diff --git a/assets/argo/argo-cd-5.46.2.tgz b/assets/argo/argo-cd-5.46.2.tgz index 6e492c5b9..6db47b658 100644 Binary files a/assets/argo/argo-cd-5.46.2.tgz and b/assets/argo/argo-cd-5.46.2.tgz differ diff --git a/assets/argo/argo-cd-5.46.4.tgz b/assets/argo/argo-cd-5.46.4.tgz new file mode 100644 index 000000000..32baff722 Binary files /dev/null and b/assets/argo/argo-cd-5.46.4.tgz differ diff --git a/assets/bitnami/postgresql-12.11.2.tgz b/assets/bitnami/postgresql-12.11.2.tgz new file mode 100644 index 000000000..0531eac20 Binary files /dev/null and b/assets/bitnami/postgresql-12.11.2.tgz differ diff --git a/assets/bitnami/wordpress-17.1.8.tgz b/assets/bitnami/wordpress-17.1.8.tgz new file mode 100644 index 000000000..5a70ba10a Binary files /dev/null and b/assets/bitnami/wordpress-17.1.8.tgz differ diff --git a/assets/cockroach-labs/cockroachdb-11.1.7.tgz b/assets/cockroach-labs/cockroachdb-11.1.7.tgz new file mode 100644 index 000000000..e54307bc2 Binary files /dev/null and b/assets/cockroach-labs/cockroachdb-11.1.7.tgz differ diff --git a/assets/datadog/datadog-3.36.2.tgz b/assets/datadog/datadog-3.36.2.tgz new file mode 100644 index 000000000..4b5634afd Binary files /dev/null and b/assets/datadog/datadog-3.36.2.tgz differ diff --git a/assets/nats/nats-1.0.3.tgz b/assets/nats/nats-1.0.3.tgz new file mode 100644 index 000000000..bdc812264 Binary files /dev/null and b/assets/nats/nats-1.0.3.tgz differ diff --git a/assets/quobyte/quobyte-cluster-0.1.9.tgz b/assets/quobyte/quobyte-cluster-0.1.9.tgz new file mode 100644 index 000000000..caf3aa465 Binary files /dev/null and b/assets/quobyte/quobyte-cluster-0.1.9.tgz differ diff --git a/assets/redpanda/redpanda-5.4.2.tgz b/assets/redpanda/redpanda-5.4.2.tgz new file mode 100644 index 000000000..ca4bccebd Binary files /dev/null and b/assets/redpanda/redpanda-5.4.2.tgz differ diff --git a/assets/speedscale/speedscale-operator-1.3.32.tgz b/assets/speedscale/speedscale-operator-1.3.32.tgz new file mode 100644 index 000000000..036f553fb Binary files /dev/null and b/assets/speedscale/speedscale-operator-1.3.32.tgz differ diff --git a/assets/sysdig/sysdig-1.16.13.tgz b/assets/sysdig/sysdig-1.16.13.tgz new file mode 100644 index 000000000..dd7892ddc Binary files /dev/null and b/assets/sysdig/sysdig-1.16.13.tgz differ diff --git a/assets/weka/csi-wekafsplugin-2.3.0.tgz b/assets/weka/csi-wekafsplugin-2.3.0.tgz new file mode 100644 index 000000000..5efdc5013 Binary files /dev/null and b/assets/weka/csi-wekafsplugin-2.3.0.tgz differ diff --git a/charts/argo/argo-cd/Chart.yaml b/charts/argo/argo-cd/Chart.yaml index e278974cc..f49327cf1 100644 --- a/charts/argo/argo-cd/Chart.yaml +++ b/charts/argo/argo-cd/Chart.yaml @@ -1,7 +1,7 @@ annotations: artifacthub.io/changes: | - - kind: changed - description: Improve readme migration notes + - kind: fixed + description: Align redis-ha's affinity type to upstream due to warnings artifacthub.io/signKey: | fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc @@ -11,7 +11,7 @@ annotations: catalog.cattle.io/kube-version: '>=1.23.0-0' catalog.cattle.io/release-name: argo-cd apiVersion: v2 -appVersion: v2.8.3 +appVersion: v2.8.4 dependencies: - condition: redis-ha.enabled name: redis-ha @@ -33,4 +33,4 @@ name: argo-cd sources: - https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd - https://github.com/argoproj/argo-cd -version: 5.46.2 +version: 5.46.4 diff --git a/charts/argo/argo-cd/README.md b/charts/argo/argo-cd/README.md index abb6be29e..bb51d130b 100644 --- a/charts/argo/argo-cd/README.md +++ b/charts/argo/argo-cd/README.md @@ -1000,13 +1000,13 @@ The main options are listed here: | Key | Type | Default | Description | |-----|------|---------|-------------| | redis-ha.additionalAffinities | object | `{}` | Additional affinities to add to the Redis server pods. | -| redis-ha.affinity | object | `{}` | Assign custom [affinity] rules to the Redis pods. | +| redis-ha.affinity | string | `""` | Assign custom [affinity] rules to the Redis pods. | | redis-ha.enabled | bool | `false` | Enables the Redis HA subchart and disables the custom Redis single node deployment | | redis-ha.exporter.enabled | bool | `false` | Enable Prometheus redis-exporter sidecar | | redis-ha.exporter.image | string | `"public.ecr.aws/bitnami/redis-exporter"` | Repository to use for the redis-exporter | | redis-ha.exporter.tag | string | `"1.53.0"` | Tag to use for the redis-exporter | | redis-ha.haproxy.additionalAffinities | object | `{}` | Additional affinities to add to the haproxy pods. | -| redis-ha.haproxy.affinity | object | `{}` | Assign custom [affinity] rules to the haproxy pods. | +| redis-ha.haproxy.affinity | string | `""` | Assign custom [affinity] rules to the haproxy pods. | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.hardAntiAffinity | bool | `true` | Whether the haproxy pods should be forced to run on separate nodes. | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | diff --git a/charts/argo/argo-cd/templates/argocd-server/clusterrole.yaml b/charts/argo/argo-cd/templates/argocd-server/clusterrole.yaml index 3d2c44b55..838016fa0 100644 --- a/charts/argo/argo-cd/templates/argocd-server/clusterrole.yaml +++ b/charts/argo/argo-cd/templates/argocd-server/clusterrole.yaml @@ -48,6 +48,7 @@ rules: - apiGroups: - batch resources: + {{/* supports triggering jobs from UI */}} - jobs verbs: - create @@ -56,5 +57,6 @@ rules: resources: - workflows verbs: + {{/* supports triggering workflows from UI */}} - create {{- end }} diff --git a/charts/argo/argo-cd/values.yaml b/charts/argo/argo-cd/values.yaml index 22dcfcc63..fb078ac65 100644 --- a/charts/argo/argo-cd/values.yaml +++ b/charts/argo/argo-cd/values.yaml @@ -1415,7 +1415,7 @@ redis-ha: # -- Additional affinities to add to the haproxy pods. additionalAffinities: {} # -- Assign custom [affinity] rules to the haproxy pods. - affinity: {} + affinity: | # -- [Tolerations] for use with node taints for haproxy pods. tolerations: [] @@ -1426,7 +1426,7 @@ redis-ha: additionalAffinities: {} # -- Assign custom [affinity] rules to the Redis pods. - affinity: {} + affinity: | # -- [Tolerations] for use with node taints for Redis pods. tolerations: [] diff --git a/charts/bitnami/postgresql/Chart.yaml b/charts/bitnami/postgresql/Chart.yaml index 56c4325be..c715b5d35 100644 --- a/charts/bitnami/postgresql/Chart.yaml +++ b/charts/bitnami/postgresql/Chart.yaml @@ -38,4 +38,4 @@ maintainers: name: postgresql sources: - https://github.com/bitnami/charts/tree/main/bitnami/postgresql -version: 12.11.1 +version: 12.11.2 diff --git a/charts/bitnami/postgresql/templates/secrets.yaml b/charts/bitnami/postgresql/templates/secrets.yaml index 6d7f59aa3..b4267ab64 100644 --- a/charts/bitnami/postgresql/templates/secrets.yaml +++ b/charts/bitnami/postgresql/templates/secrets.yaml @@ -6,13 +6,13 @@ SPDX-License-Identifier: APACHE-2.0 {{- $host := include "postgresql.v1.primary.fullname" . }} {{- $port := include "postgresql.v1.service.port" . }} {{- $customUser := include "postgresql.v1.username" . }} -{{- $postgresPassword := include "common.secrets.lookup" (dict "secret" (include "postgresql.v1.secretName" .) "key" .Values.auth.secretKeys.adminPasswordKey "defaultValue" (ternary (coalesce .Values.global.postgresql.auth.password .Values.auth.password .Values.global.postgresql.auth.postgresPassword .Values.auth.postgresPassword) (coalesce .Values.global.postgresql.auth.postgresPassword .Values.auth.postgresPassword) (or (empty $customUser) (eq $customUser "postgres"))) "context" $) | trimAll "\"" | b64dec }} +{{- $postgresPassword := include "common.secrets.lookup" (dict "secret" (include "postgresql.v1.secretName" .) "key" (coalesce .Values.global.postgresql.auth.secretKeys.adminPasswordKey .Values.auth.secretKeys.adminPasswordKey) "defaultValue" (ternary (coalesce .Values.global.postgresql.auth.password .Values.auth.password .Values.global.postgresql.auth.postgresPassword .Values.auth.postgresPassword) (coalesce .Values.global.postgresql.auth.postgresPassword .Values.auth.postgresPassword) (or (empty $customUser) (eq $customUser "postgres"))) "context" $) | trimAll "\"" | b64dec }} {{- if and (not $postgresPassword) .Values.auth.enablePostgresUser }} {{- $postgresPassword = randAlphaNum 10 }} {{- end }} {{- $replicationPassword := "" }} {{- if eq .Values.architecture "replication" }} -{{- $replicationPassword = include "common.secrets.passwords.manage" (dict "secret" (include "postgresql.v1.secretName" .) "key" .Values.auth.secretKeys.replicationPasswordKey "providedValues" (list "auth.replicationPassword") "context" $) | trimAll "\"" | b64dec }} +{{- $replicationPassword = include "common.secrets.passwords.manage" (dict "secret" (include "postgresql.v1.secretName" .) "key" (coalesce .Values.global.postgresql.auth.secretKeys.replicationPasswordKey .Values.auth.secretKeys.replicationPasswordKey) "providedValues" (list "auth.replicationPassword") "context" $) | trimAll "\"" | b64dec }} {{- end }} {{- $ldapPassword := "" }} {{- if and .Values.ldap.enabled (or .Values.ldap.bind_password .Values.ldap.bindpw) }} @@ -20,7 +20,7 @@ SPDX-License-Identifier: APACHE-2.0 {{- end }} {{- $password := "" }} {{- if and (not (empty $customUser)) (ne $customUser "postgres") }} -{{- $password = include "common.secrets.passwords.manage" (dict "secret" (include "postgresql.v1.secretName" .) "key" .Values.auth.secretKeys.userPasswordKey "providedValues" (list "global.postgresql.auth.password" "auth.password") "context" $) | trimAll "\"" | b64dec }} +{{- $password = include "common.secrets.passwords.manage" (dict "secret" (include "postgresql.v1.secretName" .) "key" (coalesce .Values.global.postgresql.auth.secretKeys.userPasswordKey .Values.auth.secretKeys.userPasswordKey) "providedValues" (list "global.postgresql.auth.password" "auth.password") "context" $) | trimAll "\"" | b64dec }} {{- end }} {{- $database := include "postgresql.v1.database" . }} {{- if (include "postgresql.v1.createSecret" .) }} diff --git a/charts/bitnami/postgresql/values.schema.json b/charts/bitnami/postgresql/values.schema.json index fc41483cd..8791cb85b 100644 --- a/charts/bitnami/postgresql/values.schema.json +++ b/charts/bitnami/postgresql/values.schema.json @@ -1,156 +1,2537 @@ { - "$schema": "http://json-schema.org/schema#", - "type": "object", - "properties": { - "architecture": { - "type": "string", - "title": "PostgreSQL architecture", - "form": true, - "description": "Allowed values: `standalone` or `replication`" - }, - "auth": { - "type": "object", - "title": "Authentication configuration", - "form": true, - "properties": { - "enablePostgresUser": { - "type": "boolean", - "title": "Enable \"postgres\" admin user", - "description": "Assign a password to the \"postgres\" admin user. Otherwise, remote access will be blocked for this user", - "form": true - }, - "postgresPassword": { - "type": "string", - "title": "Password for the \"postgres\" admin user", - "description": "Defaults to a random 10-character alphanumeric string if not set", - "form": true - }, - "database": { - "type": "string", - "title": "PostgreSQL custom database", - "description": "Name of the custom database to be created during the 1st initialization of PostgreSQL", - "form": true - }, - "username": { - "type": "string", - "title": "PostgreSQL custom user", - "description": "Name of the custom user to be created during the 1st initialization of PostgreSQL. This user only has permissions on the PostgreSQL custom database", - "form": true - }, - "password": { - "type": "string", - "title": "Password for the custom user to create", - "description": "Defaults to a random 10-character alphanumeric string if not set", - "form": true - }, - "replicationUsername": { - "type": "string", - "title": "PostgreSQL replication user", - "description": "Name of user used to manage replication.", - "form": true, - "hidden": { - "value": "standalone", - "path": "architecture" - } - }, - "replicationPassword": { - "type": "string", - "title": "Password for PostgreSQL replication user", - "description": "Defaults to a random 10-character alphanumeric string if not set", - "form": true, - "hidden": { - "value": "standalone", - "path": "architecture" - } - } - } - }, - "persistence": { - "type": "object", - "properties": { - "size": { - "type": "string", - "title": "Persistent Volume Size", - "form": true, - "render": "slider", - "sliderMin": 1, - "sliderMax": 100, - "sliderUnit": "Gi" - } - } - }, - "resources": { - "type": "object", - "title": "Required Resources", - "description": "Configure resource requests", - "form": true, - "properties": { - "requests": { - "type": "object", - "properties": { - "memory": { - "type": "string", - "form": true, - "render": "slider", - "title": "Memory Request", - "sliderMin": 10, - "sliderMax": 2048, - "sliderUnit": "Mi" - }, - "cpu": { - "type": "string", - "form": true, - "render": "slider", - "title": "CPU Request", - "sliderMin": 10, - "sliderMax": 2000, - "sliderUnit": "m" + "title": "Chart Values", + "type": "object", + "properties": { + "global": { + "type": "object", + "properties": { + "imageRegistry": { + "type": "string", + "description": "Global Docker image registry", + "default": "" + }, + "imagePullSecrets": { + "type": "array", + "description": "Global Docker registry secret names as an array", + "default": [], + "items": {} + }, + "storageClass": { + "type": "string", + "description": "Global StorageClass for Persistent Volume(s)", + "default": "" + }, + "postgresql": { + "type": "object", + "properties": { + "auth": { + "type": "object", + "properties": { + "postgresPassword": { + "type": "string", + "description": "Password for the \"postgres\" admin user (overrides `auth.postgresPassword`)", + "default": "" + }, + "username": { + "type": "string", + "description": "Name for a custom user to create (overrides `auth.username`)", + "default": "" + }, + "password": { + "type": "string", + "description": "Password for the custom user to create (overrides `auth.password`)", + "default": "" + }, + "database": { + "type": "string", + "description": "Name for a custom database to create (overrides `auth.database`)", + "default": "" + }, + "existingSecret": { + "type": "string", + "description": "Name of existing secret to use for PostgreSQL credentials (overrides `auth.existingSecret`).", + "default": "" + }, + "secretKeys": { + "type": "object", + "properties": { + "adminPasswordKey": { + "type": "string", + "description": "Name of key in existing secret to use for PostgreSQL credentials (overrides `auth.secretKeys.adminPasswordKey`). Only used when `global.postgresql.auth.existingSecret` is set.", + "default": "" + }, + "userPasswordKey": { + "type": "string", + "description": "Name of key in existing secret to use for PostgreSQL credentials (overrides `auth.secretKeys.userPasswordKey`). Only used when `global.postgresql.auth.existingSecret` is set.", + "default": "" + }, + "replicationPasswordKey": { + "type": "string", + "description": "Name of key in existing secret to use for PostgreSQL credentials (overrides `auth.secretKeys.replicationPasswordKey`). Only used when `global.postgresql.auth.existingSecret` is set.", + "default": "" + } + } + } + } + }, + "service": { + "type": "object", + "properties": { + "ports": { + "type": "object", + "properties": { + "postgresql": { + "type": "string", + "description": "PostgreSQL service port (overrides `service.ports.postgresql`)", + "default": "" + } + } + } + } + } + } + } + } + }, + "kubeVersion": { + "type": "string", + "description": "Override Kubernetes version", + "default": "" + }, + "nameOverride": { + "type": "string", + "description": "String to partially override common.names.fullname template (will maintain the release name)", + "default": "" + }, + "fullnameOverride": { + "type": "string", + "description": "String to fully override common.names.fullname template", + "default": "" + }, + "clusterDomain": { + "type": "string", + "description": "Kubernetes Cluster Domain", + "default": "cluster.local" + }, + "extraDeploy": { + "type": "array", + "description": "Array of extra objects to deploy with the release (evaluated as a template)", + "default": [], + "items": {} + }, + "commonLabels": { + "type": "object", + "description": "Add labels to all the deployed resources", + "default": {} + }, + "commonAnnotations": { + "type": "object", + "description": "Add annotations to all the deployed resources", + "default": {} + }, + "diagnosticMode": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable diagnostic mode (all probes will be disabled and the command will be overridden)", + "default": false + }, + "command": { + "type": "array", + "description": "Command to override all containers in the statefulset", + "default": [ + "sleep" + ], + "items": { + "type": "string" + } + }, + "args": { + "type": "array", + "description": "Args to override all containers in the statefulset", + "default": [ + "infinity" + ], + "items": { + "type": "string" + } + } + } + }, + "image": { + "type": "object", + "properties": { + "registry": { + "type": "string", + "description": "PostgreSQL image registry", + "default": "docker.io" + }, + "repository": { + "type": "string", + "description": "PostgreSQL image repository", + "default": "bitnami/postgresql" + }, + "tag": { + "type": "string", + "description": "PostgreSQL image tag (immutable tags are recommended)", + "default": "15.4.0-debian-11-r10" + }, + "digest": { + "type": "string", + "description": "PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag", + "default": "" + }, + "pullPolicy": { + "type": "string", + "description": "PostgreSQL image pull policy", + "default": "IfNotPresent" + }, + "pullSecrets": { + "type": "array", + "description": "Specify image pull secrets", + "default": [], + "items": {} + }, + "debug": { + "type": "boolean", + "description": "Specify if debug values should be set", + "default": false + } + } + }, + "auth": { + "type": "object", + "properties": { + "enablePostgresUser": { + "type": "boolean", + "description": "Assign a password to the \"postgres\" admin user. Otherwise, remote access will be blocked for this user", + "default": true + }, + "postgresPassword": { + "type": "string", + "description": "Password for the \"postgres\" admin user. Ignored if `auth.existingSecret` is provided", + "default": "" + }, + "username": { + "type": "string", + "description": "Name for a custom user to create", + "default": "" + }, + "password": { + "type": "string", + "description": "Password for the custom user to create. Ignored if `auth.existingSecret` is provided", + "default": "" + }, + "database": { + "type": "string", + "description": "Name for a custom database to create", + "default": "" + }, + "replicationUsername": { + "type": "string", + "description": "Name of the replication user", + "default": "repl_user" + }, + "replicationPassword": { + "type": "string", + "description": "Password for the replication user. Ignored if `auth.existingSecret` is provided", + "default": "" + }, + "existingSecret": { + "type": "string", + "description": "Name of existing secret to use for PostgreSQL credentials. `auth.postgresPassword`, `auth.password`, and `auth.replicationPassword` will be ignored and picked up from this secret. The secret might also contains the key `ldap-password` if LDAP is enabled. `ldap.bind_password` will be ignored and picked from this secret in this case.", + "default": "" + }, + "secretKeys": { + "type": "object", + "properties": { + "adminPasswordKey": { + "type": "string", + "description": "Name of key in existing secret to use for PostgreSQL credentials. Only used when `auth.existingSecret` is set.", + "default": "postgres-password" + }, + "userPasswordKey": { + "type": "string", + "description": "Name of key in existing secret to use for PostgreSQL credentials. Only used when `auth.existingSecret` is set.", + "default": "password" + }, + "replicationPasswordKey": { + "type": "string", + "description": "Name of key in existing secret to use for PostgreSQL credentials. Only used when `auth.existingSecret` is set.", + "default": "replication-password" + } + } + }, + "usePasswordFiles": { + "type": "boolean", + "description": "Mount credentials as a files instead of using an environment variable", + "default": false + } + } + }, + "architecture": { + "type": "string", + "description": "PostgreSQL architecture (`standalone` or `replication`)", + "default": "standalone" + }, + "replication": { + "type": "object", + "properties": { + "synchronousCommit": { + "type": "string", + "description": "Set synchronous commit mode. Allowed values: `on`, `remote_apply`, `remote_write`, `local` and `off`", + "default": "off" + }, + "numSynchronousReplicas": { + "type": "number", + "description": "Number of replicas that will have synchronous replication. Note: Cannot be greater than `readReplicas.replicaCount`.", + "default": 0 + }, + "applicationName": { + "type": "string", + "description": "Cluster application name. Useful for advanced replication settings", + "default": "my_application" + } + } + }, + "containerPorts": { + "type": "object", + "properties": { + "postgresql": { + "type": "number", + "description": "PostgreSQL container port", + "default": 5432 + } + } + }, + "audit": { + "type": "object", + "properties": { + "logHostname": { + "type": "boolean", + "description": "Log client hostnames", + "default": false + }, + "logConnections": { + "type": "boolean", + "description": "Add client log-in operations to the log file", + "default": false + }, + "logDisconnections": { + "type": "boolean", + "description": "Add client log-outs operations to the log file", + "default": false + }, + "pgAuditLog": { + "type": "string", + "description": "Add operations to log using the pgAudit extension", + "default": "" + }, + "pgAuditLogCatalog": { + "type": "string", + "description": "Log catalog using pgAudit", + "default": "off" + }, + "clientMinMessages": { + "type": "string", + "description": "Message log level to share with the user", + "default": "error" + }, + "logLinePrefix": { + "type": "string", + "description": "Template for log line prefix (default if not set)", + "default": "" + }, + "logTimezone": { + "type": "string", + "description": "Timezone for the log timestamps", + "default": "" + } + } + }, + "ldap": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable LDAP support", + "default": false + }, + "server": { + "type": "string", + "description": "IP address or name of the LDAP server.", + "default": "" + }, + "port": { + "type": "string", + "description": "Port number on the LDAP server to connect to", + "default": "" + }, + "prefix": { + "type": "string", + "description": "String to prepend to the user name when forming the DN to bind", + "default": "" + }, + "suffix": { + "type": "string", + "description": "String to append to the user name when forming the DN to bind", + "default": "" + }, + "basedn": { + "type": "string", + "description": "Root DN to begin the search for the user in", + "default": "" + }, + "binddn": { + "type": "string", + "description": "DN of user to bind to LDAP", + "default": "" + }, + "bindpw": { + "type": "string", + "description": "Password for the user to bind to LDAP", + "default": "" + }, + "searchAttribute": { + "type": "string", + "description": "Attribute to match against the user name in the search", + "default": "" + }, + "searchFilter": { + "type": "string", + "description": "The search filter to use when doing search+bind authentication", + "default": "" + }, + "scheme": { + "type": "string", + "description": "Set to `ldaps` to use LDAPS", + "default": "" + }, + "tls": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Se to true to enable TLS encryption", + "default": false + } + } + }, + "uri": { + "type": "string", + "description": "LDAP URL beginning in the form `ldap[s]://host[:port]/basedn`. If provided, all the other LDAP parameters will be ignored.", + "default": "" + } + } + }, + "postgresqlDataDir": { + "type": "string", + "description": "PostgreSQL data dir folder", + "default": "/bitnami/postgresql/data" + }, + "postgresqlSharedPreloadLibraries": { + "type": "string", + "description": "Shared preload libraries (comma-separated list)", + "default": "pgaudit" + }, + "shmVolume": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable emptyDir volume for /dev/shm for PostgreSQL pod(s)", + "default": true + }, + "sizeLimit": { + "type": "string", + "description": "Set this to enable a size limit on the shm tmpfs", + "default": "" + } + } + }, + "tls": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable TLS traffic support", + "default": false + }, + "autoGenerated": { + "type": "boolean", + "description": "Generate automatically self-signed TLS certificates", + "default": false + }, + "preferServerCiphers": { + "type": "boolean", + "description": "Whether to use the server's TLS cipher preferences rather than the client's", + "default": true + }, + "certificatesSecret": { + "type": "string", + "description": "Name of an existing secret that contains the certificates", + "default": "" + }, + "certFilename": { + "type": "string", + "description": "Certificate filename", + "default": "" + }, + "certKeyFilename": { + "type": "string", + "description": "Certificate key filename", + "default": "" + }, + "certCAFilename": { + "type": "string", + "description": "CA Certificate filename", + "default": "" + }, + "crlFilename": { + "type": "string", + "description": "File containing a Certificate Revocation List", + "default": "" + } + } + }, + "primary": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the primary database (eg primary, master, leader, ...)", + "default": "primary" + }, + "configuration": { + "type": "string", + "description": "PostgreSQL Primary main configuration to be injected as ConfigMap", + "default": "" + }, + "pgHbaConfiguration": { + "type": "string", + "description": "PostgreSQL Primary client authentication configuration", + "default": "" + }, + "existingConfigmap": { + "type": "string", + "description": "Name of an existing ConfigMap with PostgreSQL Primary configuration", + "default": "" + }, + "extendedConfiguration": { + "type": "string", + "description": "Extended PostgreSQL Primary configuration (appended to main or default configuration)", + "default": "" + }, + "existingExtendedConfigmap": { + "type": "string", + "description": "Name of an existing ConfigMap with PostgreSQL Primary extended configuration", + "default": "" + }, + "initdb": { + "type": "object", + "properties": { + "args": { + "type": "string", + "description": "PostgreSQL initdb extra arguments", + "default": "" + }, + "postgresqlWalDir": { + "type": "string", + "description": "Specify a custom location for the PostgreSQL transaction log", + "default": "" + }, + "scripts": { + "type": "object", + "description": "Dictionary of initdb scripts", + "default": {} + }, + "scriptsConfigMap": { + "type": "string", + "description": "ConfigMap with scripts to be run at first boot", + "default": "" + }, + "scriptsSecret": { + "type": "string", + "description": "Secret with scripts to be run at first boot (in case it contains sensitive information)", + "default": "" + }, + "user": { + "type": "string", + "description": "Specify the PostgreSQL username to execute the initdb scripts", + "default": "" + }, + "password": { + "type": "string", + "description": "Specify the PostgreSQL password to execute the initdb scripts", + "default": "" + } + } + }, + "standby": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Whether to enable current cluster's primary as standby server of another cluster or not", + "default": false + }, + "primaryHost": { + "type": "string", + "description": "The Host of replication primary in the other cluster", + "default": "" + }, + "primaryPort": { + "type": "string", + "description": "The Port of replication primary in the other cluster", + "default": "" + } + } + }, + "extraEnvVars": { + "type": "array", + "description": "Array with extra environment variables to add to PostgreSQL Primary nodes", + "default": [], + "items": {} + }, + "extraEnvVarsCM": { + "type": "string", + "description": "Name of existing ConfigMap containing extra env vars for PostgreSQL Primary nodes", + "default": "" + }, + "extraEnvVarsSecret": { + "type": "string", + "description": "Name of existing Secret containing extra env vars for PostgreSQL Primary nodes", + "default": "" + }, + "command": { + "type": "array", + "description": "Override default container command (useful when using custom images)", + "default": [], + "items": {} + }, + "args": { + "type": "array", + "description": "Override default container args (useful when using custom images)", + "default": [], + "items": {} + }, + "livenessProbe": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable livenessProbe on PostgreSQL Primary containers", + "default": true + }, + "initialDelaySeconds": { + "type": "number", + "description": "Initial delay seconds for livenessProbe", + "default": 30 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for livenessProbe", + "default": 10 + }, + "timeoutSeconds": { + "type": "number", + "description": "Timeout seconds for livenessProbe", + "default": 5 + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for livenessProbe", + "default": 6 + }, + "successThreshold": { + "type": "number", + "description": "Success threshold for livenessProbe", + "default": 1 + } + } + }, + "readinessProbe": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable readinessProbe on PostgreSQL Primary containers", + "default": true + }, + "initialDelaySeconds": { + "type": "number", + "description": "Initial delay seconds for readinessProbe", + "default": 5 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for readinessProbe", + "default": 10 + }, + "timeoutSeconds": { + "type": "number", + "description": "Timeout seconds for readinessProbe", + "default": 5 + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for readinessProbe", + "default": 6 + }, + "successThreshold": { + "type": "number", + "description": "Success threshold for readinessProbe", + "default": 1 + } + } + }, + "startupProbe": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable startupProbe on PostgreSQL Primary containers", + "default": false + }, + "initialDelaySeconds": { + "type": "number", + "description": "Initial delay seconds for startupProbe", + "default": 30 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for startupProbe", + "default": 10 + }, + "timeoutSeconds": { + "type": "number", + "description": "Timeout seconds for startupProbe", + "default": 1 + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for startupProbe", + "default": 15 + }, + "successThreshold": { + "type": "number", + "description": "Success threshold for startupProbe", + "default": 1 + } + } + }, + "customLivenessProbe": { + "type": "object", + "description": "Custom livenessProbe that overrides the default one", + "default": {} + }, + "customReadinessProbe": { + "type": "object", + "description": "Custom readinessProbe that overrides the default one", + "default": {} + }, + "customStartupProbe": { + "type": "object", + "description": "Custom startupProbe that overrides the default one", + "default": {} + }, + "lifecycleHooks": { + "type": "object", + "description": "for the PostgreSQL Primary container to automate configuration before or after startup", + "default": {} + }, + "resources": { + "type": "object", + "properties": { + "limits": { + "type": "object", + "description": "The resources limits for the PostgreSQL Primary containers", + "default": {} + }, + "requests": { + "type": "object", + "properties": { + "memory": { + "type": "string", + "description": "The requested memory for the PostgreSQL Primary containers", + "default": "256Mi" + }, + "cpu": { + "type": "string", + "description": "The requested cpu for the PostgreSQL Primary containers", + "default": "250m" + } + } + } + } + }, + "podSecurityContext": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable security context", + "default": true + }, + "fsGroup": { + "type": "number", + "description": "Group ID for the pod", + "default": 1001 + } + } + }, + "containerSecurityContext": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable container security context", + "default": true + }, + "runAsUser": { + "type": "number", + "description": "User ID for the container", + "default": 1001 + }, + "runAsGroup": { + "type": "number", + "description": "Group ID for the container", + "default": 0 + }, + "runAsNonRoot": { + "type": "boolean", + "description": "Set runAsNonRoot for the container", + "default": true + }, + "allowPrivilegeEscalation": { + "type": "boolean", + "description": "Set allowPrivilegeEscalation for the container", + "default": false + }, + "seccompProfile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Set seccompProfile.type for the container", + "default": "RuntimeDefault" + } + } + }, + "capabilities": { + "type": "object", + "properties": { + "drop": { + "type": "array", + "description": "Set capabilities.drop for the container", + "default": [ + "ALL" + ], + "items": { + "type": "string" + } + } + } + } + } + }, + "hostAliases": { + "type": "array", + "description": "PostgreSQL primary pods host aliases", + "default": [], + "items": {} + }, + "hostNetwork": { + "type": "boolean", + "description": "Specify if host network should be enabled for PostgreSQL pod (postgresql primary)", + "default": false + }, + "hostIPC": { + "type": "boolean", + "description": "Specify if host IPC should be enabled for PostgreSQL pod (postgresql primary)", + "default": false + }, + "labels": { + "type": "object", + "description": "Map of labels to add to the statefulset (postgresql primary)", + "default": {} + }, + "annotations": { + "type": "object", + "description": "Annotations for PostgreSQL primary pods", + "default": {} + }, + "podLabels": { + "type": "object", + "description": "Map of labels to add to the pods (postgresql primary)", + "default": {} + }, + "podAnnotations": { + "type": "object", + "description": "Map of annotations to add to the pods (postgresql primary)", + "default": {} + }, + "podAffinityPreset": { + "type": "string", + "description": "PostgreSQL primary pod affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard`", + "default": "" + }, + "podAntiAffinityPreset": { + "type": "string", + "description": "PostgreSQL primary pod anti-affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard`", + "default": "soft" + }, + "nodeAffinityPreset": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "PostgreSQL primary node affinity preset type. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard`", + "default": "" + }, + "key": { + "type": "string", + "description": "PostgreSQL primary node label key to match Ignored if `primary.affinity` is set.", + "default": "" + }, + "values": { + "type": "array", + "description": "PostgreSQL primary node label values to match. Ignored if `primary.affinity` is set.", + "default": [], + "items": {} + } + } + }, + "affinity": { + "type": "object", + "description": "Affinity for PostgreSQL primary pods assignment", + "default": {} + }, + "nodeSelector": { + "type": "object", + "description": "Node labels for PostgreSQL primary pods assignment", + "default": {} + }, + "tolerations": { + "type": "array", + "description": "Tolerations for PostgreSQL primary pods assignment", + "default": [], + "items": {} + }, + "topologySpreadConstraints": { + "type": "array", + "description": "Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template", + "default": [], + "items": {} + }, + "priorityClassName": { + "type": "string", + "description": "Priority Class to use for each pod (postgresql primary)", + "default": "" + }, + "schedulerName": { + "type": "string", + "description": "Use an alternate scheduler, e.g. \"stork\".", + "default": "" + }, + "terminationGracePeriodSeconds": { + "type": "string", + "description": "Seconds PostgreSQL primary pod needs to terminate gracefully", + "default": "" + }, + "updateStrategy": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "PostgreSQL Primary statefulset strategy type", + "default": "RollingUpdate" + }, + "rollingUpdate": { + "type": "object", + "description": "PostgreSQL Primary statefulset rolling update configuration parameters", + "default": {} + } + } + }, + "extraVolumeMounts": { + "type": "array", + "description": "Optionally specify extra list of additional volumeMounts for the PostgreSQL Primary container(s)", + "default": [], + "items": {} + }, + "extraVolumes": { + "type": "array", + "description": "Optionally specify extra list of additional volumes for the PostgreSQL Primary pod(s)", + "default": [], + "items": {} + }, + "sidecars": { + "type": "array", + "description": "Add additional sidecar containers to the PostgreSQL Primary pod(s)", + "default": [], + "items": {} + }, + "initContainers": { + "type": "array", + "description": "Add additional init containers to the PostgreSQL Primary pod(s)", + "default": [], + "items": {} + }, + "extraPodSpec": { + "type": "object", + "description": "Optionally specify extra PodSpec for the PostgreSQL Primary pod(s)", + "default": {} + }, + "service": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Kubernetes Service type", + "default": "ClusterIP" + }, + "ports": { + "type": "object", + "properties": { + "postgresql": { + "type": "number", + "description": "PostgreSQL service port", + "default": 5432 + } + } + }, + "nodePorts": { + "type": "object", + "properties": { + "postgresql": { + "type": "string", + "description": "Node port for PostgreSQL", + "default": "" + } + } + }, + "clusterIP": { + "type": "string", + "description": "Static clusterIP or None for headless services", + "default": "" + }, + "annotations": { + "type": "object", + "description": "Annotations for PostgreSQL primary service", + "default": {} + }, + "loadBalancerIP": { + "type": "string", + "description": "Load balancer IP if service type is `LoadBalancer`", + "default": "" + }, + "externalTrafficPolicy": { + "type": "string", + "description": "Enable client source IP preservation", + "default": "Cluster" + }, + "loadBalancerSourceRanges": { + "type": "array", + "description": "Addresses that are allowed when service is LoadBalancer", + "default": [], + "items": {} + }, + "extraPorts": { + "type": "array", + "description": "Extra ports to expose in the PostgreSQL primary service", + "default": [], + "items": {} + }, + "sessionAffinity": { + "type": "string", + "description": "Session Affinity for Kubernetes service, can be \"None\" or \"ClientIP\"", + "default": "None" + }, + "sessionAffinityConfig": { + "type": "object", + "description": "Additional settings for the sessionAffinity", + "default": {} + }, + "headless": { + "type": "object", + "properties": { + "annotations": { + "type": "object", + "description": "Additional custom annotations for headless PostgreSQL primary service", + "default": {} + } + } + } + } + }, + "persistence": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable PostgreSQL Primary data persistence using PVC", + "default": true + }, + "existingClaim": { + "type": "string", + "description": "Name of an existing PVC to use", + "default": "" + }, + "mountPath": { + "type": "string", + "description": "The path the volume will be mounted at", + "default": "/bitnami/postgresql" + }, + "subPath": { + "type": "string", + "description": "The subdirectory of the volume to mount to", + "default": "" + }, + "storageClass": { + "type": "string", + "description": "PVC Storage Class for PostgreSQL Primary data volume", + "default": "" + }, + "accessModes": { + "type": "array", + "description": "PVC Access Mode for PostgreSQL volume", + "default": [ + "ReadWriteOnce" + ], + "items": { + "type": "string" + } + }, + "size": { + "type": "string", + "description": "PVC Storage Request for PostgreSQL volume", + "default": "8Gi" + }, + "annotations": { + "type": "object", + "description": "Annotations for the PVC", + "default": {} + }, + "labels": { + "type": "object", + "description": "Labels for the PVC", + "default": {} + }, + "selector": { + "type": "object", + "description": "Selector to match an existing Persistent Volume (this value is evaluated as a template)", + "default": {} + }, + "dataSource": { + "type": "object", + "description": "Custom PVC data source", + "default": {} + } + } + }, + "persistentVolumeClaimRetentionPolicy": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable Persistent volume retention policy for Primary Statefulset", + "default": false + }, + "whenScaled": { + "type": "string", + "description": "Volume retention behavior when the replica count of the StatefulSet is reduced", + "default": "Retain" + }, + "whenDeleted": { + "type": "string", + "description": "Volume retention behavior that applies when the StatefulSet is deleted", + "default": "Retain" + } + } + } } - } - } - } - }, - "replication": { - "type": "object", - "form": true, - "title": "Replication Details", - "properties": { - "enabled": { - "type": "boolean", - "title": "Enable Replication", - "form": true }, "readReplicas": { - "type": "integer", - "title": "read Replicas", - "form": true, - "hidden": { - "value": "standalone", - "path": "architecture" - } + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Name of the read replicas database (eg secondary, slave, ...)", + "default": "read" + }, + "replicaCount": { + "type": "number", + "description": "Number of PostgreSQL read only replicas", + "default": 1 + }, + "extendedConfiguration": { + "type": "string", + "description": "Extended PostgreSQL read only replicas configuration (appended to main or default configuration)", + "default": "" + }, + "extraEnvVars": { + "type": "array", + "description": "Array with extra environment variables to add to PostgreSQL read only nodes", + "default": [], + "items": {} + }, + "extraEnvVarsCM": { + "type": "string", + "description": "Name of existing ConfigMap containing extra env vars for PostgreSQL read only nodes", + "default": "" + }, + "extraEnvVarsSecret": { + "type": "string", + "description": "Name of existing Secret containing extra env vars for PostgreSQL read only nodes", + "default": "" + }, + "command": { + "type": "array", + "description": "Override default container command (useful when using custom images)", + "default": [], + "items": {} + }, + "args": { + "type": "array", + "description": "Override default container args (useful when using custom images)", + "default": [], + "items": {} + }, + "livenessProbe": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable livenessProbe on PostgreSQL read only containers", + "default": true + }, + "initialDelaySeconds": { + "type": "number", + "description": "Initial delay seconds for livenessProbe", + "default": 30 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for livenessProbe", + "default": 10 + }, + "timeoutSeconds": { + "type": "number", + "description": "Timeout seconds for livenessProbe", + "default": 5 + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for livenessProbe", + "default": 6 + }, + "successThreshold": { + "type": "number", + "description": "Success threshold for livenessProbe", + "default": 1 + } + } + }, + "readinessProbe": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable readinessProbe on PostgreSQL read only containers", + "default": true + }, + "initialDelaySeconds": { + "type": "number", + "description": "Initial delay seconds for readinessProbe", + "default": 5 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for readinessProbe", + "default": 10 + }, + "timeoutSeconds": { + "type": "number", + "description": "Timeout seconds for readinessProbe", + "default": 5 + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for readinessProbe", + "default": 6 + }, + "successThreshold": { + "type": "number", + "description": "Success threshold for readinessProbe", + "default": 1 + } + } + }, + "startupProbe": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable startupProbe on PostgreSQL read only containers", + "default": false + }, + "initialDelaySeconds": { + "type": "number", + "description": "Initial delay seconds for startupProbe", + "default": 30 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for startupProbe", + "default": 10 + }, + "timeoutSeconds": { + "type": "number", + "description": "Timeout seconds for startupProbe", + "default": 1 + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for startupProbe", + "default": 15 + }, + "successThreshold": { + "type": "number", + "description": "Success threshold for startupProbe", + "default": 1 + } + } + }, + "customLivenessProbe": { + "type": "object", + "description": "Custom livenessProbe that overrides the default one", + "default": {} + }, + "customReadinessProbe": { + "type": "object", + "description": "Custom readinessProbe that overrides the default one", + "default": {} + }, + "customStartupProbe": { + "type": "object", + "description": "Custom startupProbe that overrides the default one", + "default": {} + }, + "lifecycleHooks": { + "type": "object", + "description": "for the PostgreSQL read only container to automate configuration before or after startup", + "default": {} + }, + "resources": { + "type": "object", + "properties": { + "limits": { + "type": "object", + "description": "The resources limits for the PostgreSQL read only containers", + "default": {} + }, + "requests": { + "type": "object", + "properties": { + "memory": { + "type": "string", + "description": "The requested memory for the PostgreSQL read only containers", + "default": "256Mi" + }, + "cpu": { + "type": "string", + "description": "The requested cpu for the PostgreSQL read only containers", + "default": "250m" + } + } + } + } + }, + "podSecurityContext": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable security context", + "default": true + }, + "fsGroup": { + "type": "number", + "description": "Group ID for the pod", + "default": 1001 + } + } + }, + "containerSecurityContext": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable container security context", + "default": true + }, + "runAsUser": { + "type": "number", + "description": "User ID for the container", + "default": 1001 + }, + "runAsGroup": { + "type": "number", + "description": "Group ID for the container", + "default": 0 + }, + "runAsNonRoot": { + "type": "boolean", + "description": "Set runAsNonRoot for the container", + "default": true + }, + "allowPrivilegeEscalation": { + "type": "boolean", + "description": "Set allowPrivilegeEscalation for the container", + "default": false + }, + "seccompProfile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Set seccompProfile.type for the container", + "default": "RuntimeDefault" + } + } + }, + "capabilities": { + "type": "object", + "properties": { + "drop": { + "type": "array", + "description": "Set capabilities.drop for the container", + "default": [ + "ALL" + ], + "items": { + "type": "string" + } + } + } + } + } + }, + "hostAliases": { + "type": "array", + "description": "PostgreSQL read only pods host aliases", + "default": [], + "items": {} + }, + "hostNetwork": { + "type": "boolean", + "description": "Specify if host network should be enabled for PostgreSQL pod (PostgreSQL read only)", + "default": false + }, + "hostIPC": { + "type": "boolean", + "description": "Specify if host IPC should be enabled for PostgreSQL pod (postgresql primary)", + "default": false + }, + "labels": { + "type": "object", + "description": "Map of labels to add to the statefulset (PostgreSQL read only)", + "default": {} + }, + "annotations": { + "type": "object", + "description": "Annotations for PostgreSQL read only pods", + "default": {} + }, + "podLabels": { + "type": "object", + "description": "Map of labels to add to the pods (PostgreSQL read only)", + "default": {} + }, + "podAnnotations": { + "type": "object", + "description": "Map of annotations to add to the pods (PostgreSQL read only)", + "default": {} + }, + "podAffinityPreset": { + "type": "string", + "description": "PostgreSQL read only pod affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard`", + "default": "" + }, + "podAntiAffinityPreset": { + "type": "string", + "description": "PostgreSQL read only pod anti-affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard`", + "default": "soft" + }, + "nodeAffinityPreset": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "PostgreSQL read only node affinity preset type. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard`", + "default": "" + }, + "key": { + "type": "string", + "description": "PostgreSQL read only node label key to match Ignored if `primary.affinity` is set.", + "default": "" + }, + "values": { + "type": "array", + "description": "PostgreSQL read only node label values to match. Ignored if `primary.affinity` is set.", + "default": [], + "items": {} + } + } + }, + "affinity": { + "type": "object", + "description": "Affinity for PostgreSQL read only pods assignment", + "default": {} + }, + "nodeSelector": { + "type": "object", + "description": "Node labels for PostgreSQL read only pods assignment", + "default": {} + }, + "tolerations": { + "type": "array", + "description": "Tolerations for PostgreSQL read only pods assignment", + "default": [], + "items": {} + }, + "topologySpreadConstraints": { + "type": "array", + "description": "Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template", + "default": [], + "items": {} + }, + "priorityClassName": { + "type": "string", + "description": "Priority Class to use for each pod (PostgreSQL read only)", + "default": "" + }, + "schedulerName": { + "type": "string", + "description": "Use an alternate scheduler, e.g. \"stork\".", + "default": "" + }, + "terminationGracePeriodSeconds": { + "type": "string", + "description": "Seconds PostgreSQL read only pod needs to terminate gracefully", + "default": "" + }, + "updateStrategy": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "PostgreSQL read only statefulset strategy type", + "default": "RollingUpdate" + }, + "rollingUpdate": { + "type": "object", + "description": "PostgreSQL read only statefulset rolling update configuration parameters", + "default": {} + } + } + }, + "extraVolumeMounts": { + "type": "array", + "description": "Optionally specify extra list of additional volumeMounts for the PostgreSQL read only container(s)", + "default": [], + "items": {} + }, + "extraVolumes": { + "type": "array", + "description": "Optionally specify extra list of additional volumes for the PostgreSQL read only pod(s)", + "default": [], + "items": {} + }, + "sidecars": { + "type": "array", + "description": "Add additional sidecar containers to the PostgreSQL read only pod(s)", + "default": [], + "items": {} + }, + "initContainers": { + "type": "array", + "description": "Add additional init containers to the PostgreSQL read only pod(s)", + "default": [], + "items": {} + }, + "extraPodSpec": { + "type": "object", + "description": "Optionally specify extra PodSpec for the PostgreSQL read only pod(s)", + "default": {} + }, + "service": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Kubernetes Service type", + "default": "ClusterIP" + }, + "ports": { + "type": "object", + "properties": { + "postgresql": { + "type": "number", + "description": "PostgreSQL service port", + "default": 5432 + } + } + }, + "nodePorts": { + "type": "object", + "properties": { + "postgresql": { + "type": "string", + "description": "Node port for PostgreSQL", + "default": "" + } + } + }, + "clusterIP": { + "type": "string", + "description": "Static clusterIP or None for headless services", + "default": "" + }, + "annotations": { + "type": "object", + "description": "Annotations for PostgreSQL read only service", + "default": {} + }, + "loadBalancerIP": { + "type": "string", + "description": "Load balancer IP if service type is `LoadBalancer`", + "default": "" + }, + "externalTrafficPolicy": { + "type": "string", + "description": "Enable client source IP preservation", + "default": "Cluster" + }, + "loadBalancerSourceRanges": { + "type": "array", + "description": "Addresses that are allowed when service is LoadBalancer", + "default": [], + "items": {} + }, + "extraPorts": { + "type": "array", + "description": "Extra ports to expose in the PostgreSQL read only service", + "default": [], + "items": {} + }, + "sessionAffinity": { + "type": "string", + "description": "Session Affinity for Kubernetes service, can be \"None\" or \"ClientIP\"", + "default": "None" + }, + "sessionAffinityConfig": { + "type": "object", + "description": "Additional settings for the sessionAffinity", + "default": {} + }, + "headless": { + "type": "object", + "properties": { + "annotations": { + "type": "object", + "description": "Additional custom annotations for headless PostgreSQL read only service", + "default": {} + } + } + } + } + }, + "persistence": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable PostgreSQL read only data persistence using PVC", + "default": true + }, + "existingClaim": { + "type": "string", + "description": "Name of an existing PVC to use", + "default": "" + }, + "mountPath": { + "type": "string", + "description": "The path the volume will be mounted at", + "default": "/bitnami/postgresql" + }, + "subPath": { + "type": "string", + "description": "The subdirectory of the volume to mount to", + "default": "" + }, + "storageClass": { + "type": "string", + "description": "PVC Storage Class for PostgreSQL read only data volume", + "default": "" + }, + "accessModes": { + "type": "array", + "description": "PVC Access Mode for PostgreSQL volume", + "default": [ + "ReadWriteOnce" + ], + "items": { + "type": "string" + } + }, + "size": { + "type": "string", + "description": "PVC Storage Request for PostgreSQL volume", + "default": "8Gi" + }, + "annotations": { + "type": "object", + "description": "Annotations for the PVC", + "default": {} + }, + "labels": { + "type": "object", + "description": "Labels for the PVC", + "default": {} + }, + "selector": { + "type": "object", + "description": "Selector to match an existing Persistent Volume (this value is evaluated as a template)", + "default": {} + }, + "dataSource": { + "type": "object", + "description": "Custom PVC data source", + "default": {} + } + } + }, + "persistentVolumeClaimRetentionPolicy": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable Persistent volume retention policy for read only Statefulset", + "default": false + }, + "whenScaled": { + "type": "string", + "description": "Volume retention behavior when the replica count of the StatefulSet is reduced", + "default": "Retain" + }, + "whenDeleted": { + "type": "string", + "description": "Volume retention behavior that applies when the StatefulSet is deleted", + "default": "Retain" + } + } + } + } + }, + "backup": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable the logical dump of the database \"regularly\"", + "default": false + }, + "cronjob": { + "type": "object", + "properties": { + "schedule": { + "type": "string", + "description": "Set the cronjob parameter schedule", + "default": "@daily" + }, + "concurrencyPolicy": { + "type": "string", + "description": "Set the cronjob parameter concurrencyPolicy", + "default": "Allow" + }, + "failedJobsHistoryLimit": { + "type": "number", + "description": "Set the cronjob parameter failedJobsHistoryLimit", + "default": 1 + }, + "successfulJobsHistoryLimit": { + "type": "number", + "description": "Set the cronjob parameter successfulJobsHistoryLimit", + "default": 3 + }, + "startingDeadlineSeconds": { + "type": "string", + "description": "Set the cronjob parameter startingDeadlineSeconds", + "default": "" + }, + "ttlSecondsAfterFinished": { + "type": "string", + "description": "Set the cronjob parameter ttlSecondsAfterFinished", + "default": "" + }, + "restartPolicy": { + "type": "string", + "description": "Set the cronjob parameter restartPolicy", + "default": "OnFailure" + }, + "containerSecurityContext": { + "type": "object", + "properties": { + "runAsUser": { + "type": "number", + "description": "User ID for the backup container", + "default": 1001 + }, + "runAsGroup": { + "type": "number", + "description": "Group ID for the backup container", + "default": 0 + }, + "runAsNonRoot": { + "type": "boolean", + "description": "Set backup container's Security Context runAsNonRoot", + "default": true + }, + "readOnlyRootFilesystem": { + "type": "boolean", + "description": "Is the container itself readonly", + "default": true + }, + "allowPrivilegeEscalation": { + "type": "boolean", + "description": "Is it possible to escalate backup pod(s) privileges", + "default": false + }, + "seccompProfile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Set backup container's Security Context seccompProfile type", + "default": "RuntimeDefault" + } + } + }, + "capabilities": { + "type": "object", + "properties": { + "drop": { + "type": "array", + "description": "Set backup container's Security Context capabilities to drop", + "default": [ + "ALL" + ], + "items": { + "type": "string" + } + } + } + } + } + }, + "command": { + "type": "array", + "description": "Set backup container's command to run", + "default": [ + "/bin/sh", + "-c", + "pg_dumpall --clean --if-exists --load-via-partition-root --quote-all-identifiers --no-password --file=${PGDUMP_DIR}/pg_dumpall-$(date '+%Y-%m-%d-%H-%M').pgdump" + ], + "items": { + "type": "string" + } + }, + "labels": { + "type": "object", + "description": "Set the cronjob labels", + "default": {} + }, + "annotations": { + "type": "object", + "description": "Set the cronjob annotations", + "default": {} + }, + "storage": { + "type": "object", + "properties": { + "existingClaim": { + "type": "string", + "description": "Provide an existing `PersistentVolumeClaim` (only when `architecture=standalone`)", + "default": "" + }, + "resourcePolicy": { + "type": "string", + "description": "Setting it to \"keep\" to avoid removing PVCs during a helm delete operation. Leaving it empty will delete PVCs after the chart deleted", + "default": "" + }, + "storageClass": { + "type": "string", + "description": "PVC Storage Class for the backup data volume", + "default": "" + }, + "accessModes": { + "type": "array", + "description": "PV Access Mode", + "default": [ + "ReadWriteOnce" + ], + "items": { + "type": "string" + } + }, + "size": { + "type": "string", + "description": "PVC Storage Request for the backup data volume", + "default": "8Gi" + }, + "annotations": { + "type": "object", + "description": "PVC annotations", + "default": {} + }, + "mountPath": { + "type": "string", + "description": "Path to mount the volume at ", + "default": "/backup/pgdump" + }, + "subPath": { + "type": "string", + "description": "Subdirectory of the volume to mount at", + "default": "" + }, + "volumeClaimTemplates": { + "type": "object", + "properties": { + "selector": { + "type": "object", + "description": "A label query over volumes to consider for binding (e.g. when using local volumes)", + "default": {} + } + } + } + } + } + } + } + } + }, + "networkPolicy": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable network policies", + "default": false + }, + "metrics": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable network policies for metrics (prometheus)", + "default": false + } + } + }, + "ingressRules": { + "type": "object", + "properties": { + "primaryAccessOnlyFrom": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable ingress rule that makes PostgreSQL primary node only accessible from a particular origin.", + "default": false + }, + "customRules": { + "type": "array", + "description": "Custom network policy for the PostgreSQL primary node.", + "default": [], + "items": {} + } + } + }, + "readReplicasAccessOnlyFrom": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable ingress rule that makes PostgreSQL read-only nodes only accessible from a particular origin.", + "default": false + }, + "customRules": { + "type": "array", + "description": "Custom network policy for the PostgreSQL read-only nodes.", + "default": [], + "items": {} + } + } + } + } + }, + "egressRules": { + "type": "object", + "properties": { + "denyConnectionsToExternal": { + "type": "boolean", + "description": "Enable egress rule that denies outgoing traffic outside the cluster, except for DNS (port 53).", + "default": false + }, + "customRules": { + "type": "array", + "description": "Custom network policy rule", + "default": [], + "items": {} + } + } + } + } + }, + "volumePermissions": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable init container that changes the owner and group of the persistent volume", + "default": false + }, + "image": { + "type": "object", + "properties": { + "registry": { + "type": "string", + "description": "Init container volume-permissions image registry", + "default": "docker.io" + }, + "repository": { + "type": "string", + "description": "Init container volume-permissions image repository", + "default": "bitnami/os-shell" + }, + "tag": { + "type": "string", + "description": "Init container volume-permissions image tag (immutable tags are recommended)", + "default": "11-debian-11-r43" + }, + "digest": { + "type": "string", + "description": "Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag", + "default": "" + }, + "pullPolicy": { + "type": "string", + "description": "Init container volume-permissions image pull policy", + "default": "IfNotPresent" + }, + "pullSecrets": { + "type": "array", + "description": "Init container volume-permissions image pull secrets", + "default": [], + "items": {} + } + } + }, + "resources": { + "type": "object", + "properties": { + "limits": { + "type": "object", + "description": "Init container volume-permissions resource limits", + "default": {} + }, + "requests": { + "type": "object", + "description": "Init container volume-permissions resource requests", + "default": {} + } + } + }, + "containerSecurityContext": { + "type": "object", + "properties": { + "runAsUser": { + "type": "number", + "description": "User ID for the init container", + "default": 0 + }, + "runAsGroup": { + "type": "number", + "description": "Group ID for the init container", + "default": 0 + }, + "runAsNonRoot": { + "type": "boolean", + "description": "runAsNonRoot for the init container", + "default": false + }, + "seccompProfile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "seccompProfile.type for the init container", + "default": "RuntimeDefault" + } + } + } + } + } + } + }, + "serviceBindings": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Create secret for service binding (Experimental)", + "default": false + } + } + }, + "serviceAccount": { + "type": "object", + "properties": { + "create": { + "type": "boolean", + "description": "Enable creation of ServiceAccount for PostgreSQL pod", + "default": false + }, + "name": { + "type": "string", + "description": "The name of the ServiceAccount to use.", + "default": "" + }, + "automountServiceAccountToken": { + "type": "boolean", + "description": "Allows auto mount of ServiceAccountToken on the serviceAccount created", + "default": true + }, + "annotations": { + "type": "object", + "description": "Additional custom annotations for the ServiceAccount", + "default": {} + } + } + }, + "rbac": { + "type": "object", + "properties": { + "create": { + "type": "boolean", + "description": "Create Role and RoleBinding (required for PSP to work)", + "default": false + }, + "rules": { + "type": "array", + "description": "Custom RBAC rules to set", + "default": [], + "items": {} + } + } + }, + "psp": { + "type": "object", + "properties": { + "create": { + "type": "boolean", + "description": "Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later", + "default": false + } + } + }, + "metrics": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Start a prometheus exporter", + "default": false + }, + "image": { + "type": "object", + "properties": { + "registry": { + "type": "string", + "description": "PostgreSQL Prometheus Exporter image registry", + "default": "docker.io" + }, + "repository": { + "type": "string", + "description": "PostgreSQL Prometheus Exporter image repository", + "default": "bitnami/postgres-exporter" + }, + "tag": { + "type": "string", + "description": "PostgreSQL Prometheus Exporter image tag (immutable tags are recommended)", + "default": "0.13.2-debian-11-r25" + }, + "digest": { + "type": "string", + "description": "PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag", + "default": "" + }, + "pullPolicy": { + "type": "string", + "description": "PostgreSQL Prometheus Exporter image pull policy", + "default": "IfNotPresent" + }, + "pullSecrets": { + "type": "array", + "description": "Specify image pull secrets", + "default": [], + "items": {} + } + } + }, + "customMetrics": { + "type": "object", + "description": "Define additional custom metrics", + "default": {} + }, + "extraEnvVars": { + "type": "array", + "description": "Extra environment variables to add to PostgreSQL Prometheus exporter", + "default": [], + "items": {} + }, + "containerSecurityContext": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable PostgreSQL Prometheus exporter containers' Security Context", + "default": true + }, + "runAsUser": { + "type": "number", + "description": "Set PostgreSQL Prometheus exporter containers' Security Context runAsUser", + "default": 1001 + }, + "runAsGroup": { + "type": "number", + "description": "Set PostgreSQL Prometheus exporter containers' Security Context runAsGroup", + "default": 0 + }, + "runAsNonRoot": { + "type": "boolean", + "description": "Set PostgreSQL Prometheus exporter containers' Security Context runAsNonRoot", + "default": true + }, + "allowPrivilegeEscalation": { + "type": "boolean", + "description": "Set PostgreSQL Prometheus exporter containers' Security Context allowPrivilegeEscalation", + "default": false + }, + "seccompProfile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Set PostgreSQL Prometheus exporter containers' Security Context seccompProfile.type", + "default": "RuntimeDefault" + } + } + }, + "capabilities": { + "type": "object", + "properties": { + "drop": { + "type": "array", + "description": "Set PostgreSQL Prometheus exporter containers' Security Context capabilities.drop", + "default": [ + "ALL" + ], + "items": { + "type": "string" + } + } + } + } + } + }, + "livenessProbe": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable livenessProbe on PostgreSQL Prometheus exporter containers", + "default": true + }, + "initialDelaySeconds": { + "type": "number", + "description": "Initial delay seconds for livenessProbe", + "default": 5 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for livenessProbe", + "default": 10 + }, + "timeoutSeconds": { + "type": "number", + "description": "Timeout seconds for livenessProbe", + "default": 5 + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for livenessProbe", + "default": 6 + }, + "successThreshold": { + "type": "number", + "description": "Success threshold for livenessProbe", + "default": 1 + } + } + }, + "readinessProbe": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable readinessProbe on PostgreSQL Prometheus exporter containers", + "default": true + }, + "initialDelaySeconds": { + "type": "number", + "description": "Initial delay seconds for readinessProbe", + "default": 5 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for readinessProbe", + "default": 10 + }, + "timeoutSeconds": { + "type": "number", + "description": "Timeout seconds for readinessProbe", + "default": 5 + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for readinessProbe", + "default": 6 + }, + "successThreshold": { + "type": "number", + "description": "Success threshold for readinessProbe", + "default": 1 + } + } + }, + "startupProbe": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable startupProbe on PostgreSQL Prometheus exporter containers", + "default": false + }, + "initialDelaySeconds": { + "type": "number", + "description": "Initial delay seconds for startupProbe", + "default": 10 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for startupProbe", + "default": 10 + }, + "timeoutSeconds": { + "type": "number", + "description": "Timeout seconds for startupProbe", + "default": 1 + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for startupProbe", + "default": 15 + }, + "successThreshold": { + "type": "number", + "description": "Success threshold for startupProbe", + "default": 1 + } + } + }, + "customLivenessProbe": { + "type": "object", + "description": "Custom livenessProbe that overrides the default one", + "default": {} + }, + "customReadinessProbe": { + "type": "object", + "description": "Custom readinessProbe that overrides the default one", + "default": {} + }, + "customStartupProbe": { + "type": "object", + "description": "Custom startupProbe that overrides the default one", + "default": {} + }, + "containerPorts": { + "type": "object", + "properties": { + "metrics": { + "type": "number", + "description": "PostgreSQL Prometheus exporter metrics container port", + "default": 9187 + } + } + }, + "resources": { + "type": "object", + "properties": { + "limits": { + "type": "object", + "description": "The resources limits for the PostgreSQL Prometheus exporter container", + "default": {} + }, + "requests": { + "type": "object", + "description": "The requested resources for the PostgreSQL Prometheus exporter container", + "default": {} + } + } + }, + "service": { + "type": "object", + "properties": { + "ports": { + "type": "object", + "properties": { + "metrics": { + "type": "number", + "description": "PostgreSQL Prometheus Exporter service port", + "default": 9187 + } + } + }, + "clusterIP": { + "type": "string", + "description": "Static clusterIP or None for headless services", + "default": "" + }, + "sessionAffinity": { + "type": "string", + "description": "Control where client requests go, to the same pod or round-robin", + "default": "None" + }, + "annotations": { + "type": "object", + "properties": { + "prometheus": { + "type": "object", + "properties": { + "io/scrape": { + "type": "string", + "description": "", + "default": "true" + }, + "io/port": { + "type": "string", + "description": "", + "default": "{{ .Values.metrics.service.ports.metrics }}" + } + } + } + } + } + } + }, + "serviceMonitor": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Create ServiceMonitor Resource for scraping metrics using Prometheus Operator", + "default": false + }, + "namespace": { + "type": "string", + "description": "Namespace for the ServiceMonitor Resource (defaults to the Release Namespace)", + "default": "" + }, + "interval": { + "type": "string", + "description": "Interval at which metrics should be scraped.", + "default": "" + }, + "scrapeTimeout": { + "type": "string", + "description": "Timeout after which the scrape is ended", + "default": "" + }, + "labels": { + "type": "object", + "description": "Additional labels that can be used so ServiceMonitor will be discovered by Prometheus", + "default": {} + }, + "selector": { + "type": "object", + "description": "Prometheus instance selector labels", + "default": {} + }, + "relabelings": { + "type": "array", + "description": "RelabelConfigs to apply to samples before scraping", + "default": [], + "items": {} + }, + "metricRelabelings": { + "type": "array", + "description": "MetricRelabelConfigs to apply to samples before ingestion", + "default": [], + "items": {} + }, + "honorLabels": { + "type": "boolean", + "description": "Specify honorLabels parameter to add the scrape endpoint", + "default": false + }, + "jobLabel": { + "type": "string", + "description": "The name of the label on the target service to use as the job name in prometheus.", + "default": "" + } + } + }, + "prometheusRule": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Create a PrometheusRule for Prometheus Operator", + "default": false + }, + "namespace": { + "type": "string", + "description": "Namespace for the PrometheusRule Resource (defaults to the Release Namespace)", + "default": "" + }, + "labels": { + "type": "object", + "description": "Additional labels that can be used so PrometheusRule will be discovered by Prometheus", + "default": {} + }, + "rules": { + "type": "array", + "description": "PrometheusRule definitions", + "default": [], + "items": {} + } + } + } + } } - } - }, - "volumePermissions": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "form": true, - "title": "Enable Init Containers", - "description": "Change the owner of the persist volume mountpoint to RunAsUser:fsGroup" - } - } - }, - "metrics": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "title": "Configure metrics exporter", - "form": true - } - } } - } -} +} \ No newline at end of file diff --git a/charts/bitnami/wordpress/Chart.lock b/charts/bitnami/wordpress/Chart.lock index 4ef795a8d..2e9297d86 100644 --- a/charts/bitnami/wordpress/Chart.lock +++ b/charts/bitnami/wordpress/Chart.lock @@ -1,12 +1,12 @@ dependencies: - name: memcached repository: oci://registry-1.docker.io/bitnamicharts - version: 6.6.0 + version: 6.6.2 - name: mariadb repository: oci://registry-1.docker.io/bitnamicharts - version: 13.1.2 + version: 13.1.3 - name: common repository: oci://registry-1.docker.io/bitnamicharts - version: 2.10.0 -digest: sha256:43e3c96b00ca0a4ab5c9c67a02dabe4622f5c1eee190765c5c57e1d5f020d1c0 -generated: "2023-09-05T11:36:53.092756+02:00" + version: 2.11.0 +digest: sha256:ff0afc3f2e4eeae2e6aaad5cded81bbfd65a82b8c4b3cef4b6b5e370956f0ab4 +generated: "2023-09-15T01:58:58.949665927Z" diff --git a/charts/bitnami/wordpress/Chart.yaml b/charts/bitnami/wordpress/Chart.yaml index a89ae6493..978caf553 100644 --- a/charts/bitnami/wordpress/Chart.yaml +++ b/charts/bitnami/wordpress/Chart.yaml @@ -6,11 +6,11 @@ annotations: category: CMS images: | - name: apache-exporter - image: docker.io/bitnami/apache-exporter:1.0.1-debian-11-r32 + image: docker.io/bitnami/apache-exporter:1.0.1-debian-11-r44 - name: os-shell - image: docker.io/bitnami/os-shell:11-debian-11-r54 + image: docker.io/bitnami/os-shell:11-debian-11-r66 - name: wordpress - image: docker.io/bitnami/wordpress:6.3.1-debian-11-r2 + image: docker.io/bitnami/wordpress:6.3.1-debian-11-r14 licenses: Apache-2.0 apiVersion: v2 appVersion: 6.3.1 @@ -47,4 +47,4 @@ maintainers: name: wordpress sources: - https://github.com/bitnami/charts/tree/main/bitnami/wordpress -version: 17.1.7 +version: 17.1.8 diff --git a/charts/bitnami/wordpress/README.md b/charts/bitnami/wordpress/README.md index e560fd44c..4307de97b 100644 --- a/charts/bitnami/wordpress/README.md +++ b/charts/bitnami/wordpress/README.md @@ -78,15 +78,15 @@ The command removes all the Kubernetes components associated with the chart and ### WordPress Image parameters -| Name | Description | Value | -| ------------------- | --------------------------------------------------------------------------------------------------------- | -------------------- | -| `image.registry` | WordPress image registry | `docker.io` | -| `image.repository` | WordPress image repository | `bitnami/wordpress` | -| `image.tag` | WordPress image tag (immutable tags are recommended) | `6.3.1-debian-11-r2` | -| `image.digest` | WordPress image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | WordPress image pull policy | `IfNotPresent` | -| `image.pullSecrets` | WordPress image pull secrets | `[]` | -| `image.debug` | Specify if debug values should be set | `false` | +| Name | Description | Value | +| ------------------- | --------------------------------------------------------------------------------------------------------- | --------------------- | +| `image.registry` | WordPress image registry | `docker.io` | +| `image.repository` | WordPress image repository | `bitnami/wordpress` | +| `image.tag` | WordPress image tag (immutable tags are recommended) | `6.3.1-debian-11-r14` | +| `image.digest` | WordPress image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | WordPress image pull policy | `IfNotPresent` | +| `image.pullSecrets` | WordPress image pull secrets | `[]` | +| `image.debug` | Specify if debug values should be set | `false` | ### WordPress Configuration parameters @@ -249,7 +249,7 @@ The command removes all the Kubernetes components associated with the chart and | `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | | `volumePermissions.image.registry` | OS Shell + Utility image registry | `docker.io` | | `volumePermissions.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r54` | +| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r66` | | `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | | `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | @@ -281,7 +281,7 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.enabled` | Start a sidecar prometheus exporter to expose metrics | `false` | | `metrics.image.registry` | Apache exporter image registry | `docker.io` | | `metrics.image.repository` | Apache exporter image repository | `bitnami/apache-exporter` | -| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `1.0.1-debian-11-r32` | +| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `1.0.1-debian-11-r44` | | `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.pullPolicy` | Apache exporter image pull policy | `IfNotPresent` | | `metrics.image.pullSecrets` | Apache exporter image pull secrets | `[]` | diff --git a/charts/bitnami/wordpress/charts/common/Chart.yaml b/charts/bitnami/wordpress/charts/common/Chart.yaml index e35c2d0e7..f62cb205e 100644 --- a/charts/bitnami/wordpress/charts/common/Chart.yaml +++ b/charts/bitnami/wordpress/charts/common/Chart.yaml @@ -2,7 +2,7 @@ annotations: category: Infrastructure licenses: Apache-2.0 apiVersion: v2 -appVersion: 2.9.2 +appVersion: 2.11.0 description: A Library Helm Chart for grouping common logic between bitnami charts. This chart is not deployable by itself. home: https://bitnami.com @@ -20,4 +20,4 @@ name: common sources: - https://github.com/bitnami/charts type: library -version: 2.10.0 +version: 2.11.0 diff --git a/charts/bitnami/wordpress/charts/common/templates/_images.tpl b/charts/bitnami/wordpress/charts/common/templates/_images.tpl index 2181f3224..e248d6d08 100644 --- a/charts/bitnami/wordpress/charts/common/templates/_images.tpl +++ b/charts/bitnami/wordpress/charts/common/templates/_images.tpl @@ -83,3 +83,19 @@ imagePullSecrets: {{- end }} {{- end }} {{- end -}} + +{{/* +Return the proper image version (ingores image revision/prerelease info & fallbacks to chart appVersion) +{{ include "common.images.version" ( dict "imageRoot" .Values.path.to.the.image "chart" .Chart ) }} +*/}} +{{- define "common.images.version" -}} +{{- $imageTag := .imageRoot.tag | toString -}} +{{/* regexp from https://github.com/Masterminds/semver/blob/23f51de38a0866c5ef0bfc42b3f735c73107b700/version.go#L41-L44 */}} +{{- if regexMatch `^([0-9]+)(\.[0-9]+)?(\.[0-9]+)?(-([0-9A-Za-z\-]+(\.[0-9A-Za-z\-]+)*))?(\+([0-9A-Za-z\-]+(\.[0-9A-Za-z\-]+)*))?$` $imageTag -}} + {{- $version := semver $imageTag -}} + {{- printf "%d.%d.%d" $version.Major $version.Minor $version.Patch -}} +{{- else -}} + {{- print .chart.AppVersion -}} +{{- end -}} +{{- end -}} + diff --git a/charts/bitnami/wordpress/charts/common/templates/_labels.tpl b/charts/bitnami/wordpress/charts/common/templates/_labels.tpl index fac46076a..a0534f7f9 100644 --- a/charts/bitnami/wordpress/charts/common/templates/_labels.tpl +++ b/charts/bitnami/wordpress/charts/common/templates/_labels.tpl @@ -11,16 +11,7 @@ Kubernetes standard labels */}} {{- define "common.labels.standard" -}} {{- if and (hasKey . "customLabels") (hasKey . "context") -}} -{{ merge - (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) - (dict - "app.kubernetes.io/name" (include "common.names.name" .context) - "helm.sh/chart" (include "common.names.chart" .context) - "app.kubernetes.io/instance" .context.Release.Name - "app.kubernetes.io/managed-by" .context.Release.Service - ) - | toYaml -}} +{{ merge (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) (dict "app.kubernetes.io/name" (include "common.names.name" .context) "helm.sh/chart" (include "common.names.chart" .context) "app.kubernetes.io/instance" .context.Release.Name "app.kubernetes.io/managed-by" .context.Release.Service) | toYaml }} {{- else -}} app.kubernetes.io/name: {{ include "common.names.name" . }} helm.sh/chart: {{ include "common.names.chart" . }} @@ -40,14 +31,7 @@ overwrote them on metadata.labels fields. */}} {{- define "common.labels.matchLabels" -}} {{- if and (hasKey . "customLabels") (hasKey . "context") -}} -{{ merge - (pick (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) "app.kubernetes.io/name" "app.kubernetes.io/instance") - (dict - "app.kubernetes.io/name" (include "common.names.name" .context) - "app.kubernetes.io/instance" .context.Release.Name - ) - | toYaml -}} +{{ merge (pick (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) "app.kubernetes.io/name" "app.kubernetes.io/instance") (dict "app.kubernetes.io/name" (include "common.names.name" .context) "app.kubernetes.io/instance" .context.Release.Name ) | toYaml }} {{- else -}} app.kubernetes.io/name: {{ include "common.names.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} diff --git a/charts/bitnami/wordpress/charts/common/values.schema.json b/charts/bitnami/wordpress/charts/common/values.schema.json new file mode 100644 index 000000000..2124b3e4a --- /dev/null +++ b/charts/bitnami/wordpress/charts/common/values.schema.json @@ -0,0 +1,11 @@ +{ + "title": "Chart Values", + "type": "object", + "properties": { + "exampleValue": { + "type": "string", + "description": "", + "default": "common-chart" + } + } +} \ No newline at end of file diff --git a/charts/bitnami/wordpress/charts/mariadb/Chart.lock b/charts/bitnami/wordpress/charts/mariadb/Chart.lock index 14201b03a..19147bb9d 100644 --- a/charts/bitnami/wordpress/charts/mariadb/Chart.lock +++ b/charts/bitnami/wordpress/charts/mariadb/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: common repository: oci://registry-1.docker.io/bitnamicharts - version: 2.9.0 -digest: sha256:416ad278a896f0e9b51d5305bef5d875c7cca6fbb64b75e1f131b04763e2aff9 -generated: "2023-08-22T14:14:34.796011+02:00" + version: 2.10.0 +digest: sha256:023ded170632d04528f30332370f34fc8fb96efb2886a01d934cb3bd6e6d2e09 +generated: "2023-09-05T11:34:05.709018+02:00" diff --git a/charts/bitnami/wordpress/charts/mariadb/Chart.yaml b/charts/bitnami/wordpress/charts/mariadb/Chart.yaml index e3cef98b1..74bd889a8 100644 --- a/charts/bitnami/wordpress/charts/mariadb/Chart.yaml +++ b/charts/bitnami/wordpress/charts/mariadb/Chart.yaml @@ -33,4 +33,4 @@ maintainers: name: mariadb sources: - https://github.com/bitnami/charts/tree/main/bitnami/mariadb -version: 13.1.2 +version: 13.1.3 diff --git a/charts/bitnami/wordpress/charts/mariadb/charts/common/Chart.yaml b/charts/bitnami/wordpress/charts/mariadb/charts/common/Chart.yaml index 644d2a798..e35c2d0e7 100644 --- a/charts/bitnami/wordpress/charts/mariadb/charts/common/Chart.yaml +++ b/charts/bitnami/wordpress/charts/mariadb/charts/common/Chart.yaml @@ -2,7 +2,7 @@ annotations: category: Infrastructure licenses: Apache-2.0 apiVersion: v2 -appVersion: 2.9.0 +appVersion: 2.9.2 description: A Library Helm Chart for grouping common logic between bitnami charts. This chart is not deployable by itself. home: https://bitnami.com @@ -20,4 +20,4 @@ name: common sources: - https://github.com/bitnami/charts type: library -version: 2.9.0 +version: 2.10.0 diff --git a/charts/bitnami/wordpress/charts/mariadb/charts/common/templates/_affinities.tpl b/charts/bitnami/wordpress/charts/mariadb/charts/common/templates/_affinities.tpl index b77534bb9..e85b1df45 100644 --- a/charts/bitnami/wordpress/charts/mariadb/charts/common/templates/_affinities.tpl +++ b/charts/bitnami/wordpress/charts/mariadb/charts/common/templates/_affinities.tpl @@ -60,12 +60,13 @@ Return a topologyKey definition {{/* Return a soft podAffinity/podAntiAffinity definition -{{ include "common.affinities.pods.soft" (dict "component" "FOO" "customLabels" .Values.podLabels "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "context" $) -}} +{{ include "common.affinities.pods.soft" (dict "component" "FOO" "customLabels" .Values.podLabels "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "extraPodAffinityTerms" .Values.extraPodAffinityTerms "context" $) -}} */}} {{- define "common.affinities.pods.soft" -}} {{- $component := default "" .component -}} {{- $customLabels := default (dict) .customLabels -}} {{- $extraMatchLabels := default (dict) .extraMatchLabels -}} +{{- $extraPodAffinityTerms := default (list) .extraPodAffinityTerms -}} preferredDuringSchedulingIgnoredDuringExecution: - podAffinityTerm: labelSelector: @@ -78,16 +79,30 @@ preferredDuringSchedulingIgnoredDuringExecution: {{- end }} topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }} weight: 1 + {{- range $extraPodAffinityTerms }} + - podAffinityTerm: + labelSelector: + matchLabels: {{- (include "common.labels.matchLabels" ( dict "customLabels" $customLabels "context" $.context )) | nindent 10 }} + {{- if not (empty $component) }} + {{ printf "app.kubernetes.io/component: %s" $component }} + {{- end }} + {{- range $key, $value := .extraMatchLabels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }} + weight: {{ .weight | default 1 -}} + {{- end -}} {{- end -}} {{/* Return a hard podAffinity/podAntiAffinity definition -{{ include "common.affinities.pods.hard" (dict "component" "FOO" "customLabels" .Values.podLabels "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "context" $) -}} +{{ include "common.affinities.pods.hard" (dict "component" "FOO" "customLabels" .Values.podLabels "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "extraPodAffinityTerms" .Values.extraPodAffinityTerms "context" $) -}} */}} {{- define "common.affinities.pods.hard" -}} {{- $component := default "" .component -}} {{- $customLabels := default (dict) .customLabels -}} {{- $extraMatchLabels := default (dict) .extraMatchLabels -}} +{{- $extraPodAffinityTerms := default (list) .extraPodAffinityTerms -}} requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchLabels: {{- (include "common.labels.matchLabels" ( dict "customLabels" $customLabels "context" .context )) | nindent 8 }} @@ -98,6 +113,17 @@ requiredDuringSchedulingIgnoredDuringExecution: {{ $key }}: {{ $value | quote }} {{- end }} topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }} + {{- range $extraPodAffinityTerms }} + - labelSelector: + matchLabels: {{- (include "common.labels.matchLabels" ( dict "customLabels" $customLabels "context" $.context )) | nindent 8 }} + {{- if not (empty $component) }} + {{ printf "app.kubernetes.io/component: %s" $component }} + {{- end }} + {{- range $key, $value := .extraMatchLabels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }} + {{- end -}} {{- end -}} {{/* diff --git a/charts/bitnami/wordpress/charts/mariadb/charts/common/templates/_tplvalues.tpl b/charts/bitnami/wordpress/charts/mariadb/charts/common/templates/_tplvalues.tpl index dc15f7fdc..a8ed7637e 100644 --- a/charts/bitnami/wordpress/charts/mariadb/charts/common/templates/_tplvalues.tpl +++ b/charts/bitnami/wordpress/charts/mariadb/charts/common/templates/_tplvalues.tpl @@ -11,17 +11,28 @@ Usage: {{ include "common.tplvalues.render" ( dict "value" .Values.path.to.the.Value "context" $ "scope" $app ) }} */}} {{- define "common.tplvalues.render" -}} -{{- if .scope }} - {{- if typeIs "string" .value }} - {{- tpl (cat "{{- with $.RelativeScope -}}" .value "{{- end }}") (merge (dict "RelativeScope" .scope) .context) }} +{{- $value := typeIs "string" .value | ternary .value (.value | toYaml) }} +{{- if contains "{{" (toJson .value) }} + {{- if .scope }} + {{- tpl (cat "{{- with $.RelativeScope -}}" $value "{{- end }}") (merge (dict "RelativeScope" .scope) .context) }} {{- else }} - {{- tpl (cat "{{- with $.RelativeScope -}}" (.value | toYaml) "{{- end }}") (merge (dict "RelativeScope" .scope) .context) }} + {{- tpl $value .context }} {{- end }} {{- else }} - {{- if typeIs "string" .value }} - {{- tpl .value .context }} - {{- else }} - {{- tpl (.value | toYaml) .context }} - {{- end }} + {{- $value }} +{{- end }} {{- end -}} + +{{/* +Merge a list of values that contains template after rendering them. +Merge precedence is consistent with http://masterminds.github.io/sprig/dicts.html#merge-mustmerge +Usage: +{{ include "common.tplvalues.merge" ( dict "values" (list .Values.path.to.the.Value1 .Values.path.to.the.Value2) "context" $ ) }} +*/}} +{{- define "common.tplvalues.merge" -}} +{{- $dst := dict -}} +{{- range .values -}} +{{- $dst = include "common.tplvalues.render" (dict "value" . "context" $.context "scope" $.scope) | fromYaml | merge $dst -}} +{{- end -}} +{{ $dst | toYaml }} {{- end -}} diff --git a/charts/bitnami/wordpress/charts/mariadb/templates/primary/networkpolicy-ingress.yaml b/charts/bitnami/wordpress/charts/mariadb/templates/primary/networkpolicy-ingress.yaml index 318a11943..b3e5e6720 100644 --- a/charts/bitnami/wordpress/charts/mariadb/templates/primary/networkpolicy-ingress.yaml +++ b/charts/bitnami/wordpress/charts/mariadb/templates/primary/networkpolicy-ingress.yaml @@ -14,7 +14,7 @@ metadata: annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- end }} spec: - {{- $primaryPodLabels := merge .Values.primary.podLabels .Values.commonLabels }} + {{- $primaryPodLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.primary.podLabels .Values.commonLabels ) "context" . ) }} podSelector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $primaryPodLabels "context" $ ) | nindent 6 }} app.kubernetes.io/component: primary @@ -47,7 +47,7 @@ spec: {{- end }} {{- if and .Values.networkPolicy.ingressRules.primaryAccessOnlyFrom.enabled (eq .Values.architecture "replication") }} - from: - {{- $secondaryPodLabels := merge .Values.secondary.podLabels .Values.commonLabels }} + {{- $secondaryPodLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.secondary.podLabels .Values.commonLabels ) "context" . ) }} - podSelector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $secondaryPodLabels "context" $ ) | nindent 14 }} app.kubernetes.io/component: secondary diff --git a/charts/bitnami/wordpress/charts/mariadb/templates/primary/pdb.yaml b/charts/bitnami/wordpress/charts/mariadb/templates/primary/pdb.yaml index 0a9b21c71..d39e58156 100644 --- a/charts/bitnami/wordpress/charts/mariadb/templates/primary/pdb.yaml +++ b/charts/bitnami/wordpress/charts/mariadb/templates/primary/pdb.yaml @@ -21,7 +21,7 @@ spec: {{- if .Values.primary.pdb.maxUnavailable }} maxUnavailable: {{ .Values.primary.pdb.maxUnavailable }} {{- end }} - {{- $podLabels := merge .Values.primary.podLabels .Values.commonLabels }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.primary.podLabels .Values.commonLabels ) "context" . ) }} selector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} app.kubernetes.io/component: primary diff --git a/charts/bitnami/wordpress/charts/mariadb/templates/primary/statefulset.yaml b/charts/bitnami/wordpress/charts/mariadb/templates/primary/statefulset.yaml index ee6ab57ad..4b1369b67 100644 --- a/charts/bitnami/wordpress/charts/mariadb/templates/primary/statefulset.yaml +++ b/charts/bitnami/wordpress/charts/mariadb/templates/primary/statefulset.yaml @@ -16,7 +16,7 @@ metadata: spec: replicas: 1 revisionHistoryLimit: {{ .Values.primary.revisionHistoryLimit }} - {{- $podLabels := merge .Values.primary.podLabels .Values.commonLabels }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.primary.podLabels .Values.commonLabels ) "context" . ) }} selector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} app.kubernetes.io/component: primary @@ -371,7 +371,7 @@ spec: volumeClaimTemplates: - metadata: name: data - {{- $claimLabels := merge .Values.primary.persistence.labels .Values.commonLabels }} + {{- $claimLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.primary.persistence.labels .Values.commonLabels ) "context" . ) }} labels: {{- include "common.labels.matchLabels" ( dict "customLabels" $claimLabels "context" $ ) | nindent 10 }} app.kubernetes.io/component: primary {{- if .Values.primary.persistence.annotations }} diff --git a/charts/bitnami/wordpress/charts/mariadb/templates/primary/svc.yaml b/charts/bitnami/wordpress/charts/mariadb/templates/primary/svc.yaml index adf3685e0..0191bdf1b 100644 --- a/charts/bitnami/wordpress/charts/mariadb/templates/primary/svc.yaml +++ b/charts/bitnami/wordpress/charts/mariadb/templates/primary/svc.yaml @@ -12,7 +12,7 @@ metadata: app.kubernetes.io/component: primary annotations: {{- if or .Values.primary.service.annotations .Values.commonAnnotations }} - {{- $annotations := merge .Values.primary.service.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.primary.service.annotations .Values.commonAnnotations ) "context" . ) }} {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} {{- end }} {{- if and .Values.metrics.enabled .Values.metrics.annotations }} @@ -57,6 +57,6 @@ spec: {{- if .Values.primary.service.extraPorts }} {{- include "common.tplvalues.render" (dict "value" .Values.primary.service.extraPorts "context" $) | nindent 4 }} {{- end }} - {{- $podLabels := merge .Values.primary.podLabels .Values.commonLabels }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.primary.podLabels .Values.commonLabels ) "context" . ) }} selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} app.kubernetes.io/component: primary diff --git a/charts/bitnami/wordpress/charts/mariadb/templates/secondary/networkpolicy-ingress.yaml b/charts/bitnami/wordpress/charts/mariadb/templates/secondary/networkpolicy-ingress.yaml index a0d4cf321..d4545af44 100644 --- a/charts/bitnami/wordpress/charts/mariadb/templates/secondary/networkpolicy-ingress.yaml +++ b/charts/bitnami/wordpress/charts/mariadb/templates/secondary/networkpolicy-ingress.yaml @@ -14,7 +14,7 @@ metadata: annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- end }} spec: - {{- $secondaryPodLabels := merge .Values.secondary.podLabels .Values.commonLabels }} + {{- $secondaryPodLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.secondary.podLabels .Values.commonLabels ) "context" . ) }} podSelector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $secondaryPodLabels "context" $ ) | nindent 6 }} app.kubernetes.io/component: secondary diff --git a/charts/bitnami/wordpress/charts/mariadb/templates/secondary/pdb.yaml b/charts/bitnami/wordpress/charts/mariadb/templates/secondary/pdb.yaml index d4163f19e..5893731d5 100644 --- a/charts/bitnami/wordpress/charts/mariadb/templates/secondary/pdb.yaml +++ b/charts/bitnami/wordpress/charts/mariadb/templates/secondary/pdb.yaml @@ -21,7 +21,7 @@ spec: {{- if .Values.secondary.pdb.maxUnavailable }} maxUnavailable: {{ .Values.secondary.pdb.maxUnavailable }} {{- end }} - {{- $podLabels := merge .Values.secondary.podLabels .Values.commonLabels }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.secondary.podLabels .Values.commonLabels ) "context" . ) }} selector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} app.kubernetes.io/component: secondary diff --git a/charts/bitnami/wordpress/charts/mariadb/templates/secondary/statefulset.yaml b/charts/bitnami/wordpress/charts/mariadb/templates/secondary/statefulset.yaml index b5ef7a795..82d4de9dd 100644 --- a/charts/bitnami/wordpress/charts/mariadb/templates/secondary/statefulset.yaml +++ b/charts/bitnami/wordpress/charts/mariadb/templates/secondary/statefulset.yaml @@ -17,7 +17,7 @@ metadata: spec: replicas: {{ .Values.secondary.replicaCount }} revisionHistoryLimit: {{ .Values.secondary.revisionHistoryLimit }} - {{- $podLabels := merge .Values.secondary.podLabels .Values.commonLabels }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.secondary.podLabels .Values.commonLabels ) "context" . ) }} selector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} app.kubernetes.io/component: secondary @@ -341,7 +341,7 @@ spec: volumeClaimTemplates: - metadata: name: data - {{- $claimLabels := merge .Values.secondary.persistence.labels .Values.commonLabels }} + {{- $claimLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.secondary.persistence.labels .Values.commonLabels ) "context" . ) }} labels: {{- include "common.labels.matchLabels" ( dict "customLabels" $claimLabels "context" $ ) | nindent 10 }} app.kubernetes.io/component: secondary {{- if .Values.secondary.persistence.annotations }} diff --git a/charts/bitnami/wordpress/charts/mariadb/templates/secondary/svc.yaml b/charts/bitnami/wordpress/charts/mariadb/templates/secondary/svc.yaml index 36fd81042..9c21941bf 100644 --- a/charts/bitnami/wordpress/charts/mariadb/templates/secondary/svc.yaml +++ b/charts/bitnami/wordpress/charts/mariadb/templates/secondary/svc.yaml @@ -13,7 +13,7 @@ metadata: app.kubernetes.io/component: secondary annotations: {{- if or .Values.secondary.service.annotations .Values.commonAnnotations }} - {{- $annotations := merge .Values.secondary.service.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.secondary.service.annotations .Values.commonAnnotations ) "context" . ) }} {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} {{- end }} {{- if and .Values.metrics.enabled .Values.metrics.annotations }} @@ -58,7 +58,7 @@ spec: {{- if .Values.secondary.service.extraPorts }} {{- include "common.tplvalues.render" (dict "value" .Values.secondary.service.extraPorts "context" $) | nindent 4 }} {{- end }} - {{- $podLabels := merge .Values.secondary.podLabels .Values.commonLabels }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.secondary.podLabels .Values.commonLabels ) "context" . ) }} selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} app.kubernetes.io/component: secondary {{- end }} diff --git a/charts/bitnami/wordpress/charts/mariadb/templates/serviceaccount.yaml b/charts/bitnami/wordpress/charts/mariadb/templates/serviceaccount.yaml index eb00a4363..15cd63f15 100644 --- a/charts/bitnami/wordpress/charts/mariadb/templates/serviceaccount.yaml +++ b/charts/bitnami/wordpress/charts/mariadb/templates/serviceaccount.yaml @@ -11,7 +11,7 @@ metadata: namespace: {{ .Release.Namespace | quote }} labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} {{- if or .Values.serviceAccount.annotations .Values.commonAnnotations }} - {{- $annotations := merge .Values.serviceAccount.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.serviceAccount.annotations .Values.commonAnnotations ) "context" . ) }} annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} {{- end }} automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} diff --git a/charts/bitnami/wordpress/charts/mariadb/templates/servicemonitor.yaml b/charts/bitnami/wordpress/charts/mariadb/templates/servicemonitor.yaml index 3ab4bb68b..604d32b33 100644 --- a/charts/bitnami/wordpress/charts/mariadb/templates/servicemonitor.yaml +++ b/charts/bitnami/wordpress/charts/mariadb/templates/servicemonitor.yaml @@ -9,7 +9,7 @@ kind: ServiceMonitor metadata: name: {{ include "common.names.fullname" . }} namespace: {{ default .Release.Namespace .Values.metrics.prometheusRule.namespace | quote }} - {{- $labels := merge .Values.metrics.serviceMonitor.labels .Values.commonLabels }} + {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.serviceMonitor.labels .Values.commonLabels ) "context" . ) }} labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} {{- if .Values.commonAnnotations }} annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} diff --git a/charts/bitnami/wordpress/charts/memcached/Chart.lock b/charts/bitnami/wordpress/charts/memcached/Chart.lock index b2cf49223..ccaeac251 100644 --- a/charts/bitnami/wordpress/charts/memcached/Chart.lock +++ b/charts/bitnami/wordpress/charts/memcached/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: common repository: oci://registry-1.docker.io/bitnamicharts - version: 2.9.0 -digest: sha256:416ad278a896f0e9b51d5305bef5d875c7cca6fbb64b75e1f131b04763e2aff9 -generated: "2023-08-22T14:15:31.449956+02:00" + version: 2.10.1 +digest: sha256:daa1b58d8ebece125719a584651716f45f3b32268d691e449da396b34ae89c27 +generated: "2023-09-11T10:07:22.644113008Z" diff --git a/charts/bitnami/wordpress/charts/memcached/Chart.yaml b/charts/bitnami/wordpress/charts/memcached/Chart.yaml index de195d06a..759b8d165 100644 --- a/charts/bitnami/wordpress/charts/memcached/Chart.yaml +++ b/charts/bitnami/wordpress/charts/memcached/Chart.yaml @@ -2,11 +2,11 @@ annotations: category: Infrastructure images: | - name: memcached-exporter - image: docker.io/bitnami/memcached-exporter:0.13.0-debian-11-r75 + image: docker.io/bitnami/memcached-exporter:0.13.0-debian-11-r95 - name: memcached - image: docker.io/bitnami/memcached:1.6.21-debian-11-r62 + image: docker.io/bitnami/memcached:1.6.21-debian-11-r84 - name: os-shell - image: docker.io/bitnami/os-shell:11-debian-11-r43 + image: docker.io/bitnami/os-shell:11-debian-11-r63 licenses: Apache-2.0 apiVersion: v2 appVersion: 1.6.21 @@ -30,4 +30,4 @@ maintainers: name: memcached sources: - https://github.com/bitnami/charts/tree/main/bitnami/memcached -version: 6.6.0 +version: 6.6.2 diff --git a/charts/bitnami/wordpress/charts/memcached/README.md b/charts/bitnami/wordpress/charts/memcached/README.md index f6cc0ab1c..6236e9ab5 100644 --- a/charts/bitnami/wordpress/charts/memcached/README.md +++ b/charts/bitnami/wordpress/charts/memcached/README.md @@ -80,7 +80,7 @@ The command removes all the Kubernetes components associated with the chart and | ----------------------------- | --------------------------------------------------------------------------------------------------------- | ---------------------- | | `image.registry` | Memcached image registry | `docker.io` | | `image.repository` | Memcached image repository | `bitnami/memcached` | -| `image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.21-debian-11-r62` | +| `image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.21-debian-11-r84` | | `image.digest` | Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | Memcached image pull policy | `IfNotPresent` | | `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | @@ -207,7 +207,7 @@ The command removes all the Kubernetes components associated with the chart and | `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | | `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | | `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r43` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r63` | | `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | | `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | @@ -217,7 +217,7 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.enabled` | Start a side-car prometheus exporter | `false` | | `metrics.image.registry` | Memcached exporter image registry | `docker.io` | | `metrics.image.repository` | Memcached exporter image repository | `bitnami/memcached-exporter` | -| `metrics.image.tag` | Memcached exporter image tag (immutable tags are recommended) | `0.13.0-debian-11-r75` | +| `metrics.image.tag` | Memcached exporter image tag (immutable tags are recommended) | `0.13.0-debian-11-r95` | | `metrics.image.digest` | Memcached exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | | `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | diff --git a/charts/bitnami/wordpress/charts/memcached/charts/common/Chart.yaml b/charts/bitnami/wordpress/charts/memcached/charts/common/Chart.yaml index 644d2a798..fe30b054e 100644 --- a/charts/bitnami/wordpress/charts/memcached/charts/common/Chart.yaml +++ b/charts/bitnami/wordpress/charts/memcached/charts/common/Chart.yaml @@ -2,7 +2,7 @@ annotations: category: Infrastructure licenses: Apache-2.0 apiVersion: v2 -appVersion: 2.9.0 +appVersion: 2.10.1 description: A Library Helm Chart for grouping common logic between bitnami charts. This chart is not deployable by itself. home: https://bitnami.com @@ -20,4 +20,4 @@ name: common sources: - https://github.com/bitnami/charts type: library -version: 2.9.0 +version: 2.10.1 diff --git a/charts/bitnami/wordpress/charts/memcached/charts/common/templates/_affinities.tpl b/charts/bitnami/wordpress/charts/memcached/charts/common/templates/_affinities.tpl index b77534bb9..e85b1df45 100644 --- a/charts/bitnami/wordpress/charts/memcached/charts/common/templates/_affinities.tpl +++ b/charts/bitnami/wordpress/charts/memcached/charts/common/templates/_affinities.tpl @@ -60,12 +60,13 @@ Return a topologyKey definition {{/* Return a soft podAffinity/podAntiAffinity definition -{{ include "common.affinities.pods.soft" (dict "component" "FOO" "customLabels" .Values.podLabels "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "context" $) -}} +{{ include "common.affinities.pods.soft" (dict "component" "FOO" "customLabels" .Values.podLabels "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "extraPodAffinityTerms" .Values.extraPodAffinityTerms "context" $) -}} */}} {{- define "common.affinities.pods.soft" -}} {{- $component := default "" .component -}} {{- $customLabels := default (dict) .customLabels -}} {{- $extraMatchLabels := default (dict) .extraMatchLabels -}} +{{- $extraPodAffinityTerms := default (list) .extraPodAffinityTerms -}} preferredDuringSchedulingIgnoredDuringExecution: - podAffinityTerm: labelSelector: @@ -78,16 +79,30 @@ preferredDuringSchedulingIgnoredDuringExecution: {{- end }} topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }} weight: 1 + {{- range $extraPodAffinityTerms }} + - podAffinityTerm: + labelSelector: + matchLabels: {{- (include "common.labels.matchLabels" ( dict "customLabels" $customLabels "context" $.context )) | nindent 10 }} + {{- if not (empty $component) }} + {{ printf "app.kubernetes.io/component: %s" $component }} + {{- end }} + {{- range $key, $value := .extraMatchLabels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }} + weight: {{ .weight | default 1 -}} + {{- end -}} {{- end -}} {{/* Return a hard podAffinity/podAntiAffinity definition -{{ include "common.affinities.pods.hard" (dict "component" "FOO" "customLabels" .Values.podLabels "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "context" $) -}} +{{ include "common.affinities.pods.hard" (dict "component" "FOO" "customLabels" .Values.podLabels "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "extraPodAffinityTerms" .Values.extraPodAffinityTerms "context" $) -}} */}} {{- define "common.affinities.pods.hard" -}} {{- $component := default "" .component -}} {{- $customLabels := default (dict) .customLabels -}} {{- $extraMatchLabels := default (dict) .extraMatchLabels -}} +{{- $extraPodAffinityTerms := default (list) .extraPodAffinityTerms -}} requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchLabels: {{- (include "common.labels.matchLabels" ( dict "customLabels" $customLabels "context" .context )) | nindent 8 }} @@ -98,6 +113,17 @@ requiredDuringSchedulingIgnoredDuringExecution: {{ $key }}: {{ $value | quote }} {{- end }} topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }} + {{- range $extraPodAffinityTerms }} + - labelSelector: + matchLabels: {{- (include "common.labels.matchLabels" ( dict "customLabels" $customLabels "context" $.context )) | nindent 8 }} + {{- if not (empty $component) }} + {{ printf "app.kubernetes.io/component: %s" $component }} + {{- end }} + {{- range $key, $value := .extraMatchLabels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }} + {{- end -}} {{- end -}} {{/* diff --git a/charts/bitnami/wordpress/charts/memcached/charts/common/templates/_labels.tpl b/charts/bitnami/wordpress/charts/memcached/charts/common/templates/_labels.tpl index fac46076a..a0534f7f9 100644 --- a/charts/bitnami/wordpress/charts/memcached/charts/common/templates/_labels.tpl +++ b/charts/bitnami/wordpress/charts/memcached/charts/common/templates/_labels.tpl @@ -11,16 +11,7 @@ Kubernetes standard labels */}} {{- define "common.labels.standard" -}} {{- if and (hasKey . "customLabels") (hasKey . "context") -}} -{{ merge - (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) - (dict - "app.kubernetes.io/name" (include "common.names.name" .context) - "helm.sh/chart" (include "common.names.chart" .context) - "app.kubernetes.io/instance" .context.Release.Name - "app.kubernetes.io/managed-by" .context.Release.Service - ) - | toYaml -}} +{{ merge (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) (dict "app.kubernetes.io/name" (include "common.names.name" .context) "helm.sh/chart" (include "common.names.chart" .context) "app.kubernetes.io/instance" .context.Release.Name "app.kubernetes.io/managed-by" .context.Release.Service) | toYaml }} {{- else -}} app.kubernetes.io/name: {{ include "common.names.name" . }} helm.sh/chart: {{ include "common.names.chart" . }} @@ -40,14 +31,7 @@ overwrote them on metadata.labels fields. */}} {{- define "common.labels.matchLabels" -}} {{- if and (hasKey . "customLabels") (hasKey . "context") -}} -{{ merge - (pick (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) "app.kubernetes.io/name" "app.kubernetes.io/instance") - (dict - "app.kubernetes.io/name" (include "common.names.name" .context) - "app.kubernetes.io/instance" .context.Release.Name - ) - | toYaml -}} +{{ merge (pick (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) "app.kubernetes.io/name" "app.kubernetes.io/instance") (dict "app.kubernetes.io/name" (include "common.names.name" .context) "app.kubernetes.io/instance" .context.Release.Name ) | toYaml }} {{- else -}} app.kubernetes.io/name: {{ include "common.names.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} diff --git a/charts/bitnami/wordpress/charts/memcached/charts/common/templates/_tplvalues.tpl b/charts/bitnami/wordpress/charts/memcached/charts/common/templates/_tplvalues.tpl index dc15f7fdc..a8ed7637e 100644 --- a/charts/bitnami/wordpress/charts/memcached/charts/common/templates/_tplvalues.tpl +++ b/charts/bitnami/wordpress/charts/memcached/charts/common/templates/_tplvalues.tpl @@ -11,17 +11,28 @@ Usage: {{ include "common.tplvalues.render" ( dict "value" .Values.path.to.the.Value "context" $ "scope" $app ) }} */}} {{- define "common.tplvalues.render" -}} -{{- if .scope }} - {{- if typeIs "string" .value }} - {{- tpl (cat "{{- with $.RelativeScope -}}" .value "{{- end }}") (merge (dict "RelativeScope" .scope) .context) }} +{{- $value := typeIs "string" .value | ternary .value (.value | toYaml) }} +{{- if contains "{{" (toJson .value) }} + {{- if .scope }} + {{- tpl (cat "{{- with $.RelativeScope -}}" $value "{{- end }}") (merge (dict "RelativeScope" .scope) .context) }} {{- else }} - {{- tpl (cat "{{- with $.RelativeScope -}}" (.value | toYaml) "{{- end }}") (merge (dict "RelativeScope" .scope) .context) }} + {{- tpl $value .context }} {{- end }} {{- else }} - {{- if typeIs "string" .value }} - {{- tpl .value .context }} - {{- else }} - {{- tpl (.value | toYaml) .context }} - {{- end }} + {{- $value }} +{{- end }} {{- end -}} + +{{/* +Merge a list of values that contains template after rendering them. +Merge precedence is consistent with http://masterminds.github.io/sprig/dicts.html#merge-mustmerge +Usage: +{{ include "common.tplvalues.merge" ( dict "values" (list .Values.path.to.the.Value1 .Values.path.to.the.Value2) "context" $ ) }} +*/}} +{{- define "common.tplvalues.merge" -}} +{{- $dst := dict -}} +{{- range .values -}} +{{- $dst = include "common.tplvalues.render" (dict "value" . "context" $.context "scope" $.scope) | fromYaml | merge $dst -}} +{{- end -}} +{{ $dst | toYaml }} {{- end -}} diff --git a/charts/bitnami/wordpress/charts/memcached/templates/deployment.yaml b/charts/bitnami/wordpress/charts/memcached/templates/deployment.yaml index 14983e730..20359c568 100644 --- a/charts/bitnami/wordpress/charts/memcached/templates/deployment.yaml +++ b/charts/bitnami/wordpress/charts/memcached/templates/deployment.yaml @@ -14,7 +14,7 @@ metadata: annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- end }} spec: - {{- $podLabels := merge .Values.podLabels .Values.commonLabels }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} selector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} replicas: {{ .Values.replicaCount }} diff --git a/charts/bitnami/wordpress/charts/memcached/templates/metrics-svc.yaml b/charts/bitnami/wordpress/charts/memcached/templates/metrics-svc.yaml index f3659141e..f0db234b7 100644 --- a/charts/bitnami/wordpress/charts/memcached/templates/metrics-svc.yaml +++ b/charts/bitnami/wordpress/charts/memcached/templates/metrics-svc.yaml @@ -12,7 +12,7 @@ metadata: labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} app.kubernetes.io/component: metrics {{- if or .Values.metrics.service.annotations .Values.commonAnnotations }} - {{- $annotations := merge .Values.metrics.service.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.service.annotations .Values.commonAnnotations ) "context" . ) }} annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} {{- end }} spec: @@ -25,6 +25,6 @@ spec: - name: metrics port: {{ .Values.metrics.service.ports.metrics }} targetPort: metrics - {{- $podLabels := merge .Values.podLabels .Values.commonLabels }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} {{- end }} diff --git a/charts/bitnami/wordpress/charts/memcached/templates/pdb.yaml b/charts/bitnami/wordpress/charts/memcached/templates/pdb.yaml index d1ad8dab5..f2d7bed66 100644 --- a/charts/bitnami/wordpress/charts/memcached/templates/pdb.yaml +++ b/charts/bitnami/wordpress/charts/memcached/templates/pdb.yaml @@ -20,7 +20,7 @@ spec: {{- if .Values.pdb.maxUnavailable }} maxUnavailable: {{ .Values.pdb.maxUnavailable }} {{- end }} - {{- $podLabels := merge .Values.podLabels .Values.commonLabels }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} selector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} {{- end }} diff --git a/charts/bitnami/wordpress/charts/memcached/templates/service.yaml b/charts/bitnami/wordpress/charts/memcached/templates/service.yaml index b87b66de1..d13121965 100644 --- a/charts/bitnami/wordpress/charts/memcached/templates/service.yaml +++ b/charts/bitnami/wordpress/charts/memcached/templates/service.yaml @@ -10,7 +10,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} {{- if or .Values.service.annotations .Values.commonAnnotations }} - {{- $annotations := merge .Values.service.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.service.annotations .Values.commonAnnotations ) "context" . ) }} annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} {{- end }} spec: @@ -45,5 +45,5 @@ spec: {{- if .Values.service.extraPorts }} {{- include "common.tplvalues.render" (dict "value" .Values.service.extraPorts "context" $) | nindent 4 }} {{- end }} - {{- $podLabels := merge .Values.podLabels .Values.commonLabels }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} diff --git a/charts/bitnami/wordpress/charts/memcached/templates/serviceaccount.yaml b/charts/bitnami/wordpress/charts/memcached/templates/serviceaccount.yaml index 6c35024b0..c865d8e89 100644 --- a/charts/bitnami/wordpress/charts/memcached/templates/serviceaccount.yaml +++ b/charts/bitnami/wordpress/charts/memcached/templates/serviceaccount.yaml @@ -12,7 +12,7 @@ metadata: namespace: {{ .Release.Namespace }} labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} {{- if or .Values.serviceAccount.annotations .Values.commonAnnotations }} - {{- $annotations := merge .Values.serviceAccount.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.serviceAccount.annotations .Values.commonAnnotations ) "context" . ) }} annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} {{- end }} {{- end }} diff --git a/charts/bitnami/wordpress/charts/memcached/templates/servicemonitor.yaml b/charts/bitnami/wordpress/charts/memcached/templates/servicemonitor.yaml index 2e1b78297..cb0d19720 100644 --- a/charts/bitnami/wordpress/charts/memcached/templates/servicemonitor.yaml +++ b/charts/bitnami/wordpress/charts/memcached/templates/servicemonitor.yaml @@ -9,7 +9,7 @@ kind: ServiceMonitor metadata: name: {{ template "common.names.fullname" . }} namespace: {{ default .Release.Namespace .Values.metrics.serviceMonitor.namespace | quote }} - {{- $labels := merge .Values.metrics.serviceMonitor.labels .Values.commonLabels }} + {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.serviceMonitor.labels .Values.commonLabels ) "context" . ) }} labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} {{- if .Values.commonAnnotations }} annotations: diff --git a/charts/bitnami/wordpress/charts/memcached/templates/statefulset.yaml b/charts/bitnami/wordpress/charts/memcached/templates/statefulset.yaml index c380fd130..5ed8716c1 100644 --- a/charts/bitnami/wordpress/charts/memcached/templates/statefulset.yaml +++ b/charts/bitnami/wordpress/charts/memcached/templates/statefulset.yaml @@ -14,7 +14,7 @@ metadata: annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- end }} spec: - {{- $podLabels := merge .Values.podLabels .Values.commonLabels }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.podLabels .Values.commonLabels ) "context" . ) }} selector: matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} replicas: {{ .Values.replicaCount }} @@ -253,10 +253,10 @@ spec: volumeClaimTemplates: - metadata: name: data - {{- $claimLabels := merge .Values.persistence.labels .Values.commonLabels }} + {{- $claimLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.persistence.labels .Values.commonLabels ) "context" . ) }} labels: {{- include "common.labels.matchLabels" ( dict "customLabels" $claimLabels "context" $ ) | nindent 10 }} {{- if or .Values.persistence.annotations .Values.commonAnnotations }} - {{- $claimAnnotations := merge .Values.persistence.annotations .Values.commonAnnotations }} + {{- $claimAnnotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.persistence.annotations .Values.commonAnnotations ) "context" . ) }} annotations: {{- include "common.tplvalues.render" ( dict "value" $claimAnnotations "context" $) | nindent 10 }} {{- end }} spec: diff --git a/charts/bitnami/wordpress/charts/memcached/values.schema.json b/charts/bitnami/wordpress/charts/memcached/values.schema.json new file mode 100644 index 000000000..d405f866d --- /dev/null +++ b/charts/bitnami/wordpress/charts/memcached/values.schema.json @@ -0,0 +1,1116 @@ +{ + "title": "Chart Values", + "type": "object", + "properties": { + "global": { + "type": "object", + "properties": { + "imageRegistry": { + "type": "string", + "description": "Global Docker image registry", + "default": "" + }, + "imagePullSecrets": { + "type": "array", + "description": "Global Docker registry secret names as an array", + "default": [], + "items": {} + }, + "storageClass": { + "type": "string", + "description": "Global StorageClass for Persistent Volume(s)", + "default": "" + } + } + }, + "kubeVersion": { + "type": "string", + "description": "Override Kubernetes version", + "default": "" + }, + "nameOverride": { + "type": "string", + "description": "String to partially override common.names.fullname template (will maintain the release name)", + "default": "" + }, + "fullnameOverride": { + "type": "string", + "description": "String to fully override common.names.fullname template", + "default": "" + }, + "clusterDomain": { + "type": "string", + "description": "Kubernetes Cluster Domain", + "default": "cluster.local" + }, + "extraDeploy": { + "type": "array", + "description": "Extra objects to deploy (evaluated as a template)", + "default": [], + "items": {} + }, + "commonLabels": { + "type": "object", + "description": "Add labels to all the deployed resources", + "default": {} + }, + "commonAnnotations": { + "type": "object", + "description": "Add annotations to all the deployed resources", + "default": {} + }, + "diagnosticMode": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable diagnostic mode (all probes will be disabled and the command will be overridden)", + "default": false + }, + "command": { + "type": "array", + "description": "Command to override all containers in the deployment/statefulset", + "default": [ + "sleep" + ], + "items": { + "type": "string" + } + }, + "args": { + "type": "array", + "description": "Args to override all containers in the deployment/statefulset", + "default": [ + "infinity" + ], + "items": { + "type": "string" + } + } + } + }, + "image": { + "type": "object", + "properties": { + "registry": { + "type": "string", + "description": "Memcached image registry", + "default": "docker.io" + }, + "repository": { + "type": "string", + "description": "Memcached image repository", + "default": "bitnami/memcached" + }, + "tag": { + "type": "string", + "description": "Memcached image tag (immutable tags are recommended)", + "default": "1.6.21-debian-11-r62" + }, + "digest": { + "type": "string", + "description": "Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag", + "default": "" + }, + "pullPolicy": { + "type": "string", + "description": "Memcached image pull policy", + "default": "IfNotPresent" + }, + "pullSecrets": { + "type": "array", + "description": "Specify docker-registry secret names as an array", + "default": [], + "items": {} + }, + "debug": { + "type": "boolean", + "description": "Specify if debug values should be set", + "default": false + } + } + }, + "architecture": { + "type": "string", + "description": "Memcached architecture. Allowed values: standalone or high-availability", + "default": "standalone" + }, + "auth": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable Memcached authentication", + "default": false + }, + "username": { + "type": "string", + "description": "Memcached admin user", + "default": "" + }, + "password": { + "type": "string", + "description": "Memcached admin password", + "default": "" + }, + "existingPasswordSecret": { + "type": "string", + "description": "Existing secret with Memcached credentials (must contain a value for `memcached-password` key)", + "default": "" + } + } + }, + "command": { + "type": "array", + "description": "Override default container command (useful when using custom images)", + "default": [], + "items": {} + }, + "args": { + "type": "array", + "description": "Override default container args (useful when using custom images)", + "default": [], + "items": {} + }, + "extraEnvVars": { + "type": "array", + "description": "Array with extra environment variables to add to Memcached nodes", + "default": [], + "items": {} + }, + "extraEnvVarsCM": { + "type": "string", + "description": "Name of existing ConfigMap containing extra env vars for Memcached nodes", + "default": "" + }, + "extraEnvVarsSecret": { + "type": "string", + "description": "Name of existing Secret containing extra env vars for Memcached nodes", + "default": "" + }, + "replicaCount": { + "type": "number", + "description": "Number of Memcached nodes", + "default": 1 + }, + "containerPorts": { + "type": "object", + "properties": { + "memcached": { + "type": "number", + "description": "Memcached container port", + "default": 11211 + } + } + }, + "livenessProbe": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable livenessProbe on Memcached containers", + "default": true + }, + "initialDelaySeconds": { + "type": "number", + "description": "Initial delay seconds for livenessProbe", + "default": 30 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for livenessProbe", + "default": 10 + }, + "timeoutSeconds": { + "type": "number", + "description": "Timeout seconds for livenessProbe", + "default": 5 + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for livenessProbe", + "default": 6 + }, + "successThreshold": { + "type": "number", + "description": "Success threshold for livenessProbe", + "default": 1 + } + } + }, + "readinessProbe": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable readinessProbe on Memcached containers", + "default": true + }, + "initialDelaySeconds": { + "type": "number", + "description": "Initial delay seconds for readinessProbe", + "default": 5 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for readinessProbe", + "default": 5 + }, + "timeoutSeconds": { + "type": "number", + "description": "Timeout seconds for readinessProbe", + "default": 3 + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for readinessProbe", + "default": 6 + }, + "successThreshold": { + "type": "number", + "description": "Success threshold for readinessProbe", + "default": 1 + } + } + }, + "startupProbe": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable startupProbe on Memcached containers", + "default": false + }, + "initialDelaySeconds": { + "type": "number", + "description": "Initial delay seconds for startupProbe", + "default": 30 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for startupProbe", + "default": 10 + }, + "timeoutSeconds": { + "type": "number", + "description": "Timeout seconds for startupProbe", + "default": 1 + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for startupProbe", + "default": 15 + }, + "successThreshold": { + "type": "number", + "description": "Success threshold for startupProbe", + "default": 1 + } + } + }, + "customLivenessProbe": { + "type": "object", + "description": "Custom livenessProbe that overrides the default one", + "default": {} + }, + "customReadinessProbe": { + "type": "object", + "description": "Custom readinessProbe that overrides the default one", + "default": {} + }, + "customStartupProbe": { + "type": "object", + "description": "Custom startupProbe that overrides the default one", + "default": {} + }, + "lifecycleHooks": { + "type": "object", + "description": "for the Memcached container(s) to automate configuration before or after startup", + "default": {} + }, + "resources": { + "type": "object", + "properties": { + "limits": { + "type": "object", + "description": "The resources limits for the Memcached containers", + "default": {} + }, + "requests": { + "type": "object", + "properties": { + "memory": { + "type": "string", + "description": "The requested memory for the Memcached containers", + "default": "256Mi" + }, + "cpu": { + "type": "string", + "description": "The requested cpu for the Memcached containers", + "default": "250m" + } + } + } + } + }, + "podSecurityContext": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enabled Memcached pods' Security Context", + "default": true + }, + "fsGroup": { + "type": "number", + "description": "Set Memcached pod's Security Context fsGroup", + "default": 1001 + } + } + }, + "containerSecurityContext": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enabled Memcached containers' Security Context", + "default": true + }, + "runAsUser": { + "type": "number", + "description": "Set Memcached containers' Security Context runAsUser", + "default": 1001 + }, + "runAsNonRoot": { + "type": "boolean", + "description": "Set Memcached containers' Security Context runAsNonRoot", + "default": true + } + } + }, + "hostAliases": { + "type": "array", + "description": "Add deployment host aliases", + "default": [], + "items": {} + }, + "podLabels": { + "type": "object", + "description": "Extra labels for Memcached pods", + "default": {} + }, + "podAnnotations": { + "type": "object", + "description": "Annotations for Memcached pods", + "default": {} + }, + "podAffinityPreset": { + "type": "string", + "description": "Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`", + "default": "" + }, + "podAntiAffinityPreset": { + "type": "string", + "description": "Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`", + "default": "soft" + }, + "nodeAffinityPreset": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`", + "default": "" + }, + "key": { + "type": "string", + "description": "Node label key to match Ignored if `affinity` is set.", + "default": "" + }, + "values": { + "type": "array", + "description": "Node label values to match. Ignored if `affinity` is set.", + "default": [], + "items": {} + } + } + }, + "affinity": { + "type": "object", + "description": "Affinity for pod assignment", + "default": {} + }, + "nodeSelector": { + "type": "object", + "description": "Node labels for pod assignment", + "default": {} + }, + "tolerations": { + "type": "array", + "description": "Tolerations for pod assignment", + "default": [], + "items": {} + }, + "topologySpreadConstraints": { + "type": "array", + "description": "Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template", + "default": [], + "items": {} + }, + "podManagementPolicy": { + "type": "string", + "description": "StatefulSet controller supports relax its ordering guarantees while preserving its uniqueness and identity guarantees. There are two valid pod management policies: `OrderedReady` and `Parallel`", + "default": "Parallel" + }, + "priorityClassName": { + "type": "string", + "description": "Name of the existing priority class to be used by Memcached pods, priority class needs to be created beforehand", + "default": "" + }, + "schedulerName": { + "type": "string", + "description": "Kubernetes pod scheduler registry", + "default": "" + }, + "terminationGracePeriodSeconds": { + "type": "string", + "description": "In seconds, time the given to the memcached pod needs to terminate gracefully", + "default": "" + }, + "updateStrategy": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Memcached statefulset strategy type", + "default": "RollingUpdate" + }, + "rollingUpdate": { + "type": "object", + "description": "Memcached statefulset rolling update configuration parameters", + "default": {} + } + } + }, + "extraVolumes": { + "type": "array", + "description": "Optionally specify extra list of additional volumes for the Memcached pod(s)", + "default": [], + "items": {} + }, + "extraVolumeMounts": { + "type": "array", + "description": "Optionally specify extra list of additional volumeMounts for the Memcached container(s)", + "default": [], + "items": {} + }, + "sidecars": { + "type": "array", + "description": "Add additional sidecar containers to the Memcached pod(s)", + "default": [], + "items": {} + }, + "initContainers": { + "type": "array", + "description": "Add additional init containers to the Memcached pod(s)", + "default": [], + "items": {} + }, + "autoscaling": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable memcached statefulset autoscaling (requires architecture: \"high-availability\")", + "default": false + }, + "minReplicas": { + "type": "number", + "description": "memcached statefulset autoscaling minimum number of replicas", + "default": 3 + }, + "maxReplicas": { + "type": "number", + "description": "memcached statefulset autoscaling maximum number of replicas", + "default": 6 + }, + "targetCPU": { + "type": "number", + "description": "memcached statefulset autoscaling target CPU percentage", + "default": 50 + }, + "targetMemory": { + "type": "number", + "description": "memcached statefulset autoscaling target CPU memory", + "default": 50 + } + } + }, + "pdb": { + "type": "object", + "properties": { + "create": { + "type": "boolean", + "description": "Deploy a pdb object for the Memcached pod", + "default": false + }, + "minAvailable": { + "type": "string", + "description": "Minimum available Memcached replicas", + "default": "" + }, + "maxUnavailable": { + "type": "number", + "description": "Maximum unavailable Memcached replicas", + "default": 1 + } + } + }, + "service": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Kubernetes Service type", + "default": "ClusterIP" + }, + "ports": { + "type": "object", + "properties": { + "memcached": { + "type": "number", + "description": "Memcached service port", + "default": 11211 + } + } + }, + "nodePorts": { + "type": "object", + "properties": { + "memcached": { + "type": "string", + "description": "Node port for Memcached", + "default": "" + } + } + }, + "sessionAffinity": { + "type": "string", + "description": "Control where client requests go, to the same pod or round-robin", + "default": "" + }, + "sessionAffinityConfig": { + "type": "object", + "description": "Additional settings for the sessionAffinity", + "default": {} + }, + "clusterIP": { + "type": "string", + "description": "Memcached service Cluster IP", + "default": "" + }, + "loadBalancerIP": { + "type": "string", + "description": "Memcached service Load Balancer IP", + "default": "" + }, + "loadBalancerSourceRanges": { + "type": "array", + "description": "Memcached service Load Balancer sources", + "default": [], + "items": {} + }, + "externalTrafficPolicy": { + "type": "string", + "description": "Memcached service external traffic policy", + "default": "Cluster" + }, + "annotations": { + "type": "object", + "description": "Additional custom annotations for Memcached service", + "default": {} + }, + "extraPorts": { + "type": "array", + "description": "Extra ports to expose in the Memcached service (normally used with the `sidecar` value)", + "default": [], + "items": {} + } + } + }, + "serviceAccount": { + "type": "object", + "properties": { + "create": { + "type": "boolean", + "description": "Enable creation of ServiceAccount for Memcached pod", + "default": false + }, + "name": { + "type": "string", + "description": "The name of the ServiceAccount to use.", + "default": "" + }, + "automountServiceAccountToken": { + "type": "boolean", + "description": "Allows auto mount of ServiceAccountToken on the serviceAccount created", + "default": true + }, + "annotations": { + "type": "object", + "description": "Additional custom annotations for the ServiceAccount", + "default": {} + } + } + }, + "persistence": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable Memcached data persistence using PVC. If false, use emptyDir", + "default": false + }, + "storageClass": { + "type": "string", + "description": "PVC Storage Class for Memcached data volume", + "default": "" + }, + "accessModes": { + "type": "array", + "description": "PVC Access modes", + "default": [ + "ReadWriteOnce" + ], + "items": { + "type": "string" + } + }, + "size": { + "type": "string", + "description": "PVC Storage Request for Memcached data volume", + "default": "8Gi" + }, + "annotations": { + "type": "object", + "description": "Annotations for the PVC", + "default": {} + }, + "labels": { + "type": "object", + "description": "Labels for the PVC", + "default": {} + }, + "selector": { + "type": "object", + "description": "Selector to match an existing Persistent Volume for Memcached's data PVC", + "default": {} + } + } + }, + "volumePermissions": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable init container that changes the owner and group of the persistent volume", + "default": false + }, + "image": { + "type": "object", + "properties": { + "registry": { + "type": "string", + "description": "Init container volume-permissions image registry", + "default": "docker.io" + }, + "repository": { + "type": "string", + "description": "Init container volume-permissions image repository", + "default": "bitnami/os-shell" + }, + "tag": { + "type": "string", + "description": "Init container volume-permissions image tag (immutable tags are recommended)", + "default": "11-debian-11-r43" + }, + "digest": { + "type": "string", + "description": "Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag", + "default": "" + }, + "pullPolicy": { + "type": "string", + "description": "Init container volume-permissions image pull policy", + "default": "IfNotPresent" + }, + "pullSecrets": { + "type": "array", + "description": "Init container volume-permissions image pull secrets", + "default": [], + "items": {} + } + } + }, + "resources": { + "type": "object", + "properties": { + "limits": { + "type": "object", + "description": "Init container volume-permissions resource limits", + "default": {} + }, + "requests": { + "type": "object", + "description": "Init container volume-permissions resource requests", + "default": {} + } + } + }, + "containerSecurityContext": { + "type": "object", + "properties": { + "runAsUser": { + "type": "number", + "description": "User ID for the init container", + "default": 0 + } + } + } + } + }, + "metrics": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Start a side-car prometheus exporter", + "default": false + }, + "image": { + "type": "object", + "properties": { + "registry": { + "type": "string", + "description": "Memcached exporter image registry", + "default": "docker.io" + }, + "repository": { + "type": "string", + "description": "Memcached exporter image repository", + "default": "bitnami/memcached-exporter" + }, + "tag": { + "type": "string", + "description": "Memcached exporter image tag (immutable tags are recommended)", + "default": "0.13.0-debian-11-r75" + }, + "digest": { + "type": "string", + "description": "Memcached exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag", + "default": "" + }, + "pullPolicy": { + "type": "string", + "description": "Image pull policy", + "default": "IfNotPresent" + }, + "pullSecrets": { + "type": "array", + "description": "Specify docker-registry secret names as an array", + "default": [], + "items": {} + } + } + }, + "containerPorts": { + "type": "object", + "properties": { + "metrics": { + "type": "number", + "description": "Memcached Prometheus Exporter container port", + "default": 9150 + } + } + }, + "resources": { + "type": "object", + "properties": { + "limits": { + "type": "object", + "description": "Init container volume-permissions resource limits", + "default": {} + }, + "requests": { + "type": "object", + "description": "Init container volume-permissions resource requests", + "default": {} + } + } + }, + "containerSecurityContext": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enabled Metrics containers' Security Context", + "default": true + }, + "runAsUser": { + "type": "number", + "description": "Set Metrics containers' Security Context runAsUser", + "default": 1001 + }, + "runAsNonRoot": { + "type": "boolean", + "description": "Set Metrics containers' Security Context runAsNonRoot", + "default": true + } + } + }, + "livenessProbe": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable livenessProbe on Memcached Prometheus exporter containers", + "default": true + }, + "initialDelaySeconds": { + "type": "number", + "description": "Initial delay seconds for livenessProbe", + "default": 15 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for livenessProbe", + "default": 10 + }, + "timeoutSeconds": { + "type": "number", + "description": "Timeout seconds for livenessProbe", + "default": 5 + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for livenessProbe", + "default": 3 + }, + "successThreshold": { + "type": "number", + "description": "Success threshold for livenessProbe", + "default": 1 + } + } + }, + "readinessProbe": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable readinessProbe on Memcached Prometheus exporter containers", + "default": true + }, + "initialDelaySeconds": { + "type": "number", + "description": "Initial delay seconds for readinessProbe", + "default": 5 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for readinessProbe", + "default": 10 + }, + "timeoutSeconds": { + "type": "number", + "description": "Timeout seconds for readinessProbe", + "default": 3 + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for readinessProbe", + "default": 3 + }, + "successThreshold": { + "type": "number", + "description": "Success threshold for readinessProbe", + "default": 1 + } + } + }, + "startupProbe": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable startupProbe on Memcached Prometheus exporter containers", + "default": false + }, + "initialDelaySeconds": { + "type": "number", + "description": "Initial delay seconds for startupProbe", + "default": 10 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for startupProbe", + "default": 10 + }, + "timeoutSeconds": { + "type": "number", + "description": "Timeout seconds for startupProbe", + "default": 1 + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for startupProbe", + "default": 15 + }, + "successThreshold": { + "type": "number", + "description": "Success threshold for startupProbe", + "default": 1 + } + } + }, + "customLivenessProbe": { + "type": "object", + "description": "Custom livenessProbe that overrides the default one", + "default": {} + }, + "customReadinessProbe": { + "type": "object", + "description": "Custom readinessProbe that overrides the default one", + "default": {} + }, + "customStartupProbe": { + "type": "object", + "description": "Custom startupProbe that overrides the default one", + "default": {} + }, + "podAnnotations": { + "type": "object", + "properties": { + "prometheus": { + "type": "object", + "properties": { + "io/scrape": { + "type": "string", + "description": "", + "default": "true" + }, + "io/port": { + "type": "string", + "description": "", + "default": "{{ .Values.metrics.containerPorts.metrics }}" + } + } + } + } + }, + "service": { + "type": "object", + "properties": { + "ports": { + "type": "object", + "properties": { + "metrics": { + "type": "number", + "description": "Prometheus metrics service port", + "default": 9150 + } + } + }, + "clusterIP": { + "type": "string", + "description": "Static clusterIP or None for headless services", + "default": "" + }, + "sessionAffinity": { + "type": "string", + "description": "Control where client requests go, to the same pod or round-robin", + "default": "None" + }, + "annotations": { + "type": "object", + "properties": { + "prometheus": { + "type": "object", + "properties": { + "io/scrape": { + "type": "string", + "description": "", + "default": "true" + }, + "io/port": { + "type": "string", + "description": "", + "default": "{{ .Values.metrics.service.ports.metrics }}" + } + } + } + } + } + } + }, + "serviceMonitor": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Create ServiceMonitor Resource for scraping metrics using Prometheus Operator", + "default": false + }, + "namespace": { + "type": "string", + "description": "Namespace for the ServiceMonitor Resource (defaults to the Release Namespace)", + "default": "" + }, + "interval": { + "type": "string", + "description": "Interval at which metrics should be scraped.", + "default": "" + }, + "scrapeTimeout": { + "type": "string", + "description": "Timeout after which the scrape is ended", + "default": "" + }, + "labels": { + "type": "object", + "description": "Additional labels that can be used so ServiceMonitor will be discovered by Prometheus", + "default": {} + }, + "selector": { + "type": "object", + "description": "Prometheus instance selector labels", + "default": {} + }, + "relabelings": { + "type": "array", + "description": "RelabelConfigs to apply to samples before scraping", + "default": [], + "items": {} + }, + "metricRelabelings": { + "type": "array", + "description": "MetricRelabelConfigs to apply to samples before ingestion", + "default": [], + "items": {} + }, + "honorLabels": { + "type": "boolean", + "description": "Specify honorLabels parameter to add the scrape endpoint", + "default": false + }, + "jobLabel": { + "type": "string", + "description": "The name of the label on the target service to use as the job name in prometheus.", + "default": "" + } + } + } + } + } + } +} \ No newline at end of file diff --git a/charts/bitnami/wordpress/charts/memcached/values.yaml b/charts/bitnami/wordpress/charts/memcached/values.yaml index 711662cee..40a330410 100644 --- a/charts/bitnami/wordpress/charts/memcached/values.yaml +++ b/charts/bitnami/wordpress/charts/memcached/values.yaml @@ -73,7 +73,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/memcached - tag: 1.6.21-debian-11-r62 + tag: 1.6.21-debian-11-r84 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -515,7 +515,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/os-shell - tag: 11-debian-11-r43 + tag: 11-debian-11-r63 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -560,7 +560,7 @@ metrics: image: registry: docker.io repository: bitnami/memcached-exporter - tag: 0.13.0-debian-11-r75 + tag: 0.13.0-debian-11-r95 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. diff --git a/charts/bitnami/wordpress/values.schema.json b/charts/bitnami/wordpress/values.schema.json index 0e2466a97..0a2902f2d 100644 --- a/charts/bitnami/wordpress/values.schema.json +++ b/charts/bitnami/wordpress/values.schema.json @@ -1,212 +1,1669 @@ { - "$schema": "http://json-schema.org/schema#", - "type": "object", - "properties": { - "wordpressUsername": { - "type": "string", - "title": "Username", - "form": true - }, - "wordpressPassword": { - "type": "string", - "title": "Password", - "form": true, - "description": "Defaults to a random 10-character alphanumeric string if not set" - }, - "wordpressEmail": { - "type": "string", - "title": "Admin email", - "form": true - }, - "wordpressBlogName": { - "type": "string", - "title": "Blog Name", - "form": true - }, - "persistence": { - "type": "object", - "properties": { - "size": { - "type": "string", - "title": "Persistent Volume Size", - "form": true, - "render": "slider", - "sliderMin": 1, - "sliderMax": 100, - "sliderUnit": "Gi" - } - } - }, - "mariadb": { - "type": "object", - "title": "MariaDB Details", - "form": true, - "properties": { - "enabled": { - "type": "boolean", - "title": "Use a new MariaDB database hosted in the cluster", - "form": true, - "description": "Whether to deploy a mariadb server to satisfy the applications database requirements. To use an external database switch this off and configure the external database details" - }, - "primary": { - "type": "object", - "properties": { - "persistence": { - "type": "object", - "properties": { - "size": { - "type": "string", - "title": "Volume Size", - "form": true, - "hidden": { - "value": false, - "path": "mariadb/enabled" - }, - "render": "slider", - "sliderMin": 1, - "sliderMax": 100, - "sliderUnit": "Gi" + "title": "Chart Values", + "type": "object", + "properties": { + "global": { + "type": "object", + "properties": { + "imageRegistry": { + "type": "string", + "description": "Global Docker image registry", + "default": "" + }, + "imagePullSecrets": { + "type": "array", + "description": "Global Docker registry secret names as an array", + "default": [], + "items": {} + }, + "storageClass": { + "type": "string", + "description": "Global StorageClass for Persistent Volume(s)", + "default": "" } - } } - } - } - } - }, - "externalDatabase": { - "type": "object", - "title": "External Database Details", - "description": "If MariaDB is disabled. Use this section to specify the external database details", - "form": true, - "properties": { - "host": { - "type": "string", - "form": true, - "title": "Database Host", - "hidden": "mariadb/enabled" }, - "user": { - "type": "string", - "form": true, - "title": "Database Username", - "hidden": "mariadb/enabled" + "kubeVersion": { + "type": "string", + "description": "Override Kubernetes version", + "default": "" }, - "password": { - "type": "string", - "form": true, - "title": "Database Password", - "hidden": "mariadb/enabled" + "nameOverride": { + "type": "string", + "description": "String to partially override common.names.fullname template (will maintain the release name)", + "default": "" }, - "database": { - "type": "string", - "form": true, - "title": "Database Name", - "hidden": "mariadb/enabled" + "fullnameOverride": { + "type": "string", + "description": "String to fully override common.names.fullname template", + "default": "" }, - "port": { - "type": "integer", - "form": true, - "title": "Database Port", - "hidden": "mariadb/enabled" - } - } - }, - "ingress": { - "type": "object", - "form": true, - "title": "Ingress Configuration", - "properties": { - "enabled": { - "type": "boolean", - "form": true, - "title": "Use a custom hostname", - "description": "Enable the ingress resource that allows you to access the WordPress installation." + "commonLabels": { + "type": "object", + "description": "Labels to add to all deployed resources", + "default": {} }, - "hostname": { - "type": "string", - "form": true, - "title": "Hostname", - "hidden": { - "value": false, - "path": "ingress/enabled" - } + "commonAnnotations": { + "type": "object", + "description": "Annotations to add to all deployed resources", + "default": {} }, - "tls": { - "type": "boolean", - "form": true, - "title": "Create a TLS secret", - "hidden": { - "value": false, - "path": "ingress/enabled" - } - } - } - }, - "service": { - "type": "object", - "form": true, - "title": "Service Configuration", - "properties": { - "type": { - "type": "string", - "form": true, - "title": "Service Type", - "description": "Allowed values: \"ClusterIP\", \"NodePort\" and \"LoadBalancer\"" - } - } - }, - "resources": { - "type": "object", - "title": "Required Resources", - "description": "Configure resource requests", - "form": true, - "properties": { - "requests": { - "type": "object", - "properties": { - "memory": { - "type": "string", - "form": true, - "render": "slider", - "title": "Memory Request", - "sliderMin": 10, - "sliderMax": 2048, - "sliderUnit": "Mi" - }, - "cpu": { - "type": "string", - "form": true, - "render": "slider", - "title": "CPU Request", - "sliderMin": 10, - "sliderMax": 2000, - "sliderUnit": "m" + "clusterDomain": { + "type": "string", + "description": "Kubernetes Cluster Domain", + "default": "cluster.local" + }, + "extraDeploy": { + "type": "array", + "description": "Array of extra objects to deploy with the release", + "default": [], + "items": {} + }, + "diagnosticMode": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable diagnostic mode (all probes will be disabled and the command will be overridden)", + "default": false + }, + "command": { + "type": "array", + "description": "Command to override all containers in the deployment", + "default": [ + "sleep" + ], + "items": { + "type": "string" + } + }, + "args": { + "type": "array", + "description": "Args to override all containers in the deployment", + "default": [ + "infinity" + ], + "items": { + "type": "string" + } + } + } + }, + "image": { + "type": "object", + "properties": { + "registry": { + "type": "string", + "description": "WordPress image registry", + "default": "docker.io" + }, + "repository": { + "type": "string", + "description": "WordPress image repository", + "default": "bitnami/wordpress" + }, + "tag": { + "type": "string", + "description": "WordPress image tag (immutable tags are recommended)", + "default": "6.3.1-debian-11-r2" + }, + "digest": { + "type": "string", + "description": "WordPress image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag", + "default": "" + }, + "pullPolicy": { + "type": "string", + "description": "WordPress image pull policy", + "default": "IfNotPresent" + }, + "pullSecrets": { + "type": "array", + "description": "WordPress image pull secrets", + "default": [], + "items": {} + }, + "debug": { + "type": "boolean", + "description": "Specify if debug values should be set", + "default": false + } + } + }, + "wordpressUsername": { + "type": "string", + "description": "WordPress username", + "default": "user" + }, + "wordpressPassword": { + "type": "string", + "description": "WordPress user password", + "default": "" + }, + "existingSecret": { + "type": "string", + "description": "Name of existing secret containing WordPress credentials", + "default": "" + }, + "wordpressEmail": { + "type": "string", + "description": "WordPress user email", + "default": "user@example.com" + }, + "wordpressFirstName": { + "type": "string", + "description": "WordPress user first name", + "default": "FirstName" + }, + "wordpressLastName": { + "type": "string", + "description": "WordPress user last name", + "default": "LastName" + }, + "wordpressBlogName": { + "type": "string", + "description": "Blog name", + "default": "User's Blog!" + }, + "wordpressTablePrefix": { + "type": "string", + "description": "Prefix to use for WordPress database tables", + "default": "wp_" + }, + "wordpressScheme": { + "type": "string", + "description": "Scheme to use to generate WordPress URLs", + "default": "http" + }, + "wordpressSkipInstall": { + "type": "boolean", + "description": "Skip wizard installation", + "default": false + }, + "wordpressExtraConfigContent": { + "type": "string", + "description": "Add extra content to the default wp-config.php file", + "default": "" + }, + "wordpressConfiguration": { + "type": "string", + "description": "The content for your custom wp-config.php file (advanced feature)", + "default": "" + }, + "existingWordPressConfigurationSecret": { + "type": "string", + "description": "The name of an existing secret with your custom wp-config.php file (advanced feature)", + "default": "" + }, + "wordpressConfigureCache": { + "type": "boolean", + "description": "Enable W3 Total Cache plugin and configure cache settings", + "default": false + }, + "wordpressPlugins": { + "type": "string", + "description": "Array of plugins to install and activate. Can be specified as `all` or `none`.", + "default": "none" + }, + "apacheConfiguration": { + "type": "string", + "description": "The content for your custom httpd.conf file (advanced feature)", + "default": "" + }, + "existingApacheConfigurationConfigMap": { + "type": "string", + "description": "The name of an existing secret with your custom httpd.conf file (advanced feature)", + "default": "" + }, + "customPostInitScripts": { + "type": "object", + "description": "Custom post-init.d user scripts", + "default": {} + }, + "smtpHost": { + "type": "string", + "description": "SMTP server host", + "default": "" + }, + "smtpPort": { + "type": "string", + "description": "SMTP server port", + "default": "" + }, + "smtpUser": { + "type": "string", + "description": "SMTP username", + "default": "" + }, + "smtpPassword": { + "type": "string", + "description": "SMTP user password", + "default": "" + }, + "smtpProtocol": { + "type": "string", + "description": "SMTP protocol", + "default": "" + }, + "smtpExistingSecret": { + "type": "string", + "description": "The name of an existing secret with SMTP credentials", + "default": "" + }, + "allowEmptyPassword": { + "type": "boolean", + "description": "Allow the container to be started with blank passwords", + "default": true + }, + "allowOverrideNone": { + "type": "boolean", + "description": "Configure Apache to prohibit overriding directives with htaccess files", + "default": false + }, + "overrideDatabaseSettings": { + "type": "boolean", + "description": "Allow overriding the database settings persisted in wp-config.php", + "default": false + }, + "htaccessPersistenceEnabled": { + "type": "boolean", + "description": "Persist custom changes on htaccess files", + "default": false + }, + "customHTAccessCM": { + "type": "string", + "description": "The name of an existing ConfigMap with custom htaccess rules", + "default": "" + }, + "command": { + "type": "array", + "description": "Override default container command (useful when using custom images)", + "default": [], + "items": {} + }, + "args": { + "type": "array", + "description": "Override default container args (useful when using custom images)", + "default": [], + "items": {} + }, + "extraEnvVars": { + "type": "array", + "description": "Array with extra environment variables to add to the WordPress container", + "default": [], + "items": {} + }, + "extraEnvVarsCM": { + "type": "string", + "description": "Name of existing ConfigMap containing extra env vars", + "default": "" + }, + "extraEnvVarsSecret": { + "type": "string", + "description": "Name of existing Secret containing extra env vars", + "default": "" + }, + "multisite": { + "type": "object", + "properties": { + "enable": { + "type": "boolean", + "description": "Whether to enable WordPress Multisite configuration.", + "default": false + }, + "host": { + "type": "string", + "description": "WordPress Multisite hostname/address. This value is mandatory when enabling Multisite mode.", + "default": "" + }, + "networkType": { + "type": "string", + "description": "WordPress Multisite network type to enable. Allowed values: `subfolder`, `subdirectory` or `subdomain`.", + "default": "subdomain" + }, + "enableNipIoRedirect": { + "type": "boolean", + "description": "Whether to enable IP address redirection to nip.io wildcard DNS. Useful when running on an IP address with subdomain network type.", + "default": false + } + } + }, + "replicaCount": { + "type": "number", + "description": "Number of WordPress replicas to deploy", + "default": 1 + }, + "updateStrategy": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "WordPress deployment strategy type", + "default": "RollingUpdate" + } + } + }, + "schedulerName": { + "type": "string", + "description": "Alternate scheduler", + "default": "" + }, + "terminationGracePeriodSeconds": { + "type": "string", + "description": "In seconds, time given to the WordPress pod to terminate gracefully", + "default": "" + }, + "topologySpreadConstraints": { + "type": "array", + "description": "Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template", + "default": [], + "items": {} + }, + "priorityClassName": { + "type": "string", + "description": "Name of the existing priority class to be used by WordPress pods, priority class needs to be created beforehand", + "default": "" + }, + "hostAliases": { + "type": "array", + "description": "", + "items": { + "type": "object", + "properties": { + "ip": { + "type": "string", + "description": "" + }, + "hostnames": { + "type": "array", + "description": "", + "items": { + "type": "string" + } + } + } + } + }, + "extraVolumes": { + "type": "array", + "description": "Optionally specify extra list of additional volumes for WordPress pods", + "default": [], + "items": {} + }, + "extraVolumeMounts": { + "type": "array", + "description": "Optionally specify extra list of additional volumeMounts for WordPress container(s)", + "default": [], + "items": {} + }, + "sidecars": { + "type": "array", + "description": "Add additional sidecar containers to the WordPress pod", + "default": [], + "items": {} + }, + "initContainers": { + "type": "array", + "description": "Add additional init containers to the WordPress pods", + "default": [], + "items": {} + }, + "podLabels": { + "type": "object", + "description": "Extra labels for WordPress pods", + "default": {} + }, + "podAnnotations": { + "type": "object", + "description": "Annotations for WordPress pods", + "default": {} + }, + "podAffinityPreset": { + "type": "string", + "description": "Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`", + "default": "" + }, + "podAntiAffinityPreset": { + "type": "string", + "description": "Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard`", + "default": "soft" + }, + "nodeAffinityPreset": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard`", + "default": "" + }, + "key": { + "type": "string", + "description": "Node label key to match. Ignored if `affinity` is set", + "default": "" + }, + "values": { + "type": "array", + "description": "Node label values to match. Ignored if `affinity` is set", + "default": [], + "items": {} + } + } + }, + "affinity": { + "type": "object", + "description": "Affinity for pod assignment", + "default": {} + }, + "nodeSelector": { + "type": "object", + "description": "Node labels for pod assignment", + "default": {} + }, + "tolerations": { + "type": "array", + "description": "Tolerations for pod assignment", + "default": [], + "items": {} + }, + "resources": { + "type": "object", + "properties": { + "limits": { + "type": "object", + "description": "The resources limits for the WordPress containers", + "default": {} + }, + "requests": { + "type": "object", + "properties": { + "memory": { + "type": "string", + "description": "The requested memory for the WordPress containers", + "default": "512Mi" + }, + "cpu": { + "type": "string", + "description": "The requested cpu for the WordPress containers", + "default": "300m" + } + } + } + } + }, + "containerPorts": { + "type": "object", + "properties": { + "http": { + "type": "number", + "description": "WordPress HTTP container port", + "default": 8080 + }, + "https": { + "type": "number", + "description": "WordPress HTTPS container port", + "default": 8443 + } + } + }, + "extraContainerPorts": { + "type": "array", + "description": "Optionally specify extra list of additional ports for WordPress container(s)", + "default": [], + "items": {} + }, + "podSecurityContext": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enabled WordPress pods' Security Context", + "default": true + }, + "fsGroup": { + "type": "number", + "description": "Set WordPress pod's Security Context fsGroup", + "default": 1001 + }, + "seccompProfile": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "Set WordPress container's Security Context seccomp profile", + "default": "RuntimeDefault" + } + } + } + } + }, + "containerSecurityContext": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enabled WordPress containers' Security Context", + "default": true + }, + "runAsUser": { + "type": "number", + "description": "Set WordPress container's Security Context runAsUser", + "default": 1001 + }, + "runAsNonRoot": { + "type": "boolean", + "description": "Set WordPress container's Security Context runAsNonRoot", + "default": true + }, + "allowPrivilegeEscalation": { + "type": "boolean", + "description": "Set WordPress container's privilege escalation", + "default": false + }, + "readOnlyRootFilesystem": { + "type": "boolean", + "description": "Set WordPress container's Security Context readOnlyRootFilesystem", + "default": false + }, + "capabilities": { + "type": "object", + "properties": { + "drop": { + "type": "array", + "description": "Set WordPress container's Security Context runAsNonRoot", + "default": [ + "ALL" + ], + "items": { + "type": "string" + } + } + } + } + } + }, + "livenessProbe": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable livenessProbe on WordPress containers", + "default": true + }, + "httpGet": { + "type": "object", + "properties": { + "path": { + "type": "string", + "description": "", + "default": "/wp-admin/install.php" + }, + "port": { + "type": "string", + "description": "", + "default": "{{ .Values.wordpressScheme }}" + }, + "scheme": { + "type": "string", + "description": "", + "default": "{{ .Values.wordpressScheme | upper }}" + }, + "httpHeaders": { + "type": "array", + "description": "", + "default": [], + "items": {} + } + } + }, + "initialDelaySeconds": { + "type": "number", + "description": "Initial delay seconds for livenessProbe", + "default": 120 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for livenessProbe", + "default": 10 + }, + "timeoutSeconds": { + "type": "number", + "description": "Timeout seconds for livenessProbe", + "default": 5 + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for livenessProbe", + "default": 6 + }, + "successThreshold": { + "type": "number", + "description": "Success threshold for livenessProbe", + "default": 1 + } + } + }, + "readinessProbe": { + "type": "object", + "properties": { + "httpGet": { + "type": "object", + "properties": { + "path": { + "type": "string", + "description": "", + "default": "/wp-login.php" + }, + "port": { + "type": "string", + "description": "", + "default": "{{ .Values.wordpressScheme }}" + }, + "scheme": { + "type": "string", + "description": "", + "default": "{{ .Values.wordpressScheme | upper }}" + }, + "httpHeaders": { + "type": "array", + "description": "", + "default": [], + "items": {} + } + } + }, + "enabled": { + "type": "boolean", + "description": "Enable readinessProbe on WordPress containers", + "default": true + }, + "initialDelaySeconds": { + "type": "number", + "description": "Initial delay seconds for readinessProbe", + "default": 30 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for readinessProbe", + "default": 10 + }, + "timeoutSeconds": { + "type": "number", + "description": "Timeout seconds for readinessProbe", + "default": 5 + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for readinessProbe", + "default": 6 + }, + "successThreshold": { + "type": "number", + "description": "Success threshold for readinessProbe", + "default": 1 + } + } + }, + "startupProbe": { + "type": "object", + "properties": { + "httpGet": { + "type": "object", + "properties": { + "path": { + "type": "string", + "description": "", + "default": "/wp-login.php" + }, + "port": { + "type": "string", + "description": "", + "default": "{{ .Values.wordpressScheme }}" + }, + "scheme": { + "type": "string", + "description": "", + "default": "{{ .Values.wordpressScheme | upper }}" + }, + "httpHeaders": { + "type": "array", + "description": "", + "default": [], + "items": {} + } + } + }, + "enabled": { + "type": "boolean", + "description": "Enable startupProbe on WordPress containers", + "default": false + }, + "initialDelaySeconds": { + "type": "number", + "description": "Initial delay seconds for startupProbe", + "default": 30 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for startupProbe", + "default": 10 + }, + "timeoutSeconds": { + "type": "number", + "description": "Timeout seconds for startupProbe", + "default": 5 + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for startupProbe", + "default": 6 + }, + "successThreshold": { + "type": "number", + "description": "Success threshold for startupProbe", + "default": 1 + } + } + }, + "customLivenessProbe": { + "type": "object", + "description": "Custom livenessProbe that overrides the default one", + "default": {} + }, + "customReadinessProbe": { + "type": "object", + "description": "Custom readinessProbe that overrides the default one", + "default": {} + }, + "customStartupProbe": { + "type": "object", + "description": "Custom startupProbe that overrides the default one", + "default": {} + }, + "lifecycleHooks": { + "type": "object", + "description": "for the WordPress container(s) to automate configuration before or after startup", + "default": {} + }, + "service": { + "type": "object", + "properties": { + "type": { + "type": "string", + "description": "WordPress service type", + "default": "LoadBalancer" + }, + "ports": { + "type": "object", + "properties": { + "http": { + "type": "number", + "description": "WordPress service HTTP port", + "default": 80 + }, + "https": { + "type": "number", + "description": "WordPress service HTTPS port", + "default": 443 + } + } + }, + "httpsTargetPort": { + "type": "string", + "description": "Target port for HTTPS", + "default": "https" + }, + "nodePorts": { + "type": "object", + "properties": { + "http": { + "type": "string", + "description": "Node port for HTTP", + "default": "" + }, + "https": { + "type": "string", + "description": "Node port for HTTPS", + "default": "" + } + } + }, + "sessionAffinity": { + "type": "string", + "description": "Control where client requests go, to the same pod or round-robin", + "default": "None" + }, + "sessionAffinityConfig": { + "type": "object", + "description": "Additional settings for the sessionAffinity", + "default": {} + }, + "clusterIP": { + "type": "string", + "description": "WordPress service Cluster IP", + "default": "" + }, + "loadBalancerIP": { + "type": "string", + "description": "WordPress service Load Balancer IP", + "default": "" + }, + "loadBalancerSourceRanges": { + "type": "array", + "description": "WordPress service Load Balancer sources", + "default": [], + "items": {} + }, + "externalTrafficPolicy": { + "type": "string", + "description": "WordPress service external traffic policy", + "default": "Cluster" + }, + "annotations": { + "type": "object", + "description": "Additional custom annotations for WordPress service", + "default": {} + }, + "extraPorts": { + "type": "array", + "description": "Extra port to expose on WordPress service", + "default": [], + "items": {} + } + } + }, + "ingress": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable ingress record generation for WordPress", + "default": false + }, + "pathType": { + "type": "string", + "description": "Ingress path type", + "default": "ImplementationSpecific" + }, + "apiVersion": { + "type": "string", + "description": "Force Ingress API version (automatically detected if not set)", + "default": "" + }, + "ingressClassName": { + "type": "string", + "description": "IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+)", + "default": "" + }, + "hostname": { + "type": "string", + "description": "Default host for the ingress record. The hostname is templated and thus can contain other variable references.", + "default": "wordpress.local" + }, + "path": { + "type": "string", + "description": "Default path for the ingress record", + "default": "/" + }, + "annotations": { + "type": "object", + "description": "Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations.", + "default": {} + }, + "tls": { + "type": "boolean", + "description": "Enable TLS configuration for the host defined at `ingress.hostname` parameter", + "default": false + }, + "tlsWwwPrefix": { + "type": "boolean", + "description": "Adds www subdomain to default cert", + "default": false + }, + "selfSigned": { + "type": "boolean", + "description": "Create a TLS secret for this ingress record using self-signed certificates generated by Helm", + "default": false + }, + "extraHosts": { + "type": "array", + "description": "An array with additional hostname(s) to be covered with the ingress record. The host names are templated and thus can contain other variable references.", + "default": [], + "items": {} + }, + "extraPaths": { + "type": "array", + "description": "An array with additional arbitrary paths that may need to be added to the ingress under the main host", + "default": [], + "items": {} + }, + "extraTls": { + "type": "array", + "description": "TLS configuration for additional hostname(s) to be covered with this ingress record", + "default": [], + "items": {} + }, + "secrets": { + "type": "array", + "description": "Custom TLS certificates as secrets", + "default": [], + "items": {} + }, + "extraRules": { + "type": "array", + "description": "Additional rules to be covered with this ingress record", + "default": [], + "items": {} + } + } + }, + "persistence": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable persistence using Persistent Volume Claims", + "default": true + }, + "storageClass": { + "type": "string", + "description": "Persistent Volume storage class", + "default": "" + }, + "accessModes": { + "type": "array", + "description": "Persistent Volume access modes", + "default": [ + "ReadWriteOnce" + ], + "items": { + "type": "string" + } + }, + "accessMode": { + "type": "string", + "description": "Persistent Volume access mode (DEPRECATED: use `persistence.accessModes` instead)", + "default": "ReadWriteOnce" + }, + "size": { + "type": "string", + "description": "Persistent Volume size", + "default": "10Gi" + }, + "dataSource": { + "type": "object", + "description": "Custom PVC data source", + "default": {} + }, + "existingClaim": { + "type": "string", + "description": "The name of an existing PVC to use for persistence", + "default": "" + }, + "selector": { + "type": "object", + "description": "Selector to match an existing Persistent Volume for WordPress data PVC", + "default": {} + }, + "annotations": { + "type": "object", + "description": "Persistent Volume Claim annotations", + "default": {} + } + } + }, + "volumePermissions": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup`", + "default": false + }, + "image": { + "type": "object", + "properties": { + "registry": { + "type": "string", + "description": "OS Shell + Utility image registry", + "default": "docker.io" + }, + "repository": { + "type": "string", + "description": "OS Shell + Utility image repository", + "default": "bitnami/os-shell" + }, + "tag": { + "type": "string", + "description": "OS Shell + Utility image tag (immutable tags are recommended)", + "default": "11-debian-11-r54" + }, + "digest": { + "type": "string", + "description": "OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag", + "default": "" + }, + "pullPolicy": { + "type": "string", + "description": "OS Shell + Utility image pull policy", + "default": "IfNotPresent" + }, + "pullSecrets": { + "type": "array", + "description": "OS Shell + Utility image pull secrets", + "default": [], + "items": {} + } + } + }, + "resources": { + "type": "object", + "properties": { + "limits": { + "type": "object", + "description": "The resources limits for the init container", + "default": {} + }, + "requests": { + "type": "object", + "description": "The requested resources for the init container", + "default": {} + } + } + }, + "containerSecurityContext": { + "type": "object", + "properties": { + "runAsUser": { + "type": "number", + "description": "User ID for the init container", + "default": 0 + } + } + } + } + }, + "serviceAccount": { + "type": "object", + "properties": { + "create": { + "type": "boolean", + "description": "Enable creation of ServiceAccount for WordPress pod", + "default": false + }, + "name": { + "type": "string", + "description": "The name of the ServiceAccount to use.", + "default": "" + }, + "automountServiceAccountToken": { + "type": "boolean", + "description": "Allows auto mount of ServiceAccountToken on the serviceAccount created", + "default": true + }, + "annotations": { + "type": "object", + "description": "Additional custom annotations for the ServiceAccount", + "default": {} + } + } + }, + "pdb": { + "type": "object", + "properties": { + "create": { + "type": "boolean", + "description": "Enable a Pod Disruption Budget creation", + "default": false + }, + "minAvailable": { + "type": "number", + "description": "Minimum number/percentage of pods that should remain scheduled", + "default": 1 + }, + "maxUnavailable": { + "type": "string", + "description": "Maximum number/percentage of pods that may be made unavailable", + "default": "" + } + } + }, + "autoscaling": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable Horizontal POD autoscaling for WordPress", + "default": false + }, + "minReplicas": { + "type": "number", + "description": "Minimum number of WordPress replicas", + "default": 1 + }, + "maxReplicas": { + "type": "number", + "description": "Maximum number of WordPress replicas", + "default": 11 + }, + "targetCPU": { + "type": "number", + "description": "Target CPU utilization percentage", + "default": 50 + }, + "targetMemory": { + "type": "number", + "description": "Target Memory utilization percentage", + "default": 50 + } + } + }, + "metrics": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Start a sidecar prometheus exporter to expose metrics", + "default": false + }, + "image": { + "type": "object", + "properties": { + "registry": { + "type": "string", + "description": "Apache exporter image registry", + "default": "docker.io" + }, + "repository": { + "type": "string", + "description": "Apache exporter image repository", + "default": "bitnami/apache-exporter" + }, + "tag": { + "type": "string", + "description": "Apache exporter image tag (immutable tags are recommended)", + "default": "1.0.1-debian-11-r32" + }, + "digest": { + "type": "string", + "description": "Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag", + "default": "" + }, + "pullPolicy": { + "type": "string", + "description": "Apache exporter image pull policy", + "default": "IfNotPresent" + }, + "pullSecrets": { + "type": "array", + "description": "Apache exporter image pull secrets", + "default": [], + "items": {} + } + } + }, + "containerPorts": { + "type": "object", + "properties": { + "metrics": { + "type": "number", + "description": "Prometheus exporter container port", + "default": 9117 + } + } + }, + "livenessProbe": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable livenessProbe on Prometheus exporter containers", + "default": true + }, + "initialDelaySeconds": { + "type": "number", + "description": "Initial delay seconds for livenessProbe", + "default": 15 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for livenessProbe", + "default": 10 + }, + "timeoutSeconds": { + "type": "number", + "description": "Timeout seconds for livenessProbe", + "default": 5 + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for livenessProbe", + "default": 3 + }, + "successThreshold": { + "type": "number", + "description": "Success threshold for livenessProbe", + "default": 1 + } + } + }, + "readinessProbe": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable readinessProbe on Prometheus exporter containers", + "default": true + }, + "initialDelaySeconds": { + "type": "number", + "description": "Initial delay seconds for readinessProbe", + "default": 5 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for readinessProbe", + "default": 10 + }, + "timeoutSeconds": { + "type": "number", + "description": "Timeout seconds for readinessProbe", + "default": 3 + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for readinessProbe", + "default": 3 + }, + "successThreshold": { + "type": "number", + "description": "Success threshold for readinessProbe", + "default": 1 + } + } + }, + "startupProbe": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable startupProbe on Prometheus exporter containers", + "default": false + }, + "initialDelaySeconds": { + "type": "number", + "description": "Initial delay seconds for startupProbe", + "default": 10 + }, + "periodSeconds": { + "type": "number", + "description": "Period seconds for startupProbe", + "default": 10 + }, + "timeoutSeconds": { + "type": "number", + "description": "Timeout seconds for startupProbe", + "default": 1 + }, + "failureThreshold": { + "type": "number", + "description": "Failure threshold for startupProbe", + "default": 15 + }, + "successThreshold": { + "type": "number", + "description": "Success threshold for startupProbe", + "default": 1 + } + } + }, + "customLivenessProbe": { + "type": "object", + "description": "Custom livenessProbe that overrides the default one", + "default": {} + }, + "customReadinessProbe": { + "type": "object", + "description": "Custom readinessProbe that overrides the default one", + "default": {} + }, + "customStartupProbe": { + "type": "object", + "description": "Custom startupProbe that overrides the default one", + "default": {} + }, + "service": { + "type": "object", + "properties": { + "annotations": { + "type": "object", + "properties": { + "prometheus": { + "type": "object", + "properties": { + "io/scrape": { + "type": "string", + "description": "", + "default": "true" + }, + "io/port": { + "type": "string", + "description": "", + "default": "{{ .Values.metrics.containerPorts.metrics }}" + } + } + } + } + }, + "ports": { + "type": "object", + "properties": { + "metrics": { + "type": "number", + "description": "Prometheus metrics service port", + "default": 9150 + } + } + } + } + }, + "resources": { + "type": "object", + "properties": { + "limits": { + "type": "object", + "description": "The resources limits for the Prometheus exporter container", + "default": {} + }, + "requests": { + "type": "object", + "description": "The requested resources for the Prometheus exporter container", + "default": {} + } + } + }, + "serviceMonitor": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Create ServiceMonitor Resource for scraping metrics using Prometheus Operator", + "default": false + }, + "namespace": { + "type": "string", + "description": "Namespace for the ServiceMonitor Resource (defaults to the Release Namespace)", + "default": "" + }, + "interval": { + "type": "string", + "description": "Interval at which metrics should be scraped.", + "default": "" + }, + "scrapeTimeout": { + "type": "string", + "description": "Timeout after which the scrape is ended", + "default": "" + }, + "labels": { + "type": "object", + "description": "Additional labels that can be used so ServiceMonitor will be discovered by Prometheus", + "default": {} + }, + "selector": { + "type": "object", + "description": "Prometheus instance selector labels", + "default": {} + }, + "relabelings": { + "type": "array", + "description": "RelabelConfigs to apply to samples before scraping", + "default": [], + "items": {} + }, + "metricRelabelings": { + "type": "array", + "description": "MetricRelabelConfigs to apply to samples before ingestion", + "default": [], + "items": {} + }, + "honorLabels": { + "type": "boolean", + "description": "Specify honorLabels parameter to add the scrape endpoint", + "default": false + }, + "jobLabel": { + "type": "string", + "description": "The name of the label on the target service to use as the job name in prometheus.", + "default": "" + } + } + } + } + }, + "networkPolicy": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable network policies", + "default": false + }, + "metrics": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable network policy for metrics (prometheus)", + "default": false + } + } + }, + "ingress": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable network policy for Ingress Proxies", + "default": false + } + } + }, + "ingressRules": { + "type": "object", + "properties": { + "backendOnlyAccessibleByFrontend": { + "type": "boolean", + "description": "Enable ingress rule that makes the backend (mariadb) only accessible by testlink's pods.", + "default": false + }, + "accessOnlyFrom": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable ingress rule that makes testlink only accessible from a particular origin", + "default": false + } + } + } + } + }, + "egressRules": { + "type": "object", + "properties": { + "denyConnectionsToExternal": { + "type": "boolean", + "description": "Enable egress rule that denies outgoing traffic outside the cluster, except for DNS (port 53).", + "default": false + } + } + } + } + }, + "mariadb": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Deploy a MariaDB server to satisfy the applications database requirements", + "default": true + }, + "architecture": { + "type": "string", + "description": "MariaDB architecture. Allowed values: `standalone` or `replication`", + "default": "standalone" + }, + "auth": { + "type": "object", + "properties": { + "rootPassword": { + "type": "string", + "description": "MariaDB root password", + "default": "" + }, + "database": { + "type": "string", + "description": "MariaDB custom database", + "default": "bitnami_wordpress" + }, + "username": { + "type": "string", + "description": "MariaDB custom user name", + "default": "bn_wordpress" + }, + "password": { + "type": "string", + "description": "MariaDB custom user password", + "default": "" + } + } + }, + "primary": { + "type": "object", + "properties": { + "persistence": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable persistence on MariaDB using PVC(s)", + "default": true + }, + "storageClass": { + "type": "string", + "description": "Persistent Volume storage class", + "default": "" + }, + "accessModes": { + "type": "array", + "description": "Persistent Volume access modes", + "default": [ + "ReadWriteOnce" + ], + "items": { + "type": "string" + } + }, + "size": { + "type": "string", + "description": "Persistent Volume size", + "default": "8Gi" + } + } + } + } + } + } + }, + "externalDatabase": { + "type": "object", + "properties": { + "host": { + "type": "string", + "description": "External Database server host", + "default": "localhost" + }, + "port": { + "type": "number", + "description": "External Database server port", + "default": 3306 + }, + "user": { + "type": "string", + "description": "External Database username", + "default": "bn_wordpress" + }, + "password": { + "type": "string", + "description": "External Database user password", + "default": "" + }, + "database": { + "type": "string", + "description": "External Database database name", + "default": "bitnami_wordpress" + }, + "existingSecret": { + "type": "string", + "description": "The name of an existing secret with database credentials. Evaluated as a template", + "default": "" + } + } + }, + "memcached": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Deploy a Memcached server for caching database queries", + "default": false + }, + "auth": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "description": "Enable Memcached authentication", + "default": false + }, + "username": { + "type": "string", + "description": "Memcached admin user", + "default": "" + }, + "password": { + "type": "string", + "description": "Memcached admin password", + "default": "" + } + } + }, + "service": { + "type": "object", + "properties": { + "port": { + "type": "number", + "description": "Memcached service port", + "default": 11211 + } + } + } + } + }, + "externalCache": { + "type": "object", + "properties": { + "host": { + "type": "string", + "description": "External cache server host", + "default": "localhost" + }, + "port": { + "type": "number", + "description": "External cache server port", + "default": 11211 + } } - } } - } - }, - "volumePermissions": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "form": true, - "title": "Enable Init Containers", - "description": "Use an init container to set required folder permissions on the data volume before mounting it in the final destination" - } - } - }, - "metrics": { - "type": "object", - "properties": { - "enabled": { - "type": "boolean", - "title": "Enable Metrics", - "description": "Prometheus Exporter / Metrics", - "form": true - } - } } - } -} +} \ No newline at end of file diff --git a/charts/bitnami/wordpress/values.yaml b/charts/bitnami/wordpress/values.yaml index 7b04b1889..408f93f03 100644 --- a/charts/bitnami/wordpress/values.yaml +++ b/charts/bitnami/wordpress/values.yaml @@ -76,7 +76,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/wordpress - tag: 6.3.1-debian-11-r2 + tag: 6.3.1-debian-11-r14 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -766,7 +766,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/os-shell - tag: 11-debian-11-r54 + tag: 11-debian-11-r66 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -860,7 +860,7 @@ metrics: image: registry: docker.io repository: bitnami/apache-exporter - tag: 1.0.1-debian-11-r32 + tag: 1.0.1-debian-11-r44 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. diff --git a/charts/cockroach-labs/cockroachdb/Chart.yaml b/charts/cockroach-labs/cockroachdb/Chart.yaml index fb6c94b92..2e4cf638d 100644 --- a/charts/cockroach-labs/cockroachdb/Chart.yaml +++ b/charts/cockroach-labs/cockroachdb/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>=1.8-0' catalog.cattle.io/release-name: cockroachdb apiVersion: v1 -appVersion: 23.1.9 +appVersion: 23.1.10 description: CockroachDB is a scalable, survivable, strongly-consistent SQL database. home: https://www.cockroachlabs.com icon: https://raw.githubusercontent.com/cockroachdb/cockroach/master/docs/media/cockroach_db.png @@ -14,4 +14,4 @@ maintainers: name: cockroachdb sources: - https://github.com/cockroachdb/cockroach -version: 11.1.6 +version: 11.1.7 diff --git a/charts/cockroach-labs/cockroachdb/README.md b/charts/cockroach-labs/cockroachdb/README.md index cd563881c..b312a3243 100644 --- a/charts/cockroach-labs/cockroachdb/README.md +++ b/charts/cockroach-labs/cockroachdb/README.md @@ -229,10 +229,10 @@ kubectl get pods \ ``` ``` -my-release-cockroachdb-0 cockroachdb/cockroach:v23.1.9 -my-release-cockroachdb-1 cockroachdb/cockroach:v23.1.9 -my-release-cockroachdb-2 cockroachdb/cockroach:v23.1.9 -my-release-cockroachdb-3 cockroachdb/cockroach:v23.1.9 +my-release-cockroachdb-0 cockroachdb/cockroach:v23.1.10 +my-release-cockroachdb-1 cockroachdb/cockroach:v23.1.10 +my-release-cockroachdb-2 cockroachdb/cockroach:v23.1.10 +my-release-cockroachdb-3 cockroachdb/cockroach:v23.1.10 ``` Resume normal operations. Once you are comfortable that the stability and performance of the cluster is what you'd expect post-upgrade, finalize the upgrade: @@ -316,7 +316,7 @@ For details see the [`values.yaml`](values.yaml) file. | `conf.store.size` | CockroachDB storage size | `""` | | `conf.store.attrs` | CockroachDB storage attributes | `""` | | `image.repository` | Container image name | `cockroachdb/cockroach` | -| `image.tag` | Container image tag | `v23.1.9` | +| `image.tag` | Container image tag | `v23.1.10` | | `image.pullPolicy` | Container pull policy | `IfNotPresent` | | `image.credentials` | `registry`, `user` and `pass` credentials to pull private image | `{}` | | `statefulset.replicas` | StatefulSet replicas number | `3` | diff --git a/charts/cockroach-labs/cockroachdb/templates/job-certSelfSigner.yaml b/charts/cockroach-labs/cockroachdb/templates/job-certSelfSigner.yaml index 1658ce257..d3d3b83e6 100644 --- a/charts/cockroach-labs/cockroachdb/templates/job-certSelfSigner.yaml +++ b/charts/cockroach-labs/cockroachdb/templates/job-certSelfSigner.yaml @@ -24,6 +24,9 @@ spec: app.kubernetes.io/name: {{ template "cockroachdb.name" . }} app.kubernetes.io/instance: {{ .Release.Name | quote }} app.kubernetes.io/managed-by: {{ .Release.Service | quote }} + {{- with .Values.tls.selfSigner.annotations }} + annotations: {{- toYaml . | nindent 8 }} + {{- end }} spec: {{- if and .Values.tls.certs.selfSigner.securityContext.enabled }} securityContext: @@ -33,6 +36,18 @@ spec: runAsNonRoot: true {{- end }} restartPolicy: Never + {{- if or .Values.tls.selfSigner.nodeAffinity }} + affinity: + {{- with .Values.tls.selfSigner.nodeAffinity }} + nodeAffinity: {{- toYaml . | nindent 10 }} + {{- end }} + {{- end }} + {{- with .Values.tls.selfSigner.nodeSelector }} + nodeSelector: {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tls.selfSigner.tolerations }} + tolerations: {{- toYaml . | nindent 8 }} + {{- end }} containers: - name: cert-generate-job image: "{{ .Values.tls.selfSigner.image.registry }}/{{ .Values.tls.selfSigner.image.repository }}:{{ .Values.tls.selfSigner.image.tag }}" diff --git a/charts/cockroach-labs/cockroachdb/values.yaml b/charts/cockroach-labs/cockroachdb/values.yaml index 816b2807f..e3381a480 100644 --- a/charts/cockroach-labs/cockroachdb/values.yaml +++ b/charts/cockroach-labs/cockroachdb/values.yaml @@ -7,7 +7,7 @@ fullnameOverride: "" image: repository: cockroachdb/cockroach - tag: v23.1.9 + tag: v23.1.10 pullPolicy: IfNotPresent credentials: {} # registry: docker.io @@ -526,10 +526,25 @@ tls: nodeCertExpiryWindow: 168h selfSigner: + # Additional annotations to apply to the Pod of this Job. + annotations: {} + + # Affinity rules for scheduling the Pod of this Job. + # https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity + affinity: {} + + # Node selection constraints for scheduling the Pod of this Job. + # https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector + nodeSelector: {} + + # Taints to be tolerated by the Pod of this Job. + # https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + tolerations: [] + # Image Placeholder for the selfSigner utility. This will be changed once the CI workflows for the image is in place. image: repository: cockroachlabs-helm-charts/cockroach-self-signer-cert - tag: "1.4" + tag: "1.5" pullPolicy: IfNotPresent credentials: {} registry: gcr.io diff --git a/charts/datadog/datadog/CHANGELOG.md b/charts/datadog/datadog/CHANGELOG.md index c44c38594..82e657a20 100644 --- a/charts/datadog/datadog/CHANGELOG.md +++ b/charts/datadog/datadog/CHANGELOG.md @@ -1,5 +1,13 @@ # Datadog changelog +## 3.36.2 + +* Update `fips.image.tag` to `0.5.5` which upgrades HAProxy to 2.4.24 and zlib to 1.3 + +## 3.36.1 + +* Add option to enable CWS security profiles (runtime anomaly detection) + ## 3.36.0 * Enable Remote Config by default diff --git a/charts/datadog/datadog/Chart.yaml b/charts/datadog/datadog/Chart.yaml index dd397308f..638e3916e 100644 --- a/charts/datadog/datadog/Chart.yaml +++ b/charts/datadog/datadog/Chart.yaml @@ -19,4 +19,4 @@ name: datadog sources: - https://app.datadoghq.com/account/settings#agent/kubernetes - https://github.com/DataDog/datadog-agent -version: 3.36.0 +version: 3.36.2 diff --git a/charts/datadog/datadog/README.md b/charts/datadog/datadog/README.md index 3585ebc6d..c9fcf2378 100644 --- a/charts/datadog/datadog/README.md +++ b/charts/datadog/datadog/README.md @@ -1,6 +1,6 @@ # Datadog -![Version: 3.36.0](https://img.shields.io/badge/Version-3.36.0-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) +![Version: 3.36.2](https://img.shields.io/badge/Version-3.36.2-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) [Datadog](https://www.datadoghq.com/) is a hosted infrastructure monitoring platform. This chart adds the Datadog Agent to all nodes in your cluster via a DaemonSet. It also optionally depends on the [kube-state-metrics chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics). For more information about monitoring Kubernetes with Datadog, please refer to the [Datadog documentation website](https://docs.datadoghq.com/agent/basic_agent_usage/kubernetes/). @@ -708,6 +708,7 @@ helm install \ | datadog.securityAgent.runtime.fimEnabled | bool | `false` | Set to true to enable Cloud Workload Security (CWS) File Integrity Monitoring | | datadog.securityAgent.runtime.network.enabled | bool | `true` | Set to true to enable the collection of CWS network events | | datadog.securityAgent.runtime.policies.configMap | string | `nil` | Contains CWS policies that will be used | +| datadog.securityAgent.runtime.securityProfile.enabled | bool | `false` | Set to true to enable CWS runtime anomaly detection | | datadog.securityAgent.runtime.syscallMonitor.enabled | bool | `false` | Set to true to enable the Syscall monitoring (recommended for troubleshooting only) | | datadog.securityContext | object | `{"runAsUser":0}` | Allows you to overwrite the default PodSecurityContext on the Daemonset or Deployment | | datadog.serviceMonitoring.enabled | bool | `false` | Enable Universal Service Monitoring | @@ -741,7 +742,7 @@ helm install \ | fips.image.name | string | `"fips-proxy"` | | | fips.image.pullPolicy | string | `"IfNotPresent"` | Datadog the FIPS sidecar image pull policy | | fips.image.repository | string | `nil` | Override default registry + image.name for the FIPS sidecar container. | -| fips.image.tag | string | `"0.5.4"` | Define the FIPS sidecar container version to use. | +| fips.image.tag | string | `"0.5.5"` | Define the FIPS sidecar container version to use. | | fips.local_address | string | `"127.0.0.1"` | | | fips.port | int | `9803` | | | fips.portRange | int | `15` | | diff --git a/charts/datadog/datadog/templates/system-probe-configmap.yaml b/charts/datadog/datadog/templates/system-probe-configmap.yaml index 1e42d1bf0..c245ecc9e 100644 --- a/charts/datadog/datadog/templates/system-probe-configmap.yaml +++ b/charts/datadog/datadog/templates/system-probe-configmap.yaml @@ -68,6 +68,8 @@ data: enabled: false traced_cgroups_count: 0 {{ end }} + security_profile: + enabled: {{ $.Values.datadog.securityAgent.runtime.securityProfile.enabled }} {{- if eq .Values.datadog.systemProbe.seccomp "localhost/system-probe" }} --- diff --git a/charts/datadog/datadog/values.yaml b/charts/datadog/datadog/values.yaml index fca489412..1aa50888b 100644 --- a/charts/datadog/datadog/values.yaml +++ b/charts/datadog/datadog/values.yaml @@ -706,6 +706,10 @@ datadog: # datadog.securityAgent.runtime.activityDump.pathMerge.enabled -- Set to true to enable the merging of similar paths enabled: false + securityProfile: + # datadog.securityAgent.runtime.securityProfile.enabled -- Set to true to enable CWS runtime anomaly detection + enabled: false + ## Manage NetworkPolicy networkPolicy: # datadog.networkPolicy.create -- If true, create NetworkPolicy for all the components @@ -1177,7 +1181,7 @@ fips: name: fips-proxy # fips.image.tag -- Define the FIPS sidecar container version to use. - tag: 0.5.4 + tag: 0.5.5 # fips.image.pullPolicy -- Datadog the FIPS sidecar image pull policy pullPolicy: IfNotPresent diff --git a/charts/nats/nats/Chart.yaml b/charts/nats/nats/Chart.yaml index 11582c5eb..b4dbabe83 100644 --- a/charts/nats/nats/Chart.yaml +++ b/charts/nats/nats/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>=1.16-0' catalog.cattle.io/release-name: nats apiVersion: v2 -appVersion: 2.9.21 +appVersion: 2.9.22 description: A Helm chart for the NATS.io High Speed Cloud Native Distributed Communications Technology. home: http://github.com/nats-io/k8s @@ -18,4 +18,4 @@ maintainers: name: The NATS Authors url: https://github.com/nats-io name: nats -version: 1.0.2 +version: 1.0.3 diff --git a/charts/nats/nats/values.yaml b/charts/nats/nats/values.yaml index a5aedccbb..de2a3eca6 100644 --- a/charts/nats/nats/values.yaml +++ b/charts/nats/nats/values.yaml @@ -308,7 +308,7 @@ config: container: image: repository: nats - tag: 2.9.21-alpine + tag: 2.9.22-alpine pullPolicy: registry: @@ -560,7 +560,7 @@ natsBox: container: image: repository: natsio/nats-box - tag: 0.13.8 + tag: 0.13.9 pullPolicy: registry: diff --git a/charts/quobyte/quobyte-cluster/Chart.yaml b/charts/quobyte/quobyte-cluster/Chart.yaml index cd6c4d349..e315bc748 100644 --- a/charts/quobyte/quobyte-cluster/Chart.yaml +++ b/charts/quobyte/quobyte-cluster/Chart.yaml @@ -1,7 +1,7 @@ annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Quobyte Cluster Deployment - catalog.cattle.io/kube-version: 1.20-0 - 1.25-0 + catalog.cattle.io/kube-version: 1.20-0 - 1.27-0 catalog.cattle.io/release-name: quobyte-cluster apiVersion: v2 appVersion: "3" @@ -11,9 +11,9 @@ icon: https://quobyte.github.io/quobyte-k8s-resources/images/quobyte.png keywords: - quobyte - storage -kubeVersion: 1.20-0 - 1.25-0 +kubeVersion: 1.20-0 - 1.27-0 name: quobyte-cluster sources: - https://github.com/quobyte/quobyte-k8s-resources type: application -version: 0.1.8 +version: 0.1.9 diff --git a/charts/redpanda/redpanda/Chart.lock b/charts/redpanda/redpanda/Chart.lock index b8f38616d..08afe8647 100644 --- a/charts/redpanda/redpanda/Chart.lock +++ b/charts/redpanda/redpanda/Chart.lock @@ -1,9 +1,9 @@ dependencies: - name: console repository: https://charts.redpanda.com - version: 0.7.1 + version: 0.7.2 - name: connectors repository: https://charts.redpanda.com version: 0.1.5 -digest: sha256:71281a2120a0fff2668989c34105d88cb4ad02db7a9affc446775f49746bd12b -generated: "2023-09-11T22:25:31.16539459Z" +digest: sha256:1c770fac6e8dee7fb5731db478dd04350e310e5cf1dccf2a74ae5d6e6ee85dc8 +generated: "2023-09-15T11:53:46.309229737Z" diff --git a/charts/redpanda/redpanda/Chart.yaml b/charts/redpanda/redpanda/Chart.yaml index 1e486170d..695f25058 100644 --- a/charts/redpanda/redpanda/Chart.yaml +++ b/charts/redpanda/redpanda/Chart.yaml @@ -37,4 +37,4 @@ name: redpanda sources: - https://github.com/redpanda-data/helm-charts type: application -version: 5.3.4 +version: 5.4.2 diff --git a/charts/redpanda/redpanda/charts/console/Chart.yaml b/charts/redpanda/redpanda/charts/console/Chart.yaml index dfd1b4975..a7dddd0df 100644 --- a/charts/redpanda/redpanda/charts/console/Chart.yaml +++ b/charts/redpanda/redpanda/charts/console/Chart.yaml @@ -19,4 +19,4 @@ name: console sources: - https://github.com/redpanda-data/helm-charts type: application -version: 0.7.1 +version: 0.7.2 diff --git a/charts/redpanda/redpanda/charts/console/templates/deployment.yaml b/charts/redpanda/redpanda/charts/console/templates/deployment.yaml index 8c77178da..53b584737 100644 --- a/charts/redpanda/redpanda/charts/console/templates/deployment.yaml +++ b/charts/redpanda/redpanda/charts/console/templates/deployment.yaml @@ -245,6 +245,12 @@ spec: secretKeyRef: name: {{ include "console.fullname" . }} key: enterprise-license + {{- else if dig "licenseSecretRef" "name" "" .Values.enterprise }} + - name: LICENSE + valueFrom: + secretKeyRef: + name: {{ dig "licenseSecretRef" "name" "" .Values.enterprise }} + key: {{ dig "licenseSecretRef" "key" "enterprise-license" .Values.enterprise }} {{- end }} {{- if .Values.secret.redpanda.adminApi.password }} - name: REDPANDA_ADMINAPI_PASSWORD diff --git a/charts/redpanda/redpanda/charts/console/values.yaml b/charts/redpanda/redpanda/charts/console/values.yaml index fc53893ec..a822b3e58 100644 --- a/charts/redpanda/redpanda/charts/console/values.yaml +++ b/charts/redpanda/redpanda/charts/console/values.yaml @@ -234,6 +234,13 @@ secret: # tlsCert: # tlsKey: +# -- Settings for license key, as an alternative to secret.enterprise when +# a license secret is available +enterprise: + licenseSecretRef: + name: "" + key: "" + # -- Settings for liveness and readiness probes. # For details, # see the [Kubernetes documentation](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes). diff --git a/charts/redpanda/redpanda/ci/16-controller-sidecar-values.yaml b/charts/redpanda/redpanda/ci/16-controller-sidecar-values.yaml new file mode 100644 index 000000000..fdd83c045 --- /dev/null +++ b/charts/redpanda/redpanda/ci/16-controller-sidecar-values.yaml @@ -0,0 +1,19 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +statefulset: + sideCars: + controllers: + enabled: true diff --git a/charts/redpanda/redpanda/templates/_configmap.tpl b/charts/redpanda/redpanda/templates/_configmap.tpl index 237203ba1..969c34fb8 100644 --- a/charts/redpanda/redpanda/templates/_configmap.tpl +++ b/charts/redpanda/redpanda/templates/_configmap.tpl @@ -129,7 +129,7 @@ limitations under the License. {{- end }} {{- with dig "node" dict .Values.config }} {{- range $key, $element := .}} - {{- if or (eq (typeOf $element) "bool") $element }} + {{- if and (or (eq (typeOf $element) "bool") $element) (and (eq $key "crash_loop_limit") (include "redpanda-atleast-23-1-1" $root | fromJson).bool) }} {{ $key }}: {{ $element | toYaml }} {{- end }} {{- end }} diff --git a/charts/redpanda/redpanda/templates/post-install-upgrade-job.yaml b/charts/redpanda/redpanda/templates/post-install-upgrade-job.yaml index a9d390ef7..ebf418d1d 100644 --- a/charts/redpanda/redpanda/templates/post-install-upgrade-job.yaml +++ b/charts/redpanda/redpanda/templates/post-install-upgrade-job.yaml @@ -58,6 +58,9 @@ spec: {{- end }} {{- with .Values.tolerations }} tolerations: {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.post_install_job.affinity }} + affinity: {{- toYaml . | nindent 8 }} {{- end }} restartPolicy: Never securityContext: {{ include "pod-security-context" . | nindent 8 }} diff --git a/charts/redpanda/redpanda/templates/post-upgrade.yaml b/charts/redpanda/redpanda/templates/post-upgrade.yaml index ed2e77938..4a6de88a6 100644 --- a/charts/redpanda/redpanda/templates/post-upgrade.yaml +++ b/charts/redpanda/redpanda/templates/post-upgrade.yaml @@ -53,6 +53,9 @@ spec: {{- end }} {{- with .Values.tolerations }} tolerations: {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.post_upgrade_job.affinity }} + affinity: {{- toYaml . | nindent 8 }} {{- end }} restartPolicy: Never securityContext: {{ include "pod-security-context" . | nindent 8 }} diff --git a/charts/redpanda/redpanda/templates/rbac.yaml b/charts/redpanda/redpanda/templates/rbac.yaml index 81d46455e..b65e9a2ef 100644 --- a/charts/redpanda/redpanda/templates/rbac.yaml +++ b/charts/redpanda/redpanda/templates/rbac.yaml @@ -110,3 +110,123 @@ subjects: name: {{ include "redpanda.serviceAccountName" . }} namespace: {{ .Release.Namespace | quote }} {{- end }} +{{- if and .Values.statefulset.sideCars.controllers.enabled .Values.statefulset.sideCars.controllers.createRBAC }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "redpanda.fullname" . }}-sidecar-controllers + labels: + {{- with include "full.labels" . }} + {{- . | nindent 4 }} + {{- end }} + {{- with .Values.serviceAccount.annotations }} +annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +rules: + - apiGroups: + - "" + resources: + - nodes + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - persistentvolumes + verbs: + - delete + - get + - list + - patch + - update + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "redpanda.fullname" . }}-sidecar-controllers + labels: + {{- with include "full.labels" . }} + {{- . | nindent 4 }} + {{- end }} + {{- with .Values.serviceAccount.annotations }} +annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "redpanda.fullname" . }}-sidecar-controllers +subjects: + - kind: ServiceAccount + name: {{ include "redpanda.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "redpanda.fullname" . }}-sidecar-controllers + labels: + {{- with include "full.labels" . }} + {{- . | nindent 4 }} + {{- end }} + {{- with .Values.serviceAccount.annotations }} +annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +rules: + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - get + - patch + - update + - list + - watch + - apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - delete + - get + - list + - patch + - update + - watch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "redpanda.fullname" . }}-sidecar-controllers + labels: + {{- with include "full.labels" . }} + {{- . | nindent 4 }} + {{- end }} + {{- with .Values.serviceAccount.annotations }} +annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "redpanda.fullname" . }}-sidecar-controllers +subjects: + - kind: ServiceAccount + name: {{ include "redpanda.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} +{{- end }} diff --git a/charts/redpanda/redpanda/templates/statefulset.yaml b/charts/redpanda/redpanda/templates/statefulset.yaml index 314523d35..1e988df8f 100644 --- a/charts/redpanda/redpanda/templates/statefulset.yaml +++ b/charts/redpanda/redpanda/templates/statefulset.yaml @@ -318,6 +318,27 @@ spec: {{- end }} {{- end }} {{- end }} + {{- if and .Values.rbac.enabled .Values.statefulset.sideCars.controllers.enabled }} + - name: redpanda-controllers + image: {{ .Values.statefulset.sideCars.controllers.image.repository }}:{{ .Values.statefulset.sideCars.controllers.image.tag }} + command: + - /manager + args: + - --operator-mode=false + - --namespace={{ .Release.Namespace }} + - --health-probe-bind-address={{ .Values.statefulset.sideCars.controllers.healthProbeAddress | quote }} + - --metrics-bind-address={{ .Values.statefulset.sideCars.controllers.metricsAddress | quote }} + - --additional-controllers={{ join "," .Values.statefulset.sideCars.controllers.run }} + env: + - name: REDPANDA_HELM_RELEASE_NAME + value: {{ .Release.Name }} + {{- if get .Values.statefulset.sideCars.controllers "resources" }} + resources: {{- toYaml .Values.statefulset.sideCars.controllers.resources | nindent 12 }} + {{- end }} + {{- if get .Values.statefulset.sideCars.controllers "securityContext" }} + securityContext: {{- toYaml .Values.statefulset.sideCars.controllers.securityContext | nindent 12 }} + {{- end }} + {{- end }} volumes: {{- if dig "extraVolumes" false .Values.statefulset -}} {{ tpl .Values.statefulset.extraVolumes . | nindent 8 }} diff --git a/charts/redpanda/redpanda/values.schema.json b/charts/redpanda/redpanda/values.schema.json index 800faaab8..2b8b4dc50 100644 --- a/charts/redpanda/redpanda/values.schema.json +++ b/charts/redpanda/redpanda/values.schema.json @@ -469,6 +469,12 @@ }, "cloud_storage_api_endpoint_port": { "type": "integer" + }, + "cloud_storage_azure_adls_endpoint": { + "type": "string" + }, + "cloud_storage_azure_adls_port": { + "type": "integer" } } } @@ -505,6 +511,9 @@ } } } + }, + "affinity": { + "type": "object" } } }, @@ -545,6 +554,9 @@ }, "extraEnvFrom": { "type": ["array", "string"] + }, + "affinity": { + "type": "object" } } }, @@ -744,6 +756,51 @@ "extraVolumeMounts": { "type": "string" } + }, + "controllers": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean" + }, + "resources": { + "type": "object" + }, + "securityContext": { + "type": "object" + }, + "run": { + "type": "array" + }, + "healthProbeAddress": { + "type": "string" + }, + "metricsAddress": { + "type": "string" + }, + "image": { + "description": "Values used to define the container image to be used for Redpanda", + "type": "object", + "required": [ + "repository", + "tag" + ], + "properties": { + "repository": { + "description": "container image repository", + "default": "docker.redpanda.com/redpandadata/redpanda-operator", + "type": "string", + "pattern": "^[a-z0-9-_/.]+$" + }, + "tag": { + "description": "The container image tag. Use the Redpanda release version. Must be a valid semver prefixed with a 'v'.", + "default": "Chart.appVersion", + "type": "string", + "pattern": "^v(0|[1-9]\\d*)\\.(0|[1-9]\\d*)\\.(0|[1-9]\\d*)(?:-((?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+([0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?$|^$" + } + } + } + } } } } diff --git a/charts/redpanda/redpanda/values.yaml b/charts/redpanda/redpanda/values.yaml index 07699185f..e48fd8dd4 100644 --- a/charts/redpanda/redpanda/values.yaml +++ b/charts/redpanda/redpanda/values.yaml @@ -435,6 +435,10 @@ storage: # -- Required for ABS. # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_azure_shared_key). cloud_storage_azure_shared_key: null + # -- Required for ABS hierarchical namespace + # Available starting from 23.2.8 + # cloud_storage_azure_adls_endpoint: "" + # cloud_storage_azure_adls_port: "" # Available starting from 22.3.X # -- Required for AWS and GCS authentication with IAM roles. # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_credentials_source). @@ -479,6 +483,7 @@ post_install_job: # memory: 1024Mi # labels: {} # annotations: {} + affinity: {} post_upgrade_job: enabled: true @@ -503,6 +508,7 @@ post_upgrade_job: # extraEnvFrom: # - secretRef: # name: redpanda-aws-secrets + affinity: {} statefulset: # -- Number of Redpanda brokers (Redpanda Data recommends setting this to the number of worker nodes in the cluster) @@ -590,6 +596,19 @@ statefulset: resources: {} securityContext: {} extraVolumeMounts: |- + controllers: + image: + tag: v23.2.8 + repository: docker.redpanda.com/redpandadata/redpanda-operator + # You must enable, this feature is experimental, and so you must opt in + enabled: false + resources: {} + securityContext: {} + healthProbeAddress: ":8085" + metricsAddress: ":9082" + run: + - all + createRBAC: true initContainers: tuning: resources: {} @@ -925,7 +944,19 @@ config: # wait_for_leader_timeout_ms: 5000ms # Timeout (ms) to wait for leadership in metadata cache # -- Node (broker) properties. # See the [property reference documentation](https://docs.redpanda.com/docs/reference/node-properties/). - node: {} + node: + # -- Crash loop limit + # A limit on the number of consecutive times a broker can crash within one hour before its crash-tracking logic is reset. + # This limit prevents a broker from getting stuck in an infinite cycle of crashes. + # User can disable this crash loop limit check by the following action: + # + # * One hour elapses since the last crash + # * The node configuration file, redpanda.yaml, is updated via config.cluster or config.node or config.tunable objects + # * The startup_log file in the node’s data_directory is manually deleted + # + # Default to 5 + # REF: https://docs.redpanda.com/current/reference/node-properties/#crash_loop_limit + crash_loop_limit: 5 # node_id: # Unique ID identifying a node in the cluster # data_directory: # Place where redpanda will keep the data # admin_api_doc_dir: /usr/share/redpanda/admin-api-doc # Admin API doc directory diff --git a/charts/speedscale/speedscale-operator/Chart.yaml b/charts/speedscale/speedscale-operator/Chart.yaml index eb56115a3..f454cf3be 100644 --- a/charts/speedscale/speedscale-operator/Chart.yaml +++ b/charts/speedscale/speedscale-operator/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>= 1.17.0-0' catalog.cattle.io/release-name: speedscale-operator apiVersion: v1 -appVersion: 1.3.354 +appVersion: 1.3.375 description: Stress test your APIs with real world scenarios. Collect and replay traffic without scripting. home: https://speedscale.com @@ -24,4 +24,4 @@ maintainers: - email: support@speedscale.com name: Speedscale Support name: speedscale-operator -version: 1.3.31 +version: 1.3.32 diff --git a/charts/speedscale/speedscale-operator/README.md b/charts/speedscale/speedscale-operator/README.md index 1a3c6f541..c1ed39297 100644 --- a/charts/speedscale/speedscale-operator/README.md +++ b/charts/speedscale/speedscale-operator/README.md @@ -101,10 +101,10 @@ _See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documen A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an incompatible breaking change needing manual actions. -### Upgrade to 1.3.31 +### Upgrade to 1.3.32 ```bash -kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.3.31/templates/crds/trafficreplays.yaml +kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.3.32/templates/crds/trafficreplays.yaml ``` ### Upgrade to 1.1.0 diff --git a/charts/speedscale/speedscale-operator/app-readme.md b/charts/speedscale/speedscale-operator/app-readme.md index 1a3c6f541..c1ed39297 100644 --- a/charts/speedscale/speedscale-operator/app-readme.md +++ b/charts/speedscale/speedscale-operator/app-readme.md @@ -101,10 +101,10 @@ _See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documen A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an incompatible breaking change needing manual actions. -### Upgrade to 1.3.31 +### Upgrade to 1.3.32 ```bash -kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.3.31/templates/crds/trafficreplays.yaml +kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.3.32/templates/crds/trafficreplays.yaml ``` ### Upgrade to 1.1.0 diff --git a/charts/speedscale/speedscale-operator/values.yaml b/charts/speedscale/speedscale-operator/values.yaml index 382e3010e..e36aaf414 100644 --- a/charts/speedscale/speedscale-operator/values.yaml +++ b/charts/speedscale/speedscale-operator/values.yaml @@ -20,7 +20,7 @@ clusterName: "my-cluster" # Speedscale components image settings. image: registry: gcr.io/speedscale - tag: v1.3.354 + tag: v1.3.375 pullPolicy: Always # Log level for Speedscale components. diff --git a/charts/sysdig/sysdig/CHANGELOG.md b/charts/sysdig/sysdig/CHANGELOG.md index 70cd6fcf6..fbcc79f23 100644 --- a/charts/sysdig/sysdig/CHANGELOG.md +++ b/charts/sysdig/sysdig/CHANGELOG.md @@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used exclusively to fix incorrect entries and not to add new ones. ## Change Log +# v1.16.13 +### Chores +* **sysdig, nodel-analyzer** [44e1c6a3](https://github.com/sysdiglabs/charts/commit/44e1c6a385faf3bdcdd0cb8427254338c68254c7): bump sysdig/vuln-runtime-scanner to v1.5.7 ([#1361](https://github.com/sysdiglabs/charts/issues/1361)) # v1.16.12 ### New Features * [b2146b31](https://github.com/sysdiglabs/charts/commit/b2146b31e56eb00a6dc270bbb9bb530a3ee69f4c): release agent 12.16.1 ([#1353](https://github.com/sysdiglabs/charts/issues/1353)) diff --git a/charts/sysdig/sysdig/Chart.yaml b/charts/sysdig/sysdig/Chart.yaml index 1f29efde0..abfa2e650 100644 --- a/charts/sysdig/sysdig/Chart.yaml +++ b/charts/sysdig/sysdig/Chart.yaml @@ -19,4 +19,4 @@ name: sysdig sources: - https://app.sysdigcloud.com/#/settings/user - https://github.com/draios/sysdig -version: 1.16.12 +version: 1.16.13 diff --git a/charts/sysdig/sysdig/README.md b/charts/sysdig/sysdig/README.md index b3a515333..b9ad96373 100644 --- a/charts/sysdig/sysdig/README.md +++ b/charts/sysdig/sysdig/README.md @@ -262,7 +262,7 @@ The following table lists the configurable parameters of the Sysdig chart and th | `nodeAnalyzer.runtimeScanner.deploy` | Deploys the Runtime Scanner. | `false` | | `nodeAnalyzer.runtimeScanner.extraMounts` | Specifies a container engine custom socket path (docker, containerd, CRI-O). | | | `nodeAnalyzer.runtimeScanner.image.repository` | The image repository to pull the Runtime Scanner from. | `sysdig/vuln-runtime-scanner` | -| `nodeAnalyzer.runtimeScanner.image.tag` | The image tag to pull the Runtime Scanner. | `1.5.6` | +| `nodeAnalyzer.runtimeScanner.image.tag` | The image tag to pull the Runtime Scanner. | `1.5.7` | | `nodeAnalyzer.runtimeScanner.image.digest` | The image digest to pull. | ` ` | | `nodeAnalyzer.runtimeScanner.image.pullPolicy` | The image pull policy for the Runtime Scanner. | `IfNotPresent` | | `nodeAnalyzer.runtimeScanner.resources.requests.cpu` | Runtime Scanner CPU requests per node. | `250m` | diff --git a/charts/sysdig/sysdig/RELEASE-NOTES.md b/charts/sysdig/sysdig/RELEASE-NOTES.md index 80928d0fe..5acd57153 100644 --- a/charts/sysdig/sysdig/RELEASE-NOTES.md +++ b/charts/sysdig/sysdig/RELEASE-NOTES.md @@ -1,5 +1,5 @@ # What's Changed -### New Features -- [b2146b31](https://github.com/sysdiglabs/charts/commit/b2146b31e56eb00a6dc270bbb9bb530a3ee69f4c): release agent 12.16.1 ([#1353](https://github.com/sysdiglabs/charts/issues/1353)) -#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.22.5...sysdig-1.16.12 +### Chores +- **sysdig, nodel-analyzer** [44e1c6a3](https://github.com/sysdiglabs/charts/commit/44e1c6a385faf3bdcdd0cb8427254338c68254c7): bump sysdig/vuln-runtime-scanner to v1.5.7 ([#1361](https://github.com/sysdiglabs/charts/issues/1361)) +#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.22.8...sysdig-1.16.13 diff --git a/charts/sysdig/sysdig/values.yaml b/charts/sysdig/sysdig/values.yaml index 74b7ee16a..ab0f0614c 100644 --- a/charts/sysdig/sysdig/values.yaml +++ b/charts/sysdig/sysdig/values.yaml @@ -432,7 +432,7 @@ nodeAnalyzer: deploy: false image: repository: sysdig/vuln-runtime-scanner - tag: 1.5.6 + tag: 1.5.7 digest: null pullPolicy: IfNotPresent extraMounts: [] diff --git a/charts/weka/csi-wekafsplugin/CHANGELOG.md b/charts/weka/csi-wekafsplugin/CHANGELOG.md index 737e81186..689c50753 100644 --- a/charts/weka/csi-wekafsplugin/CHANGELOG.md +++ b/charts/weka/csi-wekafsplugin/CHANGELOG.md @@ -1,4 +1,19 @@ +## What's Changed +### New features +* feat(CSI-159): add weka driver monitoring for readiness probe by @sergeyberezansky in https://github.com/weka/csi-wekafs/pull/58 +### Miscellaneous +* chore(deps): update actions/checkout action to v4 by @renovate in https://github.com/weka/csi-wekafs/pull/152 +* fix(deps): update kubernetes packages to v0.28.1 by @renovate in https://github.com/weka/csi-wekafs/pull/139 +* fix(deps): update module github.com/google/uuid to v1.3.1 by @renovate in https://github.com/weka/csi-wekafs/pull/148 +* fix(deps): update module github.com/rs/zerolog to v1.30.0 by @renovate in https://github.com/weka/csi-wekafs/pull/146 +* fix(deps): update module google.golang.org/grpc to v1.58.0 by @renovate in https://github.com/weka/csi-wekafs/pull/145 +* fix(deps): update module github.com/kubernetes-csi/csi-lib-utils to v0.15.0 by @renovate in https://github.com/weka/csi-wekafs/pull/149 +* fix(deps): update opentelemetry-go monorepo to v1.17.0 by @renovate in https://github.com/weka/csi-wekafs/pull/151 +* fix(deps): update golang.org/x/exp digest to 9212866 by @renovate in https://github.com/weka/csi-wekafs/pull/144 +* chore(deps): update docker/build-push-action action to v5 by @renovate in https://github.com/weka/csi-wekafs/pull/154 +* chore(deps): update docker/login-action action to v3 by @renovate in https://github.com/weka/csi-wekafs/pull/155 +* chore(deps): update docker/setup-buildx-action action to v3 by @renovate in https://github.com/weka/csi-wekafs/pull/156 diff --git a/charts/weka/csi-wekafsplugin/Chart.yaml b/charts/weka/csi-wekafsplugin/Chart.yaml index 26c6361a3..252f050ae 100644 --- a/charts/weka/csi-wekafsplugin/Chart.yaml +++ b/charts/weka/csi-wekafsplugin/Chart.yaml @@ -1,6 +1,6 @@ annotations: artifacthub.io/category: storage - artifacthub.io/containsSecurityUpdates: "false" + artifacthub.io/containsSecurityUpdates: "true" artifacthub.io/license: Apache-2.0 artifacthub.io/prerelease: "false" artifacthub.io/signKey: | @@ -11,7 +11,7 @@ annotations: catalog.cattle.io/kube-version: '>=1.18.0' catalog.cattle.io/release-name: csi-wekafsplugin apiVersion: v2 -appVersion: v2.2.1 +appVersion: v2.3.0 description: Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for WekaFS - the world fastest filesystem home: https://github.com/weka/csi-wekafs @@ -27,6 +27,6 @@ maintainers: url: https://weka.io name: csi-wekafsplugin sources: -- https://github.com/weka/csi-wekafs/tree/v2.2.1 +- https://github.com/weka/csi-wekafs/tree/v2.3.0 type: application -version: 2.2.1 +version: 2.3.0 diff --git a/charts/weka/csi-wekafsplugin/README.md b/charts/weka/csi-wekafsplugin/README.md index 124e178ae..9583e0f5e 100644 --- a/charts/weka/csi-wekafsplugin/README.md +++ b/charts/weka/csi-wekafsplugin/README.md @@ -3,7 +3,7 @@ Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) -![Version: 2.2.1](https://img.shields.io/badge/Version-2.2.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.2.1](https://img.shields.io/badge/AppVersion-v2.2.1-informational?style=flat-square) +![Version: 2.3.0](https://img.shields.io/badge/Version-2.3.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.3.0](https://img.shields.io/badge/AppVersion-v2.3.0-informational?style=flat-square) ## Homepage https://github.com/weka/csi-wekafs @@ -56,7 +56,7 @@ Kubernetes: `>=1.18.0` |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.2.1"` | CSI driver version | +| csiDriverVersion | string | `"2.3.0"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.10.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.3.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v3.5.0"` | CSI provisioner sidecar image URL | @@ -64,7 +64,7 @@ Kubernetes: `>=1.18.0` | images.resizersidecar | string | `"registry.k8s.io/sig-storage/csi-resizer:v1.8.0"` | CSI resizer sidecar image URL | | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v6.2.2"` | CSI snapshotter sidecar image URL | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.2.1"` | CSI driver tag | +| images.csidriverTag | string | `"2.3.0"` | CSI driver tag | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | | nodePluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI node component only (by default same as global) | @@ -102,4 +102,4 @@ Kubernetes: `>=1.18.0` | pluginConfig.mutuallyExclusiveMountOptions[0] | string | `"readcache,writecache,coherent,forcedirect"` | | ---------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0) +Autogenerated from chart metadata using [helm-docs v1.11.2](https://github.com/norwoodj/helm-docs/releases/v1.11.2) diff --git a/charts/weka/csi-wekafsplugin/values.yaml b/charts/weka/csi-wekafsplugin/values.yaml index 871d0c37b..07ddece29 100644 --- a/charts/weka/csi-wekafsplugin/values.yaml +++ b/charts/weka/csi-wekafsplugin/values.yaml @@ -5,7 +5,7 @@ dynamicProvisionPath: "csi-volumes" # -- Name of the driver (and provisioner) csiDriverName: "csi.weka.io" # -- CSI driver version -csiDriverVersion: &csiDriverVersion 2.2.1 +csiDriverVersion: &csiDriverVersion 2.3.0 images: # -- CSI liveness probe sidecar image URL livenessprobesidecar: registry.k8s.io/sig-storage/livenessprobe:v2.10.0 diff --git a/index.yaml b/index.yaml index f9d5b2644..24d1bdce4 100644 --- a/index.yaml +++ b/index.yaml @@ -1665,8 +1665,8 @@ entries: argo-cd: - annotations: artifacthub.io/changes: | - - kind: changed - description: Improve readme migration notes + - kind: fixed + description: Align redis-ha's affinity type to upstream due to warnings artifacthub.io/signKey: | fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc @@ -1676,8 +1676,8 @@ entries: catalog.cattle.io/kube-version: '>=1.23.0-0' catalog.cattle.io/release-name: argo-cd apiVersion: v2 - appVersion: v2.8.3 - created: "2023-09-13T13:33:59.843459616Z" + appVersion: v2.8.4 + created: "2023-09-15T15:58:45.162108025Z" dependencies: - condition: redis-ha.enabled name: redis-ha @@ -1685,7 +1685,46 @@ entries: version: 4.23.0 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. - digest: 13eb14f537b330fe2f18c6b2f5fe65d48535c16caff5fe0de7fd538227ca2495 + digest: 35284a198090f9f7d919fb308b03804eabc7989a26f39914760f6c2557c084dc + home: https://github.com/argoproj/argo-helm + icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png + keywords: + - argoproj + - argocd + - gitops + kubeVersion: '>=1.23.0-0' + maintainers: + - name: argoproj + url: https://argoproj.github.io/ + name: argo-cd + sources: + - https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd + - https://github.com/argoproj/argo-cd + urls: + - assets/argo/argo-cd-5.46.4.tgz + version: 5.46.4 + - annotations: + artifacthub.io/changes: | + - kind: changed + description: Improve readme migration notes + artifacthub.io/signKey: | + fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 + url: https://argoproj.github.io/argo-helm/pgp_keys.asc + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Argo CD + catalog.cattle.io/kube-version: '>=1.23.0-0' + catalog.cattle.io/release-name: argo-cd + apiVersion: v2 + appVersion: v2.8.3 + created: "2023-09-15T15:58:28.955349791Z" + dependencies: + - condition: redis-ha.enabled + name: redis-ha + repository: file://./charts/redis-ha + version: 4.23.0 + description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery + tool for Kubernetes. + digest: 2a89f696eb8a87cb3731008f2e6a7051c93bad800769cee3fd908f4a61a6cb25 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -12011,6 +12050,27 @@ entries: - assets/cloudcasa/cloudcasa-0.1.000.tgz version: 0.1.000 cockroachdb: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: CockroachDB + catalog.cattle.io/kube-version: '>=1.8-0' + catalog.cattle.io/release-name: cockroachdb + apiVersion: v1 + appVersion: 23.1.10 + created: "2023-09-15T15:58:49.236624726Z" + description: CockroachDB is a scalable, survivable, strongly-consistent SQL database. + digest: 9d566beb45b7cdae5b5f470e7e59f591a54ced54d32a2629e87d75609ab836b1 + home: https://www.cockroachlabs.com + icon: https://raw.githubusercontent.com/cockroachdb/cockroach/master/docs/media/cockroach_db.png + maintainers: + - email: helm-charts@cockroachlabs.com + name: cockroachlabs + name: cockroachdb + sources: + - https://github.com/cockroachdb/cockroach + urls: + - assets/cockroach-labs/cockroachdb-11.1.7.tgz + version: 11.1.7 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: CockroachDB @@ -15171,6 +15231,42 @@ entries: - assets/dell/csi-vxflexos-2.1.0.tgz version: 2.1.0 csi-wekafsplugin: + - annotations: + artifacthub.io/category: storage + artifacthub.io/containsSecurityUpdates: "true" + artifacthub.io/license: Apache-2.0 + artifacthub.io/prerelease: "false" + artifacthub.io/signKey: | + fingerprint: BA9F2D31BE9193E01FA17450BCE0A5CF67AC0C59 + url: https://weka.github.io/csi-wekafs/csi-public.gpg + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: WekaFS CSI Driver + catalog.cattle.io/kube-version: '>=1.18.0' + catalog.cattle.io/release-name: csi-wekafsplugin + apiVersion: v2 + appVersion: v2.3.0 + created: "2023-09-15T15:58:55.309700312Z" + description: Helm chart for Deployment of WekaIO Container Storage Interface (CSI) + plugin for WekaFS - the world fastest filesystem + digest: 36fc9c9ff00e43dfae05104add69f6d331ae4dce8268d8195386ca25cea5e054 + home: https://github.com/weka/csi-wekafs + icon: https://weka.github.io/csi-wekafs/logo.png + keywords: + - storage + - filesystem + - HPC + kubeVersion: '>=1.18.0' + maintainers: + - email: csi@weka.io + name: WekaIO, Inc. + url: https://weka.io + name: csi-wekafsplugin + sources: + - https://github.com/weka/csi-wekafs/tree/v2.3.0 + type: application + urls: + - assets/weka/csi-wekafsplugin-2.3.0.tgz + version: 2.3.0 - annotations: artifacthub.io/category: storage artifacthub.io/containsSecurityUpdates: "false" @@ -15473,6 +15569,43 @@ entries: - assets/weka/csi-wekafsplugin-0.6.400.tgz version: 0.6.400 datadog: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Datadog + catalog.cattle.io/kube-version: '>=1.10-0' + catalog.cattle.io/release-name: datadog + apiVersion: v1 + appVersion: "7" + created: "2023-09-15T15:58:49.886864717Z" + dependencies: + - condition: clusterAgent.metricsProvider.useDatadogMetrics + name: datadog-crds + repository: https://helm.datadoghq.com + tags: + - install-crds + version: 1.0.1 + - condition: datadog.kubeStateMetricsEnabled + name: kube-state-metrics + repository: https://prometheus-community.github.io/helm-charts + version: 2.13.2 + description: Datadog Agent + digest: 931e16cc24bb13f3d71e31ec62e7a7d0d84710eec0fbb4c86c2e6a9c693ac324 + home: https://www.datadoghq.com + icon: https://datadog-live.imgix.net/img/dd_logo_70x75.png + keywords: + - monitoring + - alerting + - metric + maintainers: + - email: support@datadoghq.com + name: Datadog + name: datadog + sources: + - https://app.datadoghq.com/account/settings#agent/kubernetes + - https://github.com/DataDog/datadog-agent + urls: + - assets/datadog/datadog-3.36.2.tgz + version: 3.36.2 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Datadog @@ -35821,6 +35954,31 @@ entries: - assets/bitnami/mysql-9.4.1.tgz version: 9.4.1 nats: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: NATS Server + catalog.cattle.io/kube-version: '>=1.16-0' + catalog.cattle.io/release-name: nats + apiVersion: v2 + appVersion: 2.9.22 + created: "2023-09-15T15:58:53.12022164Z" + description: A Helm chart for the NATS.io High Speed Cloud Native Distributed + Communications Technology. + digest: 3b2c4846251bb2ea09fd31418a7c1735067ea0fcc3dd92e935a695dbfc5a392b + home: http://github.com/nats-io/k8s + icon: https://nats.io/img/nats-icon-color.png + keywords: + - nats + - messaging + - cncf + maintainers: + - email: info@nats.io + name: The NATS Authors + url: https://github.com/nats-io + name: nats + urls: + - assets/nats/nats-1.0.3.tgz + version: 1.0.3 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: NATS Server @@ -40957,6 +41115,51 @@ entries: - assets/portworx/portworx-essentials-2.9.100.tgz version: 2.9.100 postgresql: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: PostgreSQL + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: postgresql + category: Database + images: | + - name: os-shell + image: docker.io/bitnami/os-shell:11-debian-11-r43 + - name: postgres-exporter + image: docker.io/bitnami/postgres-exporter:0.13.2-debian-11-r25 + - name: postgresql + image: docker.io/bitnami/postgresql:15.4.0-debian-11-r10 + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 15.4.0 + created: "2023-09-15T15:58:47.40765835Z" + dependencies: + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: PostgreSQL (Postgres) is an open source object-relational database + known for reliability and data integrity. ACID-compliant, it supports foreign + keys, joins, views, triggers and stored procedures. + digest: 65a3963389e6988482e060e4a114a1202d26d3ceb5bc8f2d5d9a55218692d799 + home: https://bitnami.com + icon: https://wiki.postgresql.org/images/a/a4/PostgreSQL_logo.3colors.svg + keywords: + - postgresql + - postgres + - database + - sql + - replication + - cluster + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: postgresql + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/postgresql + urls: + - assets/bitnami/postgresql-12.11.2.tgz + version: 12.11.2 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: PostgreSQL @@ -43547,6 +43750,29 @@ entries: - assets/percona/pxc-operator-1.12.0.tgz version: 1.12.0 quobyte-cluster: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Quobyte Cluster Deployment + catalog.cattle.io/kube-version: 1.20-0 - 1.27-0 + catalog.cattle.io/release-name: quobyte-cluster + apiVersion: v2 + appVersion: "3" + created: "2023-09-15T15:58:54.085651261Z" + description: Quobyte Cluster Helm Chart Deployment + digest: 6e2dc2ca4ebb621c2d4e8933ce3624a7d8b676d587fb40b9cf84d6b52f2f2b13 + home: https://www.quobyte.com + icon: https://quobyte.github.io/quobyte-k8s-resources/images/quobyte.png + keywords: + - quobyte + - storage + kubeVersion: 1.20-0 - 1.27-0 + name: quobyte-cluster + sources: + - https://github.com/quobyte/quobyte-k8s-resources + type: application + urls: + - assets/quobyte/quobyte-cluster-0.1.9.tgz + version: 0.1.9 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Quobyte Cluster Deployment @@ -45476,6 +45702,50 @@ entries: - assets/bitnami/redis-17.3.7.tgz version: 17.3.7 redpanda: + - annotations: + artifacthub.io/images: | + - name: redpanda + image: docker.redpanda.com/redpandadata/redpanda:v23.2.7 + - name: busybox + image: busybox:latest + - name: mintel/docker-alpine-bash-curl-jq + image: mintel/docker-alpine-bash-curl-jq:latest + artifacthub.io/license: Apache-2.0 + artifacthub.io/links: | + - name: Documentation + url: https://docs.redpanda.com + - name: "Helm (>= 3.6.0)" + url: https://helm.sh/docs/intro/install/ + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Redpanda + catalog.cattle.io/kube-version: '>=1.21-0' + catalog.cattle.io/release-name: redpanda + apiVersion: v2 + appVersion: v23.2.8 + created: "2023-09-15T15:58:54.412822779Z" + dependencies: + - condition: console.enabled + name: console + repository: file://./charts/console + version: '>=0.5 <1.0' + - condition: connectors.enabled + name: connectors + repository: file://./charts/connectors + version: '>=0.1.2 <1.0' + description: Redpanda is the real-time engine for modern apps. + digest: 09890a6fb2fac21576a43b8d4bf17fca5e0ce6c5ece64faae44844199354947d + icon: https://images.ctfassets.net/paqvtpyf8rwu/3cYHw5UzhXCbKuR24GDFGO/73fb682e6157d11c10d5b2b5da1d5af0/skate-stand-panda.svg + kubeVersion: '>=1.21-0' + maintainers: + - name: redpanda-data + url: https://github.com/orgs/redpanda-data/people + name: redpanda + sources: + - https://github.com/redpanda-data/helm-charts + type: application + urls: + - assets/redpanda/redpanda-5.4.2.tgz + version: 5.4.2 - annotations: artifacthub.io/images: | - name: redpanda @@ -50360,6 +50630,37 @@ entries: - assets/bitnami/spark-6.3.8.tgz version: 6.3.8 speedscale-operator: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Speedscale Operator + catalog.cattle.io/kube-version: '>= 1.17.0-0' + catalog.cattle.io/release-name: speedscale-operator + apiVersion: v1 + appVersion: 1.3.375 + created: "2023-09-15T15:58:54.516113869Z" + description: Stress test your APIs with real world scenarios. Collect and replay + traffic without scripting. + digest: 93c866b2e68cd12927aa9cba609983334660f0b04b319f8123499d06bb6ca3f5 + home: https://speedscale.com + icon: https://raw.githubusercontent.com/speedscale/assets/main/logo/gold_logo_only.png + keywords: + - speedscale + - test + - testing + - regression + - reliability + - load + - replay + - network + - traffic + kubeVersion: '>= 1.17.0-0' + maintainers: + - email: support@speedscale.com + name: Speedscale Support + name: speedscale-operator + urls: + - assets/speedscale/speedscale-operator-1.3.32.tgz + version: 1.3.32 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Speedscale Operator @@ -52241,6 +52542,32 @@ entries: - assets/sumologic/sumologic-2.17.0.tgz version: 2.17.0 sysdig: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Sysdig + catalog.cattle.io/release-name: sysdig + apiVersion: v1 + appVersion: 12.16.1 + created: "2023-09-15T15:58:54.825271926Z" + deprecated: true + description: Sysdig Monitor and Secure agent + digest: 31748043c7ff610e0fd0cb0520f8380a4e053df77c747b274e8df77c048fd1f8 + home: https://www.sysdig.com/ + icon: https://avatars.githubusercontent.com/u/5068817?s=200&v=4 + keywords: + - monitoring + - security + - alerting + - metric + - troubleshooting + - run-time + name: sysdig + sources: + - https://app.sysdigcloud.com/#/settings/user + - https://github.com/draios/sysdig + urls: + - assets/sysdig/sysdig-1.16.13.tgz + version: 1.16.13 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Sysdig @@ -57011,6 +57338,60 @@ entries: - assets/hashicorp/vault-0.22.0.tgz version: 0.22.0 wordpress: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: WordPress + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: wordpress + category: CMS + images: | + - name: apache-exporter + image: docker.io/bitnami/apache-exporter:1.0.1-debian-11-r44 + - name: os-shell + image: docker.io/bitnami/os-shell:11-debian-11-r66 + - name: wordpress + image: docker.io/bitnami/wordpress:6.3.1-debian-11-r14 + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 6.3.1 + created: "2023-09-15T15:58:48.937298764Z" + dependencies: + - condition: memcached.enabled + name: memcached + repository: file://./charts/memcached + version: 6.x.x + - condition: mariadb.enabled + name: mariadb + repository: file://./charts/mariadb + version: 13.x.x + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: WordPress is the world's most popular blogging and content management + platform. Powerful yet simple, everyone from students to global corporations + use it to build beautiful, functional websites. + digest: 45f82d81df20fa5e2fd35e9b4842181ce750e332730de0703c24d964e75b5033 + home: https://bitnami.com + icon: https://s.w.org/style/images/about/WordPress-logotype-simplified.png + keywords: + - application + - blog + - cms + - http + - php + - web + - wordpress + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: wordpress + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/wordpress + urls: + - assets/bitnami/wordpress-17.1.8.tgz + version: 17.1.8 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: WordPress