Merge pull request #613 from nflondo/main-source
Charts CI - [modified charts] - cost-analyzerpull/615/head
alex-isv
GitHub
commit
1a6eec7105
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
|
@ -1,6 +1,6 @@
|
|||
annotations:
|
||||
artifacthub.io/changes: |
|
||||
- "[Changed]: Update ArgoCD to v2.5.4"
|
||||
- "[chore]: Update new api-version for cert-manager"
|
||||
catalog.cattle.io/certified: partner
|
||||
catalog.cattle.io/display-name: Argo CD
|
||||
catalog.cattle.io/kube-version: '>=1.22.0-0'
|
||||
|
|
@ -28,4 +28,4 @@ name: argo-cd
|
|||
sources:
|
||||
- https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd
|
||||
- https://github.com/argoproj/argo-cd
|
||||
version: 5.16.2
|
||||
version: 5.16.6
|
||||
|
|
|
|||
|
|
@ -401,7 +401,7 @@ NAME: my-release
|
|||
| configs.cm."application.instanceLabelKey" | string | Defaults to app.kubernetes.io/instance | The name of tracking label used by Argo CD for resource pruning |
|
||||
| configs.cm."exec.enabled" | bool | `false` | Enable exec feature in Argo UI |
|
||||
| configs.cm."server.rbac.log.enforce.enable" | bool | `false` | Enable logs RBAC enforcement |
|
||||
| configs.cm."timeout.hard.reconciliation" | int | `0` | Timeout to refresh application data as well as target manifests cache |
|
||||
| configs.cm."timeout.hard.reconciliation" | string | `"0s"` | Timeout to refresh application data as well as target manifests cache |
|
||||
| configs.cm."timeout.reconciliation" | string | `"180s"` | Timeout to discover if a new manifests version got published to the repository |
|
||||
| configs.cm.annotations | object | `{}` | Annotations to be added to argocd-cm configmap |
|
||||
| configs.cm.create | bool | `true` | Create the argocd-cm configmap for [declarative setup] |
|
||||
|
|
@ -965,14 +965,14 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
|
|||
| applicationSet.deploymentAnnotations | object | `{}` | Annotations to be added to ApplicationSet controller Deployment |
|
||||
| applicationSet.enabled | bool | `true` | Enable ApplicationSet controller |
|
||||
| applicationSet.extraArgs | list | `[]` | List of extra cli args to add |
|
||||
| applicationSet.extraContainers | list | `[]` | Additional containers to be added to the applicationset controller pod |
|
||||
| applicationSet.extraEnv | list | `[]` | Environment variables to pass to the controller |
|
||||
| applicationSet.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the controller |
|
||||
| applicationSet.extraContainers | list | `[]` | Additional containers to be added to the ApplicationSet controller pod |
|
||||
| applicationSet.extraEnv | list | `[]` | Environment variables to pass to the ApplicationSet controller |
|
||||
| applicationSet.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the ApplicationSet controller |
|
||||
| applicationSet.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) |
|
||||
| applicationSet.extraVolumes | list | `[]` | List of extra volumes to add |
|
||||
| applicationSet.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the application set controller |
|
||||
| applicationSet.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the application set controller |
|
||||
| applicationSet.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the application set controller |
|
||||
| applicationSet.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the ApplicationSet controller |
|
||||
| applicationSet.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the ApplicationSet controller |
|
||||
| applicationSet.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the ApplicationSet controller |
|
||||
| applicationSet.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | If defined, uses a Secret to pull an image from a private Docker registry or repository. |
|
||||
| applicationSet.livenessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for ApplicationSet controller |
|
||||
| applicationSet.livenessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
|
||||
|
|
@ -997,15 +997,15 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
|
|||
| applicationSet.metrics.serviceMonitor.scheme | string | `""` | Prometheus ServiceMonitor scheme |
|
||||
| applicationSet.metrics.serviceMonitor.selector | object | `{}` | Prometheus ServiceMonitor selector |
|
||||
| applicationSet.metrics.serviceMonitor.tlsConfig | object | `{}` | Prometheus ServiceMonitor tlsConfig |
|
||||
| applicationSet.name | string | `"applicationset-controller"` | Application Set controller name string |
|
||||
| applicationSet.name | string | `"applicationset-controller"` | ApplicationSet controller name string |
|
||||
| applicationSet.nodeSelector | object | `{}` | [Node selector] |
|
||||
| applicationSet.pdb.annotations | object | `{}` | Annotations to be added to ApplicationSet controller pdb |
|
||||
| applicationSet.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the ApplicationSet controller |
|
||||
| applicationSet.pdb.labels | object | `{}` | Labels to be added to ApplicationSet controller pdb |
|
||||
| applicationSet.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). |
|
||||
| applicationSet.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
|
||||
| applicationSet.podAnnotations | object | `{}` | Annotations for the controller pods |
|
||||
| applicationSet.podLabels | object | `{}` | Labels for the controller pods |
|
||||
| applicationSet.podAnnotations | object | `{}` | Annotations for the ApplicationSet controller pods |
|
||||
| applicationSet.podLabels | object | `{}` | Labels for the ApplicationSet controller pods |
|
||||
| applicationSet.priorityClassName | string | `""` | If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default. |
|
||||
| applicationSet.readinessProbe.enabled | bool | `false` | Enable Kubernetes liveness probe for ApplicationSet controller |
|
||||
| applicationSet.readinessProbe.failureThreshold | int | `3` | Minimum consecutive failures for the [probe] to be considered failed after having succeeded |
|
||||
|
|
@ -1014,11 +1014,11 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
|
|||
| applicationSet.readinessProbe.successThreshold | int | `1` | Minimum consecutive successes for the [probe] to be considered successful after having failed |
|
||||
| applicationSet.readinessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
|
||||
| applicationSet.replicaCount | int | `1` | The number of ApplicationSet controller pods to run |
|
||||
| applicationSet.resources | object | `{}` | Resource limits and requests for the controller pods. |
|
||||
| applicationSet.service.annotations | object | `{}` | Application set service annotations |
|
||||
| applicationSet.service.labels | object | `{}` | Application set service labels |
|
||||
| applicationSet.service.port | int | `7000` | Application set service port |
|
||||
| applicationSet.service.portName | string | `"webhook"` | Application set service port name |
|
||||
| applicationSet.resources | object | `{}` | Resource limits and requests for the ApplicationSet controller pods. |
|
||||
| applicationSet.service.annotations | object | `{}` | ApplicationSet service annotations |
|
||||
| applicationSet.service.labels | object | `{}` | ApplicationSet service labels |
|
||||
| applicationSet.service.port | int | `7000` | ApplicationSet service port |
|
||||
| applicationSet.service.portName | string | `"webhook"` | ApplicationSet service port name |
|
||||
| applicationSet.serviceAccount.annotations | object | `{}` | Annotations to add to the service account |
|
||||
| applicationSet.serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
|
||||
| applicationSet.serviceAccount.labels | object | `{}` | Labels applied to created service account |
|
||||
|
|
@ -1028,7 +1028,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
|
|||
| applicationSet.webhook.ingress.enabled | bool | `false` | Enable an ingress resource for Webhooks |
|
||||
| applicationSet.webhook.ingress.extraPaths | list | `[]` | Additional ingress paths |
|
||||
| applicationSet.webhook.ingress.hosts | list | `[]` | List of ingress hosts |
|
||||
| applicationSet.webhook.ingress.ingressClassName | string | `""` | Defines which ingress controller will implement the resource |
|
||||
| applicationSet.webhook.ingress.ingressClassName | string | `""` | Defines which ingress ApplicationSet controller will implement the resource |
|
||||
| applicationSet.webhook.ingress.labels | object | `{}` | Additional ingress labels |
|
||||
| applicationSet.webhook.ingress.pathType | string | `"Prefix"` | Ingress path type. One of `Exact`, `Prefix` or `ImplementationSpecific` |
|
||||
| applicationSet.webhook.ingress.paths | list | `["/api/webhook"]` | List of ingress paths |
|
||||
|
|
@ -1061,22 +1061,22 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
|
|||
| notifications.bots.slack.serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
|
||||
| notifications.bots.slack.serviceAccount.name | string | `"argocd-notifications-bot"` | The name of the service account to use. |
|
||||
| notifications.bots.slack.tolerations | list | `[]` | [Tolerations] for use with node taints |
|
||||
| notifications.cm.create | bool | `true` | Whether helm chart creates controller config map |
|
||||
| notifications.cm.create | bool | `true` | Whether helm chart creates notifications controller config map |
|
||||
| notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context |
|
||||
| notifications.context | object | `{}` | Define user-defined context |
|
||||
| notifications.deploymentAnnotations | object | `{}` | Annotations to be applied to the notifications controller Deployment |
|
||||
| notifications.enabled | bool | `true` | Enable notifications controller |
|
||||
| notifications.extraArgs | list | `[]` | Extra arguments to provide to the controller |
|
||||
| notifications.extraArgs | list | `[]` | Extra arguments to provide to the notifications controller |
|
||||
| notifications.extraEnv | list | `[]` | Additional container environment variables |
|
||||
| notifications.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the controller |
|
||||
| notifications.extraEnvFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the notifications controller |
|
||||
| notifications.extraVolumeMounts | list | `[]` | List of extra mounts to add (normally used with extraVolumes) |
|
||||
| notifications.extraVolumes | list | `[]` | List of extra volumes to add |
|
||||
| notifications.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the notifications controller |
|
||||
| notifications.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the notifications controller |
|
||||
| notifications.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the notifications controller |
|
||||
| notifications.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry |
|
||||
| notifications.logFormat | string | `""` (defaults to global.logging.format) | Application controller log format. Either `text` or `json` |
|
||||
| notifications.logLevel | string | `""` (defaults to global.logging.level) | Application controller log level. One of: `debug`, `info`, `warn`, `error` |
|
||||
| notifications.logFormat | string | `""` (defaults to global.logging.format) | Notifications controller log format. Either `text` or `json` |
|
||||
| notifications.logLevel | string | `""` (defaults to global.logging.level) | Notifications controller log level. One of: `debug`, `info`, `warn`, `error` |
|
||||
| notifications.metrics.enabled | bool | `false` | Enables prometheus metrics server |
|
||||
| notifications.metrics.port | int | `9001` | Metrics port |
|
||||
| notifications.metrics.service.annotations | object | `{}` | Metrics service annotations |
|
||||
|
|
@ -1096,12 +1096,12 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
|
|||
| notifications.pdb.labels | object | `{}` | Labels to be added to notifications controller pdb |
|
||||
| notifications.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). |
|
||||
| notifications.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
|
||||
| notifications.podAnnotations | object | `{}` | Annotations to be applied to the controller Pods |
|
||||
| notifications.podLabels | object | `{}` | Labels to be applied to the controller Pods |
|
||||
| notifications.priorityClassName | string | `""` | Priority class for the controller pods |
|
||||
| notifications.resources | object | `{}` | Resource limits and requests for the controller |
|
||||
| notifications.podAnnotations | object | `{}` | Annotations to be applied to the notifications controller Pods |
|
||||
| notifications.podLabels | object | `{}` | Labels to be applied to the notifications controller Pods |
|
||||
| notifications.priorityClassName | string | `""` | Priority class for the notifications controller pods |
|
||||
| notifications.resources | object | `{}` | Resource limits and requests for the notifications controller |
|
||||
| notifications.secret.annotations | object | `{}` | key:value pairs of annotations to be added to the secret |
|
||||
| notifications.secret.create | bool | `true` | Whether helm chart creates controller secret |
|
||||
| notifications.secret.create | bool | `true` | Whether helm chart creates notifications controller secret |
|
||||
| notifications.secret.items | object | `{}` | Generic key:value pairs to be inserted into the secret |
|
||||
| notifications.serviceAccount.annotations | object | `{}` | Annotations applied to created service account |
|
||||
| notifications.serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
|
||||
|
|
|
|||
|
|
@ -393,4 +393,4 @@ This version introduced the deprecation of the PSP and subsequently added fields
|
|||
|
||||
https://kubernetes.io/docs/tutorials/security/seccomp/
|
||||
|
||||
As a result, from this version onwards Kubernetes versions older than 1.19 will fail to install without the removal of `.Values.containerSeucrityContext.seccompProfile` and `.Values.haproxy.containerSeucrityContext.seccompProfile` (If HAProxy is enabled)
|
||||
As a result, from this version onwards Kubernetes versions older than 1.19 will fail to install without the removal of `.Values.containerSecurityContext.seccompProfile` and `.Values.haproxy.containerSecurityContext.seccompProfile` (If HAProxy is enabled)
|
||||
|
|
|
|||
|
|
@ -55,6 +55,8 @@ Return the appropriate apiVersion for cert-manager
|
|||
{{- print .Values.apiVersionOverrides.certmanager -}}
|
||||
{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1" -}}
|
||||
{{- print "cert-manager.io/v1" -}}
|
||||
{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1beta1" -}}
|
||||
{{- print "cert-manager.io/v1beta1" -}}
|
||||
{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha3" -}}
|
||||
{{- print "cert-manager.io/v1alpha3" -}}
|
||||
{{- else if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha2" -}}
|
||||
|
|
|
|||
|
|
@ -14,6 +14,10 @@ metadata:
|
|||
{{- if .Values.controller.metrics.rules.additionalLabels }}
|
||||
{{- toYaml .Values.controller.metrics.rules.additionalLabels | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with .Values.controller.metrics.rules.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
groups:
|
||||
- name: argocd
|
||||
|
|
|
|||
|
|
@ -133,7 +133,7 @@ configs:
|
|||
timeout.reconciliation: 180s
|
||||
|
||||
# -- Timeout to refresh application data as well as target manifests cache
|
||||
timeout.hard.reconciliation: 0
|
||||
timeout.hard.reconciliation: 0s
|
||||
|
||||
# Dex configuration
|
||||
# dex.config: |
|
||||
|
|
@ -705,6 +705,7 @@ controller:
|
|||
# prometheus: kube-prometheus
|
||||
# namespace: monitoring
|
||||
# additionalLabels: {}
|
||||
# annotations: {}
|
||||
|
||||
## Enable if you would like to grant rights to Argo CD to deploy to the local Kubernetes cluster.
|
||||
clusterAdminAccess:
|
||||
|
|
@ -2131,7 +2132,7 @@ applicationSet:
|
|||
# -- Enable ApplicationSet controller
|
||||
enabled: true
|
||||
|
||||
# -- Application Set controller name string
|
||||
# -- ApplicationSet controller name string
|
||||
name: applicationset-controller
|
||||
|
||||
# -- The number of ApplicationSet controller pods to run
|
||||
|
|
@ -2155,13 +2156,13 @@ applicationSet:
|
|||
|
||||
## ApplicationSet controller image
|
||||
image:
|
||||
# -- Repository to use for the application set controller
|
||||
# -- Repository to use for the ApplicationSet controller
|
||||
# @default -- `""` (defaults to global.image.repository)
|
||||
repository: ""
|
||||
# -- Tag to use for the application set controller
|
||||
# -- Tag to use for the ApplicationSet controller
|
||||
# @default -- `""` (defaults to global.image.tag)
|
||||
tag: ""
|
||||
# -- Image pull policy for the application set controller
|
||||
# -- Image pull policy for the ApplicationSet controller
|
||||
# @default -- `""` (defaults to global.image.imagePullPolicy)
|
||||
imagePullPolicy: ""
|
||||
|
||||
|
|
@ -2186,7 +2187,7 @@ applicationSet:
|
|||
# @default -- `""` (defaults to global.logging.level)
|
||||
logLevel: ""
|
||||
|
||||
# -- Additional containers to be added to the applicationset controller pod
|
||||
# -- Additional containers to be added to the ApplicationSet controller pod
|
||||
extraContainers: []
|
||||
|
||||
## Metrics service configuration
|
||||
|
|
@ -2226,15 +2227,15 @@ applicationSet:
|
|||
# -- Prometheus ServiceMonitor annotations
|
||||
annotations: {}
|
||||
|
||||
## Application set service configuration
|
||||
## ApplicationSet service configuration
|
||||
service:
|
||||
# -- Application set service annotations
|
||||
# -- ApplicationSet service annotations
|
||||
annotations: {}
|
||||
# -- Application set service labels
|
||||
# -- ApplicationSet service labels
|
||||
labels: {}
|
||||
# -- Application set service port
|
||||
# -- ApplicationSet service port
|
||||
port: 7000
|
||||
# -- Application set service port name
|
||||
# -- ApplicationSet service port name
|
||||
portName: webhook
|
||||
|
||||
serviceAccount:
|
||||
|
|
@ -2251,10 +2252,10 @@ applicationSet:
|
|||
# -- Annotations to be added to ApplicationSet controller Deployment
|
||||
deploymentAnnotations: {}
|
||||
|
||||
# -- Annotations for the controller pods
|
||||
# -- Annotations for the ApplicationSet controller pods
|
||||
podAnnotations: {}
|
||||
|
||||
# -- Labels for the controller pods
|
||||
# -- Labels for the ApplicationSet controller pods
|
||||
podLabels: {}
|
||||
|
||||
# -- ApplicationSet controller container-level security context
|
||||
|
|
@ -2299,7 +2300,7 @@ applicationSet:
|
|||
# -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded
|
||||
failureThreshold: 3
|
||||
|
||||
# -- Resource limits and requests for the controller pods.
|
||||
# -- Resource limits and requests for the ApplicationSet controller pods.
|
||||
resources: {}
|
||||
# We usually recommend not to specify default resources and to leave this as a conscious
|
||||
# choice for the user. This also increases chances charts run on environments with little
|
||||
|
|
@ -2337,12 +2338,12 @@ applicationSet:
|
|||
# -- List of extra cli args to add
|
||||
extraArgs: []
|
||||
|
||||
# -- Environment variables to pass to the controller
|
||||
# -- Environment variables to pass to the ApplicationSet controller
|
||||
extraEnv: []
|
||||
# - name: "MY_VAR"
|
||||
# value: "value"
|
||||
|
||||
# -- envFrom to pass to the controller
|
||||
# -- envFrom to pass to the ApplicationSet controller
|
||||
# @default -- `[]` (See [values.yaml])
|
||||
extraEnvFrom: []
|
||||
# - configMapRef:
|
||||
|
|
@ -2360,7 +2361,7 @@ applicationSet:
|
|||
annotations: {}
|
||||
# -- Additional ingress labels
|
||||
labels: {}
|
||||
# -- Defines which ingress controller will implement the resource
|
||||
# -- Defines which ingress ApplicationSet controller will implement the resource
|
||||
ingressClassName: ""
|
||||
|
||||
# -- List of ingress hosts
|
||||
|
|
@ -2451,7 +2452,7 @@ notifications:
|
|||
# environmentName: staging
|
||||
|
||||
secret:
|
||||
# -- Whether helm chart creates controller secret
|
||||
# -- Whether helm chart creates notifications controller secret
|
||||
create: true
|
||||
|
||||
# -- key:value pairs of annotations to be added to the secret
|
||||
|
|
@ -2473,20 +2474,20 @@ notifications:
|
|||
# email-password:
|
||||
# For more information: https://argocd-notifications.readthedocs.io/en/stable/services/email/
|
||||
|
||||
# -- Application controller log format. Either `text` or `json`
|
||||
# -- Notifications controller log format. Either `text` or `json`
|
||||
# @default -- `""` (defaults to global.logging.format)
|
||||
logFormat: ""
|
||||
# -- Application controller log level. One of: `debug`, `info`, `warn`, `error`
|
||||
# -- Notifications controller log level. One of: `debug`, `info`, `warn`, `error`
|
||||
# @default -- `""` (defaults to global.logging.level)
|
||||
logLevel: ""
|
||||
|
||||
# -- Extra arguments to provide to the controller
|
||||
# -- Extra arguments to provide to the notifications controller
|
||||
extraArgs: []
|
||||
|
||||
# -- Additional container environment variables
|
||||
extraEnv: []
|
||||
|
||||
# -- envFrom to pass to the controller
|
||||
# -- envFrom to pass to the notifications controller
|
||||
# @default -- `[]` (See [values.yaml])
|
||||
extraEnvFrom: []
|
||||
# - configMapRef:
|
||||
|
|
@ -2544,10 +2545,10 @@ notifications:
|
|||
# -- Annotations to be applied to the notifications controller Deployment
|
||||
deploymentAnnotations: {}
|
||||
|
||||
# -- Annotations to be applied to the controller Pods
|
||||
# -- Annotations to be applied to the notifications controller Pods
|
||||
podAnnotations: {}
|
||||
|
||||
# -- Labels to be applied to the controller Pods
|
||||
# -- Labels to be applied to the notifications controller Pods
|
||||
podLabels: {}
|
||||
|
||||
# -- Notification controller container-level security Context
|
||||
|
|
@ -2562,10 +2563,10 @@ notifications:
|
|||
drop:
|
||||
- ALL
|
||||
|
||||
# -- Priority class for the controller pods
|
||||
# -- Priority class for the notifications controller pods
|
||||
priorityClassName: ""
|
||||
|
||||
# -- Resource limits and requests for the controller
|
||||
# -- Resource limits and requests for the notifications controller
|
||||
resources: {}
|
||||
# limits:
|
||||
# cpu: 100m
|
||||
|
|
@ -2588,7 +2589,7 @@ notifications:
|
|||
# -- Labels applied to created service account
|
||||
labels: {}
|
||||
cm:
|
||||
# -- Whether helm chart creates controller config map
|
||||
# -- Whether helm chart creates notifications controller config map
|
||||
create: true
|
||||
|
||||
# -- Contains centrally managed global application subscriptions
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
dependencies:
|
||||
- name: common
|
||||
repository: https://charts.bitnami.com/bitnami
|
||||
version: 2.2.1
|
||||
digest: sha256:6c67cfa9945bf608209d4e2ca8f17079fca4770907c7902d984187ab5b21811e
|
||||
generated: "2022-12-06T22:28:06.096789294Z"
|
||||
version: 2.2.2
|
||||
digest: sha256:49ca75cf23ba5eb7df4becef52580f98c8bd8194eb80368b9d7b875f6eefa8e5
|
||||
generated: "2022-12-15T08:09:23.256191892Z"
|
||||
|
|
|
|||
|
|
@ -31,4 +31,4 @@ sources:
|
|||
- https://github.com/bitnami/containers/tree/main/bitnami/mariadb
|
||||
- https://github.com/prometheus/mysqld_exporter
|
||||
- https://mariadb.org
|
||||
version: 11.4.1
|
||||
version: 11.4.2
|
||||
|
|
|
|||
|
|
@ -82,28 +82,28 @@ The command removes all the Kubernetes components associated with the chart and
|
|||
|
||||
### MariaDB common parameters
|
||||
|
||||
| Name | Description | Value |
|
||||
| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- |
|
||||
| `image.registry` | MariaDB image registry | `docker.io` |
|
||||
| `image.repository` | MariaDB image repository | `bitnami/mariadb` |
|
||||
| `image.tag` | MariaDB image tag (immutable tags are recommended) | `10.6.11-debian-11-r9` |
|
||||
| `image.digest` | MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `image.pullPolicy` | MariaDB image pull policy | `IfNotPresent` |
|
||||
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
|
||||
| `image.debug` | Specify if debug logs should be enabled | `false` |
|
||||
| `architecture` | MariaDB architecture (`standalone` or `replication`) | `standalone` |
|
||||
| `auth.rootPassword` | Password for the `root` user. Ignored if existing secret is provided. | `""` |
|
||||
| `auth.database` | Name for a custom database to create | `my_database` |
|
||||
| `auth.username` | Name for a custom user to create | `""` |
|
||||
| `auth.password` | Password for the new user. Ignored if existing secret is provided | `""` |
|
||||
| `auth.replicationUser` | MariaDB replication user | `replicator` |
|
||||
| `auth.replicationPassword` | MariaDB replication user password. Ignored if existing secret is provided | `""` |
|
||||
| `auth.existingSecret` | Use existing secret for password details (`auth.rootPassword`, `auth.password`, `auth.replicationPassword` will be ignored and picked up from this secret). The secret has to contain the keys `mariadb-root-password`, `mariadb-replication-password` and `mariadb-password` | `""` |
|
||||
| `auth.forcePassword` | Force users to specify required passwords | `false` |
|
||||
| `auth.usePasswordFiles` | Mount credentials as files instead of using environment variables | `false` |
|
||||
| `auth.customPasswordFiles` | Use custom password files when `auth.usePasswordFiles` is set to `true`. Define path for keys `root` and `user`, also define `replicator` if `architecture` is set to `replication` | `{}` |
|
||||
| `initdbScripts` | Dictionary of initdb scripts | `{}` |
|
||||
| `initdbScriptsConfigMap` | ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) | `""` |
|
||||
| Name | Description | Value |
|
||||
| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------- |
|
||||
| `image.registry` | MariaDB image registry | `docker.io` |
|
||||
| `image.repository` | MariaDB image repository | `bitnami/mariadb` |
|
||||
| `image.tag` | MariaDB image tag (immutable tags are recommended) | `10.6.11-debian-11-r12` |
|
||||
| `image.digest` | MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `image.pullPolicy` | MariaDB image pull policy | `IfNotPresent` |
|
||||
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
|
||||
| `image.debug` | Specify if debug logs should be enabled | `false` |
|
||||
| `architecture` | MariaDB architecture (`standalone` or `replication`) | `standalone` |
|
||||
| `auth.rootPassword` | Password for the `root` user. Ignored if existing secret is provided. | `""` |
|
||||
| `auth.database` | Name for a custom database to create | `my_database` |
|
||||
| `auth.username` | Name for a custom user to create | `""` |
|
||||
| `auth.password` | Password for the new user. Ignored if existing secret is provided | `""` |
|
||||
| `auth.replicationUser` | MariaDB replication user | `replicator` |
|
||||
| `auth.replicationPassword` | MariaDB replication user password. Ignored if existing secret is provided | `""` |
|
||||
| `auth.existingSecret` | Use existing secret for password details (`auth.rootPassword`, `auth.password`, `auth.replicationPassword` will be ignored and picked up from this secret). The secret has to contain the keys `mariadb-root-password`, `mariadb-replication-password` and `mariadb-password` | `""` |
|
||||
| `auth.forcePassword` | Force users to specify required passwords | `false` |
|
||||
| `auth.usePasswordFiles` | Mount credentials as files instead of using environment variables | `false` |
|
||||
| `auth.customPasswordFiles` | Use custom password files when `auth.usePasswordFiles` is set to `true`. Define path for keys `root` and `user`, also define `replicator` if `architecture` is set to `replication` | `{}` |
|
||||
| `initdbScripts` | Dictionary of initdb scripts | `{}` |
|
||||
| `initdbScriptsConfigMap` | ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) | `""` |
|
||||
|
||||
|
||||
### MariaDB Primary parameters
|
||||
|
|
@ -306,7 +306,7 @@ The command removes all the Kubernetes components associated with the chart and
|
|||
| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` |
|
||||
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
|
||||
| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` |
|
||||
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r59` |
|
||||
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r61` |
|
||||
| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
|
||||
| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
|
||||
|
|
@ -321,7 +321,7 @@ The command removes all the Kubernetes components associated with the chart and
|
|||
| `metrics.enabled` | Start a side-car prometheus exporter | `false` |
|
||||
| `metrics.image.registry` | Exporter image registry | `docker.io` |
|
||||
| `metrics.image.repository` | Exporter image repository | `bitnami/mysqld-exporter` |
|
||||
| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r64` |
|
||||
| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r67` |
|
||||
| `metrics.image.digest` | Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `metrics.image.pullPolicy` | Exporter image pull policy | `IfNotPresent` |
|
||||
| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
annotations:
|
||||
category: Infrastructure
|
||||
apiVersion: v2
|
||||
appVersion: 2.2.1
|
||||
appVersion: 2.2.2
|
||||
description: A Library Helm Chart for grouping common logic between bitnami charts.
|
||||
This chart is not deployable by itself.
|
||||
home: https://github.com/bitnami/charts/tree/main/bitnami/common
|
||||
|
|
@ -20,4 +20,4 @@ sources:
|
|||
- https://github.com/bitnami/charts
|
||||
- https://www.bitnami.com/
|
||||
type: library
|
||||
version: 2.2.1
|
||||
version: 2.2.2
|
||||
|
|
|
|||
|
|
@ -55,11 +55,7 @@ Usage:
|
|||
Allow the release namespace to be overridden for multi-namespace deployments in combined charts.
|
||||
*/}}
|
||||
{{- define "common.names.namespace" -}}
|
||||
{{- if .Values.namespaceOverride -}}
|
||||
{{- .Values.namespaceOverride -}}
|
||||
{{- else -}}
|
||||
{{- .Release.Namespace -}}
|
||||
{{- end -}}
|
||||
{{- default .Release.Namespace .Values.namespaceOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
|
|
|
|||
|
|
@ -90,7 +90,7 @@ The order in which this function returns a secret password:
|
|||
{{- $passwordLength := default 10 .length }}
|
||||
{{- $providedPasswordKey := include "common.utils.getKeyFromList" (dict "keys" .providedValues "context" $.context) }}
|
||||
{{- $providedPasswordValue := include "common.utils.getValueFromKey" (dict "key" $providedPasswordKey "context" $.context) }}
|
||||
{{- $secretData := (lookup "v1" "Secret" $.context.Release.Namespace .secret).data }}
|
||||
{{- $secretData := (lookup "v1" "Secret" (include "common.names.namespace" .context) .secret).data }}
|
||||
{{- if $secretData }}
|
||||
{{- if hasKey $secretData .key }}
|
||||
{{- $password = index $secretData .key | quote }}
|
||||
|
|
@ -138,7 +138,7 @@ Params:
|
|||
{{- define "common.secrets.lookup" -}}
|
||||
{{- $value := "" -}}
|
||||
{{- $defaultValue := required "\n'common.secrets.lookup': Argument 'defaultValue' missing or empty" .defaultValue -}}
|
||||
{{- $secretData := (lookup "v1" "Secret" $.context.Release.Namespace .secret).data -}}
|
||||
{{- $secretData := (lookup "v1" "Secret" (include "common.names.namespace" .context) .secret).data -}}
|
||||
{{- if and $secretData (hasKey $secretData .key) -}}
|
||||
{{- $value = index $secretData .key -}}
|
||||
{{- else -}}
|
||||
|
|
@ -158,7 +158,7 @@ Params:
|
|||
- context - Context - Required - Parent context.
|
||||
*/}}
|
||||
{{- define "common.secrets.exists" -}}
|
||||
{{- $secret := (lookup "v1" "Secret" $.context.Release.Namespace .secret) }}
|
||||
{{- $secret := (lookup "v1" "Secret" (include "common.names.namespace" .context) .secret) }}
|
||||
{{- if $secret }}
|
||||
{{- true -}}
|
||||
{{- end -}}
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ Usage:
|
|||
*/}}
|
||||
{{- define "common.utils.secret.getvalue" -}}
|
||||
{{- $varname := include "common.utils.fieldToEnvVar" . -}}
|
||||
export {{ $varname }}=$(kubectl get secret --namespace {{ .context.Release.Namespace | quote }} {{ .secret }} -o jsonpath="{.data.{{ .field }}}" | base64 -d)
|
||||
export {{ $varname }}=$(kubectl get secret --namespace {{ include "common.names.namespace" .context | quote }} {{ .secret }} -o jsonpath="{.data.{{ .field }}}" | base64 -d)
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
|
|
|
|||
|
|
@ -81,7 +81,7 @@ diagnosticMode:
|
|||
image:
|
||||
registry: docker.io
|
||||
repository: bitnami/mariadb
|
||||
tag: 10.6.11-debian-11-r9
|
||||
tag: 10.6.11-debian-11-r12
|
||||
digest: ""
|
||||
## Specify a imagePullPolicy
|
||||
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
|
||||
|
|
@ -981,7 +981,7 @@ volumePermissions:
|
|||
image:
|
||||
registry: docker.io
|
||||
repository: bitnami/bitnami-shell
|
||||
tag: 11-debian-11-r59
|
||||
tag: 11-debian-11-r61
|
||||
digest: ""
|
||||
pullPolicy: IfNotPresent
|
||||
## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)
|
||||
|
|
@ -1017,7 +1017,7 @@ metrics:
|
|||
image:
|
||||
registry: docker.io
|
||||
repository: bitnami/mysqld-exporter
|
||||
tag: 0.14.0-debian-11-r64
|
||||
tag: 0.14.0-debian-11-r67
|
||||
digest: ""
|
||||
pullPolicy: IfNotPresent
|
||||
## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
dependencies:
|
||||
- name: common
|
||||
repository: https://charts.bitnami.com/bitnami
|
||||
version: 2.2.1
|
||||
digest: sha256:6c67cfa9945bf608209d4e2ca8f17079fca4770907c7902d984187ab5b21811e
|
||||
generated: "2022-12-01T20:16:55.812777288Z"
|
||||
version: 2.2.2
|
||||
digest: sha256:49ca75cf23ba5eb7df4becef52580f98c8bd8194eb80368b9d7b875f6eefa8e5
|
||||
generated: "2022-12-14T19:37:46.129876178Z"
|
||||
|
|
|
|||
|
|
@ -31,4 +31,4 @@ name: postgresql
|
|||
sources:
|
||||
- https://github.com/bitnami/containers/tree/main/bitnami/postgresql
|
||||
- https://www.postgresql.org/
|
||||
version: 12.1.3
|
||||
version: 12.1.4
|
||||
|
|
|
|||
|
|
@ -101,7 +101,7 @@ kubectl delete pvc -l release=my-release
|
|||
| ---------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- |
|
||||
| `image.registry` | PostgreSQL image registry | `docker.io` |
|
||||
| `image.repository` | PostgreSQL image repository | `bitnami/postgresql` |
|
||||
| `image.tag` | PostgreSQL image tag (immutable tags are recommended) | `15.1.0-debian-11-r7` |
|
||||
| `image.tag` | PostgreSQL image tag (immutable tags are recommended) | `15.1.0-debian-11-r11` |
|
||||
| `image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `image.pullPolicy` | PostgreSQL image pull policy | `IfNotPresent` |
|
||||
| `image.pullSecrets` | Specify image pull secrets | `[]` |
|
||||
|
|
@ -382,7 +382,7 @@ kubectl delete pvc -l release=my-release
|
|||
| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` |
|
||||
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
|
||||
| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` |
|
||||
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r57` |
|
||||
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r61` |
|
||||
| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
|
||||
| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` |
|
||||
|
|
@ -411,7 +411,7 @@ kubectl delete pvc -l release=my-release
|
|||
| `metrics.enabled` | Start a prometheus exporter | `false` |
|
||||
| `metrics.image.registry` | PostgreSQL Prometheus Exporter image registry | `docker.io` |
|
||||
| `metrics.image.repository` | PostgreSQL Prometheus Exporter image repository | `bitnami/postgres-exporter` |
|
||||
| `metrics.image.tag` | PostgreSQL Prometheus Exporter image tag (immutable tags are recommended) | `0.11.1-debian-11-r34` |
|
||||
| `metrics.image.tag` | PostgreSQL Prometheus Exporter image tag (immutable tags are recommended) | `0.11.1-debian-11-r38` |
|
||||
| `metrics.image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `metrics.image.pullPolicy` | PostgreSQL Prometheus Exporter image pull policy | `IfNotPresent` |
|
||||
| `metrics.image.pullSecrets` | Specify image pull secrets | `[]` |
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
annotations:
|
||||
category: Infrastructure
|
||||
apiVersion: v2
|
||||
appVersion: 2.2.1
|
||||
appVersion: 2.2.2
|
||||
description: A Library Helm Chart for grouping common logic between bitnami charts.
|
||||
This chart is not deployable by itself.
|
||||
home: https://github.com/bitnami/charts/tree/main/bitnami/common
|
||||
|
|
@ -20,4 +20,4 @@ sources:
|
|||
- https://github.com/bitnami/charts
|
||||
- https://www.bitnami.com/
|
||||
type: library
|
||||
version: 2.2.1
|
||||
version: 2.2.2
|
||||
|
|
|
|||
|
|
@ -55,11 +55,7 @@ Usage:
|
|||
Allow the release namespace to be overridden for multi-namespace deployments in combined charts.
|
||||
*/}}
|
||||
{{- define "common.names.namespace" -}}
|
||||
{{- if .Values.namespaceOverride -}}
|
||||
{{- .Values.namespaceOverride -}}
|
||||
{{- else -}}
|
||||
{{- .Release.Namespace -}}
|
||||
{{- end -}}
|
||||
{{- default .Release.Namespace .Values.namespaceOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
|
|
|
|||
|
|
@ -90,7 +90,7 @@ The order in which this function returns a secret password:
|
|||
{{- $passwordLength := default 10 .length }}
|
||||
{{- $providedPasswordKey := include "common.utils.getKeyFromList" (dict "keys" .providedValues "context" $.context) }}
|
||||
{{- $providedPasswordValue := include "common.utils.getValueFromKey" (dict "key" $providedPasswordKey "context" $.context) }}
|
||||
{{- $secretData := (lookup "v1" "Secret" $.context.Release.Namespace .secret).data }}
|
||||
{{- $secretData := (lookup "v1" "Secret" (include "common.names.namespace" .context) .secret).data }}
|
||||
{{- if $secretData }}
|
||||
{{- if hasKey $secretData .key }}
|
||||
{{- $password = index $secretData .key | quote }}
|
||||
|
|
@ -138,7 +138,7 @@ Params:
|
|||
{{- define "common.secrets.lookup" -}}
|
||||
{{- $value := "" -}}
|
||||
{{- $defaultValue := required "\n'common.secrets.lookup': Argument 'defaultValue' missing or empty" .defaultValue -}}
|
||||
{{- $secretData := (lookup "v1" "Secret" $.context.Release.Namespace .secret).data -}}
|
||||
{{- $secretData := (lookup "v1" "Secret" (include "common.names.namespace" .context) .secret).data -}}
|
||||
{{- if and $secretData (hasKey $secretData .key) -}}
|
||||
{{- $value = index $secretData .key -}}
|
||||
{{- else -}}
|
||||
|
|
@ -158,7 +158,7 @@ Params:
|
|||
- context - Context - Required - Parent context.
|
||||
*/}}
|
||||
{{- define "common.secrets.exists" -}}
|
||||
{{- $secret := (lookup "v1" "Secret" $.context.Release.Namespace .secret) }}
|
||||
{{- $secret := (lookup "v1" "Secret" (include "common.names.namespace" .context) .secret) }}
|
||||
{{- if $secret }}
|
||||
{{- true -}}
|
||||
{{- end -}}
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ Usage:
|
|||
*/}}
|
||||
{{- define "common.utils.secret.getvalue" -}}
|
||||
{{- $varname := include "common.utils.fieldToEnvVar" . -}}
|
||||
export {{ $varname }}=$(kubectl get secret --namespace {{ .context.Release.Namespace | quote }} {{ .secret }} -o jsonpath="{.data.{{ .field }}}" | base64 -d)
|
||||
export {{ $varname }}=$(kubectl get secret --namespace {{ include "common.names.namespace" .context | quote }} {{ .secret }} -o jsonpath="{.data.{{ .field }}}" | base64 -d)
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
|
|
|
|||
|
|
@ -95,7 +95,7 @@ diagnosticMode:
|
|||
image:
|
||||
registry: docker.io
|
||||
repository: bitnami/postgresql
|
||||
tag: 15.1.0-debian-11-r7
|
||||
tag: 15.1.0-debian-11-r11
|
||||
digest: ""
|
||||
## Specify a imagePullPolicy
|
||||
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
|
||||
|
|
@ -1130,7 +1130,7 @@ volumePermissions:
|
|||
image:
|
||||
registry: docker.io
|
||||
repository: bitnami/bitnami-shell
|
||||
tag: 11-debian-11-r57
|
||||
tag: 11-debian-11-r61
|
||||
digest: ""
|
||||
pullPolicy: IfNotPresent
|
||||
## Optionally specify an array of imagePullSecrets.
|
||||
|
|
@ -1217,7 +1217,7 @@ metrics:
|
|||
image:
|
||||
registry: docker.io
|
||||
repository: bitnami/postgres-exporter
|
||||
tag: 0.11.1-debian-11-r34
|
||||
tag: 0.11.1-debian-11-r38
|
||||
digest: ""
|
||||
pullPolicy: IfNotPresent
|
||||
## Optionally specify an array of imagePullSecrets.
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
dependencies:
|
||||
- name: common
|
||||
repository: https://charts.bitnami.com/bitnami
|
||||
version: 2.2.1
|
||||
digest: sha256:6c67cfa9945bf608209d4e2ca8f17079fca4770907c7902d984187ab5b21811e
|
||||
generated: "2022-12-03T09:54:47.520083528Z"
|
||||
version: 2.2.2
|
||||
digest: sha256:49ca75cf23ba5eb7df4becef52580f98c8bd8194eb80368b9d7b875f6eefa8e5
|
||||
generated: "2022-12-12T19:34:26.826289322Z"
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ annotations:
|
|||
catalog.cattle.io/release-name: redis
|
||||
category: Database
|
||||
apiVersion: v2
|
||||
appVersion: 7.0.5
|
||||
appVersion: 7.0.6
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: file://./charts/common
|
||||
|
|
@ -27,4 +27,4 @@ maintainers:
|
|||
name: redis
|
||||
sources:
|
||||
- https://github.com/bitnami/containers/tree/main/bitnami/redis
|
||||
version: 17.3.15
|
||||
version: 17.3.16
|
||||
|
|
|
|||
|
|
@ -95,15 +95,15 @@ The command removes all the Kubernetes components associated with the chart and
|
|||
|
||||
### Redis® Image parameters
|
||||
|
||||
| Name | Description | Value |
|
||||
| ------------------- | ---------------------------------------------------------------------------------------------------------- | --------------------- |
|
||||
| `image.registry` | Redis® image registry | `docker.io` |
|
||||
| `image.repository` | Redis® image repository | `bitnami/redis` |
|
||||
| `image.tag` | Redis® image tag (immutable tags are recommended) | `7.0.5-debian-11-r27` |
|
||||
| `image.digest` | Redis® image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `image.pullPolicy` | Redis® image pull policy | `IfNotPresent` |
|
||||
| `image.pullSecrets` | Redis® image pull secrets | `[]` |
|
||||
| `image.debug` | Enable image debug mode | `false` |
|
||||
| Name | Description | Value |
|
||||
| ------------------- | ---------------------------------------------------------------------------------------------------------- | -------------------- |
|
||||
| `image.registry` | Redis® image registry | `docker.io` |
|
||||
| `image.repository` | Redis® image repository | `bitnami/redis` |
|
||||
| `image.tag` | Redis® image tag (immutable tags are recommended) | `7.0.6-debian-11-r0` |
|
||||
| `image.digest` | Redis® image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `image.pullPolicy` | Redis® image pull policy | `IfNotPresent` |
|
||||
| `image.pullSecrets` | Redis® image pull secrets | `[]` |
|
||||
| `image.debug` | Enable image debug mode | `false` |
|
||||
|
||||
|
||||
### Redis® common configuration parameters
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
annotations:
|
||||
category: Infrastructure
|
||||
apiVersion: v2
|
||||
appVersion: 2.2.1
|
||||
appVersion: 2.2.2
|
||||
description: A Library Helm Chart for grouping common logic between bitnami charts.
|
||||
This chart is not deployable by itself.
|
||||
home: https://github.com/bitnami/charts/tree/main/bitnami/common
|
||||
|
|
@ -20,4 +20,4 @@ sources:
|
|||
- https://github.com/bitnami/charts
|
||||
- https://www.bitnami.com/
|
||||
type: library
|
||||
version: 2.2.1
|
||||
version: 2.2.2
|
||||
|
|
|
|||
|
|
@ -55,11 +55,7 @@ Usage:
|
|||
Allow the release namespace to be overridden for multi-namespace deployments in combined charts.
|
||||
*/}}
|
||||
{{- define "common.names.namespace" -}}
|
||||
{{- if .Values.namespaceOverride -}}
|
||||
{{- .Values.namespaceOverride -}}
|
||||
{{- else -}}
|
||||
{{- .Release.Namespace -}}
|
||||
{{- end -}}
|
||||
{{- default .Release.Namespace .Values.namespaceOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
|
|
|
|||
|
|
@ -90,7 +90,7 @@ The order in which this function returns a secret password:
|
|||
{{- $passwordLength := default 10 .length }}
|
||||
{{- $providedPasswordKey := include "common.utils.getKeyFromList" (dict "keys" .providedValues "context" $.context) }}
|
||||
{{- $providedPasswordValue := include "common.utils.getValueFromKey" (dict "key" $providedPasswordKey "context" $.context) }}
|
||||
{{- $secretData := (lookup "v1" "Secret" $.context.Release.Namespace .secret).data }}
|
||||
{{- $secretData := (lookup "v1" "Secret" (include "common.names.namespace" .context) .secret).data }}
|
||||
{{- if $secretData }}
|
||||
{{- if hasKey $secretData .key }}
|
||||
{{- $password = index $secretData .key | quote }}
|
||||
|
|
@ -138,7 +138,7 @@ Params:
|
|||
{{- define "common.secrets.lookup" -}}
|
||||
{{- $value := "" -}}
|
||||
{{- $defaultValue := required "\n'common.secrets.lookup': Argument 'defaultValue' missing or empty" .defaultValue -}}
|
||||
{{- $secretData := (lookup "v1" "Secret" $.context.Release.Namespace .secret).data -}}
|
||||
{{- $secretData := (lookup "v1" "Secret" (include "common.names.namespace" .context) .secret).data -}}
|
||||
{{- if and $secretData (hasKey $secretData .key) -}}
|
||||
{{- $value = index $secretData .key -}}
|
||||
{{- else -}}
|
||||
|
|
@ -158,7 +158,7 @@ Params:
|
|||
- context - Context - Required - Parent context.
|
||||
*/}}
|
||||
{{- define "common.secrets.exists" -}}
|
||||
{{- $secret := (lookup "v1" "Secret" $.context.Release.Namespace .secret) }}
|
||||
{{- $secret := (lookup "v1" "Secret" (include "common.names.namespace" .context) .secret) }}
|
||||
{{- if $secret }}
|
||||
{{- true -}}
|
||||
{{- end -}}
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ Usage:
|
|||
*/}}
|
||||
{{- define "common.utils.secret.getvalue" -}}
|
||||
{{- $varname := include "common.utils.fieldToEnvVar" . -}}
|
||||
export {{ $varname }}=$(kubectl get secret --namespace {{ .context.Release.Namespace | quote }} {{ .secret }} -o jsonpath="{.data.{{ .field }}}" | base64 -d)
|
||||
export {{ $varname }}=$(kubectl get secret --namespace {{ include "common.names.namespace" .context | quote }} {{ .secret }} -o jsonpath="{.data.{{ .field }}}" | base64 -d)
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
|
|
|
|||
|
|
@ -79,7 +79,7 @@ diagnosticMode:
|
|||
image:
|
||||
registry: docker.io
|
||||
repository: bitnami/redis
|
||||
tag: 7.0.5-debian-11-r27
|
||||
tag: 7.0.6-debian-11-r0
|
||||
digest: ""
|
||||
## Specify a imagePullPolicy
|
||||
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
|
||||
|
|
|
|||
|
|
@ -1,12 +1,12 @@
|
|||
dependencies:
|
||||
- name: memcached
|
||||
repository: https://charts.bitnami.com/bitnami
|
||||
version: 6.3.1
|
||||
version: 6.3.2
|
||||
- name: mariadb
|
||||
repository: https://charts.bitnami.com/bitnami
|
||||
version: 11.4.0
|
||||
version: 11.4.2
|
||||
- name: common
|
||||
repository: https://charts.bitnami.com/bitnami
|
||||
version: 2.2.1
|
||||
digest: sha256:f22f8887a4dee66306c212edddc19108437a95259dbf005eaec57f5c4634cd9d
|
||||
generated: "2022-12-01T20:58:24.031135004Z"
|
||||
version: 2.2.2
|
||||
digest: sha256:234aa5932acc542e0c2b1760fa11f6d38488a4610f6dc95bcf2381eb2daa236f
|
||||
generated: "2022-12-15T14:19:59.483549481Z"
|
||||
|
|
|
|||
|
|
@ -40,4 +40,4 @@ name: wordpress
|
|||
sources:
|
||||
- https://github.com/bitnami/containers/tree/main/bitnami/wordpress
|
||||
- https://wordpress.org/
|
||||
version: 15.2.18
|
||||
version: 15.2.21
|
||||
|
|
|
|||
|
|
@ -81,15 +81,15 @@ The command removes all the Kubernetes components associated with the chart and
|
|||
|
||||
### WordPress Image parameters
|
||||
|
||||
| Name | Description | Value |
|
||||
| ------------------- | --------------------------------------------------------------------------------------------------------- | -------------------- |
|
||||
| `image.registry` | WordPress image registry | `docker.io` |
|
||||
| `image.repository` | WordPress image repository | `bitnami/wordpress` |
|
||||
| `image.tag` | WordPress image tag (immutable tags are recommended) | `6.1.1-debian-11-r8` |
|
||||
| `image.digest` | WordPress image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `image.pullPolicy` | WordPress image pull policy | `IfNotPresent` |
|
||||
| `image.pullSecrets` | WordPress image pull secrets | `[]` |
|
||||
| `image.debug` | Specify if debug values should be set | `false` |
|
||||
| Name | Description | Value |
|
||||
| ------------------- | --------------------------------------------------------------------------------------------------------- | --------------------- |
|
||||
| `image.registry` | WordPress image registry | `docker.io` |
|
||||
| `image.repository` | WordPress image repository | `bitnami/wordpress` |
|
||||
| `image.tag` | WordPress image tag (immutable tags are recommended) | `6.1.1-debian-11-r13` |
|
||||
| `image.digest` | WordPress image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `image.pullPolicy` | WordPress image pull policy | `IfNotPresent` |
|
||||
| `image.pullSecrets` | WordPress image pull secrets | `[]` |
|
||||
| `image.debug` | Specify if debug values should be set | `false` |
|
||||
|
||||
|
||||
### WordPress Configuration parameters
|
||||
|
|
@ -255,7 +255,7 @@ The command removes all the Kubernetes components associated with the chart and
|
|||
| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` |
|
||||
| `volumePermissions.image.registry` | Bitnami Shell image registry | `docker.io` |
|
||||
| `volumePermissions.image.repository` | Bitnami Shell image repository | `bitnami/bitnami-shell` |
|
||||
| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r59` |
|
||||
| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r61` |
|
||||
| `volumePermissions.image.digest` | Bitnami Shell image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `volumePermissions.image.pullPolicy` | Bitnami Shell image pull policy | `IfNotPresent` |
|
||||
| `volumePermissions.image.pullSecrets` | Bitnami Shell image pull secrets | `[]` |
|
||||
|
|
@ -289,7 +289,7 @@ The command removes all the Kubernetes components associated with the chart and
|
|||
| `metrics.enabled` | Start a sidecar prometheus exporter to expose metrics | `false` |
|
||||
| `metrics.image.registry` | Apache exporter image registry | `docker.io` |
|
||||
| `metrics.image.repository` | Apache exporter image repository | `bitnami/apache-exporter` |
|
||||
| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `0.11.0-debian-11-r69` |
|
||||
| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `0.11.0-debian-11-r71` |
|
||||
| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `metrics.image.pullPolicy` | Apache exporter image pull policy | `IfNotPresent` |
|
||||
| `metrics.image.pullSecrets` | Apache exporter image pull secrets | `[]` |
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
annotations:
|
||||
category: Infrastructure
|
||||
apiVersion: v2
|
||||
appVersion: 2.2.1
|
||||
appVersion: 2.2.2
|
||||
description: A Library Helm Chart for grouping common logic between bitnami charts.
|
||||
This chart is not deployable by itself.
|
||||
home: https://github.com/bitnami/charts/tree/main/bitnami/common
|
||||
|
|
@ -20,4 +20,4 @@ sources:
|
|||
- https://github.com/bitnami/charts
|
||||
- https://www.bitnami.com/
|
||||
type: library
|
||||
version: 2.2.1
|
||||
version: 2.2.2
|
||||
|
|
|
|||
|
|
@ -55,11 +55,7 @@ Usage:
|
|||
Allow the release namespace to be overridden for multi-namespace deployments in combined charts.
|
||||
*/}}
|
||||
{{- define "common.names.namespace" -}}
|
||||
{{- if .Values.namespaceOverride -}}
|
||||
{{- .Values.namespaceOverride -}}
|
||||
{{- else -}}
|
||||
{{- .Release.Namespace -}}
|
||||
{{- end -}}
|
||||
{{- default .Release.Namespace .Values.namespaceOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
|
|
|
|||
|
|
@ -90,7 +90,7 @@ The order in which this function returns a secret password:
|
|||
{{- $passwordLength := default 10 .length }}
|
||||
{{- $providedPasswordKey := include "common.utils.getKeyFromList" (dict "keys" .providedValues "context" $.context) }}
|
||||
{{- $providedPasswordValue := include "common.utils.getValueFromKey" (dict "key" $providedPasswordKey "context" $.context) }}
|
||||
{{- $secretData := (lookup "v1" "Secret" $.context.Release.Namespace .secret).data }}
|
||||
{{- $secretData := (lookup "v1" "Secret" (include "common.names.namespace" .context) .secret).data }}
|
||||
{{- if $secretData }}
|
||||
{{- if hasKey $secretData .key }}
|
||||
{{- $password = index $secretData .key | quote }}
|
||||
|
|
@ -138,7 +138,7 @@ Params:
|
|||
{{- define "common.secrets.lookup" -}}
|
||||
{{- $value := "" -}}
|
||||
{{- $defaultValue := required "\n'common.secrets.lookup': Argument 'defaultValue' missing or empty" .defaultValue -}}
|
||||
{{- $secretData := (lookup "v1" "Secret" $.context.Release.Namespace .secret).data -}}
|
||||
{{- $secretData := (lookup "v1" "Secret" (include "common.names.namespace" .context) .secret).data -}}
|
||||
{{- if and $secretData (hasKey $secretData .key) -}}
|
||||
{{- $value = index $secretData .key -}}
|
||||
{{- else -}}
|
||||
|
|
@ -158,7 +158,7 @@ Params:
|
|||
- context - Context - Required - Parent context.
|
||||
*/}}
|
||||
{{- define "common.secrets.exists" -}}
|
||||
{{- $secret := (lookup "v1" "Secret" $.context.Release.Namespace .secret) }}
|
||||
{{- $secret := (lookup "v1" "Secret" (include "common.names.namespace" .context) .secret) }}
|
||||
{{- if $secret }}
|
||||
{{- true -}}
|
||||
{{- end -}}
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ Usage:
|
|||
*/}}
|
||||
{{- define "common.utils.secret.getvalue" -}}
|
||||
{{- $varname := include "common.utils.fieldToEnvVar" . -}}
|
||||
export {{ $varname }}=$(kubectl get secret --namespace {{ .context.Release.Namespace | quote }} {{ .secret }} -o jsonpath="{.data.{{ .field }}}" | base64 -d)
|
||||
export {{ $varname }}=$(kubectl get secret --namespace {{ include "common.names.namespace" .context | quote }} {{ .secret }} -o jsonpath="{.data.{{ .field }}}" | base64 -d)
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
dependencies:
|
||||
- name: common
|
||||
repository: https://charts.bitnami.com/bitnami
|
||||
version: 2.1.2
|
||||
digest: sha256:1c365a4551a2f4098e9584dc176b289c10437c679c7c3e2ec6153cabf863e1a4
|
||||
generated: "2022-11-02T17:18:34.978485869Z"
|
||||
version: 2.2.2
|
||||
digest: sha256:49ca75cf23ba5eb7df4becef52580f98c8bd8194eb80368b9d7b875f6eefa8e5
|
||||
generated: "2022-12-15T08:09:23.256191892Z"
|
||||
|
|
|
|||
|
|
@ -27,4 +27,4 @@ sources:
|
|||
- https://github.com/bitnami/containers/tree/main/bitnami/mariadb
|
||||
- https://github.com/prometheus/mysqld_exporter
|
||||
- https://mariadb.org
|
||||
version: 11.4.0
|
||||
version: 11.4.2
|
||||
|
|
|
|||
|
|
@ -82,28 +82,28 @@ The command removes all the Kubernetes components associated with the chart and
|
|||
|
||||
### MariaDB common parameters
|
||||
|
||||
| Name | Description | Value |
|
||||
| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- |
|
||||
| `image.registry` | MariaDB image registry | `docker.io` |
|
||||
| `image.repository` | MariaDB image repository | `bitnami/mariadb` |
|
||||
| `image.tag` | MariaDB image tag (immutable tags are recommended) | `10.6.11-debian-11-r0` |
|
||||
| `image.digest` | MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `image.pullPolicy` | MariaDB image pull policy | `IfNotPresent` |
|
||||
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
|
||||
| `image.debug` | Specify if debug logs should be enabled | `false` |
|
||||
| `architecture` | MariaDB architecture (`standalone` or `replication`) | `standalone` |
|
||||
| `auth.rootPassword` | Password for the `root` user. Ignored if existing secret is provided. | `""` |
|
||||
| `auth.database` | Name for a custom database to create | `my_database` |
|
||||
| `auth.username` | Name for a custom user to create | `""` |
|
||||
| `auth.password` | Password for the new user. Ignored if existing secret is provided | `""` |
|
||||
| `auth.replicationUser` | MariaDB replication user | `replicator` |
|
||||
| `auth.replicationPassword` | MariaDB replication user password. Ignored if existing secret is provided | `""` |
|
||||
| `auth.existingSecret` | Use existing secret for password details (`auth.rootPassword`, `auth.password`, `auth.replicationPassword` will be ignored and picked up from this secret). The secret has to contain the keys `mariadb-root-password`, `mariadb-replication-password` and `mariadb-password` | `""` |
|
||||
| `auth.forcePassword` | Force users to specify required passwords | `false` |
|
||||
| `auth.usePasswordFiles` | Mount credentials as files instead of using environment variables | `false` |
|
||||
| `auth.customPasswordFiles` | Use custom password files when `auth.usePasswordFiles` is set to `true`. Define path for keys `root` and `user`, also define `replicator` if `architecture` is set to `replication` | `{}` |
|
||||
| `initdbScripts` | Dictionary of initdb scripts | `{}` |
|
||||
| `initdbScriptsConfigMap` | ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) | `""` |
|
||||
| Name | Description | Value |
|
||||
| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------- |
|
||||
| `image.registry` | MariaDB image registry | `docker.io` |
|
||||
| `image.repository` | MariaDB image repository | `bitnami/mariadb` |
|
||||
| `image.tag` | MariaDB image tag (immutable tags are recommended) | `10.6.11-debian-11-r12` |
|
||||
| `image.digest` | MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `image.pullPolicy` | MariaDB image pull policy | `IfNotPresent` |
|
||||
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
|
||||
| `image.debug` | Specify if debug logs should be enabled | `false` |
|
||||
| `architecture` | MariaDB architecture (`standalone` or `replication`) | `standalone` |
|
||||
| `auth.rootPassword` | Password for the `root` user. Ignored if existing secret is provided. | `""` |
|
||||
| `auth.database` | Name for a custom database to create | `my_database` |
|
||||
| `auth.username` | Name for a custom user to create | `""` |
|
||||
| `auth.password` | Password for the new user. Ignored if existing secret is provided | `""` |
|
||||
| `auth.replicationUser` | MariaDB replication user | `replicator` |
|
||||
| `auth.replicationPassword` | MariaDB replication user password. Ignored if existing secret is provided | `""` |
|
||||
| `auth.existingSecret` | Use existing secret for password details (`auth.rootPassword`, `auth.password`, `auth.replicationPassword` will be ignored and picked up from this secret). The secret has to contain the keys `mariadb-root-password`, `mariadb-replication-password` and `mariadb-password` | `""` |
|
||||
| `auth.forcePassword` | Force users to specify required passwords | `false` |
|
||||
| `auth.usePasswordFiles` | Mount credentials as files instead of using environment variables | `false` |
|
||||
| `auth.customPasswordFiles` | Use custom password files when `auth.usePasswordFiles` is set to `true`. Define path for keys `root` and `user`, also define `replicator` if `architecture` is set to `replication` | `{}` |
|
||||
| `initdbScripts` | Dictionary of initdb scripts | `{}` |
|
||||
| `initdbScriptsConfigMap` | ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) | `""` |
|
||||
|
||||
|
||||
### MariaDB Primary parameters
|
||||
|
|
@ -306,7 +306,7 @@ The command removes all the Kubernetes components associated with the chart and
|
|||
| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` |
|
||||
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
|
||||
| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` |
|
||||
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r50` |
|
||||
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r61` |
|
||||
| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
|
||||
| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
|
||||
|
|
@ -321,7 +321,7 @@ The command removes all the Kubernetes components associated with the chart and
|
|||
| `metrics.enabled` | Start a side-car prometheus exporter | `false` |
|
||||
| `metrics.image.registry` | Exporter image registry | `docker.io` |
|
||||
| `metrics.image.repository` | Exporter image repository | `bitnami/mysqld-exporter` |
|
||||
| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r55` |
|
||||
| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r67` |
|
||||
| `metrics.image.digest` | Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `metrics.image.pullPolicy` | Exporter image pull policy | `IfNotPresent` |
|
||||
| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
annotations:
|
||||
category: Infrastructure
|
||||
apiVersion: v2
|
||||
appVersion: 2.1.2
|
||||
appVersion: 2.2.2
|
||||
description: A Library Helm Chart for grouping common logic between bitnami charts.
|
||||
This chart is not deployable by itself.
|
||||
home: https://github.com/bitnami/charts/tree/main/bitnami/common
|
||||
|
|
@ -20,4 +20,4 @@ sources:
|
|||
- https://github.com/bitnami/charts
|
||||
- https://www.bitnami.com/
|
||||
type: library
|
||||
version: 2.1.2
|
||||
version: 2.2.2
|
||||
|
|
|
|||
|
|
@ -43,10 +43,11 @@ The following table lists the helpers available in the library which are scoped
|
|||
|
||||
| Helper identifier | Description | Expected Input |
|
||||
|-------------------------------|------------------------------------------------------|------------------------------------------------|
|
||||
| `common.affinities.nodes.soft` | Return a soft nodeAffinity definition | `dict "key" "FOO" "values" (list "BAR" "BAZ")` |
|
||||
| `common.affinities.nodes.hard` | Return a hard nodeAffinity definition | `dict "key" "FOO" "values" (list "BAR" "BAZ")` |
|
||||
| `common.affinities.pods.soft` | Return a soft podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $` |
|
||||
| `common.affinities.pods.hard` | Return a hard podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $` |
|
||||
| `common.affinities.nodes.soft` | Return a soft nodeAffinity definition | `dict "key" "FOO" "values" (list "BAR" "BAZ")` |
|
||||
| `common.affinities.nodes.hard` | Return a hard nodeAffinity definition | `dict "key" "FOO" "values" (list "BAR" "BAZ")` |
|
||||
| `common.affinities.pods.soft` | Return a soft podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $` |
|
||||
| `common.affinities.pods.hard` | Return a hard podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $` |
|
||||
| `common.affinities.topologyKey` | Return a topologyKey definition | `dict "topologyKey" "FOO"` |
|
||||
|
||||
### Capabilities
|
||||
|
||||
|
|
@ -107,12 +108,12 @@ The following table lists the helpers available in the library which are scoped
|
|||
|
||||
### Secrets
|
||||
|
||||
| Helper identifier | Description | Expected Input |
|
||||
|---------------------------|--------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
||||
| `common.secrets.name` | Generate the name of the secret. | `dict "existingSecret" .Values.path.to.the.existingSecret "defaultNameSuffix" "mySuffix" "context" $` see [ExistingSecret](#existingsecret) for the structure. |
|
||||
| `common.secrets.key` | Generate secret key. | `dict "existingSecret" .Values.path.to.the.existingSecret "key" "keyName"` see [ExistingSecret](#existingsecret) for the structure. |
|
||||
| `common.passwords.manage` | Generate secret password or retrieve one if already created. | `dict "secret" "secret-name" "key" "keyName" "providedValues" (list "path.to.password1" "path.to.password2") "length" 10 "strong" false "chartName" "chartName" "context" $`, length, strong and chartNAme fields are optional. |
|
||||
| `common.secrets.exists` | Returns whether a previous generated secret already exists. | `dict "secret" "secret-name" "context" $` |
|
||||
| Helper identifier | Description | Expected Input |
|
||||
|-----------------------------------|--------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
||||
| `common.secrets.name` | Generate the name of the secret. | `dict "existingSecret" .Values.path.to.the.existingSecret "defaultNameSuffix" "mySuffix" "context" $` see [ExistingSecret](#existingsecret) for the structure. |
|
||||
| `common.secrets.key` | Generate secret key. | `dict "existingSecret" .Values.path.to.the.existingSecret "key" "keyName"` see [ExistingSecret](#existingsecret) for the structure. |
|
||||
| `common.secrets.passwords.manage` | Generate secret password or retrieve one if already created. | `dict "secret" "secret-name" "key" "keyName" "providedValues" (list "path.to.password1" "path.to.password2") "length" 10 "strong" false "chartName" "chartName" "context" $`, length, strong and chartNAme fields are optional. |
|
||||
| `common.secrets.exists` | Returns whether a previous generated secret already exists. | `dict "secret" "secret-name" "context" $` |
|
||||
|
||||
### Storage
|
||||
|
||||
|
|
|
|||
|
|
@ -45,9 +45,17 @@ Return a nodeAffinity definition
|
|||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return a topologyKey definition
|
||||
{{ include "common.affinities.topologyKey" (dict "topologyKey" "BAR") -}}
|
||||
*/}}
|
||||
{{- define "common.affinities.topologyKey" -}}
|
||||
{{ .topologyKey | default "kubernetes.io/hostname" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return a soft podAffinity/podAntiAffinity definition
|
||||
{{ include "common.affinities.pods.soft" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "context" $) -}}
|
||||
{{ include "common.affinities.pods.soft" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "context" $) -}}
|
||||
*/}}
|
||||
{{- define "common.affinities.pods.soft" -}}
|
||||
{{- $component := default "" .component -}}
|
||||
|
|
@ -62,13 +70,13 @@ preferredDuringSchedulingIgnoredDuringExecution:
|
|||
{{- range $key, $value := $extraMatchLabels }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
topologyKey: kubernetes.io/hostname
|
||||
topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }}
|
||||
weight: 1
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return a hard podAffinity/podAntiAffinity definition
|
||||
{{ include "common.affinities.pods.hard" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "context" $) -}}
|
||||
{{ include "common.affinities.pods.hard" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "context" $) -}}
|
||||
*/}}
|
||||
{{- define "common.affinities.pods.hard" -}}
|
||||
{{- $component := default "" .component -}}
|
||||
|
|
@ -82,7 +90,7 @@ requiredDuringSchedulingIgnoredDuringExecution:
|
|||
{{- range $key, $value := $extraMatchLabels }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
topologyKey: kubernetes.io/hostname
|
||||
topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
|
|
|
|||
|
|
@ -55,11 +55,7 @@ Usage:
|
|||
Allow the release namespace to be overridden for multi-namespace deployments in combined charts.
|
||||
*/}}
|
||||
{{- define "common.names.namespace" -}}
|
||||
{{- if .Values.namespaceOverride -}}
|
||||
{{- .Values.namespaceOverride -}}
|
||||
{{- else -}}
|
||||
{{- .Release.Namespace -}}
|
||||
{{- end -}}
|
||||
{{- default .Release.Namespace .Values.namespaceOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
|
|
|
|||
|
|
@ -90,7 +90,7 @@ The order in which this function returns a secret password:
|
|||
{{- $passwordLength := default 10 .length }}
|
||||
{{- $providedPasswordKey := include "common.utils.getKeyFromList" (dict "keys" .providedValues "context" $.context) }}
|
||||
{{- $providedPasswordValue := include "common.utils.getValueFromKey" (dict "key" $providedPasswordKey "context" $.context) }}
|
||||
{{- $secretData := (lookup "v1" "Secret" $.context.Release.Namespace .secret).data }}
|
||||
{{- $secretData := (lookup "v1" "Secret" (include "common.names.namespace" .context) .secret).data }}
|
||||
{{- if $secretData }}
|
||||
{{- if hasKey $secretData .key }}
|
||||
{{- $password = index $secretData .key | quote }}
|
||||
|
|
@ -138,7 +138,7 @@ Params:
|
|||
{{- define "common.secrets.lookup" -}}
|
||||
{{- $value := "" -}}
|
||||
{{- $defaultValue := required "\n'common.secrets.lookup': Argument 'defaultValue' missing or empty" .defaultValue -}}
|
||||
{{- $secretData := (lookup "v1" "Secret" $.context.Release.Namespace .secret).data -}}
|
||||
{{- $secretData := (lookup "v1" "Secret" (include "common.names.namespace" .context) .secret).data -}}
|
||||
{{- if and $secretData (hasKey $secretData .key) -}}
|
||||
{{- $value = index $secretData .key -}}
|
||||
{{- else -}}
|
||||
|
|
@ -158,7 +158,7 @@ Params:
|
|||
- context - Context - Required - Parent context.
|
||||
*/}}
|
||||
{{- define "common.secrets.exists" -}}
|
||||
{{- $secret := (lookup "v1" "Secret" $.context.Release.Namespace .secret) }}
|
||||
{{- $secret := (lookup "v1" "Secret" (include "common.names.namespace" .context) .secret) }}
|
||||
{{- if $secret }}
|
||||
{{- true -}}
|
||||
{{- end -}}
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ Usage:
|
|||
*/}}
|
||||
{{- define "common.utils.secret.getvalue" -}}
|
||||
{{- $varname := include "common.utils.fieldToEnvVar" . -}}
|
||||
export {{ $varname }}=$(kubectl get secret --namespace {{ .context.Release.Namespace | quote }} {{ .secret }} -o jsonpath="{.data.{{ .field }}}" | base64 -d)
|
||||
export {{ $varname }}=$(kubectl get secret --namespace {{ include "common.names.namespace" .context | quote }} {{ .secret }} -o jsonpath="{.data.{{ .field }}}" | base64 -d)
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
|
|
|
|||
|
|
@ -81,7 +81,7 @@ diagnosticMode:
|
|||
image:
|
||||
registry: docker.io
|
||||
repository: bitnami/mariadb
|
||||
tag: 10.6.11-debian-11-r0
|
||||
tag: 10.6.11-debian-11-r12
|
||||
digest: ""
|
||||
## Specify a imagePullPolicy
|
||||
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
|
||||
|
|
@ -981,7 +981,7 @@ volumePermissions:
|
|||
image:
|
||||
registry: docker.io
|
||||
repository: bitnami/bitnami-shell
|
||||
tag: 11-debian-11-r50
|
||||
tag: 11-debian-11-r61
|
||||
digest: ""
|
||||
pullPolicy: IfNotPresent
|
||||
## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)
|
||||
|
|
@ -1017,7 +1017,7 @@ metrics:
|
|||
image:
|
||||
registry: docker.io
|
||||
repository: bitnami/mysqld-exporter
|
||||
tag: 0.14.0-debian-11-r55
|
||||
tag: 0.14.0-debian-11-r67
|
||||
digest: ""
|
||||
pullPolicy: IfNotPresent
|
||||
## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
dependencies:
|
||||
- name: common
|
||||
repository: https://charts.bitnami.com/bitnami
|
||||
version: 2.1.2
|
||||
digest: sha256:1c365a4551a2f4098e9584dc176b289c10437c679c7c3e2ec6153cabf863e1a4
|
||||
generated: "2022-11-09T04:10:17.956363773Z"
|
||||
version: 2.2.1
|
||||
digest: sha256:6c67cfa9945bf608209d4e2ca8f17079fca4770907c7902d984187ab5b21811e
|
||||
generated: "2022-12-09T21:42:52.255920958Z"
|
||||
|
|
|
|||
|
|
@ -23,4 +23,4 @@ name: memcached
|
|||
sources:
|
||||
- https://github.com/bitnami/containers/tree/main/bitnami/memcached
|
||||
- http://memcached.org/
|
||||
version: 6.3.1
|
||||
version: 6.3.2
|
||||
|
|
|
|||
|
|
@ -82,7 +82,7 @@ The command removes all the Kubernetes components associated with the chart and
|
|||
| ----------------------------- | --------------------------------------------------------------------------------------------------------- | ---------------------- |
|
||||
| `image.registry` | Memcached image registry | `docker.io` |
|
||||
| `image.repository` | Memcached image repository | `bitnami/memcached` |
|
||||
| `image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.17-debian-11-r25` |
|
||||
| `image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.17-debian-11-r35` |
|
||||
| `image.digest` | Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `image.pullPolicy` | Memcached image pull policy | `IfNotPresent` |
|
||||
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
|
||||
|
|
@ -213,7 +213,7 @@ The command removes all the Kubernetes components associated with the chart and
|
|||
| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` |
|
||||
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
|
||||
| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` |
|
||||
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r50` |
|
||||
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r59` |
|
||||
| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
|
||||
| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` |
|
||||
|
|
@ -223,7 +223,7 @@ The command removes all the Kubernetes components associated with the chart and
|
|||
| `metrics.enabled` | Start a side-car prometheus exporter | `false` |
|
||||
| `metrics.image.registry` | Memcached exporter image registry | `docker.io` |
|
||||
| `metrics.image.repository` | Memcached exporter image repository | `bitnami/memcached-exporter` |
|
||||
| `metrics.image.tag` | Memcached exporter image tag (immutable tags are recommended) | `0.10.0-debian-11-r51` |
|
||||
| `metrics.image.tag` | Memcached exporter image tag (immutable tags are recommended) | `0.10.0-debian-11-r61` |
|
||||
| `metrics.image.digest` | Memcached exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
|
||||
| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` |
|
||||
| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
annotations:
|
||||
category: Infrastructure
|
||||
apiVersion: v2
|
||||
appVersion: 2.1.2
|
||||
appVersion: 2.2.1
|
||||
description: A Library Helm Chart for grouping common logic between bitnami charts.
|
||||
This chart is not deployable by itself.
|
||||
home: https://github.com/bitnami/charts/tree/main/bitnami/common
|
||||
|
|
@ -20,4 +20,4 @@ sources:
|
|||
- https://github.com/bitnami/charts
|
||||
- https://www.bitnami.com/
|
||||
type: library
|
||||
version: 2.1.2
|
||||
version: 2.2.1
|
||||
|
|
|
|||
|
|
@ -43,10 +43,11 @@ The following table lists the helpers available in the library which are scoped
|
|||
|
||||
| Helper identifier | Description | Expected Input |
|
||||
|-------------------------------|------------------------------------------------------|------------------------------------------------|
|
||||
| `common.affinities.nodes.soft` | Return a soft nodeAffinity definition | `dict "key" "FOO" "values" (list "BAR" "BAZ")` |
|
||||
| `common.affinities.nodes.hard` | Return a hard nodeAffinity definition | `dict "key" "FOO" "values" (list "BAR" "BAZ")` |
|
||||
| `common.affinities.pods.soft` | Return a soft podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $` |
|
||||
| `common.affinities.pods.hard` | Return a hard podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $` |
|
||||
| `common.affinities.nodes.soft` | Return a soft nodeAffinity definition | `dict "key" "FOO" "values" (list "BAR" "BAZ")` |
|
||||
| `common.affinities.nodes.hard` | Return a hard nodeAffinity definition | `dict "key" "FOO" "values" (list "BAR" "BAZ")` |
|
||||
| `common.affinities.pods.soft` | Return a soft podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $` |
|
||||
| `common.affinities.pods.hard` | Return a hard podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $` |
|
||||
| `common.affinities.topologyKey` | Return a topologyKey definition | `dict "topologyKey" "FOO"` |
|
||||
|
||||
### Capabilities
|
||||
|
||||
|
|
@ -107,12 +108,12 @@ The following table lists the helpers available in the library which are scoped
|
|||
|
||||
### Secrets
|
||||
|
||||
| Helper identifier | Description | Expected Input |
|
||||
|---------------------------|--------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
||||
| `common.secrets.name` | Generate the name of the secret. | `dict "existingSecret" .Values.path.to.the.existingSecret "defaultNameSuffix" "mySuffix" "context" $` see [ExistingSecret](#existingsecret) for the structure. |
|
||||
| `common.secrets.key` | Generate secret key. | `dict "existingSecret" .Values.path.to.the.existingSecret "key" "keyName"` see [ExistingSecret](#existingsecret) for the structure. |
|
||||
| `common.passwords.manage` | Generate secret password or retrieve one if already created. | `dict "secret" "secret-name" "key" "keyName" "providedValues" (list "path.to.password1" "path.to.password2") "length" 10 "strong" false "chartName" "chartName" "context" $`, length, strong and chartNAme fields are optional. |
|
||||
| `common.secrets.exists` | Returns whether a previous generated secret already exists. | `dict "secret" "secret-name" "context" $` |
|
||||
| Helper identifier | Description | Expected Input |
|
||||
|-----------------------------------|--------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
||||
| `common.secrets.name` | Generate the name of the secret. | `dict "existingSecret" .Values.path.to.the.existingSecret "defaultNameSuffix" "mySuffix" "context" $` see [ExistingSecret](#existingsecret) for the structure. |
|
||||
| `common.secrets.key` | Generate secret key. | `dict "existingSecret" .Values.path.to.the.existingSecret "key" "keyName"` see [ExistingSecret](#existingsecret) for the structure. |
|
||||
| `common.secrets.passwords.manage` | Generate secret password or retrieve one if already created. | `dict "secret" "secret-name" "key" "keyName" "providedValues" (list "path.to.password1" "path.to.password2") "length" 10 "strong" false "chartName" "chartName" "context" $`, length, strong and chartNAme fields are optional. |
|
||||
| `common.secrets.exists` | Returns whether a previous generated secret already exists. | `dict "secret" "secret-name" "context" $` |
|
||||
|
||||
### Storage
|
||||
|
||||
|
|
|
|||
|
|
@ -45,9 +45,17 @@ Return a nodeAffinity definition
|
|||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return a topologyKey definition
|
||||
{{ include "common.affinities.topologyKey" (dict "topologyKey" "BAR") -}}
|
||||
*/}}
|
||||
{{- define "common.affinities.topologyKey" -}}
|
||||
{{ .topologyKey | default "kubernetes.io/hostname" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return a soft podAffinity/podAntiAffinity definition
|
||||
{{ include "common.affinities.pods.soft" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "context" $) -}}
|
||||
{{ include "common.affinities.pods.soft" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "context" $) -}}
|
||||
*/}}
|
||||
{{- define "common.affinities.pods.soft" -}}
|
||||
{{- $component := default "" .component -}}
|
||||
|
|
@ -62,13 +70,13 @@ preferredDuringSchedulingIgnoredDuringExecution:
|
|||
{{- range $key, $value := $extraMatchLabels }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
topologyKey: kubernetes.io/hostname
|
||||
topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }}
|
||||
weight: 1
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return a hard podAffinity/podAntiAffinity definition
|
||||
{{ include "common.affinities.pods.hard" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "context" $) -}}
|
||||
{{ include "common.affinities.pods.hard" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "context" $) -}}
|
||||
*/}}
|
||||
{{- define "common.affinities.pods.hard" -}}
|
||||
{{- $component := default "" .component -}}
|
||||
|
|
@ -82,7 +90,7 @@ requiredDuringSchedulingIgnoredDuringExecution:
|
|||
{{- range $key, $value := $extraMatchLabels }}
|
||||
{{ $key }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
topologyKey: kubernetes.io/hostname
|
||||
topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
|
|
|
|||
|
|
@ -70,7 +70,7 @@ diagnosticMode:
|
|||
image:
|
||||
registry: docker.io
|
||||
repository: bitnami/memcached
|
||||
tag: 1.6.17-debian-11-r25
|
||||
tag: 1.6.17-debian-11-r35
|
||||
digest: ""
|
||||
## Specify a imagePullPolicy
|
||||
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
|
||||
|
|
@ -509,7 +509,7 @@ volumePermissions:
|
|||
image:
|
||||
registry: docker.io
|
||||
repository: bitnami/bitnami-shell
|
||||
tag: 11-debian-11-r50
|
||||
tag: 11-debian-11-r59
|
||||
digest: ""
|
||||
pullPolicy: IfNotPresent
|
||||
## Optionally specify an array of imagePullSecrets.
|
||||
|
|
@ -554,7 +554,7 @@ metrics:
|
|||
image:
|
||||
registry: docker.io
|
||||
repository: bitnami/memcached-exporter
|
||||
tag: 0.10.0-debian-11-r51
|
||||
tag: 0.10.0-debian-11-r61
|
||||
digest: ""
|
||||
pullPolicy: IfNotPresent
|
||||
## Optionally specify an array of imagePullSecrets.
|
||||
|
|
|
|||
|
|
@ -73,7 +73,7 @@ diagnosticMode:
|
|||
image:
|
||||
registry: docker.io
|
||||
repository: bitnami/wordpress
|
||||
tag: 6.1.1-debian-11-r8
|
||||
tag: 6.1.1-debian-11-r13
|
||||
digest: ""
|
||||
## Specify a imagePullPolicy
|
||||
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
|
||||
|
|
@ -755,7 +755,7 @@ volumePermissions:
|
|||
image:
|
||||
registry: docker.io
|
||||
repository: bitnami/bitnami-shell
|
||||
tag: 11-debian-11-r59
|
||||
tag: 11-debian-11-r61
|
||||
digest: ""
|
||||
pullPolicy: IfNotPresent
|
||||
## Optionally specify an array of imagePullSecrets.
|
||||
|
|
@ -849,7 +849,7 @@ metrics:
|
|||
image:
|
||||
registry: docker.io
|
||||
repository: bitnami/apache-exporter
|
||||
tag: 0.11.0-debian-11-r69
|
||||
tag: 0.11.0-debian-11-r71
|
||||
digest: ""
|
||||
pullPolicy: IfNotPresent
|
||||
## Optionally specify an array of imagePullSecrets.
|
||||
|
|
|
|||
|
|
@ -25,4 +25,4 @@ name: zookeeper
|
|||
sources:
|
||||
- https://github.com/bitnami/containers/tree/main/bitnami/zookeeper
|
||||
- https://zookeeper.apache.org/
|
||||
version: 11.0.1
|
||||
version: 11.0.2
|
||||
|
|
|
|||
|
|
@ -17,6 +17,9 @@ data:
|
|||
|
||||
{{- if .Values.tls.client.enabled }}
|
||||
if [[ -f "/certs/client/tls.key" ]] && [[ -f "/certs/client/tls.crt" ]] && [[ -f "/certs/client/ca.crt" ]]; then
|
||||
if [[ -f "/opt/bitnami/zookeeper/config/certs/client/.initialized" ]]; then
|
||||
exit 0
|
||||
fi
|
||||
openssl pkcs12 -export -in "/certs/client/tls.crt" \
|
||||
-passout pass:"${ZOO_TLS_CLIENT_KEYSTORE_PASSWORD}" \
|
||||
-inkey "/certs/client/tls.key" \
|
||||
|
|
@ -31,6 +34,7 @@ data:
|
|||
-keystore "/opt/bitnami/zookeeper/config/certs/client/zookeeper.truststore.jks" \
|
||||
-storepass "${ZOO_TLS_CLIENT_TRUSTSTORE_PASSWORD}" \
|
||||
-noprompt
|
||||
touch /opt/bitnami/zookeeper/config/certs/client/.initialized
|
||||
{{- if .Values.tls.client.autoGenerated }}
|
||||
else
|
||||
echo "Couldn't find the expected PEM certificates! They are mandatory when Client encryption via TLS is enabled."
|
||||
|
|
|
|||
|
|
@ -4,9 +4,9 @@ annotations:
|
|||
catalog.cattle.io/kube-version: '>=1.18-0'
|
||||
catalog.cattle.io/release-name: cf-runtime
|
||||
apiVersion: v2
|
||||
appVersion: 1.8.0
|
||||
appVersion: 1.9.3
|
||||
description: A Helm chart for Codefresh Runner
|
||||
icon: https://partner-charts.rancher.io/assets/logos/codefresh.jpg
|
||||
name: cf-runtime
|
||||
type: application
|
||||
version: 1.8.0
|
||||
version: 1.9.3
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
{{- if (not .Values.monitor.existingMonitorToken ) -}}
|
||||
{{- if and .Values.monitor.enabled (not .Values.monitor.existingMonitorToken ) -}}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
type: Opaque
|
||||
|
|
@ -7,4 +7,4 @@ metadata:
|
|||
labels: {{- include "cf-monitor.labels" . | nindent 4 }}
|
||||
data:
|
||||
codefresh.token: {{ .Values.monitor.token | b64enc }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
|
|
|||
|
|
@ -9,6 +9,10 @@ Expand the name of the chart.
|
|||
{{- printf "%s-%s" (include "cf-runtime.fullname" .) "volume-provisioner" | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
{{- define "cf-vp.volumeCleanupCronName" -}}
|
||||
{{- printf "%s-%s" (include "cf-runtime.fullname" .) "volume-cleanup" | trunc 52 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
{{- define "cf-vp.provisionerName" -}}
|
||||
{{- printf "%s-%s" (include "cf-runtime.fullname" .) "volume-provisioner" | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
apiVersion: batch/v1beta1
|
||||
kind: CronJob
|
||||
metadata:
|
||||
name: {{ include "cf-vp.fullname" . }}
|
||||
name: {{ include "cf-vp.volumeCleanupCronName" . }}
|
||||
labels: {{- include "cf-vp.cleanupLabels" . | nindent 4 }}
|
||||
spec:
|
||||
schedule: "0,10,20,30,40,50 * * * *"
|
||||
|
|
|
|||
|
|
@ -12,6 +12,10 @@ spec:
|
|||
template:
|
||||
metadata:
|
||||
labels: {{- include "cf-vp.provisionerLabels" . | nindent 9 }}
|
||||
annotations:
|
||||
{{- range $key, $value := .Values.volumeProvisioner.annotations }}
|
||||
{{ $key }}: {{ $value }}
|
||||
{{- end}}
|
||||
spec:
|
||||
serviceAccountName: {{ include "cf-vp.fullname" . }}
|
||||
{{- if .Values.volumeProvisioner.nodeSelector }}
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ dockerRegistry: "quay.io" # Registry prefix for the runtime images (default quay
|
|||
newRelicLicense: "" # NEWRELIC_LICENSE_KEY (for app-proxy and runner deployments)
|
||||
|
||||
runner: # Runner Deployment
|
||||
image: "codefresh/venona:1.8.0"
|
||||
image: "codefresh/venona:1.9.2"
|
||||
env: {}
|
||||
## e.g:
|
||||
# env:
|
||||
|
|
@ -68,6 +68,7 @@ volumeProvisioner: # Volume-Provisioner Deployment
|
|||
# PRIVILEGED_CONTAINER: true
|
||||
### https://codefresh.io/docs/docs/administration/codefresh-runner/#installing-on-aks
|
||||
# mountAzureJson: true
|
||||
annotations: {} # annotate volume-provisioner pod
|
||||
|
||||
storage: # Storage parameters for Volume-Provisioner
|
||||
backend: local # volume type: local(default), ebs, gcedisk or azuredisk
|
||||
|
|
|
|||
|
|
@ -0,0 +1,23 @@
|
|||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*.orig
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
||||
.vscode/
|
||||
|
|
@ -1,6 +1,6 @@
|
|||
dependencies:
|
||||
- name: crate-operator-crds
|
||||
repository: file://../crate-operator-crds
|
||||
version: 2.19.0
|
||||
digest: sha256:7b73a3d4185c7b4d4816c1dd51b5ce2e32bf06da0bfbd675957eea241bd1279d
|
||||
generated: "2022-11-29T11:23:09.384469657Z"
|
||||
version: 2.20.0
|
||||
digest: sha256:204873fcb33f361a558b333f431174c3b9bfcf6ea266c1f022cf5d11f24c66de
|
||||
generated: "2022-12-15T15:11:32.447020049Z"
|
||||
|
|
|
|||
|
|
@ -3,16 +3,16 @@ annotations:
|
|||
catalog.cattle.io/display-name: CrateDB Operator
|
||||
catalog.cattle.io/release-name: crate-operator
|
||||
apiVersion: v2
|
||||
appVersion: 2.19.0
|
||||
appVersion: 2.20.0
|
||||
dependencies:
|
||||
- condition: crate-operator-crds.enabled
|
||||
name: crate-operator-crds
|
||||
repository: file://./charts/crate-operator-crds
|
||||
version: 2.19.0
|
||||
version: 2.20.0
|
||||
description: Crate Operator - Helm chart for installing and upgrading Crate Operator.
|
||||
icon: https://raw.githubusercontent.com/crate/crate/master/docs/_static/crate-logo.svg
|
||||
maintainers:
|
||||
- name: Crate.io
|
||||
name: crate-operator
|
||||
type: application
|
||||
version: 2.19.0
|
||||
version: 2.20.0
|
||||
|
|
|
|||
|
|
@ -1,9 +1,9 @@
|
|||
apiVersion: v2
|
||||
appVersion: 2.19.0
|
||||
appVersion: 2.20.0
|
||||
description: Crate Operator CRDs - Helm chart for installing and upgrading Custom
|
||||
Resource Definitions (CRDs) for the Crate Operator.
|
||||
maintainers:
|
||||
- name: Crate.io
|
||||
name: crate-operator-crds
|
||||
type: application
|
||||
version: 2.19.0
|
||||
version: 2.20.0
|
||||
|
|
|
|||
|
|
@ -195,6 +195,103 @@ spec:
|
|||
description: Name of the cluster
|
||||
pattern: ^[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?$
|
||||
type: string
|
||||
restoreSnapshot:
|
||||
description: Restore data from a snapshot.
|
||||
properties:
|
||||
accessKeyId:
|
||||
properties:
|
||||
secretKeyRef:
|
||||
properties:
|
||||
key:
|
||||
description: The key within the Kubernetes Secret
|
||||
that holds the Access Key ID.
|
||||
type: string
|
||||
name:
|
||||
description: Name of a Kubernetes Secret that contains
|
||||
the Access Key ID to be used for accessing the
|
||||
backup of the source cluster.
|
||||
type: string
|
||||
required:
|
||||
- key
|
||||
- name
|
||||
type: object
|
||||
required:
|
||||
- secretKeyRef
|
||||
type: object
|
||||
basePath:
|
||||
properties:
|
||||
secretKeyRef:
|
||||
properties:
|
||||
key:
|
||||
description: The key within the Kubernetes Secret
|
||||
that holds the base path of the repository.
|
||||
type: string
|
||||
name:
|
||||
description: Name of a Kubernetes Secret that contains
|
||||
the base path to be used.
|
||||
type: string
|
||||
required:
|
||||
- key
|
||||
- name
|
||||
type: object
|
||||
required:
|
||||
- secretKeyRef
|
||||
type: object
|
||||
bucket:
|
||||
properties:
|
||||
secretKeyRef:
|
||||
properties:
|
||||
key:
|
||||
description: The key within the Kubernetes Secret
|
||||
that holds the snapshot's bucket name.
|
||||
type: string
|
||||
name:
|
||||
description: Name of a Kubernetes Secret that contains
|
||||
the snapshot's bucket name to be used for the restore.
|
||||
type: string
|
||||
required:
|
||||
- key
|
||||
- name
|
||||
type: object
|
||||
required:
|
||||
- secretKeyRef
|
||||
type: object
|
||||
secretAccessKey:
|
||||
properties:
|
||||
secretKeyRef:
|
||||
properties:
|
||||
key:
|
||||
description: The key within the Kubernetes Secret
|
||||
that holds the Secret Access Key.
|
||||
type: string
|
||||
name:
|
||||
description: Name of a Kubernetes Secret that contains
|
||||
the Secret Access Key to be used for accessing the
|
||||
backup of the source cluster..
|
||||
type: string
|
||||
required:
|
||||
- key
|
||||
- name
|
||||
type: object
|
||||
required:
|
||||
- secretKeyRef
|
||||
type: object
|
||||
snapshot:
|
||||
description: The name of the snapshot to use.
|
||||
type: string
|
||||
tables:
|
||||
description: The tables to restore from the backup.
|
||||
Format '<schema_name>.<table_name>'. Defaults to 'all'
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
required:
|
||||
- snapshot
|
||||
- bucket
|
||||
- secretAccessKey
|
||||
- basePath
|
||||
- accessKeyId
|
||||
type: object
|
||||
settings:
|
||||
description: Additional settings to apply to all nodes in the
|
||||
cluster.
|
||||
|
|
|
|||
|
|
@ -1,5 +1,26 @@
|
|||
# Datadog changelog
|
||||
|
||||
## 3.6.4
|
||||
|
||||
* Change nesting for `providers.aks.enabled` parameter in Helm template.
|
||||
|
||||
## 3.6.3
|
||||
|
||||
* Add `datadog.kubeStateMetricsCore.annotationsAsTags` that expose the `annotations_as_tags` parameter of the KSM core check.
|
||||
This parameter exists only in agent 7.42.0 and above and cluster-agent 7.42.0 and above.
|
||||
|
||||
# 3.6.2
|
||||
|
||||
* Add CRDs to the cluster agent RBAC to be able to collect them using the Orchestrator Explorer.
|
||||
|
||||
## 3.6.1
|
||||
|
||||
* Add `providers.aks.enabled` parameter to activate specific configuration options for AKS.
|
||||
|
||||
## 3.6.0
|
||||
|
||||
* Update "Agent" and "Cluster-Agent" versions to `7.41.0` by default.
|
||||
|
||||
## 3.5.2
|
||||
|
||||
* Fix API Key check in NOTES.txt following change of default value for `datadog.apiKey`.
|
||||
|
|
|
|||
|
|
@ -19,4 +19,4 @@ name: datadog
|
|||
sources:
|
||||
- https://app.datadoghq.com/account/settings#agent/kubernetes
|
||||
- https://github.com/DataDog/datadog-agent
|
||||
version: 3.5.2
|
||||
version: 3.6.4
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
# Datadog
|
||||
|
||||
 
|
||||
 
|
||||
|
||||
[Datadog](https://www.datadoghq.com/) is a hosted infrastructure monitoring platform. This chart adds the Datadog Agent to all nodes in your cluster via a DaemonSet. It also optionally depends on the [kube-state-metrics chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics). For more information about monitoring Kubernetes with Datadog, please refer to the [Datadog documentation website](https://docs.datadoghq.com/agent/basic_agent_usage/kubernetes/).
|
||||
|
||||
|
|
@ -443,7 +443,7 @@ helm install <RELEASE_NAME> \
|
|||
| agents.image.pullPolicy | string | `"IfNotPresent"` | Datadog Agent image pull policy |
|
||||
| agents.image.pullSecrets | list | `[]` | Datadog Agent repository pullSecret (ex: specify docker registry credentials) |
|
||||
| agents.image.repository | string | `nil` | Override default registry + image.name for Agent |
|
||||
| agents.image.tag | string | `"7.40.1"` | Define the Agent version to use |
|
||||
| agents.image.tag | string | `"7.41.0"` | Define the Agent version to use |
|
||||
| agents.image.tagSuffix | string | `""` | Suffix to append to Agent tag |
|
||||
| agents.localService.forceLocalServiceEnabled | bool | `false` | Force the creation of the internal traffic policy service to target the agent running on the local node. By default, the internal traffic service is created only on Kubernetes 1.22+ where the feature became beta and enabled by default. This option allows to force the creation of the internal traffic service on kubernetes 1.21 where the feature was alpha and required a feature gate to be explicitly enabled. |
|
||||
| agents.localService.overrideName | string | `""` | Name of the internal traffic service to target the agent running on the local node |
|
||||
|
|
@ -501,7 +501,7 @@ helm install <RELEASE_NAME> \
|
|||
| clusterAgent.image.pullPolicy | string | `"IfNotPresent"` | Cluster Agent image pullPolicy |
|
||||
| clusterAgent.image.pullSecrets | list | `[]` | Cluster Agent repository pullSecret (ex: specify docker registry credentials) |
|
||||
| clusterAgent.image.repository | string | `nil` | Override default registry + image.name for Cluster Agent |
|
||||
| clusterAgent.image.tag | string | `"7.40.1"` | Cluster Agent image tag to use |
|
||||
| clusterAgent.image.tag | string | `"7.41.0"` | Cluster Agent image tag to use |
|
||||
| clusterAgent.livenessProbe | object | Every 15s / 6 KO / 1 OK | Override default Cluster Agent liveness probe settings |
|
||||
| clusterAgent.metricsProvider.aggregator | string | `"avg"` | Define the aggregator the cluster agent will use to process the metrics. The options are (avg, min, max, sum) |
|
||||
| clusterAgent.metricsProvider.createReaderRbac | bool | `true` | Create `external-metrics-reader` RBAC automatically (to allow HPA to read data from Cluster Agent) |
|
||||
|
|
@ -547,7 +547,7 @@ helm install <RELEASE_NAME> \
|
|||
| clusterChecksRunner.image.pullPolicy | string | `"IfNotPresent"` | Datadog Agent image pull policy |
|
||||
| clusterChecksRunner.image.pullSecrets | list | `[]` | Datadog Agent repository pullSecret (ex: specify docker registry credentials) |
|
||||
| clusterChecksRunner.image.repository | string | `nil` | Override default registry + image.name for Cluster Check Runners |
|
||||
| clusterChecksRunner.image.tag | string | `"7.40.1"` | Define the Agent version to use |
|
||||
| clusterChecksRunner.image.tag | string | `"7.41.0"` | Define the Agent version to use |
|
||||
| clusterChecksRunner.image.tagSuffix | string | `""` | Suffix to append to Agent tag |
|
||||
| clusterChecksRunner.livenessProbe | object | Every 15s / 6 KO / 1 OK | Override default agent liveness probe settings |
|
||||
| clusterChecksRunner.networkPolicy.create | bool | `false` | If true, create a NetworkPolicy for the cluster checks runners. DEPRECATED. Use datadog.networkPolicy.create instead |
|
||||
|
|
@ -617,6 +617,7 @@ helm install <RELEASE_NAME> \
|
|||
| datadog.helmCheck.valuesAsTags | object | `{}` | Collects Helm values from a release and uses them as tags (Requires Agent and Cluster Agent 7.40.0+). This requires datadog.HelmCheck.enabled to be set to true |
|
||||
| datadog.hostVolumeMountPropagation | string | `"None"` | Allow to specify the `mountPropagation` value on all volumeMounts using HostPath |
|
||||
| datadog.ignoreAutoConfig | list | `[]` | List of integration to ignore auto_conf.yaml. |
|
||||
| datadog.kubeStateMetricsCore.annotationsAsTags | object | `{}` | Extra annotations to collect from resources and to turn into datadog tag. |
|
||||
| datadog.kubeStateMetricsCore.collectSecretMetrics | bool | `true` | Enable watching secret objects and collecting their corresponding metrics kubernetes_state.secret.* |
|
||||
| datadog.kubeStateMetricsCore.collectVpaMetrics | bool | `false` | Enable watching VPA objects and collecting their corresponding metrics kubernetes_state.vpa.* |
|
||||
| datadog.kubeStateMetricsCore.enabled | bool | `true` | Enable the kubernetes_state_core check in the Cluster Agent (Requires Cluster Agent 1.12.0+) |
|
||||
|
|
@ -714,6 +715,7 @@ helm install <RELEASE_NAME> \
|
|||
| kube-state-metrics.serviceAccount.create | bool | `true` | If true, create ServiceAccount, require rbac kube-state-metrics.rbac.create true |
|
||||
| kube-state-metrics.serviceAccount.name | string | `nil` | The name of the ServiceAccount to use. |
|
||||
| nameOverride | string | `nil` | Override name of app |
|
||||
| providers.aks.enabled | bool | `false` | Activate all specifities related to AKS configuration. Required as currently we cannot auto-detect AKS. |
|
||||
| providers.eks.ec2.useHostnameFromFile | bool | `false` | Use hostname from EC2 filesystem instead of fetching from metadata endpoint. |
|
||||
| providers.gke.autopilot | bool | `false` | Enables Datadog Agent deployment on GKE Autopilot |
|
||||
| registry | string | `"gcr.io/datadoghq"` | Registry to use for all Agent images (default gcr.io) |
|
||||
|
|
|
|||
|
|
@ -37,5 +37,7 @@ kubernetes_state_core.yaml.default: |-
|
|||
skip_leader_election: true
|
||||
{{- end }}
|
||||
labels_as_tags:
|
||||
{{ .Values.datadog.kubeStateMetricsCore.labelsAsTags | toYaml | indent 10 }}
|
||||
{{ .Values.datadog.kubeStateMetricsCore.labelsAsTags | toYaml | indent 8 }}
|
||||
annotations_as_tags:
|
||||
{{ .Values.datadog.kubeStateMetricsCore.annotationsAsTags | toYaml | indent 8 }}
|
||||
{{- end -}}
|
||||
|
|
|
|||
|
|
@ -184,6 +184,10 @@ spec:
|
|||
value: {{ template "localService.name" . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.providers.aks.enabled }}
|
||||
- name: DD_ADMISSION_CONTROLLER_ADD_AKS_SELECTORS
|
||||
value: "true"
|
||||
{{- end }}
|
||||
- name: DD_ADMISSION_CONTROLLER_FAILURE_POLICY
|
||||
value: {{ .Values.clusterAgent.admissionController.failurePolicy | quote }}
|
||||
{{- end }}
|
||||
|
|
|
|||
|
|
@ -168,6 +168,14 @@ rules:
|
|||
- list
|
||||
- get
|
||||
- watch
|
||||
- apiGroups:
|
||||
- "apiextensions.k8s.io"
|
||||
resources:
|
||||
- customresourcedefinitions
|
||||
verbs:
|
||||
- list
|
||||
- get
|
||||
- watch
|
||||
{{- end }}
|
||||
{{- if and .Values.clusterAgent.metricsProvider.enabled .Values.clusterAgent.metricsProvider.useDatadogMetrics }}
|
||||
- apiGroups:
|
||||
|
|
|
|||
|
|
@ -178,6 +178,25 @@ datadog:
|
|||
# zone: zone
|
||||
# team: team
|
||||
|
||||
# datadog.kubeStateMetricsCore.annotationsAsTags -- Extra annotations to collect from resources and to turn into datadog tag.
|
||||
|
||||
## It has the following structure:
|
||||
## annotationsAsTags:
|
||||
## <resource1>: # can be pod, deployment, node, etc.
|
||||
## <annotation1>: <tag1> # where <annotation1> is the kubernetes annotation and <tag1> is the datadog tag
|
||||
## <annotation2>: <tag2>
|
||||
## <resource2>:
|
||||
## <annotation3>: <tag3>
|
||||
##
|
||||
## Warning: the annotation must match the transformation done by kube-state-metrics,
|
||||
## for example tags.datadoghq.com/version becomes tags_datadoghq_com_version.
|
||||
annotationsAsTags: {}
|
||||
# pod:
|
||||
# app: app
|
||||
# node:
|
||||
# zone: zone
|
||||
# team: team
|
||||
|
||||
## Manage Cluster checks feature
|
||||
|
||||
## ref: https://docs.datadoghq.com/agent/autodiscovery/clusterchecks/
|
||||
|
|
@ -738,7 +757,7 @@ clusterAgent:
|
|||
name: cluster-agent
|
||||
|
||||
# clusterAgent.image.tag -- Cluster Agent image tag to use
|
||||
tag: 7.40.1
|
||||
tag: 7.41.0
|
||||
|
||||
# clusterAgent.image.digest -- Cluster Agent image digest to use, takes precedence over tag if specified
|
||||
digest: ""
|
||||
|
|
@ -1060,7 +1079,7 @@ agents:
|
|||
name: agent
|
||||
|
||||
# agents.image.tag -- Define the Agent version to use
|
||||
tag: 7.40.1
|
||||
tag: 7.41.0
|
||||
|
||||
# agents.image.digest -- Define Agent image digest to use, takes precedence over tag if specified
|
||||
digest: ""
|
||||
|
|
@ -1500,7 +1519,7 @@ clusterChecksRunner:
|
|||
name: agent
|
||||
|
||||
# clusterChecksRunner.image.tag -- Define the Agent version to use
|
||||
tag: 7.40.1
|
||||
tag: 7.41.0
|
||||
|
||||
# clusterChecksRunner.image.digest -- Define Agent image digest to use, takes precedence over tag if specified
|
||||
digest: ""
|
||||
|
|
@ -1737,3 +1756,6 @@ providers:
|
|||
## IMDS metadata endpoint is not accesible to containers. This flag mounts the host's
|
||||
## `/var/lib/cloud/data/instance-id` and uses that for Agent's hostname instead.
|
||||
useHostnameFromFile: false
|
||||
aks:
|
||||
# providers.aks.enabled -- Activate all specifities related to AKS configuration. Required as currently we cannot auto-detect AKS.
|
||||
enabled: false
|
||||
|
|
|
|||
|
|
@ -0,0 +1,23 @@
|
|||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*.orig
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
||||
.vscode/
|
||||
|
|
@ -1,9 +1,10 @@
|
|||
annotations:
|
||||
catalog.cattle.io/certified: partner
|
||||
catalog.cattle.io/display-name: Datawiza Access Broker
|
||||
catalog.cattle.io/release-name: datawiza-access-broker
|
||||
catalog.cattle.io/kube-version: '>=1.20-0'
|
||||
catalog.cattle.io/release-name: access-broker
|
||||
apiVersion: v2
|
||||
appVersion: 1.6.4
|
||||
appVersion: 1.8.0
|
||||
description: A distributed, lightweight, container-based Identity Aware proxy deployed
|
||||
close to your application via the sidecar or standalone mode.
|
||||
home: https://www.datawiza.com
|
||||
|
|
@ -13,10 +14,9 @@ keywords:
|
|||
- Identity Aware proxy
|
||||
- Zero Trust
|
||||
- Datawiza
|
||||
kubeVersion: '>= 1.20'
|
||||
maintainers:
|
||||
- email: weiyu@datawiza.com
|
||||
name: weiyu
|
||||
name: access-broker
|
||||
type: application
|
||||
version: 0.1.1
|
||||
version: 0.1.2
|
||||
|
|
|
|||
|
|
@ -0,0 +1,134 @@
|
|||
# Access Proxy Helm Chart
|
||||
|
||||
* Installs the Identity Aware proxy [Access Proxy](https://www.datawiza.com/access-broker)
|
||||
|
||||
## Get Repo Info
|
||||
|
||||
```sh
|
||||
helm repo add datawiza https://datawiza-inc.github.io/helm-charts/
|
||||
helm repo update
|
||||
```
|
||||
|
||||
## Installing the Chart
|
||||
|
||||
Please follow the [doc](https://docs.datawiza.com/step-by-step/step2.html) to create an application on the Datawiza Cloud Management Console (DCMC) to generate a pair of `PROVISIONING_KEY`, `PROVISIONING_SECRET`, and the command line to log in to our docker repo.
|
||||
|
||||
Use the command line to log in and create a Kubernetes Secret based on the Docker credentials. You can see [here](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/) for more details.
|
||||
|
||||
Then, create a yaml file named `example.yaml` based on these values:
|
||||
|
||||
```yaml
|
||||
PROVISIONING_KEY: replace-with-your-provisioning-key
|
||||
PROVISIONING_SECRET: replace-with-your-provisioning-key
|
||||
containerPort: replace-with-your-app-listen-port
|
||||
imagePullSecrets: replace-with-you-secret
|
||||
```
|
||||
|
||||
To install the chart with the release name `my-release` in the namespace `my-namespace`:
|
||||
|
||||
```console
|
||||
helm install my-release -f example.yaml datawiza/access-broker -n my-namespace
|
||||
```
|
||||
|
||||
## Uninstalling the Chart
|
||||
|
||||
To uninstall/delete the my-release deployment:
|
||||
|
||||
```console
|
||||
helm delete my-release
|
||||
```
|
||||
|
||||
The command removes all the Kubernetes components associated with the chart and deletes the release.
|
||||
|
||||
## Note
|
||||
|
||||
The DAP uses a Cookie to track user sessions and will store the session data on the `Server Side` (default) or the `Client Side`. In the k8s cluster, you need to add the sticky session config if you use the `Server Side` cookie. Or you need to change the `Session Option` (`Application` -> `Advanced` -> `Advanced Options`) in DCMC to `Client Side`.
|
||||
|
||||
## Examples
|
||||
|
||||
### Example with ingress
|
||||
|
||||
A very basic example using ingress is like this:
|
||||
|
||||
```yaml
|
||||
PROVISIONING_KEY: replace-with-your-provisioning-key
|
||||
PROVISIONING_SECRET: replace-with-your-provisioning-key
|
||||
containerPort: replace-with-your-listen-port
|
||||
imagePullSecrets: replace-with-you-secret
|
||||
service:
|
||||
type: ClusterIP
|
||||
port: replace-with-your-listen-port
|
||||
ingress:
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: replace-with-your-ingress-class
|
||||
className: ''
|
||||
enabled: true
|
||||
hosts:
|
||||
- host: replace-with-your-public-domain
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
```
|
||||
|
||||
#### AWS Load Balancer Controller
|
||||
|
||||
Follow the [Installation Guide](https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/deploy/installation/) to install the AWS Load Balancer Controller.
|
||||
|
||||
##### Sticky Session
|
||||
|
||||
Add needed annotations in the ingress block in DAP helm value.yaml file:
|
||||
|
||||
```yaml
|
||||
...
|
||||
annotations:
|
||||
alb.ingress.kubernetes.io/target-group-attributes: stickiness.enabled=true,stickiness.lb_cookie.duration_seconds=60
|
||||
alb.ingress.kubernetes.io/target-type: ip
|
||||
...
|
||||
```
|
||||
|
||||
You can go to [AWS doc](https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/guide/ingress/annotations/#target-group-attributes) to see more details.
|
||||
|
||||
##### TLS Termination
|
||||
|
||||
Add the `alb.ingress.kubernetes.io/certificate-arn: replace-with-your-cert-arn` in the ingress annotations. You can see more details [here](https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.2/guide/ingress/annotations/#ssl).
|
||||
|
||||
And in DCMC, you need to disable the SSL config.
|
||||
|
||||
#### Nginx Ingress Controller
|
||||
|
||||
Follow the [Installation Guide](https://kubernetes.github.io/ingress-nginx/deploy/) to install the Nginx Ingress Controller.
|
||||
|
||||
##### Sticky Session
|
||||
|
||||
Add needed annotations in the ingress block in DAP helm value.yaml file:
|
||||
|
||||
```yaml
|
||||
...
|
||||
annotations:
|
||||
nginx.ingress.kubernetes.io/affinity: "cookie"
|
||||
...
|
||||
```
|
||||
|
||||
Meanwhile, Nginx Ingress Controller provides more customized configurations for the sticky session. You can see more details [here](https://kubernetes.github.io/ingress-nginx/examples/affinity/cookie/).
|
||||
|
||||
##### TLS Termination
|
||||
|
||||
Create the TLS secret based on your cert and key:
|
||||
|
||||
```sh
|
||||
kubectl create secret tls tls-secret --key you-key --cert your-cert -n your-namespace
|
||||
|
||||
```
|
||||
|
||||
Add TLS block in ingress config:
|
||||
|
||||
```yaml
|
||||
...
|
||||
tls:
|
||||
- hosts:
|
||||
- your-public-domain
|
||||
secretName: tls-secret
|
||||
...
|
||||
```
|
||||
|
||||
And likewise, you need to disable the SSL config in DCMC.
|
||||
|
|
@ -0,0 +1,26 @@
|
|||
# Default values for access-broker.
|
||||
# This is a YAML-formatted file.
|
||||
# Declare variables to be passed into your templates.
|
||||
|
||||
replicaCount: 1
|
||||
|
||||
image:
|
||||
repository: registry.gitlab.com/datawiza/access-broker
|
||||
pullPolicy: IfNotPresent
|
||||
# Overrides the image tag whose default is the chart appVersion.
|
||||
tag: ""
|
||||
|
||||
containerPort: 9772
|
||||
|
||||
imagePullSecrets: "cred"
|
||||
nameOverride: ""
|
||||
fullnameOverride: ""
|
||||
|
||||
service:
|
||||
type: ClusterIP
|
||||
port: 9772
|
||||
targetPort: 9772
|
||||
annotations: {}
|
||||
|
||||
PROVISIONING_KEY: "test_provisioning_key"
|
||||
PROVISIONING_SECRET: "test_provisioning_secret"
|
||||
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue