operator ibm-security-verify-access-operator (25.4.0)

Author: lachlan-ibm

operators/ibm-security-verify-access-operator/25.4.0/manifests/ibm-security-verify-access-operator.clusterserviceversion.yaml

@@ -0,0 +1,276 @@
+apiVersion: operators.coreos.com/v1alpha1
+kind: ClusterServiceVersion
+metadata:
+  annotations:
+    alm-examples: |-
+      [
+        {
+          "apiVersion": "ibm.com/v1",
+          "kind": "IBMSecurityVerifyAccess",
+          "metadata": {
+            "name": "ivia-sample"
+          },
+          "spec": {
+            "image": "icr.io/ivia/ivia-wrp:11.0.0.0",
+            "instance": "default"
+          }
+        }
+      ]
+    capabilities: Seamless Upgrades
+    categories: Security
+    certified: "false"
+    containerImage: icr.io/isva/verify-access-operator:25.4.0
+    createdAt: "2025-05-01T01:27:17Z"
+    description: The IBM Verify Identity Access Operator manages the lifecycle of
+      IBM Verify Identity Access worker containers.
+    operators.operatorframework.io/builder: operator-sdk-v1.39.2
+    operators.operatorframework.io/project_layout: go.kubebuilder.io/v4
+    repository: https://github.com/IBM-Security/verify-access-operator
+    support: IBM
+  name: ibm-security-verify-access-operator.v25.4.0
+  namespace: placeholder
+spec:
+  apiservicedefinitions: {}
+  customresourcedefinitions:
+    owned:
+    - description: IBMSecurityVerifyAccess is the Schema for the ibmsecurityverifyaccesses
+        API.
+      displayName: IBMSecurity Verify Access
+      kind: IBMSecurityVerifyAccess
+      name: ibmsecurityverifyaccesses.ibm.com
+      resources:
+      - kind: Deployment
+        name: ""
+        version: v1
+      specDescriptors:
+      - description: The name of the IBM Security Verify Access image to be used.
+        displayName: Image
+        path: image
+        x-descriptors:
+        - urn:alm:descriptor:com.tectonic.ui:text
+      - description: The name of the Verify Access instance which is being deployed.  This
+          value is only used for WRP and DSC deployments and is ignored for Runtime
+          deployments.
+        displayName: Instance
+        path: instance
+        x-descriptors:
+        - urn:alm:descriptor:com.tectonic.ui:text
+      - description: The number of pods which will be started for the deployment.
+        displayName: Replicas
+        path: replicas
+        x-descriptors:
+        - urn:alm:descriptor:com.tectonic.ui:number
+      - description: A boolean flag which indicates whether the deployment should
+          be automatically restarted when a new snapshot is published.
+        displayName: Auto Restart
+        path: autoRestart
+        x-descriptors:
+        - urn:alm:descriptor:com.tectonic.ui:booleanSwitch
+      statusDescriptors:
+      - description: The list of status conditions associated with the custom resource.
+        displayName: Conditions
+        path: conditions
+        x-descriptors:
+        - urn:alm:descriptor:io.kubernetes.conditions
+      version: v1
+  description: |+
+    In a world of highly fragmented access management environments, [IBM Verify Identity Access](https://www.ibm.com/au-en/products/verify-access) helps you simplify your users' access while more securely adopting web, mobile and cloud technologies. This solution helps you strike a balance between usability and security through the use of risk-based access, single sign-on, integrated access management control, identity federation and its mobile multi-factor authentication capability, IBM Verify. Take back control of your access management with IBM Verify Identity Access.
+
+    The IBM Verify Identity Access operator provides lifecycle management of the lightweight containers which are used to protect an environment, namely:
+    * [Web Reverse Proxy](https://www.ibm.com/docs/en/sva/latest?topic=support-docker-image-verify-access-web-reverse-proxy)
+    * [Runtime](https://www.ibm.com/docs/en/sva/latest?topic=support-docker-image-verify-access-runtime)
+    * [Distributed Session Cache](https://www.ibm.com/docs/en/sva/latest?topic=support-docker-image-verify-access-distributed-session-cache)
+
+    The operator will manage the deployment of these lightweight IBM Verify Identity Access worker containers, and also control the rolling restart of these containers when a configuration snapshot is updated.
+
+    See the project [Readme](https://github.com/IBM-Security/verify-access-operator/blob/master/README.md) for further information and details.
+
+  displayName: IBM Verify Identity Access Operator
+  icon:
+  - base64data: iVBORw0KGgoAAAANSUhEUgAAAKAAAACgCAQAAAAhxq+mAAAABGdBTUEAALGPC/xhBQAAACBjSFJNAAB6JgAAgIQAAPoAAACA6AAAdTAAAOpgAAA6mAAAF3CculE8AAAAAmJLR0QA/4ePzL8AAAAHdElNRQfkAQYXFCksf3+UAAAMEElEQVR42u2ce3RUxRnAf7shT5JAwjvySIKCEKyICgkqCLYKiGBQq6eCini0qBWOeny02sfpMaBWlP6DQm2PwPFUK68KBDiAFTShPJUQIDwEEkASCQnkzSbZ/pHL7N27d3fv3t3sTZf5zT+TzHxzZ76dO49vvjsgkUgkEolEIpFIJBKJRCKRSCQSiUQikUgkEolEIpFIJBKJJNKwWfz8KNK4iQySucw5DnCI+pBLRCx2sphPEVU046SVek6zhgdICqFEBBPDDA7SilMTLvER6SGSiGA68QI/eaiiLbSwlmtDIBHRPEi5F2U4cdLKMlKDlggLUZaoL533GaTEmyliFRspJobu2AGwMYhS9gQlEdHMoVnpORfJI4NoIJoM8rgo+lQBPYOSiGAS2ao0uZk84lUp8eQJRVVzfxASEc0NnFKa/B2ZmrRMvhM96k9BSIQNe/gfST8SlVgBZZq0MgpV+eJMS4QNKxSYQCclVolDk+bgvE6+wCXChhUKrKdZiXUjWpMWTXedfIFLhA0rFFhGrRIbTT9NWj9yRPw0jaYlwoYVCjzBcSU2jKc0c+pTDFPiF9kXhESE476qywx4HWhEIkxYY85K53NuVeLNFFPIebqTQ5aYBBqZw+KgJCKchwLe2QYuEdH4tq2sC9gas+5qs8Z4t+7VsJiMEElEOHaG8TYHqKJFZV9+0KdFOlCJdsf6M5FrVCccRYbORAKVkEgkEkk7Eb5JxE5vrmWn3+2+jWhSyaAv3UkiFmiihp84w0kqceD0Ix/HSI5xjtbwNCs89rNEbmACU9jIDp/5ujGUUdzGYLqSSJwwXTlooI5qSihgBwep9FFGK5OYwJfkU0RNeJTYnnSiPzNZwY84ucAkr/miyGQuGznvY7vWFirZyFwyfZwnTuICTs6xkifpH34Ta+hIZBzzKaJBafpWr7vVTF7nAJf9Ku9KuEwxv/W6+0gVR1ANHOAdxv//uX7EcB1Ps45zqkY386Ju3iRmsFMYq4yHZnYyw4tqXnQrr5x8nmEQsVarxRjJ3MNCDuHQNPgkWTq5M/iQmoCV59oFf6jbD7M4qcnpoIS/MoEulu+9fBBDFs+zxcs4tsTjxMzGKL4y0ffc++FXjPJQShxLvIyfW3mBYR2vL9rpxmSWcIQWLw3VO/S+i6KglHclFHGXR9n3U+3V9HWUvzFFOIVYTjTDeZntKtO6XviWbhq5sRSHRH1OnBQzVlN6Nwp8SlziG15hBDFWqs5OH6axjB90XsNGDrKCCvH3axrZEewLmfqcONnHCM0TXhNp5azgII06ffEEy3mAtGD6otlVUiw/YyITudHtjAzASTUFrCOf0UxQ/lfKJk2uLqxhDf52FUaxAV00/9vEs8oRaGdWUMAkJjGarqrx0k466UyjiPXksz9cR6J2BvAIn1Om2+++ZwFjSAESWC7+v9xDze1PvOr5y0gAUhjDAr7X6YvNlPEvfkV6+46LNhLJYR67dKtQziqeIEP8wsM5raTV8nDY1QfwMLVKDU5zo2hDBk+wknKdn7+JPbzNaJLaY6ljI5OZrNJ9cCO7mEc2iW4PfkPk3E1vSxTYm93i5/2dW1sSyfbSEVqoYA2zGBi6vmgjhbG876Xrl/IZjzDA43FpbBe5fm/RgsHOH0QdttHHI3UAj/AZpR5LfidN7Gch40gNti/aSedZ1lGlcxZWTyFvcouXRekU6pR8ZSrflXCTQ5lSizqm6OaI5RbepJB6j/a1Uk0+z5Fh/ufvz6vs1+13x1lKLn28Fh3N30XuLyyYQK4QzwpRj489/LquYCeNXC/LsSaKeI0BgT86msls1ynwItt4ieFeK9PGMH4QFZhumfoAptOk1OS47l5c3WJvG4JmtjPZT4s1JPKyhyNFC0dYzGS6GejSL4lx5Tszv14IGSAcgB1erEFq2raki3W2pOW8LLxk/ZLMW2IB0BbOs5nnyTK48enJFiE5z6IPKa4QxXxRl830MCTTZhTZrDGK1PIWyZ6ZPWeZOF7hdZXlpJzVrGQHlwxX+h6+UH6tcn7JNlVKPNO5JmT7Dz1snGE5Dar/jOFzegFQywMeOyLvJJNDLlNVS7AG8viL//3K41wQWnewjnEBOm5H8aGQX0tnt7SeHA7Bvtd3OKzxEuzMWpG2KMD3IY47WauylF9ghj+RG1U2kno+MLEEHsIhof4nNWm9KW13BZZ61HmWmAwPcX3A7enFe2JJ5qSIG3xlTuAjVe9719RZwmxR3SKu06T14Wy7K/Csx5J5kLA7OphtokWJzBNzuZNFvpZldwoPvFb+qfJ+N05XNohHLfSYr61RYBQLRWo+XU20KpWlYitR4WF7VD3I1f9KxPY7MMaJEfQC4z1SrVEg3KWq1Z2m2jWUA6o+qOoY6j5yHXcosVY+Yb+Jx9iZSooS38VeU1VtD/awS4mlMNXU1uwg/6BFiY9Re8OqCxvBQCV2jNWYWWwMFL2uhTVUW6cxDdX8WzR/vMfXdsb4ksOilSrrt0uBnRguFsqFHDX1kNsZosSO8R+rtKXLVxxTYkO53VQJx/lWicVyk2s55FJgPEOV2GV2enyRZoQEcsURwdeUWKowLSV8rcQ6kUuCiRJaVI5RQ1wluM5EYumrxOo5ZKqSN4svOWpZJV4ZNbW8R5KpwcEoNmrEZ2HuzV/No8qyfiQj+MZE2YeoVzYV/Yj1dFzqLb7JrRAvYiDYyRPz1JYO+O14T+Ex4+QtUxPJQOGqctK1WHcVZBMGm1aaTBTfj4lKrJl8KqzWlwcV5Iu3YoJ42wKhSfgcRrtsCC4FOoXa7KbGiNvFGFrGBouVpc8GSpVYFreZkI8X2mpyDUMuBTqE22IMaQEXHkeumMM72gRyhcPCMhRLrolv2/uIFqo++3YpsEn8Pgl+bLd6DGekEqtntak5vP1xsFp8U5JtYqeVJd7MUtcg51JgPcVKLJqRAf4+dn4hPoTeK1b9HY+d4ovifvw8wBO3GEaJA7Ri18c9LgW2sk/8O0eMZ8bozVQl1sImzlqtJ6+cZZOYCKYGaKobLMbNOvbpu7Cnqy4QmR/QRP9rcXZ3huFWa8knN3FGqWkDzwQgZ+OPwh6zz9s5j413hQJPMcZw4dezV8gttfAQ0wgJLBN13c1gw3LZHBdy76hffvdx4FZWihXSZmaJacUXXVggLM+VPMZ6H3mTeDoMO5HFPj9vuJelwtn9Y17iooFS01jMvUq8jGns9pYxhnfEgV4Ly3Usa1qSyRNe+E4+8bOCtMoeqKazqg82kGfA6t6DJcLK3sLbvs8mB7JDFO/gC4b4nKvSWKhyiijhFj9V6QgKhFs5KnLX84HPVa+NgSxXGfQLhcnPK/epGtnKXmZ4uC62EcdENqocc6qZ6Xfi6RgKtDNL5UHtYBMTvYzciTxEocov6Cz3+VMfRPOc6mDTySXWM5PBpCiWmyiSyWQan6oceJ3U8aaBtWPHUCDE8UfVSZuTCj5lGpkkK3a+KLpwLY+ymipVrkpmezp46L2gsczmDTencAdnOMApqoAk+pJFhptXVh0LeNfAl2l92GOgecHxIzfzo99cSbzKXLdT6yZOUMxpLgFd6M8w+ruNdpX8mUVcNlaJWB7jmOHf/DRzDPqNdJQeCJDIXOFD6z8cZUZgX5fYyWaljtecNjSwmbsNn/d3JAVCJ+5mi477njbUsYJRZiyIqTzBFrexwj00UsBv6BnAntIazwTv2OjFCxSqZlltqGULj/u60sdf43uRzQRy6EUy8dgAJ43U8BO7WU8BZwhkWdyTbQGs/s1xhDsCMufa6MttTORmepBEHDaglQZqOEchG9jhuzQjvSeKVAaTTk86A/Wc5xQlnDdhtLLCO8sY0fRgEOl0Jx4ndVRwkhKqdE92JBKJRCKRSCQSSbBYdQnIOMZCyPYkNmAbWy1qiyWMUJ3khSJ43pkQ8YxVuW0HG4q9e85HMuPZHxL16d0bc1XQfjcXXUVksKgd7s66qkhiOv/VubfAf9/zfnvbVUdGSO8PvCqJIpM5bAjJDZZhpWMNv6kMJZvRDCaFzsRr7lCt4oiBO1TDTMdSYFuN2m7xvYYemlt8T3DBwC2+EolEIpFIJBKJRCKRSCQSiUQikUgkEolEIpFIJBKJRCKRSCRB8j/lg3vQkTaFgwAAACV0RVh0ZGF0ZTpjcmVhdGUAMjAyMC0wMS0wNlQyMzoyMDo0MS0wNTowME+diI0AAAAldEVYdGRhdGU6bW9kaWZ5ADIwMjAtMDEtMDZUMjM6MjA6NDEtMDU6MDA+wDAxAAAAAElFTkSuQmCC
+    mediatype: image/png
+  install:
+    spec:
+      clusterPermissions:
+      - rules:
+        - apiGroups:
+          - ""
+          resources:
+          - pods
+          verbs:
+          - get
+          - list
+          - watch
+        - apiGroups:
+          - ""
+          resources:
+          - secrets
+          verbs:
+          - create
+          - delete
+          - get
+          - list
+          - patch
+          - update
+          - watch
+        - apiGroups:
+          - apps
+          resources:
+          - deployments
+          verbs:
+          - create
+          - delete
+          - get
+          - list
+          - patch
+          - update
+          - watch
+        - apiGroups:
+          - ibm.com
+          resources:
+          - ibmsecurityverifyaccesses
+          verbs:
+          - create
+          - delete
+          - get
+          - list
+          - patch
+          - update
+          - watch
+        - apiGroups:
+          - ibm.com
+          resources:
+          - ibmsecurityverifyaccesses/finalizers
+          verbs:
+          - update
+        - apiGroups:
+          - ibm.com
+          resources:
+          - ibmsecurityverifyaccesses/status
+          verbs:
+          - get
+          - patch
+          - update
+        - apiGroups:
+          - authentication.k8s.io
+          resources:
+          - tokenreviews
+          verbs:
+          - create
+        - apiGroups:
+          - authorization.k8s.io
+          resources:
+          - subjectaccessreviews
+          verbs:
+          - create
+        serviceAccountName: verify-access-operator-controller-manager
+      deployments:
+      - label:
+          control-plane: controller-manager
+        name: verify-access-operator-controller-manager
+        spec:
+          replicas: 1
+          selector:
+            matchLabels:
+              control-plane: controller-manager
+          strategy: {}
+          template:
+            metadata:
+              labels:
+                control-plane: controller-manager
+            spec:
+              containers:
+              - args:
+                - --metrics-bind-address=:8443
+                - --leader-elect
+                command:
+                - /manager
+                image: icr.io/isva/verify-access-operator:25.4.0
+                livenessProbe:
+                  httpGet:
+                    path: /healthz
+                    port: 8081
+                  initialDelaySeconds: 15
+                  periodSeconds: 20
+                name: manager
+                readinessProbe:
+                  httpGet:
+                    path: /readyz
+                    port: 8081
+                  initialDelaySeconds: 5
+                  periodSeconds: 10
+                resources:
+                  limits:
+                    cpu: 400m
+                    memory: 500Mi
+                  requests:
+                    cpu: 100m
+                    memory: 20Mi
+                securityContext:
+                  allowPrivilegeEscalation: false
+              securityContext:
+                runAsNonRoot: true
+              serviceAccountName: verify-access-operator-controller-manager
+              terminationGracePeriodSeconds: 10
+      permissions:
+      - rules:
+        - apiGroups:
+          - ""
+          resources:
+          - configmaps
+          verbs:
+          - get
+          - list
+          - watch
+          - create
+          - update
+          - patch
+          - delete
+        - apiGroups:
+          - coordination.k8s.io
+          resources:
+          - leases
+          verbs:
+          - get
+          - list
+          - watch
+          - create
+          - update
+          - patch
+          - delete
+        - apiGroups:
+          - ""
+          resources:
+          - events
+          verbs:
+          - create
+          - patch
+        serviceAccountName: verify-access-operator-controller-manager
+    strategy: deployment
+  installModes:
+  - supported: false
+    type: OwnNamespace
+  - supported: false
+    type: SingleNamespace
+  - supported: false
+    type: MultiNamespace
+  - supported: true
+    type: AllNamespaces
+  keywords:
+  - identity and access
+  - security
+  links:
+  - name: Verify Identity Access Product Information
+    url: https://www.ibm.com/au-en/products/verify-access
+  - name: Verify Identity Access Documentation
+    url: https://www.ibm.com/docs/en/sva
+  maintainers:
+  - email: [email protected]
+    name: Verify Identity Access Development Team
+  maturity: stable
+  minKubeVersion: 1.17.0
+  provider:
+    name: IBM
+    url: https://www.ibm.com
+  version: 25.4.0
+  replaces: ibm-security-verify-access-operator.v24.12.0