diff --git a/assets/argo/argo-cd-5.31.1.tgz b/assets/argo/argo-cd-5.31.1.tgz new file mode 100644 index 000000000..b6c8b3f89 Binary files /dev/null and b/assets/argo/argo-cd-5.31.1.tgz differ diff --git a/assets/bitnami/mariadb-12.1.5.tgz b/assets/bitnami/mariadb-12.1.5.tgz new file mode 100644 index 000000000..6cf0358a6 Binary files /dev/null and b/assets/bitnami/mariadb-12.1.5.tgz differ diff --git a/assets/bitnami/mysql-9.9.0.tgz b/assets/bitnami/mysql-9.9.0.tgz new file mode 100644 index 000000000..b7d5280a5 Binary files /dev/null and b/assets/bitnami/mysql-9.9.0.tgz differ diff --git a/assets/bitnami/spark-6.5.1.tgz b/assets/bitnami/spark-6.5.1.tgz new file mode 100644 index 000000000..c9f6799cc Binary files /dev/null and b/assets/bitnami/spark-6.5.1.tgz differ diff --git a/assets/bitnami/wordpress-16.0.4.tgz b/assets/bitnami/wordpress-16.0.4.tgz new file mode 100644 index 000000000..732e8d141 Binary files /dev/null and b/assets/bitnami/wordpress-16.0.4.tgz differ diff --git a/assets/datadog/datadog-3.28.1.tgz b/assets/datadog/datadog-3.28.1.tgz new file mode 100644 index 000000000..b3d1e03ae Binary files /dev/null and b/assets/datadog/datadog-3.28.1.tgz differ diff --git a/assets/gitlab/gitlab-6.11.1.tgz b/assets/gitlab/gitlab-6.11.1.tgz new file mode 100644 index 000000000..43d73dec4 Binary files /dev/null and b/assets/gitlab/gitlab-6.11.1.tgz differ diff --git a/assets/haproxy/haproxy-1.30.4.tgz b/assets/haproxy/haproxy-1.30.4.tgz new file mode 100644 index 000000000..5eb78d69f Binary files /dev/null and b/assets/haproxy/haproxy-1.30.4.tgz differ diff --git a/assets/instana/instana-agent-1.2.58.tgz b/assets/instana/instana-agent-1.2.58.tgz new file mode 100644 index 000000000..729587a65 Binary files /dev/null and b/assets/instana/instana-agent-1.2.58.tgz differ diff --git a/assets/jenkins/jenkins-4.3.23.tgz b/assets/jenkins/jenkins-4.3.23.tgz new file mode 100644 index 000000000..a2fce2e98 Binary files /dev/null and b/assets/jenkins/jenkins-4.3.23.tgz differ diff --git a/assets/percona/pxc-db-1.12.1.tgz b/assets/percona/pxc-db-1.12.1.tgz new file mode 100644 index 000000000..66252ff22 Binary files /dev/null and b/assets/percona/pxc-db-1.12.1.tgz differ diff --git a/assets/pixie/pixie-operator-chart-0.1.1.tgz b/assets/pixie/pixie-operator-chart-0.1.1.tgz index 2c24b55b9..f9109e16f 100644 Binary files a/assets/pixie/pixie-operator-chart-0.1.1.tgz and b/assets/pixie/pixie-operator-chart-0.1.1.tgz differ diff --git a/assets/redpanda/redpanda-4.0.15.tgz b/assets/redpanda/redpanda-4.0.15.tgz new file mode 100644 index 000000000..d73790dc5 Binary files /dev/null and b/assets/redpanda/redpanda-4.0.15.tgz differ diff --git a/assets/speedscale/speedscale-operator-1.2.42.tgz b/assets/speedscale/speedscale-operator-1.2.42.tgz new file mode 100644 index 000000000..106cd98b2 Binary files /dev/null and b/assets/speedscale/speedscale-operator-1.2.42.tgz differ diff --git a/assets/sysdig/sysdig-1.15.86.tgz b/assets/sysdig/sysdig-1.15.86.tgz new file mode 100644 index 000000000..0650732f9 Binary files /dev/null and b/assets/sysdig/sysdig-1.15.86.tgz differ diff --git a/assets/yugabyte/yugabyte-2.14.9.tgz b/assets/yugabyte/yugabyte-2.14.9.tgz new file mode 100644 index 000000000..85c58aa6c Binary files /dev/null and b/assets/yugabyte/yugabyte-2.14.9.tgz differ diff --git a/assets/yugabyte/yugaware-2.14.9.tgz b/assets/yugabyte/yugaware-2.14.9.tgz new file mode 100644 index 000000000..391c83055 Binary files /dev/null and b/assets/yugabyte/yugaware-2.14.9.tgz differ diff --git a/charts/argo/argo-cd/Chart.yaml b/charts/argo/argo-cd/Chart.yaml index 4ae6445b7..e4a46076a 100644 --- a/charts/argo/argo-cd/Chart.yaml +++ b/charts/argo/argo-cd/Chart.yaml @@ -1,13 +1,13 @@ annotations: artifacthub.io/changes: | - - kind: fixed - description: Namespace field for some namespaced resources needs to be evaluated via helm root scope + - kind: changed + description: Update Argo CD v2.7.1 catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Argo CD catalog.cattle.io/kube-version: '>=1.22.0-0' catalog.cattle.io/release-name: argo-cd apiVersion: v2 -appVersion: v2.6.7 +appVersion: v2.7.1 dependencies: - condition: redis-ha.enabled name: redis-ha @@ -29,4 +29,4 @@ name: argo-cd sources: - https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd - https://github.com/argoproj/argo-cd -version: 5.29.1 +version: 5.31.1 diff --git a/charts/argo/argo-cd/README.md b/charts/argo/argo-cd/README.md index b90af7afa..f1f0845fc 100644 --- a/charts/argo/argo-cd/README.md +++ b/charts/argo/argo-cd/README.md @@ -105,6 +105,11 @@ For full list of changes please check ArtifactHub [changelog]. Highlighted versions provide information about additional steps that should be performed by user when upgrading to newer version. +### 5.31.0 +The manifests are now using [`tini` as entrypoint][tini], instead of `entrypoint.sh`. Until Argo CD v2.8, `entrypoint.sh` is retained for upgrade compatibility. +This means that the deployment manifests have to be updated after upgrading to Argo CD v2.7, and before upgrading to Argo CD v2.8 later. +In case the manifests are updated before moving to Argo CD v2.8, the containers will not be able to start. + ### 5.24.0 This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`). @@ -395,8 +400,6 @@ NAME: my-release | global.affinity.podAntiAffinity | string | `"soft"` | Default pod anti-affinity rules. Either: `none`, `soft` or `hard` | | global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | | global.deploymentStrategy | object | `{}` | Deployment strategy for the all deployed Deployments | -| global.entrypoint.entrypoint | string | `"entrypoint.sh"` | The entrypoint to use for the containers. | -| global.entrypoint.useImplicit | bool | `false` | Implicitly use the docker image's entrypoint. This requires the image to have ENTRYPOINT set properly | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | | global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all Argo CD deployments | @@ -835,7 +838,7 @@ server: | dex.extraContainers | list | `[]` | Additional containers to be added to the dex pod | | dex.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Dex imagePullPolicy | | dex.image.repository | string | `"ghcr.io/dexidp/dex"` | Dex image repository | -| dex.image.tag | string | `"v2.35.3"` | Dex image tag | +| dex.image.tag | string | `"v2.36.0"` | Dex image tag | | dex.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | dex.initContainers | list | `[]` | Init containers to add to the dex pod | | dex.initImage.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Argo CD init image imagePullPolicy | @@ -921,7 +924,7 @@ server: | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Redis image pull policy | | redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | -| redis.image.tag | string | `"7.0.7-alpine"` | Redis tag | +| redis.image.tag | string | `"7.0.11-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.metrics.enabled | bool | `false` | Deploy metrics service | @@ -979,7 +982,7 @@ The main options are listed here: | redis-ha.exporter.tag | string | `"1.45.0"` | Tag to use for the redis-exporter | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | -| redis-ha.image.tag | string | `"7.0.7-alpine"` | Redis tag | +| redis-ha.image.tag | string | `"7.0.11-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistence on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | @@ -1184,3 +1187,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/ [TopologySpreadConstraints]: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ [values.yaml]: values.yaml [v2.2 to 2.3 upgrade instructions]: https://github.com/argoproj/argo-cd/blob/v2.3.0/docs/operator-manual/upgrading/2.2-2.3.md +[tini]: https://github.com/argoproj/argo-cd/pull/12707 diff --git a/charts/argo/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo/argo-cd/templates/argocd-application-controller/statefulset.yaml index 2a067a63f..c56bf0b33 100644 --- a/charts/argo/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -51,8 +51,8 @@ spec: {{- end }} serviceAccountName: {{ include "argo-cd.controllerServiceAccountName" . }} containers: - - command: - - argocd-application-controller + - args: + - /usr/local/bin/argocd-application-controller - --metrics-port={{ .Values.controller.containerPorts.metrics }} {{- if .Values.controller.metrics.applicationLabels.enabled }} {{- range .Values.controller.metrics.applicationLabels.labels }} diff --git a/charts/argo/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo/argo-cd/templates/argocd-applicationset/deployment.yaml index 90863cce6..9033f5b47 100644 --- a/charts/argo/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -56,12 +56,8 @@ spec: - name: {{ .Values.applicationSet.name }} image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.applicationSet.image.imagePullPolicy }} - {{- if not .Values.global.entrypoint.useImplicit }} - command: - - {{ .Values.global.entrypoint.entrypoint | quote }} - {{- end }} args: - - argocd-applicationset-controller + - /usr/local/bin/argocd-applicationset-controller - --metrics-addr=:{{ .Values.applicationSet.containerPorts.metrics }} - --probe-addr=:{{ .Values.applicationSet.containerPorts.probe }} - --webhook-addr=:{{ .Values.applicationSet.containerPorts.webhook }} diff --git a/charts/argo/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo/argo-cd/templates/argocd-notifications/deployment.yaml index 729e57dbb..d49944fdc 100644 --- a/charts/argo/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo/argo-cd/templates/argocd-notifications/deployment.yaml @@ -56,8 +56,8 @@ spec: - name: {{ .Values.notifications.name }} image: {{ default .Values.global.image.repository .Values.notifications.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.notifications.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.notifications.image.imagePullPolicy }} - command: - - argocd-notifications + args: + - /usr/local/bin/argocd-notifications - --metrics-port={{ .Values.notifications.containerPorts.metrics }} - --loglevel={{ default .Values.global.logging.level .Values.notifications.logLevel }} - --logformat={{ default .Values.global.logging.format .Values.notifications.logFormat }} diff --git a/charts/argo/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo/argo-cd/templates/argocd-repo-server/deployment.yaml index f5272bc20..0226b48fc 100644 --- a/charts/argo/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -61,12 +61,8 @@ spec: - name: {{ .Values.repoServer.name }} image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.repoServer.image.imagePullPolicy }} - {{- if not .Values.global.entrypoint.useImplicit }} - command: - - {{ .Values.global.entrypoint.entrypoint | quote }} - {{- end }} args: - - argocd-repo-server + - /usr/local/bin/argocd-repo-server - --port={{ .Values.repoServer.containerPorts.server }} - --metrics-port={{ .Values.repoServer.containerPorts.metrics }} {{- with .Values.repoServer.logFormat }} @@ -284,7 +280,7 @@ spec: {{- end }} initContainers: - command: - - cp + - /bin/cp - -n - /usr/local/bin/argocd - /var/run/argocd/argocd-cmp-server diff --git a/charts/argo/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo/argo-cd/templates/argocd-server/deployment.yaml index aa7320e71..7ce72e800 100644 --- a/charts/argo/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo/argo-cd/templates/argocd-server/deployment.yaml @@ -58,8 +58,8 @@ spec: - name: {{ .Values.server.name }} image: {{ default .Values.global.image.repository .Values.server.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.server.image.imagePullPolicy }} - command: - - argocd-server + args: + - /usr/local/bin/argocd-server - --port={{ .Values.server.containerPorts.server }} - --metrics-port={{ .Values.server.containerPorts.metrics }} {{- with .Values.server.logFormat }} diff --git a/charts/argo/argo-cd/templates/crds/crd-application.yaml b/charts/argo/argo-cd/templates/crds/crd-application.yaml index ae0f7295f..5bb7bfb3e 100644 --- a/charts/argo/argo-cd/templates/crds/crd-application.yaml +++ b/charts/argo/argo-cd/templates/crds/crd-application.yaml @@ -310,6 +310,10 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -341,6 +345,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -572,6 +599,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean commonLabels: additionalProperties: type: string @@ -604,6 +636,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -950,6 +1005,10 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether to + apply env variables substitution for annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -980,6 +1039,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize adds + to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas override + specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -1203,6 +1285,10 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -1234,6 +1320,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas override + specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -1604,6 +1713,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean commonLabels: additionalProperties: type: string @@ -1636,6 +1750,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -1869,6 +2006,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean commonLabels: additionalProperties: type: string @@ -1901,6 +2043,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -2279,6 +2444,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution + for annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -2311,6 +2481,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that + Kustomize adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -2562,6 +2755,11 @@ spec: additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution + for annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -2594,6 +2792,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that + Kustomize adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize + Replicas override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -2945,6 +3166,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean commonLabels: additionalProperties: type: string @@ -2977,6 +3203,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -3221,6 +3470,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution for + annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -3253,6 +3507,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -3602,6 +3879,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies whether + to apply env variables substitution for annotation + values + type: boolean commonLabels: additionalProperties: type: string @@ -3634,6 +3916,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests @@ -3878,6 +4183,11 @@ spec: description: CommonAnnotations is a list of additional annotations to add to rendered manifests type: object + commonAnnotationsEnvsubst: + description: CommonAnnotationsEnvsubst specifies + whether to apply env variables substitution for + annotation values + type: boolean commonLabels: additionalProperties: type: string @@ -3910,6 +4220,29 @@ spec: description: NameSuffix is a suffix appended to resources for Kustomize apps type: string + namespace: + description: Namespace sets the namespace that Kustomize + adds to all resources + type: string + replicas: + description: Replicas is a list of Kustomize Replicas + override specifications + items: + properties: + count: + anyOf: + - type: integer + - type: string + description: Number of replicas + x-kubernetes-int-or-string: true + name: + description: Name of Deployment or StatefulSet + type: string + required: + - count + - name + type: object + type: array version: description: Version controls which version of Kustomize to use for rendering manifests diff --git a/charts/argo/argo-cd/templates/crds/crd-applicationset.yaml b/charts/argo/argo-cd/templates/crds/crd-applicationset.yaml index 434522422..f9bfde6c6 100644 --- a/charts/argo/argo-cd/templates/crds/crd-applicationset.yaml +++ b/charts/argo/argo-cd/templates/crds/crd-applicationset.yaml @@ -241,6 +241,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -257,6 +259,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -399,6 +418,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -415,6 +436,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -716,6 +754,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -732,6 +772,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -874,6 +931,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -890,6 +949,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -1195,6 +1271,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -1211,6 +1289,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -1353,6 +1448,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -1369,6 +1466,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -1479,6 +1593,8 @@ spec: items: x-kubernetes-preserve-unknown-fields: true type: array + elementsYaml: + type: string template: properties: metadata: @@ -1648,6 +1764,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -1664,6 +1782,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -1806,6 +1941,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -1822,6 +1959,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -2131,6 +2285,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -2147,6 +2303,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -2289,6 +2462,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -2305,6 +2480,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -2606,6 +2798,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -2622,6 +2816,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -2764,6 +2975,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -2780,6 +2993,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -3085,6 +3315,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -3101,6 +3333,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -3243,6 +3492,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -3259,6 +3510,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -3369,6 +3637,8 @@ spec: items: x-kubernetes-preserve-unknown-fields: true type: array + elementsYaml: + type: string template: properties: metadata: @@ -3538,6 +3808,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -3554,6 +3826,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -3696,6 +3985,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -3712,6 +4003,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -4109,6 +4417,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -4125,6 +4435,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -4267,6 +4594,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -4283,6 +4612,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -4727,6 +5073,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -4743,6 +5091,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -4885,6 +5250,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -4901,6 +5268,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -5196,6 +5580,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -5212,6 +5598,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -5354,6 +5757,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -5370,6 +5775,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -5679,6 +6101,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -5695,6 +6119,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -5837,6 +6278,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -5853,6 +6296,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -6154,6 +6614,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -6170,6 +6632,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -6312,6 +6791,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -6328,6 +6809,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -6633,6 +7131,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -6649,6 +7149,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -6791,6 +7308,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -6807,6 +7326,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -6917,6 +7453,8 @@ spec: items: x-kubernetes-preserve-unknown-fields: true type: array + elementsYaml: + type: string template: properties: metadata: @@ -7086,6 +7624,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -7102,6 +7642,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -7244,6 +7801,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -7260,6 +7819,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -7657,6 +8233,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -7673,6 +8251,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -7815,6 +8410,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -7831,6 +8428,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -8275,6 +8889,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -8291,6 +8907,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -8433,6 +9066,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -8449,6 +9084,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -8748,6 +9400,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -8764,6 +9418,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -8906,6 +9577,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -8922,6 +9595,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -9316,6 +10006,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -9332,6 +10024,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -9474,6 +10183,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -9490,6 +10201,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -9934,6 +10662,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -9950,6 +10680,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -10092,6 +10839,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -10108,6 +10857,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -10236,6 +11002,13 @@ spec: type: array goTemplate: type: boolean + preservedFields: + properties: + annotations: + items: + type: string + type: array + type: object strategy: properties: rollingSync: @@ -10441,6 +11214,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -10457,6 +11232,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object @@ -10599,6 +11391,8 @@ spec: additionalProperties: type: string type: object + commonAnnotationsEnvsubst: + type: boolean commonLabels: additionalProperties: type: string @@ -10615,6 +11409,23 @@ spec: type: string nameSuffix: type: string + namespace: + type: string + replicas: + items: + properties: + count: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + name: + type: string + required: + - count + - name + type: object + type: array version: type: string type: object diff --git a/charts/argo/argo-cd/templates/dex/deployment.yaml b/charts/argo/argo-cd/templates/dex/deployment.yaml index 8359a6a88..6ae171706 100644 --- a/charts/argo/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo/argo-cd/templates/dex/deployment.yaml @@ -136,8 +136,8 @@ spec: - name: copyutil image: {{ default .Values.global.image.repository .Values.dex.initImage.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.dex.initImage.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.dex.initImage.imagePullPolicy }} - command: - - cp + args: + - /bin/cp - -n - /usr/local/bin/argocd - /shared/argocd-dex diff --git a/charts/argo/argo-cd/values.yaml b/charts/argo/argo-cd/values.yaml index 32b9060c9..afdaa0955 100644 --- a/charts/argo/argo-cd/values.yaml +++ b/charts/argo/argo-cd/values.yaml @@ -132,14 +132,6 @@ global: # topologyKey: topology.kubernetes.io/zone # whenUnsatisfiable: DoNotSchedule - # POD entrypoint configuration - entrypoint: - # -- Implicitly use the docker image's entrypoint. This requires the image to have - # ENTRYPOINT set properly - useImplicit: false - # -- The entrypoint to use for the containers. - entrypoint: "entrypoint.sh" - # -- Deployment strategy for the all deployed Deployments deploymentStrategy: {} # type: RollingUpdate @@ -915,7 +907,7 @@ dex: # -- Dex image repository repository: ghcr.io/dexidp/dex # -- Dex image tag - tag: v2.35.3 + tag: v2.36.0 # -- Dex imagePullPolicy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1141,7 +1133,7 @@ redis: # -- Redis repository repository: public.ecr.aws/docker/library/redis # -- Redis tag - tag: 7.0.7-alpine + tag: 7.0.11-alpine # -- Redis image pull policy # @default -- `""` (defaults to global.image.imagePullPolicy) imagePullPolicy: "" @@ -1384,7 +1376,7 @@ redis-ha: enabled: true image: # -- Redis tag - tag: 7.0.7-alpine + tag: 7.0.11-alpine ## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ topologySpreadConstraints: diff --git a/charts/bitnami/mariadb/Chart.lock b/charts/bitnami/mariadb/Chart.lock index 0f459f24d..d1d3040cd 100644 --- a/charts/bitnami/mariadb/Chart.lock +++ b/charts/bitnami/mariadb/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: common repository: oci://registry-1.docker.io/bitnamicharts - version: 2.2.4 -digest: sha256:829fc25cbbb396161e735c83d152d74a8b3a82d07f08866b885b812d30b920df -generated: "2023-04-25T10:36:52.350329+02:00" + version: 2.2.5 +digest: sha256:318f438acfeaced11d9060877d615caf1985417d2865810defaa886d3496f8d3 +generated: "2023-05-03T08:30:13.051138201Z" diff --git a/charts/bitnami/mariadb/Chart.yaml b/charts/bitnami/mariadb/Chart.yaml index f6cbadf48..7880c721c 100644 --- a/charts/bitnami/mariadb/Chart.yaml +++ b/charts/bitnami/mariadb/Chart.yaml @@ -32,4 +32,4 @@ sources: - https://github.com/bitnami/containers/tree/main/bitnami/mariadb - https://github.com/prometheus/mysqld_exporter - https://mariadb.org -version: 12.1.3 +version: 12.1.5 diff --git a/charts/bitnami/mariadb/README.md b/charts/bitnami/mariadb/README.md index c0e5def0e..97010f8bc 100644 --- a/charts/bitnami/mariadb/README.md +++ b/charts/bitnami/mariadb/README.md @@ -84,7 +84,7 @@ The command removes all the Kubernetes components associated with the chart and | -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------- | | `image.registry` | MariaDB image registry | `docker.io` | | `image.repository` | MariaDB image repository | `bitnami/mariadb` | -| `image.tag` | MariaDB image tag (immutable tags are recommended) | `10.11.2-debian-11-r21` | +| `image.tag` | MariaDB image tag (immutable tags are recommended) | `10.11.2-debian-11-r22` | | `image.digest` | MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | MariaDB image pull policy | `IfNotPresent` | | `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | @@ -306,7 +306,7 @@ The command removes all the Kubernetes components associated with the chart and | `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` | | `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | | `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r110` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r112` | | `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | | `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | @@ -320,7 +320,7 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.enabled` | Start a side-car prometheus exporter | `false` | | `metrics.image.registry` | Exporter image registry | `docker.io` | | `metrics.image.repository` | Exporter image repository | `bitnami/mysqld-exporter` | -| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r112` | +| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r114` | | `metrics.image.digest` | Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.pullPolicy` | Exporter image pull policy | `IfNotPresent` | | `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | diff --git a/charts/bitnami/mariadb/charts/common/Chart.yaml b/charts/bitnami/mariadb/charts/common/Chart.yaml index 8583e628a..8f0fff689 100644 --- a/charts/bitnami/mariadb/charts/common/Chart.yaml +++ b/charts/bitnami/mariadb/charts/common/Chart.yaml @@ -2,7 +2,7 @@ annotations: category: Infrastructure licenses: Apache-2.0 apiVersion: v2 -appVersion: 2.2.4 +appVersion: 2.2.5 description: A Library Helm Chart for grouping common logic between bitnami charts. This chart is not deployable by itself. home: https://github.com/bitnami/charts/tree/main/bitnami/common @@ -21,4 +21,4 @@ sources: - https://github.com/bitnami/charts - https://www.bitnami.com/ type: library -version: 2.2.4 +version: 2.2.5 diff --git a/charts/bitnami/mariadb/charts/common/README.md b/charts/bitnami/mariadb/charts/common/README.md index 825639f2a..6381c3b72 100644 --- a/charts/bitnami/mariadb/charts/common/README.md +++ b/charts/bitnami/mariadb/charts/common/README.md @@ -1,6 +1,6 @@ # Bitnami Common Library Chart -A [Helm Library Chart](https://helm.sh/docs/topics/library_charts/#helm) for grouping common logic between bitnami charts. +A [Helm Library Chart](https://helm.sh/docs/topics/library_charts/#helm) for grouping common logic between Bitnami charts. ## TL;DR @@ -8,7 +8,7 @@ A [Helm Library Chart](https://helm.sh/docs/topics/library_charts/#helm) for gro dependencies: - name: common version: 1.x.x - repository: https://charts.bitnami.com/bitnami + repository: oci://registry-1.docker.io/bitnamicharts ``` ```console diff --git a/charts/bitnami/mariadb/templates/_helpers.tpl b/charts/bitnami/mariadb/templates/_helpers.tpl index 49cb4a475..d940b5ac6 100644 --- a/charts/bitnami/mariadb/templates/_helpers.tpl +++ b/charts/bitnami/mariadb/templates/_helpers.tpl @@ -147,3 +147,13 @@ mariadb: architecture "replication". Please set a valid architecture (--set architecture="xxxx") {{- end -}} {{- end -}} + +{{/* +Get existing password to access MariaDB +*/}} +{{- define "mariadb.secret.existPassword" -}} +{{- $secret := (lookup "v1" "Secret" .Release.Namespace (include "mariadb.secretName" .)).data -}} +{{- if hasKey $secret "mariadb-password" }} + {{- true -}} +{{- end -}} +{{- end -}} diff --git a/charts/bitnami/mariadb/templates/secrets.yaml b/charts/bitnami/mariadb/templates/secrets.yaml index 89f0efed1..67ef178d2 100644 --- a/charts/bitnami/mariadb/templates/secrets.yaml +++ b/charts/bitnami/mariadb/templates/secrets.yaml @@ -1,7 +1,10 @@ {{- $host := include "mariadb.primary.fullname" . }} {{- $port := print .Values.primary.service.ports.mysql }} {{- $rootPassword := include "common.secrets.passwords.manage" (dict "secret" (include "mariadb.secretName" .) "key" "mariadb-root-password" "providedValues" (list "auth.rootPassword") "context" $) | trimAll "\"" | b64dec }} +{{- $password := .Values.auth.password }} +{{- if eq (include "mariadb.secret.existPassword" .) "true" }} {{- $password := include "common.secrets.passwords.manage" (dict "secret" (include "mariadb.secretName" .) "key" "mariadb-password" "providedValues" (list "auth.password") "context" $) | trimAll "\"" | b64dec }} +{{- end }} {{- if eq (include "mariadb.createSecret" .) "true" }} apiVersion: v1 kind: Secret @@ -26,7 +29,7 @@ data: {{- if (not .Values.auth.forcePassword) }} mariadb-password: {{ print $password | b64enc | quote }} {{- else }} - mariadb-password: {{ required "A MariaDB Database Password is required!" .Values.auth.password | b64enc | quote }} + mariadb-password: {{ required "A MariaDB Database Password is required!" $password | b64enc | quote }} {{- end }} {{- end }} {{- if eq .Values.architecture "replication" }} @@ -87,7 +90,11 @@ data: {{- if $database }} database: {{ print $database | b64enc | quote }} {{- end }} + {{- if and (.Values.auth.forcePassword) (empty $password) }} + password: {{ required "A MariaDB Database Password is required!" $password | b64enc | quote }} + {{- else }} password: {{ print $password | b64enc | quote }} + {{- end }} uri: {{ printf "mysql://%s:%s@%s:%s/%s" .Values.auth.username $password $host $port $database | b64enc | quote }} {{- end }} {{- end }} diff --git a/charts/bitnami/mariadb/values.yaml b/charts/bitnami/mariadb/values.yaml index d816cf189..7ec00b585 100644 --- a/charts/bitnami/mariadb/values.yaml +++ b/charts/bitnami/mariadb/values.yaml @@ -87,7 +87,7 @@ serviceBindings: image: registry: docker.io repository: bitnami/mariadb - tag: 10.11.2-debian-11-r21 + tag: 10.11.2-debian-11-r22 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -1001,7 +1001,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/bitnami-shell - tag: 11-debian-11-r110 + tag: 11-debian-11-r112 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace) @@ -1037,7 +1037,7 @@ metrics: image: registry: docker.io repository: bitnami/mysqld-exporter - tag: 0.14.0-debian-11-r112 + tag: 0.14.0-debian-11-r114 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace) diff --git a/charts/bitnami/mysql/Chart.yaml b/charts/bitnami/mysql/Chart.yaml index 56ffd548c..23709ac54 100644 --- a/charts/bitnami/mysql/Chart.yaml +++ b/charts/bitnami/mysql/Chart.yaml @@ -30,4 +30,4 @@ name: mysql sources: - https://github.com/bitnami/containers/tree/main/bitnami/mysql - https://mysql.com -version: 9.8.2 +version: 9.9.0 diff --git a/charts/bitnami/mysql/README.md b/charts/bitnami/mysql/README.md index 801ec1ab3..81f67d7ba 100644 --- a/charts/bitnami/mysql/README.md +++ b/charts/bitnami/mysql/README.md @@ -326,6 +326,7 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.containerSecurityContext.runAsUser` | User ID for the MySQL metrics container | `1001` | | `metrics.containerSecurityContext.runAsNonRoot` | Set MySQL metrics container's Security Context runAsNonRoot | `true` | | `metrics.service.type` | Kubernetes service type for MySQL Prometheus Exporter | `ClusterIP` | +| `metrics.service.clusterIP` | Kubernetes service clusterIP for MySQL Prometheus Exporter | `""` | | `metrics.service.port` | MySQL Prometheus Exporter service port | `9104` | | `metrics.service.annotations` | Prometheus exporter service annotations | `{}` | | `metrics.extraArgs.primary` | Extra args to be passed to mysqld_exporter on Primary pods | `[]` | diff --git a/charts/bitnami/mysql/templates/metrics-svc.yaml b/charts/bitnami/mysql/templates/metrics-svc.yaml index 4d3339b16..7d604d304 100644 --- a/charts/bitnami/mysql/templates/metrics-svc.yaml +++ b/charts/bitnami/mysql/templates/metrics-svc.yaml @@ -20,6 +20,9 @@ metadata: {{- end }} spec: type: {{ .Values.metrics.service.type }} + {{- if and .Values.metrics.service.clusterIP (eq .Values.metrics.service.type "ClusterIP") }} + clusterIP: {{ .Values.metrics.service.clusterIP }} + {{- end }} ports: - port: {{ .Values.metrics.service.port }} targetPort: metrics diff --git a/charts/bitnami/mysql/values.yaml b/charts/bitnami/mysql/values.yaml index 8aaf2ede7..39a23799e 100644 --- a/charts/bitnami/mysql/values.yaml +++ b/charts/bitnami/mysql/values.yaml @@ -1067,12 +1067,14 @@ metrics: ## Mysqld Prometheus exporter liveness and readiness probes ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes ## @param metrics.service.type Kubernetes service type for MySQL Prometheus Exporter + ## @param metrics.service.clusterIP Kubernetes service clusterIP for MySQL Prometheus Exporter ## @param metrics.service.port MySQL Prometheus Exporter service port ## @param metrics.service.annotations [object] Prometheus exporter service annotations ## service: type: ClusterIP port: 9104 + clusterIP: "" annotations: prometheus.io/scrape: "true" prometheus.io/port: "{{ .Values.metrics.service.port }}" diff --git a/charts/bitnami/spark/Chart.lock b/charts/bitnami/spark/Chart.lock index daecb86d1..215e4b894 100644 --- a/charts/bitnami/spark/Chart.lock +++ b/charts/bitnami/spark/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: common - repository: https://charts.bitnami.com/bitnami + repository: oci://registry-1.docker.io/bitnamicharts version: 2.2.4 -digest: sha256:634d19e9b7f6e4c07d7c04a0161ab96b3f83335ebdd70b35b952319ef0a2586b -generated: "2023-03-19T03:00:05.496146746Z" +digest: sha256:829fc25cbbb396161e735c83d152d74a8b3a82d07f08866b885b812d30b920df +generated: "2023-04-20T09:36:58.526121+02:00" diff --git a/charts/bitnami/spark/Chart.yaml b/charts/bitnami/spark/Chart.yaml index f6cbdd5f7..06a354e8b 100644 --- a/charts/bitnami/spark/Chart.yaml +++ b/charts/bitnami/spark/Chart.yaml @@ -28,4 +28,4 @@ name: spark sources: - https://github.com/bitnami/containers/tree/main/bitnami/spark - https://spark.apache.org/ -version: 6.4.4 +version: 6.5.1 diff --git a/charts/bitnami/spark/README.md b/charts/bitnami/spark/README.md index ac560d5b1..0d1fec5e9 100644 --- a/charts/bitnami/spark/README.md +++ b/charts/bitnami/spark/README.md @@ -11,8 +11,7 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema ## TL;DR ```console -helm repo add my-repo https://charts.bitnami.com/bitnami -helm install my-release my-repo/spark +helm install my-release oci://registry-1.docker.io/bitnamicharts/spark ``` ## Introduction @@ -33,8 +32,7 @@ Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment To install the chart with the release name `my-release`: ```console -helm repo add my-repo https://charts.bitnami.com/bitnami -helm install my-release my-repo/spark +helm install my-release oci://registry-1.docker.io/bitnamicharts/spark ``` These commands deploy Apache Spark on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. @@ -329,7 +327,7 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console helm install my-release \ - --set master.webPort=8081 my-repo/spark + --set master.webPort=8081 oci://registry-1.docker.io/bitnamicharts/spark ``` The above command sets the spark master web port to `8081`. @@ -337,7 +335,7 @@ The above command sets the spark master web port to `8081`. Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, ```console -helm install my-release -f values.yaml my-repo/spark +helm install my-release -f values.yaml oci://registry-1.docker.io/bitnamicharts/spark ``` > **Tip**: You can use the default [values.yaml](values.yaml) diff --git a/charts/bitnami/spark/templates/statefulset-master.yaml b/charts/bitnami/spark/templates/statefulset-master.yaml index 5c7d66747..2c82430f8 100644 --- a/charts/bitnami/spark/templates/statefulset-master.yaml +++ b/charts/bitnami/spark/templates/statefulset-master.yaml @@ -178,7 +178,7 @@ spec: volumeMounts: {{- if .Values.master.existingConfigmap }} - name: config - mountPath: /opt/bitnami/spark/conf/ + mountPath: /bitnami/spark/conf/ {{- end }} {{- if .Values.security.ssl.enabled }} - name: shared-certs diff --git a/charts/bitnami/spark/templates/statefulset-worker.yaml b/charts/bitnami/spark/templates/statefulset-worker.yaml index 3bc12da62..dfd7d32b5 100644 --- a/charts/bitnami/spark/templates/statefulset-worker.yaml +++ b/charts/bitnami/spark/templates/statefulset-worker.yaml @@ -182,7 +182,7 @@ spec: volumeMounts: {{- if .Values.worker.existingConfigmap }} - name: config - mountPath: '/opt/bitnami/spark/conf/' + mountPath: '/bitnami/spark/conf/' {{- end }} {{- if .Values.security.ssl.enabled }} - name: shared-certs diff --git a/charts/bitnami/wordpress/Chart.lock b/charts/bitnami/wordpress/Chart.lock index d9b23712e..32e91d812 100644 --- a/charts/bitnami/wordpress/Chart.lock +++ b/charts/bitnami/wordpress/Chart.lock @@ -1,12 +1,12 @@ dependencies: - name: memcached repository: oci://registry-1.docker.io/bitnamicharts - version: 6.3.14 + version: 6.4.1 - name: mariadb repository: oci://registry-1.docker.io/bitnamicharts - version: 12.1.2 + version: 12.1.3 - name: common repository: oci://registry-1.docker.io/bitnamicharts - version: 2.2.4 -digest: sha256:2163ee3b4537596b72ea04bf3834f922207cb0482aed7884f0151ae1cdcd678c -generated: "2023-04-27T17:28:05.640540104Z" + version: 2.2.5 +digest: sha256:f410e40d5a4bbcbb2a45d4aa8254811a414b77b2c04e388f6f01d04751545061 +generated: "2023-05-03T00:38:59.864028942Z" diff --git a/charts/bitnami/wordpress/Chart.yaml b/charts/bitnami/wordpress/Chart.yaml index 5621c451e..7bbc855bd 100644 --- a/charts/bitnami/wordpress/Chart.yaml +++ b/charts/bitnami/wordpress/Chart.yaml @@ -41,4 +41,4 @@ name: wordpress sources: - https://github.com/bitnami/containers/tree/main/bitnami/wordpress - https://wordpress.org/ -version: 16.0.2 +version: 16.0.4 diff --git a/charts/bitnami/wordpress/README.md b/charts/bitnami/wordpress/README.md index f749cbef5..b699f4c56 100644 --- a/charts/bitnami/wordpress/README.md +++ b/charts/bitnami/wordpress/README.md @@ -80,7 +80,7 @@ The command removes all the Kubernetes components associated with the chart and | ------------------- | --------------------------------------------------------------------------------------------------------- | --------------------- | | `image.registry` | WordPress image registry | `docker.io` | | `image.repository` | WordPress image repository | `bitnami/wordpress` | -| `image.tag` | WordPress image tag (immutable tags are recommended) | `6.2.0-debian-11-r15` | +| `image.tag` | WordPress image tag (immutable tags are recommended) | `6.2.0-debian-11-r18` | | `image.digest` | WordPress image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | WordPress image pull policy | `IfNotPresent` | | `image.pullSecrets` | WordPress image pull secrets | `[]` | @@ -246,7 +246,7 @@ The command removes all the Kubernetes components associated with the chart and | `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | | `volumePermissions.image.registry` | Bitnami Shell image registry | `docker.io` | | `volumePermissions.image.repository` | Bitnami Shell image repository | `bitnami/bitnami-shell` | -| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r110` | +| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r112` | | `volumePermissions.image.digest` | Bitnami Shell image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `volumePermissions.image.pullPolicy` | Bitnami Shell image pull policy | `IfNotPresent` | | `volumePermissions.image.pullSecrets` | Bitnami Shell image pull secrets | `[]` | @@ -278,7 +278,7 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.enabled` | Start a sidecar prometheus exporter to expose metrics | `false` | | `metrics.image.registry` | Apache exporter image registry | `docker.io` | | `metrics.image.repository` | Apache exporter image repository | `bitnami/apache-exporter` | -| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `0.13.3-debian-11-r1` | +| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `0.13.3-debian-11-r2` | | `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.pullPolicy` | Apache exporter image pull policy | `IfNotPresent` | | `metrics.image.pullSecrets` | Apache exporter image pull secrets | `[]` | diff --git a/charts/bitnami/wordpress/charts/common/Chart.yaml b/charts/bitnami/wordpress/charts/common/Chart.yaml index 8583e628a..8f0fff689 100644 --- a/charts/bitnami/wordpress/charts/common/Chart.yaml +++ b/charts/bitnami/wordpress/charts/common/Chart.yaml @@ -2,7 +2,7 @@ annotations: category: Infrastructure licenses: Apache-2.0 apiVersion: v2 -appVersion: 2.2.4 +appVersion: 2.2.5 description: A Library Helm Chart for grouping common logic between bitnami charts. This chart is not deployable by itself. home: https://github.com/bitnami/charts/tree/main/bitnami/common @@ -21,4 +21,4 @@ sources: - https://github.com/bitnami/charts - https://www.bitnami.com/ type: library -version: 2.2.4 +version: 2.2.5 diff --git a/charts/bitnami/wordpress/charts/common/README.md b/charts/bitnami/wordpress/charts/common/README.md index 825639f2a..6381c3b72 100644 --- a/charts/bitnami/wordpress/charts/common/README.md +++ b/charts/bitnami/wordpress/charts/common/README.md @@ -1,6 +1,6 @@ # Bitnami Common Library Chart -A [Helm Library Chart](https://helm.sh/docs/topics/library_charts/#helm) for grouping common logic between bitnami charts. +A [Helm Library Chart](https://helm.sh/docs/topics/library_charts/#helm) for grouping common logic between Bitnami charts. ## TL;DR @@ -8,7 +8,7 @@ A [Helm Library Chart](https://helm.sh/docs/topics/library_charts/#helm) for gro dependencies: - name: common version: 1.x.x - repository: https://charts.bitnami.com/bitnami + repository: oci://registry-1.docker.io/bitnamicharts ``` ```console diff --git a/charts/bitnami/wordpress/charts/mariadb/Chart.yaml b/charts/bitnami/wordpress/charts/mariadb/Chart.yaml index d501e7ea1..2493492f0 100644 --- a/charts/bitnami/wordpress/charts/mariadb/Chart.yaml +++ b/charts/bitnami/wordpress/charts/mariadb/Chart.yaml @@ -28,4 +28,4 @@ sources: - https://github.com/bitnami/containers/tree/main/bitnami/mariadb - https://github.com/prometheus/mysqld_exporter - https://mariadb.org -version: 12.1.2 +version: 12.1.3 diff --git a/charts/bitnami/wordpress/charts/mariadb/templates/secrets.yaml b/charts/bitnami/wordpress/charts/mariadb/templates/secrets.yaml index 0f4906c8b..89f0efed1 100644 --- a/charts/bitnami/wordpress/charts/mariadb/templates/secrets.yaml +++ b/charts/bitnami/wordpress/charts/mariadb/templates/secrets.yaml @@ -58,7 +58,7 @@ data: type: {{ print "mysql" | b64enc | quote }} host: {{ print $host | b64enc | quote }} port: {{ print $port | b64enc | quote }} - user: {{ print "root" | b64enc | quote }} + username: {{ print "root" | b64enc | quote }} password: {{ print $rootPassword | b64enc | quote }} uri: {{ printf "mysql://root:%s@%s:%s" $rootPassword $host $port | b64enc | quote }} @@ -83,7 +83,7 @@ data: type: {{ print "mysql" | b64enc | quote }} host: {{ print $host | b64enc | quote }} port: {{ print $port | b64enc | quote }} - user: {{ print .Values.auth.username | b64enc | quote }} + username: {{ print .Values.auth.username | b64enc | quote }} {{- if $database }} database: {{ print $database | b64enc | quote }} {{- end }} diff --git a/charts/bitnami/wordpress/charts/memcached/Chart.lock b/charts/bitnami/wordpress/charts/memcached/Chart.lock new file mode 100644 index 000000000..34558d8b2 --- /dev/null +++ b/charts/bitnami/wordpress/charts/memcached/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: common + repository: oci://registry-1.docker.io/bitnamicharts + version: 2.2.4 +digest: sha256:829fc25cbbb396161e735c83d152d74a8b3a82d07f08866b885b812d30b920df +generated: "2023-04-20T09:34:17.092523+02:00" diff --git a/charts/bitnami/wordpress/charts/memcached/Chart.yaml b/charts/bitnami/wordpress/charts/memcached/Chart.yaml index 9c20d87de..57db8dc0f 100644 --- a/charts/bitnami/wordpress/charts/memcached/Chart.yaml +++ b/charts/bitnami/wordpress/charts/memcached/Chart.yaml @@ -8,7 +8,7 @@ dependencies: repository: oci://registry-1.docker.io/bitnamicharts tags: - bitnami-common - version: 2.2.4 + version: 2.x.x description: Memcached is an high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load. @@ -24,4 +24,4 @@ name: memcached sources: - https://github.com/bitnami/containers/tree/main/bitnami/memcached - http://memcached.org/ -version: 6.3.14 +version: 6.4.1 diff --git a/charts/bitnami/wordpress/charts/memcached/README.md b/charts/bitnami/wordpress/charts/memcached/README.md index 4b4e8f52c..72807fc8c 100644 --- a/charts/bitnami/wordpress/charts/memcached/README.md +++ b/charts/bitnami/wordpress/charts/memcached/README.md @@ -74,25 +74,25 @@ The command removes all the Kubernetes components associated with the chart and ### Memcached parameters -| Name | Description | Value | -| ----------------------------- | --------------------------------------------------------------------------------------------------------- | --------------------- | -| `image.registry` | Memcached image registry | `docker.io` | -| `image.repository` | Memcached image repository | `bitnami/memcached` | -| `image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.19-debian-11-r7` | -| `image.digest` | Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `image.pullPolicy` | Memcached image pull policy | `IfNotPresent` | -| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | -| `image.debug` | Specify if debug values should be set | `false` | -| `architecture` | Memcached architecture. Allowed values: standalone or high-availability | `standalone` | -| `auth.enabled` | Enable Memcached authentication | `false` | -| `auth.username` | Memcached admin user | `""` | -| `auth.password` | Memcached admin password | `""` | -| `auth.existingPasswordSecret` | Existing secret with Memcached credentials (must contain a value for `memcached-password` key) | `""` | -| `command` | Override default container command (useful when using custom images) | `[]` | -| `args` | Override default container args (useful when using custom images) | `[]` | -| `extraEnvVars` | Array with extra environment variables to add to Memcached nodes | `[]` | -| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Memcached nodes | `""` | -| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Memcached nodes | `""` | +| Name | Description | Value | +| ----------------------------- | --------------------------------------------------------------------------------------------------------- | ---------------------- | +| `image.registry` | Memcached image registry | `docker.io` | +| `image.repository` | Memcached image repository | `bitnami/memcached` | +| `image.tag` | Memcached image tag (immutable tags are recommended) | `1.6.19-debian-11-r16` | +| `image.digest` | Memcached image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Memcached image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug values should be set | `false` | +| `architecture` | Memcached architecture. Allowed values: standalone or high-availability | `standalone` | +| `auth.enabled` | Enable Memcached authentication | `false` | +| `auth.username` | Memcached admin user | `""` | +| `auth.password` | Memcached admin password | `""` | +| `auth.existingPasswordSecret` | Existing secret with Memcached credentials (must contain a value for `memcached-password` key) | `""` | +| `command` | Override default container command (useful when using custom images) | `[]` | +| `args` | Override default container args (useful when using custom images) | `[]` | +| `extraEnvVars` | Array with extra environment variables to add to Memcached nodes | `[]` | +| `extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Memcached nodes | `""` | +| `extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Memcached nodes | `""` | ### Deployment/Statefulset parameters @@ -205,7 +205,7 @@ The command removes all the Kubernetes components associated with the chart and | `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | | `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | | `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r102` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r110` | | `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | | `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | @@ -215,7 +215,7 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.enabled` | Start a side-car prometheus exporter | `false` | | `metrics.image.registry` | Memcached exporter image registry | `docker.io` | | `metrics.image.repository` | Memcached exporter image repository | `bitnami/memcached-exporter` | -| `metrics.image.tag` | Memcached exporter image tag (immutable tags are recommended) | `0.11.2-debian-11-r5` | +| `metrics.image.tag` | Memcached exporter image tag (immutable tags are recommended) | `0.11.3-debian-11-r5` | | `metrics.image.digest` | Memcached exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | | `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | diff --git a/charts/bitnami/wordpress/charts/memcached/values.yaml b/charts/bitnami/wordpress/charts/memcached/values.yaml index d990a4f28..fd25211d7 100644 --- a/charts/bitnami/wordpress/charts/memcached/values.yaml +++ b/charts/bitnami/wordpress/charts/memcached/values.yaml @@ -70,7 +70,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/memcached - tag: 1.6.19-debian-11-r7 + tag: 1.6.19-debian-11-r16 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -512,7 +512,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/bitnami-shell - tag: 11-debian-11-r102 + tag: 11-debian-11-r110 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -557,7 +557,7 @@ metrics: image: registry: docker.io repository: bitnami/memcached-exporter - tag: 0.11.2-debian-11-r5 + tag: 0.11.3-debian-11-r5 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. diff --git a/charts/bitnami/wordpress/values.yaml b/charts/bitnami/wordpress/values.yaml index f0b6e8ffe..ab487d49d 100644 --- a/charts/bitnami/wordpress/values.yaml +++ b/charts/bitnami/wordpress/values.yaml @@ -73,7 +73,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/wordpress - tag: 6.2.0-debian-11-r15 + tag: 6.2.0-debian-11-r18 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -761,7 +761,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/bitnami-shell - tag: 11-debian-11-r110 + tag: 11-debian-11-r112 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -855,7 +855,7 @@ metrics: image: registry: docker.io repository: bitnami/apache-exporter - tag: 0.13.3-debian-11-r1 + tag: 0.13.3-debian-11-r2 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. diff --git a/charts/datadog/datadog/CHANGELOG.md b/charts/datadog/datadog/CHANGELOG.md index 5130d6af7..c3745c0b0 100644 --- a/charts/datadog/datadog/CHANGELOG.md +++ b/charts/datadog/datadog/CHANGELOG.md @@ -1,5 +1,13 @@ # Datadog changelog +## 3.28.1 + +* Add `memfd_create` syscall to seccomp profile for system-probe. + +## 3.28.0 + +* Adding support to use a FIPS compliant side car container in the Datadog Cluster Agent, the Datadog Agent, and the Datadog Cluster Check Runners pods. + ## 3.27.0 * Default `Agent` and `Cluster-Agent` to `7.44.0` version. diff --git a/charts/datadog/datadog/Chart.yaml b/charts/datadog/datadog/Chart.yaml index 0013ac7d0..658db0d3c 100644 --- a/charts/datadog/datadog/Chart.yaml +++ b/charts/datadog/datadog/Chart.yaml @@ -19,4 +19,4 @@ name: datadog sources: - https://app.datadoghq.com/account/settings#agent/kubernetes - https://github.com/DataDog/datadog-agent -version: 3.27.0 +version: 3.28.1 diff --git a/charts/datadog/datadog/README.md b/charts/datadog/datadog/README.md index b92ebcd17..5632b3118 100644 --- a/charts/datadog/datadog/README.md +++ b/charts/datadog/datadog/README.md @@ -1,6 +1,6 @@ # Datadog -![Version: 3.27.0](https://img.shields.io/badge/Version-3.27.0-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) +![Version: 3.28.1](https://img.shields.io/badge/Version-3.28.1-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) [Datadog](https://www.datadoghq.com/) is a hosted infrastructure monitoring platform. This chart adds the Datadog Agent to all nodes in your cluster via a DaemonSet. It also optionally depends on the [kube-state-metrics chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics). For more information about monitoring Kubernetes with Datadog, please refer to the [Datadog documentation website](https://docs.datadoghq.com/agent/basic_agent_usage/kubernetes/). @@ -730,6 +730,17 @@ helm install \ | existingClusterAgent.join | bool | `false` | set this to true if you want the agents deployed by this chart to connect to a Cluster Agent deployed independently | | existingClusterAgent.serviceName | string | `nil` | Existing service name to use for reaching the external Cluster Agent | | existingClusterAgent.tokenSecretName | string | `nil` | Existing secret name to use for external Cluster Agent token | +| fips.enabled | bool | `false` | | +| fips.image.digest | string | `""` | Define the FIPS sidecar image digest to use, takes precedence over `fips.image.tag` if specified. | +| fips.image.name | string | `"fips-proxy"` | | +| fips.image.pullPolicy | string | `"IfNotPresent"` | Datadog the FIPS sidecar image pull policy | +| fips.image.repository | string | `nil` | | +| fips.image.tag | string | `"0.5.0"` | | +| fips.local_address | string | `"127.0.0.1"` | | +| fips.port | int | `9803` | | +| fips.portRange | int | `15` | | +| fips.resources | object | `{}` | Resource requests and limits for the FIPS sidecar container. | +| fips.use_https | bool | `false` | | | fullnameOverride | string | `nil` | Override the full qualified app name | | kube-state-metrics.image.repository | string | `"registry.k8s.io/kube-state-metrics/kube-state-metrics"` | Default kube-state-metrics image repository. | | kube-state-metrics.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | Node selector for KSM. KSM only supports Linux. | diff --git a/charts/datadog/datadog/templates/_container-agent.yaml b/charts/datadog/datadog/templates/_container-agent.yaml index a42bf3220..8ce5c245a 100644 --- a/charts/datadog/datadog/templates/_container-agent.yaml +++ b/charts/datadog/datadog/templates/_container-agent.yaml @@ -57,6 +57,7 @@ {{- end }} env: {{- include "containers-common-env" . | nindent 4 }} + {{- include "fips-envvar" . | nindent 4 }} {{- if .Values.datadog.logLevel }} - name: DD_LOG_LEVEL value: {{ .Values.agents.containers.agent.logLevel | default .Values.datadog.logLevel | quote }} diff --git a/charts/datadog/datadog/templates/_container-fips-proxy.yaml b/charts/datadog/datadog/templates/_container-fips-proxy.yaml new file mode 100644 index 000000000..b9846a8b2 --- /dev/null +++ b/charts/datadog/datadog/templates/_container-fips-proxy.yaml @@ -0,0 +1,32 @@ +{{- define "fips-proxy" -}} +- name: fips-proxy + image: "{{ include "image-path" (dict "root" .Values "image" .Values.fips.image) }}" + imagePullPolicy: {{ .Values.fips.image.pullPolicy }} + ports: + {{- $portMax := add (.Values.fips.port | int) (.Values.fips.portRange | int) -}} + {{- $portRange := untilStep (.Values.fips.port | int) ($portMax | int) 1 }} + {{- range $index, $port := $portRange }} + - name: port-{{ $index }} + containerPort: {{ $port }} + protocol: TCP + {{- end }} + env: + - name: DD_FIPS_LOCAL_ADDRESS + value: {{ .Values.fips.local_address | quote }} + resources: +{{ toYaml .Values.fips.resources | indent 4 }} + # TODO Add config to monitor journald +{{- end -}} + +{{- define "fips-envvar" -}} +{{- if eq (include "should-enable-fips" .) "true" }} +- name: DD_FIPS_ENABLED + value: {{ .Values.fips.enabled | quote }} +- name: DD_FIPS_PORT_RANGE_START + value: {{ .Values.fips.port | quote }} +- name: DD_FIPS_HTTPS + value: {{ .Values.fips.use_https | quote }} +- name: DD_FIPS_LOCAL_ADDRESS + value: {{ .Values.fips.local_address | quote }} +{{- end }} +{{- end -}} diff --git a/charts/datadog/datadog/templates/_container-process-agent.yaml b/charts/datadog/datadog/templates/_container-process-agent.yaml index 26f1747d9..2bcad852b 100644 --- a/charts/datadog/datadog/templates/_container-process-agent.yaml +++ b/charts/datadog/datadog/templates/_container-process-agent.yaml @@ -27,6 +27,7 @@ env: {{- include "containers-common-env" . | nindent 4 }} {{- include "containers-cluster-agent-env" . | nindent 4 }} + {{- include "fips-envvar" . | nindent 4 }} {{- if .Values.datadog.processAgent.processCollection }} - name: DD_PROCESS_AGENT_ENABLED value: "true" diff --git a/charts/datadog/datadog/templates/_container-security-agent.yaml b/charts/datadog/datadog/templates/_container-security-agent.yaml index de63c391c..08e2b8491 100644 --- a/charts/datadog/datadog/templates/_container-security-agent.yaml +++ b/charts/datadog/datadog/templates/_container-security-agent.yaml @@ -26,6 +26,7 @@ env: {{- include "containers-common-env" . | nindent 4 }} {{- include "containers-cluster-agent-env" . | nindent 4 }} + {{- include "fips-envvar" . | nindent 4 }} - name: DD_LOG_LEVEL value: {{ .Values.agents.containers.securityAgent.logLevel | default .Values.datadog.logLevel | quote }} - name: DD_COMPLIANCE_CONFIG_ENABLED diff --git a/charts/datadog/datadog/templates/_container-trace-agent.yaml b/charts/datadog/datadog/templates/_container-trace-agent.yaml index a1eb61f21..c54245e8a 100644 --- a/charts/datadog/datadog/templates/_container-trace-agent.yaml +++ b/charts/datadog/datadog/templates/_container-trace-agent.yaml @@ -33,6 +33,7 @@ env: {{- include "containers-common-env" . | nindent 4 }} {{- include "containers-cluster-agent-env" . | nindent 4 }} + {{- include "fips-envvar" . | nindent 4 }} - name: DD_LOG_LEVEL value: {{ .Values.agents.containers.traceAgent.logLevel | default .Values.datadog.logLevel | quote }} - name: DD_APM_ENABLED diff --git a/charts/datadog/datadog/templates/_daemonset-volumes-linux.yaml b/charts/datadog/datadog/templates/_daemonset-volumes-linux.yaml index c9d5a4c90..d8577415e 100644 --- a/charts/datadog/datadog/templates/_daemonset-volumes-linux.yaml +++ b/charts/datadog/datadog/templates/_daemonset-volumes-linux.yaml @@ -27,6 +27,11 @@ name: etc-lsb-release {{- end }} {{- end -}} +{{- if eq (include "should-enable-fips" .) "true" }} +- name: fips-config + configMap: + name: {{ template "datadog.fullname" . }}-fips-config +{{- end }} {{- if eq (include "should-mount-hostPath-for-dsd-socket" .) "true" }} - hostPath: path: {{ .Values.datadog.dogstatsd.hostSocketPath }} diff --git a/charts/datadog/datadog/templates/_helpers.tpl b/charts/datadog/datadog/templates/_helpers.tpl index 178cf7103..83a7cb0c9 100644 --- a/charts/datadog/datadog/templates/_helpers.tpl +++ b/charts/datadog/datadog/templates/_helpers.tpl @@ -305,6 +305,17 @@ false {{- end -}} {{- end -}} +{{/* +Return true if the fips side car container should be created. +*/}} +{{- define "should-enable-fips" -}} +{{- if and (not .Values.providers.gke.autopilot) (eq .Values.targetSystem "linux") .Values.fips.enabled -}} +true +{{- else -}} +false +{{- end -}} +{{- end -}} + {{/* Return true if the security-agent container should be created. */}} diff --git a/charts/datadog/datadog/templates/agent-clusterchecks-deployment.yaml b/charts/datadog/datadog/templates/agent-clusterchecks-deployment.yaml index 462dd8d44..b00f52f67 100644 --- a/charts/datadog/datadog/templates/agent-clusterchecks-deployment.yaml +++ b/charts/datadog/datadog/templates/agent-clusterchecks-deployment.yaml @@ -101,6 +101,9 @@ spec: resources: {{ toYaml .Values.agents.containers.initContainers.resources | indent 10 }} containers: + {{- if eq (include "should-enable-fips" .) "true" }} + {{- include "fips-proxy" . | nindent 6 }} + {{- end }} - name: agent image: "{{ include "image-path" (dict "root" .Values "image" .Values.clusterChecksRunner.image) }}" command: ["bash", "-c"] @@ -191,6 +194,7 @@ spec: - name: DD_CLUSTER_NAME value: {{ .Values.datadog.clusterName | quote }} {{- end }} + {{- include "fips-envvar" . | nindent 10 }} {{- include "additional-env-entries" .Values.clusterChecksRunner.env | indent 10 }} {{- include "additional-env-dict-entries" .Values.clusterChecksRunner.envDict | indent 10 }} resources: diff --git a/charts/datadog/datadog/templates/cluster-agent-deployment.yaml b/charts/datadog/datadog/templates/cluster-agent-deployment.yaml index 27d818f96..f14726e23 100644 --- a/charts/datadog/datadog/templates/cluster-agent-deployment.yaml +++ b/charts/datadog/datadog/templates/cluster-agent-deployment.yaml @@ -66,7 +66,6 @@ spec: {{- if .Values.clusterAgent.podAnnotations }} {{ tpl (toYaml .Values.clusterAgent.podAnnotations) . | indent 8 }} {{- end }} - spec: {{- if .Values.clusterAgent.shareProcessNamespace }} shareProcessNamespace: {{ .Values.clusterAgent.shareProcessNamespace }} @@ -116,6 +115,9 @@ spec: - name: config mountPath: /opt/datadog-agent containers: + {{- if eq (include "should-enable-fips" .) "true" }} + {{- include "fips-proxy" . | nindent 6 }} + {{- end }} - name: cluster-agent image: "{{ include "image-path" (dict "root" .Values "image" .Values.clusterAgent.image) }}" {{- with .Values.clusterAgent.command }} @@ -287,6 +289,7 @@ spec: value: {{ .Values.datadog.prometheusScrape.version | quote }} {{- end }} {{- end }} + {{- include "fips-envvar" . | nindent 10 }} {{- include "additional-env-entries" .Values.clusterAgent.env | indent 10 }} {{- include "additional-env-dict-entries" .Values.clusterAgent.envDict | indent 10 }} livenessProbe: diff --git a/charts/datadog/datadog/templates/daemonset.yaml b/charts/datadog/datadog/templates/daemonset.yaml index e836238e4..500f87fc0 100644 --- a/charts/datadog/datadog/templates/daemonset.yaml +++ b/charts/datadog/datadog/templates/daemonset.yaml @@ -112,6 +112,9 @@ spec: {{- if eq (include "should-enable-trace-agent" .) "true" }} {{- include "container-trace-agent" . | nindent 6 }} {{- end }} + {{- if eq (include "should-enable-fips" .) "true" }} + {{- include "fips-proxy" . | nindent 6 }} + {{- end }} {{- if .Values.datadog.processAgent.enabled }} {{- include "container-process-agent" . | nindent 6 }} {{- end }} diff --git a/charts/datadog/datadog/templates/system-probe-configmap.yaml b/charts/datadog/datadog/templates/system-probe-configmap.yaml index 8321a35e1..12e01d26a 100644 --- a/charts/datadog/datadog/templates/system-probe-configmap.yaml +++ b/charts/datadog/datadog/templates/system-probe-configmap.yaml @@ -166,6 +166,7 @@ data: "lstat", "lstat64", "madvise", + "memfd_create", "mkdir", "mkdirat", "mmap", diff --git a/charts/datadog/datadog/values.yaml b/charts/datadog/datadog/values.yaml index 5d49ca852..48f615c33 100644 --- a/charts/datadog/datadog/values.yaml +++ b/charts/datadog/datadog/values.yaml @@ -1130,6 +1130,48 @@ existingClusterAgent: # existingClusterAgent.clusterchecksEnabled -- set this to false if you don’t want the agents to run the cluster checks of the joined external cluster agent clusterchecksEnabled: true +# fips is used to enable the fips sidecar container for GOVCLOUD environments. +fips: + + enabled: false + + # TODO: Option to override config of the FIPS side car: /etc/datadog-fips-proxy/datadog-fips-proxy.cfg + # customConfig: false + + # fips.port specifies which port is used by the containers to communicate to the FIPS sidecar. + port: 9803 + + # fips.portRange specifies the number of ports used, defaults to 13 https://github.com/DataDog/datadog-agent/blob/7.44.x/pkg/config/config.go#L1564-L1577 + portRange: 15 + + use_https: false + # fips.resources -- Resource requests and limits for the FIPS sidecar container. + resources: {} + # limits: + # cpu: 100m + # memory: 256Mi + # requests: + # cpu: 20m + # memory: 64Mi + + local_address: "127.0.0.1" + ## Define the Datadog image to work with + image: + ## fips.image.name -- Define the FIPS sidecar container image name. + name: fips-proxy + + # agents.image.tag -- Define the FIPS sidecar container version to use. + tag: 0.5.0 + + # fips.image.pullPolicy -- Datadog the FIPS sidecar image pull policy + pullPolicy: IfNotPresent + + # fips.image.digest -- Define the FIPS sidecar image digest to use, takes precedence over `fips.image.tag` if specified. + digest: "" + + # agents.image.repository -- Override default registry + image.name for Agent + repository: + agents: # agents.enabled -- You should keep Datadog DaemonSet enabled! diff --git a/charts/gitlab/gitlab/CHANGELOG.md b/charts/gitlab/gitlab/CHANGELOG.md index 71e8c99ac..6a7c994ec 100644 --- a/charts/gitlab/gitlab/CHANGELOG.md +++ b/charts/gitlab/gitlab/CHANGELOG.md @@ -2,6 +2,10 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 6.11.1 (2023-05-01) + +No changes. + ## 6.11.0 (2023-04-21) ### Added (7 changes) diff --git a/charts/gitlab/gitlab/Chart.yaml b/charts/gitlab/gitlab/Chart.yaml index 113f37007..f1475cdb6 100644 --- a/charts/gitlab/gitlab/Chart.yaml +++ b/charts/gitlab/gitlab/Chart.yaml @@ -3,7 +3,7 @@ annotations: catalog.cattle.io/display-name: GitLab catalog.cattle.io/release-name: gitlab apiVersion: v1 -appVersion: 15.11.0 +appVersion: 15.11.1 description: The One DevOps Platform home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.png @@ -15,4 +15,4 @@ maintainers: name: gitlab sources: - https://gitlab.com/gitlab-org/charts/gitlab -version: 6.11.0 +version: 6.11.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/geo-logcursor/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/geo-logcursor/Chart.yaml index 699fbfc79..4088b546e 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/geo-logcursor/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/geo-logcursor/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.11.0 +appVersion: 15.11.1 description: GitLab Geo logcursor home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -12,4 +12,4 @@ name: geo-logcursor sources: - https://gitlab.com/charts/gitlab/tree/master/charts/gitlab/charts/geo-logcursor - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-rails -version: 6.11.0 +version: 6.11.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/gitaly/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/gitaly/Chart.yaml index 6d0b8ff3d..29fc51da9 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/gitaly/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/gitaly/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.11.0 +appVersion: 15.11.1 description: Git RPC service for handling all the git calls made by GitLab home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -13,4 +13,4 @@ name: gitaly sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitaly - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitaly -version: 6.11.0 +version: 6.11.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-exporter/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-exporter/Chart.yaml index 432da6160..24a4d4827 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-exporter/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-exporter/Chart.yaml @@ -14,4 +14,4 @@ sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-exporter - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-exporter - https://gitlab.com/gitlab-org/gitlab-exporter -version: 6.11.0 +version: 6.11.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-grafana/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-grafana/Chart.yaml index fc1e766c5..7c3cb2acd 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-grafana/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-grafana/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.11.0 +appVersion: 15.11.1 description: Adapt the Grafana chart to interface to the GitLab App home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -13,4 +13,4 @@ name: gitlab-grafana sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-grafana - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-grafana -version: 6.11.0 +version: 6.11.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-pages/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-pages/Chart.yaml index f4265c9b6..ce1c50792 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-pages/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-pages/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.11.0 +appVersion: 15.11.1 description: Daemon for serving static websites from GitLab projects home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -14,4 +14,4 @@ sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-pages - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-pages - https://gitlab.com/gitlab-org/gitlab-pages -version: 6.11.0 +version: 6.11.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-shell/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-shell/Chart.yaml index f7d775cc4..56d847f39 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-shell/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-shell/Chart.yaml @@ -14,4 +14,4 @@ name: gitlab-shell sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-shell - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-shell -version: 6.11.0 +version: 6.11.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/kas/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/kas/Chart.yaml index 5ef304bda..c9a14b9e2 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/kas/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/kas/Chart.yaml @@ -17,4 +17,4 @@ name: kas sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-kas - https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent -version: 6.11.0 +version: 6.11.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/mailroom/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/mailroom/Chart.yaml index 7674a4c42..1f8f5515e 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/mailroom/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/mailroom/Chart.yaml @@ -13,4 +13,4 @@ name: mailroom sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/mailroom - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-mailroom -version: 6.11.0 +version: 6.11.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/migrations/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/migrations/Chart.yaml index 68594c961..a07588e1a 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/migrations/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/migrations/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.11.0 +appVersion: 15.11.1 description: Database migrations and other versioning tasks for upgrading Gitlab home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -12,4 +12,4 @@ name: migrations sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/migrations - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-rails -version: 6.11.0 +version: 6.11.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/praefect/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/praefect/Chart.yaml index c29d1d1fd..d84bfd405 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/praefect/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/praefect/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.11.0 +appVersion: 15.11.1 description: Praefect is a router and transaction manager for Gitaly, and a required component for running a Gitaly Cluster. home: https://about.gitlab.com/ @@ -16,4 +16,4 @@ sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/praefect - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitaly - https://gitlab.com/gitlab-org/gitaly/-/tree/master/cmd/praefect -version: 6.11.0 +version: 6.11.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/sidekiq/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/sidekiq/Chart.yaml index 959e81b7b..5a74e6215 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/sidekiq/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/sidekiq/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.11.0 +appVersion: 15.11.1 description: Gitlab Sidekiq for asynchronous task processing in rails home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -13,4 +13,4 @@ name: sidekiq sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/sidekiq - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-sidekiq -version: 6.11.0 +version: 6.11.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/spamcheck/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/spamcheck/Chart.yaml index a5ce8d255..be69db9ba 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/spamcheck/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/spamcheck/Chart.yaml @@ -14,4 +14,4 @@ name: spamcheck sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/spamcheck - https://gitlab.com/gitlab-org/spamcheck -version: 6.11.0 +version: 6.11.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/toolbox/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/toolbox/Chart.yaml index 8e62e9be7..2b65a51b1 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/toolbox/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/toolbox/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.11.0 +appVersion: 15.11.1 description: For manually running rake tasks through kubectl home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -13,4 +13,4 @@ name: toolbox sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/toolbox - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-toolbox -version: 6.11.0 +version: 6.11.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/webservice/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/webservice/Chart.yaml index 9050c8b77..a3054887c 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/webservice/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/webservice/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.11.0 +appVersion: 15.11.1 description: HTTP server for Gitlab home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -14,4 +14,4 @@ name: webservice sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/webservice - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-webservice -version: 6.11.0 +version: 6.11.1 diff --git a/charts/gitlab/gitlab/requirements.lock b/charts/gitlab/gitlab/requirements.lock index 11a8cbdab..b28e00204 100644 --- a/charts/gitlab/gitlab/requirements.lock +++ b/charts/gitlab/gitlab/requirements.lock @@ -36,4 +36,4 @@ dependencies: repository: https://charts.gitlab.io/ version: 0.3.0 digest: sha256:67477d660a351df330393ce9ed84458eafbc419de2c454339ed7539bde9c45ca -generated: "2023-04-22T14:06:15.482471816Z" +generated: "2023-05-02T08:38:21.039235366Z" diff --git a/charts/gitlab/gitlab/values.yaml b/charts/gitlab/gitlab/values.yaml index bd6b2d6e7..84b1bfddd 100644 --- a/charts/gitlab/gitlab/values.yaml +++ b/charts/gitlab/gitlab/values.yaml @@ -40,7 +40,7 @@ global: edition: ee ## https://docs.gitlab.com/charts/charts/globals#gitlab-version - gitlabVersion: "15.11.0" + gitlabVersion: "15.11.1" ## https://docs.gitlab.com/charts/charts/globals#application-resource application: diff --git a/charts/haproxy/haproxy/Chart.yaml b/charts/haproxy/haproxy/Chart.yaml index e934528c3..a7d2e9f30 100644 --- a/charts/haproxy/haproxy/Chart.yaml +++ b/charts/haproxy/haproxy/Chart.yaml @@ -1,6 +1,7 @@ annotations: artifacthub.io/changes: | - - Allow strategy override for Daemonset deployments (#186) + - Allow strategy override for DaemonSet deployments (#186) + - Keep rollingUpdate defaults for both DaemonSet and Deployment (#186, #189) catalog.cattle.io/certified: partner catalog.cattle.io/display-name: HAProxy Kubernetes Ingress Controller catalog.cattle.io/kube-version: '>=1.22.0-0' @@ -21,4 +22,4 @@ name: haproxy sources: - https://github.com/haproxytech/kubernetes-ingress type: application -version: 1.30.3 +version: 1.30.4 diff --git a/charts/haproxy/haproxy/values.yaml b/charts/haproxy/haproxy/values.yaml index a820c6d63..7989f6408 100644 --- a/charts/haproxy/haproxy/values.yaml +++ b/charts/haproxy/haproxy/values.yaml @@ -440,11 +440,9 @@ controller: ## Controller deployment strategy definition ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy + ## ref: https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/ strategy: type: RollingUpdate - rollingUpdate: - maxUnavailable: 0 - maxSurge: 1 ## Controller Pod PriorityClass ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass diff --git a/charts/instana/instana-agent/Chart.yaml b/charts/instana/instana-agent/Chart.yaml index ff404498e..5d7442d35 100644 --- a/charts/instana/instana-agent/Chart.yaml +++ b/charts/instana/instana-agent/Chart.yaml @@ -9,7 +9,7 @@ annotations: catalog.cattle.io/kube-version: '>=1.21-0' catalog.cattle.io/release-name: instana-agent apiVersion: v2 -appVersion: 1.246.0 +appVersion: 1.248.0 description: Instana Agent for Kubernetes home: https://www.instana.com/ icon: https://agents.instana.io/helm/stan-logo-2020.png @@ -23,4 +23,4 @@ maintainers: name: instana-agent sources: - https://github.com/instana/instana-agent-docker -version: 1.2.57 +version: 1.2.58 diff --git a/charts/instana/instana-agent/README.md b/charts/instana/instana-agent/README.md index 408ba6f95..5091e9f60 100644 --- a/charts/instana/instana-agent/README.md +++ b/charts/instana/instana-agent/README.md @@ -333,6 +333,9 @@ zones: ## Changelog +### 1.2.58 +* Default to `internalTrafficPolicy` instead of `topologyKeys` for rendering of static YAMLs + ### 1.2.57 * Fix vulnerability in the leader-elector image diff --git a/charts/instana/instana-agent/templates/service.yaml b/charts/instana/instana-agent/templates/service.yaml index 1644dfed2..1a51a709e 100644 --- a/charts/instana/instana-agent/templates/service.yaml +++ b/charts/instana/instana-agent/templates/service.yaml @@ -35,13 +35,11 @@ spec: port: 4318 targetPort: 4318 {{- end -}} - - {{- if semverCompare ">= 1.22.x" (include "kubeVersion" .) }} + {{- if semverCompare "< 1.22.x" (include "kubeVersion" .) }} # since we run agents as DaemonSets we assume every node has this Service available: - internalTrafficPolicy: Local - - {{- else }} topologyKeys: - "kubernetes.io/hostname" + {{- else }} + internalTrafficPolicy: Local {{- end -}} {{- end -}} diff --git a/charts/jenkins/jenkins/CHANGELOG.md b/charts/jenkins/jenkins/CHANGELOG.md index a09fc45b4..833920426 100644 --- a/charts/jenkins/jenkins/CHANGELOG.md +++ b/charts/jenkins/jenkins/CHANGELOG.md @@ -12,6 +12,11 @@ Use the following links to reference issues, PRs, and commits prior to v2.6.0. The changelog until v1.5.7 was auto-generated based on git commits. Those entries include a reference to the git commit to be able to get more details. +## 4.3.23 + +Update Jenkins image and appVersion to jenkins lts release version 2.387.3 + + ## 4.3.22 diff --git a/charts/jenkins/jenkins/Chart.yaml b/charts/jenkins/jenkins/Chart.yaml index 9f68f4d57..5a1dfce40 100644 --- a/charts/jenkins/jenkins/Chart.yaml +++ b/charts/jenkins/jenkins/Chart.yaml @@ -2,7 +2,7 @@ annotations: artifacthub.io/category: integration-delivery artifacthub.io/images: | - name: jenkins - image: jenkins/jenkins:2.387.2-jdk11 + image: jenkins/jenkins:2.387.3-jdk11 - name: k8s-sidecar image: kiwigrid/k8s-sidecar:1.23.1 - name: inbound-agent @@ -22,7 +22,7 @@ annotations: catalog.cattle.io/kube-version: '>=1.14-0' catalog.cattle.io/release-name: jenkins apiVersion: v2 -appVersion: 2.387.2 +appVersion: 2.387.3 description: Jenkins - Build great things at any scale! The leading open source automation server, Jenkins provides hundreds of plugins to support building, deploying and automating any project. @@ -49,4 +49,4 @@ sources: - https://github.com/jenkinsci/docker-inbound-agent - https://github.com/maorfr/kube-tasks - https://github.com/jenkinsci/configuration-as-code-plugin -version: 4.3.22 +version: 4.3.23 diff --git a/charts/jenkins/jenkins/values.yaml b/charts/jenkins/jenkins/values.yaml index 6073875b0..f467c4f23 100644 --- a/charts/jenkins/jenkins/values.yaml +++ b/charts/jenkins/jenkins/values.yaml @@ -19,7 +19,7 @@ controller: # Used for label app.kubernetes.io/component componentName: "jenkins-controller" image: "jenkins/jenkins" - # tag: "2.387.2-jdk11" + # tag: "2.387.3-jdk11" tagLabel: jdk11 imagePullPolicy: "Always" imagePullSecretName: diff --git a/charts/percona/pxc-db/Chart.yaml b/charts/percona/pxc-db/Chart.yaml index 275b6a9d2..27396111f 100644 --- a/charts/percona/pxc-db/Chart.yaml +++ b/charts/percona/pxc-db/Chart.yaml @@ -19,4 +19,4 @@ maintainers: - email: natalia.marukovich@percona.com name: nmarukovich name: pxc-db -version: 1.12.0 +version: 1.12.1 diff --git a/charts/percona/pxc-db/crds/crd.yaml b/charts/percona/pxc-db/crds/crd.yaml deleted file mode 100644 index b3f0a5a12..000000000 --- a/charts/percona/pxc-db/crds/crd.yaml +++ /dev/null @@ -1,8886 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null - name: perconaxtradbclusterbackups.pxc.percona.com -spec: - group: pxc.percona.com - names: - kind: PerconaXtraDBClusterBackup - listKind: PerconaXtraDBClusterBackupList - plural: perconaxtradbclusterbackups - shortNames: - - pxc-backup - - pxc-backups - singular: perconaxtradbclusterbackup - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Cluster name - jsonPath: .spec.pxcCluster - name: Cluster - type: string - - description: Storage name from pxc spec - jsonPath: .status.storageName - name: Storage - type: string - - description: Backup destination - jsonPath: .status.destination - name: Destination - type: string - - description: Job status - jsonPath: .status.state - name: Status - type: string - - description: Completed time - jsonPath: .status.completed - name: Completed - type: date - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - priorityClassName: - type: string - schedulerName: - type: string - spec: - properties: - pxcCluster: - type: string - storageName: - type: string - type: object - status: - properties: - azure: - properties: - container: - type: string - credentialsSecret: - type: string - endpointUrl: - type: string - storageClass: - type: string - type: object - completed: - format: date-time - type: string - conditions: - items: - properties: - lastTransitionTime: - format: date-time - type: string - message: - maxLength: 32768 - type: string - observedGeneration: - format: int64 - minimum: 0 - type: integer - reason: - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - enum: - - "True" - - "False" - - Unknown - type: string - type: - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - destination: - type: string - image: - type: string - lastscheduled: - format: date-time - type: string - s3: - properties: - bucket: - type: string - credentialsSecret: - type: string - endpointUrl: - type: string - region: - type: string - type: object - sslInternalSecretName: - type: string - sslSecretName: - type: string - state: - type: string - storage_type: - type: string - storageName: - type: string - vaultSecretName: - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null - name: perconaxtradbclusterrestores.pxc.percona.com -spec: - group: pxc.percona.com - names: - kind: PerconaXtraDBClusterRestore - listKind: PerconaXtraDBClusterRestoreList - plural: perconaxtradbclusterrestores - shortNames: - - pxc-restore - - pxc-restores - singular: perconaxtradbclusterrestore - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: Cluster name - jsonPath: .spec.pxcCluster - name: Cluster - type: string - - description: Job status - jsonPath: .status.state - name: Status - type: string - - description: Completed time - jsonPath: .status.completed - name: Completed - type: date - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - properties: - backupName: - type: string - backupSource: - properties: - azure: - properties: - container: - type: string - credentialsSecret: - type: string - endpointUrl: - type: string - storageClass: - type: string - type: object - completed: - format: date-time - type: string - conditions: - items: - properties: - lastTransitionTime: - format: date-time - type: string - message: - maxLength: 32768 - type: string - observedGeneration: - format: int64 - minimum: 0 - type: integer - reason: - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - enum: - - "True" - - "False" - - Unknown - type: string - type: - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - destination: - type: string - image: - type: string - lastscheduled: - format: date-time - type: string - s3: - properties: - bucket: - type: string - credentialsSecret: - type: string - endpointUrl: - type: string - region: - type: string - type: object - sslInternalSecretName: - type: string - sslSecretName: - type: string - state: - type: string - storage_type: - type: string - storageName: - type: string - vaultSecretName: - type: string - type: object - pitr: - properties: - backupSource: - properties: - azure: - properties: - container: - type: string - credentialsSecret: - type: string - endpointUrl: - type: string - storageClass: - type: string - type: object - completed: - format: date-time - type: string - conditions: - items: - properties: - lastTransitionTime: - format: date-time - type: string - message: - maxLength: 32768 - type: string - observedGeneration: - format: int64 - minimum: 0 - type: integer - reason: - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - enum: - - "True" - - "False" - - Unknown - type: string - type: - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - destination: - type: string - image: - type: string - lastscheduled: - format: date-time - type: string - s3: - properties: - bucket: - type: string - credentialsSecret: - type: string - endpointUrl: - type: string - region: - type: string - type: object - sslInternalSecretName: - type: string - sslSecretName: - type: string - state: - type: string - storage_type: - type: string - storageName: - type: string - vaultSecretName: - type: string - type: object - date: - type: string - gtid: - type: string - type: - type: string - type: object - pxcCluster: - type: string - type: object - status: - properties: - comments: - type: string - completed: - format: date-time - type: string - lastscheduled: - format: date-time - type: string - state: - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null - name: perconaxtradbclusters.pxc.percona.com -spec: - group: pxc.percona.com - names: - kind: PerconaXtraDBCluster - listKind: PerconaXtraDBClusterList - plural: perconaxtradbclusters - shortNames: - - pxc - - pxcs - singular: perconaxtradbcluster - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .status.host - name: ENDPOINT - type: string - - jsonPath: .status.state - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - deprecationWarning: pxc.percona.com/v1-2-0 PerconaXtraDBCluster is deprecated - and will be removed in v1.16.0; see v1.12.0 release notes for instructions to - migrate to pxc.percona.com/v1 - name: v1-2-0 - schema: - openAPIV3Schema: - properties: - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - served: false - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.host - name: ENDPOINT - type: string - - jsonPath: .status.state - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - deprecationWarning: pxc.percona.com/v1-3-0 PerconaXtraDBCluster is deprecated - and will be removed in v1.16.0; see v1.12.0 release notes for instructions to - migrate to pxc.percona.com/v1 - name: v1-3-0 - schema: - openAPIV3Schema: - properties: - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - served: false - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.host - name: ENDPOINT - type: string - - jsonPath: .status.state - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - deprecationWarning: pxc.percona.com/v1-4-0 PerconaXtraDBCluster is deprecated - and will be removed in v1.16.0; see v1.12.0 release notes for instructions to - migrate to pxc.percona.com/v1 - name: v1-4-0 - schema: - openAPIV3Schema: - properties: - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - served: false - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.host - name: ENDPOINT - type: string - - jsonPath: .status.state - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - deprecationWarning: pxc.percona.com/v1-5-0 PerconaXtraDBCluster is deprecated - and will be removed in v1.16.0; see v1.12.0 release notes for instructions to - migrate to pxc.percona.com/v1 - name: v1-5-0 - schema: - openAPIV3Schema: - properties: - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - served: false - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.host - name: ENDPOINT - type: string - - jsonPath: .status.state - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - deprecationWarning: pxc.percona.com/v1-6-0 PerconaXtraDBCluster is deprecated - and will be removed in v1.16.0; see v1.12.0 release notes for instructions to - migrate to pxc.percona.com/v1 - name: v1-6-0 - schema: - openAPIV3Schema: - properties: - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - served: false - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.host - name: ENDPOINT - type: string - - jsonPath: .status.state - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - deprecationWarning: pxc.percona.com/v1-7-0 PerconaXtraDBCluster is deprecated - and will be removed in v1.16.0; see v1.12.0 release notes for instructions to - migrate to pxc.percona.com/v1 - name: v1-7-0 - schema: - openAPIV3Schema: - properties: - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - served: false - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.host - name: ENDPOINT - type: string - - jsonPath: .status.state - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - deprecationWarning: pxc.percona.com/v1-8-0 PerconaXtraDBCluster is deprecated - and will be removed in v1.16.0; see v1.12.0 release notes for instructions to - migrate to pxc.percona.com/v1 - name: v1-8-0 - schema: - openAPIV3Schema: - properties: - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - served: false - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.host - name: ENDPOINT - type: string - - jsonPath: .status.state - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - deprecationWarning: pxc.percona.com/v1-9-0 PerconaXtraDBCluster is deprecated - and will be removed in v1.16.0; see v1.12.0 release notes for instructions to - migrate to pxc.percona.com/v1 - name: v1-9-0 - schema: - openAPIV3Schema: - properties: - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - served: false - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.host - name: ENDPOINT - type: string - - jsonPath: .status.state - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - deprecationWarning: pxc.percona.com/v1-10-0 PerconaXtraDBCluster is deprecated - and will be removed in v1.16.0; see v1.12.0 release notes for instructions to - migrate to pxc.percona.com/v1 - name: v1-10-0 - schema: - openAPIV3Schema: - properties: - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.host - name: ENDPOINT - type: string - - jsonPath: .status.state - name: Status - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - deprecationWarning: pxc.percona.com/v1-11-0 PerconaXtraDBCluster is deprecated - and will be removed in v1.16.0; see v1.12.0 release notes for instructions to - migrate to pxc.percona.com/v1 - name: v1-11-0 - schema: - openAPIV3Schema: - properties: - spec: - type: object - x-kubernetes-preserve-unknown-fields: true - status: - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .status.host - name: Endpoint - type: string - - jsonPath: .status.state - name: Status - type: string - - description: Ready pxc nodes - jsonPath: .status.pxc.ready - name: PXC - type: string - - description: Ready proxysql nodes - jsonPath: .status.proxysql.ready - name: proxysql - type: string - - description: Ready haproxy nodes - jsonPath: .status.haproxy.ready - name: haproxy - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - properties: - allowUnsafeConfigurations: - type: boolean - backup: - properties: - annotations: - additionalProperties: - type: string - type: object - backoffLimit: - format: int32 - type: integer - image: - type: string - imagePullPolicy: - type: string - imagePullSecrets: - items: - properties: - name: - type: string - type: object - type: array - pitr: - properties: - enabled: - type: boolean - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - storageName: - type: string - timeBetweenUploads: - type: number - type: object - schedule: - items: - properties: - keep: - type: integer - name: - type: string - schedule: - type: string - storageName: - type: string - type: object - type: array - serviceAccountName: - type: string - storages: - additionalProperties: - properties: - affinity: - properties: - nodeAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - preference: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - properties: - nodeSelectorTerms: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - annotations: - additionalProperties: - type: string - type: object - azure: - properties: - container: - type: string - credentialsSecret: - type: string - endpointUrl: - type: string - storageClass: - type: string - type: object - containerSecurityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - properties: - localhostProfile: - type: string - type: - type: string - required: - - type - type: object - windowsOptions: - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - labels: - additionalProperties: - type: string - type: object - nodeSelector: - additionalProperties: - type: string - type: object - podSecurityContext: - properties: - fsGroup: - format: int64 - type: integer - fsGroupChangePolicy: - type: string - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - properties: - localhostProfile: - type: string - type: - type: string - required: - - type - type: object - supplementalGroups: - items: - format: int64 - type: integer - type: array - sysctls: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - windowsOptions: - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - priorityClassName: - type: string - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - runtimeClassName: - type: string - s3: - properties: - bucket: - type: string - credentialsSecret: - type: string - endpointUrl: - type: string - region: - type: string - type: object - schedulerName: - type: string - tolerations: - items: - properties: - effect: - type: string - key: - type: string - operator: - type: string - tolerationSeconds: - format: int64 - type: integer - value: - type: string - type: object - type: array - type: - type: string - verifyTLS: - type: boolean - volume: - properties: - emptyDir: - properties: - medium: - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - hostPath: - properties: - path: - type: string - type: - type: string - required: - - path - type: object - persistentVolumeClaim: - properties: - accessModes: - items: - type: string - type: array - dataSource: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - dataSourceRef: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - storageClassName: - type: string - volumeMode: - type: string - volumeName: - type: string - type: object - type: object - type: object - type: object - type: object - crVersion: - type: string - enableCRValidationWebhook: - type: boolean - haproxy: - properties: - affinity: - properties: - advanced: - properties: - nodeAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - preference: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - properties: - nodeSelectorTerms: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - antiAffinityTopologyKey: - type: string - type: object - annotations: - additionalProperties: - type: string - type: object - configuration: - type: string - containerSecurityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - properties: - localhostProfile: - type: string - type: - type: string - required: - - type - type: object - windowsOptions: - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - enabled: - type: boolean - envVarsSecret: - type: string - externalTrafficPolicy: - type: string - forceUnsafeBootstrap: - type: boolean - gracePeriod: - format: int64 - type: integer - hookScript: - type: string - image: - type: string - imagePullPolicy: - type: string - imagePullSecrets: - items: - properties: - name: - type: string - type: object - type: array - labels: - additionalProperties: - type: string - type: object - livenessDelaySec: - format: int32 - type: integer - livenessProbes: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - required: - - port - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - loadBalancerIP: - type: string - loadBalancerSourceRanges: - items: - type: string - type: array - nodeSelector: - additionalProperties: - type: string - type: object - podDisruptionBudget: - properties: - maxUnavailable: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - minAvailable: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - podSecurityContext: - properties: - fsGroup: - format: int64 - type: integer - fsGroupChangePolicy: - type: string - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - properties: - localhostProfile: - type: string - type: - type: string - required: - - type - type: object - supplementalGroups: - items: - format: int64 - type: integer - type: array - sysctls: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - windowsOptions: - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - priorityClassName: - type: string - readinessDelaySec: - format: int32 - type: integer - readinessProbes: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - required: - - port - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - replicasExternalTrafficPolicy: - type: string - replicasLoadBalancerIP: - type: string - replicasLoadBalancerSourceRanges: - items: - type: string - type: array - replicasServiceAnnotations: - additionalProperties: - type: string - type: object - replicasServiceEnabled: - type: boolean - replicasServiceLabels: - additionalProperties: - type: string - type: object - replicasServiceType: - type: string - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - runtimeClassName: - type: string - schedulerName: - type: string - serviceAccountName: - type: string - serviceAnnotations: - additionalProperties: - type: string - type: object - serviceLabels: - additionalProperties: - type: string - type: object - serviceType: - type: string - sidecarPVCs: - items: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - properties: - accessModes: - items: - type: string - type: array - dataSource: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - dataSourceRef: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - storageClassName: - type: string - volumeMode: - type: string - volumeName: - type: string - type: object - status: - properties: - accessModes: - items: - type: string - type: array - allocatedResources: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - capacity: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - conditions: - items: - properties: - lastProbeTime: - format: date-time - type: string - lastTransitionTime: - format: date-time - type: string - message: - type: string - reason: - type: string - status: - type: string - type: - type: string - required: - - status - - type - type: object - type: array - phase: - type: string - resizeStatus: - type: string - type: object - type: object - type: array - sidecarResources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - sidecarVolumes: - items: - properties: - awsElasticBlockStore: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - azureDisk: - properties: - cachingMode: - type: string - diskName: - type: string - diskURI: - type: string - fsType: - type: string - kind: - type: string - readOnly: - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - properties: - readOnly: - type: boolean - secretName: - type: string - shareName: - type: string - required: - - secretName - - shareName - type: object - cephfs: - properties: - monitors: - items: - type: string - type: array - path: - type: string - readOnly: - type: boolean - secretFile: - type: string - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - monitors - type: object - cinder: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeID: - type: string - required: - - volumeID - type: object - configMap: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - csi: - properties: - driver: - type: string - fsType: - type: string - nodePublishSecretRef: - properties: - name: - type: string - type: object - readOnly: - type: boolean - volumeAttributes: - additionalProperties: - type: string - type: object - required: - - driver - type: object - downwardAPI: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - emptyDir: - properties: - medium: - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - ephemeral: - properties: - volumeClaimTemplate: - properties: - metadata: - type: object - spec: - properties: - accessModes: - items: - type: string - type: array - dataSource: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - dataSourceRef: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - storageClassName: - type: string - volumeMode: - type: string - volumeName: - type: string - type: object - required: - - spec - type: object - type: object - fc: - properties: - fsType: - type: string - lun: - format: int32 - type: integer - readOnly: - type: boolean - targetWWNs: - items: - type: string - type: array - wwids: - items: - type: string - type: array - type: object - flexVolume: - properties: - driver: - type: string - fsType: - type: string - options: - additionalProperties: - type: string - type: object - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - required: - - driver - type: object - flocker: - properties: - datasetName: - type: string - datasetUUID: - type: string - type: object - gcePersistentDisk: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - pdName: - type: string - readOnly: - type: boolean - required: - - pdName - type: object - gitRepo: - properties: - directory: - type: string - repository: - type: string - revision: - type: string - required: - - repository - type: object - glusterfs: - properties: - endpoints: - type: string - path: - type: string - readOnly: - type: boolean - required: - - endpoints - - path - type: object - hostPath: - properties: - path: - type: string - type: - type: string - required: - - path - type: object - iscsi: - properties: - chapAuthDiscovery: - type: boolean - chapAuthSession: - type: boolean - fsType: - type: string - initiatorName: - type: string - iqn: - type: string - iscsiInterface: - type: string - lun: - format: int32 - type: integer - portals: - items: - type: string - type: array - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - targetPortal: - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - type: string - nfs: - properties: - path: - type: string - readOnly: - type: boolean - server: - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - properties: - claimName: - type: string - readOnly: - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - properties: - fsType: - type: string - pdID: - type: string - required: - - pdID - type: object - portworxVolume: - properties: - fsType: - type: string - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - projected: - properties: - defaultMode: - format: int32 - type: integer - sources: - items: - properties: - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: - properties: - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - secret: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - serviceAccountToken: - properties: - audience: - type: string - expirationSeconds: - format: int64 - type: integer - path: - type: string - required: - - path - type: object - type: object - type: array - type: object - quobyte: - properties: - group: - type: string - readOnly: - type: boolean - registry: - type: string - tenant: - type: string - user: - type: string - volume: - type: string - required: - - registry - - volume - type: object - rbd: - properties: - fsType: - type: string - image: - type: string - keyring: - type: string - monitors: - items: - type: string - type: array - pool: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - image - - monitors - type: object - scaleIO: - properties: - fsType: - type: string - gateway: - type: string - protectionDomain: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - sslEnabled: - type: boolean - storageMode: - type: string - storagePool: - type: string - system: - type: string - volumeName: - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - optional: - type: boolean - secretName: - type: string - type: object - storageos: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeName: - type: string - volumeNamespace: - type: string - type: object - vsphereVolume: - properties: - fsType: - type: string - storagePolicyID: - type: string - storagePolicyName: - type: string - volumePath: - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array - sidecars: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - required: - - port - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - default: TCP - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - required: - - port - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - properties: - localhostProfile: - type: string - type: - type: string - required: - - type - type: object - windowsOptions: - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - startupProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - required: - - port - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - subPathExpr: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - size: - format: int32 - type: integer - sslInternalSecretName: - type: string - sslSecretName: - type: string - tolerations: - items: - properties: - effect: - type: string - key: - type: string - operator: - type: string - tolerationSeconds: - format: int64 - type: integer - value: - type: string - type: object - type: array - vaultSecretName: - type: string - volumeSpec: - properties: - emptyDir: - properties: - medium: - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - hostPath: - properties: - path: - type: string - type: - type: string - required: - - path - type: object - persistentVolumeClaim: - properties: - accessModes: - items: - type: string - type: array - dataSource: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - dataSourceRef: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - storageClassName: - type: string - volumeMode: - type: string - volumeName: - type: string - type: object - type: object - type: object - ignoreAnnotations: - items: - type: string - type: array - ignoreLabels: - items: - type: string - type: array - initImage: - type: string - logCollectorSecretName: - type: string - logcollector: - properties: - configuration: - type: string - containerSecurityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - properties: - localhostProfile: - type: string - type: - type: string - required: - - type - type: object - windowsOptions: - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - enabled: - type: boolean - hookScript: - type: string - image: - type: string - imagePullPolicy: - type: string - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - runtimeClassName: - type: string - type: object - pause: - type: boolean - platform: - type: string - pmm: - properties: - containerSecurityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - properties: - localhostProfile: - type: string - type: - type: string - required: - - type - type: object - windowsOptions: - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - enabled: - type: boolean - image: - type: string - imagePullPolicy: - type: string - proxysqlParams: - type: string - pxcParams: - type: string - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - runtimeClassName: - type: string - serverHost: - type: string - serverUser: - type: string - type: object - proxysql: - properties: - affinity: - properties: - advanced: - properties: - nodeAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - preference: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - properties: - nodeSelectorTerms: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - antiAffinityTopologyKey: - type: string - type: object - annotations: - additionalProperties: - type: string - type: object - configuration: - type: string - containerSecurityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - properties: - localhostProfile: - type: string - type: - type: string - required: - - type - type: object - windowsOptions: - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - enabled: - type: boolean - envVarsSecret: - type: string - externalTrafficPolicy: - type: string - forceUnsafeBootstrap: - type: boolean - gracePeriod: - format: int64 - type: integer - hookScript: - type: string - image: - type: string - imagePullPolicy: - type: string - imagePullSecrets: - items: - properties: - name: - type: string - type: object - type: array - labels: - additionalProperties: - type: string - type: object - livenessDelaySec: - format: int32 - type: integer - livenessProbes: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - required: - - port - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - loadBalancerIP: - type: string - loadBalancerSourceRanges: - items: - type: string - type: array - nodeSelector: - additionalProperties: - type: string - type: object - podDisruptionBudget: - properties: - maxUnavailable: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - minAvailable: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - podSecurityContext: - properties: - fsGroup: - format: int64 - type: integer - fsGroupChangePolicy: - type: string - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - properties: - localhostProfile: - type: string - type: - type: string - required: - - type - type: object - supplementalGroups: - items: - format: int64 - type: integer - type: array - sysctls: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - windowsOptions: - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - priorityClassName: - type: string - readinessDelaySec: - format: int32 - type: integer - readinessProbes: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - required: - - port - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - replicasExternalTrafficPolicy: - type: string - replicasServiceAnnotations: - additionalProperties: - type: string - type: object - replicasServiceLabels: - additionalProperties: - type: string - type: object - replicasServiceType: - type: string - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - runtimeClassName: - type: string - schedulerName: - type: string - serviceAccountName: - type: string - serviceAnnotations: - additionalProperties: - type: string - type: object - serviceLabels: - additionalProperties: - type: string - type: object - serviceType: - type: string - sidecarPVCs: - items: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - properties: - accessModes: - items: - type: string - type: array - dataSource: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - dataSourceRef: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - storageClassName: - type: string - volumeMode: - type: string - volumeName: - type: string - type: object - status: - properties: - accessModes: - items: - type: string - type: array - allocatedResources: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - capacity: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - conditions: - items: - properties: - lastProbeTime: - format: date-time - type: string - lastTransitionTime: - format: date-time - type: string - message: - type: string - reason: - type: string - status: - type: string - type: - type: string - required: - - status - - type - type: object - type: array - phase: - type: string - resizeStatus: - type: string - type: object - type: object - type: array - sidecarResources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - sidecarVolumes: - items: - properties: - awsElasticBlockStore: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - azureDisk: - properties: - cachingMode: - type: string - diskName: - type: string - diskURI: - type: string - fsType: - type: string - kind: - type: string - readOnly: - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - properties: - readOnly: - type: boolean - secretName: - type: string - shareName: - type: string - required: - - secretName - - shareName - type: object - cephfs: - properties: - monitors: - items: - type: string - type: array - path: - type: string - readOnly: - type: boolean - secretFile: - type: string - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - monitors - type: object - cinder: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeID: - type: string - required: - - volumeID - type: object - configMap: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - csi: - properties: - driver: - type: string - fsType: - type: string - nodePublishSecretRef: - properties: - name: - type: string - type: object - readOnly: - type: boolean - volumeAttributes: - additionalProperties: - type: string - type: object - required: - - driver - type: object - downwardAPI: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - emptyDir: - properties: - medium: - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - ephemeral: - properties: - volumeClaimTemplate: - properties: - metadata: - type: object - spec: - properties: - accessModes: - items: - type: string - type: array - dataSource: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - dataSourceRef: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - storageClassName: - type: string - volumeMode: - type: string - volumeName: - type: string - type: object - required: - - spec - type: object - type: object - fc: - properties: - fsType: - type: string - lun: - format: int32 - type: integer - readOnly: - type: boolean - targetWWNs: - items: - type: string - type: array - wwids: - items: - type: string - type: array - type: object - flexVolume: - properties: - driver: - type: string - fsType: - type: string - options: - additionalProperties: - type: string - type: object - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - required: - - driver - type: object - flocker: - properties: - datasetName: - type: string - datasetUUID: - type: string - type: object - gcePersistentDisk: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - pdName: - type: string - readOnly: - type: boolean - required: - - pdName - type: object - gitRepo: - properties: - directory: - type: string - repository: - type: string - revision: - type: string - required: - - repository - type: object - glusterfs: - properties: - endpoints: - type: string - path: - type: string - readOnly: - type: boolean - required: - - endpoints - - path - type: object - hostPath: - properties: - path: - type: string - type: - type: string - required: - - path - type: object - iscsi: - properties: - chapAuthDiscovery: - type: boolean - chapAuthSession: - type: boolean - fsType: - type: string - initiatorName: - type: string - iqn: - type: string - iscsiInterface: - type: string - lun: - format: int32 - type: integer - portals: - items: - type: string - type: array - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - targetPortal: - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - type: string - nfs: - properties: - path: - type: string - readOnly: - type: boolean - server: - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - properties: - claimName: - type: string - readOnly: - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - properties: - fsType: - type: string - pdID: - type: string - required: - - pdID - type: object - portworxVolume: - properties: - fsType: - type: string - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - projected: - properties: - defaultMode: - format: int32 - type: integer - sources: - items: - properties: - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: - properties: - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - secret: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - serviceAccountToken: - properties: - audience: - type: string - expirationSeconds: - format: int64 - type: integer - path: - type: string - required: - - path - type: object - type: object - type: array - type: object - quobyte: - properties: - group: - type: string - readOnly: - type: boolean - registry: - type: string - tenant: - type: string - user: - type: string - volume: - type: string - required: - - registry - - volume - type: object - rbd: - properties: - fsType: - type: string - image: - type: string - keyring: - type: string - monitors: - items: - type: string - type: array - pool: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - image - - monitors - type: object - scaleIO: - properties: - fsType: - type: string - gateway: - type: string - protectionDomain: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - sslEnabled: - type: boolean - storageMode: - type: string - storagePool: - type: string - system: - type: string - volumeName: - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - optional: - type: boolean - secretName: - type: string - type: object - storageos: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeName: - type: string - volumeNamespace: - type: string - type: object - vsphereVolume: - properties: - fsType: - type: string - storagePolicyID: - type: string - storagePolicyName: - type: string - volumePath: - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array - sidecars: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - required: - - port - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - default: TCP - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - required: - - port - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - properties: - localhostProfile: - type: string - type: - type: string - required: - - type - type: object - windowsOptions: - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - startupProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - required: - - port - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - subPathExpr: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - size: - format: int32 - type: integer - sslInternalSecretName: - type: string - sslSecretName: - type: string - tolerations: - items: - properties: - effect: - type: string - key: - type: string - operator: - type: string - tolerationSeconds: - format: int64 - type: integer - value: - type: string - type: object - type: array - vaultSecretName: - type: string - volumeSpec: - properties: - emptyDir: - properties: - medium: - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - hostPath: - properties: - path: - type: string - type: - type: string - required: - - path - type: object - persistentVolumeClaim: - properties: - accessModes: - items: - type: string - type: array - dataSource: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - dataSourceRef: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - storageClassName: - type: string - volumeMode: - type: string - volumeName: - type: string - type: object - type: object - type: object - pxc: - properties: - affinity: - properties: - advanced: - properties: - nodeAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - preference: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - properties: - nodeSelectorTerms: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - antiAffinityTopologyKey: - type: string - type: object - annotations: - additionalProperties: - type: string - type: object - autoRecovery: - type: boolean - configuration: - type: string - containerSecurityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - properties: - localhostProfile: - type: string - type: - type: string - required: - - type - type: object - windowsOptions: - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - enabled: - type: boolean - envVarsSecret: - type: string - expose: - properties: - annotations: - additionalProperties: - type: string - type: object - enabled: - type: boolean - loadBalancerSourceRanges: - items: - type: string - type: array - trafficPolicy: - type: string - type: - type: string - type: object - externalTrafficPolicy: - type: string - forceUnsafeBootstrap: - type: boolean - gracePeriod: - format: int64 - type: integer - hookScript: - type: string - image: - type: string - imagePullPolicy: - type: string - imagePullSecrets: - items: - properties: - name: - type: string - type: object - type: array - labels: - additionalProperties: - type: string - type: object - livenessDelaySec: - format: int32 - type: integer - livenessProbes: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - required: - - port - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - loadBalancerIP: - type: string - loadBalancerSourceRanges: - items: - type: string - type: array - nodeSelector: - additionalProperties: - type: string - type: object - podDisruptionBudget: - properties: - maxUnavailable: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - minAvailable: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - podSecurityContext: - properties: - fsGroup: - format: int64 - type: integer - fsGroupChangePolicy: - type: string - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - properties: - localhostProfile: - type: string - type: - type: string - required: - - type - type: object - supplementalGroups: - items: - format: int64 - type: integer - type: array - sysctls: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - windowsOptions: - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - priorityClassName: - type: string - readinessDelaySec: - format: int32 - type: integer - readinessProbes: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - required: - - port - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - replicasExternalTrafficPolicy: - type: string - replicasServiceAnnotations: - additionalProperties: - type: string - type: object - replicasServiceLabels: - additionalProperties: - type: string - type: object - replicasServiceType: - type: string - replicationChannels: - items: - properties: - configuration: - properties: - ca: - type: string - sourceConnectRetry: - type: integer - sourceRetryCount: - type: integer - ssl: - type: boolean - sslSkipVerify: - type: boolean - type: object - isSource: - type: boolean - name: - type: string - sourcesList: - items: - properties: - host: - type: string - port: - type: integer - weight: - type: integer - type: object - type: array - type: object - type: array - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - runtimeClassName: - type: string - schedulerName: - type: string - serviceAccountName: - type: string - serviceAnnotations: - additionalProperties: - type: string - type: object - serviceLabels: - additionalProperties: - type: string - type: object - serviceType: - type: string - sidecarPVCs: - items: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - properties: - accessModes: - items: - type: string - type: array - dataSource: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - dataSourceRef: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - storageClassName: - type: string - volumeMode: - type: string - volumeName: - type: string - type: object - status: - properties: - accessModes: - items: - type: string - type: array - allocatedResources: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - capacity: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - conditions: - items: - properties: - lastProbeTime: - format: date-time - type: string - lastTransitionTime: - format: date-time - type: string - message: - type: string - reason: - type: string - status: - type: string - type: - type: string - required: - - status - - type - type: object - type: array - phase: - type: string - resizeStatus: - type: string - type: object - type: object - type: array - sidecarResources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - sidecarVolumes: - items: - properties: - awsElasticBlockStore: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - azureDisk: - properties: - cachingMode: - type: string - diskName: - type: string - diskURI: - type: string - fsType: - type: string - kind: - type: string - readOnly: - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - properties: - readOnly: - type: boolean - secretName: - type: string - shareName: - type: string - required: - - secretName - - shareName - type: object - cephfs: - properties: - monitors: - items: - type: string - type: array - path: - type: string - readOnly: - type: boolean - secretFile: - type: string - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - monitors - type: object - cinder: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeID: - type: string - required: - - volumeID - type: object - configMap: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - csi: - properties: - driver: - type: string - fsType: - type: string - nodePublishSecretRef: - properties: - name: - type: string - type: object - readOnly: - type: boolean - volumeAttributes: - additionalProperties: - type: string - type: object - required: - - driver - type: object - downwardAPI: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - emptyDir: - properties: - medium: - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - ephemeral: - properties: - volumeClaimTemplate: - properties: - metadata: - type: object - spec: - properties: - accessModes: - items: - type: string - type: array - dataSource: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - dataSourceRef: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - storageClassName: - type: string - volumeMode: - type: string - volumeName: - type: string - type: object - required: - - spec - type: object - type: object - fc: - properties: - fsType: - type: string - lun: - format: int32 - type: integer - readOnly: - type: boolean - targetWWNs: - items: - type: string - type: array - wwids: - items: - type: string - type: array - type: object - flexVolume: - properties: - driver: - type: string - fsType: - type: string - options: - additionalProperties: - type: string - type: object - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - required: - - driver - type: object - flocker: - properties: - datasetName: - type: string - datasetUUID: - type: string - type: object - gcePersistentDisk: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - pdName: - type: string - readOnly: - type: boolean - required: - - pdName - type: object - gitRepo: - properties: - directory: - type: string - repository: - type: string - revision: - type: string - required: - - repository - type: object - glusterfs: - properties: - endpoints: - type: string - path: - type: string - readOnly: - type: boolean - required: - - endpoints - - path - type: object - hostPath: - properties: - path: - type: string - type: - type: string - required: - - path - type: object - iscsi: - properties: - chapAuthDiscovery: - type: boolean - chapAuthSession: - type: boolean - fsType: - type: string - initiatorName: - type: string - iqn: - type: string - iscsiInterface: - type: string - lun: - format: int32 - type: integer - portals: - items: - type: string - type: array - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - targetPortal: - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - type: string - nfs: - properties: - path: - type: string - readOnly: - type: boolean - server: - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - properties: - claimName: - type: string - readOnly: - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - properties: - fsType: - type: string - pdID: - type: string - required: - - pdID - type: object - portworxVolume: - properties: - fsType: - type: string - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - projected: - properties: - defaultMode: - format: int32 - type: integer - sources: - items: - properties: - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - downwardAPI: - properties: - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - secret: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - serviceAccountToken: - properties: - audience: - type: string - expirationSeconds: - format: int64 - type: integer - path: - type: string - required: - - path - type: object - type: object - type: array - type: object - quobyte: - properties: - group: - type: string - readOnly: - type: boolean - registry: - type: string - tenant: - type: string - user: - type: string - volume: - type: string - required: - - registry - - volume - type: object - rbd: - properties: - fsType: - type: string - image: - type: string - keyring: - type: string - monitors: - items: - type: string - type: array - pool: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - user: - type: string - required: - - image - - monitors - type: object - scaleIO: - properties: - fsType: - type: string - gateway: - type: string - protectionDomain: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - sslEnabled: - type: boolean - storageMode: - type: string - storagePool: - type: string - system: - type: string - volumeName: - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - optional: - type: boolean - secretName: - type: string - type: object - storageos: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - volumeName: - type: string - volumeNamespace: - type: string - type: object - vsphereVolume: - properties: - fsType: - type: string - storagePolicyID: - type: string - storagePolicyName: - type: string - volumePath: - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array - sidecars: - items: - properties: - args: - items: - type: string - type: array - command: - items: - type: string - type: array - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - resourceFieldRef: - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - required: - - resource - type: object - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - items: - properties: - configMapRef: - properties: - name: - type: string - optional: - type: boolean - type: object - prefix: - type: string - secretRef: - properties: - name: - type: string - optional: - type: boolean - type: object - type: object - type: array - image: - type: string - imagePullPolicy: - type: string - lifecycle: - properties: - postStart: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - required: - - port - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - name: - type: string - ports: - items: - properties: - containerPort: - format: int32 - type: integer - hostIP: - type: string - hostPort: - format: int32 - type: integer - name: - type: string - protocol: - default: TCP - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - required: - - port - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - properties: - localhostProfile: - type: string - type: - type: string - required: - - type - type: object - windowsOptions: - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - startupProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - required: - - port - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - stdin: - type: boolean - stdinOnce: - type: boolean - terminationMessagePath: - type: string - terminationMessagePolicy: - type: string - tty: - type: boolean - volumeDevices: - items: - properties: - devicePath: - type: string - name: - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - subPathExpr: - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - type: string - required: - - name - type: object - type: array - size: - format: int32 - type: integer - sslInternalSecretName: - type: string - sslSecretName: - type: string - tolerations: - items: - properties: - effect: - type: string - key: - type: string - operator: - type: string - tolerationSeconds: - format: int64 - type: integer - value: - type: string - type: object - type: array - vaultSecretName: - type: string - volumeSpec: - properties: - emptyDir: - properties: - medium: - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - hostPath: - properties: - path: - type: string - type: - type: string - required: - - path - type: object - persistentVolumeClaim: - properties: - accessModes: - items: - type: string - type: array - dataSource: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - dataSourceRef: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - resources: - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - storageClassName: - type: string - volumeMode: - type: string - volumeName: - type: string - type: object - type: object - type: object - secretsName: - type: string - sslInternalSecretName: - type: string - sslSecretName: - type: string - tls: - properties: - SANs: - items: - type: string - type: array - issuerConf: - properties: - group: - type: string - kind: - type: string - name: - type: string - required: - - name - type: object - type: object - updateStrategy: - type: string - upgradeOptions: - properties: - apply: - type: string - schedule: - type: string - versionServiceEndpoint: - type: string - type: object - vaultSecretName: - type: string - type: object - status: - properties: - backup: - properties: - image: - type: string - labelSelectorPath: - type: string - message: - type: string - status: - type: string - version: - type: string - type: object - conditions: - items: - properties: - lastTransitionTime: - format: date-time - type: string - message: - type: string - reason: - type: string - status: - type: string - type: - type: string - type: object - type: array - haproxy: - properties: - image: - type: string - labelSelectorPath: - type: string - message: - type: string - ready: - format: int32 - type: integer - size: - format: int32 - type: integer - status: - type: string - version: - type: string - type: object - host: - type: string - logcollector: - properties: - image: - type: string - labelSelectorPath: - type: string - message: - type: string - status: - type: string - version: - type: string - type: object - message: - items: - type: string - type: array - observedGeneration: - format: int64 - type: integer - pmm: - properties: - image: - type: string - labelSelectorPath: - type: string - message: - type: string - status: - type: string - version: - type: string - type: object - proxysql: - properties: - image: - type: string - labelSelectorPath: - type: string - message: - type: string - ready: - format: int32 - type: integer - size: - format: int32 - type: integer - status: - type: string - version: - type: string - type: object - pxc: - properties: - image: - type: string - labelSelectorPath: - type: string - message: - type: string - ready: - format: int32 - type: integer - size: - format: int32 - type: integer - status: - type: string - version: - type: string - type: object - pxcReplication: - properties: - replicationChannels: - items: - properties: - ca: - type: string - name: - type: string - sourceConnectRetry: - type: integer - sourceRetryCount: - type: integer - ssl: - type: boolean - sslSkipVerify: - type: boolean - type: object - type: array - type: object - ready: - format: int32 - type: integer - size: - format: int32 - type: integer - state: - type: string - type: object - type: object - x-kubernetes-preserve-unknown-fields: true - served: true - storage: true - subresources: - scale: - labelSelectorPath: .status.pxc.labelSelectorPath - specReplicasPath: .spec.pxc.size - statusReplicasPath: .status.pxc.size - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/charts/redpanda/redpanda/Chart.yaml b/charts/redpanda/redpanda/Chart.yaml index c29598c5d..c007a961b 100644 --- a/charts/redpanda/redpanda/Chart.yaml +++ b/charts/redpanda/redpanda/Chart.yaml @@ -31,4 +31,4 @@ name: redpanda sources: - https://github.com/redpanda-data/helm-charts type: application -version: 4.0.13 +version: 4.0.15 diff --git a/charts/redpanda/redpanda/ci/12-external-cert-secrets-values.yaml b/charts/redpanda/redpanda/ci/12-external-cert-secrets-values.yaml new file mode 100644 index 000000000..6743eac7d --- /dev/null +++ b/charts/redpanda/redpanda/ci/12-external-cert-secrets-values.yaml @@ -0,0 +1,92 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--- +tls: + enabled: true + certs: + # in the future we want to also add the + default: + caEnabled: true + external: + secretRef: + name: external-tls-secret + caEnabled: true + +external: + enabled: true + type: NodePort + domain: random-domain + +listeners: + # NOT including admin-api listeners because it only has one and it is using internal + # tls certs by default. + # -- Kafka API listeners. + kafka: + # -- The port for internal client connections. + port: 9093 + tls: + # Optional flag to override the global TLS enabled flag. + # enabled: true + cert: default + requireClientAuth: false + external: + default: + # enabled: true + # -- The port used for external client connections. + port: 9094 + # -- If undefined, `listeners.kafka.external.default.port` is used. + advertisedPorts: + - 30090 + tls: + # enabled: true + cert: external + # -- Schema registry listeners. + schemaRegistry: + enabled: true + port: 8081 + kafkaEndpoint: default + tls: + # Optional flag to override the global TLS enabled flag. + # enabled: true + cert: default + requireClientAuth: false + external: + default: + # enabled: true + port: 8084 + advertisedPorts: + - 30080 + tls: + # enabled: true + cert: external + # -- HTTP API listeners (aka PandaProxy). + http: + enabled: true + port: 8082 + kafkaEndpoint: default + tls: + # Optional flag to override the global TLS enabled flag. + # enabled: true + cert: default + requireClientAuth: false + external: + default: + # enabled: true + port: 8083 + advertisedPorts: + - 30070 + tls: + # enabled: true + cert: external diff --git a/charts/redpanda/redpanda/templates/statefulset.yaml b/charts/redpanda/redpanda/templates/statefulset.yaml index d3feab877..1ccfca0e7 100644 --- a/charts/redpanda/redpanda/templates/statefulset.yaml +++ b/charts/redpanda/redpanda/templates/statefulset.yaml @@ -407,13 +407,13 @@ spec: {{- end }} {{- if semverCompare ">=1.16-0" .Capabilities.KubeVersion.GitVersion }} topologySpreadConstraints: - - labelSelector: - matchLabels: {{ include "statefulset-pod-labels" . | nindent 12 }} - {{- with .Values.statefulset.topologySpreadConstraints }} - maxSkew: {{ .maxSkew }} - topologyKey: {{ .topologyKey }} - whenUnsatisfiable: {{ .whenUnsatisfiable }} - {{- end }} + {{- range $v := .Values.statefulset.topologySpreadConstraints }} + - maxSkew: {{ $v.maxSkew }} + topologyKey: {{ $v.topologyKey }} + whenUnsatisfiable: {{ $v.whenUnsatisfiable }} + labelSelector: + matchLabels: {{ include "statefulset-pod-labels" $ | nindent 14 }} + {{- end }} {{- end }} {{- with ( include "statefulset-nodeSelectors" . ) }} nodeSelector: {{- . | nindent 8 }} diff --git a/charts/redpanda/redpanda/templates/tests/test-internal-external-tls-secrets.yaml b/charts/redpanda/redpanda/templates/tests/test-internal-external-tls-secrets.yaml new file mode 100644 index 000000000..e57afb017 --- /dev/null +++ b/charts/redpanda/redpanda/templates/tests/test-internal-external-tls-secrets.yaml @@ -0,0 +1,122 @@ +{{/* +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} +{{- if (include "tls-enabled" . | fromJson).bool }} + {{- $values := .Values }} + {{- $root := deepCopy . }} +apiVersion: v1 +kind: Pod +metadata: + name: {{ include "redpanda.fullname" . }}-test-internal-externals-cert-secrets + namespace: {{ .Release.Namespace | quote }} + labels: + {{- with include "full.labels" . }} + {{- . | nindent 4 }} + {{- end }} + annotations: + "helm.sh/hook": test + "helm.sh/hook-delete-policy": before-hook-creation +spec: + restartPolicy: Never + securityContext: + runAsUser: 65535 + runAsGroup: 65535 + containers: + - name: {{ template "redpanda.name" . }} + image: {{ .Values.image.repository }}:{{ template "redpanda.tag" . }} + command: + - bash + - -c + - | + set -ex + {{- range $name, $cert := $values.tls.certs }} + {{- if $cert.secretRef }} + echo testing cert: {{ $name | quote }} + + {{- if eq $cert.secretRef.name "internal-tls-secret" }} + echo "---> testing internal tls" + openssl s_client -verify_return_error -prexit \ + {{- if $cert.caEnabled }} + -CAfile {{ printf "/etc/tls/certs/%s" $name }}/ca.crt \ + {{- end }} + -key {{ printf "/etc/tls/certs/%s" $name }}/tls.key \ + -connect {{ include "api-urls" $root }} + {{- end }} + + {{- if eq $cert.secretRef.name "external-tls-secret" }} + echo "---> testing external tls" + + {{- if eq $values.listeners.kafka.external.default.tls.cert $name }} + echo "-----> testing external tls: kafka api" + {{- $port := ( first $values.listeners.kafka.external.default.advertisedPorts ) }} + openssl s_client -verify_return_error -prexit \ + {{- if $cert.caEnabled }} + -CAfile {{ printf "/etc/tls/certs/%s" $name }}/ca.crt \ + {{- end }} + -key {{ printf "/etc/tls/certs/%s" $name }}/tls.key \ + -connect {{ $values.external.domain }}:{{ $port }} + {{- end }} + + {{- if eq $values.listeners.schemaRegistry.external.default.tls.cert $name }} + echo "-----> testing external tls: schema registry" + {{- $port := ( first $values.listeners.schemaRegistry.external.default.advertisedPorts ) }} + openssl s_client -verify_return_error -prexit \ + {{- if $cert.caEnabled }} + -CAfile {{ printf "/etc/tls/certs/%s" $name }}/ca.crt \ + {{- end }} + -key {{ printf "/etc/tls/certs/%s" $name }}/tls.key \ + -connect {{ $values.external.domain }}:{{ $port }} + {{- end }} + + {{- if eq $values.listeners.http.external.default.tls.cert $name }} + echo "-----> testing external tls: http api" + {{- $port := ( first $values.listeners.http.external.default.advertisedPorts ) }} + openssl s_client -verify_return_error -prexit \ + {{- if $cert.caEnabled }} + -CAfile {{ printf "/etc/tls/certs/%s" $name }}/ca.crt \ + {{- end }} + -key {{ printf "/etc/tls/certs/%s" $name }}/tls.key \ + -connect {{ $values.external.domain }}:{{ $port }} + {{- end }} + + {{- end }} + echo "----" + + {{- end }} + {{- end }} + volumeMounts: + {{- range $name, $cert := .Values.tls.certs }} + - name: redpanda-{{ $name }}-cert + mountPath: {{ printf "/etc/tls/certs/%s" $name }} + {{- end }} + volumes: + {{- range $name, $cert := .Values.tls.certs }} + {{- $r := set $root "tempCert" ( dict "name" $name "cert" $cert ) }} + - name: redpanda-{{ $name }}-cert + secret: + defaultMode: 420 + items: + - key: tls.key + path: tls.key + - key: tls.crt + path: tls.crt + {{- if $cert.caEnabled }} + - key: ca.crt + path: ca.crt + {{- end }} + secretName: {{ template "cert-secret-name" $r }} + {{- end }} +{{- end }} diff --git a/charts/redpanda/redpanda/templates/tests/test-kafka-internal-tls-status.yaml b/charts/redpanda/redpanda/templates/tests/test-kafka-internal-tls-status.yaml index b0e89e0ce..61816fb1d 100644 --- a/charts/redpanda/redpanda/templates/tests/test-kafka-internal-tls-status.yaml +++ b/charts/redpanda/redpanda/templates/tests/test-kafka-internal-tls-status.yaml @@ -14,9 +14,10 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. */}} -{{- $service := .Values.listeners.kafka -}} -{{- $cert := get .Values.tls.certs $service.tls.cert -}} {{- if and (include "kafka-internal-tls-enabled" . | fromJson).bool (not (include "sasl-enabled" . | fromJson).bool) -}} + {{- $service := .Values.listeners.kafka -}} + {{- $cert := get .Values.tls.certs $service.tls.cert -}} + {{- $root := deepCopy . }} apiVersion: v1 kind: Pod metadata: @@ -71,9 +72,10 @@ spec: - name: config emptyDir: {} {{- range $name, $cert := .Values.tls.certs }} + {{- $r := set $root "tempCert" ( dict "name" $name "cert" $cert ) }} - name: redpanda-{{ $name }}-cert secret: defaultMode: 0644 - secretName: {{ template "redpanda.fullname" $ }}-{{ $name }}-cert + secretName: {{ template "cert-secret-name" $r }} {{- end }} {{- end }} diff --git a/charts/redpanda/redpanda/templates/tests/test-kafka-produce-consume.yaml b/charts/redpanda/redpanda/templates/tests/test-kafka-produce-consume.yaml index fa7b3684f..eb58fd8e3 100644 --- a/charts/redpanda/redpanda/templates/tests/test-kafka-produce-consume.yaml +++ b/charts/redpanda/redpanda/templates/tests/test-kafka-produce-consume.yaml @@ -15,6 +15,7 @@ See the License for the specific language governing permissions and limitations under the License. */}} {{- $sasl := .Values.auth.sasl }} +{{- $root := deepCopy . }} {{- $useSaslSecret := and $sasl.enabled (not (empty $sasl.secretRef )) }} apiVersion: v1 kind: Pod @@ -87,9 +88,10 @@ spec: {{- end }} {{- if (include "tls-enabled" . | fromJson).bool }} {{- range $name, $cert := .Values.tls.certs }} + {{- $r := set $root "tempCert" ( dict "name" $name "cert" $cert ) }} - name: redpanda-{{ $name }}-cert secret: defaultMode: 0644 - secretName: {{ template "redpanda.fullname" $ }}-{{ $name }}-cert + secretName: {{ template "cert-secret-name" $r }} {{- end }} {{- end -}} diff --git a/charts/redpanda/redpanda/templates/tests/test-pandaproxy-internal-tls-status.yaml b/charts/redpanda/redpanda/templates/tests/test-pandaproxy-internal-tls-status.yaml index 191e7559a..41400028d 100644 --- a/charts/redpanda/redpanda/templates/tests/test-pandaproxy-internal-tls-status.yaml +++ b/charts/redpanda/redpanda/templates/tests/test-pandaproxy-internal-tls-status.yaml @@ -14,9 +14,10 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. */}} -{{- $service := .Values.listeners.http -}} -{{- $cert := get .Values.tls.certs $service.tls.cert -}} {{- if and (include "http-internal-tls-enabled" . | fromJson).bool (not (include "sasl-enabled" . | fromJson).bool) -}} + {{- $service := .Values.listeners.http -}} + {{- $cert := get .Values.tls.certs $service.tls.cert -}} + {{- $root := deepCopy . }} apiVersion: v1 kind: Pod metadata: @@ -68,10 +69,11 @@ spec: emptyDir: {} {{- if (include "tls-enabled" . | fromJson).bool }} {{- range $name, $cert := .Values.tls.certs }} + {{- $r := set $root "tempCert" ( dict "name" $name "cert" $cert ) }} - name: redpanda-{{ $name }}-cert secret: defaultMode: 0644 - secretName: {{ template "redpanda.fullname" $ }}-{{ $name }}-cert + secretName: {{ template "cert-secret-name" $r }} {{- end }} {{- end }} {{- end -}} diff --git a/charts/redpanda/redpanda/templates/tests/test-schemaregistry-internal-tls-status.yaml b/charts/redpanda/redpanda/templates/tests/test-schemaregistry-internal-tls-status.yaml index eadc85a44..88978a9e5 100644 --- a/charts/redpanda/redpanda/templates/tests/test-schemaregistry-internal-tls-status.yaml +++ b/charts/redpanda/redpanda/templates/tests/test-schemaregistry-internal-tls-status.yaml @@ -14,9 +14,10 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. */}} -{{- $service := .Values.listeners.schemaRegistry -}} -{{- $cert := get .Values.tls.certs $service.tls.cert -}} {{- if and (include "schemaRegistry-internal-tls-enabled" . | fromJson).bool (not (include "sasl-enabled" .|fromJson).bool) -}} + {{- $service := .Values.listeners.schemaRegistry -}} + {{- $cert := get .Values.tls.certs $service.tls.cert -}} + {{- $root := deepCopy . }} apiVersion: v1 kind: Pod metadata: @@ -67,9 +68,10 @@ spec: - name: config emptyDir: {} {{- range $name, $cert := .Values.tls.certs }} + {{- $r := set $root "tempCert" ( dict "name" $name "cert" $cert ) }} - name: redpanda-{{ $name }}-cert secret: defaultMode: 0644 - secretName: {{ template "redpanda.fullname" $ }}-{{ $name }}-cert + secretName: {{ template "cert-secret-name" $r }} {{- end }} {{- end -}} diff --git a/charts/redpanda/redpanda/values.schema.json b/charts/redpanda/redpanda/values.schema.json index 9c98463e3..40193cec4 100644 --- a/charts/redpanda/redpanda/values.schema.json +++ b/charts/redpanda/redpanda/values.schema.json @@ -635,22 +635,20 @@ "type": "array" }, "topologySpreadConstraints": { - "type": "object", - "required": [ - "maxSkew", - "topologyKey", - "whenUnsatisfiable" - ], - "properties": { - "maxSkew": { - "type": "integer" - }, - "topologyKey": { - "type": "string" - }, - "whenUnsatisfiable": { - "type": "string", - "pattern": "^(ScheduleAnyway|DoNotSchedule)$" + "type": "array", + "minItems": 1, + "items": { + "properties": { + "maxSkew": { + "type": "integer" + }, + "topologyKey": { + "type": "string" + }, + "whenUnsatisfiable": { + "type": "string", + "pattern": "^(ScheduleAnyway|DoNotSchedule)$" + } } } }, diff --git a/charts/redpanda/redpanda/values.yaml b/charts/redpanda/redpanda/values.yaml index 06f0d6799..86e9b3b4c 100644 --- a/charts/redpanda/redpanda/values.yaml +++ b/charts/redpanda/redpanda/values.yaml @@ -530,7 +530,7 @@ statefulset: # For details, # see the [Kubernetes documentation](https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/). topologySpreadConstraints: - maxSkew: 1 + - maxSkew: 1 topologyKey: topology.kubernetes.io/zone whenUnsatisfiable: ScheduleAnyway securityContext: diff --git a/charts/speedscale/speedscale-operator/Chart.yaml b/charts/speedscale/speedscale-operator/Chart.yaml index df60e5482..4e2a1d90a 100644 --- a/charts/speedscale/speedscale-operator/Chart.yaml +++ b/charts/speedscale/speedscale-operator/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>= 1.17.0-0' catalog.cattle.io/release-name: speedscale-operator apiVersion: v1 -appVersion: 1.2.575 +appVersion: 1.2.584 description: Stress test your APIs with real world scenarios. Collect and replay traffic without scripting. home: https://speedscale.com @@ -24,4 +24,4 @@ maintainers: - email: support@speedscale.com name: Speedscale Support name: speedscale-operator -version: 1.2.40 +version: 1.2.42 diff --git a/charts/speedscale/speedscale-operator/README.md b/charts/speedscale/speedscale-operator/README.md index 48cea60ec..153830515 100644 --- a/charts/speedscale/speedscale-operator/README.md +++ b/charts/speedscale/speedscale-operator/README.md @@ -101,10 +101,10 @@ _See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documen A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an incompatible breaking change needing manual actions. -### Upgrade to 1.2.40 +### Upgrade to 1.2.42 ```bash -kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.2.40/templates/crds/trafficreplays.yaml +kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.2.42/templates/crds/trafficreplays.yaml ``` ### Upgrade to 1.1.0 diff --git a/charts/speedscale/speedscale-operator/app-readme.md b/charts/speedscale/speedscale-operator/app-readme.md index 48cea60ec..153830515 100644 --- a/charts/speedscale/speedscale-operator/app-readme.md +++ b/charts/speedscale/speedscale-operator/app-readme.md @@ -101,10 +101,10 @@ _See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documen A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an incompatible breaking change needing manual actions. -### Upgrade to 1.2.40 +### Upgrade to 1.2.42 ```bash -kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.2.40/templates/crds/trafficreplays.yaml +kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.2.42/templates/crds/trafficreplays.yaml ``` ### Upgrade to 1.1.0 diff --git a/charts/speedscale/speedscale-operator/templates/rbac.yaml b/charts/speedscale/speedscale-operator/templates/rbac.yaml index 13ef8beb9..5ebcb0000 100644 --- a/charts/speedscale/speedscale-operator/templates/rbac.yaml +++ b/charts/speedscale/speedscale-operator/templates/rbac.yaml @@ -164,6 +164,19 @@ rules: - patch - update - watch +- apiGroups: + - security.istio.io + resources: + - peerauthentications + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch - apiGroups: - coordination.k8s.io resources: diff --git a/charts/speedscale/speedscale-operator/values.yaml b/charts/speedscale/speedscale-operator/values.yaml index e53d0f0be..cd2937368 100644 --- a/charts/speedscale/speedscale-operator/values.yaml +++ b/charts/speedscale/speedscale-operator/values.yaml @@ -20,7 +20,7 @@ clusterName: "my-cluster" # Speedscale components image settings. image: registry: gcr.io/speedscale - tag: v1.2.575 + tag: v1.2.584 pullPolicy: Always # Log level for Speedscale components. diff --git a/charts/sysdig/sysdig/CHANGELOG.md b/charts/sysdig/sysdig/CHANGELOG.md index fec7af0ae..0984431de 100644 --- a/charts/sysdig/sysdig/CHANGELOG.md +++ b/charts/sysdig/sysdig/CHANGELOG.md @@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used exclusively to fix incorrect entries and not to add new ones. ## Change Log +# v1.15.86 +### New Features +* **sysdig** [727f9f8](https://github.com/sysdiglabs/charts/commit/727f9f836b38daf91090e843895dd4ea07126ec5): Update legacy engine NIA component with security updates ([#1065](https://github.com/sysdiglabs/charts/issues/1065)) # v1.15.85 ### Chores * **sysdig, node-analyzer** [a7564db](https://github.com/sysdiglabs/charts/commit/a7564dbac2f879064e000ef780b71ebc3d4463a7): bump sysdig/vuln-runtime-scanner to v1.4.11 ([#1061](https://github.com/sysdiglabs/charts/issues/1061)) diff --git a/charts/sysdig/sysdig/Chart.yaml b/charts/sysdig/sysdig/Chart.yaml index cf5fe37df..9e516978d 100644 --- a/charts/sysdig/sysdig/Chart.yaml +++ b/charts/sysdig/sysdig/Chart.yaml @@ -29,4 +29,4 @@ name: sysdig sources: - https://app.sysdigcloud.com/#/settings/user - https://github.com/draios/sysdig -version: 1.15.85 +version: 1.15.86 diff --git a/charts/sysdig/sysdig/README.md b/charts/sysdig/sysdig/README.md index 73a58d611..83c117c04 100644 --- a/charts/sysdig/sysdig/README.md +++ b/charts/sysdig/sysdig/README.md @@ -154,7 +154,7 @@ The following table lists the configurable parameters of the Sysdig chart and th | `nodeAnalyzer.pullSecrets` | Image pull secrets for the Node Analyzer containers | `nil` | | `nodeAnalyzer.imageAnalyzer.deploy` | Deploy the Image Analyzer | `true ` | | `nodeAnalyzer.imageAnalyzer.image.repository` | The image repository to pull the Node Image Analyzer from | `sysdig/node-image-analyzer` | -| `nodeAnalyzer.imageAnalyzer.image.tag` | The image tag to pull the Node Image Analyzer | `0.1.25` | +| `nodeAnalyzer.imageAnalyzer.image.tag` | The image tag to pull the Node Image Analyzer | `0.1.26` | | `nodeAnalyzer.imageAnalyzer.image.digest` | The image digest to pull | ` ` | | `nodeAnalyzer.imageAnalyzer.image.pullPolicy` | The Image pull policy for the Node Image Analyzer | `IfNotPresent` | | `nodeAnalyzer.imageAnalyzer.dockerSocketPath` | The Docker socket path | | @@ -255,7 +255,7 @@ Node Image Analyzer parameters (deprecated by nodeAnalyzer) | `nodeImageAnalyzer.settings.httpsProxy` | Proxy configuration variables | | | `nodeImageAnalyzer.settings.noProxy` | Proxy configuration variables | | | `nodeImageAnalyzer.image.repository` | The image repository to pull the Node Image Analyzer from | `sysdig/node-image-analyzer` | -| `nodeImageAnalyzer.image.tag` | The image tag to pull the Node Image Analyzer | `0.1.25` | +| `nodeImageAnalyzer.image.tag` | The image tag to pull the Node Image Analyzer | `0.1.26` | | `nodeImageAnalyzer.imagedigest` | The image digest to pull | ` ` | | `nodeImageAnalyzer.image.pullPolicy` | The Image pull policy for the Node Image Analyzer | `IfNotPresent` | | `nodeImageAnalyzer.image.pullSecrets` | Image pull secrets for the Node Image Analyzer | `nil` | diff --git a/charts/sysdig/sysdig/RELEASE-NOTES.md b/charts/sysdig/sysdig/RELEASE-NOTES.md index 44d89f980..7c7094337 100644 --- a/charts/sysdig/sysdig/RELEASE-NOTES.md +++ b/charts/sysdig/sysdig/RELEASE-NOTES.md @@ -1,6 +1,6 @@ # What's Changed -### Chores -- **sysdig, node-analyzer** [a7564db](https://github.com/sysdiglabs/charts/commit/a7564dbac2f879064e000ef780b71ebc3d4463a7): bump sysdig/vuln-runtime-scanner to v1.4.11 ([#1061](https://github.com/sysdiglabs/charts/issues/1061)) +### New Features +- **sysdig** [727f9f8](https://github.com/sysdiglabs/charts/commit/727f9f836b38daf91090e843895dd4ea07126ec5): Update legacy engine NIA component with security updates ([#1065](https://github.com/sysdiglabs/charts/issues/1065)) -#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.7.4...sysdig-1.15.85 +#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.7.6...sysdig-1.15.86 diff --git a/charts/sysdig/sysdig/values.yaml b/charts/sysdig/sysdig/values.yaml index c6b82b690..71dabe97f 100644 --- a/charts/sysdig/sysdig/values.yaml +++ b/charts/sysdig/sysdig/values.yaml @@ -220,7 +220,7 @@ nodeImageAnalyzer: deploy: false image: repository: sysdig/node-image-analyzer - tag: 0.1.25 + tag: 0.1.26 digest: pullPolicy: IfNotPresent # pullSecrets: @@ -406,7 +406,7 @@ nodeAnalyzer: deploy: true image: repository: sysdig/node-image-analyzer - tag: 0.1.25 + tag: 0.1.26 digest: pullPolicy: IfNotPresent diff --git a/charts/yugabyte/yugabyte/Chart.yaml b/charts/yugabyte/yugabyte/Chart.yaml index 58e6e45e6..149eaa030 100644 --- a/charts/yugabyte/yugabyte/Chart.yaml +++ b/charts/yugabyte/yugabyte/Chart.yaml @@ -3,20 +3,18 @@ annotations: catalog.cattle.io/display-name: YugabyteDB catalog.cattle.io/kube-version: '>=1.18-0' catalog.cattle.io/release-name: yugabyte - charts.openshift.io/name: yugabyte -apiVersion: v2 -appVersion: 2.16.3.0-b43 +apiVersion: v1 +appVersion: 2.14.9.0-b23 description: YugabyteDB is the high-performance distributed SQL database for building global, internet-scale apps. home: https://www.yugabyte.com icon: https://avatars0.githubusercontent.com/u/17074854?s=200&v=4 -kubeVersion: '>=1.18-0' maintainers: -- email: sanketh@yugabyte.com - name: Sanketh Indarapu -- email: gjalla@yugabyte.com - name: Govardhan Reddy Jalla +- email: ram@yugabyte.com + name: Ram Sri +- email: arnav@yugabyte.com + name: Arnav Agarwal name: yugabyte sources: - https://github.com/yugabyte/yugabyte-db -version: 2.16.3 +version: 2.14.9 diff --git a/charts/yugabyte/yugabyte/app-readme.md b/charts/yugabyte/yugabyte/app-readme.md index c335f72db..282229b18 100644 --- a/charts/yugabyte/yugabyte/app-readme.md +++ b/charts/yugabyte/yugabyte/app-readme.md @@ -1 +1 @@ -This chart bootstraps an RF3 YugabyteDB version 2.16.3.0-b43 cluster using the Helm Package Manager. +This chart bootstraps an RF3 Yugabyte DB version 2.14.9.0-b23 cluster using the Helm Package Manager. diff --git a/charts/yugabyte/yugabyte/generate_kubeconfig.py b/charts/yugabyte/yugabyte/generate_kubeconfig.py index 3e2e1d5d7..b974c0f2d 100644 --- a/charts/yugabyte/yugabyte/generate_kubeconfig.py +++ b/charts/yugabyte/yugabyte/generate_kubeconfig.py @@ -11,177 +11,84 @@ from sys import exit import json import base64 import tempfile -import time -import os.path -def run_command(command_args, namespace=None, as_json=True, log_command=True): - command = ["kubectl"] +def run_command(command_args, namespace=None, as_json=True): + command = ['kubectl'] if namespace: - command.extend(["--namespace", namespace]) + command.extend(['--namespace', namespace]) command.extend(command_args) if as_json: - command.extend(["-o", "json"]) - if log_command: - print("Running command: {}".format(" ".join(command))) - output = check_output(command) - if as_json: - return json.loads(output) + command.extend(['-o', 'json']) + return json.loads(check_output(command)) else: - return output.decode("utf8") + return check_output(command).decode('utf8') -def create_sa_token_secret(directory, sa_name, namespace): - """Creates a service account token secret for sa_name in - namespace. Returns the name of the secret created. - - Ref: - https://k8s.io/docs/concepts/configuration/secret/#service-account-token-secrets - - """ - token_secret = { - "apiVersion": "v1", - "data": { - "do-not-delete-used-for-yugabyte-anywhere": "MQ==", - }, - "kind": "Secret", - "metadata": { - "annotations": { - "kubernetes.io/service-account.name": sa_name, - }, - "name": sa_name, - }, - "type": "kubernetes.io/service-account-token", - } - token_secret_file_name = os.path.join(directory, "token_secret.yaml") - with open(token_secret_file_name, "w") as token_secret_file: - json.dump(token_secret, token_secret_file) - run_command(["apply", "-f", token_secret_file_name], namespace) - return sa_name - - -def get_secret_data(secret, namespace): - """Returns the secret in JSON format if it has ca.crt and token in - it, else returns None. It retries 3 times with 1 second timeout - for the secret to be populated with this data. - - """ - secret_data = None - num_retries = 5 - timeout = 2 - while True: - secret_json = run_command(["get", "secret", secret], namespace) - if "ca.crt" in secret_json["data"] and "token" in secret_json["data"]: - secret_data = secret_json - break - - num_retries -= 1 - if num_retries == 0: - break - print( - "Secret '{}' is not populated. Sleep {}s, ({} retries left)".format( - secret, timeout, num_retries - ) - ) - time.sleep(timeout) - return secret_data - - -parser = argparse.ArgumentParser(description="Generate KubeConfig with Token") -parser.add_argument("-s", "--service_account", help="Service Account name", required=True) -parser.add_argument("-n", "--namespace", help="Kubernetes namespace", default="kube-system") -parser.add_argument("-c", "--context", help="kubectl context") -parser.add_argument("-o", "--output_file", help="output file path") +parser = argparse.ArgumentParser(description='Generate KubeConfig with Token') +parser.add_argument('-s', '--service_account', help='Service Account name', required=True) +parser.add_argument('-n', '--namespace', help='Kubernetes namespace', default='kube-system') +parser.add_argument('-c', '--context', help='kubectl context') args = vars(parser.parse_args()) # if the context is not provided we use the current-context -context = args["context"] +context = args['context'] if context is None: - context = run_command(["config", "current-context"], args["namespace"], as_json=False) + context = run_command(['config', 'current-context'], + args['namespace'], as_json=False) -cluster_attrs = run_command( - ["config", "get-contexts", context.strip(), "--no-headers"], args["namespace"], as_json=False -) +cluster_attrs = run_command(['config', 'get-contexts', context.strip(), + '--no-headers'], args['namespace'], as_json=False) cluster_name = cluster_attrs.strip().split()[2] -endpoint = run_command( - [ - "config", - "view", - "-o", - 'jsonpath="{.clusters[?(@.name =="' + cluster_name + '")].cluster.server}"', - ], - args["namespace"], - as_json=False, -) -service_account_info = run_command(["get", "sa", args["service_account"]], args["namespace"]) - -tmpdir = tempfile.TemporaryDirectory() - -# Get the token and ca.crt from service account secret. -sa_secrets = list() -# Kubernetes 1.22 onwards doesn't create a token secret, so we create -# it ourselves. -if "secrets" not in service_account_info: - token_secret = create_sa_token_secret(tmpdir.name, args["service_account"], args["namespace"]) - sa_secrets.append(token_secret) -else: - # some ServiceAccounts have multiple secrets, and not all them have a - # ca.crt and a token. - sa_secrets = [secret["name"] for secret in service_account_info["secrets"]] +endpoint = run_command(['config', 'view', '-o', + 'jsonpath="{.clusters[?(@.name =="' + + cluster_name + '")].cluster.server}"'], + args['namespace'], as_json=False) +service_account_info = run_command(['get', 'sa', args['service_account']], + args['namespace']) +# some ServiceAccounts have multiple secrets, and not all them have a +# ca.crt and a token. +sa_secrets = [secret['name'] for secret in service_account_info['secrets']] secret_data = None for secret in sa_secrets: - secret_data = get_secret_data(secret, args["namespace"]) - if secret_data is not None: - break + secret_json = run_command(['get', 'secret', secret], args['namespace']) + if 'ca.crt' not in secret_json['data'] and 'token' not in secret_json['data']: + continue + secret_data = secret_json if secret_data is None: - exit("No usable secret found for '{}'.".format(args["service_account"])) + exit("No usable secret found for '{}'.".format(args['service_account'])) -context_name = "{}-{}".format(args["service_account"], cluster_name) -kube_config = args["output_file"] -if not kube_config: - kube_config = "/tmp/{}.conf".format(args["service_account"]) +context_name = '{}-{}'.format(args['service_account'], cluster_name) +kube_config = '/tmp/{}.conf'.format(args['service_account']) +with tempfile.NamedTemporaryFile() as ca_crt_file: + ca_crt = base64.b64decode(secret_data['data']['ca.crt']) + ca_crt_file.write(ca_crt) + ca_crt_file.flush() + # create kubeconfig entry + set_cluster_cmd = ['config', 'set-cluster', cluster_name, + '--kubeconfig={}'.format(kube_config), + '--server={}'.format(endpoint.strip('"')), + '--embed-certs=true', + '--certificate-authority={}'.format(ca_crt_file.name)] + run_command(set_cluster_cmd, as_json=False) -ca_crt_file_name = os.path.join(tmpdir.name, "ca.crt") -ca_crt_file = open(ca_crt_file_name, "wb") -ca_crt_file.write(base64.b64decode(secret_data["data"]["ca.crt"])) -ca_crt_file.close() +user_token = base64.b64decode(secret_data['data']['token']).decode('utf-8') +set_credentials_cmd = ['config', 'set-credentials', context_name, + '--token={}'.format(user_token), + '--kubeconfig={}'.format(kube_config)] +run_command(set_credentials_cmd, as_json=False) -# create kubeconfig entry -set_cluster_cmd = [ - "config", - "set-cluster", - cluster_name, - "--kubeconfig={}".format(kube_config), - "--server={}".format(endpoint.strip('"')), - "--embed-certs=true", - "--certificate-authority={}".format(ca_crt_file_name), -] -run_command(set_cluster_cmd, as_json=False) - -user_token = base64.b64decode(secret_data["data"]["token"]).decode("utf-8") -set_credentials_cmd = [ - "config", - "set-credentials", - context_name, - "--token={}".format(user_token), - "--kubeconfig={}".format(kube_config), -] -run_command(set_credentials_cmd, as_json=False, log_command=False) - -set_context_cmd = [ - "config", - "set-context", - context_name, - "--cluster={}".format(cluster_name), - "--user={}".format(context_name), - "--kubeconfig={}".format(kube_config), -] +set_context_cmd = ['config', 'set-context', context_name, + '--cluster={}'.format(cluster_name), + '--user={}'.format(context_name), + '--kubeconfig={}'.format(kube_config)] run_command(set_context_cmd, as_json=False) -use_context_cmd = ["config", "use-context", context_name, "--kubeconfig={}".format(kube_config)] +use_context_cmd = ['config', 'use-context', context_name, + '--kubeconfig={}'.format(kube_config)] run_command(use_context_cmd, as_json=False) print("Generated the kubeconfig file: {}".format(kube_config)) diff --git a/charts/yugabyte/yugabyte/openshift.values.yaml b/charts/yugabyte/yugabyte/openshift.values.yaml deleted file mode 100644 index d2784b23e..000000000 --- a/charts/yugabyte/yugabyte/openshift.values.yaml +++ /dev/null @@ -1,4 +0,0 @@ -# OCP compatible values for yugabyte - -Image: - repository: "quay.io/yugabyte/yugabyte-ubi" diff --git a/charts/yugabyte/yugabyte/questions.yaml b/charts/yugabyte/yugabyte/questions.yaml index 6befa49e1..c88fd43c0 100644 --- a/charts/yugabyte/yugabyte/questions.yaml +++ b/charts/yugabyte/yugabyte/questions.yaml @@ -16,7 +16,7 @@ questions: label: YugabyteDB image repository description: "YugabyteDB image repository" - variable: Image.tag - default: "2.5.1.0-b153" + default: "2.14.1.0-b36" required: true type: string label: YugabyteDB image tag diff --git a/charts/yugabyte/yugabyte/templates/_helpers.tpl b/charts/yugabyte/yugabyte/templates/_helpers.tpl index 1d506a432..460d711fe 100644 --- a/charts/yugabyte/yugabyte/templates/_helpers.tpl +++ b/charts/yugabyte/yugabyte/templates/_helpers.tpl @@ -26,7 +26,7 @@ Generate common labels. {{- define "yugabyte.labels" }} heritage: {{ .Values.helm2Legacy | ternary "Tiller" (.Release.Service | quote) }} release: {{ .Release.Name | quote }} -chart: {{ .Chart.Name | quote }} +chart: {{ .Values.oldNamingStyle | ternary .Chart.Name (include "yugabyte.chart" .) | quote }} component: {{ .Values.Component | quote }} {{- if .Values.commonLabels}} {{ toYaml .Values.commonLabels }} @@ -122,18 +122,10 @@ Generate server FQDN. {{- define "yugabyte.server_fqdn" -}} {{- if (and .Values.istioCompatibility.enabled .Values.multicluster.createServicePerPod) -}} {{- printf "$(HOSTNAME).$(NAMESPACE).svc.%s" .Values.domainName -}} - {{- else if (and .Values.oldNamingStyle .Values.multicluster.createServiceExports) -}} - {{ $membershipName := required "A valid membership name is required! Please set multicluster.kubernetesClusterId" .Values.multicluster.kubernetesClusterId }} - {{- printf "$(HOSTNAME).%s.%s.$(NAMESPACE).svc.clusterset.local" $membershipName .Service.name -}} {{- else if .Values.oldNamingStyle -}} - {{- printf "$(HOSTNAME).%s.$(NAMESPACE).svc.%s" .Service.name .Values.domainName -}} + {{- printf "$(HOSTNAME).%s.$(NAMESPACE).svc.%s" .Service.name .Values.domainName -}} {{- else -}} - {{- if .Values.multicluster.createServiceExports -}} - {{ $membershipName := required "A valid membership name is required! Please set multicluster.kubernetesClusterId" .Values.multicluster.kubernetesClusterId }} - {{- printf "$(HOSTNAME).%s.%s-%s.$(NAMESPACE).svc.clusterset.local" $membershipName (include "yugabyte.fullname" .) .Service.name -}} - {{- else -}} - {{- printf "$(HOSTNAME).%s-%s.$(NAMESPACE).svc.%s" (include "yugabyte.fullname" .) .Service.name .Values.domainName -}} - {{- end -}} + {{- printf "$(HOSTNAME).%s-%s.$(NAMESPACE).svc.%s" (include "yugabyte.fullname" .) .Service.name .Values.domainName -}} {{- end -}} {{- end -}} @@ -146,17 +138,10 @@ Generate server broadcast address. {{/* Generate server RPC bind address. - -In case of multi-cluster services (MCS), we set it to $(POD_IP) to -ensure YCQL uses a resolvable address. -See https://github.com/yugabyte/yugabyte-db/issues/16155 */}} {{- define "yugabyte.rpc_bind_address" -}} - {{- $port := index .Service.ports "tcp-rpc-port" -}} {{- if .Values.istioCompatibility.enabled -}} - 0.0.0.0:{{ $port }} - {{- else if .Values.multicluster.createServiceExports -}} - $(POD_IP):{{ $port }} + 0.0.0.0:{{ index .Service.ports "tcp-rpc-port" -}} {{- else -}} {{- include "yugabyte.server_fqdn" . -}} {{- end -}} @@ -173,7 +158,7 @@ Generate server web interface. Generate server CQL proxy bind address. */}} {{- define "yugabyte.cql_proxy_bind_address" -}} - {{- if or .Values.istioCompatibility.enabled .Values.multicluster.createServiceExports -}} + {{- if .Values.istioCompatibility.enabled -}} 0.0.0.0:{{ index .Service.ports "tcp-yql-port" -}} {{- else -}} {{- include "yugabyte.server_fqdn" . -}} @@ -218,10 +203,10 @@ Compute the maximum number of unavailable pods based on the number of master rep Set consistent issuer name. */}} {{- define "yugabyte.tls_cm_issuer" -}} - {{- if .Values.tls.certManager.bootstrapSelfsigned -}} - {{ .Values.oldNamingStyle | ternary "yugabyte-selfsigned" (printf "%s-selfsigned" (include "yugabyte.fullname" .)) }} + {{- if .Values.tls.certManager.useClusterIssuer -}} + {{ .Values.tls.certManager.clusterIssuer }} {{- else -}} - {{ .Values.tls.certManager.useClusterIssuer | ternary .Values.tls.certManager.clusterIssuer .Values.tls.certManager.issuer}} + {{ .Values.oldNamingStyle | ternary "yugabyte-selfsigned" (printf "%s-selfsigned" (include "yugabyte.fullname" .)) }} {{- end -}} {{- end -}} diff --git a/charts/yugabyte/yugabyte/templates/certificates.yaml b/charts/yugabyte/yugabyte/templates/certificates.yaml index 5c7814de4..f8dd4acb5 100644 --- a/charts/yugabyte/yugabyte/templates/certificates.yaml +++ b/charts/yugabyte/yugabyte/templates/certificates.yaml @@ -1,7 +1,7 @@ {{- $root := . -}} --- {{- if $root.Values.tls.certManager.enabled }} -{{- if $root.Values.tls.certManager.bootstrapSelfsigned }} +{{- if not $root.Values.tls.certManager.useClusterIssuer }} --- apiVersion: cert-manager.io/v1 kind: Issuer @@ -37,38 +37,13 @@ spec: ca: secretName: {{ $root.Values.oldNamingStyle | ternary "yugabyte-ca" (printf "%s-ca" (include "yugabyte.fullname" $root)) }} --- -{{- else }} -{{/* when bootstrapSelfsigned = false, ie. when using an external CA. -Create a Secret with just the rootCA.cert value and mount into master/tserver pods. -This will be used as a fall back in case the Secret generated by cert-manager does not -have a root ca.crt. This can happen for certain certificate issuers like LetsEncrypt. -*/}} ---- -apiVersion: v1 -kind: Secret -metadata: - name: {{ printf "%s-root-ca" (include "yugabyte.fullname" $root) }} - namespace: "{{ $root.Release.Namespace }}" - labels: - {{- include "yugabyte.labels" $root | indent 4 }} -type: Opaque -data: - ca.crt: {{ $root.Values.tls.rootCA.cert }} ---- {{- end }} -{{/* -The below Certificate resource will trigger cert-manager to issue crt/key into Secrets. -These secrets are mounted into master/tserver pods. -*/}} {{- range .Values.Services }} {{- $service := . -}} {{- $appLabelArgs := dict "label" .label "root" $root -}} {{- $serviceValues := (dict "Service" $service "Values" $root.Values "Chart" $root.Chart "Release" $root.Release) -}} -{{- $replicas := (eq .name "yb-masters") | ternary $root.Values.replicas.master $root.Values.replicas.tserver -}} - -{{- if (gt (int $replicas) 0) }} --- apiVersion: cert-manager.io/v1 kind: Certificate @@ -90,17 +65,18 @@ spec: secretName: {{ $root.Values.oldNamingStyle | ternary (printf "%s-yugabyte-tls-cert" $service.label) (printf "%s-%s-tls-cert" (include "yugabyte.fullname" $root) $service.label) }} duration: {{ $root.Values.tls.certManager.certificates.duration | quote }} renewBefore: {{ $root.Values.tls.certManager.certificates.renewBefore | quote }} + commonName: yugabyte-{{ .name }} isCA: false privateKey: algorithm: {{ $root.Values.tls.certManager.certificates.algorithm | quote }} encoding: PKCS8 size: {{ $root.Values.tls.certManager.certificates.keySize }} - rotationPolicy: Always usages: - server auth - client auth # At least one of a DNS Name, URI, or IP address is required. dnsNames: + {{- $replicas := (eq .name "yb-masters") | ternary $root.Values.replicas.master $root.Values.replicas.tserver -}} {{- range $index := until ( int ( $replicas ) ) }} {{- $nodeOldStyle := printf "%s-%d.%s.%s.svc.%s" $service.label $index $service.name $root.Release.Namespace $root.Values.domainName }} {{- $nodeNewStyle := printf "%s-%s-%d.%s-%s.%s.svc.%s" (include "yugabyte.fullname" $root) $service.label $index (include "yugabyte.fullname" $root) $service.name $root.Release.Namespace $root.Values.domainName }} @@ -111,7 +87,6 @@ spec: ipAddresses: [] --- {{- end }} -{{- end }} --- apiVersion: cert-manager.io/v1 @@ -139,7 +114,6 @@ spec: algorithm: {{ $root.Values.tls.certManager.certificates.algorithm | quote }} encoding: PKCS8 size: {{ $root.Values.tls.certManager.certificates.keySize }} - rotationPolicy: Always usages: - client auth dnsNames: [] diff --git a/charts/yugabyte/yugabyte/templates/multicluster/common-tserver-service.yaml b/charts/yugabyte/yugabyte/templates/multicluster-common-tserver-service.yaml similarity index 100% rename from charts/yugabyte/yugabyte/templates/multicluster/common-tserver-service.yaml rename to charts/yugabyte/yugabyte/templates/multicluster-common-tserver-service.yaml diff --git a/charts/yugabyte/yugabyte/templates/multicluster/service-per-pod.yaml b/charts/yugabyte/yugabyte/templates/multicluster-multiple-services.yaml similarity index 96% rename from charts/yugabyte/yugabyte/templates/multicluster/service-per-pod.yaml rename to charts/yugabyte/yugabyte/templates/multicluster-multiple-services.yaml index 681231e29..a26b39018 100644 --- a/charts/yugabyte/yugabyte/templates/multicluster/service-per-pod.yaml +++ b/charts/yugabyte/yugabyte/templates/multicluster-multiple-services.yaml @@ -11,7 +11,6 @@ metadata: labels: {{- include "yugabyte.applabel" ($appLabelArgs) | indent 4 }} {{- include "yugabyte.labels" $ | indent 4 }} - service-type: "non-endpoint" spec: ports: {{- range $label, $port := $server.ports }} diff --git a/charts/yugabyte/yugabyte/templates/multicluster/mcs-service-export.yaml b/charts/yugabyte/yugabyte/templates/multicluster/mcs-service-export.yaml deleted file mode 100644 index eeafcb1bb..000000000 --- a/charts/yugabyte/yugabyte/templates/multicluster/mcs-service-export.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- /* - Ref - https://cloud.google.com/kubernetes-engine/docs/how-to/multi-cluster-services#registering_a_service_for_export - https://github.com/kubernetes/enhancements/tree/master/keps/sig-multicluster/1645-multi-cluster-services-api#exporting-services -*/}} -{{- if .Values.multicluster.createServiceExports }} -apiVersion: {{ .Values.multicluster.mcsApiVersion }} -kind: ServiceExport -metadata: - name: {{ .Values.oldNamingStyle | ternary "yb-masters" (printf "%s-%s" (include "yugabyte.fullname" .) "yb-masters") | quote }} - namespace: "{{ .Release.Namespace }}" - labels: - {{- include "yugabyte.labels" . | indent 4 }} ---- -apiVersion: {{ .Values.multicluster.mcsApiVersion }} -kind: ServiceExport -metadata: - name: {{ .Values.oldNamingStyle | ternary "yb-tservers" (printf "%s-%s" (include "yugabyte.fullname" .) "yb-tservers") | quote }} - namespace: "{{ .Release.Namespace }}" - labels: - {{- include "yugabyte.labels" . | indent 4 }} -{{ end -}} diff --git a/charts/yugabyte/yugabyte/templates/service.yaml b/charts/yugabyte/yugabyte/templates/service.yaml index 8983707f6..697e4776d 100644 --- a/charts/yugabyte/yugabyte/templates/service.yaml +++ b/charts/yugabyte/yugabyte/templates/service.yaml @@ -46,27 +46,10 @@ data: {{- range $index := until ( int ( $replicas ) ) }} {{- $nodeOldStyle := printf "%s-%d.%s.%s.svc.%s" $service.label $index $service.name $root.Release.Namespace $root.Values.domainName }} {{- $nodeNewStyle := printf "%s-%s-%d.%s-%s.%s.svc.%s" (include "yugabyte.fullname" $root) $service.label $index (include "yugabyte.fullname" $root) $service.name $root.Release.Namespace $root.Values.domainName }} - -{{- if $root.Values.multicluster.createServiceExports -}} - {{- $nodeOldStyle = printf "%s-%d.%s.%s.%s.svc.clusterset.local" $service.label $index $root.Values.multicluster.kubernetesClusterId $service.name $root.Release.Namespace }} - {{- $nodeNewStyle = printf "%s-%s-%d.%s.%s-%s.%s.svc.clusterset.local" (include "yugabyte.fullname" $root) $service.label $index $root.Values.multicluster.kubernetesClusterId (include "yugabyte.fullname" $root) $service.name $root.Release.Namespace }} -{{- end -}} - -{{- if (and $root.Values.istioCompatibility.enabled $root.Values.multicluster.createServicePerPod) -}} - {{- $nodeOldStyle = printf "%s-%d.%s.svc.%s" $service.label $index $root.Release.Namespace $root.Values.domainName }} - {{- $nodeNewStyle = printf "%s-%s-%d.%s.svc.%s" (include "yugabyte.fullname" $root) $service.label $index $root.Release.Namespace $root.Values.domainName }} -{{- end -}} - {{- $node := $root.Values.oldNamingStyle | ternary $nodeOldStyle $nodeNewStyle }} {{- if $root.Values.tls.rootCA.key }} {{- $dns1 := printf "*.*.%s" $root.Release.Namespace }} {{- $dns2 := printf "%s.svc.%s" $dns1 $root.Values.domainName }} -{{- if $root.Values.multicluster.createServiceExports -}} - {{- $dns1 = printf "*.*.*.%s.svc.clusterset.local" $root.Release.Namespace }} -{{- end -}} -{{- if (and $root.Values.istioCompatibility.enabled $root.Values.multicluster.createServicePerPod) -}} - {{- $dns1 = printf "*.%s.svc.%s" $root.Release.Namespace $root.Values.domainName }} -{{- end -}} {{- $rootCA := buildCustomCert $root.Values.tls.rootCA.cert $root.Values.tls.rootCA.key -}} {{- $server := genSignedCert $node ( default nil ) (list $dns1 $dns2 ) 3650 $rootCA }} node.{{$node}}.crt: {{ $server.Cert | b64enc }} @@ -111,7 +94,6 @@ metadata: labels: {{- include "yugabyte.applabel" ($appLabelArgs) | indent 4 }} {{- include "yugabyte.labels" $root | indent 4 }} - service-type: "endpoint" spec: {{ if eq $root.Release.Service "Tiller" }} clusterIP: @@ -215,9 +197,6 @@ spec: labels: {{- include "yugabyte.applabel" ($appLabelArgs) | indent 8 }} {{- include "yugabyte.labels" $root | indent 8 }} - {{- if $root.Values.istioCompatibility.enabled }} - sidecar.istio.io/inject: "true" - {{- end }} {{- if eq .name "yb-masters" }} {{- with $root.Values.master.podLabels }}{{ toYaml . | nindent 8 }}{{ end }} {{- else }} @@ -235,6 +214,7 @@ spec: nodeSelector: {{ toYaml $root.Values.nodeSelector | indent 8 }} {{- end }} + terminationGracePeriodSeconds: 300 {{- if eq .name "yb-masters" }} # yb-masters {{- if $root.Values.master.tolerations }} tolerations: @@ -246,7 +226,6 @@ spec: {{- with $root.Values.tserver.tolerations }}{{ toYaml . | nindent 8 }}{{ end }} {{- end }} {{- end }} - terminationGracePeriodSeconds: 300 affinity: # Set the anti-affinity selector scope to YB masters. {{ if $root.Values.AZ }} @@ -379,13 +358,10 @@ spec: {{- $rpcPreflight := include "yugabyte.preflight_check" (set $serviceValues "Preflight" $rpcDict) -}} {{- if $rpcPreflight -}}{{ $rpcPreflight | nindent 12 }}{{ end -}} {{- $broadcastAddr := include "yugabyte.server_broadcast_address" $serviceValues -}} - {{/* skip bind check for Istio multi-cluster, we cannot/don't bind to service IP */}} - {{- if (not (and $root.Values.istioCompatibility.enabled $root.Values.multicluster.createServicePerPod)) }} - {{- $broadcastPort := index $service.ports "tcp-rpc-port" -}} - {{- $broadcastDict := dict "Addr" $broadcastAddr "Port" $broadcastPort -}} - {{- $broadcastPreflight := include "yugabyte.preflight_check" (set $serviceValues "Preflight" $broadcastDict) -}} - {{- if $broadcastPreflight -}}{{ $broadcastPreflight | nindent 12 }}{{ end -}} - {{- end }} + {{- $broadcastPort := index $service.ports "tcp-rpc-port" -}} + {{- $broadcastDict := dict "Addr" $broadcastAddr "Port" $broadcastPort -}} + {{- $broadcastPreflight := include "yugabyte.preflight_check" (set $serviceValues "Preflight" $broadcastDict) -}} + {{- if $broadcastPreflight -}}{{ $broadcastPreflight | nindent 12 }}{{ end -}} {{- $webserverAddr := include "yugabyte.webserver_interface" $serviceValues -}} {{- $webserverPort := index $service.ports "http-ui" -}} {{- $webserverDict := dict "Addr" $webserverAddr "Port" $webserverPort -}} @@ -396,25 +372,6 @@ spec: else k8s_parent="" fi && \ - {{- if and $root.Values.tls.enabled $root.Values.tls.certManager.enabled }} - echo "Creating ephemeral /opt/certs/yugabyte/ as symlink to persisted /mnt/disk0/certs/" && \ - mkdir -p /mnt/disk0/certs && \ - mkdir -p /opt/certs && \ - ln -s /mnt/disk0/certs /opt/certs/yugabyte && \ - if [[ ! -f /opt/certs/yugabyte/ca.crt ]]; then - echo "Fresh install of /opt/certs/yugabyte/ca.crt" - cp /home/yugabyte/cert-manager/ca.crt /opt/certs/yugabyte/ca.crt; - fi && \ - cmp -s /home/yugabyte/cert-manager/ca.crt /opt/certs/yugabyte/ca.crt;sameRootCA=$? && \ - if [[ $sameRootCA -eq 0 ]]; then - echo "Refreshing tls certs at /opt/certs/yugabyte/"; - cp /home/yugabyte/cert-manager/tls.crt /opt/certs/yugabyte/node.{{$rpcAddr}}.crt; - cp /home/yugabyte/cert-manager/tls.key /opt/certs/yugabyte/node.{{$rpcAddr}}.key; - chmod 600 /opt/certs/yugabyte/* - else - echo "WARNING: Not refreshing certificates as the root ca.crt has changed" - fi && \ - {{- end }} {{- if eq .name "yb-masters" }} exec ${k8s_parent} /home/yugabyte/bin/yb-master \ {{- if not $root.Values.storage.ephemeral }} @@ -530,7 +487,7 @@ spec: {{- end }} {{- if $root.Values.tls.enabled }} - name: {{ $root.Values.oldNamingStyle | ternary (printf "%s-yugabyte-tls-cert" .label) (printf "%s-%s-tls-cert" (include "yugabyte.fullname" $root) .label) }} - mountPath: {{ $root.Values.tls.certManager.enabled | ternary "/home/yugabyte/cert-manager" "/opt/certs/yugabyte" }} + mountPath: /opt/certs/yugabyte readOnly: true - name: {{ $root.Values.oldNamingStyle | ternary "yugabyte-tls-client-cert" (printf "%s-client-tls" (include "yugabyte.fullname" $root)) }} mountPath: /root/.yugabytedb/ @@ -580,24 +537,25 @@ spec: {{- end }} {{- end }} {{- if $root.Values.tls.enabled }} - {{- if $root.Values.tls.certManager.enabled }} - {{- /* certManager enabled */}} - - name: {{ $root.Values.oldNamingStyle | ternary (printf "%s-yugabyte-tls-cert" .label) (printf "%s-%s-tls-cert" (include "yugabyte.fullname" $root) .label) }} - projected: - sources: - {{- if not $root.Values.tls.certManager.bootstrapSelfsigned }} - - secret: - name: {{ printf "%s-root-ca" (include "yugabyte.fullname" $root) }} - {{- end }} - - secret: - name: {{ $root.Values.oldNamingStyle | ternary (printf "%s-yugabyte-tls-cert" .label) (printf "%s-%s-tls-cert" (include "yugabyte.fullname" $root) .label) }} - {{- else }} - {{/* certManager disabled */}} - name: {{ $root.Values.oldNamingStyle | ternary (printf "%s-yugabyte-tls-cert" .label) (printf "%s-%s-tls-cert" (include "yugabyte.fullname" $root) .label) }} secret: secretName: {{ $root.Values.oldNamingStyle | ternary (printf "%s-yugabyte-tls-cert" .label) (printf "%s-%s-tls-cert" (include "yugabyte.fullname" $root) .label) }} + {{- if $root.Values.tls.certManager.enabled }} + items: + {{- $replicas := (eq .name "yb-masters") | ternary $root.Values.replicas.master $root.Values.replicas.tserver -}} + {{- range $index := until ( int ( $replicas ) ) }} + {{- $nodeOldStyle := printf "%s-%d.%s.%s.svc.%s" $service.label $index $service.name $root.Release.Namespace $root.Values.domainName }} + {{- $nodeNewStyle := printf "%s-%s-%d.%s-%s.%s.svc.%s" (include "yugabyte.fullname" $root) $service.label $index (include "yugabyte.fullname" $root) $service.name $root.Release.Namespace $root.Values.domainName }} + {{- $node := $root.Values.oldNamingStyle | ternary $nodeOldStyle $nodeNewStyle }} + - key: tls.crt + path: node.{{$node}}.crt + - key: tls.key + path: node.{{$node}}.key + {{- end }} + - key: ca.crt + path: ca.crt + {{- end }} defaultMode: 256 - {{- end }} - name: {{ $root.Values.oldNamingStyle | ternary "yugabyte-tls-client-cert" (printf "%s-client-tls" (include "yugabyte.fullname" $root)) }} secret: secretName: {{ $root.Values.oldNamingStyle | ternary "yugabyte-tls-client-cert" (printf "%s-client-tls" (include "yugabyte.fullname" $root)) }} diff --git a/charts/yugabyte/yugabyte/values.yaml b/charts/yugabyte/yugabyte/values.yaml index fecf82027..0d3626e67 100644 --- a/charts/yugabyte/yugabyte/values.yaml +++ b/charts/yugabyte/yugabyte/values.yaml @@ -2,15 +2,10 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. Component: "yugabytedb" - -fullnameOverride: "" -nameOverride: "" - Image: repository: "yugabytedb/yugabyte" - tag: 2.16.3.0-b43 + tag: 2.14.9.0-b23 pullPolicy: IfNotPresent - pullSecretName: "" storage: ephemeral: false # will not allocate PVs when true @@ -26,38 +21,27 @@ storage: resource: master: requests: - cpu: "2" + cpu: 2 memory: 2Gi limits: - cpu: "2" + cpu: 2 memory: 2Gi tserver: requests: - cpu: "2" + cpu: 2 memory: 4Gi limits: - cpu: "2" + cpu: 2 memory: 4Gi replicas: master: 3 tserver: 3 - ## Used to set replication factor when isMultiAz is set to true - totalMasters: 3 partition: master: 0 tserver: 0 -# Used in Multi-AZ setup -masterAddresses: "" - -isMultiAz: false -AZ: "" - -# Disable the YSQL -disableYsql: false - tls: # Set to true to enable the TLS. enabled: false @@ -68,14 +52,10 @@ tls: # Set enabled to true to use cert-manager instead of providing your own rootCA certManager: enabled: false - # Will create own ca certificate and issuer when set to true - bootstrapSelfsigned: true - # Use ClusterIssuer when set to true, otherwise use Issuer + # Will create own ca certificate and issuer when set to false useClusterIssuer: false - # Name of ClusterIssuer to use when useClusterIssuer is true + # ignored when useClusterIssuer is false clusterIssuer: cluster-ca - # Name of Issuer to use when useClusterIssuer is false - issuer: yugabyte-ca certificates: # The lifetime before cert-manager will issue a new certificate. # The re-issued certificates will not be automatically reloaded by the service. @@ -87,14 +67,10 @@ tls: # Or 256, 384 or 521 for ECDSA keySize: 521 - ## When certManager.enabled=false, rootCA.cert and rootCA.key are used to generate TLS certs. - ## When certManager.enabled=true and boostrapSelfsigned=true, rootCA is ignored. - ## When certManager.enabled=true and bootstrapSelfsigned=false, only rootCA.cert is used - ## to verify TLS certs generated and signed by the external provider. + # Will be ignored when certManager.enabled=true rootCA: cert: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM2VENDQWRHZ0F3SUJBZ0lCQVRBTkJna3Foa2lHOXcwQkFRc0ZBREFXTVJRd0VnWURWUVFERXd0WmRXZGgKWW5sMFpTQkVRakFlRncweE9UQXlNRGd3TURRd01qSmFGdzB5T1RBeU1EVXdNRFF3TWpKYU1CWXhGREFTQmdOVgpCQU1UQzFsMVoyRmllWFJsSUVSQ01JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBCnVOMWF1aWc4b2pVMHM0OXF3QXhrT2FCaHkwcTlyaVg2akVyZWJyTHJOWDJOeHdWQmNVcWJkUlhVc3VZNS96RUQKUC9CZTNkcTFuMm9EQ2ZGVEwweGkyNFdNZExRcnJBMndCdzFtNHM1WmQzcEJ1U04yWHJkVVhkeUx6dUxlczJNbgovckJxcWRscXp6LzAyTk9TOE9SVFZCUVRTQTBSOFNMQ1RjSGxMQmRkMmdxZ1ZmemVXRlVObXhWQ2EwcHA5UENuCmpUamJJRzhJWkh5dnBkTyt3aURQM1Y1a1ZEaTkvbEtUaGUzcTFOeDg5VUNFcnRJa1pjSkYvWEs3aE90MU1sOXMKWDYzb2lVMTE1Q2svbGFGRjR6dWgrZk9VenpOVXRXeTc2RE92cm5pVGlaU0tQZDBBODNNa2l2N2VHaDVkV3owWgpsKzJ2a3dkZHJaRzVlaHhvbGhGS3pRSURBUUFCbzBJd1FEQU9CZ05WSFE4QkFmOEVCQU1DQXFRd0hRWURWUjBsCkJCWXdGQVlJS3dZQkJRVUhBd0VHQ0NzR0FRVUZCd01DTUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3RFFZSktvWkkKaHZjTkFRRUxCUUFEZ2dFQkFEQjVRbmlYd1ptdk52eG5VbS9sTTVFbms3VmhTUzRUZldIMHY4Q0srZWZMSVBTbwpVTkdLNXU5UzNEUWlvaU9SN1Vmc2YrRnk1QXljMmNUY1M2UXBxTCt0V1QrU1VITXNJNk9oQ05pQ1gvQjNKWERPCkd2R0RIQzBVOHo3aWJTcW5zQ2Rid05kajAyM0lwMHVqNE9DVHJ3azZjd0RBeXlwVWkwN2tkd28xYWJIWExqTnAKamVQMkwrY0hkc2dKM1N4WWpkK1kvei9IdmFrZG1RZDJTL1l2V0R3aU1SRDkrYmZXWkJVRHo3Y0QyQkxEVmU0aAp1bkFaK3NyelR2Sjd5dkVodzlHSDFyajd4Qm9VNjB5SUUrYSszK2xWSEs4WnBSV0NXMnh2eWNrYXJSKytPS2NKClFsL04wWExqNWJRUDVoUzdhOTdhQktTamNqY3E5VzNGcnhJa2tKST0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=" key: "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBdU4xYXVpZzhvalUwczQ5cXdBeGtPYUJoeTBxOXJpWDZqRXJlYnJMck5YMk54d1ZCCmNVcWJkUlhVc3VZNS96RURQL0JlM2RxMW4yb0RDZkZUTDB4aTI0V01kTFFyckEyd0J3MW00czVaZDNwQnVTTjIKWHJkVVhkeUx6dUxlczJNbi9yQnFxZGxxenovMDJOT1M4T1JUVkJRVFNBMFI4U0xDVGNIbExCZGQyZ3FnVmZ6ZQpXRlVObXhWQ2EwcHA5UENualRqYklHOElaSHl2cGRPK3dpRFAzVjVrVkRpOS9sS1RoZTNxMU54ODlVQ0VydElrClpjSkYvWEs3aE90MU1sOXNYNjNvaVUxMTVDay9sYUZGNHp1aCtmT1V6ek5VdFd5NzZET3ZybmlUaVpTS1BkMEEKODNNa2l2N2VHaDVkV3owWmwrMnZrd2RkclpHNWVoeG9saEZLelFJREFRQUJBb0lCQUJsdW1tU3gxR1djWER1Mwpwei8wZEhWWkV4c2NsU3U0SGRmZkZPcTF3cFlCUjlmeGFTZGsxQzR2YXF1UjhMaWl6WWVtVWViRGgraitkSnlSCmpwZ2JNaDV4S1BtRkw5empwU3ZUTkN4UHB3OUF5bm5sM3dyNHZhcU1CTS9aZGpuSGttRC9kQzBadEEvL0JIZ3YKNHk4d3VpWCsvUWdVaER0Z1JNcmR1ZUZ1OVlKaFo5UE9jYXkzSkkzMFhEYjdJSS9vNFNhYnhTcFI3bTg5WjY0NwpUb3hsOEhTSzl0SUQxbkl1bHVpTmx1dHI1RzdDdE93WTBSc2N5dmZ2elg4a1d2akpLZVJVbmhMSCtXVFZOaExICjdZc0tMNmlLa1NkckMzeWVPWnV4R0pEbVdrZVgxTzNPRUVGYkc4TjVEaGNqL0lXbDh1dGt3LzYwTEthNHBCS2cKTXhtNEx3RUNnWUVBNnlPRkhNY2pncHYxLzlHZC8yb3c2YmZKcTFjM1dqQkV2cnM2ZXNyMzgrU3UvdVFneXJNcAo5V01oZElpb2dYZjVlNjV5ZlIzYVBXcjJJdWMxZ0RUNlYycDZFR2h0NysyQkF1YkIzczloZisycVNRY1lkS3pmCnJOTDdKalE4ZEVGZWdYd041cHhKOTRTTVFZNEI4Qm9hOHNJWTd3TzU4dHpVMjZoclVnanFXQ1VDZ1lFQXlVUUIKNzViWlh6MGJ5cEc5NjNwYVp0bGlJY0cvUk1XMnVPOE9rVFNYSGdDSjBob25uRm5IMGZOc1pGTHdFWEtnTTRORworU3ZNbWtUekE5eVVSMHpIMFJ4UW44L1YzVWZLT2k5RktFeWx6NzNiRkV6ZW1QSEppQm12NWQ4ZTlOenZmU0E0CkdpRTYrYnFyV3VVWWRoRWlYTnY1SFNPZ3I4bUx1TzJDbGlmNTg0a0NnWUFlZzlDTmlJWmlOODAzOHNNWFYzZWIKalI5ZDNnYXY3SjJ2UnVyeTdvNDVGNDlpUXNiQ3AzZWxnY1RnczY5eWhkaFpwYXp6OGNEVndhREpyTW16cHF4cQpWY1liaFFIblppSWM5MGRubS9BaVF2eWJWNUZqNnQ5b05VVWtreGpaV1haalJXOGtZMW55QmtDUmJWVnhER0k4CjZOV0ZoeTFGaUVVVGNJcms3WVZFQlFLQmdRREpHTVIrYWRFamtlRlUwNjVadkZUYmN0VFVPY3dzb1Foalc2akkKZVMyTThxakNYeE80NnhQMnVTeFNTWFJKV3FpckQ3NDRkUVRvRjRCaEdXS21veGI3M3pqSGxWaHcwcXhDMnJ4VQorZENxODE0VXVJR3BlOTBMdWU3QTFlRU9kRHB1WVdUczVzc1FmdTE3MG5CUWQrcEhzaHNFZkhhdmJjZkhyTGpQCjQzMmhVUUtCZ1FDZ3hMZG5Pd2JMaHZLVkhhdTdPVXQxbGpUT240SnB5bHpnb3hFRXpzaDhDK0ZKUUQ1bkFxZXEKZUpWSkNCd2VkallBSDR6MUV3cHJjWnJIN3IyUTBqT2ZFallwU1dkZGxXaWh4OTNYODZ0aG83UzJuUlYrN1hNcQpPVW9ZcVZ1WGlGMWdMM1NGeHZqMHhxV3l0d0NPTW5DZGFCb0M0Tkw3enJtL0lZOEUwSkw2MkE9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=" - ## When tls.certManager.enabled=false ## nodeCert and clientCert will be used only when rootCA.key is empty. ## Will be ignored and genSignedCert will be used to generate ## node and client certs if rootCA.key is provided. @@ -109,35 +85,33 @@ tls: gflags: master: default_memory_limit_to_ram_ratio: 0.85 - tserver: {} +# tserver: # use_cassandra_authentication: false PodManagementPolicy: Parallel enableLoadBalancer: true +isMultiAz: false + domainName: "cluster.local" serviceEndpoints: - name: "yb-master-ui" type: LoadBalancer - annotations: {} - clusterIP: "" ## Sets the Service's externalTrafficPolicy - externalTrafficPolicy: "" + # externalTrafficPolicy: "" app: "yb-master" - loadBalancerIP: "" + # loadBalancerIP: "" ports: http-ui: "7000" - name: "yb-tserver-service" type: LoadBalancer - annotations: {} - clusterIP: "" ## Sets the Service's externalTrafficPolicy - externalTrafficPolicy: "" + # externalTrafficPolicy: "" app: "yb-tserver" - loadBalancerIP: "" + # loadBalancerIP: "" ports: tcp-yql-port: "9042" tcp-yedis-port: "6379" @@ -165,8 +139,7 @@ Services: http-yedis-met: "11000" http-ysql-met: "13000" -## Should be set to true only if Istio is being used. This also adds -## the Istio sidecar injection labels to the pods. +## Should be set to true only if Istio is being used. ## TODO: remove this once ## https://github.com/yugabyte/yugabyte-db/issues/5641 is fixed. ## @@ -183,22 +156,6 @@ multicluster: ## failover. Useful when using new naming style. createCommonTserverService: false - ## Enable it to deploy YugabyteDB in a multi-cluster services enabled - ## Kubernetes cluster (KEP-1645). This will create ServiceExport. - ## GKE Ref - https://cloud.google.com/kubernetes-engine/docs/how-to/multi-cluster-services#registering_a_service_for_export - ## You can use this gist for the reference to deploy the YugabyteDB in a multi-cluster scenario. - ## Gist - https://gist.github.com/baba230896/78cc9bb6f4ba0b3d0e611cd49ed201bf - createServiceExports: false - - ## Mandatory variable when createServiceExports is set to true. - ## Use: In case of GKE, you need to pass GKE Hub Membership Name. - ## GKE Ref - https://cloud.google.com/kubernetes-engine/docs/how-to/multi-cluster-services#enabling - kubernetesClusterId: "" - - ## mcsApiVersion is used for the MCS resources created by the - ## chart. Set to net.gke.io/v1 when using GKE MCS. - mcsApiVersion: "multicluster.x-k8s.io/v1alpha1" - serviceMonitor: ## If true, two ServiceMonitor CRs are created. One for yb-master ## and one for yb-tserver @@ -274,10 +231,6 @@ affinity: {} statefulSetAnnotations: {} -networkAnnotation: {} - -commonLabels: {} - master: ## Ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#affinity-v1-core ## This might override the default affinity from service.yaml diff --git a/charts/yugabyte/yugaware/Chart.yaml b/charts/yugabyte/yugaware/Chart.yaml index d5e824336..45d208924 100644 --- a/charts/yugabyte/yugaware/Chart.yaml +++ b/charts/yugabyte/yugaware/Chart.yaml @@ -3,20 +3,15 @@ annotations: catalog.cattle.io/display-name: YugabyteDB Anywhere catalog.cattle.io/kube-version: '>=1.18-0' catalog.cattle.io/release-name: yugaware - charts.openshift.io/name: yugaware -apiVersion: v2 -appVersion: 2.16.3.0-b43 -description: YugabyteDB Anywhere provides deployment, orchestration, and monitoring - for managing YugabyteDB clusters. YugabyteDB Anywhere can create a YugabyteDB cluster - with multiple pods provided by Kubernetes or OpenShift and logically grouped together - to form one logical distributed database. +apiVersion: v1 +appVersion: 2.14.9.0-b23 +description: YugaWare is YugaByte Database's Orchestration and Management console. home: https://www.yugabyte.com icon: https://avatars0.githubusercontent.com/u/17074854?s=200&v=4 -kubeVersion: '>=1.18-0' maintainers: -- email: sanketh@yugabyte.com - name: Sanketh Indarapu -- email: gjalla@yugabyte.com - name: Govardhan Reddy Jalla +- email: ram@yugabyte.com + name: Ram Sri +- email: arnav@yugabyte.com + name: Arnav Agarwal name: yugaware -version: 2.16.3 +version: 2.14.9 diff --git a/charts/yugabyte/yugaware/README.md b/charts/yugabyte/yugaware/README.md index 0d190c0be..fa27ce3e0 100644 --- a/charts/yugabyte/yugaware/README.md +++ b/charts/yugabyte/yugaware/README.md @@ -1,7 +1,5 @@ YugabyteDB Anywhere gives you the simplicity and support to deliver a private database-as-a-service (DBaaS) at scale. Use YugabyteDB Anywhere to deploy YugabyteDB across any cloud anywhere in the world with a few clicks, simplify day 2 operations through automation, and get the services needed to realize business outcomes with the database. -YugabyteDB Anywhere can be deployed using this Helm chart. Detailed documentation is available at: -- [Install YugabyteDB Anywhere software - Kubernetes](https://docs.yugabyte.com/preview/yugabyte-platform/install-yugabyte-platform/install-software/kubernetes/) -- [Install YugabyteDB Anywhere software - OpenShift (Helm based)](https://docs.yugabyte.com/preview/yugabyte-platform/install-yugabyte-platform/install-software/openshift/#helm-based-installation) +YugabyteDB Anywhere can be deployed using this helm chart. Detailed documentation is available at [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/yugabyte)](https://artifacthub.io/packages/search?repo=yugabyte) diff --git a/charts/yugabyte/yugaware/openshift.values.yaml b/charts/yugabyte/yugaware/openshift.values.yaml deleted file mode 100644 index 22ae952b0..000000000 --- a/charts/yugabyte/yugaware/openshift.values.yaml +++ /dev/null @@ -1,26 +0,0 @@ -# OCP compatible values for yugaware - -image: - - repository: quay.io/yugabyte/yugaware-ubi - - postgres: - registry: registry.redhat.io - tag: 1-88.1661531722 - name: rhscl/postgresql-13-rhel7 - - prometheus: - registry: registry.redhat.io - tag: v4.11.0 - name: openshift4/ose-prometheus - - nginx: - registry: registry.access.redhat.com - tag: 1-60.1665590917 - name: ubi8/nginx-120 - -rbac: - create: false - -ocpCompatibility: - enabled: true \ No newline at end of file diff --git a/charts/yugabyte/yugaware/questions.yaml b/charts/yugabyte/yugaware/questions.yaml index 904b9cf75..0f2a48dd3 100644 --- a/charts/yugabyte/yugaware/questions.yaml +++ b/charts/yugabyte/yugaware/questions.yaml @@ -15,7 +15,7 @@ questions: label: Yugabyte Platform image repository description: "Yugabyte Platform image repository" - variable: image.tag - default: "2.5.1.0-b153" + default: "2.14.1.0-b36" required: false type: string label: Yugabyte Platform image tag diff --git a/charts/yugabyte/yugaware/templates/configs.yaml b/charts/yugabyte/yugaware/templates/configs.yaml index f66e8d5d3..76b2f80cf 100644 --- a/charts/yugabyte/yugaware/templates/configs.yaml +++ b/charts/yugabyte/yugaware/templates/configs.yaml @@ -86,8 +86,6 @@ data: kubernetes.storageClass = "{{ .Values.yugaware.storageClass }}" kubernetes.pullSecretName = "{{ .Values.image.pullSecret }}" url = "https://{{ .Values.tls.hostname }}" - # GKE MCS takes 7 to 10 minutes to setup DNS - wait_for_server_timeout = 15 minutes } play.filters { @@ -182,7 +180,7 @@ data: {{- end }} proxy_http_version 1.1; proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $host; @@ -254,8 +252,6 @@ data: uwsgi_temp_path /tmp/uwsgi_temp; scgi_temp_path /tmp/scgi_temp; - proxy_read_timeout {{ .Values.nginx.proxyReadTimeoutSec }}; - include /etc/nginx/mime.types; default_type application/octet-stream; diff --git a/charts/yugabyte/yugaware/templates/global-config.yaml b/charts/yugabyte/yugaware/templates/global-config.yaml index 4d7f54f45..925e1bbb7 100644 --- a/charts/yugabyte/yugaware/templates/global-config.yaml +++ b/charts/yugabyte/yugaware/templates/global-config.yaml @@ -16,8 +16,8 @@ data: postgres_user: {{ .Values.postgres.external.user | b64enc | quote }} postgres_password: {{ .Values.postgres.external.pass | b64enc | quote }} {{- else }} - postgres_db: {{ .Values.postgres.dbname | b64enc | quote }} - postgres_user: {{ .Values.postgres.user | b64enc | quote }} + postgres_db: {{ "yugaware" | b64enc | quote }} + postgres_user: {{ "postgres" | b64enc | quote }} postgres_password: {{ include "getOrGeneratePasswordConfigMapToSecret" (dict "Namespace" .Release.Namespace "Name" (printf "%s%s" .Release.Name "-yugaware-global-config") "Key" "postgres_password") | quote }} {{- end }} app_secret: {{ randAlphaNum 64 | b64enc | b64enc | quote }} diff --git a/charts/yugabyte/yugaware/templates/rbac.yaml b/charts/yugabyte/yugaware/templates/rbac.yaml index a445885f5..907f9e1ce 100644 --- a/charts/yugabyte/yugaware/templates/rbac.yaml +++ b/charts/yugabyte/yugaware/templates/rbac.yaml @@ -1,4 +1,3 @@ -{{ if not .Values.yugaware.serviceAccount }} apiVersion: v1 kind: ServiceAccount metadata: @@ -11,7 +10,6 @@ metadata: annotations: {{ toYaml .Values.yugaware.serviceAccountAnnotations | indent 4 }} {{- end }} -{{ end }} {{- if .Values.rbac.create }} {{- if .Values.ocpCompatibility.enabled }} --- @@ -23,7 +21,7 @@ metadata: app: yugaware subjects: - kind: ServiceAccount - name: {{ .Values.yugaware.serviceAccount | default .Release.Name }} + name: {{ .Release.Name }} namespace: {{ .Release.Namespace }} roleRef: kind: ClusterRole @@ -79,7 +77,7 @@ metadata: addonmanager.kubernetes.io/mode: Reconcile subjects: - kind: ServiceAccount - name: {{ .Values.yugaware.serviceAccount | default .Release.Name }} + name: {{ .Release.Name }} namespace: {{ .Release.Namespace }} roleRef: kind: ClusterRole diff --git a/charts/yugabyte/yugaware/templates/service.yaml b/charts/yugabyte/yugaware/templates/service.yaml index fa25427d9..8b93d84cb 100644 --- a/charts/yugabyte/yugaware/templates/service.yaml +++ b/charts/yugabyte/yugaware/templates/service.yaml @@ -40,10 +40,6 @@ spec: {{- if and (eq .Values.yugaware.service.type "LoadBalancer") (.Values.yugaware.service.ip) }} loadBalancerIP: "{{ .Values.yugaware.service.ip }}" {{- end }} - {{- if .Values.yugaware.service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: - {{- toYaml .Values.yugaware.service.loadBalancerSourceRanges | nindent 4 }} - {{- end }} {{- end }} {{- if .Values.yugaware.serviceMonitor.enabled }} --- diff --git a/charts/yugabyte/yugaware/templates/statefulset.yaml b/charts/yugabyte/yugaware/templates/statefulset.yaml index 9d3cd1512..33a260ada 100644 --- a/charts/yugabyte/yugaware/templates/statefulset.yaml +++ b/charts/yugabyte/yugaware/templates/statefulset.yaml @@ -25,11 +25,8 @@ spec: {{- end }} labels: app: {{ .Release.Name }}-yugaware -{{- if .Values.yugaware.pod.labels }} -{{ toYaml .Values.yugaware.pod.labels | indent 8 }} -{{- end }} spec: - serviceAccountName: {{ .Values.yugaware.serviceAccount | default .Release.Name }} + serviceAccountName: {{ .Release.Name }} imagePullSecrets: - name: {{ .Values.image.pullSecret }} {{- if .Values.securityContext.enabled }} @@ -39,30 +36,6 @@ spec: fsGroupChangePolicy: {{ .Values.securityContext.fsGroupChangePolicy }} {{- end }} {{- end }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8}} - {{- end }} - {{- if .Values.tolerations }} - tolerations: - {{- with .Values.tolerations }}{{ toYaml . | nindent 8 }}{{ end }} - {{- end }} - {{- if .Values.zoneAffinity }} - affinity: - nodeAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - nodeSelectorTerms: - - matchExpressions: - - key: failure-domain.beta.kubernetes.io/zone - operator: In - values: -{{ toYaml .Values.zoneAffinity | indent 18 }} - - matchExpressions: - - key: topology.kubernetes.io/zone - operator: In - values: -{{ toYaml .Values.zoneAffinity | indent 18 }} - {{- end }} volumes: - name: yugaware-storage persistentVolumeClaim: @@ -193,12 +166,7 @@ spec: - name: postgres image: {{ include "full_image" (dict "containerName" "postgres" "root" .) }} imagePullPolicy: {{ .Values.image.pullPolicy }} - args: - {{- if and (.Values.ocpCompatibility.enabled) (eq .Values.image.postgres.registry "registry.redhat.io") }} - - "run-postgresql" - {{- end }} - - "-c" - - "huge_pages=off" + args: ["-c", "huge_pages=off"] env: - name: POSTGRES_USER valueFrom: @@ -215,33 +183,6 @@ spec: secretKeyRef: name: {{ .Release.Name }}-yugaware-global-config key: postgres_db - {{- if and (.Values.ocpCompatibility.enabled) (eq .Values.image.postgres.registry "registry.redhat.io") }} - # Hardcoded the POSTGRESQL_USER because it's mandatory env var in RH PG image - # It doesn't have access to create the DB, so YBA fails to create the perf_advisor DB. - # Need to use admin user of RH PG image (postgres) - # Changing the user name won't be possible moving forward for OpenShift certified chart - - name: POSTGRESQL_USER - value: pg-yba - # valueFrom: - # secretKeyRef: - # name: {{ .Release.Name }}-yugaware-global-config - # key: postgres_user - - name: POSTGRESQL_PASSWORD - valueFrom: - secretKeyRef: - name: {{ .Release.Name }}-yugaware-global-config - key: postgres_password - - name: POSTGRESQL_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - name: {{ .Release.Name }}-yugaware-global-config - key: postgres_password - - name: POSTGRESQL_DATABASE - valueFrom: - secretKeyRef: - name: {{ .Release.Name }}-yugaware-global-config - key: postgres_db - {{- end }} - name: PGDATA value: /var/lib/postgresql/data/pgdata ports: @@ -303,9 +244,6 @@ spec: - --web.enable-admin-api - --web.enable-lifecycle - --storage.tsdb.retention.time={{ .Values.prometheus.retentionTime }} - - --query.max-concurrency={{ .Values.prometheus.queryConcurrency }} - - --query.max-samples={{ .Values.prometheus.queryMaxSamples }} - - --query.timeout={{ .Values.prometheus.queryTimeout }} ports: - containerPort: 9090 - name: yugaware @@ -364,9 +302,6 @@ spec: - name: yugaware-storage mountPath: /opt/yugabyte/releases/ subPath: releases - - name: yugaware-storage - mountPath: /opt/yugabyte/ybc/releases/ - subPath: ybc_releases # old path for backward compatibility - name: yugaware-storage mountPath: /opt/releases/ @@ -383,7 +318,6 @@ spec: - name: nginx image: {{ include "full_image" (dict "containerName" "nginx" "root" .) }} imagePullPolicy: {{ .Values.image.pullPolicy }} - args: ["nginx", "-g", "daemon off;"] ports: - containerPort: 8080 diff --git a/charts/yugabyte/yugaware/templates/tests/test.yaml b/charts/yugabyte/yugaware/templates/tests/test.yaml deleted file mode 100644 index 1bd9a600b..000000000 --- a/charts/yugabyte/yugaware/templates/tests/test.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: {{ .Release.Name }}-yugaware-test - labels: - app: {{ .Release.Name }}-yugaware-test - chart: {{ template "yugaware.chart" . }} - release: {{ .Release.Name }} - annotations: - "helm.sh/hook": test -spec: - imagePullSecrets: - - name: {{ .Values.image.pullSecret }} - containers: - - name: yugaware-test - image: {{ include "full_yugaware_image" . }} - command: - - '/bin/bash' - - '-ec' - {{- if .Values.tls.enabled }} - - > - curl --head -k https://{{ .Release.Name }}-yugaware-ui - {{- else }} - - > - curl --head http://{{ .Release.Name }}-yugaware-ui - {{- end }} - restartPolicy: Never diff --git a/charts/yugabyte/yugaware/values.yaml b/charts/yugabyte/yugaware/values.yaml index 313eee1a2..bac23a10e 100644 --- a/charts/yugabyte/yugaware/values.yaml +++ b/charts/yugabyte/yugaware/values.yaml @@ -2,21 +2,18 @@ # This is a YAML-formatted file. # Declare variables to be passed into your templates. -fullnameOverride: "" -nameOverride: "" - image: commonRegistry: "" # Setting commonRegistry to say, quay.io overrides the registry settings for all images # including the yugaware image repository: quay.io/yugabyte/yugaware - tag: 2.16.3.0-b43 + tag: 2.14.9.0-b23 pullPolicy: IfNotPresent pullSecret: yugabyte-k8s-pull-secret ## Docker config JSON File name ## If set, this file content will be used to automatically create secret named as above - pullSecretFile: "" + # pullSecretFile: thirdparty-deps: registry: quay.io @@ -49,39 +46,30 @@ yugaware: storageClass: "" storageAnnotations: {} multiTenant: false - ## Name of existing ServiceAccount. When provided, the chart won't create a ServiceAccount. - ## It will attach the required RBAC roles to it. - ## Helpful in Yugabyte Platform GKE App. - serviceAccount: '' + serviceAccount: yugaware serviceMonitor: enabled: false annotations: {} serviceAccountAnnotations: {} service: annotations: {} - clusterIP: "" enabled: true ip: "" type: "LoadBalancer" - ## whitelist source CIDRs - #loadBalancerSourceRanges: - #- 0.0.0.0/0 - #- 192.168.100.0/24 pod: annotations: {} - labels: {} health: username: "" password: "" email: "" resources: requests: - cpu: "2" + cpu: 2 memory: 4Gi enableProxyMetricsAuth: true ## List of additional alowed CORS origins in case of complex rev-proxy additionAllowedCorsOrigins: [] - proxyEndpointTimeoutMs: 3 minute + proxyEndpointTimeoutMs: 1 minute ## Enables features specific for cloud deployments cloud: enabled: false @@ -92,14 +80,8 @@ yugaware: # Note that the default of 0 doesn't really make sense since a StatefulSet isn't allowed to schedule extra replicas. However it is maintained as the default while we do additional testing. This value will likely change in the future. maxUnavailable: 0 - universe_boot_script: "" - ## Configure PostgreSQL part of the application postgres: - # DO NOT CHANGE if using OCP Certified helm chart - user: postgres - dbname: yugaware - service: ## Expose internal Postgres as a Service enabled: false @@ -112,12 +94,12 @@ postgres: resources: requests: - cpu: "0.5" + cpu: 0.5 memory: 1Gi # If external.host is set then we will connect to an external postgres database server instead of starting our own. external: - host: "" + host: null port: 5432 pass: "" dbname: postgres @@ -165,11 +147,9 @@ nginx: resources: requests: - cpu: "0.25" + cpu: 0.25 memory: 300Mi - proxyReadTimeoutSec: 600 - rbac: ## Set this to false if you don't have enough permissions to create ## ClusterRole and Binding, for example an OpenShift cluster. When @@ -185,45 +165,15 @@ ocpCompatibility: # Extra containers to add to the pod. sidecars: [] -## Following two controls for placement of pod - nodeSelector and AZ affinity. -## Note: Remember to also provide a yugaware.StorageClass that has a olumeBindingMode of -## WaitForFirstConsumer so that the PVC is created in the right topology visible to this pod. -## See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector -## eg. -## nodeSelector: -## topology.kubernetes.io/region: us-west1 -nodeSelector: {} - -## Affinity to a particular zone for the pod. -## See https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity -## eg. -## nodeAffinity: -## requiredDuringSchedulingIgnoredDuringExecution: -## nodeSelectorTerms: -## - matchExpressions: -## - key: failure-domain.beta.kubernetes.io/zone -## operator: In -## values: -## - us-west1-a -## - us-west1-b -zoneAffinity: {} - -## The tolerations that the pod should have. -## See https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ -tolerations: [] - ## Don't want prometheus to scrape nodes and evaluate alert rules in some cases (for example - cloud). prometheus: scrapeNodes: true evaluateAlertRules: true retentionTime: 15d - queryConcurrency: 20 - queryMaxSamples: 5000000 - queryTimeout: 30s resources: requests: - cpu: "2" + cpu: 2 memory: 4Gi ## Prometheus remote write config, as described here: @@ -244,10 +194,8 @@ prometheus: # Arbitrary key=value config entries for application.docker.conf additionalAppConf: - stringConf: {} - nonStringConf: {} - -jdbcParams: "" + stringConf: + nonStringConf: ## Override the APIVersion used by policy group for ## PodDisruptionBudget resources. The chart selects the correct @@ -255,4 +203,3 @@ jdbcParams: "" ## to modify this unless you are using helm template command i.e. GKE ## app's deployer image against a Kubernetes cluster >= 1.21. # pdbPolicyVersionOverride: "v1beta1" -pdbPolicyVersionOverride: "" diff --git a/index.yaml b/index.yaml index 5e0ec12f1..a250731c8 100644 --- a/index.yaml +++ b/index.yaml @@ -916,6 +916,42 @@ entries: - assets/ambassador/ambassador-6.7.1100.tgz version: 6.7.1100 argo-cd: + - annotations: + artifacthub.io/changes: | + - kind: changed + description: Update Argo CD v2.7.1 + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Argo CD + catalog.cattle.io/kube-version: '>=1.22.0-0' + catalog.cattle.io/release-name: argo-cd + apiVersion: v2 + appVersion: v2.7.1 + created: "2023-05-03T16:27:27.859785564Z" + dependencies: + - condition: redis-ha.enabled + name: redis-ha + repository: file://./charts/redis-ha + version: 4.22.5 + description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery + tool for Kubernetes. + digest: 6b7168cf988a3b609aa93b560fbefb1a9bf2a2bf6bbca2c96210ca22b4c800f9 + home: https://github.com/argoproj/argo-helm + icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png + keywords: + - argoproj + - argocd + - gitops + kubeVersion: '>=1.22.0-0' + maintainers: + - name: argoproj + url: https://argoproj.github.io/ + name: argo-cd + sources: + - https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd + - https://github.com/argoproj/argo-cd + urls: + - assets/argo/argo-cd-5.31.1.tgz + version: 5.31.1 - annotations: artifacthub.io/changes: | - kind: fixed @@ -8929,6 +8965,43 @@ entries: - assets/weka/csi-wekafsplugin-0.6.400.tgz version: 0.6.400 datadog: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Datadog + catalog.cattle.io/kube-version: '>=1.10-0' + catalog.cattle.io/release-name: datadog + apiVersion: v1 + appVersion: "7" + created: "2023-05-03T16:27:30.330163009Z" + dependencies: + - condition: clusterAgent.metricsProvider.useDatadogMetrics + name: datadog-crds + repository: https://helm.datadoghq.com + tags: + - install-crds + version: 0.4.7 + - condition: datadog.kubeStateMetricsEnabled + name: kube-state-metrics + repository: https://prometheus-community.github.io/helm-charts + version: 2.13.2 + description: Datadog Agent + digest: eba9c975d5ba8cc6fd77f580fd1c0b486c62ec7ccbd0b88994e42ac202525633 + home: https://www.datadoghq.com + icon: https://datadog-live.imgix.net/img/dd_logo_70x75.png + keywords: + - monitoring + - alerting + - metric + maintainers: + - email: support@datadoghq.com + name: Datadog + name: datadog + sources: + - https://app.datadoghq.com/account/settings#agent/kubernetes + - https://github.com/DataDog/datadog-agent + urls: + - assets/datadog/datadog-3.28.1.tgz + version: 3.28.1 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Datadog @@ -12042,6 +12115,74 @@ entries: - assets/inaccel/fpga-operator-2.5.201.tgz version: 2.5.201 gitlab: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: GitLab + catalog.cattle.io/release-name: gitlab + apiVersion: v1 + appVersion: 15.11.1 + created: "2023-05-03T16:27:30.885067935Z" + dependencies: + - name: gitlab + repository: "" + version: '*.*.*' + - name: certmanager-issuer + repository: "" + version: '*.*.*' + - name: minio + repository: "" + version: '*.*.*' + - name: registry + repository: "" + version: '*.*.*' + - alias: certmanager + condition: certmanager.install + name: cert-manager + repository: https://charts.jetstack.io/ + version: 1.5.4 + - condition: prometheus.install + name: prometheus + repository: https://prometheus-community.github.io/helm-charts + version: 15.18.0 + - condition: postgresql.install + name: postgresql + repository: https://raw.githubusercontent.com/bitnami/charts/eb5f9a9513d987b519f0ecd732e7031241c50328/bitnami + version: 8.9.4 + - condition: gitlab-runner.install + name: gitlab-runner + repository: https://charts.gitlab.io/ + version: 0.51.1 + - condition: global.grafana.enabled + name: grafana + repository: https://grafana.github.io/helm-charts + version: 6.11.0 + - condition: redis.install + name: redis + repository: https://raw.githubusercontent.com/bitnami/charts/eb5f9a9513d987b519f0ecd732e7031241c50328/bitnami + version: 11.3.4 + - condition: nginx-ingress.enabled + name: nginx-ingress + repository: "" + version: '*.*.*' + - condition: gitlab-zoekt.install + name: gitlab-zoekt + repository: https://charts.gitlab.io/ + version: 0.3.0 + description: The One DevOps Platform + digest: 5d07638c714f9f41573547c1b55d46027e8e9e0f81125f242b012dee29583261 + home: https://about.gitlab.com/ + icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.png + keywords: + - gitlab + maintainers: + - email: support@gitlab.com + name: GitLab Inc. + name: gitlab + sources: + - https://gitlab.com/gitlab-org/charts/gitlab + urls: + - assets/gitlab/gitlab-6.11.1.tgz + version: 6.11.1 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: GitLab @@ -14153,6 +14294,35 @@ entries: - assets/gopaddle/gopaddle-4.2.5.tgz version: 4.2.5 haproxy: + - annotations: + artifacthub.io/changes: | + - Allow strategy override for DaemonSet deployments (#186) + - Keep rollingUpdate defaults for both DaemonSet and Deployment (#186, #189) + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: HAProxy Kubernetes Ingress Controller + catalog.cattle.io/kube-version: '>=1.22.0-0' + catalog.cattle.io/release-name: haproxy + apiVersion: v2 + appVersion: 1.10.1 + created: "2023-05-03T16:27:31.790649098Z" + description: A Helm chart for HAProxy Kubernetes Ingress Controller + digest: a5796a192767dba69985e0a2927d05e8fdc997076a8c721f2e5fb706941cbca8 + home: https://github.com/haproxytech/helm-charts/tree/main/kubernetes-ingress + icon: https://raw.githubusercontent.com/haproxytech/helm-charts/main/kubernetes-ingress/chart-icon.png + keywords: + - ingress + - haproxy + kubeVersion: '>=1.22.0-0' + maintainers: + - email: dkorunic@haproxy.com + name: Dinko Korunic + name: haproxy + sources: + - https://github.com/haproxytech/kubernetes-ingress + type: application + urls: + - assets/haproxy/haproxy-1.30.4.tgz + version: 1.30.4 - annotations: artifacthub.io/changes: | - Allow strategy override for Daemonset deployments (#186) @@ -15162,6 +15332,36 @@ entries: - assets/hpe/hpe-flexvolume-driver-3.1.000.tgz version: 3.1.000 instana-agent: + - annotations: + artifacthub.io/links: | + - name: Instana website + url: https://www.instana.com + - name: Instana Helm charts + url: https://github.com/instana/helm-charts + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Instana Agent + catalog.cattle.io/kube-version: '>=1.21-0' + catalog.cattle.io/release-name: instana-agent + apiVersion: v2 + appVersion: 1.248.0 + created: "2023-05-03T16:27:31.950377533Z" + description: Instana Agent for Kubernetes + digest: 4e3a211d8ae1da48160520e8fa4789aab26101fbc9216eb7b89a95f43ecd4c7d + home: https://www.instana.com/ + icon: https://agents.instana.io/helm/stan-logo-2020.png + maintainers: + - email: felix.marx@ibm.com + name: FelixMarxIBM + - email: henning.treu@ibm.com + name: htreu + - email: torsten.kohn@ibm.com + name: tkohn + name: instana-agent + sources: + - https://github.com/instana/instana-agent-docker + urls: + - assets/instana/instana-agent-1.2.58.tgz + version: 1.2.58 - annotations: artifacthub.io/links: | - name: Instana website @@ -15832,6 +16032,62 @@ entries: - assets/jaeger/jaeger-operator-2.36.0.tgz version: 2.36.0 jenkins: + - annotations: + artifacthub.io/category: integration-delivery + artifacthub.io/images: | + - name: jenkins + image: jenkins/jenkins:2.387.3-jdk11 + - name: k8s-sidecar + image: kiwigrid/k8s-sidecar:1.23.1 + - name: inbound-agent + image: jenkins/inbound-agent:3107.v665000b_51092-5 + - name: backup + image: maorfr/kube-tasks:0.2.0 + artifacthub.io/license: Apache-2.0 + artifacthub.io/links: | + - name: Chart Source + url: https://github.com/jenkinsci/helm-charts/tree/main/charts/jenkins + - name: Jenkins + url: https://www.jenkins.io/ + - name: support + url: https://github.com/jenkinsci/helm-charts/issues + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Jenkins + catalog.cattle.io/kube-version: '>=1.14-0' + catalog.cattle.io/release-name: jenkins + apiVersion: v2 + appVersion: 2.387.3 + created: "2023-05-03T16:27:32.053610026Z" + description: Jenkins - Build great things at any scale! The leading open source + automation server, Jenkins provides hundreds of plugins to support building, + deploying and automating any project. + digest: 7d03312d2480ec23bfde65d71b29fe37555e8f5d8a02ee07abd654a92c7ccffc + home: https://jenkins.io/ + icon: https://get.jenkins.io/art/jenkins-logo/logo.svg + keywords: + - jenkins + - ci + - devops + maintainers: + - email: maor.friedman@redhat.com + name: maorfr + - email: mail@torstenwalter.de + name: torstenwalter + - email: garridomota@gmail.com + name: mogaal + - email: wmcdona89@gmail.com + name: wmcdona89 + - email: timjacomb1@gmail.com + name: timja + name: jenkins + sources: + - https://github.com/jenkinsci/jenkins + - https://github.com/jenkinsci/docker-inbound-agent + - https://github.com/maorfr/kube-tasks + - https://github.com/jenkinsci/configuration-as-code-plugin + urls: + - assets/jenkins/jenkins-4.3.23.tgz + version: 4.3.23 - annotations: artifacthub.io/category: integration-delivery artifacthub.io/images: | @@ -20784,6 +21040,45 @@ entries: - assets/elastic/logstash-7.17.3.tgz version: 7.17.3 mariadb: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: MariaDB + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: mariadb + category: Database + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 10.11.2 + created: "2023-05-03T16:27:28.971375114Z" + dependencies: + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: MariaDB is an open source, community-developed SQL database server + that is widely in use around the world due to its enterprise features, flexibility, + and collaboration with leading tech firms. + digest: 64229e2484ef1c50fa0d1b3d07bfc5ca399e902a8a1ecb1864c918dcffaee0e5 + home: https://github.com/bitnami/charts/tree/main/bitnami/mariadb + icon: https://mariadb.com/wp-content/uploads/2019/11/mariadb-logo-vert_black-transparent.png + keywords: + - mariadb + - mysql + - database + - sql + - prometheus + maintainers: + - name: Bitnami + url: https://github.com/bitnami/charts + name: mariadb + sources: + - https://github.com/bitnami/containers/tree/main/bitnami/mariadb + - https://github.com/prometheus/mysqld_exporter + - https://mariadb.org + urls: + - assets/bitnami/mariadb-12.1.5.tgz + version: 12.1.5 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: MariaDB @@ -21834,6 +22129,44 @@ entries: - assets/minio/minio-operator-4.4.1700.tgz version: 4.4.1700 mysql: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: MySQL + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: mysql + category: Database + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 8.0.33 + created: "2023-05-03T16:27:29.028320155Z" + dependencies: + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: MySQL is a fast, reliable, scalable, and easy to use open source + relational database system. Designed to handle mission-critical, heavy-load + production applications. + digest: 3536df19b8df1bf678632fcbb5c947f716244aee2c690eebdb2f971f83619067 + home: https://github.com/bitnami/charts/tree/main/bitnami/mysql + icon: https://www.mysql.com/common/logos/logo-mysql-170x115.png + keywords: + - mysql + - database + - sql + - cluster + - high availability + maintainers: + - name: Bitnami + url: https://github.com/bitnami/charts + name: mysql + sources: + - https://github.com/bitnami/containers/tree/main/bitnami/mysql + - https://mysql.com + urls: + - assets/bitnami/mysql-9.9.0.tgz + version: 9.9.0 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: MySQL @@ -26961,6 +27294,32 @@ entries: - assets/percona/psmdb-operator-1.13.1.tgz version: 1.13.1 pxc-db: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Percona XtraDB Cluster + catalog.cattle.io/kube-version: '>=1.21-0' + catalog.cattle.io/release-name: pxc-db + apiVersion: v2 + appVersion: 1.12.0 + created: "2023-05-03T16:27:33.772656649Z" + description: A Helm chart for installing Percona XtraDB Cluster Databases using + the PXC Operator. + digest: 81d2d2fc35f9686fc029fb48a8dba22d39aed3cbbe465b0c819def3a7439f464 + home: https://www.percona.com/doc/kubernetes-operator-for-pxc/kubernetes.html + icon: https://raw.githubusercontent.com/percona/percona-xtradb-cluster-operator/main/operator.png + maintainers: + - email: ivan.pylypenko@percona.com + name: cap1984 + - email: tomislav.plavcic@percona.com + name: tplavcic + - email: sergey.pronin@percona.com + name: spron-in + - email: natalia.marukovich@percona.com + name: nmarukovich + name: pxc-db + urls: + - assets/percona/pxc-db-1.12.1.tgz + version: 1.12.1 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Percona XtraDB Cluster @@ -28081,6 +28440,44 @@ entries: - assets/bitnami/redis-17.3.7.tgz version: 17.3.7 redpanda: + - annotations: + artifacthub.io/images: | + - name: redpanda + image: vectorized/redpanda:v23.1.8 + - name: busybox + image: busybox:latest + artifacthub.io/license: Apache-2.0 + artifacthub.io/links: | + - name: Documentation + url: https://docs.redpanda.com + - name: "Helm (>= 3.6.0)" + url: https://helm.sh/docs/intro/install/ + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Redpanda + catalog.cattle.io/kube-version: '>=1.21-0' + catalog.cattle.io/release-name: redpanda + apiVersion: v2 + appVersion: v23.1.8 + created: "2023-05-03T16:27:33.962695564Z" + dependencies: + - condition: console.enabled + name: console + repository: file://./charts/console + version: '>=0.5 <1.0' + description: Redpanda is the real-time engine for modern apps. + digest: 0645e550d6d9305b21382f4d733ea49a847f11dc9e42ac59fa70b82c7083bbd1 + icon: https://images.ctfassets.net/paqvtpyf8rwu/3cYHw5UzhXCbKuR24GDFGO/73fb682e6157d11c10d5b2b5da1d5af0/skate-stand-panda.svg + kubeVersion: '>=1.21-0' + maintainers: + - name: redpanda-data + url: https://github.com/orgs/redpanda-data/people + name: redpanda + sources: + - https://github.com/redpanda-data/helm-charts + type: application + urls: + - assets/redpanda/redpanda-4.0.15.tgz + version: 4.0.15 - annotations: artifacthub.io/images: | - name: redpanda @@ -30297,6 +30694,41 @@ entries: - assets/shipa/shipa-1.4.0.tgz version: 1.4.0 spark: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Apache Spark + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: spark + category: Infrastructure + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 3.3.2 + created: "2023-05-03T16:27:29.380353991Z" + dependencies: + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: Apache Spark is a high-performance engine for large-scale computing + tasks, such as data processing, machine learning and real-time data streaming. + It includes APIs for Java, Python, Scala and R. + digest: 9f1e97e86bcf3d466c798781c67a729f2bcc5783b357184bdbb911c3082f5179 + home: https://github.com/bitnami/charts/tree/main/bitnami/spark + icon: https://www.apache.org/logos/res/spark/default.png + keywords: + - apache + - spark + maintainers: + - name: Bitnami + url: https://github.com/bitnami/charts + name: spark + sources: + - https://github.com/bitnami/containers/tree/main/bitnami/spark + - https://spark.apache.org/ + urls: + - assets/bitnami/spark-6.5.1.tgz + version: 6.5.1 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Apache Spark @@ -30818,6 +31250,37 @@ entries: - assets/bitnami/spark-6.3.8.tgz version: 6.3.8 speedscale-operator: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Speedscale Operator + catalog.cattle.io/kube-version: '>= 1.17.0-0' + catalog.cattle.io/release-name: speedscale-operator + apiVersion: v1 + appVersion: 1.2.584 + created: "2023-05-03T16:27:34.051331078Z" + description: Stress test your APIs with real world scenarios. Collect and replay + traffic without scripting. + digest: 4a47e5965c444e54de153e28d1cc6f045f6e057701f839096b4709ebb21ca18f + home: https://speedscale.com + icon: https://raw.githubusercontent.com/speedscale/assets/main/logo/gold_logo_only.png + keywords: + - speedscale + - test + - testing + - regression + - reliability + - load + - replay + - network + - traffic + kubeVersion: '>= 1.17.0-0' + maintainers: + - email: support@speedscale.com + name: Speedscale Support + name: speedscale-operator + urls: + - assets/speedscale/speedscale-operator-1.2.42.tgz + version: 1.2.42 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Speedscale Operator @@ -31893,6 +32356,42 @@ entries: - assets/sumologic/sumologic-2.17.0.tgz version: 2.17.0 sysdig: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Sysdig + catalog.cattle.io/release-name: sysdig + apiVersion: v1 + appVersion: 12.13.0 + created: "2023-05-03T16:27:34.305784131Z" + description: Sysdig Monitor and Secure agent + digest: 2fe13586170cc362ad3cdce6b8aa8f700d585433cd6658fa93f16a22b6e38930 + home: https://www.sysdig.com/ + icon: https://avatars.githubusercontent.com/u/5068817?s=200&v=4 + keywords: + - monitoring + - security + - alerting + - metric + - troubleshooting + - run-time + maintainers: + - email: lachlan@deis.com + name: lachie83 + - email: jorge.salamero@sysdig.com + name: bencer + - email: nestor.salceda@sysdig.com + name: nestorsalceda + - email: alvaro.iradier@sysdig.com + name: airadier + - email: carlos.arilla@sysdig.com + name: carillan81 + name: sysdig + sources: + - https://app.sysdigcloud.com/#/settings/user + - https://github.com/draios/sysdig + urls: + - assets/sysdig/sysdig-1.15.86.tgz + version: 1.15.86 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Sysdig @@ -35162,6 +35661,54 @@ entries: - assets/hashicorp/vault-0.22.0.tgz version: 0.22.0 wordpress: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: WordPress + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: wordpress + category: CMS + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 6.2.0 + created: "2023-05-03T16:27:29.897351456Z" + dependencies: + - condition: memcached.enabled + name: memcached + repository: file://./charts/memcached + version: 6.x.x + - condition: mariadb.enabled + name: mariadb + repository: file://./charts/mariadb + version: 12.x.x + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: WordPress is the world's most popular blogging and content management + platform. Powerful yet simple, everyone from students to global corporations + use it to build beautiful, functional websites. + digest: 0b804677ced1182b7d4de74b4a25a8fbe35d54adfd64285468d9dfb113b9fb2b + home: https://github.com/bitnami/charts/tree/main/bitnami/wordpress + icon: https://s.w.org/style/images/about/WordPress-logotype-simplified.png + keywords: + - application + - blog + - cms + - http + - php + - web + - wordpress + maintainers: + - name: Bitnami + url: https://github.com/bitnami/charts + name: wordpress + sources: + - https://github.com/bitnami/containers/tree/main/bitnami/wordpress + - https://wordpress.org/ + urls: + - assets/bitnami/wordpress-16.0.4.tgz + version: 16.0.4 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: WordPress @@ -37170,6 +37717,30 @@ entries: urls: - assets/yugabyte/yugabyte-2.16.0.tgz version: 2.16.0 + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: YugabyteDB + catalog.cattle.io/kube-version: '>=1.18-0' + catalog.cattle.io/release-name: yugabyte + apiVersion: v1 + appVersion: 2.14.9.0-b23 + created: "2023-05-03T16:27:34.667419679Z" + description: YugabyteDB is the high-performance distributed SQL database for building + global, internet-scale apps. + digest: a9ace89241833a52866026dd5aa6081ccfc840091060394df7aeecd9fc54e12a + home: https://www.yugabyte.com + icon: https://avatars0.githubusercontent.com/u/17074854?s=200&v=4 + maintainers: + - email: ram@yugabyte.com + name: Ram Sri + - email: arnav@yugabyte.com + name: Arnav Agarwal + name: yugabyte + sources: + - https://github.com/yugabyte/yugabyte-db + urls: + - assets/yugabyte/yugabyte-2.14.9.tgz + version: 2.14.9 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: YugabyteDB @@ -37410,6 +37981,27 @@ entries: urls: - assets/yugabyte/yugaware-2.16.0.tgz version: 2.16.0 + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: YugabyteDB Anywhere + catalog.cattle.io/kube-version: '>=1.18-0' + catalog.cattle.io/release-name: yugaware + apiVersion: v1 + appVersion: 2.14.9.0-b23 + created: "2023-05-03T16:27:34.683953863Z" + description: YugaWare is YugaByte Database's Orchestration and Management console. + digest: 386c2d47a35e7063a7a98b57cbc861074ec4bd8d7bb90739203aad6daa92c60b + home: https://www.yugabyte.com + icon: https://avatars0.githubusercontent.com/u/17074854?s=200&v=4 + maintainers: + - email: ram@yugabyte.com + name: Ram Sri + - email: arnav@yugabyte.com + name: Arnav Agarwal + name: yugaware + urls: + - assets/yugabyte/yugaware-2.14.9.tgz + version: 2.14.9 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: YugabyteDB Anywhere