Use CAPI capability of Flux's HelmRelease to install apps into target…

… cluster

templates/aws-standalone-cp/README.md

@@ -0,0 +1,11 @@
+## Install applications into Target Cluster
+
+To install applications into the target cluster created using Cluster API (CAPI) upon creation, a Flux `HelmRelease` object is to be made such that its `.spec.KubeConfig` references the kubeconfig of the target cluster.
+
+**Reference:** https://fluxcd.io/flux/components/helm/helmreleases/#remote-clusters--cluster-api
+
+This chart/template already defines the following applications under `templates/apps` to be installed into the target cluster:
+1. cert-manager
+2. nginx-ingress
+
+**Important:** The Flux objects added to `templates/apps` to install custom applications must have the `hmc.mirantis.com/managed: "true"` label to be reconciled by HMC.

templates/aws-standalone-cp/templates/apps/cert-manager.yaml

@@ -0,0 +1,40 @@
+apiVersion: source.toolkit.fluxcd.io/v1
+kind: HelmRepository
+metadata:
+  name: cert-manager
+  labels:
+    hmc.mirantis.com/managed: "true"
+spec:
+  interval: 24h
+  url: https://charts.jetstack.io
+---
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+  name: {{ include "cluster.name" . }}-cert-manager
+  labels:
+    hmc.mirantis.com/managed: "true"
+spec:
+  chart:
+    metadata:
+      labels:
+        hmc.mirantis.com/managed: "true"
+    spec:
+      chart: cert-manager
+      version: ">=v1.12.3"
+      sourceRef:
+        kind: HelmRepository
+        name: cert-manager
+  install:
+    createNamespace: true
+    remediation:
+      retries: -1
+  interval: 10m
+  kubeConfig:
+    secretRef:
+      name: {{ include "cluster.name" . }}-kubeconfig
+  releaseName: cert-manager
+  targetNamespace: cert-manager
+  storageNamespace: cert-manager
+  values:
+    installCRDs: true

templates/aws-standalone-cp/templates/apps/nginx-ingress.yaml

@@ -0,0 +1,34 @@
+apiVersion: source.toolkit.fluxcd.io/v1beta2
+kind: OCIRepository
+metadata:
+  name: nginx-ingress
+  labels:
+    hmc.mirantis.com/managed: "true"
+spec:
+  interval: 24h
+  url: oci://ghcr.io/nginxinc/charts/nginx-ingress
+  ref:
+    semver: "1.3.2"
+---
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+  name: {{ include "cluster.name" . }}-nginx-ingress
+  labels:
+    hmc.mirantis.com/managed: "true"
+spec:
+  targetNamespace: nginx-ingress
+  storageNamespace: nginx-ingress
+  kubeConfig:
+    secretRef:
+      name: {{ include "cluster.name" . }}-kubeconfig
+  interval: 10m
+  chartRef:
+    kind: OCIRepository
+    name: nginx-ingress
+  install:
+    createNamespace: true
+    remediation:
+      retries: -1
+  values:
+    fullnameOverride: nginx-ingress