andata
/
rancher-partner-charts
mirror of https://git.rancher.io/partner-charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #654 from nflondo/main-source 

Charts CI
pull/630/head
alex-isv 2023-01-31 10:25:10 -07:00 committed by GitHub
parent 8775f22c66 bf5dfc1790
commit 865f9fe49b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
175 changed files with 4447 additions and 600 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
assets/aquarist-labs/s3gw-0.11.0.tgz Normal file
View File

Binary file not shown.

BIN
assets/argo/argo-cd-5.19.12.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/airflow-14.0.10.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/kafka-20.0.6.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/mariadb-11.4.5.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/postgresql-12.1.13.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/spark-6.3.16.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/tomcat-10.5.10.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/wordpress-15.2.36.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/zookeeper-11.1.2.tgz Normal file
View File

Binary file not shown.

BIN
assets/citrix/citrix-cpx-with-ingress-controller-1.29.5.tgz Normal file
View File

Binary file not shown.

BIN
assets/citrix/citrix-ingress-controller-1.29.5.tgz Normal file
View File

Binary file not shown.

BIN
assets/crate/crate-operator-2.22.0.tgz Normal file
View File

Binary file not shown.

BIN
assets/gitlab/gitlab-6.8.1.tgz Normal file
View File

Binary file not shown.

BIN
assets/instana/instana-agent-1.2.52.tgz Normal file
View File

Binary file not shown.

BIN
assets/jfrog/artifactory-ha-107.49.6.tgz Normal file
View File

Binary file not shown.

BIN
assets/jfrog/artifactory-jcr-107.49.6.tgz Normal file
View File

Binary file not shown.

BIN
assets/kuma/kuma-2.1.0.tgz Normal file
View File

Binary file not shown.

BIN
assets/mongodb/community-operator-0.7.8.tgz Normal file
View File

Binary file not shown.

BIN
assets/redpanda/redpanda-2.6.3.tgz Normal file
View File

Binary file not shown.

2
charts/aquarist-labs/s3gw/Chart.yaml
View File

@ -26,4 +26,4 @@ sources:
- https://github.com/aquarist-labs/s3gw - https://github.com/aquarist-labs/s3gw
- https://github.com/aquarist-labs/ceph - https://github.com/aquarist-labs/ceph
type: application type: application
version: 0.10.0 version: 0.11.0

68
charts/aquarist-labs/s3gw/README.md
View File

@ -1,45 +1,61 @@
# Quickstart # [s3gw][s3gw-url]
To install s3gw using Helm add the chart to your Helm repos and then run `helm s3gw is an S3-compatible service focused on deployments in a Kubernetes
install`: environment backed by any PVC, including Longhorn. Since its inception, the
primary focus has been on cloud native deployments. However, the s3gw can be
deployed in a myriad of scenarios, provided some form of storage is attached.
s3gw is based on Cephs RADOSGW (RGW) but runs as a standalone service without
the RADOS cluster and relies on a storage backend still under heavy development
by the storage team at SUSE. A web-based UI for management and an object
explorer are also part of s3gw.
## Quickstart
To install s3gw using Helm add the chart to your Helm repository and then run
`helm install`:
```bash ```bash
helm add repo s3gw https://aquarist-labs.github.io/s3gw-charts/ helm add repo s3gw https://aquarist-labs.github.io/s3gw-charts/
helm --namespace s3gw-system install s3gw s3gw/s3gw --create-namespace helm \
``` --namespace s3gw-system \
install s3gw \
In order to install s3gw using Helm, from this repository directly, first you s3gw/s3gw \
must clone the repo:
```bash
git clone https://github.com/aquarist-labs/s3gw-charts.git
```
Before installing, familiarize yourself with the options, if necessary provide
your own `values.yaml` file.
Then change into the repository and install using Helm:
```bash
cd s3gw-charts
helm install $RELEASE_NAME charts/s3gw \
--namespace $S3GW_NAMESPACE \
--create-namespace \ --create-namespace \
-f /path/to/your/custom/values.yaml -f /path/to/your/custom/values.yaml
``` ```
## Rancher ## Rancher
Installing s3gw via the Rancher App Catalog is made easy, the steps are as follows: Installing s3gw via the Rancher App Catalog is made easy, the steps are as
follows:
- Cluster -> Projects/Namespaces - create the `s3gw` namespace. - Cluster -> Projects/Namespaces - create the `s3gw` namespace.
- Apps -> Repositories -> Create `s3gw` using the s3gw-charts Git URL - Apps -> Repositories -> Create `s3gw` using the s3gw-charts Git URL
<https://aquarist-labs.github.io/s3gw-charts/> and the `main` branch. <https://aquarist-labs.github.io/s3gw-charts/> and the `main` branch.
- Apps -> Charts -> Install `Traefik`. - Apps -> Charts -> Install `Traefik`.
- Apps -> Charts -> Install `s3gw`. Select the `s3gw` namespace previously created. - Apps -> Charts -> Install `s3gw`. Select the `s3gw` namespace previously
A `pvc` for `s3gw` will be created automatically during installation. created. A `pvc` for `s3gw` will be created automatically during installation.
## Documentation ## Documentation
You can access our documentation [here][1]. You can access our documentation [here][docs-url].
[1]: https://s3gw-docs.readthedocs.io/en/latest/helm-charts/ ## License
Licensed under the Apache License, Version 2.0 (the "License");
you may not use licensed files except in compliance with the License.
You may obtain a copy of the License at
<http://www.apache.org/licenses/LICENSE-2.0>
or the LICENSE file in this repository.
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
[s3gw-url]: https://s3gw.io
[docs-url]: https://s3gw-docs.readthedocs.io/en/latest/helm-charts/

28
charts/aquarist-labs/s3gw/questions.yaml
View File

@ -101,19 +101,39 @@ questions:
type: string type: string
group: "General" group: "General"
- variable: defaultUserCredentialsSecret
default: s3gw-creds
description: |
"The name of the secret containing the
S3 credentials for the default user"
type: string
group: "General"
- variable: useExistingSecret
default: false
description: |
"Check this to use a preexisting secret
containing the S3 credentials for the default user"
type: boolean
group: "General"
- variable: accessKey - variable: accessKey
show_if: "useExistingSecret=false"
default: test default: test
description: "S3 Access Key" description: |
"Set this as the empty string to make the Chart
to compute a random alphanumeric value"
label: "S3 Access Key" label: "S3 Access Key"
required: true
type: string type: string
group: "General" group: "General"
- variable: secretKey - variable: secretKey
show_if: "useExistingSecret=false"
default: test default: test
description: "S3 Secret Key" description: |
"Set this as the empty string to make the Chart
to compute a random alphanumeric value"
label: "S3 Secret Key" label: "S3 Secret Key"
required: true
type: string type: string
group: "General" group: "General"

16
charts/aquarist-labs/s3gw/templates/NOTES.txt
View File

@ -0,0 +1,16 @@
Thank you for installing {{ .Chart.Name }} {{ printf "v%s" .Chart.Version }}
The S3 endpoint is available at:
{{ printf "%s.%s" .Values.serviceName .Values.publicDomain | indent 4 }}
{{ if .Values.ui.enabled}}
and the web interface is available at:
{{ printf "%s.%s" .Values.ui.serviceName .Values.ui.publicDomain | indent 4 }}
{{- end }}
{{ if and (not .Values.useExistingSecret) (empty .Values.accessKey) }}
An access key has been generated: {{ include "s3gw.defaultAccessKey" . | quote }}
{{- end }}
{{- if and (not .Values.useExistingSecret) (empty .Values.secretKey) }}
A secret key has been generated: {{ include "s3gw.defaultSecretKey" . | quote }}
{{ end }}

13
charts/aquarist-labs/s3gw/templates/_helpers.tpl
View File

@ -97,3 +97,16 @@ Image Pull Secret
{{- $au := (printf "%s:%s" $un $pw | b64enc) }} {{- $au := (printf "%s:%s" $un $pw | b64enc) }}
{{- printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}}}" $rg $un $pw $em $au | b64enc}} {{- printf "{\"auths\":{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}}}" $rg $un $pw $em $au | b64enc}}
{{- end }} {{- end }}
{{/*
Default Access Credentials
*/}}
{{- define "s3gw.defaultAccessKey" -}}
{{- $key := default (randAlphaNum 32) .Values.accessKey }}
{{- printf "%s" $key }}
{{- end }}
{{- define "s3gw.defaultSecretKey" -}}
{{- $key := default (randAlphaNum 32) .Values.secretKey }}
{{- printf "%s" $key }}
{{- end }}

4
charts/aquarist-labs/s3gw/templates/deployment.yaml
View File

@ -48,7 +48,7 @@ spec:
name: s3-tls name: s3-tls
envFrom: envFrom:
- secretRef: - secretRef:
name: s3gw-secret name: {{ .Values.defaultUserCredentialsSecret }}
volumeMounts: volumeMounts:
- name: s3gw-lh-store - name: s3gw-lh-store
mountPath: /data mountPath: /data
@ -96,5 +96,5 @@ spec:
- configMapRef: - configMapRef:
name: s3gw-config name: s3gw-config
- secretRef: - secretRef:
name: s3gw-secret name: {{ .Values.defaultUserCredentialsSecret }}
{{- end }} {{- end }}

8
charts/aquarist-labs/s3gw/templates/secret.yaml
View File

@ -1,15 +1,17 @@
{{- if not .Values.useExistingSecret }}
--- ---
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: '{{ .Chart.Name }}-secret' name: '{{ .Values.defaultUserCredentialsSecret }}'
namespace: {{ .Release.Namespace }} namespace: {{ .Release.Namespace }}
labels: labels:
{{ include "s3gw.labels" . | indent 4 }} {{ include "s3gw.labels" . | indent 4 }}
type: Opaque type: Opaque
stringData: stringData:
RGW_DEFAULT_USER_ACCESS_KEY: {{ .Values.accessKey | quote }} RGW_DEFAULT_USER_ACCESS_KEY: {{ include "s3gw.defaultAccessKey" . | quote }}
RGW_DEFAULT_USER_SECRET_KEY: {{ .Values.secretKey | quote }} RGW_DEFAULT_USER_SECRET_KEY: {{ include "s3gw.defaultSecretKey" . | quote }}
{{- end }}
{{- if .Values.imageCredentials }} {{- if .Values.imageCredentials }}
--- ---
apiVersion: v1 apiVersion: v1

12
charts/aquarist-labs/s3gw/values.yaml
View File

@ -55,9 +55,17 @@ ui:
# #
# 'serviceName' is the service name of S3GW. # 'serviceName' is the service name of S3GW.
serviceName: "s3gw" serviceName: "s3gw"
# 'accessKey' is the S3 Access Key # 'useExistingSecret' use an existing secret containing the S3 credentials
# for the default user
useExistingSecret: false
# 'defaultUserCredentialsSecret' the name of the secret containing
# the S3 Access Key and the S3 Secret Key for the default user.
defaultUserCredentialsSecret: "s3gw-creds"
# 'accessKey' is the S3 Access Key; the value is used when useExistingSecret: false.
# Set this as the empty string to make the Chart to compute a random alphanumeric value.
accessKey: "test" accessKey: "test"
# 'secretKey' is the S3 Secret Key # 'secretKey' is the S3 Secret Key; the value is used when useExistingSecret: false
# Set this as the empty string to make the Chart to compute a random alphanumeric value.
secretKey: "test" secretKey: "test"
# 'publicDomain' is the public domain of S3GW used by the Ingress # 'publicDomain' is the public domain of S3GW used by the Ingress
publicDomain: "be.127.0.0.1.omg.howdoi.website" publicDomain: "be.127.0.0.1.omg.howdoi.website"

7
charts/argo/argo-cd/Chart.yaml
View File

@ -1,12 +1,13 @@
annotations: annotations:
artifacthub.io/changes: | artifacthub.io/changes: |
- "[Added]: Added logFormat, logLevel and extraArgs to Slack bot" - kind: fixed
description: Align changelog structure to show changelogs on Artifact Hub
catalog.cattle.io/certified: partner catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Argo CD catalog.cattle.io/display-name: Argo CD
catalog.cattle.io/kube-version: '>=1.22.0-0' catalog.cattle.io/kube-version: '>=1.22.0-0'
catalog.cattle.io/release-name: argo-cd catalog.cattle.io/release-name: argo-cd
apiVersion: v2 apiVersion: v2
appVersion: v2.5.8 appVersion: v2.5.9
dependencies: dependencies:
- condition: redis-ha.enabled - condition: redis-ha.enabled
name: redis-ha name: redis-ha
@ -28,4 +29,4 @@ name: argo-cd
sources: sources:
- https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd - https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd
- https://github.com/argoproj/argo-cd - https://github.com/argoproj/argo-cd
version: 5.19.9 version: 5.19.12

4
charts/argo/argo-cd/README.md
View File

@ -874,7 +874,7 @@ server:
| redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod |
| redis.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Redis image pull policy | | redis.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Redis image pull policy |
| redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | | redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository |
| redis.image.tag | string | `"7.0.5-alpine"` | Redis tag | | redis.image.tag | string | `"7.0.7-alpine"` | Redis tag |
| redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry | | redis.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry |
| redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.initContainers | list | `[]` | Init containers to add to the redis pod |
| redis.metrics.enabled | bool | `false` | Deploy metrics service | | redis.metrics.enabled | bool | `false` | Deploy metrics service |
@ -932,7 +932,7 @@ The main options are listed here:
| redis-ha.exporter.tag | string | `"1.45.0"` | Tag to use for the redis-exporter | | redis-ha.exporter.tag | string | `"1.45.0"` | Tag to use for the redis-exporter |
| redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy |
| redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping |
| redis-ha.image.tag | string | `"7.0.5-alpine"` | Redis tag | | redis-ha.image.tag | string | `"7.0.7-alpine"` | Redis tag |
| redis-ha.persistentVolume.enabled | bool | `false` | Configures persistency on Redis nodes | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistency on Redis nodes |
| redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) |
| redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled |

4
charts/argo/argo-cd/values.yaml
View File

@ -987,7 +987,7 @@ redis:
# -- Redis repository # -- Redis repository
repository: public.ecr.aws/docker/library/redis repository: public.ecr.aws/docker/library/redis
# -- Redis tag # -- Redis tag
tag: 7.0.5-alpine tag: 7.0.7-alpine
# -- Redis image pull policy # -- Redis image pull policy
# @default -- `""` (defaults to global.image.imagePullPolicy) # @default -- `""` (defaults to global.image.imagePullPolicy)
imagePullPolicy: "" imagePullPolicy: ""
@ -1218,7 +1218,7 @@ redis-ha:
enabled: true enabled: true
image: image:
# -- Redis tag # -- Redis tag
tag: 7.0.5-alpine tag: 7.0.7-alpine
## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ ## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
topologySpreadConstraints: topologySpreadConstraints:

2
charts/bitnami/airflow/Chart.yaml
View File

@ -38,4 +38,4 @@ name: airflow
sources: sources:
- https://github.com/bitnami/containers/tree/main/bitnami/airflow - https://github.com/bitnami/containers/tree/main/bitnami/airflow
- https://airflow.apache.org/ - https://airflow.apache.org/
version: 14.0.9 version: 14.0.10

2
charts/bitnami/airflow/README.md
View File

@ -703,7 +703,7 @@ Refer to the [chart documentation for more information about how to upgrade from
## License ## License
Copyright &copy; 2022 Bitnami Copyright &copy; 2023 Bitnami
Licensed under the Apache License, Version 2.0 (the "License"); Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License. you may not use this file except in compliance with the License.

9
charts/bitnami/airflow/templates/web/tls-secrets.yaml
View File

@ -21,12 +21,13 @@ data:
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- if and .Values.ingress.tls .Values.ingress.selfSigned }} {{- if and .Values.ingress.tls .Values.ingress.selfSigned }}
{{- $secretName := printf "%s-tls" .Values.ingress.hostname }}
{{- $ca := genCA "airflow-ca" 365 }} {{- $ca := genCA "airflow-ca" 365 }}
{{- $cert := genSignedCert .Values.ingress.hostname nil (list .Values.ingress.hostname) 365 $ca }} {{- $cert := genSignedCert .Values.ingress.hostname nil (list .Values.ingress.hostname) 365 $ca }}
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: {{ printf "%s-tls" .Values.ingress.hostname }} name: {{ $secretName }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }} labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }} {{- if .Values.commonLabels }}
@ -37,8 +38,8 @@ metadata:
{{- end }} {{- end }}
type: kubernetes.io/tls type: kubernetes.io/tls
data: data:
tls.crt: {{ $cert.Cert | b64enc | quote }} tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
tls.key: {{ $cert.Key | b64enc | quote }} tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
ca.crt: {{ $ca.Cert | b64enc | quote }} ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
{{- end }} {{- end }}
{{- end }} {{- end }}

2
charts/bitnami/kafka/Chart.yaml
View File

@ -35,4 +35,4 @@ name: kafka
sources: sources:
- https://github.com/bitnami/containers/tree/main/bitnami/kafka - https://github.com/bitnami/containers/tree/main/bitnami/kafka
- https://kafka.apache.org/ - https://kafka.apache.org/
version: 20.0.5 version: 20.0.6

7
charts/bitnami/kafka/templates/tls-secrets.yaml
View File

@ -5,6 +5,7 @@
{{- $fullname := include "common.names.fullname" . }} {{- $fullname := include "common.names.fullname" . }}
{{- $ca := genCA "kafka-ca" 365 }} {{- $ca := genCA "kafka-ca" 365 }}
{{- range $i := until $replicaCount }} {{- range $i := until $replicaCount }}
{{- $secretName := printf "%s-%d-tls" (include "common.names.fullname" $) $i }}
{{- $replicaHost := printf "%s-%d.%s-headless" $fullname $i $fullname }} {{- $replicaHost := printf "%s-%d.%s-headless" $fullname $i $fullname }}
{{- $altNames := list (printf "%s.%s.svc.%s" $replicaHost $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $fullname $releaseNamespace $clusterDomain) (printf "%s.%s" $replicaHost $releaseNamespace) (printf "%s.%s" $fullname $releaseNamespace) $replicaHost $fullname }} {{- $altNames := list (printf "%s.%s.svc.%s" $replicaHost $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $fullname $releaseNamespace $clusterDomain) (printf "%s.%s" $replicaHost $releaseNamespace) (printf "%s.%s" $fullname $releaseNamespace) $replicaHost $fullname }}
{{- $cert := genSignedCert $replicaHost nil $altNames 365 $ca }} {{- $cert := genSignedCert $replicaHost nil $altNames 365 $ca }}
@ -22,9 +23,9 @@ metadata:
{{- end }} {{- end }}
type: kubernetes.io/tls type: kubernetes.io/tls
data: data:
ca.crt: {{ $ca.Cert | b64enc | quote }} tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
tls.crt: {{ $cert.Cert | b64enc | quote }} tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
tls.key: {{ $cert.Key | b64enc | quote }} ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
--- ---
{{- end }} {{- end }}
{{- end }} {{- end }}

2
charts/bitnami/mariadb/Chart.yaml
View File

@ -32,4 +32,4 @@ sources:
- https://github.com/bitnami/containers/tree/main/bitnami/mariadb - https://github.com/bitnami/containers/tree/main/bitnami/mariadb
- https://github.com/prometheus/mysqld_exporter - https://github.com/prometheus/mysqld_exporter
- https://mariadb.org - https://mariadb.org
version: 11.4.4 version: 11.4.5

453
charts/bitnami/mariadb/README.md
View File

@ -7,10 +7,10 @@ MariaDB is an open source, community-developed SQL database server that is widel
[Overview of MariaDB](https://mariadb.org/) [Overview of MariaDB](https://mariadb.org/)
Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement. Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.
## TL;DR ## TL;DR
```bash ```console
$ helm repo add my-repo https://charts.bitnami.com/bitnami $ helm repo add my-repo https://charts.bitnami.com/bitnami
$ helm install my-release my-repo/mariadb $ helm install my-release my-repo/mariadb
``` ```
@ -33,7 +33,8 @@ Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment
To install the chart with the release name `my-release`: To install the chart with the release name `my-release`:
```bash ```console
$ helm repo add my-repo https://charts.bitnami.com/bitnami
$ helm install my-release my-repo/mariadb $ helm install my-release my-repo/mariadb
``` ```
@ -45,7 +46,7 @@ The command deploys MariaDB on the Kubernetes cluster in the default configurati
To uninstall/delete the `my-release` deployment: To uninstall/delete the `my-release` deployment:
```bash ```console
$ helm delete my-release $ helm delete my-release
``` ```
@ -108,184 +109,188 @@ The command removes all the Kubernetes components associated with the chart and
### MariaDB Primary parameters ### MariaDB Primary parameters
| Name | Description | Value | | Name | Description | Value |
| ----------------------------------------------- | ----------------------------------------------------------------------------------------------------------------- | ------------------- | | ----------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------- | ------------------- |
| `primary.name` | Name of the primary database (eg primary, master, leader, ...) | `primary` | | `primary.name` | Name of the primary database (eg primary, master, leader, ...) | `primary` |
| `primary.command` | Override default container command on MariaDB Primary container(s) (useful when using custom images) | `[]` | | `primary.command` | Override default container command on MariaDB Primary container(s) (useful when using custom images) | `[]` |
| `primary.args` | Override default container args on MariaDB Primary container(s) (useful when using custom images) | `[]` | | `primary.args` | Override default container args on MariaDB Primary container(s) (useful when using custom images) | `[]` |
| `primary.lifecycleHooks` | for the MariaDB Primary container(s) to automate configuration before or after startup | `{}` | | `primary.lifecycleHooks` | for the MariaDB Primary container(s) to automate configuration before or after startup | `{}` |
| `primary.hostAliases` | Add deployment host aliases | `[]` | | `primary.hostAliases` | Add deployment host aliases | `[]` |
| `primary.configuration` | MariaDB Primary configuration to be injected as ConfigMap | `""` | | `primary.configuration` | MariaDB Primary configuration to be injected as ConfigMap | `""` |
| `primary.existingConfigmap` | Name of existing ConfigMap with MariaDB Primary configuration. | `""` | | `primary.existingConfigmap` | Name of existing ConfigMap with MariaDB Primary configuration. | `""` |
| `primary.updateStrategy.type` | MariaDB primary statefulset strategy type | `RollingUpdate` | | `primary.updateStrategy.type` | MariaDB primary statefulset strategy type | `RollingUpdate` |
| `primary.rollingUpdatePartition` | Partition update strategy for Mariadb Primary statefulset | `""` | | `primary.rollingUpdatePartition` | Partition update strategy for Mariadb Primary statefulset | `""` |
| `primary.podAnnotations` | Additional pod annotations for MariaDB primary pods | `{}` | | `primary.podAnnotations` | Additional pod annotations for MariaDB primary pods | `{}` |
| `primary.podLabels` | Extra labels for MariaDB primary pods | `{}` | | `primary.podLabels` | Extra labels for MariaDB primary pods | `{}` |
| `primary.podAffinityPreset` | MariaDB primary pod affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `""` | | `primary.podAffinityPreset` | MariaDB primary pod affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `primary.podAntiAffinityPreset` | MariaDB primary pod anti-affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `soft` | | `primary.podAntiAffinityPreset` | MariaDB primary pod anti-affinity preset. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `soft` |
| `primary.nodeAffinityPreset.type` | MariaDB primary node affinity preset type. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `""` | | `primary.nodeAffinityPreset.type` | MariaDB primary node affinity preset type. Ignored if `primary.affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `primary.nodeAffinityPreset.key` | MariaDB primary node label key to match Ignored if `primary.affinity` is set. | `""` | | `primary.nodeAffinityPreset.key` | MariaDB primary node label key to match Ignored if `primary.affinity` is set. | `""` |
| `primary.nodeAffinityPreset.values` | MariaDB primary node label values to match. Ignored if `primary.affinity` is set. | `[]` | | `primary.nodeAffinityPreset.values` | MariaDB primary node label values to match. Ignored if `primary.affinity` is set. | `[]` |
| `primary.affinity` | Affinity for MariaDB primary pods assignment | `{}` | | `primary.affinity` | Affinity for MariaDB primary pods assignment | `{}` |
| `primary.nodeSelector` | Node labels for MariaDB primary pods assignment | `{}` | | `primary.nodeSelector` | Node labels for MariaDB primary pods assignment | `{}` |
| `primary.tolerations` | Tolerations for MariaDB primary pods assignment | `[]` | | `primary.tolerations` | Tolerations for MariaDB primary pods assignment | `[]` |
| `primary.schedulerName` | Name of the k8s scheduler (other than default) | `""` | | `primary.schedulerName` | Name of the k8s scheduler (other than default) | `""` |
| `primary.podManagementPolicy` | podManagementPolicy to manage scaling operation of MariaDB primary pods | `""` | | `primary.podManagementPolicy` | podManagementPolicy to manage scaling operation of MariaDB primary pods | `""` |
| `primary.topologySpreadConstraints` | Topology Spread Constraints for MariaDB primary pods assignment | `[]` | | `primary.topologySpreadConstraints` | Topology Spread Constraints for MariaDB primary pods assignment | `[]` |
| `primary.priorityClassName` | Priority class for MariaDB primary pods assignment | `""` | | `primary.priorityClassName` | Priority class for MariaDB primary pods assignment | `""` |
| `primary.runtimeClassName` | Runtime Class for MariaDB primary pods | `""` | | `primary.runtimeClassName` | Runtime Class for MariaDB primary pods | `""` |
| `primary.podSecurityContext.enabled` | Enable security context for MariaDB primary pods | `true` | | `primary.podSecurityContext.enabled` | Enable security context for MariaDB primary pods | `true` |
| `primary.podSecurityContext.fsGroup` | Group ID for the mounted volumes' filesystem | `1001` | | `primary.podSecurityContext.fsGroup` | Group ID for the mounted volumes' filesystem | `1001` |
| `primary.containerSecurityContext.enabled` | MariaDB primary container securityContext | `true` | | `primary.containerSecurityContext.enabled` | MariaDB primary container securityContext | `true` |
| `primary.containerSecurityContext.runAsUser` | User ID for the MariaDB primary container | `1001` | | `primary.containerSecurityContext.runAsUser` | User ID for the MariaDB primary container | `1001` |
| `primary.containerSecurityContext.runAsNonRoot` | Set Controller container's Security Context runAsNonRoot | `true` | | `primary.containerSecurityContext.runAsNonRoot` | Set primary container's Security Context runAsNonRoot | `true` |
| `primary.resources.limits` | The resources limits for MariaDB primary containers | `{}` | | `primary.containerSecurityContext.privileged` | Set primary container's Security Context privileged | `false` |
| `primary.resources.requests` | The requested resources for MariaDB primary containers | `{}` | | `primary.containerSecurityContext.allowPrivilegeEscalation` | Set primary container's Security Context allowPrivilegeEscalation | `false` |
| `primary.startupProbe.enabled` | Enable startupProbe | `false` | | `primary.resources.limits` | The resources limits for MariaDB primary containers | `{}` |
| `primary.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `120` | | `primary.resources.requests` | The requested resources for MariaDB primary containers | `{}` |
| `primary.startupProbe.periodSeconds` | Period seconds for startupProbe | `15` | | `primary.startupProbe.enabled` | Enable startupProbe | `false` |
| `primary.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | | `primary.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `120` |
| `primary.startupProbe.failureThreshold` | Failure threshold for startupProbe | `10` | | `primary.startupProbe.periodSeconds` | Period seconds for startupProbe | `15` |
| `primary.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | | `primary.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` |
| `primary.livenessProbe.enabled` | Enable livenessProbe | `true` | | `primary.startupProbe.failureThreshold` | Failure threshold for startupProbe | `10` |
| `primary.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | | `primary.startupProbe.successThreshold` | Success threshold for startupProbe | `1` |
| `primary.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | | `primary.livenessProbe.enabled` | Enable livenessProbe | `true` |
| `primary.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | | `primary.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` |
| `primary.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | | `primary.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` |
| `primary.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | | `primary.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` |
| `primary.readinessProbe.enabled` | Enable readinessProbe | `true` | | `primary.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` |
| `primary.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | | `primary.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
| `primary.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | | `primary.readinessProbe.enabled` | Enable readinessProbe | `true` |
| `primary.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | | `primary.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` |
| `primary.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | | `primary.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` |
| `primary.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | | `primary.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` |
| `primary.customStartupProbe` | Override default startup probe for MariaDB primary containers | `{}` | | `primary.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` |
| `primary.customLivenessProbe` | Override default liveness probe for MariaDB primary containers | `{}` | | `primary.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
| `primary.customReadinessProbe` | Override default readiness probe for MariaDB primary containers | `{}` | | `primary.customStartupProbe` | Override default startup probe for MariaDB primary containers | `{}` |
| `primary.startupWaitOptions` | Override default builtin startup wait check options for MariaDB primary containers | `{}` | | `primary.customLivenessProbe` | Override default liveness probe for MariaDB primary containers | `{}` |
| `primary.extraFlags` | MariaDB primary additional command line flags | `""` | | `primary.customReadinessProbe` | Override default readiness probe for MariaDB primary containers | `{}` |
| `primary.extraEnvVars` | Extra environment variables to be set on MariaDB primary containers | `[]` | | `primary.startupWaitOptions` | Override default builtin startup wait check options for MariaDB primary containers | `{}` |
| `primary.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for MariaDB primary containers | `""` | | `primary.extraFlags` | MariaDB primary additional command line flags | `""` |
| `primary.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for MariaDB primary containers | `""` | | `primary.extraEnvVars` | Extra environment variables to be set on MariaDB primary containers | `[]` |
| `primary.persistence.enabled` | Enable persistence on MariaDB primary replicas using a `PersistentVolumeClaim`. If false, use emptyDir | `true` | | `primary.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for MariaDB primary containers | `""` |
| `primary.persistence.existingClaim` | Name of an existing `PersistentVolumeClaim` for MariaDB primary replicas | `""` | | `primary.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for MariaDB primary containers | `""` |
| `primary.persistence.subPath` | Subdirectory of the volume to mount at | `""` | | `primary.persistence.enabled` | Enable persistence on MariaDB primary replicas using a `PersistentVolumeClaim`. If false, use emptyDir | `true` |
| `primary.persistence.storageClass` | MariaDB primary persistent volume storage Class | `""` | | `primary.persistence.existingClaim` | Name of an existing `PersistentVolumeClaim` for MariaDB primary replicas | `""` |
| `primary.persistence.annotations` | MariaDB primary persistent volume claim annotations | `{}` | | `primary.persistence.subPath` | Subdirectory of the volume to mount at | `""` |
| `primary.persistence.accessModes` | MariaDB primary persistent volume access Modes | `["ReadWriteOnce"]` | | `primary.persistence.storageClass` | MariaDB primary persistent volume storage Class | `""` |
| `primary.persistence.size` | MariaDB primary persistent volume size | `8Gi` | | `primary.persistence.annotations` | MariaDB primary persistent volume claim annotations | `{}` |
| `primary.persistence.selector` | Selector to match an existing Persistent Volume | `{}` | | `primary.persistence.accessModes` | MariaDB primary persistent volume access Modes | `["ReadWriteOnce"]` |
| `primary.extraVolumes` | Optionally specify extra list of additional volumes to the MariaDB Primary pod(s) | `[]` | | `primary.persistence.size` | MariaDB primary persistent volume size | `8Gi` |
| `primary.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the MariaDB Primary container(s) | `[]` | | `primary.persistence.selector` | Selector to match an existing Persistent Volume | `{}` |
| `primary.initContainers` | Add additional init containers for the MariaDB Primary pod(s) | `[]` | | `primary.extraVolumes` | Optionally specify extra list of additional volumes to the MariaDB Primary pod(s) | `[]` |
| `primary.sidecars` | Add additional sidecar containers for the MariaDB Primary pod(s) | `[]` | | `primary.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the MariaDB Primary container(s) | `[]` |
| `primary.service.type` | MariaDB Primary Kubernetes service type | `ClusterIP` | | `primary.initContainers` | Add additional init containers for the MariaDB Primary pod(s) | `[]` |
| `primary.service.ports.mysql` | MariaDB Primary Kubernetes service port for MariaDB | `3306` | | `primary.sidecars` | Add additional sidecar containers for the MariaDB Primary pod(s) | `[]` |
| `primary.service.ports.metrics` | MariaDB Primary Kubernetes service port for metrics | `9104` | | `primary.service.type` | MariaDB Primary Kubernetes service type | `ClusterIP` |
| `primary.service.nodePorts.mysql` | MariaDB Primary Kubernetes service node port | `""` | | `primary.service.ports.mysql` | MariaDB Primary Kubernetes service port for MariaDB | `3306` |
| `primary.service.clusterIP` | MariaDB Primary Kubernetes service clusterIP IP | `""` | | `primary.service.ports.metrics` | MariaDB Primary Kubernetes service port for metrics | `9104` |
| `primary.service.loadBalancerIP` | MariaDB Primary loadBalancerIP if service type is `LoadBalancer` | `""` | | `primary.service.nodePorts.mysql` | MariaDB Primary Kubernetes service node port | `""` |
| `primary.service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | | `primary.service.clusterIP` | MariaDB Primary Kubernetes service clusterIP IP | `""` |
| `primary.service.loadBalancerSourceRanges` | Address that are allowed when MariaDB Primary service is LoadBalancer | `[]` | | `primary.service.loadBalancerIP` | MariaDB Primary loadBalancerIP if service type is `LoadBalancer` | `""` |
| `primary.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | | `primary.service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` |
| `primary.service.annotations` | Provide any additional annotations which may be required | `{}` | | `primary.service.loadBalancerSourceRanges` | Address that are allowed when MariaDB Primary service is LoadBalancer | `[]` |
| `primary.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | | `primary.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` |
| `primary.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | | `primary.service.annotations` | Provide any additional annotations which may be required | `{}` |
| `primary.pdb.create` | Enable/disable a Pod Disruption Budget creation for MariaDB primary pods | `false` | | `primary.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` |
| `primary.pdb.minAvailable` | Minimum number/percentage of MariaDB primary pods that must still be available after the eviction | `1` | | `primary.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` |
| `primary.pdb.maxUnavailable` | Maximum number/percentage of MariaDB primary pods that can be unavailable after the eviction | `""` | | `primary.pdb.create` | Enable/disable a Pod Disruption Budget creation for MariaDB primary pods | `false` |
| `primary.revisionHistoryLimit` | Maximum number of revisions that will be maintained in the StatefulSet | `10` | | `primary.pdb.minAvailable` | Minimum number/percentage of MariaDB primary pods that must still be available after the eviction | `1` |
| `primary.pdb.maxUnavailable` | Maximum number/percentage of MariaDB primary pods that can be unavailable after the eviction | `""` |
| `primary.revisionHistoryLimit` | Maximum number of revisions that will be maintained in the StatefulSet | `10` |
### MariaDB Secondary parameters ### MariaDB Secondary parameters
| Name | Description | Value | | Name | Description | Value |
| ------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | ------------------- | | ------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | ------------------- |
| `secondary.name` | Name of the secondary database (eg secondary, slave, ...) | `secondary` | | `secondary.name` | Name of the secondary database (eg secondary, slave, ...) | `secondary` |
| `secondary.replicaCount` | Number of MariaDB secondary replicas | `1` | | `secondary.replicaCount` | Number of MariaDB secondary replicas | `1` |
| `secondary.command` | Override default container command on MariaDB Secondary container(s) (useful when using custom images) | `[]` | | `secondary.command` | Override default container command on MariaDB Secondary container(s) (useful when using custom images) | `[]` |
| `secondary.args` | Override default container args on MariaDB Secondary container(s) (useful when using custom images) | `[]` | | `secondary.args` | Override default container args on MariaDB Secondary container(s) (useful when using custom images) | `[]` |
| `secondary.lifecycleHooks` | for the MariaDB Secondary container(s) to automate configuration before or after startup | `{}` | | `secondary.lifecycleHooks` | for the MariaDB Secondary container(s) to automate configuration before or after startup | `{}` |
| `secondary.hostAliases` | Add deployment host aliases | `[]` | | `secondary.hostAliases` | Add deployment host aliases | `[]` |
| `secondary.configuration` | MariaDB Secondary configuration to be injected as ConfigMap | `""` | | `secondary.configuration` | MariaDB Secondary configuration to be injected as ConfigMap | `""` |
| `secondary.existingConfigmap` | Name of existing ConfigMap with MariaDB Secondary configuration. | `""` | | `secondary.existingConfigmap` | Name of existing ConfigMap with MariaDB Secondary configuration. | `""` |
| `secondary.updateStrategy.type` | MariaDB secondary statefulset strategy type | `RollingUpdate` | | `secondary.updateStrategy.type` | MariaDB secondary statefulset strategy type | `RollingUpdate` |
| `secondary.rollingUpdatePartition` | Partition update strategy for Mariadb Secondary statefulset | `""` | | `secondary.rollingUpdatePartition` | Partition update strategy for Mariadb Secondary statefulset | `""` |
| `secondary.podAnnotations` | Additional pod annotations for MariaDB secondary pods | `{}` | | `secondary.podAnnotations` | Additional pod annotations for MariaDB secondary pods | `{}` |
| `secondary.podLabels` | Extra labels for MariaDB secondary pods | `{}` | | `secondary.podLabels` | Extra labels for MariaDB secondary pods | `{}` |
| `secondary.podAffinityPreset` | MariaDB secondary pod affinity preset. Ignored if `secondary.affinity` is set. Allowed values: `soft` or `hard` | `""` | | `secondary.podAffinityPreset` | MariaDB secondary pod affinity preset. Ignored if `secondary.affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `secondary.podAntiAffinityPreset` | MariaDB secondary pod anti-affinity preset. Ignored if `secondary.affinity` is set. Allowed values: `soft` or `hard` | `soft` | | `secondary.podAntiAffinityPreset` | MariaDB secondary pod anti-affinity preset. Ignored if `secondary.affinity` is set. Allowed values: `soft` or `hard` | `soft` |
| `secondary.nodeAffinityPreset.type` | MariaDB secondary node affinity preset type. Ignored if `secondary.affinity` is set. Allowed values: `soft` or `hard` | `""` | | `secondary.nodeAffinityPreset.type` | MariaDB secondary node affinity preset type. Ignored if `secondary.affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `secondary.nodeAffinityPreset.key` | MariaDB secondary node label key to match Ignored if `secondary.affinity` is set. | `""` | | `secondary.nodeAffinityPreset.key` | MariaDB secondary node label key to match Ignored if `secondary.affinity` is set. | `""` |
| `secondary.nodeAffinityPreset.values` | MariaDB secondary node label values to match. Ignored if `secondary.affinity` is set. | `[]` | | `secondary.nodeAffinityPreset.values` | MariaDB secondary node label values to match. Ignored if `secondary.affinity` is set. | `[]` |
| `secondary.affinity` | Affinity for MariaDB secondary pods assignment | `{}` | | `secondary.affinity` | Affinity for MariaDB secondary pods assignment | `{}` |
| `secondary.nodeSelector` | Node labels for MariaDB secondary pods assignment | `{}` | | `secondary.nodeSelector` | Node labels for MariaDB secondary pods assignment | `{}` |
| `secondary.tolerations` | Tolerations for MariaDB secondary pods assignment | `[]` | | `secondary.tolerations` | Tolerations for MariaDB secondary pods assignment | `[]` |
| `secondary.topologySpreadConstraints` | Topology Spread Constraints for MariaDB secondary pods assignment | `[]` | | `secondary.topologySpreadConstraints` | Topology Spread Constraints for MariaDB secondary pods assignment | `[]` |
| `secondary.priorityClassName` | Priority class for MariaDB secondary pods assignment | `""` | | `secondary.priorityClassName` | Priority class for MariaDB secondary pods assignment | `""` |
| `secondary.runtimeClassName` | Runtime Class for MariaDB secondary pods | `""` | | `secondary.runtimeClassName` | Runtime Class for MariaDB secondary pods | `""` |
| `secondary.schedulerName` | Name of the k8s scheduler (other than default) | `""` | | `secondary.schedulerName` | Name of the k8s scheduler (other than default) | `""` |
| `secondary.podManagementPolicy` | podManagementPolicy to manage scaling operation of MariaDB secondary pods | `""` | | `secondary.podManagementPolicy` | podManagementPolicy to manage scaling operation of MariaDB secondary pods | `""` |
| `secondary.podSecurityContext.enabled` | Enable security context for MariaDB secondary pods | `true` | | `secondary.podSecurityContext.enabled` | Enable security context for MariaDB secondary pods | `true` |
| `secondary.podSecurityContext.fsGroup` | Group ID for the mounted volumes' filesystem | `1001` | | `secondary.podSecurityContext.fsGroup` | Group ID for the mounted volumes' filesystem | `1001` |
| `secondary.containerSecurityContext.enabled` | MariaDB secondary container securityContext | `true` | | `secondary.containerSecurityContext.enabled` | MariaDB secondary container securityContext | `true` |
| `secondary.containerSecurityContext.runAsUser` | User ID for the MariaDB secondary container | `1001` | | `secondary.containerSecurityContext.runAsUser` | User ID for the MariaDB secondary container | `1001` |
| `secondary.containerSecurityContext.runAsNonRoot` | Set Controller container's Security Context runAsNonRoot | `true` | | `secondary.containerSecurityContext.runAsNonRoot` | Set secondary container's Security Context runAsNonRoot | `true` |
| `secondary.resources.limits` | The resources limits for MariaDB secondary containers | `{}` | | `secondary.containerSecurityContext.privileged` | Set secondary container's Security Context privileged | `false` |
| `secondary.resources.requests` | The requested resources for MariaDB secondary containers | `{}` | | `secondary.containerSecurityContext.allowPrivilegeEscalation` | Set secondary container's Security Context allowPrivilegeEscalation | `false` |
| `secondary.startupProbe.enabled` | Enable startupProbe | `false` | | `secondary.resources.limits` | The resources limits for MariaDB secondary containers | `{}` |
| `secondary.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `120` | | `secondary.resources.requests` | The requested resources for MariaDB secondary containers | `{}` |
| `secondary.startupProbe.periodSeconds` | Period seconds for startupProbe | `15` | | `secondary.startupProbe.enabled` | Enable startupProbe | `false` |
| `secondary.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` | | `secondary.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `120` |
| `secondary.startupProbe.failureThreshold` | Failure threshold for startupProbe | `10` | | `secondary.startupProbe.periodSeconds` | Period seconds for startupProbe | `15` |
| `secondary.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | | `secondary.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` |
| `secondary.livenessProbe.enabled` | Enable livenessProbe | `true` | | `secondary.startupProbe.failureThreshold` | Failure threshold for startupProbe | `10` |
| `secondary.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | | `secondary.startupProbe.successThreshold` | Success threshold for startupProbe | `1` |
| `secondary.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | | `secondary.livenessProbe.enabled` | Enable livenessProbe | `true` |
| `secondary.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | | `secondary.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` |
| `secondary.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | | `secondary.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` |
| `secondary.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | | `secondary.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` |
| `secondary.readinessProbe.enabled` | Enable readinessProbe | `true` | | `secondary.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` |
| `secondary.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | | `secondary.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
| `secondary.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | | `secondary.readinessProbe.enabled` | Enable readinessProbe | `true` |
| `secondary.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | | `secondary.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` |
| `secondary.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | | `secondary.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` |
| `secondary.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | | `secondary.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` |
| `secondary.customStartupProbe` | Override default startup probe for MariaDB secondary containers | `{}` | | `secondary.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` |
| `secondary.customLivenessProbe` | Override default liveness probe for MariaDB secondary containers | `{}` | | `secondary.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
| `secondary.customReadinessProbe` | Override default readiness probe for MariaDB secondary containers | `{}` | | `secondary.customStartupProbe` | Override default startup probe for MariaDB secondary containers | `{}` |
| `secondary.startupWaitOptions` | Override default builtin startup wait check options for MariaDB secondary containers | `{}` | | `secondary.customLivenessProbe` | Override default liveness probe for MariaDB secondary containers | `{}` |
| `secondary.extraFlags` | MariaDB secondary additional command line flags | `""` | | `secondary.customReadinessProbe` | Override default readiness probe for MariaDB secondary containers | `{}` |
| `secondary.extraEnvVars` | Extra environment variables to be set on MariaDB secondary containers | `[]` | | `secondary.startupWaitOptions` | Override default builtin startup wait check options for MariaDB secondary containers | `{}` |
| `secondary.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for MariaDB secondary containers | `""` | | `secondary.extraFlags` | MariaDB secondary additional command line flags | `""` |
| `secondary.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for MariaDB secondary containers | `""` | | `secondary.extraEnvVars` | Extra environment variables to be set on MariaDB secondary containers | `[]` |
| `secondary.persistence.enabled` | Enable persistence on MariaDB secondary replicas using a `PersistentVolumeClaim` | `true` | | `secondary.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for MariaDB secondary containers | `""` |
| `secondary.persistence.subPath` | Subdirectory of the volume to mount at | `""` | | `secondary.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for MariaDB secondary containers | `""` |
| `secondary.persistence.storageClass` | MariaDB secondary persistent volume storage Class | `""` | | `secondary.persistence.enabled` | Enable persistence on MariaDB secondary replicas using a `PersistentVolumeClaim` | `true` |
| `secondary.persistence.annotations` | MariaDB secondary persistent volume claim annotations | `{}` | | `secondary.persistence.subPath` | Subdirectory of the volume to mount at | `""` |
| `secondary.persistence.accessModes` | MariaDB secondary persistent volume access Modes | `["ReadWriteOnce"]` | | `secondary.persistence.storageClass` | MariaDB secondary persistent volume storage Class | `""` |
| `secondary.persistence.size` | MariaDB secondary persistent volume size | `8Gi` | | `secondary.persistence.annotations` | MariaDB secondary persistent volume claim annotations | `{}` |
| `secondary.persistence.selector` | Selector to match an existing Persistent Volume | `{}` | | `secondary.persistence.accessModes` | MariaDB secondary persistent volume access Modes | `["ReadWriteOnce"]` |
| `secondary.extraVolumes` | Optionally specify extra list of additional volumes to the MariaDB secondary pod(s) | `[]` | | `secondary.persistence.size` | MariaDB secondary persistent volume size | `8Gi` |
| `secondary.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the MariaDB secondary container(s) | `[]` | | `secondary.persistence.selector` | Selector to match an existing Persistent Volume | `{}` |
| `secondary.initContainers` | Add additional init containers for the MariaDB secondary pod(s) | `[]` | | `secondary.extraVolumes` | Optionally specify extra list of additional volumes to the MariaDB secondary pod(s) | `[]` |
| `secondary.sidecars` | Add additional sidecar containers for the MariaDB secondary pod(s) | `[]` | | `secondary.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the MariaDB secondary container(s) | `[]` |
| `secondary.service.type` | MariaDB secondary Kubernetes service type | `ClusterIP` | | `secondary.initContainers` | Add additional init containers for the MariaDB secondary pod(s) | `[]` |
| `secondary.service.ports.mysql` | MariaDB secondary Kubernetes service port for MariaDB | `3306` | | `secondary.sidecars` | Add additional sidecar containers for the MariaDB secondary pod(s) | `[]` |
| `secondary.service.ports.metrics` | MariaDB secondary Kubernetes service port for metrics | `9104` | | `secondary.service.type` | MariaDB secondary Kubernetes service type | `ClusterIP` |
| `secondary.service.nodePorts.mysql` | MariaDB secondary Kubernetes service node port | `""` | | `secondary.service.ports.mysql` | MariaDB secondary Kubernetes service port for MariaDB | `3306` |
| `secondary.service.clusterIP` | MariaDB secondary Kubernetes service clusterIP IP | `""` | | `secondary.service.ports.metrics` | MariaDB secondary Kubernetes service port for metrics | `9104` |
| `secondary.service.loadBalancerIP` | MariaDB secondary loadBalancerIP if service type is `LoadBalancer` | `""` | | `secondary.service.nodePorts.mysql` | MariaDB secondary Kubernetes service node port | `""` |
| `secondary.service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | | `secondary.service.clusterIP` | MariaDB secondary Kubernetes service clusterIP IP | `""` |
| `secondary.service.loadBalancerSourceRanges` | Address that are allowed when MariaDB secondary service is LoadBalancer | `[]` | | `secondary.service.loadBalancerIP` | MariaDB secondary loadBalancerIP if service type is `LoadBalancer` | `""` |
| `secondary.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` | | `secondary.service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` |
| `secondary.service.annotations` | Provide any additional annotations which may be required | `{}` | | `secondary.service.loadBalancerSourceRanges` | Address that are allowed when MariaDB secondary service is LoadBalancer | `[]` |
| `secondary.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` | | `secondary.service.extraPorts` | Extra ports to expose (normally used with the `sidecar` value) | `[]` |
| `secondary.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | | `secondary.service.annotations` | Provide any additional annotations which may be required | `{}` |
| `secondary.pdb.create` | Enable/disable a Pod Disruption Budget creation for MariaDB secondary pods | `false` | | `secondary.service.sessionAffinity` | Session Affinity for Kubernetes service, can be "None" or "ClientIP" | `None` |
| `secondary.pdb.minAvailable` | Minimum number/percentage of MariaDB secondary pods that should remain scheduled | `1` | | `secondary.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` |
| `secondary.pdb.maxUnavailable` | Maximum number/percentage of MariaDB secondary pods that may be made unavailable | `""` | | `secondary.pdb.create` | Enable/disable a Pod Disruption Budget creation for MariaDB secondary pods | `false` |
| `secondary.revisionHistoryLimit` | Maximum number of revisions that will be maintained in the StatefulSet | `10` | | `secondary.pdb.minAvailable` | Minimum number/percentage of MariaDB secondary pods that should remain scheduled | `1` |
| `secondary.pdb.maxUnavailable` | Maximum number/percentage of MariaDB secondary pods that may be made unavailable | `""` |
| `secondary.revisionHistoryLimit` | Maximum number of revisions that will be maintained in the StatefulSet | `10` |
### RBAC parameters ### RBAC parameters
@ -316,47 +321,49 @@ The command removes all the Kubernetes components associated with the chart and
### Metrics parameters ### Metrics parameters
| Name | Description | Value | | Name | Description | Value |
| -------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | | ----------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- |
| `metrics.enabled` | Start a side-car prometheus exporter | `false` | | `metrics.enabled` | Start a side-car prometheus exporter | `false` |
| `metrics.image.registry` | Exporter image registry | `docker.io` | | `metrics.image.registry` | Exporter image registry | `docker.io` |
| `metrics.image.repository` | Exporter image repository | `bitnami/mysqld-exporter` | | `metrics.image.repository` | Exporter image repository | `bitnami/mysqld-exporter` |
| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r77` | | `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r77` |
| `metrics.image.digest` | Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.digest` | Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `metrics.image.pullPolicy` | Exporter image pull policy | `IfNotPresent` | | `metrics.image.pullPolicy` | Exporter image pull policy | `IfNotPresent` |
| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | | `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
| `metrics.annotations` | Annotations for the Exporter pod | `{}` | | `metrics.annotations` | Annotations for the Exporter pod | `{}` |
| `metrics.extraArgs` | Extra args to be passed to mysqld_exporter | `{}` | | `metrics.extraArgs` | Extra args to be passed to mysqld_exporter | `{}` |
| `metrics.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the MariaDB metrics container(s) | `{}` | | `metrics.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the MariaDB metrics container(s) | `{}` |
| `metrics.containerSecurityContext.enabled` | Enable security context for MariaDB metrics container | `false` | | `metrics.containerSecurityContext.enabled` | Enable security context for MariaDB metrics container | `false` |
| `metrics.resources.limits` | The resources limits for MariaDB prometheus exporter containers | `{}` | | `metrics.containerSecurityContext.privileged` | Set metrics container's Security Context privileged | `false` |
| `metrics.resources.requests` | The requested resources for MariaDB prometheus exporter containers | `{}` | | `metrics.containerSecurityContext.allowPrivilegeEscalation` | Set metrics container's Security Context allowPrivilegeEscalation | `false` |
| `metrics.livenessProbe.enabled` | Enable livenessProbe | `true` | | `metrics.resources.limits` | The resources limits for MariaDB prometheus exporter containers | `{}` |
| `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | | `metrics.resources.requests` | The requested resources for MariaDB prometheus exporter containers | `{}` |
| `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | | `metrics.livenessProbe.enabled` | Enable livenessProbe | `true` |
| `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` | | `metrics.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` |
| `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | | `metrics.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` |
| `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | | `metrics.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `1` |
| `metrics.readinessProbe.enabled` | Enable readinessProbe | `true` | | `metrics.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` |
| `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` | | `metrics.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
| `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | | `metrics.readinessProbe.enabled` | Enable readinessProbe | `true` |
| `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` | | `metrics.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `30` |
| `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` | | `metrics.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` |
| `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | | `metrics.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `1` |
| `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `false` | | `metrics.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `3` |
| `metrics.serviceMonitor.namespace` | Namespace which Prometheus is running in | `""` | | `metrics.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | | `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `false` |
| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped | `30s` | | `metrics.serviceMonitor.namespace` | Namespace which Prometheus is running in | `""` |
| `metrics.serviceMonitor.scrapeTimeout` | Specify the timeout after which the scrape is ended | `""` | | `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` |
| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | | `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped | `30s` |
| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | | `metrics.serviceMonitor.scrapeTimeout` | Specify the timeout after which the scrape is ended | `""` |
| `metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` | | `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` |
| `metrics.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` | | `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` |
| `metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` | | `metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels | `false` |
| `metrics.prometheusRule.enabled` | if `true`, creates a Prometheus Operator PrometheusRule (also requires `metrics.enabled` to be `true` and `metrics.prometheusRule.rules`) | `false` | | `metrics.serviceMonitor.selector` | ServiceMonitor selector labels | `{}` |
| `metrics.prometheusRule.namespace` | Namespace for the PrometheusRule Resource (defaults to the Release Namespace) | `""` | | `metrics.serviceMonitor.labels` | Extra labels for the ServiceMonitor | `{}` |
| `metrics.prometheusRule.additionalLabels` | Additional labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` | | `metrics.prometheusRule.enabled` | if `true`, creates a Prometheus Operator PrometheusRule (also requires `metrics.enabled` to be `true` and `metrics.prometheusRule.rules`) | `false` |
| `metrics.prometheusRule.rules` | Prometheus Rule definitions | `[]` | | `metrics.prometheusRule.namespace` | Namespace for the PrometheusRule Resource (defaults to the Release Namespace) | `""` |
| `metrics.prometheusRule.additionalLabels` | Additional labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` |
| `metrics.prometheusRule.rules` | Prometheus Rule definitions | `[]` |
### NetworkPolicy parameters ### NetworkPolicy parameters
@ -383,7 +390,7 @@ The above parameters map to the env variables defined in [bitnami/mariadb](https
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```bash ```console
$ helm install my-release \ $ helm install my-release \
--set auth.rootPassword=secretpassword,auth.database=app_database \ --set auth.rootPassword=secretpassword,auth.database=app_database \
my-repo/mariadb my-repo/mariadb
@ -395,7 +402,7 @@ The above command sets the MariaDB `root` account password to `secretpassword`.
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
```bash ```console
$ helm install my-release -f values.yaml my-repo/mariadb $ helm install my-release -f values.yaml my-repo/mariadb
``` ```
@ -455,7 +462,7 @@ Find more information about how to deal with common errors related to Bitnami's
It's necessary to set the `auth.rootPassword` parameter when upgrading for readiness/liveness probes to work properly. When you install this chart for the first time, some notes will be displayed providing the credentials you must use under the 'Administrator credentials' section. Please note down the password and run the command below to upgrade your chart: It's necessary to set the `auth.rootPassword` parameter when upgrading for readiness/liveness probes to work properly. When you install this chart for the first time, some notes will be displayed providing the credentials you must use under the 'Administrator credentials' section. Please note down the password and run the command below to upgrade your chart:
```bash ```console
$ helm upgrade my-release my-repo/mariadb --set auth.rootPassword=[ROOT_PASSWORD] $ helm upgrade my-release my-repo/mariadb --set auth.rootPassword=[ROOT_PASSWORD]
``` ```
@ -512,7 +519,7 @@ Backwards compatibility is not guaranteed. To upgrade to `8.0.0`, install a new
- Create a backup of the database, and restore it on the new release using tools such as [mysqldump](https://mariadb.com/kb/en/mysqldump/). - Create a backup of the database, and restore it on the new release using tools such as [mysqldump](https://mariadb.com/kb/en/mysqldump/).
- Reuse the PVC used to hold the master data on your previous release. To do so, use the `primary.persistence.existingClaim` parameter. The following example assumes that the release name is `mariadb`: - Reuse the PVC used to hold the master data on your previous release. To do so, use the `primary.persistence.existingClaim` parameter. The following example assumes that the release name is `mariadb`:
```bash ```console
$ helm install mariadb my-repo/mariadb --set auth.rootPassword=[ROOT_PASSWORD] --set primary.persistence.existingClaim=[EXISTING_PVC] $ helm install mariadb my-repo/mariadb --set auth.rootPassword=[ROOT_PASSWORD] --set primary.persistence.existingClaim=[EXISTING_PVC]
``` ```

16
charts/bitnami/mariadb/values.yaml
View File

@ -313,12 +313,16 @@ primary:
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param primary.containerSecurityContext.enabled MariaDB primary container securityContext ## @param primary.containerSecurityContext.enabled MariaDB primary container securityContext
## @param primary.containerSecurityContext.runAsUser User ID for the MariaDB primary container ## @param primary.containerSecurityContext.runAsUser User ID for the MariaDB primary container
## @param primary.containerSecurityContext.runAsNonRoot Set Controller container's Security Context runAsNonRoot ## @param primary.containerSecurityContext.runAsNonRoot Set primary container's Security Context runAsNonRoot
## @param primary.containerSecurityContext.privileged Set primary container's Security Context privileged
## @param primary.containerSecurityContext.allowPrivilegeEscalation Set primary container's Security Context allowPrivilegeEscalation
## ##
containerSecurityContext: containerSecurityContext:
enabled: true enabled: true
runAsUser: 1001 runAsUser: 1001
runAsNonRoot: true runAsNonRoot: true
privileged: false
allowPrivilegeEscalation: false
## MariaDB primary container's resource requests and limits ## MariaDB primary container's resource requests and limits
## ref: https://kubernetes.io/docs/user-guide/compute-resources/ ## ref: https://kubernetes.io/docs/user-guide/compute-resources/
## We usually recommend not to specify default resources and to leave this as a conscious ## We usually recommend not to specify default resources and to leave this as a conscious
@ -702,12 +706,16 @@ secondary:
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param secondary.containerSecurityContext.enabled MariaDB secondary container securityContext ## @param secondary.containerSecurityContext.enabled MariaDB secondary container securityContext
## @param secondary.containerSecurityContext.runAsUser User ID for the MariaDB secondary container ## @param secondary.containerSecurityContext.runAsUser User ID for the MariaDB secondary container
## @param secondary.containerSecurityContext.runAsNonRoot Set Controller container's Security Context runAsNonRoot ## @param secondary.containerSecurityContext.runAsNonRoot Set secondary container's Security Context runAsNonRoot
## @param secondary.containerSecurityContext.privileged Set secondary container's Security Context privileged
## @param secondary.containerSecurityContext.allowPrivilegeEscalation Set secondary container's Security Context allowPrivilegeEscalation
## ##
containerSecurityContext: containerSecurityContext:
enabled: true enabled: true
runAsUser: 1001 runAsUser: 1001
runAsNonRoot: true runAsNonRoot: true
privileged: false
allowPrivilegeEscalation: false
## MariaDB secondary container's resource requests and limits ## MariaDB secondary container's resource requests and limits
## ref: https://kubernetes.io/docs/user-guide/compute-resources/ ## ref: https://kubernetes.io/docs/user-guide/compute-resources/
## We usually recommend not to specify default resources and to leave this as a conscious ## We usually recommend not to specify default resources and to leave this as a conscious
@ -1081,6 +1089,8 @@ metrics:
## MariaDB metrics container Security Context ## MariaDB metrics container Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param metrics.containerSecurityContext.enabled Enable security context for MariaDB metrics container ## @param metrics.containerSecurityContext.enabled Enable security context for MariaDB metrics container
## @param metrics.containerSecurityContext.privileged Set metrics container's Security Context privileged
## @param metrics.containerSecurityContext.allowPrivilegeEscalation Set metrics container's Security Context allowPrivilegeEscalation
## Example: ## Example:
## containerSecurityContext: ## containerSecurityContext:
## enabled: true ## enabled: true
@ -1090,6 +1100,8 @@ metrics:
## ##
containerSecurityContext: containerSecurityContext:
enabled: false enabled: false
privileged: false
allowPrivilegeEscalation: false
## Mysqld Prometheus exporter resource requests and limits ## Mysqld Prometheus exporter resource requests and limits
## ref: https://kubernetes.io/docs/user-guide/compute-resources/ ## ref: https://kubernetes.io/docs/user-guide/compute-resources/
## We usually recommend not to specify default resources and to leave this as a conscious ## We usually recommend not to specify default resources and to leave this as a conscious

2
charts/bitnami/postgresql/Chart.yaml
View File

@ -32,4 +32,4 @@ name: postgresql
sources: sources:
- https://github.com/bitnami/containers/tree/main/bitnami/postgresql - https://github.com/bitnami/containers/tree/main/bitnami/postgresql
- https://www.postgresql.org/ - https://www.postgresql.org/
version: 12.1.11 version: 12.1.13

8
charts/bitnami/postgresql/README.md
View File

@ -102,7 +102,7 @@ $ kubectl delete pvc -l release=my-release
| ---------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | | ---------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- |
| `image.registry` | PostgreSQL image registry | `docker.io` | | `image.registry` | PostgreSQL image registry | `docker.io` |
| `image.repository` | PostgreSQL image repository | `bitnami/postgresql` | | `image.repository` | PostgreSQL image repository | `bitnami/postgresql` |
| `image.tag` | PostgreSQL image tag (immutable tags are recommended) | `15.1.0-debian-11-r28` | | `image.tag` | PostgreSQL image tag (immutable tags are recommended) | `15.1.0-debian-11-r30` |
| `image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | PostgreSQL image pull policy | `IfNotPresent` | | `image.pullPolicy` | PostgreSQL image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify image pull secrets | `[]` | | `image.pullSecrets` | Specify image pull secrets | `[]` |
@ -383,7 +383,7 @@ $ kubectl delete pvc -l release=my-release
| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | | `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` |
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | | `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` | | `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r76` | | `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r77` |
| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | | `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | | `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` |
@ -412,7 +412,7 @@ $ kubectl delete pvc -l release=my-release
| `metrics.enabled` | Start a prometheus exporter | `false` | | `metrics.enabled` | Start a prometheus exporter | `false` |
| `metrics.image.registry` | PostgreSQL Prometheus Exporter image registry | `docker.io` | | `metrics.image.registry` | PostgreSQL Prometheus Exporter image registry | `docker.io` |
| `metrics.image.repository` | PostgreSQL Prometheus Exporter image repository | `bitnami/postgres-exporter` | | `metrics.image.repository` | PostgreSQL Prometheus Exporter image repository | `bitnami/postgres-exporter` |
| `metrics.image.tag` | PostgreSQL Prometheus Exporter image tag (immutable tags are recommended) | `0.11.1-debian-11-r53` | | `metrics.image.tag` | PostgreSQL Prometheus Exporter image tag (immutable tags are recommended) | `0.11.1-debian-11-r54` |
| `metrics.image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `metrics.image.pullPolicy` | PostgreSQL Prometheus Exporter image pull policy | `IfNotPresent` | | `metrics.image.pullPolicy` | PostgreSQL Prometheus Exporter image pull policy | `IfNotPresent` |
| `metrics.image.pullSecrets` | Specify image pull secrets | `[]` | | `metrics.image.pullSecrets` | Specify image pull secrets | `[]` |
@ -679,7 +679,7 @@ Refer to the [chart documentation for more information about how to upgrade from
## License ## License
Copyright &copy; 2022 Bitnami Copyright &copy; 2023 Bitnami
Licensed under the Apache License, Version 2.0 (the "License"); Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License. you may not use this file except in compliance with the License.

2
charts/bitnami/postgresql/templates/primary/metrics-svc.yaml
View File

@ -9,6 +9,7 @@ metadata:
{{- if .Values.commonLabels }} {{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }} {{- end }}
{{- if or .Values.commonAnnotations .Values.metrics.service.annotations }}
annotations: annotations:
{{- if .Values.commonAnnotations }} {{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
@ -16,6 +17,7 @@ metadata:
{{- if .Values.metrics.service.annotations }} {{- if .Values.metrics.service.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.metrics.service.annotations "context" $ ) | nindent 4 }} {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.service.annotations "context" $ ) | nindent 4 }}
{{- end }} {{- end }}
{{- end }}
spec: spec:
type: ClusterIP type: ClusterIP
sessionAffinity: {{ .Values.metrics.service.sessionAffinity }} sessionAffinity: {{ .Values.metrics.service.sessionAffinity }}

6
charts/bitnami/postgresql/templates/primary/statefulset.yaml
View File

@ -12,6 +12,7 @@ metadata:
{{- if .Values.primary.labels }} {{- if .Values.primary.labels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.primary.labels "context" $ ) | nindent 4 }} {{- include "common.tplvalues.render" ( dict "value" .Values.primary.labels "context" $ ) | nindent 4 }}
{{- end }} {{- end }}
{{- if or .Values.commonAnnotations .Values.primary.annotations }}
annotations: annotations:
{{- if .Values.commonAnnotations }} {{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
@ -19,6 +20,7 @@ metadata:
{{- if .Values.primary.annotations }} {{- if .Values.primary.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.primary.annotations "context" $ ) | nindent 4 }} {{- include "common.tplvalues.render" ( dict "value" .Values.primary.annotations "context" $ ) | nindent 4 }}
{{- end }} {{- end }}
{{- end }}
spec: spec:
replicas: 1 replicas: 1
serviceName: {{ include "postgresql.primary.svc.headless" . }} serviceName: {{ include "postgresql.primary.svc.headless" . }}
@ -39,6 +41,7 @@ spec:
{{- if .Values.primary.podLabels }} {{- if .Values.primary.podLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.primary.podLabels "context" $ ) | nindent 8 }} {{- include "common.tplvalues.render" ( dict "value" .Values.primary.podLabels "context" $ ) | nindent 8 }}
{{- end }} {{- end }}
{{- if or (include "postgresql.primary.createConfigmap" .) (include "postgresql.primary.createExtendedConfigmap" .) .Values.primary.podAnnotations }}
annotations: annotations:
{{- if (include "postgresql.primary.createConfigmap" .) }} {{- if (include "postgresql.primary.createConfigmap" .) }}
checksum/configuration: {{ include (print $.Template.BasePath "/primary/configmap.yaml") . | sha256sum }} checksum/configuration: {{ include (print $.Template.BasePath "/primary/configmap.yaml") . | sha256sum }}
@ -49,6 +52,7 @@ spec:
{{- if .Values.primary.podAnnotations }} {{- if .Values.primary.podAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.primary.podAnnotations "context" $ ) | nindent 8 }} {{- include "common.tplvalues.render" ( dict "value" .Values.primary.podAnnotations "context" $ ) | nindent 8 }}
{{- end }} {{- end }}
{{- end }}
spec: spec:
{{- if .Values.primary.extraPodSpec }} {{- if .Values.primary.extraPodSpec }}
{{- include "common.tplvalues.render" (dict "value" .Values.primary.extraPodSpec "context" $) | nindent 6 }} {{- include "common.tplvalues.render" (dict "value" .Values.primary.extraPodSpec "context" $) | nindent 6 }}
@ -89,6 +93,7 @@ spec:
{{- end }} {{- end }}
hostNetwork: {{ .Values.primary.hostNetwork }} hostNetwork: {{ .Values.primary.hostNetwork }}
hostIPC: {{ .Values.primary.hostIPC }} hostIPC: {{ .Values.primary.hostIPC }}
{{- if or (and .Values.tls.enabled (not .Values.volumePermissions.enabled)) (and .Values.volumePermissions.enabled (or .Values.primary.persistence.enabled .Values.shmVolume.enabled)) .Values.primary.initContainers }}
initContainers: initContainers:
{{- if and .Values.tls.enabled (not .Values.volumePermissions.enabled) }} {{- if and .Values.tls.enabled (not .Values.volumePermissions.enabled) }}
- name: copy-certs - name: copy-certs
@ -177,6 +182,7 @@ spec:
{{- if .Values.primary.initContainers }} {{- if .Values.primary.initContainers }}
{{- include "common.tplvalues.render" ( dict "value" .Values.primary.initContainers "context" $ ) | nindent 8 }} {{- include "common.tplvalues.render" ( dict "value" .Values.primary.initContainers "context" $ ) | nindent 8 }}
{{- end }} {{- end }}
{{- end }}
containers: containers:
- name: postgresql - name: postgresql
image: {{ include "postgresql.image" . }} image: {{ include "postgresql.image" . }}

2
charts/bitnami/postgresql/templates/primary/svc.yaml
View File

@ -8,6 +8,7 @@ metadata:
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }} {{- end }}
app.kubernetes.io/component: primary app.kubernetes.io/component: primary
{{- if or .Values.commonAnnotations .Values.primary.service.annotations }}
annotations: annotations:
{{- if .Values.commonAnnotations }} {{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
@ -15,6 +16,7 @@ metadata:
{{- if .Values.primary.service.annotations }} {{- if .Values.primary.service.annotations }}
{{- include "common.tplvalues.render" (dict "value" .Values.primary.service.annotations "context" $) | nindent 4 }} {{- include "common.tplvalues.render" (dict "value" .Values.primary.service.annotations "context" $) | nindent 4 }}
{{- end }} {{- end }}
{{- end }}
spec: spec:
type: {{ .Values.primary.service.type }} type: {{ .Values.primary.service.type }}
{{- if or (eq .Values.primary.service.type "LoadBalancer") (eq .Values.primary.service.type "NodePort") }} {{- if or (eq .Values.primary.service.type "LoadBalancer") (eq .Values.primary.service.type "NodePort") }}

2
charts/bitnami/postgresql/templates/read/metrics-svc.yaml
View File

@ -9,6 +9,7 @@ metadata:
{{- if .Values.commonLabels }} {{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }} {{- end }}
{{- if or .Values.commonAnnotations .Values.metrics.service.annotations }}
annotations: annotations:
{{- if .Values.commonAnnotations }} {{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
@ -16,6 +17,7 @@ metadata:
{{- if .Values.metrics.service.annotations }} {{- if .Values.metrics.service.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.metrics.service.annotations "context" $ ) | nindent 4 }} {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.service.annotations "context" $ ) | nindent 4 }}
{{- end }} {{- end }}
{{- end }}
spec: spec:
type: ClusterIP type: ClusterIP
sessionAffinity: {{ .Values.metrics.service.sessionAffinity }} sessionAffinity: {{ .Values.metrics.service.sessionAffinity }}

6
charts/bitnami/postgresql/templates/read/statefulset.yaml
View File

@ -13,6 +13,7 @@ metadata:
{{- if .Values.readReplicas.labels }} {{- if .Values.readReplicas.labels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.readReplicas.labels "context" $ ) | nindent 4 }} {{- include "common.tplvalues.render" ( dict "value" .Values.readReplicas.labels "context" $ ) | nindent 4 }}
{{- end }} {{- end }}
{{- if or .Values.commonAnnotations .Values.readReplicas.annotations }}
annotations: annotations:
{{- if .Values.commonAnnotations }} {{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
@ -20,6 +21,7 @@ metadata:
{{- if .Values.readReplicas.annotations }} {{- if .Values.readReplicas.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.readReplicas.annotations "context" $ ) | nindent 4 }} {{- include "common.tplvalues.render" ( dict "value" .Values.readReplicas.annotations "context" $ ) | nindent 4 }}
{{- end }} {{- end }}
{{- end }}
spec: spec:
replicas: {{ .Values.readReplicas.replicaCount }} replicas: {{ .Values.readReplicas.replicaCount }}
serviceName: {{ include "postgresql.readReplica.svc.headless" . }} serviceName: {{ include "postgresql.readReplica.svc.headless" . }}
@ -40,6 +42,7 @@ spec:
{{- if .Values.readReplicas.podLabels }} {{- if .Values.readReplicas.podLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.readReplicas.podLabels "context" $ ) | nindent 8 }} {{- include "common.tplvalues.render" ( dict "value" .Values.readReplicas.podLabels "context" $ ) | nindent 8 }}
{{- end }} {{- end }}
{{- if or (include "postgresql.readReplicas.createExtendedConfigmap" .) .Values.readReplicas.podAnnotations }}
annotations: annotations:
{{- if (include "postgresql.readReplicas.createExtendedConfigmap" .) }} {{- if (include "postgresql.readReplicas.createExtendedConfigmap" .) }}
checksum/extended-configuration: {{ include (print $.Template.BasePath "/read/extended-configmap.yaml") . | sha256sum }} checksum/extended-configuration: {{ include (print $.Template.BasePath "/read/extended-configmap.yaml") . | sha256sum }}
@ -47,6 +50,7 @@ spec:
{{- if .Values.readReplicas.podAnnotations }} {{- if .Values.readReplicas.podAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.readReplicas.podAnnotations "context" $ ) | nindent 8 }} {{- include "common.tplvalues.render" ( dict "value" .Values.readReplicas.podAnnotations "context" $ ) | nindent 8 }}
{{- end }} {{- end }}
{{- end }}
spec: spec:
{{- if .Values.readReplicas.extraPodSpec }} {{- if .Values.readReplicas.extraPodSpec }}
{{- include "common.tplvalues.render" (dict "value" .Values.readReplicas.extraPodSpec "context" $) | nindent 6 }} {{- include "common.tplvalues.render" (dict "value" .Values.readReplicas.extraPodSpec "context" $) | nindent 6 }}
@ -87,6 +91,7 @@ spec:
{{- end }} {{- end }}
hostNetwork: {{ .Values.readReplicas.hostNetwork }} hostNetwork: {{ .Values.readReplicas.hostNetwork }}
hostIPC: {{ .Values.readReplicas.hostIPC }} hostIPC: {{ .Values.readReplicas.hostIPC }}
{{- if or (and .Values.tls.enabled (not .Values.volumePermissions.enabled)) (and .Values.volumePermissions.enabled (or .Values.readReplicas.persistence.enabled .Values.shmVolume.enabled)) .Values.readReplicas.initContainers }}
initContainers: initContainers:
{{- if and .Values.tls.enabled (not .Values.volumePermissions.enabled) }} {{- if and .Values.tls.enabled (not .Values.volumePermissions.enabled) }}
- name: copy-certs - name: copy-certs
@ -175,6 +180,7 @@ spec:
{{- if .Values.readReplicas.initContainers }} {{- if .Values.readReplicas.initContainers }}
{{- include "common.tplvalues.render" ( dict "value" .Values.readReplicas.initContainers "context" $ ) | nindent 8 }} {{- include "common.tplvalues.render" ( dict "value" .Values.readReplicas.initContainers "context" $ ) | nindent 8 }}
{{- end }} {{- end }}
{{- end }}
containers: containers:
- name: postgresql - name: postgresql
image: {{ include "postgresql.image" . }} image: {{ include "postgresql.image" . }}

2
charts/bitnami/postgresql/templates/read/svc.yaml
View File

@ -9,6 +9,7 @@ metadata:
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }} {{- end }}
app.kubernetes.io/component: read app.kubernetes.io/component: read
{{- if or .Values.commonAnnotations .Values.readReplicas.service.annotations }}
annotations: annotations:
{{- if .Values.commonAnnotations }} {{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
@ -16,6 +17,7 @@ metadata:
{{- if .Values.readReplicas.service.annotations }} {{- if .Values.readReplicas.service.annotations }}
{{- include "common.tplvalues.render" (dict "value" .Values.readReplicas.service.annotations "context" $) | nindent 4 }} {{- include "common.tplvalues.render" (dict "value" .Values.readReplicas.service.annotations "context" $) | nindent 4 }}
{{- end }} {{- end }}
{{- end }}
spec: spec:
type: {{ .Values.readReplicas.service.type }} type: {{ .Values.readReplicas.service.type }}
{{- if or (eq .Values.readReplicas.service.type "LoadBalancer") (eq .Values.readReplicas.service.type "NodePort") }} {{- if or (eq .Values.readReplicas.service.type "LoadBalancer") (eq .Values.readReplicas.service.type "NodePort") }}

6
charts/bitnami/postgresql/values.yaml
View File

@ -95,7 +95,7 @@ diagnosticMode:
image: image:
registry: docker.io registry: docker.io
repository: bitnami/postgresql repository: bitnami/postgresql
tag: 15.1.0-debian-11-r28 tag: 15.1.0-debian-11-r30
digest: "" digest: ""
## Specify a imagePullPolicy ## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -1130,7 +1130,7 @@ volumePermissions:
image: image:
registry: docker.io registry: docker.io
repository: bitnami/bitnami-shell repository: bitnami/bitnami-shell
tag: 11-debian-11-r76 tag: 11-debian-11-r77
digest: "" digest: ""
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets. ## Optionally specify an array of imagePullSecrets.
@ -1217,7 +1217,7 @@ metrics:
image: image:
registry: docker.io registry: docker.io
repository: bitnami/postgres-exporter repository: bitnami/postgres-exporter
tag: 0.11.1-debian-11-r53 tag: 0.11.1-debian-11-r54
digest: "" digest: ""
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets. ## Optionally specify an array of imagePullSecrets.

2
charts/bitnami/spark/Chart.yaml
View File

@ -28,4 +28,4 @@ name: spark
sources: sources:
- https://github.com/bitnami/containers/tree/main/bitnami/spark - https://github.com/bitnami/containers/tree/main/bitnami/spark
- https://spark.apache.org/ - https://spark.apache.org/
version: 6.3.15 version: 6.3.16

20
charts/bitnami/spark/templates/tls-secrets.yaml
View File

@ -21,12 +21,13 @@ data:
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- if and .Values.ingress.tls .Values.ingress.selfSigned }} {{- if and .Values.ingress.tls .Values.ingress.selfSigned }}
{{- $secretName := printf "%s-tls" .Values.ingress.hostname }}
{{- $ca := genCA "spark-ca" 365 }} {{- $ca := genCA "spark-ca" 365 }}
{{- $cert := genSignedCert .Values.ingress.hostname nil (list .Values.ingress.hostname) 365 $ca }} {{- $cert := genSignedCert .Values.ingress.hostname nil (list .Values.ingress.hostname) 365 $ca }}
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: {{ printf "%s-tls" .Values.ingress.hostname }} name: {{ $secretName }}
namespace: {{ include "common.names.namespace" . | quote }} namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }} labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }} {{- if .Values.commonLabels }}
@ -37,12 +38,13 @@ metadata:
{{- end }} {{- end }}
type: kubernetes.io/tls type: kubernetes.io/tls
data: data:
tls.crt: {{ $cert.Cert | b64enc | quote }} tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
tls.key: {{ $cert.Key | b64enc | quote }} tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
ca.crt: {{ $ca.Cert | b64enc | quote }} ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- if (include "spark.createTlsSecret" . ) }} {{- if (include "spark.createTlsSecret" . ) }}
{{- $secretName := printf "%s-crt" (include "common.names.fullname" .) }}
{{- $ca := genCA "spark-internal-ca" 365 }} {{- $ca := genCA "spark-internal-ca" 365 }}
{{- $releaseNamespace := include "common.names.namespace" . }} {{- $releaseNamespace := include "common.names.namespace" . }}
{{- $clusterDomain := .Values.clusterDomain }} {{- $clusterDomain := .Values.clusterDomain }}
@ -50,12 +52,12 @@ data:
{{- $headlessServiceName := printf "%s-headless" ( include "common.names.fullname" . ) }} {{- $headlessServiceName := printf "%s-headless" ( include "common.names.fullname" . ) }}
{{- $masterServiceName := printf "%s-master-svc" (include "common.names.fullname" .) }} {{- $masterServiceName := printf "%s-master-svc" (include "common.names.fullname" .) }}
{{- $altNames := list (printf "*.%s.%s.svc.%s" $masterServiceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $masterServiceName $releaseNamespace $clusterDomain) (printf "*.%s.%s.svc.%s" $headlessServiceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $headlessServiceName $releaseNamespace $clusterDomain) $fullname }} {{- $altNames := list (printf "*.%s.%s.svc.%s" $masterServiceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $masterServiceName $releaseNamespace $clusterDomain) (printf "*.%s.%s.svc.%s" $headlessServiceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $headlessServiceName $releaseNamespace $clusterDomain) $fullname }}
{{- $crt := genSignedCert $fullname nil $altNames 365 $ca }} {{- $cert := genSignedCert $fullname nil $altNames 365 $ca }}
--- ---
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: {{ printf "%s-crt" (include "common.names.fullname" .) }} name: {{ $secretName }}
labels: {{- include "common.labels.standard" . | nindent 4 }} labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }} {{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
@ -65,7 +67,7 @@ metadata:
{{- end }} {{- end }}
type: kubernetes.io/tls type: kubernetes.io/tls
data: data:
ca.crt: {{ $ca.Cert | b64enc | quote }} tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
tls.crt: {{ $crt.Cert | b64enc | quote }} tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
tls.key: {{ $crt.Key | b64enc | quote }} ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
{{- end }} {{- end }}

2
charts/bitnami/tomcat/Chart.yaml
View File

@ -32,4 +32,4 @@ name: tomcat
sources: sources:
- https://github.com/bitnami/containers/tree/main/bitnami/tomcat - https://github.com/bitnami/containers/tree/main/bitnami/tomcat
- http://tomcat.apache.org - http://tomcat.apache.org
version: 10.5.9 version: 10.5.10

2
charts/bitnami/tomcat/README.md
View File

@ -7,7 +7,7 @@ Apache Tomcat is an open-source web server designed to host and run Java-based w
[Overview of Apache Tomcat](http://tomcat.apache.org/) [Overview of Apache Tomcat](http://tomcat.apache.org/)
Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement. Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.
## TL;DR ## TL;DR
```console ```console

9
charts/bitnami/tomcat/templates/tls-secrets.yaml
View File

@ -21,12 +21,13 @@ data:
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- if and .Values.ingress.tls .Values.ingress.selfSigned }} {{- if and .Values.ingress.tls .Values.ingress.selfSigned }}
{{- $secretName := printf "%s-tls" .Values.ingress.hostname }}
{{- $ca := genCA "tomcat-ca" 365 }} {{- $ca := genCA "tomcat-ca" 365 }}
{{- $cert := genSignedCert .Values.ingress.hostname nil (list .Values.ingress.hostname) 365 $ca }} {{- $cert := genSignedCert .Values.ingress.hostname nil (list .Values.ingress.hostname) 365 $ca }}
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: {{ printf "%s-tls" .Values.ingress.hostname }} name: {{ $secretName }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }} labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }} {{- if .Values.commonLabels }}
@ -37,8 +38,8 @@ metadata:
{{- end }} {{- end }}
type: kubernetes.io/tls type: kubernetes.io/tls
data: data:
tls.crt: {{ $cert.Cert | b64enc | quote }} tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
tls.key: {{ $cert.Key | b64enc | quote }} tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
ca.crt: {{ $ca.Cert | b64enc | quote }} ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
{{- end }} {{- end }}
{{- end }} {{- end }}

2
charts/bitnami/wordpress/Chart.yaml
View File

@ -41,4 +41,4 @@ name: wordpress
sources: sources:
- https://github.com/bitnami/containers/tree/main/bitnami/wordpress - https://github.com/bitnami/containers/tree/main/bitnami/wordpress
- https://wordpress.org/ - https://wordpress.org/
version: 15.2.35 version: 15.2.36

9
charts/bitnami/wordpress/templates/tls-secrets.yaml
View File

@ -21,12 +21,13 @@ data:
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- if and .Values.ingress.tls .Values.ingress.selfSigned }} {{- if and .Values.ingress.tls .Values.ingress.selfSigned }}
{{- $secretName := printf "%s-tls" .Values.ingress.hostname }}
{{- $ca := genCA "wordpress-ca" 365 }} {{- $ca := genCA "wordpress-ca" 365 }}
{{- $cert := genSignedCert .Values.ingress.hostname nil (list .Values.ingress.hostname) 365 $ca }} {{- $cert := genSignedCert .Values.ingress.hostname nil (list .Values.ingress.hostname) 365 $ca }}
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: {{ printf "%s-tls" .Values.ingress.hostname }} name: {{ $secretName }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }} labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }} {{- if .Values.commonLabels }}
@ -37,8 +38,8 @@ metadata:
{{- end }} {{- end }}
type: kubernetes.io/tls type: kubernetes.io/tls
data: data:
tls.crt: {{ $cert.Cert | b64enc | quote }} tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
tls.key: {{ $cert.Key | b64enc | quote }} tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
ca.crt: {{ $ca.Cert | b64enc | quote }} ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
{{- end }} {{- end }}
{{- end }} {{- end }}

7
charts/bitnami/zookeeper/Chart.yaml
View File

@ -4,10 +4,9 @@ annotations:
catalog.cattle.io/kube-version: '>=1.19-0' catalog.cattle.io/kube-version: '>=1.19-0'
catalog.cattle.io/release-name: zookeeper catalog.cattle.io/release-name: zookeeper
category: Infrastructure category: Infrastructure
licenses: | licenses: Apache-2.0
- Apache-2.0
apiVersion: v2 apiVersion: v2
appVersion: 3.8.0 appVersion: 3.8.1
dependencies: dependencies:
- name: common - name: common
repository: file://./charts/common repository: file://./charts/common
@ -27,4 +26,4 @@ name: zookeeper
sources: sources:
- https://github.com/bitnami/containers/tree/main/bitnami/zookeeper - https://github.com/bitnami/containers/tree/main/bitnami/zookeeper
- https://zookeeper.apache.org/ - https://zookeeper.apache.org/
version: 11.1.0 version: 11.1.2

6
charts/bitnami/zookeeper/README.md
View File

@ -84,7 +84,7 @@ The command removes all the Kubernetes components associated with the chart and
| ----------------------------- | -------------------------------------------------------------------------------------------------------------------------- | ----------------------- | | ----------------------------- | -------------------------------------------------------------------------------------------------------------------------- | ----------------------- |
| `image.registry` | ZooKeeper image registry | `docker.io` | | `image.registry` | ZooKeeper image registry | `docker.io` |
| `image.repository` | ZooKeeper image repository | `bitnami/zookeeper` | | `image.repository` | ZooKeeper image repository | `bitnami/zookeeper` |
| `image.tag` | ZooKeeper image tag (immutable tags are recommended) | `3.8.0-debian-11-r74` | | `image.tag` | ZooKeeper image tag (immutable tags are recommended) | `3.8.1-debian-11-r0` |
| `image.digest` | ZooKeeper image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.digest` | ZooKeeper image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | ZooKeeper image pull policy | `IfNotPresent` | | `image.pullPolicy` | ZooKeeper image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | | `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
@ -255,7 +255,7 @@ The command removes all the Kubernetes components associated with the chart and
| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | | `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` |
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | | `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` | | `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r69` | | `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r77` |
| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | | `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | | `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` |
@ -518,7 +518,7 @@ $ kubectl delete statefulset zookeeper-zookeeper --cascade=false
## License ## License
Copyright &copy; 2022 Bitnami Copyright &copy; 2023 Bitnami
Licensed under the Apache License, Version 2.0 (the "License"); Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License. you may not use this file except in compliance with the License.

22
charts/bitnami/zookeeper/templates/tls-secrets.yaml
View File

@ -1,4 +1,5 @@
{{- if (include "zookeeper.client.createTlsSecret" .) }} {{- if (include "zookeeper.client.createTlsSecret" .) }}
{{- $secretName := printf "%s-client-crt" (include "common.names.fullname" .) }}
{{- $ca := genCA "zookeeper-client-ca" 365 }} {{- $ca := genCA "zookeeper-client-ca" 365 }}
{{- $releaseNamespace := .Release.Namespace }} {{- $releaseNamespace := .Release.Namespace }}
{{- $clusterDomain := .Values.clusterDomain }} {{- $clusterDomain := .Values.clusterDomain }}
@ -6,11 +7,11 @@
{{- $serviceName := include "common.names.fullname" . }} {{- $serviceName := include "common.names.fullname" . }}
{{- $headlessServiceName := printf "%s-headless" (include "common.names.fullname" .) }} {{- $headlessServiceName := printf "%s-headless" (include "common.names.fullname" .) }}
{{- $altNames := list (printf "*.%s.%s.svc.%s" $headlessServiceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $headlessServiceName $releaseNamespace $clusterDomain) (printf "*.%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) "127.0.0.1" "localhost" $fullname }} {{- $altNames := list (printf "*.%s.%s.svc.%s" $headlessServiceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $headlessServiceName $releaseNamespace $clusterDomain) (printf "*.%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) "127.0.0.1" "localhost" $fullname }}
{{- $crt := genSignedCert $fullname nil $altNames 365 $ca }} {{- $cert := genSignedCert $fullname nil $altNames 365 $ca }}
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: {{ include "common.names.fullname" . }}-client-crt name: {{ $secretName }}
namespace: {{ template "zookeeper.namespace" . }} namespace: {{ template "zookeeper.namespace" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }} labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }} {{- if .Values.commonLabels }}
@ -21,11 +22,12 @@ metadata:
{{- end }} {{- end }}
type: kubernetes.io/tls type: kubernetes.io/tls
data: data:
ca.crt: {{ $ca.Cert | b64enc | quote }} tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
tls.crt: {{ $crt.Cert | b64enc | quote }} tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
tls.key: {{ $crt.Key | b64enc | quote }} ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
{{- end }} {{- end }}
{{- if (include "zookeeper.quorum.createTlsSecret" .) }} {{- if (include "zookeeper.quorum.createTlsSecret" .) }}
{{- $secretName := printf "%s-quorum-crt" (include "common.names.fullname" .) }}
{{- $ca := genCA "zookeeper-quorum-ca" 365 }} {{- $ca := genCA "zookeeper-quorum-ca" 365 }}
{{- $releaseNamespace := .Release.Namespace }} {{- $releaseNamespace := .Release.Namespace }}
{{- $clusterDomain := .Values.clusterDomain }} {{- $clusterDomain := .Values.clusterDomain }}
@ -33,12 +35,12 @@ data:
{{- $serviceName := include "common.names.fullname" . }} {{- $serviceName := include "common.names.fullname" . }}
{{- $headlessServiceName := printf "%s-headless" (include "common.names.fullname" .) }} {{- $headlessServiceName := printf "%s-headless" (include "common.names.fullname" .) }}
{{- $altNames := list (printf "*.%s.%s.svc.%s" $headlessServiceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $headlessServiceName $releaseNamespace $clusterDomain) (printf "*.%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) $fullname }} {{- $altNames := list (printf "*.%s.%s.svc.%s" $headlessServiceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $headlessServiceName $releaseNamespace $clusterDomain) (printf "*.%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) (printf "%s.%s.svc.%s" $serviceName $releaseNamespace $clusterDomain) $fullname }}
{{- $crt := genSignedCert $fullname nil $altNames 365 $ca }} {{- $cert := genSignedCert $fullname nil $altNames 365 $ca }}
--- ---
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
name: {{ include "common.names.fullname" . }}-quorum-crt name: {{ $secretName }}
namespace: {{ template "zookeeper.namespace" . }} namespace: {{ template "zookeeper.namespace" . }}
labels: {{- include "common.labels.standard" . | nindent 4 }} labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }} {{- if .Values.commonLabels }}
@ -49,7 +51,7 @@ metadata:
{{- end }} {{- end }}
type: kubernetes.io/tls type: kubernetes.io/tls
data: data:
ca.crt: {{ $ca.Cert | b64enc | quote }} tls.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.crt" "defaultValue" $cert.Cert "context" $) }}
tls.crt: {{ $crt.Cert | b64enc | quote }} tls.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "tls.key" "defaultValue" $cert.Key "context" $) }}
tls.key: {{ $crt.Key | b64enc | quote }} ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "ca.crt" "defaultValue" $ca.Cert "context" $) }}
{{- end }} {{- end }}

4
charts/bitnami/zookeeper/values.yaml
View File

@ -76,7 +76,7 @@ diagnosticMode:
image: image:
registry: docker.io registry: docker.io
repository: bitnami/zookeeper repository: bitnami/zookeeper
tag: 3.8.0-debian-11-r74 tag: 3.8.1-debian-11-r0
digest: "" digest: ""
## Specify a imagePullPolicy ## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -660,7 +660,7 @@ volumePermissions:
image: image:
registry: docker.io registry: docker.io
repository: bitnami/bitnami-shell repository: bitnami/bitnami-shell
tag: 11-debian-11-r69 tag: 11-debian-11-r77
digest: "" digest: ""
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets. ## Optionally specify an array of imagePullSecrets.

4
charts/citrix/citrix-cpx-with-ingress-controller/Chart.yaml
View File

@ -4,7 +4,7 @@ annotations:
catalog.cattle.io/kube-version: '>=v1.16.0-0' catalog.cattle.io/kube-version: '>=v1.16.0-0'
catalog.cattle.io/release-name: citrix-cpx-with-ingress-controller catalog.cattle.io/release-name: citrix-cpx-with-ingress-controller
apiVersion: v2 apiVersion: v2
appVersion: 1.28.2 appVersion: 1.29.5
description: A Helm chart for Citrix ADC CPX with Citrix ingress Controller running description: A Helm chart for Citrix ADC CPX with Citrix ingress Controller running
as sidecar. as sidecar.
home: https://www.citrix.com home: https://www.citrix.com
@ -18,4 +18,4 @@ maintainers:
name: citrix-cpx-with-ingress-controller name: citrix-cpx-with-ingress-controller
sources: sources:
- https://github.com/citrix/citrix-k8s-ingress-controller - https://github.com/citrix/citrix-k8s-ingress-controller
version: 1.28.2 version: 1.29.5

5
charts/citrix/citrix-cpx-with-ingress-controller/README.md
View File

@ -455,7 +455,7 @@ The following table lists the configurable parameters of the Citrix ADC CPX with
| daemonSet | Optional | False | Set this to true if Citrix ADC CPX needs to be deployed as DaemonSet. | | daemonSet | Optional | False | Set this to true if Citrix ADC CPX needs to be deployed as DaemonSet. |
| cic.imageRegistry | Mandatory | `quay.io` | The Citrix ingress controller image registry | | cic.imageRegistry | Mandatory | `quay.io` | The Citrix ingress controller image registry |
| cic.imageRepository | Mandatory | `citrix/citrix-k8s-ingress-controller` | The Citrix ingress controller image repository | | cic.imageRepository | Mandatory | `citrix/citrix-k8s-ingress-controller` | The Citrix ingress controller image repository |
| cic.imageTag | Mandatory | `1.28.2` | The Citrix ingress controller image tag | | cic.imageTag | Mandatory | `1.29.5` | The Citrix ingress controller image tag |
| cic.pullPolicy | Mandatory | IfNotPresent | The Citrix ingress controller image pull policy. | | cic.pullPolicy | Mandatory | IfNotPresent | The Citrix ingress controller image pull policy. |
| cic.required | Mandatory | true | CIC to be run as sidecar with Citrix ADC CPX | | cic.required | Mandatory | true | CIC to be run as sidecar with Citrix ADC CPX |
| cic.resources | Optional | {} | CPU/Memory resource requests/limits for Citrix Ingress Controller container | | cic.resources | Optional | {} | CPU/Memory resource requests/limits for Citrix Ingress Controller container |
@ -475,6 +475,9 @@ The following table lists the configurable parameters of the Citrix ADC CPX with
| nsHTTP2ServerSide | Optional | OFF | Set this argument to `ON` for enabling HTTP2 for Citrix ADC service group configurations. | | nsHTTP2ServerSide | Optional | OFF | Set this argument to `ON` for enabling HTTP2 for Citrix ADC service group configurations. |
| cpxLicenseAggregator | Optional | N/A | IP/FQDN of the CPX License Aggregator if it is being used to license the CPX. | | cpxLicenseAggregator | Optional | N/A | IP/FQDN of the CPX License Aggregator if it is being used to license the CPX. |
| nsCookieVersion | Optional | 0 | Specify the persistence cookie version (0 or 1). | | nsCookieVersion | Optional | 0 | Specify the persistence cookie version (0 or 1). |
| profileSslFrontend | Optional | N/A | Specify the frontend SSL profile. For Details see [Configuration using FRONTEND_SSL_PROFILE](https://docs.citrix.com/en-us/citrix-k8s-ingress-controller/configure/profiles.html#global-front-end-profile-configuration-using-configmap-variables) |
| profileTcpFrontend | Optional | N/A | Specify the frontend TCP profile. For Details see [Configuration using FRONTEND_TCP_PROFILE](https://docs.citrix.com/en-us/citrix-k8s-ingress-controller/configure/profiles.html#global-front-end-profile-configuration-using-configmap-variables) |
| profileHttpFrontend | Optional | N/A | Specify the frontend HTTP profile. For Details see [Configuration using FRONTEND_HTTP_PROFILE](https://docs.citrix.com/en-us/citrix-k8s-ingress-controller/configure/profiles.html#global-front-end-profile-configuration-using-configmap-variables) |
| logProxy | Optional | N/A | Provide Elasticsearch or Kafka or Zipkin endpoint for Citrix observability exporter. | | logProxy | Optional | N/A | Provide Elasticsearch or Kafka or Zipkin endpoint for Citrix observability exporter. |
| nsProtocol | Optional | http | Protocol http or https used for the communication between Citrix Ingress Controller and CPX | | nsProtocol | Optional | http | Protocol http or https used for the communication between Citrix Ingress Controller and CPX |
| cpxBgpRouter | Optional | false| If set to true, this CPX is deployed as daemonset in BGP controller mode wherein BGP advertisements are done for attracting external traffic to Kubernetes clusters | | cpxBgpRouter | Optional | false| If set to true, this CPX is deployed as daemonset in BGP controller mode wherein BGP advertisements are done for attracting external traffic to Kubernetes clusters |

2
charts/citrix/citrix-cpx-with-ingress-controller/templates/cic_crds.yaml
View File

@ -1815,7 +1815,7 @@ spec:
description: 'Location of customized error page to respond when json violations are hit' description: 'Location of customized error page to respond when json violations are hit'
type: string type: string
ip_reputation: ip_reputation:
type: object type: string
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
description: 'Enabling IP reputation feature' description: 'Enabling IP reputation feature'
target: target:

4
charts/citrix/citrix-cpx-with-ingress-controller/templates/citrix-k8s-cpx-ingress.yaml
View File

@ -129,6 +129,8 @@ spec:
name: shared-data name: shared-data
- mountPath: /cpx/ - mountPath: /cpx/
name: cpx-volume name: cpx-volume
- mountPath: /cpx/conf
name: cpx-volume-conf
{{- if .Values.cic.required }} {{- if .Values.cic.required }}
# Add cic as a sidecar # Add cic as a sidecar
- name: cic - name: cic
@ -301,6 +303,8 @@ spec:
emptyDir: {} emptyDir: {}
- name: cpx-volume - name: cpx-volume
emptyDir: {} emptyDir: {}
- name: cpx-volume-conf
emptyDir: {}
{{- if and .Values.nodeSelector.key .Values.nodeSelector.value }} {{- if and .Values.nodeSelector.key .Values.nodeSelector.value }}
nodeSelector: nodeSelector:
{{ .Values.nodeSelector.key }}: {{ .Values.nodeSelector.value }} {{ .Values.nodeSelector.key }}: {{ .Values.nodeSelector.value }}

15
charts/citrix/citrix-cpx-with-ingress-controller/templates/configmap.yaml
View File

@ -69,3 +69,18 @@ data:
hashFingers: {{ .Values.nsLbHashAlgo.hashFingers }} hashFingers: {{ .Values.nsLbHashAlgo.hashFingers }}
hashAlgorithm: {{ .Values.nsLbHashAlgo.hashAlgorithm | quote }} hashAlgorithm: {{ .Values.nsLbHashAlgo.hashAlgorithm | quote }}
{{- end }} {{- end }}
{{- if .Values.profileSslFrontend }}
FRONTEND_SSL_PROFILE: |
{{- toYaml .Values.profileSslFrontend | nindent 4 }}
{{- end }}
{{- if .Values.profileTcpFrontend }}
FRONTEND_TCP_PROFILE: |
{{- toYaml .Values.profileTcpFrontend | nindent 4 }}
{{- end }}
{{- if .Values.profileHttpFrontend }}
FRONTEND_HTTP_PROFILE: |
{{- toYaml .Values.profileHttpFrontend | nindent 4 }}
{{- end }}

23
charts/citrix/citrix-cpx-with-ingress-controller/values.yaml
View File

@ -5,7 +5,7 @@
# Citrix ADC CPX config details # Citrix ADC CPX config details
imageRegistry: quay.io imageRegistry: quay.io
imageRepository: citrix/citrix-k8s-cpx-ingress imageRepository: citrix/citrix-k8s-cpx-ingress
imageTag: 13.1-30.52 imageTag: 13.1-37.38
image: "{{ .Values.imageRegistry }}/{{ .Values.imageRepository }}:{{ .Values.imageTag }}" image: "{{ .Values.imageRegistry }}/{{ .Values.imageRepository }}:{{ .Values.imageTag }}"
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
imagePullSecrets: [] imagePullSecrets: []
@ -82,7 +82,7 @@ servicePorts: []
cic: cic:
imageRegistry: quay.io imageRegistry: quay.io
imageRepository: citrix/citrix-k8s-ingress-controller imageRepository: citrix/citrix-k8s-ingress-controller
imageTag: 1.28.2 imageTag: 1.29.5
image: "{{ .Values.cic.imageRegistry }}/{{ .Values.cic.imageRepository }}:{{ .Values.cic.imageTag }}" image: "{{ .Values.cic.imageRegistry }}/{{ .Values.cic.imageRepository }}:{{ .Values.cic.imageTag }}"
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
required: true required: true
@ -113,6 +113,25 @@ updateIngressStatus: False
logProxy: logProxy:
kubernetesURL: kubernetesURL:
disableOpenshiftRoutes: disableOpenshiftRoutes:
profileSslFrontend: {}
# preconfigured: my_ssl_profile
# OR
# config:
# tls13: 'ENABLED'
# hsts: 'ENABLED'
profileHttpFrontend: {}
# preconfigured: my_http_profile
# OR
# config:
# dropinvalreqs: 'ENABLED'
# websocket: 'ENABLED'
profileTcpFrontend: {}
# preconfigured: my_tcp_profile
# OR
# config:
# sack: 'ENABLED'
# nagle: 'ENABLED'
# Citrix ADM/License Server config details # Citrix ADM/License Server config details
ADMSettings: ADMSettings:

4
charts/citrix/citrix-ingress-controller/Chart.yaml
View File

@ -4,7 +4,7 @@ annotations:
catalog.cattle.io/kube-version: '>=v1.16.0-0' catalog.cattle.io/kube-version: '>=v1.16.0-0'
catalog.cattle.io/release-name: citrix-ingress-controller catalog.cattle.io/release-name: citrix-ingress-controller
apiVersion: v2 apiVersion: v2
appVersion: 1.28.2 appVersion: 1.29.5
description: A Helm chart for Citrix Ingress Controller configuring MPX/VPX. description: A Helm chart for Citrix Ingress Controller configuring MPX/VPX.
home: https://www.citrix.com home: https://www.citrix.com
icon: https://raw.githubusercontent.com/citrix/citrix-helm-charts/gh-pages/icon.png icon: https://raw.githubusercontent.com/citrix/citrix-helm-charts/gh-pages/icon.png
@ -17,4 +17,4 @@ maintainers:
name: citrix-ingress-controller name: citrix-ingress-controller
sources: sources:
- https://github.com/citrix/citrix-k8s-ingress-controller - https://github.com/citrix/citrix-k8s-ingress-controller
version: 1.28.2 version: 1.29.5

5
charts/citrix/citrix-ingress-controller/README.md
View File

@ -316,7 +316,7 @@ The following table lists the mandatory and optional parameters that you can con
| license.accept | Mandatory | no | Set `yes` to accept the CIC end user license agreement. | | license.accept | Mandatory | no | Set `yes` to accept the CIC end user license agreement. |
| imageRegistry | Mandatory | `quay.io` | The Citrix ingress controller image registry | | imageRegistry | Mandatory | `quay.io` | The Citrix ingress controller image registry |
| imageRepository | Mandatory | `citrix/citrix-k8s-ingress-controller` | The Citrix ingress controller image repository | | imageRepository | Mandatory | `citrix/citrix-k8s-ingress-controller` | The Citrix ingress controller image repository |
| imageTag | Mandatory | `1.28.2` | The Citrix ingress controller image tag | | imageTag | Mandatory | `1.29.5` | The Citrix ingress controller image tag |
| pullPolicy | Mandatory | IfNotPresent | The CIC image pull policy. | | pullPolicy | Mandatory | IfNotPresent | The CIC image pull policy. |
| imagePullSecrets | Optional | N/A | Provide list of Kubernetes secrets to be used for pulling the images from a private Docker registry or repository. For more information on how to create this secret please see [Pull an Image from a Private Registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). | | imagePullSecrets | Optional | N/A | Provide list of Kubernetes secrets to be used for pulling the images from a private Docker registry or repository. For more information on how to create this secret please see [Pull an Image from a Private Registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). |
| nameOverride | Optional | N/A | String to partially override deployment fullname template with a string (will prepend the release name) | | nameOverride | Optional | N/A | String to partially override deployment fullname template with a string (will prepend the release name) |
@ -351,6 +351,9 @@ The following table lists the mandatory and optional parameters that you can con
| ignoreNodeExternalIP | Optional | False | While adding NodeIP, as Service group members for type LoadBalancer services or NodePort services, Citrix Ingress Controller has a selection criteria whereas it choose Node ExternalIP if available and Node InternalIP, if Node ExternalIP is not present. But some users may want to use Node InternalIP over Node ExternalIP even if Node ExternalIP is present. If this variable is set to `True`, then it prioritises the Node Internal IP to be used for service group members even if node ExternalIP is present | | ignoreNodeExternalIP | Optional | False | While adding NodeIP, as Service group members for type LoadBalancer services or NodePort services, Citrix Ingress Controller has a selection criteria whereas it choose Node ExternalIP if available and Node InternalIP, if Node ExternalIP is not present. But some users may want to use Node InternalIP over Node ExternalIP even if Node ExternalIP is present. If this variable is set to `True`, then it prioritises the Node Internal IP to be used for service group members even if node ExternalIP is present |
| nsHTTP2ServerSide | Optional | OFF | Set this argument to `ON` for enabling HTTP2 for Citrix ADC service group configurations. | | nsHTTP2ServerSide | Optional | OFF | Set this argument to `ON` for enabling HTTP2 for Citrix ADC service group configurations. |
| nsCookieVersion | Optional | 0 | Specify the persistence cookie version (0 or 1). | | nsCookieVersion | Optional | 0 | Specify the persistence cookie version (0 or 1). |
| profileSslFrontend | Optional | N/A | Specify the frontend SSL profile. For Details see [Configuration using FRONTEND_SSL_PROFILE](https://docs.citrix.com/en-us/citrix-k8s-ingress-controller/configure/profiles.html#global-front-end-profile-configuration-using-configmap-variables) |
| profileTcpFrontend | Optional | N/A | Specify the frontend TCP profile. For Details see [Configuration using FRONTEND_TCP_PROFILE](https://docs.citrix.com/en-us/citrix-k8s-ingress-controller/configure/profiles.html#global-front-end-profile-configuration-using-configmap-variables) |
| profileHttpFrontend | Optional | N/A | Specify the frontend HTTP profile. For Details see [Configuration using FRONTEND_HTTP_PROFILE](https://docs.citrix.com/en-us/citrix-k8s-ingress-controller/configure/profiles.html#global-front-end-profile-configuration-using-configmap-variables) |
| ipam | Optional | False | Set this argument if you want to use the IPAM controller to automatically allocate an IP address to the service of type LoadBalancer. | | ipam | Optional | False | Set this argument if you want to use the IPAM controller to automatically allocate an IP address to the service of type LoadBalancer. |
| disableAPIServerCertVerify | Optional | False | Set this parameter to True for disabling API Server certificate verification. | | disableAPIServerCertVerify | Optional | False | Set this parameter to True for disabling API Server certificate verification. |
| logProxy | Optional | N/A | Provide Elasticsearch or Kafka or Zipkin endpoint for Citrix observability exporter. | | logProxy | Optional | N/A | Provide Elasticsearch or Kafka or Zipkin endpoint for Citrix observability exporter. |

2
charts/citrix/citrix-ingress-controller/templates/cic_crds.yaml
View File

@ -1815,7 +1815,7 @@ spec:
description: 'Location of customized error page to respond when json violations are hit' description: 'Location of customized error page to respond when json violations are hit'
type: string type: string
ip_reputation: ip_reputation:
type: object type: string
x-kubernetes-preserve-unknown-fields: true x-kubernetes-preserve-unknown-fields: true
description: 'Enabling IP reputation feature' description: 'Enabling IP reputation feature'
target: target:

15
charts/citrix/citrix-ingress-controller/templates/configmap.yaml
View File

@ -58,3 +58,18 @@ data:
hashFingers: {{ .Values.nsLbHashAlgo.hashFingers }} hashFingers: {{ .Values.nsLbHashAlgo.hashFingers }}
hashAlgorithm: {{ .Values.nsLbHashAlgo.hashAlgorithm | quote }} hashAlgorithm: {{ .Values.nsLbHashAlgo.hashAlgorithm | quote }}
{{- end }} {{- end }}
{{- if .Values.profileSslFrontend }}
FRONTEND_SSL_PROFILE: |
{{- toYaml .Values.profileSslFrontend | nindent 4 }}
{{- end }}
{{- if .Values.profileTcpFrontend }}
FRONTEND_TCP_PROFILE: |
{{- toYaml .Values.profileTcpFrontend | nindent 4 }}
{{- end }}
{{- if .Values.profileHttpFrontend }}
FRONTEND_HTTP_PROFILE: |
{{- toYaml .Values.profileHttpFrontend | nindent 4 }}
{{- end }}

20
charts/citrix/citrix-ingress-controller/values.yaml
View File

@ -5,7 +5,7 @@
# Citrix Ingress Controller config details # Citrix Ingress Controller config details
imageRegistry: quay.io imageRegistry: quay.io
imageRepository: citrix/citrix-k8s-ingress-controller imageRepository: citrix/citrix-k8s-ingress-controller
imageTag: 1.28.2 imageTag: 1.29.5
image: "{{ .Values.imageRegistry }}/{{ .Values.imageRepository }}:{{ .Values.imageTag }}" image: "{{ .Values.imageRegistry }}/{{ .Values.imageRepository }}:{{ .Values.imageTag }}"
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
imagePullSecrets: [] imagePullSecrets: []
@ -67,6 +67,24 @@ optimizeEndpointBinding:
routeLabels: routeLabels:
namespaceLabels: namespaceLabels:
disableOpenshiftRoutes: disableOpenshiftRoutes:
profileSslFrontend: {}
# preconfigured: my_ssl_profile
# OR
# config:
# tls13: 'ENABLED'
# hsts: 'ENABLED'
profileHttpFrontend: {}
# preconfigured: my_http_profile
# OR
# config:
# dropinvalreqs: 'ENABLED'
# websocket: 'ENABLED'
profileTcpFrontend: {}
# preconfigured: my_tcp_profile
# OR
# config:
# sack: 'ENABLED'
# nagle: 'ENABLED'
# Exporter config details # Exporter config details
exporter: exporter:

6
charts/crate/crate-operator/Chart.lock
View File

@ -1,6 +1,6 @@
dependencies: dependencies:
- name: crate-operator-crds - name: crate-operator-crds
repository: file://../crate-operator-crds repository: file://../crate-operator-crds
version: 2.20.0 version: 2.22.0
digest: sha256:204873fcb33f361a558b333f431174c3b9bfcf6ea266c1f022cf5d11f24c66de digest: sha256:ea59e13300da29acfb32097bfb382649618e7bf503248896fc5c9a66846ee36a
generated: "2022-12-15T15:11:32.447020049Z" generated: "2023-01-31T14:30:10.49197227Z"

6
charts/crate/crate-operator/Chart.yaml
View File

@ -3,16 +3,16 @@ annotations:
catalog.cattle.io/display-name: CrateDB Operator catalog.cattle.io/display-name: CrateDB Operator
catalog.cattle.io/release-name: crate-operator catalog.cattle.io/release-name: crate-operator
apiVersion: v2 apiVersion: v2
appVersion: 2.20.0 appVersion: 2.22.0
dependencies: dependencies:
- condition: crate-operator-crds.enabled - condition: crate-operator-crds.enabled
name: crate-operator-crds name: crate-operator-crds
repository: file://./charts/crate-operator-crds repository: file://./charts/crate-operator-crds
version: 2.20.0 version: 2.22.0
description: Crate Operator - Helm chart for installing and upgrading Crate Operator. description: Crate Operator - Helm chart for installing and upgrading Crate Operator.
icon: https://raw.githubusercontent.com/crate/crate/master/docs/_static/crate-logo.svg icon: https://raw.githubusercontent.com/crate/crate/master/docs/_static/crate-logo.svg
maintainers: maintainers:
- name: Crate.io - name: Crate.io
name: crate-operator name: crate-operator
type: application type: application
version: 2.20.0 version: 2.22.0

4
charts/crate/crate-operator/charts/crate-operator-crds/Chart.yaml
View File

@ -1,9 +1,9 @@
apiVersion: v2 apiVersion: v2
appVersion: 2.20.0 appVersion: 2.22.0
description: Crate Operator CRDs - Helm chart for installing and upgrading Custom description: Crate Operator CRDs - Helm chart for installing and upgrading Custom
Resource Definitions (CRDs) for the Crate Operator. Resource Definitions (CRDs) for the Crate Operator.
maintainers: maintainers:
- name: Crate.io - name: Crate.io
name: crate-operator-crds name: crate-operator-crds
type: application type: application
version: 2.20.0 version: 2.22.0

4
charts/gitlab/gitlab/CHANGELOG.md
View File

@ -2,6 +2,10 @@
documentation](doc/development/changelog.md) for instructions on adding your own documentation](doc/development/changelog.md) for instructions on adding your own
entry. entry.
## 6.8.1 (2023-01-30)
No changes.
## 6.8.0 (2023-01-20) ## 6.8.0 (2023-01-20)
### Added (4 changes) ### Added (4 changes)

4
charts/gitlab/gitlab/Chart.yaml
View File

@ -3,7 +3,7 @@ annotations:
catalog.cattle.io/display-name: GitLab catalog.cattle.io/display-name: GitLab
catalog.cattle.io/release-name: gitlab catalog.cattle.io/release-name: gitlab
apiVersion: v1 apiVersion: v1
appVersion: 15.8.0 appVersion: 15.8.1
description: The One DevOps Platform description: The One DevOps Platform
home: https://about.gitlab.com/ home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.png icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.png
@ -15,4 +15,4 @@ maintainers:
name: gitlab name: gitlab
sources: sources:
- https://gitlab.com/gitlab-org/charts/gitlab - https://gitlab.com/gitlab-org/charts/gitlab
version: 6.8.0 version: 6.8.1

4
charts/gitlab/gitlab/charts/gitlab/charts/geo-logcursor/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v1 apiVersion: v1
appVersion: 15.8.0 appVersion: 15.8.1
description: GitLab Geo logcursor description: GitLab Geo logcursor
home: https://about.gitlab.com/ home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -12,4 +12,4 @@ name: geo-logcursor
sources: sources:
- https://gitlab.com/charts/gitlab/tree/master/charts/gitlab/charts/geo-logcursor - https://gitlab.com/charts/gitlab/tree/master/charts/gitlab/charts/geo-logcursor
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-rails - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-rails
version: 6.8.0 version: 6.8.1

4
charts/gitlab/gitlab/charts/gitlab/charts/gitaly/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v1 apiVersion: v1
appVersion: 15.8.0 appVersion: 15.8.1
description: Git RPC service for handling all the git calls made by GitLab description: Git RPC service for handling all the git calls made by GitLab
home: https://about.gitlab.com/ home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -13,4 +13,4 @@ name: gitaly
sources: sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitaly - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitaly
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitaly - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitaly
version: 6.8.0 version: 6.8.1

2
charts/gitlab/gitlab/charts/gitlab/charts/gitlab-exporter/Chart.yaml
View File

@ -14,4 +14,4 @@ sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-exporter - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-exporter
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-exporter - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-exporter
- https://gitlab.com/gitlab-org/gitlab-exporter - https://gitlab.com/gitlab-org/gitlab-exporter
version: 6.8.0 version: 6.8.1

4
charts/gitlab/gitlab/charts/gitlab/charts/gitlab-grafana/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v1 apiVersion: v1
appVersion: 15.8.0 appVersion: 15.8.1
description: Adapt the Grafana chart to interface to the GitLab App description: Adapt the Grafana chart to interface to the GitLab App
home: https://about.gitlab.com/ home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -13,4 +13,4 @@ name: gitlab-grafana
sources: sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-grafana - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-grafana
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-grafana - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-grafana
version: 6.8.0 version: 6.8.1

4
charts/gitlab/gitlab/charts/gitlab/charts/gitlab-pages/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v1 apiVersion: v1
appVersion: 15.8.0 appVersion: 15.8.1
description: Daemon for serving static websites from GitLab projects description: Daemon for serving static websites from GitLab projects
home: https://about.gitlab.com/ home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -14,4 +14,4 @@ sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-pages - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-pages
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-pages - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-pages
- https://gitlab.com/gitlab-org/gitlab-pages - https://gitlab.com/gitlab-org/gitlab-pages
version: 6.8.0 version: 6.8.1

2
charts/gitlab/gitlab/charts/gitlab/charts/gitlab-shell/Chart.yaml
View File

@ -14,4 +14,4 @@ name: gitlab-shell
sources: sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-shell - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-shell
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-shell - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-shell
version: 6.8.0 version: 6.8.1

2
charts/gitlab/gitlab/charts/gitlab/charts/kas/Chart.yaml
View File

@ -17,4 +17,4 @@ name: kas
sources: sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-kas - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-kas
- https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent - https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent
version: 6.8.0 version: 6.8.1

2
charts/gitlab/gitlab/charts/gitlab/charts/mailroom/Chart.yaml
View File

@ -13,4 +13,4 @@ name: mailroom
sources: sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/mailroom - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/mailroom
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-mailroom - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-mailroom
version: 6.8.0 version: 6.8.1

4
charts/gitlab/gitlab/charts/gitlab/charts/migrations/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v1 apiVersion: v1
appVersion: 15.8.0 appVersion: 15.8.1
description: Database migrations and other versioning tasks for upgrading Gitlab description: Database migrations and other versioning tasks for upgrading Gitlab
home: https://about.gitlab.com/ home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -12,4 +12,4 @@ name: migrations
sources: sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/migrations - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/migrations
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-rails - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-rails
version: 6.8.0 version: 6.8.1

4
charts/gitlab/gitlab/charts/gitlab/charts/praefect/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v1 apiVersion: v1
appVersion: 15.8.0 appVersion: 15.8.1
description: Praefect is a router and transaction manager for Gitaly, and a required description: Praefect is a router and transaction manager for Gitaly, and a required
component for running a Gitaly Cluster. component for running a Gitaly Cluster.
home: https://about.gitlab.com/ home: https://about.gitlab.com/
@ -16,4 +16,4 @@ sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/praefect - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/praefect
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitaly - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitaly
- https://gitlab.com/gitlab-org/gitaly/-/tree/master/cmd/praefect - https://gitlab.com/gitlab-org/gitaly/-/tree/master/cmd/praefect
version: 6.8.0 version: 6.8.1

4
charts/gitlab/gitlab/charts/gitlab/charts/sidekiq/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v1 apiVersion: v1
appVersion: 15.8.0 appVersion: 15.8.1
description: Gitlab Sidekiq for asynchronous task processing in rails description: Gitlab Sidekiq for asynchronous task processing in rails
home: https://about.gitlab.com/ home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -13,4 +13,4 @@ name: sidekiq
sources: sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/sidekiq - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/sidekiq
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-sidekiq - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-sidekiq
version: 6.8.0 version: 6.8.1

2
charts/gitlab/gitlab/charts/gitlab/charts/spamcheck/Chart.yaml
View File

@ -14,4 +14,4 @@ name: spamcheck
sources: sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/spamcheck - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/spamcheck
- https://gitlab.com/gitlab-org/spamcheck - https://gitlab.com/gitlab-org/spamcheck
version: 6.8.0 version: 6.8.1

4
charts/gitlab/gitlab/charts/gitlab/charts/toolbox/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v1 apiVersion: v1
appVersion: 15.8.0 appVersion: 15.8.1
description: For manually running rake tasks through kubectl description: For manually running rake tasks through kubectl
home: https://about.gitlab.com/ home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -13,4 +13,4 @@ name: toolbox
sources: sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/toolbox - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/toolbox
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-toolbox - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-toolbox
version: 6.8.0 version: 6.8.1

4
charts/gitlab/gitlab/charts/gitlab/charts/webservice/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v1 apiVersion: v1
appVersion: 15.8.0 appVersion: 15.8.1
description: HTTP server for Gitlab description: HTTP server for Gitlab
home: https://about.gitlab.com/ home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -14,4 +14,4 @@ name: webservice
sources: sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/webservice - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/webservice
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-webservice - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-webservice
version: 6.8.0 version: 6.8.1

2
charts/gitlab/gitlab/requirements.lock
View File

@ -33,4 +33,4 @@ dependencies:
repository: "" repository: ""
version: '*.*.*' version: '*.*.*'
digest: sha256:c875719651c62cf5fd5d202fc90cb3519c6268e4fe37d68eddf247da2c7c317f digest: sha256:c875719651c62cf5fd5d202fc90cb3519c6268e4fe37d68eddf247da2c7c317f
generated: "2023-01-22T13:24:31.4249885Z" generated: "2023-01-31T12:08:44.946412334Z"

4
charts/instana/instana-agent/Chart.yaml
View File

@ -9,7 +9,7 @@ annotations:
catalog.cattle.io/kube-version: '>=1.21-0' catalog.cattle.io/kube-version: '>=1.21-0'
catalog.cattle.io/release-name: instana-agent catalog.cattle.io/release-name: instana-agent
apiVersion: v2 apiVersion: v2
appVersion: 1.239.0 appVersion: 1.241.0
description: Instana Agent for Kubernetes description: Instana Agent for Kubernetes
home: https://www.instana.com/ home: https://www.instana.com/
icon: https://agents.instana.io/helm/stan-logo-2020.png icon: https://agents.instana.io/helm/stan-logo-2020.png
@ -23,4 +23,4 @@ maintainers:
name: instana-agent name: instana-agent
sources: sources:
- https://github.com/instana/instana-agent-docker - https://github.com/instana/instana-agent-docker
version: 1.2.50 version: 1.2.52

33
charts/instana/instana-agent/README.md
View File

@ -45,7 +45,7 @@ As described by the [Install Using the Helm Chart](https://www.instana.com/docs/
* `agent.endpointPort` * `agent.endpointPort`
* `agent.key` * `agent.key`
_Note:_ You can find the options mentioned in the [configuration section below](#configuration) _Note:_ You can find the options mentioned in the [configuration section below](#Configuration-Reference)
If your agents report into a self-managed Instana unit (also known as "on-prem"), you will also need to configure a "download key", which allows the agent to fetch its components from the Instana repository. If your agents report into a self-managed Instana unit (also known as "on-prem"), you will also need to configure a "download key", which allows the agent to fetch its components from the Instana repository.
The download key is set via the following value: The download key is set via the following value:
@ -77,7 +77,7 @@ The following table lists the configurable parameters of the Instana chart and t
| Parameter | Description | Default | | Parameter | Description | Default |
|-----------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------| |-----------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------|
| `agent.configuration_yaml` | Custom content for the agent configuration.yaml file | `nil` See [below](#agent) for more details | | `agent.configuration_yaml` | Custom content for the agent configuration.yaml file | `nil` See [below](#Agent-Configuration) for more details |
| `agent.configuration.autoMountConfigEntries` | (Experimental, needs Helm 3.1+) Automatically look up the entries of the default `instana-agent` ConfigMap, and mount as agent configuration files in the `instana-agent` container under the `/opt/instana/agent/etc/instana` directory all ConfigMap entries with keys that match the `configuration-*.yaml` scheme. | `false` | | `agent.configuration.autoMountConfigEntries` | (Experimental, needs Helm 3.1+) Automatically look up the entries of the default `instana-agent` ConfigMap, and mount as agent configuration files in the `instana-agent` container under the `/opt/instana/agent/etc/instana` directory all ConfigMap entries with keys that match the `configuration-*.yaml` scheme. | `false` |
| `agent.configuration.hotreloadEnabled` | Enables hot-reload of a configuration.yaml upon changes in the `instana-agent` ConfigMap without requiring a restart of a pod | `false` | | `agent.configuration.hotreloadEnabled` | Enables hot-reload of a configuration.yaml upon changes in the `instana-agent` ConfigMap without requiring a restart of a pod | `false` |
| `agent.endpointHost` | Instana Agent backend endpoint host | `ingress-red-saas.instana.io` (US and ROW). If in Europe, please override with `ingress-blue-saas.instana.io` | | `agent.endpointHost` | Instana Agent backend endpoint host | `ingress-red-saas.instana.io` (US and ROW). If in Europe, please override with `ingress-blue-saas.instana.io` |
@ -121,25 +121,26 @@ The following table lists the configurable parameters of the Instana chart and t
| `leaderElector.image.name` | The elector image name to pull | `instana/leader-elector` | | `leaderElector.image.name` | The elector image name to pull | `instana/leader-elector` |
| `leaderElector.image.digest` | The image digest to pull; if specified, it causes `leaderElector.image.tag` to be ignored | `nil` | | `leaderElector.image.digest` | The image digest to pull; if specified, it causes `leaderElector.image.tag` to be ignored | `nil` |
| `leaderElector.image.tag` | The image tag to pull; this property is ignored if `leaderElector.image.digest` is specified | `latest` | | `leaderElector.image.tag` | The image tag to pull; this property is ignored if `leaderElector.image.digest` is specified | `latest` |
| `k8s_sensor.deployment.enabled` | Isolate k8sensor with a deployment (tech preview) | `false` | | `k8s_sensor.deployment.enabled` | Isolate k8sensor with a deployment (tech preview) | `false` |
| `k8s_sensor.image.name` | The k8sensor image name to pull | `gcr.io/instana/k8sensor` | | `k8s_sensor.image.name` | The k8sensor image name to pull | `gcr.io/instana/k8sensor` |
| `k8s_sensor.image.digest` | The image digest to pull; if specified, it causes `k8s_sensor.image.tag` to be ignored | `nil` | | `k8s_sensor.image.digest` | The image digest to pull; if specified, it causes `k8s_sensor.image.tag` to be ignored | `nil` |
| `k8s_sensor.image.tag` | The image tag to pull; this property is ignored if `k8s_sensor.image.digest` is specified | `latest` | | `k8s_sensor.image.tag` | The image tag to pull; this property is ignored if `k8s_sensor.image.digest` is specified | `latest` |
| `k8s_sensor.deployment.pod.limits.cpu` | CPU request for the `k8sensor` pods (tech preview) | `4` | | `k8s_sensor.deployment.pod.limits.cpu` | CPU request for the `k8sensor` pods (tech preview) | `4` |
| `k8s_sensor.deployment.pod.limits.memory` | Memory request limits for the `k8sensor` pods (tech preview) | `6144Mi` | | `k8s_sensor.deployment.pod.limits.memory` | Memory request limits for the `k8sensor` pods (tech preview) | `6144Mi` |
| `k8s_sensor.deployment.pod.requests.cpu` | CPU limit for the `k8sensor` pods (tech preview) | `1.5` | | `k8s_sensor.deployment.pod.requests.cpu` | CPU limit for the `k8sensor` pods (tech preview) | `1.5` |
| `k8s_sensor.deployment.pod.requests.memory` | Memory limit for the `k8sensor` pods (tech preview) | `1024Mi` | | `k8s_sensor.deployment.pod.requests.memory` | Memory limit for the `k8sensor` pods (tech preview) | `1024Mi` |
| `podSecurityPolicy.enable` | Whether a PodSecurityPolicy should be authorized for the Instana Agent pods. Requires `rbac.create` to be `true` as well. | `false` See [PodSecurityPolicy](https://docs.instana.io/setup_and_manage/host_agent/on/kubernetes/#podsecuritypolicy) for more details. | | `podSecurityPolicy.enable` | Whether a PodSecurityPolicy should be authorized for the Instana Agent pods. Requires `rbac.create` to be `true` as well. | `false` See [PodSecurityPolicy](https://docs.instana.io/setup_and_manage/host_agent/on/kubernetes/#podsecuritypolicy) for more details. |
| `podSecurityPolicy.name` | Name of an _existing_ PodSecurityPolicy to authorize for the Instana Agent pods. If not provided and `podSecurityPolicy.enable` is `true`, a PodSecurityPolicy will be created for you. | `nil` | | `podSecurityPolicy.name` | Name of an _existing_ PodSecurityPolicy to authorize for the Instana Agent pods. If not provided and `podSecurityPolicy.enable` is `true`, a PodSecurityPolicy will be created for you. | `nil` |
| `rbac.create` | Whether RBAC resources should be created | `true` | | `rbac.create` | Whether RBAC resources should be created | `true` |
| `openshift` | Whether to install the Helm chart as needed in OpenShift; this setting implies `rbac.create=true` | `false` | | `openshift` | Whether to install the Helm chart as needed in OpenShift; this setting implies `rbac.create=true` | `false` |
| `opentelemetry.enabled` | Whether to configure the agent to accept telemetry from OpenTelemetry applications. This option also implies `service.create=true`, and requires Kubernetes 1.21+, as it relies on `internalTrafficPolicy`. | `false` | | `opentelemetry.grpc.enabled` | Whether to configure the agent to accept telemetry from OpenTelemetry applications via gRPC. This option also implies `service.create=true`, and requires Kubernetes 1.21+, as it relies on `internalTrafficPolicy`. | `false` |
| `prometheus.remoteWrite.enabled` | Whether to configure the agent to accept metrics over its implementation of the `remote_write` Prometheus endpoint. This option also implies `service.create=true`, and requires Kubernetes 1.21+, as it relies on `internalTrafficPolicy`. | `false` | | `opentelemetry.http.enabled` | Whether to configure the agent to accept telemetry from OpenTelemetry applications via HTTP. This option also implies `service.create=true`, and requires Kubernetes 1.21+, as it relies on `internalTrafficPolicy`. | `false` |
| `service.create` | Whether to create a service that exposes the agents' Prometheus, OpenTelemetry and other APIs inside the cluster. Requires Kubernetes 1.21+, as it relies on `internalTrafficPolicy`. The `ServiceInternalTrafficPolicy` feature gate needs to be enabled (default: enabled). | `false` | | `prometheus.remoteWrite.enabled` | Whether to configure the agent to accept metrics over its implementation of the `remote_write` Prometheus endpoint. This option also implies `service.create=true`, and requires Kubernetes 1.21+, as it relies on `internalTrafficPolicy`. | `false` |
| `service.create` | Whether to create a service that exposes the agents' Prometheus, OpenTelemetry and other APIs inside the cluster. Requires Kubernetes 1.21+, as it relies on `internalTrafficPolicy`. The `ServiceInternalTrafficPolicy` feature gate needs to be enabled (default: enabled). | `false` |
| `serviceAccount.create` | Whether a ServiceAccount should be created | `true` | | `serviceAccount.create` | Whether a ServiceAccount should be created | `true` |
| `serviceAccount.name` | Name of the ServiceAccount to use | `instana-agent` | | `serviceAccount.name` | Name of the ServiceAccount to use | `instana-agent` |
| `zone.name` | Zone that detected technologies will be assigned to | `nil` You must provide either `zone.name` or `cluster.name`, see [above](#installing-the-chart) for details | | `zone.name` | Zone that detected technologies will be assigned to | `nil` You must provide either `zone.name` or `cluster.name`, see [above](#Installation) for details |
| `zones` | Multi-zone daemonset configuration. | `nil` see [below](#multiple-zones) for details | | `zones` | Multi-zone daemonset configuration. | `nil` see [below](#multiple-zones) for details |
### Agent Modes ### Agent Modes
@ -156,7 +157,7 @@ Besides the settings listed above, there are many more settings that can be appl
An overview of the settings that can be applied is provided in the [Agent Configuration File](https://www.instana.com/docs/setup_and_manage/host_agent/configuration#agent-configuration-file) documentation. An overview of the settings that can be applied is provided in the [Agent Configuration File](https://www.instana.com/docs/setup_and_manage/host_agent/configuration#agent-configuration-file) documentation.
To configure the agent, you can either: To configure the agent, you can either:
* edit the [config map](templates/configmap.yaml), or * edit the [config map](templates/agent-configmap.yaml), or
* provide the configuration via the `agent.configuration_yaml` parameter in [values.yaml](values.yaml) * provide the configuration via the `agent.configuration_yaml` parameter in [values.yaml](values.yaml)
This configuration will be used for all Instana Agents on all nodes. Visit the [agent configuration documentation](https://docs.instana.io/setup_and_manage/host_agent/#agent-configuration-file) for more details on configuration options. This configuration will be used for all Instana Agents on all nodes. Visit the [agent configuration documentation](https://docs.instana.io/setup_and_manage/host_agent/#agent-configuration-file) for more details on configuration options.

8
charts/instana/instana-agent/templates/_helpers.tpl
View File

@ -329,3 +329,11 @@ failureThreshold: 3
value: {{ $value | quote }} value: {{ $value | quote }}
{{- end }} {{- end }}
{{- end -}} {{- end -}}
{{/*NOTE: These are nested templates not functions, if I format this to make it readable then it won't work the way */}}
{{/*we need it to since all of the newlines and spaces will be included into the output. Helm is */}}
{{/*not fundamentally designed to do what we are doing here.*/}}
{{- define "instana-agent.opentelemetry.grpc.isEnabled" -}}{{ if hasKey .Values "opentelemetry" }}{{ if hasKey .Values.opentelemetry "grpc" }}{{ if hasKey .Values.opentelemetry.grpc "enabled" }}{{ .Values.opentelemetry.grpc.enabled }}{{ else }}{{ true }}{{ end }}{{ else }}{{ if hasKey .Values.opentelemetry "enabled" }}{{ .Values.opentelemetry.enabled }}{{ else }}{{ false }}{{ end }}{{ end }}{{ else }}{{ false }}{{ end }}{{- end -}}
{{- define "instana-agent.opentelemetry.http.isEnabled" -}}{{ if hasKey .Values "opentelemetry" }}{{ if hasKey .Values.opentelemetry "http" }}{{ if hasKey .Values.opentelemetry.http "enabled" }}{{ .Values.opentelemetry.http.enabled }}{{ else }}{{ true }}{{ end }}{{ else }}{{ false }}{{ end }}{{ else }}{{ false }}{{ end }}{{- end -}}

7
charts/instana/instana-agent/templates/agent-configmap.yaml
View File

@ -16,11 +16,10 @@ data:
{{ .Values.agent.configuration_yaml | nindent 4 }} {{ .Values.agent.configuration_yaml | nindent 4 }}
{{- end }} {{- end }}
{{- if .Values.opentelemetry.enabled }} {{ if or (eq "true" (include "instana-agent.opentelemetry.grpc.isEnabled" .)) (eq "true" (include "instana-agent.opentelemetry.http.isEnabled" .)) }}
configuration-opentelemetry.yaml: | configuration-opentelemetry.yaml: |
com.instana.plugin.opentelemetry: com.instana.plugin.opentelemetry: {{ toYaml .Values.opentelemetry | nindent 6 }}
enabled: true {{ end }}
{{- end }}
{{- if .Values.prometheus.remoteWrite.enabled }} {{- if .Values.prometheus.remoteWrite.enabled }}
configuration-prometheus-remote-write.yaml: | configuration-prometheus-remote-write.yaml: |

2
charts/instana/instana-agent/templates/agent-daemonset-with-zones.yaml
View File

@ -129,7 +129,7 @@ spec:
subPath: configuration-disable-kubernetes-sensor.yaml subPath: configuration-disable-kubernetes-sensor.yaml
mountPath: /opt/instana/agent/etc/instana/configuration-disable-kubernetes-sensor.yaml mountPath: /opt/instana/agent/etc/instana/configuration-disable-kubernetes-sensor.yaml
{{- end }} {{- end }}
{{- if $.Values.opentelemetry.enabled }} {{- if or (eq "true" (include "instana-agent.opentelemetry.grpc.isEnabled" .)) (eq "true" (include "instana-agent.opentelemetry.http.isEnabled" .)) }}
- name: configuration - name: configuration
subPath: configuration-opentelemetry.yaml subPath: configuration-opentelemetry.yaml
mountPath: /opt/instana/agent/etc/instana/configuration-opentelemetry.yaml mountPath: /opt/instana/agent/etc/instana/configuration-opentelemetry.yaml

2
charts/instana/instana-agent/templates/agent-daemonset.yaml
View File

@ -123,7 +123,7 @@ spec:
subPath: configuration-disable-kubernetes-sensor.yaml subPath: configuration-disable-kubernetes-sensor.yaml
mountPath: /opt/instana/agent/etc/instana/configuration-disable-kubernetes-sensor.yaml mountPath: /opt/instana/agent/etc/instana/configuration-disable-kubernetes-sensor.yaml
{{- end }} {{- end }}
{{- if .Values.opentelemetry.enabled }} {{- if or (eq "true" (include "instana-agent.opentelemetry.grpc.isEnabled" .)) (eq "true" (include "instana-agent.opentelemetry.http.isEnabled" .)) }}
- name: configuration - name: configuration
subPath: configuration-opentelemetry.yaml subPath: configuration-opentelemetry.yaml
mountPath: /opt/instana/agent/etc/instana/configuration-opentelemetry.yaml mountPath: /opt/instana/agent/etc/instana/configuration-opentelemetry.yaml

11
charts/instana/instana-agent/templates/service.yaml
View File

@ -1,4 +1,4 @@
{{- if or .Values.service.create (or .Values.opentelemetry.enabled .Values.prometheus.remoteWrite.enabled ) -}} {{- if or .Values.service.create (eq "true" (include "instana-agent.opentelemetry.grpc.isEnabled" .)) (eq "true" (include "instana-agent.opentelemetry.http.isEnabled" .)) .Values.prometheus.remoteWrite.enabled -}}
--- ---
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
@ -16,7 +16,7 @@ spec:
protocol: TCP protocol: TCP
port: 42699 port: 42699
targetPort: 42699 targetPort: 42699
{{- if .Values.opentelemetry.enabled }} {{ if eq "true" (include "instana-agent.opentelemetry.grpc.isEnabled" .) }}
# OpenTelemetry original default port # OpenTelemetry original default port
- name: opentelemetry - name: opentelemetry
protocol: TCP protocol: TCP
@ -28,6 +28,13 @@ spec:
port: 4317 port: 4317
targetPort: 4317 targetPort: 4317
{{- end -}} {{- end -}}
{{ if eq "true" (include "instana-agent.opentelemetry.http.isEnabled" .) }}
# OpenTelemetry HTTP port
- name: opentelemetry-http
protocol: TCP
port: 4318
targetPort: 4318
{{- end -}}
{{- $kubeVersion := .Capabilities.KubeVersion.Version -}} {{- $kubeVersion := .Capabilities.KubeVersion.Version -}}
{{- if (regexMatch "\\d+\\.\\d+\\.\\d+-(?:eks|gke).+" $kubeVersion) -}} {{- if (regexMatch "\\d+\\.\\d+\\.\\d+-(?:eks|gke).+" $kubeVersion) -}}

9
charts/instana/instana-agent/values.yaml
View File

@ -198,8 +198,12 @@ service:
# Note: Requires Kubernetes 1.17+, as it uses topologyKeys # Note: Requires Kubernetes 1.17+, as it uses topologyKeys
create: false create: false
opentelemetry: #opentelemetry:
enabled: false # If true, it will also apply `service.create=true` # enabled: false # legacy setting, will only enable grpc, defaults to false
# grpc:
# enabled: false # takes precedence over legacy settings above, defaults to true if "grpc:" is present
# http:
# enabled: false # allows to enable http endpoints, defaults to true if "http:" is present
prometheus: prometheus:
remoteWrite: remoteWrite:
@ -251,6 +255,7 @@ k8s_sensor:
memory: 1536Mi memory: 1536Mi
# k8s_sensor.deployment.pod.limits.cpu sets the CPU units allocation limits for the agent pods. # k8s_sensor.deployment.pod.limits.cpu sets the CPU units allocation limits for the agent pods.
cpu: 500m cpu: 500m
kubernetes: kubernetes:
# Configures use of a Deployment for the Kubernetes sensor rather than as a potential member of the DaemonSet. Is only accepted if k8s_sensor.deployment.enabled=false # Configures use of a Deployment for the Kubernetes sensor rather than as a potential member of the DaemonSet. Is only accepted if k8s_sensor.deployment.enabled=false
deployment: deployment:

10
charts/jfrog/artifactory-ha/CHANGELOG.md
View File

@ -1,11 +1,15 @@
# JFrog Artifactory-ha Chart Changelog # JFrog Artifactory-ha Chart Changelog
All changes to this chart will be documented in this file All changes to this chart will be documented in this file
## [107.49.5] - Dec 16, 2022 ## [107.49.6] - Jan 20, 2023
* Updated postgresql tag version to `13.9.0-debian-11-r11` * Updated postgresql tag version to `13.9.0-debian-11-r11`
* Fixed make lint issue on artifactory-ha chart [GH-1714](https://github.com/jfrog/charts/issues/1714)
* Updated initContainerImage and logger image to `ubi8/ubi-minimal:8.7.1049`
* Fixed an issue for capabilities check of ingress
* Updated jfrogUrl text path in migrate.sh file
* Added a note that from 107.46.x chart versions, `copyOnEveryStartup` is not needed for binarystore.xml, it is always copied via initContainers. For more Info, Refer [GH-1723](https://github.com/jfrog/charts/issues/1723)
## [107.49.0] - Dec 14, 2022 ## [107.49.0] - Jan 16, 2023
* Updated initContainerImage and logger image to `ubi8/ubi-micro:8.7.1`
* Changed logic in wait-for-primary container to use /dev/tcp instead of curl * Changed logic in wait-for-primary container to use /dev/tcp instead of curl
* Added support for setting `seLinuxOptions` in `securityContext` [GH-1700](https://github.com/jfrog/charts/pull/1700) * Added support for setting `seLinuxOptions` in `securityContext` [GH-1700](https://github.com/jfrog/charts/pull/1700)
* Added option to enable/disable proxy_request_buffering and proxy_buffering_off [GH-1686](https://github.com/jfrog/charts/pull/1686) * Added option to enable/disable proxy_request_buffering and proxy_buffering_off [GH-1686](https://github.com/jfrog/charts/pull/1686)

4
charts/jfrog/artifactory-ha/Chart.yaml
View File

@ -4,7 +4,7 @@ annotations:
catalog.cattle.io/kube-version: '>= 1.14.0-0' catalog.cattle.io/kube-version: '>= 1.14.0-0'
catalog.cattle.io/release-name: artifactory-ha catalog.cattle.io/release-name: artifactory-ha
apiVersion: v2 apiVersion: v2
appVersion: 7.49.5 appVersion: 7.49.6
dependencies: dependencies:
- condition: postgresql.enabled - condition: postgresql.enabled
name: postgresql name: postgresql
@ -26,4 +26,4 @@ name: artifactory-ha
sources: sources:
- https://github.com/jfrog/charts - https://github.com/jfrog/charts
type: application type: application
version: 107.49.5 version: 107.49.6

Some files were not shown because too many files have changed in this diff Show More