From 2d690a949d6d841e46133bf69bbcf86c9dd97cfe Mon Sep 17 00:00:00 2001
From: Lance Bragstad <lbragsta@redhat.com>
Date: Thu, 15 Sep 2022 13:22:10 -0500
Subject: [PATCH] Add support for deploying
 ComplianceAsCode/compliance-operator

Since the whole purpose of compserv is to parse compliance results, we
can host the compliance-operator on the same cluster to generate
results.

This commit adds a new kustomize directory for installing the
compliance-operator on the same cluster that the compliance service is
running.
---
 Makefile                                          |  6 ++++++
 kustomize/compliance-operator/kustomization.yaml  |  5 +++++
 kustomize/compliance-operator/namespace.yaml      |  4 ++++
 kustomize/compliance-operator/operator-group.yaml |  8 ++++++++
 kustomize/compliance-operator/subscription.yaml   | 11 +++++++++++
 5 files changed, 34 insertions(+)
 create mode 100644 kustomize/compliance-operator/kustomization.yaml
 create mode 100644 kustomize/compliance-operator/namespace.yaml
 create mode 100644 kustomize/compliance-operator/operator-group.yaml
 create mode 100644 kustomize/compliance-operator/subscription.yaml

diff --git a/Makefile b/Makefile
index 139ac467..cbd28489 100644
--- a/Makefile
+++ b/Makefile
@@ -96,6 +96,12 @@ deploy: $(TOOLS_DIR)/kubectl
 undeploy: $(TOOLS_DIR)/kubectl
 	$(KUBECTL) delete -k kustomize
 
+# Basic installation of ComplianceAsCode/compliance-operator so we can use the
+# same cluster for generating results for the compserv.
+.PHONY: deploy-co
+deploy-co: $(TOOLS_DIR)/kubectl
+	$(KUBECTL) apply -k kustomize/compliance-operator
+
 $(TOOLS_DIR)/kubectl: $(TOOLS_DIR)
 # Check if tools/kubectl exists - if it does then the default value provided
 # above will work.
diff --git a/kustomize/compliance-operator/kustomization.yaml b/kustomize/compliance-operator/kustomization.yaml
new file mode 100644
index 00000000..2c29fbd9
--- /dev/null
+++ b/kustomize/compliance-operator/kustomization.yaml
@@ -0,0 +1,5 @@
+namespace: openshift-compliance
+resources:
+  - namespace.yaml
+  - operator-group.yaml
+  - subscription.yaml
diff --git a/kustomize/compliance-operator/namespace.yaml b/kustomize/compliance-operator/namespace.yaml
new file mode 100644
index 00000000..beed3860
--- /dev/null
+++ b/kustomize/compliance-operator/namespace.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: openshift-compliance
diff --git a/kustomize/compliance-operator/operator-group.yaml b/kustomize/compliance-operator/operator-group.yaml
new file mode 100644
index 00000000..b824046e
--- /dev/null
+++ b/kustomize/compliance-operator/operator-group.yaml
@@ -0,0 +1,8 @@
+apiVersion: operators.coreos.com/v1
+kind: OperatorGroup
+metadata:
+  name: compliance-operator
+  namespace: openshift-compliance
+spec:
+  targetNamespaces:
+  - openshift-compliance
diff --git a/kustomize/compliance-operator/subscription.yaml b/kustomize/compliance-operator/subscription.yaml
new file mode 100644
index 00000000..54df24c9
--- /dev/null
+++ b/kustomize/compliance-operator/subscription.yaml
@@ -0,0 +1,11 @@
+apiVersion: operators.coreos.com/v1alpha1
+kind: Subscription
+metadata:
+  name: compliance-operator-sub
+  namespace: openshift-compliance
+spec:
+  channel: "release-0.1"
+  installPlanApproval: Automatic
+  name: compliance-operator
+  source: redhat-operators
+  sourceNamespace: openshift-marketplace