feat(sbom-operator): Deploy sbom operator for k8s01

apps/k8s01/sbom-operator/kustomization.yaml

+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: sbom-operator
+resources:
+  - namespace.yaml
+  - repository.yaml
+  - release.yaml
+  - secret.yaml
+  - ../../../shared/resourcequotas/default.yaml

apps/k8s01/sbom-operator/namespace.yaml

+apiVersion: v1
+kind: Namespace
+metadata:
+  name: sbom-operator
+  labels:
+    pod-security.kubernetes.io/audit: restricted
+    pod-security.kubernetes.io/enforce: restricted
+    pod-security.kubernetes.io/warn: restricted
+    pod-security.kubernetes.io/audit-version: v1.27
+    pod-security.kubernetes.io/enforce-version: v1.26
+    pod-security.kubernetes.io/warn-version: v1.27
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: flux-reconciler
+  namespace: sbom-operator
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: flux-reconciler
+  namespace: sbom-operator
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: admin
+subjects:
+  - kind: ServiceAccount
+    name: flux-reconciler
+    namespace: sbom-operator

apps/k8s01/sbom-operator/release.yaml

+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: sbom-operator
+  namespace: sbom-operator
+spec:
+  serviceAccountName: flux-reconciler
+  timeout: 5m
+  releaseName: sbom-operator
+  chart:
+    spec:
+      chart: sbom-operator
+      sourceRef:
+        kind: HelmRepository
+        name: sbom-operator
+      version: 0.29.0
+  interval: 5m
+  valuesFrom:
+    - kind: ConfigMap
+      name: sbom-operator-base-values
+      valuesKey: values.yaml
+    - kind: Secret
+      name: sbom-operator-override-values
+      valuesKey: values-overrides.yaml
+      optional: true
+  install:
+    remediation:
+      retries: -1
+  upgrade:
+    remediation:
+      retries: -1
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: sbom-operator-base-values
+  namespace: sbom-operator
+data:
+  values.yaml: |
+    resources:
+      requests:
+        cpu: 100m
+        memory: 256Mi
+      limits:
+        cpu: "1"
+        memory: "2Gi"
\ No newline at end of file

apps/k8s01/sbom-operator/repository.yaml

+apiVersion: source.toolkit.fluxcd.io/v1beta1
+kind: HelmRepository
+metadata:
+  name: sbom-operator
+  namespace: sbom-operator
+spec:
+  interval: 30m
+  url: https://ckotzbauer.github.io/helm-charts

apps/k8s01/sbom-operator/secret.yaml

+apiVersion: v1
+kind: Secret
+metadata:
+    name: sbom-operator-override-values
+    namespace: sbom-operator
+stringData:
+    values-overrides.yaml: ENC[AES256_GCM,data:NPu4ju6yTsyT2MgW9mZ9Pn77nK/11s7X6xxUDXn0dJMkRyqUTIMNskvtNMMSzIO9aKNicg0iVkyF1tynO+DQm8k+h//cQL8/1N6hiBNt+4IP3ntjL40W05Rtxyv0iNTr9MG1Yw6/3EIFoYG8+aggDAIk5qpSCn9AZXVFtprAGD1I2rTUetT73RmxLrGVr1l2+J1SFxLmFClmdPUEPTHNbv3PEuSP2skKcK0d7toyFVkbLcD1EobiZx7qZIei4stwwX+xHPIPaa4M8mXMp0c187Ac4x1wUBSjRrKEibifGNNTdagbP1hQeRqzBPwy6njJ7EvBLULZb83xKqoieniQBQ+8PMkgWU6jEaslohUXuB/RNJrdkN8ZbX+IZA7ryKp7wmeInxsZt74oHurNicChKgCdtQux/xWrza7rGYN4zmeC84JUkYkmebZDCJPh3g+cLy156E0HiGx9EGWrzZY=,iv:QcpytjvO8uliZ5opQ4OqvSRDiSQwHLu5miQvgqyOJGU=,tag:YcrkBB/xinQc8n1aihzadA==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age: []
+    lastmodified: "2023-09-27T21:30:32Z"
+    mac: ENC[AES256_GCM,data:GfPIreF44vUI21nrQc1SA+6rIZ0LhJhL8rIV5JzDRpBnCaG2a8piKb/MJ0jJ4qsyqnkpnoDGlts70LDzuEcJAPOsvDQdmiFaJ4cRtklQD8cERH9yRZGbN4qL3FxZl2RcV4D+9s1Tow3l4gCxhIcf16F/p/WYV1DhpcwAtxC8hLA=,iv:miP7IoN40+NuDXAYvREd4NO/IGi8/0d6UIIyS9G3ZTI=,tag:PN8s6gYJhmGHz/tJ/EgnIg==,type:str]
+    pgp:
+        - created_at: "2023-09-27T21:30:31Z"
+          enc: |-
+            -----BEGIN PGP MESSAGE-----
+
+            wcFMA7kpg2bgzVHcARAAr5M5ibEfvKUkkpR1TMz77VXKlaMTaUHEQ25OK1Rpe4jV
+            xcRw3OAYN/WOJsAYYyu+DZTa5X0CMTX2vIUGzaDkuTH9VFdn67A6/FamzfvGqWFR
+            lcjh8PmbT9/DpJVKuNGs+0WyP6dBbvQDVprAo9rBjvEqqhTxXLXYGy/L4ky/+6Od
+            sZNpqKvQtvmbLpvkWDs16atFXupUnRYOD3dyvd74jS6CQj3t9a20hfZ244WLNqat
+            7dtefew1F93xgYvwLik1PggH9i1BXv4CR/Uj6f0vTJ84sD3wJX43JQLnmmeEYYMg
+            rH7p/CyrfVrD1zklf/kSb6R3SOJBR+tbv6i+DUG/f/DAxOQxKZwrvDMQZUumnVUY
+            iqOA1HGa1yBSRwmM6EybCiSsDXmrIL2OiBugHGjqzOA3AzV8vmsmkvYSZwh4cCWT
+            XJAYffWD730Z5ECeoGh+DngB6vy9fEF6NyZ5xrzqJk6ITkIYwnxlZv1ZiRfipeYj
+            mg9XZbm6mOk+cgrcPMOK3VOyKDmjk6pGEEGIy0qwaWO2rBA5gUbVTtEsNOQhdKWb
+            raVhgA4MnLtSkvBgsYoRO/xc0M3KYl1Q1A2ATv2z9SzJ8qJyzhPMF/+/uq7MgEbn
+            ogTpcgsDvGMR24XGNBv/4cvZO9NgIWgs8f+smJLqnxbaCZMS7IQ7XtwQhSsL6nLS
+            UQHiogW6CIeB+i8DgTooWXz5O4xf184jZodFuC5VNN6FvaDiFZ/cKV+4goPUthP7
+            C7faolE6ilirP5+YPj63zdhSW9y55ASDPdk/cE16ijZJ0w==
+            =LB59
+            -----END PGP MESSAGE-----
+          fp: 286791FB6648539775DB31B8FCB98C2A3EC6F601
+        - created_at: "2023-09-27T21:30:31Z"
+          enc: |
+            -----BEGIN PGP MESSAGE-----
+
+            hQIMA4oYbIHZIrAPAQ/9HgKJUBNTeNvwNFaH8sJYHLv4mNkQd6vrmI2ZGx0Qra4T
+            Ze1eaRdpCTQ/1l9IREQuQr0nenpAyb9AyYVAtNXmQlT05BqZjXP5rPWWtShGVZVz
+            932gRSJ56LoKKzcJiuEx5EzLOjBfgW2LtvWV2EzgFwz9+SquUJSdcvQM3ZfLWYsO
+            xnsdPGcxJieCv0Z4T+TXO1CF9RRSxinFgB5l/66F2S8y/WVWabBEcvRpLS6aDSpg
+            0OxPfQht8qkHkb1poFnZwr2oQYXpFYYBT7jGwfi/ShmREwW+fE9zjS26VEswsQ/u
+            hsm5jDooiitIrcbZ+H5vbKXirLPBK+Bs8spqt0XJGrfIAbvtE0XDHlWhO5k/HzzH
+            dBbOc2UQpoO0/kRoQbvdOjjfrpEo3T+qKYnlwu+U+Hai8xWZw3IM19KVAQ2YL0wn
+            xPN33f2n3k0KqX/MmmiYJIX/bzbkcuPOp5fPFZGw3MDCp1FbX5cKkW/6/QiNMnLU
+            Tm1OeDTYw1SEjb1J+5UBTbL2Ofbwb7VR2svn6oBV440hIIzsGcWkmFZ1w/uU7S66
+            BM9mDG8+bZK5u3G8Umtr0+vYNSxlYIl017Iyx20xTFq/OPZ3GnuddUON0FC1bufR
+            /kHH+Q+fdLQD2nDmUKneSwn7JG03RdzQA7XT76tUN1BCOyPpwRis66W9zsHhdWbU
+            aAEJAhA587Gfs0hbJYeivufwtlr+3wP9OffI8VpcbiqIileOTEP9ap6Fxnp8S05o
+            SFZxhFP4t86wJPaGhomu3gA2kVx6QauNVt0gZaz0HZmxO4Uk8RDuI36fCpAfrSrU
+            5/ePctR+K/bu
+            =WJnd
+            -----END PGP MESSAGE-----
+          fp: B137EE1549DFAF960DD1E2B15147025FB9F09E07
+    encrypted_regex: ^(data|stringData|email|dnsZones?|dnsNames?|.*(H|h)osts?|tang|externalURL|.*-secret|.*-url|.*Secrets?|.*-domain|password|subjects|node|apiURL|.*(S|s)erverNames?|.*SecretKey|externalName)$
+    version: 3.7.3
+---
+apiVersion: v1
+kind: Secret
+metadata:
+    name: sbom-operator
+    namespace: sbom-operator
+stringData:
+    password: ENC[AES256_GCM,data:G95GN4ft1zp6zqSRzae9WrFXqIsfUDUVx9k=,iv:7Jt92nbroqOshzvE4yKTkDebA2cjAwi/DmQL1tmHZa4=,tag:yq9RQd8VEEwzU9ai8xlF6w==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age: []
+    lastmodified: "2023-09-27T21:30:32Z"
+    mac: ENC[AES256_GCM,data:GfPIreF44vUI21nrQc1SA+6rIZ0LhJhL8rIV5JzDRpBnCaG2a8piKb/MJ0jJ4qsyqnkpnoDGlts70LDzuEcJAPOsvDQdmiFaJ4cRtklQD8cERH9yRZGbN4qL3FxZl2RcV4D+9s1Tow3l4gCxhIcf16F/p/WYV1DhpcwAtxC8hLA=,iv:miP7IoN40+NuDXAYvREd4NO/IGi8/0d6UIIyS9G3ZTI=,tag:PN8s6gYJhmGHz/tJ/EgnIg==,type:str]
+    pgp:
+        - created_at: "2023-09-27T21:30:31Z"
+          enc: |-
+            -----BEGIN PGP MESSAGE-----
+
+            wcFMA7kpg2bgzVHcARAAr5M5ibEfvKUkkpR1TMz77VXKlaMTaUHEQ25OK1Rpe4jV
+            xcRw3OAYN/WOJsAYYyu+DZTa5X0CMTX2vIUGzaDkuTH9VFdn67A6/FamzfvGqWFR
+            lcjh8PmbT9/DpJVKuNGs+0WyP6dBbvQDVprAo9rBjvEqqhTxXLXYGy/L4ky/+6Od
+            sZNpqKvQtvmbLpvkWDs16atFXupUnRYOD3dyvd74jS6CQj3t9a20hfZ244WLNqat
+            7dtefew1F93xgYvwLik1PggH9i1BXv4CR/Uj6f0vTJ84sD3wJX43JQLnmmeEYYMg
+            rH7p/CyrfVrD1zklf/kSb6R3SOJBR+tbv6i+DUG/f/DAxOQxKZwrvDMQZUumnVUY
+            iqOA1HGa1yBSRwmM6EybCiSsDXmrIL2OiBugHGjqzOA3AzV8vmsmkvYSZwh4cCWT
+            XJAYffWD730Z5ECeoGh+DngB6vy9fEF6NyZ5xrzqJk6ITkIYwnxlZv1ZiRfipeYj
+            mg9XZbm6mOk+cgrcPMOK3VOyKDmjk6pGEEGIy0qwaWO2rBA5gUbVTtEsNOQhdKWb
+            raVhgA4MnLtSkvBgsYoRO/xc0M3KYl1Q1A2ATv2z9SzJ8qJyzhPMF/+/uq7MgEbn
+            ogTpcgsDvGMR24XGNBv/4cvZO9NgIWgs8f+smJLqnxbaCZMS7IQ7XtwQhSsL6nLS
+            UQHiogW6CIeB+i8DgTooWXz5O4xf184jZodFuC5VNN6FvaDiFZ/cKV+4goPUthP7
+            C7faolE6ilirP5+YPj63zdhSW9y55ASDPdk/cE16ijZJ0w==
+            =LB59
+            -----END PGP MESSAGE-----
+          fp: 286791FB6648539775DB31B8FCB98C2A3EC6F601
+        - created_at: "2023-09-27T21:30:31Z"
+          enc: |
+            -----BEGIN PGP MESSAGE-----
+
+            hQIMA4oYbIHZIrAPAQ/9HgKJUBNTeNvwNFaH8sJYHLv4mNkQd6vrmI2ZGx0Qra4T
+            Ze1eaRdpCTQ/1l9IREQuQr0nenpAyb9AyYVAtNXmQlT05BqZjXP5rPWWtShGVZVz
+            932gRSJ56LoKKzcJiuEx5EzLOjBfgW2LtvWV2EzgFwz9+SquUJSdcvQM3ZfLWYsO
+            xnsdPGcxJieCv0Z4T+TXO1CF9RRSxinFgB5l/66F2S8y/WVWabBEcvRpLS6aDSpg
+            0OxPfQht8qkHkb1poFnZwr2oQYXpFYYBT7jGwfi/ShmREwW+fE9zjS26VEswsQ/u
+            hsm5jDooiitIrcbZ+H5vbKXirLPBK+Bs8spqt0XJGrfIAbvtE0XDHlWhO5k/HzzH
+            dBbOc2UQpoO0/kRoQbvdOjjfrpEo3T+qKYnlwu+U+Hai8xWZw3IM19KVAQ2YL0wn
+            xPN33f2n3k0KqX/MmmiYJIX/bzbkcuPOp5fPFZGw3MDCp1FbX5cKkW/6/QiNMnLU
+            Tm1OeDTYw1SEjb1J+5UBTbL2Ofbwb7VR2svn6oBV440hIIzsGcWkmFZ1w/uU7S66
+            BM9mDG8+bZK5u3G8Umtr0+vYNSxlYIl017Iyx20xTFq/OPZ3GnuddUON0FC1bufR
+            /kHH+Q+fdLQD2nDmUKneSwn7JG03RdzQA7XT76tUN1BCOyPpwRis66W9zsHhdWbU
+            aAEJAhA587Gfs0hbJYeivufwtlr+3wP9OffI8VpcbiqIileOTEP9ap6Fxnp8S05o
+            SFZxhFP4t86wJPaGhomu3gA2kVx6QauNVt0gZaz0HZmxO4Uk8RDuI36fCpAfrSrU
+            5/ePctR+K/bu
+            =WJnd
+            -----END PGP MESSAGE-----
+          fp: B137EE1549DFAF960DD1E2B15147025FB9F09E07
+    encrypted_regex: ^(data|stringData|email|dnsZones?|dnsNames?|.*(H|h)osts?|tang|externalURL|.*-secret|.*-url|.*Secrets?|.*-domain|password|subjects|node|apiURL|.*(S|s)erverNames?|.*SecretKey|externalName)$
+    version: 3.7.3