+
+ | Installation method |
+ Configuration via values.yaml |
+ Configuration via command line |
+
+
+ | Standalone newrelic-logging |
+
+
+
+```
+# values-newrelic.yaml configuration contents
+
+licenseKey: _YOUR_NEW_RELIC_LICENSE_KEY_
+cluster: _K8S_CLUSTER_NAME_
+
+fluentBit:
+ retryLimit: 10
+```
+
+```
+# Install / upgrade command
+
+helm upgrade --install newrelic-logging newrelic/newrelic-logging \
+--namespace newrelic \
+--create-namespace \
+-f values-newrelic.yaml
+```
+ |
+
+
+```
+# Install / upgrade command
+
+helm upgrade --install newrelic-logging newrelic/newrelic-logging \
+--namespace=newrelic \
+--set licenseKey=_YOUR_NEW_RELIC_LICENSE_KEY_ \
+--set cluster=_K8S_CLUSTER_NAME_ \
+--set fluentBit.retryLimit=10
+```
+ |
+
+
+ | As part of nri-bundle |
+
+
+```
+# values-newrelic.yaml configuration contents
+
+# General settings that apply to all the child charts
+global:
+ licenseKey: _YOUR_NEW_RELIC_LICENSE_KEY_
+ cluster: _K8S_CLUSTER_NAME_
+
+# Specific configuration for the newrelic-logging child chart
+newrelic-logging:
+ fluentBit:
+ retryLimit: 10
+```
+
+```
+# Install / upgrade command
+
+helm upgrade --install newrelic-bundle newrelic/nri-bundle \
+ --namespace newrelic \
+ --create-namespace \
+ -f values-newrelic.yaml \
+```
+ |
+
+
+```
+# Install / upgrade command
+
+helm upgrade --install newrelic-bundle newrelic/nri-bundle \
+--namespace=newrelic \
+--set global.licenseKey=_YOUR_NEW_RELIC_LICENSE_KEY_ \
+--set global.cluster=_K8S_CLUSTER_NAME_ \
+--set newrelic-logging.fluentBit.retryLimit=10
+```
+ |
+
+
+
+
+### Supported configuration parameters
+See [values.yaml](values.yaml) for the default values
+
+| Parameter | Description | Default |
+|--------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------|
+| `global.cluster` - `cluster` | The cluster name for the Kubernetes cluster. | |
+| `global.licenseKey` - `licenseKey` | The [license key](https://docs.newrelic.com/docs/accounts/install-new-relic/account-setup/license-key) for your New Relic Account. This will be the preferred configuration option if both `licenseKey` and `customSecret*` values are specified. | |
+| `global.customSecretName` - `customSecretName` | Name of the Secret object where the license key is stored | |
+| `global.customSecretLicenseKey` - `customSecretLicenseKey` | Key in the Secret object where the license key is stored. | |
+| `global.fargate` | Must be set to `true` when deploying in an EKS Fargate environment. Prevents DaemonSet pods from being scheduled in Fargate nodes. | |
+| `global.lowDataMode` - `lowDataMode` | If `true`, send minimal attributes on Kubernetes logs. Labels and annotations are not sent when lowDataMode is enabled. | `false` |
+| `rbac.create` | Enable Role-based authentication | `true` |
+| `rbac.pspEnabled` | Enable pod security policy support | `false` |
+| `image.repository` | The container to pull. | `newrelic/newrelic-fluentbit-output` |
+| `image.pullPolicy` | The pull policy. | `IfNotPresent` |
+| `image.pullSecrets` | Image pull secrets. | `nil` |
+| `image.tag` | The version of the container to pull. | See value in [values.yaml]` |
+| `exposedPorts` | Any ports you wish to expose from the pod. Ex. 2020 for metrics | `[]` |
+| `resources` | Any resources you wish to assign to the pod. | See Resources below |
+| `priorityClassName` | Scheduling priority of the pod | `nil` |
+| `nodeSelector` | Node label to use for scheduling on Linux nodes | `{ kubernetes.io/os: linux }` |
+| `windowsNodeSelector` | Node label to use for scheduling on Windows nodes | `{ kubernetes.io/os: windows, node.kubernetes.io/windows-build: BUILD_NUMBER }` |
+| `tolerations` | List of node taints to tolerate (requires Kubernetes >= 1.6) | See Tolerations below |
+| `updateStrategy` | Strategy for DaemonSet updates (requires Kubernetes >= 1.6) | `RollingUpdate` |
+| `extraVolumeMounts` | Additional DaemonSet volume mounts | `[]` |
+| `extraVolumes` | Additional DaemonSet volumes | `[]` |
+| `initContainers` | [Init containers](https://kubernetes.io/docs/concepts/workloads/pods/init-containers/) that will be executed before the actual container in charge of shipping logs to New Relic is initialized. Use this if you are using a custom Fluent Bit configuration that requires downloading certain files inside the volumes being accessed by the log-shipping pod. | `[]` |
+| `windows.initContainers` | [Init containers](https://kubernetes.io/docs/concepts/workloads/pods/init-containers/) that will be executed before the actual container in charge of shipping logs to New Relic is initialized. Use this if you are using a custom Fluent Bit configuration that requires downloading certain files inside the volumes being accessed by the log-shipping pod. | `[]` |
+| `serviceAccount.create` | If true, a service account would be created and assigned to the deployment | `true` |
+| `serviceAccount.name` | The service account to assign to the deployment. If `serviceAccount.create` is true then this name will be used when creating the service account | |
+| `serviceAccount.annotations` | The annotations to add to the service account if `serviceAccount.create` is set to true. | |
+| `global.nrStaging` - `nrStaging` | Send data to staging (requires a staging license key) | `false` |
+| `fluentBit.path` | Node path logs are forwarded from. Patterns are supported, as well as specifying multiple paths/patterns separated by commas. | `/var/log/containers/*.log` |
+| `fluentBit.linuxMountPath` | The path mounted on linux Fluent-Bit pods to read logs from. Defaults to /var because some engines write the logs to /var/log and others to /var/lib (symlinked to /var/log) so Fluent-Bit need access to both in those cases | `/var` |
+| `fluentBit.db` | Node path used by Fluent Bit to store a database file to keep track of monitored files and offsets. | `/var/log/containers/*.log` |
+| `fluentBit.k8sBufferSize` | Set the buffer size for HTTP client when reading responses from Kubernetes API server. A value of 0 results in no limit and the buffer will expand as needed. | `32k` |
+| `fluentBit.k8sLoggingExclude` | Set to "On" to allow excluding pods by adding the annotation `fluentbit.io/exclude: "true"` to pods you wish to exclude. | `Off` |
+| `fluentBit.additionalEnvVariables` | Additional environmental variables for fluentbit pods | `[]]` |
+| `fluentBit.persistence.mode` | The [persistence mode](#Fluent-Bit-persistence-modes) you want to use, options are "hostPath", "none" or "persistentVolume" (this last one available only for linux) |
+| `fluentBit.persistence.persistentVolume.storageClass` | On "persistentVolume" [persistence mode](#Fluent-Bit-persistence-modes), indicates the storage class that will be used for create the PersistentVolume and PersistentVolumeClaim. | |
+| `fluentBit.persistence.persistentVolume.size` | On "persistentVolume" [persistence mode](#Fluent-Bit-persistence-modes), indicates the capacity for the PersistentVolume and PersistentVolumeClaim | 10Gi |
+| `fluentBit.persistence.persistentVolume.dynamicProvisioning` | On "persistentVolume" [persistence mode](#Fluent-Bit-persistence-modes), indicates if the storage class used provide dynamic provisioning. If it does, only the PersistentVolumeClaim will be created. | true |
+| `fluentBit.persistence.persistentVolume.existingVolume` | On "persistentVolume" [persistence mode](#Fluent-Bit-persistence-modes), indicates and existing volume in case you want to reuse one, bear in mind that it should allow ReadWriteMany access mode. A PersistentVolumeClaim will be created using it. | |
+| `fluentBit.persistence.persistentVolume.existingVolumeClaim` | On "persistentVolume" [persistence mode](#Fluent-Bit-persistence-modes), indicates and existing volume claim that will be used on the daemonset. It should allow ReadWriteMany access mode. | |
+| `fluentBit.persistence.persistentVolume.annotations.volume` | On "persistentVolume" [persistence mode](#Fluent-Bit-persistence-modes), allows to add annotations to the PersistentVolume (if created). | |
+| `fluentBit.persistence.persistentVolume.annotations.claim` | On "persistentVolume" [persistence mode](#Fluent-Bit-persistence-modes), allows to add annotations to the PersistentVolumeClaim (if created). | |
+| `fluentBit.persistence.persistentVolume.extra.volume` | On "persistentVolume" [persistence mode](#Fluent-Bit-persistence-modes), allows to add extra properties to the PersistentVolume (if created). | |
+| `fluentBit.persistence.persistentVolume.extra.claim` | On "persistentVolume" [persistence mode](#Fluent-Bit-persistence-modes), allows to add extra properties to the PersistentVolumeClaim (if created). | |
+| `daemonSet.annotations` | The annotations to add to the `DaemonSet`. | |
+| `podAnnotations` | The annotations to add to the `DaemonSet` created `Pod`s. | |
+| `enableLinux` | Enable log collection from Linux containers. This is the default behavior. In case you are only interested of collecting logs from Windows containers, set this to `false`. | `true` |
+| `enableWindows` | Enable log collection from Windows containers. Please refer to the [Windows support](#windows-support) section for more details. | `false` |
+| `fluentBit.config.service` | Contains fluent-bit.conf Service config | |
+| `fluentBit.config.inputs` | Contains fluent-bit.conf Inputs config | |
+| `fluentBit.config.extraInputs` | Contains extra fluent-bit.conf Inputs config | |
+| `fluentBit.config.filters` | Contains fluent-bit.conf Filters config | |
+| `fluentBit.config.extraFilters` | Contains extra fluent-bit.conf Filters config | |
+| `fluentBit.config.lowDataModeFilters` | Contains fluent-bit.conf Filters config for lowDataMode | |
+| `fluentBit.config.outputs` | Contains fluent-bit.conf Outputs config | |
+| `fluentBit.config.extraOutputs` | Contains extra fluent-bit.conf Outputs config | |
+| `fluentBit.config.parsers` | Contains parsers.conf Parsers config | |
+| `fluentBit.retryLimit` | Amount of times to retry sending a given batch of logs to New Relic. This prevents data loss if there is a temporary network disruption, if a request to the Logs API is lost or when receiving a recoverable HTTP response. Set it to "False" for unlimited retries. | 5 |
+| `fluentBit.sendMetrics` | Enable the collection of Fluent Bit internal metrics in Prometheus format as well as newrelic-fluent-bit-output internal plugin metrics. See [this documentation page](https://docs.newrelic.com/docs/logs/forward-logs/kubernetes-plugin-log-forwarding/#troubleshoot-installation) for more details. | `false` |
+| `dnsConfig` | [DNS configuration](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-dns-config) that will be added to the pods. Can be configured also with `global.dnsConfig`. | `{}` |
+| `fluentBit.criEnabled` | We assume that `kubelet`directly communicates with the container engine using the [CRI](https://kubernetes.io/docs/concepts/overview/components/#container-runtime) specification. Set this to `false` if your K8s installation uses [dockershim](https://kubernetes.io/docs/tasks/administer-cluster/migrating-from-dockershim/) instead, in order to get the logs properly parsed. | `true` |
+
+### Fluent Bit persistence modes
+
+Fluent Bit uses a database file to keep track of log lines read from files (offsets). This database file is stored in the host node by default, using a `hostPath` mount. It's specifically stored (by default) in `/var/log/flb_kube.db` to keep things simple, as we're already mounting `/var` for accessing container logs.
+
+Sometimes the security constraints of some clusters don't allow mounting `hostPath`s in read-write mode. That's why you can chose among the following
+persistence modes. Each one has their pros and cons.
+
+- `hostPath` (default) will use a `hostPath` mount to store the DB file on the node disk. This is the easiest, cheapest an most reliable option, but prohibited by some cloud vendor security policies.
+- `none` will disable the Fluent Bit DB file. This can cause log duplication or data loss in case Fluent Bit gets restarted.
+- `persistentVolume` (Linux only) will use a `ReadWriteMany` persistent volume to store the DB file. This will override the `fluentBit.db` path and use `/db/${NODE_NAME}-fb.db` instead. If you use this option in a Windows cluster it will default to `none` on Windows nodes.
+
+#### GKE Autopilot example
+
+If you're using the `persistentVolume` persistence mode you need to provide at least the `storageClass`, and it should be `ReadWriteMany`. This is an example of the configuration for persistence in [GKE Autopilot](https://cloud.google.com/kubernetes-engine/docs/concepts/autopilot-overview).
+
+```
+fluentBit:
+ persistence:
+ mode: persistentVolume
+ persistentVolume:
+ storageClass: standard-rwx
+ linuxMountPath: /var/log
+```
+
+### Proxy support
+
+Since Fluent Bit Kubernetes plugin is using [newrelic-fluent-bit-output](https://github.com/newrelic/newrelic-fluent-bit-output) we can configure the [proxy support](https://github.com/newrelic/newrelic-fluent-bit-output#proxy-support) in order to set up the proxy configuration.
+
+#### As environment variables
+
+The easiest way to configure the proxy is by means of specifying the `HTTP_PROXY` or `HTTPS_PROXY` variables as follows:
+
+```
+# values-newrelic.yml
+
+fluentBit:
+ additionalEnvVariables:
+ - name: HTTPS_PROXY
+ value: https://your-https-proxy-hostname:3129
+```
+
+
+#### Custom proxy configuration (for proxies using self-signed certificates)
+
+If you need to use a proxy using self-signed certificates, you'll need to mount a volume with the Certificate Authority
+bundle file and reference it from the Fluent Bit configuration as follows:
+
+```
+# values-newrelic.yaml
+extraVolumes: []
+ - name: proxyConfig
+ # Example using hostPath. You can also place the caBundleFile.pem contents in a ConfigMap and reference it here instead,
+ # as explained here: https://kubernetes.io/docs/concepts/storage/volumes/#configmap
+ hostPath:
+ path: /path/in/node/to/your/caBundleFile.pem
+
+extraVolumeMounts: []
+ - name: proxyConfig
+ mountPath: /proxyConfig/caBundleFile.pem
+
+fluentBit:
+ config:
+ outputs: |
+ [OUTPUT]
+ Name newrelic
+ Match *
+ licenseKey ${LICENSE_KEY}
+ endpoint ${ENDPOINT}
+ lowDataMode ${LOW_DATA_MODE}
+ Retry_Limit ${RETRY_LIMIT}
+ proxy https://your-https-proxy-hostname:3129
+ caBundleFile /proxyConfig/caBundleFile.pem
+```
+
+
+## Windows support
+
+Since version `1.7.0`, this Helm chart supports shipping logs from Windows containers. To this end, you need to set the `enableWindows` configuration parameter to `true`.
+
+Windows containers have some constraints regarding Linux containers. The main one being that they can only be executed on _hosts_ using the exact same Windows version and build number. On the other hand, Kubernetes nodes only supports the Windows versions listed [here](https://kubernetes.io/docs/setup/production-environment/windows/intro-windows-in-kubernetes/#windows-os-version-support).
+
+This Helm chart deploys one `DaemonSet` for each of the Windows versions it supports, while ensuring that only containers matching the host operating system will be deployed in each host.
+
+This Helm chart currently supports the following Windows versions:
+- Windows Server LTSC 2019, build 10.0.17763
+- Windows Server LTSC 2022, build 10.0.20348
diff --git a/charts/new-relic/nri-bundle/5.0.85/charts/newrelic-logging/charts/common-library/.helmignore b/charts/new-relic/nri-bundle/5.0.85/charts/newrelic-logging/charts/common-library/.helmignore
new file mode 100644
index 000000000..0e8a0eb36
--- /dev/null
+++ b/charts/new-relic/nri-bundle/5.0.85/charts/newrelic-logging/charts/common-library/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/new-relic/nri-bundle/5.0.85/charts/newrelic-logging/charts/common-library/Chart.yaml b/charts/new-relic/nri-bundle/5.0.85/charts/newrelic-logging/charts/common-library/Chart.yaml
new file mode 100644
index 000000000..d01fcb482
--- /dev/null
+++ b/charts/new-relic/nri-bundle/5.0.85/charts/newrelic-logging/charts/common-library/Chart.yaml
@@ -0,0 +1,27 @@
+apiVersion: v2
+description: Provides helpers to provide consistency on all the charts
+keywords:
+- newrelic
+- chart-library
+maintainers:
+- name: nserrino
+ url: https://github.com/nserrino
+- name: philkuz
+ url: https://github.com/philkuz
+- name: htroisi
+ url: https://github.com/htroisi
+- name: juanjjaramillo
+ url: https://github.com/juanjjaramillo
+- name: svetlanabrennan
+ url: https://github.com/svetlanabrennan
+- name: nrepai
+ url: https://github.com/nrepai
+- name: csongnr
+ url: https://github.com/csongnr
+- name: vuqtran88
+ url: https://github.com/vuqtran88
+- name: xqi-nr
+ url: https://github.com/xqi-nr
+name: common-library
+type: library
+version: 1.1.1
diff --git a/charts/new-relic/nri-bundle/5.0.85/charts/newrelic-logging/charts/common-library/DEVELOPERS.md b/charts/new-relic/nri-bundle/5.0.85/charts/newrelic-logging/charts/common-library/DEVELOPERS.md
new file mode 100644
index 000000000..f19983a67
--- /dev/null
+++ b/charts/new-relic/nri-bundle/5.0.85/charts/newrelic-logging/charts/common-library/DEVELOPERS.md
@@ -0,0 +1,620 @@
+# Functions/templates documented for chart writers
+Here is some rough documentation separated by the file that contains the function, the function
+name and how to use it. We are not covering functions that start with `_` (e.g.
+`newrelic.common.license._licenseKey`) because they are used internally by this library for
+other helpers. Helm does not have the concept of "public" or "private" functions/templates so
+this is a convention of ours.
+
+## _naming.tpl
+These functions are used to name objects.
+
+### `newrelic.common.naming.name`
+This is the same as the idiomatic `CHART-NAME.name` that is created when you use `helm create`.
+
+It honors `.Values.nameOverride`.
+
+Usage:
+```mustache
+{{ include "newrelic.common.naming.name" . }}
+```
+
+### `newrelic.common.naming.fullname`
+This is the same as the idiomatic `CHART-NAME.fullname` that is created when you use `helm create`
+
+It honors `.Values.fullnameOverride`.
+
+Usage:
+```mustache
+{{ include "newrelic.common.naming.fullname" . }}
+```
+
+### `newrelic.common.naming.chart`
+This is the same as the idiomatic `CHART-NAME.chart` that is created when you use `helm create`.
+
+It is mostly useless for chart writers. It is used internally for templating the labels but there
+is no reason to keep it "private".
+
+Usage:
+```mustache
+{{ include "newrelic.common.naming.chart" . }}
+```
+
+### `newrelic.common.naming.truncateToDNS`
+This is a useful template that could be used to trim a string to 63 chars and does not end with a dash (`-`).
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+
+Usage:
+```mustache
+{{ $nameToTruncate := "a-really-really-really-really-REALLY-long-string-that-should-be-truncated-because-it-is-enought-long-to-brak-something"
+{{- $truncatedName := include "newrelic.common.naming.truncateToDNS" $nameToTruncate }}
+{{- $truncatedName }}
+{{- /* This should print: a-really-really-really-really-REALLY-long-string-that-should-be */ -}}
+```
+
+### `newrelic.common.naming.truncateToDNSWithSuffix`
+This template function is the same as the above but instead of receiving a string you should give a `dict`
+with a `name` and a `suffix`. This function will join them with a dash (`-`) and trim the `name` so the
+result of `name-suffix` is no more than 63 chars
+
+Usage:
+```mustache
+{{ $nameToTruncate := "a-really-really-really-really-REALLY-long-string-that-should-be-truncated-because-it-is-enought-long-to-brak-something"
+{{- $suffix := "A-NOT-SO-LONG-SUFFIX" }}
+{{- $truncatedName := include "truncateToDNSWithSuffix" (dict "name" $nameToTruncate "suffix" $suffix) }}
+{{- $truncatedName }}
+{{- /* This should print: a-really-really-really-really-REALLY-long-A-NOT-SO-LONG-SUFFIX */ -}}
+```
+
+
+
+## _labels.tpl
+### `newrelic.common.labels`, `newrelic.common.labels.selectorLabels` and `newrelic.common.labels.podLabels`
+These are functions that are used to label objects. They are configured by this `values.yaml`
+```yaml
+global:
+ podLabels: {} # included in all the pods of all the charts that implement this library
+ labels: {} # included in all the objects of all the charts that implement this library
+podLabels: {} # included in all the pods of this chart
+labels: {} # included in all the objects of this chart
+```
+
+label maps are merged from global to local values.
+
+And chart writer should use them like this:
+```mustache
+metadata:
+ labels:
+ {{- include "newrelic.common.labels" . | nindent 4 }}
+spec:
+ selector:
+ matchLabels:
+ {{- include "newrelic.common.labels.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ labels:
+ {{- include "newrelic.common.labels.podLabels" . | nindent 8 }}
+```
+
+`newrelic.common.labels.podLabels` includes `newrelic.common.labels.selectorLabels` automatically.
+
+
+
+## _priority-class-name.tpl
+### `newrelic.common.priorityClassName`
+Like almost everything in this library, it reads global and local variables:
+```yaml
+global:
+ priorityClassName: ""
+priorityClassName: ""
+```
+
+Be careful: chart writers should put an empty string (or any kind of Helm falsiness) for this
+library to work properly. If in your values a non-falsy `priorityClassName` is found, the global
+one is going to be always ignored.
+
+Usage (example in a pod spec):
+```mustache
+spec:
+ {{- with include "newrelic.common.priorityClassName" . }}
+ priorityClassName: {{ . }}
+ {{- end }}
+```
+
+
+
+## _hostnetwork.tpl
+### `newrelic.common.hostNetwork`
+Like almost everything in this library, it reads global and local variables:
+```yaml
+global:
+ hostNetwork: # Note that this is empty (nil)
+hostNetwork: # Note that this is empty (nil)
+```
+
+Be careful: chart writers should NOT PUT ANY VALUE for this library to work properly. If in you
+values a `hostNetwork` is defined, the global one is going to be always ignored.
+
+This function returns "true" of "" (empty string) so it can be used for evaluating conditionals.
+
+Usage (example in a pod spec):
+```mustache
+spec:
+ {{- with include "newrelic.common.hostNetwork" . }}
+ hostNetwork: {{ . }}
+ {{- end }}
+```
+
+### `newrelic.common.hostNetwork.value`
+This function is an abstraction of the function above but this returns directly "true" or "false".
+
+Be careful with using this with an `if` as Helm does evaluate "false" (string) as `true`.
+
+Usage (example in a pod spec):
+```mustache
+spec:
+ hostNetwork: {{ include "newrelic.common.hostNetwork.value" . }}
+```
+
+
+
+## _dnsconfig.tpl
+### `newrelic.common.dnsConfig`
+Like almost everything in this library, it reads global and local variables:
+```yaml
+global:
+ dnsConfig: {}
+dnsConfig: {}
+```
+
+Be careful: chart writers should put an empty string (or any kind of Helm falsiness) for this
+library to work properly. If in your values a non-falsy `dnsConfig` is found, the global
+one is going to be always ignored.
+
+Usage (example in a pod spec):
+```mustache
+spec:
+ {{- with include "newrelic.common.dnsConfig" . }}
+ dnsConfig:
+ {{- . | nindent 4 }}
+ {{- end }}
+```
+
+
+
+## _images.tpl
+These functions help us to deal with how images are templated. This allows setting `registries`
+where to fetch images globally while being flexible enough to fit in different maps of images
+and deployments with one or more images. This is the example of a complex `values.yaml` that
+we are going to use during the documentation of these functions:
+
+```yaml
+global:
+ images:
+ registry: nexus-3-instance.internal.clients-domain.tld
+jobImage:
+ registry: # defaults to "example.tld" when empty in these examples
+ repository: ingress-nginx/kube-webhook-certgen
+ tag: v1.1.1
+ pullPolicy: IfNotPresent
+ pullSecrets: []
+images:
+ integration:
+ registry:
+ repository: newrelic/nri-kube-events
+ tag: 1.8.0
+ pullPolicy: IfNotPresent
+ agent:
+ registry:
+ repository: newrelic/k8s-events-forwarder
+ tag: 1.22.0
+ pullPolicy: IfNotPresent
+ pullSecrets: []
+```
+
+### `newrelic.common.images.image`
+This will return a string with the image ready to be downloaded that includes the registry, the image and the tag.
+`defaultRegistry` is used to keep `registry` field empty in `values.yaml` so you can override the image using
+`global.images.registry`, your local `jobImage.registry` and be able to fallback to a registry that is not `docker.io`
+(Or the default repository that the client could have set in the CRI).
+
+Usage:
+```mustache
+{{- /* For the integration */}}
+{{ include "newrelic.common.images.image" ( dict "imageRoot" .Values.images.integration "context" .) }}
+{{- /* For the agent */}}
+{{ include "newrelic.common.images.image" ( dict "imageRoot" .Values.images.agent "context" .) }}
+{{- /* For jobImage */}}
+{{ include "newrelic.common.images.image" ( dict "defaultRegistry" "example.tld" "imageRoot" .Values.jobImage "context" .) }}
+```
+
+### `newrelic.common.images.registry`
+It returns the registry from the global or local values. You should avoid using this helper to create your image
+URL and use `newrelic.common.images.image` instead, but it is there to be used in case it is needed.
+
+Usage:
+```mustache
+{{- /* For the integration */}}
+{{ include "newrelic.common.images.registry" ( dict "imageRoot" .Values.images.integration "context" .) }}
+{{- /* For the agent */}}
+{{ include "newrelic.common.images.registry" ( dict "imageRoot" .Values.images.agent "context" .) }}
+{{- /* For jobImage */}}
+{{ include "newrelic.common.images.registry" ( dict "defaultRegistry" "example.tld" "imageRoot" .Values.jobImage "context" .) }}
+```
+
+### `newrelic.common.images.repository`
+It returns the image from the values. You should avoid using this helper to create your image
+URL and use `newrelic.common.images.image` instead, but it is there to be used in case it is needed.
+
+Usage:
+```mustache
+{{- /* For jobImage */}}
+{{ include "newrelic.common.images.repository" ( dict "imageRoot" .Values.jobImage "context" .) }}
+{{- /* For the integration */}}
+{{ include "newrelic.common.images.repository" ( dict "imageRoot" .Values.images.integration "context" .) }}
+{{- /* For the agent */}}
+{{ include "newrelic.common.images.repository" ( dict "imageRoot" .Values.images.agent "context" .) }}
+```
+
+### `newrelic.common.images.tag`
+It returns the image's tag from the values. You should avoid using this helper to create your image
+URL and use `newrelic.common.images.image` instead, but it is there to be used in case it is needed.
+
+Usage:
+```mustache
+{{- /* For jobImage */}}
+{{ include "newrelic.common.images.tag" ( dict "imageRoot" .Values.jobImage "context" .) }}
+{{- /* For the integration */}}
+{{ include "newrelic.common.images.tag" ( dict "imageRoot" .Values.images.integration "context" .) }}
+{{- /* For the agent */}}
+{{ include "newrelic.common.images.tag" ( dict "imageRoot" .Values.images.agent "context" .) }}
+```
+
+### `newrelic.common.images.renderPullSecrets`
+If returns a merged map that contains the pull secrets from the global configuration and the local one.
+
+Usage:
+```mustache
+{{- /* For jobImage */}}
+{{ include "newrelic.common.images.renderPullSecrets" ( dict "pullSecrets" .Values.jobImage.pullSecrets "context" .) }}
+{{- /* For the integration */}}
+{{ include "newrelic.common.images.renderPullSecrets" ( dict "pullSecrets" .Values.images.pullSecrets "context" .) }}
+{{- /* For the agent */}}
+{{ include "newrelic.common.images.renderPullSecrets" ( dict "pullSecrets" .Values.images.pullSecrets "context" .) }}
+```
+
+
+
+## _serviceaccount.tpl
+These functions are used to evaluate if the service account should be created, with which name and add annotations to it.
+
+The functions that the common library has implemented for service accounts are:
+* `newrelic.common.serviceAccount.create`
+* `newrelic.common.serviceAccount.name`
+* `newrelic.common.serviceAccount.annotations`
+
+Usage:
+```mustache
+{{- if include "newrelic.common.serviceAccount.create" . -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ {{- with (include "newrelic.common.serviceAccount.annotations" .) }}
+ annotations:
+ {{- . | nindent 4 }}
+ {{- end }}
+ labels:
+ {{- include "newrelic.common.labels" . | nindent 4 }}
+ name: {{ include "newrelic.common.serviceAccount.name" . }}
+ namespace: {{ .Release.Namespace }}
+{{- end }}
+```
+
+
+
+## _affinity.tpl, _nodeselector.tpl and _tolerations.tpl
+These three files are almost the same and they follow the idiomatic way of `helm create`.
+
+Each function also looks if there is a global value like the other helpers.
+```yaml
+global:
+ affinity: {}
+ nodeSelector: {}
+ tolerations: []
+affinity: {}
+nodeSelector: {}
+tolerations: []
+```
+
+The values here are replaced instead of be merged. If a value at root level is found, the global one is ignored.
+
+Usage (example in a pod spec):
+```mustache
+spec:
+ {{- with include "newrelic.common.nodeSelector" . }}
+ nodeSelector:
+ {{- . | nindent 4 }}
+ {{- end }}
+ {{- with include "newrelic.common.affinity" . }}
+ affinity:
+ {{- . | nindent 4 }}
+ {{- end }}
+ {{- with include "newrelic.common.tolerations" . }}
+ tolerations:
+ {{- . | nindent 4 }}
+ {{- end }}
+```
+
+
+
+## _agent-config.tpl
+### `newrelic.common.agentConfig.defaults`
+This returns a YAML that the agent can use directly as a config that includes other options from the values file like verbose mode,
+custom attributes, FedRAMP and such.
+
+Usage:
+```mustache
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ labels:
+ {{- include "newrelic.common.labels" . | nindent 4 }}
+ name: {{ include newrelic.common.naming.truncateToDNSWithSuffix (dict "name" (include "newrelic.common.naming.fullname" .) suffix "agent-config") }}
+ namespace: {{ .Release.Namespace }}
+data:
+ newrelic-infra.yml: |-
+ # This is the configuration file for the infrastructure agent. See:
+ # https://docs.newrelic.com/docs/infrastructure/install-infrastructure-agent/configuration/infrastructure-agent-configuration-settings/
+ {{- include "newrelic.common.agentConfig.defaults" . | nindent 4 }}
+```
+
+
+
+## _cluster.tpl
+### `newrelic.common.cluster`
+Returns the cluster name
+
+Usage:
+```mustache
+{{ include "newrelic.common.cluster" . }}
+```
+
+
+
+## _custom-attributes.tpl
+### `newrelic.common.customAttributes`
+Return custom attributes in YAML format.
+
+Usage:
+```mustache
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: example
+data:
+ custom-attributes.yaml: |
+ {{- include "newrelic.common.customAttributes" . | nindent 4 }}
+ custom-attributes.json: |
+ {{- include "newrelic.common.customAttributes" . | fromYaml | toJson | nindent 4 }}
+```
+
+
+
+## _fedramp.tpl
+### `newrelic.common.fedramp.enabled`
+Returns true if FedRAMP is enabled or an empty string if not. It can be safely used in conditionals as an empty string is a Helm falsiness.
+
+Usage:
+```mustache
+{{ include "newrelic.common.fedramp.enabled" . }}
+```
+
+### `newrelic.common.fedramp.enabled.value`
+Returns true if FedRAMP is enabled or false if not. This is to have the value of FedRAMP ready to be templated.
+
+Usage:
+```mustache
+{{ include "newrelic.common.fedramp.enabled.value" . }}
+```
+
+
+
+## _license.tpl
+### `newrelic.common.license.secretName` and ### `newrelic.common.license.secretKeyName`
+Returns the secret and key inside the secret where to read the license key.
+
+The common library will take care of using a user-provided custom secret or creating a secret that contains the license key.
+
+To create the secret use `newrelic.common.license.secret`.
+
+Usage:
+```mustache
+{{- if and (.Values.controlPlane.enabled) (not (include "newrelic.fargate" .)) }}
+apiVersion: v1
+kind: Pod
+metadata:
+ name: example
+spec:
+ containers:
+ - name: agent
+ env:
+ - name: "NRIA_LICENSE_KEY"
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "newrelic.common.license.secretName" . }}
+ key: {{ include "newrelic.common.license.secretKeyName" . }}
+```
+
+
+
+## _license_secret.tpl
+### `newrelic.common.license.secret`
+This function templates the secret that is used by agents and integrations with the license Key provided by the user. It will
+template nothing (empty string) if the user provides a custom pair of secret name and key.
+
+This template also fails in case the user has not provided any license key or custom secret so no safety checks have to be done
+by chart writers.
+
+You just must have a template with these two lines:
+```mustache
+{{- /* Common library will take care of creating the secret or not. */ -}}
+{{- include "newrelic.common.license.secret" . -}}
+```
+
+
+
+## _low-data-mode.tpl
+### `newrelic.common.lowDataMode`
+Like almost everything in this library, it reads global and local variables:
+```yaml
+global:
+ lowDataMode: # Note that this is empty (nil)
+lowDataMode: # Note that this is empty (nil)
+```
+
+Be careful: chart writers should NOT PUT ANY VALUE for this library to work properly. If in you
+values a `lowdataMode` is defined, the global one is going to be always ignored.
+
+This function returns "true" of "" (empty string) so it can be used for evaluating conditionals.
+
+Usage:
+```mustache
+{{ include "newrelic.common.lowDataMode" . }}
+```
+
+
+
+## _privileged.tpl
+### `newrelic.common.privileged`
+Like almost everything in this library, it reads global and local variables:
+```yaml
+global:
+ privileged: # Note that this is empty (nil)
+privileged: # Note that this is empty (nil)
+```
+
+Be careful: chart writers should NOT PUT ANY VALUE for this library to work properly. If in you
+values a `privileged` is defined, the global one is going to be always ignored.
+
+Chart writers could override this and put directly a `true` in the `values.yaml` to override the
+default of the common library.
+
+This function returns "true" of "" (empty string) so it can be used for evaluating conditionals.
+
+Usage:
+```mustache
+{{ include "newrelic.common.privileged" . }}
+```
+
+### `newrelic.common.privileged.value`
+Returns true if privileged mode is enabled or false if not. This is to have the value of privileged ready to be templated.
+
+Usage:
+```mustache
+{{ include "newrelic.common.privileged.value" . }}
+```
+
+
+
+## _proxy.tpl
+### `newrelic.common.proxy`
+Returns the proxy URL configured by the user.
+
+Usage:
+```mustache
+{{ include "newrelic.common.proxy" . }}
+```
+
+
+
+## _security-context.tpl
+Use these functions to share the security context among all charts. Useful in clusters that have security enforcing not to
+use the root user (like OpenShift) or users that have an admission webhooks.
+
+The functions are:
+* `newrelic.common.securityContext.container`
+* `newrelic.common.securityContext.pod`
+
+Usage:
+```mustache
+apiVersion: v1
+kind: Pod
+metadata:
+ name: example
+spec:
+ spec:
+ {{- with include "newrelic.common.securityContext.pod" . }}
+ securityContext:
+ {{- . | nindent 8 }}
+ {{- end }}
+
+ containers:
+ - name: example
+ {{- with include "nriKubernetes.securityContext.container" . }}
+ securityContext:
+ {{- toYaml . | nindent 12 }}
+ {{- end }}
+```
+
+
+
+## _staging.tpl
+### `newrelic.common.nrStaging`
+Like almost everything in this library, it reads global and local variables:
+```yaml
+global:
+ nrStaging: # Note that this is empty (nil)
+nrStaging: # Note that this is empty (nil)
+```
+
+Be careful: chart writers should NOT PUT ANY VALUE for this library to work properly. If in you
+values a `nrStaging` is defined, the global one is going to be always ignored.
+
+This function returns "true" of "" (empty string) so it can be used for evaluating conditionals.
+
+Usage:
+```mustache
+{{ include "newrelic.common.nrStaging" . }}
+```
+
+### `newrelic.common.nrStaging.value`
+Returns true if staging is enabled or false if not. This is to have the staging value ready to be templated.
+
+Usage:
+```mustache
+{{ include "newrelic.common.nrStaging.value" . }}
+```
+
+
+
+## _verbose-log.tpl
+### `newrelic.common.verboseLog`
+Like almost everything in this library, it reads global and local variables:
+```yaml
+global:
+ verboseLog: # Note that this is empty (nil)
+verboseLog: # Note that this is empty (nil)
+```
+
+Be careful: chart writers should NOT PUT ANY VALUE for this library to work properly. If in you
+values a `verboseLog` is defined, the global one is going to be always ignored.
+
+Usage:
+```mustache
+{{ include "newrelic.common.verboseLog" . }}
+```
+
+### `newrelic.common.verboseLog.valueAsBoolean`
+Returns true if verbose is enabled or false if not. This is to have the verbose value ready to be templated as a boolean
+
+Usage:
+```mustache
+{{ include "newrelic.common.verboseLog.valueAsBoolean" . }}
+```
+
+### `newrelic.common.verboseLog.valueAsInt`
+Returns 1 if verbose is enabled or 0 if not. This is to have the verbose value ready to be templated as an integer
+
+Usage:
+```mustache
+{{ include "newrelic.common.verboseLog.valueAsInt" . }}
+```
diff --git a/charts/new-relic/nri-bundle/5.0.85/charts/newrelic-logging/charts/common-library/README.md b/charts/new-relic/nri-bundle/5.0.85/charts/newrelic-logging/charts/common-library/README.md
new file mode 100644
index 000000000..10f08ca67
--- /dev/null
+++ b/charts/new-relic/nri-bundle/5.0.85/charts/newrelic-logging/charts/common-library/README.md
@@ -0,0 +1,106 @@
+# Helm Common library
+
+The common library is a way to unify the UX through all the Helm charts that implement it.
+
+The tooling suite that New Relic is huge and growing and this allows to set things globally
+and locally for a single chart.
+
+## Documentation for chart writers
+
+If you are writing a chart that is going to use this library you can check the [developers guide](/library/common-library/DEVELOPERS.md) to see all
+the functions/templates that we have implemented, what they do and how to use them.
+
+## Values managed globally
+
+We want to have a seamless experience through all the charts so we created this library that tries to standardize the behaviour
+of all the charts. Sadly, because of the complexity of all these integrations, not all the charts behave exactly as expected.
+
+An example is `newrelic-infrastructure` that ignores `hostNetwork` in the control plane scraper because most of the users has the
+control plane listening in the node to `localhost`.
+
+For each chart that has a special behavior (or further information of the behavior) there is a "chart particularities" section
+in its README.md that explains which is the expected behavior.
+
+At the time of writing this, all the charts from `nri-bundle` except `newrelic-logging` and `synthetics-minion` implements this
+library and honors global options as described in this document.
+
+Here is a list of global options:
+
+| Global keys | Local keys | Default | Merged[
+
+