From a4aba01fb13704e92a7e7a6c6e719e75526eabdb Mon Sep 17 00:00:00 2001 From: vardhaman Date: Tue, 20 Dec 2022 08:58:12 +0530 Subject: [PATCH] make charts --- .../rancher-alerting-drivers-101.0.1.tgz | Bin 0 -> 8157 bytes .../101.0.1/Chart.yaml | 27 ++++ .../101.0.1/README.md | 11 ++ .../101.0.1/app-readme.md | 11 ++ .../101.0.1/charts/prom2teams/.helmignore | 22 +++ .../101.0.1/charts/prom2teams/Chart.yaml | 10 ++ .../101.0.1/charts/prom2teams/files/teams.j2 | 44 ++++++ .../charts/prom2teams/templates/NOTES.txt | 2 + .../charts/prom2teams/templates/_helpers.tpl | 73 ++++++++++ .../prom2teams/templates/configmap.yaml | 39 ++++++ .../prom2teams/templates/deployment.yaml | 83 ++++++++++++ .../charts/prom2teams/templates/psp.yaml | 31 +++++ .../charts/prom2teams/templates/role.yaml | 17 +++ .../prom2teams/templates/rolebinding.yaml | 15 +++ .../prom2teams/templates/service-account.yaml | 6 + .../charts/prom2teams/templates/service.yaml | 17 +++ .../101.0.1/charts/prom2teams/values.yaml | 67 ++++++++++ .../101.0.1/charts/sachet/.helmignore | 23 ++++ .../101.0.1/charts/sachet/Chart.yaml | 11 ++ .../101.0.1/charts/sachet/files/template.tmpl | 1 + .../101.0.1/charts/sachet/templates/NOTES.txt | 3 + .../charts/sachet/templates/_helpers.tpl | 79 +++++++++++ .../templates/configmap-pre-install.yaml | 34 +++++ .../charts/sachet/templates/deployment.yaml | 75 +++++++++++ .../101.0.1/charts/sachet/templates/psp.yaml | 31 +++++ .../101.0.1/charts/sachet/templates/role.yaml | 17 +++ .../charts/sachet/templates/rolebinding.yaml | 15 +++ .../sachet/templates/service-account.yaml | 6 + .../charts/sachet/templates/service.yaml | 17 +++ .../101.0.1/charts/sachet/values.yaml | 67 ++++++++++ .../101.0.1/questions.yml | 14 ++ .../101.0.1/templates/NOTES.txt | 2 + .../101.0.1/templates/_helpers.tpl | 117 ++++++++++++++++ .../101.0.1/templates/cluster-role.yaml | 50 +++++++ .../101.0.1/templates/hardened.yaml | 126 ++++++++++++++++++ .../101.0.1/values.yaml | 27 ++++ index.yaml | 32 +++++ 37 files changed, 1222 insertions(+) create mode 100644 assets/rancher-alerting-drivers/rancher-alerting-drivers-101.0.1.tgz create mode 100644 charts/rancher-alerting-drivers/101.0.1/Chart.yaml create mode 100644 charts/rancher-alerting-drivers/101.0.1/README.md create mode 100644 charts/rancher-alerting-drivers/101.0.1/app-readme.md create mode 100644 charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/.helmignore create mode 100644 charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/Chart.yaml create mode 100644 charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/files/teams.j2 create mode 100644 charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/NOTES.txt create mode 100644 charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/_helpers.tpl create mode 100644 charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/configmap.yaml create mode 100644 charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/deployment.yaml create mode 100644 charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/psp.yaml create mode 100644 charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/role.yaml create mode 100644 charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/rolebinding.yaml create mode 100644 charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/service-account.yaml create mode 100644 charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/service.yaml create mode 100644 charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/values.yaml create mode 100644 charts/rancher-alerting-drivers/101.0.1/charts/sachet/.helmignore create mode 100644 charts/rancher-alerting-drivers/101.0.1/charts/sachet/Chart.yaml create mode 100644 charts/rancher-alerting-drivers/101.0.1/charts/sachet/files/template.tmpl create mode 100644 charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/NOTES.txt create mode 100644 charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/_helpers.tpl create mode 100644 charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/configmap-pre-install.yaml create mode 100644 charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/deployment.yaml create mode 100644 charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/psp.yaml create mode 100644 charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/role.yaml create mode 100644 charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/rolebinding.yaml create mode 100644 charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/service-account.yaml create mode 100644 charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/service.yaml create mode 100644 charts/rancher-alerting-drivers/101.0.1/charts/sachet/values.yaml create mode 100644 charts/rancher-alerting-drivers/101.0.1/questions.yml create mode 100644 charts/rancher-alerting-drivers/101.0.1/templates/NOTES.txt create mode 100644 charts/rancher-alerting-drivers/101.0.1/templates/_helpers.tpl create mode 100644 charts/rancher-alerting-drivers/101.0.1/templates/cluster-role.yaml create mode 100644 charts/rancher-alerting-drivers/101.0.1/templates/hardened.yaml create mode 100644 charts/rancher-alerting-drivers/101.0.1/values.yaml diff --git a/assets/rancher-alerting-drivers/rancher-alerting-drivers-101.0.1.tgz b/assets/rancher-alerting-drivers/rancher-alerting-drivers-101.0.1.tgz new file mode 100644 index 0000000000000000000000000000000000000000..ed1e4b8b7d4f8aff939d4cc6132083b6cbede499 GIT binary patch literal 8157 zcmV<3A0pr%iwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PKBxbKAJGXa44==tFPH@oY#v{K`??Y^}%fWV|`_6~a8-ZSVv zxa1Zg;R3N|-3OOdt=u;fP!v&t1fdZhSO6XpD4=84LqY`DCA8zoaWNv;A3!=*YLoed z#{rr;5eo4Dj?&QtZ}e!Y&2pU#u_I#%jRvs&e_lh+?H#yXrwjiDJ-4rZZr5g|d;kH7 zlFzlVF=inV+{shDyd{xOZ|m8}B%s7e-#ttj>ASC*`CvG}h~u=@O|n#*RZL?%053?m zz|0Yp2DQnOm{|f37Dbc=z;H}C5tK~_Fd_jSbUJRwld6GtjD#iH9C;HgX6WkI z3uvZ^e9S#YVomRAf+0i^8e;|{%0NsA^PLzmF@;+^oKSiV40~9$H6$GSKq5G2G{j

b%ZT=gGVR{ z1n3S|64o#%Tx$!iCWHgwfZ$(8@83Bi%0eUr_LU^d1aGhxAco-vF(MTJ2SH(oA(nzA zB~wtC(u9G)VH_ZVxocVDfDTcRPCz2S@)y7shzSOU$Ak+uh1&^c7*G%Z3DFpHxFtcL zNGCxcIbbwY`S_Fz9H#ZUNV5;Xwk-fT>3Aa01(=#Bt#c<$pyCA@58$Tf_PcK1lKgNi zr265yv4D(ZRp1syLb1w|p`$fQT4@q-ffRGH-iicL>X66C!@!W3V5!hhl-5oWS0rR3 z=h;&ws&aj}!Hf|fs|s0#5|&j;b?yL0DB#$#v^uSe+1i3L>SGAd5C^)~W9kFqoQ$Io zM?$8!z@tJ{%7$SPmK`SNd+PB{!ZCBk3Gs0!qCR#w4zMSccE{SN5Zrv8`eC!)882BVSEajC`n59?f+zQFKE zsxYb|Giw!m>LpT(C}~yN1tV{gE(g@JN23uLCt99?DqD}cPu(2fU1%ZypC&knrSU7` z)l9(!@_(>*SXuw~yZha}jr^}8+}%0g;}MB4*xGLTS3T zXp1ddsMcCsdA695NQ}UK&O7!>1aRcf{I>4yIzL#y>4kl!m9$BSd>_(EXd6Q*9JLdm z3=jU&l1YX*pttF3!?cjP?3S|YfFhrRN0UG%1@29-pGZZhbRFf`q-g!n(L5EcsbU>v z7a7!bV>)n+rA2D)Xh`c+nU#YyuY7?=BkYL**k|-IWk9~Bv7{%>D*NQm1O;}rX=>Tv zsWDdSP>#bJ%#LXoORL@fub$i6bGkOT$0$Za5)eT!ccnF!ZZEiRiAaAcIzudwTQ&}h z?HR>Zz_Cg>H&J63pL~u{x0~ zWoA^v7Z5CoJUG}@KS_9*j7H=$*p3YbdpUQ<3`@HexvJQ_(k$W|8W9TEBZNo|=Rxu%oMr`$F+tV~mGTth8nk$HQjNgCtZw6`2T z>F@ugcptoO-=PJMc`Ill?uBk5oj2pN^m0k&3O(mM=XQmbF0}pds{dIUbVhGV2}yU7 zWKXIdO^1h0rPg_KdR3*eYgD$birLEgccucq$W?S8SF`s2w!!{nFE2tg3~7|EM4LI( z@tVa64nmht^!D8V?(Tp@UXb{+6>@cvv+D$i2U8oN7YZsJX=KhIrNdy2-L-^}@;sVELaMif<9St5>5p{svnEYcPUd>L@XB=XVy41{c5`={ zXhmiX4f)Tg+UXCw6@dmB&$eC0L`;&Q>(Q_yN4@?-I8QL|?CtOFZ>irN4drsn**iQu zJbbnL&z|)QN8?JTdMF5-2y=mb8(sv23vj`{{N=~vpN}rCKAj!CKe55SI(dKo?&#{o z-jU2;ckH$xGG=ImB4p>kiiT8VW_q(kCR6S{6;ij8$j6_-g>D|flc82)Mr;qh0FMJA z)Si;<7G$!ei{dBOeiD&Q7dZq`js}u zde$|G`~e*6;d(&>Y=u}L9|<(bPoe9K9AnOh`+EoZA&D$VZL9h$L2fmEfk@5?k$^qP zxjI&AWD_V0DJ$0E)?5Mw6K9Q!4pNom~Mi%xS_rY{ca1 zn3qz>>7{}9iUK#QaFA8u2D71A{13L}IL_L;0{cX)p(kW9n~s>*5jO771^%{p}bBE$06TVm^+rzp^jLg8Bb&ueV>_|3By*Z07%U1XGa= z<=8Eh#{Z+k)s#gn={OvjUJJ8(1lk2cN!N;MrQ*8?U}yV66H2e`0mPIGC$%wN>Zc?g zGvwph(sI-<95dxb z*iGLvEJZ+^tBMcc4BsdpPZ=sM90rrM#|ma2y{cKMndH)aIYIx0!k|9I7pT%omtLB= zk~>HPZ>5u$MeLb}K(*YN2^KJyZZ>1ai=J^-5}_<8r>6nfX70ulJ4r+eT=}pq^=)zs zzbClAA2g>EXbkuFc9n_qBnYz6aymMr;+$cQBVnZTXc!`?L_XRnG5aOhPGrAq&;!M8 z=}WLx?PZ2kRMM?M`6k<1lhk7Q_wL^|N(2pMg3FR*UD0bC{o77mp6>16XDp{&)s-`D zwB7=(_Y@YW(Y)Vo!_}I!@X@w^uNbrNu`>2~nnatS@X;P)B?MYjWL$oBVV>I_ou8(? z#ND3}2V3*ox#(Bl>G^T_#rf%* z;zeQFYAurlcmUh)6D}?cdsr^hIesVY!%{kx<|vw~_#}=4teh7EbJL+pQZM<{fsvud z)RtZ^w}e9Uc>o9d`@8!Vz=&({dL(iTBmYAbOl8G>A_3OMV9_KuG)QtC>%cb09>ZeW znxi};-S8wD&nV5bPaZOMQ`^l!K|pWi--8UEw|BpNf!^D3%$c=nYZombPi zXpK{yGkrSI4^O=qe}d4s|8sG2^ydAE8~P6~W8wXu{a(fYdw*|tbN_QKVGAzw2$;RI zX;4~6=oGzDtf06k!#QD9v{2Gb&W+c(L zLyRn)Eo6{)((80icGGVMUJw_%8MiyGfw(?ocQK{F!i7OCQGp zok}$ibX2+`2!aBa3R0D?&c!1t$cT8_S3Shu1Vx009K-|(<(n5#0TB}91_x6$gHR^0 z?^@Pz!WfQ3Fnwv>?MYK`b?`N!QXd*EKd>BlPdr9B9SOL?DC93;h`4sb|5%*96|HJ` zi4Y&7fN+6~3z|EY1DEeFO)8h_fUlN9h&e}NJS5CdFJ$gm*3n2{mW>0+Y?J1A3GwD; zz&8^b^*@SZM_L#me()Tyy#7Df?;dXS|2o1(|8MmFM*n}mp;7<;nP9G4e)>=ZfJOH| z_YP+6{~zvd?tiT%cu3$eWhC2{HUKS*rMbSRtsL719b(yBO@l$1^>jG&TX($bW&W>AvyYd~Ga##8s`a$yPiUl|c-f&B0GyH)?M z-eGU!|Gkz_i~nOx-fM>ZnFrm|fPiD(_8gS1bXe8fraA+|aX>tDOp{3YYFXN|#;V5y z3JGJBVc*G>fm1?AQy4*70f9mys`ZSqOg~kImD!}vBD^?J-dGB{D8!*Eyw`vAo>=)aD0Oq5mWsj zkVv@xnS>!?`t^uJW6abwRrSo0Xh`Yxr-TLejs;b228w}zjstvygEDXM;?2pAzr2Mn zaC-LB2lxWN9bKHAp2-&{7Z)Ec;0qjIoL-$CAH9>5Ga>_(-0<{^k(dmiLt|lT%?S=d zy`t@CiTb0j+iyh1b5ra8ToMrr0Dl$?okTaPwXH44j*=mD|C1scOAU^>RpS}Bm0!A0 zay$yqSjs3)P2UPJ6D}(CAKWSqSS1NHamwGPZ}eSbL1hAck0bMZvnmdUy@HN92h9k@ zjL2@)T~?)tf_fb}E89*EL`Qf3H24uPLk~|4Sl*Es+1c{_bu?{`b23 z8~neuguA=W4{$@mfx}J^cpb`S@g{fxv%ppxn6M2@*f$RoW^8f%1xR7_EPg*& zVRcX%t>D6(hv0=dCMJ)wGGdt15;DwL8Z)ex!3Uy-%~O7}L+~h&%1py*7oDz6G`(p@ zbu;)_AI^tKAc$ez6>bw8NCX}Yha|$j9xXLMR24Z>L^7s}E}69#EBb$C?{5Yrq79Uo z!A!6uAl8h&P|!cKIAnhzaN4o}TxkzCqjP=5NN3L924Lqa4=dUKIbK4$!=MHBfB*1s z#{SIM>u8XRo1)WBkgMf}frL$`$vJ|DLhI)P&q00YnJe`|}gMFO+wwpL9`Jk1&SqwTJ zinawz(2ca|3MS-LYy%^)elB-mr#_7drMOeQBUfC; z%u1TMQ&e0FTF8OA*fw|4E?-4zxII^6AFOnNj$z~e9K&<2&)s4&o(OvY_O4xy&JGNV zt992H$5z%r#p%!hzBnrD$DgmR&ebJK%=BH`pVbMUalhZF;DmCK!4;fS)|f7)EKm2b z;+>^Sk%LH`pUf4_l*Dmyt|-gPURUrF3@FBHJbkIuhSX2<4z*DnsS1FXp2@ z7gEl@X=Q$rYpABSs2*`gA{f96Mx(x@z~v!VfV`)Z~6zgPscG5{9L{|CK;>i+-U{^9;+{$EEhbux-$ zUR?NmlXvoh+n)2Z>?(SERn44T6HWa)cuAN{rw?6Bw#}t=c!-2I(J0B;?c3Ftg-!YA zuh*)WL1wGx{;CF?%tQHGg~R2LjOLAunt3A!m$_6om3hHxHAWSaf%8;ReQFeaI{$ES)tJ{Pg3$+80%| z+1eKP?!()6C%>M&YhO~;zSE)3ludAhF`K!0)pKVTmaSdKmYrI=39h7=(S}fl@tH+B z%Oeft+UuJHX5jWqPG>n1cd5um%sPO2Fc6d5`Cu1CQ0Nlp8L<=Yp&(tw&!+W^!>d6> zdH9UR)prgYy?bXhHtR#-@@iYQ3Yu3Wnvb2=K)JHYDowzdQD^uSZ3)2=^;8yM!?n^- zM~#$cvZk($i}LCfvXObzBIl@_&HM_%Q?GY6p&V9P|Hr)L&c6-|*8jc!L9gon*Y9oo z|JD+|W(c(p-@_z^Y=>MV}M*24y%?5_eS%U9mpb0Eu}T44TWVI}>))sZv4O36aFIo-vWiT1r+e231FSO%k#fRp&LkR$i)D+i|SSTS&JH^T@_dPLP)~# zGU{?=`5$WJ+%{@pq5L22RnLD8H{X9)Pk37SZwJ5pRjGm1;F240lIPcLWt8ORvx$ms zSV{iVa~~(gCSRlj7Rmo^uZsV%zu)a{0@~+Vs7g#_!dMTgaAb@c|huVLNMB|shaG-!tK{+cH?@{DiTM*%~ zc3gfDGdv=nGwh9j?6~kD3Z@E^CDtrKjMaTi>{{-d%TJerGHh)@ddcV4<4f=fpn0gmM|QcQ4&KY28ujKgcVQ!~#t!<+^;*x!Z$Z1>+BANJpDztmA4 zBZ7D+P*Jardq=&aEJ`6b;hKnB#3B-nRm@L6{qv~%V-}M{*AcyqRLrpo+ZMpRuT#BC~qvaGl=ybR@!69-f8+Y($fg`n{k)>DFJ(jhV zIqsgTOU?@8;`M8z*3a*i=Y!EUZWamm_i*=IpVH4J`xx@^Cv_U0!CC#DWr%z-g6H=c zCmF2Od^TQOqz^kLjk`N2%F%S-KBp{*2vmEW=b+mf)Ee3s6qxDqPI`V1FH%I1^xaNv z)ikIOw+Ha?E=Sw_ecnvCK+Pp$69KEJ;!IqGPfu>si1v)>@2 zB9(_!wbUpB8p)E~zcibWdmz>caVDQ zwc*Yr`tceol~HCCN516d`MuF9g+p3hMU3l8i)vF&`j}NRD7UZI?&YqRn5ps>jP(@@&0V?RGzY5mtd*xl^^tR;Nq_|JOym2ZyrOW4m{ch~JLz<$=> zx@eF4Jo^ER6!kfM&|6I?R#%GD7Y%cOgr3`Vd*6^sYAOFKV?RG@bN|14Sl$2WZq|S6 z3AOmo>Gu=9IqYZ6cN6Zjb}zfY0Y$!c!<&ou{09j`;!in^octEO!&L5hNY5!E^i9`& z<#sJgvouKIV@H@_wQJi->2!tx9d<&*1!f)m8HI6>gKsENR6dOKhWI$eVODk0-$zPu zR#ybOHkiqD@ZvgaRcy^(){~6H)IT!j8pUl~_z~oO^mXvXB^cpu*Q$Eir}khO`?uR| zg^c~rSBD3dzPh0|`FFeBZqEel&H%1|!;tU<1;JD{G7Uo<`3gEgP<1PkjHWrFQE`7p z0WwesFuK7Si%X$rc{Ji4p$S){y$K~A&e4Grj+v`v4+We8i99AJM+M3ic{l~<;tC;| zMu4Lm!f2#XnbdY_K%`uyqb_CTCGfI|Vrrvf_q8aY_ zRs|t_YZfG3Rj~k6Uz}ruplpPe^Z&}&zt7s>|L#`(zxunI??0_4lnre;)kpNUKmg9H z8g;$249a1S6s*3_XAd(w(D|0#Sg(LHc^0AMk)RqgA^}7@lE^7 zMDSfJ4sQvVNAr?t)_1v&;@1zcn>Tlk8L^u!J~$y?f+sg z)PT91e=x9U|G&3a-T&V|JlO32uO&zgpf(yuB*1E?KaK-Ay|0Kh`$$l;vo=^6W_D)I zel&>Lx{@2FOBEI?3b=~x-IA_VDGn}q%fl=u2FojIe zIkPecu&v74uA#aJpQ+m7Swiy=s1~N_U=Gf1T?u*RvV_K|Qu`7%s109#SbF|n68rbr z;`x7n?{EhH;c#>RYdzr+@PC`8!DT1dRi@2H!~Cr)b#_%ZqwnS;_Rb=smkz-Vn7z`; z_GI4Fkeg&KSmu))WLUTj1D5uuf9id%#O-J~I!WTfI0 z(u}%TgIrpZy4(^zj?7w(Q^i*pWElBm#WG~xX`4dkVOX0$)mV6$)m0&DB3(P0oRMNikP089$He`u zMH4QgaHn2!%2PNCUyGEKodBD~rIKzbxvAuB5+KCJGXo**R>vpob>~*vCr%BrxdYBE z9;%goh{c5Zug|OS-bNCA<;C%+k6-td_grnVgaxnDi*vpHq1$!4Zg0?hJzfp{)ERQw zA>LTAd1HJ5g8!^QvRrmk;`@0+bx3z??8vk|P z1h9_X#mB^aomZDN;=NYGO7g!1_Up4Y^1nax{lD(!`@ic6-va*YldFM8#(ZtA&&qhO z^-I_mdSPk#UlRNES)2Pmht>Q4dj}i;pY?=?z4?)i}mk2>J@eDRS{l7By@3S`ePrFt9-|Oz}ZuI{;!Uq3$A^xvR85#dwVSro8e}?_5tw34P zN8JDI&EUWF_xqdu-?fCtLM0M7z+;9&H8j43fxiixunC*+ornJk00960`Nji50Qvv` D#?CDC literal 0 HcmV?d00001 diff --git a/charts/rancher-alerting-drivers/101.0.1/Chart.yaml b/charts/rancher-alerting-drivers/101.0.1/Chart.yaml new file mode 100644 index 000000000..67903c067 --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/Chart.yaml @@ -0,0 +1,27 @@ +annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: Alerting Drivers + catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.26.0-0' + catalog.cattle.io/os: linux + catalog.cattle.io/permits-os: linux,windows + catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0' + catalog.cattle.io/release-name: rancher-alerting-drivers + catalog.cattle.io/type: cluster-tool + catalog.cattle.io/upstream-version: 100.0.1 +apiVersion: v2 +appVersion: 1.16.0 +dependencies: +- condition: prom2teams.enabled + name: prom2teams + repository: file://./charts/prom2teams +- condition: sachet.enabled + name: sachet + repository: file://./charts/sachet +description: The manager for third-party webhook receivers used in Prometheus Alertmanager +icon: https://charts.rancher.io/assets/logos/alerting-drivers.svg +keywords: +- monitoring +- alertmanger +- webhook +name: rancher-alerting-drivers +version: 101.0.1 diff --git a/charts/rancher-alerting-drivers/101.0.1/README.md b/charts/rancher-alerting-drivers/101.0.1/README.md new file mode 100644 index 000000000..ea3f11801 --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/README.md @@ -0,0 +1,11 @@ +# Rancher Alerting Drivers + +This chart installs one or more [Alertmanager Webhook Receiver Integrations](https://prometheus.io/docs/operating/integrations/#alertmanager-webhook-receiver) (i.e. Drivers). + +Those Drivers can be targeted by an existing deployment of Alertmanager to send alerts to notification mechanisms that are not natively supported. + +Currently, this chart supports the following Drivers: +- Microsoft Teams, based on [prom2teams](https://github.com/idealista/prom2teams) +- SMS, based on [Sachet](https://github.com/messagebird/sachet) + +After installing rancher-alerting-drivers, please refer to the upstream documentation for each Driver for configuration options. \ No newline at end of file diff --git a/charts/rancher-alerting-drivers/101.0.1/app-readme.md b/charts/rancher-alerting-drivers/101.0.1/app-readme.md new file mode 100644 index 000000000..ea3f11801 --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/app-readme.md @@ -0,0 +1,11 @@ +# Rancher Alerting Drivers + +This chart installs one or more [Alertmanager Webhook Receiver Integrations](https://prometheus.io/docs/operating/integrations/#alertmanager-webhook-receiver) (i.e. Drivers). + +Those Drivers can be targeted by an existing deployment of Alertmanager to send alerts to notification mechanisms that are not natively supported. + +Currently, this chart supports the following Drivers: +- Microsoft Teams, based on [prom2teams](https://github.com/idealista/prom2teams) +- SMS, based on [Sachet](https://github.com/messagebird/sachet) + +After installing rancher-alerting-drivers, please refer to the upstream documentation for each Driver for configuration options. \ No newline at end of file diff --git a/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/.helmignore b/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/.helmignore new file mode 100644 index 000000000..50af03172 --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/Chart.yaml b/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/Chart.yaml new file mode 100644 index 000000000..1e0a686e8 --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/Chart.yaml @@ -0,0 +1,10 @@ +annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/hidden: "true" + catalog.cattle.io/os: linux + catalog.cattle.io/release-name: rancher-prom2teams +apiVersion: v1 +appVersion: 4.2.0 +description: A Helm chart for Prom2Teams based on the upstream https://github.com/idealista/prom2teams +name: prom2teams +version: 0.2.0 diff --git a/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/files/teams.j2 b/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/files/teams.j2 new file mode 100644 index 000000000..f1cf61d4e --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/files/teams.j2 @@ -0,0 +1,44 @@ +{%- set + theme_colors = { + 'resolved' : '2DC72D', + 'critical' : '8C1A1A', + 'severe' : '8C1A1A', + 'warning' : 'FF9A0B', + 'unknown' : 'CCCCCC' + } +-%} + +{ + "@type": "MessageCard", + "@context": "http://schema.org/extensions", + "themeColor": "{% if status=='resolved' %} {{ theme_colors.resolved }} {% else %} {{ theme_colors[msg_text.severity] }} {% endif %}", + "summary": "{% if status=='resolved' %}(Resolved) {% endif %}{{ msg_text.summary }}", + "title": "Prometheus alert {% if status=='resolved' %}(Resolved) {% elif status=='unknown' %} (status unknown) {% endif %}", + "sections": [{ + "activityTitle": "{{ msg_text.summary }}", + "facts": [{% if msg_text.name %}{ + "name": "Alert", + "value": "{{ msg_text.name }}" + },{% endif %}{% if msg_text.instance %}{ + "name": "In host", + "value": "{{ msg_text.instance }}" + },{% endif %}{% if msg_text.severity %}{ + "name": "Severity", + "value": "{{ msg_text.severity }}" + },{% endif %}{% if msg_text.description %}{ + "name": "Description", + "value": "{{ msg_text.description }}" + },{% endif %}{ + "name": "Status", + "value": "{{ msg_text.status }}" + }{% if msg_text.extra_labels %}{% for key in msg_text.extra_labels %},{ + "name": "{{ key }}", + "value": "{{ msg_text.extra_labels[key] }}" + }{% endfor %}{% endif %} + {% if msg_text.extra_annotations %}{% for key in msg_text.extra_annotations %},{ + "name": "{{ key }}", + "value": "{{ msg_text.extra_annotations[key] }}" + }{% endfor %}{% endif %}], + "markdown": true + }] +} diff --git a/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/NOTES.txt b/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/NOTES.txt new file mode 100644 index 000000000..a94c4132b --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/NOTES.txt @@ -0,0 +1,2 @@ +Prom2Teams has been installed. Check its status by running: + kubectl --namespace {{ .Release.Namespace }} get pods -l "app.kubernetes.io/instance={{ .Release.Name }}" diff --git a/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/_helpers.tpl b/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/_helpers.tpl new file mode 100644 index 000000000..ffc0fa356 --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/_helpers.tpl @@ -0,0 +1,73 @@ +{{/* vim: set filetype=mustache: */}} + +{{- define "system_default_registry" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} +{{- end -}} +{{- end -}} + +{{/* +Windows cluster will add default taint for linux nodes, +add below linux tolerations to workloads could be scheduled to those linux nodes +*/}} + +{{- define "linux-node-tolerations" -}} +- key: "cattle.io/os" + value: "linux" + effect: "NoSchedule" + operator: "Equal" +{{- end -}} + +{{- define "linux-node-selector" -}} +{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}} +beta.kubernetes.io/os: linux +{{- else -}} +kubernetes.io/os: linux +{{- end -}} +{{- end -}} + +{{/* +Expand the name of the chart. +*/}} +{{- define "prom2teams.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "prom2teams.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Allow the release namespace to be overridden for multi-namespace deployments in combined charts +*/}} +{{- define "prom2teams.namespace" -}} +{{ default .Release.Namespace .Values.global.namespaceOverride }} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "prom2teams.labels" -}} +app.kubernetes.io/name: {{ include "prom2teams.name" . }} +helm.sh/chart: {{ printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +app.kubernetes.io/instance: {{ .Release.Name }} +release: {{ .Release.Name }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} diff --git a/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/configmap.yaml b/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/configmap.yaml new file mode 100644 index 000000000..ccf38953e --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/configmap.yaml @@ -0,0 +1,39 @@ +{{- $valid := list "DEBUG" "INFO" "WARNING" "ERROR" "CRITICAL" -}} +{{- if not (has .Values.prom2teams.loglevel $valid) -}} +{{- fail "Invalid log level"}} +{{- end -}} +{{- if and .Values.prom2teams.connector (hasKey .Values.prom2teams.connectors "Connector") -}} +{{- fail "Invalid configuration: prom2teams.connectors can't have a connector named Connector when prom2teams.connector is set"}} +{{- end -}} +{{/* Create the configmap when the operation is helm install and the target configmap does not exist. */}} +{{- if not (lookup "v1" "ConfigMap" (include "prom2teams.namespace" . ) (include "prom2teams.fullname" .)) }} +apiVersion: v1 +kind: ConfigMap +metadata: + namespace: {{ include "prom2teams.namespace" . }} + name: {{ include "prom2teams.fullname" . }} + labels: {{ include "prom2teams.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": pre-install, pre-upgrade + "helm.sh/hook-weight": "3" + "helm.sh/resource-policy": keep +data: + config.ini: |- + [HTTP Server] + Host: {{ .Values.prom2teams.host }} + Port: {{ .Values.prom2teams.port }} + [Microsoft Teams] + {{- with .Values.prom2teams.connector }} + Connector: {{ . }} + {{- end }} + {{- range $key, $val := .Values.prom2teams.connectors }} + {{ $key }}: {{ $val }} + {{- end }} + [Group Alerts] + Field: {{ .Values.prom2teams.group_alerts_by }} + [Log] + Level: {{ .Values.prom2teams.loglevel }} + [Template] + Path: {{ .Values.prom2teams.templatepath }} + teams.j2: {{ .Files.Get "files/teams.j2" | quote }} + {{- end -}} diff --git a/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/deployment.yaml b/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/deployment.yaml new file mode 100644 index 000000000..34f7d0f46 --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/deployment.yaml @@ -0,0 +1,83 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "prom2teams.fullname" . }} + namespace: {{ include "prom2teams.namespace" . }} + labels: {{ include "prom2teams.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app.kubernetes.io/name: {{ include "prom2teams.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + template: + metadata: + labels: + app.kubernetes.io/name: {{ include "prom2teams.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + spec: + serviceAccountName: {{ include "prom2teams.fullname" . }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: {{ toYaml . | nindent 8 }} + {{- end }} + volumes: + - name: config + configMap: + name: {{ include "prom2teams.fullname" . }} + containers: + - name: {{ .Chart.Name }} + image: {{ include "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: 8089 + protocol: TCP + volumeMounts: + - name: config + mountPath: /opt/prom2teams/helmconfig/ + env: + - name: APP_CONFIG_FILE + value: {{ .Values.prom2teams.config | quote }} + - name: PROM2TEAMS_PORT + value: {{ .Values.prom2teams.port | quote }} + - name: PROM2TEAMS_HOST + value: {{ .Values.prom2teams.host | quote }} + - name: PROM2TEAMS_CONNECTOR + value: {{ .Values.prom2teams.connector | quote }} + - name: PROM2TEAMS_GROUP_ALERTS_BY + value: {{ .Values.prom2teams.group_alerts_by | quote }} + - name: PROM2TEAMS_LOGLEVEL + value: {{ .Values.prom2teams.loglevel }} + {{- range $key, $value := .Values.prom2teams.extraEnv }} + - name: "{{ $key }}" + value: "{{ $value }}" + {{- end }} + resources: {{ toYaml .Values.resources | nindent 12 }} + {{- if .Values.securityContext.enabled }} + securityContext: + privileged: false + readOnlyRootFilesystem: false + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + {{- end }} + nodeSelector: {{ include "linux-node-selector" . | nindent 8 }} + {{- if .Values.nodeSelector }} + {{- toYaml .Values.nodeSelector | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: {{ toYaml . | nindent 8 }} + {{- end }} + tolerations: {{ include "linux-node-tolerations" . | nindent 8 }} + {{- if .Values.tolerations }} + {{- toYaml .Values.tolerations | nindent 8 }} + {{- end }} + {{- if .Values.securityContext.enabled }} + securityContext: + runAsNonRoot: {{ if eq (int .Values.securityContext.runAsUser) 0 }}false{{ else }}true{{ end }} + runAsUser: {{ .Values.securityContext.runAsUser }} + runAsGroup: {{ .Values.securityContext.runAsGroup }} + fsGroup: {{ .Values.securityContext.fsGroup }} + {{- end }} + diff --git a/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/psp.yaml b/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/psp.yaml new file mode 100644 index 000000000..12295889b --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/psp.yaml @@ -0,0 +1,31 @@ +{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ include "prom2teams.fullname" . }}-psp + labels: {{ include "prom2teams.labels" . | nindent 4 }} +spec: + privileged: false + allowPrivilegeEscalation: false + hostNetwork: false + hostIPC: false + hostPID: false + runAsUser: + rule: 'MustRunAsNonRoot' + seLinux: + rule: 'RunAsAny' + supplementalGroups: + rule: 'MustRunAs' + ranges: + - min: 1 + max: 65535 + fsGroup: + rule: 'MustRunAs' + ranges: + - min: 1 + max: 65535 + readOnlyRootFilesystem: false + volumes: + - 'configMap' + - 'secret' +{{- end }} diff --git a/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/role.yaml b/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/role.yaml new file mode 100644 index 000000000..99ca0f990 --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/role.yaml @@ -0,0 +1,17 @@ +{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "prom2teams.fullname" . }}-psp + namespace: {{ include "prom2teams.namespace" . }} + labels: {{ include "prom2teams.labels" . | nindent 4 }} +rules: + - apiGroups: + - policy + resourceNames: + - {{ include "prom2teams.fullname" . }}-psp + resources: + - podsecuritypolicies + verbs: + - use +{{- end }} diff --git a/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/rolebinding.yaml b/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/rolebinding.yaml new file mode 100644 index 000000000..d32273e0a --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/rolebinding.yaml @@ -0,0 +1,15 @@ +{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "prom2teams.fullname" . }}-psp + namespace: {{ include "prom2teams.namespace" . }} + labels: {{ include "prom2teams.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "prom2teams.fullname" . }}-psp +subjects: + - kind: ServiceAccount + name: {{ include "prom2teams.fullname" . }} +{{- end }} diff --git a/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/service-account.yaml b/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/service-account.yaml new file mode 100644 index 000000000..a9572c5cd --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/service-account.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "prom2teams.fullname" . }} + namespace: {{ include "prom2teams.namespace" . }} + labels: {{ include "prom2teams.labels" . | nindent 4 }} diff --git a/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/service.yaml b/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/service.yaml new file mode 100644 index 000000000..cc95cad35 --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/templates/service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "prom2teams.fullname" . }} + namespace: {{ include "prom2teams.namespace" . }} + labels: +{{ include "prom2teams.labels" . | indent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: 8089 + protocol: TCP + name: http + selector: + app.kubernetes.io/name: {{ include "prom2teams.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} diff --git a/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/values.yaml b/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/values.yaml new file mode 100644 index 000000000..1f21cca1a --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/charts/prom2teams/values.yaml @@ -0,0 +1,67 @@ +# Default values for prom2teams. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +global: + cattle: + systemDefaultRegistry: "" + namespaceOverride: "" + +nameOverride: "prom2teams" +fullnameOverride: "" + +replicaCount: 1 + +image: + repository: rancher/mirrored-idealista-prom2teams + tag: 4.2.0 + pullPolicy: IfNotPresent + +resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 200m + memory: 200Mi + +service: + type: ClusterIP + port: 8089 + +prom2teams: + host: 0.0.0.0 + port: 8089 + connector: the-connector-url + connectors: {} + # group_alerts_by can be one of + # ("name" | "description" | "instance" | "severity" | "status" | "summary" | "fingerprint" | "runbook_url") + group_alerts_by: + # loglevel can be one of (DEBUG | INFO | WARNING | ERROR | CRITICAL) + loglevel: INFO + templatepath: /opt/prom2teams/helmconfig/teams.j2 + config: /opt/prom2teams/helmconfig/config.ini + extraEnv: {} + +# Security Context properties +securityContext: + # enabled is a flag to enable Security Context + enabled: true + # runAsUser is the user ID used to run the container + runAsUser: 101 + # runAsGroup is the primary group ID used to run all processes within any container of the pod + runAsGroup: 101 + # fsGroup is the group ID associated with the container + fsGroup: 101 + # readOnlyRootFilesystem is a flag to enable readOnlyRootFilesystem for the Hazelcast security context + readOnlyRootFilesystem: true + +## Node labels for pod assignment +## Ref: https://kubernetes.io/docs/user-guide/node-selection/ +## +nodeSelector: {} + +## List of node taints to tolerate (requires Kubernetes >= 1.6) +tolerations: [] + +affinity: {} diff --git a/charts/rancher-alerting-drivers/101.0.1/charts/sachet/.helmignore b/charts/rancher-alerting-drivers/101.0.1/charts/sachet/.helmignore new file mode 100644 index 000000000..0e8a0eb36 --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/charts/sachet/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/rancher-alerting-drivers/101.0.1/charts/sachet/Chart.yaml b/charts/rancher-alerting-drivers/101.0.1/charts/sachet/Chart.yaml new file mode 100644 index 000000000..dd0d706a6 --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/charts/sachet/Chart.yaml @@ -0,0 +1,11 @@ +annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/hidden: "true" + catalog.cattle.io/os: linux + catalog.cattle.io/release-name: rancher-sachet +apiVersion: v2 +appVersion: 0.3.1 +description: A Helm chart for Sachet based on the upstream https://github.com/messagebird/sachet +name: sachet +type: application +version: 1.0.1 diff --git a/charts/rancher-alerting-drivers/101.0.1/charts/sachet/files/template.tmpl b/charts/rancher-alerting-drivers/101.0.1/charts/sachet/files/template.tmpl new file mode 100644 index 000000000..08f24e138 --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/charts/sachet/files/template.tmpl @@ -0,0 +1 @@ +# reference: https://github.com/messagebird/sachet/blob/master/examples/telegram.tmpl diff --git a/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/NOTES.txt b/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/NOTES.txt new file mode 100644 index 000000000..247a91fc1 --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/NOTES.txt @@ -0,0 +1,3 @@ +rancher-sachet is now installed on the cluster! +Please refer to the upstream documentation for configuration options: +https://github.com/messagebird/sachet diff --git a/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/_helpers.tpl b/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/_helpers.tpl new file mode 100644 index 000000000..eaa61fee5 --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/_helpers.tpl @@ -0,0 +1,79 @@ +{{- define "system_default_registry" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} +{{- end -}} +{{- end -}} + +{{/* +Windows cluster will add default taint for linux nodes, +add below linux tolerations to workloads could be scheduled to those linux nodes +*/}} + +{{- define "linux-node-tolerations" -}} +- key: "cattle.io/os" + value: "linux" + effect: "NoSchedule" + operator: "Equal" +{{- end -}} + +{{- define "linux-node-selector" -}} +{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}} +beta.kubernetes.io/os: linux +{{- else -}} +kubernetes.io/os: linux +{{- end -}} +{{- end -}} + +{{/* +Allow the release namespace to be overridden for multi-namespace deployments in combined charts +*/}} +{{- define "sachet.namespace" -}} +{{ default .Release.Namespace .Values.global.namespaceOverride }} +{{- end }} + +{{/* +Expand the name of the chart. +*/}} +{{- define "sachet.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "sachet.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "sachet.labels" -}} +helm.sh/chart: {{ printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{ include "sachet.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "sachet.selectorLabels" -}} +app.kubernetes.io/name: {{ include "sachet.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + + diff --git a/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/configmap-pre-install.yaml b/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/configmap-pre-install.yaml new file mode 100644 index 000000000..e8c63ac03 --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/configmap-pre-install.yaml @@ -0,0 +1,34 @@ +{{/*This file is applied when the operation is helm install and the target confimap does not exist. */}} +{{- if not (lookup "v1" "ConfigMap" (include "sachet.namespace" . ) (include "sachet.fullname" .)) }} +apiVersion: v1 +kind: ConfigMap +metadata: + namespace: {{ include "sachet.namespace" . }} + name: {{ include "sachet.fullname" . }} + labels: {{ include "sachet.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": pre-install, pre-upgrade + "helm.sh/hook-weight": "3" + "helm.sh/resource-policy": keep +data: + config.yaml: |- + {{- if and (not .Values.sachet.providers) (not .Values.sachet.receivers) }} + # please refer to the upstream documentation for configuration options: + # https://github.com/messagebird/sachet + # + # providers: + # aliyun: + # region_id: + # ... + # receivers: + # - name: 'team-sms' + # provider: 'aliyu' + # ... + {{- end }} + {{- with .Values.sachet.providers }} + providers: {{ toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.sachet.receivers }} + receivers: {{ toYaml . | nindent 6 }} + {{- end }} +{{- end }} diff --git a/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/deployment.yaml b/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/deployment.yaml new file mode 100644 index 000000000..17215eebd --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/deployment.yaml @@ -0,0 +1,75 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "sachet.fullname" . }} + namespace: {{ include "sachet.namespace" . }} + labels: {{ include "sachet.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: {{ include "sachet.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: {{ toYaml . | nindent 8 }} + {{- end }} + labels: {{ include "sachet.selectorLabels" . | nindent 8 }} + spec: + nodeSelector: {{ include "linux-node-selector" . | nindent 8 }} + {{- if .Values.nodeSelector }} + {{- toYaml .Values.nodeSelector | nindent 8 }} + {{- end }} + tolerations: {{ include "linux-node-tolerations" . | nindent 8 }} + {{- if .Values.tolerations }} + {{- toYaml .Values.tolerations | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: {{ toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: {{ toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "sachet.fullname" . }} + {{- with .Values.podSecurityContext }} + securityContext: {{ toYaml .Values.podSecurityContext | nindent 8 }} + {{- end }} + containers: + - name: {{ .Chart.Name }} + securityContext: {{ toYaml .Values.securityContext | nindent 12 }} + image: {{ include "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: 9876 + protocol: TCP + livenessProbe: + httpGet: + path: /-/live + port: http + readinessProbe: + httpGet: + path: /-/ready + port: http + volumeMounts: + - mountPath: /etc/sachet/ + name: config-volume + {{- with .Values.resources }} + resources: {{ toYaml .Values.resources | nindent 12 }} + {{- end }} + - name: config-reloader + securityContext: {{ toYaml .Values.securityContext | nindent 12 }} + image: {{ include "system_default_registry" . }}{{ .Values.configReloader.repository }}:{{ .Values.configReloader.tag }} + imagePullPolicy: {{ .Values.configReloader.pullPolicy }} + args: + - -volume-dir=/watch-config + - -webhook-method=POST + - -webhook-status-code=200 + - -webhook-url=http://127.0.0.1:{{ .Values.service.port }}/-/reload + volumeMounts: + - mountPath: /watch-config + name: config-volume + volumes: + - name: config-volume + configMap: + name: {{ include "sachet.fullname" . }} + defaultMode: 0777 diff --git a/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/psp.yaml b/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/psp.yaml new file mode 100644 index 000000000..a474a0d32 --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/psp.yaml @@ -0,0 +1,31 @@ +{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ include "sachet.fullname" . }}-psp + labels: {{ include "sachet.labels" . | nindent 4 }} +spec: + privileged: false + allowPrivilegeEscalation: false + hostNetwork: false + hostIPC: false + hostPID: false + runAsUser: + rule: 'MustRunAsNonRoot' + seLinux: + rule: 'RunAsAny' + supplementalGroups: + rule: 'MustRunAs' + ranges: + - min: 1 + max: 65535 + fsGroup: + rule: 'MustRunAs' + ranges: + - min: 1 + max: 65535 + readOnlyRootFilesystem: false + volumes: + - 'configMap' + - 'secret' +{{- end }} diff --git a/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/role.yaml b/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/role.yaml new file mode 100644 index 000000000..4b4296cf4 --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/role.yaml @@ -0,0 +1,17 @@ +{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "sachet.fullname" . }}-psp + namespace: {{ include "sachet.namespace" . }} + labels: {{ include "sachet.labels" . | nindent 4 }} +rules: + - apiGroups: + - policy + resourceNames: + - {{ include "sachet.fullname" . }}-psp + resources: + - podsecuritypolicies + verbs: + - use +{{- end }} diff --git a/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/rolebinding.yaml b/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/rolebinding.yaml new file mode 100644 index 000000000..000d7e7bd --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/rolebinding.yaml @@ -0,0 +1,15 @@ +{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "sachet.fullname" . }}-psp + namespace: {{ include "sachet.namespace" . }} + labels: {{ include "sachet.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "sachet.fullname" . }}-psp +subjects: + - kind: ServiceAccount + name: {{ include "sachet.fullname" . }} +{{- end }} diff --git a/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/service-account.yaml b/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/service-account.yaml new file mode 100644 index 000000000..8833f1b3b --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/service-account.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "sachet.fullname" . }} + namespace: {{ include "sachet.namespace" . }} + labels: {{ include "sachet.labels" . | nindent 4 }} diff --git a/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/service.yaml b/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/service.yaml new file mode 100644 index 000000000..216e8322c --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/charts/sachet/templates/service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "sachet.fullname" . }} + namespace: {{ include "sachet.namespace" . }} + labels: {{ include "sachet.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + {{- if contains "NodePort" .Values.service.type }} + nodePort: {{ .Values.service.nodePort }} + {{- end }} + selector: {{ include "sachet.selectorLabels" . | nindent 4 }} diff --git a/charts/rancher-alerting-drivers/101.0.1/charts/sachet/values.yaml b/charts/rancher-alerting-drivers/101.0.1/charts/sachet/values.yaml new file mode 100644 index 000000000..c030c6e79 --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/charts/sachet/values.yaml @@ -0,0 +1,67 @@ +# Default values for sachet. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +global: + cattle: + systemDefaultRegistry: "" + namespaceOverride: "" + +nameOverride: "sachet" +fullnameOverride: "" + +configReloader: + repository: rancher/mirrored-jimmidyson-configmap-reload + pullPolicy: IfNotPresent + tag: v0.8.0 + +sachet: + # reference: https://github.com/messagebird/sachet/blob/master/examples/config.yaml + providers: {} + + receivers: [] + +replicaCount: 1 + +image: + repository: rancher/mirrored-messagebird-sachet + pullPolicy: IfNotPresent + tag: 0.3.1 + +imagePullSecrets: [] + +podAnnotations: {} + +podSecurityContext: + +securityContext: + runAsUser: 1000 + runAsNonRoot: true + runAsGroup: 1000 + +service: + type: ClusterIP + port: 9876 + nodePort: 30001 + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +## Node labels for pod assignment +## Ref: https://kubernetes.io/docs/user-guide/node-selection/ +## +nodeSelector: {} + +## List of node taints to tolerate (requires Kubernetes >= 1.6) +tolerations: [] + +affinity: {} diff --git a/charts/rancher-alerting-drivers/101.0.1/questions.yml b/charts/rancher-alerting-drivers/101.0.1/questions.yml new file mode 100644 index 000000000..741808c23 --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/questions.yml @@ -0,0 +1,14 @@ +categories: + - monitoring +namespace: cattle-monitoring-system +questions: + - variable: prom2teams.enabled + default: false + label: Enable Microsoft Teams + type: boolean + group: "General" + - variable: sachet.enabled + default: false + label: Enable SMS + type: boolean + group: "General" diff --git a/charts/rancher-alerting-drivers/101.0.1/templates/NOTES.txt b/charts/rancher-alerting-drivers/101.0.1/templates/NOTES.txt new file mode 100644 index 000000000..59c1415e0 --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/templates/NOTES.txt @@ -0,0 +1,2 @@ +rancher-alerting-drivers is now installed on the cluster! +Please refer to the upstream documentation for each Driver for configuration options. \ No newline at end of file diff --git a/charts/rancher-alerting-drivers/101.0.1/templates/_helpers.tpl b/charts/rancher-alerting-drivers/101.0.1/templates/_helpers.tpl new file mode 100644 index 000000000..e1dbe3370 --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/templates/_helpers.tpl @@ -0,0 +1,117 @@ +{{- define "system_default_registry" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} +{{- end -}} +{{- end -}} + +{{/* +Windows cluster will add default taint for linux nodes, +add below linux tolerations to workloads could be scheduled to those linux nodes +*/}} + +{{- define "linux-node-tolerations" -}} +- key: "cattle.io/os" + value: "linux" + effect: "NoSchedule" + operator: "Equal" +{{- end -}} + +{{- define "linux-node-selector" -}} +{{- if semverCompare "<1.14-0" .Capabilities.KubeVersion.GitVersion -}} +beta.kubernetes.io/os: linux +{{- else -}} +kubernetes.io/os: linux +{{- end -}} +{{- end -}} + +{{/* +Expand the name of the chart. +*/}} +{{- define "drivers.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "drivers.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "drivers.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "drivers.labels" -}} +helm.sh/chart: {{ include "drivers.chart" . }} +{{ include "drivers.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "drivers.selectorLabels" -}} +app.kubernetes.io/name: {{ include "drivers.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "drivers.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "drivers.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +https://github.com/helm/helm/issues/4535#issuecomment-477778391 +Usage: {{ include "call-nested" (list . "SUBCHART_NAME" "TEMPLATE") }} +e.g. {{ include "call-nested" (list . "grafana" "grafana.fullname") }} +*/}} +{{- define "call-nested" }} +{{- $dot := index . 0 }} +{{- $subchart := index . 1 | splitList "." }} +{{- $template := index . 2 }} +{{- $values := $dot.Values }} +{{- range $subchart }} +{{- $values = index $values . }} +{{- end }} +{{- include $template (dict "Chart" (dict "Name" (last $subchart)) "Values" $values "Release" $dot.Release "Capabilities" $dot.Capabilities) }} +{{- end }} + + +{{/* +Get the list of configMaps to be managed +*/}} +{{- define "drivers.configmapList" -}} +{{- if .Values.sachet.enabled -}} +- {{ include "call-nested" (list . "sachet" "sachet.fullname") }} +{{- end }} +{{- if .Values.prom2teams.enabled -}} +- {{ include "call-nested" (list . "prom2teams" "prom2teams.fullname") }} +{{- end }} +{{- end }} diff --git a/charts/rancher-alerting-drivers/101.0.1/templates/cluster-role.yaml b/charts/rancher-alerting-drivers/101.0.1/templates/cluster-role.yaml new file mode 100644 index 000000000..e3022a7ca --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/templates/cluster-role.yaml @@ -0,0 +1,50 @@ +{{- if and (not .Values.sachet.enabled) (not .Values.prom2teams.enabled) -}} +{{- fail "At least one Driver must be enabled to install the chart. " }} +{{- end -}} + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "drivers.fullname" . }}-admin + labels: {{ include "drivers.labels" . | nindent 4 }} + rbac.authorization.k8s.io/aggregate-to-admin: "true" +rules: + - apiGroups: + - "" + resources: + - configmaps + resourceNames: {{ include "drivers.configmapList" . | nindent 6 }} + verbs: + - "*" +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "drivers.fullname" . }}-edit + labels: {{ include "drivers.labels" . | nindent 4 }} + rbac.authorization.k8s.io/aggregate-to-edit: "true" +rules: + - apiGroups: + - "" + resources: + - configmaps + resourceNames: {{ include "drivers.configmapList" . | nindent 6 }} + verbs: + - "*" +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "drivers.fullname" . }}-view + labels: {{ include "drivers.labels" . | nindent 4 }} + rbac.authorization.k8s.io/aggregate-to-view: "true" +rules: + - apiGroups: + - "" + resources: + - configmaps + resourceNames: {{ include "drivers.configmapList" . | nindent 6 }} + verbs: + - 'get' + - 'list' + - 'watch' diff --git a/charts/rancher-alerting-drivers/101.0.1/templates/hardened.yaml b/charts/rancher-alerting-drivers/101.0.1/templates/hardened.yaml new file mode 100644 index 000000000..5a5bc247f --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/templates/hardened.yaml @@ -0,0 +1,126 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "drivers.fullname" . }}-patch-sa + namespace: {{ .Release.Namespace }} + labels: {{ include "drivers.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": post-install, post-upgrade + "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation +spec: + backoffLimit: 1 + template: + spec: + serviceAccountName: {{ include "drivers.fullname" . }}-patch-sa + securityContext: + runAsNonRoot: true + runAsUser: 1000 + restartPolicy: Never + nodeSelector: {{ include "linux-node-selector" . | nindent 8 }} +{{- if .Values.nodeSelector }} +{{ toYaml .Values.nodeSelector | indent 8 }} +{{- end }} + tolerations: {{ include "linux-node-tolerations" . | nindent 8 }} +{{- if .Values.tolerations }} +{{ toYaml .Values.tolerations | indent 8 }} +{{- end }} + containers: + - name: {{ include "drivers.fullname" . }}-patch-sa + image: "{{ include "system_default_registry" . }}{{ .Values.global.kubectl.repository }}:{{ .Values.global.kubectl.tag }}" + imagePullPolicy: IfNotPresent + command: ["kubectl", "-n", {{ .Release.Namespace | quote }}, "patch", "serviceaccount", "default", "-p", "{\"automountServiceAccountToken\": false}"] +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "drivers.fullname" . }}-patch-sa + namespace: {{ .Release.Namespace }} + labels: {{ include "drivers.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": post-install, post-upgrade + "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "drivers.fullname" . }}-patch-sa + labels: {{ include "drivers.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": post-install, post-upgrade + "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation +rules: + - apiGroups: [""] + resources: ["serviceaccounts"] + verbs: ["get", "patch"] + {{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }} + - apiGroups: ["policy"] + resources: ["podsecuritypolicies"] + verbs: ["use"] + resourceNames: + - {{ include "drivers.fullname" . }}-patch-sa + {{- end }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "drivers.fullname" . }}-patch-sa + labels: {{ include "drivers.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": post-install, post-upgrade + "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "drivers.fullname" . }}-patch-sa +subjects: + - kind: ServiceAccount + name: {{ include "drivers.fullname" . }}-patch-sa + namespace: {{ .Release.Namespace }} +--- +{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ include "drivers.fullname" . }}-patch-sa + labels: {{ include "drivers.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": post-install, post-upgrade + "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation +spec: + privileged: false + hostNetwork: false + hostIPC: false + hostPID: false + runAsUser: + rule: 'MustRunAsNonRoot' + seLinux: + rule: 'RunAsAny' + supplementalGroups: + rule: 'MustRunAs' + ranges: + - min: 1 + max: 65535 + fsGroup: + rule: 'MustRunAs' + ranges: + - min: 1 + max: 65535 + readOnlyRootFilesystem: false + volumes: + - 'secret' +{{- end }} +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ include "drivers.fullname" . }}-default-allow-all + namespace: {{ .Release.Namespace }} +spec: + podSelector: {} + ingress: + - {} + egress: + - {} + policyTypes: + - Ingress + - Egress diff --git a/charts/rancher-alerting-drivers/101.0.1/values.yaml b/charts/rancher-alerting-drivers/101.0.1/values.yaml new file mode 100644 index 000000000..48b77ef94 --- /dev/null +++ b/charts/rancher-alerting-drivers/101.0.1/values.yaml @@ -0,0 +1,27 @@ +# Default values for rancher-alerting-driver. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +global: + cattle: + # the registry where all images will be pulled from + systemDefaultRegistry: "" + kubectl: + repository: rancher/kubectl + tag: v1.20.2 + # set this value if you want the sub-charts to be installed into + # a namespace rather than where this chart is installed + namespaceOverride: "" + +prom2teams: + enabled: false + +sachet: + enabled: false + +## Node labels for pod assignment +## Ref: https://kubernetes.io/docs/user-guide/node-selection/ +## +nodeSelector: {} +## List of node taints to tolerate (requires Kubernetes >= 1.6) +tolerations: [] diff --git a/index.yaml b/index.yaml index 299f4da8a..c001720bb 100755 --- a/index.yaml +++ b/index.yaml @@ -3480,6 +3480,38 @@ entries: - assets/rancher-aks-operator-crd/rancher-aks-operator-crd-100.0.0+up1.0.1.tgz version: 100.0.0+up1.0.1 rancher-alerting-drivers: + - annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: Alerting Drivers + catalog.cattle.io/kube-version: '>= 1.16.0-0 < 1.26.0-0' + catalog.cattle.io/os: linux + catalog.cattle.io/permits-os: linux,windows + catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0' + catalog.cattle.io/release-name: rancher-alerting-drivers + catalog.cattle.io/type: cluster-tool + catalog.cattle.io/upstream-version: 100.0.1 + apiVersion: v2 + appVersion: 1.16.0 + created: "2022-12-20T08:57:54.694788904+05:30" + dependencies: + - condition: prom2teams.enabled + name: prom2teams + repository: file://./charts/prom2teams + - condition: sachet.enabled + name: sachet + repository: file://./charts/sachet + description: The manager for third-party webhook receivers used in Prometheus + Alertmanager + digest: 0ae55e483f38a4b1ffdbb025178b3822f9534c6f2dae8401fd81c26ef587a62f + icon: https://charts.rancher.io/assets/logos/alerting-drivers.svg + keywords: + - monitoring + - alertmanger + - webhook + name: rancher-alerting-drivers + urls: + - assets/rancher-alerting-drivers/rancher-alerting-drivers-101.0.1.tgz + version: 101.0.1 - annotations: catalog.cattle.io/certified: rancher catalog.cattle.io/display-name: Alerting Drivers