andata
/
rancher-partner-charts
mirror of https://git.rancher.io/partner-charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Charts CI 

```
Updated:
  bitnami/airflow:
    - 16.0.6
  bitnami/kafka:
    - 26.0.0
  bitnami/tomcat:
    - 10.10.10
  bitnami/wordpress:
    - 18.0.7
  clastix/kamaji:
    - 0.12.8
  datadog/datadog:
    - 3.40.2
  fairwinds/polaris:
    - 5.16.0
  mongodb/community-operator:
    - 0.8.3
  nats/nats:
    - 1.1.2
  new-relic/nri-bundle:
    - 5.0.41
  ngrok/kubernetes-ingress-controller:
    - 0.12.0
  redpanda/redpanda:
    - 5.6.19
  speedscale/speedscale-operator:
    - 1.3.40
  sysdig/sysdig:
    - 1.16.17
```
pull/911/head
github-actions[bot] 2023-10-18 13:00:37 +00:00
parent 92debb3a60
commit 6b019bf558
101 changed files with 1371 additions and 177 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
assets/bitnami/airflow-16.0.6.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/kafka-26.0.0.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/tomcat-10.10.10.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/wordpress-18.0.7.tgz Normal file
View File

Binary file not shown.

BIN
assets/clastix/kamaji-0.12.8.tgz Normal file
View File

Binary file not shown.

BIN
assets/datadog/datadog-3.40.2.tgz Normal file
View File

Binary file not shown.

BIN
assets/fairwinds/polaris-5.16.0.tgz Normal file
View File

Binary file not shown.

BIN
assets/mongodb/community-operator-0.8.3.tgz Normal file
View File

Binary file not shown.

BIN
assets/nats/nats-1.1.2.tgz Normal file
View File

Binary file not shown.

BIN
assets/new-relic/nri-bundle-5.0.41.tgz Normal file
View File

Binary file not shown.

BIN
assets/ngrok/kubernetes-ingress-controller-0.12.0.tgz Normal file
View File

Binary file not shown.

BIN
assets/redpanda/redpanda-5.6.19.tgz Normal file
View File

Binary file not shown.

BIN
assets/speedscale/speedscale-operator-1.3.40.tgz Normal file
View File

Binary file not shown.

BIN
assets/sysdig/sysdig-1.16.17.tgz Normal file
View File

Binary file not shown.

2
charts/bitnami/airflow/Chart.yaml
View File

@ -50,4 +50,4 @@ maintainers:
name: airflow
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/airflow
version: 16.0.5
version: 16.0.6

2
charts/bitnami/airflow/README.md
View File

@ -238,7 +238,7 @@ The command removes all the Kubernetes components associated with the chart and
| ---------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ------------------------ |
| `worker.image.registry` | Airflow Worker image registry | `docker.io` |
| `worker.image.repository` | Airflow Worker image repository | `bitnami/airflow-worker` |
| `worker.image.tag` | Airflow Worker image tag (immutable tags are recommended) | `2.7.2-debian-11-r0` |
| `worker.image.tag` | Airflow Worker image tag (immutable tags are recommended) | `2.7.2-debian-11-r1` |
| `worker.image.digest` | Airflow Worker image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `worker.image.pullPolicy` | Airflow Worker image pull policy | `IfNotPresent` |
| `worker.image.pullSecrets` | Airflow Worker image pull secrets | `[]` |

2
charts/bitnami/airflow/values.yaml
View File

@ -650,7 +650,7 @@ worker:
image:
registry: docker.io
repository: bitnami/airflow-worker
tag: 2.7.2-debian-11-r0
tag: 2.7.2-debian-11-r1
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'

6
charts/bitnami/kafka/Chart.lock
View File

@ -1,9 +1,9 @@
dependencies:
- name: zookeeper
repository: oci://registry-1.docker.io/bitnamicharts
version: 12.1.4
version: 12.1.6
- name: common
repository: oci://registry-1.docker.io/bitnamicharts
version: 2.13.2
digest: sha256:07d7596708cc5b839395c9034fbd54f04e1f5d7baa6e0a9c50f2076b81762d87
generated: "2023-10-12T11:26:10.244681296Z"
digest: sha256:92a8d2251d74b2692c483948b21d980dbef3eb43af70348da40a12503e233d11
generated: "2023-10-16T17:41:20.404606855Z"

6
charts/bitnami/kafka/Chart.yaml
View File

@ -10,14 +10,14 @@ annotations:
- name: kafka-exporter
image: docker.io/bitnami/kafka-exporter:1.7.0-debian-11-r132
- name: kafka
image: docker.io/bitnami/kafka:3.5.1-debian-11-r72
image: docker.io/bitnami/kafka:3.6.0-debian-11-r0
- name: kubectl
image: docker.io/bitnami/kubectl:1.28.2-debian-11-r16
- name: os-shell
image: docker.io/bitnami/os-shell:11-debian-11-r90
licenses: Apache-2.0
apiVersion: v2
appVersion: 3.5.1
appVersion: 3.6.0
dependencies:
- condition: zookeeper.enabled
name: zookeeper
@ -45,4 +45,4 @@ maintainers:
name: kafka
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/kafka
version: 25.3.5
version: 26.0.0

2
charts/bitnami/kafka/README.md
View File

@ -82,7 +82,7 @@ The command removes all the Kubernetes components associated with the chart and
| ------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------- |
| `image.registry` | Kafka image registry | `docker.io` |
| `image.repository` | Kafka image repository | `bitnami/kafka` |
| `image.tag` | Kafka image tag (immutable tags are recommended) | `3.5.1-debian-11-r72` |
| `image.tag` | Kafka image tag (immutable tags are recommended) | `3.6.0-debian-11-r0` |
| `image.digest` | Kafka image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | Kafka image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |

6
charts/bitnami/kafka/charts/zookeeper/Chart.yaml
View File

@ -2,9 +2,9 @@ annotations:
category: Infrastructure
images: |
- name: os-shell
image: docker.io/bitnami/os-shell:11-debian-11-r89
image: docker.io/bitnami/os-shell:11-debian-11-r90
- name: zookeeper
image: docker.io/bitnami/zookeeper:3.9.1-debian-11-r0
image: docker.io/bitnami/zookeeper:3.9.1-debian-11-r1
licenses: Apache-2.0
apiVersion: v2
appVersion: 3.9.1
@ -26,4 +26,4 @@ maintainers:
name: zookeeper
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/zookeeper
version: 12.1.4
version: 12.1.6

4
charts/bitnami/kafka/charts/zookeeper/README.md
View File

@ -82,7 +82,7 @@ The command removes all the Kubernetes components associated with the chart and
| ----------------------------- | -------------------------------------------------------------------------------------------------------------------------- | ----------------------- |
| `image.registry` | ZooKeeper image registry | `docker.io` |
| `image.repository` | ZooKeeper image repository | `bitnami/zookeeper` |
| `image.tag` | ZooKeeper image tag (immutable tags are recommended) | `3.9.1-debian-11-r0` |
| `image.tag` | ZooKeeper image tag (immutable tags are recommended) | `3.9.1-debian-11-r1` |
| `image.digest` | ZooKeeper image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | ZooKeeper image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
@ -248,7 +248,7 @@ The command removes all the Kubernetes components associated with the chart and
| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` |
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r89` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r90` |
| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` |

4
charts/bitnami/kafka/charts/zookeeper/values.yaml
View File

@ -79,7 +79,7 @@ diagnosticMode:
image:
registry: docker.io
repository: bitnami/zookeeper
tag: 3.9.1-debian-11-r0
tag: 3.9.1-debian-11-r1
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -663,7 +663,7 @@ volumePermissions:
image:
registry: docker.io
repository: bitnami/os-shell
tag: 11-debian-11-r89
tag: 11-debian-11-r90
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.

2
charts/bitnami/kafka/values.yaml
View File

@ -80,7 +80,7 @@ diagnosticMode:
image:
registry: docker.io
repository: bitnami/kafka
tag: 3.5.1-debian-11-r72
tag: 3.6.0-debian-11-r0
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'

6
charts/bitnami/tomcat/Chart.yaml
View File

@ -10,10 +10,10 @@ annotations:
- name: os-shell
image: docker.io/bitnami/os-shell:11-debian-11-r90
- name: tomcat
image: docker.io/bitnami/tomcat:10.1.14-debian-11-r0
image: docker.io/bitnami/tomcat:10.1.15-debian-11-r0
licenses: Apache-2.0
apiVersion: v2
appVersion: 10.1.14
appVersion: 10.1.15
dependencies:
- name: common
repository: file://./charts/common
@ -38,4 +38,4 @@ maintainers:
name: tomcat
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/tomcat
version: 10.10.9
version: 10.10.10

2
charts/bitnami/tomcat/README.md
View File

@ -81,7 +81,7 @@ The command removes all the Kubernetes components associated with the chart and
| ----------------------------- | ------------------------------------------------------------------------------------------------------ | ---------------------- |
| `image.registry` | Tomcat image registry | `docker.io` |
| `image.repository` | Tomcat image repository | `bitnami/tomcat` |
| `image.tag` | Tomcat image tag (immutable tags are recommended) | `10.1.14-debian-11-r0` |
| `image.tag` | Tomcat image tag (immutable tags are recommended) | `10.1.15-debian-11-r0` |
| `image.digest` | Tomcat image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | Tomcat image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |

2
charts/bitnami/tomcat/values.yaml
View File

@ -61,7 +61,7 @@ extraDeploy: []
image:
registry: docker.io
repository: bitnami/tomcat
tag: 10.1.14-debian-11-r0
tag: 10.1.15-debian-11-r0
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'

2
charts/bitnami/wordpress/Chart.yaml
View File

@ -47,4 +47,4 @@ maintainers:
name: wordpress
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/wordpress
version: 18.0.6
version: 18.0.7

51
charts/bitnami/wordpress/README.md
View File

@ -344,31 +344,32 @@ The command removes all the Kubernetes components associated with the chart and
### Database Parameters
| Name | Description | Value |
| ------------------------------------------ | --------------------------------------------------------------------------------- | ------------------- |
| `mariadb.enabled` | Deploy a MariaDB server to satisfy the applications database requirements | `true` |
| `mariadb.architecture` | MariaDB architecture. Allowed values: `standalone` or `replication` | `standalone` |
| `mariadb.auth.rootPassword` | MariaDB root password | `""` |
| `mariadb.auth.database` | MariaDB custom database | `bitnami_wordpress` |
| `mariadb.auth.username` | MariaDB custom user name | `bn_wordpress` |
| `mariadb.auth.password` | MariaDB custom user password | `""` |
| `mariadb.primary.persistence.enabled` | Enable persistence on MariaDB using PVC(s) | `true` |
| `mariadb.primary.persistence.storageClass` | Persistent Volume storage class | `""` |
| `mariadb.primary.persistence.accessModes` | Persistent Volume access modes | `[]` |
| `mariadb.primary.persistence.size` | Persistent Volume size | `8Gi` |
| `externalDatabase.host` | External Database server host | `localhost` |
| `externalDatabase.port` | External Database server port | `3306` |
| `externalDatabase.user` | External Database username | `bn_wordpress` |
| `externalDatabase.password` | External Database user password | `""` |
| `externalDatabase.database` | External Database database name | `bitnami_wordpress` |
| `externalDatabase.existingSecret` | The name of an existing secret with database credentials. Evaluated as a template | `""` |
| `memcached.enabled` | Deploy a Memcached server for caching database queries | `false` |
| `memcached.auth.enabled` | Enable Memcached authentication | `false` |
| `memcached.auth.username` | Memcached admin user | `""` |
| `memcached.auth.password` | Memcached admin password | `""` |
| `memcached.service.port` | Memcached service port | `11211` |
| `externalCache.host` | External cache server host | `localhost` |
| `externalCache.port` | External cache server port | `11211` |
| Name | Description | Value |
| ------------------------------------------ | ---------------------------------------------------------------------------------------------- | ------------------- |
| `mariadb.enabled` | Deploy a MariaDB server to satisfy the applications database requirements | `true` |
| `mariadb.architecture` | MariaDB architecture. Allowed values: `standalone` or `replication` | `standalone` |
| `mariadb.auth.rootPassword` | MariaDB root password | `""` |
| `mariadb.auth.database` | MariaDB custom database | `bitnami_wordpress` |
| `mariadb.auth.username` | MariaDB custom user name | `bn_wordpress` |
| `mariadb.auth.password` | MariaDB custom user password | `""` |
| `mariadb.primary.persistence.enabled` | Enable persistence on MariaDB using PVC(s) | `true` |
| `mariadb.primary.persistence.storageClass` | Persistent Volume storage class | `""` |
| `mariadb.primary.persistence.accessModes` | Persistent Volume access modes | `[]` |
| `mariadb.primary.persistence.size` | Persistent Volume size | `8Gi` |
| `externalDatabase.host` | External Database server host | `localhost` |
| `externalDatabase.port` | External Database server port | `3306` |
| `externalDatabase.user` | External Database username | `bn_wordpress` |
| `externalDatabase.password` | External Database user password | `""` |
| `externalDatabase.database` | External Database database name | `bitnami_wordpress` |
| `externalDatabase.existingSecret` | The name of an existing secret with database credentials. Evaluated as a template | `""` |
| `memcached.enabled` | Deploy a Memcached server for caching database queries | `false` |
| `memcached.auth.enabled` | Enable Memcached authentication | `false` |
| `memcached.auth.username` | Memcached admin user | `""` |
| `memcached.auth.password` | Memcached admin password | `""` |
| `memcached.auth.existingPasswordSecret` | Existing secret with Memcached credentials (must contain a value for `memcached-password` key) | `""` |
| `memcached.service.port` | Memcached service port | `11211` |
| `externalCache.host` | External cache server host | `localhost` |
| `externalCache.port` | External cache server port | `11211` |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,

3
charts/bitnami/wordpress/values.yaml
View File

@ -1174,6 +1174,9 @@ memcached:
## @param memcached.auth.password Memcached admin password
##
password: ""
## @param memcached.auth.existingPasswordSecret Existing secret with Memcached credentials (must contain a value for `memcached-password` key)
##
existingPasswordSecret: ""
## Service parameters
##
service:

4
charts/clastix/kamaji/Chart.yaml
View File

@ -4,7 +4,7 @@ annotations:
catalog.cattle.io/kube-version: '>=1.21.0-0'
catalog.cattle.io/release-name: kamaji
apiVersion: v2
appVersion: v0.3.4
appVersion: v0.3.5
description: Kamaji is a Kubernetes Control Plane Manager.
home: https://github.com/clastix/kamaji
icon: https://github.com/clastix/kamaji/raw/master/assets/logo-colored.png
@ -20,4 +20,4 @@ name: kamaji
sources:
- https://github.com/clastix/kamaji
type: application
version: 0.12.5
version: 0.12.8

4
charts/clastix/kamaji/README.md
View File

@ -1,6 +1,6 @@
# kamaji
![Version: 0.12.5](https://img.shields.io/badge/Version-0.12.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.3.4](https://img.shields.io/badge/AppVersion-v0.3.4-informational?style=flat-square)
![Version: 0.12.8](https://img.shields.io/badge/Version-0.12.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.3.5](https://img.shields.io/badge/AppVersion-v0.3.5-informational?style=flat-square)
Kamaji is a Kubernetes Control Plane Manager.
@ -100,7 +100,7 @@ Here the values you can override:
| etcd.persistence.accessModes[0] | string | `"ReadWriteOnce"` | |
| etcd.persistence.customAnnotations | object | `{}` | The custom annotations to add to the PVC |
| etcd.persistence.size | string | `"10Gi"` | |
| etcd.persistence.storageClass | string | `""` | |
| etcd.persistence.storageClassName | string | `""` | |
| etcd.port | int | `2379` | The client request port. |
| etcd.serviceAccount.create | bool | `true` | Create a ServiceAccount, required to install and provision the etcd backing storage (default: true) |
| etcd.serviceAccount.name | string | `""` | Define the ServiceAccount name to use during the setup and provision of the etcd backing storage (default: "") |

14
charts/clastix/kamaji/templates/etcd_job_postinstall.yaml
View File

@ -30,11 +30,15 @@ spec:
- bash
- -c
- |-
etcdctl member list -w table &&
etcdctl user add --no-password=true root &&
etcdctl role add root &&
etcdctl user grant-role root root &&
etcdctl auth enable
etcdctl member list -w table
if etcdctl user get root &>/dev/null; then
echo "User already exists, nothing to do"
else
etcdctl user add --no-password=true root &&
etcdctl role add root &&
etcdctl user grant-role root root &&
etcdctl auth enable
fi
env:
- name: ETCDCTL_ENDPOINTS
value: https://etcd-0.{{ include "etcd.serviceName" . }}.{{ .Release.Namespace }}.svc.cluster.local:2379

22
charts/clastix/kamaji/templates/etcd_job_preinstall.yaml
View File

@ -37,13 +37,21 @@ spec:
containers:
- name: kubectl
image: {{ printf "clastix/kubectl:%s" (include "etcd.jobsTagKubeVersion" .) }}
command:
- sh
- -c
- |-
kubectl --namespace={{ .Release.Namespace }} delete secret --ignore-not-found=true {{ include "etcd.caSecretName" . }} {{ include "etcd.clientSecretName" . }} &&
kubectl --namespace={{ .Release.Namespace }} create secret generic {{ include "etcd.caSecretName" . }} --from-file=/certs/ca.crt --from-file=/certs/ca.key --from-file=/certs/peer-key.pem --from-file=/certs/peer.pem --from-file=/certs/server-key.pem --from-file=/certs/server.pem &&
kubectl --namespace={{ .Release.Namespace }} create secret tls {{ include "etcd.clientSecretName" . }} --key=/certs/root-client-key.pem --cert=/certs/root-client.pem
command: ["/bin/sh", "-c"]
args:
- |
if kubectl get secret {{ include "etcd.caSecretName" . }} --namespace={{ .Release.Namespace }} &>/dev/null; then
echo "Secret {{ include "etcd.caSecretName" . }} already exists"
else
echo "Creating secret {{ include "etcd.caSecretName" . }}"
kubectl --namespace={{ .Release.Namespace }} create secret generic {{ include "etcd.caSecretName" . }} --from-file=/certs/ca.crt --from-file=/certs/ca.key --from-file=/certs/peer-key.pem --from-file=/certs/peer.pem --from-file=/certs/server-key.pem --from-file=/certs/server.pem
fi
if kubectl get secret {{ include "etcd.clientSecretName" . }} --namespace={{ .Release.Namespace }} &>/dev/null; then
echo "Secret {{ include "etcd.clientSecretName" . }} already exists"
else
echo "Creating secret {{ include "etcd.clientSecretName" . }}"
kubectl --namespace={{ .Release.Namespace }} create secret tls {{ include "etcd.clientSecretName" . }} --key=/certs/root-client-key.pem --cert=/certs/root-client.pem
fi
volumeMounts:
- mountPath: /certs
name: certs

1
charts/clastix/kamaji/templates/etcd_rbac.yaml
View File

@ -15,6 +15,7 @@ rules:
resources:
- secrets
verbs:
- get
- delete
resourceNames:
- {{ include "etcd.caSecretName" . }}

2
charts/clastix/kamaji/values.yaml
View File

@ -54,7 +54,7 @@ etcd:
name: ""
persistence:
size: 10Gi
storageClass: ""
storageClassName: ""
accessModes:
- ReadWriteOnce
# -- The custom annotations to add to the PVC

8
charts/datadog/datadog/CHANGELOG.md
View File

@ -1,5 +1,13 @@
# Datadog changelog
## 3.40.2
* Gate `PodSecurityPolicy` RBAC for k8s versions which no longer support this deprecated API.
## 3.40.1
* Add support for initContainer volume mounts
## 3.40.0
* Default `Agent` and `Cluster-Agent` to `7.48.0` version.

2
charts/datadog/datadog/Chart.yaml
View File

@ -19,4 +19,4 @@ name: datadog
sources:
- https://app.datadoghq.com/account/settings#agent/kubernetes
- https://github.com/DataDog/datadog-agent
version: 3.40.0
version: 3.40.2

3
charts/datadog/datadog/README.md
View File

@ -1,6 +1,6 @@
# Datadog
![Version: 3.40.0](https://img.shields.io/badge/Version-3.40.0-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square)
![Version: 3.40.2](https://img.shields.io/badge/Version-3.40.2-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square)
[Datadog](https://www.datadoghq.com/) is a hosted infrastructure monitoring platform. This chart adds the Datadog Agent to all nodes in your cluster via a DaemonSet. It also optionally depends on the [kube-state-metrics chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics). For more information about monitoring Kubernetes with Datadog, please refer to the [Datadog documentation website](https://docs.datadoghq.com/agent/basic_agent_usage/kubernetes/).
@ -411,6 +411,7 @@ helm install <RELEASE_NAME> \
| agents.containers.agent.securityContext | object | `{}` | Allows you to overwrite the default container SecurityContext for the agent container. |
| agents.containers.initContainers.resources | object | `{}` | Resource requests and limits for the init containers |
| agents.containers.initContainers.securityContext | object | `{}` | Allows you to overwrite the default container SecurityContext for the init containers. |
| agents.containers.initContainers.volumeMounts | list | `[]` | Specify additional volumes to mount for the init containers |
| agents.containers.processAgent.env | list | `[]` | Additional environment variables for the process-agent container |
| agents.containers.processAgent.envDict | object | `{}` | Set environment variables specific to process-agent defined in a dict |
| agents.containers.processAgent.envFrom | list | `[]` | Set environment variables specific to process-agent from configMaps and/or secrets |

3
charts/datadog/datadog/templates/_containers-init-linux.yaml
View File

@ -53,6 +53,9 @@
subPath: system-probe.yaml
readOnly: true
{{- end }}
{{- if .Values.agents.containers.initContainers.volumeMounts }}
{{ toYaml .Values.agents.containers.initContainers.volumeMounts | nindent 4 }}
{{- end }}
env:
{{- include "containers-common-env" . | nindent 4 }}
{{- if and (eq (include "cluster-agent-enabled" .) "false") .Values.datadog.leaderElection }}

3
charts/datadog/datadog/templates/_containers-init-windows.yaml
View File

@ -45,6 +45,9 @@
readOnly: true
{{- end }}
{{- include "container-crisocket-volumemounts" . | nindent 4 }}
{{- if .Values.agents.containers.initContainers.volumeMounts }}
{{ toYaml .Values.agents.containers.initContainers.volumeMounts | nindent 4 }}
{{- end }}
env:
{{- include "containers-common-env" . | nindent 4 }}
resources:

6
charts/datadog/datadog/templates/cluster-agent-rbac.yaml
View File

@ -225,7 +225,7 @@ rules:
- admissionregistration.k8s.io
resources:
- mutatingwebhookconfigurations
resourceNames:
resourceNames:
- {{ .Values.clusterAgent.admissionController.webhookName | quote }}
verbs: ["get", "list", "watch", "update"]
- apiGroups:
@ -249,7 +249,7 @@ rules:
- namespaces
verbs:
- list
{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
{{- if and .Values.clusterAgent.podSecurity.podSecurityPolicy.create (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
- apiGroups:
- "policy"
resources:
@ -274,7 +274,7 @@ rules:
- list
{{- end }}
{{- end }}
{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
{{- if and .Values.clusterAgent.podSecurity.podSecurityPolicy.create (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
- apiGroups:
- policy
resources:

2
charts/datadog/datadog/templates/rbac.yaml
View File

@ -98,7 +98,7 @@ rules:
- endpoints
verbs:
- get
{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
{{- if and .Values.clusterAgent.podSecurity.podSecurityPolicy.create (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
- apiGroups:
- policy
resources:

2
charts/datadog/datadog/values.yaml
View File

@ -1576,6 +1576,8 @@ agents:
# memory: 200Mi
# agents.containers.initContainers.securityContext -- Allows you to overwrite the default container SecurityContext for the init containers.
securityContext: {}
# agents.containers.initContainers.volumeMounts -- Specify additional volumes to mount for the init containers
volumeMounts: []
# agents.volumes -- Specify additional volumes to mount in the dd-agent container
volumes: []

3
charts/fairwinds/polaris/CHANGELOG.md
View File

@ -5,6 +5,9 @@ All notable changes to this Helm chart will be documented in this file.
The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
and this chart adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
## 5.16.0
* Added default PDBs for both the webhook and the dashboard
## 5.15.0
* Support `string` type of `config` value

2
charts/fairwinds/polaris/Chart.yaml
View File

@ -12,4 +12,4 @@ maintainers:
- email: robertb@fairwinds.com
name: rbren
name: polaris
version: 5.15.0
version: 5.16.0

2
charts/fairwinds/polaris/README.md
View File

@ -75,6 +75,7 @@ the 0.10.0 version of this chart will only work on kubernetes 1.14.0+
| dashboard.disallowConfigExemptions | bool | `false` | Disallow exemptions that are configured in the config file |
| dashboard.disallowAnnotationExemptions | bool | `false` | Disallow exemptions that are configured via annotations |
| dashboard.containerSecurityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"privileged":false,"readOnlyRootFilesystem":true,"runAsNonRoot":true}` | securityContext to apply to the dashboard container |
| dashboard.pdb.enable | bool | `true` | If true, enables a PDB for the dashboard |
| webhook.enable | bool | `false` | Whether to run the webhook |
| webhook.validate | bool | `true` | Enables the Validating Webhook, to reject resources with issues |
| webhook.mutate | bool | `false` | Enables the Mutating Webhook, to modify resources with issues |
@ -103,6 +104,7 @@ the 0.10.0 version of this chart will only work on kubernetes 1.14.0+
| webhook.disallowAnnotationExemptions | bool | `false` | Disallow exemptions that are configured via annotations |
| webhook.mutatingConfigurationAnnotations | object | `{}` | |
| webhook.validatingConfigurationAnnotations | object | `{}` | |
| webhook.pdb.enable | bool | `true` | If true, enables a PDB for the webhook |
| audit.enable | bool | `false` | Runs a one-time audit. This is used internally at Fairwinds, and may not be useful for others. |
| audit.cleanup | bool | `false` | Whether to delete the namespace once the audit is finished. |
| audit.outputURL | string | `""` | A URL which will receive a POST request with audit results. |

20
charts/fairwinds/polaris/templates/dashboard.pdb.yaml Normal file
View File

@ -0,0 +1,20 @@
{{- if .Values.dashboard.pdb }}
{{- if and .Values.dashboard.enable .Values.dashboard.pdb.enable -}}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "polaris.fullname" . }}-dashboard
{{- if .Values.templateOnly }}
namespace: {{ .Release.Namespace }}
{{- end }}
labels:
{{- include "polaris.labels" . | nindent 4 }}
component: dashboard
spec:
maxUnavailable: 1
selector:
matchLabels:
{{- include "polaris.selectors" . | nindent 6 }}
component: dashboard
{{- end }}
{{- end }}

20
charts/fairwinds/polaris/templates/webhook.pdb.yaml Normal file
View File

@ -0,0 +1,20 @@
{{- if .Values.webhook.pdb }}
{{- if and .Values.webhook.enable .Values.webhook.pdb.enable -}}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "polaris.fullname" . }}-webhook
{{- if .Values.templateOnly }}
namespace: {{ .Release.Namespace }}
{{- end }}
labels:
{{- include "polaris.labels" . | nindent 4 }}
component: webhook
spec:
maxUnavailable: 1
selector:
matchLabels:
{{- include "polaris.selectors" . | nindent 6 }}
component: webhook
{{- end }}
{{- end }}

6
charts/fairwinds/polaris/values.yaml
View File

@ -129,6 +129,9 @@ dashboard:
capabilities:
drop:
- ALL
pdb:
# -- If true, enables a PDB for the dashboard
enable: true
webhook:
# webhook.enable -- Whether to run the webhook
@ -244,6 +247,9 @@ webhook:
disallowAnnotationExemptions: false
mutatingConfigurationAnnotations: {}
validatingConfigurationAnnotations: {}
pdb:
# -- If true, enables a PDB for the webhook
enable: true
audit:
# audit.enable -- Runs a one-time audit. This is used internally at Fairwinds, and may not be useful for others.

6
charts/mongodb/community-operator/Chart.lock
View File

@ -1,6 +1,6 @@
dependencies:
- name: community-operator-crds
repository: https://mongodb.github.io/helm-charts
version: 0.8.2
digest: sha256:ddb4acc5ed25e7bd4751ae01be4326c7fdb37b6a3136cc21724af2fe0a5539b7
generated: "2023-08-14T14:30:36.87801532Z"
version: 0.8.3
digest: sha256:d2b27b3bb494d226e7af474e0441caab70859066e41186c0348d3d9b42006773
generated: "2023-10-17T14:45:13.566377748Z"

6
charts/mongodb/community-operator/Chart.yaml
View File

@ -4,12 +4,12 @@ annotations:
catalog.cattle.io/kube-version: '>=1.16-0'
catalog.cattle.io/release-name: community-operator
apiVersion: v2
appVersion: 0.8.2
appVersion: 0.8.3
dependencies:
- condition: community-operator-crds.enabled
name: community-operator-crds
repository: file://./charts/community-operator-crds
version: 0.8.2
version: 0.8.3
description: MongoDB Kubernetes Community Operator
home: https://github.com/mongodb/mongodb-kubernetes-operator
icon: https://mongodb-images-new.s3.eu-west-1.amazonaws.com/leaf-green-dark.png
@ -23,4 +23,4 @@ maintainers:
name: MongoDB
name: community-operator
type: application
version: 0.8.2
version: 0.8.3

4
charts/mongodb/community-operator/charts/community-operator-crds/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 0.8.2
appVersion: 0.8.3
description: MongoDB Kubernetes Community Operator - CRDs
home: https://github.com/mongodb/mongodb-kubernetes-operator
icon: https://mongodb-images-new.s3.eu-west-1.amazonaws.com/leaf-green-dark.png
@ -13,4 +13,4 @@ maintainers:
name: MongoDB
name: community-operator-crds
type: application
version: 0.8.2
version: 0.8.3

108
charts/mongodb/community-operator/charts/community-operator-crds/templates/mongodbcommunity.mongodb.com_mongodbcommunity.yaml
View File

@ -69,10 +69,58 @@ spec:
description: AgentConfiguration sets options for the MongoDB automation
agent
properties:
logFile:
type: string
logLevel:
type: string
logRotate:
description: LogRotate if enabled, will enable LogRotate for all
processes.
properties:
includeAuditLogsWithMongoDBLogs:
description: set to 'true' to have the Automation Agent rotate
the audit files along with mongodb log files
type: boolean
numTotal:
description: maximum number of log files to have total
type: integer
numUncompressed:
description: maximum number of log files to leave uncompressed
type: integer
percentOfDiskspace:
description: Maximum percentage of the total disk space these
log files should take up. The string needs to be able to
be converted to float64
type: string
sizeThresholdMB:
description: Maximum size for an individual log file before
rotation. The string needs to be able to be converted to
float64. Fractional values of MB are supported.
type: string
timeThresholdHrs:
description: maximum hours for an individual log file before
rotation
type: integer
required:
- sizeThresholdMB
- timeThresholdHrs
type: object
maxLogFileDurationHours:
type: integer
systemLog:
description: SystemLog configures system log of mongod
properties:
destination:
type: string
logAppend:
type: boolean
path:
type: string
required:
- destination
- logAppend
- path
type: object
type: object
arbiters:
description: 'Arbiters is the number of arbiters to add to the Replica
@ -91,6 +139,40 @@ spec:
properties:
disabled:
type: boolean
logRotate:
description: CrdLogRotate is the crd definition of LogRotate
including fields in strings while the agent supports them
as float64
properties:
includeAuditLogsWithMongoDBLogs:
description: set to 'true' to have the Automation Agent
rotate the audit files along with mongodb log files
type: boolean
numTotal:
description: maximum number of log files to have total
type: integer
numUncompressed:
description: maximum number of log files to leave uncompressed
type: integer
percentOfDiskspace:
description: Maximum percentage of the total disk space
these log files should take up. The string needs to
be able to be converted to float64
type: string
sizeThresholdMB:
description: Maximum size for an individual log file
before rotation. The string needs to be able to be
converted to float64. Fractional values of MB are
supported.
type: string
timeThresholdHrs:
description: maximum hours for an individual log file
before rotation
type: integer
required:
- sizeThresholdMB
- timeThresholdHrs
type: object
name:
type: string
required:
@ -173,6 +255,29 @@ spec:
properties:
authentication:
properties:
agentCertificateSecretRef:
description: 'AgentCertificateSecret is a reference to a Secret
containing the certificate and the key for the automation
agent The secret needs to have available: - certificate
under key: "tls.crt" - private key under key: "tls.key"
If additionally, tls.pem is present, then it needs to be
equal to the concatenation of tls.crt and tls.key'
properties:
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
type: object
x-kubernetes-map-type: atomic
agentMode:
description: AgentMode contains the authentication mode used
by the automation agent.
enum:
- SCRAM
- SCRAM-SHA-256
- SCRAM-SHA-1
- X509
type: string
ignoreUnknownUsers:
default: true
nullable: true
@ -185,6 +290,7 @@ spec:
- SCRAM
- SCRAM-SHA-256
- SCRAM-SHA-1
- X509
type: string
type: array
required:
@ -428,9 +534,7 @@ spec:
type: string
required:
- name
- passwordSecretRef
- roles
- scramCredentialsSecretName
type: object
type: array
version:

79
charts/mongodb/community-operator/templates/mongodbcommunity_cr_with_tls.yaml
View File

@ -50,8 +50,64 @@ spec:
commonName: "*.{{ .Values.resource.name }}-svc.{{ .Values.namespace }}.svc.cluster.local"
dnsNames:
- "*.{{ .Values.resource.name }}-svc.{{ .Values.namespace }}.svc.cluster.local"
{{- if .Values.resource.tls.useX509 }}
# Agent X509 certs
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: agent-certs
namespace: {{ .Values.namespace }}
spec:
commonName: mms-automation-agent
dnsNames:
- automation
duration: 240h0m0s
issuerRef:
name: tls-ca-issuer
renewBefore: 120h0m0s
secretName: agent-certs
subject:
countries:
- US
localities:
- NY
organizationalUnits:
- a-1635241837-m5yb81lfnrz
organizations:
- cluster.local-agent
provinces:
- NY
usages:
- digital signature
- key encipherment
- client auth
{{- end }}
{{- if .Values.resource.tls.sampleX509User }}
# Client certs
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: x509-user-cert
namespace: {{ .Values.namespace }}
spec:
commonName: my-x509-user
duration: 240h0m0s
issuerRef:
name: tls-ca-issuer
renewBefore: 120h0m0s
secretName: my-x509-user-cert
subject:
organizationalUnits:
- organizationalunit
organizations:
- organization
usages:
- digital signature
- client auth
{{- end }}
{{- end }}
{{- if .Values.createResource }}
# mongodb resources
---
@ -74,9 +130,24 @@ spec:
name: {{ .Values.resource.tls.caCertificateSecretRef }}
{{- end }}
authentication:
{{- if .Values.resource.tls.useX509 }}
modes: ["X509"]
{{- else }}
modes: ["SCRAM"]
{{- with .Values.resource.users }}
{{- end }}
{{- if .Values.resource.tls.sampleX509User }}
users:
{{- toYaml . | nindent 4 }}
{{- end }}
- name: CN=my-x509-user,OU=organizationalunit,O=organization
db: $external
roles:
- name: clusterAdmin
db: admin
- name: userAdminAnyDatabase
db: admin
- name: readWriteAnyDatabase
db: admin
{{- else }}
users:
{{- toYaml .Values.resource.users | nindent 4 }}
{{- end}}
{{- end }}

2
charts/mongodb/community-operator/templates/operator.yaml
View File

@ -9,7 +9,7 @@ metadata:
name: {{ .Values.operator.name }}
namespace: {{ .Release.Namespace }}
spec:
replicas: 1
replicas: {{ .Values.operator.replicas }}
selector:
matchLabels:
name: {{ .Values.operator.name }}

12
charts/mongodb/community-operator/values.yaml
View File

@ -2,7 +2,6 @@
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
imagePullSecrets: []
# - name: "image-pull-secret"
## Operator
operator:
# Name that will be assigned to most of internal Kubernetes objects like
@ -16,7 +15,7 @@ operator:
deploymentName: mongodb-kubernetes-operator
# Version of mongodb-kubernetes-operator
version: 0.8.2
version: 0.8.3
# Uncomment this line to watch all namespaces
# watchNamespace: "*"
@ -30,6 +29,9 @@ operator:
cpu: 500m
memory: 200Mi
# replicas deployed for the operator pod. Running 1 is optimal and suggested.
replicas: 1
# Additional environment variables
extraEnvs: []
# environment:
@ -59,10 +61,10 @@ agent:
version: 12.0.25.7724-1
versionUpgradeHook:
name: mongodb-kubernetes-operator-version-upgrade-post-start-hook
version: 1.0.7
version: 1.0.8
readinessProbe:
name: mongodb-kubernetes-readinessprobe
version: 1.0.15
version: 1.0.17
mongodb:
name: mongo
repo: docker.io
@ -90,6 +92,8 @@ resource:
enabled: false
# Installs Cert-Manager in this cluster.
useX509: false
sampleX509User: false
useCertManager: true
certificateKeySecretRef: tls-certificate
caCertificateSecretRef: tls-ca-key-pair

4
charts/nats/nats/Chart.yaml
View File

@ -4,7 +4,7 @@ annotations:
catalog.cattle.io/kube-version: '>=1.16-0'
catalog.cattle.io/release-name: nats
apiVersion: v2
appVersion: 2.10.2
appVersion: 2.10.3
description: A Helm chart for the NATS.io High Speed Cloud Native Distributed Communications
Technology.
home: http://github.com/nats-io/k8s
@ -18,4 +18,4 @@ maintainers:
name: The NATS Authors
url: https://github.com/nats-io
name: nats
version: 1.1.1
version: 1.1.2

2
charts/nats/nats/values.yaml
View File

@ -308,7 +308,7 @@ config:
container:
image:
repository: nats
tag: 2.10.2-alpine
tag: 2.10.3-alpine
pullPolicy:
registry:

16
charts/new-relic/nri-bundle/Chart.lock
View File

@ -1,25 +1,25 @@
dependencies:
- name: newrelic-infrastructure
repository: https://newrelic.github.io/nri-kubernetes
version: 3.23.1
version: 3.23.2
- name: nri-prometheus
repository: https://newrelic.github.io/nri-prometheus
version: 2.1.17
- name: newrelic-prometheus-agent
repository: https://newrelic.github.io/newrelic-prometheus-configurator
version: 1.4.1
version: 1.5.0
- name: nri-metadata-injection
repository: https://newrelic.github.io/k8s-metadata-injection
version: 4.10.0
version: 4.10.1
- name: newrelic-k8s-metrics-adapter
repository: https://newrelic.github.io/newrelic-k8s-metrics-adapter
version: 1.4.1
version: 1.4.2
- name: kube-state-metrics
repository: https://prometheus-community.github.io/helm-charts
version: 5.12.1
- name: nri-kube-events
repository: https://newrelic.github.io/nri-kube-events
version: 3.2.4
version: 3.2.5
- name: newrelic-logging
repository: https://newrelic.github.io/helm-charts
version: 1.18.1
@ -31,6 +31,6 @@ dependencies:
version: 0.1.4
- name: newrelic-infra-operator
repository: https://newrelic.github.io/newrelic-infra-operator
version: 2.3.1
digest: sha256:66c038ae61c70febfb31eccb0fba998becf0179545240ea415a1e1ae9cf7f5a7
generated: "2023-10-14T02:53:55.575862896Z"
version: 2.3.2
digest: sha256:3fb27beb39cefda6d5c78efc74f02b7ab09cf4d1a45f201cb148f7c3b476fe07
generated: "2023-10-17T07:55:39.874488788Z"

14
charts/new-relic/nri-bundle/Chart.yaml
View File

@ -7,7 +7,7 @@ dependencies:
- condition: infrastructure.enabled,newrelic-infrastructure.enabled
name: newrelic-infrastructure
repository: file://./charts/newrelic-infrastructure
version: 3.23.1
version: 3.23.2
- condition: prometheus.enabled,nri-prometheus.enabled
name: nri-prometheus
repository: file://./charts/nri-prometheus
@ -15,15 +15,15 @@ dependencies:
- condition: newrelic-prometheus-agent.enabled
name: newrelic-prometheus-agent
repository: file://./charts/newrelic-prometheus-agent
version: 1.4.1
version: 1.5.0
- condition: webhook.enabled,nri-metadata-injection.enabled
name: nri-metadata-injection
repository: file://./charts/nri-metadata-injection
version: 4.10.0
version: 4.10.1
- condition: metrics-adapter.enabled,newrelic-k8s-metrics-adapter.enabled
name: newrelic-k8s-metrics-adapter
repository: file://./charts/newrelic-k8s-metrics-adapter
version: 1.4.1
version: 1.4.2
- condition: ksm.enabled,kube-state-metrics.enabled
name: kube-state-metrics
repository: file://./charts/kube-state-metrics
@ -31,7 +31,7 @@ dependencies:
- condition: kubeEvents.enabled,nri-kube-events.enabled
name: nri-kube-events
repository: file://./charts/nri-kube-events
version: 3.2.4
version: 3.2.5
- condition: logging.enabled,newrelic-logging.enabled
name: newrelic-logging
repository: file://./charts/newrelic-logging
@ -48,7 +48,7 @@ dependencies:
- condition: newrelic-infra-operator.enabled
name: newrelic-infra-operator
repository: file://./charts/newrelic-infra-operator
version: 2.3.1
version: 2.3.2
description: Groups together the individual charts for the New Relic Kubernetes solution
for a more comfortable deployment.
home: https://github.com/newrelic/helm-charts
@ -89,4 +89,4 @@ sources:
- https://github.com/newrelic/helm-charts/tree/master/charts/newrelic-logging
- https://github.com/newrelic/helm-charts/tree/master/charts/newrelic-pixie
- https://github.com/newrelic/newrelic-infra-operator/tree/master/charts/newrelic-infra-operator
version: 5.0.40
version: 5.0.41

4
charts/new-relic/nri-bundle/charts/newrelic-infra-operator/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 0.11.1
appVersion: 0.11.2
dependencies:
- name: common-library
repository: https://helm-charts.newrelic.com
@ -32,4 +32,4 @@ name: newrelic-infra-operator
sources:
- https://github.com/newrelic/newrelic-infra-operator
- https://github.com/newrelic/newrelic-infra-operator/tree/main/charts/newrelic-infra-operator
version: 2.3.1
version: 2.3.2

4
charts/new-relic/nri-bundle/charts/newrelic-infrastructure/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 3.18.1
appVersion: 3.18.2
dependencies:
- name: common-library
repository: https://helm-charts.newrelic.com
@ -35,4 +35,4 @@ sources:
- https://github.com/newrelic/nri-kubernetes/
- https://github.com/newrelic/nri-kubernetes/tree/main/charts/newrelic-infrastructure
- https://github.com/newrelic/infrastructure-agent/
version: 3.23.1
version: 3.23.2

4
charts/new-relic/nri-bundle/charts/newrelic-k8s-metrics-adapter/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 0.6.2
appVersion: 0.6.3
dependencies:
- name: common-library
repository: https://helm-charts.newrelic.com
@ -20,4 +20,4 @@ name: newrelic-k8s-metrics-adapter
sources:
- https://github.com/newrelic/newrelic-k8s-metrics-adapter
- https://github.com/newrelic/newrelic-k8s-metrics-adapter/tree/main/charts/newrelic-k8s-metrics-adapter
version: 1.4.1
version: 1.4.2

4
charts/new-relic/nri-bundle/charts/newrelic-prometheus-agent/Chart.yaml
View File

@ -1,5 +1,5 @@
annotations:
configuratorVersion: 1.7.1
configuratorVersion: 1.8.0
apiVersion: v2
appVersion: v2.37.8
dependencies:
@ -31,4 +31,4 @@ maintainers:
url: https://github.com/xqi-nr
name: newrelic-prometheus-agent
type: application
version: 1.4.1
version: 1.5.0

4
charts/new-relic/nri-bundle/charts/nri-kube-events/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 2.2.9
appVersion: 2.2.12
dependencies:
- name: common-library
repository: https://helm-charts.newrelic.com
@ -35,4 +35,4 @@ sources:
- https://github.com/newrelic/nri-kube-events/
- https://github.com/newrelic/nri-kube-events/tree/main/charts/nri-kube-events
- https://github.com/newrelic/infrastructure-agent/
version: 3.2.4
version: 3.2.5

2
charts/new-relic/nri-bundle/charts/nri-kube-events/README.md
View File

@ -1,6 +1,6 @@
# nri-kube-events
![Version: 3.2.4](https://img.shields.io/badge/Version-3.2.4-informational?style=flat-square) ![AppVersion: 2.2.9](https://img.shields.io/badge/AppVersion-2.2.9-informational?style=flat-square)
![Version: 3.2.5](https://img.shields.io/badge/Version-3.2.5-informational?style=flat-square) ![AppVersion: 2.2.12](https://img.shields.io/badge/AppVersion-2.2.12-informational?style=flat-square)
A Helm chart to deploy the New Relic Kube Events router

4
charts/new-relic/nri-bundle/charts/nri-metadata-injection/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 1.18.0
appVersion: 1.18.3
dependencies:
- name: common-library
repository: https://helm-charts.newrelic.com
@ -22,4 +22,4 @@ name: nri-metadata-injection
sources:
- https://github.com/newrelic/k8s-metadata-injection
- https://github.com/newrelic/k8s-metadata-injection/tree/master/charts/nri-metadata-injection
version: 4.10.0
version: 4.10.1

1
charts/new-relic/nri-bundle/charts/nri-metadata-injection/templates/admission-webhooks/mutatingWebhookConfiguration.yaml
View File

@ -25,6 +25,7 @@ webhooks:
apiVersions: ["v1"]
resources: ["pods"]
{{- if .Values.injectOnlyLabeledNamespaces }}
scope: Namespaced
namespaceSelector:
matchLabels:
newrelic-metadata-injection: enabled

6
charts/ngrok/kubernetes-ingress-controller/CHANGELOG.md
View File

@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## 0.12.0
- Update to version 0.10.0 of the ingress controller, this includes:
- TLSEdge support - see the [TCP and TLS Edges Guide](https://github.com/ngrok/kubernetes-ingress-controller/blob/main/docs/user-guide/tcp-tls-edges.md) for more details.
- A fix for renegotiating TLS backends
## 0.11.0
** Important ** This version of the controller changes the ownership model for https edge and tunnel CRs. To ease out the transition to the new ownership, make sure to run `migrate-edges.sh` and `migrate-tunnels.sh` scripts before installing the new version.

6
charts/ngrok/kubernetes-ingress-controller/Chart.lock
View File

@ -1,6 +1,6 @@
dependencies:
- name: common
repository: https://charts.bitnami.com/bitnami
version: 2.10.1
digest: sha256:54cb57fbf004b3cf03fe382619b87c9d17469340f3d24f506a2dbec185a9455a
generated: "2023-09-08T12:48:02.907551-04:00"
version: 2.13.2
digest: sha256:2672c3a43386aa82424bca0a5b774ea94e167c7c90604cd66520afde23238e37
generated: "2023-10-05T10:48:29.016056701-04:00"

4
charts/ngrok/kubernetes-ingress-controller/Chart.yaml
View File

@ -3,7 +3,7 @@ annotations:
catalog.cattle.io/display-name: ngrok Ingress Controller
catalog.cattle.io/release-name: kubernetes-ingress-controller
apiVersion: v2
appVersion: 0.9.0
appVersion: 0.10.0
dependencies:
- name: common
repository: file://./charts/common
@ -22,4 +22,4 @@ keywords:
name: kubernetes-ingress-controller
sources:
- https://github.com/ngrok/kubernetes-ingress-controller
version: 0.11.0
version: 0.12.0

1
charts/ngrok/kubernetes-ingress-controller/README.md
View File

@ -87,4 +87,5 @@ To uninstall the chart:
| `log.level` | The level to log at. One of 'debug', 'info', or 'error'. | `info` |
| `log.stacktraceLevel` | The level to report stacktrace logs one of 'info' or 'error'. | `error` |
| `log.format` | The log format to use. One of console, json. | `json` |
| `lifecycle` | an object containing lifecycle configuration | `{}` |

4
charts/ngrok/kubernetes-ingress-controller/charts/common/Chart.yaml
View File

@ -2,7 +2,7 @@ annotations:
category: Infrastructure
licenses: Apache-2.0
apiVersion: v2
appVersion: 2.10.1
appVersion: 2.13.2
description: A Library Helm Chart for grouping common logic between bitnami charts.
This chart is not deployable by itself.
home: https://bitnami.com
@ -20,4 +20,4 @@ name: common
sources:
- https://github.com/bitnami/charts
type: library
version: 2.10.1
version: 2.13.2

44
charts/ngrok/kubernetes-ingress-controller/charts/common/templates/_capabilities.tpl
View File

@ -172,6 +172,50 @@ Return the appropriate apiVersion for Vertical Pod Autoscaler.
{{- end -}}
{{- end -}}
{{/*
Returns true if PodSecurityPolicy is supported
*/}}
{{- define "common.capabilities.psp.supported" -}}
{{- if semverCompare "<1.25-0" (include "common.capabilities.kubeVersion" .) -}}
{{- true -}}
{{- end -}}
{{- end -}}
{{/*
Returns true if AdmissionConfiguration is supported
*/}}
{{- define "common.capabilities.admisionConfiguration.supported" -}}
{{- if semverCompare ">=1.23-0" (include "common.capabilities.kubeVersion" .) -}}
{{- true -}}
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for AdmissionConfiguration.
*/}}
{{- define "common.capabilities.admisionConfiguration.apiVersion" -}}
{{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) -}}
{{- print "apiserver.config.k8s.io/v1alpha1" -}}
{{- else if semverCompare "<1.25-0" (include "common.capabilities.kubeVersion" .) -}}
{{- print "apiserver.config.k8s.io/v1beta1" -}}
{{- else -}}
{{- print "apiserver.config.k8s.io/v1" -}}
{{- end -}}
{{- end -}}
{{/*
Return the appropriate apiVersion for PodSecurityConfiguration.
*/}}
{{- define "common.capabilities.podSecurityConfiguration.apiVersion" -}}
{{- if semverCompare "<1.23-0" (include "common.capabilities.kubeVersion" .) -}}
{{- print "pod-security.admission.config.k8s.io/v1alpha1" -}}
{{- else if semverCompare "<1.25-0" (include "common.capabilities.kubeVersion" .) -}}
{{- print "pod-security.admission.config.k8s.io/v1beta1" -}}
{{- else -}}
{{- print "pod-security.admission.config.k8s.io/v1" -}}
{{- end -}}
{{- end -}}
{{/*
Returns true if the used Helm version is 3.3+.
A way to check the used Helm version was not introduced until version 3.3.0 with .Capabilities.HelmVersion, which contains an additional "{}}" structure.

40
charts/ngrok/kubernetes-ingress-controller/charts/common/templates/_images.tpl
View File

@ -38,13 +38,21 @@ Return the proper Docker Image Registry Secret Names (deprecated: use common.ima
{{- if .global }}
{{- range .global.imagePullSecrets -}}
{{- $pullSecrets = append $pullSecrets . -}}
{{- if kindIs "map" . -}}
{{- $pullSecrets = append $pullSecrets .name -}}
{{- else -}}
{{- $pullSecrets = append $pullSecrets . -}}
{{- end }}
{{- end -}}
{{- end -}}
{{- range .images -}}
{{- range .pullSecrets -}}
{{- $pullSecrets = append $pullSecrets . -}}
{{- if kindIs "map" . -}}
{{- $pullSecrets = append $pullSecrets .name -}}
{{- else -}}
{{- $pullSecrets = append $pullSecrets . -}}
{{- end -}}
{{- end -}}
{{- end -}}
@ -66,13 +74,21 @@ Return the proper Docker Image Registry Secret Names evaluating values as templa
{{- if $context.Values.global }}
{{- range $context.Values.global.imagePullSecrets -}}
{{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" . "context" $context)) -}}
{{- if kindIs "map" . -}}
{{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" .name "context" $context)) -}}
{{- else -}}
{{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" . "context" $context)) -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{- range .images -}}
{{- range .pullSecrets -}}
{{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" . "context" $context)) -}}
{{- if kindIs "map" . -}}
{{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" .name "context" $context)) -}}
{{- else -}}
{{- $pullSecrets = append $pullSecrets (include "common.tplvalues.render" (dict "value" . "context" $context)) -}}
{{- end -}}
{{- end -}}
{{- end -}}
@ -83,3 +99,19 @@ imagePullSecrets:
{{- end }}
{{- end }}
{{- end -}}
{{/*
Return the proper image version (ingores image revision/prerelease info & fallbacks to chart appVersion)
{{ include "common.images.version" ( dict "imageRoot" .Values.path.to.the.image "chart" .Chart ) }}
*/}}
{{- define "common.images.version" -}}
{{- $imageTag := .imageRoot.tag | toString -}}
{{/* regexp from https://github.com/Masterminds/semver/blob/23f51de38a0866c5ef0bfc42b3f735c73107b700/version.go#L41-L44 */}}
{{- if regexMatch `^([0-9]+)(\.[0-9]+)?(\.[0-9]+)?(-([0-9A-Za-z\-]+(\.[0-9A-Za-z\-]+)*))?(\+([0-9A-Za-z\-]+(\.[0-9A-Za-z\-]+)*))?$` $imageTag -}}
{{- $version := semver $imageTag -}}
{{- printf "%d.%d.%d" $version.Major $version.Minor $version.Patch -}}
{{- else -}}
{{- print .chart.AppVersion -}}
{{- end -}}
{{- end -}}

9
charts/ngrok/kubernetes-ingress-controller/charts/common/templates/_labels.tpl
View File

@ -11,12 +11,19 @@ Kubernetes standard labels
*/}}
{{- define "common.labels.standard" -}}
{{- if and (hasKey . "customLabels") (hasKey . "context") -}}
{{ merge (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) (dict "app.kubernetes.io/name" (include "common.names.name" .context) "helm.sh/chart" (include "common.names.chart" .context) "app.kubernetes.io/instance" .context.Release.Name "app.kubernetes.io/managed-by" .context.Release.Service) | toYaml }}
{{- $default := dict "app.kubernetes.io/name" (include "common.names.name" .context) "helm.sh/chart" (include "common.names.chart" .context) "app.kubernetes.io/instance" .context.Release.Name "app.kubernetes.io/managed-by" .context.Release.Service -}}
{{- with .context.Chart.AppVersion -}}
{{- $_ := set $default "app.kubernetes.io/version" . -}}
{{- end -}}
{{ template "common.tplvalues.merge" (dict "values" (list .customLabels $default) "context" .context) }}
{{- else -}}
app.kubernetes.io/name: {{ include "common.names.name" . }}
helm.sh/chart: {{ include "common.names.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- with .Chart.AppVersion }}
app.kubernetes.io/version: {{ . | quote }}
{{- end -}}
{{- end -}}
{{- end -}}

10
charts/ngrok/kubernetes-ingress-controller/charts/common/templates/_utils.tpl
View File

@ -65,3 +65,13 @@ Usage:
{{- end -}}
{{- printf "%s" $key -}}
{{- end -}}
{{/*
Checksum a template at "path" containing a *single* resource (ConfigMap,Secret) for use in pod annotations, excluding the metadata (see #18376).
Usage:
{{ include "common.utils.checksumTemplate" (dict "path" "/configmap.yaml" "context" $) }}
*/}}
{{- define "common.utils.checksumTemplate" -}}
{{- $obj := include (print .context.Template.BasePath .path) .context | fromYaml -}}
{{ omit $obj "apiVersion" "kind" "metadata" | toYaml | sha256sum }}
{{- end -}}

2
charts/ngrok/kubernetes-ingress-controller/templates/NOTES.txt
View File

@ -18,7 +18,7 @@ be automatically configured on the internet using ngrok.
One example, taken from your cluster, is the Service:
{{ $service.metadata.name | quote }}
You can make this accessible via Ngrok with the following manifest:
You can make this accessible via ngrok with the following manifest:
--------------------------------------------------------------------------------
apiVersion: networking.k8s.io/v1
kind: Ingress

4
charts/ngrok/kubernetes-ingress-controller/templates/controller-deployment.yaml
View File

@ -107,6 +107,10 @@ spec:
volumeMounts:
{{ toYaml .Values.extraVolumeMounts | nindent 10 }}
{{- end }}
{{- if .Values.lifecycle }}
lifecycle:
{{ toYaml .Values.lifecycle | nindent 10 }}
{{- end }}
livenessProbe:
httpGet:
path: /healthz

2
charts/ngrok/kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_tcpedges.yaml
View File

@ -78,7 +78,7 @@ spec:
in the ngrok API/Dashboard
type: string
ipRestriction:
description: IPRestriction is an IPRestriction to apply to this route
description: IPRestriction is an IPRestriction to apply to this edge
properties:
policies:
items:

148
charts/ngrok/kubernetes-ingress-controller/templates/crds/ingress.k8s.ngrok.com_tlsedges.yaml Normal file
View File

@ -0,0 +1,148 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.9.2
creationTimestamp: null
name: tlsedges.ingress.k8s.ngrok.com
spec:
group: ingress.k8s.ngrok.com
names:
kind: TLSEdge
listKind: TLSEdgeList
plural: tlsedges
singular: tlsedge
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: Domain ID
jsonPath: .status.id
name: ID
type: string
- description: Hostports
jsonPath: .status.hostports
name: Hostports
type: string
- description: Tunnel Group Backend ID
jsonPath: .status.backend.id
name: Backend ID
type: string
- description: Age
jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: TLSEdge is the Schema for the tlsedges API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: TLSEdgeSpec defines the desired state of TLSEdge
properties:
backend:
description: Backend is the definition for the tunnel group backend
that serves traffic for this edge
properties:
description:
default: Created by kubernetes-ingress-controller
description: Description is a human-readable description of the
object in the ngrok API/Dashboard
type: string
labels:
additionalProperties:
type: string
description: Labels to watch for tunnels on this backend
type: object
metadata:
default: '{"owned-by":"kubernetes-ingress-controller"}'
description: Metadata is a string of arbitrary data associated
with the object in the ngrok API/Dashboard
type: string
type: object
description:
default: Created by kubernetes-ingress-controller
description: Description is a human-readable description of the object
in the ngrok API/Dashboard
type: string
hostports:
description: Hostports is a list of hostports served by this edge
items:
type: string
type: array
ipRestriction:
description: IPRestriction is an IPRestriction to apply to this edge
properties:
policies:
items:
type: string
type: array
type: object
metadata:
default: '{"owned-by":"kubernetes-ingress-controller"}'
description: Metadata is a string of arbitrary data associated with
the object in the ngrok API/Dashboard
type: string
mutualTls:
properties:
certificateAuthorities:
description: List of CA IDs that will be used to validate incoming
connections to the edge.
items:
type: string
type: array
type: object
tlsTermination:
properties:
minVersion:
description: MinVersion is the minimum TLS version to allow for
connections to the edge
type: string
terminateAt:
description: TerminateAt determines where the TLS connection should
be terminated. "edge" if the ngrok edge should terminate TLS
traffic, "upstream" if TLS traffic should be passed through
to the upstream ngrok agent / application server for termination.
type: string
type: object
type: object
status:
description: TLSEdgeStatus defines the observed state of TLSEdge
properties:
backend:
description: Backend stores the status of the tunnel group backend,
mainly the ID of the backend
properties:
id:
description: ID is the unique identifier for this backend
type: string
type: object
hostports:
description: Hostports served by this edge
items:
type: string
type: array
id:
description: ID is the unique identifier for this edge
type: string
uri:
description: URI is the URI of the edge
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}

26
charts/ngrok/kubernetes-ingress-controller/templates/rbac/role.yaml
View File

@ -151,6 +151,32 @@ rules:
- get
- patch
- update
- apiGroups:
- ingress.k8s.ngrok.com
resources:
- tlsedges
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ingress.k8s.ngrok.com
resources:
- tlsedges/finalizers
verbs:
- update
- apiGroups:
- ingress.k8s.ngrok.com
resources:
- tlsedges/status
verbs:
- get
- patch
- update
- apiGroups:
- ingress.k8s.ngrok.com
resources:

31
charts/ngrok/kubernetes-ingress-controller/templates/rbac/tlsedge_editor_role.yaml Normal file
View File

@ -0,0 +1,31 @@
# permissions for end users to edit tlsedges.
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/name: clusterrole
app.kubernetes.io/instance: tlsedge-editor-role
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: ngrok-ingress-controller
app.kubernetes.io/part-of: ngrok-ingress-controller
app.kubernetes.io/managed-by: kustomize
name: tlsedge-editor-role
rules:
- apiGroups:
- ingress.k8s.ngrok.com
resources:
- tlsedges
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ingress.k8s.ngrok.com
resources:
- tlsedges/status
verbs:
- get

27
charts/ngrok/kubernetes-ingress-controller/templates/rbac/tlsedge_viewer_role.yaml Normal file
View File

@ -0,0 +1,27 @@
# permissions for end users to view tlsedges.
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
app.kubernetes.io/name: clusterrole
app.kubernetes.io/instance: tlsedge-viewer-role
app.kubernetes.io/component: rbac
app.kubernetes.io/created-by: ngrok-ingress-controller
app.kubernetes.io/part-of: ngrok-ingress-controller
app.kubernetes.io/managed-by: kustomize
name: tlsedge-viewer-role
rules:
- apiGroups:
- ingress.k8s.ngrok.com
resources:
- tlsedges
verbs:
- get
- list
- watch
- apiGroups:
- ingress.k8s.ngrok.com
resources:
- tlsedges/status
verbs:
- get

5
charts/ngrok/kubernetes-ingress-controller/values.yaml
View File

@ -189,3 +189,8 @@ log:
format: json
level: info
stacktraceLevel: error
## @param lifecycle an object containing lifecycle configuration
## ref: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/
##
lifecycle: {}

2
charts/redpanda/redpanda/Chart.lock
View File

@ -6,4 +6,4 @@ dependencies:
repository: https://charts.redpanda.com
version: 0.1.6
digest: sha256:4770d2dc26e5ed437977d40d20f49a1e08176579eaf464d042c94db7e1be37cf
generated: "2023-10-14T02:49:30.448635825Z"
generated: "2023-10-17T13:28:27.77999498Z"

2
charts/redpanda/redpanda/Chart.yaml
View File

@ -37,4 +37,4 @@ name: redpanda
sources:
- https://github.com/redpanda-data/helm-charts
type: application
version: 5.6.17
version: 5.6.19

6
charts/redpanda/redpanda/ci/02-one-node-cluster-no-tls-no-sasl-values.yaml
View File

@ -30,3 +30,9 @@ connectors:
enabled: true
logging:
level: debug
# tests to ensure this large int isn't converted to scientific notation for the rpk commands
# in post-upgrade job.
config:
cluster:
retention_local_target_ms_default: 21600000

3
charts/redpanda/redpanda/templates/post-upgrade.yaml
View File

@ -71,6 +71,9 @@ spec:
set -e
rpk cluster config import -f /etc/redpanda/bootstrap.yaml
{{- range $key, $value := .Values.config.cluster }}
{{- if and (typeIs "float64" $value) (eq (floor $value) $value) }}
{{- $value = int64 $value }}
{{- end }}
{{- if or (typeIs "bool" $value ) $value }}
rpk cluster config set {{ $key }} {{ $value }}
{{- end }}

41
charts/redpanda/redpanda/templates/tests/test-connector-via-console.yaml
View File

@ -19,6 +19,7 @@ limitations under the License.
{{- $root := deepCopy . }}
{{- $values := .Values }}
{{ $consoleValues := dict "Values" (deepCopy .Values.console) "Release" .Release "Chart" .Subcharts.console.Chart }}
{{ $connectorsVars := dict "Values" (deepCopy .Values.connectors) "Release" .Release "Chart" .Subcharts.connectors.Chart }}
{{/* brokers */}}
{{- $kafkaBrokers := list }}
{{- range (include "seed-server-list" . | mustFromJson) }}
@ -52,11 +53,24 @@ spec:
- name: TLS_ENABLED
value: {{ (include "kafka-internal-tls-enabled" . | fromJson).bool | quote }}
command:
- /usr/bin/timeout
- "120"
- bash
- /bin/bash
- -c
- |
set -xe
trap connectorsState ERR
connectorsState () {
echo check connectors expand status
curl {{ template "curl-options" . }} http://{{ include "connectors.serviceName" $connectorsVars }}:{{ (deepCopy .Values.connectors).connectors.restPort }}/connectors?expand=status
echo check connectors expand info
curl {{ template "curl-options" . }} http://{{ include "connectors.serviceName" $connectorsVars }}:{{ (deepCopy .Values.connectors).connectors.restPort }}/connectors?expand=info
echo check connector configuration
curl {{ template "curl-options" . }} http://{{ include "connectors.serviceName" $connectorsVars }}:{{ (deepCopy .Values.connectors).connectors.restPort }}/connectors/$CONNECTOR_NAME
echo check connector topics
curl {{ template "curl-options" . }} http://{{ include "connectors.serviceName" $connectorsVars }}:{{ (deepCopy .Values.connectors).connectors.restPort }}/connectors/$CONNECTOR_NAME/topics
}
{{- if .Values.auth.sasl.enabled }}
set -e
set +x
@ -75,6 +89,8 @@ spec:
JAAS_CONFIG_SOURCE="\"source.cluster.sasl.jaas.config\": \"org.apache.kafka.common.security.scram.ScramLoginModule required username=\\\\"\"${RPK_USER}\\\\"\" password=\\\\"\"${RPK_PASS}\\\\"\";\","
JAAS_CONFIG_TARGET="\"target.cluster.sasl.jaas.config\": \"org.apache.kafka.common.security.scram.ScramLoginModule required username=\\\\"\"${RPK_USER}\\\\"\" password=\\\\"\"${RPK_PASS}\\\\"\";\","
set -x
set +e
{{- end }}
{{- $testTopic := printf "test-topic-%s" (randNumeric 3) }}
@ -82,9 +98,6 @@ spec:
rpk topic list
echo "Test message!" | rpk topic produce {{ $testTopic }}
set -x
set +e
SECURITY_PROTOCOL=PLAINTEXT
if [[ -n "$RPK_SASL_MECHANISM" && $TLS_ENABLED == "true" ]]; then
SECURITY_PROTOCOL="SASL_SSL"
@ -138,24 +151,12 @@ spec:
URL=http://{{ include "console.fullname" $consoleValues }}:{{ include "console.containerPort" $consoleValues }}/api/kafka-connect/clusters/connectors/connectors
{{/* outputting to /dev/null because the output contains the user password */}}
echo "Creating mm2 connector"
if curl {{ template "curl-options" . }} -H 'Content-Type: application/json' "${URL}" -d @/tmp/mm2-conf.json
then
echo "Result successful"
else
echo "mm2 connector can not be created!!!"
exit 1
fi
curl {{ template "curl-options" . }} -H 'Content-Type: application/json' "${URL}" -d @/tmp/mm2-conf.json
rpk topic consume source.{{ $testTopic }} -n 1
echo "Destroying mm2 connector"
if curl {{ template "curl-options" . }} -X DELETE "${URL}/${CONNECTOR_NAME}"
then
echo "Result successful"
else
echo "mm2 connector can not be destroyed!!!"
exit 1
fi
curl {{ template "curl-options" . }} -X DELETE "${URL}/${CONNECTOR_NAME}"
rpk topic list
rpk topic delete {{ $testTopic }} source.{{ $testTopic }} mm2-offset-syncs.test-only-redpanda.internal

4
charts/speedscale/speedscale-operator/Chart.yaml
View File

@ -4,7 +4,7 @@ annotations:
catalog.cattle.io/kube-version: '>= 1.17.0-0'
catalog.cattle.io/release-name: speedscale-operator
apiVersion: v1
appVersion: 1.3.494
appVersion: 1.3.518
description: Stress test your APIs with real world scenarios. Collect and replay
traffic without scripting.
home: https://speedscale.com
@ -24,4 +24,4 @@ maintainers:
- email: support@speedscale.com
name: Speedscale Support
name: speedscale-operator
version: 1.3.39
version: 1.3.40

4
charts/speedscale/speedscale-operator/README.md
View File

@ -101,10 +101,10 @@ _See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documen
A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an
incompatible breaking change needing manual actions.
### Upgrade to 1.3.39
### Upgrade to 1.3.40
```bash
kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.3.39/templates/crds/trafficreplays.yaml
kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.3.40/templates/crds/trafficreplays.yaml
```
### Upgrade to 1.1.0

4
charts/speedscale/speedscale-operator/app-readme.md
View File

@ -101,10 +101,10 @@ _See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documen
A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an
incompatible breaking change needing manual actions.
### Upgrade to 1.3.39
### Upgrade to 1.3.40
```bash
kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.3.39/templates/crds/trafficreplays.yaml
kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.3.40/templates/crds/trafficreplays.yaml
```
### Upgrade to 1.1.0

2
charts/speedscale/speedscale-operator/values.yaml
View File

@ -20,7 +20,7 @@ clusterName: "my-cluster"
# Speedscale components image settings.
image:
registry: gcr.io/speedscale
tag: v1.3.494
tag: v1.3.518
pullPolicy: Always
# Log level for Speedscale components.

6
charts/sysdig/sysdig/CHANGELOG.md
View File

@ -10,6 +10,12 @@ Manual edits are supported only below '## Change Log' and should be used
exclusively to fix incorrect entries and not to add new ones.
## Change Log
# v1.16.17
### New Features
* [eda0e7cd](https://github.com/sysdiglabs/charts/commit/eda0e7cdf12c0b40f0bb77c0a16e0fd5f0173256): release agent 12.17.0 ([#1410](https://github.com/sysdiglabs/charts/issues/1410))
# v1.16.16
### Chores
* **sysdig, node-analyzer** [84cfe9a5](https://github.com/sysdiglabs/charts/commit/84cfe9a5e6f989a9a42b14b3d16597436f23b4b1): update legacy nodeImageAnalyzer (0.1.29) and hostImageAnalyzer (0.1.17) ([#1407](https://github.com/sysdiglabs/charts/issues/1407))
# v1.16.15
### New Features
* [9fc9ddd4](https://github.com/sysdiglabs/charts/commit/9fc9ddd48e6cb2c3ea334bfc10048ffc15646fd2): release agent 12.16.3 ([#1395](https://github.com/sysdiglabs/charts/issues/1395))

4
charts/sysdig/sysdig/Chart.yaml
View File

@ -3,7 +3,7 @@ annotations:
catalog.cattle.io/display-name: Sysdig
catalog.cattle.io/release-name: sysdig
apiVersion: v1
appVersion: 12.16.3
appVersion: 12.17.0
deprecated: true
description: Sysdig Monitor and Secure agent
home: https://www.sysdig.com/
@ -19,4 +19,4 @@ name: sysdig
sources:
- https://app.sysdigcloud.com/#/settings/user
- https://github.com/draios/sysdig
version: 1.16.15
version: 1.16.17

6
charts/sysdig/sysdig/README.md
View File

@ -222,7 +222,7 @@ The following table lists the configurable parameters of the Sysdig chart and th
| `nodeAnalyzer.pullSecrets` | The image pull secrets for the Node Analyzer containers. | `nil` |
| `nodeAnalyzer.imageAnalyzer.deploy` | Deploys the Image Analyzer. | `true ` |
| `nodeAnalyzer.imageAnalyzer.image.repository` | The image repository to pull the Node Image Analyzer from. | `sysdig/node-image-analyzer` |
| `nodeAnalyzer.imageAnalyzer.image.tag` | The image tag to pull the Node Image Analyzer. | `0.1.28` |
| `nodeAnalyzer.imageAnalyzer.image.tag` | The image tag to pull the Node Image Analyzer. | `0.1.29` |
| `nodeAnalyzer.imageAnalyzer.image.digest` | The image digest to pull. | ` ` |
| `nodeAnalyzer.imageAnalyzer.image.pullPolicy` | The Image pull policy for the Node Image Analyzer. | `IfNotPresent` |
| `nodeAnalyzer.imageAnalyzer.dockerSocketPath` | The Docker socket path. | |
@ -237,7 +237,7 @@ The following table lists the configurable parameters of the Sysdig chart and th
| `nodeAnalyzer.imageAnalyzer.env` | The extra environment variables that will be passed onto pods. | `{}` |
| `nodeAnalyzer.hostAnalyzer.deploy` | Deploys the Host Analyzer. | `true ` |
| `nodeAnalyzer.hostAnalyzer.image.repository` | The image repository to pull the Host Analyzer from. | `sysdig/host-analyzer` |
| `nodeAnalyzer.hostAnalyzer.image.tag` | The image tag to pull the Host Analyzer. | `0.1.16` |
| `nodeAnalyzer.hostAnalyzer.image.tag` | The image tag to pull the Host Analyzer. | `0.1.17` |
| `nodeAnalyzer.hostAnalyzer.image.digest` | The image digest to pull. | ` ` |
| `nodeAnalyzer.hostAnalyzer.image.pullPolicy` | The Image pull policy for the Host Analyzer. | `IfNotPresent` |
| `nodeAnalyzer.hostAnalyzer.schedule` | The scanning schedule specification for the host analyzer expressed as a crontab. | `@dailydefault` |
@ -323,7 +323,7 @@ The following table lists the configurable parameters of the Sysdig chart and th
| `nodeImageAnalyzer.settings.httpsProxy` | The secure proxy configuration variables. | |
| `nodeImageAnalyzer.settings.noProxy` | The no proxy configuration variables. | |
| `nodeImageAnalyzer.image.repository` | The image repository to pull the Node Image Analyzer from. | `sysdig/node-image-analyzer` |
| `nodeImageAnalyzer.image.tag` | The image tag to pull the Node Image Analyzer. | `0.1.28` |
| `nodeImageAnalyzer.image.tag` | The image tag to pull the Node Image Analyzer. | `0.1.29` |
| `nodeImageAnalyzer.imagedigest` | The image digest to pull. | ` ` |
| `nodeImageAnalyzer.image.pullPolicy` | The Image pull policy for the Node Image Analyzer. | `IfNotPresent` |
| `nodeImageAnalyzer.image.pullSecrets` | Image pull secrets for the Node Image Analyzer. | `nil` |

4
charts/sysdig/sysdig/RELEASE-NOTES.md
View File

@ -1,5 +1,5 @@
# What's Changed
### New Features
- [9fc9ddd4](https://github.com/sysdiglabs/charts/commit/9fc9ddd48e6cb2c3ea334bfc10048ffc15646fd2): release agent 12.16.3 ([#1395](https://github.com/sysdiglabs/charts/issues/1395))
#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.24.1...sysdig-1.16.15
- [eda0e7cd](https://github.com/sysdiglabs/charts/commit/eda0e7cdf12c0b40f0bb77c0a16e0fd5f0173256): release agent 12.17.0 ([#1410](https://github.com/sysdiglabs/charts/issues/1410))
#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.24.6...sysdig-1.16.17

8
charts/sysdig/sysdig/values.yaml
View File

@ -7,7 +7,7 @@ image:
overrideValue: null
registry: quay.io
repository: sysdig/agent
tag: 12.16.3
tag: 12.17.0
# Specify a imagePullPolicy
# Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
# ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
@ -193,7 +193,7 @@ nodeImageAnalyzer:
deploy: false
image:
repository: sysdig/node-image-analyzer
tag: 0.1.28
tag: 0.1.29
digest: null
pullPolicy: IfNotPresent
# pullSecrets:
@ -351,7 +351,7 @@ nodeAnalyzer:
deploy: true
image:
repository: sysdig/node-image-analyzer
tag: 0.1.28
tag: 0.1.29
digest: null
pullPolicy: IfNotPresent
# The Docker socket path.
@ -393,7 +393,7 @@ nodeAnalyzer:
deploy: true
image:
repository: sysdig/host-analyzer
tag: 0.1.16
tag: 0.1.17
digest: null
pullPolicy: IfNotPresent
# The scanning schedule specification for the host analyzer expressed as a crontab string such as “5 4 * * *”.

Some files were not shown because too many files have changed in this diff Show More