{{- if and .Values.manila .Values.manila.enabled }}
{{- range .Values.manila.protocols }}
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: {{ $.Values.cluster.name }}-manila-{{ .name | lower }}
  labels:
    cluster: {{ $.Values.cluster.name | quote }}
    app: manila
  namespace: {{ $.Values.cluster.namespace | default "argocd" | quote }}
  annotations:
  {{- toYaml $.Values.notifications | nindent 4 }}
spec:
  project: {{ $.Values.cluster.name }}
  destination:
    server: {{ $.Values.cluster.url }}
    namespace: csi-manila
  syncPolicy:
    {{- if $.Values.sync }}
    automated:
      prune: true
      selfHeal: true
      allowEmpty: false
    {{- end }}
    syncOptions:
      - CreateNamespace=true
    managedNamespaceMetadata:
      labels:
        pod-security.kubernetes.io/enforce: privileged
        pod-security.kubernetes.io/audit: privileged
        pod-security.kubernetes.io/warn: privileged
  source:
    repoURL: https://kubernetes.github.io/cloud-provider-openstack
    chart: openstack-manila-csi
    targetRevision: {{ $.Values.manila.version | quote }}
    helm:
      version: v3
      releaseName: manila-csi-{{ .name | lower }}
      values: |
        nameOverride: manila-csi-{{ .name | lower }}
        shareProtocols:
          - protocolSelector: {{ .name | upper }}
            fsGroupPolicy: {{ .fsGroupPolicy | quote }}
            fwdNodePluginEndpoint:
              dir: /var/lib/kubelet/plugins/cephfs.csi.ceph.com
              sockFile: csi.sock
  ignoreDifferences:
    - group: rbac.authorization.k8s.io
      kind: ClusterRole
      jsonPointers:
        - /rules
{{ if .name | lower | eq "nfs" }}
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: {{ $.Values.cluster.name }}-manila-nfs-csi
  labels:
    cluster: {{ $.Values.cluster.name | quote }}
    app: manila
  namespace: {{ $.Values.cluster.namespace | default "argocd" | quote }}
  annotations:
  {{- toYaml $.Values.notifications | nindent 4 }}
spec:
  project: {{ $.Values.cluster.name }}
  destination:
    server: {{ $.Values.cluster.url }}
    namespace: csi-manila
  syncPolicy:
    {{- if $.Values.sync }}
    automated:
      prune: true
      selfHeal: true
      allowEmpty: false
    {{- end }}
    syncOptions:
      - CreateNamespace=true
    managedNamespaceMetadata:
      labels:
        pod-security.kubernetes.io/enforce: privileged
        pod-security.kubernetes.io/audit: privileged
        pod-security.kubernetes.io/warn: privileged
  source:
    repoURL: https://raw.githubusercontent.com/kubernetes-csi/csi-driver-nfs/master/charts
    chart: csi-driver-nfs
    targetRevision: {{ .csiVersion | default "*" | quote }}
    helm:
      version: v3
      releaseName: csi-driver-nfs
{{- end }}
{{ if .name | lower | eq "cephfs" }}
---
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: {{ $.Values.cluster.name }}-manila-cephfs-csi
  labels:
    cluster: {{ $.Values.cluster.name | quote }}
    app: manila
  namespace: {{ $.Values.cluster.namespace | default "argocd" | quote }}
  annotations:
  {{- toYaml $.Values.notifications | nindent 4 }}
spec:
  project: {{ $.Values.cluster.name }}
  destination:
    server: {{ $.Values.cluster.url }}
    namespace: csi-manila
  syncPolicy:
    {{- if $.Values.sync }}
    automated:
      prune: true
      selfHeal: true
      allowEmpty: false
    {{- end }}
    syncOptions:
      - CreateNamespace=true
    managedNamespaceMetadata:
      labels:
        pod-security.kubernetes.io/enforce: privileged
        pod-security.kubernetes.io/audit: privileged
        pod-security.kubernetes.io/warn: privileged
  source:
    repoURL: https://ceph.github.io/csi-charts
    chart: ceph-csi-cephfs
    targetRevision: {{ .csiVersion | default "*" | quote }}
    helm:
      version: v3
      releaseName: ceph-csi-cephfs
      values: |
        provisioner:
          replicaCount: 1
  ignoreDifferences:
    - group: storage.k8s.io
      kind: CSIDriver
      jsonPointers:
        - /spec/seLinuxMount
{{- end }}
---
{{- end }}
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: {{ $.Values.cluster.name }}-manila-raw
  labels:
    cluster: {{ .Values.cluster.name | quote }}
    app: manila
  namespace: {{ .Values.cluster.namespace | default "argocd" | quote }}
  annotations:
    {{- toYaml .Values.notifications | nindent 4 }}
spec:
  project: {{ .Values.cluster.name }}
  destination:
    server: {{ .Values.cluster.url }}
    namespace: csi-manila
  syncPolicy:
    {{- if .Values.sync }}
    automated:
      prune: true
      selfHeal: true
      allowEmpty: false
    {{- end }}
  source:
    repoURL: https://bedag.github.io/helm-charts/
    chart: raw
    targetRevision: {{ .Values.raw.version | quote }}
    helm:
      version: v3
      releaseName: raw
      values: |
        resources:
          - apiVersion: v1
            kind: Secret
            metadata:
              name: csi-manila-secrets
              namespace: csi-manila
            stringData:
              os-authURL: {{ .Values.openstack.auth_url | quote }}
              os-region: {{ .Values.openstack.region | quote }}
              os-applicationCredentialID: {{ .Values.openstack.credential_id | quote }}
              os-applicationCredentialSecret: {{ .Values.openstack.credential_secret | quote }}
{{- range .Values.manila.protocols }}
{{- if .storageClass }}
          - apiVersion: storage.k8s.io/v1
            kind: StorageClass
            metadata:
              name: csi-manila-{{ .name | lower }}
            provisioner: {{ .name | lower }}.manila.csi.openstack.org
            allowVolumeExpansion: true
            parameters:
              # Manila share type
              type: {{ .type | quote }}
              csi.storage.k8s.io/provisioner-secret-name: csi-manila-secrets
              csi.storage.k8s.io/provisioner-secret-namespace: csi-manila
              csi.storage.k8s.io/controller-expand-secret-name: csi-manila-secrets
              csi.storage.k8s.io/controller-expand-secret-namespace: csi-manila
              csi.storage.k8s.io/node-stage-secret-name: csi-manila-secrets
              csi.storage.k8s.io/node-stage-secret-namespace: csi-manila
              csi.storage.k8s.io/node-publish-secret-name: csi-manila-secrets
              csi.storage.k8s.io/node-publish-secret-namespace: csi-manila
{{- end }}
{{- end }}
{{- end }}