhat.com/hashicorp/vault"
+            tag: "1.18.1-ubi"
+          readinessProbe:
+            path: "/v1/sys/health?uninitcode=204"
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    retry:
+      backoff:
+        duration: 5s
+        factor: 2
+        maxDuration: 3m0s
+      limit: 5
+    syncOptions:
+    - PruneLast=true
+    - ApplyOutOfSyncOnly=true
+    - ServerSideApply=true