feat(cloudnativepg_operator): migrate internal manifests

manifests/cloudnativepg-operator/.gitignore

@@ -0,0 +1 @@
+base/Namespace**

manifests/cloudnativepg-operator/README.md

@@ -0,0 +1,45 @@
+# CloudnativePG Operator Kustomize
+
+
+## Upgrading manifests
+
+1. Fetch new release manifest
+
+    - Navigate to repository https://github.com/cloudnative-pg/cloudnative-pg
+
+    - Go To `releases` directory
+
+    - Change the branch to the desired tag _Tag sgould match the desired release_
+
+    - click on the file that matches the release version
+
+    - copy the permalink raw URL
+
+        Keep a copy of this url so it can be added to the commit message. Doing this will allow validity checking if required.
+
+1. split the manifest
+
+    From the apps dir `manifests/<app name>` run:
+
+    ``` bash
+
+    docker run -ti \
+      -e "KUBECTL_SLICE_INPUT_FILE=<Raw URL of manifest>" \
+      -e "KUBECTL_SLICE_OUTPUT_DIR=base/" \
+      -v manifests/cloudnativepg-operator:/workdir \
+      --rm \
+      nofusscomputing/kubernetes-manifest-tools:latest
+
+    ```
+
+1. update the Base kustomization
+
+    From the apps dir `manifests/<app name>` run:
+
+    ``` bash
+
+    ansible-playbook ../../../../other/kubernetes-manifest-tools/collection/playbooks/update-kustomize.yaml \
+      --extra-vars "namespace=operators" \
+      --extra-vars "manifest_dir=${PWD}/base"
+
+    ```

manifests/cloudnativepg-operator/base/ClusterRole-cnpg-database-editor-role.yaml

@@ -0,0 +1,27 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: cloudnative-pg-kubebuilderv4
+  name: cnpg-database-editor-role
+rules:
+  - apiGroups:
+      - postgresql.cnpg.io
+    resources:
+      - databases
+    verbs:
+      - create
+      - delete
+      - get
+      - list
+      - patch
+      - update
+      - watch
+  - apiGroups:
+      - postgresql.cnpg.io
+    resources:
+      - databases/status
+    verbs:
+      - get

manifests/cloudnativepg-operator/base/ClusterRole-cnpg-database-viewer-role.yaml

@@ -0,0 +1,23 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: cloudnative-pg-kubebuilderv4
+  name: cnpg-database-viewer-role
+rules:
+  - apiGroups:
+      - postgresql.cnpg.io
+    resources:
+      - databases
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+      - postgresql.cnpg.io
+    resources:
+      - databases/status
+    verbs:
+      - get

manifests/cloudnativepg-operator/base/ClusterRole-cnpg-manager.yaml

@@ -0,0 +1,214 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: cnpg-manager
+rules:
+  - apiGroups:
+      - ''
+    resources:
+      - configmaps
+      - secrets
+      - services
+    verbs:
+      - create
+      - delete
+      - get
+      - list
+      - patch
+      - update
+      - watch
+  - apiGroups:
+      - ''
+    resources:
+      - configmaps/status
+      - secrets/status
+    verbs:
+      - get
+      - patch
+      - update
+  - apiGroups:
+      - ''
+    resources:
+      - events
+    verbs:
+      - create
+      - patch
+  - apiGroups:
+      - ''
+    resources:
+      - nodes
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+      - ''
+    resources:
+      - persistentvolumeclaims
+      - pods
+      - pods/exec
+    verbs:
+      - create
+      - delete
+      - get
+      - list
+      - patch
+      - watch
+  - apiGroups:
+      - ''
+    resources:
+      - pods/status
+    verbs:
+      - get
+  - apiGroups:
+      - ''
+    resources:
+      - serviceaccounts
+    verbs:
+      - create
+      - get
+      - list
+      - patch
+      - update
+      - watch
+  - apiGroups:
+      - admissionregistration.k8s.io
+    resources:
+      - mutatingwebhookconfigurations
+      - validatingwebhookconfigurations
+    verbs:
+      - get
+      - patch
+  - apiGroups:
+      - apps
+    resources:
+      - deployments
+    verbs:
+      - create
+      - delete
+      - get
+      - list
+      - patch
+      - update
+      - watch
+  - apiGroups:
+      - batch
+    resources:
+      - jobs
+    verbs:
+      - create
+      - delete
+      - get
+      - list
+      - patch
+      - watch
+  - apiGroups:
+      - coordination.k8s.io
+    resources:
+      - leases
+    verbs:
+      - create
+      - get
+      - update
+  - apiGroups:
+      - monitoring.coreos.com
+    resources:
+      - podmonitors
+    verbs:
+      - create
+      - delete
+      - get
+      - list
+      - patch
+      - watch
+  - apiGroups:
+      - policy
+    resources:
+      - poddisruptionbudgets
+    verbs:
+      - create
+      - delete
+      - get
+      - list
+      - patch
+      - update
+      - watch
+  - apiGroups:
+      - postgresql.cnpg.io
+    resources:
+      - backups
+      - clusters
+      - databases
+      - poolers
+      - publications
+      - scheduledbackups
+      - subscriptions
+    verbs:
+      - create
+      - delete
+      - get
+      - list
+      - patch
+      - update
+      - watch
+  - apiGroups:
+      - postgresql.cnpg.io
+    resources:
+      - backups/status
+      - databases/status
+      - publications/status
+      - scheduledbackups/status
+      - subscriptions/status
+    verbs:
+      - get
+      - patch
+      - update
+  - apiGroups:
+      - postgresql.cnpg.io
+    resources:
+      - clusterimagecatalogs
+      - imagecatalogs
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+      - postgresql.cnpg.io
+    resources:
+      - clusters/finalizers
+      - poolers/finalizers
+    verbs:
+      - update
+  - apiGroups:
+      - postgresql.cnpg.io
+    resources:
+      - clusters/status
+      - poolers/status
+    verbs:
+      - get
+      - patch
+      - update
+      - watch
+  - apiGroups:
+      - rbac.authorization.k8s.io
+    resources:
+      - rolebindings
+      - roles
+    verbs:
+      - create
+      - get
+      - list
+      - patch
+      - update
+      - watch
+  - apiGroups:
+      - snapshot.storage.k8s.io
+    resources:
+      - volumesnapshots
+    verbs:
+      - create
+      - get
+      - list
+      - patch
+      - watch

manifests/cloudnativepg-operator/base/ClusterRole-cnpg-publication-editor-role.yaml

@@ -0,0 +1,27 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: cloudnative-pg-kubebuilderv4
+  name: cnpg-publication-editor-role
+rules:
+  - apiGroups:
+      - postgresql.cnpg.io
+    resources:
+      - publications
+    verbs:
+      - create
+      - delete
+      - get
+      - list
+      - patch
+      - update
+      - watch
+  - apiGroups:
+      - postgresql.cnpg.io
+    resources:
+      - publications/status
+    verbs:
+      - get

manifests/cloudnativepg-operator/base/ClusterRole-cnpg-publication-viewer-role.yaml

@@ -0,0 +1,23 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: cloudnative-pg-kubebuilderv4
+  name: cnpg-publication-viewer-role
+rules:
+  - apiGroups:
+      - postgresql.cnpg.io
+    resources:
+      - publications
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+      - postgresql.cnpg.io
+    resources:
+      - publications/status
+    verbs:
+      - get

manifests/cloudnativepg-operator/base/ClusterRole-cnpg-subscription-editor-role.yaml

@@ -0,0 +1,27 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/name: cloudnative-pg-kubebuilderv4
+  name: cnpg-subscription-editor-role
+rules:
+  - apiGroups:
+      - postgresql.cnpg.io
+    resources:
+      - subscriptions
+    verbs:
+      - create
+      - delete
+      - get
+      - list
+      - patch
+      - update
+      - watch
+  - apiGroups:
+      - postgresql.cnpg.io
+    resources:
+      - subscriptions/status
+    verbs:
+      - get