Charts CI

```
Updated:
  gluu/gluu:
    - 5.1.2
  jfrog/artifactory-ha:
    - 107.84.14
  jfrog/artifactory-jcr:
    - 107.84.14
  percona/psmdb-db:
    - 1.16.1
```
pull/1030/head
github-actions[bot] 2024-06-07 00:58:02 +00:00
parent 8f284a56ec
commit 8a87c4d951
99 changed files with 3683 additions and 2801 deletions
charts

Binary file not shown.

BIN
assets/gluu/gluu-5.1.2.tgz Normal file

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

View File

@ -2,27 +2,29 @@ annotations:
artifacthub.io/containsSecurityUpdates: "true"
artifacthub.io/images: |
- name: auth-server
image: ghcr.io/janssenproject/jans/auth-server:1.1.1-1
image: ghcr.io/janssenproject/jans/auth-server:1.1.2-2
- name: auth-server-key-rotation
image: ghcr.io/janssenproject/jans/certmanager:1.1.1-1
image: ghcr.io/janssenproject/jans/certmanager:1.1.2-2
- name: configuration-manager
image: ghcr.io/janssenproject/jans/configurator:1.1.1-1
image: ghcr.io/janssenproject/jans/configurator:1.1.2-2
- name: config-api
image: ghcr.io/janssenproject/jans/config-api:1.1.1-1
image: ghcr.io/janssenproject/jans/config-api:1.1.2-2
- name: fido2
image: ghcr.io/janssenproject/jans/fido2:1.1.1-1
image: ghcr.io/janssenproject/jans/fido2:1.1.2-2
- name: persistence
image: ghcr.io/janssenproject/jans/persistence-loader:1.1.1-1
image: ghcr.io/janssenproject/jans/persistence-loader:1.1.2-2
- name: scim
image: ghcr.io/janssenproject/jans/scim:1.1.1-1
image: ghcr.io/janssenproject/jans/scim:1.1.2-2
- name: casa
image: ghcr.io/janssenproject/jans/casa:1.1.1-1
image: ghcr.io/janssenproject/jans/casa:1.1.2-2
- name: admin-ui
image: ghcr.io/gluufederation/flex/admin-ui:5.1.1-1
image: ghcr.io/gluufederation/flex/admin-ui:5.1.2-1
- name: link
image: ghcr.io/janssenproject/jans/link:1.1.1-1
image: ghcr.io/janssenproject/jans/link:1.1.2-2
- name: saml
image: ghcr.io/janssenproject/jans/saml:1.1.1-1
image: ghcr.io/janssenproject/jans/saml:1.1.2-2
- name: kc-scheduler
image: ghcr.io/janssenproject/jans/kc-scheduler:1.1.2-2
artifacthub.io/license: Apache-2.0
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Gluu Cloud Identity and Access Management
@ -30,64 +32,68 @@ annotations:
catalog.cattle.io/kube-version: '>=v1.21.0-0'
catalog.cattle.io/release-name: gluu
apiVersion: v2
appVersion: 5.1.1
appVersion: 5.1.2
dependencies:
- condition: global.config.enabled
name: config
repository: file://./charts/config
version: 1.1.1
version: 1.1.2
- condition: global.config-api.enabled
name: config-api
repository: file://./charts/config-api
version: 1.1.1
version: 1.1.2
- condition: global.opendj.enabled
name: opendj
repository: file://./charts/opendj
version: 5.1.1
version: 5.1.2
- condition: global.auth-server.enabled
name: auth-server
repository: file://./charts/auth-server
version: 1.1.1
version: 1.1.2
- condition: global.admin-ui.enabled
name: admin-ui
repository: file://./charts/admin-ui
version: 5.1.1
version: 5.1.2
- condition: global.fido2.enabled
name: fido2
repository: file://./charts/fido2
version: 1.1.1
version: 1.1.2
- condition: global.scim.enabled
name: scim
repository: file://./charts/scim
version: 1.1.1
version: 1.1.2
- condition: global.nginx-ingress.enabled
name: nginx-ingress
repository: file://./charts/nginx-ingress
version: 5.1.1
version: 5.1.2
- condition: global.casa.enabled
name: casa
repository: file://./charts/casa
version: 1.1.1
version: 1.1.2
- condition: global.auth-server-key-rotation.enabled
name: auth-server-key-rotation
repository: file://./charts/auth-server-key-rotation
version: 1.1.1
version: 1.1.2
- condition: global.persistence.enabled
name: persistence
repository: file://./charts/persistence
version: 1.1.1
version: 1.1.2
- condition: global.istio.ingress
name: cn-istio-ingress
repository: file://./charts/cn-istio-ingress
version: 5.1.1
version: 5.1.2
- condition: global.link.enabled
name: link
repository: file://./charts/link
version: 1.1.1
version: 1.1.2
- condition: global.saml.enabled
name: saml
repository: file://./charts/saml
version: 1.1.1
version: 1.1.2
- condition: global.kc-scheduler.enabled
name: kc-scheduler
repository: file://./charts/kc-scheduler
version: 1.1.2
description: Gluu Access and Identity Management
home: https://www.gluu.org
icon: https://gluu.org/docs/gluu-server/favicon.ico
@ -98,4 +104,4 @@ maintainers:
name: gluu
sources:
- https://docs.gluu.org
version: 5.1.1
version: 5.1.2

File diff suppressed because one or more lines are too long

View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 5.1.1
appVersion: 5.1.2
description: Admin GUI. Requires license.
home: https://docs.gluu.org
icon: https://gluu.org/docs/gluu-server/favicon.ico
@ -17,4 +17,4 @@ sources:
- https://github.com/GluuFederation/docker-gluu-admin-ui
- https://github.com/GluuFederation/flex/tree/main/charts/gluu/charts/admin-ui
type: application
version: 5.1.1
version: 5.1.2

View File

@ -1,6 +1,6 @@
# admin-ui
![Version: 5.1.1](https://img.shields.io/badge/Version-5.1.1--dev-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
![Version: 5.1.2](https://img.shields.io/badge/Version-5.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
Admin GUI. Requires license.
@ -36,7 +36,7 @@ Kubernetes: `>=v1.21.0-0`
| image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
| image.pullSecrets | list | `[]` | Image Pull Secrets |
| image.repository | string | `"gluufederation/admin-ui"` | Image to use for deploying. |
| image.tag | string | `"5.1.1-1"` | Image tag to use for deploying. |
| image.tag | string | `"5.1.2-1"` | Image tag to use for deploying. |
| lifecycle | object | `{}` | |
| livenessProbe | object | `{"failureThreshold":20,"initialDelaySeconds":60,"periodSeconds":25,"tcpSocket":{"port":8080},"timeoutSeconds":5}` | Configure the liveness healthcheck for the admin ui if needed. |
| readinessProbe | object | `{"failureThreshold":20,"initialDelaySeconds":60,"periodSeconds":25,"tcpSocket":{"port":8080},"timeoutSeconds":5}` | Configure the readiness healthcheck for the admin ui if needed. |

View File

@ -202,7 +202,7 @@ spec:
secret:
secretName: {{ .Release.Name }}-cb-pass
items:
# we are mostly need non-superuser couchbase password file here
# we mostly need non-superuser couchbase password file here
- key: couchbase_password
path: couchbase_password
{{- end }}

View File

@ -27,7 +27,7 @@ image:
# -- Image to use for deploying.
repository: gluufederation/admin-ui
# -- Image tag to use for deploying.
tag: 5.1.1-1
tag: 5.1.2-1
# -- Image Pull Secrets
pullSecrets: [ ]
# -- Service replica number.

View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 5.1.1
appVersion: 5.1.2
description: Responsible for regenerating auth-keys per x hours
home: https://docs.gluu.org
icon: https://gluu.org/docs/gluu-server/favicon.ico
@ -15,4 +15,4 @@ sources:
- https://github.com/JanssenProject/docker-jans-certmanager
- https://github.com/GluuFederation/flex/tree/main/charts/gluu/charts/auth-server-key-rotation
type: application
version: 1.1.1
version: 1.1.2

View File

@ -1,6 +1,6 @@
# auth-server-key-rotation
![Version: 1.1.1](https://img.shields.io/badge/Version-1.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
![Version: 1.1.2](https://img.shields.io/badge/Version-1.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
Responsible for regenerating auth-keys per x hours
@ -34,7 +34,7 @@ Kubernetes: `>=v1.21.0-0`
| image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
| image.pullSecrets | list | `[]` | Image Pull Secrets |
| image.repository | string | `"janssenproject/certmanager"` | Image to use for deploying. |
| image.tag | string | `"1.1.1-1"` | Image tag to use for deploying. |
| image.tag | string | `"1.1.2-2"` | Image tag to use for deploying. |
| keysLife | int | `48` | Auth server key rotation keys life in hours |
| keysPushDelay | int | `0` | Delay (in seconds) before pushing private keys to Auth server |
| keysPushStrategy | string | `"NEWER"` | Set key selection strategy after pushing private keys to Auth server (only takes effect when keysPushDelay value is greater than 0) |

View File

@ -169,7 +169,7 @@ spec:
secret:
secretName: {{ .Release.Name }}-cb-pass
items:
# we are mostly need non-superuser couchbase password file here
# we mostly need non-superuser couchbase password file here
- key: couchbase_password
path: couchbase_password
{{- end }}

View File

@ -18,7 +18,7 @@ image:
# -- Image to use for deploying.
repository: janssenproject/certmanager
# -- Image tag to use for deploying.
tag: 1.1.1-1
tag: 1.1.2-2
# -- Image Pull Secrets
pullSecrets: [ ]
# -- Auth server key rotation keys life in hours

View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 5.1.1
appVersion: 5.1.2
description: OAuth Authorization Server, the OpenID Connect Provider, the UMA Authorization
Server--this is the main Internet facing component of Gluu. It's the service that
returns tokens, JWT's and identity assertions. This service must be Internet facing.
@ -19,4 +19,4 @@ sources:
- https://github.com/JanssenProject/docker-jans-auth-server
- https://github.com/GluuFederation/flex/tree/main/charts/gluu/charts/auth-server
type: application
version: 1.1.1
version: 1.1.2

View File

@ -1,6 +1,6 @@
# auth-server
![Version: 1.1.1](https://img.shields.io/badge/Version-1.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
![Version: 1.1.2](https://img.shields.io/badge/Version-1.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
OAuth Authorization Server, the OpenID Connect Provider, the UMA Authorization Server--this is the main Internet facing component of Gluu. It's the service that returns tokens, JWT's and identity assertions. This service must be Internet facing.
@ -37,7 +37,7 @@ Kubernetes: `>=v1.21.0-0`
| image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
| image.pullSecrets | list | `[]` | Image Pull Secrets |
| image.repository | string | `"janssenproject/auth-server"` | Image to use for deploying. |
| image.tag | string | `"1.1.1-1"` | Image tag to use for deploying. |
| image.tag | string | `"1.1.2-2"` | Image tag to use for deploying. |
| lifecycle | object | `{}` | |
| livenessProbe | object | `{"exec":{"command":["python3","/app/scripts/healthcheck.py"]},"initialDelaySeconds":30,"periodSeconds":30,"timeoutSeconds":5}` | Configure the liveness healthcheck for the auth server if needed. |
| livenessProbe.exec | object | `{"command":["python3","/app/scripts/healthcheck.py"]}` | Executes the python3 healthcheck. |

View File

@ -75,13 +75,12 @@ Create JAVA_OPTIONS ENV for passing custom work and detailed logs
{{- $cnCustomJavaOptions := index .Values.global "auth-server" "cnCustomJavaOptions" }}
{{- $custom := printf "%s" $cnCustomJavaOptions }}
{{ $memory := .Values.resources.limits.memory | replace "Mi" "" | int -}}
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" $memory -}}
{{- $xmx := printf "-Xmx%dm" (sub $memory 300) -}}
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" ( mul (mulf $memory 0.41) 1 ) -}}
{{- $xmx := printf "-Xmx%dm" (sub $memory (mulf $memory 0.49)) -}}
{{- $customJavaOptions := printf "%s %s %s" $custom $maxDirectMemory $xmx -}}
{{ $customJavaOptions | trim | quote }}
{{- end }}
{{/*
Create topologySpreadConstraints lists
*/}}

View File

@ -298,7 +298,7 @@ spec:
secret:
secretName: {{ .Release.Name }}-cb-pass
items:
# we are mostly need non-superuser couchbase password file here
# we mostly need non-superuser couchbase password file here
- key: couchbase_password
path: couchbase_password
{{- end }}

View File

@ -28,7 +28,7 @@ image:
# -- Image to use for deploying.
repository: janssenproject/auth-server
# -- Image tag to use for deploying.
tag: 1.1.1-1
tag: 1.1.2-2
# -- Image Pull Secrets
pullSecrets: [ ]
# -- Service replica number.

View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 5.1.1
appVersion: 5.1.2
description: Jans Casa ("Casa") is a self-service web portal for end-users to manage
authentication and authorization preferences for their account in a Jans Server.
home: https://gluu.org/docs/casa/
@ -18,4 +18,4 @@ sources:
- https://gluu.org/casa/
- https://github.com/JanssenProject/jans/docker-jans-casa
type: application
version: 1.1.1
version: 1.1.2

View File

@ -1,6 +1,6 @@
# casa
![Version: 1.1.1](https://img.shields.io/badge/Version-1.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
![Version: 1.1.2](https://img.shields.io/badge/Version-1.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
Jans Casa ("Casa") is a self-service web portal for end-users to manage authentication and authorization preferences for their account in a Jans Server.
@ -37,7 +37,7 @@ Kubernetes: `>=v1.21.0-0`
| image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
| image.pullSecrets | list | `[]` | Image Pull Secrets |
| image.repository | string | `"janssenproject/casa"` | Image to use for deploying. |
| image.tag | string | `"1.1.1-1"` | Image tag to use for deploying. |
| image.tag | string | `"1.1.2-2"` | Image tag to use for deploying. |
| lifecycle | object | `{}` | |
| livenessProbe | object | `{"httpGet":{"path":"/jans-casa/health-check","port":"http-casa"},"initialDelaySeconds":25,"periodSeconds":25,"timeoutSeconds":5}` | Configure the liveness healthcheck for casa if needed. |
| livenessProbe.httpGet.path | string | `"/jans-casa/health-check"` | http liveness probe endpoint |

View File

@ -85,8 +85,8 @@ Create JAVA_OPTIONS ENV for passing custom work and detailed logs
{{ $custom := "" }}
{{ $custom = printf "%s" .Values.global.casa.cnCustomJavaOptions }}
{{ $memory := .Values.resources.limits.memory | replace "Mi" "" | int -}}
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" $memory -}}
{{- $xmx := printf "-Xmx%dm" (sub $memory 300) -}}
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" ( mul (mulf $memory 0.41) 1 ) -}}
{{- $xmx := printf "-Xmx%dm" (sub $memory (mulf $memory 0.49)) -}}
{{- $customJavaOptions := printf "%s %s %s" $custom $maxDirectMemory $xmx -}}
{{ $customJavaOptions | trim | quote }}
{{- end }}

View File

@ -208,7 +208,7 @@ spec:
secret:
secretName: {{ .Release.Name }}-cb-pass
items:
# we are mostly need non-superuser couchbase password file here
# we mostly need non-superuser couchbase password file here
- key: couchbase_password
path: couchbase_password
{{- end }}

View File

@ -27,7 +27,7 @@ image:
# -- Image to use for deploying.
repository: janssenproject/casa
# -- Image tag to use for deploying.
tag: 1.1.1-1
tag: 1.1.2-2
# -- Image Pull Secrets
pullSecrets: [ ]
# -- Service replica number.

View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 5.1.1
appVersion: 5.1.2
description: Istio Gateway
home: https://docs.gluu.org/
icon: https://gluu.org/docs/gluu-server/favicon.ico
@ -16,4 +16,4 @@ sources:
- https://gluu.org/docs/gluu-server/
- https://github.com/GluuFederation/flex/tree/main/charts/gluu/charts/cn-istio-ingress
type: application
version: 5.1.1
version: 5.1.2

View File

@ -1,6 +1,6 @@
# cn-istio-ingress
![Version: 5.1.1](https://img.shields.io/badge/Version-5.1.1--dev-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
![Version: 5.1.2](https://img.shields.io/badge/Version-5.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
Istio Gateway

View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 5.1.1
appVersion: 5.1.2
description: Jans Config Api endpoints can be used to configure jans-auth-server,
which is an open-source OpenID Connect Provider (OP) and UMA Authorization Server
(AS)
@ -19,4 +19,4 @@ sources:
- https://github.com/JanssenProject/jans/docker-jans-config-api
- https://github.com/GluuFederation/flex/tree/main/charts/gluu/charts/config-api
type: application
version: 1.1.1
version: 1.1.2

View File

@ -1,6 +1,6 @@
# config-api
![Version: 1.1.1](https://img.shields.io/badge/Version-1.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
![Version: 1.1.2](https://img.shields.io/badge/Version-1.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
Jans Config Api endpoints can be used to configure jans-auth-server, which is an open-source OpenID Connect Provider (OP) and UMA Authorization Server (AS)
@ -39,7 +39,7 @@ Kubernetes: `>=v1.21.0-0`
| image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
| image.pullSecrets | list | `[]` | Image Pull Secrets |
| image.repository | string | `"janssenproject/config-api"` | Image to use for deploying. |
| image.tag | string | `"1.1.1-1"` | Image tag to use for deploying. |
| image.tag | string | `"1.1.2-2"` | Image tag to use for deploying. |
| lifecycle | object | `{}` | |
| livenessProbe | object | `{"httpGet":{"path":"/jans-config-api/api/v1/health/live","port":8074},"initialDelaySeconds":30,"periodSeconds":30,"timeoutSeconds":5}` | Configure the liveness healthcheck for the auth server if needed. |
| livenessProbe.httpGet | object | `{"path":"/jans-config-api/api/v1/health/live","port":8074}` | Executes the python3 healthcheck. |

View File

@ -75,8 +75,8 @@ Create JAVA_OPTIONS ENV for passing custom work and detailed logs
{{- $cnCustomJavaOptions := index .Values.global "config-api" "cnCustomJavaOptions" }}
{{- $custom := printf "%s" $cnCustomJavaOptions }}
{{ $memory := .Values.resources.limits.memory | replace "Mi" "" | int -}}
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" $memory -}}
{{- $xmx := printf "-Xmx%dm" (sub $memory 300) -}}
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" ( mul (mulf $memory 0.41) 1 ) -}}
{{- $xmx := printf "-Xmx%dm" (sub $memory (mulf $memory 0.49)) -}}
{{- $customJavaOptions := printf "%s %s %s" $custom $maxDirectMemory $xmx -}}
{{ $customJavaOptions | trim | quote }}
{{- end }}

View File

@ -195,7 +195,7 @@ spec:
secret:
secretName: {{ .Release.Name }}-cb-pass
items:
# we are mostly need non-superuser couchbase password file here
# we mostly need non-superuser couchbase password file here
- key: couchbase_password
path: couchbase_password
{{- end }}

View File

@ -31,7 +31,7 @@ image:
# -- Image to use for deploying.
repository: janssenproject/config-api
# -- Image tag to use for deploying.
tag: 1.1.1-1
tag: 1.1.2-2
# -- Image Pull Secrets
pullSecrets: [ ]
# -- Service replica number.

View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 5.1.1
appVersion: 5.1.2
description: Configuration parameters for setup and initial configuration secret and
config layers used by Gluu services.
home: https://docs.gluu.org
@ -18,4 +18,4 @@ sources:
- https://github.com/JanssenProject/jans/docker-jans-configurator
- https://github.com/GluuFederation/flex/tree/main/charts/gluu/charts/config
type: application
version: 1.1.1
version: 1.1.2

View File

@ -1,6 +1,6 @@
# config
![Version: 1.1.1](https://img.shields.io/badge/Version-1.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
![Version: 1.1.2](https://img.shields.io/badge/Version-1.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
Configuration parameters for setup and initial configuration secret and config layers used by Gluu services.
@ -105,7 +105,7 @@ Kubernetes: `>=v1.21.0-0`
| fullNameOverride | string | `""` | |
| image.pullSecrets | list | `[]` | Image Pull Secrets |
| image.repository | string | `"janssenproject/configurator"` | Image to use for deploying. |
| image.tag | string | `"1.1.1-1"` | Image tag to use for deploying. |
| image.tag | string | `"1.1.2-2"` | Image tag to use for deploying. |
| ldapPassword | string | `"P@ssw0rds"` | LDAP admin password if OpennDJ is used for persistence. |
| ldapTruststorePassword | string | `"changeit"` | LDAP truststore password if OpenDJ is used for persistence |
| lifecycle | object | `{}` | |

View File

@ -81,9 +81,11 @@ spec:
secret:
secretName: {{ .Release.Name }}-cb-pass
items:
# we are mostly need non-superuser couchbase password file here
# we mostly need non-superuser couchbase password file here
- key: couchbase_password
path: couchbase_password
- key: couchbase_superuser_password
path: couchbase_superuser_password
{{- end }}
{{- if or (eq .Values.global.cnPersistenceType "sql") (eq .Values.global.cnPersistenceType "hybrid") }}
- name: sql-pass
@ -147,6 +149,9 @@ spec:
- name: cb-pass
mountPath: {{ .Values.global.cnCouchbasePasswordFile }}
subPath: couchbase_password
- name: cb-pass
mountPath: {{ .Values.global.cnCouchbaseSuperuserPasswordFile }}
subPath: couchbase_superuser_password
{{- end }}
{{- if or (eq .Values.global.cnPersistenceType "ldap") (eq .Values.global.cnPersistenceType "hybrid") }}
- name: ldap-pass

View File

@ -176,7 +176,7 @@ image:
# -- Image to use for deploying.
repository: janssenproject/configurator
# -- Image tag to use for deploying.
tag: 1.1.1-1
tag: 1.1.2-2
# -- Image Pull Secrets
pullSecrets: [ ]
# -- LDAP admin password if OpennDJ is used for persistence.

View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 5.1.1
appVersion: 5.1.2
description: FIDO 2.0 (FIDO2) is an open authentication standard that enables leveraging
common devices to authenticate to online services in both mobile and desktop environments.
home: https://docs.gluu.org/
@ -19,4 +19,4 @@ sources:
- https://github.com/JanssenProject/jans/docker-jans-fido2
- https://github.com/GluuFederation/flex/tree/main/charts/gluu/charts/fido2
type: application
version: 1.1.1
version: 1.1.2

View File

@ -1,6 +1,6 @@
# fido2
![Version: 1.1.1](https://img.shields.io/badge/Version-1.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
![Version: 1.1.2](https://img.shields.io/badge/Version-1.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
FIDO 2.0 (FIDO2) is an open authentication standard that enables leveraging common devices to authenticate to online services in both mobile and desktop environments.
@ -38,7 +38,7 @@ Kubernetes: `>=v1.21.0-0`
| image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
| image.pullSecrets | list | `[]` | Image Pull Secrets |
| image.repository | string | `"janssenproject/fido2"` | Image to use for deploying. |
| image.tag | string | `"1.1.1-1"` | Image tag to use for deploying. |
| image.tag | string | `"1.1.2-2"` | Image tag to use for deploying. |
| lifecycle | object | `{}` | |
| livenessProbe | object | `{"httpGet":{"path":"/jans-fido2/sys/health-check","port":"http-fido2"},"initialDelaySeconds":25,"periodSeconds":25,"timeoutSeconds":5}` | Configure the liveness healthcheck for the fido2 if needed. |
| livenessProbe.httpGet | object | `{"path":"/jans-fido2/sys/health-check","port":"http-fido2"}` | http liveness probe endpoint |

View File

@ -74,8 +74,8 @@ Create JAVA_OPTIONS ENV for passing custom work and detailed logs
{{ $custom := "" }}
{{ $custom = printf "%s" .Values.global.fido2.cnCustomJavaOptions }}
{{ $memory := .Values.resources.limits.memory | replace "Mi" "" | int -}}
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" $memory -}}
{{- $xmx := printf "-Xmx%dm" (sub $memory 300) -}}
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" ( mul (mulf $memory 0.41) 1 ) -}}
{{- $xmx := printf "-Xmx%dm" (sub $memory (mulf $memory 0.49)) -}}
{{- $customJavaOptions := printf "%s %s %s" $custom $maxDirectMemory $xmx -}}
{{ $customJavaOptions | trim | quote }}
{{- end }}

View File

@ -210,7 +210,7 @@ spec:
secret:
secretName: {{ .Release.Name }}-cb-pass
items:
# we are mostly need non-superuser couchbase password file here
# we mostly need non-superuser couchbase password file here
- key: couchbase_password
path: couchbase_password
{{- end }}

View File

@ -29,7 +29,7 @@ image:
# -- Image to use for deploying.
repository: janssenproject/fido2
# -- Image tag to use for deploying.
tag: 1.1.1-1
tag: 1.1.2-2
# -- Image Pull Secrets
pullSecrets: [ ]
# -- Service replica number.

View File

@ -0,0 +1,21 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj

View File

@ -0,0 +1,18 @@
apiVersion: v2
appVersion: 1.1.2
description: Responsible for synchronizing Keycloak SAML clients
home: https://jans.io
icon: https://github.com/JanssenProject/jans/raw/main/docs/assets/logo/janssen_project_favicon_transparent_50px_50px.png
keywords:
- Keycloak
- SAML
kubeVersion: '>=v1.22.0-0'
maintainers:
- email: support@jans.io
name: Mohammad Abudayyeh
url: https://github.com/moabu
name: kc-scheduler
sources:
- https://github.com/JanssenProject/jans/docker-jans-kc-scheduler
type: application
version: 1.1.2

View File

@ -0,0 +1,50 @@
# kc-scheduler
![Version: 1.1.2](https://img.shields.io/badge/Version-1.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.1.2](https://img.shields.io/badge/AppVersion-1.1.2-informational?style=flat-square)
Responsible for synchronizing Keycloak SAML clients
**Homepage:** <https://jans.io>
## Maintainers
| Name | Email | Url |
| ---- | ------ | --- |
| Mohammad Abudayyeh | <support@jans.io> | <https://github.com/moabu> |
## Source Code
* <https://github.com/JanssenProject/jans/docker-jans-kc-scheduler>
## Requirements
Kubernetes: `>=v1.22.0-0`
## Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| additionalAnnotations | object | `{}` | Additional annotations that will be added across the gateway in the format of {cert-manager.io/issuer: "letsencrypt-prod"} |
| additionalLabels | object | `{}` | Additional labels that will be added across the gateway in the format of {mylabel: "myapp"} |
| customScripts | list | `[]` | Add custom scripts that have been mounted to run before the entrypoint. - /tmp/custom.sh - /tmp/custom2.sh |
| dnsConfig | object | `{}` | Add custom dns config |
| dnsPolicy | string | `""` | Add custom dns policy |
| image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
| image.pullSecrets | list | `[]` | Image Pull Secrets |
| image.repository | string | `"ghcr.io/janssenproject/jans/kc-scheduler"` | Image to use for deploying. |
| image.tag | string | `"1.1.2-2"` | Image tag to use for deploying. |
| interval | int | `10` | Interval of running the scheduler (in minutes) |
| lifecycle | object | `{}` | |
| resources | object | `{"limits":{"cpu":"300m","memory":"300Mi"},"requests":{"cpu":"300m","memory":"300Mi"}}` | Resource specs. |
| resources.limits.cpu | string | `"300m"` | CPU limit. |
| resources.limits.memory | string | `"300Mi"` | Memory limit. |
| resources.requests.cpu | string | `"300m"` | CPU request. |
| resources.requests.memory | string | `"300Mi"` | Memory request. |
| usrEnvs | object | `{"normal":{},"secret":{}}` | Add custom normal and secret envs to the service |
| usrEnvs.normal | object | `{}` | Add custom normal envs to the service variable1: value1 |
| usrEnvs.secret | object | `{}` | Add custom secret envs to the service variable1: value1 |
| volumeMounts | list | `[]` | Configure any additional volumesMounts that need to be attached to the containers |
| volumes | list | `[]` | Configure any additional volumes that need to be attached to the pod |
----------------------------------------------
Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0)

View File

@ -0,0 +1,68 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "kc-scheduler.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "kc-scheduler.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "kc-scheduler.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Common labels
*/}}
{{- define "kc-scheduler.labels" -}}
app: {{ .Release.Name }}-{{ include "kc-scheduler.name" . }}
helm.sh/chart: {{ include "kc-scheduler.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}}
{{/*
Create user custom defined envs
*/}}
{{- define "kc-scheduler.usr-envs"}}
{{- range $key, $val := .Values.usrEnvs.normal }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
{{- end }}
{{/*
Create user custom defined secret envs
*/}}
{{- define "kc-scheduler.usr-secret-envs"}}
{{- range $key, $val := .Values.usrEnvs.secret }}
- name: {{ $key }}
valueFrom:
secretKeyRef:
name: {{ $.Release.Name }}-{{ $.Chart.Name }}-user-custom-envs
key: {{ $key | quote }}
{{- end }}
{{- end }}

View File

@ -0,0 +1,196 @@
{ if and (index .Values "global" "kc-scheduler" "enabled") (.Values.global.saml.enabled) -}}
kind: CronJob
apiVersion: batch/v1
metadata:
name: {{ include "kc-scheduler.fullname" . }}
namespace: {{ .Release.Namespace }}
labels:
APP_NAME: kc-scheduler
release: {{ .Release.Name }}
{{ include "kc-scheduler.labels" . | indent 4 }}
{{- if .Values.additionalLabels }}
{{ toYaml .Values.additionalLabels | indent 4 }}
{{- end }}
{{- if .Values.additionalAnnotations }}
annotations:
{{ toYaml .Values.additionalAnnotations | indent 4 }}
{{- end }}
spec:
schedule: "@every {{ .Values.interval }}m"
concurrencyPolicy: Forbid
jobTemplate:
spec:
template:
metadata:
annotations:
sidecar.istio.io/inject: "false"
spec:
{{- with .Values.image.pullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
dnsPolicy: {{ .Values.dnsPolicy | quote }}
{{- with .Values.dnsConfig }}
dnsConfig:
{{ toYaml . | indent 12 }}
{{- end }}
containers:
- name: {{ include "kc-scheduler.name" . }}
{{- if .Values.customScripts }}
command:
- /bin/sh
- -c
- |
{{- with .Values.customScripts }}
{{- toYaml . | replace "- " "" | nindent 20}}
{{- end }}
/app/scripts/entrypoint.sh
{{- end}}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
env:
{{- include "kc-scheduler.usr-envs" . | indent 16 }}
{{- include "kc-scheduler.usr-secret-envs" . | indent 16 }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
lifecycle:
{{- toYaml .Values.lifecycle | nindent 16 }}
volumeMounts:
{{ if or (eq .Values.global.configSecretAdapter "aws") (eq .Values.global.configAdapterName "aws") }}
- mountPath: {{ .Values.global.cnAwsSharedCredentialsFile }}
name: aws-shared-credential-file
subPath: aws_shared_credential_file
- mountPath: {{ .Values.global.cnAwsConfigFile }}
name: aws-config-file
subPath: aws_config_file
- mountPath: {{ .Values.global.cnAwsSecretsReplicaRegionsFile }}
name: aws-secrets-replica-regions
subPath: aws_secrets_replica_regions
{{- end }}
{{ if or (eq .Values.global.configSecretAdapter "google") (eq .Values.global.cnPersistenceType "spanner") }}
- mountPath: {{ .Values.global.cnGoogleApplicationCredentials }}
name: google-sa
subPath: google-credentials.json
{{- end }}
{{ if eq .Values.global.configSecretAdapter "vault" }}
- name: vault
mountPath: /etc/certs/vault_role_id
subPath: vault_role_id
- name: vault
mountPath: /etc/certs/vault_secret_id
subPath: vault_secret_id
{{- end }}
{{- with .Values.volumeMounts }}
{{- toYaml . | nindent 16 }}
{{- end }}
{{- if or (eq .Values.global.cnPersistenceType "couchbase") (eq .Values.global.cnPersistenceType "hybrid") }}
{{- if not .Values.global.istio.enabled }}
- name: cb-crt
mountPath: "/etc/certs/couchbase.crt"
subPath: couchbase.crt
{{- end }}
- name: cb-pass
mountPath: {{ .Values.global.cnCouchbasePasswordFile }}
subPath: couchbase_password
{{- end }}
{{- if or (eq .Values.global.cnPersistenceType "sql") (eq .Values.global.cnPersistenceType "hybrid") }}
- name: sql-pass
mountPath: {{ .Values.global.cnSqlPasswordFile }}
subPath: sql_password
{{- end }}
{{- if or (eq .Values.global.cnPersistenceType "ldap") (eq .Values.global.cnPersistenceType "hybrid") }}
- name: ldap-pass
mountPath: {{ .Values.global.cnLdapPasswordFile }}
subPath: ldap_password
{{- end }}
envFrom:
- configMapRef:
name: {{ .Release.Name }}-config-cm
{{ if .Values.global.usrEnvs.secret }}
- secretRef:
name: {{ .Release.Name }}-global-user-custom-envs
{{- end }}
{{ if .Values.global.usrEnvs.normal }}
- configMapRef:
name: {{ .Release.Name }}-global-user-custom-envs
{{- end }}
{{- if and ( .Values.global.opendj.enabled ) (or (eq .Values.global.storageClass.provisioner "microk8s.io/hostpath" ) (eq .Values.global.storageClass.provisioner "k8s.io/minikube-hostpath")) }}
resources: {}
{{- else if .Values.global.cloud.testEnviroment }}
resources: {}
{{- else }}
resources:
{{- toYaml .Values.resources | nindent 16 }}
{{- end }}
volumes:
{{- with .Values.volumes }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{ if or (eq .Values.global.configSecretAdapter "aws") (eq .Values.global.configAdapterName "aws") }}
- name: aws-shared-credential-file
secret:
secretName: {{ .Release.Name }}-aws-config-creds
items:
- key: aws_shared_credential_file
path: aws_shared_credential_file
- name: aws-config-file
secret:
secretName: {{ .Release.Name }}-aws-config-creds
items:
- key: aws_config_file
path: aws_config_file
- name: aws-secrets-replica-regions
secret:
secretName: {{ .Release.Name }}-aws-config-creds
items:
- key: aws_secrets_replica_regions
path: aws_secrets_replica_regions
{{- end }}
{{ if or (eq .Values.global.configSecretAdapter "google") (eq .Values.global.cnPersistenceType "spanner") }}
- name: google-sa
secret:
secretName: {{ .Release.Name }}-google-sa
{{- end }}
{{ if eq .Values.global.configSecretAdapter "vault" }}
- name: vault
secret:
secretName: {{ .Release.Name }}-vault
items:
- key: vault_role_id
path: vault_role_id
- key: vault_secret_id
path: vault_secret_id
{{- end }}
{{- if or (eq .Values.global.cnPersistenceType "couchbase") (eq .Values.global.cnPersistenceType "hybrid") }}
{{- if not .Values.global.istio.enabled }}
- name: cb-crt
secret:
secretName: {{ .Release.Name }}-cb-crt
{{- end }}
- name: cb-pass
secret:
secretName: {{ .Release.Name }}-cb-pass
items:
# we are mostly need non-superuser couchbase password file here
- key: couchbase_password
path: couchbase_password
{{- end }}
{{- if or (eq .Values.global.cnPersistenceType "sql") (eq .Values.global.cnPersistenceType "hybrid") }}
- name: sql-pass
secret:
secretName: {{ .Release.Name }}-sql-pass
{{- end }}
{{- if or (eq .Values.global.cnPersistenceType "ldap") (eq .Values.global.cnPersistenceType "hybrid") }}
- name: ldap-pass
secret:
secretName: {{ .Release.Name }}-ldap-pass
items:
- key: ldap_password
path: ldap_password
{{- end }}
restartPolicy: Never
{{- if not .Values.global.isFqdnRegistered }}
hostAliases:
- ip: {{ .Values.global.lbIp }}
hostnames:
- {{ .Values.global.fqdn }}
{{- end }}
{{- end }}

View File

@ -0,0 +1,25 @@
{{- if .Values.global.istio.enabled }}
# License terms and conditions:
# https://www.apache.org/licenses/LICENSE-2.0
apiVersion: v1
kind: Service
metadata:
name: {{ include "kc-scheduler.fullname" . }}
labels:
{{ include "kc-scheduler.labels" . | indent 4 }}
{{- if .Values.additionalLabels }}
{{ toYaml .Values.additionalLabels | indent 4 }}
{{- end }}
{{- if .Values.additionalAnnotations }}
annotations:
{{ toYaml .Values.additionalAnnotations | indent 4 }}
{{- end }}
spec:
ports:
- name: http
port: 80
targetPort: 8080
selector:
app: {{ .Release.Name }}-{{ include "kc-scheduler.name" . }}
type: ClusterIP
{{- end }}

View File

@ -0,0 +1,20 @@
{{ if .Values.usrEnvs.secret }}
apiVersion: v1
kind: Secret
metadata:
name: {{ .Release.Name }}-{{ .Chart.Name }}-user-custom-envs
labels:
{{ include "kc-scheduler.labels" . | indent 4 }}
{{- if .Values.additionalLabels }}
{{ toYaml .Values.additionalLabels | indent 4 }}
{{- end }}
{{- if .Values.additionalAnnotations }}
annotations:
{{ toYaml .Values.additionalAnnotations | indent 4 }}
{{- end }}
type: Opaque
data:
{{- range $key, $val := .Values.usrEnvs.secret }}
{{ $key }}: {{ $val | b64enc }}
{{- end}}
{{- end}}

View File

@ -0,0 +1,54 @@
# -- Add custom normal and secret envs to the service
usrEnvs:
# -- Add custom normal envs to the service
# variable1: value1
normal: {}
# -- Add custom secret envs to the service
# variable1: value1
secret: {}
# -- Add custom dns policy
dnsPolicy: ""
# -- Add custom dns config
dnsConfig: {}
image:
# -- Image pullPolicy to use for deploying.
pullPolicy: IfNotPresent
# -- Image to use for deploying.
repository: ghcr.io/janssenproject/jans/kc-scheduler
# -- Image tag to use for deploying.
tag: 1.1.2-2
# -- Image Pull Secrets
pullSecrets: [ ]
# -- Resource specs.
resources:
limits:
# -- CPU limit.
cpu: 300m
# -- Memory limit.
memory: 300Mi
requests:
# -- CPU request.
cpu: 300m
# -- Memory request.
memory: 300Mi
# -- Interval of running the scheduler (in minutes)
interval: 10
# -- Configure any additional volumes that need to be attached to the pod
volumes: []
# -- Configure any additional volumesMounts that need to be attached to the containers
volumeMounts: []
# Actions on lifecycle events such as postStart and preStop
# Example
# lifecycle:
# postStart:
# exec:
# command: ["sh", "-c", "mkdir /opt/jans/jetty/jans-auth/custom/static/stylesheet/"]
lifecycle: {}
# -- Additional labels that will be added across the gateway in the format of {mylabel: "myapp"}
additionalLabels: { }
# -- Additional annotations that will be added across the gateway in the format of {cert-manager.io/issuer: "letsencrypt-prod"}
additionalAnnotations: {}
# -- Add custom scripts that have been mounted to run before the entrypoint.
# - /tmp/custom.sh
# - /tmp/custom2.sh
customScripts: []

View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 5.1.1
appVersion: 5.1.2
description: Jans Link
home: https://jans.io
icon: https://github.com/JanssenProject/jans/raw/main/docs/assets/logo/janssen_project_favicon_transparent_50px_50px.png
@ -15,4 +15,4 @@ sources:
- https://github.com/JanssenProject/jans/jans-link
- https://github.com/JanssenProject/jans/docker-jans-link
type: application
version: 1.1.1
version: 1.1.2

View File

@ -1,6 +1,6 @@
# link
![Version: 1.1.1](https://img.shields.io/badge/Version-1.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
![Version: 1.1.2](https://img.shields.io/badge/Version-1.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
Jans Link
@ -38,7 +38,7 @@ Kubernetes: `>=v1.22.0-0`
| image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
| image.pullSecrets | list | `[]` | Image Pull Secrets |
| image.repository | string | `"ghcr.io/janssenproject/jans/link"` | Image to use for deploying. |
| image.tag | string | `"1.1.1-1"` | Image tag to use for deploying. |
| image.tag | string | `"1.1.2-2"` | Image tag to use for deploying. |
| lifecycle | object | `{}` | |
| livenessProbe | object | `{"exec":{"command":["python3","/app/scripts/healthcheck.py"]},"initialDelaySeconds":30,"periodSeconds":30,"timeoutSeconds":5}` | Configure the liveness healthcheck for the link if needed. |
| livenessProbe.exec | object | `{"command":["python3","/app/scripts/healthcheck.py"]}` | Executes the python3 healthcheck. |

View File

@ -74,8 +74,8 @@ Create JAVA_OPTIONS ENV for passing custom work and detailed logs
{{ $custom := "" }}
{{ $custom = printf "%s" .Values.global.link.cnCustomJavaOptions }}
{{ $memory := .Values.resources.limits.memory | replace "Mi" "" | int -}}
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" $memory -}}
{{- $xmx := printf "-Xmx%dm" (sub $memory 300) -}}
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" ( mul (mulf $memory 0.41) 1 ) -}}
{{- $xmx := printf "-Xmx%dm" (sub $memory (mulf $memory 0.49)) -}}
{{- $customJavaOptions := printf "%s %s %s" $custom $maxDirectMemory $xmx -}}
{{ $customJavaOptions | trim | quote }}
{{- end }}

View File

@ -194,7 +194,7 @@ spec:
secret:
secretName: {{ .Release.Name }}-cb-pass
items:
# we are mostly need non-superuser couchbase password file here
# we mostly need non-superuser couchbase password file here
- key: couchbase_password
path: couchbase_password
{{- end }}

View File

@ -31,7 +31,7 @@ image:
# -- Image to use for deploying.
repository: ghcr.io/janssenproject/jans/link
# -- Image tag to use for deploying.
tag: 1.1.1-1
tag: 1.1.2-2
# -- Image Pull Secrets
pullSecrets: [ ]
# -- Service replica number.

View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 5.1.1
appVersion: 5.1.2
description: Nginx ingress definitions chart
home: https://docs.gluu.org
icon: https://gluu.org/docs/gluu-server/favicon.ico
@ -17,4 +17,4 @@ sources:
- https://kubernetes.io/docs/concepts/services-networking/ingress/
- https://github.com/GluuFederation/flex/tree/main/charts/gluu/charts/nginx-ingress
type: application
version: 5.1.1
version: 5.1.2

View File

@ -1,6 +1,6 @@
# nginx-ingress
![Version: 5.1.1](https://img.shields.io/badge/Version-5.1.1--dev-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
![Version: 5.1.2](https://img.shields.io/badge/Version-5.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
Nginx ingress definitions chart

View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 5.1.1
appVersion: 5.1.2
description: OpenDJ is a directory server which implements a wide range of Lightweight
Directory Access Protocol and related standards, including full compliance with
LDAPv3 but also support for Directory Service Markup Language (DSMLv2).Written in
@ -19,4 +19,4 @@ sources:
- https://github.com/GluuFederation/docker-opendj
- https://github.com/GluuFederation/flex/tree/main/charts/gluu/charts/opendj
type: application
version: 5.1.1
version: 5.1.2

View File

@ -1,6 +1,6 @@
# opendj
![Version: 5.1.1](https://img.shields.io/badge/Version-5.1.1--dev-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
![Version: 5.1.2](https://img.shields.io/badge/Version-5.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
OpenDJ is a directory server which implements a wide range of Lightweight Directory Access Protocol and related standards, including full compliance with LDAPv3 but also support for Directory Service Markup Language (DSMLv2).Written in Java, OpenDJ offers multi-master replication, access control, and many extensions.

View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 5.1.1
appVersion: 5.1.2
description: Job to generate data and initial config for Gluu Server persistence layer.
home: https://docs.gluu.org
icon: https://gluu.org/docs/gluu-server/favicon.ico
@ -15,4 +15,4 @@ sources:
- https://github.com/JanssenProject/jans/docker-jans-persistence-loader
- https://github.com/GluuFederation/flex/tree/main/charts/gluu/charts/persistence
type: application
version: 1.1.1
version: 1.1.2

View File

@ -1,6 +1,6 @@
# persistence
![Version: 1.1.1](https://img.shields.io/badge/Version-1.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
![Version: 1.1.2](https://img.shields.io/badge/Version-1.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
Job to generate data and initial config for Gluu Server persistence layer.
@ -34,7 +34,7 @@ Kubernetes: `>=v1.21.0-0`
| image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
| image.pullSecrets | list | `[]` | Image Pull Secrets |
| image.repository | string | `"janssenproject/persistence"` | Image to use for deploying. |
| image.tag | string | `"1.1.1-1"` | Image tag to use for deploying. |
| image.tag | string | `"1.1.2-2"` | Image tag to use for deploying. |
| imagePullSecrets | list | `[]` | |
| lifecycle | object | `{}` | |
| nameOverride | string | `""` | |

View File

@ -18,7 +18,7 @@ image:
# -- Image to use for deploying.
repository: janssenproject/persistence
# -- Image tag to use for deploying.
tag: 1.1.1-1
tag: 1.1.2-2
# -- Image Pull Secrets
pullSecrets: [ ]
# -- Resource specs.

View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 5.1.1
appVersion: 5.1.2
description: Jans SAML
home: https://jans.io
icon: https://github.com/JanssenProject/jans/raw/main/docs/assets/logo/janssen_project_favicon_transparent_50px_50px.png
@ -15,4 +15,4 @@ name: saml
sources:
- https://github.com/JanssenProject/jans/docker-jans-saml
type: application
version: 1.1.1
version: 1.1.2

View File

@ -1,6 +1,6 @@
# saml
![Version: 1.1.1](https://img.shields.io/badge/Version-1.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
![Version: 1.1.2](https://img.shields.io/badge/Version-1.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
Jans SAML
@ -36,7 +36,7 @@ Kubernetes: `>=v1.21.0-0`
| image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
| image.pullSecrets | list | `[]` | Image Pull Secrets |
| image.repository | string | `"janssenproject/saml"` | Image to use for deploying. |
| image.tag | string | `"1.1.1-1"` | Image tag to use for deploying. |
| image.tag | string | `"1.1.2-2"` | Image tag to use for deploying. |
| lifecycle | object | `{}` | |
| livenessProbe | object | `{"exec":{"command":["python3","/app/scripts/healthcheck.py"]},"failureThreshold":10,"initialDelaySeconds":30,"periodSeconds":30,"timeoutSeconds":5}` | Configure the liveness healthcheck for saml if needed. |
| livenessProbe.exec | object | `{"command":["python3","/app/scripts/healthcheck.py"]}` | Executes the python3 healthcheck. |

View File

@ -85,8 +85,8 @@ Create JAVA_OPTIONS ENV for passing custom work and detailed logs
{{ $custom := "" }}
{{ $custom = printf "%s" .Values.global.saml.cnCustomJavaOptions }}
{{ $memory := .Values.resources.limits.memory | replace "Mi" "" | int -}}
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" $memory -}}
{{- $xmx := printf "-Xmx%dm" (sub $memory 300) -}}
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" ( mul (mulf $memory 0.41) 1 ) -}}
{{- $xmx := printf "-Xmx%dm" (sub $memory (mulf $memory 0.49)) -}}
{{- $customJavaOptions := printf "%s %s %s" $custom $maxDirectMemory $xmx -}}
{{ $customJavaOptions | trim | quote }}
{{- end }}

View File

@ -214,7 +214,7 @@ spec:
secret:
secretName: {{ .Release.Name }}-cb-pass
items:
# we are mostly need non-superuser couchbase password file here
# we mostly need non-superuser couchbase password file here
- key: couchbase_password
path: couchbase_password
{{- end }}

View File

@ -27,7 +27,7 @@ image:
# -- Image to use for deploying.
repository: janssenproject/saml
# -- Image tag to use for deploying.
tag: 1.1.1-1
tag: 1.1.2-2
# -- Image Pull Secrets
pullSecrets: [ ]
# -- Service replica number.

View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 5.1.1
appVersion: 5.1.2
description: System for Cross-domain Identity Management (SCIM) version 2.0
home: https://docs.gluu.org
icon: https://gluu.org/docs/gluu-server/favicon.ico
@ -17,4 +17,4 @@ sources:
- https://github.com/JanssenProject/jans/docker-jans-scim
- https://github.com/GluuFederation/flex/tree/main/charts/gluu/charts/scim
type: application
version: 1.1.1
version: 1.1.2

View File

@ -1,6 +1,6 @@
# scim
![Version: 1.1.1](https://img.shields.io/badge/Version-1.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
![Version: 1.1.2](https://img.shields.io/badge/Version-1.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
System for Cross-domain Identity Management (SCIM) version 2.0
@ -37,7 +37,7 @@ Kubernetes: `>=v1.21.0-0`
| image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
| image.pullSecrets | list | `[]` | Image Pull Secrets |
| image.repository | string | `"janssenproject/scim"` | Image to use for deploying. |
| image.tag | string | `"1.1.1-1"` | Image tag to use for deploying. |
| image.tag | string | `"1.1.2-2"` | Image tag to use for deploying. |
| lifecycle | object | `{}` | |
| livenessProbe | object | `{"httpGet":{"path":"/jans-scim/sys/health-check","port":8080},"initialDelaySeconds":30,"periodSeconds":30,"timeoutSeconds":5}` | Configure the liveness healthcheck for SCIM if needed. |
| livenessProbe.httpGet.path | string | `"/jans-scim/sys/health-check"` | http liveness probe endpoint |

View File

@ -74,8 +74,8 @@ Create JAVA_OPTIONS ENV for passing custom work and detailed logs
{{ $custom := "" }}
{{ $custom = printf "%s" .Values.global.scim.cnCustomJavaOptions }}
{{ $memory := .Values.resources.limits.memory | replace "Mi" "" | int -}}
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" $memory -}}
{{- $xmx := printf "-Xmx%dm" (sub $memory 300) -}}
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" ( mul (mulf $memory 0.41) 1 ) -}}
{{- $xmx := printf "-Xmx%dm" (sub $memory (mulf $memory 0.49)) -}}
{{- $customJavaOptions := printf "%s %s %s" $custom $maxDirectMemory $xmx -}}
{{ $customJavaOptions | trim | quote }}
{{- end }}

View File

@ -209,7 +209,7 @@ spec:
secret:
secretName: {{ .Release.Name }}-cb-pass
items:
# we are mostly need non-superuser couchbase password file here
# we mostly need non-superuser couchbase password file here
- key: couchbase_password
path: couchbase_password
{{- end }}

View File

@ -28,7 +28,7 @@ image:
# -- Image to use for deploying.
repository: janssenproject/scim
# -- Image tag to use for deploying.
tag: 1.1.1-1
tag: 1.1.2-2
# -- Image Pull Secrets
pullSecrets: [ ]
# -- Service replica number.

View File

@ -28,7 +28,7 @@ auth-server:
# -- Image to use for deploying.
repository: janssenproject/auth-server
# -- Image tag to use for deploying.
tag: 1.1.1-1
tag: 1.1.2-2
# -- Image Pull Secrets
pullSecrets: [ ]
# -- Service replica number.
@ -167,7 +167,7 @@ config:
# -- Image to use for deploying.
repository: janssenproject/configurator
# -- Image tag to use for deploying.
tag: 1.1.1-1
tag: 1.1.2-2
# -- Image Pull Secrets
pullSecrets: [ ]
# -- Organization name. Used for certificate creation.
@ -231,7 +231,7 @@ config-api:
# -- Image to use for deploying.
repository: janssenproject/config-api
# -- Image tag to use for deploying.
tag: 1.1.1-1
tag: 1.1.2-2
# -- Image Pull Secrets
pullSecrets: [ ]
# -- Service replica number.
@ -664,7 +664,7 @@ persistence:
# -- Image to use for deploying.
repository: janssenproject/persistence-loader
# -- Image tag to use for deploying.
tag: 1.1.1-1
tag: 1.1.2-2
# -- Image Pull Secrets
pullSecrets: [ ]
# -- Resource specs.

File diff suppressed because it is too large Load Diff

View File

@ -106,7 +106,7 @@ admin-ui:
# -- Image to use for deploying.
repository: ghcr.io/gluufederation/flex/admin-ui
# -- Image tag to use for deploying.
tag: 5.1.1-1
tag: 5.1.2-1
# -- Image Pull Secrets
pullSecrets: [ ]
# -- Service replica number.
@ -207,7 +207,7 @@ auth-server:
# -- Image to use for deploying.
repository: ghcr.io/janssenproject/jans/auth-server
# -- Image tag to use for deploying.
tag: 1.1.1-1
tag: 1.1.2-2
# -- Image Pull Secrets
pullSecrets: [ ]
# -- Service replica number.
@ -217,7 +217,7 @@ auth-server:
limits:
# -- CPU limit.
cpu: 2500m
# -- Memory limit.
# -- Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units.
memory: 2500Mi
requests:
# -- CPU request.
@ -284,7 +284,7 @@ auth-server-key-rotation:
# -- Image to use for deploying.
repository: ghcr.io/janssenproject/jans/certmanager
# -- Image tag to use for deploying.
tag: 1.1.1-1
tag: 1.1.2-2
# -- Image Pull Secrets
pullSecrets: [ ]
# -- Auth server key rotation keys life in hours
@ -508,7 +508,7 @@ config:
# -- Image to use for deploying.
repository: ghcr.io/janssenproject/jans/configurator
# -- Image tag to use for deploying.
tag: 1.1.1-1
tag: 1.1.2-2
# -- Image Pull Secrets
pullSecrets: [ ]
# -- LDAP admin password if OpenDJ is used for persistence.
@ -615,7 +615,7 @@ config-api:
# -- Image to use for deploying.
repository: ghcr.io/janssenproject/jans/config-api
# -- Image tag to use for deploying.
tag: 1.1.1-1
tag: 1.1.2-2
# -- Image Pull Secrets
pullSecrets: [ ]
# -- Service replica number.
@ -625,13 +625,13 @@ config-api:
limits:
# -- CPU limit.
cpu: 1000m
# -- Memory limit.
memory: 1000Mi
# -- Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units.
memory: 1200Mi
requests:
# -- CPU request.
cpu: 1000m
# -- Memory request.
memory: 1000Mi
memory: 1200Mi
# -- Configure the liveness healthcheck for the auth server if needed.
livenessProbe:
# -- http liveness probe endpoint
@ -718,7 +718,7 @@ fido2:
# -- Image to use for deploying.
repository: ghcr.io/janssenproject/jans/fido2
# -- Image tag to use for deploying.
tag: 1.1.1-1
tag: 1.1.2-2
# -- Image Pull Secrets
pullSecrets: [ ]
# -- Service replica number.
@ -728,7 +728,7 @@ fido2:
limits:
# -- CPU limit.
cpu: 500m
# -- Memory limit.
# -- Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units.
memory: 500Mi
requests:
# -- CPU request.
@ -826,7 +826,7 @@ casa:
# -- Image to use for deploying.
repository: ghcr.io/janssenproject/jans/casa
# -- Image tag to use for deploying.
tag: 1.1.1-1
tag: 1.1.2-2
# -- Image Pull Secrets
pullSecrets: [ ]
# -- Service replica number.
@ -836,7 +836,7 @@ casa:
limits:
# -- CPU limit.
cpu: 500m
# -- Memory limit.
# -- Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units.
memory: 500Mi
requests:
# -- CPU request.
@ -1267,7 +1267,7 @@ global:
# Enable saml endpoints /kc
samlEnabled: false
# -- passing custom java options to saml. DO NOT PASS JAVA_OPTIONS in envs.
cnCustomJavaOptions: ""
cnCustomJavaOptions: ""
# -- Path to SQL password file
cnSqlPasswordFile: /etc/jans/conf/sql_password
@ -1291,6 +1291,9 @@ global:
kcDbPasswordFile: /etc/jans/conf/kc_db_password
# -- Path to file contains Keycloak admin credentials (username and password)
kcAdminCredentialsFile: /etc/jans/conf/kc_admin_creds
kc-scheduler:
# -- Boolean flag to enable/disable the kc-scheduler cronjob chart.
enabled: false
# -- Nginx ingress definitions chart
nginx-ingress:
@ -1561,7 +1564,7 @@ persistence:
# -- Image to use for deploying.
repository: ghcr.io/janssenproject/jans/persistence-loader
# -- Image tag to use for deploying.
tag: 1.1.1-1
tag: 1.1.2-2
# -- Image Pull Secrets
pullSecrets: [ ]
# -- Resource specs.
@ -1645,7 +1648,7 @@ scim:
# -- Image to use for deploying.
repository: ghcr.io/janssenproject/jans/scim
# -- Image tag to use for deploying.
tag: 1.1.1-1
tag: 1.1.2-2
# -- Image Pull Secrets
pullSecrets: [ ]
# -- Service replica number.
@ -1654,13 +1657,13 @@ scim:
limits:
# -- CPU limit.
cpu: 1000m
# -- Memory limit.
memory: 1000Mi
# -- Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units.
memory: 1200Mi
requests:
# -- CPU request.
cpu: 1000m
# -- Memory request.
memory: 1000Mi
memory: 1200Mi
service:
# -- The name of the scim port within the scim service. Please keep it as default.
name: http-scim
@ -1753,7 +1756,7 @@ link:
# -- Image to use for deploying.
repository: ghcr.io/janssenproject/jans/link
# -- Image tag to use for deploying.
tag: 1.1.1-1
tag: 1.1.2-2
# -- Image Pull Secrets
pullSecrets: [ ]
# -- Service replica number.
@ -1763,13 +1766,13 @@ link:
limits:
# -- CPU limit.
cpu: 500m
# -- Memory limit.
memory: 1000Mi
# -- Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units.
memory: 1200Mi
requests:
# -- CPU request.
cpu: 500m
# -- Memory request.
memory: 1000Mi
memory: 1200Mi
# -- Configure the liveness healthcheck for the auth server if needed.
livenessProbe:
# -- http liveness probe endpoint
@ -1860,7 +1863,7 @@ saml:
# -- Image to use for deploying.
repository: ghcr.io/janssenproject/jans/saml
# -- Image tag to use for deploying.
tag: 1.1.1-1
tag: 1.1.2-2
# -- Image Pull Secrets
pullSecrets: [ ]
# -- Service replica number.
@ -1870,13 +1873,13 @@ saml:
limits:
# -- CPU limit.
cpu: 500m
# -- Memory limit.
memory: 1000Mi
# -- Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units.
memory: 1200Mi
requests:
# -- CPU request.
cpu: 500m
# -- Memory request.
memory: 1000Mi
memory: 1200Mi
# -- Configure the liveness healthcheck for the auth server if needed.
livenessProbe:
# -- http liveness probe endpoint
@ -1918,3 +1921,60 @@ saml:
# - /tmp/custom.sh
# - /tmp/custom2.sh
customScripts: [ ]
# -- Responsible for synchronizing Keycloak SAML clients
kc-scheduler:
# -- Add custom normal and secret envs to the service
usrEnvs:
# -- Add custom normal envs to the service
# variable1: value1
normal: {}
# -- Add custom secret envs to the service
# variable1: value1
secret: {}
# -- Add custom dns policy
dnsPolicy: ""
# -- Add custom dns config
dnsConfig: {}
image:
# -- Image pullPolicy to use for deploying.
pullPolicy: IfNotPresent
# -- Image to use for deploying.
repository: ghcr.io/janssenproject/jans/kc-scheduler
# -- Image tag to use for deploying.
tag: 1.1.2-2
# -- Image Pull Secrets
pullSecrets: [ ]
# -- Resource specs.
resources:
limits:
# -- CPU limit.
cpu: 300m
# -- Memory limit.
memory: 300Mi
requests:
# -- CPU request.
cpu: 300m
# -- Memory request.
memory: 300Mi
# -- Interval of running the scheduler (in minutes)
interval: 10
# -- Configure any additional volumes that need to be attached to the pod
volumes: []
# -- Configure any additional volumesMounts that need to be attached to the containers
volumeMounts: []
# Actions on lifecycle events such as postStart and preStop
# Example
# lifecycle:
# postStart:
# exec:
# command: ["sh", "-c", "mkdir /opt/jans/jetty/jans-auth/custom/static/stylesheet/"]
lifecycle: {}
# -- Additional labels that will be added across the gateway in the format of {mylabel: "myapp"}
additionalLabels: { }
# -- Additional annotations that will be added across the gateway in the format of {cert-manager.io/issuer: "letsencrypt-prod"}
additionalAnnotations: {}
# -- Add custom scripts that have been mounted to run before the entrypoint.
# - /tmp/custom.sh
# - /tmp/custom2.sh
customScripts: []

View File

@ -1,7 +1,7 @@
# JFrog Artifactory-ha Chart Changelog
All changes to this chart will be documented in this file
## [107.84.12] - May 20, 2024
## [107.84.14] - May 29, 2024
* Added image section for `initContainers` instead of `initContainerImage`
* Renamed `router.image.imagePullPolicy` to `router.image.pullPolicy`
* Removed loggers.image section
@ -20,6 +20,9 @@ All changes to this chart will be documented in this file
* Fixed an issue to generate unified secret to support artifactory fullname [GH-1882](https://github.com/jfrog/charts/issues/1882)
* Fixed an issue template render on loggers [GH-1883](https://github.com/jfrog/charts/issues/1883)
* Override metadata and observability image tag with `global.verisons.artifactory` value
* Fixed resource constraints for "setup" initContainer of nginx deployment [GH-962] (https://github.com/jfrog/charts/issues/962)
* Added .Values.artifactory.unifiedSecretsPrependReleaseName` for unified secret to prepend release name
* Fixed maxCacheSize and cacheProviderDir mix up under azure-blob-storage-v2-direct template in binarystore.xml
## [107.83.0] - Mar 12, 2024
* Added image section for `metadata` and `observability`

View File

@ -1,11 +1,11 @@
annotations:
artifactoryServiceVersion: 7.84.16
artifactoryServiceVersion: 7.84.17
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: JFrog Artifactory HA
catalog.cattle.io/kube-version: '>= 1.19.0-0'
catalog.cattle.io/release-name: artifactory-ha
apiVersion: v2
appVersion: 7.84.12
appVersion: 7.84.14
dependencies:
- condition: postgresql.enabled
name: postgresql
@ -27,4 +27,4 @@ name: artifactory-ha
sources:
- https://github.com/jfrog/charts
type: application
version: 107.84.12
version: 107.84.14

View File

@ -417,8 +417,8 @@
<config version="3">
<chain template="azure-blob-storage-v2-direct"/>
<provider type="cache-fs" id="cache-fs">
<cacheProviderDir>{{ .Values.artifactory.persistence.maxCacheSize | int64 }}</cacheProviderDir>
<maxCacheSize>{{ .Values.artifactory.persistence.cacheProviderDir }}</maxCacheSize>
<maxCacheSize>{{ .Values.artifactory.persistence.maxCacheSize | int64 }}</maxCacheSize>
<cacheProviderDir>{{ .Values.artifactory.persistence.cacheProviderDir }}</cacheProviderDir>
{{- if .Values.artifactory.persistence.maxFileSizeLimit }}
<maxFileSizeLimit>{{.Values.artifactory.persistence.maxFileSizeLimit | int64}}</maxFileSizeLimit>
{{- end }}

View File

@ -490,4 +490,15 @@ Calculate the systemYaml from the unstructured text input
*/}}
{{- define "artifactory.systemYaml" -}}
{{ include (print $.Template.BasePath "/_system-yaml-render.tpl") . }}
{{- end -}}
{{- end -}}
{{/*
Resolve unified secret prepend release name
*/}}
{{- define "artifactory.unifiedSecretPrependReleaseName" -}}
{{- if .Values.artifactory.unifiedSecretPrependReleaseName }}
{{- printf "%s" (include "artifactory-ha.fullname" .) -}}
{{- else }}
{{- printf "%s" (include "artifactory-ha.name" .) -}}
{{- end }}
{{- end }}

View File

@ -180,7 +180,7 @@ spec:
{{- if or (not .Values.artifactory.unifiedSecretInstallation) (or .Values.artifactory.masterKeySecretName .Values.global.masterKeySecretName) }}
name: {{ include "artifactory-ha.masterKeySecretName" . }}
{{- else }}
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: master-key
{{- end }}
@ -320,7 +320,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory-ha.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-user
{{- end }}
@ -336,7 +336,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory-ha.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-password
{{- else if .Values.postgresql.enabled }}
@ -355,7 +355,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory-ha.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-url
{{- end }}
@ -544,7 +544,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory-ha.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-user
{{- end }}
@ -560,7 +560,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory-ha.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-password
{{- else if .Values.postgresql.enabled }}
@ -579,7 +579,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory-ha.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-url
{{- end }}
@ -712,7 +712,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory-ha.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-password
{{- else if .Values.postgresql.enabled }}
@ -858,7 +858,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory-ha.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-user
{{- end }}
@ -874,7 +874,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory-ha.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-password
{{- else if .Values.postgresql.enabled }}
@ -893,7 +893,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory-ha.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-url
{{- end }}
@ -1239,7 +1239,8 @@ spec:
{{- if and .Values.artifactory.unifiedSecretInstallation (eq (include "artifactory-ha.checkDuplicateUnifiedCustomVolume" .) "false" ) }}
- name: {{ include "artifactory-ha.unifiedCustomSecretVolumeName" . }}
secret:
secretName: {{ template "artifactory-ha.fullname" . }}-unified-secret
secretName: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- else if not .Values.artifactory.unifiedSecretInstallation }}
############ If single secret installation flag is disable ############

View File

@ -244,7 +244,7 @@ spec:
{{- if or (not .Values.artifactory.unifiedSecretInstallation) .Values.artifactory.joinKeySecretName .Values.global.joinKeySecretName }}
name: {{ include "artifactory-ha.joinKeySecretName" . }}
{{- else }}
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: join-key
{{- end }}
@ -255,7 +255,7 @@ spec:
{{- if or (not .Values.artifactory.unifiedSecretInstallation) .Values.artifactory.jfConnectTokenSecretName }}
name: {{ include "artifactory-ha.jfConnectTokenSecretName" . }}
{{- else }}
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: jfconnect-token
{{- end }}
@ -266,7 +266,7 @@ spec:
{{- if or (not .Values.artifactory.unifiedSecretInstallation) .Values.artifactory.masterKeySecretName .Values.global.masterKeySecretName }}
name: {{ include "artifactory-ha.masterKeySecretName" . }}
{{- else }}
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: master-key
{{- end }}
@ -428,7 +428,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory-ha.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-user
{{- end }}
@ -444,7 +444,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory-ha.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-password
{{- else if .Values.postgresql.enabled }}
@ -463,7 +463,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory-ha.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-url
{{- end }}
@ -656,7 +656,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory-ha.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-user
{{- end }}
@ -672,7 +672,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory-ha.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-password
{{- else if .Values.postgresql.enabled }}
@ -691,7 +691,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory-ha.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-url
{{- end }}
@ -964,7 +964,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory-ha.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-user
{{- end }}
@ -980,7 +980,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory-ha.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-password
{{- else if .Values.postgresql.enabled }}
@ -999,7 +999,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory-ha.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-url
{{- end }}
@ -1366,7 +1366,8 @@ spec:
{{- if and .Values.artifactory.unifiedSecretInstallation (eq (include "artifactory-ha.checkDuplicateUnifiedCustomVolume" .) "false" ) }}
- name: {{ include "artifactory-ha.unifiedCustomSecretVolumeName" . }}
secret:
secretName: {{ template "artifactory-ha.fullname" . }}-unified-secret
secretName: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- else if not .Values.artifactory.unifiedSecretInstallation }}
############ If single secret installation flag is disable ############

View File

@ -2,7 +2,7 @@
apiVersion: v1
kind: Secret
metadata:
name: {{ template "artifactory-ha.fullname" . }}-unified-secret
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
labels:
app: "{{ template "artifactory-ha.name" $ }}"
chart: "{{ template "artifactory-ha.chart" $ }}"

View File

@ -76,6 +76,8 @@ spec:
- >
rm -rfv {{ .Values.nginx.persistence.mountPath }}/lost+found;
mkdir -p {{ .Values.nginx.persistence.mountPath }}/logs;
resources:
{{- toYaml .Values.initContainers.resources | nindent 10 }}
volumeMounts:
- mountPath: {{ .Values.nginx.persistence.mountPath | quote }}
name: nginx-volume

View File

@ -48,7 +48,7 @@ initContainers:
image:
registry: releases-docker.jfrog.io
repository: ubi9/ubi-minimal
tag: 9.3.1552
tag: 9.4.949
pullPolicy: IfNotPresent
resources:
requests:
@ -345,6 +345,8 @@ artifactory:
# unifiedSecretInstallation flag enables single unified secret holding all the artifactory-ha internal(chart) secrets, It won't be affecting external secrets.
## Note: unifiedSecretInstallation flag is enabled by true by default from chart version 107.78.x, Users can switch to false to continue with the old way of secret creation.
unifiedSecretInstallation: true
## unifiedSecretPrependReleaseName Set this flag to false if unifiedSecret should not be created with <release-name> prepended.
unifiedSecretPrependReleaseName: true
image:
registry: releases-docker.jfrog.io
repository: jfrog/artifactory-pro
@ -536,7 +538,7 @@ artifactory:
# cpu: "100m"
## Add custom volumes
# If .Values.artifactory.unifiedSecretInstallation is true then secret name should be '{{ template "artifactory-ha.fullname" . }}-unified-secret'.
# If .Values.artifactory.unifiedSecretInstallation is true then secret name should be '{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret'.
customVolumes: ""
# - name: custom-script
# configMap:
@ -585,7 +587,7 @@ artifactory:
# jfConnectTokenSecretName:
# Add custom secrets - secret per file
# If .Values.artifactory.unifiedSecretInstallation is true then secret name should be '{{ template "artifactory-ha.fullname" . }}-unified-secret' common to all secrets
# If .Values.artifactory.unifiedSecretInstallation is true then secret name should be '{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret' common to all secrets
customSecrets:
# - name: custom-secret
# key: custom-secret.yaml

View File

@ -1,7 +1,7 @@
# JFrog Container Registry Chart Changelog
All changes to this chart will be documented in this file.
## [107.84.12] - Feb 20, 2024
## [107.84.14] - Feb 20, 2024
* Updated `artifactory.installerInfo` content
## [107.80.0] - Feb 1, 2024

View File

@ -4,11 +4,11 @@ annotations:
catalog.cattle.io/kube-version: '>= 1.19.0-0'
catalog.cattle.io/release-name: artifactory-jcr
apiVersion: v2
appVersion: 7.84.12
appVersion: 7.84.14
dependencies:
- name: artifactory
repository: file://./charts/artifactory
version: 107.84.12
version: 107.84.14
description: JFrog Container Registry
home: https://jfrog.com/container-registry/
icon: https://raw.githubusercontent.com/jfrog/charts/ea5c3112c24a973f64f3ccd99747323db292a369/stable/artifactory-jcr/logo/jcr-logo.png
@ -27,4 +27,4 @@ name: artifactory-jcr
sources:
- https://github.com/jfrog/charts
type: application
version: 107.84.12
version: 107.84.14

View File

@ -1,7 +1,7 @@
# JFrog Artifactory Chart Changelog
All changes to this chart will be documented in this file.
## [107.84.12] - May 16, 2024
## [107.84.14] - May 29, 2024
* Added image section for `initContainers` instead of `initContainerImage`
* Renamed `router.image.imagePullPolicy` to `router.image.pullPolicy`
* Removed image section for `loggers`
@ -18,6 +18,9 @@ All changes to this chart will be documented in this file.
* Added a check if `initContainerImage` exists
* Fixed an issue to generate unified secret to support artifactory fullname [GH-1882](https://github.com/jfrog/charts/issues/1882)
* Fixed an issue template render on loggers [GH-1883](https://github.com/jfrog/charts/issues/1883)
* Fixed resource constraints for "setup" initContainer of nginx deployment [GH-962] (https://github.com/jfrog/charts/issues/962)
* Added .Values.artifactory.unifiedSecretPrependReleaseName` for unified secret to prepend release name
* Fixed maxCacheSize and cacheProviderDir mix up under azure-blob-storage-v2-direct template in binarystore.xml
## [107.82.0] - Mar 04, 2024
* Added `disableRouterBypass` flag as experimental feature, to disable the artifactoryPath /artifactory/ and route all traffic through the Router.

View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 7.84.12
appVersion: 7.84.14
dependencies:
- condition: postgresql.enabled
name: postgresql
@ -21,4 +21,4 @@ name: artifactory
sources:
- https://github.com/jfrog/charts
type: application
version: 107.84.12
version: 107.84.14

View File

@ -404,8 +404,8 @@
<config version="3">
<chain template="azure-blob-storage-v2-direct"/>
<provider type="cache-fs" id="cache-fs">
<cacheProviderDir>{{ .Values.artifactory.persistence.maxCacheSize | int64 }}</cacheProviderDir>
<maxCacheSize>{{ .Values.artifactory.persistence.cacheProviderDir }}</maxCacheSize>
<maxCacheSize>{{ .Values.artifactory.persistence.maxCacheSize | int64 }}</maxCacheSize>
<cacheProviderDir>{{ .Values.artifactory.persistence.cacheProviderDir }}</cacheProviderDir>
{{- if .Values.artifactory.persistence.maxFileSizeLimit }}
<maxFileSizeLimit>{{.Values.artifactory.persistence.maxFileSizeLimit | int64}}</maxFileSizeLimit>
{{- end }}

View File

@ -456,3 +456,14 @@ Calculate the systemYaml from the unstructured text input
{{- define "artifactory.systemYaml" -}}
{{ include (print $.Template.BasePath "/_system-yaml-render.tpl") . }}
{{- end -}}
{{/*
Resolve unified secret prepend release name
*/}}
{{- define "artifactory.unifiedSecretPrependReleaseName" -}}
{{- if .Values.artifactory.unifiedSecretPrependReleaseName }}
{{- printf "%s" (include "artifactory.fullname" .) -}}
{{- else }}
{{- printf "%s" (include "artifactory.name" .) -}}
{{- end }}
{{- end }}

View File

@ -226,7 +226,7 @@ spec:
{{- if or (not .Values.artifactory.unifiedSecretInstallation) .Values.artifactory.joinKeySecretName .Values.global.joinKeySecretName }}
name: {{ include "artifactory.joinKeySecretName" . }}
{{- else }}
name: "{{ template "artifactory.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: join-key
{{- end }}
@ -237,7 +237,7 @@ spec:
{{- if or (not .Values.artifactory.unifiedSecretInstallation) .Values.artifactory.jfConnectTokenSecretName }}
name: {{ include "artifactory.jfConnectTokenSecretName" . }}
{{- else }}
name: "{{ template "artifactory.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: jfconnect-token
{{- end }}
@ -248,7 +248,7 @@ spec:
{{- if or (not .Values.artifactory.unifiedSecretInstallation) .Values.artifactory.masterKeySecretName .Values.global.masterKeySecretName }}
name: {{ include "artifactory.masterKeySecretName" . }}
{{- else }}
name: "{{ template "artifactory.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: master-key
{{- end }}
@ -408,7 +408,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-user
{{- end }}
@ -424,7 +424,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-password
{{- else if .Values.postgresql.enabled }}
@ -443,7 +443,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-url
{{- end }}
@ -622,7 +622,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-user
{{- end }}
@ -638,7 +638,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-password
{{- else if .Values.postgresql.enabled }}
@ -657,7 +657,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-url
{{- end }}
@ -934,7 +934,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-user
{{- end }}
@ -950,7 +950,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-password
{{- else if .Values.postgresql.enabled }}
@ -969,7 +969,7 @@ spec:
{{- if not .Values.artifactory.unifiedSecretInstallation }}
name: {{ template "artifactory.fullname" . }}-database-creds
{{- else }}
name: "{{ template "artifactory.fullname" . }}-unified-secret"
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- end }}
key: db-url
{{- end }}
@ -1321,7 +1321,8 @@ spec:
{{- if and .Values.artifactory.unifiedSecretInstallation (eq (include "artifactory.checkDuplicateUnifiedCustomVolume" .) "false" ) }}
- name: {{ include "artifactory.unifiedCustomSecretVolumeName" . }}
secret:
secretName: {{ template "artifactory.fullname" . }}-unified-secret
secretName: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
{{- else if not .Values.artifactory.unifiedSecretInstallation }}
############ If single secret installation flag is disable ############
{{- if and .Values.artifactory.persistence.googleStorage.gcpServiceAccount.enabled (not .Values.artifactory.persistence.googleStorage.gcpServiceAccount.customSecretName) }}

View File

@ -2,7 +2,7 @@
apiVersion: v1
kind: Secret
metadata:
name: {{ template "artifactory.fullname" . }}-unified-secret
name: {{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret
labels:
app: "{{ template "artifactory.name" $ }}"
chart: "{{ template "artifactory.chart" $ }}"

View File

@ -79,6 +79,8 @@ spec:
- >
rm -rfv {{ .Values.nginx.persistence.mountPath }}/lost+found;
mkdir -p {{ .Values.nginx.persistence.mountPath }}/logs;
resources:
{{- toYaml .Values.initContainers.resources | nindent 10 }}
volumeMounts:
- mountPath: {{ .Values.nginx.persistence.mountPath | quote }}
name: nginx-volume

View File

@ -49,7 +49,7 @@ initContainers:
image:
registry: releases-docker.jfrog.io
repository: ubi9/ubi-minimal
tag: 9.3.1552
tag: 9.4.949
pullPolicy: IfNotPresent
resources:
requests:
@ -287,6 +287,8 @@ artifactory:
# unifiedSecretInstallation flag enables single unified secret holding all the artifactory internal(chart) secrets, It won't be affecting external secrets.
## Note: unifiedSecretInstallation flag is enabled by true by default from chart version 107.79.x, Users can switch to false to continue with the old way of secret creation.
unifiedSecretInstallation: true
## unifiedSecretPrependReleaseName Set this flag to false if unifiedSecret should not be created with <release-name> prepended.
unifiedSecretPrependReleaseName: true
# For HA installation, set this value > 1. This is only supported in Artifactory 7.25.x (appVersions) and above.
replicaCount: 1
# minAvailable: 1
@ -492,7 +494,7 @@ artifactory:
# cpu: "100m"
## Add custom volumes
# If .Values.artifactory.unifiedSecretInstallation is true then secret name should be '{{ template "artifactory.fullname" . }}-unified-secret'
# If .Values.artifactory.unifiedSecretInstallation is true then secret name should be '{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret'
customVolumes: ""
# - name: custom-script
# configMap:
@ -565,7 +567,7 @@ artifactory:
# jfConnectTokenSecretName:
# Add custom secrets - secret per file
# If .Values.artifactory.unifiedSecretInstallation is true then secret name should be '{{ template "artifactory.fullname" . }}-unified-secret' common to all secrets
# If .Values.artifactory.unifiedSecretInstallation is true then secret name should be '{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret' common to all secrets
customSecrets:
# - name: custom-secret
# key: custom-secret.yaml

View File

@ -72,4 +72,4 @@ router:
tag: 7.105.1
initContainers:
image:
tag: 9.3.1552
tag: 9.4.949

View File

@ -15,4 +15,4 @@ maintainers:
- email: natalia.marukovich@percona.com
name: nmarukovich
name: psmdb-db
version: 1.16.0
version: 1.16.1

View File

@ -36,6 +36,7 @@ The chart can be customized using the following configurable parameters:
| `unsafeFlags.backupIfUnhealthy` | Allows running backup on a cluster with failed health checks | `false` |
| `clusterServiceDNSSuffix` | The (non-standard) cluster domain to be used as a suffix of the Service name | `""` |
| `clusterServiceDNSMode` | Mode for the cluster service dns (Internal/ServiceMesh) | `""` |
| `annotations` | PSMDB custom resource annotations | `{}` |
| `ignoreAnnotations` | The list of annotations to be ignored by the Operator | `[]` |
| `ignoreLabels` | The list of labels to be ignored by the Operator | `[]` |
| `multiCluster.enabled` | Enable Multi Cluster Services (MCS) cluster mode | `false` |

View File

@ -1,9 +1,10 @@
apiVersion: psmdb.percona.com/v1
kind: PerconaServerMongoDB
metadata:
{{- if .Values.annotations }}
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"psmdb.percona.com/v1","kind":"PerconaServerMongoDB"}
{{ .Values.annotations | toYaml | indent 4 }}
{{- end }}
name: {{ include "psmdb-database.fullname" . }}
namespace: {{ .Release.Namespace }}
labels:

View File

@ -28,6 +28,8 @@ unsafeFlags:
terminationGracePeriod: false
backupIfUnhealthy: false
annotations: {}
# ignoreAnnotations:
# - service.beta.kubernetes.io/aws-load-balancer-backend-protocol
# ignoreLabels:

View File

@ -241,6 +241,40 @@ entries:
- assets/amd/amd-gpu-0.9.0.tgz
version: 0.9.0
artifactory-ha:
- annotations:
artifactoryServiceVersion: 7.84.17
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: JFrog Artifactory HA
catalog.cattle.io/kube-version: '>= 1.19.0-0'
catalog.cattle.io/release-name: artifactory-ha
apiVersion: v2
appVersion: 7.84.14
created: "2024-06-07T00:57:38.426373386Z"
dependencies:
- condition: postgresql.enabled
name: postgresql
repository: file://./charts/postgresql
version: 10.3.18
description: Universal Repository Manager supporting all major packaging formats,
build tools and CI servers.
digest: bd964c37edb6388d44d187075887b1a962cc38aeac9f06e566b3cf32b50fdb2d
home: https://www.jfrog.com/artifactory/
icon: https://raw.githubusercontent.com/jfrog/charts/ea5c3112c24a973f64f3ccd99747323db292a369/stable/artifactory-ha/logo/artifactory-logo.png
keywords:
- artifactory
- jfrog
- devops
kubeVersion: '>= 1.19.0-0'
maintainers:
- email: installers@jfrog.com
name: Chart Maintainers at JFrog
name: artifactory-ha
sources:
- https://github.com/jfrog/charts
type: application
urls:
- assets/jfrog/artifactory-ha-107.84.14.tgz
version: 107.84.14
- annotations:
artifactoryServiceVersion: 7.84.16
catalog.cattle.io/certified: partner
@ -1268,6 +1302,40 @@ entries:
- assets/jfrog/artifactory-ha-107.55.14.tgz
version: 107.55.14
artifactory-jcr:
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: JFrog Container Registry
catalog.cattle.io/kube-version: '>= 1.19.0-0'
catalog.cattle.io/release-name: artifactory-jcr
apiVersion: v2
appVersion: 7.84.14
created: "2024-06-07T00:57:38.672526969Z"
dependencies:
- name: artifactory
repository: file://./charts/artifactory
version: 107.84.14
description: JFrog Container Registry
digest: 17beb379cb64a4df8589add14a19950934f08d2ee7b162ee08a6a600ce197002
home: https://jfrog.com/container-registry/
icon: https://raw.githubusercontent.com/jfrog/charts/ea5c3112c24a973f64f3ccd99747323db292a369/stable/artifactory-jcr/logo/jcr-logo.png
keywords:
- artifactory
- jfrog
- container
- registry
- devops
- jfrog-container-registry
kubeVersion: '>= 1.19.0-0'
maintainers:
- email: helm@jfrog.com
name: Chart Maintainers at JFrog
name: artifactory-jcr
sources:
- https://github.com/jfrog/charts
type: application
urls:
- assets/jfrog/artifactory-jcr-107.84.14.tgz
version: 107.84.14
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: JFrog Container Registry
@ -11134,6 +11202,117 @@ entries:
- assets/inaccel/fpga-operator-2.5.201.tgz
version: 2.5.201
gluu:
- annotations:
artifacthub.io/containsSecurityUpdates: "true"
artifacthub.io/images: |
- name: auth-server
image: ghcr.io/janssenproject/jans/auth-server:1.1.2-2
- name: auth-server-key-rotation
image: ghcr.io/janssenproject/jans/certmanager:1.1.2-2
- name: configuration-manager
image: ghcr.io/janssenproject/jans/configurator:1.1.2-2
- name: config-api
image: ghcr.io/janssenproject/jans/config-api:1.1.2-2
- name: fido2
image: ghcr.io/janssenproject/jans/fido2:1.1.2-2
- name: persistence
image: ghcr.io/janssenproject/jans/persistence-loader:1.1.2-2
- name: scim
image: ghcr.io/janssenproject/jans/scim:1.1.2-2
- name: casa
image: ghcr.io/janssenproject/jans/casa:1.1.2-2
- name: admin-ui
image: ghcr.io/gluufederation/flex/admin-ui:5.1.2-1
- name: link
image: ghcr.io/janssenproject/jans/link:1.1.2-2
- name: saml
image: ghcr.io/janssenproject/jans/saml:1.1.2-2
- name: kc-scheduler
image: ghcr.io/janssenproject/jans/kc-scheduler:1.1.2-2
artifacthub.io/license: Apache-2.0
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Gluu Cloud Identity and Access Management
catalog.cattle.io/featured: "4"
catalog.cattle.io/kube-version: '>=v1.21.0-0'
catalog.cattle.io/release-name: gluu
apiVersion: v2
appVersion: 5.1.2
created: "2024-06-07T00:57:37.608217215Z"
dependencies:
- condition: global.config.enabled
name: config
repository: file://./charts/config
version: 1.1.2
- condition: global.config-api.enabled
name: config-api
repository: file://./charts/config-api
version: 1.1.2
- condition: global.opendj.enabled
name: opendj
repository: file://./charts/opendj
version: 5.1.2
- condition: global.auth-server.enabled
name: auth-server
repository: file://./charts/auth-server
version: 1.1.2
- condition: global.admin-ui.enabled
name: admin-ui
repository: file://./charts/admin-ui
version: 5.1.2
- condition: global.fido2.enabled
name: fido2
repository: file://./charts/fido2
version: 1.1.2
- condition: global.scim.enabled
name: scim
repository: file://./charts/scim
version: 1.1.2
- condition: global.nginx-ingress.enabled
name: nginx-ingress
repository: file://./charts/nginx-ingress
version: 5.1.2
- condition: global.casa.enabled
name: casa
repository: file://./charts/casa
version: 1.1.2
- condition: global.auth-server-key-rotation.enabled
name: auth-server-key-rotation
repository: file://./charts/auth-server-key-rotation
version: 1.1.2
- condition: global.persistence.enabled
name: persistence
repository: file://./charts/persistence
version: 1.1.2
- condition: global.istio.ingress
name: cn-istio-ingress
repository: file://./charts/cn-istio-ingress
version: 5.1.2
- condition: global.link.enabled
name: link
repository: file://./charts/link
version: 1.1.2
- condition: global.saml.enabled
name: saml
repository: file://./charts/saml
version: 1.1.2
- condition: global.kc-scheduler.enabled
name: kc-scheduler
repository: file://./charts/kc-scheduler
version: 1.1.2
description: Gluu Access and Identity Management
digest: fe5aee957ae0605969bb82ba17b626da9c99927d5f0990d644bbb245413ab94a
home: https://www.gluu.org
icon: https://gluu.org/docs/gluu-server/favicon.ico
kubeVersion: '>=v1.21.0-0'
maintainers:
- email: team@gluu.org
name: moabu
name: gluu
sources:
- https://docs.gluu.org
urls:
- assets/gluu/gluu-5.1.2.tgz
version: 5.1.2
- annotations:
artifacthub.io/containsSecurityUpdates: "true"
artifacthub.io/images: |
@ -11162,12 +11341,11 @@ entries:
artifacthub.io/license: Apache-2.0
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Gluu Cloud Identity and Access Management
catalog.cattle.io/featured: "4"
catalog.cattle.io/kube-version: '>=v1.21.0-0'
catalog.cattle.io/release-name: gluu
apiVersion: v2
appVersion: 5.1.1
created: "2024-04-16T10:50:01.9875302-06:00"
created: "2024-06-07T00:57:30.012858903Z"
dependencies:
- condition: global.config.enabled
name: config
@ -11226,9 +11404,9 @@ entries:
repository: file://./charts/saml
version: 1.1.1
description: Gluu Access and Identity Management
digest: 60470a4e377d5baea30d9a73329c71336cfb158a030cd6f1bb78ce55beddab93
digest: 29becffe78912baaeb60a44cd0060fae7a10ac327b7d6f6c852aa2be7f61532f
home: https://www.gluu.org
icon: file://assets/icons/gluu.ico
icon: https://gluu.org/docs/gluu-server/favicon.ico
kubeVersion: '>=v1.21.0-0'
maintainers:
- email: team@gluu.org
@ -35822,6 +36000,28 @@ entries:
- assets/portshift-operator/portshift-operator-0.1.000.tgz
version: 0.1.000
psmdb-db:
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Percona Server for MongoDB
catalog.cattle.io/kube-version: '>=1.21-0'
catalog.cattle.io/release-name: psmdb-db
apiVersion: v2
appVersion: 1.16.0
created: "2024-06-07T00:57:41.032836651Z"
description: A Helm chart for installing Percona Server MongoDB Cluster Databases
using the PSMDB Operator.
digest: d6fbf37467ce53a5d668bf82704e252c5f5c3dbb7676146990a5cd571297ab9e
home: https://www.percona.com/doc/kubernetes-operator-for-psmongodb/index.html
icon: https://raw.githubusercontent.com/percona/percona-server-mongodb-operator/main/operator.png
maintainers:
- email: tomislav.plavcic@percona.com
name: tplavcic
- email: natalia.marukovich@percona.com
name: nmarukovich
name: psmdb-db
urls:
- assets/percona/psmdb-db-1.16.1.tgz
version: 1.16.1
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Percona Server for MongoDB