diff --git a/assets/argo/argo-cd-5.41.1.tgz b/assets/argo/argo-cd-5.41.1.tgz index f5dc65d2d..a8a12d839 100644 Binary files a/assets/argo/argo-cd-5.41.1.tgz and b/assets/argo/argo-cd-5.41.1.tgz differ diff --git a/assets/argo/argo-cd-5.41.2.tgz b/assets/argo/argo-cd-5.41.2.tgz new file mode 100644 index 000000000..598cd0e31 Binary files /dev/null and b/assets/argo/argo-cd-5.41.2.tgz differ diff --git a/assets/bitnami/airflow-14.3.5.tgz b/assets/bitnami/airflow-14.3.5.tgz new file mode 100644 index 000000000..eeee9448c Binary files /dev/null and b/assets/bitnami/airflow-14.3.5.tgz differ diff --git a/assets/bitnami/kafka-23.0.7.tgz b/assets/bitnami/kafka-23.0.7.tgz new file mode 100644 index 000000000..4535248e8 Binary files /dev/null and b/assets/bitnami/kafka-23.0.7.tgz differ diff --git a/assets/bitnami/mariadb-12.2.9.tgz b/assets/bitnami/mariadb-12.2.9.tgz new file mode 100644 index 000000000..404decc1b Binary files /dev/null and b/assets/bitnami/mariadb-12.2.9.tgz differ diff --git a/assets/bitnami/mysql-9.10.9.tgz b/assets/bitnami/mysql-9.10.9.tgz new file mode 100644 index 000000000..30ceefed4 Binary files /dev/null and b/assets/bitnami/mysql-9.10.9.tgz differ diff --git a/assets/bitnami/postgresql-12.7.0.tgz b/assets/bitnami/postgresql-12.7.0.tgz new file mode 100644 index 000000000..c8c618bda Binary files /dev/null and b/assets/bitnami/postgresql-12.7.0.tgz differ diff --git a/assets/bitnami/redis-17.14.1.tgz b/assets/bitnami/redis-17.14.1.tgz new file mode 100644 index 000000000..8e6de091a Binary files /dev/null and b/assets/bitnami/redis-17.14.1.tgz differ diff --git a/assets/citrix/citrix-cpx-with-ingress-controller-1.34.16.tgz b/assets/citrix/citrix-cpx-with-ingress-controller-1.34.16.tgz new file mode 100644 index 000000000..9bd7c96f5 Binary files /dev/null and b/assets/citrix/citrix-cpx-with-ingress-controller-1.34.16.tgz differ diff --git a/assets/citrix/citrix-ingress-controller-1.34.16.tgz b/assets/citrix/citrix-ingress-controller-1.34.16.tgz new file mode 100644 index 000000000..447559fd1 Binary files /dev/null and b/assets/citrix/citrix-ingress-controller-1.34.16.tgz differ diff --git a/assets/cockroach-labs/cockroachdb-11.1.3.tgz b/assets/cockroach-labs/cockroachdb-11.1.3.tgz new file mode 100644 index 000000000..dae1ef985 Binary files /dev/null and b/assets/cockroach-labs/cockroachdb-11.1.3.tgz differ diff --git a/assets/datadog/datadog-operator-1.0.7.tgz b/assets/datadog/datadog-operator-1.0.7.tgz new file mode 100644 index 000000000..5fce65860 Binary files /dev/null and b/assets/datadog/datadog-operator-1.0.7.tgz differ diff --git a/assets/dynatrace/dynatrace-operator-0.12.1.tgz b/assets/dynatrace/dynatrace-operator-0.12.1.tgz new file mode 100644 index 000000000..0c47ec639 Binary files /dev/null and b/assets/dynatrace/dynatrace-operator-0.12.1.tgz differ diff --git a/assets/haproxy/haproxy-1.32.2.tgz b/assets/haproxy/haproxy-1.32.2.tgz new file mode 100644 index 000000000..070361260 Binary files /dev/null and b/assets/haproxy/haproxy-1.32.2.tgz differ diff --git a/assets/redpanda/redpanda-5.0.3.tgz b/assets/redpanda/redpanda-5.0.3.tgz new file mode 100644 index 000000000..396266d11 Binary files /dev/null and b/assets/redpanda/redpanda-5.0.3.tgz differ diff --git a/assets/speedscale/speedscale-operator-1.3.22.tgz b/assets/speedscale/speedscale-operator-1.3.22.tgz new file mode 100644 index 000000000..10eb26837 Binary files /dev/null and b/assets/speedscale/speedscale-operator-1.3.22.tgz differ diff --git a/assets/sysdig/sysdig-1.16.3.tgz b/assets/sysdig/sysdig-1.16.3.tgz new file mode 100644 index 000000000..89fa4205f Binary files /dev/null and b/assets/sysdig/sysdig-1.16.3.tgz differ diff --git a/charts/argo/argo-cd/Chart.yaml b/charts/argo/argo-cd/Chart.yaml index 239c1c30b..0ae658e01 100644 --- a/charts/argo/argo-cd/Chart.yaml +++ b/charts/argo/argo-cd/Chart.yaml @@ -1,7 +1,7 @@ annotations: artifacthub.io/changes: | - kind: changed - description: Update to app version 2.7.8 + description: Update to app version v2.7.9 artifacthub.io/signKey: | fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc @@ -11,7 +11,7 @@ annotations: catalog.cattle.io/kube-version: '>=1.23.0-0' catalog.cattle.io/release-name: argo-cd apiVersion: v2 -appVersion: v2.7.8 +appVersion: v2.7.9 dependencies: - condition: redis-ha.enabled name: redis-ha @@ -33,4 +33,4 @@ name: argo-cd sources: - https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd - https://github.com/argoproj/argo-cd -version: 5.41.1 +version: 5.41.2 diff --git a/charts/bitnami/airflow/Chart.lock b/charts/bitnami/airflow/Chart.lock index e4414e8b1..e1b8b3e33 100644 --- a/charts/bitnami/airflow/Chart.lock +++ b/charts/bitnami/airflow/Chart.lock @@ -1,12 +1,12 @@ dependencies: - name: redis repository: oci://registry-1.docker.io/bitnamicharts - version: 17.11.8 + version: 17.13.2 - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 12.6.5 + version: 12.6.9 - name: common repository: oci://registry-1.docker.io/bitnamicharts version: 2.6.0 -digest: sha256:fdb95b45850349c04fa20933cee42b106c0755539838a5e350197f609be68193 -generated: "2023-07-13T12:33:38.888177981Z" +digest: sha256:0fa46a589c1a3201a785fd64e046de4700f777766700b715fa4cd65ded1437cf +generated: "2023-07-25T05:49:35.124817589Z" diff --git a/charts/bitnami/airflow/Chart.yaml b/charts/bitnami/airflow/Chart.yaml index bfccdeb34..6c40e1fff 100644 --- a/charts/bitnami/airflow/Chart.yaml +++ b/charts/bitnami/airflow/Chart.yaml @@ -37,4 +37,4 @@ maintainers: name: airflow sources: - https://github.com/bitnami/charts/tree/main/bitnami/airflow -version: 14.3.4 +version: 14.3.5 diff --git a/charts/bitnami/airflow/README.md b/charts/bitnami/airflow/README.md index 3595fd340..1b7fda698 100644 --- a/charts/bitnami/airflow/README.md +++ b/charts/bitnami/airflow/README.md @@ -90,7 +90,7 @@ The command removes all the Kubernetes components associated with the chart and | `dags.existingConfigmap` | Name of an existing ConfigMap with all the DAGs files you want to load in Airflow | `""` | | `dags.image.registry` | Init container load-dags image registry | `docker.io` | | `dags.image.repository` | Init container load-dags image repository | `bitnami/os-shell` | -| `dags.image.tag` | Init container load-dags image tag (immutable tags are recommended) | `11-debian-11-r2` | +| `dags.image.tag` | Init container load-dags image tag (immutable tags are recommended) | `11-debian-11-r16` | | `dags.image.digest` | Init container load-dags image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `dags.image.pullPolicy` | Init container load-dags image pull policy | `IfNotPresent` | | `dags.image.pullSecrets` | Init container load-dags image pull secrets | `[]` | @@ -105,78 +105,78 @@ The command removes all the Kubernetes components associated with the chart and ### Airflow web parameters -| Name | Description | Value | -| ------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | -------------------- | -| `web.image.registry` | Airflow image registry | `docker.io` | -| `web.image.repository` | Airflow image repository | `bitnami/airflow` | -| `web.image.tag` | Airflow image tag (immutable tags are recommended) | `2.6.3-debian-11-r2` | -| `web.image.digest` | Airflow image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `web.image.pullPolicy` | Airflow image pull policy | `IfNotPresent` | -| `web.image.pullSecrets` | Airflow image pull secrets | `[]` | -| `web.image.debug` | Enable image debug mode | `false` | -| `web.baseUrl` | URL used to access to Airflow web ui | `""` | -| `web.existingConfigmap` | Name of an existing config map containing the Airflow web config file | `""` | -| `web.command` | Override default container command (useful when using custom images) | `[]` | -| `web.args` | Override default container args (useful when using custom images) | `[]` | -| `web.extraEnvVars` | Array with extra environment variables to add Airflow web pods | `[]` | -| `web.extraEnvVarsCM` | ConfigMap containing extra environment variables for Airflow web pods | `""` | -| `web.extraEnvVarsSecret` | Secret containing extra environment variables (in case of sensitive data) for Airflow web pods | `""` | -| `web.extraEnvVarsSecrets` | List of secrets with extra environment variables for Airflow web pods | `[]` | -| `web.containerPorts.http` | Airflow web HTTP container port | `8080` | -| `web.replicaCount` | Number of Airflow web replicas | `1` | -| `web.livenessProbe.enabled` | Enable livenessProbe on Airflow web containers | `true` | -| `web.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `180` | -| `web.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `20` | -| `web.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `web.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `web.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `web.readinessProbe.enabled` | Enable readinessProbe on Airflow web containers | `true` | -| `web.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | -| `web.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `web.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `web.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `web.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `web.startupProbe.enabled` | Enable startupProbe on Airflow web containers | `false` | -| `web.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `60` | -| `web.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `web.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `web.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `web.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `web.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `web.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `web.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `web.resources.limits` | The resources limits for the Airflow web containers | `{}` | -| `web.resources.requests` | The requested resources for the Airflow web containers | `{}` | -| `web.podSecurityContext.enabled` | Enabled Airflow web pods' Security Context | `true` | -| `web.podSecurityContext.fsGroup` | Set Airflow web pod's Security Context fsGroup | `1001` | -| `web.containerSecurityContext.enabled` | Enabled Airflow web containers' Security Context | `true` | -| `web.containerSecurityContext.runAsUser` | Set Airflow web containers' Security Context runAsUser | `1001` | -| `web.containerSecurityContext.runAsNonRoot` | Set Airflow web containers' Security Context runAsNonRoot | `true` | -| `web.lifecycleHooks` | for the Airflow web container(s) to automate configuration before or after startup | `{}` | -| `web.hostAliases` | Deployment pod host aliases | `[]` | -| `web.podLabels` | Add extra labels to the Airflow web pods | `{}` | -| `web.podAnnotations` | Add extra annotations to the Airflow web pods | `{}` | -| `web.affinity` | Affinity for Airflow web pods assignment (evaluated as a template) | `{}` | -| `web.nodeAffinityPreset.key` | Node label key to match. Ignored if `web.affinity` is set. | `""` | -| `web.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `web.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `web.nodeAffinityPreset.values` | Node label values to match. Ignored if `web.affinity` is set. | `[]` | -| `web.nodeSelector` | Node labels for Airflow web pods assignment | `{}` | -| `web.podAffinityPreset` | Pod affinity preset. Ignored if `web.affinity` is set. Allowed values: `soft` or `hard`. | `""` | -| `web.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `web.affinity` is set. Allowed values: `soft` or `hard`. | `soft` | -| `web.tolerations` | Tolerations for Airflow web pods assignment | `[]` | -| `web.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `web.priorityClassName` | Priority Class Name | `""` | -| `web.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | -| `web.terminationGracePeriodSeconds` | Seconds Airflow web pod needs to terminate gracefully | `""` | -| `web.updateStrategy.type` | Airflow web deployment strategy type | `RollingUpdate` | -| `web.updateStrategy.rollingUpdate` | Airflow web deployment rolling update configuration parameters | `{}` | -| `web.sidecars` | Add additional sidecar containers to the Airflow web pods | `[]` | -| `web.initContainers` | Add additional init containers to the Airflow web pods | `[]` | -| `web.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Airflow web pods | `[]` | -| `web.extraVolumes` | Optionally specify extra list of additional volumes for the Airflow web pods | `[]` | -| `web.pdb.create` | Deploy a pdb object for the Airflow web pods | `false` | -| `web.pdb.minAvailable` | Maximum number/percentage of unavailable Airflow web replicas | `1` | -| `web.pdb.maxUnavailable` | Maximum number/percentage of unavailable Airflow web replicas | `""` | +| Name | Description | Value | +| ------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | --------------------- | +| `web.image.registry` | Airflow image registry | `docker.io` | +| `web.image.repository` | Airflow image repository | `bitnami/airflow` | +| `web.image.tag` | Airflow image tag (immutable tags are recommended) | `2.6.3-debian-11-r14` | +| `web.image.digest` | Airflow image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `web.image.pullPolicy` | Airflow image pull policy | `IfNotPresent` | +| `web.image.pullSecrets` | Airflow image pull secrets | `[]` | +| `web.image.debug` | Enable image debug mode | `false` | +| `web.baseUrl` | URL used to access to Airflow web ui | `""` | +| `web.existingConfigmap` | Name of an existing config map containing the Airflow web config file | `""` | +| `web.command` | Override default container command (useful when using custom images) | `[]` | +| `web.args` | Override default container args (useful when using custom images) | `[]` | +| `web.extraEnvVars` | Array with extra environment variables to add Airflow web pods | `[]` | +| `web.extraEnvVarsCM` | ConfigMap containing extra environment variables for Airflow web pods | `""` | +| `web.extraEnvVarsSecret` | Secret containing extra environment variables (in case of sensitive data) for Airflow web pods | `""` | +| `web.extraEnvVarsSecrets` | List of secrets with extra environment variables for Airflow web pods | `[]` | +| `web.containerPorts.http` | Airflow web HTTP container port | `8080` | +| `web.replicaCount` | Number of Airflow web replicas | `1` | +| `web.livenessProbe.enabled` | Enable livenessProbe on Airflow web containers | `true` | +| `web.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `180` | +| `web.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `20` | +| `web.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `web.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `web.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `web.readinessProbe.enabled` | Enable readinessProbe on Airflow web containers | `true` | +| `web.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | +| `web.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `web.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `web.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `web.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `web.startupProbe.enabled` | Enable startupProbe on Airflow web containers | `false` | +| `web.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `60` | +| `web.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `web.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `web.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `web.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `web.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `web.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `web.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `web.resources.limits` | The resources limits for the Airflow web containers | `{}` | +| `web.resources.requests` | The requested resources for the Airflow web containers | `{}` | +| `web.podSecurityContext.enabled` | Enabled Airflow web pods' Security Context | `true` | +| `web.podSecurityContext.fsGroup` | Set Airflow web pod's Security Context fsGroup | `1001` | +| `web.containerSecurityContext.enabled` | Enabled Airflow web containers' Security Context | `true` | +| `web.containerSecurityContext.runAsUser` | Set Airflow web containers' Security Context runAsUser | `1001` | +| `web.containerSecurityContext.runAsNonRoot` | Set Airflow web containers' Security Context runAsNonRoot | `true` | +| `web.lifecycleHooks` | for the Airflow web container(s) to automate configuration before or after startup | `{}` | +| `web.hostAliases` | Deployment pod host aliases | `[]` | +| `web.podLabels` | Add extra labels to the Airflow web pods | `{}` | +| `web.podAnnotations` | Add extra annotations to the Airflow web pods | `{}` | +| `web.affinity` | Affinity for Airflow web pods assignment (evaluated as a template) | `{}` | +| `web.nodeAffinityPreset.key` | Node label key to match. Ignored if `web.affinity` is set. | `""` | +| `web.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `web.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `web.nodeAffinityPreset.values` | Node label values to match. Ignored if `web.affinity` is set. | `[]` | +| `web.nodeSelector` | Node labels for Airflow web pods assignment | `{}` | +| `web.podAffinityPreset` | Pod affinity preset. Ignored if `web.affinity` is set. Allowed values: `soft` or `hard`. | `""` | +| `web.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `web.affinity` is set. Allowed values: `soft` or `hard`. | `soft` | +| `web.tolerations` | Tolerations for Airflow web pods assignment | `[]` | +| `web.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `web.priorityClassName` | Priority Class Name | `""` | +| `web.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | +| `web.terminationGracePeriodSeconds` | Seconds Airflow web pod needs to terminate gracefully | `""` | +| `web.updateStrategy.type` | Airflow web deployment strategy type | `RollingUpdate` | +| `web.updateStrategy.rollingUpdate` | Airflow web deployment rolling update configuration parameters | `{}` | +| `web.sidecars` | Add additional sidecar containers to the Airflow web pods | `[]` | +| `web.initContainers` | Add additional init containers to the Airflow web pods | `[]` | +| `web.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Airflow web pods | `[]` | +| `web.extraVolumes` | Optionally specify extra list of additional volumes for the Airflow web pods | `[]` | +| `web.pdb.create` | Deploy a pdb object for the Airflow web pods | `false` | +| `web.pdb.minAvailable` | Maximum number/percentage of unavailable Airflow web replicas | `1` | +| `web.pdb.maxUnavailable` | Maximum number/percentage of unavailable Airflow web replicas | `""` | ### Airflow scheduler parameters @@ -184,7 +184,7 @@ The command removes all the Kubernetes components associated with the chart and | ------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | --------------------------- | | `scheduler.image.registry` | Airflow Scheduler image registry | `docker.io` | | `scheduler.image.repository` | Airflow Scheduler image repository | `bitnami/airflow-scheduler` | -| `scheduler.image.tag` | Airflow Scheduler image tag (immutable tags are recommended) | `2.6.3-debian-11-r0` | +| `scheduler.image.tag` | Airflow Scheduler image tag (immutable tags are recommended) | `2.6.3-debian-11-r11` | | `scheduler.image.digest` | Airflow Schefuler image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `scheduler.image.pullPolicy` | Airflow Scheduler image pull policy | `IfNotPresent` | | `scheduler.image.pullSecrets` | Airflow Scheduler image pull secrets | `[]` | @@ -238,7 +238,7 @@ The command removes all the Kubernetes components associated with the chart and | ---------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ------------------------ | | `worker.image.registry` | Airflow Worker image registry | `docker.io` | | `worker.image.repository` | Airflow Worker image repository | `bitnami/airflow-worker` | -| `worker.image.tag` | Airflow Worker image tag (immutable tags are recommended) | `2.6.3-debian-11-r0` | +| `worker.image.tag` | Airflow Worker image tag (immutable tags are recommended) | `2.6.3-debian-11-r11` | | `worker.image.digest` | Airflow Worker image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `worker.image.pullPolicy` | Airflow Worker image pull policy | `IfNotPresent` | | `worker.image.pullSecrets` | Airflow Worker image pull secrets | `[]` | @@ -318,7 +318,7 @@ The command removes all the Kubernetes components associated with the chart and | ------------------------------ | --------------------------------------------------------------------------------------------------- | ---------------------- | | `git.image.registry` | Git image registry | `docker.io` | | `git.image.repository` | Git image repository | `bitnami/git` | -| `git.image.tag` | Git image tag (immutable tags are recommended) | `2.41.0-debian-11-r16` | +| `git.image.tag` | Git image tag (immutable tags are recommended) | `2.41.0-debian-11-r50` | | `git.image.digest` | Git image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `git.image.pullPolicy` | Git image pull policy | `IfNotPresent` | | `git.image.pullSecrets` | Git image pull secrets | `[]` | @@ -410,7 +410,7 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.enabled` | Whether or not to create a standalone Airflow exporter to expose Airflow metrics | `false` | | `metrics.image.registry` | Airflow exporter image registry | `docker.io` | | `metrics.image.repository` | Airflow exporter image repository | `bitnami/airflow-exporter` | -| `metrics.image.tag` | Airflow exporter image tag (immutable tags are recommended) | `0.20220314.0-debian-11-r141` | +| `metrics.image.tag` | Airflow exporter image tag (immutable tags are recommended) | `0.20220314.0-debian-11-r365` | | `metrics.image.digest` | Airflow exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.pullPolicy` | Airflow exporter image pull policy | `IfNotPresent` | | `metrics.image.pullSecrets` | Airflow exporter image pull secrets | `[]` | diff --git a/charts/bitnami/airflow/charts/postgresql/Chart.yaml b/charts/bitnami/airflow/charts/postgresql/Chart.yaml index 923d07e4e..e6086638d 100644 --- a/charts/bitnami/airflow/charts/postgresql/Chart.yaml +++ b/charts/bitnami/airflow/charts/postgresql/Chart.yaml @@ -27,4 +27,4 @@ maintainers: name: postgresql sources: - https://github.com/bitnami/charts/tree/main/bitnami/post -version: 12.6.5 +version: 12.6.9 diff --git a/charts/bitnami/airflow/charts/postgresql/README.md b/charts/bitnami/airflow/charts/postgresql/README.md index a3c0c78d3..fabceeb22 100644 --- a/charts/bitnami/airflow/charts/postgresql/README.md +++ b/charts/bitnami/airflow/charts/postgresql/README.md @@ -100,7 +100,7 @@ kubectl delete pvc -l release=my-release | ---------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | | `image.registry` | PostgreSQL image registry | `docker.io` | | `image.repository` | PostgreSQL image repository | `bitnami/postgresql` | -| `image.tag` | PostgreSQL image tag (immutable tags are recommended) | `15.3.0-debian-11-r17` | +| `image.tag` | PostgreSQL image tag (immutable tags are recommended) | `15.3.0-debian-11-r74` | | `image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | PostgreSQL image pull policy | `IfNotPresent` | | `image.pullSecrets` | Specify image pull secrets | `[]` | @@ -372,18 +372,18 @@ kubectl delete pvc -l release=my-release ### Volume Permissions parameters -| Name | Description | Value | -| ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------- | ----------------------- | -| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r130` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | -| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | -| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | -| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | +| Name | Description | Value | +| ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------- | ------------------ | +| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r16` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | +| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | +| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | +| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | ### Other Parameters @@ -405,7 +405,7 @@ kubectl delete pvc -l release=my-release | `metrics.enabled` | Start a prometheus exporter | `false` | | `metrics.image.registry` | PostgreSQL Prometheus Exporter image registry | `docker.io` | | `metrics.image.repository` | PostgreSQL Prometheus Exporter image repository | `bitnami/postgres-exporter` | -| `metrics.image.tag` | PostgreSQL Prometheus Exporter image tag (immutable tags are recommended) | `0.13.1-debian-11-r0` | +| `metrics.image.tag` | PostgreSQL Prometheus Exporter image tag (immutable tags are recommended) | `0.13.2-debian-11-r0` | | `metrics.image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.pullPolicy` | PostgreSQL Prometheus Exporter image pull policy | `IfNotPresent` | | `metrics.image.pullSecrets` | Specify image pull secrets | `[]` | @@ -682,4 +682,4 @@ Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and -limitations under the License. +limitations under the License. \ No newline at end of file diff --git a/charts/bitnami/airflow/charts/postgresql/templates/_helpers.tpl b/charts/bitnami/airflow/charts/postgresql/templates/_helpers.tpl index fdce3b943..1f0695f18 100644 --- a/charts/bitnami/airflow/charts/postgresql/templates/_helpers.tpl +++ b/charts/bitnami/airflow/charts/postgresql/templates/_helpers.tpl @@ -160,7 +160,7 @@ Return true if a secret object should be created */}} {{- define "postgresql.createSecret" -}} {{- $customUser := include "postgresql.username" . -}} -{{- $postgresPassword := include "common.secrets.lookup" (dict "secret" (include "common.names.fullname" .) "key" .Values.auth.secretKeys.adminPasswordKey "defaultValue" (ternary (coalesce .Values.global.postgresql.auth.postgresPassword .Values.auth.postgresPassword) (coalesce .Values.global.postgresql.auth.password .Values.auth.password) (or (empty $customUser) (eq $customUser "postgres"))) "context" $) -}} +{{- $postgresPassword := include "common.secrets.lookup" (dict "secret" (include "common.names.fullname" .) "key" .Values.auth.secretKeys.adminPasswordKey "defaultValue" (ternary (coalesce .Values.global.postgresql.auth.postgresPassword .Values.auth.postgresPassword .Values.global.postgresql.auth.password .Values.auth.password) (coalesce .Values.global.postgresql.auth.postgresPassword .Values.auth.postgresPassword) (or (empty $customUser) (eq $customUser "postgres"))) "context" $) -}} {{- if and (not (or .Values.global.postgresql.auth.existingSecret .Values.auth.existingSecret)) (or $postgresPassword .Values.auth.enablePostgresUser (and (not (empty $customUser)) (ne $customUser "postgres")) (eq .Values.architecture "replication") (and .Values.ldap.enabled (or .Values.ldap.bind_password .Values.ldap.bindpw))) -}} {{- true -}} diff --git a/charts/bitnami/airflow/charts/postgresql/templates/primary/statefulset.yaml b/charts/bitnami/airflow/charts/postgresql/templates/primary/statefulset.yaml index 2b80997b4..596ea859d 100644 --- a/charts/bitnami/airflow/charts/postgresql/templates/primary/statefulset.yaml +++ b/charts/bitnami/airflow/charts/postgresql/templates/primary/statefulset.yaml @@ -220,11 +220,8 @@ spec: {{- if or (eq $customUser "postgres") (empty $customUser) }} {{- if .Values.auth.enablePostgresUser }} {{- if .Values.auth.usePasswordFiles }} - - name: POSTGRES_POSTGRES_PASSWORD_FILE + - name: POSTGRES_PASSWORD_FILE value: {{ printf "/opt/bitnami/postgresql/secrets/%s" (include "postgresql.adminPasswordKey" .) }} - {{- else if .Values.auth.postgresPassword }} - - name: POSTGRES_PASSWORD - value: {{ .Values.auth.postgresPassword }} {{- else }} - name: POSTGRES_PASSWORD valueFrom: @@ -253,9 +250,6 @@ spec: {{- if .Values.auth.usePasswordFiles }} - name: POSTGRES_POSTGRES_PASSWORD_FILE value: {{ printf "/opt/bitnami/postgresql/secrets/%s" (include "postgresql.adminPasswordKey" .) }} - {{- else if .Values.auth.postgresPassword }} - - name: POSTGRES_POSTGRES_PASSWORD - value: {{ .Values.auth.postgresPassword }} {{- else }} - name: POSTGRES_POSTGRES_PASSWORD valueFrom: diff --git a/charts/bitnami/airflow/charts/postgresql/templates/secrets.yaml b/charts/bitnami/airflow/charts/postgresql/templates/secrets.yaml index ed2c50ffb..d8929006d 100644 --- a/charts/bitnami/airflow/charts/postgresql/templates/secrets.yaml +++ b/charts/bitnami/airflow/charts/postgresql/templates/secrets.yaml @@ -6,7 +6,7 @@ SPDX-License-Identifier: APACHE-2.0 {{- $host := include "postgresql.primary.fullname" . }} {{- $port := include "postgresql.service.port" . }} {{- $customUser := include "postgresql.username" . }} -{{- $postgresPassword := include "common.secrets.lookup" (dict "secret" (include "postgresql.secretName" .) "key" .Values.auth.secretKeys.adminPasswordKey "defaultValue" (ternary (coalesce .Values.global.postgresql.auth.postgresPassword .Values.auth.postgresPassword) (coalesce .Values.global.postgresql.auth.password .Values.auth.password) (or (empty $customUser) (eq $customUser "postgres"))) "context" $) | trimAll "\"" | b64dec }} +{{- $postgresPassword := include "common.secrets.lookup" (dict "secret" (include "postgresql.secretName" .) "key" .Values.auth.secretKeys.adminPasswordKey "defaultValue" (ternary (coalesce .Values.global.postgresql.auth.password .Values.auth.password .Values.global.postgresql.auth.postgresPassword .Values.auth.postgresPassword) (coalesce .Values.global.postgresql.auth.postgresPassword .Values.auth.postgresPassword) (or (empty $customUser) (eq $customUser "postgres"))) "context" $) | trimAll "\"" | b64dec }} {{- if and (not $postgresPassword) .Values.auth.enablePostgresUser }} {{- $postgresPassword = randAlphaNum 10 }} {{- end }} diff --git a/charts/bitnami/airflow/charts/postgresql/values.yaml b/charts/bitnami/airflow/charts/postgresql/values.yaml index 793e22156..1f9a6b75e 100644 --- a/charts/bitnami/airflow/charts/postgresql/values.yaml +++ b/charts/bitnami/airflow/charts/postgresql/values.yaml @@ -98,7 +98,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/postgresql - tag: 15.3.0-debian-11-r17 + tag: 15.3.0-debian-11-r74 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -1138,8 +1138,8 @@ volumePermissions: ## image: registry: docker.io - repository: bitnami/bitnami-shell - tag: 11-debian-11-r130 + repository: bitnami/os-shell + tag: 11-debian-11-r16 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -1234,7 +1234,7 @@ metrics: image: registry: docker.io repository: bitnami/postgres-exporter - tag: 0.13.1-debian-11-r0 + tag: 0.13.2-debian-11-r0 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. diff --git a/charts/bitnami/airflow/charts/redis/Chart.yaml b/charts/bitnami/airflow/charts/redis/Chart.yaml index 42d13a4c0..ce68052a1 100644 --- a/charts/bitnami/airflow/charts/redis/Chart.yaml +++ b/charts/bitnami/airflow/charts/redis/Chart.yaml @@ -24,4 +24,4 @@ maintainers: name: redis sources: - https://github.com/bitnami/charts/tree/main/bitnami/redis -version: 17.11.8 +version: 17.13.2 diff --git a/charts/bitnami/airflow/charts/redis/README.md b/charts/bitnami/airflow/charts/redis/README.md index bdc2533a5..9847278af 100644 --- a/charts/bitnami/airflow/charts/redis/README.md +++ b/charts/bitnami/airflow/charts/redis/README.md @@ -101,7 +101,7 @@ The command removes all the Kubernetes components associated with the chart and | ------------------- | ---------------------------------------------------------------------------------------------------------- | --------------------- | | `image.registry` | Redis® image registry | `docker.io` | | `image.repository` | Redis® image repository | `bitnami/redis` | -| `image.tag` | Redis® image tag (immutable tags are recommended) | `7.0.12-debian-11-r0` | +| `image.tag` | Redis® image tag (immutable tags are recommended) | `7.0.12-debian-11-r2` | | `image.digest` | Redis® image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | Redis® image pull policy | `IfNotPresent` | | `image.pullSecrets` | Redis® image pull secrets | `[]` | @@ -335,7 +335,7 @@ The command removes all the Kubernetes components associated with the chart and | `sentinel.enabled` | Use Redis® Sentinel on Redis® pods. | `false` | | `sentinel.image.registry` | Redis® Sentinel image registry | `docker.io` | | `sentinel.image.repository` | Redis® Sentinel image repository | `bitnami/redis-sentinel` | -| `sentinel.image.tag` | Redis® Sentinel image tag (immutable tags are recommended) | `7.0.11-debian-11-r27` | +| `sentinel.image.tag` | Redis® Sentinel image tag (immutable tags are recommended) | `7.0.12-debian-11-r1` | | `sentinel.image.digest` | Redis® Sentinel image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `sentinel.image.pullPolicy` | Redis® Sentinel image pull policy | `IfNotPresent` | | `sentinel.image.pullSecrets` | Redis® Sentinel image pull secrets | `[]` | @@ -453,7 +453,7 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.enabled` | Start a sidecar prometheus exporter to expose Redis® metrics | `false` | | `metrics.image.registry` | Redis® Exporter image registry | `docker.io` | | `metrics.image.repository` | Redis® Exporter image repository | `bitnami/redis-exporter` | -| `metrics.image.tag` | Redis® Exporter image tag (immutable tags are recommended) | `1.51.0-debian-11-r8` | +| `metrics.image.tag` | Redis® Exporter image tag (immutable tags are recommended) | `1.51.0-debian-11-r11` | | `metrics.image.digest` | Redis® Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.pullPolicy` | Redis® Exporter image pull policy | `IfNotPresent` | | `metrics.image.pullSecrets` | Redis® Exporter image pull secrets | `[]` | @@ -507,6 +507,8 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | | `metrics.serviceMonitor.additionalLabels` | Additional labels that can be used so ServiceMonitor resource(s) can be discovered by Prometheus | `{}` | | `metrics.serviceMonitor.podTargetLabels` | Labels from the Kubernetes pod to be transferred to the created metrics | `[]` | +| `metrics.serviceMonitor.sampleLimit` | Limit of how many samples should be scraped from every Pod | `false` | +| `metrics.serviceMonitor.targetLimit` | Limit of how many targets should be scraped | `false` | | `metrics.prometheusRule.enabled` | Create a custom prometheusRule Resource for scraping metrics using PrometheusOperator | `false` | | `metrics.prometheusRule.namespace` | The namespace in which the prometheusRule will be created | `""` | | `metrics.prometheusRule.additionalLabels` | Additional labels for the prometheusRule | `{}` | @@ -514,29 +516,29 @@ The command removes all the Kubernetes components associated with the chart and ### Init Container Parameters -| Name | Description | Value | -| ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------- | ----------------------- | -| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | -| `volumePermissions.image.registry` | Bitnami Shell image registry | `docker.io` | -| `volumePermissions.image.repository` | Bitnami Shell image repository | `bitnami/bitnami-shell` | -| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r134` | -| `volumePermissions.image.digest` | Bitnami Shell image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Bitnami Shell image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Bitnami Shell image pull secrets | `[]` | -| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | -| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | -| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | -| `sysctl.enabled` | Enable init container to modify Kernel settings | `false` | -| `sysctl.image.registry` | Bitnami Shell image registry | `docker.io` | -| `sysctl.image.repository` | Bitnami Shell image repository | `bitnami/bitnami-shell` | -| `sysctl.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r134` | -| `sysctl.image.digest` | Bitnami Shell image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `sysctl.image.pullPolicy` | Bitnami Shell image pull policy | `IfNotPresent` | -| `sysctl.image.pullSecrets` | Bitnami Shell image pull secrets | `[]` | -| `sysctl.command` | Override default init-sysctl container command (useful when using custom images) | `[]` | -| `sysctl.mountHostSys` | Mount the host `/sys` folder to `/host-sys` | `false` | -| `sysctl.resources.limits` | The resources limits for the init container | `{}` | -| `sysctl.resources.requests` | The requested resources for the init container | `{}` | +| Name | Description | Value | +| ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------ | ------------------ | +| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | OS Shell + Utility image registry | `docker.io` | +| `volumePermissions.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | +| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r3` | +| `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` | +| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` | +| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` | +| `sysctl.enabled` | Enable init container to modify Kernel settings | `false` | +| `sysctl.image.registry` | OS Shell + Utility image registry | `docker.io` | +| `sysctl.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | +| `sysctl.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r3` | +| `sysctl.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `sysctl.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | +| `sysctl.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | +| `sysctl.command` | Override default init-sysctl container command (useful when using custom images) | `[]` | +| `sysctl.mountHostSys` | Mount the host `/sys` folder to `/host-sys` | `false` | +| `sysctl.resources.limits` | The resources limits for the init container | `{}` | +| `sysctl.resources.requests` | The requested resources for the init container | `{}` | ### useExternalDNS Parameters diff --git a/charts/bitnami/airflow/charts/redis/templates/secret.yaml b/charts/bitnami/airflow/charts/redis/templates/secret.yaml index 9ec4db4cc..7ee2d57d1 100644 --- a/charts/bitnami/airflow/charts/redis/templates/secret.yaml +++ b/charts/bitnami/airflow/charts/redis/templates/secret.yaml @@ -57,5 +57,9 @@ data: host: {{ print $host | b64enc | quote }} port: {{ print $port | b64enc | quote }} password: {{ print $password | b64enc | quote }} + {{- if $password }} uri: {{ printf "redis://%s@%s:%s" $password $host $port | b64enc | quote }} + {{- else }} + uri: {{ printf "redis://%s:%s" $host $port | b64enc | quote }} + {{- end }} {{- end }} diff --git a/charts/bitnami/airflow/charts/redis/templates/servicemonitor.yaml b/charts/bitnami/airflow/charts/redis/templates/servicemonitor.yaml index a9a14c4da..732ffbac9 100644 --- a/charts/bitnami/airflow/charts/redis/templates/servicemonitor.yaml +++ b/charts/bitnami/airflow/charts/redis/templates/servicemonitor.yaml @@ -40,6 +40,12 @@ spec: {{- if .Values.metrics.serviceMonitor.podTargetLabels }} podTargetLabels: {{- toYaml .Values.metrics.serviceMonitor.podTargetLabels | nindent 4 }} {{- end }} + {{ with .Values.metrics.serviceMonitor.sampleLimit }} + sampleLimit: {{ . }} + {{- end }} + {{ with .Values.metrics.serviceMonitor.targetLimit }} + targetLimit: {{ . }} + {{- end }} namespaceSelector: matchNames: - {{ .Release.Namespace }} diff --git a/charts/bitnami/airflow/charts/redis/values.yaml b/charts/bitnami/airflow/charts/redis/values.yaml index 2b7d02278..ff6d64ec9 100644 --- a/charts/bitnami/airflow/charts/redis/values.yaml +++ b/charts/bitnami/airflow/charts/redis/values.yaml @@ -91,7 +91,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/redis - tag: 7.0.12-debian-11-r0 + tag: 7.0.12-debian-11-r2 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -1004,7 +1004,7 @@ sentinel: image: registry: docker.io repository: bitnami/redis-sentinel - tag: 7.0.11-debian-11-r27 + tag: 7.0.12-debian-11-r1 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -1446,7 +1446,7 @@ metrics: image: registry: docker.io repository: bitnami/redis-exporter - tag: 1.51.0-debian-11-r8 + tag: 1.51.0-debian-11-r11 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -1627,6 +1627,13 @@ metrics: ## @param metrics.serviceMonitor.podTargetLabels Labels from the Kubernetes pod to be transferred to the created metrics ## podTargetLabels: [] + ## @param metrics.serviceMonitor.sampleLimit Limit of how many samples should be scraped from every Pod + ## + sampleLimit: false + ## @param metrics.serviceMonitor.targetLimit Limit of how many targets should be scraped + ## + targetLimit: false + ## Custom PrometheusRule to be defined ## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions ## @@ -1688,19 +1695,19 @@ volumePermissions: ## @param volumePermissions.enabled Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` ## enabled: false - ## Bitnami Shell image - ## ref: https://hub.docker.com/r/bitnami/bitnami-shell/tags/ - ## @param volumePermissions.image.registry Bitnami Shell image registry - ## @param volumePermissions.image.repository Bitnami Shell image repository - ## @param volumePermissions.image.tag Bitnami Shell image tag (immutable tags are recommended) - ## @param volumePermissions.image.digest Bitnami Shell image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag - ## @param volumePermissions.image.pullPolicy Bitnami Shell image pull policy - ## @param volumePermissions.image.pullSecrets Bitnami Shell image pull secrets + ## OS Shell + Utility image + ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ + ## @param volumePermissions.image.registry OS Shell + Utility image registry + ## @param volumePermissions.image.repository OS Shell + Utility image repository + ## @param volumePermissions.image.tag OS Shell + Utility image tag (immutable tags are recommended) + ## @param volumePermissions.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag + ## @param volumePermissions.image.pullPolicy OS Shell + Utility image pull policy + ## @param volumePermissions.image.pullSecrets OS Shell + Utility image pull secrets ## image: registry: docker.io - repository: bitnami/bitnami-shell - tag: 11-debian-11-r134 + repository: bitnami/os-shell + tag: 11-debian-11-r3 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -1736,19 +1743,19 @@ sysctl: ## @param sysctl.enabled Enable init container to modify Kernel settings ## enabled: false - ## Bitnami Shell image - ## ref: https://hub.docker.com/r/bitnami/bitnami-shell/tags/ - ## @param sysctl.image.registry Bitnami Shell image registry - ## @param sysctl.image.repository Bitnami Shell image repository - ## @param sysctl.image.tag Bitnami Shell image tag (immutable tags are recommended) - ## @param sysctl.image.digest Bitnami Shell image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag - ## @param sysctl.image.pullPolicy Bitnami Shell image pull policy - ## @param sysctl.image.pullSecrets Bitnami Shell image pull secrets + ## OS Shell + Utility image + ## ref: https://hub.docker.com/r/bitnami/os-shell/tags/ + ## @param sysctl.image.registry OS Shell + Utility image registry + ## @param sysctl.image.repository OS Shell + Utility image repository + ## @param sysctl.image.tag OS Shell + Utility image tag (immutable tags are recommended) + ## @param sysctl.image.digest OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag + ## @param sysctl.image.pullPolicy OS Shell + Utility image pull policy + ## @param sysctl.image.pullSecrets OS Shell + Utility image pull secrets ## image: registry: docker.io - repository: bitnami/bitnami-shell - tag: 11-debian-11-r134 + repository: bitnami/os-shell + tag: 11-debian-11-r3 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. diff --git a/charts/bitnami/airflow/values.yaml b/charts/bitnami/airflow/values.yaml index 42b3b91bf..d49f91421 100644 --- a/charts/bitnami/airflow/values.yaml +++ b/charts/bitnami/airflow/values.yaml @@ -121,7 +121,7 @@ dags: image: registry: docker.io repository: bitnami/os-shell - tag: 11-debian-11-r2 + tag: 11-debian-11-r16 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -188,7 +188,7 @@ web: image: registry: docker.io repository: bitnami/airflow - tag: 2.6.3-debian-11-r2 + tag: 2.6.3-debian-11-r14 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -446,7 +446,7 @@ scheduler: image: registry: docker.io repository: bitnami/airflow-scheduler - tag: 2.6.3-debian-11-r0 + tag: 2.6.3-debian-11-r11 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -650,7 +650,7 @@ worker: image: registry: docker.io repository: bitnami/airflow-worker - tag: 2.6.3-debian-11-r0 + tag: 2.6.3-debian-11-r11 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -923,7 +923,7 @@ git: image: registry: docker.io repository: bitnami/git - tag: 2.41.0-debian-11-r16 + tag: 2.41.0-debian-11-r50 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -1286,7 +1286,7 @@ metrics: image: registry: docker.io repository: bitnami/airflow-exporter - tag: 0.20220314.0-debian-11-r141 + tag: 0.20220314.0-debian-11-r365 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. diff --git a/charts/bitnami/kafka/Chart.yaml b/charts/bitnami/kafka/Chart.yaml index dbccbb498..3cc9e6d07 100644 --- a/charts/bitnami/kafka/Chart.yaml +++ b/charts/bitnami/kafka/Chart.yaml @@ -34,4 +34,4 @@ maintainers: name: kafka sources: - https://github.com/bitnami/charts/tree/main/bitnami/kafka -version: 23.0.6 +version: 23.0.7 diff --git a/charts/bitnami/kafka/README.md b/charts/bitnami/kafka/README.md index d45e4c477..453827dee 100644 --- a/charts/bitnami/kafka/README.md +++ b/charts/bitnami/kafka/README.md @@ -82,7 +82,7 @@ The command removes all the Kubernetes components associated with the chart and | ------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------- | | `image.registry` | Kafka image registry | `docker.io` | | `image.repository` | Kafka image repository | `bitnami/kafka` | -| `image.tag` | Kafka image tag (immutable tags are recommended) | `3.5.1-debian-11-r0` | +| `image.tag` | Kafka image tag (immutable tags are recommended) | `3.5.1-debian-11-r1` | | `image.digest` | Kafka image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | Kafka image pull policy | `IfNotPresent` | | `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | @@ -256,7 +256,7 @@ The command removes all the Kubernetes components associated with the chart and | `externalAccess.autoDiscovery.enabled` | Enable using an init container to auto-detect external IPs/ports by querying the K8s API | `false` | | `externalAccess.autoDiscovery.image.registry` | Init container auto-discovery image registry | `docker.io` | | `externalAccess.autoDiscovery.image.repository` | Init container auto-discovery image repository | `bitnami/kubectl` | -| `externalAccess.autoDiscovery.image.tag` | Init container auto-discovery image tag (immutable tags are recommended) | `1.25.12-debian-11-r2` | +| `externalAccess.autoDiscovery.image.tag` | Init container auto-discovery image tag (immutable tags are recommended) | `1.25.12-debian-11-r6` | | `externalAccess.autoDiscovery.image.digest` | Kubectl image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `externalAccess.autoDiscovery.image.pullPolicy` | Init container auto-discovery image pull policy | `IfNotPresent` | | `externalAccess.autoDiscovery.image.pullSecrets` | Init container auto-discovery image pull secrets | `[]` | @@ -337,7 +337,7 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.kafka.enabled` | Whether or not to create a standalone Kafka exporter to expose Kafka metrics | `false` | | `metrics.kafka.image.registry` | Kafka exporter image registry | `docker.io` | | `metrics.kafka.image.repository` | Kafka exporter image repository | `bitnami/kafka-exporter` | -| `metrics.kafka.image.tag` | Kafka exporter image tag (immutable tags are recommended) | `1.7.0-debian-11-r58` | +| `metrics.kafka.image.tag` | Kafka exporter image tag (immutable tags are recommended) | `1.7.0-debian-11-r61` | | `metrics.kafka.image.digest` | Kafka exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.kafka.image.pullPolicy` | Kafka exporter image pull policy | `IfNotPresent` | | `metrics.kafka.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | @@ -385,7 +385,7 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.jmx.enabled` | Whether or not to expose JMX metrics to Prometheus | `false` | | `metrics.jmx.image.registry` | JMX exporter image registry | `docker.io` | | `metrics.jmx.image.repository` | JMX exporter image repository | `bitnami/jmx-exporter` | -| `metrics.jmx.image.tag` | JMX exporter image tag (immutable tags are recommended) | `0.19.0-debian-11-r23` | +| `metrics.jmx.image.tag` | JMX exporter image tag (immutable tags are recommended) | `0.19.0-debian-11-r25` | | `metrics.jmx.image.digest` | JMX exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.jmx.image.pullPolicy` | JMX exporter image pull policy | `IfNotPresent` | | `metrics.jmx.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | diff --git a/charts/bitnami/kafka/values.yaml b/charts/bitnami/kafka/values.yaml index bb3854aca..273546eb0 100644 --- a/charts/bitnami/kafka/values.yaml +++ b/charts/bitnami/kafka/values.yaml @@ -80,7 +80,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/kafka - tag: 3.5.1-debian-11-r0 + tag: 3.5.1-debian-11-r1 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -784,7 +784,7 @@ externalAccess: image: registry: docker.io repository: bitnami/kubectl - tag: 1.25.12-debian-11-r2 + tag: 1.25.12-debian-11-r6 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -1115,7 +1115,7 @@ metrics: image: registry: docker.io repository: bitnami/kafka-exporter - tag: 1.7.0-debian-11-r58 + tag: 1.7.0-debian-11-r61 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -1351,7 +1351,7 @@ metrics: image: registry: docker.io repository: bitnami/jmx-exporter - tag: 0.19.0-debian-11-r23 + tag: 0.19.0-debian-11-r25 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' diff --git a/charts/bitnami/mariadb/Chart.yaml b/charts/bitnami/mariadb/Chart.yaml index 1688021a1..ef541191d 100644 --- a/charts/bitnami/mariadb/Chart.yaml +++ b/charts/bitnami/mariadb/Chart.yaml @@ -30,4 +30,4 @@ maintainers: name: mariadb sources: - https://github.com/bitnami/charts/tree/main/bitnami/mariadb -version: 12.2.8 +version: 12.2.9 diff --git a/charts/bitnami/mariadb/README.md b/charts/bitnami/mariadb/README.md index f0fe5df4e..9bbd74f29 100644 --- a/charts/bitnami/mariadb/README.md +++ b/charts/bitnami/mariadb/README.md @@ -86,7 +86,7 @@ The command removes all the Kubernetes components associated with the chart and | -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------- | | `image.registry` | MariaDB image registry | `docker.io` | | `image.repository` | MariaDB image repository | `bitnami/mariadb` | -| `image.tag` | MariaDB image tag (immutable tags are recommended) | `10.11.4-debian-11-r12` | +| `image.tag` | MariaDB image tag (immutable tags are recommended) | `10.11.4-debian-11-r46` | | `image.digest` | MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | MariaDB image pull policy | `IfNotPresent` | | `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | @@ -308,7 +308,7 @@ The command removes all the Kubernetes components associated with the chart and | `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` | | `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | | `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r2` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r16` | | `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | | `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | @@ -322,7 +322,7 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.enabled` | Start a side-car prometheus exporter | `false` | | `metrics.image.registry` | Exporter image registry | `docker.io` | | `metrics.image.repository` | Exporter image repository | `bitnami/mysqld-exporter` | -| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r138` | +| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.15.0-debian-11-r0` | | `metrics.image.digest` | Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.pullPolicy` | Exporter image pull policy | `IfNotPresent` | | `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | diff --git a/charts/bitnami/mariadb/values.yaml b/charts/bitnami/mariadb/values.yaml index 7d6b7e09c..815dfae2b 100644 --- a/charts/bitnami/mariadb/values.yaml +++ b/charts/bitnami/mariadb/values.yaml @@ -90,7 +90,7 @@ serviceBindings: image: registry: docker.io repository: bitnami/mariadb - tag: 10.11.4-debian-11-r12 + tag: 10.11.4-debian-11-r46 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -1004,7 +1004,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/os-shell - tag: 11-debian-11-r2 + tag: 11-debian-11-r16 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace) @@ -1040,7 +1040,7 @@ metrics: image: registry: docker.io repository: bitnami/mysqld-exporter - tag: 0.14.0-debian-11-r138 + tag: 0.15.0-debian-11-r0 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace) diff --git a/charts/bitnami/mysql/Chart.yaml b/charts/bitnami/mysql/Chart.yaml index bc4201b22..b11e0020b 100644 --- a/charts/bitnami/mysql/Chart.yaml +++ b/charts/bitnami/mysql/Chart.yaml @@ -29,4 +29,4 @@ maintainers: name: mysql sources: - https://github.com/bitnami/charts/tree/main/bitnami/mysql -version: 9.10.8 +version: 9.10.9 diff --git a/charts/bitnami/mysql/README.md b/charts/bitnami/mysql/README.md index 4bd540bc0..32d8bbdfd 100644 --- a/charts/bitnami/mysql/README.md +++ b/charts/bitnami/mysql/README.md @@ -83,7 +83,7 @@ The command removes all the Kubernetes components associated with the chart and | -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------- | | `image.registry` | MySQL image registry | `docker.io` | | `image.repository` | MySQL image repository | `bitnami/mysql` | -| `image.tag` | MySQL image tag (immutable tags are recommended) | `8.0.34-debian-11-r4` | +| `image.tag` | MySQL image tag (immutable tags are recommended) | `8.0.34-debian-11-r8` | | `image.digest` | MySQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | MySQL image pull policy | `IfNotPresent` | | `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | @@ -307,7 +307,7 @@ The command removes all the Kubernetes components associated with the chart and | `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` | | `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | | `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r13` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r16` | | `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | | `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | @@ -320,7 +320,7 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.enabled` | Start a side-car prometheus exporter | `false` | | `metrics.image.registry` | Exporter image registry | `docker.io` | | `metrics.image.repository` | Exporter image repository | `bitnami/mysqld-exporter` | -| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r350` | +| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.15.0-debian-11-r0` | | `metrics.image.digest` | Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.pullPolicy` | Exporter image pull policy | `IfNotPresent` | | `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | @@ -418,7 +418,7 @@ sidecars: imagePullPolicy: Always ports: - name: portname - containerPort: 1234 + containerPort: 1234 ``` Similarly, you can add extra init containers using the `initContainers` parameter. diff --git a/charts/bitnami/mysql/values.yaml b/charts/bitnami/mysql/values.yaml index 144e3186f..1c26e8434 100644 --- a/charts/bitnami/mysql/values.yaml +++ b/charts/bitnami/mysql/values.yaml @@ -85,7 +85,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/mysql - tag: 8.0.34-debian-11-r4 + tag: 8.0.34-debian-11-r8 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -1009,7 +1009,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/os-shell - tag: 11-debian-11-r13 + tag: 11-debian-11-r16 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -1043,7 +1043,7 @@ metrics: image: registry: docker.io repository: bitnami/mysqld-exporter - tag: 0.14.0-debian-11-r350 + tag: 0.15.0-debian-11-r0 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. diff --git a/charts/bitnami/postgresql/Chart.yaml b/charts/bitnami/postgresql/Chart.yaml index 78876b32f..ef0178eed 100644 --- a/charts/bitnami/postgresql/Chart.yaml +++ b/charts/bitnami/postgresql/Chart.yaml @@ -30,5 +30,5 @@ maintainers: url: https://github.com/bitnami/charts name: postgresql sources: -- https://github.com/bitnami/charts/tree/main/bitnami/post -version: 12.6.9 +- https://github.com/bitnami/charts/tree/main/bitnami/postgresql +version: 12.7.0 diff --git a/charts/bitnami/postgresql/README.md b/charts/bitnami/postgresql/README.md index fabceeb22..7ca0503a9 100644 --- a/charts/bitnami/postgresql/README.md +++ b/charts/bitnami/postgresql/README.md @@ -158,198 +158,208 @@ kubectl delete pvc -l release=my-release ### PostgreSQL Primary parameters -| Name | Description | Value | -| -------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | --------------------- | -| `primary.name` | Name of the primary database (eg primary, master, leader, ...) | `primary` | -| `primary.configuration` | PostgreSQL Primary main configuration to be injected as ConfigMap | `""` | -| `primary.pgHbaConfiguration` | PostgreSQL Primary client authentication configuration | `""` | -| `primary.existingConfigmap` | Name of an existing ConfigMap with PostgreSQL Primary configuration | `""` | -| `primary.extendedConfiguration` | Extended PostgreSQL Primary configuration (appended to main or default configuration) | `""` | -| `primary.existingExtendedConfigmap` | Name of an existing ConfigMap with PostgreSQL Primary extended configuration | `""` | -| `primary.initdb.args` | PostgreSQL initdb extra arguments | `""` | -| `primary.initdb.postgresqlWalDir` | Specify a custom location for the PostgreSQL transaction log | `""` | -| `primary.initdb.scripts` | Dictionary of initdb scripts | `{}` | -| `primary.initdb.scriptsConfigMap` | ConfigMap with scripts to be run at first boot | `""` | -| `primary.initdb.scriptsSecret` | Secret with scripts to be run at first boot (in case it contains sensitive information) | `""` | -| `primary.initdb.user` | Specify the PostgreSQL username to execute the initdb scripts | `""` | -| `primary.initdb.password` | Specify the PostgreSQL password to execute the initdb scripts | `""` | -| `primary.standby.enabled` | Whether to enable current cluster's primary as standby server of another cluster or not | `false` | -| `primary.standby.primaryHost` | The Host of replication primary in the other cluster | `""` | -| `primary.standby.primaryPort` | The Port of replication primary in the other cluster | `""` | -| `primary.extraEnvVars` | Array with extra environment variables to add to PostgreSQL Primary nodes | `[]` | -| `primary.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for PostgreSQL Primary nodes | `""` | -| `primary.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for PostgreSQL Primary nodes | `""` | -| `primary.command` | Override default container command (useful when using custom images) | `[]` | -| `primary.args` | Override default container args (useful when using custom images) | `[]` | -| `primary.livenessProbe.enabled` | Enable livenessProbe on PostgreSQL Primary containers | `true` | -| `primary.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `30` | -| `primary.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `primary.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `primary.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `primary.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `primary.readinessProbe.enabled` | Enable readinessProbe on PostgreSQL Primary containers | `true` | -| `primary.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `primary.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `primary.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `primary.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `primary.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `primary.startupProbe.enabled` | Enable startupProbe on PostgreSQL Primary containers | `false` | -| `primary.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | -| `primary.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `primary.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `primary.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `primary.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `primary.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `primary.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `primary.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `primary.lifecycleHooks` | for the PostgreSQL Primary container to automate configuration before or after startup | `{}` | -| `primary.resources.limits` | The resources limits for the PostgreSQL Primary containers | `{}` | -| `primary.resources.requests.memory` | The requested memory for the PostgreSQL Primary containers | `256Mi` | -| `primary.resources.requests.cpu` | The requested cpu for the PostgreSQL Primary containers | `250m` | -| `primary.podSecurityContext.enabled` | Enable security context | `true` | -| `primary.podSecurityContext.fsGroup` | Group ID for the pod | `1001` | -| `primary.containerSecurityContext.enabled` | Enable container security context | `true` | -| `primary.containerSecurityContext.runAsUser` | User ID for the container | `1001` | -| `primary.hostAliases` | PostgreSQL primary pods host aliases | `[]` | -| `primary.hostNetwork` | Specify if host network should be enabled for PostgreSQL pod (postgresql primary) | `false` | -| `primary.hostIPC` | Specify if host IPC should be enabled for PostgreSQL pod (postgresql primary) | `false` | -| `primary.labels` | Map of labels to add to the statefulset (postgresql primary) | `{}` | -| `primary.annotations` | Annotations for PostgreSQL primary pods | `{}` | -| `primary.podLabels` | Map of labels to add to the pods (postgresql primary) | `{}` | -| `primary.podAnnotations` | Map of annotations to add to the pods (postgresql primary) | `{}` | -| `primary.podAffinityPreset` | PostgreSQL primary pod affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `primary.podAntiAffinityPreset` | PostgreSQL primary pod anti-affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `primary.nodeAffinityPreset.type` | PostgreSQL primary node affinity preset type. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `primary.nodeAffinityPreset.key` | PostgreSQL primary node label key to match Ignored if `primary.affinity` is set. | `""` | -| `primary.nodeAffinityPreset.values` | PostgreSQL primary node label values to match. Ignored if `primary.affinity` is set. | `[]` | -| `primary.affinity` | Affinity for PostgreSQL primary pods assignment | `{}` | -| `primary.nodeSelector` | Node labels for PostgreSQL primary pods assignment | `{}` | -| `primary.tolerations` | Tolerations for PostgreSQL primary pods assignment | `[]` | -| `primary.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `primary.priorityClassName` | Priority Class to use for each pod (postgresql primary) | `""` | -| `primary.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | -| `primary.terminationGracePeriodSeconds` | Seconds PostgreSQL primary pod needs to terminate gracefully | `""` | -| `primary.updateStrategy.type` | PostgreSQL Primary statefulset strategy type | `RollingUpdate` | -| `primary.updateStrategy.rollingUpdate` | PostgreSQL Primary statefulset rolling update configuration parameters | `{}` | -| `primary.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the PostgreSQL Primary container(s) | `[]` | -| `primary.extraVolumes` | Optionally specify extra list of additional volumes for the PostgreSQL Primary pod(s) | `[]` | -| `primary.sidecars` | Add additional sidecar containers to the PostgreSQL Primary pod(s) | `[]` | -| `primary.initContainers` | Add additional init containers to the PostgreSQL Primary pod(s) | `[]` | -| `primary.extraPodSpec` | Optionally specify extra PodSpec for the PostgreSQL Primary pod(s) | `{}` | -| `primary.service.type` | Kubernetes Service type | `ClusterIP` | -| `primary.service.ports.postgresql` | PostgreSQL service port | `5432` | -| `primary.service.nodePorts.postgresql` | Node port for PostgreSQL | `""` | -| `primary.service.clusterIP` | Static clusterIP or None for headless services | `""` | -| `primary.service.annotations` | Annotations for PostgreSQL primary service | `{}` | -| `primary.service.loadBalancerIP` | Load balancer IP if service type is `LoadBalancer` | `""` | -| `primary.service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | -| `primary.service.loadBalancerSourceRanges` | Addresses that are allowed when service is LoadBalancer | `[]` | -| `primary.service.extraPorts` | Extra ports to expose in the PostgreSQL primary service | `[]` | -| `primary.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `primary.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `primary.service.headless.annotations` | Additional custom annotations for headless PostgreSQL primary service | `{}` | -| `primary.persistence.enabled` | Enable PostgreSQL Primary data persistence using PVC | `true` | -| `primary.persistence.existingClaim` | Name of an existing PVC to use | `""` | -| `primary.persistence.mountPath` | The path the volume will be mounted at | `/bitnami/postgresql` | -| `primary.persistence.subPath` | The subdirectory of the volume to mount to | `""` | -| `primary.persistence.storageClass` | PVC Storage Class for PostgreSQL Primary data volume | `""` | -| `primary.persistence.accessModes` | PVC Access Mode for PostgreSQL volume | `["ReadWriteOnce"]` | -| `primary.persistence.size` | PVC Storage Request for PostgreSQL volume | `8Gi` | -| `primary.persistence.annotations` | Annotations for the PVC | `{}` | -| `primary.persistence.labels` | Labels for the PVC | `{}` | -| `primary.persistence.selector` | Selector to match an existing Persistent Volume (this value is evaluated as a template) | `{}` | -| `primary.persistence.dataSource` | Custom PVC data source | `{}` | +| Name | Description | Value | +| ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | --------------------- | +| `primary.name` | Name of the primary database (eg primary, master, leader, ...) | `primary` | +| `primary.configuration` | PostgreSQL Primary main configuration to be injected as ConfigMap | `""` | +| `primary.pgHbaConfiguration` | PostgreSQL Primary client authentication configuration | `""` | +| `primary.existingConfigmap` | Name of an existing ConfigMap with PostgreSQL Primary configuration | `""` | +| `primary.extendedConfiguration` | Extended PostgreSQL Primary configuration (appended to main or default configuration) | `""` | +| `primary.existingExtendedConfigmap` | Name of an existing ConfigMap with PostgreSQL Primary extended configuration | `""` | +| `primary.initdb.args` | PostgreSQL initdb extra arguments | `""` | +| `primary.initdb.postgresqlWalDir` | Specify a custom location for the PostgreSQL transaction log | `""` | +| `primary.initdb.scripts` | Dictionary of initdb scripts | `{}` | +| `primary.initdb.scriptsConfigMap` | ConfigMap with scripts to be run at first boot | `""` | +| `primary.initdb.scriptsSecret` | Secret with scripts to be run at first boot (in case it contains sensitive information) | `""` | +| `primary.initdb.user` | Specify the PostgreSQL username to execute the initdb scripts | `""` | +| `primary.initdb.password` | Specify the PostgreSQL password to execute the initdb scripts | `""` | +| `primary.standby.enabled` | Whether to enable current cluster's primary as standby server of another cluster or not | `false` | +| `primary.standby.primaryHost` | The Host of replication primary in the other cluster | `""` | +| `primary.standby.primaryPort` | The Port of replication primary in the other cluster | `""` | +| `primary.extraEnvVars` | Array with extra environment variables to add to PostgreSQL Primary nodes | `[]` | +| `primary.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for PostgreSQL Primary nodes | `""` | +| `primary.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for PostgreSQL Primary nodes | `""` | +| `primary.command` | Override default container command (useful when using custom images) | `[]` | +| `primary.args` | Override default container args (useful when using custom images) | `[]` | +| `primary.livenessProbe.enabled` | Enable livenessProbe on PostgreSQL Primary containers | `true` | +| `primary.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `30` | +| `primary.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `primary.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `primary.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `primary.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `primary.readinessProbe.enabled` | Enable readinessProbe on PostgreSQL Primary containers | `true` | +| `primary.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `primary.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `primary.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `primary.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `primary.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `primary.startupProbe.enabled` | Enable startupProbe on PostgreSQL Primary containers | `false` | +| `primary.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | +| `primary.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `primary.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `primary.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `primary.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `primary.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `primary.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `primary.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `primary.lifecycleHooks` | for the PostgreSQL Primary container to automate configuration before or after startup | `{}` | +| `primary.resources.limits` | The resources limits for the PostgreSQL Primary containers | `{}` | +| `primary.resources.requests.memory` | The requested memory for the PostgreSQL Primary containers | `256Mi` | +| `primary.resources.requests.cpu` | The requested cpu for the PostgreSQL Primary containers | `250m` | +| `primary.podSecurityContext.enabled` | Enable security context | `true` | +| `primary.podSecurityContext.fsGroup` | Group ID for the pod | `1001` | +| `primary.containerSecurityContext.enabled` | Enable container security context | `true` | +| `primary.containerSecurityContext.runAsUser` | User ID for the container | `1001` | +| `primary.containerSecurityContext.runAsGroup` | Group ID for the container | `0` | +| `primary.containerSecurityContext.runAsNonRoot` | Set runAsNonRoot for the container | `true` | +| `primary.containerSecurityContext.allowPrivilegeEscalation` | Set allowPrivilegeEscalation for the container | `false` | +| `primary.containerSecurityContext.seccompProfile.type` | Set seccompProfile.type for the container | `RuntimeDefault` | +| `primary.containerSecurityContext.capabilities.drop` | Set capabilities.drop for the container | `["ALL"]` | +| `primary.hostAliases` | PostgreSQL primary pods host aliases | `[]` | +| `primary.hostNetwork` | Specify if host network should be enabled for PostgreSQL pod (postgresql primary) | `false` | +| `primary.hostIPC` | Specify if host IPC should be enabled for PostgreSQL pod (postgresql primary) | `false` | +| `primary.labels` | Map of labels to add to the statefulset (postgresql primary) | `{}` | +| `primary.annotations` | Annotations for PostgreSQL primary pods | `{}` | +| `primary.podLabels` | Map of labels to add to the pods (postgresql primary) | `{}` | +| `primary.podAnnotations` | Map of annotations to add to the pods (postgresql primary) | `{}` | +| `primary.podAffinityPreset` | PostgreSQL primary pod affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `primary.podAntiAffinityPreset` | PostgreSQL primary pod anti-affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `primary.nodeAffinityPreset.type` | PostgreSQL primary node affinity preset type. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `primary.nodeAffinityPreset.key` | PostgreSQL primary node label key to match Ignored if `primary.affinity` is set. | `""` | +| `primary.nodeAffinityPreset.values` | PostgreSQL primary node label values to match. Ignored if `primary.affinity` is set. | `[]` | +| `primary.affinity` | Affinity for PostgreSQL primary pods assignment | `{}` | +| `primary.nodeSelector` | Node labels for PostgreSQL primary pods assignment | `{}` | +| `primary.tolerations` | Tolerations for PostgreSQL primary pods assignment | `[]` | +| `primary.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `primary.priorityClassName` | Priority Class to use for each pod (postgresql primary) | `""` | +| `primary.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | +| `primary.terminationGracePeriodSeconds` | Seconds PostgreSQL primary pod needs to terminate gracefully | `""` | +| `primary.updateStrategy.type` | PostgreSQL Primary statefulset strategy type | `RollingUpdate` | +| `primary.updateStrategy.rollingUpdate` | PostgreSQL Primary statefulset rolling update configuration parameters | `{}` | +| `primary.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the PostgreSQL Primary container(s) | `[]` | +| `primary.extraVolumes` | Optionally specify extra list of additional volumes for the PostgreSQL Primary pod(s) | `[]` | +| `primary.sidecars` | Add additional sidecar containers to the PostgreSQL Primary pod(s) | `[]` | +| `primary.initContainers` | Add additional init containers to the PostgreSQL Primary pod(s) | `[]` | +| `primary.extraPodSpec` | Optionally specify extra PodSpec for the PostgreSQL Primary pod(s) | `{}` | +| `primary.service.type` | Kubernetes Service type | `ClusterIP` | +| `primary.service.ports.postgresql` | PostgreSQL service port | `5432` | +| `primary.service.nodePorts.postgresql` | Node port for PostgreSQL | `""` | +| `primary.service.clusterIP` | Static clusterIP or None for headless services | `""` | +| `primary.service.annotations` | Annotations for PostgreSQL primary service | `{}` | +| `primary.service.loadBalancerIP` | Load balancer IP if service type is `LoadBalancer` | `""` | +| `primary.service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | +| `primary.service.loadBalancerSourceRanges` | Addresses that are allowed when service is LoadBalancer | `[]` | +| `primary.service.extraPorts` | Extra ports to expose in the PostgreSQL primary service | `[]` | +| `primary.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `primary.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `primary.service.headless.annotations` | Additional custom annotations for headless PostgreSQL primary service | `{}` | +| `primary.persistence.enabled` | Enable PostgreSQL Primary data persistence using PVC | `true` | +| `primary.persistence.existingClaim` | Name of an existing PVC to use | `""` | +| `primary.persistence.mountPath` | The path the volume will be mounted at | `/bitnami/postgresql` | +| `primary.persistence.subPath` | The subdirectory of the volume to mount to | `""` | +| `primary.persistence.storageClass` | PVC Storage Class for PostgreSQL Primary data volume | `""` | +| `primary.persistence.accessModes` | PVC Access Mode for PostgreSQL volume | `["ReadWriteOnce"]` | +| `primary.persistence.size` | PVC Storage Request for PostgreSQL volume | `8Gi` | +| `primary.persistence.annotations` | Annotations for the PVC | `{}` | +| `primary.persistence.labels` | Labels for the PVC | `{}` | +| `primary.persistence.selector` | Selector to match an existing Persistent Volume (this value is evaluated as a template) | `{}` | +| `primary.persistence.dataSource` | Custom PVC data source | `{}` | ### PostgreSQL read only replica parameters (only used when `architecture` is set to `replication`) -| Name | Description | Value | -| ------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | --------------------- | -| `readReplicas.name` | Name of the read replicas database (eg secondary, slave, ...) | `read` | -| `readReplicas.replicaCount` | Number of PostgreSQL read only replicas | `1` | -| `readReplicas.extendedConfiguration` | Extended PostgreSQL read only replicas configuration (appended to main or default configuration) | `""` | -| `readReplicas.extraEnvVars` | Array with extra environment variables to add to PostgreSQL read only nodes | `[]` | -| `readReplicas.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for PostgreSQL read only nodes | `""` | -| `readReplicas.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for PostgreSQL read only nodes | `""` | -| `readReplicas.command` | Override default container command (useful when using custom images) | `[]` | -| `readReplicas.args` | Override default container args (useful when using custom images) | `[]` | -| `readReplicas.livenessProbe.enabled` | Enable livenessProbe on PostgreSQL read only containers | `true` | -| `readReplicas.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `30` | -| `readReplicas.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `readReplicas.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `readReplicas.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `readReplicas.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `readReplicas.readinessProbe.enabled` | Enable readinessProbe on PostgreSQL read only containers | `true` | -| `readReplicas.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `readReplicas.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `readReplicas.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `readReplicas.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `readReplicas.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `readReplicas.startupProbe.enabled` | Enable startupProbe on PostgreSQL read only containers | `false` | -| `readReplicas.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | -| `readReplicas.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `readReplicas.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `readReplicas.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `readReplicas.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `readReplicas.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `readReplicas.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `readReplicas.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `readReplicas.lifecycleHooks` | for the PostgreSQL read only container to automate configuration before or after startup | `{}` | -| `readReplicas.resources.limits` | The resources limits for the PostgreSQL read only containers | `{}` | -| `readReplicas.resources.requests.memory` | The requested memory for the PostgreSQL read only containers | `256Mi` | -| `readReplicas.resources.requests.cpu` | The requested cpu for the PostgreSQL read only containers | `250m` | -| `readReplicas.podSecurityContext.enabled` | Enable security context | `true` | -| `readReplicas.podSecurityContext.fsGroup` | Group ID for the pod | `1001` | -| `readReplicas.containerSecurityContext.enabled` | Enable container security context | `true` | -| `readReplicas.containerSecurityContext.runAsUser` | User ID for the container | `1001` | -| `readReplicas.hostAliases` | PostgreSQL read only pods host aliases | `[]` | -| `readReplicas.hostNetwork` | Specify if host network should be enabled for PostgreSQL pod (PostgreSQL read only) | `false` | -| `readReplicas.hostIPC` | Specify if host IPC should be enabled for PostgreSQL pod (postgresql primary) | `false` | -| `readReplicas.labels` | Map of labels to add to the statefulset (PostgreSQL read only) | `{}` | -| `readReplicas.annotations` | Annotations for PostgreSQL read only pods | `{}` | -| `readReplicas.podLabels` | Map of labels to add to the pods (PostgreSQL read only) | `{}` | -| `readReplicas.podAnnotations` | Map of annotations to add to the pods (PostgreSQL read only) | `{}` | -| `readReplicas.podAffinityPreset` | PostgreSQL read only pod affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `readReplicas.podAntiAffinityPreset` | PostgreSQL read only pod anti-affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `readReplicas.nodeAffinityPreset.type` | PostgreSQL read only node affinity preset type. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `readReplicas.nodeAffinityPreset.key` | PostgreSQL read only node label key to match Ignored if `primary.affinity` is set. | `""` | -| `readReplicas.nodeAffinityPreset.values` | PostgreSQL read only node label values to match. Ignored if `primary.affinity` is set. | `[]` | -| `readReplicas.affinity` | Affinity for PostgreSQL read only pods assignment | `{}` | -| `readReplicas.nodeSelector` | Node labels for PostgreSQL read only pods assignment | `{}` | -| `readReplicas.tolerations` | Tolerations for PostgreSQL read only pods assignment | `[]` | -| `readReplicas.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `readReplicas.priorityClassName` | Priority Class to use for each pod (PostgreSQL read only) | `""` | -| `readReplicas.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | -| `readReplicas.terminationGracePeriodSeconds` | Seconds PostgreSQL read only pod needs to terminate gracefully | `""` | -| `readReplicas.updateStrategy.type` | PostgreSQL read only statefulset strategy type | `RollingUpdate` | -| `readReplicas.updateStrategy.rollingUpdate` | PostgreSQL read only statefulset rolling update configuration parameters | `{}` | -| `readReplicas.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the PostgreSQL read only container(s) | `[]` | -| `readReplicas.extraVolumes` | Optionally specify extra list of additional volumes for the PostgreSQL read only pod(s) | `[]` | -| `readReplicas.sidecars` | Add additional sidecar containers to the PostgreSQL read only pod(s) | `[]` | -| `readReplicas.initContainers` | Add additional init containers to the PostgreSQL read only pod(s) | `[]` | -| `readReplicas.extraPodSpec` | Optionally specify extra PodSpec for the PostgreSQL read only pod(s) | `{}` | -| `readReplicas.service.type` | Kubernetes Service type | `ClusterIP` | -| `readReplicas.service.ports.postgresql` | PostgreSQL service port | `5432` | -| `readReplicas.service.nodePorts.postgresql` | Node port for PostgreSQL | `""` | -| `readReplicas.service.clusterIP` | Static clusterIP or None for headless services | `""` | -| `readReplicas.service.annotations` | Annotations for PostgreSQL read only service | `{}` | -| `readReplicas.service.loadBalancerIP` | Load balancer IP if service type is `LoadBalancer` | `""` | -| `readReplicas.service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | -| `readReplicas.service.loadBalancerSourceRanges` | Addresses that are allowed when service is LoadBalancer | `[]` | -| `readReplicas.service.extraPorts` | Extra ports to expose in the PostgreSQL read only service | `[]` | -| `readReplicas.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `readReplicas.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `readReplicas.service.headless.annotations` | Additional custom annotations for headless PostgreSQL read only service | `{}` | -| `readReplicas.persistence.enabled` | Enable PostgreSQL read only data persistence using PVC | `true` | -| `readReplicas.persistence.existingClaim` | Name of an existing PVC to use | `""` | -| `readReplicas.persistence.mountPath` | The path the volume will be mounted at | `/bitnami/postgresql` | -| `readReplicas.persistence.subPath` | The subdirectory of the volume to mount to | `""` | -| `readReplicas.persistence.storageClass` | PVC Storage Class for PostgreSQL read only data volume | `""` | -| `readReplicas.persistence.accessModes` | PVC Access Mode for PostgreSQL volume | `["ReadWriteOnce"]` | -| `readReplicas.persistence.size` | PVC Storage Request for PostgreSQL volume | `8Gi` | -| `readReplicas.persistence.annotations` | Annotations for the PVC | `{}` | -| `readReplicas.persistence.labels` | Labels for the PVC | `{}` | -| `readReplicas.persistence.selector` | Selector to match an existing Persistent Volume (this value is evaluated as a template) | `{}` | -| `readReplicas.persistence.dataSource` | Custom PVC data source | `{}` | +| Name | Description | Value | +| ---------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | --------------------- | +| `readReplicas.name` | Name of the read replicas database (eg secondary, slave, ...) | `read` | +| `readReplicas.replicaCount` | Number of PostgreSQL read only replicas | `1` | +| `readReplicas.extendedConfiguration` | Extended PostgreSQL read only replicas configuration (appended to main or default configuration) | `""` | +| `readReplicas.extraEnvVars` | Array with extra environment variables to add to PostgreSQL read only nodes | `[]` | +| `readReplicas.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for PostgreSQL read only nodes | `""` | +| `readReplicas.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for PostgreSQL read only nodes | `""` | +| `readReplicas.command` | Override default container command (useful when using custom images) | `[]` | +| `readReplicas.args` | Override default container args (useful when using custom images) | `[]` | +| `readReplicas.livenessProbe.enabled` | Enable livenessProbe on PostgreSQL read only containers | `true` | +| `readReplicas.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `30` | +| `readReplicas.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `readReplicas.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `readReplicas.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `readReplicas.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `readReplicas.readinessProbe.enabled` | Enable readinessProbe on PostgreSQL read only containers | `true` | +| `readReplicas.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `readReplicas.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `readReplicas.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `readReplicas.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `readReplicas.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `readReplicas.startupProbe.enabled` | Enable startupProbe on PostgreSQL read only containers | `false` | +| `readReplicas.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | +| `readReplicas.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `readReplicas.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `readReplicas.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `readReplicas.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `readReplicas.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `readReplicas.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `readReplicas.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `readReplicas.lifecycleHooks` | for the PostgreSQL read only container to automate configuration before or after startup | `{}` | +| `readReplicas.resources.limits` | The resources limits for the PostgreSQL read only containers | `{}` | +| `readReplicas.resources.requests.memory` | The requested memory for the PostgreSQL read only containers | `256Mi` | +| `readReplicas.resources.requests.cpu` | The requested cpu for the PostgreSQL read only containers | `250m` | +| `readReplicas.podSecurityContext.enabled` | Enable security context | `true` | +| `readReplicas.podSecurityContext.fsGroup` | Group ID for the pod | `1001` | +| `readReplicas.containerSecurityContext.enabled` | Enable container security context | `true` | +| `readReplicas.containerSecurityContext.runAsUser` | User ID for the container | `1001` | +| `readReplicas.containerSecurityContext.runAsGroup` | Group ID for the container | `0` | +| `readReplicas.containerSecurityContext.runAsNonRoot` | Set runAsNonRoot for the container | `true` | +| `readReplicas.containerSecurityContext.allowPrivilegeEscalation` | Set allowPrivilegeEscalation for the container | `false` | +| `readReplicas.containerSecurityContext.seccompProfile.type` | Set seccompProfile.type for the container | `RuntimeDefault` | +| `readReplicas.containerSecurityContext.capabilities.drop` | Set capabilities.drop for the container | `["ALL"]` | +| `readReplicas.hostAliases` | PostgreSQL read only pods host aliases | `[]` | +| `readReplicas.hostNetwork` | Specify if host network should be enabled for PostgreSQL pod (PostgreSQL read only) | `false` | +| `readReplicas.hostIPC` | Specify if host IPC should be enabled for PostgreSQL pod (postgresql primary) | `false` | +| `readReplicas.labels` | Map of labels to add to the statefulset (PostgreSQL read only) | `{}` | +| `readReplicas.annotations` | Annotations for PostgreSQL read only pods | `{}` | +| `readReplicas.podLabels` | Map of labels to add to the pods (PostgreSQL read only) | `{}` | +| `readReplicas.podAnnotations` | Map of annotations to add to the pods (PostgreSQL read only) | `{}` | +| `readReplicas.podAffinityPreset` | PostgreSQL read only pod affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `readReplicas.podAntiAffinityPreset` | PostgreSQL read only pod anti-affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `readReplicas.nodeAffinityPreset.type` | PostgreSQL read only node affinity preset type. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `readReplicas.nodeAffinityPreset.key` | PostgreSQL read only node label key to match Ignored if `primary.affinity` is set. | `""` | +| `readReplicas.nodeAffinityPreset.values` | PostgreSQL read only node label values to match. Ignored if `primary.affinity` is set. | `[]` | +| `readReplicas.affinity` | Affinity for PostgreSQL read only pods assignment | `{}` | +| `readReplicas.nodeSelector` | Node labels for PostgreSQL read only pods assignment | `{}` | +| `readReplicas.tolerations` | Tolerations for PostgreSQL read only pods assignment | `[]` | +| `readReplicas.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `readReplicas.priorityClassName` | Priority Class to use for each pod (PostgreSQL read only) | `""` | +| `readReplicas.schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | +| `readReplicas.terminationGracePeriodSeconds` | Seconds PostgreSQL read only pod needs to terminate gracefully | `""` | +| `readReplicas.updateStrategy.type` | PostgreSQL read only statefulset strategy type | `RollingUpdate` | +| `readReplicas.updateStrategy.rollingUpdate` | PostgreSQL read only statefulset rolling update configuration parameters | `{}` | +| `readReplicas.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the PostgreSQL read only container(s) | `[]` | +| `readReplicas.extraVolumes` | Optionally specify extra list of additional volumes for the PostgreSQL read only pod(s) | `[]` | +| `readReplicas.sidecars` | Add additional sidecar containers to the PostgreSQL read only pod(s) | `[]` | +| `readReplicas.initContainers` | Add additional init containers to the PostgreSQL read only pod(s) | `[]` | +| `readReplicas.extraPodSpec` | Optionally specify extra PodSpec for the PostgreSQL read only pod(s) | `{}` | +| `readReplicas.service.type` | Kubernetes Service type | `ClusterIP` | +| `readReplicas.service.ports.postgresql` | PostgreSQL service port | `5432` | +| `readReplicas.service.nodePorts.postgresql` | Node port for PostgreSQL | `""` | +| `readReplicas.service.clusterIP` | Static clusterIP or None for headless services | `""` | +| `readReplicas.service.annotations` | Annotations for PostgreSQL read only service | `{}` | +| `readReplicas.service.loadBalancerIP` | Load balancer IP if service type is `LoadBalancer` | `""` | +| `readReplicas.service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | +| `readReplicas.service.loadBalancerSourceRanges` | Addresses that are allowed when service is LoadBalancer | `[]` | +| `readReplicas.service.extraPorts` | Extra ports to expose in the PostgreSQL read only service | `[]` | +| `readReplicas.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `readReplicas.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `readReplicas.service.headless.annotations` | Additional custom annotations for headless PostgreSQL read only service | `{}` | +| `readReplicas.persistence.enabled` | Enable PostgreSQL read only data persistence using PVC | `true` | +| `readReplicas.persistence.existingClaim` | Name of an existing PVC to use | `""` | +| `readReplicas.persistence.mountPath` | The path the volume will be mounted at | `/bitnami/postgresql` | +| `readReplicas.persistence.subPath` | The subdirectory of the volume to mount to | `""` | +| `readReplicas.persistence.storageClass` | PVC Storage Class for PostgreSQL read only data volume | `""` | +| `readReplicas.persistence.accessModes` | PVC Access Mode for PostgreSQL volume | `["ReadWriteOnce"]` | +| `readReplicas.persistence.size` | PVC Storage Request for PostgreSQL volume | `8Gi` | +| `readReplicas.persistence.annotations` | Annotations for the PVC | `{}` | +| `readReplicas.persistence.labels` | Labels for the PVC | `{}` | +| `readReplicas.persistence.selector` | Selector to match an existing Persistent Volume (this value is evaluated as a template) | `{}` | +| `readReplicas.persistence.dataSource` | Custom PVC data source | `{}` | ### NetworkPolicy parameters @@ -372,18 +382,21 @@ kubectl delete pvc -l release=my-release ### Volume Permissions parameters -| Name | Description | Value | -| ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------- | ------------------ | -| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | -| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | -| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r16` | -| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | -| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | -| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | -| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | -| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | +| Name | Description | Value | +| ---------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | ------------------ | +| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r16` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | +| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | +| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | +| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | +| `volumePermissions.containerSecurityContext.runAsGroup` | Group ID for the init container | `0` | +| `volumePermissions.containerSecurityContext.runAsNonRoot` | runAsNonRoot for the init container | `false` | +| `volumePermissions.containerSecurityContext.seccompProfile.type` | seccompProfile.type for the init container | `RuntimeDefault` | ### Other Parameters @@ -400,62 +413,66 @@ kubectl delete pvc -l release=my-release ### Metrics Parameters -| Name | Description | Value | -| ----------------------------------------------- | ---------------------------------------------------------------------------------------------------------- | --------------------------- | -| `metrics.enabled` | Start a prometheus exporter | `false` | -| `metrics.image.registry` | PostgreSQL Prometheus Exporter image registry | `docker.io` | -| `metrics.image.repository` | PostgreSQL Prometheus Exporter image repository | `bitnami/postgres-exporter` | -| `metrics.image.tag` | PostgreSQL Prometheus Exporter image tag (immutable tags are recommended) | `0.13.2-debian-11-r0` | -| `metrics.image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | PostgreSQL Prometheus Exporter image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Specify image pull secrets | `[]` | -| `metrics.customMetrics` | Define additional custom metrics | `{}` | -| `metrics.extraEnvVars` | Extra environment variables to add to PostgreSQL Prometheus exporter | `[]` | -| `metrics.containerSecurityContext.enabled` | Enable PostgreSQL Prometheus exporter containers' Security Context | `true` | -| `metrics.containerSecurityContext.runAsUser` | Set PostgreSQL Prometheus exporter containers' Security Context runAsUser | `1001` | -| `metrics.containerSecurityContext.runAsNonRoot` | Set PostgreSQL Prometheus exporter containers' Security Context runAsNonRoot | `true` | -| `metrics.livenessProbe.enabled` | Enable livenessProbe on PostgreSQL Prometheus exporter containers | `true` | -| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | -| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `metrics.readinessProbe.enabled` | Enable readinessProbe on PostgreSQL Prometheus exporter containers | `true` | -| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | -| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `metrics.startupProbe.enabled` | Enable startupProbe on PostgreSQL Prometheus exporter containers | `false` | -| `metrics.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `metrics.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `metrics.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | -| `metrics.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | -| `metrics.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `metrics.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `metrics.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `metrics.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `metrics.containerPorts.metrics` | PostgreSQL Prometheus exporter metrics container port | `9187` | -| `metrics.resources.limits` | The resources limits for the PostgreSQL Prometheus exporter container | `{}` | -| `metrics.resources.requests` | The requested resources for the PostgreSQL Prometheus exporter container | `{}` | -| `metrics.service.ports.metrics` | PostgreSQL Prometheus Exporter service port | `9187` | -| `metrics.service.clusterIP` | Static clusterIP or None for headless services | `""` | -| `metrics.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | -| `metrics.service.annotations` | Annotations for Prometheus to auto-discover the metrics endpoint | `{}` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using Prometheus Operator | `false` | -| `metrics.serviceMonitor.namespace` | Namespace for the ServiceMonitor Resource (defaults to the Release Namespace) | `""` | -| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | -| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.labels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | `{}` | -| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | -| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | -| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | -| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | -| `metrics.prometheusRule.enabled` | Create a PrometheusRule for Prometheus Operator | `false` | -| `metrics.prometheusRule.namespace` | Namespace for the PrometheusRule Resource (defaults to the Release Namespace) | `""` | -| `metrics.prometheusRule.labels` | Additional labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` | -| `metrics.prometheusRule.rules` | PrometheusRule definitions | `[]` | +| Name | Description | Value | +| ----------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------- | --------------------------- | +| `metrics.enabled` | Start a prometheus exporter | `false` | +| `metrics.image.registry` | PostgreSQL Prometheus Exporter image registry | `docker.io` | +| `metrics.image.repository` | PostgreSQL Prometheus Exporter image repository | `bitnami/postgres-exporter` | +| `metrics.image.tag` | PostgreSQL Prometheus Exporter image tag (immutable tags are recommended) | `0.13.2-debian-11-r0` | +| `metrics.image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | PostgreSQL Prometheus Exporter image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Specify image pull secrets | `[]` | +| `metrics.customMetrics` | Define additional custom metrics | `{}` | +| `metrics.extraEnvVars` | Extra environment variables to add to PostgreSQL Prometheus exporter | `[]` | +| `metrics.containerSecurityContext.enabled` | Enable PostgreSQL Prometheus exporter containers' Security Context | `true` | +| `metrics.containerSecurityContext.runAsUser` | Set PostgreSQL Prometheus exporter containers' Security Context runAsUser | `1001` | +| `metrics.containerSecurityContext.runAsGroup` | Set PostgreSQL Prometheus exporter containers' Security Context runAsGroup | `0` | +| `metrics.containerSecurityContext.runAsNonRoot` | Set PostgreSQL Prometheus exporter containers' Security Context runAsNonRoot | `true` | +| `metrics.containerSecurityContext.allowPrivilegeEscalation` | Set PostgreSQL Prometheus exporter containers' Security Context allowPrivilegeEscalation | `false` | +| `metrics.containerSecurityContext.seccompProfile.type` | Set PostgreSQL Prometheus exporter containers' Security Context seccompProfile.type | `RuntimeDefault` | +| `metrics.containerSecurityContext.capabilities.drop` | Set PostgreSQL Prometheus exporter containers' Security Context capabilities.drop | `["ALL"]` | +| `metrics.livenessProbe.enabled` | Enable livenessProbe on PostgreSQL Prometheus exporter containers | `true` | +| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` | +| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `metrics.readinessProbe.enabled` | Enable readinessProbe on PostgreSQL Prometheus exporter containers | `true` | +| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `metrics.startupProbe.enabled` | Enable startupProbe on PostgreSQL Prometheus exporter containers | `false` | +| `metrics.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `metrics.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `metrics.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `metrics.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `metrics.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `metrics.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `metrics.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `metrics.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `metrics.containerPorts.metrics` | PostgreSQL Prometheus exporter metrics container port | `9187` | +| `metrics.resources.limits` | The resources limits for the PostgreSQL Prometheus exporter container | `{}` | +| `metrics.resources.requests` | The requested resources for the PostgreSQL Prometheus exporter container | `{}` | +| `metrics.service.ports.metrics` | PostgreSQL Prometheus Exporter service port | `9187` | +| `metrics.service.clusterIP` | Static clusterIP or None for headless services | `""` | +| `metrics.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `metrics.service.annotations` | Annotations for Prometheus to auto-discover the metrics endpoint | `{}` | +| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using Prometheus Operator | `false` | +| `metrics.serviceMonitor.namespace` | Namespace for the ServiceMonitor Resource (defaults to the Release Namespace) | `""` | +| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `""` | +| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.labels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | `{}` | +| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | +| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | +| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| `metrics.prometheusRule.enabled` | Create a PrometheusRule for Prometheus Operator | `false` | +| `metrics.prometheusRule.namespace` | Namespace for the PrometheusRule Resource (defaults to the Release Namespace) | `""` | +| `metrics.prometheusRule.labels` | Additional labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` | +| `metrics.prometheusRule.rules` | PrometheusRule definitions | `[]` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, @@ -682,4 +699,4 @@ Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and -limitations under the License. \ No newline at end of file +limitations under the License. diff --git a/charts/bitnami/postgresql/values.yaml b/charts/bitnami/postgresql/values.yaml index 1f9a6b75e..6722b86af 100644 --- a/charts/bitnami/postgresql/values.yaml +++ b/charts/bitnami/postgresql/values.yaml @@ -460,10 +460,23 @@ primary: ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ ## @param primary.containerSecurityContext.enabled Enable container security context ## @param primary.containerSecurityContext.runAsUser User ID for the container + ## @param primary.containerSecurityContext.runAsGroup Group ID for the container + ## @param primary.containerSecurityContext.runAsNonRoot Set runAsNonRoot for the container + ## @param primary.containerSecurityContext.allowPrivilegeEscalation Set allowPrivilegeEscalation for the container + ## @param primary.containerSecurityContext.seccompProfile.type Set seccompProfile.type for the container + ## @param primary.containerSecurityContext.capabilities.drop Set capabilities.drop for the container ## containerSecurityContext: enabled: true runAsUser: 1001 + runAsGroup: 0 + runAsNonRoot: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL ## @param primary.hostAliases PostgreSQL primary pods host aliases ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ ## @@ -797,10 +810,23 @@ readReplicas: ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ ## @param readReplicas.containerSecurityContext.enabled Enable container security context ## @param readReplicas.containerSecurityContext.runAsUser User ID for the container + ## @param readReplicas.containerSecurityContext.runAsGroup Group ID for the container + ## @param readReplicas.containerSecurityContext.runAsNonRoot Set runAsNonRoot for the container + ## @param readReplicas.containerSecurityContext.allowPrivilegeEscalation Set allowPrivilegeEscalation for the container + ## @param readReplicas.containerSecurityContext.seccompProfile.type Set seccompProfile.type for the container + ## @param readReplicas.containerSecurityContext.capabilities.drop Set capabilities.drop for the container ## containerSecurityContext: enabled: true runAsUser: 1001 + runAsGroup: 0 + runAsNonRoot: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL ## @param readReplicas.hostAliases PostgreSQL read only pods host aliases ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ ## @@ -1162,10 +1188,16 @@ volumePermissions: ## Note: the chown of the data folder is done to containerSecurityContext.runAsUser ## and not the below volumePermissions.containerSecurityContext.runAsUser ## @param volumePermissions.containerSecurityContext.runAsUser User ID for the init container + ## @param volumePermissions.containerSecurityContext.runAsGroup Group ID for the init container + ## @param volumePermissions.containerSecurityContext.runAsNonRoot runAsNonRoot for the init container + ## @param volumePermissions.containerSecurityContext.seccompProfile.type seccompProfile.type for the init container ## containerSecurityContext: runAsUser: 0 - + runAsGroup: 0 + runAsNonRoot: false + seccompProfile: + type: RuntimeDefault ## @section Other Parameters ## @@ -1271,12 +1303,23 @@ metrics: ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container ## @param metrics.containerSecurityContext.enabled Enable PostgreSQL Prometheus exporter containers' Security Context ## @param metrics.containerSecurityContext.runAsUser Set PostgreSQL Prometheus exporter containers' Security Context runAsUser + ## @param metrics.containerSecurityContext.runAsGroup Set PostgreSQL Prometheus exporter containers' Security Context runAsGroup ## @param metrics.containerSecurityContext.runAsNonRoot Set PostgreSQL Prometheus exporter containers' Security Context runAsNonRoot + ## @param metrics.containerSecurityContext.allowPrivilegeEscalation Set PostgreSQL Prometheus exporter containers' Security Context allowPrivilegeEscalation + ## @param metrics.containerSecurityContext.seccompProfile.type Set PostgreSQL Prometheus exporter containers' Security Context seccompProfile.type + ## @param metrics.containerSecurityContext.capabilities.drop Set PostgreSQL Prometheus exporter containers' Security Context capabilities.drop ## containerSecurityContext: enabled: true runAsUser: 1001 + runAsGroup: 0 runAsNonRoot: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL ## Configure extra options for PostgreSQL Prometheus exporter containers' liveness, readiness and startup probes ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes ## @param metrics.livenessProbe.enabled Enable livenessProbe on PostgreSQL Prometheus exporter containers diff --git a/charts/bitnami/redis/Chart.yaml b/charts/bitnami/redis/Chart.yaml index 0990e2545..1e6ba91f3 100644 --- a/charts/bitnami/redis/Chart.yaml +++ b/charts/bitnami/redis/Chart.yaml @@ -28,4 +28,4 @@ maintainers: name: redis sources: - https://github.com/bitnami/charts/tree/main/bitnami/redis -version: 17.13.2 +version: 17.14.1 diff --git a/charts/bitnami/redis/README.md b/charts/bitnami/redis/README.md index 9847278af..847200434 100644 --- a/charts/bitnami/redis/README.md +++ b/charts/bitnami/redis/README.md @@ -123,296 +123,311 @@ The command removes all the Kubernetes components associated with the chart and ### Redis® master configuration parameters -| Name | Description | Value | -| ---------------------------------------------------- | ----------------------------------------------------------------------------------------------------- | ------------------------ | -| `master.count` | Number of Redis® master instances to deploy (experimental, requires additional configuration) | `1` | -| `master.configuration` | Configuration for Redis® master nodes | `""` | -| `master.disableCommands` | Array with Redis® commands to disable on master nodes | `["FLUSHDB","FLUSHALL"]` | -| `master.command` | Override default container command (useful when using custom images) | `[]` | -| `master.args` | Override default container args (useful when using custom images) | `[]` | -| `master.preExecCmds` | Additional commands to run prior to starting Redis® master | `[]` | -| `master.extraFlags` | Array with additional command line flags for Redis® master | `[]` | -| `master.extraEnvVars` | Array with extra environment variables to add to Redis® master nodes | `[]` | -| `master.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Redis® master nodes | `""` | -| `master.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Redis® master nodes | `""` | -| `master.containerPorts.redis` | Container port to open on Redis® master nodes | `6379` | -| `master.startupProbe.enabled` | Enable startupProbe on Redis® master nodes | `false` | -| `master.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `20` | -| `master.startupProbe.periodSeconds` | Period seconds for startupProbe | `5` | -| `master.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `master.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `master.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `master.livenessProbe.enabled` | Enable livenessProbe on Redis® master nodes | `true` | -| `master.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `20` | -| `master.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `5` | -| `master.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `master.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `master.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `master.readinessProbe.enabled` | Enable readinessProbe on Redis® master nodes | `true` | -| `master.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `20` | -| `master.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `master.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `master.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `master.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `master.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `master.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `master.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `master.resources.limits` | The resources limits for the Redis® master containers | `{}` | -| `master.resources.requests` | The requested resources for the Redis® master containers | `{}` | -| `master.podSecurityContext.enabled` | Enabled Redis® master pods' Security Context | `true` | -| `master.podSecurityContext.fsGroup` | Set Redis® master pod's Security Context fsGroup | `1001` | -| `master.containerSecurityContext.enabled` | Enabled Redis® master containers' Security Context | `true` | -| `master.containerSecurityContext.runAsUser` | Set Redis® master containers' Security Context runAsUser | `1001` | -| `master.kind` | Use either Deployment or StatefulSet (default) | `StatefulSet` | -| `master.schedulerName` | Alternate scheduler for Redis® master pods | `""` | -| `master.updateStrategy.type` | Redis® master statefulset strategy type | `RollingUpdate` | -| `master.minReadySeconds` | How many seconds a pod needs to be ready before killing the next, during update | `0` | -| `master.priorityClassName` | Redis® master pods' priorityClassName | `""` | -| `master.hostAliases` | Redis® master pods host aliases | `[]` | -| `master.podLabels` | Extra labels for Redis® master pods | `{}` | -| `master.podAnnotations` | Annotations for Redis® master pods | `{}` | -| `master.shareProcessNamespace` | Share a single process namespace between all of the containers in Redis® master pods | `false` | -| `master.podAffinityPreset` | Pod affinity preset. Ignored if `master.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `master.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `master.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `master.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `master.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `master.nodeAffinityPreset.key` | Node label key to match. Ignored if `master.affinity` is set | `""` | -| `master.nodeAffinityPreset.values` | Node label values to match. Ignored if `master.affinity` is set | `[]` | -| `master.affinity` | Affinity for Redis® master pods assignment | `{}` | -| `master.nodeSelector` | Node labels for Redis® master pods assignment | `{}` | -| `master.tolerations` | Tolerations for Redis® master pods assignment | `[]` | -| `master.topologySpreadConstraints` | Spread Constraints for Redis® master pod assignment | `[]` | -| `master.dnsPolicy` | DNS Policy for Redis® master pod | `""` | -| `master.dnsConfig` | DNS Configuration for Redis® master pod | `{}` | -| `master.lifecycleHooks` | for the Redis® master container(s) to automate configuration before or after startup | `{}` | -| `master.extraVolumes` | Optionally specify extra list of additional volumes for the Redis® master pod(s) | `[]` | -| `master.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Redis® master container(s) | `[]` | -| `master.sidecars` | Add additional sidecar containers to the Redis® master pod(s) | `[]` | -| `master.initContainers` | Add additional init containers to the Redis® master pod(s) | `[]` | -| `master.persistence.enabled` | Enable persistence on Redis® master nodes using Persistent Volume Claims | `true` | -| `master.persistence.medium` | Provide a medium for `emptyDir` volumes. | `""` | -| `master.persistence.sizeLimit` | Set this to enable a size limit for `emptyDir` volumes. | `""` | -| `master.persistence.path` | The path the volume will be mounted at on Redis® master containers | `/data` | -| `master.persistence.subPath` | The subdirectory of the volume to mount on Redis® master containers | `""` | -| `master.persistence.subPathExpr` | Used to construct the subPath subdirectory of the volume to mount on Redis® master containers | `""` | -| `master.persistence.storageClass` | Persistent Volume storage class | `""` | -| `master.persistence.accessModes` | Persistent Volume access modes | `["ReadWriteOnce"]` | -| `master.persistence.size` | Persistent Volume size | `8Gi` | -| `master.persistence.annotations` | Additional custom annotations for the PVC | `{}` | -| `master.persistence.labels` | Additional custom labels for the PVC | `{}` | -| `master.persistence.selector` | Additional labels to match for the PVC | `{}` | -| `master.persistence.dataSource` | Custom PVC data source | `{}` | -| `master.persistence.existingClaim` | Use a existing PVC which must be created manually before bound | `""` | -| `master.service.type` | Redis® master service type | `ClusterIP` | -| `master.service.ports.redis` | Redis® master service port | `6379` | -| `master.service.nodePorts.redis` | Node port for Redis® master | `""` | -| `master.service.externalTrafficPolicy` | Redis® master service external traffic policy | `Cluster` | -| `master.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `master.service.internalTrafficPolicy` | Redis® master service internal traffic policy (requires Kubernetes v1.22 or greater to be usable) | `Cluster` | -| `master.service.clusterIP` | Redis® master service Cluster IP | `""` | -| `master.service.loadBalancerIP` | Redis® master service Load Balancer IP | `""` | -| `master.service.loadBalancerSourceRanges` | Redis® master service Load Balancer sources | `[]` | -| `master.service.externalIPs` | Redis® master service External IPs | `[]` | -| `master.service.annotations` | Additional custom annotations for Redis® master service | `{}` | -| `master.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `master.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `master.terminationGracePeriodSeconds` | Integer setting the termination grace period for the redis-master pods | `30` | -| `master.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `false` | -| `master.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | -| `master.serviceAccount.automountServiceAccountToken` | Whether to auto mount the service account token | `true` | -| `master.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | +| Name | Description | Value | +| ---------------------------------------------------------- | ----------------------------------------------------------------------------------------------------- | ------------------------ | +| `master.count` | Number of Redis® master instances to deploy (experimental, requires additional configuration) | `1` | +| `master.configuration` | Configuration for Redis® master nodes | `""` | +| `master.disableCommands` | Array with Redis® commands to disable on master nodes | `["FLUSHDB","FLUSHALL"]` | +| `master.command` | Override default container command (useful when using custom images) | `[]` | +| `master.args` | Override default container args (useful when using custom images) | `[]` | +| `master.preExecCmds` | Additional commands to run prior to starting Redis® master | `[]` | +| `master.extraFlags` | Array with additional command line flags for Redis® master | `[]` | +| `master.extraEnvVars` | Array with extra environment variables to add to Redis® master nodes | `[]` | +| `master.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Redis® master nodes | `""` | +| `master.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Redis® master nodes | `""` | +| `master.containerPorts.redis` | Container port to open on Redis® master nodes | `6379` | +| `master.startupProbe.enabled` | Enable startupProbe on Redis® master nodes | `false` | +| `master.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `20` | +| `master.startupProbe.periodSeconds` | Period seconds for startupProbe | `5` | +| `master.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `master.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `master.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `master.livenessProbe.enabled` | Enable livenessProbe on Redis® master nodes | `true` | +| `master.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `20` | +| `master.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `5` | +| `master.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `master.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `master.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `master.readinessProbe.enabled` | Enable readinessProbe on Redis® master nodes | `true` | +| `master.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `20` | +| `master.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | +| `master.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `master.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `master.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `master.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `master.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `master.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `master.resources.limits` | The resources limits for the Redis® master containers | `{}` | +| `master.resources.requests` | The requested resources for the Redis® master containers | `{}` | +| `master.podSecurityContext.enabled` | Enabled Redis® master pods' Security Context | `true` | +| `master.podSecurityContext.fsGroup` | Set Redis® master pod's Security Context fsGroup | `1001` | +| `master.containerSecurityContext.enabled` | Enabled Redis® master containers' Security Context | `true` | +| `master.containerSecurityContext.runAsUser` | Set Redis® master containers' Security Context runAsUser | `1001` | +| `master.containerSecurityContext.runAsGroup` | Set Redis® master containers' Security Context runAsGroup | `0` | +| `master.containerSecurityContext.runAsNonRoot` | Set Redis® master containers' Security Context runAsNonRoot | `true` | +| `master.containerSecurityContext.allowPrivilegeEscalation` | Is it possible to escalate Redis® pod(s) privileges | `false` | +| `master.containerSecurityContext.seccompProfile.type` | Set Redis® master containers' Security Context seccompProfile | `RuntimeDefault` | +| `master.containerSecurityContext.capabilities.drop` | Set Redis® master containers' Security Context capabilities to drop | `["ALL"]` | +| `master.kind` | Use either Deployment or StatefulSet (default) | `StatefulSet` | +| `master.schedulerName` | Alternate scheduler for Redis® master pods | `""` | +| `master.updateStrategy.type` | Redis® master statefulset strategy type | `RollingUpdate` | +| `master.minReadySeconds` | How many seconds a pod needs to be ready before killing the next, during update | `0` | +| `master.priorityClassName` | Redis® master pods' priorityClassName | `""` | +| `master.hostAliases` | Redis® master pods host aliases | `[]` | +| `master.podLabels` | Extra labels for Redis® master pods | `{}` | +| `master.podAnnotations` | Annotations for Redis® master pods | `{}` | +| `master.shareProcessNamespace` | Share a single process namespace between all of the containers in Redis® master pods | `false` | +| `master.podAffinityPreset` | Pod affinity preset. Ignored if `master.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `master.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `master.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `master.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `master.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `master.nodeAffinityPreset.key` | Node label key to match. Ignored if `master.affinity` is set | `""` | +| `master.nodeAffinityPreset.values` | Node label values to match. Ignored if `master.affinity` is set | `[]` | +| `master.affinity` | Affinity for Redis® master pods assignment | `{}` | +| `master.nodeSelector` | Node labels for Redis® master pods assignment | `{}` | +| `master.tolerations` | Tolerations for Redis® master pods assignment | `[]` | +| `master.topologySpreadConstraints` | Spread Constraints for Redis® master pod assignment | `[]` | +| `master.dnsPolicy` | DNS Policy for Redis® master pod | `""` | +| `master.dnsConfig` | DNS Configuration for Redis® master pod | `{}` | +| `master.lifecycleHooks` | for the Redis® master container(s) to automate configuration before or after startup | `{}` | +| `master.extraVolumes` | Optionally specify extra list of additional volumes for the Redis® master pod(s) | `[]` | +| `master.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Redis® master container(s) | `[]` | +| `master.sidecars` | Add additional sidecar containers to the Redis® master pod(s) | `[]` | +| `master.initContainers` | Add additional init containers to the Redis® master pod(s) | `[]` | +| `master.persistence.enabled` | Enable persistence on Redis® master nodes using Persistent Volume Claims | `true` | +| `master.persistence.medium` | Provide a medium for `emptyDir` volumes. | `""` | +| `master.persistence.sizeLimit` | Set this to enable a size limit for `emptyDir` volumes. | `""` | +| `master.persistence.path` | The path the volume will be mounted at on Redis® master containers | `/data` | +| `master.persistence.subPath` | The subdirectory of the volume to mount on Redis® master containers | `""` | +| `master.persistence.subPathExpr` | Used to construct the subPath subdirectory of the volume to mount on Redis® master containers | `""` | +| `master.persistence.storageClass` | Persistent Volume storage class | `""` | +| `master.persistence.accessModes` | Persistent Volume access modes | `["ReadWriteOnce"]` | +| `master.persistence.size` | Persistent Volume size | `8Gi` | +| `master.persistence.annotations` | Additional custom annotations for the PVC | `{}` | +| `master.persistence.labels` | Additional custom labels for the PVC | `{}` | +| `master.persistence.selector` | Additional labels to match for the PVC | `{}` | +| `master.persistence.dataSource` | Custom PVC data source | `{}` | +| `master.persistence.existingClaim` | Use a existing PVC which must be created manually before bound | `""` | +| `master.service.type` | Redis® master service type | `ClusterIP` | +| `master.service.ports.redis` | Redis® master service port | `6379` | +| `master.service.nodePorts.redis` | Node port for Redis® master | `""` | +| `master.service.externalTrafficPolicy` | Redis® master service external traffic policy | `Cluster` | +| `master.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `master.service.internalTrafficPolicy` | Redis® master service internal traffic policy (requires Kubernetes v1.22 or greater to be usable) | `Cluster` | +| `master.service.clusterIP` | Redis® master service Cluster IP | `""` | +| `master.service.loadBalancerIP` | Redis® master service Load Balancer IP | `""` | +| `master.service.loadBalancerSourceRanges` | Redis® master service Load Balancer sources | `[]` | +| `master.service.externalIPs` | Redis® master service External IPs | `[]` | +| `master.service.annotations` | Additional custom annotations for Redis® master service | `{}` | +| `master.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `master.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `master.terminationGracePeriodSeconds` | Integer setting the termination grace period for the redis-master pods | `30` | +| `master.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `false` | +| `master.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | +| `master.serviceAccount.automountServiceAccountToken` | Whether to auto mount the service account token | `true` | +| `master.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | ### Redis® replicas configuration parameters -| Name | Description | Value | -| ----------------------------------------------------- | ------------------------------------------------------------------------------------------------------- | ------------------------ | -| `replica.replicaCount` | Number of Redis® replicas to deploy | `3` | -| `replica.configuration` | Configuration for Redis® replicas nodes | `""` | -| `replica.disableCommands` | Array with Redis® commands to disable on replicas nodes | `["FLUSHDB","FLUSHALL"]` | -| `replica.command` | Override default container command (useful when using custom images) | `[]` | -| `replica.args` | Override default container args (useful when using custom images) | `[]` | -| `replica.preExecCmds` | Additional commands to run prior to starting Redis® replicas | `[]` | -| `replica.extraFlags` | Array with additional command line flags for Redis® replicas | `[]` | -| `replica.extraEnvVars` | Array with extra environment variables to add to Redis® replicas nodes | `[]` | -| `replica.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Redis® replicas nodes | `""` | -| `replica.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Redis® replicas nodes | `""` | -| `replica.externalMaster.enabled` | Use external master for bootstrapping | `false` | -| `replica.externalMaster.host` | External master host to bootstrap from | `""` | -| `replica.externalMaster.port` | Port for Redis service external master host | `6379` | -| `replica.containerPorts.redis` | Container port to open on Redis® replicas nodes | `6379` | -| `replica.startupProbe.enabled` | Enable startupProbe on Redis® replicas nodes | `true` | -| `replica.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `replica.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `replica.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `replica.startupProbe.failureThreshold` | Failure threshold for startupProbe | `22` | -| `replica.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `replica.livenessProbe.enabled` | Enable livenessProbe on Redis® replicas nodes | `true` | -| `replica.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `20` | -| `replica.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `5` | -| `replica.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `replica.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `replica.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `replica.readinessProbe.enabled` | Enable readinessProbe on Redis® replicas nodes | `true` | -| `replica.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `20` | -| `replica.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `replica.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `replica.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | -| `replica.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `replica.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `replica.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `replica.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `replica.resources.limits` | The resources limits for the Redis® replicas containers | `{}` | -| `replica.resources.requests` | The requested resources for the Redis® replicas containers | `{}` | -| `replica.podSecurityContext.enabled` | Enabled Redis® replicas pods' Security Context | `true` | -| `replica.podSecurityContext.fsGroup` | Set Redis® replicas pod's Security Context fsGroup | `1001` | -| `replica.containerSecurityContext.enabled` | Enabled Redis® replicas containers' Security Context | `true` | -| `replica.containerSecurityContext.runAsUser` | Set Redis® replicas containers' Security Context runAsUser | `1001` | -| `replica.schedulerName` | Alternate scheduler for Redis® replicas pods | `""` | -| `replica.updateStrategy.type` | Redis® replicas statefulset strategy type | `RollingUpdate` | -| `replica.minReadySeconds` | How many seconds a pod needs to be ready before killing the next, during update | `0` | -| `replica.priorityClassName` | Redis® replicas pods' priorityClassName | `""` | -| `replica.podManagementPolicy` | podManagementPolicy to manage scaling operation of %%MAIN_CONTAINER_NAME%% pods | `""` | -| `replica.hostAliases` | Redis® replicas pods host aliases | `[]` | -| `replica.podLabels` | Extra labels for Redis® replicas pods | `{}` | -| `replica.podAnnotations` | Annotations for Redis® replicas pods | `{}` | -| `replica.shareProcessNamespace` | Share a single process namespace between all of the containers in Redis® replicas pods | `false` | -| `replica.podAffinityPreset` | Pod affinity preset. Ignored if `replica.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `replica.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `replica.affinity` is set. Allowed values: `soft` or `hard` | `soft` | -| `replica.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `replica.affinity` is set. Allowed values: `soft` or `hard` | `""` | -| `replica.nodeAffinityPreset.key` | Node label key to match. Ignored if `replica.affinity` is set | `""` | -| `replica.nodeAffinityPreset.values` | Node label values to match. Ignored if `replica.affinity` is set | `[]` | -| `replica.affinity` | Affinity for Redis® replicas pods assignment | `{}` | -| `replica.nodeSelector` | Node labels for Redis® replicas pods assignment | `{}` | -| `replica.tolerations` | Tolerations for Redis® replicas pods assignment | `[]` | -| `replica.topologySpreadConstraints` | Spread Constraints for Redis® replicas pod assignment | `[]` | -| `replica.dnsPolicy` | DNS Policy for Redis® replica pods | `""` | -| `replica.dnsConfig` | DNS Configuration for Redis® replica pods | `{}` | -| `replica.lifecycleHooks` | for the Redis® replica container(s) to automate configuration before or after startup | `{}` | -| `replica.extraVolumes` | Optionally specify extra list of additional volumes for the Redis® replicas pod(s) | `[]` | -| `replica.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Redis® replicas container(s) | `[]` | -| `replica.sidecars` | Add additional sidecar containers to the Redis® replicas pod(s) | `[]` | -| `replica.initContainers` | Add additional init containers to the Redis® replicas pod(s) | `[]` | -| `replica.persistence.enabled` | Enable persistence on Redis® replicas nodes using Persistent Volume Claims | `true` | -| `replica.persistence.medium` | Provide a medium for `emptyDir` volumes. | `""` | -| `replica.persistence.sizeLimit` | Set this to enable a size limit for `emptyDir` volumes. | `""` | -| `replica.persistence.path` | The path the volume will be mounted at on Redis® replicas containers | `/data` | -| `replica.persistence.subPath` | The subdirectory of the volume to mount on Redis® replicas containers | `""` | -| `replica.persistence.subPathExpr` | Used to construct the subPath subdirectory of the volume to mount on Redis® replicas containers | `""` | -| `replica.persistence.storageClass` | Persistent Volume storage class | `""` | -| `replica.persistence.accessModes` | Persistent Volume access modes | `["ReadWriteOnce"]` | -| `replica.persistence.size` | Persistent Volume size | `8Gi` | -| `replica.persistence.annotations` | Additional custom annotations for the PVC | `{}` | -| `replica.persistence.labels` | Additional custom labels for the PVC | `{}` | -| `replica.persistence.selector` | Additional labels to match for the PVC | `{}` | -| `replica.persistence.dataSource` | Custom PVC data source | `{}` | -| `replica.persistence.existingClaim` | Use a existing PVC which must be created manually before bound | `""` | -| `replica.service.type` | Redis® replicas service type | `ClusterIP` | -| `replica.service.ports.redis` | Redis® replicas service port | `6379` | -| `replica.service.nodePorts.redis` | Node port for Redis® replicas | `""` | -| `replica.service.externalTrafficPolicy` | Redis® replicas service external traffic policy | `Cluster` | -| `replica.service.internalTrafficPolicy` | Redis® replicas service internal traffic policy (requires Kubernetes v1.22 or greater to be usable) | `Cluster` | -| `replica.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `replica.service.clusterIP` | Redis® replicas service Cluster IP | `""` | -| `replica.service.loadBalancerIP` | Redis® replicas service Load Balancer IP | `""` | -| `replica.service.loadBalancerSourceRanges` | Redis® replicas service Load Balancer sources | `[]` | -| `replica.service.annotations` | Additional custom annotations for Redis® replicas service | `{}` | -| `replica.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `replica.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `replica.terminationGracePeriodSeconds` | Integer setting the termination grace period for the redis-replicas pods | `30` | -| `replica.autoscaling.enabled` | Enable replica autoscaling settings | `false` | -| `replica.autoscaling.minReplicas` | Minimum replicas for the pod autoscaling | `1` | -| `replica.autoscaling.maxReplicas` | Maximum replicas for the pod autoscaling | `11` | -| `replica.autoscaling.targetCPU` | Percentage of CPU to consider when autoscaling | `""` | -| `replica.autoscaling.targetMemory` | Percentage of Memory to consider when autoscaling | `""` | -| `replica.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `false` | -| `replica.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | -| `replica.serviceAccount.automountServiceAccountToken` | Whether to auto mount the service account token | `true` | -| `replica.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | +| Name | Description | Value | +| ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------- | ------------------------ | +| `replica.replicaCount` | Number of Redis® replicas to deploy | `3` | +| `replica.configuration` | Configuration for Redis® replicas nodes | `""` | +| `replica.disableCommands` | Array with Redis® commands to disable on replicas nodes | `["FLUSHDB","FLUSHALL"]` | +| `replica.command` | Override default container command (useful when using custom images) | `[]` | +| `replica.args` | Override default container args (useful when using custom images) | `[]` | +| `replica.preExecCmds` | Additional commands to run prior to starting Redis® replicas | `[]` | +| `replica.extraFlags` | Array with additional command line flags for Redis® replicas | `[]` | +| `replica.extraEnvVars` | Array with extra environment variables to add to Redis® replicas nodes | `[]` | +| `replica.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Redis® replicas nodes | `""` | +| `replica.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Redis® replicas nodes | `""` | +| `replica.externalMaster.enabled` | Use external master for bootstrapping | `false` | +| `replica.externalMaster.host` | External master host to bootstrap from | `""` | +| `replica.externalMaster.port` | Port for Redis service external master host | `6379` | +| `replica.containerPorts.redis` | Container port to open on Redis® replicas nodes | `6379` | +| `replica.startupProbe.enabled` | Enable startupProbe on Redis® replicas nodes | `true` | +| `replica.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `replica.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `replica.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `replica.startupProbe.failureThreshold` | Failure threshold for startupProbe | `22` | +| `replica.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `replica.livenessProbe.enabled` | Enable livenessProbe on Redis® replicas nodes | `true` | +| `replica.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `20` | +| `replica.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `5` | +| `replica.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `replica.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `replica.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `replica.readinessProbe.enabled` | Enable readinessProbe on Redis® replicas nodes | `true` | +| `replica.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `20` | +| `replica.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | +| `replica.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `replica.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` | +| `replica.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `replica.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `replica.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `replica.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `replica.resources.limits` | The resources limits for the Redis® replicas containers | `{}` | +| `replica.resources.requests` | The requested resources for the Redis® replicas containers | `{}` | +| `replica.podSecurityContext.enabled` | Enabled Redis® replicas pods' Security Context | `true` | +| `replica.podSecurityContext.fsGroup` | Set Redis® replicas pod's Security Context fsGroup | `1001` | +| `replica.containerSecurityContext.enabled` | Enabled Redis® replicas containers' Security Context | `true` | +| `replica.containerSecurityContext.runAsUser` | Set Redis® replicas containers' Security Context runAsUser | `1001` | +| `replica.containerSecurityContext.runAsGroup` | Set Redis® replicas containers' Security Context runAsGroup | `0` | +| `replica.containerSecurityContext.runAsNonRoot` | Set Redis® replicas containers' Security Context runAsNonRoot | `true` | +| `replica.containerSecurityContext.allowPrivilegeEscalation` | Set Redis® replicas pod's Security Context allowPrivilegeEscalation | `false` | +| `replica.containerSecurityContext.seccompProfile.type` | Set Redis® replicas containers' Security Context seccompProfile | `RuntimeDefault` | +| `replica.containerSecurityContext.capabilities.drop` | Set Redis® replicas containers' Security Context capabilities to drop | `["ALL"]` | +| `replica.schedulerName` | Alternate scheduler for Redis® replicas pods | `""` | +| `replica.updateStrategy.type` | Redis® replicas statefulset strategy type | `RollingUpdate` | +| `replica.minReadySeconds` | How many seconds a pod needs to be ready before killing the next, during update | `0` | +| `replica.priorityClassName` | Redis® replicas pods' priorityClassName | `""` | +| `replica.podManagementPolicy` | podManagementPolicy to manage scaling operation of %%MAIN_CONTAINER_NAME%% pods | `""` | +| `replica.hostAliases` | Redis® replicas pods host aliases | `[]` | +| `replica.podLabels` | Extra labels for Redis® replicas pods | `{}` | +| `replica.podAnnotations` | Annotations for Redis® replicas pods | `{}` | +| `replica.shareProcessNamespace` | Share a single process namespace between all of the containers in Redis® replicas pods | `false` | +| `replica.podAffinityPreset` | Pod affinity preset. Ignored if `replica.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `replica.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `replica.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `replica.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `replica.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `replica.nodeAffinityPreset.key` | Node label key to match. Ignored if `replica.affinity` is set | `""` | +| `replica.nodeAffinityPreset.values` | Node label values to match. Ignored if `replica.affinity` is set | `[]` | +| `replica.affinity` | Affinity for Redis® replicas pods assignment | `{}` | +| `replica.nodeSelector` | Node labels for Redis® replicas pods assignment | `{}` | +| `replica.tolerations` | Tolerations for Redis® replicas pods assignment | `[]` | +| `replica.topologySpreadConstraints` | Spread Constraints for Redis® replicas pod assignment | `[]` | +| `replica.dnsPolicy` | DNS Policy for Redis® replica pods | `""` | +| `replica.dnsConfig` | DNS Configuration for Redis® replica pods | `{}` | +| `replica.lifecycleHooks` | for the Redis® replica container(s) to automate configuration before or after startup | `{}` | +| `replica.extraVolumes` | Optionally specify extra list of additional volumes for the Redis® replicas pod(s) | `[]` | +| `replica.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Redis® replicas container(s) | `[]` | +| `replica.sidecars` | Add additional sidecar containers to the Redis® replicas pod(s) | `[]` | +| `replica.initContainers` | Add additional init containers to the Redis® replicas pod(s) | `[]` | +| `replica.persistence.enabled` | Enable persistence on Redis® replicas nodes using Persistent Volume Claims | `true` | +| `replica.persistence.medium` | Provide a medium for `emptyDir` volumes. | `""` | +| `replica.persistence.sizeLimit` | Set this to enable a size limit for `emptyDir` volumes. | `""` | +| `replica.persistence.path` | The path the volume will be mounted at on Redis® replicas containers | `/data` | +| `replica.persistence.subPath` | The subdirectory of the volume to mount on Redis® replicas containers | `""` | +| `replica.persistence.subPathExpr` | Used to construct the subPath subdirectory of the volume to mount on Redis® replicas containers | `""` | +| `replica.persistence.storageClass` | Persistent Volume storage class | `""` | +| `replica.persistence.accessModes` | Persistent Volume access modes | `["ReadWriteOnce"]` | +| `replica.persistence.size` | Persistent Volume size | `8Gi` | +| `replica.persistence.annotations` | Additional custom annotations for the PVC | `{}` | +| `replica.persistence.labels` | Additional custom labels for the PVC | `{}` | +| `replica.persistence.selector` | Additional labels to match for the PVC | `{}` | +| `replica.persistence.dataSource` | Custom PVC data source | `{}` | +| `replica.persistence.existingClaim` | Use a existing PVC which must be created manually before bound | `""` | +| `replica.service.type` | Redis® replicas service type | `ClusterIP` | +| `replica.service.ports.redis` | Redis® replicas service port | `6379` | +| `replica.service.nodePorts.redis` | Node port for Redis® replicas | `""` | +| `replica.service.externalTrafficPolicy` | Redis® replicas service external traffic policy | `Cluster` | +| `replica.service.internalTrafficPolicy` | Redis® replicas service internal traffic policy (requires Kubernetes v1.22 or greater to be usable) | `Cluster` | +| `replica.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `replica.service.clusterIP` | Redis® replicas service Cluster IP | `""` | +| `replica.service.loadBalancerIP` | Redis® replicas service Load Balancer IP | `""` | +| `replica.service.loadBalancerSourceRanges` | Redis® replicas service Load Balancer sources | `[]` | +| `replica.service.annotations` | Additional custom annotations for Redis® replicas service | `{}` | +| `replica.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `replica.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `replica.terminationGracePeriodSeconds` | Integer setting the termination grace period for the redis-replicas pods | `30` | +| `replica.autoscaling.enabled` | Enable replica autoscaling settings | `false` | +| `replica.autoscaling.minReplicas` | Minimum replicas for the pod autoscaling | `1` | +| `replica.autoscaling.maxReplicas` | Maximum replicas for the pod autoscaling | `11` | +| `replica.autoscaling.targetCPU` | Percentage of CPU to consider when autoscaling | `""` | +| `replica.autoscaling.targetMemory` | Percentage of Memory to consider when autoscaling | `""` | +| `replica.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `false` | +| `replica.serviceAccount.name` | The name of the ServiceAccount to use. | `""` | +| `replica.serviceAccount.automountServiceAccountToken` | Whether to auto mount the service account token | `true` | +| `replica.serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | ### Redis® Sentinel configuration parameters -| Name | Description | Value | -| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | -| `sentinel.enabled` | Use Redis® Sentinel on Redis® pods. | `false` | -| `sentinel.image.registry` | Redis® Sentinel image registry | `docker.io` | -| `sentinel.image.repository` | Redis® Sentinel image repository | `bitnami/redis-sentinel` | -| `sentinel.image.tag` | Redis® Sentinel image tag (immutable tags are recommended) | `7.0.12-debian-11-r1` | -| `sentinel.image.digest` | Redis® Sentinel image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `sentinel.image.pullPolicy` | Redis® Sentinel image pull policy | `IfNotPresent` | -| `sentinel.image.pullSecrets` | Redis® Sentinel image pull secrets | `[]` | -| `sentinel.image.debug` | Enable image debug mode | `false` | -| `sentinel.annotations` | Additional custom annotations for Redis® Sentinel resource | `{}` | -| `sentinel.masterSet` | Master set name | `mymaster` | -| `sentinel.quorum` | Sentinel Quorum | `2` | -| `sentinel.getMasterTimeout` | Amount of time to allow before get_sentinel_master_info() times out. | `220` | -| `sentinel.automateClusterRecovery` | Automate cluster recovery in cases where the last replica is not considered a good replica and Sentinel won't automatically failover to it. | `false` | -| `sentinel.redisShutdownWaitFailover` | Whether the Redis® master container waits for the failover at shutdown (in addition to the Redis® Sentinel container). | `true` | -| `sentinel.downAfterMilliseconds` | Timeout for detecting a Redis® node is down | `60000` | -| `sentinel.failoverTimeout` | Timeout for performing a election failover | `180000` | -| `sentinel.parallelSyncs` | Number of replicas that can be reconfigured in parallel to use the new master after a failover | `1` | -| `sentinel.configuration` | Configuration for Redis® Sentinel nodes | `""` | -| `sentinel.command` | Override default container command (useful when using custom images) | `[]` | -| `sentinel.args` | Override default container args (useful when using custom images) | `[]` | -| `sentinel.preExecCmds` | Additional commands to run prior to starting Redis® Sentinel | `[]` | -| `sentinel.extraEnvVars` | Array with extra environment variables to add to Redis® Sentinel nodes | `[]` | -| `sentinel.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Redis® Sentinel nodes | `""` | -| `sentinel.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Redis® Sentinel nodes | `""` | -| `sentinel.externalMaster.enabled` | Use external master for bootstrapping | `false` | -| `sentinel.externalMaster.host` | External master host to bootstrap from | `""` | -| `sentinel.externalMaster.port` | Port for Redis service external master host | `6379` | -| `sentinel.containerPorts.sentinel` | Container port to open on Redis® Sentinel nodes | `26379` | -| `sentinel.startupProbe.enabled` | Enable startupProbe on Redis® Sentinel nodes | `true` | -| `sentinel.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `sentinel.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `sentinel.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `sentinel.startupProbe.failureThreshold` | Failure threshold for startupProbe | `22` | -| `sentinel.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `sentinel.livenessProbe.enabled` | Enable livenessProbe on Redis® Sentinel nodes | `true` | -| `sentinel.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `20` | -| `sentinel.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `sentinel.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `sentinel.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | -| `sentinel.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `sentinel.readinessProbe.enabled` | Enable readinessProbe on Redis® Sentinel nodes | `true` | -| `sentinel.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `20` | -| `sentinel.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | -| `sentinel.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `sentinel.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | -| `sentinel.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `sentinel.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `sentinel.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `sentinel.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `sentinel.persistence.enabled` | Enable persistence on Redis® sentinel nodes using Persistent Volume Claims (Experimental) | `false` | -| `sentinel.persistence.storageClass` | Persistent Volume storage class | `""` | -| `sentinel.persistence.accessModes` | Persistent Volume access modes | `["ReadWriteOnce"]` | -| `sentinel.persistence.size` | Persistent Volume size | `100Mi` | -| `sentinel.persistence.annotations` | Additional custom annotations for the PVC | `{}` | -| `sentinel.persistence.labels` | Additional custom labels for the PVC | `{}` | -| `sentinel.persistence.selector` | Additional labels to match for the PVC | `{}` | -| `sentinel.persistence.dataSource` | Custom PVC data source | `{}` | -| `sentinel.persistence.medium` | Provide a medium for `emptyDir` volumes. | `""` | -| `sentinel.persistence.sizeLimit` | Set this to enable a size limit for `emptyDir` volumes. | `""` | -| `sentinel.resources.limits` | The resources limits for the Redis® Sentinel containers | `{}` | -| `sentinel.resources.requests` | The requested resources for the Redis® Sentinel containers | `{}` | -| `sentinel.containerSecurityContext.enabled` | Enabled Redis® Sentinel containers' Security Context | `true` | -| `sentinel.containerSecurityContext.runAsUser` | Set Redis® Sentinel containers' Security Context runAsUser | `1001` | -| `sentinel.lifecycleHooks` | for the Redis® sentinel container(s) to automate configuration before or after startup | `{}` | -| `sentinel.extraVolumes` | Optionally specify extra list of additional volumes for the Redis® Sentinel | `[]` | -| `sentinel.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Redis® Sentinel container(s) | `[]` | -| `sentinel.service.type` | Redis® Sentinel service type | `ClusterIP` | -| `sentinel.service.ports.redis` | Redis® service port for Redis® | `6379` | -| `sentinel.service.ports.sentinel` | Redis® service port for Redis® Sentinel | `26379` | -| `sentinel.service.nodePorts.redis` | Node port for Redis® | `""` | -| `sentinel.service.nodePorts.sentinel` | Node port for Sentinel | `""` | -| `sentinel.service.externalTrafficPolicy` | Redis® Sentinel service external traffic policy | `Cluster` | -| `sentinel.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `sentinel.service.clusterIP` | Redis® Sentinel service Cluster IP | `""` | -| `sentinel.service.loadBalancerIP` | Redis® Sentinel service Load Balancer IP | `""` | -| `sentinel.service.loadBalancerSourceRanges` | Redis® Sentinel service Load Balancer sources | `[]` | -| `sentinel.service.annotations` | Additional custom annotations for Redis® Sentinel service | `{}` | -| `sentinel.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | -| `sentinel.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | -| `sentinel.service.headless.annotations` | Annotations for the headless service. | `{}` | -| `sentinel.terminationGracePeriodSeconds` | Integer setting the termination grace period for the redis-node pods | `30` | +| Name | Description | Value | +| ------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------ | +| `sentinel.enabled` | Use Redis® Sentinel on Redis® pods. | `false` | +| `sentinel.image.registry` | Redis® Sentinel image registry | `docker.io` | +| `sentinel.image.repository` | Redis® Sentinel image repository | `bitnami/redis-sentinel` | +| `sentinel.image.tag` | Redis® Sentinel image tag (immutable tags are recommended) | `7.0.12-debian-11-r1` | +| `sentinel.image.digest` | Redis® Sentinel image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `sentinel.image.pullPolicy` | Redis® Sentinel image pull policy | `IfNotPresent` | +| `sentinel.image.pullSecrets` | Redis® Sentinel image pull secrets | `[]` | +| `sentinel.image.debug` | Enable image debug mode | `false` | +| `sentinel.annotations` | Additional custom annotations for Redis® Sentinel resource | `{}` | +| `sentinel.masterSet` | Master set name | `mymaster` | +| `sentinel.quorum` | Sentinel Quorum | `2` | +| `sentinel.getMasterTimeout` | Amount of time to allow before get_sentinel_master_info() times out. | `220` | +| `sentinel.automateClusterRecovery` | Automate cluster recovery in cases where the last replica is not considered a good replica and Sentinel won't automatically failover to it. | `false` | +| `sentinel.redisShutdownWaitFailover` | Whether the Redis® master container waits for the failover at shutdown (in addition to the Redis® Sentinel container). | `true` | +| `sentinel.downAfterMilliseconds` | Timeout for detecting a Redis® node is down | `60000` | +| `sentinel.failoverTimeout` | Timeout for performing a election failover | `180000` | +| `sentinel.parallelSyncs` | Number of replicas that can be reconfigured in parallel to use the new master after a failover | `1` | +| `sentinel.configuration` | Configuration for Redis® Sentinel nodes | `""` | +| `sentinel.command` | Override default container command (useful when using custom images) | `[]` | +| `sentinel.args` | Override default container args (useful when using custom images) | `[]` | +| `sentinel.preExecCmds` | Additional commands to run prior to starting Redis® Sentinel | `[]` | +| `sentinel.extraEnvVars` | Array with extra environment variables to add to Redis® Sentinel nodes | `[]` | +| `sentinel.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Redis® Sentinel nodes | `""` | +| `sentinel.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Redis® Sentinel nodes | `""` | +| `sentinel.externalMaster.enabled` | Use external master for bootstrapping | `false` | +| `sentinel.externalMaster.host` | External master host to bootstrap from | `""` | +| `sentinel.externalMaster.port` | Port for Redis service external master host | `6379` | +| `sentinel.containerPorts.sentinel` | Container port to open on Redis® Sentinel nodes | `26379` | +| `sentinel.startupProbe.enabled` | Enable startupProbe on Redis® Sentinel nodes | `true` | +| `sentinel.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `sentinel.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `sentinel.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `sentinel.startupProbe.failureThreshold` | Failure threshold for startupProbe | `22` | +| `sentinel.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `sentinel.livenessProbe.enabled` | Enable livenessProbe on Redis® Sentinel nodes | `true` | +| `sentinel.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `20` | +| `sentinel.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `sentinel.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `sentinel.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` | +| `sentinel.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `sentinel.readinessProbe.enabled` | Enable readinessProbe on Redis® Sentinel nodes | `true` | +| `sentinel.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `20` | +| `sentinel.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `5` | +| `sentinel.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `sentinel.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `sentinel.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `sentinel.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `sentinel.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `sentinel.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `sentinel.persistence.enabled` | Enable persistence on Redis® sentinel nodes using Persistent Volume Claims (Experimental) | `false` | +| `sentinel.persistence.storageClass` | Persistent Volume storage class | `""` | +| `sentinel.persistence.accessModes` | Persistent Volume access modes | `["ReadWriteOnce"]` | +| `sentinel.persistence.size` | Persistent Volume size | `100Mi` | +| `sentinel.persistence.annotations` | Additional custom annotations for the PVC | `{}` | +| `sentinel.persistence.labels` | Additional custom labels for the PVC | `{}` | +| `sentinel.persistence.selector` | Additional labels to match for the PVC | `{}` | +| `sentinel.persistence.dataSource` | Custom PVC data source | `{}` | +| `sentinel.persistence.medium` | Provide a medium for `emptyDir` volumes. | `""` | +| `sentinel.persistence.sizeLimit` | Set this to enable a size limit for `emptyDir` volumes. | `""` | +| `sentinel.resources.limits` | The resources limits for the Redis® Sentinel containers | `{}` | +| `sentinel.resources.requests` | The requested resources for the Redis® Sentinel containers | `{}` | +| `sentinel.containerSecurityContext.enabled` | Enabled Redis® Sentinel containers' Security Context | `true` | +| `sentinel.containerSecurityContext.runAsUser` | Set Redis® Sentinel containers' Security Context runAsUser | `1001` | +| `sentinel.containerSecurityContext.runAsGroup` | Set Redis® Sentinel containers' Security Context runAsGroup | `0` | +| `sentinel.containerSecurityContext.runAsNonRoot` | Set Redis® Sentinel containers' Security Context runAsNonRoot | `true` | +| `sentinel.containerSecurityContext.allowPrivilegeEscalation` | Set Redis® Sentinel containers' Security Context allowPrivilegeEscalation | `false` | +| `sentinel.containerSecurityContext.seccompProfile.type` | Set Redis® Sentinel containers' Security Context seccompProfile | `RuntimeDefault` | +| `sentinel.containerSecurityContext.capabilities.drop` | Set Redis® Sentinel containers' Security Context capabilities to drop | `["ALL"]` | +| `sentinel.lifecycleHooks` | for the Redis® sentinel container(s) to automate configuration before or after startup | `{}` | +| `sentinel.extraVolumes` | Optionally specify extra list of additional volumes for the Redis® Sentinel | `[]` | +| `sentinel.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Redis® Sentinel container(s) | `[]` | +| `sentinel.service.type` | Redis® Sentinel service type | `ClusterIP` | +| `sentinel.service.ports.redis` | Redis® service port for Redis® | `6379` | +| `sentinel.service.ports.sentinel` | Redis® service port for Redis® Sentinel | `26379` | +| `sentinel.service.nodePorts.redis` | Node port for Redis® | `""` | +| `sentinel.service.nodePorts.sentinel` | Node port for Sentinel | `""` | +| `sentinel.service.externalTrafficPolicy` | Redis® Sentinel service external traffic policy | `Cluster` | +| `sentinel.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `sentinel.service.clusterIP` | Redis® Sentinel service Cluster IP | `""` | +| `sentinel.service.loadBalancerIP` | Redis® Sentinel service Load Balancer IP | `""` | +| `sentinel.service.loadBalancerSourceRanges` | Redis® Sentinel service Load Balancer sources | `[]` | +| `sentinel.service.annotations` | Additional custom annotations for Redis® Sentinel service | `{}` | +| `sentinel.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | +| `sentinel.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `sentinel.service.headless.annotations` | Annotations for the headless service. | `{}` | +| `sentinel.terminationGracePeriodSeconds` | Integer setting the termination grace period for the redis-node pods | `30` | ### Other Parameters @@ -448,71 +463,76 @@ The command removes all the Kubernetes components associated with the chart and ### Metrics Parameters -| Name | Description | Value | -| -------------------------------------------- | ------------------------------------------------------------------------------------------------------------------- | ------------------------ | -| `metrics.enabled` | Start a sidecar prometheus exporter to expose Redis® metrics | `false` | -| `metrics.image.registry` | Redis® Exporter image registry | `docker.io` | -| `metrics.image.repository` | Redis® Exporter image repository | `bitnami/redis-exporter` | -| `metrics.image.tag` | Redis® Exporter image tag (immutable tags are recommended) | `1.51.0-debian-11-r11` | -| `metrics.image.digest` | Redis® Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | -| `metrics.image.pullPolicy` | Redis® Exporter image pull policy | `IfNotPresent` | -| `metrics.image.pullSecrets` | Redis® Exporter image pull secrets | `[]` | -| `metrics.startupProbe.enabled` | Enable startupProbe on Redis® replicas nodes | `false` | -| `metrics.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | -| `metrics.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | -| `metrics.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | -| `metrics.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | -| `metrics.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | -| `metrics.livenessProbe.enabled` | Enable livenessProbe on Redis® replicas nodes | `true` | -| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | -| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | -| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | -| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | -| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | -| `metrics.readinessProbe.enabled` | Enable readinessProbe on Redis® replicas nodes | `true` | -| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | -| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | -| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | -| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | -| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | -| `metrics.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | -| `metrics.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | -| `metrics.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | -| `metrics.command` | Override default metrics container init command (useful when using custom images) | `[]` | -| `metrics.redisTargetHost` | A way to specify an alternative Redis® hostname | `localhost` | -| `metrics.extraArgs` | Extra arguments for Redis® exporter, for example: | `{}` | -| `metrics.extraEnvVars` | Array with extra environment variables to add to Redis® exporter | `[]` | -| `metrics.containerSecurityContext.enabled` | Enabled Redis® exporter containers' Security Context | `true` | -| `metrics.containerSecurityContext.runAsUser` | Set Redis® exporter containers' Security Context runAsUser | `1001` | -| `metrics.extraVolumes` | Optionally specify extra list of additional volumes for the Redis® metrics sidecar | `[]` | -| `metrics.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Redis® metrics sidecar | `[]` | -| `metrics.resources.limits` | The resources limits for the Redis® exporter container | `{}` | -| `metrics.resources.requests` | The requested resources for the Redis® exporter container | `{}` | -| `metrics.podLabels` | Extra labels for Redis® exporter pods | `{}` | -| `metrics.podAnnotations` | Annotations for Redis® exporter pods | `{}` | -| `metrics.service.type` | Redis® exporter service type | `ClusterIP` | -| `metrics.service.port` | Redis® exporter service port | `9121` | -| `metrics.service.externalTrafficPolicy` | Redis® exporter service external traffic policy | `Cluster` | -| `metrics.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | -| `metrics.service.loadBalancerIP` | Redis® exporter service Load Balancer IP | `""` | -| `metrics.service.loadBalancerSourceRanges` | Redis® exporter service Load Balancer sources | `[]` | -| `metrics.service.annotations` | Additional custom annotations for Redis® exporter service | `{}` | -| `metrics.service.clusterIP` | Redis® exporter service Cluster IP | `""` | -| `metrics.serviceMonitor.enabled` | Create ServiceMonitor resource(s) for scraping metrics using PrometheusOperator | `false` | -| `metrics.serviceMonitor.namespace` | The namespace in which the ServiceMonitor will be created | `""` | -| `metrics.serviceMonitor.interval` | The interval at which metrics should be scraped | `30s` | -| `metrics.serviceMonitor.scrapeTimeout` | The timeout after which the scrape is ended | `""` | -| `metrics.serviceMonitor.relabellings` | Metrics RelabelConfigs to apply to samples before scraping. | `[]` | -| `metrics.serviceMonitor.metricRelabelings` | Metrics RelabelConfigs to apply to samples before ingestion. | `[]` | -| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | -| `metrics.serviceMonitor.additionalLabels` | Additional labels that can be used so ServiceMonitor resource(s) can be discovered by Prometheus | `{}` | -| `metrics.serviceMonitor.podTargetLabels` | Labels from the Kubernetes pod to be transferred to the created metrics | `[]` | -| `metrics.serviceMonitor.sampleLimit` | Limit of how many samples should be scraped from every Pod | `false` | -| `metrics.serviceMonitor.targetLimit` | Limit of how many targets should be scraped | `false` | -| `metrics.prometheusRule.enabled` | Create a custom prometheusRule Resource for scraping metrics using PrometheusOperator | `false` | -| `metrics.prometheusRule.namespace` | The namespace in which the prometheusRule will be created | `""` | -| `metrics.prometheusRule.additionalLabels` | Additional labels for the prometheusRule | `{}` | -| `metrics.prometheusRule.rules` | Custom Prometheus rules | `[]` | +| Name | Description | Value | +| ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------- | ------------------------ | +| `metrics.enabled` | Start a sidecar prometheus exporter to expose Redis® metrics | `false` | +| `metrics.image.registry` | Redis® Exporter image registry | `docker.io` | +| `metrics.image.repository` | Redis® Exporter image repository | `bitnami/redis-exporter` | +| `metrics.image.tag` | Redis® Exporter image tag (immutable tags are recommended) | `1.51.0-debian-11-r11` | +| `metrics.image.digest` | Redis® Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.image.pullPolicy` | Redis® Exporter image pull policy | `IfNotPresent` | +| `metrics.image.pullSecrets` | Redis® Exporter image pull secrets | `[]` | +| `metrics.startupProbe.enabled` | Enable startupProbe on Redis® replicas nodes | `false` | +| `metrics.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` | +| `metrics.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `metrics.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | +| `metrics.startupProbe.failureThreshold` | Failure threshold for startupProbe | `5` | +| `metrics.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `metrics.livenessProbe.enabled` | Enable livenessProbe on Redis® replicas nodes | `true` | +| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | +| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` | +| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `metrics.readinessProbe.enabled` | Enable readinessProbe on Redis® replicas nodes | `true` | +| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | +| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | +| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `metrics.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `metrics.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `metrics.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `metrics.command` | Override default metrics container init command (useful when using custom images) | `[]` | +| `metrics.redisTargetHost` | A way to specify an alternative Redis® hostname | `localhost` | +| `metrics.extraArgs` | Extra arguments for Redis® exporter, for example: | `{}` | +| `metrics.extraEnvVars` | Array with extra environment variables to add to Redis® exporter | `[]` | +| `metrics.containerSecurityContext.enabled` | Enabled Redis® exporter containers' Security Context | `true` | +| `metrics.containerSecurityContext.runAsUser` | Set Redis® exporter containers' Security Context runAsUser | `1001` | +| `metrics.containerSecurityContext.runAsGroup` | Set Redis® exporter containers' Security Context runAsGroup | `0` | +| `metrics.containerSecurityContext.runAsNonRoot` | Set Redis® exporter containers' Security Context runAsNonRoot | `true` | +| `metrics.containerSecurityContext.allowPrivilegeEscalation` | Set Redis® exporter containers' Security Context allowPrivilegeEscalation | `false` | +| `metrics.containerSecurityContext.seccompProfile.type` | Set Redis® exporter containers' Security Context seccompProfile | `RuntimeDefault` | +| `metrics.containerSecurityContext.capabilities.drop` | Set Redis® exporter containers' Security Context capabilities to drop | `["ALL"]` | +| `metrics.extraVolumes` | Optionally specify extra list of additional volumes for the Redis® metrics sidecar | `[]` | +| `metrics.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Redis® metrics sidecar | `[]` | +| `metrics.resources.limits` | The resources limits for the Redis® exporter container | `{}` | +| `metrics.resources.requests` | The requested resources for the Redis® exporter container | `{}` | +| `metrics.podLabels` | Extra labels for Redis® exporter pods | `{}` | +| `metrics.podAnnotations` | Annotations for Redis® exporter pods | `{}` | +| `metrics.service.type` | Redis® exporter service type | `ClusterIP` | +| `metrics.service.port` | Redis® exporter service port | `9121` | +| `metrics.service.externalTrafficPolicy` | Redis® exporter service external traffic policy | `Cluster` | +| `metrics.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | +| `metrics.service.loadBalancerIP` | Redis® exporter service Load Balancer IP | `""` | +| `metrics.service.loadBalancerSourceRanges` | Redis® exporter service Load Balancer sources | `[]` | +| `metrics.service.annotations` | Additional custom annotations for Redis® exporter service | `{}` | +| `metrics.service.clusterIP` | Redis® exporter service Cluster IP | `""` | +| `metrics.serviceMonitor.enabled` | Create ServiceMonitor resource(s) for scraping metrics using PrometheusOperator | `false` | +| `metrics.serviceMonitor.namespace` | The namespace in which the ServiceMonitor will be created | `""` | +| `metrics.serviceMonitor.interval` | The interval at which metrics should be scraped | `30s` | +| `metrics.serviceMonitor.scrapeTimeout` | The timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.relabellings` | Metrics RelabelConfigs to apply to samples before scraping. | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | Metrics RelabelConfigs to apply to samples before ingestion. | `[]` | +| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | +| `metrics.serviceMonitor.additionalLabels` | Additional labels that can be used so ServiceMonitor resource(s) can be discovered by Prometheus | `{}` | +| `metrics.serviceMonitor.podTargetLabels` | Labels from the Kubernetes pod to be transferred to the created metrics | `[]` | +| `metrics.serviceMonitor.sampleLimit` | Limit of how many samples should be scraped from every Pod | `false` | +| `metrics.serviceMonitor.targetLimit` | Limit of how many targets should be scraped | `false` | +| `metrics.prometheusRule.enabled` | Create a custom prometheusRule Resource for scraping metrics using PrometheusOperator | `false` | +| `metrics.prometheusRule.namespace` | The namespace in which the prometheusRule will be created | `""` | +| `metrics.prometheusRule.additionalLabels` | Additional labels for the prometheusRule | `{}` | +| `metrics.prometheusRule.rules` | Custom Prometheus rules | `[]` | ### Init Container Parameters diff --git a/charts/bitnami/redis/templates/_helpers.tpl b/charts/bitnami/redis/templates/_helpers.tpl index 95461819d..7ca7e0430 100644 --- a/charts/bitnami/redis/templates/_helpers.tpl +++ b/charts/bitnami/redis/templates/_helpers.tpl @@ -209,7 +209,7 @@ Get the password key to be retrieved from Redis® secret. */}} {{- define "redis.secretPasswordKey" -}} {{- if and .Values.auth.existingSecret .Values.auth.existingSecretPasswordKey -}} -{{- printf "%s" .Values.auth.existingSecretPasswordKey -}} +{{- printf "%s" (tpl .Values.auth.existingSecretPasswordKey $) -}} {{- else -}} {{- printf "redis-password" -}} {{- end -}} diff --git a/charts/bitnami/redis/values.yaml b/charts/bitnami/redis/values.yaml index ff6d64ec9..168822201 100644 --- a/charts/bitnami/redis/values.yaml +++ b/charts/bitnami/redis/values.yaml @@ -279,10 +279,23 @@ master: ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod ## @param master.containerSecurityContext.enabled Enabled Redis® master containers' Security Context ## @param master.containerSecurityContext.runAsUser Set Redis® master containers' Security Context runAsUser + ## @param master.containerSecurityContext.runAsGroup Set Redis® master containers' Security Context runAsGroup + ## @param master.containerSecurityContext.runAsNonRoot Set Redis® master containers' Security Context runAsNonRoot + ## @param master.containerSecurityContext.allowPrivilegeEscalation Is it possible to escalate Redis® pod(s) privileges + ## @param master.containerSecurityContext.seccompProfile.type Set Redis® master containers' Security Context seccompProfile + ## @param master.containerSecurityContext.capabilities.drop Set Redis® master containers' Security Context capabilities to drop ## containerSecurityContext: enabled: true runAsUser: 1001 + runAsGroup: 0 + runAsNonRoot: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL ## @param master.kind Use either Deployment or StatefulSet (default) ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/ ## @@ -696,10 +709,23 @@ replica: ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod ## @param replica.containerSecurityContext.enabled Enabled Redis® replicas containers' Security Context ## @param replica.containerSecurityContext.runAsUser Set Redis® replicas containers' Security Context runAsUser + ## @param replica.containerSecurityContext.runAsGroup Set Redis® replicas containers' Security Context runAsGroup + ## @param replica.containerSecurityContext.runAsNonRoot Set Redis® replicas containers' Security Context runAsNonRoot + ## @param replica.containerSecurityContext.allowPrivilegeEscalation Set Redis® replicas pod's Security Context allowPrivilegeEscalation + ## @param replica.containerSecurityContext.seccompProfile.type Set Redis® replicas containers' Security Context seccompProfile + ## @param replica.containerSecurityContext.capabilities.drop Set Redis® replicas containers' Security Context capabilities to drop ## containerSecurityContext: enabled: true runAsUser: 1001 + runAsGroup: 0 + runAsNonRoot: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL ## @param replica.schedulerName Alternate scheduler for Redis® replicas pods ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ ## @@ -1197,10 +1223,23 @@ sentinel: ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod ## @param sentinel.containerSecurityContext.enabled Enabled Redis® Sentinel containers' Security Context ## @param sentinel.containerSecurityContext.runAsUser Set Redis® Sentinel containers' Security Context runAsUser + ## @param sentinel.containerSecurityContext.runAsGroup Set Redis® Sentinel containers' Security Context runAsGroup + ## @param sentinel.containerSecurityContext.runAsNonRoot Set Redis® Sentinel containers' Security Context runAsNonRoot + ## @param sentinel.containerSecurityContext.allowPrivilegeEscalation Set Redis® Sentinel containers' Security Context allowPrivilegeEscalation + ## @param sentinel.containerSecurityContext.seccompProfile.type Set Redis® Sentinel containers' Security Context seccompProfile + ## @param sentinel.containerSecurityContext.capabilities.drop Set Redis® Sentinel containers' Security Context capabilities to drop ## containerSecurityContext: enabled: true runAsUser: 1001 + runAsGroup: 0 + runAsNonRoot: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL ## @param sentinel.lifecycleHooks for the Redis® sentinel container(s) to automate configuration before or after startup ## lifecycleHooks: {} @@ -1534,10 +1573,23 @@ metrics: ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod ## @param metrics.containerSecurityContext.enabled Enabled Redis® exporter containers' Security Context ## @param metrics.containerSecurityContext.runAsUser Set Redis® exporter containers' Security Context runAsUser + ## @param metrics.containerSecurityContext.runAsGroup Set Redis® exporter containers' Security Context runAsGroup + ## @param metrics.containerSecurityContext.runAsNonRoot Set Redis® exporter containers' Security Context runAsNonRoot + ## @param metrics.containerSecurityContext.allowPrivilegeEscalation Set Redis® exporter containers' Security Context allowPrivilegeEscalation + ## @param metrics.containerSecurityContext.seccompProfile.type Set Redis® exporter containers' Security Context seccompProfile + ## @param metrics.containerSecurityContext.capabilities.drop Set Redis® exporter containers' Security Context capabilities to drop ## containerSecurityContext: enabled: true runAsUser: 1001 + runAsGroup: 0 + runAsNonRoot: true + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: + - ALL ## @param metrics.extraVolumes Optionally specify extra list of additional volumes for the Redis® metrics sidecar ## extraVolumes: [] diff --git a/charts/citrix/citrix-cpx-with-ingress-controller/Chart.yaml b/charts/citrix/citrix-cpx-with-ingress-controller/Chart.yaml index 491f03646..77abe8dae 100644 --- a/charts/citrix/citrix-cpx-with-ingress-controller/Chart.yaml +++ b/charts/citrix/citrix-cpx-with-ingress-controller/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>=v1.16.0-0' catalog.cattle.io/release-name: citrix-cpx-with-ingress-controller apiVersion: v2 -appVersion: 1.33.4 +appVersion: 1.34.16 description: A Helm chart for Citrix ADC CPX with Citrix ingress Controller running as sidecar. home: https://www.cloud.com @@ -18,4 +18,4 @@ maintainers: name: citrix-cpx-with-ingress-controller sources: - https://github.com/citrix/citrix-k8s-ingress-controller -version: 1.33.4 +version: 1.34.16 diff --git a/charts/citrix/citrix-cpx-with-ingress-controller/README.md b/charts/citrix/citrix-cpx-with-ingress-controller/README.md index e05568851..478a45149 100644 --- a/charts/citrix/citrix-cpx-with-ingress-controller/README.md +++ b/charts/citrix/citrix-cpx-with-ingress-controller/README.md @@ -450,12 +450,12 @@ The following table lists the configurable parameters of the Citrix ADC CPX with | license.accept | Mandatory | no | Set `yes` to accept the Citrix ingress controller end user license agreement. | | imageRegistry | Mandatory | `quay.io` | The Citrix ADC CPX image registry | | imageRepository | Mandatory | `citrix/citrix-k8s-cpx-ingress` | The Citrix ADC CPX image repository | -| imageTag | Mandatory | `13.1-30.52` | The Citrix ADC CPX image tag | +| imageTag | Mandatory | `13.1-49.13` | The Citrix ADC CPX image tag | | pullPolicy | Mandatory | IfNotPresent | The Citrix ADC CPX image pull policy. | | daemonSet | Optional | False | Set this to true if Citrix ADC CPX needs to be deployed as DaemonSet. | | cic.imageRegistry | Mandatory | `quay.io` | The Citrix ingress controller image registry | | cic.imageRepository | Mandatory | `citrix/citrix-k8s-ingress-controller` | The Citrix ingress controller image repository | -| cic.imageTag | Mandatory | `1.33.4` | The Citrix ingress controller image tag | +| cic.imageTag | Mandatory | `1.34.16` | The Citrix ingress controller image tag | | cic.pullPolicy | Mandatory | IfNotPresent | The Citrix ingress controller image pull policy. | | cic.required | Mandatory | true | CIC to be run as sidecar with Citrix ADC CPX | | cic.resources | Optional | {} | CPU/Memory resource requests/limits for Citrix Ingress Controller container | @@ -523,10 +523,11 @@ The following table lists the configurable parameters of the Citrix ADC CPX with | exporter.required | Optional | false | Use the argument if you want to run the [Exporter for Citrix ADC Stats](https://github.com/citrix/citrix-adc-metrics-exporter) along with Citrix ingress controller to pull metrics for the Citrix ADC CPX| | exporter.imageRegistry | Optional | `quay.io` | The Exporter for Citrix ADC Stats image registry | | exporter.imageRepository | Optional | `citrix/citrix-adc-metrics-exporter` | The Exporter for Citrix ADC Stats image repository | -| exporter.imageTag | Optional | `1.4.9` | The Exporter for Citrix ADC Stats image tag | +| exporter.imageTag | Optional | `1.4.9` | The Exporter for Citrix ADC Stats image tag | | exporter.pullPolicy | Optional | IfNotPresent | The Exporter for Citrix ADC Stats image pull policy. | | exporter.resources | Optional | {} | CPU/Memory resource requests/limits for Metrics exporter container | | exporter.ports.containerPort | Optional | 8888 | The Exporter for Citrix ADC Stats container port. | +| exporter.serviceMonitorExtraLabels | Optional | | Extra labels for service monitor whem Citrix-adc-metrics-exporter is enabled. | | analyticsConfig.required | Mandatory | false | Set this to true if you want to configure Citrix ADC to send metrics and transaction records to analytics service. | | analyticsConfig.distributedTracing.enable | Optional | false | Set this value to true to enable OpenTracing in Citrix ADC. | | analyticsConfig.distributedTracing.samplingrate | Optional | 100 | Specifies the OpenTracing sampling rate in percentage. | diff --git a/charts/citrix/citrix-cpx-with-ingress-controller/templates/citrix-k8s-cpx-ingress.yaml b/charts/citrix/citrix-cpx-with-ingress-controller/templates/citrix-k8s-cpx-ingress.yaml index d7d610ea0..f265d4e3a 100644 --- a/charts/citrix/citrix-cpx-with-ingress-controller/templates/citrix-k8s-cpx-ingress.yaml +++ b/charts/citrix/citrix-cpx-with-ingress-controller/templates/citrix-k8s-cpx-ingress.yaml @@ -406,6 +406,9 @@ metadata: namespace: {{ .Release.Namespace }} labels: servicemonitor: citrix-adc-cpx + {{- with .Values.exporter.serviceMonitorExtraLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} spec: endpoints: - interval: 30s diff --git a/charts/citrix/citrix-cpx-with-ingress-controller/values.yaml b/charts/citrix/citrix-cpx-with-ingress-controller/values.yaml index 9f20aa04c..bb9e1f951 100644 --- a/charts/citrix/citrix-cpx-with-ingress-controller/values.yaml +++ b/charts/citrix/citrix-cpx-with-ingress-controller/values.yaml @@ -5,7 +5,7 @@ # Citrix ADC CPX config details imageRegistry: quay.io imageRepository: citrix/citrix-k8s-cpx-ingress -imageTag: 13.1-37.38 +imageTag: 13.1-49.13 image: "{{ .Values.imageRegistry }}/{{ .Values.imageRepository }}:{{ .Values.imageTag }}" pullPolicy: IfNotPresent imagePullSecrets: [] @@ -82,7 +82,7 @@ servicePorts: [] cic: imageRegistry: quay.io imageRepository: citrix/citrix-k8s-ingress-controller - imageTag: 1.33.4 + imageTag: 1.34.16 image: "{{ .Values.cic.imageRegistry }}/{{ .Values.cic.imageRepository }}:{{ .Values.cic.imageTag }}" pullPolicy: IfNotPresent required: true @@ -167,7 +167,7 @@ exporter: # requests: # cpu: 100m # memory: 128Mi - + serviceMonitorExtraLabels: {} # For CRDs supported by Citrix Ingress Controller crds: diff --git a/charts/citrix/citrix-ingress-controller/Chart.yaml b/charts/citrix/citrix-ingress-controller/Chart.yaml index abd7d56cd..125927f72 100644 --- a/charts/citrix/citrix-ingress-controller/Chart.yaml +++ b/charts/citrix/citrix-ingress-controller/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>=v1.16.0-0' catalog.cattle.io/release-name: citrix-ingress-controller apiVersion: v2 -appVersion: 1.33.4 +appVersion: 1.34.16 description: A Helm chart for Citrix Ingress Controller configuring MPX/VPX. home: https://www.cloud.com icon: https://raw.githubusercontent.com/citrix/citrix-helm-charts/gh-pages/icon.png @@ -17,4 +17,4 @@ maintainers: name: citrix-ingress-controller sources: - https://github.com/citrix/citrix-k8s-ingress-controller -version: 1.33.4 +version: 1.34.16 diff --git a/charts/citrix/citrix-ingress-controller/README.md b/charts/citrix/citrix-ingress-controller/README.md index c2f193f54..e70970ae8 100644 --- a/charts/citrix/citrix-ingress-controller/README.md +++ b/charts/citrix/citrix-ingress-controller/README.md @@ -316,7 +316,7 @@ The following table lists the mandatory and optional parameters that you can con | license.accept | Mandatory | no | Set `yes` to accept the CIC end user license agreement. | | imageRegistry | Mandatory | `quay.io` | The Citrix ingress controller image registry | | imageRepository | Mandatory | `citrix/citrix-k8s-ingress-controller` | The Citrix ingress controller image repository | -| imageTag | Mandatory | `1.33.4` | The Citrix ingress controller image tag | +| imageTag | Mandatory | `1.34.16` | The Citrix ingress controller image tag | | pullPolicy | Mandatory | IfNotPresent | The CIC image pull policy. | | imagePullSecrets | Optional | N/A | Provide list of Kubernetes secrets to be used for pulling the images from a private Docker registry or repository. For more information on how to create this secret please see [Pull an Image from a Private Registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). | | nameOverride | Optional | N/A | String to partially override deployment fullname template with a string (will prepend the release name) | @@ -371,6 +371,7 @@ The following table lists the mandatory and optional parameters that you can con | exporter.ports.containerPort | Optional | 8888 | The Exporter container port. | | exporter.resources | Optional | {} | CPU/Memory resource requests/limits for Metrics exporter container | | exporter.extraVolumeMounts | Optional | [] | Specify the Additional VolumeMounts to be mounted in Exporter container. Specify the volumes in `extraVolumes` | +| exporter.serviceMonitorExtraLabels | Optional | | Extra labels for service monitor whem Citrix-adc-metrics-exporter is enabled. |s | openshift | Optional | false | Set this argument if OpenShift environment is being used. | | disableOpenshiftRoutes | Optional | false | By default Openshift routes are processed in openshift environment, this variable can be used to disable Ingress controller processing the openshift routes. | | nodeSelector.key | Optional | N/A | Node label key to be used for nodeSelector option in CIC deployment. | diff --git a/charts/citrix/citrix-ingress-controller/templates/citrix-k8s-ingress.yaml b/charts/citrix/citrix-ingress-controller/templates/citrix-k8s-ingress.yaml index ac0ba09fa..45d14b69c 100644 --- a/charts/citrix/citrix-ingress-controller/templates/citrix-k8s-ingress.yaml +++ b/charts/citrix/citrix-ingress-controller/templates/citrix-k8s-ingress.yaml @@ -248,6 +248,9 @@ metadata: namespace: {{ .Release.Namespace }} labels: servicemonitor: citrix-adc + {{- with .Values.exporter.serviceMonitorExtraLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} spec: endpoints: - interval: 30s diff --git a/charts/citrix/citrix-ingress-controller/values.yaml b/charts/citrix/citrix-ingress-controller/values.yaml index 1a2f8bf53..fa2551fca 100644 --- a/charts/citrix/citrix-ingress-controller/values.yaml +++ b/charts/citrix/citrix-ingress-controller/values.yaml @@ -5,7 +5,7 @@ # Citrix Ingress Controller config details imageRegistry: quay.io imageRepository: citrix/citrix-k8s-ingress-controller -imageTag: 1.33.4 +imageTag: 1.34.16 image: "{{ .Values.imageRegistry }}/{{ .Values.imageRepository }}:{{ .Values.imageTag }}" pullPolicy: IfNotPresent imagePullSecrets: [] @@ -14,7 +14,7 @@ fullnameOverride: "" openshift: false adcCredentialSecret: # K8s Secret Name # Enable secretStore to implement CSI Secret Provider classes for holding the nslogin credentials -secretStore: +secretStore: enabled: false username: {} #valueFrom: @@ -115,6 +115,7 @@ exporter: # readOnly: true #- name: agent-init-scripts # mountPath: /docker-entrypoint.d/ + serviceMonitorExtraLabels: {} # For CRDs supported by Citrix Ingress Controller crds: diff --git a/charts/cockroach-labs/cockroachdb/Chart.yaml b/charts/cockroach-labs/cockroachdb/Chart.yaml index 267e0b4c2..d4d68c4b7 100644 --- a/charts/cockroach-labs/cockroachdb/Chart.yaml +++ b/charts/cockroach-labs/cockroachdb/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>=1.8-0' catalog.cattle.io/release-name: cockroachdb apiVersion: v1 -appVersion: 23.1.5 +appVersion: 23.1.6 description: CockroachDB is a scalable, survivable, strongly-consistent SQL database. home: https://www.cockroachlabs.com icon: https://raw.githubusercontent.com/cockroachdb/cockroach/master/docs/media/cockroach_db.png @@ -14,4 +14,4 @@ maintainers: name: cockroachdb sources: - https://github.com/cockroachdb/cockroach -version: 11.1.0 +version: 11.1.3 diff --git a/charts/cockroach-labs/cockroachdb/README.md b/charts/cockroach-labs/cockroachdb/README.md index 8dc2daa67..9eb752408 100644 --- a/charts/cockroach-labs/cockroachdb/README.md +++ b/charts/cockroach-labs/cockroachdb/README.md @@ -229,10 +229,10 @@ kubectl get pods \ ``` ``` -my-release-cockroachdb-0 cockroachdb/cockroach:v23.1.5 -my-release-cockroachdb-1 cockroachdb/cockroach:v23.1.5 -my-release-cockroachdb-2 cockroachdb/cockroach:v23.1.5 -my-release-cockroachdb-3 cockroachdb/cockroach:v23.1.5 +my-release-cockroachdb-0 cockroachdb/cockroach:v23.1.6 +my-release-cockroachdb-1 cockroachdb/cockroach:v23.1.6 +my-release-cockroachdb-2 cockroachdb/cockroach:v23.1.6 +my-release-cockroachdb-3 cockroachdb/cockroach:v23.1.6 ``` Resume normal operations. Once you are comfortable that the stability and performance of the cluster is what you'd expect post-upgrade, finalize the upgrade: @@ -316,7 +316,7 @@ For details see the [`values.yaml`](values.yaml) file. | `conf.store.size` | CockroachDB storage size | `""` | | `conf.store.attrs` | CockroachDB storage attributes | `""` | | `image.repository` | Container image name | `cockroachdb/cockroach` | -| `image.tag` | Container image tag | `v23.1.5` | +| `image.tag` | Container image tag | `v23.1.6` | | `image.pullPolicy` | Container pull policy | `IfNotPresent` | | `image.credentials` | `registry`, `user` and `pass` credentials to pull private image | `{}` | | `statefulset.replicas` | StatefulSet replicas number | `3` | diff --git a/charts/cockroach-labs/cockroachdb/values.yaml b/charts/cockroach-labs/cockroachdb/values.yaml index f7ae9f1fe..252ab2214 100644 --- a/charts/cockroach-labs/cockroachdb/values.yaml +++ b/charts/cockroach-labs/cockroachdb/values.yaml @@ -1,7 +1,7 @@ # Generated file, DO NOT EDIT. Source: build/templates/values.yaml image: repository: cockroachdb/cockroach - tag: v23.1.5 + tag: v23.1.6 pullPolicy: IfNotPresent credentials: {} # registry: docker.io diff --git a/charts/datadog/datadog-operator/CHANGELOG.md b/charts/datadog/datadog-operator/CHANGELOG.md index a5e45ee9d..b01570b03 100644 --- a/charts/datadog/datadog-operator/CHANGELOG.md +++ b/charts/datadog/datadog-operator/CHANGELOG.md @@ -1,5 +1,9 @@ # Changelog +## 1.0.7 + +* Fix clusterrole to include `extensions` group for `customresourcedefinitions` resource. + ## 1.0.6 * Fix conversionWebhook.enabled parameter to correctly set user-configured value when enabling the conversion webhook. diff --git a/charts/datadog/datadog-operator/Chart.yaml b/charts/datadog/datadog-operator/Chart.yaml index 6dd7679e3..233b74587 100644 --- a/charts/datadog/datadog-operator/Chart.yaml +++ b/charts/datadog/datadog-operator/Chart.yaml @@ -26,4 +26,4 @@ name: datadog-operator sources: - https://app.datadoghq.com/account/settings#agent/kubernetes - https://github.com/DataDog/datadog-agent -version: 1.0.6 +version: 1.0.7 diff --git a/charts/datadog/datadog-operator/README.md b/charts/datadog/datadog-operator/README.md index bed64062c..088707677 100644 --- a/charts/datadog/datadog-operator/README.md +++ b/charts/datadog/datadog-operator/README.md @@ -1,6 +1,6 @@ # Datadog Operator -![Version: 1.0.6](https://img.shields.io/badge/Version-1.0.6-informational?style=flat-square) ![AppVersion: 1.0.3](https://img.shields.io/badge/AppVersion-1.0.3-informational?style=flat-square) +![Version: 1.0.7](https://img.shields.io/badge/Version-1.0.7-informational?style=flat-square) ![AppVersion: 1.0.3](https://img.shields.io/badge/AppVersion-1.0.3-informational?style=flat-square) ## Values diff --git a/charts/datadog/datadog-operator/templates/clusterrole.yaml b/charts/datadog/datadog-operator/templates/clusterrole.yaml index fcf9df746..485f71eda 100644 --- a/charts/datadog/datadog-operator/templates/clusterrole.yaml +++ b/charts/datadog/datadog-operator/templates/clusterrole.yaml @@ -332,6 +332,7 @@ rules: - watch - apiGroups: - apiextensions.k8s.io + - extensions resources: - customresourcedefinitions verbs: diff --git a/charts/dynatrace/dynatrace-operator/Chart.yaml b/charts/dynatrace/dynatrace-operator/Chart.yaml index de56a5f53..f163a2389 100644 --- a/charts/dynatrace/dynatrace-operator/Chart.yaml +++ b/charts/dynatrace/dynatrace-operator/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>=1.19.0-0' catalog.cattle.io/release-name: dynatrace-operator apiVersion: v2 -appVersion: 0.12.0 +appVersion: 0.12.1 description: The Dynatrace Operator Helm chart for Kubernetes and OpenShift home: https://www.dynatrace.com/ icon: https://assets.dynatrace.com/global/resources/Signet_Logo_RGB_CP_512x512px.png @@ -20,4 +20,4 @@ name: dynatrace-operator sources: - https://github.com/Dynatrace/dynatrace-operator type: application -version: 0.12.0 +version: 0.12.1 diff --git a/charts/dynatrace/dynatrace-operator/templates/Common/activegate/clusterrole-activegate.yaml b/charts/dynatrace/dynatrace-operator/templates/Common/activegate/clusterrole-activegate.yaml index 14b1645b8..a9eaec218 100644 --- a/charts/dynatrace/dynatrace-operator/templates/Common/activegate/clusterrole-activegate.yaml +++ b/charts/dynatrace/dynatrace-operator/templates/Common/activegate/clusterrole-activegate.yaml @@ -1,5 +1,6 @@ {{- include "dynatrace-operator.platformRequired" . }} -{{- if (eq (include "dynatrace-operator.platform" .) "openshift") }} +{{- if (eq (include "dynatrace-operator.openshiftOrOlm" .) "true") }} +{{- if ne (include "dynatrace-operator.partial" .) "csi" }} # Copyright 2021 Dynatrace LLC @@ -46,3 +47,4 @@ roleRef: name: dynatrace-activegate apiGroup: rbac.authorization.k8s.io {{- end -}} +{{- end -}} diff --git a/charts/dynatrace/dynatrace-operator/templates/Common/csi/clusterrole-csi.yaml b/charts/dynatrace/dynatrace-operator/templates/Common/csi/clusterrole-csi.yaml index c631bb7bf..cb812c202 100644 --- a/charts/dynatrace/dynatrace-operator/templates/Common/csi/clusterrole-csi.yaml +++ b/charts/dynatrace/dynatrace-operator/templates/Common/csi/clusterrole-csi.yaml @@ -62,7 +62,7 @@ rules: - get - list - watch - {{- if (eq (include "dynatrace-operator.platform" .) "openshift") }} + {{- if (eq (include "dynatrace-operator.openshiftOrOlm" .) "true") }} - apiGroups: - security.openshift.io resourceNames: diff --git a/charts/dynatrace/dynatrace-operator/templates/Common/csi/csidriver.yaml b/charts/dynatrace/dynatrace-operator/templates/Common/csi/csidriver.yaml index c17e0992e..5ad7c4314 100644 --- a/charts/dynatrace/dynatrace-operator/templates/Common/csi/csidriver.yaml +++ b/charts/dynatrace/dynatrace-operator/templates/Common/csi/csidriver.yaml @@ -18,7 +18,7 @@ kind: CSIDriver metadata: name: csi.oneagent.dynatrace.com labels: - {{- if (eq (include "dynatrace-operator.platform" .) "openshift") }} + {{- if (eq (include "dynatrace-operator.openshiftOrOlm" .) "true") }} security.openshift.io/csi-ephemeral-volume-profile: "restricted" {{- end }} {{- include "dynatrace-operator.csiLabels" . | nindent 4 }} diff --git a/charts/dynatrace/dynatrace-operator/templates/Common/kubernetes-monitoring/clusterrole-kubernetes-monitoring.yaml b/charts/dynatrace/dynatrace-operator/templates/Common/kubernetes-monitoring/clusterrole-kubernetes-monitoring.yaml index 75ea50520..15de7e29d 100644 --- a/charts/dynatrace/dynatrace-operator/templates/Common/kubernetes-monitoring/clusterrole-kubernetes-monitoring.yaml +++ b/charts/dynatrace/dynatrace-operator/templates/Common/kubernetes-monitoring/clusterrole-kubernetes-monitoring.yaml @@ -80,7 +80,7 @@ rules: - /livez verbs: - get - {{- if (eq (include "dynatrace-operator.platform" .) "openshift") }} + {{- if (eq (include "dynatrace-operator.openshiftOrOlm" .) "true") }} - apiGroups: - security.openshift.io resourceNames: diff --git a/charts/dynatrace/dynatrace-operator/templates/Common/oneagent/clusterrole-oneagent-privileged.yaml b/charts/dynatrace/dynatrace-operator/templates/Common/oneagent/clusterrole-oneagent-privileged.yaml new file mode 100644 index 000000000..4cea33e2c --- /dev/null +++ b/charts/dynatrace/dynatrace-operator/templates/Common/oneagent/clusterrole-oneagent-privileged.yaml @@ -0,0 +1,48 @@ +{{- include "dynatrace-operator.platformRequired" . }} +{{- if (eq (include "dynatrace-operator.openshiftOrOlm" .) "true") }} +{{- if ne (include "dynatrace-operator.partial" .) "csi" }} +# Copyright 2021 Dynatrace LLC + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: dynatrace-dynakube-oneagent-privileged + labels: + {{- include "dynatrace-operator.oneagentLabels" . | nindent 4 }} +rules: + - apiGroups: + - security.openshift.io + resourceNames: + - privileged + resources: + - securitycontextconstraints + verbs: + - use +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: dynatrace-dynakube-oneagent-privileged + labels: + {{- include "dynatrace-operator.oneagentLabels" . | nindent 4 }} +subjects: + - kind: ServiceAccount + name: "dynatrace-dynakube-oneagent-privileged" + namespace: {{ .Release.Namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: "dynatrace-dynakube-oneagent-privileged" +{{ end }} +{{ end }} diff --git a/charts/dynatrace/dynatrace-operator/templates/Common/oneagent/clusterrole-oneagent.yaml b/charts/dynatrace/dynatrace-operator/templates/Common/oneagent/clusterrole-oneagent-unprivileged.yaml similarity index 82% rename from charts/dynatrace/dynatrace-operator/templates/Common/oneagent/clusterrole-oneagent.yaml rename to charts/dynatrace/dynatrace-operator/templates/Common/oneagent/clusterrole-oneagent-unprivileged.yaml index d179ebb0a..65e5520e7 100644 --- a/charts/dynatrace/dynatrace-operator/templates/Common/oneagent/clusterrole-oneagent.yaml +++ b/charts/dynatrace/dynatrace-operator/templates/Common/oneagent/clusterrole-oneagent-unprivileged.yaml @@ -1,5 +1,5 @@ {{- include "dynatrace-operator.platformRequired" . }} -{{- if (eq (include "dynatrace-operator.platform" .) "openshift") }} +{{- if (eq (include "dynatrace-operator.openshiftOrOlm" .) "true") }} # Copyright 2021 Dynatrace LLC # Licensed under the Apache License, Version 2.0 (the "License"); @@ -16,7 +16,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: dynatrace-dynakube-oneagent + name: dynatrace-dynakube-oneagent-unprivileged labels: {{- include "dynatrace-operator.oneagentLabels" . | nindent 4 }} rules: @@ -32,15 +32,15 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: dynatrace-dynakube-oneagent + name: dynatrace-dynakube-oneagent-unprivileged labels: {{- include "dynatrace-operator.oneagentLabels" . | nindent 4 }} subjects: - kind: ServiceAccount - name: dynatrace-dynakube-oneagent + name: dynatrace-dynakube-oneagent-unprivileged namespace: {{ .Release.Namespace }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: dynatrace-dynakube-oneagent + name: dynatrace-dynakube-oneagent-unprivileged {{ end }} diff --git a/charts/dynatrace/dynatrace-operator/templates/Common/oneagent/serviceaccount-oneagent.yaml b/charts/dynatrace/dynatrace-operator/templates/Common/oneagent/serviceaccount-oneagent-privileged.yaml similarity index 95% rename from charts/dynatrace/dynatrace-operator/templates/Common/oneagent/serviceaccount-oneagent.yaml rename to charts/dynatrace/dynatrace-operator/templates/Common/oneagent/serviceaccount-oneagent-privileged.yaml index 311c55747..6c134c86d 100644 --- a/charts/dynatrace/dynatrace-operator/templates/Common/oneagent/serviceaccount-oneagent.yaml +++ b/charts/dynatrace/dynatrace-operator/templates/Common/oneagent/serviceaccount-oneagent-privileged.yaml @@ -16,7 +16,7 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: dynatrace-dynakube-oneagent + name: dynatrace-dynakube-oneagent-privileged namespace: {{ .Release.Namespace }} labels: {{- include "dynatrace-operator.oneagentLabels" . | nindent 4 }} diff --git a/charts/dynatrace/dynatrace-operator/templates/Common/oneagent/serviceaccount-oneagent-unprivileged.yaml b/charts/dynatrace/dynatrace-operator/templates/Common/oneagent/serviceaccount-oneagent-unprivileged.yaml new file mode 100644 index 000000000..4f416294c --- /dev/null +++ b/charts/dynatrace/dynatrace-operator/templates/Common/oneagent/serviceaccount-oneagent-unprivileged.yaml @@ -0,0 +1,24 @@ +{{- include "dynatrace-operator.platformRequired" . }} +{{ if eq (include "dynatrace-operator.partial" .) "false" }} +# Copyright 2021 Dynatrace LLC + +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: v1 +kind: ServiceAccount +metadata: + name: dynatrace-dynakube-oneagent-unprivileged + namespace: {{ .Release.Namespace }} + labels: + {{- include "dynatrace-operator.oneagentLabels" . | nindent 4 }} +automountServiceAccountToken: false +{{ end }} diff --git a/charts/dynatrace/dynatrace-operator/templates/Common/operator/clusterrole-operator.yaml b/charts/dynatrace/dynatrace-operator/templates/Common/operator/clusterrole-operator.yaml index 195334b4f..c3a274d47 100644 --- a/charts/dynatrace/dynatrace-operator/templates/Common/operator/clusterrole-operator.yaml +++ b/charts/dynatrace/dynatrace-operator/templates/Common/operator/clusterrole-operator.yaml @@ -90,7 +90,7 @@ rules: verbs: - get - update - {{- if (eq (include "dynatrace-operator.platform" .) "openshift") }} + {{- if (eq (include "dynatrace-operator.openshiftOrOlm" .) "true") }} - apiGroups: - security.openshift.io resourceNames: diff --git a/charts/dynatrace/dynatrace-operator/templates/Common/operator/deployment-operator.yaml b/charts/dynatrace/dynatrace-operator/templates/Common/operator/deployment-operator.yaml index a2cb7bb04..c15f3d9e2 100644 --- a/charts/dynatrace/dynatrace-operator/templates/Common/operator/deployment-operator.yaml +++ b/charts/dynatrace/dynatrace-operator/templates/Common/operator/deployment-operator.yaml @@ -75,6 +75,13 @@ spec: volumeMounts: - name: tmp-cert-dir mountPath: /tmp/dynatrace-operator + readinessProbe: + httpGet: + path: /livez + port: server-port + scheme: HTTP + initialDelaySeconds: 15 + periodSeconds: 10 livenessProbe: httpGet: path: /livez diff --git a/charts/dynatrace/dynatrace-operator/templates/Common/webhook/clusterrole-webhook.yaml b/charts/dynatrace/dynatrace-operator/templates/Common/webhook/clusterrole-webhook.yaml index 87379df14..b41e0ba97 100644 --- a/charts/dynatrace/dynatrace-operator/templates/Common/webhook/clusterrole-webhook.yaml +++ b/charts/dynatrace/dynatrace-operator/templates/Common/webhook/clusterrole-webhook.yaml @@ -83,7 +83,7 @@ rules: - deploymentconfigs verbs: - get - {{- if (eq (include "dynatrace-operator.platform" .) "openshift") }} + {{- if (eq (include "dynatrace-operator.openshiftOrOlm" .) "true") }} - apiGroups: - security.openshift.io resourceNames: diff --git a/charts/dynatrace/dynatrace-operator/templates/Common/webhook/deployment-webhook.yaml b/charts/dynatrace/dynatrace-operator/templates/Common/webhook/deployment-webhook.yaml index 814647b63..3f73bfd5d 100644 --- a/charts/dynatrace/dynatrace-operator/templates/Common/webhook/deployment-webhook.yaml +++ b/charts/dynatrace/dynatrace-operator/templates/Common/webhook/deployment-webhook.yaml @@ -104,25 +104,13 @@ spec: fieldRef: fieldPath: metadata.name readinessProbe: - httpGet: - path: /readyz - port: livez - scheme: HTTP - initialDelaySeconds: 15 - periodSeconds: 10 - - livenessProbe: httpGet: path: /livez - port: livez - scheme: HTTP - initialDelaySeconds: 15 - periodSeconds: 10 + port: server-port + scheme: HTTPS ports: - name: server-port containerPort: 8443 - - name: livez - containerPort: 10080 resources: requests: {{- toYaml (.Values.webhook).requests | nindent 14 }} diff --git a/charts/dynatrace/dynatrace-operator/templates/_platform.tpl b/charts/dynatrace/dynatrace-operator/templates/_platform.tpl index b751561c7..c8a862e44 100644 --- a/charts/dynatrace/dynatrace-operator/templates/_platform.tpl +++ b/charts/dynatrace/dynatrace-operator/templates/_platform.tpl @@ -27,6 +27,15 @@ Auto-detect the platform (if not set), according to the available APIVersions {{- end -}} {{- end }} +{{/* +Exclude Kubernetes manifest not running on OLM +*/}} +{{- define "dynatrace-operator.openshiftOrOlm" -}} +{{- if and (or (eq (include "dynatrace-operator.platform" .) "openshift") (.Values.olm)) (eq (include "dynatrace-operator.partial" .) "false") -}} + {{ default "true" }} +{{- end -}} +{{- end -}} + {{/* Check if platform is set to a valid one */}} diff --git a/charts/haproxy/haproxy/Chart.yaml b/charts/haproxy/haproxy/Chart.yaml index 4f37e902d..085468a92 100644 --- a/charts/haproxy/haproxy/Chart.yaml +++ b/charts/haproxy/haproxy/Chart.yaml @@ -1,12 +1,12 @@ annotations: artifacthub.io/changes: | - - Update CRDs to v1alpha2 (#200) + - Use Ingress Controller 1.10.5 version for base image catalog.cattle.io/certified: partner catalog.cattle.io/display-name: HAProxy Kubernetes Ingress Controller catalog.cattle.io/kube-version: '>=1.22.0-0' catalog.cattle.io/release-name: haproxy apiVersion: v2 -appVersion: 1.10.4 +appVersion: 1.10.5 description: A Helm chart for HAProxy Kubernetes Ingress Controller home: https://github.com/haproxytech/helm-charts/tree/main/kubernetes-ingress icon: https://raw.githubusercontent.com/haproxytech/helm-charts/main/kubernetes-ingress/chart-icon.png @@ -21,4 +21,4 @@ name: haproxy sources: - https://github.com/haproxytech/kubernetes-ingress type: application -version: 1.32.1 +version: 1.32.2 diff --git a/charts/redpanda/redpanda/Chart.lock b/charts/redpanda/redpanda/Chart.lock index 0366a96b4..764c07f10 100644 --- a/charts/redpanda/redpanda/Chart.lock +++ b/charts/redpanda/redpanda/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: console repository: https://charts.redpanda.com - version: 0.6.7 -digest: sha256:ab9d2c81c543e757d96bad4ece087707a6786d3b5edff585e6c57426b6171964 -generated: "2023-07-22T16:38:04.026894427Z" + version: 0.6.8 +digest: sha256:a04bded7addef5f2f904ae26f5bd72011f2a5d1b42916ee9566a90a2861c0cce +generated: "2023-07-26T00:56:34.226076148Z" diff --git a/charts/redpanda/redpanda/Chart.yaml b/charts/redpanda/redpanda/Chart.yaml index bad954ac6..5eaffae52 100644 --- a/charts/redpanda/redpanda/Chart.yaml +++ b/charts/redpanda/redpanda/Chart.yaml @@ -33,4 +33,4 @@ name: redpanda sources: - https://github.com/redpanda-data/helm-charts type: application -version: 5.0.1 +version: 5.0.3 diff --git a/charts/redpanda/redpanda/charts/console/Chart.yaml b/charts/redpanda/redpanda/charts/console/Chart.yaml index 1f9ac70cb..79a048d5d 100644 --- a/charts/redpanda/redpanda/charts/console/Chart.yaml +++ b/charts/redpanda/redpanda/charts/console/Chart.yaml @@ -1,7 +1,7 @@ annotations: artifacthub.io/images: | - name: redpanda - image: docker.redpanda.com/redpandadata/console:v2.2.3 + image: docker.redpanda.com/redpandadata/console:v2.2.5 artifacthub.io/license: Apache-2.0 artifacthub.io/links: | - name: Documentation @@ -19,4 +19,4 @@ name: console sources: - https://github.com/redpanda-data/helm-charts type: application -version: 0.6.7 +version: 0.6.8 diff --git a/charts/redpanda/redpanda/charts/console/README.md b/charts/redpanda/redpanda/charts/console/README.md index e638fefcf..7d6465faa 100644 --- a/charts/redpanda/redpanda/charts/console/README.md +++ b/charts/redpanda/redpanda/charts/console/README.md @@ -6,6 +6,7 @@ You can install the chart by running the following commands: ```shell helm repo add redpanda 'https://charts.redpanda.com/' helm repo update +kubectl kustomize https://github.com/redpanda-data/redpanda/src/go/k8s/config/crd | kubectl apply -f - helm install redpanda/console -f myvalues.yaml ``` diff --git a/charts/redpanda/redpanda/cr.yaml b/charts/redpanda/redpanda/cr.yaml deleted file mode 100644 index 2f38f5ead..000000000 --- a/charts/redpanda/redpanda/cr.yaml +++ /dev/null @@ -1,6 +0,0 @@ -owner: redpanda-data -git-repo: redpanda-data/helm-charts -token: lab -make-release-latest: true -generate-release-notes: true -package-path: ./charts/ diff --git a/charts/redpanda/redpanda/values.yaml b/charts/redpanda/redpanda/values.yaml index c9bc9effb..4e436c89c 100644 --- a/charts/redpanda/redpanda/values.yaml +++ b/charts/redpanda/redpanda/values.yaml @@ -644,7 +644,7 @@ tuning: # Override global settings configured above for individual # listeners. # For details, -# see the [listeners documentation](https://docs.redpanda.com/docs/beta/manage/kubernetes/networking/configure-listeners/). +# see the [listeners documentation](https://docs.redpanda.com/docs/manage/kubernetes/networking/configure-listeners/). listeners: # -- Admin API listener (only one). admin: diff --git a/charts/speedscale/speedscale-operator/Chart.yaml b/charts/speedscale/speedscale-operator/Chart.yaml index 61bf6b714..1fe918d03 100644 --- a/charts/speedscale/speedscale-operator/Chart.yaml +++ b/charts/speedscale/speedscale-operator/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>= 1.17.0-0' catalog.cattle.io/release-name: speedscale-operator apiVersion: v1 -appVersion: 1.3.213 +appVersion: 1.3.227 description: Stress test your APIs with real world scenarios. Collect and replay traffic without scripting. home: https://speedscale.com @@ -24,4 +24,4 @@ maintainers: - email: support@speedscale.com name: Speedscale Support name: speedscale-operator -version: 1.3.21 +version: 1.3.22 diff --git a/charts/speedscale/speedscale-operator/README.md b/charts/speedscale/speedscale-operator/README.md index ad7a34955..13a25b1a2 100644 --- a/charts/speedscale/speedscale-operator/README.md +++ b/charts/speedscale/speedscale-operator/README.md @@ -101,10 +101,10 @@ _See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documen A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an incompatible breaking change needing manual actions. -### Upgrade to 1.3.21 +### Upgrade to 1.3.22 ```bash -kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.3.21/templates/crds/trafficreplays.yaml +kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.3.22/templates/crds/trafficreplays.yaml ``` ### Upgrade to 1.1.0 diff --git a/charts/speedscale/speedscale-operator/app-readme.md b/charts/speedscale/speedscale-operator/app-readme.md index ad7a34955..13a25b1a2 100644 --- a/charts/speedscale/speedscale-operator/app-readme.md +++ b/charts/speedscale/speedscale-operator/app-readme.md @@ -101,10 +101,10 @@ _See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documen A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an incompatible breaking change needing manual actions. -### Upgrade to 1.3.21 +### Upgrade to 1.3.22 ```bash -kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.3.21/templates/crds/trafficreplays.yaml +kubectl apply --server-side -f https://raw.githubusercontent.com/speedscale/operator-helm/main/1.3.22/templates/crds/trafficreplays.yaml ``` ### Upgrade to 1.1.0 diff --git a/charts/speedscale/speedscale-operator/values.yaml b/charts/speedscale/speedscale-operator/values.yaml index 3e0f8e50e..74132355b 100644 --- a/charts/speedscale/speedscale-operator/values.yaml +++ b/charts/speedscale/speedscale-operator/values.yaml @@ -20,7 +20,7 @@ clusterName: "my-cluster" # Speedscale components image settings. image: registry: gcr.io/speedscale - tag: v1.3.213 + tag: v1.3.227 pullPolicy: Always # Log level for Speedscale components. diff --git a/charts/sysdig/sysdig/CHANGELOG.md b/charts/sysdig/sysdig/CHANGELOG.md index f1114a503..9e0f596e4 100644 --- a/charts/sysdig/sysdig/CHANGELOG.md +++ b/charts/sysdig/sysdig/CHANGELOG.md @@ -10,6 +10,20 @@ Manual edits are supported only below '## Change Log' and should be used exclusively to fix incorrect entries and not to add new ones. ## Change Log +# v1.16.3 +### New Features +* **sysdig** [ec78a545](https://github.com/sysdiglabs/charts/commit/ec78a545637a86aa98c5cef41010c8012bccdfc7): updated legacy engine NIA compoment with latest release. ([#1266](https://github.com/sysdiglabs/charts/issues/1266)) + + * * Resolves possible compatibility issues with Kubernetes 1.26+ (CRI-O container runtime) +* Security updates (July 2023). Fixed CVEs + * CVE-2020-24736 + * CVE-2023-1667 + * CVE-2023-1667 + * CVE-2023-2283 + * CVE-2023-2283 + * CVE-2023-26604 + * CVE-2023-26604 + * CVE-2023-26604 # v1.16.2 ### Chores * **sysdig** [f32bc89b](https://github.com/sysdiglabs/charts/commit/f32bc89be0587f6337a41b56cc5f7de715447d7d): bump agent version to 12.15.0 ([#1199](https://github.com/sysdiglabs/charts/issues/1199)) diff --git a/charts/sysdig/sysdig/Chart.yaml b/charts/sysdig/sysdig/Chart.yaml index af795399d..3b201ebca 100644 --- a/charts/sysdig/sysdig/Chart.yaml +++ b/charts/sysdig/sysdig/Chart.yaml @@ -29,4 +29,4 @@ name: sysdig sources: - https://app.sysdigcloud.com/#/settings/user - https://github.com/draios/sysdig -version: 1.16.2 +version: 1.16.3 diff --git a/charts/sysdig/sysdig/README.md b/charts/sysdig/sysdig/README.md index 3015f6f39..7a054efd0 100644 --- a/charts/sysdig/sysdig/README.md +++ b/charts/sysdig/sysdig/README.md @@ -222,7 +222,7 @@ The following table lists the configurable parameters of the Sysdig chart and th | `nodeAnalyzer.pullSecrets` | The image pull secrets for the Node Analyzer containers. | `nil` | | `nodeAnalyzer.imageAnalyzer.deploy` | Deploys the Image Analyzer. | `true ` | | `nodeAnalyzer.imageAnalyzer.image.repository` | The image repository to pull the Node Image Analyzer from. | `sysdig/node-image-analyzer` | -| `nodeAnalyzer.imageAnalyzer.image.tag` | The image tag to pull the Node Image Analyzer. | `0.1.27` | +| `nodeAnalyzer.imageAnalyzer.image.tag` | The image tag to pull the Node Image Analyzer. | `0.1.28` | | `nodeAnalyzer.imageAnalyzer.image.digest` | The image digest to pull. | ` ` | | `nodeAnalyzer.imageAnalyzer.image.pullPolicy` | The Image pull policy for the Node Image Analyzer. | `IfNotPresent` | | `nodeAnalyzer.imageAnalyzer.dockerSocketPath` | The Docker socket path. | | @@ -323,7 +323,7 @@ The following table lists the configurable parameters of the Sysdig chart and th | `nodeImageAnalyzer.settings.httpsProxy` | The secure proxy configuration variables. | | | `nodeImageAnalyzer.settings.noProxy` | The no proxy configuration variables. | | | `nodeImageAnalyzer.image.repository` | The image repository to pull the Node Image Analyzer from. | `sysdig/node-image-analyzer` | -| `nodeImageAnalyzer.image.tag` | The image tag to pull the Node Image Analyzer. | `0.1.27` | +| `nodeImageAnalyzer.image.tag` | The image tag to pull the Node Image Analyzer. | `0.1.28` | | `nodeImageAnalyzer.imagedigest` | The image digest to pull. | ` ` | | `nodeImageAnalyzer.image.pullPolicy` | The Image pull policy for the Node Image Analyzer. | `IfNotPresent` | | `nodeImageAnalyzer.image.pullSecrets` | Image pull secrets for the Node Image Analyzer. | `nil` | diff --git a/charts/sysdig/sysdig/RELEASE-NOTES.md b/charts/sysdig/sysdig/RELEASE-NOTES.md index 8ea6dd922..38a6d50e9 100644 --- a/charts/sysdig/sysdig/RELEASE-NOTES.md +++ b/charts/sysdig/sysdig/RELEASE-NOTES.md @@ -1,6 +1,16 @@ # What's Changed -### Chores -- **sysdig** [f32bc89b](https://github.com/sysdiglabs/charts/commit/f32bc89be0587f6337a41b56cc5f7de715447d7d): bump agent version to 12.15.0 ([#1199](https://github.com/sysdiglabs/charts/issues/1199)) +### New Features +- **sysdig** [ec78a545](https://github.com/sysdiglabs/charts/commit/ec78a545637a86aa98c5cef41010c8012bccdfc7): updated legacy engine NIA compoment with latest release. ([#1266](https://github.com/sysdiglabs/charts/issues/1266)) -#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.9.1...sysdig-1.16.2 + * * Resolves possible compatibility issues with Kubernetes 1.26+ (CRI-O container runtime) +* Security updates (July 2023). Fixed CVEs + * CVE-2020-24736 + * CVE-2023-1667 + * CVE-2023-1667 + * CVE-2023-2283 + * CVE-2023-2283 + * CVE-2023-26604 + * CVE-2023-26604 + * CVE-2023-26604 +#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.15.1...sysdig-1.16.3 diff --git a/charts/sysdig/sysdig/values.yaml b/charts/sysdig/sysdig/values.yaml index e08d4f813..288c37f2b 100644 --- a/charts/sysdig/sysdig/values.yaml +++ b/charts/sysdig/sysdig/values.yaml @@ -220,7 +220,7 @@ nodeImageAnalyzer: deploy: false image: repository: sysdig/node-image-analyzer - tag: 0.1.27 + tag: 0.1.28 digest: pullPolicy: IfNotPresent # pullSecrets: @@ -406,7 +406,7 @@ nodeAnalyzer: deploy: true image: repository: sysdig/node-image-analyzer - tag: 0.1.27 + tag: 0.1.28 digest: pullPolicy: IfNotPresent diff --git a/index.yaml b/index.yaml index 08458b199..bf17fdd73 100644 --- a/index.yaml +++ b/index.yaml @@ -80,6 +80,50 @@ entries: - assets/datawiza/access-broker-0.1.1.tgz version: 0.1.1 airflow: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Apache Airflow + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: airflow + category: WorkFlow + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 2.6.3 + created: "2023-07-26T12:01:01.194053005Z" + dependencies: + - condition: redis.enabled + name: redis + repository: file://./charts/redis + version: 17.x.x + - condition: postgresql.enabled + name: postgresql + repository: file://./charts/postgresql + version: 12.x.x + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: Apache Airflow is a tool to express and execute workflows as directed + acyclic graphs (DAGs). It includes utilities to schedule tasks, monitor task + progress and handle task dependencies. + digest: 959f8d4a36eaf8fdd4328218827f5c71bb7c679bd3d9e6b2b01342675cca66f3 + home: https://bitnami.com + icon: https://svn.apache.org/repos/asf/comdev/project-logos/originals/airflow-1.svg + keywords: + - apache + - airflow + - workflow + - dag + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: airflow + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/airflow + urls: + - assets/bitnami/airflow-14.3.5.tgz + version: 14.3.5 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Apache Airflow @@ -1361,7 +1405,7 @@ entries: - annotations: artifacthub.io/changes: | - kind: changed - description: Update to app version 2.7.8 + description: Update to app version v2.7.9 artifacthub.io/signKey: | fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 url: https://argoproj.github.io/argo-helm/pgp_keys.asc @@ -1371,8 +1415,8 @@ entries: catalog.cattle.io/kube-version: '>=1.23.0-0' catalog.cattle.io/release-name: argo-cd apiVersion: v2 - appVersion: v2.7.8 - created: "2023-07-24T16:45:09.085047495Z" + appVersion: v2.7.9 + created: "2023-07-26T12:01:00.01859168Z" dependencies: - condition: redis-ha.enabled name: redis-ha @@ -1380,7 +1424,46 @@ entries: version: 4.23.0 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. - digest: 926c29565c716e9b812ca45566dd9b0570457d168e93b9cbf1eab768d6e18790 + digest: a53f249d2e5967f1960e66fd37c8cd47ac6664e2c61880058a4b0c08a755b24c + home: https://github.com/argoproj/argo-helm + icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png + keywords: + - argoproj + - argocd + - gitops + kubeVersion: '>=1.23.0-0' + maintainers: + - name: argoproj + url: https://argoproj.github.io/ + name: argo-cd + sources: + - https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd + - https://github.com/argoproj/argo-cd + urls: + - assets/argo/argo-cd-5.41.2.tgz + version: 5.41.2 + - annotations: + artifacthub.io/changes: | + - kind: changed + description: Update to app version 2.7.8 + artifacthub.io/signKey: | + fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252 + url: https://argoproj.github.io/argo-helm/pgp_keys.asc + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Argo CD + catalog.cattle.io/kube-version: '>=1.23.0-0' + catalog.cattle.io/release-name: argo-cd + apiVersion: v2 + appVersion: v2.7.8 + created: "2023-07-26T12:00:43.841656428Z" + dependencies: + - condition: redis-ha.enabled + name: redis-ha + repository: file://./charts/redis-ha + version: 4.23.0 + description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery + tool for Kubernetes. + digest: f8da4eacf538547b957533c103d9fb5de1db47a3bedd2f02a3504b054209efd9 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -9363,6 +9446,31 @@ entries: - assets/citrix/citrix-cpx-istio-sidecar-injector-1.11.0.tgz version: 1.11.0 citrix-cpx-with-ingress-controller: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Citrix Cpx with Ingress Controller + catalog.cattle.io/kube-version: '>=v1.16.0-0' + catalog.cattle.io/release-name: citrix-cpx-with-ingress-controller + apiVersion: v2 + appVersion: 1.34.16 + created: "2023-07-26T12:01:03.326882581Z" + description: A Helm chart for Citrix ADC CPX with Citrix ingress Controller running + as sidecar. + digest: b278133babdb46def355267203690ffa4fb563fd7e5dc990c96ff5b4497e2bf0 + home: https://www.cloud.com + icon: https://raw.githubusercontent.com/citrix/citrix-helm-charts/gh-pages/icon.png + kubeVersion: '>=v1.16.0-0' + maintainers: + - email: priyanka.sharma@cloud.com + name: priyankash-citrix + - email: subash.dangol@cloud.com + name: subashd + name: citrix-cpx-with-ingress-controller + sources: + - https://github.com/citrix/citrix-k8s-ingress-controller + urls: + - assets/citrix/citrix-cpx-with-ingress-controller-1.34.16.tgz + version: 1.34.16 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Citrix Cpx with Ingress Controller @@ -9536,6 +9644,30 @@ entries: - assets/citrix/citrix-cpx-with-ingress-controller-1.8.2800.tgz version: 1.8.2800 citrix-ingress-controller: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Citrix Ingress Controller + catalog.cattle.io/kube-version: '>=v1.16.0-0' + catalog.cattle.io/release-name: citrix-ingress-controller + apiVersion: v2 + appVersion: 1.34.16 + created: "2023-07-26T12:01:03.345551921Z" + description: A Helm chart for Citrix Ingress Controller configuring MPX/VPX. + digest: 25786c3a766966cb906575322c81086925bbc810ab423a331463d3ad23e32b33 + home: https://www.cloud.com + icon: https://raw.githubusercontent.com/citrix/citrix-helm-charts/gh-pages/icon.png + kubeVersion: '>=v1.16.0-0' + maintainers: + - email: priyanka.sharma@cloud.com + name: priyankash-citrix + - email: subash.dangol@cloud.com + name: subashd + name: citrix-ingress-controller + sources: + - https://github.com/citrix/citrix-k8s-ingress-controller + urls: + - assets/citrix/citrix-ingress-controller-1.34.16.tgz + version: 1.34.16 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Citrix Ingress Controller @@ -9935,6 +10067,27 @@ entries: - assets/cloudcasa/cloudcasa-0.1.000.tgz version: 0.1.000 cockroachdb: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: CockroachDB + catalog.cattle.io/kube-version: '>=1.8-0' + catalog.cattle.io/release-name: cockroachdb + apiVersion: v1 + appVersion: 23.1.6 + created: "2023-07-26T12:01:03.420986196Z" + description: CockroachDB is a scalable, survivable, strongly-consistent SQL database. + digest: 1f0795dd3e7aa75a0ee26a1ed769387be89d11524eb2c59430f098a0188dff53 + home: https://www.cockroachlabs.com + icon: https://raw.githubusercontent.com/cockroachdb/cockroach/master/docs/media/cockroach_db.png + maintainers: + - email: helm-charts@cockroachlabs.com + name: cockroachlabs + name: cockroachdb + sources: + - https://github.com/cockroachdb/cockroach + urls: + - assets/cockroach-labs/cockroachdb-11.1.3.tgz + version: 11.1.3 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: CockroachDB @@ -14909,6 +15062,39 @@ entries: - assets/datadog/datadog-2.4.200.tgz version: 2.4.200 datadog-operator: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Datadog Operator + catalog.cattle.io/release-name: datadog-operator + apiVersion: v2 + appVersion: 1.0.3 + created: "2023-07-26T12:01:04.083331269Z" + dependencies: + - alias: datadogCRDs + condition: installCRDs + name: datadog-crds + repository: file://./charts/datadog-crds + tags: + - install-crds + version: =1.0.1 + description: Datadog Operator + digest: 033215dfd35baf7e194c887ac2e52770f46ee3d3bf2640f03a83f8f5ec67f73f + home: https://www.datadoghq.com + icon: https://datadog-live.imgix.net/img/dd_logo_70x75.png + keywords: + - monitoring + - alerting + - metric + maintainers: + - email: support@datadoghq.com + name: Datadog + name: datadog-operator + sources: + - https://app.datadoghq.com/account/settings#agent/kubernetes + - https://github.com/DataDog/datadog-agent + urls: + - assets/datadog/datadog-operator-1.0.7.tgz + version: 1.0.7 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Datadog Operator @@ -15485,6 +15671,33 @@ entries: - assets/dynatrace/dynatrace-oneagent-operator-0.8.000.tgz version: 0.8.000 dynatrace-operator: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Dynatrace Operator + catalog.cattle.io/kube-version: '>=1.19.0-0' + catalog.cattle.io/release-name: dynatrace-operator + apiVersion: v2 + appVersion: 0.12.1 + created: "2023-07-26T12:01:04.145697306Z" + description: The Dynatrace Operator Helm chart for Kubernetes and OpenShift + digest: 516c10e5a2fdb05e3c751d115b35716b1aee340a0f4c7a256240447a517f77f4 + home: https://www.dynatrace.com/ + icon: https://assets.dynatrace.com/global/resources/Signet_Logo_RGB_CP_512x512px.png + kubeVersion: '>=1.19.0-0' + maintainers: + - email: marcell.sevcsik@dynatrace.com + name: 0sewa0 + - email: christoph.muellner@dynatrace.com + name: chrismuellner + - email: lukas.hinterreiter@dynatrace.com + name: luhi-DT + name: dynatrace-operator + sources: + - https://github.com/Dynatrace/dynatrace-operator + type: application + urls: + - assets/dynatrace/dynatrace-operator-0.12.1.tgz + version: 0.12.1 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Dynatrace Operator @@ -18376,6 +18589,34 @@ entries: - assets/gopaddle/gopaddle-4.2.5.tgz version: 4.2.5 haproxy: + - annotations: + artifacthub.io/changes: | + - Use Ingress Controller 1.10.5 version for base image + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: HAProxy Kubernetes Ingress Controller + catalog.cattle.io/kube-version: '>=1.22.0-0' + catalog.cattle.io/release-name: haproxy + apiVersion: v2 + appVersion: 1.10.5 + created: "2023-07-26T12:01:04.516554965Z" + description: A Helm chart for HAProxy Kubernetes Ingress Controller + digest: f21fff41713537786d66a34ab084f2dba445bca5acf88d9c680b10052901c7d9 + home: https://github.com/haproxytech/helm-charts/tree/main/kubernetes-ingress + icon: https://raw.githubusercontent.com/haproxytech/helm-charts/main/kubernetes-ingress/chart-icon.png + keywords: + - ingress + - haproxy + kubeVersion: '>=1.22.0-0' + maintainers: + - email: dkorunic@haproxy.com + name: Dinko Korunic + name: haproxy + sources: + - https://github.com/haproxytech/kubernetes-ingress + type: application + urls: + - assets/haproxy/haproxy-1.32.2.tgz + version: 1.32.2 - annotations: artifacthub.io/changes: | - Update CRDs to v1alpha2 (#200) @@ -23623,6 +23864,47 @@ entries: - assets/kasten/k10-4.5.900.tgz version: 4.5.900 kafka: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Apache Kafka + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: kafka + category: Infrastructure + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 3.5.1 + created: "2023-07-26T12:01:01.612857039Z" + dependencies: + - condition: zookeeper.enabled + name: zookeeper + repository: file://./charts/zookeeper + version: 11.x.x + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: Apache Kafka is a distributed streaming platform designed to build + real-time pipelines and can be used as a message broker or as a replacement + for a log aggregation solution for big data applications. + digest: 0d927bc5e1093f7b555ad9e16d9fc73846c8ac22acd480fe794b868785c36e13 + home: https://bitnami.com + icon: https://svn.apache.org/repos/asf/comdev/project-logos/originals/kafka.svg + keywords: + - kafka + - zookeeper + - streaming + - producer + - consumer + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: kafka + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/kafka + urls: + - assets/bitnami/kafka-23.0.7.tgz + version: 23.0.7 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Apache Kafka @@ -27529,6 +27811,43 @@ entries: - assets/elastic/logstash-7.17.3.tgz version: 7.17.3 mariadb: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: MariaDB + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: mariadb + category: Database + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 10.11.4 + created: "2023-07-26T12:01:01.731532102Z" + dependencies: + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: MariaDB is an open source, community-developed SQL database server + that is widely in use around the world due to its enterprise features, flexibility, + and collaboration with leading tech firms. + digest: e4d11ff8554957ac94c09d57b1dcec6f908c2c6842f8922ea1771d85db52f978 + home: https://bitnami.com + icon: https://mariadb.com/wp-content/uploads/2019/11/mariadb-logo-vert_black-transparent.png + keywords: + - mariadb + - mysql + - database + - sql + - prometheus + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: mariadb + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/mariadb + urls: + - assets/bitnami/mariadb-12.2.9.tgz + version: 12.2.9 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: MariaDB @@ -28921,6 +29240,43 @@ entries: - assets/minio/minio-operator-4.4.1700.tgz version: 4.4.1700 mysql: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: MySQL + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: mysql + category: Database + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 8.0.34 + created: "2023-07-26T12:01:01.76161205Z" + dependencies: + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: MySQL is a fast, reliable, scalable, and easy to use open source + relational database system. Designed to handle mission-critical, heavy-load + production applications. + digest: 30902a1190dc52614381d7c34e2c616a5a49bdb4857f790fa3be2d718c57f5dd + home: https://bitnami.com + icon: https://www.mysql.com/common/logos/logo-mysql-170x115.png + keywords: + - mysql + - database + - sql + - cluster + - high availability + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: mysql + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/mysql + urls: + - assets/bitnami/mysql-9.10.9.tgz + version: 9.10.9 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: MySQL @@ -34206,6 +34562,44 @@ entries: - assets/portworx/portworx-essentials-2.9.100.tgz version: 2.9.100 postgresql: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: PostgreSQL + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: postgresql + category: Database + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 15.3.0 + created: "2023-07-26T12:01:02.025617362Z" + dependencies: + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: PostgreSQL (Postgres) is an open source object-relational database + known for reliability and data integrity. ACID-compliant, it supports foreign + keys, joins, views, triggers and stored procedures. + digest: a9188659ff58a7f497df8373d26736764e63ebd946cfb6d19910c2313eaf0467 + home: https://bitnami.com + icon: https://wiki.postgresql.org/images/a/a4/PostgreSQL_logo.3colors.svg + keywords: + - postgresql + - postgres + - database + - sql + - replication + - cluster + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: postgresql + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/postgresql + urls: + - assets/bitnami/postgresql-12.7.0.tgz + version: 12.7.0 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: PostgreSQL @@ -36317,6 +36711,41 @@ entries: - assets/quobyte/quobyte-cluster-0.1.5.tgz version: 0.1.5 redis: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Redis + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: redis + category: Database + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 7.0.12 + created: "2023-07-26T12:01:02.104953808Z" + dependencies: + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: Redis(R) is an open source, advanced key-value store. It is often + referred to as a data structure server since keys can contain strings, hashes, + lists, sets and sorted sets. + digest: c36bb041278b29bdcd102d28e471dea74c432890612c1e5dd04d9219d79a4f20 + home: https://bitnami.com + icon: https://redis.com/wp-content/uploads/2021/08/redis-logo.png + keywords: + - redis + - keyvalue + - database + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: redis + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/redis + urls: + - assets/bitnami/redis-17.14.1.tgz + version: 17.14.1 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Redis @@ -37635,6 +38064,46 @@ entries: - assets/bitnami/redis-17.3.7.tgz version: 17.3.7 redpanda: + - annotations: + artifacthub.io/images: | + - name: redpanda + image: docker.redpanda.com/redpandadata/redpanda:v23.2.2 + - name: busybox + image: busybox:latest + - name: mintel/docker-alpine-bash-curl-jq + image: mintel/docker-alpine-bash-curl-jq:latest + artifacthub.io/license: Apache-2.0 + artifacthub.io/links: | + - name: Documentation + url: https://docs.redpanda.com + - name: "Helm (>= 3.6.0)" + url: https://helm.sh/docs/intro/install/ + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Redpanda + catalog.cattle.io/kube-version: '>=1.21-0' + catalog.cattle.io/release-name: redpanda + apiVersion: v2 + appVersion: v23.2.2 + created: "2023-07-26T12:01:07.779249634Z" + dependencies: + - condition: console.enabled + name: console + repository: file://./charts/console + version: '>=0.5 <1.0' + description: Redpanda is the real-time engine for modern apps. + digest: 7a97f024715b37cd390943fc39ac0a4d62c95d510ccb42500a59f71e9a080214 + icon: https://images.ctfassets.net/paqvtpyf8rwu/3cYHw5UzhXCbKuR24GDFGO/73fb682e6157d11c10d5b2b5da1d5af0/skate-stand-panda.svg + kubeVersion: '>=1.21-0' + maintainers: + - name: redpanda-data + url: https://github.com/orgs/redpanda-data/people + name: redpanda + sources: + - https://github.com/redpanda-data/helm-charts + type: application + urls: + - assets/redpanda/redpanda-5.0.3.tgz + version: 5.0.3 - annotations: artifacthub.io/images: | - name: redpanda @@ -41569,6 +42038,37 @@ entries: - assets/bitnami/spark-6.3.8.tgz version: 6.3.8 speedscale-operator: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Speedscale Operator + catalog.cattle.io/kube-version: '>= 1.17.0-0' + catalog.cattle.io/release-name: speedscale-operator + apiVersion: v1 + appVersion: 1.3.227 + created: "2023-07-26T12:01:07.868980109Z" + description: Stress test your APIs with real world scenarios. Collect and replay + traffic without scripting. + digest: 1c074860fac49ed89f4d51af02452830ec981457792365d8598246141cf25c70 + home: https://speedscale.com + icon: https://raw.githubusercontent.com/speedscale/assets/main/logo/gold_logo_only.png + keywords: + - speedscale + - test + - testing + - regression + - reliability + - load + - replay + - network + - traffic + kubeVersion: '>= 1.17.0-0' + maintainers: + - email: support@speedscale.com + name: Speedscale Support + name: speedscale-operator + urls: + - assets/speedscale/speedscale-operator-1.3.22.tgz + version: 1.3.22 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Speedscale Operator @@ -43140,6 +43640,42 @@ entries: - assets/sumologic/sumologic-2.17.0.tgz version: 2.17.0 sysdig: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Sysdig + catalog.cattle.io/release-name: sysdig + apiVersion: v1 + appVersion: 12.15.0 + created: "2023-07-26T12:01:08.182593262Z" + description: Sysdig Monitor and Secure agent + digest: 8e17700d4229f7348bb41fb35fc3af38f9f425a04a302587f35e8b865ba045fb + home: https://www.sysdig.com/ + icon: https://avatars.githubusercontent.com/u/5068817?s=200&v=4 + keywords: + - monitoring + - security + - alerting + - metric + - troubleshooting + - run-time + maintainers: + - email: lachlan@deis.com + name: lachie83 + - email: jorge.salamero@sysdig.com + name: bencer + - email: nestor.salceda@sysdig.com + name: nestorsalceda + - email: alvaro.iradier@sysdig.com + name: airadier + - email: carlos.arilla@sysdig.com + name: carillan81 + name: sysdig + sources: + - https://app.sysdigcloud.com/#/settings/user + - https://github.com/draios/sysdig + urls: + - assets/sysdig/sysdig-1.16.3.tgz + version: 1.16.3 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Sysdig