Bump Helm Project Operator to add 1.25 support for Prometheus Federator main chart and fix Grafana templating bug

[aiyengar2]

Issue:

https://github.com/rancher/rancher/issues/39846, https://github.com/rancher/prometheus-federator/issues/33

Versioning

For Community Members or Maintainers Making Changes

Please checkmark one of the boxes below to indicate you have following the versioning guidelines for rancher-project-monitoring:

• If you are introducing a change to packages/rancher-project-monitoring or packages/rancher-project-grafana:
  • [ ] Increment the patch version in the version of packages/rancher-project-monitoring/charts/Chart.yaml by 1
• [ ] I am not introducing a change to package/rancher-project-monitoring

Note: We do not use RC versions for rancher-project-monitoring since it is hidden anyways and not intended for standalone use

Please checkmark one of the boxes below to indicate that you have followed the versioning guidelines for prometheus-federator:

• If you are introducing a change to main.go or packages/rancher-project-monitoring (including a change introduced in the above step):
  • [ ] If packages/prometheus-federator/charts/Chart.yaml has a version that is a -rc version, increment the -rc version in this file by one (i.e. 0.1.2-rc1 -> 0.1.2-rc2). Modify the appVersion to match this new version. Modify the helmProjectOperator.image.tag in packages/prometheus-federator/charts/values.yaml to match this appVersion.
  • [ ] If packages/prometheus-federator/charts/Chart.yaml has a version that is not a -rc version, increment the patch version in this file by 1 and add -rc1 (i.e. 0.1.1 -> 0.1.2-rc1). Modify the appVersion to match this new version. Modify the helmProjectOperator.image.tag in packages/prometheus-federator/charts/values.yaml to match this appVersion.
• If you are only introducing a change to packages/prometheus-federator:
  • [x] If packages/prometheus-federator/charts/Chart.yaml has a version that is a -rc version, increment the -rc version in this file by one (i.e. 0.1.2-rc1 -> 0.1.2-rc2). Do not modify the appVersion or the helmProjectOperator.image.tag in packages/prometheus-federator/charts/values.yaml.
  • [ ] If packages/prometheus-federator/charts/Chart.yaml has a version that is not a -rc version, increment the patch version by 1 in this file and add -rc1 (i.e. 0.1.1 -> 0.1.2-rc1). Do not modify the appVersion or the helmProjectOperator.image.tag in packages/prometheus-federator/charts/values.yaml.

For Maintainers Releasing The Chart On QA Validation

Please checkmark both of the boxes below to indicate that you have followed the versioning guidelines for prometheus-federator:

• [ ] The -rc tag has been removed from the version in packages/prometheus-federator/charts/Chart.yaml
• [ ] The -rc tag has been removed from the helmProjectOperator.image.tag in packages/prometheus-federator/charts/values.yaml

[aiyengar2]

Cannot validate this via CI runs until Rancher Monitoring is fixed to work in 1.25:

https://github.com/rancher/prometheus-federator/actions/runs/3715535272/jobs/6300818879

However, Prometheus Federator does not add any workloads on top of Helm Project Operator (which means no additional PSPs) and Helm Project Operator passed in a 1.25 cluster in its own PR: https://github.com/rancher/helm-project-operator/pull/27

[aiyengar2]

diff -uNr charts/prometheus-federator/0.2.0-rc1/Chart.yaml charts/prometheus-federator/0.2.0-rc2/Chart.yaml
--- charts/prometheus-federator/0.2.0-rc1/Chart.yaml    2022-12-16 09:58:20
+++ charts/prometheus-federator/0.2.0-rc2/Chart.yaml    2022-12-16 10:15:18
@@ -17,4 +17,4 @@
 description: Prometheus Federator
 icon: https://raw.githubusercontent.com/rancher/prometheus-federator/main/assets/logos/prometheus-federator.svg
 name: prometheus-federator
-version: 0.2.0-rc1
+version: 0.2.0-rc2
diff -uNr charts/prometheus-federator/0.2.0-rc1/charts/helmProjectOperator/Chart.yaml charts/prometheus-federator/0.2.0-rc2/charts/helmProjectOperator/Chart.yaml
--- charts/prometheus-federator/0.2.0-rc1/charts/helmProjectOperator/Chart.yaml 2022-12-16 09:58:20
+++ charts/prometheus-federator/0.2.0-rc2/charts/helmProjectOperator/Chart.yaml 2022-12-16 10:15:18
@@ -12,4 +12,4 @@
 appVersion: 0.0.1
 description: Helm Project Operator
 name: helmProjectOperator
-version: 0.0.2
+version: 0.0.3
diff -uNr charts/prometheus-federator/0.2.0-rc1/charts/helmProjectOperator/README.md charts/prometheus-federator/0.2.0-rc2/charts/helmProjectOperator/README.md
--- charts/prometheus-federator/0.2.0-rc1/charts/helmProjectOperator/README.md  2022-12-16 09:58:20
+++ charts/prometheus-federator/0.2.0-rc2/charts/helmProjectOperator/README.md  2022-12-16 10:15:18
@@ -38,7 +38,7 @@

 ### Helm Resources (HelmChart, HelmRelease)

-On deploying a ProjectHelmChart, the Prometheus Federator will automatically create and manage two child custom resources that manage the underlying Helm resources in turn:
+On deploying a ProjectHelmChart, the Helm Project Operator will automatically create and manage two child custom resources that manage the underlying Helm resources in turn:
 - A HelmChart CR (managed via an embedded [k3s-io/helm-contoller](https://github.com/k3s-io/helm-controller) in the operator): this custom resource automatically creates a Job in the same namespace that triggers a `helm install`, `helm upgrade`, or `helm uninstall` depending on the change applied to the HelmChart CR; this CR is automatically updated on changes to the ProjectHelmChart (e.g. modifying the values.yaml) or changes to the underlying Project definition (e.g. adding or removing namespaces from a project). 
 > **Important Note: If a ProjectHelmChart is not deploying or updating the underlying Project Monitoring Stack for some reason, the Job created by this resource in the Operator / System namespace should be the first place you check to see if there's something wrong with the Helm operation; however, this is generally only accessible by a Cluster Admin.**
 - A HelmRelease CR (managed via an embedded [rancher/helm-locker](https://github.com/rancher/helm-locker) in the operator): this custom resource automatically locks a deployed Helm release in place and automatically overwrites updates to underlying resources unless the change happens via a Helm operation (`helm install`, `helm upgrade`, or `helm uninstall` performed by the HelmChart CR).
@@ -48,7 +48,7 @@

 ### RBAC

-As described in the section on namespaces above, Prometheus Federator expects that Project Owners, Project Members, and other users in the cluster with Project-level permissions (e.g. permissions in a certain set of namespaces identified by a single label selector) have minimal permissions in any namespaces except the Project Registration Namespace (which is imported into the project by default) and those that already comprise their projects. Therefore, in order to allow Project Owners to assign specific chart permissions to other users in their Project namespaces, the Helm Project Operator will automatically watch the following bindings:
+As described in the section on namespaces above, Helm Project Operator expects that Project Owners, Project Members, and other users in the cluster with Project-level permissions (e.g. permissions in a certain set of namespaces identified by a single label selector) have minimal permissions in any namespaces except the Project Registration Namespace (which is imported into the project by default) and those that already comprise their projects. Therefore, in order to allow Project Owners to assign specific chart permissions to other users in their Project namespaces, the Helm Project Operator will automatically watch the following bindings:
 - ClusterRoleBindings
 - RoleBindings in the Project Release Namespace

diff -uNr charts/prometheus-federator/0.2.0-rc1/charts/helmProjectOperator/questions.yaml charts/prometheus-federator/0.2.0-rc2/charts/helmProjectOperator/questions.yaml
--- charts/prometheus-federator/0.2.0-rc1/charts/helmProjectOperator/questions.yaml 2022-12-16 09:58:20
+++ charts/prometheus-federator/0.2.0-rc2/charts/helmProjectOperator/questions.yaml 2022-12-16 10:15:18
@@ -1,7 +1,7 @@
 questions:
 - variable: helmController.enabled
   label: Enable Embedded Helm Controller
-  description: 'Note: If you are running Prometheus Federator in an RKE2 cluster, this should be disabled.'
+  description: 'Note: If you are running this chart in an RKE2 cluster, this should be disabled.'
   type: boolean
   group: Helm Controller
 - variable: helmLocker.enabled
diff -uNr charts/prometheus-federator/0.2.0-rc1/charts/helmProjectOperator/templates/psp.yaml charts/prometheus-federator/0.2.0-rc2/charts/helmProjectOperator/templates/psp.yaml
--- charts/prometheus-federator/0.2.0-rc1/charts/helmProjectOperator/templates/psp.yaml 2022-12-16 09:58:20
+++ charts/prometheus-federator/0.2.0-rc2/charts/helmProjectOperator/templates/psp.yaml 2022-12-16 10:15:18
@@ -1,4 +1,4 @@
-{{- if .Values.global.rbac.pspEnabled }}
+{{- if and .Values.global.rbac.pspEnabled (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicies") }}
 apiVersion: policy/v1beta1
 kind: PodSecurityPolicy
 metadata:
diff -uNr charts/prometheus-federator/0.2.0-rc1/charts/helmProjectOperator/values.yaml charts/prometheus-federator/0.2.0-rc2/charts/helmProjectOperator/values.yaml
--- charts/prometheus-federator/0.2.0-rc1/charts/helmProjectOperator/values.yaml    2022-12-16 09:58:20
+++ charts/prometheus-federator/0.2.0-rc2/charts/helmProjectOperator/values.yaml    2022-12-16 10:15:18
@@ -127,7 +127,7 @@

 image:
   repository: rancher/helm-project-operator
-  tag: v0.0.1
+  tag: v0.0.3
   pullPolicy: IfNotPresent

 helmController:
@@ -177,7 +177,7 @@
 cleanup:
   image:
     repository: rancher/shell
-    tag: v0.1.18
+    tag: v0.1.19-rc7

   nodeSelector: {}

[aiyengar2]

Note: rancher/shell will need to be un-RCed before we un-RC the Prometheus Federator chart