andata
/
rancher-charts
mirror of https://git.rancher.io/charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

(dev-v2.6-archive) Update rancher-grafana to new base ad033c2, upstream chart grafana 6.16.14 

(partially cherry picked from commit 30644dfd51)
pull/1680/head
Jiaqi Luo 2021-10-12 21:06:41 -07:00 committed by Arvind Iyengar
parent 2689cab038
commit 3870f4ba4a
No known key found for this signature in database
GPG Key ID: A8DD9BFD6C811498
12 changed files with 27 additions and 509 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
packages/rancher-grafana/generated-changes/patch/Chart.yaml.patch
View File

@ -9,10 +9,9 @@
+ catalog.cattle.io/os: linux
apiVersion: v2
-name: grafana
-version: 6.11.0
-appVersion: 7.5.5
+name: rancher-grafana
+version: 6.16.14
version: 6.16.14
-appVersion: 8.2.1
+appVersion: 7.5.11
kubeVersion: '^1.8.0-0'
description: The leading tool for querying and visualizing time series and metrics.

73
packages/rancher-grafana/generated-changes/patch/README.md.patch
View File

@ -4,79 +4,10 @@
| `securityContext` | Deployment securityContext | `{"runAsUser": 472, "runAsGroup": 472, "fsGroup": 472}` |
| `priorityClassName` | Name of Priority Class to assign pods | `nil` |
| `image.repository` | Image repository | `grafana/grafana` |
-| `image.tag` | Image tag (`Must be >= 5.0.0`) | `7.4.5` |
-| `image.sha` | Image sha (optional) | `2b56f6106ddc376bb46d974230d530754bf65a640dfbc5245191d72d3b49efc6` |
-| `image.tag` | Image tag (`Must be >= 5.0.0`) | `8.0.3` |
-| `image.sha` | Image sha (optional) | `80c6d6ac633ba5ab3f722976fb1d9a138f87ca6a9934fcd26a5fc28cbde7dbfa` |
+| `image.tag` | Image tag (`Must be >= 5.0.0`) | `7.5.11` |
+| `image.sha` | Image sha (optional) | `` |
| `image.pullPolicy` | Image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Image pull secrets | `{}` |
| `service.enabled` | Enable grafana service | `true` |
@@ -90,7 +90,7 @@
| `tolerations` | Toleration labels for pod assignment | `[]` |
| `affinity` | Affinity settings for pod assignment | `{}` |
| `extraInitContainers` | Init containers to add to the grafana pod | `{}` |
-| `extraContainers` | Sidecar containers to add to the grafana pod | `{}` |
+| `extraContainers` | Sidecar containers to add to the grafana pod | `""` |
| `extraContainerVolumes` | Volumes that can be mounted in sidecar containers | `[]` |
| `extraLabels` | Custom labels for all manifests | `{}` |
| `schedulerName` | Name of the k8s scheduler (other than default) | `nil` |
@@ -116,6 +116,7 @@
| `envValueFrom` | Environment variables from alternate sources. See the API docs on [EnvVarSource](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.17/#envvarsource-v1-core) for format details. | `{}` |
| `envFromSecret` | Name of a Kubernetes secret (must be manually created in the same namespace) containing values to be added to the environment. Can be templated | `""` |
| `envRenderSecret` | Sensible environment variables passed to pods and stored as secret | `{}` |
+| `enableServiceLinks` | Inject Kubernetes services as environment variables. | `true` |
| `extraSecretMounts` | Additional grafana server secret mounts | `[]` |
| `extraVolumeMounts` | Additional grafana server volume mounts | `[]` |
| `extraConfigmapMounts` | Additional grafana server configMap volume mounts | `[]` |
@@ -136,7 +137,7 @@
| `podLabels` | Pod labels | `{}` |
| `podPortName` | Name of the grafana port on the pod | `grafana` |
| `sidecar.image.repository` | Sidecar image repository | `quay.io/kiwigrid/k8s-sidecar` |
-| `sidecar.image.tag` | Sidecar image tag | `1.10.7` |
+| `sidecar.image.tag` | Sidecar image tag | `1.12.3` |
| `sidecar.image.sha` | Sidecar image sha (optional) | `""` |
| `sidecar.imagePullPolicy` | Sidecar image pull policy | `IfNotPresent` |
| `sidecar.resources` | Sidecar resources | `{}` |
@@ -157,16 +158,16 @@
| `sidecar.dashboards.folder` | Folder in the pod that should hold the collected dashboards (unless `sidecar.dashboards.defaultFolderName` is set). This path will be mounted. | `/tmp/dashboards` |
| `sidecar.dashboards.folderAnnotation` | The annotation the sidecar will look for in configmaps to override the destination folder for files | `nil` |
| `sidecar.dashboards.defaultFolderName` | The default folder name, it will create a subfolder under the `sidecar.dashboards.folder` and put dashboards in there instead | `nil` |
-| `sidecar.dashboards.searchNamespace` | If specified, the sidecar will search for dashboard config-maps inside this namespace. Otherwise the namespace in which the sidecar is running will be used. It's also possible to specify ALL to search in all namespaces | `nil` |
+| `sidecar.dashboards.searchNamespace` | Namespaces list. If specified, the sidecar will search for dashboards config-maps inside these namespaces.Otherwise the namespace in which the sidecar is running will be used.It's also possible to specify ALL to search in all namespaces. | `nil` |
| `sidecar.dashboards.resource` | Should the sidecar looks into secrets, configmaps or both. | `both` |
| `sidecar.datasources.enabled` | Enables the cluster wide search for datasources and adds/updates/deletes them in grafana |`false` |
| `sidecar.datasources.label` | Label that config maps with datasources should have to be added | `grafana_datasource` |
| `sidecar.datasources.labelValue` | Label value that config maps with datasources should have to be added | `nil` |
-| `sidecar.datasources.searchNamespace` | If specified, the sidecar will search for datasources config-maps inside this namespace. Otherwise the namespace in which the sidecar is running will be used. It's also possible to specify ALL to search in all namespaces | `nil` |
+| `sidecar.datasources.searchNamespace` | Namespaces list. If specified, the sidecar will search for datasources config-maps inside these namespaces.Otherwise the namespace in which the sidecar is running will be used.It's also possible to specify ALL to search in all namespaces. | `nil` |
| `sidecar.datasources.resource` | Should the sidecar looks into secrets, configmaps or both. | `both` |
| `sidecar.notifiers.enabled` | Enables the cluster wide search for notifiers and adds/updates/deletes them in grafana | `false` |
| `sidecar.notifiers.label` | Label that config maps with notifiers should have to be added | `grafana_notifier` |
-| `sidecar.notifiers.searchNamespace` | If specified, the sidecar will search for notifiers config-maps (or secrets) inside this namespace. Otherwise the namespace in which the sidecar is running will be used. It's also possible to specify ALL to search in all namespaces | `nil` |
+| `sidecar.notifiers.searchNamespace` | Namespaces list. If specified, the sidecar will search for notifiers config-maps (or secrets) inside these namespaces.Otherwise the namespace in which the sidecar is running will be used.It's also possible to specify ALL to search in all namespaces. | `nil` |
| `sidecar.notifiers.resource` | Should the sidecar looks into secrets, configmaps or both. | `both` |
| `smtp.existingSecret` | The name of an existing secret containing the SMTP credentials. | `""` |
| `smtp.userKey` | The key in the existing SMTP secret containing the username. | `"user"` |
@@ -174,6 +175,7 @@
| `admin.existingSecret` | The name of an existing secret containing the admin credentials. | `""` |
| `admin.userKey` | The key in the existing admin secret containing the username. | `"admin-user"` |
| `admin.passwordKey` | The key in the existing admin secret containing the password. | `"admin-password"` |
+| `serviceAccount.autoMount` | Automount the service account token in the pod| `true` |
| `serviceAccount.annotations` | ServiceAccount annotations | |
| `serviceAccount.create` | Create service account | `true` |
| `serviceAccount.name` | Service account name to use, when empty will be set to created account if `serviceAccount.create` is set else to `default` | `` |
@@ -488,10 +490,10 @@
```yaml
- extraSecretMounts:
- name: auth-generic-oauth-secret-mount
- secretName: auth-generic-oauth-secret
- defaultMode: 0440
- mountPath: /etc/secrets/auth_generic_oauth
- readOnly: true
+ secretName: auth-generic-oauth-secret
+ defaultMode: 0440
+ mountPath: /etc/secrets/auth_generic_oauth
+ readOnly: true
```
### extraSecretMounts using a Container Storage Interface (CSI) provider

67
packages/rancher-grafana/generated-changes/patch/templates/_helpers.tpl.patch
View File

@ -33,70 +33,3 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
@@ -105,17 +134,6 @@
{{- end -}}
{{/*
-Return the appropriate apiVersion for rbac.
-*/}}
-{{- define "rbac.apiVersion" -}}
-{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
-{{- print "rbac.authorization.k8s.io/v1" -}}
-{{- else -}}
-{{- print "rbac.authorization.k8s.io/v1beta1" -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
Looks if there's an existing secret and reuse its password. If not it generates
new password and use it.
*/}}
@@ -127,3 +145,48 @@
{{- (randAlphaNum 40) | b64enc | quote -}}
{{- end -}}
{{- end -}}
+
+{{/*
+Return the appropriate apiVersion for rbac.
+*/}}
+{{- define "grafana.rbac.apiVersion" -}}
+ {{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
+ {{- print "rbac.authorization.k8s.io/v1" -}}
+ {{- else -}}
+ {{- print "rbac.authorization.k8s.io/v1beta1" -}}
+ {{- end -}}
+{{- end -}}
+
+{{/*
+Return the appropriate apiVersion for ingress.
+*/}}
+{{- define "grafana.ingress.apiVersion" -}}
+ {{- if and (.Capabilities.APIVersions.Has "networking.k8s.io/v1") (semverCompare ">= 1.19-0" .Capabilities.KubeVersion.Version) -}}
+ {{- print "networking.k8s.io/v1" -}}
+ {{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" -}}
+ {{- print "networking.k8s.io/v1beta1" -}}
+ {{- else -}}
+ {{- print "extensions/v1beta1" -}}
+ {{- end -}}
+{{- end -}}
+
+{{/*
+Return if ingress is stable.
+*/}}
+{{- define "grafana.ingress.isStable" -}}
+ {{- eq (include "grafana.ingress.apiVersion" .) "networking.k8s.io/v1" -}}
+{{- end -}}
+
+{{/*
+Return if ingress supports ingressClassName.
+*/}}
+{{- define "grafana.ingress.supportsIngressClassName" -}}
+ {{- or (eq (include "grafana.ingress.isStable" .) "true") (and (eq (include "grafana.ingress.apiVersion" .) "networking.k8s.io/v1beta1") (semverCompare ">= 1.18-0" .Capabilities.KubeVersion.Version)) -}}
+{{- end -}}
+
+{{/*
+Return if ingress supports pathType.
+*/}}
+{{- define "grafana.ingress.supportsPathType" -}}
+ {{- or (eq (include "grafana.ingress.isStable" .) "true") (and (eq (include "grafana.ingress.apiVersion" .) "networking.k8s.io/v1beta1") (semverCompare ">= 1.18-0" .Capabilities.KubeVersion.Version)) -}}
+{{- end -}}

118
packages/rancher-grafana/generated-changes/patch/templates/_pod.tpl.patch
View File

@ -1,17 +1,11 @@
--- charts-original/templates/_pod.tpl
+++ charts/templates/_pod.tpl
@@ -1,9 +1,9 @@
@@ -1,4 +1,3 @@
-
{{- define "grafana.pod" -}}
{{- if .Values.schedulerName }}
schedulerName: "{{ .Values.schedulerName }}"
{{- end }}
serviceAccountName: {{ template "grafana.serviceAccountName" . }}
+automountServiceAccountToken: {{ .Values.serviceAccount.autoMount }}
{{- if .Values.securityContext }}
securityContext:
{{ toYaml .Values.securityContext | indent 2 }}
@@ -21,9 +21,9 @@
@@ -22,9 +21,9 @@
{{- if ( and .Values.persistence.enabled .Values.initChownData.enabled ) }}
- name: init-chown-data
{{- if .Values.initChownData.image.sha }}
@ -23,7 +17,7 @@
{{- end }}
imagePullPolicy: {{ .Values.initChownData.image.pullPolicy }}
securityContext:
@@ -42,13 +42,13 @@
@@ -43,9 +42,9 @@
{{- if .Values.dashboards }}
- name: download-dashboards
{{- if .Values.downloadDashboardsImage.sha }}
@ -35,12 +29,7 @@
{{- end }}
imagePullPolicy: {{ .Values.downloadDashboardsImage.pullPolicy }}
command: ["/bin/sh"]
- args: [ "-c", "mkdir -p /var/lib/grafana/dashboards/default && /bin/sh /etc/grafana/download_dashboards.sh" ]
+ args: [ "-c", "mkdir -p /var/lib/grafana/dashboards/default && /bin/sh -x /etc/grafana/download_dashboards.sh" ]
resources:
{{ toYaml .Values.downloadDashboards.resources | indent 6 }}
env:
@@ -79,11 +79,16 @@
@@ -80,11 +79,16 @@
{{- if .Values.sidecar.datasources.enabled }}
- name: {{ template "grafana.name" . }}-sc-datasources
{{- if .Values.sidecar.image.sha }}
@ -59,16 +48,7 @@
env:
- name: METHOD
value: LIST
@@ -103,7 +108,7 @@
{{- end }}
{{- if .Values.sidecar.datasources.searchNamespace }}
- name: NAMESPACE
- value: "{{ .Values.sidecar.datasources.searchNamespace }}"
+ value: "{{ .Values.sidecar.datasources.searchNamespace | join "," }}"
{{- end }}
{{- if .Values.sidecar.skipTlsVerify }}
- name: SKIP_TLS_VERIFY
@@ -118,9 +123,9 @@
@@ -119,9 +123,9 @@
{{- if .Values.sidecar.notifiers.enabled }}
- name: {{ template "grafana.name" . }}-sc-notifiers
{{- if .Values.sidecar.image.sha }}
@ -80,21 +60,7 @@
{{- end }}
imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }}
env:
@@ -138,7 +143,7 @@
{{- end }}
{{- if .Values.sidecar.notifiers.searchNamespace }}
- name: NAMESPACE
- value: "{{ .Values.sidecar.notifiers.searchNamespace }}"
+ value: "{{ .Values.sidecar.notifiers.searchNamespace | join "," }}"
{{- end }}
{{- if .Values.sidecar.skipTlsVerify }}
- name: SKIP_TLS_VERIFY
@@ -159,13 +164,14 @@
- name: {{ . }}
{{- end}}
{{- end }}
+enableServiceLinks: {{ .Values.enableServiceLinks }}
containers:
@@ -165,9 +169,9 @@
{{- if .Values.sidecar.dashboards.enabled }}
- name: {{ template "grafana.name" . }}-sc-dashboard
{{- if .Values.sidecar.image.sha }}
@ -106,16 +72,7 @@
{{- end }}
imagePullPolicy: {{ .Values.sidecar.imagePullPolicy }}
env:
@@ -187,7 +193,7 @@
{{- end }}
{{- if .Values.sidecar.dashboards.searchNamespace }}
- name: NAMESPACE
- value: "{{ .Values.sidecar.dashboards.searchNamespace }}"
+ value: "{{ .Values.sidecar.dashboards.searchNamespace | join "," }}"
{{- end }}
{{- if .Values.sidecar.skipTlsVerify }}
- name: SKIP_TLS_VERIFY
@@ -205,9 +211,9 @@
@@ -207,9 +211,9 @@
{{- end}}
- name: {{ .Chart.Name }}
{{- if .Values.image.sha }}
@ -127,39 +84,7 @@
{{- end }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
{{- if .Values.command }}
@@ -258,19 +264,25 @@
{{- end }}
{{- end }}
{{- if .Values.datasources }}
+{{- range (keys .Values.datasources | sortAlpha) }}
- name: config
- mountPath: "/etc/grafana/provisioning/datasources/datasources.yaml"
- subPath: datasources.yaml
+ mountPath: "/etc/grafana/provisioning/datasources/{{ . }}"
+ subPath: {{ . | quote }}
+{{- end }}
{{- end }}
{{- if .Values.notifiers }}
+{{- range (keys .Values.notifiers | sortAlpha) }}
- name: config
- mountPath: "/etc/grafana/provisioning/notifiers/notifiers.yaml"
- subPath: notifiers.yaml
+ mountPath: "/etc/grafana/provisioning/notifiers/{{ . }}"
+ subPath: {{ . | quote }}
+{{- end }}
{{- end }}
{{- if .Values.dashboardProviders }}
+{{- range (keys .Values.dashboardProviders | sortAlpha) }}
- name: config
- mountPath: "/etc/grafana/provisioning/dashboards/dashboardproviders.yaml"
- subPath: dashboardproviders.yaml
+ mountPath: "/etc/grafana/provisioning/dashboards/{{ . }}"
+ subPath: {{ . | quote }}
+{{- end }}
{{- end }}
{{- if .Values.sidecar.dashboards.enabled }}
- name: sc-dashboard-volume
@@ -307,7 +319,7 @@
@@ -315,7 +319,7 @@
{{- end }}
ports:
- name: {{ .Values.service.portName }}
@ -168,32 +93,7 @@
protocol: TCP
- name: {{ .Values.podPortName }}
containerPort: 3000
@@ -369,16 +381,22 @@
- name: "{{ tpl $key $ }}"
value: "{{ tpl (print $value) $ }}"
{{- end }}
- {{- if .Values.envFromSecret }}
+ {{- if or .Values.envFromSecret (or .Values.envRenderSecret .Values.envFromSecrets) }}
envFrom:
+ {{- if .Values.envFromSecret }}
- secretRef:
name: {{ tpl .Values.envFromSecret . }}
{{- end }}
{{- if .Values.envRenderSecret }}
- envFrom:
- secretRef:
name: {{ template "grafana.fullname" . }}-env
{{- end }}
+ {{- range .Values.envFromSecrets }}
+ - secretRef:
+ name: {{ .name }}
+ optional: {{ .optional | default false }}
+ {{- end }}
+ {{- end }}
livenessProbe:
{{ toYaml .Values.livenessProbe | indent 6 }}
readinessProbe:
@@ -388,17 +406,17 @@
@@ -402,17 +406,17 @@
{{- with .Values.extraContainers }}
{{ tpl . $ | indent 2 }}
{{- end }}

25
packages/rancher-grafana/generated-changes/patch/templates/image-renderer-deployment.yaml.patch
View File

@ -1,6 +1,6 @@
--- charts-original/templates/image-renderer-deployment.yaml
+++ charts/templates/image-renderer-deployment.yaml
@@ -42,14 +42,16 @@
@@ -42,6 +42,8 @@
{{- end }}
{{- if .Values.imageRenderer.serviceAccountName }}
serviceAccountName: "{{ .Values.imageRenderer.serviceAccountName }}"
@ -9,16 +9,6 @@
{{- end }}
{{- if .Values.imageRenderer.securityContext }}
securityContext:
- {{ toYaml .Values.imageRenderer.securityContext | indent 2 }}
+ {{- toYaml .Values.imageRenderer.securityContext | nindent 8 }}
{{- end }}
{{- if .Values.imageRenderer.hostAliases }}
hostAliases:
- {{ toYaml .Values.imageRenderer.hostAliases | indent 2 }}
+ {{- toYaml .Values.imageRenderer.hostAliases | nindent 8 }}
{{- end }}
{{- if .Values.imageRenderer.priorityClassName }}
priorityClassName: {{ .Values.imageRenderer.priorityClassName }}
@@ -63,9 +65,9 @@
containers:
- name: {{ .Chart.Name }}-image-renderer
@ -31,18 +21,7 @@
{{- end }}
imagePullPolicy: {{ .Values.imageRenderer.image.pullPolicy }}
{{- if .Values.imageRenderer.command }}
@@ -78,6 +80,10 @@
- name: {{ .Values.imageRenderer.service.portName }}
containerPort: {{ .Values.imageRenderer.service.port }}
protocol: TCP
+ livenessProbe:
+ httpGet:
+ path: /
+ port: {{ .Values.imageRenderer.service.portName }}
env:
- name: HTTP_PORT
value: {{ .Values.imageRenderer.service.port | quote }}
@@ -97,16 +103,16 @@
@@ -101,16 +103,16 @@
resources:
{{ toYaml . | indent 12 }}
{{- end }}

76
packages/rancher-grafana/generated-changes/patch/templates/ingress.yaml.patch
View File

@ -1,76 +0,0 @@
--- charts-original/templates/ingress.yaml
+++ charts/templates/ingress.yaml
@@ -1,17 +1,13 @@
{{- if .Values.ingress.enabled -}}
+{{- $ingressApiIsStable := eq (include "grafana.ingress.isStable" .) "true" -}}
+{{- $ingressSupportsIngressClassName := eq (include "grafana.ingress.supportsIngressClassName" .) "true" -}}
+{{- $ingressSupportsPathType := eq (include "grafana.ingress.supportsPathType" .) "true" -}}
{{- $fullName := include "grafana.fullname" . -}}
{{- $servicePort := .Values.service.port -}}
{{- $ingressPath := .Values.ingress.path -}}
{{- $ingressPathType := .Values.ingress.pathType -}}
{{- $extraPaths := .Values.ingress.extraPaths -}}
-{{- $newAPI := .Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress" -}}
-{{- if $newAPI -}}
-apiVersion: networking.k8s.io/v1
-{{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/Ingress" }}
-apiVersion: networking.k8s.io/v1beta1
-{{- else }}
-apiVersion: extensions/v1beta1
-{{- end }}
+apiVersion: {{ include "grafana.ingress.apiVersion" . }}
kind: Ingress
metadata:
name: {{ $fullName }}
@@ -28,7 +24,7 @@
{{- end }}
{{- end }}
spec:
- {{- if .Values.ingress.ingressClassName }}
+ {{- if and $ingressSupportsIngressClassName .Values.ingress.ingressClassName }}
ingressClassName: {{ .Values.ingress.ingressClassName }}
{{- end -}}
{{- if .Values.ingress.tls }}
@@ -41,15 +37,15 @@
- host: {{ tpl . $}}
http:
paths:
-{{ if $extraPaths }}
+{{- if $extraPaths }}
{{ toYaml $extraPaths | indent 10 }}
{{- end }}
- path: {{ $ingressPath }}
- {{- if $newAPI }}
+ {{- if $ingressSupportsPathType }}
pathType: {{ $ingressPathType }}
{{- end }}
backend:
- {{- if $newAPI }}
+ {{- if $ingressApiIsStable }}
service:
name: {{ $fullName }}
port:
@@ -63,18 +59,20 @@
- http:
paths:
- backend:
- {{- if $newAPI }}
+ {{- if $ingressApiIsStable }}
service:
name: {{ $fullName }}
port:
number: {{ $servicePort }}
- pathType: {{ $ingressPathType }}
{{- else }}
serviceName: {{ $fullName }}
servicePort: {{ $servicePort }}
{{- end }}
- {{- if $ingressPath }}
+ {{- if $ingressPath }}
path: {{ $ingressPath }}
{{- end }}
+ {{- if $ingressSupportsPathType }}
+ pathType: {{ $ingressPathType }}
+ {{- end }}
{{- end -}}
{{- end }}

14
packages/rancher-grafana/generated-changes/patch/templates/podsecuritypolicy.yaml.patch
View File

@ -1,10 +1,7 @@
--- charts-original/templates/podsecuritypolicy.yaml
+++ charts/templates/podsecuritypolicy.yaml
@@ -3,16 +3,11 @@
kind: PodSecurityPolicy
metadata:
@@ -5,13 +5,9 @@
name: {{ template "grafana.fullname" . }}
- namespace: {{ template "grafana.namespace" . }}
labels:
{{- include "grafana.labels" . | nindent 4 }}
- annotations:
@ -20,12 +17,3 @@
spec:
privileged: false
allowPrivilegeEscalation: false
@@ -31,7 +26,7 @@
hostIPC: false
hostPID: false
runAsUser:
- rule: 'MustRunAsNonRoot'
+ rule: 'RunAsAny'
seLinux:
rule: 'RunAsAny'
supplementalGroups:

9
packages/rancher-grafana/generated-changes/patch/templates/role.yaml.patch
View File

@ -1,9 +0,0 @@
--- charts-original/templates/role.yaml
+++ charts/templates/role.yaml
@@ -1,5 +1,5 @@
{{- if and .Values.rbac.create (not .Values.rbac.useExistingRole) -}}
-apiVersion: {{ template "rbac.apiVersion" . }}
+apiVersion: {{ template "grafana.rbac.apiVersion" . }}
kind: Role
metadata:
name: {{ template "grafana.fullname" . }}

9
packages/rancher-grafana/generated-changes/patch/templates/rolebinding.yaml.patch
View File

@ -1,9 +0,0 @@
--- charts-original/templates/rolebinding.yaml
+++ charts/templates/rolebinding.yaml
@@ -1,5 +1,5 @@
{{- if .Values.rbac.create -}}
-apiVersion: {{ template "rbac.apiVersion" . }}
+apiVersion: {{ template "grafana.rbac.apiVersion" . }}
kind: RoleBinding
metadata:
name: {{ template "grafana.fullname" . }}

10
packages/rancher-grafana/generated-changes/patch/templates/tests/test-podsecuritypolicy.yaml.patch
View File

@ -1,10 +0,0 @@
--- charts-original/templates/tests/test-podsecuritypolicy.yaml
+++ charts/templates/tests/test-podsecuritypolicy.yaml
@@ -3,7 +3,6 @@
kind: PodSecurityPolicy
metadata:
name: {{ template "grafana.fullname" . }}-test
- namespace: {{ template "grafana.namespace" . }}
labels:
{{- include "grafana.labels" . | nindent 4 }}
spec:

128
packages/rancher-grafana/generated-changes/patch/values.yaml.patch
View File

@ -1,12 +1,10 @@
--- charts-original/values.yaml
+++ charts/values.yaml
@@ -1,9 +1,25 @@
@@ -1,9 +1,23 @@
+global:
+ cattle:
+ systemDefaultRegistry: ""
+
+autoscaling:
+ enabled: false
rbac:
create: true
## Use an existing ClusterRole/Role (depending on rbac.namespaced false/true)
@ -27,26 +25,18 @@
namespaced: false
extraRoleRules: []
# - apiGroups: []
@@ -19,6 +35,7 @@
nameTest:
# annotations:
# eks.amazonaws.com/role-arn: arn:aws:iam::123456789000:role/iam-role-name-here
+ autoMount: true
replicas: 1
@@ -68,8 +85,8 @@
@@ -69,8 +83,8 @@
# schedulerName: "default-scheduler"
image:
- repository: grafana/grafana
- tag: 7.5.5
- tag: 8.2.1
+ repository: rancher/mirrored-grafana-grafana
+ tag: 7.5.8
+ tag: 7.5.11
sha: ""
pullPolicy: IfNotPresent
@@ -82,12 +99,15 @@
@@ -83,12 +97,15 @@
testFramework:
enabled: true
@ -64,7 +54,7 @@
runAsUser: 472
runAsGroup: 472
fsGroup: 472
@@ -115,8 +135,8 @@
@@ -116,8 +133,8 @@
# priorityClassName:
downloadDashboardsImage:
@ -75,44 +65,7 @@
sha: ""
pullPolicy: IfNotPresent
@@ -148,7 +168,7 @@
# targetPort: 4181 To be used with a proxy extraContainer
annotations: {}
labels: {}
- portName: service
+ portName: use-annotation
serviceMonitor:
## If true, a ServiceMonitor CRD is created for a prometheus operator
@@ -188,7 +208,7 @@
labels: {}
path: /
- # pathType is only for k8s > 1.19
+ # pathType is only for k8s >= 1.1=
pathType: Prefix
hosts:
@@ -206,7 +226,7 @@
# service:
# name: ssl-redirect
# port:
- # name: service
+ # name: use-annotation
tls: []
@@ -240,7 +260,8 @@
extraInitContainers: []
## Enable an Specify container in extraContainers. This is meant to allow adding an authentication proxy to a grafana pod
-extraContainers: |
+extraContainers: ""
+# extraContainers: |
# - name: proxy
# image: quay.io/gambol99/keycloak-proxy:latest
# args:
@@ -301,7 +322,7 @@
@@ -303,7 +320,7 @@
## initChownData container image
##
image:
@ -121,68 +74,16 @@
tag: "1.31.1"
sha: ""
pullPolicy: IfNotPresent
@@ -382,6 +403,16 @@
## This can be useful for auth tokens, etc
envRenderSecret: {}
+## The names of secrets in the same kubernetes namespace which contain values to be added to the environment
+## Each entry should contain a name key, and can optionally specify whether the secret must be defined with an optional key.
+envFromSecrets: []
+## - name: secret-name
+## optional: true
+
+# Inject Kubernetes services as environment variables.
+# See https://kubernetes.io/docs/concepts/services-networking/connect-applications-service/#environment-variables
+enableServiceLinks: true
+
## Additional grafana server secret mounts
# Defines additional mounts with secrets. Secrets must be manually created in the namespace.
extraSecretMounts: []
@@ -446,13 +477,13 @@
# access: proxy
# isDefault: true
# - name: CloudWatch
-# type: cloudwatch
-# access: proxy
-# uid: cloudwatch
-# editable: false
-# jsonData:
-# authType: credentials
-# defaultRegion: us-east-1
+# type: cloudwatch
+# access: proxy
+# uid: cloudwatch
+# editable: false
+# jsonData:
+# authType: default
+# defaultRegion: us-east-1
## Configure notifiers
## ref: http://docs.grafana.org/administration/provisioning/#alert-notification-channels
@@ -602,8 +633,8 @@
@@ -614,7 +631,7 @@
## Requires at least Grafana 5 to work and can't be used together with parameters dashboardProviders, datasources and dashboards
sidecar:
image:
- repository: quay.io/kiwigrid/k8s-sidecar
- tag: 1.10.7
+ repository: rancher/mirrored-kiwigrid-k8s-sidecar
+ tag: 1.12.3
tag: 1.12.3
sha: ""
imagePullPolicy: IfNotPresent
resources: {}
@@ -627,9 +658,9 @@
folder: /tmp/dashboards
# The default folder name, it will create a subfolder under the `folder` and put dashboards in there instead
defaultFolderName: null
- # If specified, the sidecar will search for dashboard config-maps inside this namespace.
+ # Namespaces list. If specified, the sidecar will search for config-maps/secrets inside these namespaces.
# Otherwise the namespace in which the sidecar is running will be used.
- # It's also possible to specify ALL to search in all namespaces
+ # It's also possible to specify ALL to search in all namespaces.
searchNamespace: null
# search in configmap, secret or both
resource: both
@@ -690,9 +721,9 @@
@@ -702,9 +719,9 @@
replicas: 1
image:
# image-renderer Image repository
@ -194,12 +95,3 @@
# image-renderer Image sha (optional)
sha: ""
# image-renderer ImagePullPolicy
@@ -700,7 +731,7 @@
# extra environment variables
env:
HTTP_HOST: "0.0.0.0"
- # RENDERING_ARGS: --disable-gpu,--window-size=1280x758
+ # RENDERING_ARGS: --no-sandbox,--disable-gpu,--window-size=1280x758
# RENDERING_MODE: clustered
# image-renderer deployment serviceAccount
serviceAccountName: ""

2
packages/rancher-grafana/package.yaml
View File

@ -1,4 +1,4 @@
url: https://github.com/grafana/helm-charts.git
subdirectory: charts/grafana
commit: bf7e1110a5ee9258190d0377fea319bb8e764e62
commit: ad033c2a2b1f81284a924fb8627ca00700952fc5
version: 100.0.0