adding airflow helm operator (#2872)

Signed-off-by: Sid Kattoju <skattoju@redhat.com>

operators/airflow-helm-operator/0.0.1/manifests/airflow-helm-create-user-job_ServiceAccount.yml

@@ -0,0 +1,30 @@
+---
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+###########################################
+## Airflow Create User Job ServiceAccount
+###########################################
+kind: ServiceAccount
+apiVersion: v1
+metadata:
+  name: airflow-helm-create-user-job
+  labels:
+    tier: airflow
+    component: create-user-job
+    release: airflow-helm
+    chart: "airflow-1.8.0"
+    heritage: Helm

operators/airflow-helm-operator/0.0.1/manifests/airflow-helm-migrate-database-job_ServiceAccount.yml

@@ -0,0 +1,30 @@
+---
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#############################################
+## Airflow Migrate Database Job ServiceAccount
+##############################################
+kind: ServiceAccount
+apiVersion: v1
+metadata:
+  name: airflow-helm-migrate-database-job
+  labels:
+    tier: airflow
+    component: run-airflow-migrations
+    release: airflow-helm
+    chart: "airflow-1.8.0"
+    heritage: Helm

operators/airflow-helm-operator/0.0.1/manifests/airflow-helm-operator-controller-manager-metrics-service_v1_service.yaml

@@ -0,0 +1,23 @@
+apiVersion: v1
+kind: Service
+metadata:
+  creationTimestamp: null
+  labels:
+    app.kubernetes.io/component: kube-rbac-proxy
+    app.kubernetes.io/created-by: airflow-helm-operator
+    app.kubernetes.io/instance: controller-manager-metrics-service
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: service
+    app.kubernetes.io/part-of: airflow-helm-operator
+    control-plane: controller-manager
+  name: airflow-helm-operator-controller-manager-metrics-service
+spec:
+  ports:
+  - name: https
+    port: 8443
+    protocol: TCP
+    targetPort: https
+  selector:
+    control-plane: controller-manager
+status:
+  loadBalancer: {}

operators/airflow-helm-operator/0.0.1/manifests/airflow-helm-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml

@@ -0,0 +1,17 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  creationTimestamp: null
+  labels:
+    app.kubernetes.io/component: kube-rbac-proxy
+    app.kubernetes.io/created-by: airflow-helm-operator
+    app.kubernetes.io/instance: metrics-reader
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: clusterrole
+    app.kubernetes.io/part-of: airflow-helm-operator
+  name: airflow-helm-operator-metrics-reader
+rules:
+- nonResourceURLs:
+  - /metrics
+  verbs:
+  - get

operators/airflow-helm-operator/0.0.1/manifests/airflow-helm-pod-launcher-role_Role.yml

@@ -0,0 +1,60 @@
+---
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+################################
+## Airflow Pod Launcher Role
+#################################
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: airflow-helm-pod-launcher-role
+  labels:
+    tier: airflow
+    release: airflow-helm
+    chart: "airflow-1.8.0"
+    heritage: Helm
+rules:
+  - apiGroups:
+      - ""
+    resources:
+      - "pods"
+    verbs:
+      - "create"
+      - "list"
+      - "get"
+      - "patch"
+      - "watch"
+      - "delete"
+  - apiGroups:
+      - ""
+    resources:
+      - "pods/log"
+    verbs:
+      - "get"
+  - apiGroups:
+      - ""
+    resources:
+      - "pods/exec"
+    verbs:
+      - "create"
+      - "get"
+  - apiGroups:
+      - ""
+    resources:
+      - "events"
+    verbs:
+      - "list"

operators/airflow-helm-operator/0.0.1/manifests/airflow-helm-pod-launcher-rolebinding_RoleBinding.yml

@@ -0,0 +1,37 @@
+---
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+################################
+## Airflow Pod Launcher Role Binding
+#################################
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: airflow-helm-pod-launcher-rolebinding
+  labels:
+    tier: airflow
+    release: airflow-helm
+    chart: "airflow-1.8.0"
+    heritage: Helm
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: airflow-helm-pod-launcher-role
+subjects:
+  - kind: ServiceAccount
+    name: airflow-helm-worker
+    namespace: "airflow-helm"

operators/airflow-helm-operator/0.0.1/manifests/airflow-helm-pod-log-reader-role_Role.yml

@@ -0,0 +1,29 @@
+---
+################################
+## Airflow Pod Reader Role
+#################################
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: airflow-helm-pod-log-reader-role
+  labels:
+    tier: airflow
+    release: airflow-helm
+    chart: "airflow-1.8.0"
+    heritage: Helm
+rules:
+  - apiGroups:
+      - ""
+    resources:
+      - "pods"
+    verbs:
+      - "list"
+      - "get"
+      - "watch"
+  - apiGroups:
+      - ""
+    resources:
+      - "pods/log"
+    verbs:
+      - "get"
+      - "list"

operators/airflow-helm-operator/0.0.1/manifests/airflow-helm-pod-log-reader-rolebinding_RoleBinding.yml

@@ -0,0 +1,40 @@
+---
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+################################
+## Airflow Pod Reader Role Binding
+#################################
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: airflow-helm-pod-log-reader-rolebinding
+  labels:
+    tier: airflow
+    release: airflow-helm
+    chart: "airflow-1.8.0"
+    heritage: Helm
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: airflow-helm-pod-log-reader-role
+subjects:
+  - kind: ServiceAccount
+    name: airflow-helm-webserver
+    namespace: "airflow-helm"
+  - kind: ServiceAccount
+    name: airflow-helm-triggerer
+    namespace: "airflow-helm"

operators/airflow-helm-operator/0.0.1/manifests/airflow-helm-postgresql_Role.yml

@@ -0,0 +1,37 @@
+---
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: airflow-helm-postgresql
+  labels:
+    release: airflow-helm
+    helm.sh/chart: postgresql-12.1.9
+    app.kubernetes.io/name: postgresql
+    app.kubernetes.io/instance: airflow-helm
+    app.kubernetes.io/managed-by: Helm
+# yamllint disable rule:indentation
+rules:
+  - apiGroups:
+      - security.openshift.io
+    resourceNames:
+      - anyuid
+    resources:
+      - securitycontextconstraints
+    verbs:
+      - use

operators/airflow-helm-operator/0.0.1/manifests/airflow-helm-postgresql_RoleBinding.yml

@@ -0,0 +1,35 @@
+---
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: airflow-helm-postgresql
+  labels:
+    release: airflow-helm
+    helm.sh/chart: postgresql-12.1.9
+    app.kubernetes.io/name: postgresql
+    app.kubernetes.io/instance: airflow-helm
+    app.kubernetes.io/managed-by: Helm
+roleRef:
+  kind: Role
+  name: airflow-helm-postgresql
+  apiGroup: rbac.authorization.k8s.io
+subjects:
+  - kind: ServiceAccount
+    name: airflow-helm-postgresql
+    namespace: "airflow-helm"

operators/airflow-helm-operator/0.0.1/manifests/airflow-helm-postgresql_ServiceAccount.yml

@@ -0,0 +1,29 @@
+---
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: airflow-helm-postgresql
+  labels:
+    release: airflow-helm
+    helm.sh/chart: postgresql-12.1.9
+    app.kubernetes.io/name: postgresql
+    app.kubernetes.io/instance: airflow-helm
+    app.kubernetes.io/managed-by: Helm
+  annotations:
+automountServiceAccountToken: true