andata
/
rancher-partner-charts
mirror of https://git.rancher.io/partner-charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Charts CI 

```
Updated:
  argo/argo-cd:
    - 5.24.0
  asserts/asserts:
    - 1.32.0
  bitnami/airflow:
    - 14.0.13
  bitnami/cassandra:
    - 10.0.4
  bitnami/kafka:
    - 21.1.1
  bitnami/mariadb:
    - 11.5.1
  bitnami/mysql:
    - 9.5.1
  bitnami/postgresql:
    - 12.2.2
  bitnami/redis:
    - 17.8.2
  bitnami/spark:
    - 6.3.18
  bitnami/tomcat:
    - 10.5.18
  bitnami/wordpress:
    - 15.2.47
  bitnami/zookeeper:
    - 11.1.4
  crowdstrike/falcon-sensor:
    - 1.18.5
  dynatrace/dynatrace-operator:
    - 0.10.3
  f5/f5-bigip-ctlr:
    - 0.0.24
  gitlab/gitlab:
    - 6.9.2
  haproxy/haproxy:
    - 1.28.3
  redpanda/redpanda:
    - 2.12.1
  speedscale/speedscale-operator:
    - 1.2.24
  sysdig/sysdig:
    - 1.15.75
  triggermesh/triggermesh:
    - 0.7.0
  trilio/k8s-triliovault-operator:
    - 3.0.3
```
pull/679/head
github-actions[bot] 2023-03-02 16:00:02 +00:00
parent c577bb15c6
commit 1679abb487
224 changed files with 6914 additions and 2334 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
assets/argo/argo-cd-5.24.0.tgz Normal file
View File

Binary file not shown.

BIN
assets/asserts/asserts-1.32.0.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/airflow-14.0.13.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/cassandra-10.0.4.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/kafka-21.1.1.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/mariadb-11.5.1.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/mysql-9.5.1.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/postgresql-12.2.2.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/redis-17.8.2.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/spark-6.3.18.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/tomcat-10.5.18.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/wordpress-15.2.47.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/zookeeper-11.1.4.tgz Normal file
View File

Binary file not shown.

BIN
assets/crowdstrike/falcon-sensor-1.18.5.tgz Normal file
View File

Binary file not shown.

BIN
assets/dynatrace/dynatrace-operator-0.10.3.tgz Normal file
View File

Binary file not shown.

BIN
assets/f5/f5-bigip-ctlr-0.0.2401.tgz Normal file
View File

Binary file not shown.

BIN
assets/gitlab/gitlab-6.9.2.tgz Normal file
View File

Binary file not shown.

BIN
assets/haproxy/haproxy-1.28.3.tgz Normal file
View File

Binary file not shown.

BIN
assets/redpanda/redpanda-2.12.1.tgz Normal file
View File

Binary file not shown.

BIN
assets/speedscale/speedscale-operator-1.2.24.tgz Normal file
View File

Binary file not shown.

BIN
assets/sysdig/sysdig-1.15.75.tgz Normal file
View File

Binary file not shown.

BIN
assets/triggermesh/triggermesh-0.7.0.tgz Normal file
View File

Binary file not shown.

BIN
assets/trilio/k8s-triliovault-operator-3.0.3.tgz Normal file
View File

Binary file not shown.

14
charts/argo/argo-cd/Chart.yaml
View File

@ -1,7 +1,17 @@
annotations:
artifacthub.io/changes: |
- kind: added
description: Global nodeSelector configuration
- kind: added
description: Global tolerations configuration
- kind: added
description: Global topologySpreadConstraints configuration
- kind: added
description: Missing component level topologySpreadConstraints configuration
- kind: added
description: Missing component level priorityClassName configuration
- kind: changed
description: Upgrade Argo CD to v.2.6.3
description: Global affinity preset can be disabled
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Argo CD
catalog.cattle.io/kube-version: '>=1.22.0-0'
@ -29,4 +39,4 @@ name: argo-cd
sources:
- https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd
- https://github.com/argoproj/argo-cd
version: 5.23.3
version: 5.24.0

69
charts/argo/argo-cd/README.md
View File

@ -105,7 +105,12 @@ For full list of changes please check ArtifactHub [changelog].
Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version.
### 5.21.0
### 5.24.0
This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`).
Default `global.affinity` rules can be disabled when `none` value is used for the preset.
### 5.22.0
This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely.
@ -386,8 +391,8 @@ NAME: my-release
|-----|------|---------|-------------|
| global.additionalLabels | object | `{}` | Common labels for the all resources |
| global.affinity.nodeAffinity.matchExpressions | list | `[]` | Default match expressions for node affinity |
| global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `soft` or `hard` |
| global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `soft` or `hard` |
| global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `none`, `soft` or `hard` |
| global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `none`, `soft` or `hard` |
| global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments |
| global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files |
| global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments |
@ -398,11 +403,15 @@ NAME: my-release
| global.logging.level | string | `"info"` | Set the global logging level. One of: `debug`, `info`, `warn` or `error` |
| global.networkPolicy.create | bool | `false` | Create NetworkPolicy objects for all components |
| global.networkPolicy.defaultDenyIngress | bool | `false` | Default deny all ingress traffic |
| global.nodeSelector | object | `{}` | Default node selector for all components |
| global.podAnnotations | object | `{}` | Annotations for the all deployed pods |
| global.podLabels | object | `{}` | Labels for the all deployed pods |
| global.priorityClassName | string | `""` | Default priority class for all components |
| global.revisionHistoryLimit | int | `3` | Number of old deployment ReplicaSets to retain. The rest will be garbage collected. |
| global.securityContext | object | `{}` (See [values.yaml]) | Toggle and define pod-level security context. |
| global.statefulsetAnnotations | object | `{}` | Annotations for the all deployed Statefulsets |
| global.tolerations | object | `{}` | Default tolerations for all components |
| global.topologySpreadConstraints | list | `[]` | Default [TopologySpreadConstraints] rules for all components |
## Argo CD Configs
@ -505,7 +514,7 @@ NAME: my-release
| controller.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
| controller.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
| controller.name | string | `"application-controller"` | Application controller name string |
| controller.nodeSelector | object | `{}` | [Node selector] |
| controller.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
| controller.pdb.annotations | object | `{}` | Annotations to be added to application controller pdb |
| controller.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the application controller |
| controller.pdb.labels | object | `{}` | Labels to be added to application controller pdb |
@ -513,7 +522,7 @@ NAME: my-release
| controller.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
| controller.podAnnotations | object | `{}` | Annotations to be added to application controller pods |
| controller.podLabels | object | `{}` | Labels to be added to application controller pods |
| controller.priorityClassName | string | `""` | Priority class for the application controller pods |
| controller.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the application controller pods |
| controller.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
| controller.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated |
| controller.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] |
@ -527,8 +536,8 @@ NAME: my-release
| controller.serviceAccount.labels | object | `{}` | Labels applied to created service account |
| controller.serviceAccount.name | string | `"argocd-application-controller"` | Service account name |
| controller.statefulsetAnnotations | object | `{}` | Annotations for the application controller StatefulSet |
| controller.tolerations | list | `[]` | [Tolerations] for use with node taints |
| controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the application controller |
| controller.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints |
| controller.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller |
| controller.volumeMounts | list | `[]` | Additional volumeMounts to the application controller main container |
| controller.volumes | list | `[]` | Additional volumes to the application controller pod |
@ -588,7 +597,7 @@ NAME: my-release
| repoServer.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
| repoServer.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
| repoServer.name | string | `"repo-server"` | Repo server name |
| repoServer.nodeSelector | object | `{}` | [Node selector] |
| repoServer.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
| repoServer.pdb.annotations | object | `{}` | Annotations to be added to repo server pdb |
| repoServer.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the repo server |
| repoServer.pdb.labels | object | `{}` | Labels to be added to repo server pdb |
@ -596,7 +605,7 @@ NAME: my-release
| repoServer.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
| repoServer.podAnnotations | object | `{}` | Annotations to be added to repo server pods |
| repoServer.podLabels | object | `{}` | Labels to be added to repo server pods |
| repoServer.priorityClassName | string | `""` | Priority class for the repo server |
| repoServer.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the repo server pods |
| repoServer.rbac | list | `[]` | Repo server rbac rules |
| repoServer.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
| repoServer.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated |
@ -614,8 +623,8 @@ NAME: my-release
| repoServer.serviceAccount.create | bool | `true` | Create repo server service account |
| repoServer.serviceAccount.labels | object | `{}` | Labels applied to created service account |
| repoServer.serviceAccount.name | string | `""` | Repo server service account name |
| repoServer.tolerations | list | `[]` | [Tolerations] for use with node taints |
| repoServer.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the repo server |
| repoServer.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints |
| repoServer.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the repo server |
| repoServer.volumeMounts | list | `[]` | Additional volumeMounts to the repo server main container |
| repoServer.volumes | list | `[]` | Additional volumes to the repo server pod |
@ -721,7 +730,7 @@ NAME: my-release
| server.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
| server.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
| server.name | string | `"server"` | Argo CD server name |
| server.nodeSelector | object | `{}` | [Node selector] |
| server.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
| server.pdb.annotations | object | `{}` | Annotations to be added to Argo CD server pdb |
| server.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Argo CD server |
| server.pdb.labels | object | `{}` | Labels to be added to Argo CD server pdb |
@ -729,7 +738,7 @@ NAME: my-release
| server.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
| server.podAnnotations | object | `{}` | Annotations to be added to server pods |
| server.podLabels | object | `{}` | Labels to be added to server pods |
| server.priorityClassName | string | `""` | Priority class for the Argo CD server |
| server.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the Argo CD server pods |
| server.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
| server.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated |
| server.readinessProbe.periodSeconds | int | `10` | How often (in seconds) to perform the [probe] |
@ -761,8 +770,8 @@ NAME: my-release
| server.serviceAccount.create | bool | `true` | Create server service account |
| server.serviceAccount.labels | object | `{}` | Labels applied to created service account |
| server.serviceAccount.name | string | `"argocd-server"` | Server service account name |
| server.tolerations | list | `[]` | [Tolerations] for use with node taints |
| server.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the Argo CD server |
| server.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints |
| server.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the Argo CD server |
| server.volumeMounts | list | `[]` | Additional volumeMounts to the server main container |
| server.volumes | list | `[]` | Additional volumes to the server pod |
@ -840,7 +849,7 @@ server:
| dex.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
| dex.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
| dex.name | string | `"dex-server"` | Dex name |
| dex.nodeSelector | object | `{}` | [Node selector] |
| dex.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
| dex.pdb.annotations | object | `{}` | Annotations to be added to Dex server pdb |
| dex.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Dex server |
| dex.pdb.labels | object | `{}` | Labels to be added to Dex server pdb |
@ -848,7 +857,7 @@ server:
| dex.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
| dex.podAnnotations | object | `{}` | Annotations to be added to the Dex server pods |
| dex.podLabels | object | `{}` | Labels to be added to the Dex server pods |
| dex.priorityClassName | string | `""` | Priority class for dex |
| dex.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the dex pods |
| dex.readinessProbe.enabled | bool | `false` | Enable Kubernetes readiness probe for Dex >= 2.28.0 |
| dex.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
| dex.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated |
@ -865,8 +874,8 @@ server:
| dex.servicePortHttp | int | `5556` | Service port for HTTP access |
| dex.servicePortHttpName | string | `"http"` | Service port name for HTTP access |
| dex.servicePortMetrics | int | `5558` | Service port for metrics access |
| dex.tolerations | list | `[]` | [Tolerations] for use with node taints |
| dex.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to dex |
| dex.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints |
| dex.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to dex |
| dex.volumeMounts | list | `[]` | Additional volumeMounts to the dex main container |
| dex.volumes | list | `[]` | Additional volumes to the dex pod |
@ -917,7 +926,7 @@ server:
| redis.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
| redis.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
| redis.name | string | `"redis"` | Redis name |
| redis.nodeSelector | object | `{}` | [Node selector] |
| redis.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
| redis.pdb.annotations | object | `{}` | Annotations to be added to Redis pdb |
| redis.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Redis |
| redis.pdb.labels | object | `{}` | Labels to be added to Redis pdb |
@ -925,7 +934,7 @@ server:
| redis.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
| redis.podAnnotations | object | `{}` | Annotations to be added to the Redis server pods |
| redis.podLabels | object | `{}` | Labels to be added to the Redis server pods |
| redis.priorityClassName | string | `""` | Priority class for redis |
| redis.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for redis pods |
| redis.resources | object | `{}` | Resource limits and requests for redis |
| redis.securityContext | object | See [values.yaml] | Redis pod-level security context |
| redis.service.annotations | object | `{}` | Redis service annotations |
@ -935,8 +944,8 @@ server:
| redis.serviceAccount.create | bool | `false` | Create a service account for the redis pod |
| redis.serviceAccount.name | string | `""` | Service account name for redis pod |
| redis.servicePort | int | `6379` | Redis service port |
| redis.tolerations | list | `[]` | [Tolerations] for use with node taints |
| redis.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to redis |
| redis.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints |
| redis.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to redis |
| redis.volumeMounts | list | `[]` | Additional volumeMounts to the redis container |
| redis.volumes | list | `[]` | Additional volumes to the redis pod |
@ -1029,7 +1038,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| applicationSet.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
| applicationSet.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
| applicationSet.name | string | `"applicationset-controller"` | ApplicationSet controller name string |
| applicationSet.nodeSelector | object | `{}` | [Node selector] |
| applicationSet.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
| applicationSet.pdb.annotations | object | `{}` | Annotations to be added to ApplicationSet controller pdb |
| applicationSet.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the ApplicationSet controller |
| applicationSet.pdb.labels | object | `{}` | Labels to be added to ApplicationSet controller pdb |
@ -1037,7 +1046,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| applicationSet.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
| applicationSet.podAnnotations | object | `{}` | Annotations for the ApplicationSet controller pods |
| applicationSet.podLabels | object | `{}` | Labels for the ApplicationSet controller pods |
| applicationSet.priorityClassName | string | `""` | If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. |
| applicationSet.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the ApplicationSet controller pods |
| applicationSet.readinessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for ApplicationSet controller |
| applicationSet.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
| applicationSet.readinessProbe.initialDelaySeconds | int | `10` | Number of seconds after the container has started before [probe] is initiated |
@ -1055,7 +1064,8 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| applicationSet.serviceAccount.create | bool | `true` | Create ApplicationSet controller service account |
| applicationSet.serviceAccount.labels | object | `{}` | Labels applied to created service account |
| applicationSet.serviceAccount.name | string | `"argocd-applicationset-controller"` | ApplicationSet controller service account name |
| applicationSet.tolerations | list | `[]` | [Tolerations] for use with node taints |
| applicationSet.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints |
| applicationSet.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the ApplicationSet controller |
| applicationSet.webhook.ingress.annotations | object | `{}` | Additional ingress annotations |
| applicationSet.webhook.ingress.enabled | bool | `false` | Enable an ingress resource for Webhooks |
| applicationSet.webhook.ingress.extraPaths | list | `[]` | Additional ingress paths |
@ -1107,7 +1117,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| notifications.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
| notifications.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
| notifications.name | string | `"notifications-controller"` | Notifications controller name string |
| notifications.nodeSelector | object | `{}` | [Node selector] |
| notifications.nodeSelector | object | `{}` (defaults to global.nodeSelector) | [Node selector] |
| notifications.notifiers | object | See [values.yaml] | Configures notification services such as slack, email or custom webhook |
| notifications.pdb.annotations | object | `{}` | Annotations to be added to notifications controller pdb |
| notifications.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the notifications controller |
@ -1116,7 +1126,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| notifications.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
| notifications.podAnnotations | object | `{}` | Annotations to be applied to the notifications controller Pods |
| notifications.podLabels | object | `{}` | Labels to be applied to the notifications controller Pods |
| notifications.priorityClassName | string | `""` | Priority class for the notifications controller pods |
| notifications.priorityClassName | string | `""` (defaults to global.priorityClassName) | Priority class for the notifications controller pods |
| notifications.resources | object | `{}` | Resource limits and requests for the notifications controller |
| notifications.secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret |
| notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret |
@ -1128,7 +1138,8 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| notifications.serviceAccount.name | string | `"argocd-notifications-controller"` | Notification controller service account name |
| notifications.subscriptions | list | `[]` | Contains centrally managed global application subscriptions |
| notifications.templates | object | `{}` | The notification template is used to generate the notification content |
| notifications.tolerations | list | `[]` | [Tolerations] for use with node taints |
| notifications.tolerations | list | `[]` (defaults to global.tolerations) | [Tolerations] for use with node taints |
| notifications.topologySpreadConstraints | list | `[]` (defaults to global.topologySpreadConstraints) | Assign custom [TopologySpreadConstraints] rules to the application controller |
| notifications.triggers | object | `{}` | The trigger defines the condition when the notification should be sent |
----------------------------------------------

15
charts/argo/argo-cd/templates/_common.tpl
View File

@ -78,16 +78,18 @@ Node affinity
{{- toYaml . -}}
{{- else -}}
{{- $preset := .context.Values.global.affinity -}}
{{- if (eq $preset.podAntiAffinity "soft") }}
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
{{- if (eq $preset.podAntiAffinity "soft") }}
- weight: 100
podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }}
topologyKey: kubernetes.io/hostname
{{- else }}
{{- else if (eq $preset.podAntiAffinity "hard") }}
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
@ -99,21 +101,22 @@ podAntiAffinity:
matchLabels:
app.kubernetes.io/name: {{ include "argo-cd.name" .context }}-{{ .component.name }}
topologyKey: kubernetes.io/hostname
{{- end }}
{{- end }}
{{- with $preset.nodeAffinity.matchExpressions }}
{{- if (eq $preset.nodeAffinity.type "soft") }}
nodeAffinity:
{{- if (eq $preset.nodeAffinity.type "soft") }}
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 1
preference:
matchExpressions:
{{- toYaml . | nindent 6 }}
{{- else }}
{{- else if (eq $preset.nodeAffinity.type "hard") }}
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- end }}
{{- end -}}
{{- end -}}
{{- end -}}

16
charts/argo/argo-cd/templates/argocd-application-controller/statefulset.yaml
View File

@ -45,6 +45,9 @@ spec:
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.controller.priorityClassName | default .Values.global.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
serviceAccountName: {{ include "argo-cd.controllerServiceAccountName" . }}
containers:
- command:
@ -269,17 +272,19 @@ spec:
initContainers:
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with include "argo-cd.affinity" (dict "context" . "component" .Values.controller) }}
affinity:
{{- include "argo-cd.affinity" (dict "context" . "component" .Values.controller) | nindent 8 }}
{{- with .Values.controller.nodeSelector }}
{{- trim . | nindent 8 }}
{{- end }}
{{- with .Values.controller.nodeSelector | default .Values.global.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.controller.tolerations }}
{{- with .Values.controller.tolerations | default .Values.global.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.controller.topologySpreadConstraints }}
{{- with .Values.controller.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }}
topologySpreadConstraints:
{{- range $constraint := . }}
- {{ toYaml $constraint | nindent 8 | trim }}
@ -307,9 +312,6 @@ spec:
path: tls.key
- key: ca.crt
path: ca.crt
{{- with .Values.controller.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
hostNetwork: {{ .Values.controller.hostNetwork }}
{{- with .Values.controller.dnsConfig }}
dnsConfig:

19
charts/argo/argo-cd/templates/argocd-applicationset/deployment.yaml
View File

@ -43,6 +43,9 @@ spec:
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.applicationSet.priorityClassName | default .Values.global.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }}
containers:
- name: {{ .Values.applicationSet.name }}
@ -198,8 +201,10 @@ spec:
initContainers:
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with include "argo-cd.affinity" (dict "context" . "component" .Values.applicationSet) }}
affinity:
{{- include "argo-cd.affinity" (dict "context" . "component" .Values.applicationSet) | nindent 8 }}
{{- trim . | nindent 8 }}
{{- end }}
{{- with .Values.applicationSet.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
@ -208,8 +213,16 @@ spec:
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.applicationSet.priorityClassName }}
priorityClassName: {{ . }}
{{- with .Values.applicationSet.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }}
topologySpreadConstraints:
{{- range $constraint := . }}
- {{ toYaml $constraint | nindent 8 | trim }}
{{- if not $constraint.labelSelector }}
labelSelector:
matchLabels:
{{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.applicationSet.name) | nindent 12 }}
{{- end }}
{{- end }}
{{- end }}
volumes:
{{- with .Values.applicationSet.extraVolumes }}

23
charts/argo/argo-cd/templates/argocd-notifications/deployment.yaml
View File

@ -45,6 +45,9 @@ spec:
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.priorityClassName | default .Values.global.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
serviceAccountName: {{ include "argo-cd.notificationsServiceAccountName" . }}
containers:
- name: {{ .Values.notifications.name }}
@ -92,18 +95,28 @@ spec:
initContainers:
{{- tpl (toYaml . ) $ | nindent 8 }}
{{- end }}
{{- with include "argo-cd.affinity" (dict "context" . "component" .Values.notifications) }}
affinity:
{{- include "argo-cd.affinity" (dict "context" . "component" .Values.notifications) | nindent 8 }}
{{- with .Values.notifications.nodeSelector }}
{{- trim . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.nodeSelector | default .Values.global.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.tolerations }}
{{- with .Values.notifications.tolerations | default .Values.global.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.priorityClassName }}
priorityClassName: {{ . }}
{{- with .Values.notifications.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }}
topologySpreadConstraints:
{{- range $constraint := . }}
- {{ toYaml $constraint | nindent 8 | trim }}
{{- if not $constraint.labelSelector }}
labelSelector:
matchLabels:
{{- include "argo-cd.selectorLabels" (dict "context" $ "name" $.Values.notifications.name) | nindent 12 }}
{{- end }}
{{- end }}
{{- end }}
volumes:
{{- with .Values.notifications.extraVolumes }}

16
charts/argo/argo-cd/templates/argocd-repo-server/deployment.yaml
View File

@ -48,6 +48,9 @@ spec:
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.repoServer.priorityClassName | default .Values.global.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
serviceAccountName: {{ include "argo-cd.repoServerServiceAccountName" . }}
containers:
- name: {{ .Values.repoServer.name }}
@ -295,17 +298,19 @@ spec:
{{- with .Values.repoServer.initContainers }}
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with include "argo-cd.affinity" (dict "context" . "component" .Values.repoServer) }}
affinity:
{{- include "argo-cd.affinity" (dict "context" . "component" .Values.repoServer) | nindent 8 }}
{{- with .Values.repoServer.nodeSelector }}
{{- trim . | nindent 8 }}
{{- end }}
{{- with .Values.repoServer.nodeSelector | default .Values.global.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.repoServer.tolerations }}
{{- with .Values.repoServer.tolerations | default .Values.global.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.repoServer.topologySpreadConstraints }}
{{- with .Values.repoServer.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }}
topologySpreadConstraints:
{{- range $constraint := . }}
- {{ toYaml $constraint | nindent 8 | trim }}
@ -350,9 +355,6 @@ spec:
path: tls.key
- key: ca.crt
path: ca.crt
{{- with .Values.repoServer.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
hostNetwork: {{ .Values.repoServer.hostNetwork }}
{{- with .Values.repoServer.dnsConfig }}
dnsConfig:

16
charts/argo/argo-cd/templates/argocd-server/deployment.yaml
View File

@ -45,6 +45,9 @@ spec:
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.server.priorityClassName | default .Values.global.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
serviceAccountName: {{ include "argo-cd.serverServiceAccountName" . }}
containers:
- name: {{ .Values.server.name }}
@ -353,17 +356,19 @@ spec:
initContainers:
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with include "argo-cd.affinity" (dict "context" . "component" .Values.server) }}
affinity:
{{- include "argo-cd.affinity" (dict "context" . "component" .Values.server) | nindent 8 }}
{{- with .Values.server.nodeSelector }}
{{- trim . | nindent 8 }}
{{- end }}
{{- with .Values.server.nodeSelector | default .Values.global.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.server.tolerations }}
{{- with .Values.server.tolerations | default .Values.global.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.server.topologySpreadConstraints }}
{{- with .Values.server.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }}
topologySpreadConstraints:
{{- range $constraint := . }}
- {{ toYaml $constraint | nindent 8 | trim }}
@ -416,9 +421,6 @@ spec:
path: tls.crt
- key: ca.crt
path: ca.crt
{{- with .Values.server.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
hostNetwork: {{ .Values.server.hostNetwork }}
{{- with .Values.server.dnsConfig }}
dnsConfig:

8
charts/argo/argo-cd/templates/argocd-server/role.yaml
View File

@ -42,3 +42,11 @@ rules:
verbs:
- create
- list
{{- if eq (toString (index (coalesce .Values.server.config .Values.configs.cm) "exec.enabled")) "true" }}
- apiGroups:
- ""
resources:
- pods/exec
verbs:
- create
{{- end }}

20
charts/argo/argo-cd/templates/dex/deployment.yaml
View File

@ -47,7 +47,10 @@ spec:
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "argo-cd.dexServiceAccountName" . }}
{{- with .Values.dex.priorityClassName | default .Values.global.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }}
containers:
- name: {{ .Values.dex.name }}
image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }}
@ -143,17 +146,19 @@ spec:
{{- with .Values.dex.initContainers }}
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with .Values.dex.nodeSelector }}
{{- with include "argo-cd.affinity" (dict "context" . "component" .Values.dex) }}
affinity:
{{- trim . | nindent 8 }}
{{- end }}
{{- with .Values.dex.nodeSelector | default .Values.global.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.dex.tolerations }}
{{- with .Values.dex.tolerations | default .Values.global.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
affinity:
{{- include "argo-cd.affinity" (dict "context" . "component" .Values.dex) | nindent 8 }}
{{- with .Values.dex.topologySpreadConstraints }}
{{- with .Values.dex.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }}
topologySpreadConstraints:
{{- range $constraint := . }}
- {{ toYaml $constraint | nindent 8 | trim }}
@ -183,9 +188,6 @@ spec:
{{- with .Values.dex.volumes }}
{{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.dex.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
{{- with .Values.dex.dnsConfig }}
dnsConfig:
{{- toYaml . | nindent 8 }}

16
charts/argo/argo-cd/templates/redis/deployment.yaml
View File

@ -44,6 +44,9 @@ spec:
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.redis.priorityClassName | default .Values.global.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
serviceAccountName: {{ include "argo-cd.redisServiceAccountName" . }}
containers:
- name: {{ .Values.redis.name }}
@ -102,17 +105,19 @@ spec:
initContainers:
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with .Values.redis.nodeSelector }}
{{- with .Values.redis.nodeSelector | default .Values.global.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.redis.tolerations }}
{{- with .Values.redis.tolerations | default .Values.global.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with include "argo-cd.affinity" (dict "context" . "component" .Values.redis) }}
affinity:
{{- include "argo-cd.affinity" (dict "context" . "component" .Values.redis) | nindent 8 }}
{{- with .Values.redis.topologySpreadConstraints }}
{{- trim . | nindent 8 }}
{{- end }}
{{- with .Values.redis.topologySpreadConstraints | default .Values.global.topologySpreadConstraints }}
topologySpreadConstraints:
{{- range $constraint := . }}
- {{ toYaml $constraint | nindent 8 | trim }}
@ -123,9 +128,6 @@ spec:
{{- end }}
{{- end }}
{{- end }}
{{- with .Values.redis.priorityClassName }}
priorityClassName: {{ . }}
{{- end }}
{{- with .Values.redis.volumes }}
volumes:
{{- toYaml . | nindent 8}}

130
charts/argo/argo-cd/values.yaml
View File

@ -99,13 +99,22 @@ global:
# -- Default deny all ingress traffic
defaultDenyIngress: false
# -- Default priority class for all components
priorityClassName: ""
# -- Default node selector for all components
nodeSelector: {}
# -- Default tolerations for all components
tolerations: {}
# Default affinity preset for all components
affinity:
# -- Default pod anti-affinity rules. Either: `soft` or `hard`
# -- Default pod anti-affinity rules. Either: `none`, `soft` or `hard`
podAntiAffinity: soft
# Node affinity rules
nodeAffinity:
# -- Default node affinity rules. Either: `soft` or `hard`
# -- Default node affinity rules. Either: `none`, `soft` or `hard`
type: hard
# -- Default match expressions for node affinity
matchExpressions: []
@ -115,6 +124,15 @@ global:
# - antarctica-east1
# - antarctica-west1
# -- Default [TopologySpreadConstraints] rules for all components
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
## If labelSelector is left out, it will default to the labelSelector of the component
topologySpreadConstraints: []
# - maxSkew: 1
# topologyKey: topology.kubernetes.io/zone
# whenUnsatisfiable: DoNotSchedule
## Argo Configs
configs:
# General Argo CD configuration
@ -637,10 +655,16 @@ controller:
# -- Number of seconds after which the [probe] times out
timeoutSeconds: 1
# -- Priority class for the application controller pods
# @default -- `""` (defaults to global.priorityClassName)
priorityClassName: ""
# -- [Node selector]
# @default -- `{}` (defaults to global.nodeSelector)
nodeSelector: {}
# -- [Tolerations] for use with node taints
# @default -- `[]` (defaults to global.tolerations)
tolerations: []
# -- Assign custom [affinity] rules to the deployment
@ -648,15 +672,13 @@ controller:
affinity: {}
# -- Assign custom [TopologySpreadConstraints] rules to the application controller
# @default -- `[]` (defaults to global.topologySpreadConstraints)
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
## If labelSelector is left out, it will default to the labelSelector configuration of the deployment
topologySpreadConstraints: []
# - maxSkew: 1
# topologyKey: topology.kubernetes.io/zone
# whenUnsatisfiable: DoNotSchedule
# -- Priority class for the application controller pods
priorityClassName: ""
# - maxSkew: 1
# topologyKey: topology.kubernetes.io/zone
# whenUnsatisfiable: DoNotSchedule
serviceAccount:
# -- Create a service account for the application controller
@ -978,24 +1000,30 @@ dex:
# -- Service port for metrics access
servicePortMetrics: 5558
# -- Priority class for the dex pods
# @default -- `""` (defaults to global.priorityClassName)
priorityClassName: ""
# -- [Node selector]
# @default -- `{}` (defaults to global.nodeSelector)
nodeSelector: {}
# -- [Tolerations] for use with node taints
# @default -- `[]` (defaults to global.tolerations)
tolerations: []
# -- Assign custom [affinity] rules to the deployment
# @default -- `{}` (defaults to global.affinity preset)
affinity: {}
# -- Assign custom [TopologySpreadConstraints] rules to dex
# @default -- `[]` (defaults to global.topologySpreadConstraints)
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
## If labelSelector is left out, it will default to the labelSelector configuration of the deployment
topologySpreadConstraints: []
# - maxSkew: 1
# topologyKey: topology.kubernetes.io/zone
# whenUnsatisfiable: DoNotSchedule
# -- Priority class for dex
priorityClassName: ""
# - maxSkew: 1
# topologyKey: topology.kubernetes.io/zone
# whenUnsatisfiable: DoNotSchedule
## Redis
redis:
@ -1148,10 +1176,16 @@ redis:
# -- Redis service port
servicePort: 6379
# -- Priority class for redis pods
# @default -- `""` (defaults to global.priorityClassName)
priorityClassName: ""
# -- [Node selector]
# @default -- `{}` (defaults to global.nodeSelector)
nodeSelector: {}
# -- [Tolerations] for use with node taints
# @default -- `[]` (defaults to global.tolerations)
tolerations: []
# -- Assign custom [affinity] rules to the deployment
@ -1159,15 +1193,13 @@ redis:
affinity: {}
# -- Assign custom [TopologySpreadConstraints] rules to redis
# @default -- `[]` (defaults to global.topologySpreadConstraints)
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
## If labelSelector is left out, it will default to the labelSelector configuration of the deployment
topologySpreadConstraints: []
# - maxSkew: 1
# topologyKey: topology.kubernetes.io/zone
# whenUnsatisfiable: DoNotSchedule
# -- Priority class for redis
priorityClassName: ""
# - maxSkew: 1
# topologyKey: topology.kubernetes.io/zone
# whenUnsatisfiable: DoNotSchedule
serviceAccount:
# -- Create a service account for the redis pod
@ -1538,24 +1570,30 @@ server:
# -- Number of seconds after which the [probe] times out
timeoutSeconds: 1
# -- Priority class for the Argo CD server pods
# @default -- `""` (defaults to global.priorityClassName)
priorityClassName: ""
# -- [Node selector]
# @default -- `{}` (defaults to global.nodeSelector)
nodeSelector: {}
# -- [Tolerations] for use with node taints
# @default -- `[]` (defaults to global.tolerations)
tolerations: []
# -- Assign custom [affinity] rules to the deployment
# @default -- `{}` (defaults to global.affinity preset)
affinity: {}
# -- Assign custom [TopologySpreadConstraints] rules to the Argo CD server
# @default -- `[]` (defaults to global.topologySpreadConstraints)
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
## If labelSelector is left out, it will default to the labelSelector configuration of the deployment
topologySpreadConstraints: []
# - maxSkew: 1
# topologyKey: topology.kubernetes.io/zone
# whenUnsatisfiable: DoNotSchedule
# -- Priority class for the Argo CD server
priorityClassName: ""
# - maxSkew: 1
# topologyKey: topology.kubernetes.io/zone
# whenUnsatisfiable: DoNotSchedule
# TLS certificate configuration via cert-manager
## Ref: https://argo-cd.readthedocs.io/en/stable/operator-manual/tls/#tls-certificates-used-by-argocd-server
@ -2031,22 +2069,28 @@ repoServer:
timeoutSeconds: 1
# -- [Node selector]
# @default -- `{}` (defaults to global.nodeSelector)
nodeSelector: {}
# -- [Tolerations] for use with node taints
# @default -- `[]` (defaults to global.tolerations)
tolerations: []
# -- Assign custom [affinity] rules to the deployment
# @default -- `{}` (defaults to global.affinity preset)
affinity: {}
# -- Assign custom [TopologySpreadConstraints] rules to the repo server
# @default -- `[]` (defaults to global.topologySpreadConstraints)
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
## If labelSelector is left out, it will default to the labelSelector configuration of the deployment
topologySpreadConstraints: []
# - maxSkew: 1
# topologyKey: topology.kubernetes.io/zone
# whenUnsatisfiable: DoNotSchedule
# - maxSkew: 1
# topologyKey: topology.kubernetes.io/zone
# whenUnsatisfiable: DoNotSchedule
# -- Priority class for the repo server
# -- Priority class for the repo server pods
# @default -- `""` (defaults to global.priorityClassName)
priorityClassName: ""
# TLS certificate configuration via Secret
@ -2365,16 +2409,28 @@ applicationSet:
failureThreshold: 3
# -- [Node selector]
# @default -- `{}` (defaults to global.nodeSelector)
nodeSelector: {}
# -- [Tolerations] for use with node taints
# @default -- `[]` (defaults to global.tolerations)
tolerations: []
# -- Assign custom [affinity] rules
# @default -- `{}` (defaults to global.affinity preset)
affinity: {}
# -- If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default.
# -- Assign custom [TopologySpreadConstraints] rules to the ApplicationSet controller
# @default -- `[]` (defaults to global.topologySpreadConstraints)
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
## If labelSelector is left out, it will default to the labelSelector configuration of the deployment
topologySpreadConstraints: []
# - maxSkew: 1
# topologyKey: topology.kubernetes.io/zone
# whenUnsatisfiable: DoNotSchedule
# -- Priority class for the ApplicationSet controller pods
# @default -- `""` (defaults to global.priorityClassName)
priorityClassName: ""
## Webhook for the Git Generator
@ -2611,16 +2667,28 @@ notifications:
- ALL
# -- [Node selector]
# @default -- `{}` (defaults to global.nodeSelector)
nodeSelector: {}
# -- [Tolerations] for use with node taints
# @default -- `[]` (defaults to global.tolerations)
tolerations: []
# -- Assign custom [affinity] rules
# @default -- `{}` (defaults to global.affinity preset)
affinity: {}
# -- Assign custom [TopologySpreadConstraints] rules to the application controller
# @default -- `[]` (defaults to global.topologySpreadConstraints)
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
## If labelSelector is left out, it will default to the labelSelector configuration of the deployment
topologySpreadConstraints: []
# - maxSkew: 1
# topologyKey: topology.kubernetes.io/zone
# whenUnsatisfiable: DoNotSchedule
# -- Priority class for the notifications controller pods
# @default -- `""` (defaults to global.priorityClassName)
priorityClassName: ""
serviceAccount:

7
charts/asserts/asserts/Chart.lock
View File

@ -14,6 +14,9 @@ dependencies:
- name: promxy
repository: https://asserts.github.io/helm-charts
version: 0.7.0
- name: ebpf-probe
repository: https://asserts.github.io/helm-charts
version: 0.1.0
- name: common
repository: https://charts.bitnami.com/bitnami
version: 1.17.1
@ -26,5 +29,5 @@ dependencies:
- name: postgresql
repository: https://charts.bitnami.com/bitnami
version: 11.9.13
digest: sha256:2ad6af6383c531404c3f55761585730181c3504106c12a40dd892dbe1484a277
generated: "2022-12-23T10:28:05.00545-08:00"
digest: sha256:f67342dfcfe7805322b598aefaf6d37c54f4b5c59264af096bca6048c00250c0
generated: "2023-02-23T15:20:14.686324-08:00"

6
charts/asserts/asserts/Chart.yaml
View File

@ -28,6 +28,10 @@ dependencies:
name: promxy
repository: file://./charts/promxy
version: 0.7.0
- condition: ebpf-probe.enabled
name: ebpf-probe
repository: file://./charts/ebpf-probe
version: 0.1.0
- name: common
repository: file://./charts/common
version: 1.x.x
@ -53,4 +57,4 @@ maintainers:
url: https://github.com/asserts
name: asserts
type: application
version: 1.31.0
version: 1.32.0

9
charts/asserts/asserts/charts/ebpf-probe/Chart.yaml Normal file
View File

@ -0,0 +1,9 @@
apiVersion: v2
appVersion: 0.3.0
description: A helm chart for Asserts eBPF probe.
maintainers:
- name: Asserts
url: https://github.com/asserts
name: ebpf-probe
type: application
version: 0.1.0

62
charts/asserts/asserts/charts/ebpf-probe/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,62 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "ebpf-probe.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "ebpf-probe.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "ebpf-probe.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "ebpf-probe.labels" -}}
helm.sh/chart: {{ include "ebpf-probe.chart" . }}
{{ include "ebpf-probe.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "ebpf-probe.selectorLabels" -}}
app.kubernetes.io/name: {{ include "ebpf-probe.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "ebpf-probe.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "ebpf-probe.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

78
charts/asserts/asserts/charts/ebpf-probe/templates/daemonset.yaml Normal file
View File

@ -0,0 +1,78 @@
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: {{ include "ebpf-probe.name" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "ebpf-probe.labels" . | nindent 4 }}
spec:
selector:
matchLabels:
{{- include "ebpf-probe.selectorLabels" . | nindent 6 }}
template:
metadata:
annotations:
{{- with .Values.podAnnotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "ebpf-probe.selectorLabels" . | nindent 8 }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "ebpf-probe.serviceAccountName" . }}
{{- if .Values.priorityClassName }}
priorityClassName: {{ .Values.priorityClassName }}
{{- end }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
volumeMounts:
- mountPath: /proc
name: proc
- mountPath: /sys/kernel/debug
name: debug
ports:
- name: http-metrics
containerPort: {{ .Values.prometheusPort }}
protocol: TCP
env:
- name: "RESOLVE_DNS"
value: "{{ .Values.enableDnsResolving }}"
- name: "PROMETHEUS_PORT"
value: "{{ .Values.prometheusPort }}"
- name: "PROMETHEUS_ENDPOINT"
value: "{{ .Values.prometheusEndpoint }}"
- name: "POLL_INTERVAL"
value: "{{ .Values.pollIntervalSeconds }}"
securityContext:
privileged: true
readOnlyRootFilesystem: true
resources:
{{- toYaml .Values.resources | nindent 12 }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
- name: proc
hostPath:
path: /proc
- name: debug
hostPath:
path: /sys/kernel/debug

21
charts/asserts/asserts/charts/ebpf-probe/templates/podmonitor.yaml Normal file
View File

@ -0,0 +1,21 @@
{{- if and (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1") (.Values.podMonitor.enabled) }}
apiVersion: monitoring.coreos.com/v1
kind: PodMonitor
metadata:
name: {{ include "ebpf-probe.name" . }}
namespace: {{ .Release.Namespace }}
labels: {{- include "ebpf-probe.labels" . | nindent 4 }}
{{- with .Values.podMonitor.extraLabels }}
{{- toYaml . | nindent 4 -}}
{{- end }}
spec:
selector:
matchLabels:
{{- include "ebpf-probe.selectorLabels" . | nindent 6 }}
namespaceSelector:
matchNames:
- {{ .Release.Namespace }}
podMetricsEndpoints:
- port: http-metrics
path: {{ .Values.prometheusEndpoint }}
{{- end }}

155
charts/asserts/asserts/charts/ebpf-probe/templates/rbac/role.yaml Normal file
View File

@ -0,0 +1,155 @@
{{- if .Values.rbac.create }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ include "ebpf-probe.fullname" . }}
rules:
{{- if and .Values.rbac.sccEnabled (.Capabilities.APIVersions.Has "security.openshift.io/v1")}}
- apiGroups:
- security.openshift.io
resources:
- securitycontextconstraints
verbs:
- use
resourceNames:
- privileged
{{- end }}
- verbs:
- get
- list
- watch
apiGroups:
- ''
resources:
- configmaps
- endpoints
- persistentvolumeclaims
- persistentvolumeclaims/status
- pods
- replicationcontrollers
- replicationcontrollers/scale
- serviceaccounts
- services
- services/status
- verbs:
- get
- list
- watch
apiGroups:
- ''
resources:
- bindings
- events
- limitranges
- namespaces/status
- pods/log
- pods/status
- nodes
- replicationcontrollers/status
- resourcequotas
- resourcequotas/status
- verbs:
- get
- list
- watch
apiGroups:
- ''
resources:
- namespaces
- verbs:
- get
- list
- watch
apiGroups:
- apps
resources:
- controllerrevisions
- daemonsets
- daemonsets/status
- deployments
- deployments/scale
- deployments/status
- replicasets
- replicasets/scale
- replicasets/status
- statefulsets
- statefulsets/scale
- statefulsets/status
- verbs:
- get
- list
- watch
apiGroups:
- batch
resources:
- cronjobs
- cronjobs/status
- jobs
- jobs/status
- verbs:
- get
- list
- watch
apiGroups:
- extensions
resources:
- daemonsets
- daemonsets/status
- deployments
- deployments/scale
- deployments/status
- ingresses
- ingresses/status
- networkpolicies
- replicasets
- replicasets/scale
- replicasets/status
- replicationcontrollers/scale
- verbs:
- get
- list
- watch
apiGroups:
- policy
resources:
- poddisruptionbudgets
- poddisruptionbudgets/status
- verbs:
- get
- list
- watch
apiGroups:
- networking.k8s.io
resources:
- ingresses
- ingresses/status
- networkpolicies
- verbs:
- get
apiGroups:
- discovery.k8s.io
resources:
- endpointslices
- verbs:
- list
apiGroups:
- discovery.k8s.io
resources:
- endpointslices
- verbs:
- watch
apiGroups:
- discovery.k8s.io
resources:
- endpointslices
- verbs:
- get
- list
- watch
apiGroups:
- metrics.k8s.io
resources:
- pods
- nodes
{{- end }}

16
charts/asserts/asserts/charts/ebpf-probe/templates/rbac/rolebinding.yaml Normal file
View File

@ -0,0 +1,16 @@
{{- if .Values.rbac.create }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ include "ebpf-probe.fullname" . }}
namespace: {{ .Release.Namespace }}
labels: {{- include "ebpf-probe.labels" . | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ include "ebpf-probe.fullname" . }}
subjects:
- kind: ServiceAccount
name: {{ include "ebpf-probe.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
{{- end }}

17
charts/asserts/asserts/charts/ebpf-probe/templates/rbac/serviceaccount.yaml Normal file
View File

@ -0,0 +1,17 @@
{{ if .Values.serviceAccount.create }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "ebpf-probe.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "ebpf-probe.labels" . | nindent 4 }}
{{- with .Values.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.serviceAccount.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- end }}

78
charts/asserts/asserts/charts/ebpf-probe/values.yaml Normal file
View File

@ -0,0 +1,78 @@
enableDnsResolving: true
prometheusPort: 7117
prometheusEndpoint: "/metrics"
pollIntervalSeconds: 5
rbac:
create: true
# OpenShift specific
sccEnabled: false
image:
repository: asserts/ebpf-probe
pullPolicy: IfNotPresent
tag: 0.3.0
serviceAccount:
create: true
name: ""
imagePullSecrets: []
annotations: {}
extraLabels: {}
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
resources:
limits:
cpu: 150m
memory: 300Mi
requests:
cpu: 50m
memory: 100Mi
podAnnotations: {}
podSecurityContext: {}
# fsGroup: 2000
securityContext:
privileged: true
readOnlyRootFilesystem: true
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
tolerations:
- key: node-role.kubernetes.io/control-plane
operator: Exists
effect: NoSchedule
- key: node-role.kubernetes.io/master
operator: Exists
effect: NoSchedule
nodeSelector: {}
affinity: {}
priorityClassName:
podMonitor:
enabled: true
# Use if you need to add a label that matches
# your prometheus-operator podMonitorSelector.
#
# Ex:
#
# running:
# kubectl get prometheus -A -ojsonpath='{.items[].spec.podMonitorSelector}'
#
# returns:
# {"matchLabels":{"release":"kube-prometheus-stack"}}
#
# set:
# extraLabels:
# release: kube-prometheus-stack
extraLabels: {}

12
charts/asserts/asserts/templates/alertmanager-templates/_pagerduty.tpl
View File

@ -28,10 +28,18 @@ PagerDuty template
{{- printf "\n {{- end }}" -}}
{{- printf "\n " -}}
{{- printf "\n {{ define \"pagerduty.slo.link.incidents\" -}}" -}}
{{- printf "\n %s/incidents?start={{(index .Alerts 0).StartsAt.Unix}}000-30m&end={{(index .Alerts 0).StartsAt.Unix}}000%s&search={{ .GroupLabels.asserts_slo_name }}" $assertsUrl $plus30min -}}
{{- printf "\n {{- if .CommonLabels.asserts_site }}" -}}
{{- printf "\n %s/incidents?env[0]={{ .CommonLabels.asserts_env }}&site[0]={{ .CommonLabels.asserts_site }}&start={{(index .Alerts 0).StartsAt.Unix}}000-30m&end={{(index .Alerts 0).StartsAt.Unix}}000%s&search={{ .GroupLabels.asserts_slo_name }}" $assertsUrl $plus30min -}}
{{- printf "\n {{- else }}" -}}
{{- printf "\n %s/incidents?env[0]={{ .CommonLabels.asserts_env }}&start={{(index .Alerts 0).StartsAt.Unix}}000-30m&end={{(index .Alerts 0).StartsAt.Unix}}000%s&search={{ .GroupLabels.asserts_slo_name }}" $assertsUrl $plus30min -}}
{{- printf "\n {{- end }}" -}}
{{- printf "\n {{- end }}" -}}
{{- printf "\n " -}}
{{- printf "\n {{ define \"pagerduty.slo.link.assertions\" -}}" -}}
{{- printf "\n %s/assertions?slo_name={{.CommonLabels.asserts_slo_name}}&start={{(index .Alerts 0).StartsAt.Unix}}000-30m&end={{(index .Alerts 0).StartsAt.Unix}}000%s" $assertsUrl $plus30min -}}
{{- printf "\n {{- if .CommonLabels.asserts_site }}" -}}
{{- printf "\n %s/assertions?env[0]={{ .CommonLabels.asserts_env }}&site[0]={{ .CommonLabels.asserts_site }}&slo_name={{.CommonLabels.asserts_slo_name}}&start={{(index .Alerts 0).StartsAt.Unix}}000-30m&end={{(index .Alerts 0).StartsAt.Unix}}000%s" $assertsUrl $plus30min -}}
{{- printf "\n {{- else }}" -}}
{{- printf "\n %s/incidents?env[0]={{ .CommonLabels.asserts_env }}&start={{(index .Alerts 0).StartsAt.Unix}}000-30m&end={{(index .Alerts 0).StartsAt.Unix}}000%s&search={{ .GroupLabels.asserts_slo_name }}" $assertsUrl $plus30min -}}
{{- printf "\n {{- end }}" -}}
{{- printf "\n {{- end }}" -}}
{{- end }}

20
charts/asserts/asserts/templates/alertmanager-templates/_slack.tpl
View File

@ -18,8 +18,14 @@ Slack template
{{- printf "\n " -}}
{{- printf "\n {{ define \"slack.notification.text\" -}}" -}}
{{- printf "\n {{- if eq .Status \"firing\" }}" -}}
{{- printf "\n :warning: *<%s/incidents?start={{(index .Alerts 0).StartsAt.Unix}}000-30m&end={{(index .Alerts 0).StartsAt.Unix}}000%s&search={{ .CommonLabels.asserts_notification_rule_name }}|View Impact>*" $assertsUrl $plus30min -}}
{{- printf "\n :fire: *<%s/insights/top?start={{(index .Alerts 0).StartsAt.Unix}}000-30m&end={{(index .Alerts 0).StartsAt.Unix}}000%s&search={{ .CommonLabels.asserts_assertion_name }}|Start Troubleshooting>*" $assertsUrl $plus30min -}}
{{- printf "\n {{- if .CommonLabels.asserts_site }}" -}}
{{- printf "\n :warning: *<%s/incidents?env[0]={{ .CommonLabels.asserts_env }}&site[0]={{ .CommonLabels.asserts_site }}&start={{(index .Alerts 0).StartsAt.Unix}}000-30m&end={{(index .Alerts 0).StartsAt.Unix}}000%s&search={{ .CommonLabels.asserts_notification_rule_name }}|View Impact>*" $assertsUrl $plus30min -}}
{{- printf "\n :fire: *<%s/insights/top?env[0]={{ .CommonLabels.asserts_env }}&site[0]={{ .CommonLabels.asserts_site }}&start={{(index .Alerts 0).StartsAt.Unix}}000-30m&end={{(index .Alerts 0).StartsAt.Unix}}000%s&search={{ .CommonLabels.asserts_assertion_name }}|Start Troubleshooting>*" $assertsUrl $plus30min -}}
{{- printf "\n {{- else }}" -}}
{{- printf "\n :warning: *<%s/incidents?env[0]={{ .CommonLabels.asserts_env }}&start={{(index .Alerts 0).StartsAt.Unix}}000-30m&end={{(index .Alerts 0).StartsAt.Unix}}000%s&search={{ .CommonLabels.asserts_notification_rule_name }}|View Impact>*" $assertsUrl $plus30min -}}
{{- printf "\n :fire: *<%s/insights/top?env[0]={{ .CommonLabels.asserts_env }}&start={{(index .Alerts 0).StartsAt.Unix}}000-30m&end={{(index .Alerts 0).StartsAt.Unix}}000%s&search={{ .CommonLabels.asserts_assertion_name }}|Start Troubleshooting>*" $assertsUrl $plus30min -}}
{{- printf "\n {{- end }}" -}}
{{- printf "\n {{- end }}" -}}
{{- printf "\n *Alert details*:" -}}
{{- printf "\n " -}}
{{- printf "\n {{ range .Alerts -}}" -}}
@ -47,7 +53,6 @@ Slack template
{{- printf "\n {{- if eq .Name \"persistentvolumeclaim\" }} • *{{ .Name }}:* `{{ .Value }}`{{ end }}" -}}
{{- printf "\n {{- end }}" -}}
{{- printf "\n {{- end }}" -}}
{{- printf "\n {{- end }}" -}}
{{- printf "\n {{- end }}" -}}
{{- printf "\n " -}}
{{- printf "\n {{/* Slack Slo */}}" -}}
@ -57,8 +62,13 @@ Slack template
{{- printf "\n " -}}
{{- printf "\n {{ define \"slack.slo.text\" -}}" -}}
{{- printf "\n {{- if eq .Status \"firing\" }}" -}}
{{- printf "\n :warning: *<%s/incidents?start={{(index .Alerts 0).StartsAt.Unix}}000-30m&end={{(index .Alerts 0).StartsAt.Unix}}000%s&search={{ .GroupLabels.asserts_slo_name }}|View Impact>*" $assertsUrl $plus30min -}}
{{- printf "\n :fire: *<%s/assertions?slo_name={{.CommonLabels.asserts_slo_name}}&start={{(index .Alerts 0).StartsAt.Unix}}000-30m&end={{(index .Alerts 0).StartsAt.Unix}}000%s|Start Troubleshooting>*" $assertsUrl $plus30min -}}
{{- printf "\n {{- if .CommonLabels.asserts_site }}" -}}
{{- printf "\n :warning: *<%s/incidents?env[0]={{ .CommonLabels.asserts_env }}&site[0]={{ .CommonLabels.asserts_site }}&start={{(index .Alerts 0).StartsAt.Unix}}000-30m&end={{(index .Alerts 0).StartsAt.Unix}}000%s&search={{ .GroupLabels.asserts_slo_name }}|View Impact>*" $assertsUrl $plus30min -}}
{{- printf "\n :fire: *<%s/assertions?env[0]={{ .CommonLabels.asserts_env }}&site[0]={{ .CommonLabels.asserts_site }}&slo_name={{.CommonLabels.asserts_slo_name}}&start={{(index .Alerts 0).StartsAt.Unix}}000-30m&end={{(index .Alerts 0).StartsAt.Unix}}000%s|Start Troubleshooting>*" $assertsUrl $plus30min -}}
{{- printf "\n {{- else }}" -}}
{{- printf "\n :warning: *<%s/incidents?env[0]={{ .CommonLabels.asserts_env }}&start={{(index .Alerts 0).StartsAt.Unix}}000-30m&end={{(index .Alerts 0).StartsAt.Unix}}000%s&search={{ .GroupLabels.asserts_slo_name }}|View Impact>*" $assertsUrl $plus30min -}}
{{- printf "\n :fire: *<%s/assertions?env[0]={{ .CommonLabels.asserts_env }}&slo_name={{.CommonLabels.asserts_slo_name}}&start={{(index .Alerts 0).StartsAt.Unix}}000-30m&end={{(index .Alerts 0).StartsAt.Unix}}000%s|Start Troubleshooting>*" $assertsUrl $plus30min -}}
{{- printf "\n {{- end }}" -}}
{{- printf "\n " -}}
{{- printf "\n Asserts has detected an elevated burn rate on the \"{{ .GroupLabels.asserts_slo_name }}\" service level objective. These compliance windows are off track:" -}}
{{- printf "\n {{ range .Alerts }} {{ if .Annotations.description }}*Description:* {{ printf \"%s%s\" .Annotations.description }}{{ end }}{{ end }}" "%s" "\\n" -}}

4
charts/asserts/asserts/templates/config/alertmanager-configmap.yaml
View File

@ -12,6 +12,8 @@ data:
# setup for a single Asserts tenant
group_by:
- alertname
- asserts_env
- asserts_site
- asserts_notification_rule_name
- source_alertname
- asserts_slo_name
@ -40,6 +42,7 @@ data:
continue: true
- receiver: slack-slo
matchers:
- alertname="NOTIFICATION_ALERTS"
- asserts_slo_name != ""
group_wait: {{ .Values.receiver.group_wait }}
group_interval: {{ .Values.receiver.group_interval }}
@ -57,6 +60,7 @@ data:
continue: true
- receiver: pagerduty-slo
matchers:
- alertname="NOTIFICATION_ALERTS"
- asserts_slo_name != ""
group_wait: {{ .Values.receiver.group_wait }}
group_interval: {{ .Values.receiver.group_interval }}

119
charts/asserts/asserts/values.yaml
View File

@ -142,7 +142,12 @@ server:
repository: asserts/asserts-server
pullPolicy: IfNotPresent
## Overrides the image tag whose default is the chart appVersion.
tag: v0.2.504
tag: v0.2.528
resources:
requests:
cpu: 100m
memory: 768Mi
initContainers:
- name: wait-for-postgres
@ -181,8 +186,6 @@ server:
prometheus.io/port: "{{.Values.server.service.port}}"
prometheus.io/path: "/api-server/actuator/prometheus"
resources: {}
## wait 30 seconds before pod termination
## to allow application shut down
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle
@ -250,6 +253,11 @@ authorization:
## Overrides the image tag whose default is the chart appVersion.
tag: v0.2.504
resources:
requests:
cpu: 50m
memory: 512Mi
initContainers:
- name: wait-for-postgres
image: asserts/wait-for:v2.2.3
@ -273,8 +281,6 @@ authorization:
prometheus.io/port: "{{.Values.authorization.service.port}}"
prometheus.io/path: "/authorization/actuator/prometheus"
resources: {}
## environment variables to add to the asserts-server pod
extraEnv: []
@ -311,7 +317,7 @@ ui:
repository: asserts/asserts-ui
pullPolicy: IfNotPresent
## Overrides the image tag whose default is the chart appVersion.
tag: v0.1.1149
tag: v0.1.1156
imagePullSecrets: []
@ -328,6 +334,11 @@ ui:
loadBalancerIP: ""
loadBalancerSourceRanges: []
resources:
requests:
cpu: 10m
memory: 128Mi
ingress:
enabled: false
@ -359,8 +370,6 @@ ui:
# hosts:
# - asserts-ui.domain.com
resources: {}
annotations: {}
## environment variables to add to the asserts-ui pod
@ -399,7 +408,12 @@ grafana:
repository: asserts/grafana
pullPolicy: IfNotPresent
## Overrides the image tag whose default is the chart appVersion.
tag: v1.0.196
tag: v1.0.205
resources:
requests:
cpu: 30m
memory: 128Mi
imagePullSecrets: []
@ -471,8 +485,6 @@ grafana:
runAsGroup: 1001
fsGroup: 1001
resources: {}
nodeSelector: {}
tolerations: []
@ -513,6 +525,22 @@ grafana:
type: prometheus
jsonData:
timeInterval: "{{.Values.grafana.scrapeInterval}}"
- name: Alertmanager
url: http://{{.Release.Name}}-alertmanager.{{.Release.Namespace}}.{{.Values.clusterDomain}}:9093
isDefault: false
orgId: 1
access: proxy
type: alertmanager
jsonData:
implementation: prometheus
- name: Prometheus-Rules
url: http://{{.Release.Name}}-promxyruler.{{.Release.Namespace}}.{{.Values.clusterDomain}}:8082
isDefault: false
orgId: 1
access: proxy
type: prometheus
jsonData:
timeInterval: "{{.Values.grafana.scrapeInterval}}"
# ref: https://grafana.com/docs/grafana/latest/administration/provisioning/#dashboards
providers:
@ -581,6 +609,11 @@ knowledge-sensor:
create: false
name: asserts
resources:
requests:
cpu: 10m
memory: 128Mi
initContainers:
- name: wait-for-asserts-server
image: asserts/wait-for:v2.2.3
@ -621,6 +654,11 @@ tsdb:
create: false
name: asserts
resources:
requests:
cpu: 500m
memory: 768Mi
configMap: asserts-tsdb-scrapeconfig
server:
image:
@ -770,6 +808,10 @@ redisgraph:
master:
configuration: |
loadmodule /opt/bitnami/redis/modules/redisgraph.so
resources:
requests:
cpu: 20m
memory: 128Mi
sentinel:
enabled: false
@ -804,6 +846,10 @@ redisearch:
master:
configuration: |
loadmodule /opt/bitnami/redis/modules/redisearch.so
resources:
requests:
cpu: 10m
memory: 50Mi
sentinel:
enabled: false
@ -822,6 +868,11 @@ alertmanager:
create: false
name: asserts
resources:
requests:
cpu: 10m
memory: 50Mi
service:
annotations:
prometheus.io/scrape: "true"
@ -850,6 +901,11 @@ promxyruler:
create: false
name: asserts
resources:
requests:
cpu: 500m
memory: 512Mi
service:
annotations:
prometheus.io/scrape: "true"
@ -913,6 +969,11 @@ promxyuser:
create: false
name: asserts
resources:
requests:
cpu: 100m
memory: 128Mi
service:
annotations:
prometheus.io/scrape: "true"
@ -964,6 +1025,11 @@ postgres:
create: false
name: asserts
resources:
requests:
cpu: 20m
memory: 128Mi
primary:
initdb:
scripts:
@ -977,3 +1043,34 @@ postgres:
metrics:
enabled: true
## eBPF probe configuration
## ref: https://github.com/asserts/helm-charts/blob/master/charts/ebpf-probe/values.yaml
ebpf-probe:
enabled: false
fullnameOverride: asserts-ebpf-probe
nameOverride: asserts-ebpf-probe
image:
repository: asserts/ebpf-probe
pullPolicy: IfNotPresent
tag: 0.3.0
podMonitor:
enabled: true
# Use if you need to add a label that matches
# your prometheus-operator podMonitorSelector.
#
# Ex:
#
# running:
# kubectl get prometheus -A -ojsonpath='{.items[].spec.podMonitorSelector}'
#
# returns:
# {"matchLabels":{"release":"kube-prometheus-stack"}}
#
# set:
# extraLabels:
# release: kube-prometheus-stack
extraLabels: {}

8
charts/bitnami/airflow/Chart.lock
View File

@ -1,12 +1,12 @@
dependencies:
- name: redis
repository: https://charts.bitnami.com/bitnami
version: 17.7.4
version: 17.8.0
- name: postgresql
repository: https://charts.bitnami.com/bitnami
version: 12.2.0
version: 12.2.1
- name: common
repository: https://charts.bitnami.com/bitnami
version: 2.2.3
digest: sha256:df2c76ca2f610b4a9af347185292ceb0df797123ecbbd075ba9d72153465d631
generated: "2023-02-17T14:12:20.08405837Z"
digest: sha256:f502a35537beec923cea79f6eb39ae3845eb392987e6ed838779a589ebad8689
generated: "2023-02-27T04:13:57.73922205Z"

2
charts/bitnami/airflow/Chart.yaml
View File

@ -38,4 +38,4 @@ name: airflow
sources:
- https://github.com/bitnami/containers/tree/main/bitnami/airflow
- https://airflow.apache.org/
version: 14.0.12
version: 14.0.13

12
charts/bitnami/airflow/README.md
View File

@ -90,7 +90,7 @@ The command removes all the Kubernetes components associated with the chart and
| `dags.existingConfigmap` | Name of an existing ConfigMap with all the DAGs files you want to load in Airflow | `""` |
| `dags.image.registry` | Init container load-dags image registry | `docker.io` |
| `dags.image.repository` | Init container load-dags image repository | `bitnami/bitnami-shell` |
| `dags.image.tag` | Init container load-dags image tag (immutable tags are recommended) | `11-debian-11-r85` |
| `dags.image.tag` | Init container load-dags image tag (immutable tags are recommended) | `11-debian-11-r90` |
| `dags.image.digest` | Init container load-dags image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `dags.image.pullPolicy` | Init container load-dags image pull policy | `IfNotPresent` |
| `dags.image.pullSecrets` | Init container load-dags image pull secrets | `[]` |
@ -109,7 +109,7 @@ The command removes all the Kubernetes components associated with the chart and
| ------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | --------------------- |
| `web.image.registry` | Airflow image registry | `docker.io` |
| `web.image.repository` | Airflow image repository | `bitnami/airflow` |
| `web.image.tag` | Airflow image tag (immutable tags are recommended) | `2.5.1-debian-11-r10` |
| `web.image.tag` | Airflow image tag (immutable tags are recommended) | `2.5.1-debian-11-r13` |
| `web.image.digest` | Airflow image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `web.image.pullPolicy` | Airflow image pull policy | `IfNotPresent` |
| `web.image.pullSecrets` | Airflow image pull secrets | `[]` |
@ -184,7 +184,7 @@ The command removes all the Kubernetes components associated with the chart and
| ------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | --------------------------- |
| `scheduler.image.registry` | Airflow Scheduler image registry | `docker.io` |
| `scheduler.image.repository` | Airflow Scheduler image repository | `bitnami/airflow-scheduler` |
| `scheduler.image.tag` | Airflow Scheduler image tag (immutable tags are recommended) | `2.5.1-debian-11-r9` |
| `scheduler.image.tag` | Airflow Scheduler image tag (immutable tags are recommended) | `2.5.1-debian-11-r14` |
| `scheduler.image.digest` | Airflow Schefuler image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `scheduler.image.pullPolicy` | Airflow Scheduler image pull policy | `IfNotPresent` |
| `scheduler.image.pullSecrets` | Airflow Scheduler image pull secrets | `[]` |
@ -238,7 +238,7 @@ The command removes all the Kubernetes components associated with the chart and
| ---------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ------------------------ |
| `worker.image.registry` | Airflow Worker image registry | `docker.io` |
| `worker.image.repository` | Airflow Worker image repository | `bitnami/airflow-worker` |
| `worker.image.tag` | Airflow Worker image tag (immutable tags are recommended) | `2.5.1-debian-11-r9` |
| `worker.image.tag` | Airflow Worker image tag (immutable tags are recommended) | `2.5.1-debian-11-r14` |
| `worker.image.digest` | Airflow Worker image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `worker.image.pullPolicy` | Airflow Worker image pull policy | `IfNotPresent` |
| `worker.image.pullSecrets` | Airflow Worker image pull secrets | `[]` |
@ -318,7 +318,7 @@ The command removes all the Kubernetes components associated with the chart and
| ------------------------------ | --------------------------------------------------------------------------------------------------- | --------------------- |
| `git.image.registry` | Git image registry | `docker.io` |
| `git.image.repository` | Git image repository | `bitnami/git` |
| `git.image.tag` | Git image tag (immutable tags are recommended) | `2.39.2-debian-11-r0` |
| `git.image.tag` | Git image tag (immutable tags are recommended) | `2.39.2-debian-11-r5` |
| `git.image.digest` | Git image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `git.image.pullPolicy` | Git image pull policy | `IfNotPresent` |
| `git.image.pullSecrets` | Git image pull secrets | `[]` |
@ -410,7 +410,7 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.enabled` | Whether or not to create a standalone Airflow exporter to expose Airflow metrics | `false` |
| `metrics.image.registry` | Airflow exporter image registry | `docker.io` |
| `metrics.image.repository` | Airflow exporter image repository | `bitnami/airflow-exporter` |
| `metrics.image.tag` | Airflow exporter image tag (immutable tags are recommended) | `0.20220314.0-debian-11-r91` |
| `metrics.image.tag` | Airflow exporter image tag (immutable tags are recommended) | `0.20220314.0-debian-11-r96` |
| `metrics.image.digest` | Airflow exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `metrics.image.pullPolicy` | Airflow exporter image pull policy | `IfNotPresent` |
| `metrics.image.pullSecrets` | Airflow exporter image pull secrets | `[]` |

2
charts/bitnami/airflow/charts/postgresql/Chart.yaml
View File

@ -28,4 +28,4 @@ name: postgresql
sources:
- https://github.com/bitnami/containers/tree/main/bitnami/postgresql
- https://www.postgresql.org/
version: 12.2.0
version: 12.2.1

16
charts/bitnami/airflow/charts/postgresql/README.md
View File

@ -79,7 +79,6 @@ kubectl delete pvc -l release=my-release
| `global.postgresql.auth.secretKeys.replicationPasswordKey` | Name of key in existing secret to use for PostgreSQL credentials (overrides `auth.secretKeys.replicationPasswordKey`). Only used when `global.postgresql.auth.existingSecret` is set. | `""` |
| `global.postgresql.service.ports.postgresql` | PostgreSQL service port (overrides `service.ports.postgresql`) | `""` |
### Common parameters
| Name | Description | Value |
@ -95,14 +94,13 @@ kubectl delete pvc -l release=my-release
| `diagnosticMode.command` | Command to override all containers in the statefulset | `["sleep"]` |
| `diagnosticMode.args` | Args to override all containers in the statefulset | `["infinity"]` |
### PostgreSQL common parameters
| Name | Description | Value |
| ---------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- |
| `image.registry` | PostgreSQL image registry | `docker.io` |
| `image.repository` | PostgreSQL image repository | `bitnami/postgresql` |
| `image.tag` | PostgreSQL image tag (immutable tags are recommended) | `15.2.0-debian-11-r0` |
| `image.tag` | PostgreSQL image tag (immutable tags are recommended) | `15.2.0-debian-11-r2` |
| `image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | PostgreSQL image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify image pull secrets | `[]` |
@ -158,7 +156,6 @@ kubectl delete pvc -l release=my-release
| `tls.certCAFilename` | CA Certificate filename | `""` |
| `tls.crlFilename` | File containing a Certificate Revocation List | `""` |
### PostgreSQL Primary parameters
| Name | Description | Value |
@ -263,7 +260,6 @@ kubectl delete pvc -l release=my-release
| `primary.persistence.selector` | Selector to match an existing Persistent Volume (this value is evaluated as a template) | `{}` |
| `primary.persistence.dataSource` | Custom PVC data source | `{}` |
### PostgreSQL read only replica parameters (only used when `architecture` is set to `replication`)
| Name | Description | Value |
@ -355,7 +351,6 @@ kubectl delete pvc -l release=my-release
| `readReplicas.persistence.selector` | Selector to match an existing Persistent Volume (this value is evaluated as a template) | `{}` |
| `readReplicas.persistence.dataSource` | Custom PVC data source | `{}` |
### NetworkPolicy parameters
| Name | Description | Value |
@ -375,7 +370,6 @@ kubectl delete pvc -l release=my-release
| `networkPolicy.egressRules.denyConnectionsToExternal` | Enable egress rule that denies outgoing traffic outside the cluster, except for DNS (port 53). | `false` |
| `networkPolicy.egressRules.customRules` | Custom network policy rule | `{}` |
### Volume Permissions parameters
| Name | Description | Value |
@ -383,7 +377,7 @@ kubectl delete pvc -l release=my-release
| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` |
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r81` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r86` |
| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` |
@ -391,7 +385,6 @@ kubectl delete pvc -l release=my-release
| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` |
| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` |
### Other Parameters
| Name | Description | Value |
@ -405,7 +398,6 @@ kubectl delete pvc -l release=my-release
| `rbac.rules` | Custom RBAC rules to set | `[]` |
| `psp.create` | Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later | `false` |
### Metrics Parameters
| Name | Description | Value |
@ -413,7 +405,7 @@ kubectl delete pvc -l release=my-release
| `metrics.enabled` | Start a prometheus exporter | `false` |
| `metrics.image.registry` | PostgreSQL Prometheus Exporter image registry | `docker.io` |
| `metrics.image.repository` | PostgreSQL Prometheus Exporter image repository | `bitnami/postgres-exporter` |
| `metrics.image.tag` | PostgreSQL Prometheus Exporter image tag (immutable tags are recommended) | `0.11.1-debian-11-r58` |
| `metrics.image.tag` | PostgreSQL Prometheus Exporter image tag (immutable tags are recommended) | `0.11.1-debian-11-r60` |
| `metrics.image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `metrics.image.pullPolicy` | PostgreSQL Prometheus Exporter image pull policy | `IfNotPresent` |
| `metrics.image.pullSecrets` | Specify image pull secrets | `[]` |
@ -468,7 +460,7 @@ kubectl delete pvc -l release=my-release
```console
$ helm install my-release \
helm install my-release \
--set auth.postgresPassword=secretpassword
my-repo/postgresql
```

6
charts/bitnami/airflow/charts/postgresql/values.yaml
View File

@ -95,7 +95,7 @@ diagnosticMode:
image:
registry: docker.io
repository: bitnami/postgresql
tag: 15.2.0-debian-11-r0
tag: 15.2.0-debian-11-r2
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -1136,7 +1136,7 @@ volumePermissions:
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: 11-debian-11-r81
tag: 11-debian-11-r86
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
@ -1231,7 +1231,7 @@ metrics:
image:
registry: docker.io
repository: bitnami/postgres-exporter
tag: 0.11.1-debian-11-r58
tag: 0.11.1-debian-11-r60
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.

2
charts/bitnami/airflow/charts/redis/Chart.yaml
View File

@ -24,4 +24,4 @@ maintainers:
name: redis
sources:
- https://github.com/bitnami/containers/tree/main/bitnami/redis
version: 17.7.4
version: 17.8.0

24
charts/bitnami/airflow/charts/redis/README.md
View File

@ -76,7 +76,6 @@ The command removes all the Kubernetes components associated with the chart and
| `global.storageClass` | Global StorageClass for Persistent Volume(s) | `""` |
| `global.redis.password` | Global Redis&reg; password (overrides `auth.password`) | `""` |
### Common parameters
| Name | Description | Value |
@ -94,20 +93,18 @@ The command removes all the Kubernetes components associated with the chart and
| `diagnosticMode.command` | Command to override all containers in the deployment | `["sleep"]` |
| `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` |
### Redis&reg; Image parameters
| Name | Description | Value |
| ------------------- | ---------------------------------------------------------------------------------------------------------- | --------------------- |
| `image.registry` | Redis&reg; image registry | `docker.io` |
| `image.repository` | Redis&reg; image repository | `bitnami/redis` |
| `image.tag` | Redis&reg; image tag (immutable tags are recommended) | `7.0.8-debian-11-r11` |
| `image.tag` | Redis&reg; image tag (immutable tags are recommended) | `7.0.8-debian-11-r13` |
| `image.digest` | Redis&reg; image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | Redis&reg; image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Redis&reg; image pull secrets | `[]` |
| `image.debug` | Enable image debug mode | `false` |
### Redis&reg; common configuration parameters
| Name | Description | Value |
@ -122,7 +119,6 @@ The command removes all the Kubernetes components associated with the chart and
| `commonConfiguration` | Common configuration to be added into the ConfigMap | `""` |
| `existingConfigmap` | The name of an existing ConfigMap with your custom configuration for Redis&reg; nodes | `""` |
### Redis&reg; master configuration parameters
| Name | Description | Value |
@ -222,7 +218,6 @@ The command removes all the Kubernetes components associated with the chart and
| `master.serviceAccount.automountServiceAccountToken` | Whether to auto mount the service account token | `true` |
| `master.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` |
### Redis&reg; replicas configuration parameters
| Name | Description | Value |
@ -329,7 +324,6 @@ The command removes all the Kubernetes components associated with the chart and
| `replica.serviceAccount.automountServiceAccountToken` | Whether to auto mount the service account token | `true` |
| `replica.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` |
### Redis&reg; Sentinel configuration parameters
| Name | Description | Value |
@ -337,7 +331,7 @@ The command removes all the Kubernetes components associated with the chart and
| `sentinel.enabled` | Use Redis&reg; Sentinel on Redis&reg; pods. | `false` |
| `sentinel.image.registry` | Redis&reg; Sentinel image registry | `docker.io` |
| `sentinel.image.repository` | Redis&reg; Sentinel image repository | `bitnami/redis-sentinel` |
| `sentinel.image.tag` | Redis&reg; Sentinel image tag (immutable tags are recommended) | `7.0.8-debian-11-r10` |
| `sentinel.image.tag` | Redis&reg; Sentinel image tag (immutable tags are recommended) | `7.0.8-debian-11-r12` |
| `sentinel.image.digest` | Redis&reg; Sentinel image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `sentinel.image.pullPolicy` | Redis&reg; Sentinel image pull policy | `IfNotPresent` |
| `sentinel.image.pullSecrets` | Redis&reg; Sentinel image pull secrets | `[]` |
@ -413,11 +407,11 @@ The command removes all the Kubernetes components associated with the chart and
| `sentinel.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` |
| `sentinel.terminationGracePeriodSeconds` | Integer setting the termination grace period for the redis-node pods | `30` |
### Other Parameters
| Name | Description | Value |
| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ------- |
| `serviceBindings.enabled` | Create secret for service binding (Experimental) | `false` |
| `networkPolicy.enabled` | Enable creation of NetworkPolicy resources | `false` |
| `networkPolicy.allowExternal` | Don't require client label for connections | `true` |
| `networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` |
@ -445,7 +439,6 @@ The command removes all the Kubernetes components associated with the chart and
| `tls.certCAFilename` | CA Certificate filename | `""` |
| `tls.dhParamsFilename` | File containing DH params (in order to support DH based ciphers) | `""` |
### Metrics Parameters
| Name | Description | Value |
@ -453,7 +446,7 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.enabled` | Start a sidecar prometheus exporter to expose Redis&reg; metrics | `false` |
| `metrics.image.registry` | Redis&reg; Exporter image registry | `docker.io` |
| `metrics.image.repository` | Redis&reg; Exporter image repository | `bitnami/redis-exporter` |
| `metrics.image.tag` | Redis&reg; Exporter image tag (immutable tags are recommended) | `1.46.0-debian-11-r5` |
| `metrics.image.tag` | Redis&reg; Exporter image tag (immutable tags are recommended) | `1.46.0-debian-11-r6` |
| `metrics.image.digest` | Redis&reg; Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `metrics.image.pullPolicy` | Redis&reg; Exporter image pull policy | `IfNotPresent` |
| `metrics.image.pullSecrets` | Redis&reg; Exporter image pull secrets | `[]` |
@ -511,7 +504,6 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.prometheusRule.additionalLabels` | Additional labels for the prometheusRule | `{}` |
| `metrics.prometheusRule.rules` | Custom Prometheus rules | `[]` |
### Init Container Parameters
| Name | Description | Value |
@ -519,7 +511,7 @@ The command removes all the Kubernetes components associated with the chart and
| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` |
| `volumePermissions.image.registry` | Bitnami Shell image registry | `docker.io` |
| `volumePermissions.image.repository` | Bitnami Shell image repository | `bitnami/bitnami-shell` |
| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r85` |
| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r87` |
| `volumePermissions.image.digest` | Bitnami Shell image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `volumePermissions.image.pullPolicy` | Bitnami Shell image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Bitnami Shell image pull secrets | `[]` |
@ -529,7 +521,7 @@ The command removes all the Kubernetes components associated with the chart and
| `sysctl.enabled` | Enable init container to modify Kernel settings | `false` |
| `sysctl.image.registry` | Bitnami Shell image registry | `docker.io` |
| `sysctl.image.repository` | Bitnami Shell image repository | `bitnami/bitnami-shell` |
| `sysctl.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r85` |
| `sysctl.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r87` |
| `sysctl.image.digest` | Bitnami Shell image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `sysctl.image.pullPolicy` | Bitnami Shell image pull policy | `IfNotPresent` |
| `sysctl.image.pullSecrets` | Bitnami Shell image pull secrets | `[]` |
@ -538,7 +530,6 @@ The command removes all the Kubernetes components associated with the chart and
| `sysctl.resources.limits` | The resources limits for the init container | `{}` |
| `sysctl.resources.requests` | The requested resources for the init container | `{}` |
### useExternalDNS Parameters
| Name | Description | Value |
@ -549,9 +540,8 @@ The command removes all the Kubernetes components associated with the chart and
| `useExternalDNS.suffix` | The DNS suffix utilized when `external-dns` is enabled. Note that we prepend the suffix with the full name of the release. | `""` |
```console
$ helm install my-release \
helm install my-release \
--set auth.password=secretpassword \
my-repo/redis
```

2
charts/bitnami/airflow/charts/redis/templates/master/application.yaml
View File

@ -264,6 +264,8 @@ spec:
{{- end }}
{{- if .Values.diagnosticMode.enabled }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
{{- else if .Values.metrics.command }}
command: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.command "context" $) | nindent 12 }}
{{- else }}
command:
- /bin/bash

33
charts/bitnami/airflow/charts/redis/templates/secret.yaml
View File

@ -1,3 +1,13 @@
{{- $host := include "common.names.fullname" . }}
{{- if not .Values.sentinel.enabled }}
{{- $host = printf "%s-master" (include "common.names.fullname" .) }}
{{- end }}
{{- $port := print .Values.master.service.ports.redis }}
{{- if .Values.sentinel.enabled }}
{{- $port = print .Values.sentinel.service.ports.redis }}
{{- end }}
{{- $password := include "redis.password" . }}
{{- if and .Values.auth.enabled (not .Values.auth.existingSecret) -}}
apiVersion: v1
kind: Secret
@ -21,3 +31,26 @@ type: Opaque
data:
redis-password: {{ include "redis.password" . | b64enc | quote }}
{{- end -}}
{{- if .Values.serviceBindings.enabled }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.names.fullname" . }}-svcbind
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: servicebinding.io/redis
data:
provider: {{ print "bitnami" | b64enc | quote }}
type: {{ print "redis" | b64enc | quote }}
host: {{ print $host | b64enc | quote }}
port: {{ print $port | b64enc | quote }}
password: {{ print $password | b64enc | quote }}
uri: {{ printf "redis://%s@%s:%s" $password $host $port | b64enc | quote }}
{{- end }}

22
charts/bitnami/airflow/charts/redis/values.yaml
View File

@ -82,7 +82,7 @@ diagnosticMode:
image:
registry: docker.io
repository: bitnami/redis
tag: 7.0.8-debian-11-r11
tag: 7.0.8-debian-11-r13
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -364,6 +364,7 @@ master:
## ref: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
## E.g.
## dnsPolicy: ClusterFirst
##
dnsPolicy: ""
## @param master.dnsConfig DNS Configuration for Redis&reg; master pod
## ref: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
@ -373,6 +374,7 @@ master:
## - name: ndots
## value: "4"
## - name: single-request-reopen
##
dnsConfig: {}
## @param master.lifecycleHooks for the Redis&reg; master container(s) to automate configuration before or after startup
##
@ -776,6 +778,7 @@ replica:
## ref: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
## E.g.
## dnsPolicy: ClusterFirst
##
dnsPolicy: ""
## @param replica.dnsConfig DNS Configuration for Redis&reg; replica pods
## ref: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
@ -785,6 +788,7 @@ replica:
## - name: ndots
## value: "4"
## - name: single-request-reopen
##
dnsConfig: {}
## @param replica.lifecycleHooks for the Redis&reg; replica container(s) to automate configuration before or after startup
##
@ -985,7 +989,7 @@ sentinel:
image:
registry: docker.io
repository: bitnami/redis-sentinel
tag: 7.0.8-debian-11-r10
tag: 7.0.8-debian-11-r12
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -1011,6 +1015,7 @@ sentinel:
quorum: 2
## @param sentinel.getMasterTimeout Amount of time to allow before get_sentinel_master_info() times out.
## NOTE: This is directly related to the startupProbes which are configured to run every 10 seconds for a total of 22 failures. If adjusting this value, also adjust the startupProbes.
##
getMasterTimeout: 220
## @param sentinel.automateClusterRecovery Automate cluster recovery in cases where the last replica is not considered a good replica and Sentinel won't automatically failover to it.
## This also prevents any new replica from starting until the last remaining replica is elected as master to guarantee that it is the one to be elected by Sentinel, and not a newly started replica with no data.
@ -1018,6 +1023,7 @@ sentinel:
##
automateClusterRecovery: false
## @param sentinel.redisShutdownWaitFailover Whether the Redis&reg; master container waits for the failover at shutdown (in addition to the Redis&reg; Sentinel container).
##
redisShutdownWaitFailover: true
## Sentinel timing restrictions
## @param sentinel.downAfterMilliseconds Timeout for detecting a Redis&reg; node is down
@ -1247,6 +1253,12 @@ sentinel:
## @section Other Parameters
##
## @param serviceBindings.enabled Create secret for service binding (Experimental)
## Ref: https://servicebinding.io/service-provider/
##
serviceBindings:
enabled: false
## Network Policy configuration
## ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/
##
@ -1407,7 +1419,7 @@ metrics:
image:
registry: docker.io
repository: bitnami/redis-exporter
tag: 1.46.0-debian-11-r5
tag: 1.46.0-debian-11-r6
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
@ -1658,7 +1670,7 @@ volumePermissions:
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: 11-debian-11-r85
tag: 11-debian-11-r87
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
@ -1706,7 +1718,7 @@ sysctl:
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: 11-debian-11-r85
tag: 11-debian-11-r87
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.

12
charts/bitnami/airflow/values.yaml
View File

@ -118,7 +118,7 @@ dags:
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: 11-debian-11-r85
tag: 11-debian-11-r90
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
@ -185,7 +185,7 @@ web:
image:
registry: docker.io
repository: bitnami/airflow
tag: 2.5.1-debian-11-r10
tag: 2.5.1-debian-11-r13
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -443,7 +443,7 @@ scheduler:
image:
registry: docker.io
repository: bitnami/airflow-scheduler
tag: 2.5.1-debian-11-r9
tag: 2.5.1-debian-11-r14
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -647,7 +647,7 @@ worker:
image:
registry: docker.io
repository: bitnami/airflow-worker
tag: 2.5.1-debian-11-r9
tag: 2.5.1-debian-11-r14
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -920,7 +920,7 @@ git:
image:
registry: docker.io
repository: bitnami/git
tag: 2.39.2-debian-11-r0
tag: 2.39.2-debian-11-r5
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -1283,7 +1283,7 @@ metrics:
image:
registry: docker.io
repository: bitnami/airflow-exporter
tag: 0.20220314.0-debian-11-r91
tag: 0.20220314.0-debian-11-r96
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.

2
charts/bitnami/cassandra/Chart.yaml
View File

@ -29,4 +29,4 @@ name: cassandra
sources:
- https://github.com/bitnami/containers/tree/main/bitnami/cassandra
- http://cassandra.apache.org
version: 10.0.3
version: 10.0.4

6
charts/bitnami/cassandra/README.md
View File

@ -81,7 +81,7 @@ The command removes all the Kubernetes components associated with the chart and
| ----------------------------- | ---------------------------------------------------------------------------------------------------------------------- | --------------------- |
| `image.registry` | Cassandra image registry | `docker.io` |
| `image.repository` | Cassandra image repository | `bitnami/cassandra` |
| `image.tag` | Cassandra image tag (immutable tags are recommended) | `4.1.0-debian-11-r21` |
| `image.tag` | Cassandra image tag (immutable tags are recommended) | `4.1.0-debian-11-r25` |
| `image.digest` | Cassandra image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Cassandra image pull secrets | `[]` |
@ -230,7 +230,7 @@ The command removes all the Kubernetes components associated with the chart and
| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` |
| `volumePermissions.image.registry` | Init container volume image registry | `docker.io` |
| `volumePermissions.image.repository` | Init container volume image repository | `bitnami/bitnami-shell` |
| `volumePermissions.image.tag` | Init container volume image tag (immutable tags are recommended) | `11-debian-11-r85` |
| `volumePermissions.image.tag` | Init container volume image tag (immutable tags are recommended) | `11-debian-11-r90` |
| `volumePermissions.image.digest` | Init container volume image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `volumePermissions.image.pullPolicy` | Init container volume pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
@ -245,7 +245,7 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.enabled` | Start a side-car prometheus exporter | `false` |
| `metrics.image.registry` | Cassandra exporter image registry | `docker.io` |
| `metrics.image.repository` | Cassandra exporter image name | `bitnami/cassandra-exporter` |
| `metrics.image.tag` | Cassandra exporter image tag | `2.3.8-debian-11-r90` |
| `metrics.image.tag` | Cassandra exporter image tag | `2.3.8-debian-11-r95` |
| `metrics.image.digest` | Cassandra exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `metrics.image.pullPolicy` | image pull policy | `IfNotPresent` |
| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |

6
charts/bitnami/cassandra/values.yaml
View File

@ -73,7 +73,7 @@ diagnosticMode:
image:
registry: docker.io
repository: bitnami/cassandra
tag: 4.1.0-debian-11-r21
tag: 4.1.0-debian-11-r25
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -604,7 +604,7 @@ volumePermissions:
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: 11-debian-11-r85
tag: 11-debian-11-r90
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
@ -673,7 +673,7 @@ metrics:
registry: docker.io
pullPolicy: IfNotPresent
repository: bitnami/cassandra-exporter
tag: 2.3.8-debian-11-r90
tag: 2.3.8-debian-11-r95
digest: ""
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.

6
charts/bitnami/kafka/Chart.lock
View File

@ -1,9 +1,9 @@
dependencies:
- name: zookeeper
repository: https://charts.bitnami.com/bitnami
version: 11.1.2
version: 11.1.3
- name: common
repository: https://charts.bitnami.com/bitnami
version: 2.2.3
digest: sha256:36f9ab281db4f7a9d978f445eb7fcf9d7553ad4f8c491bf01fce432c9f698509
generated: "2023-02-15T09:46:39.298351777Z"
digest: sha256:9b4839a665633a42ed9baebd57470791a91b377183962a91c33d505985aa790b
generated: "2023-02-22T15:02:37.191542654Z"

2
charts/bitnami/kafka/Chart.yaml
View File

@ -35,4 +35,4 @@ name: kafka
sources:
- https://github.com/bitnami/containers/tree/main/bitnami/kafka
- https://kafka.apache.org/
version: 21.0.1
version: 21.1.1

36
charts/bitnami/kafka/README.md
View File

@ -62,18 +62,19 @@ The command removes all the Kubernetes components associated with the chart and
### Common parameters
| Name | Description | Value |
| ------------------------ | --------------------------------------------------------------------------------------- | --------------- |
| `kubeVersion` | Override Kubernetes version | `""` |
| `nameOverride` | String to partially override common.names.fullname | `""` |
| `fullnameOverride` | String to fully override common.names.fullname | `""` |
| `clusterDomain` | Default Kubernetes cluster domain | `cluster.local` |
| `commonLabels` | Labels to add to all deployed objects | `{}` |
| `commonAnnotations` | Annotations to add to all deployed objects | `{}` |
| `extraDeploy` | Array of extra objects to deploy with the release | `[]` |
| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` |
| `diagnosticMode.command` | Command to override all containers in the statefulset | `["sleep"]` |
| `diagnosticMode.args` | Args to override all containers in the statefulset | `["infinity"]` |
| Name | Description | Value |
| ------------------------- | --------------------------------------------------------------------------------------- | --------------- |
| `kubeVersion` | Override Kubernetes version | `""` |
| `nameOverride` | String to partially override common.names.fullname | `""` |
| `fullnameOverride` | String to fully override common.names.fullname | `""` |
| `clusterDomain` | Default Kubernetes cluster domain | `cluster.local` |
| `commonLabels` | Labels to add to all deployed objects | `{}` |
| `commonAnnotations` | Annotations to add to all deployed objects | `{}` |
| `extraDeploy` | Array of extra objects to deploy with the release | `[]` |
| `serviceBindings.enabled` | Create secret for service binding (Experimental) | `false` |
| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` |
| `diagnosticMode.command` | Command to override all containers in the statefulset | `["sleep"]` |
| `diagnosticMode.args` | Args to override all containers in the statefulset | `["infinity"]` |
### Kafka parameters
@ -81,7 +82,7 @@ The command removes all the Kubernetes components associated with the chart and
| ------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------- |
| `image.registry` | Kafka image registry | `docker.io` |
| `image.repository` | Kafka image repository | `bitnami/kafka` |
| `image.tag` | Kafka image tag (immutable tags are recommended) | `3.4.0-debian-11-r2` |
| `image.tag` | Kafka image tag (immutable tags are recommended) | `3.4.0-debian-11-r6` |
| `image.digest` | Kafka image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | Kafka image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
@ -252,7 +253,7 @@ The command removes all the Kubernetes components associated with the chart and
| `externalAccess.autoDiscovery.enabled` | Enable using an init container to auto-detect external IPs/ports by querying the K8s API | `false` |
| `externalAccess.autoDiscovery.image.registry` | Init container auto-discovery image registry | `docker.io` |
| `externalAccess.autoDiscovery.image.repository` | Init container auto-discovery image repository | `bitnami/kubectl` |
| `externalAccess.autoDiscovery.image.tag` | Init container auto-discovery image tag (immutable tags are recommended) | `1.25.6-debian-11-r10` |
| `externalAccess.autoDiscovery.image.tag` | Init container auto-discovery image tag (immutable tags are recommended) | `1.25.6-debian-11-r14` |
| `externalAccess.autoDiscovery.image.digest` | Kubectl image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `externalAccess.autoDiscovery.image.pullPolicy` | Init container auto-discovery image pull policy | `IfNotPresent` |
| `externalAccess.autoDiscovery.image.pullSecrets` | Init container auto-discovery image pull secrets | `[]` |
@ -307,7 +308,7 @@ The command removes all the Kubernetes components associated with the chart and
| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` |
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r86` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` |
| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` |
@ -332,7 +333,7 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.kafka.enabled` | Whether or not to create a standalone Kafka exporter to expose Kafka metrics | `false` |
| `metrics.kafka.image.registry` | Kafka exporter image registry | `docker.io` |
| `metrics.kafka.image.repository` | Kafka exporter image repository | `bitnami/kafka-exporter` |
| `metrics.kafka.image.tag` | Kafka exporter image tag (immutable tags are recommended) | `1.6.0-debian-11-r61` |
| `metrics.kafka.image.tag` | Kafka exporter image tag (immutable tags are recommended) | `1.6.0-debian-11-r65` |
| `metrics.kafka.image.digest` | Kafka exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `metrics.kafka.image.pullPolicy` | Kafka exporter image pull policy | `IfNotPresent` |
| `metrics.kafka.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
@ -380,7 +381,7 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.jmx.enabled` | Whether or not to expose JMX metrics to Prometheus | `false` |
| `metrics.jmx.image.registry` | JMX exporter image registry | `docker.io` |
| `metrics.jmx.image.repository` | JMX exporter image repository | `bitnami/jmx-exporter` |
| `metrics.jmx.image.tag` | JMX exporter image tag (immutable tags are recommended) | `0.17.2-debian-11-r49` |
| `metrics.jmx.image.tag` | JMX exporter image tag (immutable tags are recommended) | `0.17.2-debian-11-r53` |
| `metrics.jmx.image.digest` | JMX exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `metrics.jmx.image.pullPolicy` | JMX exporter image pull policy | `IfNotPresent` |
| `metrics.jmx.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
@ -482,6 +483,7 @@ The command removes all the Kubernetes components associated with the chart and
| `zookeeper.persistence.size` | Persistent Volume size | `8Gi` |
| `externalZookeeper.servers` | List of external zookeeper servers to use. Typically used in combination with 'zookeeperChrootPath'. | `[]` |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```console

6
charts/bitnami/kafka/charts/zookeeper/Chart.lock
View File

@ -1,6 +1,6 @@
dependencies:
- name: common
repository: https://charts.bitnami.com/bitnami
version: 2.2.2
digest: sha256:49ca75cf23ba5eb7df4becef52580f98c8bd8194eb80368b9d7b875f6eefa8e5
generated: "2023-01-06T05:12:14.420203052Z"
version: 2.2.3
digest: sha256:2c7165542fc01b9e98b577cd8b1095d0ed8267d34b97b6e581a1176bfb8e4dcb
generated: "2023-02-17T20:26:24.808959946Z"

2
charts/bitnami/kafka/charts/zookeeper/Chart.yaml
View File

@ -22,4 +22,4 @@ name: zookeeper
sources:
- https://github.com/bitnami/containers/tree/main/bitnami/zookeeper
- https://zookeeper.apache.org/
version: 11.1.2
version: 11.1.3

37
charts/bitnami/kafka/charts/zookeeper/README.md
View File

@ -11,8 +11,8 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema
## TL;DR
```console
$ helm repo add my-repo https://charts.bitnami.com/bitnami
$ helm install my-release my-repo/zookeeper
helm repo add my-repo https://charts.bitnami.com/bitnami
helm install my-release my-repo/zookeeper
```
## Introduction
@ -32,8 +32,8 @@ Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment
To install the chart with the release name `my-release`:
```console
$ helm repo add my-repo https://charts.bitnami.com/bitnami
$ helm install my-release my-repo/zookeeper
helm repo add my-repo https://charts.bitnami.com/bitnami
helm install my-release my-repo/zookeeper
```
These commands deploy ZooKeeper on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation.
@ -45,7 +45,7 @@ These commands deploy ZooKeeper on the Kubernetes cluster in the default configu
To uninstall/delete the `my-release` deployment:
```console
$ helm delete my-release
helm delete my-release
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
@ -60,7 +60,6 @@ The command removes all the Kubernetes components associated with the chart and
| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` |
| `global.storageClass` | Global StorageClass for Persistent Volume(s) | `""` |
### Common parameters
| Name | Description | Value |
@ -77,14 +76,13 @@ The command removes all the Kubernetes components associated with the chart and
| `diagnosticMode.command` | Command to override all containers in the statefulset | `["sleep"]` |
| `diagnosticMode.args` | Args to override all containers in the statefulset | `["infinity"]` |
### ZooKeeper chart parameters
| Name | Description | Value |
| ----------------------------- | -------------------------------------------------------------------------------------------------------------------------- | ----------------------- |
| `image.registry` | ZooKeeper image registry | `docker.io` |
| `image.repository` | ZooKeeper image repository | `bitnami/zookeeper` |
| `image.tag` | ZooKeeper image tag (immutable tags are recommended) | `3.8.1-debian-11-r0` |
| `image.tag` | ZooKeeper image tag (immutable tags are recommended) | `3.8.1-debian-11-r6` |
| `image.digest` | ZooKeeper image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | ZooKeeper image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
@ -125,7 +123,6 @@ The command removes all the Kubernetes components associated with the chart and
| `command` | Override default container command (useful when using custom images) | `["/scripts/setup.sh"]` |
| `args` | Override default container args (useful when using custom images) | `[]` |
### Statefulset parameters
| Name | Description | Value |
@ -193,7 +190,6 @@ The command removes all the Kubernetes components associated with the chart and
| `pdb.minAvailable` | Minimum available ZooKeeper replicas | `""` |
| `pdb.maxUnavailable` | Maximum unavailable ZooKeeper replicas | `1` |
### Traffic Exposure parameters
| Name | Description | Value |
@ -220,7 +216,6 @@ The command removes all the Kubernetes components associated with the chart and
| `networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `false` |
| `networkPolicy.allowExternal` | Don't require client label for connections | `true` |
### Other Parameters
| Name | Description | Value |
@ -230,7 +225,6 @@ The command removes all the Kubernetes components associated with the chart and
| `serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `true` |
| `serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` |
### Persistence parameters
| Name | Description | Value |
@ -247,7 +241,6 @@ The command removes all the Kubernetes components associated with the chart and
| `persistence.dataLogDir.existingClaim` | Provide an existing `PersistentVolumeClaim` for ZooKeeper's data log directory | `""` |
| `persistence.dataLogDir.selector` | Selector to match an existing Persistent Volume for ZooKeeper's data log PVC | `{}` |
### Volume Permissions parameters
| Name | Description | Value |
@ -255,7 +248,7 @@ The command removes all the Kubernetes components associated with the chart and
| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` |
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r77` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r86` |
| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` |
@ -264,7 +257,6 @@ The command removes all the Kubernetes components associated with the chart and
| `volumePermissions.containerSecurityContext.enabled` | Enabled init container Security Context | `true` |
| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` |
### Metrics parameters
| Name | Description | Value |
@ -289,7 +281,6 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.prometheusRule.additionalLabels` | Additional labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` |
| `metrics.prometheusRule.rules` | PrometheusRule definitions | `[]` |
### TLS/SSL parameters
| Name | Description | Value |
@ -323,11 +314,10 @@ The command removes all the Kubernetes components associated with the chart and
| `tls.resources.limits` | The resources limits for the TLS init container | `{}` |
| `tls.resources.requests` | The requested resources for the TLS init container | `{}` |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```console
$ helm install my-release \
helm install my-release \
--set auth.clientUser=newUser \
my-repo/zookeeper
```
@ -339,7 +329,7 @@ The above command sets the ZooKeeper user to `newUser`.
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
```console
$ helm install my-release -f values.yaml my-repo/zookeeper
helm install my-release -f values.yaml my-repo/zookeeper
```
> **Tip**: You can use the default [values.yaml](values.yaml)
@ -362,7 +352,7 @@ First, ensure that you are not getting metrics via the deprecated pattern of pol
Second, to avoid the connection/disconnection messages from the probes, you can set custom values for these checks which direct them to the ZooKeeper Admin Server instead of the client port. By default, an Admin Server will be started that listens on `localhost` at port `8080`. The following is an example of this use of the Admin Server for probes:
```
```yaml
livenessProbe:
enabled: false
readinessProbe:
@ -390,6 +380,7 @@ You can also set the log4j logging level and what log appenders are turned on, b
```console
zookeeper.root.logger=INFO, CONSOLE
```
the available appender is
- CONSOLE
@ -504,7 +495,7 @@ Backwards compatibility is not guaranteed unless you modify the labels used on t
Use the workaround below to upgrade from versions previous to 2.0.0. The following example assumes that the release name is `zookeeper`:
```console
$ kubectl delete statefulset zookeeper-zookeeper --cascade=false
kubectl delete statefulset zookeeper-zookeeper --cascade=false
```
### To 1.0.0
@ -513,7 +504,7 @@ Backwards compatibility is not guaranteed unless you modify the labels used on t
Use the workaround below to upgrade from versions previous to 1.0.0. The following example assumes that the release name is zookeeper:
```console
$ kubectl delete statefulset zookeeper-zookeeper --cascade=false
kubectl delete statefulset zookeeper-zookeeper --cascade=false
```
## License
@ -524,7 +515,7 @@ Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
<http://www.apache.org/licenses/LICENSE-2.0>
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,

5
charts/bitnami/kafka/charts/zookeeper/charts/common/Chart.yaml
View File

@ -1,7 +1,8 @@
annotations:
category: Infrastructure
licenses: Apache-2.0
apiVersion: v2
appVersion: 2.2.2
appVersion: 2.2.3
description: A Library Helm Chart for grouping common logic between bitnami charts.
This chart is not deployable by itself.
home: https://github.com/bitnami/charts/tree/main/bitnami/common
@ -20,4 +21,4 @@ sources:
- https://github.com/bitnami/charts
- https://www.bitnami.com/
type: library
version: 2.2.2
version: 2.2.3

4
charts/bitnami/kafka/charts/zookeeper/charts/common/README.md
View File

@ -11,7 +11,7 @@ dependencies:
repository: https://charts.bitnami.com/bitnami
```
```bash
```console
$ helm dependency update
```
@ -336,7 +336,7 @@ $ helm install test mychart --set path.to.value00="",path.to.value01=""
## License
Copyright &copy; 2022 Bitnami
Copyright &copy; 2023 Bitnami
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

2
charts/bitnami/kafka/charts/zookeeper/charts/common/templates/_images.tpl
View File

@ -1,7 +1,7 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Return the proper image name
{{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" $) }}
{{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" .Values.global ) }}
*/}}
{{- define "common.images.image" -}}
{{- $registryName := .imageRoot.registry -}}

4
charts/bitnami/kafka/charts/zookeeper/values.yaml
View File

@ -76,7 +76,7 @@ diagnosticMode:
image:
registry: docker.io
repository: bitnami/zookeeper
tag: 3.8.1-debian-11-r0
tag: 3.8.1-debian-11-r6
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -660,7 +660,7 @@ volumePermissions:
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: 11-debian-11-r77
tag: 11-debian-11-r86
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.

77
charts/bitnami/kafka/templates/jaas-secret.yaml
View File

@ -1,3 +1,20 @@
{{- $port := print .Values.service.ports.client }}
{{- $host := list }}
{{- $bootstrapServers := list }}
{{- range $i, $e := until (int .Values.replicaCount) }}
{{- $broker := printf "%s-%s.%s-headless.%s.svc.%s" (include "common.names.fullname" $) (print $i) (include "common.names.fullname" $) $.Release.Namespace $.Values.clusterDomain }}
{{- $host = append $host $broker }}
{{- $bootstrapServers = append $bootstrapServers (printf "%s:%s" $broker $port) }}
{{- end }}
{{- $clientUsers := .Values.auth.sasl.jaas.clientUsers }}
{{- $clientPasswords := .Values.auth.sasl.jaas.clientPasswords }}
{{- if not $clientPasswords }}
{{- $clientPasswords = list }}
{{- range $clientUsers }}
{{- $clientPasswords = append $clientPasswords (randAlphaNum 10) }}
{{- end }}
{{- end }}
{{- if (include "kafka.createJaasSecret" .) }}
apiVersion: v1
kind: Secret
@ -14,19 +31,8 @@ metadata:
type: Opaque
data:
{{- if (include "kafka.client.saslAuthentication" .) }}
{{- $clientUsers := .Values.auth.sasl.jaas.clientUsers }}
{{- $clientPasswords := .Values.auth.sasl.jaas.clientPasswords }}
{{- if $clientPasswords }}
client-passwords: {{ join "," $clientPasswords | b64enc | quote }}
system-user-password: {{ index $clientPasswords 0 | b64enc | quote }}
{{- else }}
{{- $passwords := list }}
{{- range $clientUsers }}
{{- $passwords = append $passwords (randAlphaNum 10) }}
{{- end }}
client-passwords: {{ join "," $passwords | b64enc | quote }}
system-user-password: {{ index $passwords 0 | b64enc | quote }}
{{- end }}
{{- end }}
{{- $zookeeperUser := .Values.auth.sasl.jaas.zookeeperUser }}
{{- if and .Values.zookeeper.auth.client.enabled $zookeeperUser }}
@ -38,3 +44,52 @@ data:
inter-broker-password: {{ default (randAlphaNum 10) $interBrokerPassword | b64enc | quote }}
{{- end }}
{{- end }}
{{- if .Values.serviceBindings.enabled }}
{{- if (include "kafka.client.saslAuthentication" .) }}
{{- range $i, $e := until (len $clientUsers) }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.names.fullname" $ }}-svcbind-user-{{ $i }}
namespace: {{ $.Release.Namespace | quote }}
labels: {{- include "common.labels.standard" $ | nindent 4 }}
{{- if $.Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if $.Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: servicebinding.io/kafka
data:
provider: {{ print "bitnami" | b64enc | quote }}
type: {{ print "kafka" | b64enc | quote }}
user: {{ index $clientUsers $i | b64enc | quote }}
password: {{ index $clientPasswords $i | b64enc | quote }}
host: {{ join "," $host | b64enc | quote }}
port: {{ print $port | b64enc | quote }}
bootstrap-servers: {{ join "," $bootstrapServers | b64enc | quote }}
{{- end }}
{{- else }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.names.fullname" . }}-svcbind
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: servicebinding.io/kafka
data:
provider: {{ print "bitnami" | b64enc | quote }}
type: {{ print "kafka" | b64enc | quote }}
host: {{ join "," $host | b64enc | quote }}
port: {{ print $port | b64enc | quote }}
bootstrap-servers: {{ join "," $bootstrapServers | b64enc | quote }}
{{- end }}
{{- end }}

30
charts/bitnami/kafka/values.yaml
View File

@ -2,6 +2,7 @@
## Global Docker image parameters
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass
##
## @param global.imageRegistry Global Docker image registry
## @param global.imagePullSecrets Global Docker registry secret names as an array
@ -17,6 +18,7 @@ global:
storageClass: ""
## @section Common parameters
##
## @param kubeVersion Override Kubernetes version
##
@ -39,6 +41,11 @@ commonAnnotations: {}
## @param extraDeploy Array of extra objects to deploy with the release
##
extraDeploy: []
## @param serviceBindings.enabled Create secret for service binding (Experimental)
## Ref: https://servicebinding.io/service-provider/
##
serviceBindings:
enabled: false
## Enable diagnostic mode in the statefulset
##
diagnosticMode:
@ -55,6 +62,7 @@ diagnosticMode:
- infinity
## @section Kafka parameters
##
## Bitnami Kafka image version
## ref: https://hub.docker.com/r/bitnami/kafka/tags/
@ -69,7 +77,7 @@ diagnosticMode:
image:
registry: docker.io
repository: bitnami/kafka
tag: 3.4.0-debian-11-r2
tag: 3.4.0-debian-11-r6
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -161,6 +169,7 @@ logRetentionHours: 168
logSegmentBytes: _1073741824
## @param logsDirs A comma separated list of directories in which kafka's log data is kept
## ref: https://kafka.apache.org/documentation/#brokerconfigs_log.dirs
##
logsDirs: /bitnami/kafka/data
## @param maxMessageBytes The largest record batch size allowed by Kafka
##
@ -420,6 +429,7 @@ extraEnvVarsCM: ""
extraEnvVarsSecret: ""
## @section Statefulset parameters
##
## @param replicaCount Number of Kafka nodes
##
@ -665,6 +675,7 @@ pdb:
maxUnavailable: 1
## @section Traffic Exposure parameters
##
## Service parameters
##
@ -726,6 +737,7 @@ service:
headless:
## @param service.headless.publishNotReadyAddresses Indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready
## ref: https://kubernetes.io/docs/reference/kubernetes-api/service-resources/service-v1/
##
publishNotReadyAddresses: false
## @param service.headless.annotations Annotations for the headless service.
##
@ -762,7 +774,7 @@ externalAccess:
image:
registry: docker.io
repository: bitnami/kubectl
tag: 1.25.6-debian-11-r10
tag: 1.25.6-debian-11-r14
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -843,6 +855,7 @@ externalAccess:
domain: ""
## @param externalAccess.service.publishNotReadyAddresses Indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready
## ref: https://kubernetes.io/docs/reference/kubernetes-api/service-resources/service-v1/
##
publishNotReadyAddresses: false
## @param externalAccess.service.labels Service labels for external access
##
@ -898,9 +911,11 @@ networkPolicy:
## - namespaceSelector:
## matchLabels:
## label: example
##
customRules: []
## @section Persistence parameters
##
## Enable persistence using Persistent Volume Claims
## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/
@ -1001,7 +1016,7 @@ volumePermissions:
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: 11-debian-11-r86
tag: 11-debian-11-r90
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
@ -1029,6 +1044,7 @@ volumePermissions:
runAsUser: 0
## @section Other Parameters
##
## ServiceAccount for Kafka
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
@ -1059,6 +1075,7 @@ rbac:
create: false
## @section Metrics parameters
##
## Prometheus Exporters / Metrics
##
@ -1081,7 +1098,7 @@ metrics:
image:
registry: docker.io
repository: bitnami/kafka-exporter
tag: 1.6.0-debian-11-r61
tag: 1.6.0-debian-11-r65
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -1317,7 +1334,7 @@ metrics:
image:
registry: docker.io
repository: bitnami/jmx-exporter
tag: 0.17.2-debian-11-r49
tag: 0.17.2-debian-11-r53
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -1417,6 +1434,7 @@ metrics:
## name: kafka_server_socket_server_metrics_$3
## labels:
## listener: $1
##
extraRules: ""
## Prometheus Operator ServiceMonitor configuration
##
@ -1470,6 +1488,7 @@ metrics:
groups: []
## @section Kafka provisioning parameters
##
## Kafka provisioning
##
@ -1699,6 +1718,7 @@ provisioning:
waitForKafka: true
## @section ZooKeeper chart parameters
##
## ZooKeeper chart configuration
## https://github.com/bitnami/charts/blob/main/bitnami/zookeeper/values.yaml

2
charts/bitnami/mariadb/Chart.yaml
View File

@ -32,4 +32,4 @@ sources:
- https://github.com/bitnami/containers/tree/main/bitnami/mariadb
- https://github.com/prometheus/mysqld_exporter
- https://mariadb.org
version: 11.5.0
version: 11.5.1

6
charts/bitnami/mariadb/README.md
View File

@ -86,7 +86,7 @@ The command removes all the Kubernetes components associated with the chart and
| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- |
| `image.registry` | MariaDB image registry | `docker.io` |
| `image.repository` | MariaDB image repository | `bitnami/mariadb` |
| `image.tag` | MariaDB image tag (immutable tags are recommended) | `10.6.12-debian-11-r3` |
| `image.tag` | MariaDB image tag (immutable tags are recommended) | `10.6.12-debian-11-r6` |
| `image.digest` | MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | MariaDB image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
@ -306,7 +306,7 @@ The command removes all the Kubernetes components associated with the chart and
| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` |
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r86` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` |
| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
@ -320,7 +320,7 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.enabled` | Start a side-car prometheus exporter | `false` |
| `metrics.image.registry` | Exporter image registry | `docker.io` |
| `metrics.image.repository` | Exporter image repository | `bitnami/mysqld-exporter` |
| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r90` |
| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r94` |
| `metrics.image.digest` | Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `metrics.image.pullPolicy` | Exporter image pull policy | `IfNotPresent` |
| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |

6
charts/bitnami/mariadb/values.yaml
View File

@ -87,7 +87,7 @@ serviceBindings:
image:
registry: docker.io
repository: bitnami/mariadb
tag: 10.6.12-debian-11-r3
tag: 10.6.12-debian-11-r6
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -995,7 +995,7 @@ volumePermissions:
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: 11-debian-11-r86
tag: 11-debian-11-r90
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)
@ -1031,7 +1031,7 @@ metrics:
image:
registry: docker.io
repository: bitnami/mysqld-exporter
tag: 0.14.0-debian-11-r90
tag: 0.14.0-debian-11-r94
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)

2
charts/bitnami/mysql/Chart.yaml
View File

@ -30,4 +30,4 @@ name: mysql
sources:
- https://github.com/bitnami/containers/tree/main/bitnami/mysql
- https://mysql.com
version: 9.5.0
version: 9.5.1

48
charts/bitnami/mysql/README.md
View File

@ -79,28 +79,28 @@ The command removes all the Kubernetes components associated with the chart and
### MySQL common parameters
| Name | Description | Value |
| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------- |
| `image.registry` | MySQL image registry | `docker.io` |
| `image.repository` | MySQL image repository | `bitnami/mysql` |
| `image.tag` | MySQL image tag (immutable tags are recommended) | `8.0.32-debian-11-r8` |
| `image.digest` | MySQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | MySQL image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
| `image.debug` | Specify if debug logs should be enabled | `false` |
| `architecture` | MySQL architecture (`standalone` or `replication`) | `standalone` |
| `auth.rootPassword` | Password for the `root` user. Ignored if existing secret is provided | `""` |
| `auth.createDatabase` | Whether to create the .Values.auth.database or not | `true` |
| `auth.database` | Name for a custom database to create | `my_database` |
| `auth.username` | Name for a custom user to create | `""` |
| `auth.password` | Password for the new user. Ignored if existing secret is provided | `""` |
| `auth.replicationUser` | MySQL replication user | `replicator` |
| `auth.replicationPassword` | MySQL replication user password. Ignored if existing secret is provided | `""` |
| `auth.existingSecret` | Use existing secret for password details. The secret has to contain the keys `mysql-root-password`, `mysql-replication-password` and `mysql-password` | `""` |
| `auth.usePasswordFiles` | Mount credentials as files instead of using an environment variable | `false` |
| `auth.customPasswordFiles` | Use custom password files when `auth.usePasswordFiles` is set to `true`. Define path for keys `root` and `user`, also define `replicator` if `architecture` is set to `replication` | `{}` |
| `initdbScripts` | Dictionary of initdb scripts | `{}` |
| `initdbScriptsConfigMap` | ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) | `""` |
| Name | Description | Value |
| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- |
| `image.registry` | MySQL image registry | `docker.io` |
| `image.repository` | MySQL image repository | `bitnami/mysql` |
| `image.tag` | MySQL image tag (immutable tags are recommended) | `8.0.32-debian-11-r11` |
| `image.digest` | MySQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | MySQL image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
| `image.debug` | Specify if debug logs should be enabled | `false` |
| `architecture` | MySQL architecture (`standalone` or `replication`) | `standalone` |
| `auth.rootPassword` | Password for the `root` user. Ignored if existing secret is provided | `""` |
| `auth.createDatabase` | Whether to create the .Values.auth.database or not | `true` |
| `auth.database` | Name for a custom database to create | `my_database` |
| `auth.username` | Name for a custom user to create | `""` |
| `auth.password` | Password for the new user. Ignored if existing secret is provided | `""` |
| `auth.replicationUser` | MySQL replication user | `replicator` |
| `auth.replicationPassword` | MySQL replication user password. Ignored if existing secret is provided | `""` |
| `auth.existingSecret` | Use existing secret for password details. The secret has to contain the keys `mysql-root-password`, `mysql-replication-password` and `mysql-password` | `""` |
| `auth.usePasswordFiles` | Mount credentials as files instead of using an environment variable | `false` |
| `auth.customPasswordFiles` | Use custom password files when `auth.usePasswordFiles` is set to `true`. Define path for keys `root` and `user`, also define `replicator` if `architecture` is set to `replication` | `{}` |
| `initdbScripts` | Dictionary of initdb scripts | `{}` |
| `initdbScriptsConfigMap` | ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) | `""` |
### MySQL Primary parameters
@ -305,7 +305,7 @@ The command removes all the Kubernetes components associated with the chart and
| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` |
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r86` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` |
| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
@ -318,7 +318,7 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.enabled` | Start a side-car prometheus exporter | `false` |
| `metrics.image.registry` | Exporter image registry | `docker.io` |
| `metrics.image.repository` | Exporter image repository | `bitnami/mysqld-exporter` |
| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r90` |
| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r93` |
| `metrics.image.digest` | Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `metrics.image.pullPolicy` | Exporter image pull policy | `IfNotPresent` |
| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |

6
charts/bitnami/mysql/values.yaml
View File

@ -82,7 +82,7 @@ diagnosticMode:
image:
registry: docker.io
repository: bitnami/mysql
tag: 8.0.32-debian-11-r8
tag: 8.0.32-debian-11-r11
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -1002,7 +1002,7 @@ volumePermissions:
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: 11-debian-11-r86
tag: 11-debian-11-r90
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
@ -1036,7 +1036,7 @@ metrics:
image:
registry: docker.io
repository: bitnami/mysqld-exporter
tag: 0.14.0-debian-11-r90
tag: 0.14.0-debian-11-r93
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.

2
charts/bitnami/postgresql/Chart.yaml
View File

@ -32,4 +32,4 @@ name: postgresql
sources:
- https://github.com/bitnami/containers/tree/main/bitnami/postgresql
- https://www.postgresql.org/
version: 12.2.1
version: 12.2.2

13
charts/bitnami/postgresql/README.md
View File

@ -100,18 +100,18 @@ kubectl delete pvc -l release=my-release
| ---------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- |
| `image.registry` | PostgreSQL image registry | `docker.io` |
| `image.repository` | PostgreSQL image repository | `bitnami/postgresql` |
| `image.tag` | PostgreSQL image tag (immutable tags are recommended) | `15.2.0-debian-11-r2` |
| `image.tag` | PostgreSQL image tag (immutable tags are recommended) | `15.2.0-debian-11-r5` |
| `image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | PostgreSQL image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify image pull secrets | `[]` |
| `image.debug` | Specify if debug values should be set | `false` |
| `auth.enablePostgresUser` | Assign a password to the "postgres" admin user. Otherwise, remote access will be blocked for this user | `true` |
| `auth.postgresPassword` | Password for the "postgres" admin user. Ignored if `auth.existingSecret` with key `postgres-password` is provided | `""` |
| `auth.postgresPassword` | Password for the "postgres" admin user. Ignored if `auth.existingSecret` is provided | `""` |
| `auth.username` | Name for a custom user to create | `""` |
| `auth.password` | Password for the custom user to create. Ignored if `auth.existingSecret` with key `password` is provided | `""` |
| `auth.password` | Password for the custom user to create. Ignored if `auth.existingSecret` is provided | `""` |
| `auth.database` | Name for a custom database to create | `""` |
| `auth.replicationUsername` | Name of the replication user | `repl_user` |
| `auth.replicationPassword` | Password for the replication user. Ignored if `auth.existingSecret` with key `replication-password` is provided | `""` |
| `auth.replicationPassword` | Password for the replication user. Ignored if `auth.existingSecret` is provided | `""` |
| `auth.existingSecret` | Name of existing secret to use for PostgreSQL credentials. `auth.postgresPassword`, `auth.password`, and `auth.replicationPassword` will be ignored and picked up from this secret. The secret might also contains the key `ldap-password` if LDAP is enabled. `ldap.bind_password` will be ignored and picked from this secret in this case. | `""` |
| `auth.secretKeys.adminPasswordKey` | Name of key in existing secret to use for PostgreSQL credentials. Only used when `auth.existingSecret` is set. | `postgres-password` |
| `auth.secretKeys.userPasswordKey` | Name of key in existing secret to use for PostgreSQL credentials. Only used when `auth.existingSecret` is set. | `password` |
@ -377,7 +377,7 @@ kubectl delete pvc -l release=my-release
| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` |
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r86` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` |
| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` |
@ -405,7 +405,7 @@ kubectl delete pvc -l release=my-release
| `metrics.enabled` | Start a prometheus exporter | `false` |
| `metrics.image.registry` | PostgreSQL Prometheus Exporter image registry | `docker.io` |
| `metrics.image.repository` | PostgreSQL Prometheus Exporter image repository | `bitnami/postgres-exporter` |
| `metrics.image.tag` | PostgreSQL Prometheus Exporter image tag (immutable tags are recommended) | `0.11.1-debian-11-r60` |
| `metrics.image.tag` | PostgreSQL Prometheus Exporter image tag (immutable tags are recommended) | `0.11.1-debian-11-r64` |
| `metrics.image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `metrics.image.pullPolicy` | PostgreSQL Prometheus Exporter image pull policy | `IfNotPresent` |
| `metrics.image.pullSecrets` | Specify image pull secrets | `[]` |
@ -458,7 +458,6 @@ kubectl delete pvc -l release=my-release
| `metrics.prometheusRule.rules` | PrometheusRule definitions | `[]` |
```console
helm install my-release \
--set auth.postgresPassword=secretpassword

6
charts/bitnami/postgresql/templates/NOTES.txt
View File

@ -39,17 +39,17 @@ PostgreSQL can be accessed via port {{ include "postgresql.service.port" . }} on
To get the password for "postgres" run:
export POSTGRES_ADMIN_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ include "postgresql.secretName" . }} -o jsonpath="{.data.postgres-password}" | base64 -d)
export POSTGRES_ADMIN_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ include "postgresql.secretName" . }} -o jsonpath="{.data.{{include "postgresql.adminPasswordKey" .}}}" | base64 -d)
To get the password for "{{ $customUser }}" run:
export POSTGRES_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ include "postgresql.secretName" . }} -o jsonpath="{.data.password}" | base64 -d)
export POSTGRES_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ include "postgresql.secretName" . }} -o jsonpath="{.data.{{include "postgresql.userPasswordKey" .}}}" | base64 -d)
{{- else }}
To get the password for "{{ default "postgres" $customUser }}" run:
export POSTGRES_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ include "postgresql.secretName" . }} -o jsonpath="{.data.{{ ternary "password" "postgres-password" (and (not (empty $customUser)) (ne $customUser "postgres")) }}}" | base64 -d)
export POSTGRES_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ include "postgresql.secretName" . }} -o jsonpath="{.data.{{ ternary "password" (include "postgresql.adminPasswordKey" .) (and (not (empty $customUser)) (ne $customUser "postgres")) }}}" | base64 -d)
{{- end }}

6
charts/bitnami/postgresql/templates/secrets.yaml
View File

@ -2,11 +2,11 @@
{{- $port := include "postgresql.service.port" . }}
{{- $postgresPassword := "" }}
{{- if .Values.auth.enablePostgresUser }}
{{- $postgresPassword = include "common.secrets.passwords.manage" (dict "secret" (include "postgresql.secretName" .) "key" "postgres-password" "providedValues" (list "global.postgresql.auth.postgresPassword" "auth.postgresPassword") "context" $) | trimAll "\"" | b64dec }}
{{- $postgresPassword = include "common.secrets.passwords.manage" (dict "secret" (include "postgresql.secretName" .) "key" $.Values.auth.secretKeys.adminPasswordKey "providedValues" (list "global.postgresql.auth.postgresPassword" "auth.postgresPassword") "context" $) | trimAll "\"" | b64dec }}
{{- end }}
{{- $replicationPassword := "" }}
{{- if eq .Values.architecture "replication" }}
{{- $replicationPassword = include "common.secrets.passwords.manage" (dict "secret" (include "postgresql.secretName" .) "key" "replication-password" "providedValues" (list "auth.replicationPassword") "context" $) | trimAll "\"" | b64dec }}
{{- $replicationPassword = include "common.secrets.passwords.manage" (dict "secret" (include "postgresql.secretName" .) "key" $.Values.auth.secretKeys.replicationPasswordKey "providedValues" (list "auth.replicationPassword") "context" $) | trimAll "\"" | b64dec }}
{{- end }}
{{- $ldapPassword := "" }}
{{- if and .Values.ldap.enabled (or .Values.ldap.bind_password .Values.ldap.bindpw) }}
@ -15,7 +15,7 @@
{{- $customUser := include "postgresql.username" . }}
{{- $password := "" }}
{{- if not (empty (include "postgresql.username" .)) }}
{{- $password = include "common.secrets.passwords.manage" (dict "secret" (include "postgresql.secretName" .) "key" "password" "providedValues" (list "global.postgresql.auth.password" "auth.password") "context" $) | trimAll "\"" | b64dec }}
{{- $password = include "common.secrets.passwords.manage" (dict "secret" (include "postgresql.secretName" .) "key" $.Values.auth.secretKeys.userPasswordKey "providedValues" (list "global.postgresql.auth.password" "auth.password") "context" $) | trimAll "\"" | b64dec }}
{{- end }}
{{- $database := include "postgresql.database" . }}
{{- if (include "postgresql.createSecret" .) }}

12
charts/bitnami/postgresql/values.yaml
View File

@ -95,7 +95,7 @@ diagnosticMode:
image:
registry: docker.io
repository: bitnami/postgresql
tag: 15.2.0-debian-11-r2
tag: 15.2.0-debian-11-r5
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -122,13 +122,13 @@ auth:
## @param auth.enablePostgresUser Assign a password to the "postgres" admin user. Otherwise, remote access will be blocked for this user
##
enablePostgresUser: true
## @param auth.postgresPassword Password for the "postgres" admin user. Ignored if `auth.existingSecret` with key `postgres-password` is provided
## @param auth.postgresPassword Password for the "postgres" admin user. Ignored if `auth.existingSecret` is provided
##
postgresPassword: ""
## @param auth.username Name for a custom user to create
##
username: ""
## @param auth.password Password for the custom user to create. Ignored if `auth.existingSecret` with key `password` is provided
## @param auth.password Password for the custom user to create. Ignored if `auth.existingSecret` is provided
##
password: ""
## @param auth.database Name for a custom database to create
@ -137,7 +137,7 @@ auth:
## @param auth.replicationUsername Name of the replication user
##
replicationUsername: repl_user
## @param auth.replicationPassword Password for the replication user. Ignored if `auth.existingSecret` with key `replication-password` is provided
## @param auth.replicationPassword Password for the replication user. Ignored if `auth.existingSecret` is provided
##
replicationPassword: ""
## @param auth.existingSecret Name of existing secret to use for PostgreSQL credentials. `auth.postgresPassword`, `auth.password`, and `auth.replicationPassword` will be ignored and picked up from this secret. The secret might also contains the key `ldap-password` if LDAP is enabled. `ldap.bind_password` will be ignored and picked from this secret in this case.
@ -1136,7 +1136,7 @@ volumePermissions:
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: 11-debian-11-r86
tag: 11-debian-11-r90
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
@ -1231,7 +1231,7 @@ metrics:
image:
registry: docker.io
repository: bitnami/postgres-exporter
tag: 0.11.1-debian-11-r60
tag: 0.11.1-debian-11-r64
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.

4
charts/bitnami/redis/Chart.yaml
View File

@ -6,7 +6,7 @@ annotations:
category: Database
licenses: Apache-2.0
apiVersion: v2
appVersion: 7.0.8
appVersion: 7.0.9
dependencies:
- name: common
repository: file://./charts/common
@ -28,4 +28,4 @@ maintainers:
name: redis
sources:
- https://github.com/bitnami/containers/tree/main/bitnami/redis
version: 17.8.0
version: 17.8.2

26
charts/bitnami/redis/README.md
View File

@ -95,15 +95,15 @@ The command removes all the Kubernetes components associated with the chart and
### Redis&reg; Image parameters
| Name | Description | Value |
| ------------------- | ---------------------------------------------------------------------------------------------------------- | --------------------- |
| `image.registry` | Redis&reg; image registry | `docker.io` |
| `image.repository` | Redis&reg; image repository | `bitnami/redis` |
| `image.tag` | Redis&reg; image tag (immutable tags are recommended) | `7.0.8-debian-11-r13` |
| `image.digest` | Redis&reg; image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | Redis&reg; image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Redis&reg; image pull secrets | `[]` |
| `image.debug` | Enable image debug mode | `false` |
| Name | Description | Value |
| ------------------- | ---------------------------------------------------------------------------------------------------------- | -------------------- |
| `image.registry` | Redis&reg; image registry | `docker.io` |
| `image.repository` | Redis&reg; image repository | `bitnami/redis` |
| `image.tag` | Redis&reg; image tag (immutable tags are recommended) | `7.0.9-debian-11-r1` |
| `image.digest` | Redis&reg; image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | Redis&reg; image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Redis&reg; image pull secrets | `[]` |
| `image.debug` | Enable image debug mode | `false` |
### Redis&reg; common configuration parameters
@ -331,7 +331,7 @@ The command removes all the Kubernetes components associated with the chart and
| `sentinel.enabled` | Use Redis&reg; Sentinel on Redis&reg; pods. | `false` |
| `sentinel.image.registry` | Redis&reg; Sentinel image registry | `docker.io` |
| `sentinel.image.repository` | Redis&reg; Sentinel image repository | `bitnami/redis-sentinel` |
| `sentinel.image.tag` | Redis&reg; Sentinel image tag (immutable tags are recommended) | `7.0.8-debian-11-r12` |
| `sentinel.image.tag` | Redis&reg; Sentinel image tag (immutable tags are recommended) | `7.0.9-debian-11-r0` |
| `sentinel.image.digest` | Redis&reg; Sentinel image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `sentinel.image.pullPolicy` | Redis&reg; Sentinel image pull policy | `IfNotPresent` |
| `sentinel.image.pullSecrets` | Redis&reg; Sentinel image pull secrets | `[]` |
@ -446,7 +446,7 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.enabled` | Start a sidecar prometheus exporter to expose Redis&reg; metrics | `false` |
| `metrics.image.registry` | Redis&reg; Exporter image registry | `docker.io` |
| `metrics.image.repository` | Redis&reg; Exporter image repository | `bitnami/redis-exporter` |
| `metrics.image.tag` | Redis&reg; Exporter image tag (immutable tags are recommended) | `1.46.0-debian-11-r6` |
| `metrics.image.tag` | Redis&reg; Exporter image tag (immutable tags are recommended) | `1.47.0-debian-11-r1` |
| `metrics.image.digest` | Redis&reg; Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `metrics.image.pullPolicy` | Redis&reg; Exporter image pull policy | `IfNotPresent` |
| `metrics.image.pullSecrets` | Redis&reg; Exporter image pull secrets | `[]` |
@ -511,7 +511,7 @@ The command removes all the Kubernetes components associated with the chart and
| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` |
| `volumePermissions.image.registry` | Bitnami Shell image registry | `docker.io` |
| `volumePermissions.image.repository` | Bitnami Shell image repository | `bitnami/bitnami-shell` |
| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r87` |
| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r92` |
| `volumePermissions.image.digest` | Bitnami Shell image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `volumePermissions.image.pullPolicy` | Bitnami Shell image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Bitnami Shell image pull secrets | `[]` |
@ -521,7 +521,7 @@ The command removes all the Kubernetes components associated with the chart and
| `sysctl.enabled` | Enable init container to modify Kernel settings | `false` |
| `sysctl.image.registry` | Bitnami Shell image registry | `docker.io` |
| `sysctl.image.repository` | Bitnami Shell image repository | `bitnami/bitnami-shell` |
| `sysctl.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r87` |
| `sysctl.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r92` |
| `sysctl.image.digest` | Bitnami Shell image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `sysctl.image.pullPolicy` | Bitnami Shell image pull policy | `IfNotPresent` |
| `sysctl.image.pullSecrets` | Bitnami Shell image pull secrets | `[]` |

10
charts/bitnami/redis/templates/health-configmap.yaml
View File

@ -17,7 +17,7 @@ data:
[[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")"
[[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD"
response=$(
timeout -s 3 $1 \
timeout -s 15 $1 \
redis-cli \
-h localhost \
{{- if .Values.tls.enabled }}
@ -47,7 +47,7 @@ data:
[[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")"
[[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD"
response=$(
timeout -s 3 $1 \
timeout -s 15 $1 \
redis-cli \
-h localhost \
{{- if .Values.tls.enabled }}
@ -81,7 +81,7 @@ data:
[[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD"
{{- end }}
response=$(
timeout -s 3 $1 \
timeout -s 15 $1 \
redis-cli \
-h localhost \
{{- if .Values.tls.enabled }}
@ -127,7 +127,7 @@ data:
[[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")"
[[ -n "$REDIS_MASTER_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_MASTER_PASSWORD"
response=$(
timeout -s 3 $1 \
timeout -s 15 $1 \
redis-cli \
-h $REDIS_MASTER_HOST \
-p $REDIS_MASTER_PORT_NUMBER \
@ -155,7 +155,7 @@ data:
[[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")"
[[ -n "$REDIS_MASTER_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_MASTER_PASSWORD"
response=$(
timeout -s 3 $1 \
timeout -s 15 $1 \
redis-cli \
-h $REDIS_MASTER_HOST \
-p $REDIS_MASTER_PORT_NUMBER \

10
charts/bitnami/redis/values.yaml
View File

@ -82,7 +82,7 @@ diagnosticMode:
image:
registry: docker.io
repository: bitnami/redis
tag: 7.0.8-debian-11-r13
tag: 7.0.9-debian-11-r1
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -989,7 +989,7 @@ sentinel:
image:
registry: docker.io
repository: bitnami/redis-sentinel
tag: 7.0.8-debian-11-r12
tag: 7.0.9-debian-11-r0
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -1419,7 +1419,7 @@ metrics:
image:
registry: docker.io
repository: bitnami/redis-exporter
tag: 1.46.0-debian-11-r6
tag: 1.47.0-debian-11-r1
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
@ -1670,7 +1670,7 @@ volumePermissions:
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: 11-debian-11-r87
tag: 11-debian-11-r92
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
@ -1718,7 +1718,7 @@ sysctl:
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: 11-debian-11-r87
tag: 11-debian-11-r92
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.

2
charts/bitnami/spark/Chart.yaml
View File

@ -28,4 +28,4 @@ name: spark
sources:
- https://github.com/bitnami/containers/tree/main/bitnami/spark
- https://spark.apache.org/
version: 6.3.17
version: 6.3.18

4
charts/bitnami/spark/README.md
View File

@ -86,7 +86,7 @@ The command removes all the Kubernetes components associated with the chart and
| ------------------- | ----------------------------------------------------------------------------------------------------- | -------------------- |
| `image.registry` | Spark image registry | `docker.io` |
| `image.repository` | Spark image repository | `bitnami/spark` |
| `image.tag` | Spark image tag (immutable tags are recommended) | `3.3.2-debian-11-r0` |
| `image.tag` | Spark image tag (immutable tags are recommended) | `3.3.2-debian-11-r3` |
| `image.digest` | Spark image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | Spark image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
@ -375,7 +375,7 @@ $ ./bin/spark-submit \
This command example assumes that you have downloaded a Spark binary distribution, which can be found at [Download Apache Spark](https://spark.apache.org/downloads.html).
For a complete walkthrough of the process using a custom application, refer to the [detailed Apache Spark tutorial](https://docs.bitnami.com/tutorials/process-data-spark-kubernetes/) or Spark's guide to [Running Spark on Kubernetes](https://spark.apache.org/docs/latest/running-on-kubernetes.html).
For a complete walkthrough of the process using a custom application, refer to Spark's guide to [Running Spark on Kubernetes](https://spark.apache.org/docs/latest/running-on-kubernetes.html).
> Be aware that it is currently not possible to submit an application to a standalone cluster if RPC authentication is configured. [Learn more about the issue](https://issues.apache.org/jira/browse/SPARK-25078).

2
charts/bitnami/spark/values.yaml
View File

@ -92,7 +92,7 @@ diagnosticMode:
image:
registry: docker.io
repository: bitnami/spark
tag: 3.3.2-debian-11-r0
tag: 3.3.2-debian-11-r3
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'

2
charts/bitnami/tomcat/Chart.yaml
View File

@ -32,4 +32,4 @@ name: tomcat
sources:
- https://github.com/bitnami/containers/tree/main/bitnami/tomcat
- http://tomcat.apache.org
version: 10.5.16
version: 10.5.18

6
charts/bitnami/tomcat/README.md
View File

@ -81,7 +81,7 @@ The command removes all the Kubernetes components associated with the chart and
| ----------------------------- | ------------------------------------------------------------------------------------------------------ | ---------------------- |
| `image.registry` | Tomcat image registry | `docker.io` |
| `image.repository` | Tomcat image repository | `bitnami/tomcat` |
| `image.tag` | Tomcat image tag (immutable tags are recommended) | `10.1.5-debian-11-r17` |
| `image.tag` | Tomcat image tag (immutable tags are recommended) | `10.1.5-debian-11-r20` |
| `image.digest` | Tomcat image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | Tomcat image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
@ -202,7 +202,7 @@ The command removes all the Kubernetes components associated with the chart and
| `volumePermissions.enabled` | Enable init container that changes volume permissions in the data directory | `false` |
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r86` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag | `11-debian-11-r90` |
| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
@ -217,7 +217,7 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.jmx.catalinaOpts` | custom option used to enabled JMX on tomcat jvm evaluated as template | `-Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=5555 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.local.only=true` |
| `metrics.jmx.image.registry` | JMX exporter image registry | `docker.io` |
| `metrics.jmx.image.repository` | JMX exporter image repository | `bitnami/jmx-exporter` |
| `metrics.jmx.image.tag` | JMX exporter image tag (immutable tags are recommended) | `0.17.2-debian-11-r50` |
| `metrics.jmx.image.tag` | JMX exporter image tag (immutable tags are recommended) | `0.17.2-debian-11-r53` |
| `metrics.jmx.image.digest` | JMX exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `metrics.jmx.image.pullPolicy` | JMX exporter image pull policy | `IfNotPresent` |
| `metrics.jmx.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |

19
charts/bitnami/tomcat/templates/prometheusrule.yaml
View File

@ -3,17 +3,14 @@ apiVersion: monitoring.coreos.com/v1
kind: PrometheusRule
metadata:
name: {{ template "common.names.fullname" . }}
{{- with .Values.metrics.prometheusRule.namespace }}
namespace: {{ . }}
{{- end }}
labels:
{{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- with .Values.metrics.prometheusRule.additionalLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.metrics.prometheusRule.additionalLabels "context" $) | nindent 4 }}
{{- end }}
namespace: {{ default .Release.Namespace .Values.metrics.prometheusRule.namespace | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.metrics.prometheusRule.additionalLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.metrics.prometheusRule.additionalLabels "context" $) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}

6
charts/bitnami/tomcat/values.yaml
View File

@ -58,7 +58,7 @@ extraDeploy: []
image:
registry: docker.io
repository: bitnami/tomcat
tag: 10.1.5-debian-11-r17
tag: 10.1.5-debian-11-r20
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -576,7 +576,7 @@ volumePermissions:
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: 11-debian-11-r86
tag: 11-debian-11-r90
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
@ -636,7 +636,7 @@ metrics:
image:
registry: docker.io
repository: bitnami/jmx-exporter
tag: 0.17.2-debian-11-r50
tag: 0.17.2-debian-11-r53
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'

2
charts/bitnami/wordpress/Chart.yaml
View File

@ -41,4 +41,4 @@ name: wordpress
sources:
- https://github.com/bitnami/containers/tree/main/bitnami/wordpress
- https://wordpress.org/
version: 15.2.46
version: 15.2.47

6
charts/bitnami/wordpress/README.md
View File

@ -84,7 +84,7 @@ The command removes all the Kubernetes components associated with the chart and
| ------------------- | --------------------------------------------------------------------------------------------------------- | --------------------- |
| `image.registry` | WordPress image registry | `docker.io` |
| `image.repository` | WordPress image repository | `bitnami/wordpress` |
| `image.tag` | WordPress image tag (immutable tags are recommended) | `6.1.1-debian-11-r53` |
| `image.tag` | WordPress image tag (immutable tags are recommended) | `6.1.1-debian-11-r56` |
| `image.digest` | WordPress image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | WordPress image pull policy | `IfNotPresent` |
| `image.pullSecrets` | WordPress image pull secrets | `[]` |
@ -249,7 +249,7 @@ The command removes all the Kubernetes components associated with the chart and
| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` |
| `volumePermissions.image.registry` | Bitnami Shell image registry | `docker.io` |
| `volumePermissions.image.repository` | Bitnami Shell image repository | `bitnami/bitnami-shell` |
| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r87` |
| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r91` |
| `volumePermissions.image.digest` | Bitnami Shell image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `volumePermissions.image.pullPolicy` | Bitnami Shell image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Bitnami Shell image pull secrets | `[]` |
@ -281,7 +281,7 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.enabled` | Start a sidecar prometheus exporter to expose metrics | `false` |
| `metrics.image.registry` | Apache exporter image registry | `docker.io` |
| `metrics.image.repository` | Apache exporter image repository | `bitnami/apache-exporter` |
| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `0.13.0-debian-11-r0` |
| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `0.13.0-debian-11-r2` |
| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `metrics.image.pullPolicy` | Apache exporter image pull policy | `IfNotPresent` |
| `metrics.image.pullSecrets` | Apache exporter image pull secrets | `[]` |

Some files were not shown because too many files have changed in this diff Show More