diff --git a/assets/argo/argo-cd-5.16.2.tgz b/assets/argo/argo-cd-5.16.2.tgz new file mode 100644 index 000000000..f3f5fd643 Binary files /dev/null and b/assets/argo/argo-cd-5.16.2.tgz differ diff --git a/assets/asserts/asserts-1.17.0.tgz b/assets/asserts/asserts-1.17.0.tgz new file mode 100644 index 000000000..fef22872a Binary files /dev/null and b/assets/asserts/asserts-1.17.0.tgz differ diff --git a/assets/avesha/kubeslice-controller-0.4.3.tgz b/assets/avesha/kubeslice-controller-0.4.3.tgz new file mode 100644 index 000000000..a5d72fc79 Binary files /dev/null and b/assets/avesha/kubeslice-controller-0.4.3.tgz differ diff --git a/assets/avesha/kubeslice-worker-0.4.6.tgz b/assets/avesha/kubeslice-worker-0.4.6.tgz new file mode 100644 index 000000000..730c755ed Binary files /dev/null and b/assets/avesha/kubeslice-worker-0.4.6.tgz differ diff --git a/assets/bitnami/kafka-20.0.0.tgz b/assets/bitnami/kafka-20.0.0.tgz new file mode 100644 index 000000000..6c67221f5 Binary files /dev/null and b/assets/bitnami/kafka-20.0.0.tgz differ diff --git a/assets/bitnami/redis-17.3.14.tgz b/assets/bitnami/redis-17.3.14.tgz new file mode 100644 index 000000000..5ac830651 Binary files /dev/null and b/assets/bitnami/redis-17.3.14.tgz differ diff --git a/assets/bitnami/wordpress-15.2.18.tgz b/assets/bitnami/wordpress-15.2.18.tgz new file mode 100644 index 000000000..61688c937 Binary files /dev/null and b/assets/bitnami/wordpress-15.2.18.tgz differ diff --git a/assets/bitnami/zookeeper-11.0.0.tgz b/assets/bitnami/zookeeper-11.0.0.tgz new file mode 100644 index 000000000..989877291 Binary files /dev/null and b/assets/bitnami/zookeeper-11.0.0.tgz differ diff --git a/assets/citrix/citrix-cpx-with-ingress-controller-1.28.2.tgz b/assets/citrix/citrix-cpx-with-ingress-controller-1.28.2.tgz new file mode 100644 index 000000000..1fbf82d8c Binary files /dev/null and b/assets/citrix/citrix-cpx-with-ingress-controller-1.28.2.tgz differ diff --git a/assets/citrix/citrix-ingress-controller-1.28.2.tgz b/assets/citrix/citrix-ingress-controller-1.28.2.tgz new file mode 100644 index 000000000..466f10fea Binary files /dev/null and b/assets/citrix/citrix-ingress-controller-1.28.2.tgz differ diff --git a/assets/cockroach-labs/cockroachdb-10.0.0.tgz b/assets/cockroach-labs/cockroachdb-10.0.0.tgz new file mode 100644 index 000000000..6bf6ca427 Binary files /dev/null and b/assets/cockroach-labs/cockroachdb-10.0.0.tgz differ diff --git a/assets/codefresh/cf-runtime-1.8.0.tgz b/assets/codefresh/cf-runtime-1.8.0.tgz new file mode 100644 index 000000000..2a4e7b066 Binary files /dev/null and b/assets/codefresh/cf-runtime-1.8.0.tgz differ diff --git a/assets/datadog/datadog-3.5.1.tgz b/assets/datadog/datadog-3.5.1.tgz new file mode 100644 index 000000000..03c7c0f55 Binary files /dev/null and b/assets/datadog/datadog-3.5.1.tgz differ diff --git a/assets/gitlab/gitlab-6.6.2.tgz b/assets/gitlab/gitlab-6.6.2.tgz new file mode 100644 index 000000000..9395e1abb Binary files /dev/null and b/assets/gitlab/gitlab-6.6.2.tgz differ diff --git a/assets/jaeger/jaeger-operator-2.38.0.tgz b/assets/jaeger/jaeger-operator-2.38.0.tgz new file mode 100644 index 000000000..f0c86a259 Binary files /dev/null and b/assets/jaeger/jaeger-operator-2.38.0.tgz differ diff --git a/assets/jenkins/jenkins-4.2.17.tgz b/assets/jenkins/jenkins-4.2.17.tgz new file mode 100644 index 000000000..3016b2352 Binary files /dev/null and b/assets/jenkins/jenkins-4.2.17.tgz differ diff --git a/assets/kuma/kuma-2.0.1.tgz b/assets/kuma/kuma-2.0.1.tgz new file mode 100644 index 000000000..1c5d9e5ab Binary files /dev/null and b/assets/kuma/kuma-2.0.1.tgz differ diff --git a/assets/minio/minio-operator-4.5.5.tgz b/assets/minio/minio-operator-4.5.5.tgz new file mode 100644 index 000000000..5e5cd55b7 Binary files /dev/null and b/assets/minio/minio-operator-4.5.5.tgz differ diff --git a/assets/redpanda/redpanda-2.3.14.tgz b/assets/redpanda/redpanda-2.3.14.tgz new file mode 100644 index 000000000..a2487cd63 Binary files /dev/null and b/assets/redpanda/redpanda-2.3.14.tgz differ diff --git a/assets/speedscale/speedscale-operator-1.2.6.tgz b/assets/speedscale/speedscale-operator-1.2.6.tgz new file mode 100644 index 000000000..b62b2de85 Binary files /dev/null and b/assets/speedscale/speedscale-operator-1.2.6.tgz differ diff --git a/assets/sysdig/sysdig-1.15.60.tgz b/assets/sysdig/sysdig-1.15.60.tgz new file mode 100644 index 000000000..d0148966b Binary files /dev/null and b/assets/sysdig/sysdig-1.15.60.tgz differ diff --git a/assets/traefik/traefik-20.7.0.tgz b/assets/traefik/traefik-20.7.0.tgz new file mode 100644 index 000000000..7ecad6dc8 Binary files /dev/null and b/assets/traefik/traefik-20.7.0.tgz differ diff --git a/charts/argo/argo-cd/Chart.yaml b/charts/argo/argo-cd/Chart.yaml index ec55a40ba..c141c5dff 100644 --- a/charts/argo/argo-cd/Chart.yaml +++ b/charts/argo/argo-cd/Chart.yaml @@ -1,14 +1,12 @@ annotations: artifacthub.io/changes: | - - "[Fixed]: Set aggregate roles only for using resources" - - "[Added]: Add argocdextensions to aggregate roles" - - "[Fixed]: Fix typo of notification.bots.slack.image in values" + - "[Changed]: Update ArgoCD to v2.5.4" catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Argo CD catalog.cattle.io/kube-version: '>=1.22.0-0' catalog.cattle.io/release-name: argo-cd apiVersion: v2 -appVersion: v2.5.3 +appVersion: v2.5.4 dependencies: - condition: redis-ha.enabled name: redis-ha @@ -30,4 +28,4 @@ name: argo-cd sources: - https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd - https://github.com/argoproj/argo-cd -version: 5.16.1 +version: 5.16.2 diff --git a/charts/asserts/asserts/Chart.yaml b/charts/asserts/asserts/Chart.yaml index a157d0503..093330a34 100644 --- a/charts/asserts/asserts/Chart.yaml +++ b/charts/asserts/asserts/Chart.yaml @@ -53,4 +53,4 @@ maintainers: url: https://github.com/asserts name: asserts type: application -version: 1.16.0 +version: 1.17.0 diff --git a/charts/asserts/asserts/templates/authorization/_helpers.tpl b/charts/asserts/asserts/templates/authorization/_helpers.tpl new file mode 100644 index 000000000..c87c98cd1 --- /dev/null +++ b/charts/asserts/asserts/templates/authorization/_helpers.tpl @@ -0,0 +1,37 @@ +{{/* +authorization name +*/}} +{{- define "asserts.authorizationName" -}} +{{- if .Values.authorization.nameOverride -}} +{{- .Values.authorization.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{ include "asserts.name" . }}-authorization +{{- end -}} +{{- end -}} + +{{/* +authorization fullname +*/}} +{{- define "asserts.authorizationFullname" -}} +{{- if .Values.authorization.fullnameOverride -}} +{{- .Values.authorization.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{ include "asserts.fullname" . }}-authorization +{{- end -}} +{{- end -}} + +{{/* +authorization common labels +*/}} +{{- define "asserts.authorizationLabels" -}} +{{ include "asserts.labels" . }} +app.kubernetes.io/component: authorization +{{- end }} + +{{/* +authorization selector labels +*/}} +{{- define "asserts.authorizationSelectorLabels" -}} +{{ include "asserts.selectorLabels" . }} +app.kubernetes.io/component: authorization +{{- end }} diff --git a/charts/asserts/asserts/templates/authorization/configmap.yaml b/charts/asserts/asserts/templates/authorization/configmap.yaml new file mode 100644 index 000000000..c1dc1d605 --- /dev/null +++ b/charts/asserts/asserts/templates/authorization/configmap.yaml @@ -0,0 +1,127 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "asserts.authorizationFullname" . }} + labels: {{- include "asserts.authorizationLabels" . | nindent 4 }} + {{- with .Values.extraLabels }} + {{- toYaml . | nindent 4 -}} + {{- end }} + {{- if .Values.annotations }} + annotations: + {{- toYaml .Values.annotations | nindent 4 -}} + {{- end }} +data: + application.yml: |- + server: + port: {{.Values.authorization.service.port}} + max-http-header-size: 32KB + servlet: + context-path: "/authorization" + + management: + endpoint: + health: + show-details: when-authorized + info: + enabled: true + prometheus: + enabled: true + endpoints: + web: + exposure: + include: info, health, prometheus + + logging: + level: + root: INFO + pattern: + console: '%-5p %d{ISO8601,UTC} %t %c{0} %mdc%n %m%n%rEx' + + tenant: + cache_seconds: 5 + mode: config + cluster: + tenant: + selector: config + + asserts: + identityprovider: + tenant: {{ include "asserts.tenant" . }} + standalone: + tenant: + enabled: 'true' + name: Asserts Bootstrap + grafana: + admin_password: "${GRAFANA_ADMIN_PASSWORD}" + orgId: '1' + dataSource: Prometheus + password: "${GRAFANA_ADMIN_PASSWORD}" + username: admin + url: http://{{.Release.Name}}-grafana.{{include "domain" .}}:{{.Values.grafana.service.port}} + admin_username: admin + tsdb: + tsdbUrl: http://{{.Release.Name}}-promxyruler.{{include "domain" .}}:8082 + password: '' + username: '' + accountId: '' + graph: + server: {{.Values.redisgraph.fullnameOverride}}-master.{{include "domain" .}} + port: '6379' + sentinel_mode: {{ ternary "'1'" "'0'" (.Values.redisgraph.sentinel.enabled)}} + master_name: mymaster + sentinels: {{ include "asserts.graphSentinelHosts" . }} + search: + server: {{.Values.redisearch.fullnameOverride}}-master.{{include "domain" .}} + port: '6379' + sentinel_mode: {{ ternary "'1'" "'0'" (.Values.redisearch.sentinel.enabled)}} + master_name: mymaster + sentinels: {{ include "asserts.searchSentinelHosts" . }} + tsdb: + url: http://{{.Release.Name}}-tsdb-server.{{include "domain" .}}:8428 + oauth2: + cookie: + domain: "" + secure: {{ .Values.global.secureCookie }} + security: + hmac: + currentSymmetricKey: muS5uSK2ZjexXhbaqNm18ktqaCAICI51 + assertsReadOnlyRoleName: ASSERTS + oauth2: + internal: + enabled: false + store: + owner: + datasource: + hikari: + maximum-pool-size: 1 + url: jdbc:postgresql://{{.Values.postgres.fullnameOverride}}.{{include "domain" .}}:5432/asserts + username: postgres + password: ${POSTGRES_RDB_PASSWORD} + user: + datasource: + url: ${store.owner.datasource.url} + username: tenant_user + password: ${POSTGRES_RDB_PASSWORD} + + spring: + jackson: + # exclude nulls from api responses + default-property-inclusion: NON_NULL + jpa: + database: POSTGRESQL + open-in-view: false + properties: + hibernate: + dialect: org.hibernate.dialect.PostgreSQL92Dialect + physical_naming_strategy: org.springframework.boot.orm.jpa.hibernate.SpringPhysicalNamingStrategy + implicit_naming_strategy: org.springframework.boot.orm.jpa.hibernate.SpringImplicitNamingStrategy + liquibase: + enabled: true + changeLog: classpath:/db/changelog/db.changelog-master.yaml + parameters: + database: asserts + schema: public + username: ${store.user.datasource.username} + password: ${store.user.datasource.password} + bootstrap_enabled: "true" + diff --git a/charts/asserts/asserts/templates/authorization/deployment.yaml b/charts/asserts/asserts/templates/authorization/deployment.yaml new file mode 100644 index 000000000..a8fa086bc --- /dev/null +++ b/charts/asserts/asserts/templates/authorization/deployment.yaml @@ -0,0 +1,86 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "asserts.authorizationFullname" . }} + labels: {{- include "asserts.authorizationSelectorLabels" . | nindent 4 }} + {{- with .Values.authorization.extraLabels }} + {{- toYaml . | nindent 4 -}} + {{- end }} + {{- if .Values.authorization.annotations }} + annotations: + {{- toYaml . | nindent 4 -}} + {{- end }} +spec: + replicas: {{ .Values.authorization.replicaCount }} + selector: + matchLabels: {{- include "asserts.authorizationSelectorLabels" . | nindent 6 }} + template: + metadata: + labels: {{- include "asserts.authorizationLabels" . | nindent 8 }} + {{- with .Values.authorization.extraPodLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + annotations: + checksum/configmap: {{ include (print $.Template.BasePath "/authorization/configmap.yaml") . | sha256sum }} + {{- with .Values.authorization.extraPodAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- with .Values.authorization.imagePullSecrets }} + imagePullSecrets: {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "asserts.serviceAccountName" . }} + {{- if .Values.authorization.initContainers }} + initContainers: {{ include "common.tplvalues.render" ( dict "value" .Values.authorization.initContainers "context" $) | nindent 8 }} + {{- end }} + containers: + - name: {{ include "asserts.authorizationFullname" . }} + image: "{{ .Values.authorization.image.repository }}:{{ .Values.authorization.image.tag }}" + imagePullPolicy: {{ .Values.authorization.image.pullPolicy }} + env: + # set POSTGRES_RDB_PASSWORD generated from + # postgres subchart for consumption by the Asserts authorization server + - name: POSTGRES_RDB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Values.postgres.fullnameOverride }} + key: postgres-password + optional: false + {{- with .Values.authorization.extraEnv }} + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.authorization.extraEnvFrom }} + envFrom: {{- toYaml . | nindent 12 }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.authorization.service.port }} + resources: {{- toYaml .Values.authorization.resources | nindent 12 }} + volumeMounts: + - name: config + mountPath: /opt/asserts/authorization/conf/application.yml + subPath: application.yml + readOnly: true + {{- with .Values.authorization.extraVolumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.authorization.nodeSelector }} + nodeSelector: {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.authorization.affinity }} + affinity: {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.authorization.tolerations }} + tolerations: {{- toYaml . | nindent 8 }} + {{- end }} + + volumes: + - name: config + configMap: + name: {{ include "asserts.authorizationFullname" . }} + items: + - key: application.yml + path: application.yml + {{- with .Values.authorization.extraVolumes }} + {{- toYaml . | nindent 8 }} + {{- end }} \ No newline at end of file diff --git a/charts/asserts/asserts/templates/authorization/service.yaml b/charts/asserts/asserts/templates/authorization/service.yaml new file mode 100644 index 000000000..93c70fb64 --- /dev/null +++ b/charts/asserts/asserts/templates/authorization/service.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "asserts.authorizationFullname" . }} + labels: {{- include "asserts.authorizationLabels" . | nindent 4 }} + {{- with .Values.authorization.extraLabels }} + {{- toYaml . | nindent 4 -}} + {{- end }} + {{- if .Values.authorization.annotations }} + annotations: + {{- toYaml .Values.authorization.annotations | nindent 4 -}} + {{- end }} +spec: + type: {{ .Values.authorization.service.type }} + ports: + - port: {{ .Values.authorization.service.port }} + targetPort: {{ .Values.authorization.service.port }} + protocol: TCP + name: http + selector: {{- include "asserts.authorizationSelectorLabels" . | nindent 4 }} diff --git a/charts/asserts/asserts/templates/config/tsdb-scrape-configmap.yaml b/charts/asserts/asserts/templates/config/tsdb-scrape-configmap.yaml index ceb623cea..d8268e65d 100644 --- a/charts/asserts/asserts/templates/config/tsdb-scrape-configmap.yaml +++ b/charts/asserts/asserts/templates/config/tsdb-scrape-configmap.yaml @@ -227,6 +227,109 @@ data: action: replace {{- end }} + - job_name: {{ .Release.Name }}-authorization + kubernetes_sd_configs: + - namespaces: + names: + - {{ .Release.Namespace }} + role: endpoints + honor_timestamps: true + metrics_path: /authorization/actuator/prometheus + relabel_configs: + - source_labels: [__meta_kubernetes_service_label_app_kubernetes_io_name] + separator: ; + regex: asserts + replacement: $1 + action: keep + - source_labels: [__meta_kubernetes_service_label_app_kubernetes_io_instance] + separator: ; + regex: {{ .Release.Name }} + replacement: $1 + action: keep + - source_labels: [__meta_kubernetes_service_label_app_kubernetes_io_component] + separator: ; + regex: authorization + replacement: $1 + action: keep + - source_labels: [__meta_kubernetes_endpoint_port_name] + separator: ; + regex: http + replacement: $1 + action: keep + - source_labels: [__meta_kubernetes_endpoint_address_target_kind, __meta_kubernetes_endpoint_address_target_name] + separator: ; + regex: Node;(.*) + target_label: node + replacement: ${1} + action: replace + - source_labels: [__meta_kubernetes_endpoint_address_target_kind, __meta_kubernetes_endpoint_address_target_name] + separator: ; + regex: Pod;(.*) + target_label: pod + replacement: ${1} + action: replace + - source_labels: [__meta_kubernetes_namespace] + separator: ; + regex: (.*) + target_label: namespace + replacement: $1 + action: replace + - source_labels: [__meta_kubernetes_service_name] + separator: ; + regex: (.*) + target_label: service + replacement: $1 + action: replace + - source_labels: [__meta_kubernetes_pod_name] + separator: ; + regex: (.*) + target_label: pod + replacement: $1 + action: replace + - source_labels: [__meta_kubernetes_pod_container_name] + separator: ; + regex: (.*) + target_label: container + replacement: $1 + action: replace + - source_labels: [__meta_kubernetes_service_name] + separator: ; + regex: (.*) + target_label: job + replacement: ${1} + action: replace + - separator: ; + regex: (.*) + target_label: endpoint + replacement: http + action: replace + - separator: ; + regex: (.*) + target_label: endpoint + replacement: http + action: replace + # add tenant, asserts_env, & asserts_site + # to all remaining values metrics if applicable + - separator: ; + regex: (.*) + target_label: tenant + replacement: {{ include "asserts.tenant" . }} + action: replace + {{- if .Values.assertsClusterEnv }} + - separator: ; + regex: (.*) + target_label: asserts_env + replacement: {{ .Values.assertsClusterEnv }} + action: replace + {{- end }} + {{- if .Values.assertsClusterSite }} + - separator: ; + regex: (.*) + target_label: asserts_site + replacement: {{ .Values.assertsClusterSite }} + action: replace + {{- end }} + - job_name: {{ .Release.Name }}-tsdb-server kubernetes_sd_configs: - namespaces: diff --git a/charts/asserts/asserts/templates/server/configmap.yaml b/charts/asserts/asserts/templates/server/configmap.yaml index d2471d6a8..a9732bc82 100644 --- a/charts/asserts/asserts/templates/server/configmap.yaml +++ b/charts/asserts/asserts/templates/server/configmap.yaml @@ -166,11 +166,12 @@ data: url: http://{{.Release.Name}}-tsdb-server.{{include "domain" .}}:8428 oauth2: cookie: - domain: localhost - secure: false + domain: "" + secure: {{ .Values.global.secureCookie }} security: hmac: currentSymmetricKey: muS5uSK2ZjexXhbaqNm18ktqaCAICI51 + assertsReadOnlyRoleName: ASSERTS oauth2: internal: enabled: false @@ -327,7 +328,7 @@ data: bootstrap_enabled: "true" springdoc: - pathsToMatch: "/v*/**" + pathsToMatch: "/v*/**" prometheus: client: diff --git a/charts/asserts/asserts/templates/server/statefulset.yaml b/charts/asserts/asserts/templates/server/statefulset.yaml index 0b55a2c93..dfae2660e 100644 --- a/charts/asserts/asserts/templates/server/statefulset.yaml +++ b/charts/asserts/asserts/templates/server/statefulset.yaml @@ -11,7 +11,7 @@ metadata: {{- toYaml . | nindent 4 -}} {{- end }} spec: - replicas: 1 + replicas: {{ .Values.server.replicaCount }} selector: matchLabels: {{- include "asserts.serverSelectorLabels" . | nindent 6 }} serviceName: {{ include "asserts.serverFullname" . }} @@ -37,7 +37,7 @@ spec: {{- end }} containers: - name: server - image: "{{ .Values.server.image.repository }}:{{ .Values.server.image.tag | default .Chart.AppVersion }}" + image: "{{ .Values.server.image.repository }}:{{ .Values.server.image.tag }}" imagePullPolicy: {{ .Values.server.image.pullPolicy | quote }} env: # set POSTGRES_RDB_PASSWORD generated from diff --git a/charts/asserts/asserts/templates/ui/configmap.yaml b/charts/asserts/asserts/templates/ui/configmap.yaml index 1f326faf8..1bca0f2d5 100644 --- a/charts/asserts/asserts/templates/ui/configmap.yaml +++ b/charts/asserts/asserts/templates/ui/configmap.yaml @@ -16,11 +16,24 @@ data: proxy_set_header X-Asserts-Tenant '{{ include "asserts.tenant" . }}'; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; - proxy_set_header Host localhost:8030; + proxy_set_header Host localhost:{{ .Values.server.service.port }}; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Original-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; - proxy_pass http://{{ .Release.Name }}-server.{{ include "domain" . }}:8030; + proxy_pass http://{{ .Release.Name }}-server.{{ include "domain" . }}:{{ .Values.server.service.port }}; + proxy_buffering off; + } + location /authorization { + proxy_http_version 1.1; + proxy_cache_bypass $http_upgrade; + proxy_set_header X-Asserts-Tenant '{{ include "asserts.tenant" . }}'; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host localhost:{{ .Values.authorization.service.port }}; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Original-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://{{ .Release.Name }}-authorization.{{ include "domain" . }}:{{ .Values.authorization.service.port }}; proxy_buffering off; } error_page 500 502 503 504 /50x.html; diff --git a/charts/asserts/asserts/templates/ui/deployment.yaml b/charts/asserts/asserts/templates/ui/deployment.yaml index c6b7358f7..9699abad4 100644 --- a/charts/asserts/asserts/templates/ui/deployment.yaml +++ b/charts/asserts/asserts/templates/ui/deployment.yaml @@ -32,7 +32,7 @@ spec: {{- toYaml . | nindent 12 }} {{- end }} - image: "{{ .Values.ui.image.repository }}:{{ .Values.ui.image.tag | default .Chart.AppVersion }}" + image: "{{ .Values.ui.image.repository }}:{{ .Values.ui.image.tag }}" imagePullPolicy: {{ .Values.ui.image.pullPolicy }} volumeMounts: diff --git a/charts/asserts/asserts/values.yaml b/charts/asserts/asserts/values.yaml index c5d687b5b..120faab4c 100644 --- a/charts/asserts/asserts/values.yaml +++ b/charts/asserts/asserts/values.yaml @@ -3,9 +3,11 @@ ## This will override any available parameters in this chart ## as well as dependent charts ## -## Current available global parameters: storageClass +## Current available global parameters: storageClass, secureCookie global: storageClass: "" + # set to true if oauth is configured on Asserts and exclusively using https + secureCookie: false nameOverride: "" fullnameOverride: "" @@ -50,6 +52,12 @@ serviceMonitor: - sourceLabels: [job] regex: "{{.Release.Name}}-server" action: keep + - port: http + path: /authorization/actuator/prometheus + relabelings: + - sourceLabels: [job] + regex: "{{.Release.Name}}-authorization" + action: keep - port: http path: /metrics relabelings: @@ -126,6 +134,8 @@ server: nameOverride: "" fullnameOverride: "" + replicaCount: 1 + image: repository: asserts/asserts-server pullPolicy: IfNotPresent @@ -205,6 +215,64 @@ server: ## When set, will use the existing PVC for persistence existingClaim: "" +## Asserts authorization server configuration +## +authorization: + nameOverride: "" + fullnameOverride: "" + + replicaCount: 1 + + image: + repository: asserts/authorization + pullPolicy: IfNotPresent + ## Overrides the image tag whose default is the chart appVersion. + tag: v0.2.415 + + initContainers: + - name: wait-for-postgres + image: asserts/wait-for:v2.2.3 + imagePullPolicy: IfNotPresent + args: + - "{{.Values.postgres.fullnameOverride}}.{{.Release.Namespace}}.{{.Values.clusterDomain}}:5432" + - "-t" + - "420" + + imagePullSecrets: [] + + updateStrategy: + type: RollingUpdate + rollingUpdate: {} + + service: + type: ClusterIP + port: 8070 + + resources: {} + + ## environment variables to add to the asserts-server pod + extraEnv: [] + + ## environment variables from secrets or configmaps to add to the asserts-server pod + extraEnvFrom: [] + + annotations: {} + + extraLabels: {} + + extraPodLabels: {} + + extraPodAnnotations: {} + + nodeSelector: {} + + tolerations: [] + + affinity: {} + + extraVolumeMounts: [] + + extraVolumes: [] ## Asserts ui configuration ## @@ -212,6 +280,8 @@ ui: nameOverride: "" fullnameOverride: "" + replicaCount: 1 + image: repository: asserts/asserts-ui pullPolicy: IfNotPresent diff --git a/charts/avesha/kubeslice-controller/Chart.yaml b/charts/avesha/kubeslice-controller/Chart.yaml index af611fc65..5f3114572 100644 --- a/charts/avesha/kubeslice-controller/Chart.yaml +++ b/charts/avesha/kubeslice-controller/Chart.yaml @@ -32,4 +32,4 @@ keywords: kubeVersion: '>= 1.19' name: kubeslice-controller type: application -version: 0.4.2 +version: 0.4.3 diff --git a/charts/avesha/kubeslice-controller/app-readme.md b/charts/avesha/kubeslice-controller/app-readme.md index fe30bd8d2..bac6bbeab 100644 --- a/charts/avesha/kubeslice-controller/app-readme.md +++ b/charts/avesha/kubeslice-controller/app-readme.md @@ -22,7 +22,7 @@ This chart installs the following: - KubeSlice Manager - Kubeslice dashboard for user interactions. -📖 For step-by-step instructions, go to [documentation](https://docs.avesha.io/documentation/enterprise/0.1.0/deployment-partners/deploying-kubeslice-on-rancher/). +📖 For step-by-step instructions, go to [documentation](https://docs.avesha.io/documentation/enterprise/0.2.0/deployment-partners/deploying-kubeslice-on-rancher/). This chart will install our enterprise edition of KubeSlice. diff --git a/charts/avesha/kubeslice-controller/values.yaml b/charts/avesha/kubeslice-controller/values.yaml index df60ee370..e1143dc5f 100644 --- a/charts/avesha/kubeslice-controller/values.yaml +++ b/charts/avesha/kubeslice-controller/values.yaml @@ -12,13 +12,13 @@ kubeslice: tag: 0.2.0 pullPolicy: IfNotPresent ovpnJob: - image: aveshadev/gateway-certs-generator - tag: 0.1.5-SNAPSHOT-26aa6173 + image: aveshasystems/gateway-certs-generator + tag: 0.1.5 # Kubeslice UI settings ui: image: aveshasystems/kubeslice-ui-ent - tag: 0.2.0 + tag: 0.2.3 pullPolicy: IfNotPresent dashboard: image: aveshasystems/kubeslice-kubernetes-dashboard @@ -39,4 +39,4 @@ imagePullSecrets: repository: https://index.docker.io/v1/ username: password: - email: \ No newline at end of file + email: diff --git a/charts/avesha/kubeslice-worker/Chart.yaml b/charts/avesha/kubeslice-worker/Chart.yaml index 8d49c380e..d77b8a9b9 100644 --- a/charts/avesha/kubeslice-worker/Chart.yaml +++ b/charts/avesha/kubeslice-worker/Chart.yaml @@ -5,7 +5,7 @@ annotations: catalog.cattle.io/namespace: kubeslice-system catalog.cattle.io/release-name: kubeslice-worker apiVersion: v2 -appVersion: 0.2.3 +appVersion: 0.2.1 description: A Helm chart for Kubeslice Worker Operator icon: https://kubeslice.io/documentation/open-source/img/kubeslice-logo.svg keywords: @@ -32,4 +32,4 @@ keywords: kubeVersion: '>= 1.19' name: kubeslice-worker type: application -version: 0.4.5 +version: 0.4.6 diff --git a/charts/avesha/kubeslice-worker/values.yaml b/charts/avesha/kubeslice-worker/values.yaml index 20a3dda62..dfd8197e6 100644 --- a/charts/avesha/kubeslice-worker/values.yaml +++ b/charts/avesha/kubeslice-worker/values.yaml @@ -1,6 +1,6 @@ operator: - image: aveshadev/worker-operator - tag: 0.10.0-SNAPSHOT-e17d9350 + image: docker.io/aveshasystems/worker-operator-ent + tag: 0.2.1 pullPolicy: IfNotPresent logLevel: INFO @@ -27,7 +27,7 @@ routerSidecar: pullPolicy: IfNotPresent netop: - networkInterface: + networkInterface: image: docker.io/aveshasystems/netops-ent tag: 0.1.0 pullPolicy: IfNotPresent diff --git a/charts/bitnami/kafka/Chart.lock b/charts/bitnami/kafka/Chart.lock index cc08a0025..ee17ebacc 100644 --- a/charts/bitnami/kafka/Chart.lock +++ b/charts/bitnami/kafka/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: zookeeper repository: https://charts.bitnami.com/bitnami - version: 10.2.5 + version: 11.0.0 - name: common repository: https://charts.bitnami.com/bitnami version: 2.2.1 -digest: sha256:a7b6919993123d2aa5fac072d980523e4e3eee61ae8a236f321c2d205921911a -generated: "2022-11-30T07:44:11.034596899Z" +digest: sha256:80c409365c99c5b2953b4f40f9ed47d4e41ca8407df5569ef82c9e5fdf3546ce +generated: "2022-12-06T10:41:37.745302+01:00" diff --git a/charts/bitnami/kafka/Chart.yaml b/charts/bitnami/kafka/Chart.yaml index c6e683369..f46d0814c 100644 --- a/charts/bitnami/kafka/Chart.yaml +++ b/charts/bitnami/kafka/Chart.yaml @@ -10,7 +10,7 @@ dependencies: - condition: zookeeper.enabled name: zookeeper repository: file://./charts/zookeeper - version: 10.x.x + version: 11.x.x - name: common repository: file://./charts/common tags: @@ -34,4 +34,4 @@ name: kafka sources: - https://github.com/bitnami/containers/tree/main/bitnami/kafka - https://kafka.apache.org/ -version: 19.1.5 +version: 20.0.0 diff --git a/charts/bitnami/kafka/README.md b/charts/bitnami/kafka/README.md index 447479c6a..e1b1c605a 100644 --- a/charts/bitnami/kafka/README.md +++ b/charts/bitnami/kafka/README.md @@ -7,7 +7,7 @@ Apache Kafka is a distributed streaming platform designed to build real-time pip [Overview of Apache Kafka](http://kafka.apache.org/) Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement. - + ## TL;DR ```console @@ -621,7 +621,7 @@ allowEveryoneIfNoAclFound=false superUsers=User:admin ``` -If you are using Kafka ACLs, you might encounter in kafka-authorizer.log the following event: `[...] Principal = User:ANONYMOUS is Allowed Operation [...]`. +If you are using Kafka ACLs, you might encounter in kafka-authorizer.log the following event: `[...] Principal = User:ANONYMOUS is Allowed Operation [...]`. By setting the following parameter: `auth.clientProtocol=mtls`, it will set the configuration in Kafka to `ssl.client.auth=required`. This option will require the clients to authenticate to Kafka brokers. @@ -851,6 +851,10 @@ Find more information about how to deal with common errors related to Bitnami's ## Upgrading +### To 20.0.0 + +This major updates the Zookeeper subchart to it newest major, 11.0.0. For more information on this subchart's major, please refer to [zookeeper upgrade notes](https://github.com/bitnami/charts/tree/main/bitnami/zookeeper#to-1100). + ### To 19.0.0 This major updates Kafka to its newest version, 3.3.x. For more information, please refer to [kafka upgrade notes](https://kafka.apache.org/33/documentation.html#upgrade). diff --git a/charts/bitnami/kafka/charts/zookeeper/Chart.yaml b/charts/bitnami/kafka/charts/zookeeper/Chart.yaml index c5fbb174c..ad20b0f49 100644 --- a/charts/bitnami/kafka/charts/zookeeper/Chart.yaml +++ b/charts/bitnami/kafka/charts/zookeeper/Chart.yaml @@ -21,4 +21,4 @@ name: zookeeper sources: - https://github.com/bitnami/containers/tree/main/bitnami/zookeeper - https://zookeeper.apache.org/ -version: 10.2.5 +version: 11.0.0 diff --git a/charts/bitnami/kafka/charts/zookeeper/README.md b/charts/bitnami/kafka/charts/zookeeper/README.md index 540208e40..013cba8af 100644 --- a/charts/bitnami/kafka/charts/zookeeper/README.md +++ b/charts/bitnami/kafka/charts/zookeeper/README.md @@ -7,7 +7,7 @@ Apache ZooKeeper provides a reliable, centralized register of configuration data [Overview of Apache ZooKeeper](https://zookeeper.apache.org) Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement. - + ## TL;DR ```console @@ -240,6 +240,7 @@ The command removes all the Kubernetes components associated with the chart and | `persistence.accessModes` | PVC Access modes | `["ReadWriteOnce"]` | | `persistence.size` | PVC Storage Request for ZooKeeper data volume | `8Gi` | | `persistence.annotations` | Annotations for the PVC | `{}` | +| `persistence.labels` | Labels for the PVC | `{}` | | `persistence.selector` | Selector to match an existing Persistent Volume for ZooKeeper's data PVC | `{}` | | `persistence.dataLogDir.size` | PVC Storage Request for ZooKeeper's dedicated data log directory | `8Gi` | | `persistence.dataLogDir.existingClaim` | Provide an existing `PersistentVolumeClaim` for ZooKeeper's data log directory | `""` | @@ -524,4 +525,4 @@ Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and -limitations under the License. \ No newline at end of file +limitations under the License. diff --git a/charts/bitnami/kafka/charts/zookeeper/templates/statefulset.yaml b/charts/bitnami/kafka/charts/zookeeper/templates/statefulset.yaml index a44d17c74..025d3630b 100644 --- a/charts/bitnami/kafka/charts/zookeeper/templates/statefulset.yaml +++ b/charts/bitnami/kafka/charts/zookeeper/templates/statefulset.yaml @@ -488,16 +488,11 @@ spec: {{- if not .Values.persistence.existingClaim }} - metadata: name: data - annotations: - {{- range $key, $value := .Values.persistence.annotations }} - {{ $key }}: {{ $value }} + {{- if .Values.persistence.annotations }} + annotations: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.annotations "context" $) | nindent 10 }} {{- end }} - {{- if .Values.commonAnnotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 10 }} - {{- end }} - {{- if .Values.commonLabels }} - labels: - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 10 }} + {{- if .Values.persistence.labels }} + labels: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.labels "context" $) | nindent 10 }} {{- end }} spec: accessModes: @@ -515,16 +510,11 @@ spec: {{- if and (not .Values.persistence.dataLogDir.existingClaim) .Values.dataLogDir }} - metadata: name: data-log - annotations: - {{- range $key, $value := .Values.persistence.annotations }} - {{ $key }}: {{ $value }} + {{- if .Values.persistence.annotations }} + annotations: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.annotations "context" $) | nindent 10 }} {{- end }} - {{- if .Values.commonAnnotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 10 }} - {{- end }} - {{- if .Values.commonLabels }} - labels: - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 10 }} + {{- if .Values.persistence.labels }} + labels: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.labels "context" $) | nindent 10 }} {{- end }} spec: accessModes: diff --git a/charts/bitnami/kafka/charts/zookeeper/values.yaml b/charts/bitnami/kafka/charts/zookeeper/values.yaml index 89420a3da..37bab7420 100644 --- a/charts/bitnami/kafka/charts/zookeeper/values.yaml +++ b/charts/bitnami/kafka/charts/zookeeper/values.yaml @@ -607,6 +607,9 @@ persistence: ## @param persistence.annotations Annotations for the PVC ## annotations: {} + ## @param persistence.labels Labels for the PVC + ## + labels: {} ## @param persistence.selector Selector to match an existing Persistent Volume for ZooKeeper's data PVC ## If set, the PVC can't have a PV dynamically provisioned for it ## E.g. diff --git a/charts/bitnami/redis/Chart.lock b/charts/bitnami/redis/Chart.lock index ac00fcaf7..e3a4811b0 100644 --- a/charts/bitnami/redis/Chart.lock +++ b/charts/bitnami/redis/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: common repository: https://charts.bitnami.com/bitnami - version: 2.1.2 -digest: sha256:1c365a4551a2f4098e9584dc176b289c10437c679c7c3e2ec6153cabf863e1a4 -generated: "2022-11-03T05:41:14.817736977Z" + version: 2.2.1 +digest: sha256:6c67cfa9945bf608209d4e2ca8f17079fca4770907c7902d984187ab5b21811e +generated: "2022-12-03T09:54:47.520083528Z" diff --git a/charts/bitnami/redis/Chart.yaml b/charts/bitnami/redis/Chart.yaml index dfcdb3442..354a6c2fd 100644 --- a/charts/bitnami/redis/Chart.yaml +++ b/charts/bitnami/redis/Chart.yaml @@ -27,4 +27,4 @@ maintainers: name: redis sources: - https://github.com/bitnami/containers/tree/main/bitnami/redis -version: 17.3.13 +version: 17.3.14 diff --git a/charts/bitnami/redis/README.md b/charts/bitnami/redis/README.md index 90126b251..130c77437 100644 --- a/charts/bitnami/redis/README.md +++ b/charts/bitnami/redis/README.md @@ -99,7 +99,7 @@ The command removes all the Kubernetes components associated with the chart and | ------------------- | ---------------------------------------------------------------------------------------------------------- | --------------------- | | `image.registry` | Redis® image registry | `docker.io` | | `image.repository` | Redis® image repository | `bitnami/redis` | -| `image.tag` | Redis® image tag (immutable tags are recommended) | `7.0.5-debian-11-r15` | +| `image.tag` | Redis® image tag (immutable tags are recommended) | `7.0.5-debian-11-r25` | | `image.digest` | Redis® image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | Redis® image pull policy | `IfNotPresent` | | `image.pullSecrets` | Redis® image pull secrets | `[]` | @@ -334,7 +334,7 @@ The command removes all the Kubernetes components associated with the chart and | `sentinel.enabled` | Use Redis® Sentinel on Redis® pods. | `false` | | `sentinel.image.registry` | Redis® Sentinel image registry | `docker.io` | | `sentinel.image.repository` | Redis® Sentinel image repository | `bitnami/redis-sentinel` | -| `sentinel.image.tag` | Redis® Sentinel image tag (immutable tags are recommended) | `7.0.5-debian-11-r14` | +| `sentinel.image.tag` | Redis® Sentinel image tag (immutable tags are recommended) | `7.0.5-debian-11-r24` | | `sentinel.image.digest` | Redis® Sentinel image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `sentinel.image.pullPolicy` | Redis® Sentinel image pull policy | `IfNotPresent` | | `sentinel.image.pullSecrets` | Redis® Sentinel image pull secrets | `[]` | @@ -448,7 +448,7 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.enabled` | Start a sidecar prometheus exporter to expose Redis® metrics | `false` | | `metrics.image.registry` | Redis® Exporter image registry | `docker.io` | | `metrics.image.repository` | Redis® Exporter image repository | `bitnami/redis-exporter` | -| `metrics.image.tag` | Redis® Exporter image tag (immutable tags are recommended) | `1.45.0-debian-11-r1` | +| `metrics.image.tag` | Redis® Exporter image tag (immutable tags are recommended) | `1.45.0-debian-11-r11` | | `metrics.image.digest` | Redis® Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.pullPolicy` | Redis® Exporter image pull policy | `IfNotPresent` | | `metrics.image.pullSecrets` | Redis® Exporter image pull secrets | `[]` | @@ -493,7 +493,7 @@ The command removes all the Kubernetes components associated with the chart and | `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | | `volumePermissions.image.registry` | Bitnami Shell image registry | `docker.io` | | `volumePermissions.image.repository` | Bitnami Shell image repository | `bitnami/bitnami-shell` | -| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r48` | +| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r58` | | `volumePermissions.image.digest` | Bitnami Shell image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `volumePermissions.image.pullPolicy` | Bitnami Shell image pull policy | `IfNotPresent` | | `volumePermissions.image.pullSecrets` | Bitnami Shell image pull secrets | `[]` | @@ -503,7 +503,7 @@ The command removes all the Kubernetes components associated with the chart and | `sysctl.enabled` | Enable init container to modify Kernel settings | `false` | | `sysctl.image.registry` | Bitnami Shell image registry | `docker.io` | | `sysctl.image.repository` | Bitnami Shell image repository | `bitnami/bitnami-shell` | -| `sysctl.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r48` | +| `sysctl.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r58` | | `sysctl.image.digest` | Bitnami Shell image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `sysctl.image.pullPolicy` | Bitnami Shell image pull policy | `IfNotPresent` | | `sysctl.image.pullSecrets` | Bitnami Shell image pull secrets | `[]` | diff --git a/charts/bitnami/redis/charts/common/Chart.yaml b/charts/bitnami/redis/charts/common/Chart.yaml index 6f0c3a6b3..653c063f2 100644 --- a/charts/bitnami/redis/charts/common/Chart.yaml +++ b/charts/bitnami/redis/charts/common/Chart.yaml @@ -1,7 +1,7 @@ annotations: category: Infrastructure apiVersion: v2 -appVersion: 2.1.2 +appVersion: 2.2.1 description: A Library Helm Chart for grouping common logic between bitnami charts. This chart is not deployable by itself. home: https://github.com/bitnami/charts/tree/main/bitnami/common @@ -20,4 +20,4 @@ sources: - https://github.com/bitnami/charts - https://www.bitnami.com/ type: library -version: 2.1.2 +version: 2.2.1 diff --git a/charts/bitnami/redis/charts/common/README.md b/charts/bitnami/redis/charts/common/README.md index a2ecd6044..ec43a5fab 100644 --- a/charts/bitnami/redis/charts/common/README.md +++ b/charts/bitnami/redis/charts/common/README.md @@ -43,10 +43,11 @@ The following table lists the helpers available in the library which are scoped | Helper identifier | Description | Expected Input | |-------------------------------|------------------------------------------------------|------------------------------------------------| -| `common.affinities.nodes.soft` | Return a soft nodeAffinity definition | `dict "key" "FOO" "values" (list "BAR" "BAZ")` | -| `common.affinities.nodes.hard` | Return a hard nodeAffinity definition | `dict "key" "FOO" "values" (list "BAR" "BAZ")` | -| `common.affinities.pods.soft` | Return a soft podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $` | -| `common.affinities.pods.hard` | Return a hard podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $` | +| `common.affinities.nodes.soft` | Return a soft nodeAffinity definition | `dict "key" "FOO" "values" (list "BAR" "BAZ")` | +| `common.affinities.nodes.hard` | Return a hard nodeAffinity definition | `dict "key" "FOO" "values" (list "BAR" "BAZ")` | +| `common.affinities.pods.soft` | Return a soft podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $` | +| `common.affinities.pods.hard` | Return a hard podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $` | +| `common.affinities.topologyKey` | Return a topologyKey definition | `dict "topologyKey" "FOO"` | ### Capabilities @@ -107,12 +108,12 @@ The following table lists the helpers available in the library which are scoped ### Secrets -| Helper identifier | Description | Expected Input | -|---------------------------|--------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `common.secrets.name` | Generate the name of the secret. | `dict "existingSecret" .Values.path.to.the.existingSecret "defaultNameSuffix" "mySuffix" "context" $` see [ExistingSecret](#existingsecret) for the structure. | -| `common.secrets.key` | Generate secret key. | `dict "existingSecret" .Values.path.to.the.existingSecret "key" "keyName"` see [ExistingSecret](#existingsecret) for the structure. | -| `common.passwords.manage` | Generate secret password or retrieve one if already created. | `dict "secret" "secret-name" "key" "keyName" "providedValues" (list "path.to.password1" "path.to.password2") "length" 10 "strong" false "chartName" "chartName" "context" $`, length, strong and chartNAme fields are optional. | -| `common.secrets.exists` | Returns whether a previous generated secret already exists. | `dict "secret" "secret-name" "context" $` | +| Helper identifier | Description | Expected Input | +|-----------------------------------|--------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| `common.secrets.name` | Generate the name of the secret. | `dict "existingSecret" .Values.path.to.the.existingSecret "defaultNameSuffix" "mySuffix" "context" $` see [ExistingSecret](#existingsecret) for the structure. | +| `common.secrets.key` | Generate secret key. | `dict "existingSecret" .Values.path.to.the.existingSecret "key" "keyName"` see [ExistingSecret](#existingsecret) for the structure. | +| `common.secrets.passwords.manage` | Generate secret password or retrieve one if already created. | `dict "secret" "secret-name" "key" "keyName" "providedValues" (list "path.to.password1" "path.to.password2") "length" 10 "strong" false "chartName" "chartName" "context" $`, length, strong and chartNAme fields are optional. | +| `common.secrets.exists` | Returns whether a previous generated secret already exists. | `dict "secret" "secret-name" "context" $` | ### Storage diff --git a/charts/bitnami/redis/charts/common/templates/_affinities.tpl b/charts/bitnami/redis/charts/common/templates/_affinities.tpl index 497068f06..81902a681 100644 --- a/charts/bitnami/redis/charts/common/templates/_affinities.tpl +++ b/charts/bitnami/redis/charts/common/templates/_affinities.tpl @@ -45,9 +45,17 @@ Return a nodeAffinity definition {{- end -}} {{- end -}} +{{/* +Return a topologyKey definition +{{ include "common.affinities.topologyKey" (dict "topologyKey" "BAR") -}} +*/}} +{{- define "common.affinities.topologyKey" -}} +{{ .topologyKey | default "kubernetes.io/hostname" -}} +{{- end -}} + {{/* Return a soft podAffinity/podAntiAffinity definition -{{ include "common.affinities.pods.soft" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "context" $) -}} +{{ include "common.affinities.pods.soft" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "context" $) -}} */}} {{- define "common.affinities.pods.soft" -}} {{- $component := default "" .component -}} @@ -62,13 +70,13 @@ preferredDuringSchedulingIgnoredDuringExecution: {{- range $key, $value := $extraMatchLabels }} {{ $key }}: {{ $value | quote }} {{- end }} - topologyKey: kubernetes.io/hostname + topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }} weight: 1 {{- end -}} {{/* Return a hard podAffinity/podAntiAffinity definition -{{ include "common.affinities.pods.hard" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "context" $) -}} +{{ include "common.affinities.pods.hard" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "context" $) -}} */}} {{- define "common.affinities.pods.hard" -}} {{- $component := default "" .component -}} @@ -82,7 +90,7 @@ requiredDuringSchedulingIgnoredDuringExecution: {{- range $key, $value := $extraMatchLabels }} {{ $key }}: {{ $value | quote }} {{- end }} - topologyKey: kubernetes.io/hostname + topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }} {{- end -}} {{/* diff --git a/charts/bitnami/redis/values.yaml b/charts/bitnami/redis/values.yaml index 34139e006..a2bbf7e0e 100644 --- a/charts/bitnami/redis/values.yaml +++ b/charts/bitnami/redis/values.yaml @@ -79,7 +79,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/redis - tag: 7.0.5-debian-11-r15 + tag: 7.0.5-debian-11-r25 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -976,7 +976,7 @@ sentinel: image: registry: docker.io repository: bitnami/redis-sentinel - tag: 7.0.5-debian-11-r14 + tag: 7.0.5-debian-11-r24 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -1393,7 +1393,7 @@ metrics: image: registry: docker.io repository: bitnami/redis-exporter - tag: 1.45.0-debian-11-r1 + tag: 1.45.0-debian-11-r11 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -1591,7 +1591,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/bitnami-shell - tag: 11-debian-11-r48 + tag: 11-debian-11-r58 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -1639,7 +1639,7 @@ sysctl: image: registry: docker.io repository: bitnami/bitnami-shell - tag: 11-debian-11-r48 + tag: 11-debian-11-r58 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. diff --git a/charts/bitnami/wordpress/Chart.yaml b/charts/bitnami/wordpress/Chart.yaml index 0586c874b..c468c37c6 100644 --- a/charts/bitnami/wordpress/Chart.yaml +++ b/charts/bitnami/wordpress/Chart.yaml @@ -40,4 +40,4 @@ name: wordpress sources: - https://github.com/bitnami/containers/tree/main/bitnami/wordpress - https://wordpress.org/ -version: 15.2.17 +version: 15.2.18 diff --git a/charts/bitnami/wordpress/README.md b/charts/bitnami/wordpress/README.md index 4342f164f..70c2346c5 100644 --- a/charts/bitnami/wordpress/README.md +++ b/charts/bitnami/wordpress/README.md @@ -85,7 +85,7 @@ The command removes all the Kubernetes components associated with the chart and | ------------------- | --------------------------------------------------------------------------------------------------------- | -------------------- | | `image.registry` | WordPress image registry | `docker.io` | | `image.repository` | WordPress image repository | `bitnami/wordpress` | -| `image.tag` | WordPress image tag (immutable tags are recommended) | `6.1.1-debian-11-r6` | +| `image.tag` | WordPress image tag (immutable tags are recommended) | `6.1.1-debian-11-r8` | | `image.digest` | WordPress image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | WordPress image pull policy | `IfNotPresent` | | `image.pullSecrets` | WordPress image pull secrets | `[]` | @@ -255,7 +255,7 @@ The command removes all the Kubernetes components associated with the chart and | `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | | `volumePermissions.image.registry` | Bitnami Shell image registry | `docker.io` | | `volumePermissions.image.repository` | Bitnami Shell image repository | `bitnami/bitnami-shell` | -| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r57` | +| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r59` | | `volumePermissions.image.digest` | Bitnami Shell image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `volumePermissions.image.pullPolicy` | Bitnami Shell image pull policy | `IfNotPresent` | | `volumePermissions.image.pullSecrets` | Bitnami Shell image pull secrets | `[]` | @@ -289,7 +289,7 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.enabled` | Start a sidecar prometheus exporter to expose metrics | `false` | | `metrics.image.registry` | Apache exporter image registry | `docker.io` | | `metrics.image.repository` | Apache exporter image repository | `bitnami/apache-exporter` | -| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `0.11.0-debian-11-r67` | +| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `0.11.0-debian-11-r69` | | `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.pullPolicy` | Apache exporter image pull policy | `IfNotPresent` | | `metrics.image.pullSecrets` | Apache exporter image pull secrets | `[]` | diff --git a/charts/bitnami/wordpress/values.yaml b/charts/bitnami/wordpress/values.yaml index b70349318..7c6d4b431 100644 --- a/charts/bitnami/wordpress/values.yaml +++ b/charts/bitnami/wordpress/values.yaml @@ -73,7 +73,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/wordpress - tag: 6.1.1-debian-11-r6 + tag: 6.1.1-debian-11-r8 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -755,7 +755,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/bitnami-shell - tag: 11-debian-11-r57 + tag: 11-debian-11-r59 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -849,7 +849,7 @@ metrics: image: registry: docker.io repository: bitnami/apache-exporter - tag: 0.11.0-debian-11-r67 + tag: 0.11.0-debian-11-r69 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. diff --git a/charts/bitnami/zookeeper/.helmignore b/charts/bitnami/zookeeper/.helmignore new file mode 100644 index 000000000..f0c131944 --- /dev/null +++ b/charts/bitnami/zookeeper/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/bitnami/zookeeper/Chart.yaml b/charts/bitnami/zookeeper/Chart.yaml index 138135d30..15086ac8b 100644 --- a/charts/bitnami/zookeeper/Chart.yaml +++ b/charts/bitnami/zookeeper/Chart.yaml @@ -25,4 +25,4 @@ name: zookeeper sources: - https://github.com/bitnami/containers/tree/main/bitnami/zookeeper - https://zookeeper.apache.org/ -version: 10.2.5 +version: 11.0.0 diff --git a/charts/bitnami/zookeeper/README.md b/charts/bitnami/zookeeper/README.md index 540208e40..013cba8af 100644 --- a/charts/bitnami/zookeeper/README.md +++ b/charts/bitnami/zookeeper/README.md @@ -7,7 +7,7 @@ Apache ZooKeeper provides a reliable, centralized register of configuration data [Overview of Apache ZooKeeper](https://zookeeper.apache.org) Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement. - + ## TL;DR ```console @@ -240,6 +240,7 @@ The command removes all the Kubernetes components associated with the chart and | `persistence.accessModes` | PVC Access modes | `["ReadWriteOnce"]` | | `persistence.size` | PVC Storage Request for ZooKeeper data volume | `8Gi` | | `persistence.annotations` | Annotations for the PVC | `{}` | +| `persistence.labels` | Labels for the PVC | `{}` | | `persistence.selector` | Selector to match an existing Persistent Volume for ZooKeeper's data PVC | `{}` | | `persistence.dataLogDir.size` | PVC Storage Request for ZooKeeper's dedicated data log directory | `8Gi` | | `persistence.dataLogDir.existingClaim` | Provide an existing `PersistentVolumeClaim` for ZooKeeper's data log directory | `""` | @@ -524,4 +525,4 @@ Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and -limitations under the License. \ No newline at end of file +limitations under the License. diff --git a/charts/bitnami/zookeeper/templates/statefulset.yaml b/charts/bitnami/zookeeper/templates/statefulset.yaml index a44d17c74..025d3630b 100644 --- a/charts/bitnami/zookeeper/templates/statefulset.yaml +++ b/charts/bitnami/zookeeper/templates/statefulset.yaml @@ -488,16 +488,11 @@ spec: {{- if not .Values.persistence.existingClaim }} - metadata: name: data - annotations: - {{- range $key, $value := .Values.persistence.annotations }} - {{ $key }}: {{ $value }} + {{- if .Values.persistence.annotations }} + annotations: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.annotations "context" $) | nindent 10 }} {{- end }} - {{- if .Values.commonAnnotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 10 }} - {{- end }} - {{- if .Values.commonLabels }} - labels: - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 10 }} + {{- if .Values.persistence.labels }} + labels: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.labels "context" $) | nindent 10 }} {{- end }} spec: accessModes: @@ -515,16 +510,11 @@ spec: {{- if and (not .Values.persistence.dataLogDir.existingClaim) .Values.dataLogDir }} - metadata: name: data-log - annotations: - {{- range $key, $value := .Values.persistence.annotations }} - {{ $key }}: {{ $value }} + {{- if .Values.persistence.annotations }} + annotations: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.annotations "context" $) | nindent 10 }} {{- end }} - {{- if .Values.commonAnnotations }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 10 }} - {{- end }} - {{- if .Values.commonLabels }} - labels: - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 10 }} + {{- if .Values.persistence.labels }} + labels: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.labels "context" $) | nindent 10 }} {{- end }} spec: accessModes: diff --git a/charts/bitnami/zookeeper/values.yaml b/charts/bitnami/zookeeper/values.yaml index 89420a3da..37bab7420 100644 --- a/charts/bitnami/zookeeper/values.yaml +++ b/charts/bitnami/zookeeper/values.yaml @@ -607,6 +607,9 @@ persistence: ## @param persistence.annotations Annotations for the PVC ## annotations: {} + ## @param persistence.labels Labels for the PVC + ## + labels: {} ## @param persistence.selector Selector to match an existing Persistent Volume for ZooKeeper's data PVC ## If set, the PVC can't have a PV dynamically provisioned for it ## E.g. diff --git a/charts/citrix/citrix-cpx-with-ingress-controller/Chart.yaml b/charts/citrix/citrix-cpx-with-ingress-controller/Chart.yaml index f3982c2a7..c638f45bf 100644 --- a/charts/citrix/citrix-cpx-with-ingress-controller/Chart.yaml +++ b/charts/citrix/citrix-cpx-with-ingress-controller/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>=v1.16.0-0' catalog.cattle.io/release-name: citrix-cpx-with-ingress-controller apiVersion: v2 -appVersion: 1.27.15 +appVersion: 1.28.2 description: A Helm chart for Citrix ADC CPX with Citrix ingress Controller running as sidecar. home: https://www.citrix.com @@ -18,4 +18,4 @@ maintainers: name: citrix-cpx-with-ingress-controller sources: - https://github.com/citrix/citrix-k8s-ingress-controller -version: 1.27.15 +version: 1.28.2 diff --git a/charts/citrix/citrix-cpx-with-ingress-controller/README.md b/charts/citrix/citrix-cpx-with-ingress-controller/README.md index 67d34a394..a5c39557e 100644 --- a/charts/citrix/citrix-cpx-with-ingress-controller/README.md +++ b/charts/citrix/citrix-cpx-with-ingress-controller/README.md @@ -455,10 +455,11 @@ The following table lists the configurable parameters of the Citrix ADC CPX with | daemonSet | Optional | False | Set this to true if Citrix ADC CPX needs to be deployed as DaemonSet. | | cic.imageRegistry | Mandatory | `quay.io` | The Citrix ingress controller image registry | | cic.imageRepository | Mandatory | `citrix/citrix-k8s-ingress-controller` | The Citrix ingress controller image repository | -| cic.imageTag | Mandatory | `1.27.15` | The Citrix ingress controller image tag | +| cic.imageTag | Mandatory | `1.28.2` | The Citrix ingress controller image tag | | cic.pullPolicy | Mandatory | IfNotPresent | The Citrix ingress controller image pull policy. | | cic.required | Mandatory | true | CIC to be run as sidecar with Citrix ADC CPX | | cic.resources | Optional | {} | CPU/Memory resource requests/limits for Citrix Ingress Controller container | +| cic.rbacRole | Optional | false | To deploy CIC with RBAC Role set rbacRole=true; by default CIC gets installed with RBAC ClusterRole(rbacRole=false)) | | imagePullSecrets | Optional | N/A | Provide list of Kubernetes secrets to be used for pulling the images from a private Docker registry or repository. For more information on how to create this secret please see [Pull an Image from a Private Registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). | | nameOverride | Optional | N/A | String to partially override deployment fullname template with a string (will prepend the release name) | | fullNameOverride | Optional | N/A | String to fully override deployment fullname template with a string | diff --git a/charts/citrix/citrix-cpx-with-ingress-controller/templates/citrix-k8s-cpx-ingress.yaml b/charts/citrix/citrix-cpx-with-ingress-controller/templates/citrix-k8s-cpx-ingress.yaml index 8af1c96e6..70ee6057b 100644 --- a/charts/citrix/citrix-cpx-with-ingress-controller/templates/citrix-k8s-cpx-ingress.yaml +++ b/charts/citrix/citrix-cpx-with-ingress-controller/templates/citrix-k8s-cpx-ingress.yaml @@ -143,6 +143,10 @@ spec: {{- else }} - name: "NS_IP" value: "127.0.0.1" +{{- end }} +{{- if .Values.rbacRole }} + - name: "SCOPE" + value: "local" {{- end }} - name: "NS_APPS_NAME_PREFIX" value: {{ .Values.entityPrefix | default "k8s"}} diff --git a/charts/citrix/citrix-cpx-with-ingress-controller/templates/rbac.yaml b/charts/citrix/citrix-cpx-with-ingress-controller/templates/rbac.yaml index c7e46b153..d812e7675 100644 --- a/charts/citrix/citrix-cpx-with-ingress-controller/templates/rbac.yaml +++ b/charts/citrix/citrix-cpx-with-ingress-controller/templates/rbac.yaml @@ -1,7 +1,14 @@ +{{- if not .Values.rbacRole }} kind: ClusterRole +{{- else }} +kind: Role +{{- end }} apiVersion: rbac.authorization.k8s.io/v1 metadata: name: {{ include "citrix-cpx-ingress-controller.serviceAccountName" . }} +{{- if .Values.rbacRole }} + namespace: {{ .Release.Namespace }} +{{- end }} rules: - apiGroups: [""] {{- if .Values.openshift }} @@ -21,7 +28,7 @@ rules: - apiGroups: ["extensions", "networking.k8s.io"] resources: ["ingresses"] verbs: ["get", "list", "watch"] - - apiGroups: ["extensions", "networking.k8s.io"] + - apiGroups: ["extensions","networking.k8s.io"] resources: ["ingresses/status"] verbs: ["patch"] - apiGroups: ["networking.k8s.io"] @@ -59,13 +66,24 @@ rules: --- +{{- if not .Values.rbacRole }} kind: ClusterRoleBinding +{{- else }} +kind: RoleBinding +{{- end }} apiVersion: rbac.authorization.k8s.io/v1 metadata: name: {{ include "citrix-cpx-ingress-controller.serviceAccountName" . }} +{{- if .Values.rbacRole }} + namespace: {{ .Release.Namespace }} +{{- end }} roleRef: apiGroup: rbac.authorization.k8s.io +{{- if not .Values.rbacRole }} kind: ClusterRole +{{- else }} + kind: Role +{{- end }} name: {{ include "citrix-cpx-ingress-controller.serviceAccountName" . }} subjects: - kind: ServiceAccount @@ -86,4 +104,3 @@ imagePullSecrets: {{- end }} {{- end }} ---- diff --git a/charts/citrix/citrix-cpx-with-ingress-controller/values.yaml b/charts/citrix/citrix-cpx-with-ingress-controller/values.yaml index 3a9ad26b5..cc236087c 100644 --- a/charts/citrix/citrix-cpx-with-ingress-controller/values.yaml +++ b/charts/citrix/citrix-cpx-with-ingress-controller/values.yaml @@ -45,6 +45,10 @@ ingressIP: # If IPAM controller is used for auto allocation of the external IP for service of type LoadBalancer, set this option to true ipam: False +# Enable RBAC role (so called local role), by default CIC deployed with ClusterRole. +# below variable to deploy CIC with RBAC role, only ingress service supported with this config +rbacRole: False + # API server Cert verification can be disabled, while communicating with API Server, if disableAPIServerCertVerify set to True disableAPIServerCertVerify: False @@ -78,7 +82,7 @@ servicePorts: [] cic: imageRegistry: quay.io imageRepository: citrix/citrix-k8s-ingress-controller - imageTag: 1.27.15 + imageTag: 1.28.2 image: "{{ .Values.cic.imageRegistry }}/{{ .Values.cic.imageRepository }}:{{ .Values.cic.imageTag }}" pullPolicy: IfNotPresent required: true diff --git a/charts/citrix/citrix-ingress-controller/Chart.yaml b/charts/citrix/citrix-ingress-controller/Chart.yaml index 39d69bb9b..0ec97ad7f 100644 --- a/charts/citrix/citrix-ingress-controller/Chart.yaml +++ b/charts/citrix/citrix-ingress-controller/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>=v1.16.0-0' catalog.cattle.io/release-name: citrix-ingress-controller apiVersion: v2 -appVersion: 1.27.15 +appVersion: 1.28.2 description: A Helm chart for Citrix Ingress Controller configuring MPX/VPX. home: https://www.citrix.com icon: https://raw.githubusercontent.com/citrix/citrix-helm-charts/gh-pages/icon.png @@ -17,4 +17,4 @@ maintainers: name: citrix-ingress-controller sources: - https://github.com/citrix/citrix-k8s-ingress-controller -version: 1.27.15 +version: 1.28.2 diff --git a/charts/citrix/citrix-ingress-controller/README.md b/charts/citrix/citrix-ingress-controller/README.md index 1ae3c07dc..955301483 100644 --- a/charts/citrix/citrix-ingress-controller/README.md +++ b/charts/citrix/citrix-ingress-controller/README.md @@ -316,7 +316,7 @@ The following table lists the mandatory and optional parameters that you can con | license.accept | Mandatory | no | Set `yes` to accept the CIC end user license agreement. | | imageRegistry | Mandatory | `quay.io` | The Citrix ingress controller image registry | | imageRepository | Mandatory | `citrix/citrix-k8s-ingress-controller` | The Citrix ingress controller image repository | -| imageTag | Mandatory | `1.27.15` | The Citrix ingress controller image tag | +| imageTag | Mandatory | `1.28.2` | The Citrix ingress controller image tag | | pullPolicy | Mandatory | IfNotPresent | The CIC image pull policy. | | imagePullSecrets | Optional | N/A | Provide list of Kubernetes secrets to be used for pulling the images from a private Docker registry or repository. For more information on how to create this secret please see [Pull an Image from a Private Registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). | | nameOverride | Optional | N/A | String to partially override deployment fullname template with a string (will prepend the release name) | @@ -392,6 +392,7 @@ The following table lists the mandatory and optional parameters that you can con | nsLbHashAlgo.hashAlgorithm | Optional | 'default' | Specifies the supported algorithm. Supported algorithms are "default", "jarh", "prac", Default value is 'default' | | extraVolumeMounts | Optional | [] | Specify the Additional VolumeMounts to be mounted in CIC container | | extraVolumes | Optional | [] | Specify the Additional Volumes for additional volumeMounts | +| rbacRole | Optional | false | To deploy CIC with RBAC Role set rbacRole=true; by default CIC gets installed with RBAC ClusterRole(rbacRole=false)) | Alternatively, you can define a YAML file with the values for the parameters and pass the values while installing the chart. diff --git a/charts/citrix/citrix-ingress-controller/templates/citrix-k8s-ingress.yaml b/charts/citrix/citrix-ingress-controller/templates/citrix-k8s-ingress.yaml index c18d69207..a69534647 100644 --- a/charts/citrix/citrix-ingress-controller/templates/citrix-k8s-ingress.yaml +++ b/charts/citrix/citrix-ingress-controller/templates/citrix-k8s-ingress.yaml @@ -89,6 +89,10 @@ spec: - name: "NS_VIP" value: "{{ .Values.nsVIP }}" {{- end }} +{{- if .Values.rbacRole }} + - name: "SCOPE" + value: "local" +{{- end }} {{- if .Values.nitroReadTimeout }} - name: "NS_NITRO_READ_TIMEOUT" value: "{{ .Values.nitroReadTimeout }}" diff --git a/charts/citrix/citrix-ingress-controller/templates/rbac.yaml b/charts/citrix/citrix-ingress-controller/templates/rbac.yaml index fe7c883a4..c20c1512e 100644 --- a/charts/citrix/citrix-ingress-controller/templates/rbac.yaml +++ b/charts/citrix/citrix-ingress-controller/templates/rbac.yaml @@ -1,7 +1,14 @@ +{{- if not .Values.rbacRole }} kind: ClusterRole +{{- else }} +kind: Role +{{- end }} apiVersion: rbac.authorization.k8s.io/v1 metadata: name: {{ include "citrix-ingress-controller.serviceAccountName" . }} +{{- if .Values.rbacRole }} + namespace: {{ .Release.Namespace }} +{{- end }} rules: - apiGroups: [""] {{- if .Values.openshift }} @@ -59,13 +66,24 @@ rules: --- +{{- if not .Values.rbacRole }} kind: ClusterRoleBinding +{{- else }} +kind: RoleBinding +{{- end }} apiVersion: rbac.authorization.k8s.io/v1 metadata: name: {{ include "citrix-ingress-controller.serviceAccountName" . }} +{{- if .Values.rbacRole }} + namespace: {{ .Release.Namespace }} +{{- end }} roleRef: apiGroup: rbac.authorization.k8s.io +{{- if not .Values.rbacRole }} kind: ClusterRole +{{- else }} + kind: Role +{{- end }} name: {{ include "citrix-ingress-controller.serviceAccountName" . }} subjects: - kind: ServiceAccount @@ -86,4 +104,3 @@ imagePullSecrets: {{- end }} {{- end }} ---- diff --git a/charts/citrix/citrix-ingress-controller/values.yaml b/charts/citrix/citrix-ingress-controller/values.yaml index 8c660b854..ba6cda298 100644 --- a/charts/citrix/citrix-ingress-controller/values.yaml +++ b/charts/citrix/citrix-ingress-controller/values.yaml @@ -5,7 +5,7 @@ # Citrix Ingress Controller config details imageRegistry: quay.io imageRepository: citrix/citrix-k8s-ingress-controller -imageTag: 1.27.15 +imageTag: 1.28.2 image: "{{ .Values.imageRegistry }}/{{ .Values.imageRepository }}:{{ .Values.imageTag }}" pullPolicy: IfNotPresent imagePullSecrets: [] @@ -103,6 +103,10 @@ crds: install: false retainOnDelete: false +# Enable RBAC role (so called local role), by default CIC deployed with ClusterRole. +# below variable to deploy CIC with RBAC role, only ingress service supported with this config +rbacRole: False + # Config required to be done by Citrix Ingress Controller for sending metrics to Citrix Observability Exporter analyticsConfig: required: false diff --git a/charts/cockroach-labs/cockroachdb/Chart.yaml b/charts/cockroach-labs/cockroachdb/Chart.yaml index f70153f9b..59b8d9f73 100644 --- a/charts/cockroach-labs/cockroachdb/Chart.yaml +++ b/charts/cockroach-labs/cockroachdb/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>=1.8-0' catalog.cattle.io/release-name: cockroachdb apiVersion: v1 -appVersion: 22.1.11 +appVersion: 22.2.0 description: CockroachDB is a scalable, survivable, strongly-consistent SQL database. home: https://www.cockroachlabs.com icon: https://raw.githubusercontent.com/cockroachdb/cockroach/master/docs/media/cockroach_db.png @@ -14,4 +14,4 @@ maintainers: name: cockroachdb sources: - https://github.com/cockroachdb/cockroach -version: 9.1.1 +version: 10.0.0 diff --git a/charts/cockroach-labs/cockroachdb/README.md b/charts/cockroach-labs/cockroachdb/README.md index f8bfc5a84..a0e1fd1be 100644 --- a/charts/cockroach-labs/cockroachdb/README.md +++ b/charts/cockroach-labs/cockroachdb/README.md @@ -229,10 +229,10 @@ kubectl get pods \ ``` ``` -my-release-cockroachdb-0 cockroachdb/cockroach:v22.1.11 -my-release-cockroachdb-1 cockroachdb/cockroach:v22.1.11 -my-release-cockroachdb-2 cockroachdb/cockroach:v22.1.11 -my-release-cockroachdb-3 cockroachdb/cockroach:v22.1.11 +my-release-cockroachdb-0 cockroachdb/cockroach:v22.2.0 +my-release-cockroachdb-1 cockroachdb/cockroach:v22.2.0 +my-release-cockroachdb-2 cockroachdb/cockroach:v22.2.0 +my-release-cockroachdb-3 cockroachdb/cockroach:v22.2.0 ``` Resume normal operations. Once you are comfortable that the stability and performance of the cluster is what you'd expect post-upgrade, finalize the upgrade: @@ -287,7 +287,7 @@ Verify that no pod is deleted and then upgrade as normal. A new StatefulSet will For more information about upgrading a cluster to the latest major release of CockroachDB, see [Upgrade to CockroachDB v21.1](https://www.cockroachlabs.com/docs/stable/upgrade-cockroach-version.html). -Note that there are some backward-incompatible changes to SQL features between versions 20.2 and 21.1. For details, see the [CockroachDB v22.1.11 release notes](https://www.cockroachlabs.com/docs/releases/v22.1.11.html#backward-incompatible-changes). +Note that there are some backward-incompatible changes to SQL features between versions 20.2 and 21.1. For details, see the [CockroachDB v22.2.0 release notes](https://www.cockroachlabs.com/docs/releases/v22.2.0.html#backward-incompatible-changes). ## Configuration @@ -316,7 +316,7 @@ For details see the [`values.yaml`](values.yaml) file. | `conf.store.size` | CockroachDB storage size | `""` | | `conf.store.attrs` | CockroachDB storage attributes | `""` | | `image.repository` | Container image name | `cockroachdb/cockroach` | -| `image.tag` | Container image tag | `v22.1.11` | +| `image.tag` | Container image tag | `v22.2.0` | | `image.pullPolicy` | Container pull policy | `IfNotPresent` | | `image.credentials` | `registry`, `user` and `pass` credentials to pull private image | `{}` | | `statefulset.replicas` | StatefulSet replicas number | `3` | diff --git a/charts/cockroach-labs/cockroachdb/values.yaml b/charts/cockroach-labs/cockroachdb/values.yaml index 3efa4b366..f0f61ebca 100644 --- a/charts/cockroach-labs/cockroachdb/values.yaml +++ b/charts/cockroach-labs/cockroachdb/values.yaml @@ -1,7 +1,7 @@ # Generated file, DO NOT EDIT. Source: build/templates/values.yaml image: repository: cockroachdb/cockroach - tag: v22.1.11 + tag: v22.2.0 pullPolicy: IfNotPresent credentials: {} # registry: docker.io diff --git a/charts/codefresh/cf-runtime/.helmignore b/charts/codefresh/cf-runtime/.helmignore new file mode 100644 index 000000000..0e8a0eb36 --- /dev/null +++ b/charts/codefresh/cf-runtime/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/codefresh/cf-runtime/Chart.yaml b/charts/codefresh/cf-runtime/Chart.yaml index 8f57a3ee8..ee3416d10 100644 --- a/charts/codefresh/cf-runtime/Chart.yaml +++ b/charts/codefresh/cf-runtime/Chart.yaml @@ -4,9 +4,9 @@ annotations: catalog.cattle.io/kube-version: '>=1.18-0' catalog.cattle.io/release-name: cf-runtime apiVersion: v2 -appVersion: 1.7.8 +appVersion: 1.8.0 description: A Helm chart for Codefresh Runner icon: https://partner-charts.rancher.io/assets/logos/codefresh.jpg name: cf-runtime type: application -version: 1.7.8 +version: 1.8.0 diff --git a/charts/codefresh/cf-runtime/values.yaml b/charts/codefresh/cf-runtime/values.yaml index 8986729af..8221d8a51 100644 --- a/charts/codefresh/cf-runtime/values.yaml +++ b/charts/codefresh/cf-runtime/values.yaml @@ -24,7 +24,7 @@ dockerRegistry: "quay.io" # Registry prefix for the runtime images (default quay newRelicLicense: "" # NEWRELIC_LICENSE_KEY (for app-proxy and runner deployments) runner: # Runner Deployment - image: "codefresh/venona:1.7.8" + image: "codefresh/venona:1.8.0" env: {} ## e.g: # env: diff --git a/charts/datadog/datadog/CHANGELOG.md b/charts/datadog/datadog/CHANGELOG.md index 25f321d4d..770a0ed56 100644 --- a/charts/datadog/datadog/CHANGELOG.md +++ b/charts/datadog/datadog/CHANGELOG.md @@ -1,5 +1,13 @@ # Datadog changelog +## 3.5.1 + +* Removing default value placeholder for the API Key in the values.yaml. + +## 3.5.0 + +* Remove runtime compilation-related config values `enableKernelHeaderDownload` and `enableRuntimeCompiler` in the system-probe. + ## 3.4.0 * Add `datadog.systemProbe.btfPath` for mounting user-provided BTF files (see datadog-agent PRs #13962 and #14096 for more context). diff --git a/charts/datadog/datadog/Chart.yaml b/charts/datadog/datadog/Chart.yaml index 029056bbd..04fce20b2 100644 --- a/charts/datadog/datadog/Chart.yaml +++ b/charts/datadog/datadog/Chart.yaml @@ -19,4 +19,4 @@ name: datadog sources: - https://app.datadoghq.com/account/settings#agent/kubernetes - https://github.com/DataDog/datadog-agent -version: 3.4.0 +version: 3.5.1 diff --git a/charts/datadog/datadog/README.md b/charts/datadog/datadog/README.md index 236477281..1f9a6d2cf 100644 --- a/charts/datadog/datadog/README.md +++ b/charts/datadog/datadog/README.md @@ -1,6 +1,6 @@ # Datadog -![Version: 3.4.0](https://img.shields.io/badge/Version-3.4.0-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) +![Version: 3.5.1](https://img.shields.io/badge/Version-3.5.1-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) [Datadog](https://www.datadoghq.com/) is a hosted infrastructure monitoring platform. This chart adds the Datadog Agent to all nodes in your cluster via a DaemonSet. It also optionally depends on the [kube-state-metrics chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics). For more information about monitoring Kubernetes with Datadog, please refer to the [Datadog documentation website](https://docs.datadoghq.com/agent/basic_agent_usage/kubernetes/). @@ -570,7 +570,7 @@ helm install \ | clusterChecksRunner.volumes | list | `[]` | Specify additional volumes to mount in the cluster checks container | | commonLabels | object | `{}` | Labels to apply to all resources | | datadog-crds.crds.datadogMetrics | bool | `true` | Set to true to deploy the DatadogMetrics CRD | -| datadog.apiKey | string | `""` | Your Datadog API key | +| datadog.apiKey | string | `nil` | Your Datadog API key | | datadog.apiKeyExistingSecret | string | `nil` | Use existing Secret which stores API key instead of creating a new one. The value should be set with the `api-key` key inside the secret. | | datadog.apm.enabled | bool | `false` | Enable this to enable APM and tracing, on port 8126 DEPRECATED. Use datadog.apm.portEnabled instead | | datadog.apm.hostSocketPath | string | `"/var/run/datadog/"` | Host path to the trace-agent socket | @@ -694,9 +694,7 @@ helm install \ | datadog.systemProbe.enableConntrack | bool | `true` | Enable the system-probe agent to connect to the netlink/conntrack subsystem to add NAT information to connection data | | datadog.systemProbe.enableDefaultKernelHeadersPaths | bool | `true` | Enable mount of default paths where kernel headers are stored | | datadog.systemProbe.enableDefaultOsReleasePaths | bool | `true` | enable default os-release files mount | -| datadog.systemProbe.enableKernelHeaderDownload | bool | `true` | Enable the downloading of kernel headers for runtime compilation of eBPF probes | | datadog.systemProbe.enableOOMKill | bool | `false` | Enable the OOM kill eBPF-based check | -| datadog.systemProbe.enableRuntimeCompiler | bool | `false` | Enable the runtime compiler for eBPF probes | | datadog.systemProbe.enableTCPQueueLength | bool | `false` | Enable the TCP queue length eBPF-based check | | datadog.systemProbe.maxTrackedConnections | int | `131072` | the maximum number of tracked connections | | datadog.systemProbe.mountPackageManagementDirs | list | `[]` | Enables mounting of specific package management directories when runtime compilation is enabled | diff --git a/charts/datadog/datadog/templates/NOTES.txt b/charts/datadog/datadog/templates/NOTES.txt index 9d65b88ee..f7c8acfd5 100644 --- a/charts/datadog/datadog/templates/NOTES.txt +++ b/charts/datadog/datadog/templates/NOTES.txt @@ -137,6 +137,16 @@ The option `datadog.apm.socketEnabled` is enabled by default and can be used to {{- end }} +{{- if or .Values.datadog.systemProbe.enableKernelHeaderDownload .Values.datadog.systemProbe.enableRuntimeCompiler }} + +################################################################# +#### WARNING: Deprecation notice #### +################################################################# + +The `enableKernelHeaderDownload` and `enableRuntimeCompiler` options are not supported anymore, in order to enable the runtime compiler, set the environment variable `DD_ENABLE_KERNEL_HEADER_DOWNLOAD` and `DD_ENABLE_RUNTIME_COMPILER` in the system probe. + +{{- end }} + {{- if .Values.datadog.apm.useSocketVolume }} ################################################################# @@ -308,7 +318,7 @@ are enabled: * Failure policy of the Admission Controller is set to "Fail" {{- end }} -To run in high availability mode, our recommandation is to update the chart +To run in high availability mode, our recommendation is to update the chart configuration with: * set `clusterAgent.replicas` value to `2` replicas . * set `clusterAgent.createPodDisruptionBudget` to `true`. diff --git a/charts/datadog/datadog/templates/_helpers.tpl b/charts/datadog/datadog/templates/_helpers.tpl index 8eb5f6836..236a94963 100644 --- a/charts/datadog/datadog/templates/_helpers.tpl +++ b/charts/datadog/datadog/templates/_helpers.tpl @@ -619,7 +619,7 @@ Return the local service name Return true if runtime compilation is enabled in the system-probe */}} {{- define "runtime-compilation-enabled" -}} -{{- if or .Values.datadog.systemProbe.enableTCPQueueLength .Values.datadog.systemProbe.enableOOMKill .Values.datadog.systemProbe.enableRuntimeCompiler -}} +{{- if or .Values.datadog.systemProbe.enableTCPQueueLength .Values.datadog.systemProbe.enableOOMKill .Values.datadog.serviceMonitoring.enabled -}} true {{- else -}} false diff --git a/charts/datadog/datadog/templates/system-probe-configmap.yaml b/charts/datadog/datadog/templates/system-probe-configmap.yaml index e988a6f5a..5813b5fef 100644 --- a/charts/datadog/datadog/templates/system-probe-configmap.yaml +++ b/charts/datadog/datadog/templates/system-probe-configmap.yaml @@ -32,8 +32,6 @@ data: collect_dns_stats: {{ $.Values.datadog.systemProbe.collectDNSStats }} max_tracked_connections: {{ $.Values.datadog.systemProbe.maxTrackedConnections }} conntrack_max_state_size: {{ $.Values.datadog.systemProbe.conntrackMaxStateSize }} - enable_runtime_compiler: {{ $.Values.datadog.systemProbe.enableRuntimeCompiler }} - enable_kernel_header_download: {{ $.Values.datadog.systemProbe.enableKernelHeaderDownload }} runtime_compiler_output_dir: {{ $.Values.datadog.systemProbe.runtimeCompilationAssetDir }}/build kernel_header_download_dir: {{ $.Values.datadog.systemProbe.runtimeCompilationAssetDir }}/kernel-headers apt_config_dir: /host/etc/apt diff --git a/charts/datadog/datadog/values.yaml b/charts/datadog/datadog/values.yaml index ce0c300ca..86864a06f 100644 --- a/charts/datadog/datadog/values.yaml +++ b/charts/datadog/datadog/values.yaml @@ -30,7 +30,7 @@ datadog: # datadog.apiKey -- Your Datadog API key ## ref: https://app.datadoghq.com/account/settings#agent/kubernetes - apiKey: + apiKey: # # datadog.apiKeyExistingSecret -- Use existing Secret which stores API key instead of creating a new one. The value should be set with the `api-key` key inside the secret. @@ -511,12 +511,6 @@ datadog: # datadog.systemProbe.enableOOMKill -- Enable the OOM kill eBPF-based check enableOOMKill: false - # datadog.systemProbe.enableRuntimeCompiler -- Enable the runtime compiler for eBPF probes - enableRuntimeCompiler: false - - # datadog.systemProbe.enableKernelHeaderDownload -- Enable the downloading of kernel headers for runtime compilation of eBPF probes - enableKernelHeaderDownload: true - # datadog.systemProbe.mountPackageManagementDirs -- Enables mounting of specific package management directories when runtime compilation is enabled mountPackageManagementDirs: [] ## For runtime compilation to be able to download kernel headers, the host's package management folders diff --git a/charts/gitlab/gitlab/CHANGELOG.md b/charts/gitlab/gitlab/CHANGELOG.md index fdd972c5f..937038091 100644 --- a/charts/gitlab/gitlab/CHANGELOG.md +++ b/charts/gitlab/gitlab/CHANGELOG.md @@ -2,6 +2,10 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 6.6.2 (2022-12-05) + +No changes. + ## 6.6.1 (2022-11-30) No changes. diff --git a/charts/gitlab/gitlab/Chart.yaml b/charts/gitlab/gitlab/Chart.yaml index 27cdf4b30..b271d2b28 100644 --- a/charts/gitlab/gitlab/Chart.yaml +++ b/charts/gitlab/gitlab/Chart.yaml @@ -3,7 +3,7 @@ annotations: catalog.cattle.io/display-name: GitLab catalog.cattle.io/release-name: gitlab apiVersion: v1 -appVersion: 15.6.1 +appVersion: 15.6.2 description: The One DevOps Platform home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.png @@ -15,4 +15,4 @@ maintainers: name: gitlab sources: - https://gitlab.com/gitlab-org/charts/gitlab -version: 6.6.1 +version: 6.6.2 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/geo-logcursor/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/geo-logcursor/Chart.yaml index c68548984..8f06a623e 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/geo-logcursor/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/geo-logcursor/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.6.1 +appVersion: 15.6.2 description: GitLab Geo logcursor home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -12,4 +12,4 @@ name: geo-logcursor sources: - https://gitlab.com/charts/gitlab/tree/master/charts/gitlab/charts/geo-logcursor - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-rails -version: 6.6.1 +version: 6.6.2 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/gitaly/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/gitaly/Chart.yaml index 322465fa3..2a86f3ae9 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/gitaly/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/gitaly/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.6.1 +appVersion: 15.6.2 description: Git RPC service for handling all the git calls made by GitLab home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -13,4 +13,4 @@ name: gitaly sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitaly - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitaly -version: 6.6.1 +version: 6.6.2 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-exporter/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-exporter/Chart.yaml index b67710337..4e8ba52d8 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-exporter/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-exporter/Chart.yaml @@ -14,4 +14,4 @@ sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-exporter - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-exporter - https://gitlab.com/gitlab-org/gitlab-exporter -version: 6.6.1 +version: 6.6.2 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-grafana/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-grafana/Chart.yaml index 3f07858af..1995763b7 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-grafana/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-grafana/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.6.1 +appVersion: 15.6.2 description: Adapt the Grafana chart to interface to the GitLab App home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -13,4 +13,4 @@ name: gitlab-grafana sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-grafana - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-grafana -version: 6.6.1 +version: 6.6.2 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-pages/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-pages/Chart.yaml index 29a32c7e4..a0b7f56da 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-pages/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-pages/Chart.yaml @@ -14,4 +14,4 @@ sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-pages - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-pages - https://gitlab.com/gitlab-org/gitlab-pages -version: 6.6.1 +version: 6.6.2 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-shell/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-shell/Chart.yaml index 491c40236..3aa43cd1a 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-shell/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-shell/Chart.yaml @@ -14,4 +14,4 @@ name: gitlab-shell sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-shell - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-shell -version: 6.6.1 +version: 6.6.2 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/kas/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/kas/Chart.yaml index 6d06b68a5..1cec33b17 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/kas/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/kas/Chart.yaml @@ -17,4 +17,4 @@ name: kas sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-kas - https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent -version: 6.6.1 +version: 6.6.2 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/mailroom/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/mailroom/Chart.yaml index 754a02015..67ab81115 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/mailroom/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/mailroom/Chart.yaml @@ -13,4 +13,4 @@ name: mailroom sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/mailroom - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-mailroom -version: 6.6.1 +version: 6.6.2 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/migrations/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/migrations/Chart.yaml index 05a040f63..00edb6326 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/migrations/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/migrations/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.6.1 +appVersion: 15.6.2 description: Database migrations and other versioning tasks for upgrading Gitlab home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -12,4 +12,4 @@ name: migrations sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/migrations - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-rails -version: 6.6.1 +version: 6.6.2 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/praefect/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/praefect/Chart.yaml index 3a2f18d86..9391d956e 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/praefect/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/praefect/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.6.1 +appVersion: 15.6.2 description: Praefect is a router and transaction manager for Gitaly, and a required component for running a Gitaly Cluster. home: https://about.gitlab.com/ @@ -16,4 +16,4 @@ sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/praefect - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitaly - https://gitlab.com/gitlab-org/gitaly/-/tree/master/cmd/praefect -version: 6.6.1 +version: 6.6.2 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/sidekiq/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/sidekiq/Chart.yaml index e1e5a2e16..912656bf4 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/sidekiq/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/sidekiq/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.6.1 +appVersion: 15.6.2 description: Gitlab Sidekiq for asynchronous task processing in rails home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -13,4 +13,4 @@ name: sidekiq sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/sidekiq - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-sidekiq -version: 6.6.1 +version: 6.6.2 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/spamcheck/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/spamcheck/Chart.yaml index 29146fafc..caac5b4b0 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/spamcheck/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/spamcheck/Chart.yaml @@ -14,4 +14,4 @@ name: spamcheck sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/spamcheck - https://gitlab.com/gitlab-org/spamcheck -version: 6.6.1 +version: 6.6.2 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/toolbox/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/toolbox/Chart.yaml index c2050a850..20216aec5 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/toolbox/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/toolbox/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.6.1 +appVersion: 15.6.2 description: For manually running rake tasks through kubectl home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -13,4 +13,4 @@ name: toolbox sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/toolbox - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-toolbox -version: 6.6.1 +version: 6.6.2 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/webservice/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/webservice/Chart.yaml index 60bc82c59..2d102afb6 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/webservice/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/webservice/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.6.1 +appVersion: 15.6.2 description: HTTP server for Gitlab home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -14,4 +14,4 @@ name: webservice sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/webservice - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-webservice -version: 6.6.1 +version: 6.6.2 diff --git a/charts/gitlab/gitlab/requirements.lock b/charts/gitlab/gitlab/requirements.lock index e3a6317fb..07b787ebc 100644 --- a/charts/gitlab/gitlab/requirements.lock +++ b/charts/gitlab/gitlab/requirements.lock @@ -33,4 +33,4 @@ dependencies: repository: "" version: '*.*.*' digest: sha256:1a36b0e21d9953da190f461eccaee8056bd12a588578db8eca57caa488e8da48 -generated: "2022-11-30T19:13:56.463468432Z" +generated: "2022-12-06T09:14:12.906696934Z" diff --git a/charts/jaeger/jaeger-operator/.helmignore b/charts/jaeger/jaeger-operator/.helmignore new file mode 100644 index 000000000..f0c131944 --- /dev/null +++ b/charts/jaeger/jaeger-operator/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/jaeger/jaeger-operator/Chart.yaml b/charts/jaeger/jaeger-operator/Chart.yaml index bf9b9633e..433e07cba 100644 --- a/charts/jaeger/jaeger-operator/Chart.yaml +++ b/charts/jaeger/jaeger-operator/Chart.yaml @@ -15,4 +15,4 @@ maintainers: name: jaeger-operator sources: - https://github.com/jaegertracing/jaeger-operator -version: 2.37.0 +version: 2.38.0 diff --git a/charts/jaeger/jaeger-operator/templates/deployment.yaml b/charts/jaeger/jaeger-operator/templates/deployment.yaml index 01b10b723..f24618065 100644 --- a/charts/jaeger/jaeger-operator/templates/deployment.yaml +++ b/charts/jaeger/jaeger-operator/templates/deployment.yaml @@ -38,14 +38,17 @@ spec: - name: {{ . }} {{- end }} {{- end }} + {{- if .Values.hostNetwork }} + hostNetwork: {{ .Values.hostNetwork }} + {{- end }} containers: - name: {{ include "jaeger-operator.fullname" . }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} ports: - - containerPort: 8383 + - containerPort: {{ .Values.metricsPort }} name: metrics - - containerPort: 9443 + - containerPort: {{ .Values.webhooks.port }} name: webhook-server protocol: TCP volumeMounts: diff --git a/charts/jaeger/jaeger-operator/templates/service.yaml b/charts/jaeger/jaeger-operator/templates/service.yaml index 4cedde509..ae502e4de 100644 --- a/charts/jaeger/jaeger-operator/templates/service.yaml +++ b/charts/jaeger/jaeger-operator/templates/service.yaml @@ -12,9 +12,9 @@ metadata: spec: ports: - name: metrics - port: 8383 + port: {{ .Values.metricsPort }} protocol: TCP - targetPort: 8383 + targetPort: {{ .Values.metricsPort }} {{- if and (eq .Values.service.type "NodePort") (.Values.service.nodePort) }} nodePort: {{ .Values.service.nodePort }} {{- end }} @@ -39,7 +39,7 @@ spec: ports: - port: 443 protocol: TCP - targetPort: 9443 + targetPort: {{ .Values.webhooks.port }} selector: {{ include "jaeger-operator.labels" . | indent 4 }} {{- end }} diff --git a/charts/jaeger/jaeger-operator/values.yaml b/charts/jaeger/jaeger-operator/values.yaml index 7f870c635..5b97841b4 100644 --- a/charts/jaeger/jaeger-operator/values.yaml +++ b/charts/jaeger/jaeger-operator/values.yaml @@ -22,6 +22,7 @@ webhooks: create: true validatingWebhook: create: true + port: 9443 service: annotations: {} create: true @@ -83,3 +84,8 @@ affinity: {} securityContext: {} priorityClassName: + +# Specifies weather host network should be used +hostNetwork: false + +metricsPort: 8383 diff --git a/charts/jenkins/jenkins/CHANGELOG.md b/charts/jenkins/jenkins/CHANGELOG.md index 6fe4d005f..ff64ecf36 100644 --- a/charts/jenkins/jenkins/CHANGELOG.md +++ b/charts/jenkins/jenkins/CHANGELOG.md @@ -12,11 +12,21 @@ Use the following links to reference issues, PRs, and commits prior to v2.6.0. The change log until v1.5.7 was auto-generated based on git commits. Those entries include a reference to the git commit to be able to get more details. +## 4.2.17 + +Update Jenkins image and appVersion to jenkins lts release version 2.375.1 + + +## 4.2.16 + +Fixed chart notes not rendering Jenkins URL with prefix when `controller.jenkinsUriPrefix` is set. +Fixed chart notes not rendering Jenkins URL with `https` when `controller.ingress.tls` or `controller.controller.httpsKeyStore.enable` is set. +Fixed chart notes rendering wrong JCasC URL when not using `controller.ingress`. + ## 4.2.15 Update Jenkins image and appVersion to jenkins lts release version 2.361.4 - ## 4.2.14 Added option to mount all keys from an existing k8s secret diff --git a/charts/jenkins/jenkins/Chart.yaml b/charts/jenkins/jenkins/Chart.yaml index e1d7e63bc..99741c9b9 100644 --- a/charts/jenkins/jenkins/Chart.yaml +++ b/charts/jenkins/jenkins/Chart.yaml @@ -1,7 +1,7 @@ annotations: artifacthub.io/images: | - name: jenkins - image: jenkins/jenkins:2.361.4-jdk11 + image: jenkins/jenkins:2.375.1-jdk11 - name: k8s-sidecar image: kiwigrid/k8s-sidecar:1.15.0 - name: inbound-agent @@ -18,7 +18,7 @@ annotations: catalog.cattle.io/kube-version: '>=1.14-0' catalog.cattle.io/release-name: jenkins apiVersion: v2 -appVersion: 2.361.4 +appVersion: 2.375.1 description: Jenkins - Build great things at any scale! The leading open source automation server, Jenkins provides hundreds of plugins to support building, deploying and automating any project. @@ -41,4 +41,4 @@ sources: - https://github.com/jenkinsci/docker-inbound-agent - https://github.com/maorfr/kube-tasks - https://github.com/jenkinsci/configuration-as-code-plugin -version: 4.2.15 +version: 4.2.17 diff --git a/charts/jenkins/jenkins/templates/NOTES.txt b/charts/jenkins/jenkins/templates/NOTES.txt index 891e3a2c8..0d2df0b93 100644 --- a/charts/jenkins/jenkins/templates/NOTES.txt +++ b/charts/jenkins/jenkins/templates/NOTES.txt @@ -1,34 +1,51 @@ +{{- $prefix := .Values.controller.jenkinsUriPrefix | default "" -}} +{{- $url := "" -}} 1. Get your '{{ .Values.controller.adminUser }}' user password by running: kubectl exec --namespace {{ template "jenkins.namespace" . }} -it svc/{{ template "jenkins.fullname" . }} -c jenkins -- /bin/cat /run/secrets/additional/chart-admin-password && echo -{{- if .Values.controller.ingress.hostName }} - -2. Visit http://{{ .Values.controller.ingress.hostName }} +{{- if .Values.controller.ingress.hostName -}} +{{- if .Values.controller.ingress.tls -}} +{{- $url = print "https://" .Values.controller.ingress.hostName $prefix -}} +{{- else -}} +{{- $url = print "http://" .Values.controller.ingress.hostName $prefix -}} +{{- end }} +2. Visit {{ $url }} {{- else }} 2. Get the Jenkins URL to visit by running these commands in the same shell: {{- if contains "NodePort" .Values.controller.serviceType }} export NODE_PORT=$(kubectl get --namespace {{ template "jenkins.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "jenkins.fullname" . }}) export NODE_IP=$(kubectl get nodes --namespace {{ template "jenkins.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT/login +{{- if .Values.controller.httpsKeyStore.enable -}} +{{- $url = print "https://$NODE_IP:$NODE_PORT" $prefix -}} +{{- else -}} +{{- $url = print "http://$NODE_IP:$NODE_PORT" $prefix -}} +{{- end }} + echo {{ $url }} {{- else if contains "LoadBalancer" .Values.controller.serviceType }} NOTE: It may take a few minutes for the LoadBalancer IP to be available. You can watch the status of by running 'kubectl get svc --namespace {{ template "jenkins.namespace" . }} -w {{ template "jenkins.fullname" . }}' export SERVICE_IP=$(kubectl get svc --namespace {{ template "jenkins.namespace" . }} {{ template "jenkins.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}") -{{- if .Values.controller.httpsKeyStore.enable }} - echo https://$SERVICE_IP:{{ .Values.controller.servicePort }}/login -{{- else }} - echo http://$SERVICE_IP:{{ .Values.controller.servicePort }}/login +{{- if .Values.controller.httpsKeyStore.enable -}} +{{- $url = print "https://$SERVICE_IP:" .Values.controller.servicePort $prefix -}} +{{- else -}} +{{- $url = print "http://$SERVICE_IP:" .Values.controller.servicePort $prefix -}} {{- end }} + echo {{ $url }} -{{- else if contains "ClusterIP" .Values.controller.serviceType }} - echo http://127.0.0.1:{{ .Values.controller.servicePort }} +{{- else if contains "ClusterIP" .Values.controller.serviceType -}} +{{- if .Values.controller.httpsKeyStore.enable -}} +{{- $url = print "https://127.0.0.1:" .Values.controller.servicePort $prefix -}} +{{- else -}} +{{- $url = print "http://127.0.0.1:" .Values.controller.servicePort $prefix -}} +{{- end }} + echo {{ $url }} kubectl --namespace {{ template "jenkins.namespace" . }} port-forward svc/{{template "jenkins.fullname" . }} {{ .Values.controller.servicePort }}:{{ .Values.controller.servicePort }} {{- end }} {{- end }} 3. Login with the password from step 1 and the username: {{ .Values.controller.adminUser }} 4. Configure security realm and authorization strategy -5. Use Jenkins Configuration as Code by specifying configScripts in your values.yaml file, see documentation: http://{{ .Values.controller.ingress.hostName }}/configuration-as-code and examples: https://github.com/jenkinsci/configuration-as-code-plugin/tree/master/demos +5. Use Jenkins Configuration as Code by specifying configScripts in your values.yaml file, see documentation: {{ $url }}/configuration-as-code and examples: https://github.com/jenkinsci/configuration-as-code-plugin/tree/master/demos For more information on running Jenkins on Kubernetes, visit: https://cloud.google.com/solutions/jenkins-on-container-engine diff --git a/charts/jenkins/jenkins/values.yaml b/charts/jenkins/jenkins/values.yaml index aadaf7526..911dbf3b3 100644 --- a/charts/jenkins/jenkins/values.yaml +++ b/charts/jenkins/jenkins/values.yaml @@ -19,7 +19,7 @@ controller: # Used for label app.kubernetes.io/component componentName: "jenkins-controller" image: "jenkins/jenkins" - # tag: "2.361.4-jdk11" + # tag: "2.375.1-jdk11" tagLabel: jdk11 imagePullPolicy: "Always" imagePullSecretName: diff --git a/charts/kuma/kuma/Chart.yaml b/charts/kuma/kuma/Chart.yaml index a754589e3..685cc0191 100644 --- a/charts/kuma/kuma/Chart.yaml +++ b/charts/kuma/kuma/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/namespace: kuma-system catalog.cattle.io/release-name: kuma apiVersion: v2 -appVersion: 2.0.0 +appVersion: 2.0.1 description: A Helm chart for the Kuma Control Plane home: https://github.com/kumahq/kuma icon: https://kuma.io/assets/images/brand/kuma-logo-new.svg @@ -20,4 +20,4 @@ maintainers: name: nickolaev name: kuma type: application -version: 2.0.0 +version: 2.0.1 diff --git a/charts/minio/minio-operator/.helmignore b/charts/minio/minio-operator/.helmignore new file mode 100644 index 000000000..50af03172 --- /dev/null +++ b/charts/minio/minio-operator/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/minio/minio-operator/Chart.yaml b/charts/minio/minio-operator/Chart.yaml index 93433e05b..21f2e8d4f 100644 --- a/charts/minio/minio-operator/Chart.yaml +++ b/charts/minio/minio-operator/Chart.yaml @@ -2,9 +2,9 @@ annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Minio Operator catalog.cattle.io/kube-version: '>=1.19-0' - catalog.cattle.io/release-name: operator + catalog.cattle.io/release-name: minio-operator apiVersion: v2 -appVersion: v4.5.4 +appVersion: v4.5.5 description: A Helm chart for MinIO Operator home: https://min.io icon: https://min.io/resources/img/logo/MINIO_wordmark.png @@ -19,4 +19,4 @@ name: minio-operator sources: - https://github.com/minio/operator type: application -version: 4.5.4 +version: 4.5.5 diff --git a/charts/minio/minio-operator/values.yaml b/charts/minio/minio-operator/values.yaml index bef3bcd4f..b7573c842 100644 --- a/charts/minio/minio-operator/values.yaml +++ b/charts/minio/minio-operator/values.yaml @@ -11,7 +11,7 @@ operator: # value: "" image: repository: minio/operator - tag: v4.5.4 + tag: v4.5.5 pullPolicy: IfNotPresent imagePullSecrets: [ ] initcontainers: [ ] @@ -43,7 +43,7 @@ operator: console: image: repository: minio/console - tag: v0.21.1 + tag: v0.22.1 pullPolicy: IfNotPresent imagePullSecrets: [ ] initcontainers: [ ] diff --git a/charts/redpanda/redpanda/Chart.yaml b/charts/redpanda/redpanda/Chart.yaml index 1428ca128..03867df6a 100644 --- a/charts/redpanda/redpanda/Chart.yaml +++ b/charts/redpanda/redpanda/Chart.yaml @@ -1,7 +1,7 @@ annotations: artifacthub.io/images: | - name: redpanda - image: vectorized/redpanda:v22.3.3 + image: vectorized/redpanda:v22.3.5 - name: busybox image: busybox:latest artifacthub.io/license: Apache-2.0 @@ -15,7 +15,7 @@ annotations: catalog.cattle.io/kube-version: '>=1.21-0' catalog.cattle.io/release-name: redpanda apiVersion: v2 -appVersion: v22.3.3 +appVersion: v22.3.5 description: Redpanda is the real-time engine for modern apps. icon: https://images.ctfassets.net/paqvtpyf8rwu/3cYHw5UzhXCbKuR24GDFGO/73fb682e6157d11c10d5b2b5da1d5af0/skate-stand-panda.svg kubeVersion: '>=1.21-0' @@ -26,4 +26,4 @@ name: redpanda sources: - https://github.com/redpanda-data/helm-charts type: application -version: 2.3.11 +version: 2.3.14 diff --git a/charts/redpanda/redpanda/README.md b/charts/redpanda/redpanda/README.md index 3e0ad88b6..d8237b04e 100644 --- a/charts/redpanda/redpanda/README.md +++ b/charts/redpanda/redpanda/README.md @@ -38,9 +38,7 @@ See the [60-Second Guide for Kubernetes][kubernetes-qs-dev] If you have improvements that can be made to this Helm chart, please consider becoming a contributor. See our [Contributing][contributing] document for more details. -[values]: https://github.com/redpanda-data/helm-charts/blob/main/redpanda/values.yaml +[values]: https://github.com/redpanda-data/helm-charts/blob/main/charts/redpanda/values.yaml [examples]: https://github.com/redpanda-data/helm-charts/blob/main/examples/README.md [contributing]: https://github.com/redpanda-data/helm-charts/blob/main/CONTRIBUTING.md [kubernetes-qs-dev]: https://docs.redpanda.com/docs/quickstart/kubernetes-qs-dev/ - - diff --git a/charts/redpanda/redpanda/ci/06-rack-awareness.yaml b/charts/redpanda/redpanda/ci/06-rack-awareness.yaml new file mode 100644 index 000000000..834a7451e --- /dev/null +++ b/charts/redpanda/redpanda/ci/06-rack-awareness.yaml @@ -0,0 +1,21 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +rackAwareness: + enabled: true +rbac: + enabled: true +serviceaccount: + create: true diff --git a/charts/redpanda/redpanda/templates/configmap.yaml b/charts/redpanda/redpanda/templates/configmap.yaml index 1230b2012..86424136a 100644 --- a/charts/redpanda/redpanda/templates/configmap.yaml +++ b/charts/redpanda/redpanda/templates/configmap.yaml @@ -66,6 +66,9 @@ data: redpanda: {{- if (include "redpanda-atleast-22-3-0" . | fromJson).bool }} empty_seed_starts_cluster: false + {{- if .Values.rackAwareness.enabled }} + enable_rack_awareness: true + {{- end }} {{- end }} {{- if not (include "redpanda-atleast-22-1-1" . | fromJson).bool }} enable_sasl: {{ dig "sasl" "enabled" false .Values.auth }} diff --git a/charts/redpanda/redpanda/templates/rbac.yaml b/charts/redpanda/redpanda/templates/rbac.yaml new file mode 100644 index 000000000..253018795 --- /dev/null +++ b/charts/redpanda/redpanda/templates/rbac.yaml @@ -0,0 +1,70 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +--- +{{- if .Values.rbac.enabled -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "redpanda.fullname" . }} + labels: + helm.sh/chart: {{ template "redpanda.chart" . }} + app.kubernetes.io/name: {{ template "redpanda.name" . }} + app.kubernetes.io/instance: {{ .Release.Name | quote }} + app.kubernetes.io/managed-by: {{ .Release.Service | quote }} + app.kubernetes.io/component: {{ template "redpanda.name" . }} + {{- with .Values.commonLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +rules: + - apiGroups: + - "" + resources: + - nodes + verbs: + - get + - list +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "redpanda.fullname" . }} + labels: + helm.sh/chart: {{ template "redpanda.chart" . }} + app.kubernetes.io/name: {{ template "redpanda.name" . }} + app.kubernetes.io/instance: {{ .Release.Name | quote }} + app.kubernetes.io/managed-by: {{ .Release.Service | quote }} + app.kubernetes.io/component: {{ template "redpanda.name" . }} + {{- with .Values.commonLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "redpanda.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ include "redpanda.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} +{{- end }} \ No newline at end of file diff --git a/charts/redpanda/redpanda/templates/statefulset.yaml b/charts/redpanda/redpanda/templates/statefulset.yaml index e96b707da..3c3e60ca6 100644 --- a/charts/redpanda/redpanda/templates/statefulset.yaml +++ b/charts/redpanda/redpanda/templates/statefulset.yaml @@ -16,7 +16,7 @@ limitations under the License. */}} {{- $values := .Values }} -{{- $advertiseAddress := include "redpanda.kafka.internal.advertise.address" . -}} +{{- $advertiseAddress := include "redpanda.kafka.internal.advertise.address" . }} --- apiVersion: apps/v1 kind: StatefulSet @@ -59,6 +59,7 @@ spec: spec: securityContext: {{- toYaml .Values.statefulset.podSecurityContext | nindent 8 }} + serviceAccountName: {{ include "redpanda.serviceAccountName" . }} initContainers: - name: set-datadir-ownership image: busybox:latest @@ -74,19 +75,70 @@ spec: valueFrom: fieldRef: fieldPath: metadata.name + - name: EXTERNAL_ADDRESSES + value: {{ .Values.external.addresses }} + - name: KUBERNETES_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName args: - - > - CONFIG=/etc/redpanda/redpanda.yaml; - cp /tmp/base-config/redpanda.yaml "$CONFIG"; + - | + set -xe + CONFIG=/etc/redpanda/redpanda.yaml + POD_ORDINAL=${SERVICE_NAME##*-} + + # Setup config files + cp /tmp/base-config/redpanda.yaml "${CONFIG}" {{- if (include "redpanda-atleast-22-1-1" . | fromJson).bool }} - cp /tmp/base-config/bootstrap.yaml /etc/redpanda/.bootstrap.yaml; + cp /tmp/base-config/bootstrap.yaml /etc/redpanda/.bootstrap.yaml {{- end }} + {{- if not (include "redpanda-atleast-22-3-0" . | fromJson).bool }} - NODE_ID=${SERVICE_NAME##*-}; - rpk --config "$CONFIG" redpanda config set redpanda.node_id $NODE_ID; - if [ "$NODE_ID" = "0" ]; then - rpk --config "$CONFIG" redpanda config set redpanda.seed_servers '[]' --format yaml; - fi; + # Configure bootstrap + ## Not used for Redpanda v22.3.0+ + rpk --config "${CONFIG}" redpanda config set redpanda.node_id "${POD_ORDINAL}" + if [ "${POD_ORDINAL}" = "0" ]; then + rpk --config "${CONFIG}" redpanda config set redpanda.seed_servers '[]' --format yaml + fi + {{- end }} + + # Configure internal kafka listeners + rpk redpanda --config "$CONFIG" config set redpanda.advertised_kafka_api[0].name internal + rpk redpanda --config "$CONFIG" config set redpanda.advertised_kafka_api[0].address {{ $advertiseAddress }} + rpk redpanda --config "$CONFIG" config set redpanda.advertised_kafka_api[0].port {{ .Values.listeners.kafka.port }} + + # Configure external kafka listeners + {{- $listenerIndex := 1 }} + {{- range $name, $listener := .Values.listeners.kafka.external }} + {{- $enabled := dig "enabled" $values.external.enabled $listener }} + {{- $listenerNodePortEnabled := and $enabled (eq (dig "type" $values.external.type $listener) "NodePort") }} + {{- $advertiseKafkaHost := $advertiseAddress }} + {{- $advertiseKafkaPort := $listener.nodePort }} + {{- if $listenerNodePortEnabled }} + {{- if $values.external.addresses }} + NODE_INDEX=`expr $NODE_ID + 1` + NODE_ADDRESS=`echo $EXTERNAL_ADDRESSES | cut -d ' ' -f $NODE_INDEX` + {{- if eq $values.external.addressType "ip" }} + rpk redpanda --config "$CONFIG" config set redpanda.advertised_kafka_api[{{ $listenerIndex }}].address $NODE_ADDRESS + {{- else }} + rpk redpanda --config "$CONFIG" config set redpanda.advertised_kafka_api[{{ $listenerIndex }}].address $NODE_ADDRESS.{{ $values.external.domain }} + {{- end }} + {{- else }} + {{- $advertiseKafkaHost = printf "$(SERVICE_NAME).%s" $values.external.domain }} + rpk redpanda --config "$CONFIG" config set redpanda.advertised_kafka_api[{{ $listenerIndex }}].address {{ $advertiseKafkaHost }} + {{- end }} + {{- end }} + rpk redpanda --config "$CONFIG" config set redpanda.advertised_kafka_api[{{ $listenerIndex }}].name {{ $name }} + rpk redpanda --config "$CONFIG" config set redpanda.advertised_kafka_api[{{ $listenerIndex }}].port {{ $advertiseKafkaPort }} + {{- $listenerIndex = add $listenerIndex 1 }} + {{- end }} + + {{- if (include "redpanda-atleast-22-3-0" . | fromJson).bool }} + {{- if .Values.rackAwareness.enabled }} + # Configure Rack Awareness + RACK=$(curl --silent --cacert /run/secrets/kubernetes.io/serviceaccount/ca.crt --fail -H 'Authorization: Bearer '$(cat /run/secrets/kubernetes.io/serviceaccount/token) "https://${KUBERNETES_SERVICE_HOST}:${KUBERNETES_SERVICE_PORT_HTTPS}/api/v1/nodes/${KUBERNETES_NODE_NAME}?pretty=true" | grep {{ .Values.rackAwareness.nodeAnnotation | quote | squote }} | sed 's/.*": "\([^"]\+\).*/\1/') + rpk --config "$CONFIG" redpanda config set redpanda.rack "${RACK}" + {{- end }} {{- end }} volumeMounts: - name: {{ template "redpanda.fullname" . }} @@ -200,21 +252,10 @@ spec: - --memory={{ template "redpanda-memory" . }}M - --reserve-memory={{ template "redpanda-reserve-memory" . }} - --default-log-level={{ .Values.logging.logLevel }} - - --advertise-kafka-addr=internal://{{ $advertiseAddress }}:{{ .Values.listeners.kafka.port }}, -{{- range $name, $listener := .Values.listeners.kafka.external -}} - {{- $enabled := dig "enabled" $values.external.enabled $listener -}} - {{- $listenerNodePortEnabled := and $enabled (eq (dig "type" $values.external.type $listener) "NodePort") -}} - {{- $advertiseKafkaHost := $advertiseAddress -}} - {{- $advertiseKafkaPort := $listener.nodePort -}} - {{- if $listenerNodePortEnabled -}} - {{- $advertiseKafkaHost = printf "$(SERVICE_NAME).%s" $values.external.domain -}} - {{- end -}} - {{ $name }}://{{ $advertiseKafkaHost }}:{{ $advertiseKafkaPort }}, -{{- end }} - --advertise-rpc-addr={{ $advertiseAddress }}:{{ .Values.listeners.rpc.port }} - --advertise-pandaproxy-addr=internal://{{ $advertiseAddress }}:{{ .Values.listeners.http.port }}, {{- range $name, $listener := .Values.listeners.http.external -}} - {{ $name}}://{{ $advertiseAddress }}:{{ $listener.nodePort }}, + {{ $name }}://{{ $advertiseAddress }}:{{ $listener.nodePort }}, {{- end }} ports: {{- range $name, $listener := .Values.listeners }} @@ -279,7 +320,7 @@ spec: {{- end }} secretName: {{ template "redpanda.fullname" $ }}-{{ $name }}-cert {{- end }} -{{- end -}} +{{- end }} {{- if or .Values.statefulset.nodeAffinity .Values.statefulset.podAffinity .Values.statefulset.podAntiAffinity }} affinity: {{- with .Values.statefulset.nodeAffinity }} diff --git a/charts/redpanda/redpanda/templates/tests/test-rack-awareness.yaml b/charts/redpanda/redpanda/templates/tests/test-rack-awareness.yaml new file mode 100644 index 000000000..1ba5dd0ba --- /dev/null +++ b/charts/redpanda/redpanda/templates/tests/test-rack-awareness.yaml @@ -0,0 +1,55 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- if .Values.rackAwareness.enabled -}} +{{- if not (or (include "tls-enabled" . | fromJson).bool (include "sasl-enabled" .)) -}} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "redpanda.fullname" . }}-test-rack-awareness + namespace: {{ .Release.Namespace | quote }} + labels: + helm.sh/chart: {{ template "redpanda.chart" . }} + app.kubernetes.io/name: {{ template "redpanda.name" . }} + app.kubernetes.io/instance: {{ .Release.Name | quote }} + app.kubernetes.io/managed-by: {{ .Release.Service | quote }} + app.kubernetes.io/component: {{ template "redpanda.name" . }} + {{- with .Values.commonLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} + annotations: + "helm.sh/hook": test + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded +spec: + backoffLimit: 2 + completions: 1 + parallelism: 1 + ttlSecondsAfterFinished: 120 + template: + spec: + restartPolicy: Never + containers: + - name: {{ template "redpanda.name" . }} + image: {{ .Values.image.repository}}:{{ template "redpanda.tag" . }} + command: + - /bin/bash + - -c + - | + set -e + curl --silent --fail http://{{ include "redpanda.fullname" . }}:{{ .Values.listeners.admin.port }}/v1/node_config | grep '"rack":"rack[1-4]"' + rpk redpanda admin config print --host {{ include "redpanda.fullname" . }}:{{ .Values.listeners.admin.port }} | grep '"enable_rack_awareness": true' +{{- end -}} +{{- end -}} diff --git a/charts/redpanda/redpanda/values.schema.json b/charts/redpanda/redpanda/values.schema.json index f92286065..7c97143b1 100644 --- a/charts/redpanda/redpanda/values.schema.json +++ b/charts/redpanda/redpanda/values.schema.json @@ -48,6 +48,21 @@ } } }, + "rackAwareness": { + "type": "object", + "required": [ + "enabled", + "nodeAnnotation" + ], + "properties": { + "enabled": { + "type": "boolean" + }, + "nodeAnnotation": { + "type": "string" + } + } + }, "auth": { "type": "object", "required": [ @@ -185,6 +200,13 @@ "domain": { "type": "string", "format": "idn-hostname" + }, + "addressType": { + "type": "string", + "pattern": "^(subdomain|ip)$" + }, + "addresses": { + "type": "string" } } }, @@ -570,6 +592,21 @@ } } }, + "rbac": { + "type": "object", + "required": [ + "enabled", + "annotations" + ], + "properties": { + "enabled": { + "type": "boolean" + }, + "annotations": { + "type": "object" + } + } + }, "tuning": { "type": "object", "properties": { diff --git a/charts/redpanda/redpanda/values.yaml b/charts/redpanda/redpanda/values.yaml index 497b42c5d..0a54d3675 100644 --- a/charts/redpanda/redpanda/values.yaml +++ b/charts/redpanda/redpanda/values.yaml @@ -19,7 +19,7 @@ # https://helm.sh/docs/chart_template_guide/values_files/ # -# >>> This chart requires Helm version 3.5.0 or greater <<< +# >>> This chart requires Helm version 3.6.0 or greater <<< # # Common parameters @@ -47,6 +47,16 @@ license_secret_ref: {} # Secret name and secret key where license is stored # secret_name: my-secret # secret_key: key-where-license-is-stored +# Rack Awareness +rackAwareness: + # When running in multiple racks or availability zones, use the Kubernetes Node + # annotation value as the Redpanda rack value. + # Enabling this requires running with a service account with "get" Node permissions. + # Set serviceAccount.create=true and rbac.enabled=true to have the helm chart configure that permission. + enabled: false + # This is the common well-known annotation to use. You would only want to override + # this if you have your own custom Node annotation to use instead. + nodeAnnotation: topology.kubernetes.io/zone # # Authentication @@ -96,9 +106,22 @@ external: # External config doesn't apply to RPC listeners as they are never externally accessible # These values can be overridden by each listener if needed enabled: true - # Default external access type (NodePort is the only option for now) + # Default external access type (only NodePort at the moment) type: NodePort + # Domain to be used for each node domain: local + # + # addressType can be set to the following: subdomain ip + # with subdomain, each node will advertise an address with . + # with ip, each node will advertise only (and domain will be ignored) + # addressType: subdomain + # + # The addresses list must have an entry for each statefulset replica + # By default, the statefulset is called redpanda and has 3 replicas + # If you want to access nodes by their IP: addresses: "18.224.215.250 18.118.163.26 3.142.153.29" + # Or if you want to access nodes via DNS: addresses: "apple bacon carrot" + # addresses: "redpanda-0 redpanda-1 redpanda-2" + # # annotations: # For example: # cloud.google.com/load-balancer-type: "Internal" @@ -331,6 +354,12 @@ serviceAccount: # The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: "" +# Role Based Access Control +rbac: + # enable this for features that need extra priveleges + enabled: false + # annotations to add to the rbac resources + annotations: {} tuning: {} # This section contains Redpanda tuning parameters. @@ -573,7 +602,6 @@ config: # api_doc_dir: /usr/share/redpanda/proxy-api-doc # API doc directory # coproc_supervisor_server: 127.0.0.1:43189 # IpAddress and port for supervisor service # dashboard_dir: None # serve http dashboard on / url - # rack: None # Rack identifier # developer_mode: optional # Skips most of the checks performed at startup # Invalid properties diff --git a/charts/speedscale/speedscale-operator/Chart.yaml b/charts/speedscale/speedscale-operator/Chart.yaml index 4724c3c91..3a7b33c9f 100644 --- a/charts/speedscale/speedscale-operator/Chart.yaml +++ b/charts/speedscale/speedscale-operator/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>= 1.17.0-0' catalog.cattle.io/release-name: speedscale-operator apiVersion: v1 -appVersion: 1.2.55 +appVersion: 1.2.61 description: Stress test your APIs with real world scenarios. Collect and replay traffic without scripting. home: https://speedscale.com @@ -24,4 +24,4 @@ maintainers: - email: support@speedscale.com name: Speedscale Support name: speedscale-operator -version: 1.2.5 +version: 1.2.6 diff --git a/charts/speedscale/speedscale-operator/README.md b/charts/speedscale/speedscale-operator/README.md index 03639f54a..322b63b40 100644 --- a/charts/speedscale/speedscale-operator/README.md +++ b/charts/speedscale/speedscale-operator/README.md @@ -101,10 +101,10 @@ _See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documen A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an incompatible breaking change needing manual actions. -### Upgrade to 1.2.5 +### Upgrade to 1.2.6 ```bash -kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.2.5/templates/crds/trafficreplays.yaml +kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.2.6/templates/crds/trafficreplays.yaml ``` ### Upgrade to 1.1.0 diff --git a/charts/speedscale/speedscale-operator/app-readme.md b/charts/speedscale/speedscale-operator/app-readme.md index 03639f54a..322b63b40 100644 --- a/charts/speedscale/speedscale-operator/app-readme.md +++ b/charts/speedscale/speedscale-operator/app-readme.md @@ -101,10 +101,10 @@ _See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documen A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an incompatible breaking change needing manual actions. -### Upgrade to 1.2.5 +### Upgrade to 1.2.6 ```bash -kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.2.5/templates/crds/trafficreplays.yaml +kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.2.6/templates/crds/trafficreplays.yaml ``` ### Upgrade to 1.1.0 diff --git a/charts/speedscale/speedscale-operator/values.yaml b/charts/speedscale/speedscale-operator/values.yaml index 3c3445eb1..b91977c9e 100644 --- a/charts/speedscale/speedscale-operator/values.yaml +++ b/charts/speedscale/speedscale-operator/values.yaml @@ -10,7 +10,7 @@ clusterName: "my-cluster" # Speedscale components image settings. image: registry: gcr.io/speedscale - tag: v1.2.55 + tag: v1.2.61 pullPolicy: Always # Log level for Speedscale components. diff --git a/charts/sysdig/sysdig/CHANGELOG.md b/charts/sysdig/sysdig/CHANGELOG.md index c9bd77fbc..718f61548 100644 --- a/charts/sysdig/sysdig/CHANGELOG.md +++ b/charts/sysdig/sysdig/CHANGELOG.md @@ -3,6 +3,12 @@ ## Change Log This file documents all notable changes to Sysdig Helm Chart. The release numbering uses [semantic versioning](http://semver.org). + +## v1.15.60 +### Minor changes: +* BenchmarkRunner + * bump to runner version 1.1.0.5 + ## v1.15.59 ### Minor changes: * BenchmarkRunner diff --git a/charts/sysdig/sysdig/Chart.yaml b/charts/sysdig/sysdig/Chart.yaml index e35ba676b..376790efb 100644 --- a/charts/sysdig/sysdig/Chart.yaml +++ b/charts/sysdig/sysdig/Chart.yaml @@ -29,4 +29,4 @@ name: sysdig sources: - https://app.sysdigcloud.com/#/settings/user - https://github.com/draios/sysdig -version: 1.15.59 +version: 1.15.60 diff --git a/charts/sysdig/sysdig/README.md b/charts/sysdig/sysdig/README.md index 039ad3f55..194f33e63 100644 --- a/charts/sysdig/sysdig/README.md +++ b/charts/sysdig/sysdig/README.md @@ -183,7 +183,7 @@ The following table lists the configurable parameters of the Sysdig chart and th | `nodeAnalyzer.hostAnalyzer.env` | Extra environment variables that will be passed onto pods | `{}` | | `nodeAnalyzer.benchmarkRunner.deploy` | Deploy the Benchmark Runner | `true ` | | `nodeAnalyzer.benchmarkRunner.image.repository` | The image repository to pull the Benchmark Runner from | `sysdig/compliance-benchmark-runner` | -| `nodeAnalyzer.benchmarkRunner.image.tag` | The image tag to pull the Benchmark Runner | `1.1.0.4` | +| `nodeAnalyzer.benchmarkRunner.image.tag` | The image tag to pull the Benchmark Runner | `1.1.0.5` | | `nodeAnalyzer.benchmarkRunner.image.digest` | The image digest to pull | ` ` | | `nodeAnalyzer.benchmarkRunner.image.pullPolicy` | The Image pull policy for the Benchmark Runner | `IfNotPresent` | | `nodeAnalyzer.benchmarkRunner.includeSensitivePermissions` | Grant the service account elevated permissions to run CIS Benchmark for OS4 | `false` | diff --git a/charts/sysdig/sysdig/values.yaml b/charts/sysdig/sysdig/values.yaml index 0b980529d..e1e3e157c 100644 --- a/charts/sysdig/sysdig/values.yaml +++ b/charts/sysdig/sysdig/values.yaml @@ -479,7 +479,7 @@ nodeAnalyzer: image: repository: sysdig/compliance-benchmark-runner - tag: 1.1.0.4 + tag: 1.1.0.5 digest: pullPolicy: IfNotPresent diff --git a/charts/traefik/traefik/.helmignore b/charts/traefik/traefik/.helmignore new file mode 100644 index 000000000..9c42ddd90 --- /dev/null +++ b/charts/traefik/traefik/.helmignore @@ -0,0 +1,2 @@ +tests/ +crds/kustomization.yaml diff --git a/charts/traefik/traefik/Changelog.md b/charts/traefik/traefik/Changelog.md index aa5978942..63663a104 100644 --- a/charts/traefik/traefik/Changelog.md +++ b/charts/traefik/traefik/Changelog.md @@ -1,10 +1,50 @@ # Change Log +## 20.7.0 ![AppVersion: v2.9.6](https://img.shields.io/static/v1?label=AppVersion&message=v2.9.6&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) + +**Release date:** 2022-12-08 + +* âŦ†ī¸ Update default Traefik release to v2.9.6 +* 🐛 Don't fail when prometheus is disabled (#756) +* :bug: Fix typo on bufferingSize for access logs (#753) +* ✨ support for Gateway annotations +* add keywords [networking], for artifacthub category quering +* :adhesive_bandage: Add quotes for artifacthub changelog parsing (#748) + +### Default value changes + +```diff +diff --git a/traefik/values.yaml b/traefik/values.yaml +index 4f2fb2a..b77539d 100644 +--- a/traefik/values.yaml ++++ b/traefik/values.yaml +@@ -120,6 +120,9 @@ experimental: + # By default, Gateway would be created to the Namespace you are deploying Traefik to. + # You may create that Gateway in another namespace, setting its name below: + # namespace: default ++ # Additional gateway annotations (e.g. for cert-manager.io/issuer) ++ # annotations: ++ # cert-manager.io/issuer: letsencrypt + + # Create an IngressRoute for the dashboard + ingressRoute: +@@ -219,7 +222,8 @@ logs: + # By default, the logs use a text format (common), but you can + # also ask for the json format in the format option + # format: json +- # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. ++ # By default, the level is set to ERROR. ++ # Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. + level: ERROR + access: + # To enable access logs +``` + ## 20.6.0 ![AppVersion: v2.9.5](https://img.shields.io/static/v1?label=AppVersion&message=v2.9.5&color=success&logo=) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm) **Release date:** 2022-11-30 -* 🔍ī¸ Add filePath support on access logs +* 🔍ī¸ Add filePath support on access logs (#747) * :bug: Add missing scheme in help on Traefik Hub integration (#746) * :memo: Improve documentation on using PVC with TLS certificates diff --git a/charts/traefik/traefik/Chart.yaml b/charts/traefik/traefik/Chart.yaml index 244f4cbf9..3c28c6fdd 100644 --- a/charts/traefik/traefik/Chart.yaml +++ b/charts/traefik/traefik/Chart.yaml @@ -1,18 +1,21 @@ annotations: - artifacthub.io/changes: "- \U0001F50Dī¸ Add filePath support on access logs\n- :bug: - Add missing scheme in help on Traefik Hub integration (#746)\n- :memo: Improve - documentation on using PVC with TLS certificates\n" + artifacthub.io/changes: "- \"âŦ†ī¸ Update default Traefik release to v2.9.6\"\n- \"\U0001F41B + Don't fail when prometheus is disabled (#756)\"\n- \":bug: Fix typo on bufferingSize + for access logs (#753)\"\n- \"✨ support for Gateway annotations\"\n- \"add keywords + [networking], for artifacthub category quering\"\n- \":adhesive_bandage: Add quotes + for artifacthub changelog parsing (#748)\"\n" catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Traefik Proxy catalog.cattle.io/release-name: traefik apiVersion: v2 -appVersion: v2.9.5 +appVersion: v2.9.6 description: A Traefik based Kubernetes ingress controller home: https://traefik.io/ icon: https://raw.githubusercontent.com/traefik/traefik/v2.3/docs/content/assets/img/traefik.logo.png keywords: - traefik - ingress +- networking maintainers: - email: emile@vauge.com name: emilevauge @@ -29,4 +32,4 @@ sources: - https://github.com/traefik/traefik - https://github.com/traefik/traefik-helm-chart type: application -version: 20.6.0 +version: 20.7.0 diff --git a/charts/traefik/traefik/templates/_podtemplate.tpl b/charts/traefik/traefik/templates/_podtemplate.tpl index ca343ee5f..d07443b7d 100644 --- a/charts/traefik/traefik/templates/_podtemplate.tpl +++ b/charts/traefik/traefik/templates/_podtemplate.tpl @@ -485,8 +485,8 @@ {{- if .access.filePath }} - "--accesslog.filepath={{ .access.filePath }}" {{- end }} - {{- if .access.bufferingsize }} - - "--accesslog.bufferingsize={{ .access.bufferingsize }}" + {{- if .access.bufferingSize }} + - "--accesslog.bufferingsize={{ .access.bufferingSize }}" {{- end }} {{- if .access.filters }} {{- if .access.filters.statuscodes }} diff --git a/charts/traefik/traefik/templates/gateway.yaml b/charts/traefik/traefik/templates/gateway.yaml index 401fba93a..96382d5e5 100644 --- a/charts/traefik/traefik/templates/gateway.yaml +++ b/charts/traefik/traefik/templates/gateway.yaml @@ -6,6 +6,10 @@ kind: Gateway metadata: name: traefik-gateway namespace: {{ default (include "traefik.namespace" .) .Values.experimental.kubernetesGateway.namespace }} + {{- with .Values.experimental.kubernetesGateway.gateway.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} spec: gatewayClassName: traefik listeners: diff --git a/charts/traefik/traefik/templates/service-metrics.yaml b/charts/traefik/traefik/templates/service-metrics.yaml index ee4d5877a..7679d42ae 100644 --- a/charts/traefik/traefik/templates/service-metrics.yaml +++ b/charts/traefik/traefik/templates/service-metrics.yaml @@ -3,6 +3,8 @@ {{- fail "ERROR: Cannot create a metrics service when name contains more than 50 characters" }} {{- end }} +{{- if .Values.metrics.prometheus }} +{{- if .Values.metrics.prometheus.service }} {{- if (and (.Values.metrics.prometheus.service).enabled (not .Values.hub.enabled)) -}} apiVersion: v1 kind: Service @@ -26,5 +28,6 @@ spec: {{- if .Values.ports.metrics.nodePort }} nodePort: {{ .Values.ports.metrics.nodePort }} {{- end }} -{{- end -}} - +{{- end }} +{{- end }} +{{- end }} diff --git a/charts/traefik/traefik/values.yaml b/charts/traefik/traefik/values.yaml index 4f2fb2ab2..b77539d32 100644 --- a/charts/traefik/traefik/values.yaml +++ b/charts/traefik/traefik/values.yaml @@ -120,6 +120,9 @@ experimental: # By default, Gateway would be created to the Namespace you are deploying Traefik to. # You may create that Gateway in another namespace, setting its name below: # namespace: default + # Additional gateway annotations (e.g. for cert-manager.io/issuer) + # annotations: + # cert-manager.io/issuer: letsencrypt # Create an IngressRoute for the dashboard ingressRoute: @@ -219,7 +222,8 @@ logs: # By default, the logs use a text format (common), but you can # also ask for the json format in the format option # format: json - # By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. + # By default, the level is set to ERROR. + # Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO. level: ERROR access: # To enable access logs diff --git a/index.yaml b/index.yaml index f4d10d03a..908830400 100644 --- a/index.yaml +++ b/index.yaml @@ -282,6 +282,41 @@ entries: - assets/ambassador/ambassador-6.7.1100.tgz version: 6.7.1100 argo-cd: + - annotations: + artifacthub.io/changes: | + - "[Changed]: Update ArgoCD to v2.5.4" + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Argo CD + catalog.cattle.io/kube-version: '>=1.22.0-0' + catalog.cattle.io/release-name: argo-cd + apiVersion: v2 + appVersion: v2.5.4 + created: "2022-12-08T12:25:36.612230723-07:00" + dependencies: + - condition: redis-ha.enabled + name: redis-ha + repository: file://./charts/redis-ha + version: 4.22.3 + description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery + tool for Kubernetes. + digest: 6e607367a0f2e693b1de87411985f678ffe99cf52c0e47c01af4609026da3423 + home: https://github.com/argoproj/argo-helm + icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png + keywords: + - argoproj + - argocd + - gitops + kubeVersion: '>=1.22.0-0' + maintainers: + - name: argoproj + url: https://argoproj.github.io/ + name: argo-cd + sources: + - https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd + - https://github.com/argoproj/argo-cd + urls: + - assets/argo/argo-cd-5.16.2.tgz + version: 5.16.2 - annotations: artifacthub.io/changes: | - "[Fixed]: Set aggregate roles only for using resources" @@ -1405,6 +1440,66 @@ entries: - assets/jfrog/artifactory-jcr-2.5.100.tgz version: 2.5.100 asserts: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Asserts + catalog.cattle.io/kube-version: '>=1.17-0' + catalog.cattle.io/release-name: asserts + apiVersion: v2 + created: "2022-12-08T12:25:36.746910152-07:00" + dependencies: + - condition: knowledge-sensor.enabled + name: knowledge-sensor + repository: file://./charts/knowledge-sensor + version: 1.0.0 + - alias: tsdb + condition: tsdb.enabled + name: victoria-metrics-single + repository: file://./charts/victoria-metrics-single + version: 1.1.0 + - condition: alertmanager.enabled + name: alertmanager + repository: file://./charts/alertmanager + version: 1.0.0 + - alias: promxyruler + condition: promxyruler.enabled + name: promxy + repository: file://./charts/promxy + version: 0.7.0 + - alias: promxyuser + condition: promxyuser.enabled + name: promxy + repository: file://./charts/promxy + version: 0.7.0 + - name: common + repository: file://./charts/common + version: 1.x.x + - alias: redisgraph + condition: redisgraph.enabled + name: redis + repository: file://./charts/redis + version: 16.8.7 + - alias: redisearch + condition: redisearch.enabled + name: redis + repository: file://./charts/redis + version: 16.8.7 + - alias: postgres + condition: postgres.enabled + name: postgresql + repository: file://./charts/postgresql + version: 11.1.23 + description: Asserts Helm Chart to configure entire asserts stack + digest: d5095fb9527e9f4586b04ce52689fb3a3dcce125ad7615473317e5c49fb93fc1 + icon: https://www.asserts.ai/favicon.png + maintainers: + - name: Asserts + url: https://github.com/asserts + name: asserts + type: application + urls: + - assets/asserts/asserts-1.17.0.tgz + version: 1.17.0 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Asserts @@ -2211,6 +2306,22 @@ entries: - assets/cert-manager/cert-manager-1.10.0.tgz version: 1.10.0 cf-runtime: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Codefresh + catalog.cattle.io/kube-version: '>=1.18-0' + catalog.cattle.io/release-name: cf-runtime + apiVersion: v2 + appVersion: 1.8.0 + created: "2022-12-08T12:25:37.251570056-07:00" + description: A Helm chart for Codefresh Runner + digest: 8c3acda7551d0b9c99b48027218b40623ed05380b0ad5c5efbeb71bccfaac41a + icon: https://partner-charts.rancher.io/assets/logos/codefresh.jpg + name: cf-runtime + type: application + urls: + - assets/codefresh/cf-runtime-1.8.0.tgz + version: 1.8.0 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Codefresh @@ -2422,6 +2533,31 @@ entries: - assets/citrix/citrix-cpx-istio-sidecar-injector-1.11.0.tgz version: 1.11.0 citrix-cpx-with-ingress-controller: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Citrix Cpx with Ingress Controller + catalog.cattle.io/kube-version: '>=v1.16.0-0' + catalog.cattle.io/release-name: citrix-cpx-with-ingress-controller + apiVersion: v2 + appVersion: 1.28.2 + created: "2022-12-08T12:25:37.223034326-07:00" + description: A Helm chart for Citrix ADC CPX with Citrix ingress Controller running + as sidecar. + digest: b83a201a83c9d0909538512649f413f7bc03c957fcaf6c8a8191ff33a0ed82ec + home: https://www.citrix.com + icon: https://raw.githubusercontent.com/citrix/citrix-helm-charts/gh-pages/icon.png + kubeVersion: '>=v1.16.0-0' + maintainers: + - email: priyanka.sharma@citrix.com + name: priyankash-citrix + - email: subash.dangol@citrix.com + name: subashd + name: citrix-cpx-with-ingress-controller + sources: + - https://github.com/citrix/citrix-k8s-ingress-controller + urls: + - assets/citrix/citrix-cpx-with-ingress-controller-1.28.2.tgz + version: 1.28.2 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Citrix Cpx with Ingress Controller @@ -2470,6 +2606,30 @@ entries: - assets/citrix/citrix-cpx-with-ingress-controller-1.8.2800.tgz version: 1.8.2800 citrix-ingress-controller: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Citrix Ingress Controller + catalog.cattle.io/kube-version: '>=v1.16.0-0' + catalog.cattle.io/release-name: citrix-ingress-controller + apiVersion: v2 + appVersion: 1.28.2 + created: "2022-12-08T12:25:37.232323747-07:00" + description: A Helm chart for Citrix Ingress Controller configuring MPX/VPX. + digest: 0fb2a3087b1f8c4f95050e9c2ac74b12717b7f819e17cc5fb164569e0a66d77d + home: https://www.citrix.com + icon: https://raw.githubusercontent.com/citrix/citrix-helm-charts/gh-pages/icon.png + kubeVersion: '>=v1.16.0-0' + maintainers: + - email: priyanka.sharma@citrix.com + name: priyankash-citrix + - email: subash.dangol@citrix.com + name: subashd + name: citrix-ingress-controller + sources: + - https://github.com/citrix/citrix-k8s-ingress-controller + urls: + - assets/citrix/citrix-ingress-controller-1.28.2.tgz + version: 1.28.2 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Citrix Ingress Controller @@ -2667,6 +2827,27 @@ entries: - assets/cloudcasa/cloudcasa-0.1.000.tgz version: 0.1.000 cockroachdb: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: CockroachDB + catalog.cattle.io/kube-version: '>=1.8-0' + catalog.cattle.io/release-name: cockroachdb + apiVersion: v1 + appVersion: 22.2.0 + created: "2022-12-08T12:25:37.241752459-07:00" + description: CockroachDB is a scalable, survivable, strongly-consistent SQL database. + digest: 9577c2e94ee8324603a1954bcc20403cc19da3f82a8850361f16aef9da94e397 + home: https://www.cockroachlabs.com + icon: https://raw.githubusercontent.com/cockroachdb/cockroach/master/docs/media/cockroach_db.png + maintainers: + - email: helm-charts@cockroachlabs.com + name: cockroachlabs + name: cockroachdb + sources: + - https://github.com/cockroachdb/cockroach + urls: + - assets/cockroach-labs/cockroachdb-10.0.0.tgz + version: 10.0.0 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: CockroachDB @@ -3456,6 +3637,43 @@ entries: - assets/weka/csi-wekafsplugin-0.6.400.tgz version: 0.6.400 datadog: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Datadog + catalog.cattle.io/kube-version: '>=1.10-0' + catalog.cattle.io/release-name: datadog + apiVersion: v1 + appVersion: "7" + created: "2022-12-08T12:25:37.330312112-07:00" + dependencies: + - condition: clusterAgent.metricsProvider.useDatadogMetrics + name: datadog-crds + repository: https://helm.datadoghq.com + tags: + - install-crds + version: 0.4.7 + - condition: datadog.kubeStateMetricsEnabled + name: kube-state-metrics + repository: https://prometheus-community.github.io/helm-charts + version: 2.13.2 + description: Datadog Agent + digest: 611bb923f63812b3bf42fe30f7b498b9a09329478cfd4fc967c92d913743d965 + home: https://www.datadoghq.com + icon: https://datadog-live.imgix.net/img/dd_logo_70x75.png + keywords: + - monitoring + - alerting + - metric + maintainers: + - email: support@datadoghq.com + name: Datadog + name: datadog + sources: + - https://app.datadoghq.com/account/settings#agent/kubernetes + - https://github.com/DataDog/datadog-agent + urls: + - assets/datadog/datadog-3.5.1.tgz + version: 3.5.1 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Datadog @@ -4959,6 +5177,70 @@ entries: - assets/inaccel/fpga-operator-2.5.201.tgz version: 2.5.201 gitlab: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: GitLab + catalog.cattle.io/release-name: gitlab + apiVersion: v1 + appVersion: 15.6.2 + created: "2022-12-08T12:25:37.692291081-07:00" + dependencies: + - name: gitlab + repository: "" + version: '*.*.*' + - name: certmanager-issuer + repository: "" + version: '*.*.*' + - name: minio + repository: "" + version: '*.*.*' + - name: registry + repository: "" + version: '*.*.*' + - alias: certmanager + condition: certmanager.install + name: cert-manager + repository: https://charts.jetstack.io/ + version: 1.5.4 + - condition: prometheus.install + name: prometheus + repository: https://prometheus-community.github.io/helm-charts + version: 15.0.4 + - condition: postgresql.install + name: postgresql + repository: https://raw.githubusercontent.com/bitnami/charts/eb5f9a9513d987b519f0ecd732e7031241c50328/bitnami + version: 8.9.4 + - condition: gitlab-runner.install + name: gitlab-runner + repository: https://charts.gitlab.io/ + version: 0.47.0 + - condition: global.grafana.enabled + name: grafana + repository: https://grafana.github.io/helm-charts + version: 6.11.0 + - condition: redis.install + name: redis + repository: https://raw.githubusercontent.com/bitnami/charts/eb5f9a9513d987b519f0ecd732e7031241c50328/bitnami + version: 11.3.4 + - condition: nginx-ingress.enabled + name: nginx-ingress + repository: "" + version: '*.*.*' + description: The One DevOps Platform + digest: cd95c4f9288896b22d0dea947f86fa9a51e065e071b66b47b1c55f7d962cc5f0 + home: https://about.gitlab.com/ + icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.png + keywords: + - gitlab + maintainers: + - email: support@gitlab.com + name: GitLab Inc. + name: gitlab + sources: + - https://gitlab.com/gitlab-org/charts/gitlab + urls: + - assets/gitlab/gitlab-6.6.2.tgz + version: 6.6.2 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: GitLab @@ -6457,6 +6739,28 @@ entries: - assets/tetrate-istio/istiod-tid-1.12.600.tgz version: 1.12.600 jaeger-operator: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Jaeger Operator + catalog.cattle.io/release-name: jaeger-operator + apiVersion: v1 + appVersion: 1.39.0 + created: "2022-12-08T12:25:37.80562003-07:00" + description: jaeger-operator Helm chart for Kubernetes + digest: 138e9c1617086b327d8ce5bc4416e13a3b30fd312adbd5d44abe1cb14422e4b0 + home: https://www.jaegertracing.io/ + icon: https://www.jaegertracing.io/img/jaeger-icon-reverse-color.svg + maintainers: + - email: ctadeu@gmail.com + name: cpanato + - email: batazor111@gmail.com + name: batazor + name: jaeger-operator + sources: + - https://github.com/jaegertracing/jaeger-operator + urls: + - assets/jaeger/jaeger-operator-2.38.0.tgz + version: 2.38.0 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Jaeger Operator @@ -6502,6 +6806,54 @@ entries: - assets/jaeger/jaeger-operator-2.36.0.tgz version: 2.36.0 jenkins: + - annotations: + artifacthub.io/images: | + - name: jenkins + image: jenkins/jenkins:2.375.1-jdk11 + - name: k8s-sidecar + image: kiwigrid/k8s-sidecar:1.15.0 + - name: inbound-agent + image: jenkins/inbound-agent:4.11.2-4 + - name: backup + image: maorfr/kube-tasks:0.2.0 + artifacthub.io/links: | + - name: Chart Source + url: https://github.com/jenkinsci/helm-charts/tree/main/charts/jenkins + - name: Jenkins + url: https://www.jenkins.io/ + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Jenkins + catalog.cattle.io/kube-version: '>=1.14-0' + catalog.cattle.io/release-name: jenkins + apiVersion: v2 + appVersion: 2.375.1 + created: "2022-12-08T12:25:37.823310447-07:00" + description: Jenkins - Build great things at any scale! The leading open source + automation server, Jenkins provides hundreds of plugins to support building, + deploying and automating any project. + digest: e066fa91caca2dbafc8669b13be3dbbd860bba7c8b2c01214aab2b46f71816b7 + home: https://jenkins.io/ + icon: https://get.jenkins.io/art/jenkins-logo/logo.svg + maintainers: + - email: maor.friedman@redhat.com + name: maorfr + - email: mail@torstenwalter.de + name: torstenwalter + - email: garridomota@gmail.com + name: mogaal + - email: wmcdona89@gmail.com + name: wmcdona89 + - email: timjacomb1@gmail.com + name: timja + name: jenkins + sources: + - https://github.com/jenkinsci/jenkins + - https://github.com/jenkinsci/docker-inbound-agent + - https://github.com/maorfr/kube-tasks + - https://github.com/jenkinsci/configuration-as-code-plugin + urls: + - assets/jenkins/jenkins-4.2.17.tgz + version: 4.2.17 - annotations: artifacthub.io/images: | - name: jenkins @@ -7908,6 +8260,47 @@ entries: - assets/k10/k10-4.5.900.tgz version: 4.5.900 kafka: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Apache Kafka + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: kafka + category: Infrastructure + apiVersion: v2 + appVersion: 3.3.1 + created: "2022-12-08T12:25:36.981119458-07:00" + dependencies: + - condition: zookeeper.enabled + name: zookeeper + repository: file://./charts/zookeeper + version: 11.x.x + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: Apache Kafka is a distributed streaming platform designed to build + real-time pipelines and can be used as a message broker or as a replacement + for a log aggregation solution for big data applications. + digest: b9430f3c65d89dd5f67a11c25647f5c3b4047707f0cf8d158d51e3970c068ff8 + home: https://github.com/bitnami/charts/tree/main/bitnami/kafka + icon: https://svn.apache.org/repos/asf/comdev/project-logos/originals/kafka.svg + keywords: + - kafka + - zookeeper + - streaming + - producer + - consumer + maintainers: + - name: Bitnami + url: https://github.com/bitnami/charts + name: kafka + sources: + - https://github.com/bitnami/containers/tree/main/bitnami/kafka + - https://kafka.apache.org/ + urls: + - assets/bitnami/kafka-20.0.0.tgz + version: 20.0.0 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Apache Kafka @@ -8355,6 +8748,45 @@ entries: - assets/kong/kong-2.3.1.tgz version: 2.3.1 kubeslice-controller: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Kubeslice Controller + catalog.cattle.io/kube-version: '>= 1.19' + catalog.cattle.io/namespace: kubeslice-controller + catalog.cattle.io/release-name: kubeslice-controller + apiVersion: v2 + appVersion: 0.2.1 + created: "2022-12-08T12:25:36.833895225-07:00" + description: A Helm chart for kubeslice controller with manager + digest: 55c0d1fd7f2c6be816be93e30816e0ac80857e5047360aedbd2b638f852a64b5 + icon: https://kubeslice.io/documentation/open-source/img/kubeslice-logo.svg + keywords: + - multicloud + - multi cloud + - multitenant + - multitenancy + - multi tenant + - multi tenancy + - federated mesh + - federated clusters + - federated k8s + - federated kubernetes + - cluster sprawl + - sprawl + - namespace sprawl + - network policy + - overlay network + - mesh network + - security + - networking + - infrastructure + - application + kubeVersion: '>= 1.19' + name: kubeslice-controller + type: application + urls: + - assets/avesha/kubeslice-controller-0.4.3.tgz + version: 0.4.3 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Kubeslice Controller @@ -8395,6 +8827,45 @@ entries: - assets/avesha/kubeslice-controller-0.4.2.tgz version: 0.4.2 kubeslice-worker: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Kubeslice Worker + catalog.cattle.io/kube-version: '>= 1.19' + catalog.cattle.io/namespace: kubeslice-system + catalog.cattle.io/release-name: kubeslice-worker + apiVersion: v2 + appVersion: 0.2.1 + created: "2022-12-08T12:25:36.836993202-07:00" + description: A Helm chart for Kubeslice Worker Operator + digest: 2108f55cac4f541877619de4866865b4365eea2f17d3d0b08b3e1dc5647f0b6d + icon: https://kubeslice.io/documentation/open-source/img/kubeslice-logo.svg + keywords: + - multicloud + - multi cloud + - multitenant + - multitenancy + - multi tenant + - multi tenancy + - federated mesh + - federated clusters + - federated k8s + - federated kubernetes + - cluster sprawl + - sprawl + - namespace sprawl + - network policy + - overlay network + - mesh network + - security + - networking + - infrastructure + - application + kubeVersion: '>= 1.19' + name: kubeslice-worker + type: application + urls: + - assets/avesha/kubeslice-worker-0.4.6.tgz + version: 0.4.6 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Kubeslice Worker @@ -8435,6 +8906,33 @@ entries: - assets/avesha/kubeslice-worker-0.4.5.tgz version: 0.4.5 kuma: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Kuma + catalog.cattle.io/namespace: kuma-system + catalog.cattle.io/release-name: kuma + apiVersion: v2 + appVersion: 2.0.1 + created: "2022-12-08T12:25:38.195691682-07:00" + description: A Helm chart for the Kuma Control Plane + digest: 07e6028566c1e05eb1c2d9439d1d3833223e79f9c17eb7eacceac8baa5c80ee3 + home: https://github.com/kumahq/kuma + icon: https://kuma.io/assets/images/brand/kuma-logo-new.svg + keywords: + - service mesh + - control plane + maintainers: + - email: austin.cawley@gmail.com + name: austince + - email: jakub.dyszkiewicz@konghq.com + name: jakubdyszkiewicz + - email: nikolay.nikolaev@konghq.com + name: nickolaev + name: kuma + type: application + urls: + - assets/kuma/kuma-2.0.1.tgz + version: 2.0.1 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Kuma @@ -8814,6 +9312,32 @@ entries: - assets/metallb/metallb-0.13.7.tgz version: 0.13.7 minio-operator: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Minio Operator + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: minio-operator + apiVersion: v2 + appVersion: v4.5.5 + created: "2022-12-08T12:25:38.205202147-07:00" + description: A Helm chart for MinIO Operator + digest: a5aa610cfb88efc4ca96d34353b8f233351a33818164ccfd8288cfd3859a3c3d + home: https://min.io + icon: https://min.io/resources/img/logo/MINIO_wordmark.png + keywords: + - storage + - object-storage + - S3 + maintainers: + - email: dev@minio.io + name: MinIO, Inc + name: minio-operator + sources: + - https://github.com/minio/operator + type: application + urls: + - assets/minio/minio-operator-4.5.5.tgz + version: 4.5.5 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Minio Operator @@ -11249,6 +11773,40 @@ entries: - assets/quobyte/quobyte-cluster-0.1.5.tgz version: 0.1.5 redis: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Redis + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: redis + category: Database + apiVersion: v2 + appVersion: 7.0.5 + created: "2022-12-08T12:25:37.04726431-07:00" + dependencies: + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: Redis(R) is an open source, advanced key-value store. It is often + referred to as a data structure server since keys can contain strings, hashes, + lists, sets and sorted sets. + digest: fd097454e29915f92a3d192fbe0e485309aa99e6d2e62c8b81e927f4598e59bd + home: https://github.com/bitnami/charts/tree/main/bitnami/redis + icon: https://redis.com/wp-content/uploads/2021/08/redis-logo.png + keywords: + - redis + - keyvalue + - database + maintainers: + - name: Bitnami + url: https://github.com/bitnami/charts + name: redis + sources: + - https://github.com/bitnami/containers/tree/main/bitnami/redis + urls: + - assets/bitnami/redis-17.3.14.tgz + version: 17.3.14 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Redis @@ -11454,6 +12012,39 @@ entries: - assets/bitnami/redis-17.3.7.tgz version: 17.3.7 redpanda: + - annotations: + artifacthub.io/images: | + - name: redpanda + image: vectorized/redpanda:v22.3.5 + - name: busybox + image: busybox:latest + artifacthub.io/license: Apache-2.0 + artifacthub.io/links: | + - name: Documentation + url: https://docs.redpanda.com + - name: "Helm (>= 3.6.0)" + url: https://helm.sh/docs/intro/install/ + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Redpanda + catalog.cattle.io/kube-version: '>=1.21-0' + catalog.cattle.io/release-name: redpanda + apiVersion: v2 + appVersion: v22.3.5 + created: "2022-12-08T12:25:38.347942636-07:00" + description: Redpanda is the real-time engine for modern apps. + digest: d86e807b642d6068499a7b8c1feeef0ff96627b15c787b45332a461438b01add + icon: https://images.ctfassets.net/paqvtpyf8rwu/3cYHw5UzhXCbKuR24GDFGO/73fb682e6157d11c10d5b2b5da1d5af0/skate-stand-panda.svg + kubeVersion: '>=1.21-0' + maintainers: + - name: redpanda-data + url: https://github.com/orgs/redpanda-data/people + name: redpanda + sources: + - https://github.com/redpanda-data/helm-charts + type: application + urls: + - assets/redpanda/redpanda-2.3.14.tgz + version: 2.3.14 - annotations: artifacthub.io/images: | - name: redpanda @@ -12404,6 +12995,37 @@ entries: - assets/bitnami/spark-6.3.8.tgz version: 6.3.8 speedscale-operator: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Speedscale Operator + catalog.cattle.io/kube-version: '>= 1.17.0-0' + catalog.cattle.io/release-name: speedscale-operator + apiVersion: v1 + appVersion: 1.2.61 + created: "2022-12-08T12:25:38.394545051-07:00" + description: Stress test your APIs with real world scenarios. Collect and replay + traffic without scripting. + digest: d83300dc760a488a37b15a89a60eaea6983f02d1dd48ee8143cd8802b4872ea4 + home: https://speedscale.com + icon: https://raw.githubusercontent.com/speedscale/assets/main/logo/gold_logo_only.png + keywords: + - speedscale + - test + - testing + - regression + - reliability + - load + - replay + - network + - traffic + kubeVersion: '>= 1.17.0-0' + maintainers: + - email: support@speedscale.com + name: Speedscale Support + name: speedscale-operator + urls: + - assets/speedscale/speedscale-operator-1.2.6.tgz + version: 1.2.6 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Speedscale Operator @@ -12714,6 +13336,42 @@ entries: - assets/sumologic/sumologic-2.17.0.tgz version: 2.17.0 sysdig: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Sysdig + catalog.cattle.io/release-name: sysdig + apiVersion: v1 + appVersion: 12.9.1 + created: "2022-12-08T12:25:38.493046126-07:00" + description: Sysdig Monitor and Secure agent + digest: 616002b04102ab53136884e8da497331ccc4b7f74b6cb63c9a782743f70eb2a4 + home: https://www.sysdig.com/ + icon: https://avatars.githubusercontent.com/u/5068817?s=200&v=4 + keywords: + - monitoring + - security + - alerting + - metric + - troubleshooting + - run-time + maintainers: + - email: lachlan@deis.com + name: lachie83 + - email: jorge.salamero@sysdig.com + name: bencer + - email: nestor.salceda@sysdig.com + name: nestorsalceda + - email: alvaro.iradier@sysdig.com + name: airadier + - email: carlos.arilla@sysdig.com + name: carillan81 + name: sysdig + sources: + - https://app.sysdigcloud.com/#/settings/user + - https://github.com/draios/sysdig + urls: + - assets/sysdig/sysdig-1.15.60.tgz + version: 1.15.60 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Sysdig @@ -13067,6 +13725,45 @@ entries: - assets/bitnami/tomcat-10.4.9.tgz version: 10.4.9 traefik: + - annotations: + artifacthub.io/changes: "- \"âŦ†ī¸ Update default Traefik release to v2.9.6\"\n- + \"\U0001F41B Don't fail when prometheus is disabled (#756)\"\n- \":bug: Fix + typo on bufferingSize for access logs (#753)\"\n- \"✨ support for Gateway + annotations\"\n- \"add keywords [networking], for artifacthub category quering\"\n- + \":adhesive_bandage: Add quotes for artifacthub changelog parsing (#748)\"\n" + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Traefik Proxy + catalog.cattle.io/release-name: traefik + apiVersion: v2 + appVersion: v2.9.6 + created: "2022-12-08T12:25:38.505897573-07:00" + description: A Traefik based Kubernetes ingress controller + digest: a37509521a4e3c8865d34155e04b48016ba28bde1387ec175364e024eb496a51 + home: https://traefik.io/ + icon: https://raw.githubusercontent.com/traefik/traefik/v2.3/docs/content/assets/img/traefik.logo.png + keywords: + - traefik + - ingress + - networking + maintainers: + - email: emile@vauge.com + name: emilevauge + - email: daniel.tomcej@gmail.com + name: dtomcej + - email: ldez@traefik.io + name: ldez + - email: michel.loiseleur@traefik.io + name: mloiseleur + - email: charlie.haley@traefik.io + name: charlie-haley + name: traefik + sources: + - https://github.com/traefik/traefik + - https://github.com/traefik/traefik-helm-chart + type: application + urls: + - assets/traefik/traefik-20.7.0.tgz + version: 20.7.0 - annotations: artifacthub.io/changes: "- \U0001F50Dī¸ Add filePath support on access logs\n- :bug: Add missing scheme in help on Traefik Hub integration (#746)\n- :memo: @@ -13861,6 +14558,53 @@ entries: - assets/hashicorp/vault-0.22.0.tgz version: 0.22.0 wordpress: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: WordPress + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: wordpress + category: CMS + apiVersion: v2 + appVersion: 6.1.1 + created: "2022-12-08T12:25:37.15719028-07:00" + dependencies: + - condition: memcached.enabled + name: memcached + repository: file://./charts/memcached + version: 6.x.x + - condition: mariadb.enabled + name: mariadb + repository: file://./charts/mariadb + version: 11.x.x + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: WordPress is the world's most popular blogging and content management + platform. Powerful yet simple, everyone from students to global corporations + use it to build beautiful, functional websites. + digest: 8ed2c20da34db5c76682e9529da7ee87ddd84179c91776fe560062ea4d756696 + home: https://github.com/bitnami/charts/tree/main/bitnami/wordpress + icon: https://s.w.org/style/images/about/WordPress-logotype-simplified.png + keywords: + - application + - blog + - cms + - http + - php + - web + - wordpress + maintainers: + - name: Bitnami + url: https://github.com/bitnami/charts + name: wordpress + sources: + - https://github.com/bitnami/containers/tree/main/bitnami/wordpress + - https://wordpress.org/ + urls: + - assets/bitnami/wordpress-15.2.18.tgz + version: 15.2.18 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: WordPress @@ -14434,6 +15178,38 @@ entries: - assets/netfoundry/ziti-host-1.5.1.tgz version: 1.5.1 zookeeper: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Apache Zookeeper + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: zookeeper + category: Infrastructure + apiVersion: v2 + appVersion: 3.8.0 + created: "2022-12-08T12:25:37.206883145-07:00" + dependencies: + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: Apache ZooKeeper provides a reliable, centralized register of configuration + data and services for distributed applications. + digest: 4e887e7639c4b279b4e7b6505bdfb0240e93e3e9ef589a0b0973871f6f379121 + home: https://github.com/bitnami/charts/tree/main/bitnami/zookeeper + icon: https://svn.apache.org/repos/asf/comdev/project-logos/originals/zookeeper.svg + keywords: + - zookeeper + maintainers: + - name: Bitnami + url: https://github.com/bitnami/charts + name: zookeeper + sources: + - https://github.com/bitnami/containers/tree/main/bitnami/zookeeper + - https://zookeeper.apache.org/ + urls: + - assets/bitnami/zookeeper-11.0.0.tgz + version: 11.0.0 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Apache Zookeeper