Charts CI
``` Updated: gluu/gluu: - 5.1.2 jfrog/artifactory-ha: - 107.84.14 jfrog/artifactory-jcr: - 107.84.14 percona/psmdb-db: - 1.16.1 ```pull/1030/head
parent
8f284a56ec
commit
8a87c4d951
charts
gluu/gluu
charts
admin-ui
auth-server-key-rotation
auth-server
cn-istio-ingress
config-api
config
fido2
nginx-ingress
opendj
persistence
jfrog
artifactory-jcr
percona/psmdb-db
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -2,27 +2,29 @@ annotations:
|
|||
artifacthub.io/containsSecurityUpdates: "true"
|
||||
artifacthub.io/images: |
|
||||
- name: auth-server
|
||||
image: ghcr.io/janssenproject/jans/auth-server:1.1.1-1
|
||||
image: ghcr.io/janssenproject/jans/auth-server:1.1.2-2
|
||||
- name: auth-server-key-rotation
|
||||
image: ghcr.io/janssenproject/jans/certmanager:1.1.1-1
|
||||
image: ghcr.io/janssenproject/jans/certmanager:1.1.2-2
|
||||
- name: configuration-manager
|
||||
image: ghcr.io/janssenproject/jans/configurator:1.1.1-1
|
||||
image: ghcr.io/janssenproject/jans/configurator:1.1.2-2
|
||||
- name: config-api
|
||||
image: ghcr.io/janssenproject/jans/config-api:1.1.1-1
|
||||
image: ghcr.io/janssenproject/jans/config-api:1.1.2-2
|
||||
- name: fido2
|
||||
image: ghcr.io/janssenproject/jans/fido2:1.1.1-1
|
||||
image: ghcr.io/janssenproject/jans/fido2:1.1.2-2
|
||||
- name: persistence
|
||||
image: ghcr.io/janssenproject/jans/persistence-loader:1.1.1-1
|
||||
image: ghcr.io/janssenproject/jans/persistence-loader:1.1.2-2
|
||||
- name: scim
|
||||
image: ghcr.io/janssenproject/jans/scim:1.1.1-1
|
||||
image: ghcr.io/janssenproject/jans/scim:1.1.2-2
|
||||
- name: casa
|
||||
image: ghcr.io/janssenproject/jans/casa:1.1.1-1
|
||||
image: ghcr.io/janssenproject/jans/casa:1.1.2-2
|
||||
- name: admin-ui
|
||||
image: ghcr.io/gluufederation/flex/admin-ui:5.1.1-1
|
||||
image: ghcr.io/gluufederation/flex/admin-ui:5.1.2-1
|
||||
- name: link
|
||||
image: ghcr.io/janssenproject/jans/link:1.1.1-1
|
||||
image: ghcr.io/janssenproject/jans/link:1.1.2-2
|
||||
- name: saml
|
||||
image: ghcr.io/janssenproject/jans/saml:1.1.1-1
|
||||
image: ghcr.io/janssenproject/jans/saml:1.1.2-2
|
||||
- name: kc-scheduler
|
||||
image: ghcr.io/janssenproject/jans/kc-scheduler:1.1.2-2
|
||||
artifacthub.io/license: Apache-2.0
|
||||
catalog.cattle.io/certified: partner
|
||||
catalog.cattle.io/display-name: Gluu Cloud Identity and Access Management
|
||||
|
@ -30,64 +32,68 @@ annotations:
|
|||
catalog.cattle.io/kube-version: '>=v1.21.0-0'
|
||||
catalog.cattle.io/release-name: gluu
|
||||
apiVersion: v2
|
||||
appVersion: 5.1.1
|
||||
appVersion: 5.1.2
|
||||
dependencies:
|
||||
- condition: global.config.enabled
|
||||
name: config
|
||||
repository: file://./charts/config
|
||||
version: 1.1.1
|
||||
version: 1.1.2
|
||||
- condition: global.config-api.enabled
|
||||
name: config-api
|
||||
repository: file://./charts/config-api
|
||||
version: 1.1.1
|
||||
version: 1.1.2
|
||||
- condition: global.opendj.enabled
|
||||
name: opendj
|
||||
repository: file://./charts/opendj
|
||||
version: 5.1.1
|
||||
version: 5.1.2
|
||||
- condition: global.auth-server.enabled
|
||||
name: auth-server
|
||||
repository: file://./charts/auth-server
|
||||
version: 1.1.1
|
||||
version: 1.1.2
|
||||
- condition: global.admin-ui.enabled
|
||||
name: admin-ui
|
||||
repository: file://./charts/admin-ui
|
||||
version: 5.1.1
|
||||
version: 5.1.2
|
||||
- condition: global.fido2.enabled
|
||||
name: fido2
|
||||
repository: file://./charts/fido2
|
||||
version: 1.1.1
|
||||
version: 1.1.2
|
||||
- condition: global.scim.enabled
|
||||
name: scim
|
||||
repository: file://./charts/scim
|
||||
version: 1.1.1
|
||||
version: 1.1.2
|
||||
- condition: global.nginx-ingress.enabled
|
||||
name: nginx-ingress
|
||||
repository: file://./charts/nginx-ingress
|
||||
version: 5.1.1
|
||||
version: 5.1.2
|
||||
- condition: global.casa.enabled
|
||||
name: casa
|
||||
repository: file://./charts/casa
|
||||
version: 1.1.1
|
||||
version: 1.1.2
|
||||
- condition: global.auth-server-key-rotation.enabled
|
||||
name: auth-server-key-rotation
|
||||
repository: file://./charts/auth-server-key-rotation
|
||||
version: 1.1.1
|
||||
version: 1.1.2
|
||||
- condition: global.persistence.enabled
|
||||
name: persistence
|
||||
repository: file://./charts/persistence
|
||||
version: 1.1.1
|
||||
version: 1.1.2
|
||||
- condition: global.istio.ingress
|
||||
name: cn-istio-ingress
|
||||
repository: file://./charts/cn-istio-ingress
|
||||
version: 5.1.1
|
||||
version: 5.1.2
|
||||
- condition: global.link.enabled
|
||||
name: link
|
||||
repository: file://./charts/link
|
||||
version: 1.1.1
|
||||
version: 1.1.2
|
||||
- condition: global.saml.enabled
|
||||
name: saml
|
||||
repository: file://./charts/saml
|
||||
version: 1.1.1
|
||||
version: 1.1.2
|
||||
- condition: global.kc-scheduler.enabled
|
||||
name: kc-scheduler
|
||||
repository: file://./charts/kc-scheduler
|
||||
version: 1.1.2
|
||||
description: Gluu Access and Identity Management
|
||||
home: https://www.gluu.org
|
||||
icon: https://gluu.org/docs/gluu-server/favicon.ico
|
||||
|
@ -98,4 +104,4 @@ maintainers:
|
|||
name: gluu
|
||||
sources:
|
||||
- https://docs.gluu.org
|
||||
version: 5.1.1
|
||||
version: 5.1.2
|
||||
|
|
File diff suppressed because one or more lines are too long
|
@ -1,5 +1,5 @@
|
|||
apiVersion: v2
|
||||
appVersion: 5.1.1
|
||||
appVersion: 5.1.2
|
||||
description: Admin GUI. Requires license.
|
||||
home: https://docs.gluu.org
|
||||
icon: https://gluu.org/docs/gluu-server/favicon.ico
|
||||
|
@ -17,4 +17,4 @@ sources:
|
|||
- https://github.com/GluuFederation/docker-gluu-admin-ui
|
||||
- https://github.com/GluuFederation/flex/tree/main/charts/gluu/charts/admin-ui
|
||||
type: application
|
||||
version: 5.1.1
|
||||
version: 5.1.2
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# admin-ui
|
||||
|
||||
![Version: 5.1.1](https://img.shields.io/badge/Version-5.1.1--dev-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
|
||||
![Version: 5.1.2](https://img.shields.io/badge/Version-5.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
|
||||
|
||||
Admin GUI. Requires license.
|
||||
|
||||
|
@ -36,7 +36,7 @@ Kubernetes: `>=v1.21.0-0`
|
|||
| image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
|
||||
| image.pullSecrets | list | `[]` | Image Pull Secrets |
|
||||
| image.repository | string | `"gluufederation/admin-ui"` | Image to use for deploying. |
|
||||
| image.tag | string | `"5.1.1-1"` | Image tag to use for deploying. |
|
||||
| image.tag | string | `"5.1.2-1"` | Image tag to use for deploying. |
|
||||
| lifecycle | object | `{}` | |
|
||||
| livenessProbe | object | `{"failureThreshold":20,"initialDelaySeconds":60,"periodSeconds":25,"tcpSocket":{"port":8080},"timeoutSeconds":5}` | Configure the liveness healthcheck for the admin ui if needed. |
|
||||
| readinessProbe | object | `{"failureThreshold":20,"initialDelaySeconds":60,"periodSeconds":25,"tcpSocket":{"port":8080},"timeoutSeconds":5}` | Configure the readiness healthcheck for the admin ui if needed. |
|
||||
|
|
|
@ -202,7 +202,7 @@ spec:
|
|||
secret:
|
||||
secretName: {{ .Release.Name }}-cb-pass
|
||||
items:
|
||||
# we are mostly need non-superuser couchbase password file here
|
||||
# we mostly need non-superuser couchbase password file here
|
||||
- key: couchbase_password
|
||||
path: couchbase_password
|
||||
{{- end }}
|
||||
|
|
|
@ -27,7 +27,7 @@ image:
|
|||
# -- Image to use for deploying.
|
||||
repository: gluufederation/admin-ui
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 5.1.1-1
|
||||
tag: 5.1.2-1
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- Service replica number.
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
apiVersion: v2
|
||||
appVersion: 5.1.1
|
||||
appVersion: 5.1.2
|
||||
description: Responsible for regenerating auth-keys per x hours
|
||||
home: https://docs.gluu.org
|
||||
icon: https://gluu.org/docs/gluu-server/favicon.ico
|
||||
|
@ -15,4 +15,4 @@ sources:
|
|||
- https://github.com/JanssenProject/docker-jans-certmanager
|
||||
- https://github.com/GluuFederation/flex/tree/main/charts/gluu/charts/auth-server-key-rotation
|
||||
type: application
|
||||
version: 1.1.1
|
||||
version: 1.1.2
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# auth-server-key-rotation
|
||||
|
||||
![Version: 1.1.1](https://img.shields.io/badge/Version-1.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
|
||||
![Version: 1.1.2](https://img.shields.io/badge/Version-1.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
|
||||
|
||||
Responsible for regenerating auth-keys per x hours
|
||||
|
||||
|
@ -34,7 +34,7 @@ Kubernetes: `>=v1.21.0-0`
|
|||
| image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
|
||||
| image.pullSecrets | list | `[]` | Image Pull Secrets |
|
||||
| image.repository | string | `"janssenproject/certmanager"` | Image to use for deploying. |
|
||||
| image.tag | string | `"1.1.1-1"` | Image tag to use for deploying. |
|
||||
| image.tag | string | `"1.1.2-2"` | Image tag to use for deploying. |
|
||||
| keysLife | int | `48` | Auth server key rotation keys life in hours |
|
||||
| keysPushDelay | int | `0` | Delay (in seconds) before pushing private keys to Auth server |
|
||||
| keysPushStrategy | string | `"NEWER"` | Set key selection strategy after pushing private keys to Auth server (only takes effect when keysPushDelay value is greater than 0) |
|
||||
|
|
|
@ -169,7 +169,7 @@ spec:
|
|||
secret:
|
||||
secretName: {{ .Release.Name }}-cb-pass
|
||||
items:
|
||||
# we are mostly need non-superuser couchbase password file here
|
||||
# we mostly need non-superuser couchbase password file here
|
||||
- key: couchbase_password
|
||||
path: couchbase_password
|
||||
{{- end }}
|
||||
|
|
|
@ -18,7 +18,7 @@ image:
|
|||
# -- Image to use for deploying.
|
||||
repository: janssenproject/certmanager
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 1.1.1-1
|
||||
tag: 1.1.2-2
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- Auth server key rotation keys life in hours
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
apiVersion: v2
|
||||
appVersion: 5.1.1
|
||||
appVersion: 5.1.2
|
||||
description: OAuth Authorization Server, the OpenID Connect Provider, the UMA Authorization
|
||||
Server--this is the main Internet facing component of Gluu. It's the service that
|
||||
returns tokens, JWT's and identity assertions. This service must be Internet facing.
|
||||
|
@ -19,4 +19,4 @@ sources:
|
|||
- https://github.com/JanssenProject/docker-jans-auth-server
|
||||
- https://github.com/GluuFederation/flex/tree/main/charts/gluu/charts/auth-server
|
||||
type: application
|
||||
version: 1.1.1
|
||||
version: 1.1.2
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# auth-server
|
||||
|
||||
![Version: 1.1.1](https://img.shields.io/badge/Version-1.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
|
||||
![Version: 1.1.2](https://img.shields.io/badge/Version-1.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
|
||||
|
||||
OAuth Authorization Server, the OpenID Connect Provider, the UMA Authorization Server--this is the main Internet facing component of Gluu. It's the service that returns tokens, JWT's and identity assertions. This service must be Internet facing.
|
||||
|
||||
|
@ -37,7 +37,7 @@ Kubernetes: `>=v1.21.0-0`
|
|||
| image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
|
||||
| image.pullSecrets | list | `[]` | Image Pull Secrets |
|
||||
| image.repository | string | `"janssenproject/auth-server"` | Image to use for deploying. |
|
||||
| image.tag | string | `"1.1.1-1"` | Image tag to use for deploying. |
|
||||
| image.tag | string | `"1.1.2-2"` | Image tag to use for deploying. |
|
||||
| lifecycle | object | `{}` | |
|
||||
| livenessProbe | object | `{"exec":{"command":["python3","/app/scripts/healthcheck.py"]},"initialDelaySeconds":30,"periodSeconds":30,"timeoutSeconds":5}` | Configure the liveness healthcheck for the auth server if needed. |
|
||||
| livenessProbe.exec | object | `{"command":["python3","/app/scripts/healthcheck.py"]}` | Executes the python3 healthcheck. |
|
||||
|
|
|
@ -75,13 +75,12 @@ Create JAVA_OPTIONS ENV for passing custom work and detailed logs
|
|||
{{- $cnCustomJavaOptions := index .Values.global "auth-server" "cnCustomJavaOptions" }}
|
||||
{{- $custom := printf "%s" $cnCustomJavaOptions }}
|
||||
{{ $memory := .Values.resources.limits.memory | replace "Mi" "" | int -}}
|
||||
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" $memory -}}
|
||||
{{- $xmx := printf "-Xmx%dm" (sub $memory 300) -}}
|
||||
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" ( mul (mulf $memory 0.41) 1 ) -}}
|
||||
{{- $xmx := printf "-Xmx%dm" (sub $memory (mulf $memory 0.49)) -}}
|
||||
{{- $customJavaOptions := printf "%s %s %s" $custom $maxDirectMemory $xmx -}}
|
||||
{{ $customJavaOptions | trim | quote }}
|
||||
{{- end }}
|
||||
|
||||
|
||||
{{/*
|
||||
Create topologySpreadConstraints lists
|
||||
*/}}
|
||||
|
|
|
@ -298,7 +298,7 @@ spec:
|
|||
secret:
|
||||
secretName: {{ .Release.Name }}-cb-pass
|
||||
items:
|
||||
# we are mostly need non-superuser couchbase password file here
|
||||
# we mostly need non-superuser couchbase password file here
|
||||
- key: couchbase_password
|
||||
path: couchbase_password
|
||||
{{- end }}
|
||||
|
|
|
@ -28,7 +28,7 @@ image:
|
|||
# -- Image to use for deploying.
|
||||
repository: janssenproject/auth-server
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 1.1.1-1
|
||||
tag: 1.1.2-2
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- Service replica number.
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
apiVersion: v2
|
||||
appVersion: 5.1.1
|
||||
appVersion: 5.1.2
|
||||
description: Jans Casa ("Casa") is a self-service web portal for end-users to manage
|
||||
authentication and authorization preferences for their account in a Jans Server.
|
||||
home: https://gluu.org/docs/casa/
|
||||
|
@ -18,4 +18,4 @@ sources:
|
|||
- https://gluu.org/casa/
|
||||
- https://github.com/JanssenProject/jans/docker-jans-casa
|
||||
type: application
|
||||
version: 1.1.1
|
||||
version: 1.1.2
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# casa
|
||||
|
||||
![Version: 1.1.1](https://img.shields.io/badge/Version-1.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
|
||||
![Version: 1.1.2](https://img.shields.io/badge/Version-1.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
|
||||
|
||||
Jans Casa ("Casa") is a self-service web portal for end-users to manage authentication and authorization preferences for their account in a Jans Server.
|
||||
|
||||
|
@ -37,7 +37,7 @@ Kubernetes: `>=v1.21.0-0`
|
|||
| image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
|
||||
| image.pullSecrets | list | `[]` | Image Pull Secrets |
|
||||
| image.repository | string | `"janssenproject/casa"` | Image to use for deploying. |
|
||||
| image.tag | string | `"1.1.1-1"` | Image tag to use for deploying. |
|
||||
| image.tag | string | `"1.1.2-2"` | Image tag to use for deploying. |
|
||||
| lifecycle | object | `{}` | |
|
||||
| livenessProbe | object | `{"httpGet":{"path":"/jans-casa/health-check","port":"http-casa"},"initialDelaySeconds":25,"periodSeconds":25,"timeoutSeconds":5}` | Configure the liveness healthcheck for casa if needed. |
|
||||
| livenessProbe.httpGet.path | string | `"/jans-casa/health-check"` | http liveness probe endpoint |
|
||||
|
|
|
@ -85,8 +85,8 @@ Create JAVA_OPTIONS ENV for passing custom work and detailed logs
|
|||
{{ $custom := "" }}
|
||||
{{ $custom = printf "%s" .Values.global.casa.cnCustomJavaOptions }}
|
||||
{{ $memory := .Values.resources.limits.memory | replace "Mi" "" | int -}}
|
||||
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" $memory -}}
|
||||
{{- $xmx := printf "-Xmx%dm" (sub $memory 300) -}}
|
||||
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" ( mul (mulf $memory 0.41) 1 ) -}}
|
||||
{{- $xmx := printf "-Xmx%dm" (sub $memory (mulf $memory 0.49)) -}}
|
||||
{{- $customJavaOptions := printf "%s %s %s" $custom $maxDirectMemory $xmx -}}
|
||||
{{ $customJavaOptions | trim | quote }}
|
||||
{{- end }}
|
||||
|
|
|
@ -208,7 +208,7 @@ spec:
|
|||
secret:
|
||||
secretName: {{ .Release.Name }}-cb-pass
|
||||
items:
|
||||
# we are mostly need non-superuser couchbase password file here
|
||||
# we mostly need non-superuser couchbase password file here
|
||||
- key: couchbase_password
|
||||
path: couchbase_password
|
||||
{{- end }}
|
||||
|
|
|
@ -27,7 +27,7 @@ image:
|
|||
# -- Image to use for deploying.
|
||||
repository: janssenproject/casa
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 1.1.1-1
|
||||
tag: 1.1.2-2
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- Service replica number.
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
apiVersion: v2
|
||||
appVersion: 5.1.1
|
||||
appVersion: 5.1.2
|
||||
description: Istio Gateway
|
||||
home: https://docs.gluu.org/
|
||||
icon: https://gluu.org/docs/gluu-server/favicon.ico
|
||||
|
@ -16,4 +16,4 @@ sources:
|
|||
- https://gluu.org/docs/gluu-server/
|
||||
- https://github.com/GluuFederation/flex/tree/main/charts/gluu/charts/cn-istio-ingress
|
||||
type: application
|
||||
version: 5.1.1
|
||||
version: 5.1.2
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# cn-istio-ingress
|
||||
|
||||
![Version: 5.1.1](https://img.shields.io/badge/Version-5.1.1--dev-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
|
||||
![Version: 5.1.2](https://img.shields.io/badge/Version-5.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
|
||||
|
||||
Istio Gateway
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
apiVersion: v2
|
||||
appVersion: 5.1.1
|
||||
appVersion: 5.1.2
|
||||
description: Jans Config Api endpoints can be used to configure jans-auth-server,
|
||||
which is an open-source OpenID Connect Provider (OP) and UMA Authorization Server
|
||||
(AS)
|
||||
|
@ -19,4 +19,4 @@ sources:
|
|||
- https://github.com/JanssenProject/jans/docker-jans-config-api
|
||||
- https://github.com/GluuFederation/flex/tree/main/charts/gluu/charts/config-api
|
||||
type: application
|
||||
version: 1.1.1
|
||||
version: 1.1.2
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# config-api
|
||||
|
||||
![Version: 1.1.1](https://img.shields.io/badge/Version-1.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
|
||||
![Version: 1.1.2](https://img.shields.io/badge/Version-1.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
|
||||
|
||||
Jans Config Api endpoints can be used to configure jans-auth-server, which is an open-source OpenID Connect Provider (OP) and UMA Authorization Server (AS)
|
||||
|
||||
|
@ -39,7 +39,7 @@ Kubernetes: `>=v1.21.0-0`
|
|||
| image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
|
||||
| image.pullSecrets | list | `[]` | Image Pull Secrets |
|
||||
| image.repository | string | `"janssenproject/config-api"` | Image to use for deploying. |
|
||||
| image.tag | string | `"1.1.1-1"` | Image tag to use for deploying. |
|
||||
| image.tag | string | `"1.1.2-2"` | Image tag to use for deploying. |
|
||||
| lifecycle | object | `{}` | |
|
||||
| livenessProbe | object | `{"httpGet":{"path":"/jans-config-api/api/v1/health/live","port":8074},"initialDelaySeconds":30,"periodSeconds":30,"timeoutSeconds":5}` | Configure the liveness healthcheck for the auth server if needed. |
|
||||
| livenessProbe.httpGet | object | `{"path":"/jans-config-api/api/v1/health/live","port":8074}` | Executes the python3 healthcheck. |
|
||||
|
|
|
@ -75,8 +75,8 @@ Create JAVA_OPTIONS ENV for passing custom work and detailed logs
|
|||
{{- $cnCustomJavaOptions := index .Values.global "config-api" "cnCustomJavaOptions" }}
|
||||
{{- $custom := printf "%s" $cnCustomJavaOptions }}
|
||||
{{ $memory := .Values.resources.limits.memory | replace "Mi" "" | int -}}
|
||||
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" $memory -}}
|
||||
{{- $xmx := printf "-Xmx%dm" (sub $memory 300) -}}
|
||||
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" ( mul (mulf $memory 0.41) 1 ) -}}
|
||||
{{- $xmx := printf "-Xmx%dm" (sub $memory (mulf $memory 0.49)) -}}
|
||||
{{- $customJavaOptions := printf "%s %s %s" $custom $maxDirectMemory $xmx -}}
|
||||
{{ $customJavaOptions | trim | quote }}
|
||||
{{- end }}
|
||||
|
|
|
@ -195,7 +195,7 @@ spec:
|
|||
secret:
|
||||
secretName: {{ .Release.Name }}-cb-pass
|
||||
items:
|
||||
# we are mostly need non-superuser couchbase password file here
|
||||
# we mostly need non-superuser couchbase password file here
|
||||
- key: couchbase_password
|
||||
path: couchbase_password
|
||||
{{- end }}
|
||||
|
|
|
@ -31,7 +31,7 @@ image:
|
|||
# -- Image to use for deploying.
|
||||
repository: janssenproject/config-api
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 1.1.1-1
|
||||
tag: 1.1.2-2
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- Service replica number.
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
apiVersion: v2
|
||||
appVersion: 5.1.1
|
||||
appVersion: 5.1.2
|
||||
description: Configuration parameters for setup and initial configuration secret and
|
||||
config layers used by Gluu services.
|
||||
home: https://docs.gluu.org
|
||||
|
@ -18,4 +18,4 @@ sources:
|
|||
- https://github.com/JanssenProject/jans/docker-jans-configurator
|
||||
- https://github.com/GluuFederation/flex/tree/main/charts/gluu/charts/config
|
||||
type: application
|
||||
version: 1.1.1
|
||||
version: 1.1.2
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# config
|
||||
|
||||
![Version: 1.1.1](https://img.shields.io/badge/Version-1.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
|
||||
![Version: 1.1.2](https://img.shields.io/badge/Version-1.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
|
||||
|
||||
Configuration parameters for setup and initial configuration secret and config layers used by Gluu services.
|
||||
|
||||
|
@ -105,7 +105,7 @@ Kubernetes: `>=v1.21.0-0`
|
|||
| fullNameOverride | string | `""` | |
|
||||
| image.pullSecrets | list | `[]` | Image Pull Secrets |
|
||||
| image.repository | string | `"janssenproject/configurator"` | Image to use for deploying. |
|
||||
| image.tag | string | `"1.1.1-1"` | Image tag to use for deploying. |
|
||||
| image.tag | string | `"1.1.2-2"` | Image tag to use for deploying. |
|
||||
| ldapPassword | string | `"P@ssw0rds"` | LDAP admin password if OpennDJ is used for persistence. |
|
||||
| ldapTruststorePassword | string | `"changeit"` | LDAP truststore password if OpenDJ is used for persistence |
|
||||
| lifecycle | object | `{}` | |
|
||||
|
|
|
@ -81,9 +81,11 @@ spec:
|
|||
secret:
|
||||
secretName: {{ .Release.Name }}-cb-pass
|
||||
items:
|
||||
# we are mostly need non-superuser couchbase password file here
|
||||
# we mostly need non-superuser couchbase password file here
|
||||
- key: couchbase_password
|
||||
path: couchbase_password
|
||||
- key: couchbase_superuser_password
|
||||
path: couchbase_superuser_password
|
||||
{{- end }}
|
||||
{{- if or (eq .Values.global.cnPersistenceType "sql") (eq .Values.global.cnPersistenceType "hybrid") }}
|
||||
- name: sql-pass
|
||||
|
@ -147,6 +149,9 @@ spec:
|
|||
- name: cb-pass
|
||||
mountPath: {{ .Values.global.cnCouchbasePasswordFile }}
|
||||
subPath: couchbase_password
|
||||
- name: cb-pass
|
||||
mountPath: {{ .Values.global.cnCouchbaseSuperuserPasswordFile }}
|
||||
subPath: couchbase_superuser_password
|
||||
{{- end }}
|
||||
{{- if or (eq .Values.global.cnPersistenceType "ldap") (eq .Values.global.cnPersistenceType "hybrid") }}
|
||||
- name: ldap-pass
|
||||
|
|
|
@ -176,7 +176,7 @@ image:
|
|||
# -- Image to use for deploying.
|
||||
repository: janssenproject/configurator
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 1.1.1-1
|
||||
tag: 1.1.2-2
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- LDAP admin password if OpennDJ is used for persistence.
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
apiVersion: v2
|
||||
appVersion: 5.1.1
|
||||
appVersion: 5.1.2
|
||||
description: FIDO 2.0 (FIDO2) is an open authentication standard that enables leveraging
|
||||
common devices to authenticate to online services in both mobile and desktop environments.
|
||||
home: https://docs.gluu.org/
|
||||
|
@ -19,4 +19,4 @@ sources:
|
|||
- https://github.com/JanssenProject/jans/docker-jans-fido2
|
||||
- https://github.com/GluuFederation/flex/tree/main/charts/gluu/charts/fido2
|
||||
type: application
|
||||
version: 1.1.1
|
||||
version: 1.1.2
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# fido2
|
||||
|
||||
![Version: 1.1.1](https://img.shields.io/badge/Version-1.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
|
||||
![Version: 1.1.2](https://img.shields.io/badge/Version-1.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
|
||||
|
||||
FIDO 2.0 (FIDO2) is an open authentication standard that enables leveraging common devices to authenticate to online services in both mobile and desktop environments.
|
||||
|
||||
|
@ -38,7 +38,7 @@ Kubernetes: `>=v1.21.0-0`
|
|||
| image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
|
||||
| image.pullSecrets | list | `[]` | Image Pull Secrets |
|
||||
| image.repository | string | `"janssenproject/fido2"` | Image to use for deploying. |
|
||||
| image.tag | string | `"1.1.1-1"` | Image tag to use for deploying. |
|
||||
| image.tag | string | `"1.1.2-2"` | Image tag to use for deploying. |
|
||||
| lifecycle | object | `{}` | |
|
||||
| livenessProbe | object | `{"httpGet":{"path":"/jans-fido2/sys/health-check","port":"http-fido2"},"initialDelaySeconds":25,"periodSeconds":25,"timeoutSeconds":5}` | Configure the liveness healthcheck for the fido2 if needed. |
|
||||
| livenessProbe.httpGet | object | `{"path":"/jans-fido2/sys/health-check","port":"http-fido2"}` | http liveness probe endpoint |
|
||||
|
|
|
@ -74,8 +74,8 @@ Create JAVA_OPTIONS ENV for passing custom work and detailed logs
|
|||
{{ $custom := "" }}
|
||||
{{ $custom = printf "%s" .Values.global.fido2.cnCustomJavaOptions }}
|
||||
{{ $memory := .Values.resources.limits.memory | replace "Mi" "" | int -}}
|
||||
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" $memory -}}
|
||||
{{- $xmx := printf "-Xmx%dm" (sub $memory 300) -}}
|
||||
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" ( mul (mulf $memory 0.41) 1 ) -}}
|
||||
{{- $xmx := printf "-Xmx%dm" (sub $memory (mulf $memory 0.49)) -}}
|
||||
{{- $customJavaOptions := printf "%s %s %s" $custom $maxDirectMemory $xmx -}}
|
||||
{{ $customJavaOptions | trim | quote }}
|
||||
{{- end }}
|
||||
|
|
|
@ -210,7 +210,7 @@ spec:
|
|||
secret:
|
||||
secretName: {{ .Release.Name }}-cb-pass
|
||||
items:
|
||||
# we are mostly need non-superuser couchbase password file here
|
||||
# we mostly need non-superuser couchbase password file here
|
||||
- key: couchbase_password
|
||||
path: couchbase_password
|
||||
{{- end }}
|
||||
|
|
|
@ -29,7 +29,7 @@ image:
|
|||
# -- Image to use for deploying.
|
||||
repository: janssenproject/fido2
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 1.1.1-1
|
||||
tag: 1.1.2-2
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- Service replica number.
|
||||
|
|
|
@ -0,0 +1,21 @@
|
|||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
|
@ -0,0 +1,18 @@
|
|||
apiVersion: v2
|
||||
appVersion: 1.1.2
|
||||
description: Responsible for synchronizing Keycloak SAML clients
|
||||
home: https://jans.io
|
||||
icon: https://github.com/JanssenProject/jans/raw/main/docs/assets/logo/janssen_project_favicon_transparent_50px_50px.png
|
||||
keywords:
|
||||
- Keycloak
|
||||
- SAML
|
||||
kubeVersion: '>=v1.22.0-0'
|
||||
maintainers:
|
||||
- email: support@jans.io
|
||||
name: Mohammad Abudayyeh
|
||||
url: https://github.com/moabu
|
||||
name: kc-scheduler
|
||||
sources:
|
||||
- https://github.com/JanssenProject/jans/docker-jans-kc-scheduler
|
||||
type: application
|
||||
version: 1.1.2
|
|
@ -0,0 +1,50 @@
|
|||
# kc-scheduler
|
||||
|
||||
![Version: 1.1.2](https://img.shields.io/badge/Version-1.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.1.2](https://img.shields.io/badge/AppVersion-1.1.2-informational?style=flat-square)
|
||||
|
||||
Responsible for synchronizing Keycloak SAML clients
|
||||
|
||||
**Homepage:** <https://jans.io>
|
||||
|
||||
## Maintainers
|
||||
|
||||
| Name | Email | Url |
|
||||
| ---- | ------ | --- |
|
||||
| Mohammad Abudayyeh | <support@jans.io> | <https://github.com/moabu> |
|
||||
|
||||
## Source Code
|
||||
|
||||
* <https://github.com/JanssenProject/jans/docker-jans-kc-scheduler>
|
||||
|
||||
## Requirements
|
||||
|
||||
Kubernetes: `>=v1.22.0-0`
|
||||
|
||||
## Values
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| additionalAnnotations | object | `{}` | Additional annotations that will be added across the gateway in the format of {cert-manager.io/issuer: "letsencrypt-prod"} |
|
||||
| additionalLabels | object | `{}` | Additional labels that will be added across the gateway in the format of {mylabel: "myapp"} |
|
||||
| customScripts | list | `[]` | Add custom scripts that have been mounted to run before the entrypoint. - /tmp/custom.sh - /tmp/custom2.sh |
|
||||
| dnsConfig | object | `{}` | Add custom dns config |
|
||||
| dnsPolicy | string | `""` | Add custom dns policy |
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
|
||||
| image.pullSecrets | list | `[]` | Image Pull Secrets |
|
||||
| image.repository | string | `"ghcr.io/janssenproject/jans/kc-scheduler"` | Image to use for deploying. |
|
||||
| image.tag | string | `"1.1.2-2"` | Image tag to use for deploying. |
|
||||
| interval | int | `10` | Interval of running the scheduler (in minutes) |
|
||||
| lifecycle | object | `{}` | |
|
||||
| resources | object | `{"limits":{"cpu":"300m","memory":"300Mi"},"requests":{"cpu":"300m","memory":"300Mi"}}` | Resource specs. |
|
||||
| resources.limits.cpu | string | `"300m"` | CPU limit. |
|
||||
| resources.limits.memory | string | `"300Mi"` | Memory limit. |
|
||||
| resources.requests.cpu | string | `"300m"` | CPU request. |
|
||||
| resources.requests.memory | string | `"300Mi"` | Memory request. |
|
||||
| usrEnvs | object | `{"normal":{},"secret":{}}` | Add custom normal and secret envs to the service |
|
||||
| usrEnvs.normal | object | `{}` | Add custom normal envs to the service variable1: value1 |
|
||||
| usrEnvs.secret | object | `{}` | Add custom secret envs to the service variable1: value1 |
|
||||
| volumeMounts | list | `[]` | Configure any additional volumesMounts that need to be attached to the containers |
|
||||
| volumes | list | `[]` | Configure any additional volumes that need to be attached to the pod |
|
||||
|
||||
----------------------------------------------
|
||||
Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0)
|
|
@ -0,0 +1,68 @@
|
|||
{{/* vim: set filetype=mustache: */}}
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "kc-scheduler.name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "kc-scheduler.fullname" -}}
|
||||
{{- if .Values.fullnameOverride -}}
|
||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
||||
{{- if contains $name .Release.Name -}}
|
||||
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "kc-scheduler.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Common labels
|
||||
*/}}
|
||||
{{- define "kc-scheduler.labels" -}}
|
||||
app: {{ .Release.Name }}-{{ include "kc-scheduler.name" . }}
|
||||
helm.sh/chart: {{ include "kc-scheduler.chart" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- if .Chart.AppVersion }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
|
||||
{{- end }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create user custom defined envs
|
||||
*/}}
|
||||
{{- define "kc-scheduler.usr-envs"}}
|
||||
{{- range $key, $val := .Values.usrEnvs.normal }}
|
||||
- name: {{ $key }}
|
||||
value: {{ $val | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create user custom defined secret envs
|
||||
*/}}
|
||||
{{- define "kc-scheduler.usr-secret-envs"}}
|
||||
{{- range $key, $val := .Values.usrEnvs.secret }}
|
||||
- name: {{ $key }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ $.Release.Name }}-{{ $.Chart.Name }}-user-custom-envs
|
||||
key: {{ $key | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,196 @@
|
|||
{ if and (index .Values "global" "kc-scheduler" "enabled") (.Values.global.saml.enabled) -}}
|
||||
kind: CronJob
|
||||
apiVersion: batch/v1
|
||||
metadata:
|
||||
name: {{ include "kc-scheduler.fullname" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
APP_NAME: kc-scheduler
|
||||
release: {{ .Release.Name }}
|
||||
{{ include "kc-scheduler.labels" . | indent 4 }}
|
||||
{{- if .Values.additionalLabels }}
|
||||
{{ toYaml .Values.additionalLabels | indent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.additionalAnnotations }}
|
||||
annotations:
|
||||
{{ toYaml .Values.additionalAnnotations | indent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
schedule: "@every {{ .Values.interval }}m"
|
||||
concurrencyPolicy: Forbid
|
||||
jobTemplate:
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
annotations:
|
||||
sidecar.istio.io/inject: "false"
|
||||
spec:
|
||||
{{- with .Values.image.pullSecrets }}
|
||||
imagePullSecrets:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
dnsPolicy: {{ .Values.dnsPolicy | quote }}
|
||||
{{- with .Values.dnsConfig }}
|
||||
dnsConfig:
|
||||
{{ toYaml . | indent 12 }}
|
||||
{{- end }}
|
||||
containers:
|
||||
- name: {{ include "kc-scheduler.name" . }}
|
||||
{{- if .Values.customScripts }}
|
||||
command:
|
||||
- /bin/sh
|
||||
- -c
|
||||
- |
|
||||
{{- with .Values.customScripts }}
|
||||
{{- toYaml . | replace "- " "" | nindent 20}}
|
||||
{{- end }}
|
||||
/app/scripts/entrypoint.sh
|
||||
{{- end}}
|
||||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
|
||||
env:
|
||||
{{- include "kc-scheduler.usr-envs" . | indent 16 }}
|
||||
{{- include "kc-scheduler.usr-secret-envs" . | indent 16 }}
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
||||
lifecycle:
|
||||
{{- toYaml .Values.lifecycle | nindent 16 }}
|
||||
volumeMounts:
|
||||
{{ if or (eq .Values.global.configSecretAdapter "aws") (eq .Values.global.configAdapterName "aws") }}
|
||||
- mountPath: {{ .Values.global.cnAwsSharedCredentialsFile }}
|
||||
name: aws-shared-credential-file
|
||||
subPath: aws_shared_credential_file
|
||||
- mountPath: {{ .Values.global.cnAwsConfigFile }}
|
||||
name: aws-config-file
|
||||
subPath: aws_config_file
|
||||
- mountPath: {{ .Values.global.cnAwsSecretsReplicaRegionsFile }}
|
||||
name: aws-secrets-replica-regions
|
||||
subPath: aws_secrets_replica_regions
|
||||
{{- end }}
|
||||
{{ if or (eq .Values.global.configSecretAdapter "google") (eq .Values.global.cnPersistenceType "spanner") }}
|
||||
- mountPath: {{ .Values.global.cnGoogleApplicationCredentials }}
|
||||
name: google-sa
|
||||
subPath: google-credentials.json
|
||||
{{- end }}
|
||||
{{ if eq .Values.global.configSecretAdapter "vault" }}
|
||||
- name: vault
|
||||
mountPath: /etc/certs/vault_role_id
|
||||
subPath: vault_role_id
|
||||
- name: vault
|
||||
mountPath: /etc/certs/vault_secret_id
|
||||
subPath: vault_secret_id
|
||||
{{- end }}
|
||||
{{- with .Values.volumeMounts }}
|
||||
{{- toYaml . | nindent 16 }}
|
||||
{{- end }}
|
||||
{{- if or (eq .Values.global.cnPersistenceType "couchbase") (eq .Values.global.cnPersistenceType "hybrid") }}
|
||||
{{- if not .Values.global.istio.enabled }}
|
||||
- name: cb-crt
|
||||
mountPath: "/etc/certs/couchbase.crt"
|
||||
subPath: couchbase.crt
|
||||
{{- end }}
|
||||
- name: cb-pass
|
||||
mountPath: {{ .Values.global.cnCouchbasePasswordFile }}
|
||||
subPath: couchbase_password
|
||||
{{- end }}
|
||||
{{- if or (eq .Values.global.cnPersistenceType "sql") (eq .Values.global.cnPersistenceType "hybrid") }}
|
||||
- name: sql-pass
|
||||
mountPath: {{ .Values.global.cnSqlPasswordFile }}
|
||||
subPath: sql_password
|
||||
{{- end }}
|
||||
{{- if or (eq .Values.global.cnPersistenceType "ldap") (eq .Values.global.cnPersistenceType "hybrid") }}
|
||||
- name: ldap-pass
|
||||
mountPath: {{ .Values.global.cnLdapPasswordFile }}
|
||||
subPath: ldap_password
|
||||
{{- end }}
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: {{ .Release.Name }}-config-cm
|
||||
{{ if .Values.global.usrEnvs.secret }}
|
||||
- secretRef:
|
||||
name: {{ .Release.Name }}-global-user-custom-envs
|
||||
{{- end }}
|
||||
{{ if .Values.global.usrEnvs.normal }}
|
||||
- configMapRef:
|
||||
name: {{ .Release.Name }}-global-user-custom-envs
|
||||
{{- end }}
|
||||
{{- if and ( .Values.global.opendj.enabled ) (or (eq .Values.global.storageClass.provisioner "microk8s.io/hostpath" ) (eq .Values.global.storageClass.provisioner "k8s.io/minikube-hostpath")) }}
|
||||
resources: {}
|
||||
{{- else if .Values.global.cloud.testEnviroment }}
|
||||
resources: {}
|
||||
{{- else }}
|
||||
resources:
|
||||
{{- toYaml .Values.resources | nindent 16 }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
{{- with .Values.volumes }}
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
{{ if or (eq .Values.global.configSecretAdapter "aws") (eq .Values.global.configAdapterName "aws") }}
|
||||
- name: aws-shared-credential-file
|
||||
secret:
|
||||
secretName: {{ .Release.Name }}-aws-config-creds
|
||||
items:
|
||||
- key: aws_shared_credential_file
|
||||
path: aws_shared_credential_file
|
||||
- name: aws-config-file
|
||||
secret:
|
||||
secretName: {{ .Release.Name }}-aws-config-creds
|
||||
items:
|
||||
- key: aws_config_file
|
||||
path: aws_config_file
|
||||
- name: aws-secrets-replica-regions
|
||||
secret:
|
||||
secretName: {{ .Release.Name }}-aws-config-creds
|
||||
items:
|
||||
- key: aws_secrets_replica_regions
|
||||
path: aws_secrets_replica_regions
|
||||
{{- end }}
|
||||
{{ if or (eq .Values.global.configSecretAdapter "google") (eq .Values.global.cnPersistenceType "spanner") }}
|
||||
- name: google-sa
|
||||
secret:
|
||||
secretName: {{ .Release.Name }}-google-sa
|
||||
{{- end }}
|
||||
{{ if eq .Values.global.configSecretAdapter "vault" }}
|
||||
- name: vault
|
||||
secret:
|
||||
secretName: {{ .Release.Name }}-vault
|
||||
items:
|
||||
- key: vault_role_id
|
||||
path: vault_role_id
|
||||
- key: vault_secret_id
|
||||
path: vault_secret_id
|
||||
{{- end }}
|
||||
{{- if or (eq .Values.global.cnPersistenceType "couchbase") (eq .Values.global.cnPersistenceType "hybrid") }}
|
||||
{{- if not .Values.global.istio.enabled }}
|
||||
- name: cb-crt
|
||||
secret:
|
||||
secretName: {{ .Release.Name }}-cb-crt
|
||||
{{- end }}
|
||||
- name: cb-pass
|
||||
secret:
|
||||
secretName: {{ .Release.Name }}-cb-pass
|
||||
items:
|
||||
# we are mostly need non-superuser couchbase password file here
|
||||
- key: couchbase_password
|
||||
path: couchbase_password
|
||||
{{- end }}
|
||||
{{- if or (eq .Values.global.cnPersistenceType "sql") (eq .Values.global.cnPersistenceType "hybrid") }}
|
||||
- name: sql-pass
|
||||
secret:
|
||||
secretName: {{ .Release.Name }}-sql-pass
|
||||
{{- end }}
|
||||
{{- if or (eq .Values.global.cnPersistenceType "ldap") (eq .Values.global.cnPersistenceType "hybrid") }}
|
||||
- name: ldap-pass
|
||||
secret:
|
||||
secretName: {{ .Release.Name }}-ldap-pass
|
||||
items:
|
||||
- key: ldap_password
|
||||
path: ldap_password
|
||||
{{- end }}
|
||||
restartPolicy: Never
|
||||
{{- if not .Values.global.isFqdnRegistered }}
|
||||
hostAliases:
|
||||
- ip: {{ .Values.global.lbIp }}
|
||||
hostnames:
|
||||
- {{ .Values.global.fqdn }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,25 @@
|
|||
{{- if .Values.global.istio.enabled }}
|
||||
# License terms and conditions:
|
||||
# https://www.apache.org/licenses/LICENSE-2.0
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ include "kc-scheduler.fullname" . }}
|
||||
labels:
|
||||
{{ include "kc-scheduler.labels" . | indent 4 }}
|
||||
{{- if .Values.additionalLabels }}
|
||||
{{ toYaml .Values.additionalLabels | indent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.additionalAnnotations }}
|
||||
annotations:
|
||||
{{ toYaml .Values.additionalAnnotations | indent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
ports:
|
||||
- name: http
|
||||
port: 80
|
||||
targetPort: 8080
|
||||
selector:
|
||||
app: {{ .Release.Name }}-{{ include "kc-scheduler.name" . }}
|
||||
type: ClusterIP
|
||||
{{- end }}
|
|
@ -0,0 +1,20 @@
|
|||
{{ if .Values.usrEnvs.secret }}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ .Release.Name }}-{{ .Chart.Name }}-user-custom-envs
|
||||
labels:
|
||||
{{ include "kc-scheduler.labels" . | indent 4 }}
|
||||
{{- if .Values.additionalLabels }}
|
||||
{{ toYaml .Values.additionalLabels | indent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.additionalAnnotations }}
|
||||
annotations:
|
||||
{{ toYaml .Values.additionalAnnotations | indent 4 }}
|
||||
{{- end }}
|
||||
type: Opaque
|
||||
data:
|
||||
{{- range $key, $val := .Values.usrEnvs.secret }}
|
||||
{{ $key }}: {{ $val | b64enc }}
|
||||
{{- end}}
|
||||
{{- end}}
|
|
@ -0,0 +1,54 @@
|
|||
# -- Add custom normal and secret envs to the service
|
||||
usrEnvs:
|
||||
# -- Add custom normal envs to the service
|
||||
# variable1: value1
|
||||
normal: {}
|
||||
# -- Add custom secret envs to the service
|
||||
# variable1: value1
|
||||
secret: {}
|
||||
# -- Add custom dns policy
|
||||
dnsPolicy: ""
|
||||
# -- Add custom dns config
|
||||
dnsConfig: {}
|
||||
image:
|
||||
# -- Image pullPolicy to use for deploying.
|
||||
pullPolicy: IfNotPresent
|
||||
# -- Image to use for deploying.
|
||||
repository: ghcr.io/janssenproject/jans/kc-scheduler
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 1.1.2-2
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- Resource specs.
|
||||
resources:
|
||||
limits:
|
||||
# -- CPU limit.
|
||||
cpu: 300m
|
||||
# -- Memory limit.
|
||||
memory: 300Mi
|
||||
requests:
|
||||
# -- CPU request.
|
||||
cpu: 300m
|
||||
# -- Memory request.
|
||||
memory: 300Mi
|
||||
# -- Interval of running the scheduler (in minutes)
|
||||
interval: 10
|
||||
# -- Configure any additional volumes that need to be attached to the pod
|
||||
volumes: []
|
||||
# -- Configure any additional volumesMounts that need to be attached to the containers
|
||||
volumeMounts: []
|
||||
# Actions on lifecycle events such as postStart and preStop
|
||||
# Example
|
||||
# lifecycle:
|
||||
# postStart:
|
||||
# exec:
|
||||
# command: ["sh", "-c", "mkdir /opt/jans/jetty/jans-auth/custom/static/stylesheet/"]
|
||||
lifecycle: {}
|
||||
# -- Additional labels that will be added across the gateway in the format of {mylabel: "myapp"}
|
||||
additionalLabels: { }
|
||||
# -- Additional annotations that will be added across the gateway in the format of {cert-manager.io/issuer: "letsencrypt-prod"}
|
||||
additionalAnnotations: {}
|
||||
# -- Add custom scripts that have been mounted to run before the entrypoint.
|
||||
# - /tmp/custom.sh
|
||||
# - /tmp/custom2.sh
|
||||
customScripts: []
|
|
@ -1,5 +1,5 @@
|
|||
apiVersion: v2
|
||||
appVersion: 5.1.1
|
||||
appVersion: 5.1.2
|
||||
description: Jans Link
|
||||
home: https://jans.io
|
||||
icon: https://github.com/JanssenProject/jans/raw/main/docs/assets/logo/janssen_project_favicon_transparent_50px_50px.png
|
||||
|
@ -15,4 +15,4 @@ sources:
|
|||
- https://github.com/JanssenProject/jans/jans-link
|
||||
- https://github.com/JanssenProject/jans/docker-jans-link
|
||||
type: application
|
||||
version: 1.1.1
|
||||
version: 1.1.2
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# link
|
||||
|
||||
![Version: 1.1.1](https://img.shields.io/badge/Version-1.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
|
||||
![Version: 1.1.2](https://img.shields.io/badge/Version-1.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
|
||||
|
||||
Jans Link
|
||||
|
||||
|
@ -38,7 +38,7 @@ Kubernetes: `>=v1.22.0-0`
|
|||
| image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
|
||||
| image.pullSecrets | list | `[]` | Image Pull Secrets |
|
||||
| image.repository | string | `"ghcr.io/janssenproject/jans/link"` | Image to use for deploying. |
|
||||
| image.tag | string | `"1.1.1-1"` | Image tag to use for deploying. |
|
||||
| image.tag | string | `"1.1.2-2"` | Image tag to use for deploying. |
|
||||
| lifecycle | object | `{}` | |
|
||||
| livenessProbe | object | `{"exec":{"command":["python3","/app/scripts/healthcheck.py"]},"initialDelaySeconds":30,"periodSeconds":30,"timeoutSeconds":5}` | Configure the liveness healthcheck for the link if needed. |
|
||||
| livenessProbe.exec | object | `{"command":["python3","/app/scripts/healthcheck.py"]}` | Executes the python3 healthcheck. |
|
||||
|
|
|
@ -74,8 +74,8 @@ Create JAVA_OPTIONS ENV for passing custom work and detailed logs
|
|||
{{ $custom := "" }}
|
||||
{{ $custom = printf "%s" .Values.global.link.cnCustomJavaOptions }}
|
||||
{{ $memory := .Values.resources.limits.memory | replace "Mi" "" | int -}}
|
||||
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" $memory -}}
|
||||
{{- $xmx := printf "-Xmx%dm" (sub $memory 300) -}}
|
||||
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" ( mul (mulf $memory 0.41) 1 ) -}}
|
||||
{{- $xmx := printf "-Xmx%dm" (sub $memory (mulf $memory 0.49)) -}}
|
||||
{{- $customJavaOptions := printf "%s %s %s" $custom $maxDirectMemory $xmx -}}
|
||||
{{ $customJavaOptions | trim | quote }}
|
||||
{{- end }}
|
||||
|
|
|
@ -194,7 +194,7 @@ spec:
|
|||
secret:
|
||||
secretName: {{ .Release.Name }}-cb-pass
|
||||
items:
|
||||
# we are mostly need non-superuser couchbase password file here
|
||||
# we mostly need non-superuser couchbase password file here
|
||||
- key: couchbase_password
|
||||
path: couchbase_password
|
||||
{{- end }}
|
||||
|
|
|
@ -31,7 +31,7 @@ image:
|
|||
# -- Image to use for deploying.
|
||||
repository: ghcr.io/janssenproject/jans/link
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 1.1.1-1
|
||||
tag: 1.1.2-2
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- Service replica number.
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
apiVersion: v2
|
||||
appVersion: 5.1.1
|
||||
appVersion: 5.1.2
|
||||
description: Nginx ingress definitions chart
|
||||
home: https://docs.gluu.org
|
||||
icon: https://gluu.org/docs/gluu-server/favicon.ico
|
||||
|
@ -17,4 +17,4 @@ sources:
|
|||
- https://kubernetes.io/docs/concepts/services-networking/ingress/
|
||||
- https://github.com/GluuFederation/flex/tree/main/charts/gluu/charts/nginx-ingress
|
||||
type: application
|
||||
version: 5.1.1
|
||||
version: 5.1.2
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# nginx-ingress
|
||||
|
||||
![Version: 5.1.1](https://img.shields.io/badge/Version-5.1.1--dev-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
|
||||
![Version: 5.1.2](https://img.shields.io/badge/Version-5.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
|
||||
|
||||
Nginx ingress definitions chart
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
apiVersion: v2
|
||||
appVersion: 5.1.1
|
||||
appVersion: 5.1.2
|
||||
description: OpenDJ is a directory server which implements a wide range of Lightweight
|
||||
Directory Access Protocol and related standards, including full compliance with
|
||||
LDAPv3 but also support for Directory Service Markup Language (DSMLv2).Written in
|
||||
|
@ -19,4 +19,4 @@ sources:
|
|||
- https://github.com/GluuFederation/docker-opendj
|
||||
- https://github.com/GluuFederation/flex/tree/main/charts/gluu/charts/opendj
|
||||
type: application
|
||||
version: 5.1.1
|
||||
version: 5.1.2
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# opendj
|
||||
|
||||
![Version: 5.1.1](https://img.shields.io/badge/Version-5.1.1--dev-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
|
||||
![Version: 5.1.2](https://img.shields.io/badge/Version-5.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
|
||||
|
||||
OpenDJ is a directory server which implements a wide range of Lightweight Directory Access Protocol and related standards, including full compliance with LDAPv3 but also support for Directory Service Markup Language (DSMLv2).Written in Java, OpenDJ offers multi-master replication, access control, and many extensions.
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
apiVersion: v2
|
||||
appVersion: 5.1.1
|
||||
appVersion: 5.1.2
|
||||
description: Job to generate data and initial config for Gluu Server persistence layer.
|
||||
home: https://docs.gluu.org
|
||||
icon: https://gluu.org/docs/gluu-server/favicon.ico
|
||||
|
@ -15,4 +15,4 @@ sources:
|
|||
- https://github.com/JanssenProject/jans/docker-jans-persistence-loader
|
||||
- https://github.com/GluuFederation/flex/tree/main/charts/gluu/charts/persistence
|
||||
type: application
|
||||
version: 1.1.1
|
||||
version: 1.1.2
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# persistence
|
||||
|
||||
![Version: 1.1.1](https://img.shields.io/badge/Version-1.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
|
||||
![Version: 1.1.2](https://img.shields.io/badge/Version-1.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
|
||||
|
||||
Job to generate data and initial config for Gluu Server persistence layer.
|
||||
|
||||
|
@ -34,7 +34,7 @@ Kubernetes: `>=v1.21.0-0`
|
|||
| image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
|
||||
| image.pullSecrets | list | `[]` | Image Pull Secrets |
|
||||
| image.repository | string | `"janssenproject/persistence"` | Image to use for deploying. |
|
||||
| image.tag | string | `"1.1.1-1"` | Image tag to use for deploying. |
|
||||
| image.tag | string | `"1.1.2-2"` | Image tag to use for deploying. |
|
||||
| imagePullSecrets | list | `[]` | |
|
||||
| lifecycle | object | `{}` | |
|
||||
| nameOverride | string | `""` | |
|
||||
|
|
|
@ -18,7 +18,7 @@ image:
|
|||
# -- Image to use for deploying.
|
||||
repository: janssenproject/persistence
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 1.1.1-1
|
||||
tag: 1.1.2-2
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- Resource specs.
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
apiVersion: v2
|
||||
appVersion: 5.1.1
|
||||
appVersion: 5.1.2
|
||||
description: Jans SAML
|
||||
home: https://jans.io
|
||||
icon: https://github.com/JanssenProject/jans/raw/main/docs/assets/logo/janssen_project_favicon_transparent_50px_50px.png
|
||||
|
@ -15,4 +15,4 @@ name: saml
|
|||
sources:
|
||||
- https://github.com/JanssenProject/jans/docker-jans-saml
|
||||
type: application
|
||||
version: 1.1.1
|
||||
version: 1.1.2
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# saml
|
||||
|
||||
![Version: 1.1.1](https://img.shields.io/badge/Version-1.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
|
||||
![Version: 1.1.2](https://img.shields.io/badge/Version-1.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
|
||||
|
||||
Jans SAML
|
||||
|
||||
|
@ -36,7 +36,7 @@ Kubernetes: `>=v1.21.0-0`
|
|||
| image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
|
||||
| image.pullSecrets | list | `[]` | Image Pull Secrets |
|
||||
| image.repository | string | `"janssenproject/saml"` | Image to use for deploying. |
|
||||
| image.tag | string | `"1.1.1-1"` | Image tag to use for deploying. |
|
||||
| image.tag | string | `"1.1.2-2"` | Image tag to use for deploying. |
|
||||
| lifecycle | object | `{}` | |
|
||||
| livenessProbe | object | `{"exec":{"command":["python3","/app/scripts/healthcheck.py"]},"failureThreshold":10,"initialDelaySeconds":30,"periodSeconds":30,"timeoutSeconds":5}` | Configure the liveness healthcheck for saml if needed. |
|
||||
| livenessProbe.exec | object | `{"command":["python3","/app/scripts/healthcheck.py"]}` | Executes the python3 healthcheck. |
|
||||
|
|
|
@ -85,8 +85,8 @@ Create JAVA_OPTIONS ENV for passing custom work and detailed logs
|
|||
{{ $custom := "" }}
|
||||
{{ $custom = printf "%s" .Values.global.saml.cnCustomJavaOptions }}
|
||||
{{ $memory := .Values.resources.limits.memory | replace "Mi" "" | int -}}
|
||||
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" $memory -}}
|
||||
{{- $xmx := printf "-Xmx%dm" (sub $memory 300) -}}
|
||||
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" ( mul (mulf $memory 0.41) 1 ) -}}
|
||||
{{- $xmx := printf "-Xmx%dm" (sub $memory (mulf $memory 0.49)) -}}
|
||||
{{- $customJavaOptions := printf "%s %s %s" $custom $maxDirectMemory $xmx -}}
|
||||
{{ $customJavaOptions | trim | quote }}
|
||||
{{- end }}
|
||||
|
|
|
@ -214,7 +214,7 @@ spec:
|
|||
secret:
|
||||
secretName: {{ .Release.Name }}-cb-pass
|
||||
items:
|
||||
# we are mostly need non-superuser couchbase password file here
|
||||
# we mostly need non-superuser couchbase password file here
|
||||
- key: couchbase_password
|
||||
path: couchbase_password
|
||||
{{- end }}
|
||||
|
|
|
@ -27,7 +27,7 @@ image:
|
|||
# -- Image to use for deploying.
|
||||
repository: janssenproject/saml
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 1.1.1-1
|
||||
tag: 1.1.2-2
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- Service replica number.
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
apiVersion: v2
|
||||
appVersion: 5.1.1
|
||||
appVersion: 5.1.2
|
||||
description: System for Cross-domain Identity Management (SCIM) version 2.0
|
||||
home: https://docs.gluu.org
|
||||
icon: https://gluu.org/docs/gluu-server/favicon.ico
|
||||
|
@ -17,4 +17,4 @@ sources:
|
|||
- https://github.com/JanssenProject/jans/docker-jans-scim
|
||||
- https://github.com/GluuFederation/flex/tree/main/charts/gluu/charts/scim
|
||||
type: application
|
||||
version: 1.1.1
|
||||
version: 1.1.2
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
# scim
|
||||
|
||||
![Version: 1.1.1](https://img.shields.io/badge/Version-1.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.1](https://img.shields.io/badge/AppVersion-5.1.1-informational?style=flat-square)
|
||||
![Version: 1.1.2](https://img.shields.io/badge/Version-1.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.1.2](https://img.shields.io/badge/AppVersion-5.1.2-informational?style=flat-square)
|
||||
|
||||
System for Cross-domain Identity Management (SCIM) version 2.0
|
||||
|
||||
|
@ -37,7 +37,7 @@ Kubernetes: `>=v1.21.0-0`
|
|||
| image.pullPolicy | string | `"IfNotPresent"` | Image pullPolicy to use for deploying. |
|
||||
| image.pullSecrets | list | `[]` | Image Pull Secrets |
|
||||
| image.repository | string | `"janssenproject/scim"` | Image to use for deploying. |
|
||||
| image.tag | string | `"1.1.1-1"` | Image tag to use for deploying. |
|
||||
| image.tag | string | `"1.1.2-2"` | Image tag to use for deploying. |
|
||||
| lifecycle | object | `{}` | |
|
||||
| livenessProbe | object | `{"httpGet":{"path":"/jans-scim/sys/health-check","port":8080},"initialDelaySeconds":30,"periodSeconds":30,"timeoutSeconds":5}` | Configure the liveness healthcheck for SCIM if needed. |
|
||||
| livenessProbe.httpGet.path | string | `"/jans-scim/sys/health-check"` | http liveness probe endpoint |
|
||||
|
|
|
@ -74,8 +74,8 @@ Create JAVA_OPTIONS ENV for passing custom work and detailed logs
|
|||
{{ $custom := "" }}
|
||||
{{ $custom = printf "%s" .Values.global.scim.cnCustomJavaOptions }}
|
||||
{{ $memory := .Values.resources.limits.memory | replace "Mi" "" | int -}}
|
||||
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" $memory -}}
|
||||
{{- $xmx := printf "-Xmx%dm" (sub $memory 300) -}}
|
||||
{{- $maxDirectMemory := printf "-XX:MaxDirectMemorySize=%dm" ( mul (mulf $memory 0.41) 1 ) -}}
|
||||
{{- $xmx := printf "-Xmx%dm" (sub $memory (mulf $memory 0.49)) -}}
|
||||
{{- $customJavaOptions := printf "%s %s %s" $custom $maxDirectMemory $xmx -}}
|
||||
{{ $customJavaOptions | trim | quote }}
|
||||
{{- end }}
|
||||
|
|
|
@ -209,7 +209,7 @@ spec:
|
|||
secret:
|
||||
secretName: {{ .Release.Name }}-cb-pass
|
||||
items:
|
||||
# we are mostly need non-superuser couchbase password file here
|
||||
# we mostly need non-superuser couchbase password file here
|
||||
- key: couchbase_password
|
||||
path: couchbase_password
|
||||
{{- end }}
|
||||
|
|
|
@ -28,7 +28,7 @@ image:
|
|||
# -- Image to use for deploying.
|
||||
repository: janssenproject/scim
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 1.1.1-1
|
||||
tag: 1.1.2-2
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- Service replica number.
|
||||
|
|
|
@ -28,7 +28,7 @@ auth-server:
|
|||
# -- Image to use for deploying.
|
||||
repository: janssenproject/auth-server
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 1.1.1-1
|
||||
tag: 1.1.2-2
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- Service replica number.
|
||||
|
@ -167,7 +167,7 @@ config:
|
|||
# -- Image to use for deploying.
|
||||
repository: janssenproject/configurator
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 1.1.1-1
|
||||
tag: 1.1.2-2
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- Organization name. Used for certificate creation.
|
||||
|
@ -231,7 +231,7 @@ config-api:
|
|||
# -- Image to use for deploying.
|
||||
repository: janssenproject/config-api
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 1.1.1-1
|
||||
tag: 1.1.2-2
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- Service replica number.
|
||||
|
@ -664,7 +664,7 @@ persistence:
|
|||
# -- Image to use for deploying.
|
||||
repository: janssenproject/persistence-loader
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 1.1.1-1
|
||||
tag: 1.1.2-2
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- Resource specs.
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -106,7 +106,7 @@ admin-ui:
|
|||
# -- Image to use for deploying.
|
||||
repository: ghcr.io/gluufederation/flex/admin-ui
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 5.1.1-1
|
||||
tag: 5.1.2-1
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- Service replica number.
|
||||
|
@ -207,7 +207,7 @@ auth-server:
|
|||
# -- Image to use for deploying.
|
||||
repository: ghcr.io/janssenproject/jans/auth-server
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 1.1.1-1
|
||||
tag: 1.1.2-2
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- Service replica number.
|
||||
|
@ -217,7 +217,7 @@ auth-server:
|
|||
limits:
|
||||
# -- CPU limit.
|
||||
cpu: 2500m
|
||||
# -- Memory limit.
|
||||
# -- Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units.
|
||||
memory: 2500Mi
|
||||
requests:
|
||||
# -- CPU request.
|
||||
|
@ -284,7 +284,7 @@ auth-server-key-rotation:
|
|||
# -- Image to use for deploying.
|
||||
repository: ghcr.io/janssenproject/jans/certmanager
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 1.1.1-1
|
||||
tag: 1.1.2-2
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- Auth server key rotation keys life in hours
|
||||
|
@ -508,7 +508,7 @@ config:
|
|||
# -- Image to use for deploying.
|
||||
repository: ghcr.io/janssenproject/jans/configurator
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 1.1.1-1
|
||||
tag: 1.1.2-2
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- LDAP admin password if OpenDJ is used for persistence.
|
||||
|
@ -615,7 +615,7 @@ config-api:
|
|||
# -- Image to use for deploying.
|
||||
repository: ghcr.io/janssenproject/jans/config-api
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 1.1.1-1
|
||||
tag: 1.1.2-2
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- Service replica number.
|
||||
|
@ -625,13 +625,13 @@ config-api:
|
|||
limits:
|
||||
# -- CPU limit.
|
||||
cpu: 1000m
|
||||
# -- Memory limit.
|
||||
memory: 1000Mi
|
||||
# -- Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units.
|
||||
memory: 1200Mi
|
||||
requests:
|
||||
# -- CPU request.
|
||||
cpu: 1000m
|
||||
# -- Memory request.
|
||||
memory: 1000Mi
|
||||
memory: 1200Mi
|
||||
# -- Configure the liveness healthcheck for the auth server if needed.
|
||||
livenessProbe:
|
||||
# -- http liveness probe endpoint
|
||||
|
@ -718,7 +718,7 @@ fido2:
|
|||
# -- Image to use for deploying.
|
||||
repository: ghcr.io/janssenproject/jans/fido2
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 1.1.1-1
|
||||
tag: 1.1.2-2
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- Service replica number.
|
||||
|
@ -728,7 +728,7 @@ fido2:
|
|||
limits:
|
||||
# -- CPU limit.
|
||||
cpu: 500m
|
||||
# -- Memory limit.
|
||||
# -- Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units.
|
||||
memory: 500Mi
|
||||
requests:
|
||||
# -- CPU request.
|
||||
|
@ -826,7 +826,7 @@ casa:
|
|||
# -- Image to use for deploying.
|
||||
repository: ghcr.io/janssenproject/jans/casa
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 1.1.1-1
|
||||
tag: 1.1.2-2
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- Service replica number.
|
||||
|
@ -836,7 +836,7 @@ casa:
|
|||
limits:
|
||||
# -- CPU limit.
|
||||
cpu: 500m
|
||||
# -- Memory limit.
|
||||
# -- Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units.
|
||||
memory: 500Mi
|
||||
requests:
|
||||
# -- CPU request.
|
||||
|
@ -1267,7 +1267,7 @@ global:
|
|||
# Enable saml endpoints /kc
|
||||
samlEnabled: false
|
||||
# -- passing custom java options to saml. DO NOT PASS JAVA_OPTIONS in envs.
|
||||
cnCustomJavaOptions: ""
|
||||
cnCustomJavaOptions: ""
|
||||
|
||||
# -- Path to SQL password file
|
||||
cnSqlPasswordFile: /etc/jans/conf/sql_password
|
||||
|
@ -1291,6 +1291,9 @@ global:
|
|||
kcDbPasswordFile: /etc/jans/conf/kc_db_password
|
||||
# -- Path to file contains Keycloak admin credentials (username and password)
|
||||
kcAdminCredentialsFile: /etc/jans/conf/kc_admin_creds
|
||||
kc-scheduler:
|
||||
# -- Boolean flag to enable/disable the kc-scheduler cronjob chart.
|
||||
enabled: false
|
||||
|
||||
# -- Nginx ingress definitions chart
|
||||
nginx-ingress:
|
||||
|
@ -1561,7 +1564,7 @@ persistence:
|
|||
# -- Image to use for deploying.
|
||||
repository: ghcr.io/janssenproject/jans/persistence-loader
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 1.1.1-1
|
||||
tag: 1.1.2-2
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- Resource specs.
|
||||
|
@ -1645,7 +1648,7 @@ scim:
|
|||
# -- Image to use for deploying.
|
||||
repository: ghcr.io/janssenproject/jans/scim
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 1.1.1-1
|
||||
tag: 1.1.2-2
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- Service replica number.
|
||||
|
@ -1654,13 +1657,13 @@ scim:
|
|||
limits:
|
||||
# -- CPU limit.
|
||||
cpu: 1000m
|
||||
# -- Memory limit.
|
||||
memory: 1000Mi
|
||||
# -- Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units.
|
||||
memory: 1200Mi
|
||||
requests:
|
||||
# -- CPU request.
|
||||
cpu: 1000m
|
||||
# -- Memory request.
|
||||
memory: 1000Mi
|
||||
memory: 1200Mi
|
||||
service:
|
||||
# -- The name of the scim port within the scim service. Please keep it as default.
|
||||
name: http-scim
|
||||
|
@ -1753,7 +1756,7 @@ link:
|
|||
# -- Image to use for deploying.
|
||||
repository: ghcr.io/janssenproject/jans/link
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 1.1.1-1
|
||||
tag: 1.1.2-2
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- Service replica number.
|
||||
|
@ -1763,13 +1766,13 @@ link:
|
|||
limits:
|
||||
# -- CPU limit.
|
||||
cpu: 500m
|
||||
# -- Memory limit.
|
||||
memory: 1000Mi
|
||||
# -- Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units.
|
||||
memory: 1200Mi
|
||||
requests:
|
||||
# -- CPU request.
|
||||
cpu: 500m
|
||||
# -- Memory request.
|
||||
memory: 1000Mi
|
||||
memory: 1200Mi
|
||||
# -- Configure the liveness healthcheck for the auth server if needed.
|
||||
livenessProbe:
|
||||
# -- http liveness probe endpoint
|
||||
|
@ -1860,7 +1863,7 @@ saml:
|
|||
# -- Image to use for deploying.
|
||||
repository: ghcr.io/janssenproject/jans/saml
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 1.1.1-1
|
||||
tag: 1.1.2-2
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- Service replica number.
|
||||
|
@ -1870,13 +1873,13 @@ saml:
|
|||
limits:
|
||||
# -- CPU limit.
|
||||
cpu: 500m
|
||||
# -- Memory limit.
|
||||
memory: 1000Mi
|
||||
# -- Memory limit. This value is used to calculate memory allocation for Java. Currently it only supports `Mi`. Please refrain from using other units.
|
||||
memory: 1200Mi
|
||||
requests:
|
||||
# -- CPU request.
|
||||
cpu: 500m
|
||||
# -- Memory request.
|
||||
memory: 1000Mi
|
||||
memory: 1200Mi
|
||||
# -- Configure the liveness healthcheck for the auth server if needed.
|
||||
livenessProbe:
|
||||
# -- http liveness probe endpoint
|
||||
|
@ -1918,3 +1921,60 @@ saml:
|
|||
# - /tmp/custom.sh
|
||||
# - /tmp/custom2.sh
|
||||
customScripts: [ ]
|
||||
|
||||
# -- Responsible for synchronizing Keycloak SAML clients
|
||||
kc-scheduler:
|
||||
# -- Add custom normal and secret envs to the service
|
||||
usrEnvs:
|
||||
# -- Add custom normal envs to the service
|
||||
# variable1: value1
|
||||
normal: {}
|
||||
# -- Add custom secret envs to the service
|
||||
# variable1: value1
|
||||
secret: {}
|
||||
# -- Add custom dns policy
|
||||
dnsPolicy: ""
|
||||
# -- Add custom dns config
|
||||
dnsConfig: {}
|
||||
image:
|
||||
# -- Image pullPolicy to use for deploying.
|
||||
pullPolicy: IfNotPresent
|
||||
# -- Image to use for deploying.
|
||||
repository: ghcr.io/janssenproject/jans/kc-scheduler
|
||||
# -- Image tag to use for deploying.
|
||||
tag: 1.1.2-2
|
||||
# -- Image Pull Secrets
|
||||
pullSecrets: [ ]
|
||||
# -- Resource specs.
|
||||
resources:
|
||||
limits:
|
||||
# -- CPU limit.
|
||||
cpu: 300m
|
||||
# -- Memory limit.
|
||||
memory: 300Mi
|
||||
requests:
|
||||
# -- CPU request.
|
||||
cpu: 300m
|
||||
# -- Memory request.
|
||||
memory: 300Mi
|
||||
# -- Interval of running the scheduler (in minutes)
|
||||
interval: 10
|
||||
# -- Configure any additional volumes that need to be attached to the pod
|
||||
volumes: []
|
||||
# -- Configure any additional volumesMounts that need to be attached to the containers
|
||||
volumeMounts: []
|
||||
# Actions on lifecycle events such as postStart and preStop
|
||||
# Example
|
||||
# lifecycle:
|
||||
# postStart:
|
||||
# exec:
|
||||
# command: ["sh", "-c", "mkdir /opt/jans/jetty/jans-auth/custom/static/stylesheet/"]
|
||||
lifecycle: {}
|
||||
# -- Additional labels that will be added across the gateway in the format of {mylabel: "myapp"}
|
||||
additionalLabels: { }
|
||||
# -- Additional annotations that will be added across the gateway in the format of {cert-manager.io/issuer: "letsencrypt-prod"}
|
||||
additionalAnnotations: {}
|
||||
# -- Add custom scripts that have been mounted to run before the entrypoint.
|
||||
# - /tmp/custom.sh
|
||||
# - /tmp/custom2.sh
|
||||
customScripts: []
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# JFrog Artifactory-ha Chart Changelog
|
||||
All changes to this chart will be documented in this file
|
||||
|
||||
## [107.84.12] - May 20, 2024
|
||||
## [107.84.14] - May 29, 2024
|
||||
* Added image section for `initContainers` instead of `initContainerImage`
|
||||
* Renamed `router.image.imagePullPolicy` to `router.image.pullPolicy`
|
||||
* Removed loggers.image section
|
||||
|
@ -20,6 +20,9 @@ All changes to this chart will be documented in this file
|
|||
* Fixed an issue to generate unified secret to support artifactory fullname [GH-1882](https://github.com/jfrog/charts/issues/1882)
|
||||
* Fixed an issue template render on loggers [GH-1883](https://github.com/jfrog/charts/issues/1883)
|
||||
* Override metadata and observability image tag with `global.verisons.artifactory` value
|
||||
* Fixed resource constraints for "setup" initContainer of nginx deployment [GH-962] (https://github.com/jfrog/charts/issues/962)
|
||||
* Added .Values.artifactory.unifiedSecretsPrependReleaseName` for unified secret to prepend release name
|
||||
* Fixed maxCacheSize and cacheProviderDir mix up under azure-blob-storage-v2-direct template in binarystore.xml
|
||||
|
||||
## [107.83.0] - Mar 12, 2024
|
||||
* Added image section for `metadata` and `observability`
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
annotations:
|
||||
artifactoryServiceVersion: 7.84.16
|
||||
artifactoryServiceVersion: 7.84.17
|
||||
catalog.cattle.io/certified: partner
|
||||
catalog.cattle.io/display-name: JFrog Artifactory HA
|
||||
catalog.cattle.io/kube-version: '>= 1.19.0-0'
|
||||
catalog.cattle.io/release-name: artifactory-ha
|
||||
apiVersion: v2
|
||||
appVersion: 7.84.12
|
||||
appVersion: 7.84.14
|
||||
dependencies:
|
||||
- condition: postgresql.enabled
|
||||
name: postgresql
|
||||
|
@ -27,4 +27,4 @@ name: artifactory-ha
|
|||
sources:
|
||||
- https://github.com/jfrog/charts
|
||||
type: application
|
||||
version: 107.84.12
|
||||
version: 107.84.14
|
||||
|
|
|
@ -417,8 +417,8 @@
|
|||
<config version="3">
|
||||
<chain template="azure-blob-storage-v2-direct"/>
|
||||
<provider type="cache-fs" id="cache-fs">
|
||||
<cacheProviderDir>{{ .Values.artifactory.persistence.maxCacheSize | int64 }}</cacheProviderDir>
|
||||
<maxCacheSize>{{ .Values.artifactory.persistence.cacheProviderDir }}</maxCacheSize>
|
||||
<maxCacheSize>{{ .Values.artifactory.persistence.maxCacheSize | int64 }}</maxCacheSize>
|
||||
<cacheProviderDir>{{ .Values.artifactory.persistence.cacheProviderDir }}</cacheProviderDir>
|
||||
{{- if .Values.artifactory.persistence.maxFileSizeLimit }}
|
||||
<maxFileSizeLimit>{{.Values.artifactory.persistence.maxFileSizeLimit | int64}}</maxFileSizeLimit>
|
||||
{{- end }}
|
||||
|
|
|
@ -490,4 +490,15 @@ Calculate the systemYaml from the unstructured text input
|
|||
*/}}
|
||||
{{- define "artifactory.systemYaml" -}}
|
||||
{{ include (print $.Template.BasePath "/_system-yaml-render.tpl") . }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Resolve unified secret prepend release name
|
||||
*/}}
|
||||
{{- define "artifactory.unifiedSecretPrependReleaseName" -}}
|
||||
{{- if .Values.artifactory.unifiedSecretPrependReleaseName }}
|
||||
{{- printf "%s" (include "artifactory-ha.fullname" .) -}}
|
||||
{{- else }}
|
||||
{{- printf "%s" (include "artifactory-ha.name" .) -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
|
|
@ -180,7 +180,7 @@ spec:
|
|||
{{- if or (not .Values.artifactory.unifiedSecretInstallation) (or .Values.artifactory.masterKeySecretName .Values.global.masterKeySecretName) }}
|
||||
name: {{ include "artifactory-ha.masterKeySecretName" . }}
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: master-key
|
||||
{{- end }}
|
||||
|
@ -320,7 +320,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory-ha.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-user
|
||||
{{- end }}
|
||||
|
@ -336,7 +336,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory-ha.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-password
|
||||
{{- else if .Values.postgresql.enabled }}
|
||||
|
@ -355,7 +355,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory-ha.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-url
|
||||
{{- end }}
|
||||
|
@ -544,7 +544,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory-ha.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-user
|
||||
{{- end }}
|
||||
|
@ -560,7 +560,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory-ha.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-password
|
||||
{{- else if .Values.postgresql.enabled }}
|
||||
|
@ -579,7 +579,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory-ha.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-url
|
||||
{{- end }}
|
||||
|
@ -712,7 +712,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory-ha.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-password
|
||||
{{- else if .Values.postgresql.enabled }}
|
||||
|
@ -858,7 +858,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory-ha.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-user
|
||||
{{- end }}
|
||||
|
@ -874,7 +874,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory-ha.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-password
|
||||
{{- else if .Values.postgresql.enabled }}
|
||||
|
@ -893,7 +893,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory-ha.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-url
|
||||
{{- end }}
|
||||
|
@ -1239,7 +1239,8 @@ spec:
|
|||
{{- if and .Values.artifactory.unifiedSecretInstallation (eq (include "artifactory-ha.checkDuplicateUnifiedCustomVolume" .) "false" ) }}
|
||||
- name: {{ include "artifactory-ha.unifiedCustomSecretVolumeName" . }}
|
||||
secret:
|
||||
secretName: {{ template "artifactory-ha.fullname" . }}-unified-secret
|
||||
secretName: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
|
||||
{{- else if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
|
||||
############ If single secret installation flag is disable ############
|
||||
|
|
|
@ -244,7 +244,7 @@ spec:
|
|||
{{- if or (not .Values.artifactory.unifiedSecretInstallation) .Values.artifactory.joinKeySecretName .Values.global.joinKeySecretName }}
|
||||
name: {{ include "artifactory-ha.joinKeySecretName" . }}
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: join-key
|
||||
{{- end }}
|
||||
|
@ -255,7 +255,7 @@ spec:
|
|||
{{- if or (not .Values.artifactory.unifiedSecretInstallation) .Values.artifactory.jfConnectTokenSecretName }}
|
||||
name: {{ include "artifactory-ha.jfConnectTokenSecretName" . }}
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: jfconnect-token
|
||||
{{- end }}
|
||||
|
@ -266,7 +266,7 @@ spec:
|
|||
{{- if or (not .Values.artifactory.unifiedSecretInstallation) .Values.artifactory.masterKeySecretName .Values.global.masterKeySecretName }}
|
||||
name: {{ include "artifactory-ha.masterKeySecretName" . }}
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: master-key
|
||||
{{- end }}
|
||||
|
@ -428,7 +428,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory-ha.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-user
|
||||
{{- end }}
|
||||
|
@ -444,7 +444,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory-ha.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-password
|
||||
{{- else if .Values.postgresql.enabled }}
|
||||
|
@ -463,7 +463,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory-ha.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-url
|
||||
{{- end }}
|
||||
|
@ -656,7 +656,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory-ha.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-user
|
||||
{{- end }}
|
||||
|
@ -672,7 +672,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory-ha.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-password
|
||||
{{- else if .Values.postgresql.enabled }}
|
||||
|
@ -691,7 +691,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory-ha.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-url
|
||||
{{- end }}
|
||||
|
@ -964,7 +964,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory-ha.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-user
|
||||
{{- end }}
|
||||
|
@ -980,7 +980,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory-ha.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-password
|
||||
{{- else if .Values.postgresql.enabled }}
|
||||
|
@ -999,7 +999,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory-ha.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory-ha.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-url
|
||||
{{- end }}
|
||||
|
@ -1366,7 +1366,8 @@ spec:
|
|||
{{- if and .Values.artifactory.unifiedSecretInstallation (eq (include "artifactory-ha.checkDuplicateUnifiedCustomVolume" .) "false" ) }}
|
||||
- name: {{ include "artifactory-ha.unifiedCustomSecretVolumeName" . }}
|
||||
secret:
|
||||
secretName: {{ template "artifactory-ha.fullname" . }}-unified-secret
|
||||
secretName: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
|
||||
{{- else if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
|
||||
############ If single secret installation flag is disable ############
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ template "artifactory-ha.fullname" . }}-unified-secret
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
labels:
|
||||
app: "{{ template "artifactory-ha.name" $ }}"
|
||||
chart: "{{ template "artifactory-ha.chart" $ }}"
|
||||
|
|
|
@ -76,6 +76,8 @@ spec:
|
|||
- >
|
||||
rm -rfv {{ .Values.nginx.persistence.mountPath }}/lost+found;
|
||||
mkdir -p {{ .Values.nginx.persistence.mountPath }}/logs;
|
||||
resources:
|
||||
{{- toYaml .Values.initContainers.resources | nindent 10 }}
|
||||
volumeMounts:
|
||||
- mountPath: {{ .Values.nginx.persistence.mountPath | quote }}
|
||||
name: nginx-volume
|
||||
|
|
|
@ -48,7 +48,7 @@ initContainers:
|
|||
image:
|
||||
registry: releases-docker.jfrog.io
|
||||
repository: ubi9/ubi-minimal
|
||||
tag: 9.3.1552
|
||||
tag: 9.4.949
|
||||
pullPolicy: IfNotPresent
|
||||
resources:
|
||||
requests:
|
||||
|
@ -345,6 +345,8 @@ artifactory:
|
|||
# unifiedSecretInstallation flag enables single unified secret holding all the artifactory-ha internal(chart) secrets, It won't be affecting external secrets.
|
||||
## Note: unifiedSecretInstallation flag is enabled by true by default from chart version 107.78.x, Users can switch to false to continue with the old way of secret creation.
|
||||
unifiedSecretInstallation: true
|
||||
## unifiedSecretPrependReleaseName Set this flag to false if unifiedSecret should not be created with <release-name> prepended.
|
||||
unifiedSecretPrependReleaseName: true
|
||||
image:
|
||||
registry: releases-docker.jfrog.io
|
||||
repository: jfrog/artifactory-pro
|
||||
|
@ -536,7 +538,7 @@ artifactory:
|
|||
# cpu: "100m"
|
||||
|
||||
## Add custom volumes
|
||||
# If .Values.artifactory.unifiedSecretInstallation is true then secret name should be '{{ template "artifactory-ha.fullname" . }}-unified-secret'.
|
||||
# If .Values.artifactory.unifiedSecretInstallation is true then secret name should be '{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret'.
|
||||
customVolumes: ""
|
||||
# - name: custom-script
|
||||
# configMap:
|
||||
|
@ -585,7 +587,7 @@ artifactory:
|
|||
# jfConnectTokenSecretName:
|
||||
|
||||
# Add custom secrets - secret per file
|
||||
# If .Values.artifactory.unifiedSecretInstallation is true then secret name should be '{{ template "artifactory-ha.fullname" . }}-unified-secret' common to all secrets
|
||||
# If .Values.artifactory.unifiedSecretInstallation is true then secret name should be '{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret' common to all secrets
|
||||
customSecrets:
|
||||
# - name: custom-secret
|
||||
# key: custom-secret.yaml
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# JFrog Container Registry Chart Changelog
|
||||
All changes to this chart will be documented in this file.
|
||||
|
||||
## [107.84.12] - Feb 20, 2024
|
||||
## [107.84.14] - Feb 20, 2024
|
||||
* Updated `artifactory.installerInfo` content
|
||||
|
||||
## [107.80.0] - Feb 1, 2024
|
||||
|
|
|
@ -4,11 +4,11 @@ annotations:
|
|||
catalog.cattle.io/kube-version: '>= 1.19.0-0'
|
||||
catalog.cattle.io/release-name: artifactory-jcr
|
||||
apiVersion: v2
|
||||
appVersion: 7.84.12
|
||||
appVersion: 7.84.14
|
||||
dependencies:
|
||||
- name: artifactory
|
||||
repository: file://./charts/artifactory
|
||||
version: 107.84.12
|
||||
version: 107.84.14
|
||||
description: JFrog Container Registry
|
||||
home: https://jfrog.com/container-registry/
|
||||
icon: https://raw.githubusercontent.com/jfrog/charts/ea5c3112c24a973f64f3ccd99747323db292a369/stable/artifactory-jcr/logo/jcr-logo.png
|
||||
|
@ -27,4 +27,4 @@ name: artifactory-jcr
|
|||
sources:
|
||||
- https://github.com/jfrog/charts
|
||||
type: application
|
||||
version: 107.84.12
|
||||
version: 107.84.14
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# JFrog Artifactory Chart Changelog
|
||||
All changes to this chart will be documented in this file.
|
||||
|
||||
## [107.84.12] - May 16, 2024
|
||||
## [107.84.14] - May 29, 2024
|
||||
* Added image section for `initContainers` instead of `initContainerImage`
|
||||
* Renamed `router.image.imagePullPolicy` to `router.image.pullPolicy`
|
||||
* Removed image section for `loggers`
|
||||
|
@ -18,6 +18,9 @@ All changes to this chart will be documented in this file.
|
|||
* Added a check if `initContainerImage` exists
|
||||
* Fixed an issue to generate unified secret to support artifactory fullname [GH-1882](https://github.com/jfrog/charts/issues/1882)
|
||||
* Fixed an issue template render on loggers [GH-1883](https://github.com/jfrog/charts/issues/1883)
|
||||
* Fixed resource constraints for "setup" initContainer of nginx deployment [GH-962] (https://github.com/jfrog/charts/issues/962)
|
||||
* Added .Values.artifactory.unifiedSecretPrependReleaseName` for unified secret to prepend release name
|
||||
* Fixed maxCacheSize and cacheProviderDir mix up under azure-blob-storage-v2-direct template in binarystore.xml
|
||||
|
||||
## [107.82.0] - Mar 04, 2024
|
||||
* Added `disableRouterBypass` flag as experimental feature, to disable the artifactoryPath /artifactory/ and route all traffic through the Router.
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
apiVersion: v2
|
||||
appVersion: 7.84.12
|
||||
appVersion: 7.84.14
|
||||
dependencies:
|
||||
- condition: postgresql.enabled
|
||||
name: postgresql
|
||||
|
@ -21,4 +21,4 @@ name: artifactory
|
|||
sources:
|
||||
- https://github.com/jfrog/charts
|
||||
type: application
|
||||
version: 107.84.12
|
||||
version: 107.84.14
|
||||
|
|
|
@ -404,8 +404,8 @@
|
|||
<config version="3">
|
||||
<chain template="azure-blob-storage-v2-direct"/>
|
||||
<provider type="cache-fs" id="cache-fs">
|
||||
<cacheProviderDir>{{ .Values.artifactory.persistence.maxCacheSize | int64 }}</cacheProviderDir>
|
||||
<maxCacheSize>{{ .Values.artifactory.persistence.cacheProviderDir }}</maxCacheSize>
|
||||
<maxCacheSize>{{ .Values.artifactory.persistence.maxCacheSize | int64 }}</maxCacheSize>
|
||||
<cacheProviderDir>{{ .Values.artifactory.persistence.cacheProviderDir }}</cacheProviderDir>
|
||||
{{- if .Values.artifactory.persistence.maxFileSizeLimit }}
|
||||
<maxFileSizeLimit>{{.Values.artifactory.persistence.maxFileSizeLimit | int64}}</maxFileSizeLimit>
|
||||
{{- end }}
|
||||
|
|
|
@ -456,3 +456,14 @@ Calculate the systemYaml from the unstructured text input
|
|||
{{- define "artifactory.systemYaml" -}}
|
||||
{{ include (print $.Template.BasePath "/_system-yaml-render.tpl") . }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Resolve unified secret prepend release name
|
||||
*/}}
|
||||
{{- define "artifactory.unifiedSecretPrependReleaseName" -}}
|
||||
{{- if .Values.artifactory.unifiedSecretPrependReleaseName }}
|
||||
{{- printf "%s" (include "artifactory.fullname" .) -}}
|
||||
{{- else }}
|
||||
{{- printf "%s" (include "artifactory.name" .) -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
|
|
@ -226,7 +226,7 @@ spec:
|
|||
{{- if or (not .Values.artifactory.unifiedSecretInstallation) .Values.artifactory.joinKeySecretName .Values.global.joinKeySecretName }}
|
||||
name: {{ include "artifactory.joinKeySecretName" . }}
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: join-key
|
||||
{{- end }}
|
||||
|
@ -237,7 +237,7 @@ spec:
|
|||
{{- if or (not .Values.artifactory.unifiedSecretInstallation) .Values.artifactory.jfConnectTokenSecretName }}
|
||||
name: {{ include "artifactory.jfConnectTokenSecretName" . }}
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: jfconnect-token
|
||||
{{- end }}
|
||||
|
@ -248,7 +248,7 @@ spec:
|
|||
{{- if or (not .Values.artifactory.unifiedSecretInstallation) .Values.artifactory.masterKeySecretName .Values.global.masterKeySecretName }}
|
||||
name: {{ include "artifactory.masterKeySecretName" . }}
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: master-key
|
||||
{{- end }}
|
||||
|
@ -408,7 +408,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-user
|
||||
{{- end }}
|
||||
|
@ -424,7 +424,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-password
|
||||
{{- else if .Values.postgresql.enabled }}
|
||||
|
@ -443,7 +443,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-url
|
||||
{{- end }}
|
||||
|
@ -622,7 +622,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-user
|
||||
{{- end }}
|
||||
|
@ -638,7 +638,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-password
|
||||
{{- else if .Values.postgresql.enabled }}
|
||||
|
@ -657,7 +657,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-url
|
||||
{{- end }}
|
||||
|
@ -934,7 +934,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-user
|
||||
{{- end }}
|
||||
|
@ -950,7 +950,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-password
|
||||
{{- else if .Values.postgresql.enabled }}
|
||||
|
@ -969,7 +969,7 @@ spec:
|
|||
{{- if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
name: {{ template "artifactory.fullname" . }}-database-creds
|
||||
{{- else }}
|
||||
name: "{{ template "artifactory.fullname" . }}-unified-secret"
|
||||
name: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
{{- end }}
|
||||
key: db-url
|
||||
{{- end }}
|
||||
|
@ -1321,7 +1321,8 @@ spec:
|
|||
{{- if and .Values.artifactory.unifiedSecretInstallation (eq (include "artifactory.checkDuplicateUnifiedCustomVolume" .) "false" ) }}
|
||||
- name: {{ include "artifactory.unifiedCustomSecretVolumeName" . }}
|
||||
secret:
|
||||
secretName: {{ template "artifactory.fullname" . }}-unified-secret
|
||||
secretName: "{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret"
|
||||
|
||||
{{- else if not .Values.artifactory.unifiedSecretInstallation }}
|
||||
############ If single secret installation flag is disable ############
|
||||
{{- if and .Values.artifactory.persistence.googleStorage.gcpServiceAccount.enabled (not .Values.artifactory.persistence.googleStorage.gcpServiceAccount.customSecretName) }}
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ template "artifactory.fullname" . }}-unified-secret
|
||||
name: {{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret
|
||||
labels:
|
||||
app: "{{ template "artifactory.name" $ }}"
|
||||
chart: "{{ template "artifactory.chart" $ }}"
|
||||
|
|
|
@ -79,6 +79,8 @@ spec:
|
|||
- >
|
||||
rm -rfv {{ .Values.nginx.persistence.mountPath }}/lost+found;
|
||||
mkdir -p {{ .Values.nginx.persistence.mountPath }}/logs;
|
||||
resources:
|
||||
{{- toYaml .Values.initContainers.resources | nindent 10 }}
|
||||
volumeMounts:
|
||||
- mountPath: {{ .Values.nginx.persistence.mountPath | quote }}
|
||||
name: nginx-volume
|
||||
|
|
|
@ -49,7 +49,7 @@ initContainers:
|
|||
image:
|
||||
registry: releases-docker.jfrog.io
|
||||
repository: ubi9/ubi-minimal
|
||||
tag: 9.3.1552
|
||||
tag: 9.4.949
|
||||
pullPolicy: IfNotPresent
|
||||
resources:
|
||||
requests:
|
||||
|
@ -287,6 +287,8 @@ artifactory:
|
|||
# unifiedSecretInstallation flag enables single unified secret holding all the artifactory internal(chart) secrets, It won't be affecting external secrets.
|
||||
## Note: unifiedSecretInstallation flag is enabled by true by default from chart version 107.79.x, Users can switch to false to continue with the old way of secret creation.
|
||||
unifiedSecretInstallation: true
|
||||
## unifiedSecretPrependReleaseName Set this flag to false if unifiedSecret should not be created with <release-name> prepended.
|
||||
unifiedSecretPrependReleaseName: true
|
||||
# For HA installation, set this value > 1. This is only supported in Artifactory 7.25.x (appVersions) and above.
|
||||
replicaCount: 1
|
||||
# minAvailable: 1
|
||||
|
@ -492,7 +494,7 @@ artifactory:
|
|||
# cpu: "100m"
|
||||
|
||||
## Add custom volumes
|
||||
# If .Values.artifactory.unifiedSecretInstallation is true then secret name should be '{{ template "artifactory.fullname" . }}-unified-secret'
|
||||
# If .Values.artifactory.unifiedSecretInstallation is true then secret name should be '{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret'
|
||||
customVolumes: ""
|
||||
# - name: custom-script
|
||||
# configMap:
|
||||
|
@ -565,7 +567,7 @@ artifactory:
|
|||
# jfConnectTokenSecretName:
|
||||
|
||||
# Add custom secrets - secret per file
|
||||
# If .Values.artifactory.unifiedSecretInstallation is true then secret name should be '{{ template "artifactory.fullname" . }}-unified-secret' common to all secrets
|
||||
# If .Values.artifactory.unifiedSecretInstallation is true then secret name should be '{{ template "artifactory.unifiedSecretPrependReleaseName" . }}-unified-secret' common to all secrets
|
||||
customSecrets:
|
||||
# - name: custom-secret
|
||||
# key: custom-secret.yaml
|
||||
|
|
|
@ -72,4 +72,4 @@ router:
|
|||
tag: 7.105.1
|
||||
initContainers:
|
||||
image:
|
||||
tag: 9.3.1552
|
||||
tag: 9.4.949
|
||||
|
|
|
@ -15,4 +15,4 @@ maintainers:
|
|||
- email: natalia.marukovich@percona.com
|
||||
name: nmarukovich
|
||||
name: psmdb-db
|
||||
version: 1.16.0
|
||||
version: 1.16.1
|
||||
|
|
|
@ -36,6 +36,7 @@ The chart can be customized using the following configurable parameters:
|
|||
| `unsafeFlags.backupIfUnhealthy` | Allows running backup on a cluster with failed health checks | `false` |
|
||||
| `clusterServiceDNSSuffix` | The (non-standard) cluster domain to be used as a suffix of the Service name | `""` |
|
||||
| `clusterServiceDNSMode` | Mode for the cluster service dns (Internal/ServiceMesh) | `""` |
|
||||
| `annotations` | PSMDB custom resource annotations | `{}` |
|
||||
| `ignoreAnnotations` | The list of annotations to be ignored by the Operator | `[]` |
|
||||
| `ignoreLabels` | The list of labels to be ignored by the Operator | `[]` |
|
||||
| `multiCluster.enabled` | Enable Multi Cluster Services (MCS) cluster mode | `false` |
|
||||
|
|
|
@ -1,9 +1,10 @@
|
|||
apiVersion: psmdb.percona.com/v1
|
||||
kind: PerconaServerMongoDB
|
||||
metadata:
|
||||
{{- if .Values.annotations }}
|
||||
annotations:
|
||||
kubectl.kubernetes.io/last-applied-configuration: |
|
||||
{"apiVersion":"psmdb.percona.com/v1","kind":"PerconaServerMongoDB"}
|
||||
{{ .Values.annotations | toYaml | indent 4 }}
|
||||
{{- end }}
|
||||
name: {{ include "psmdb-database.fullname" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
|
|
|
@ -28,6 +28,8 @@ unsafeFlags:
|
|||
terminationGracePeriod: false
|
||||
backupIfUnhealthy: false
|
||||
|
||||
annotations: {}
|
||||
|
||||
# ignoreAnnotations:
|
||||
# - service.beta.kubernetes.io/aws-load-balancer-backend-protocol
|
||||
# ignoreLabels:
|
||||
|
|
208
index.yaml
208
index.yaml
|
@ -241,6 +241,40 @@ entries:
|
|||
- assets/amd/amd-gpu-0.9.0.tgz
|
||||
version: 0.9.0
|
||||
artifactory-ha:
|
||||
- annotations:
|
||||
artifactoryServiceVersion: 7.84.17
|
||||
catalog.cattle.io/certified: partner
|
||||
catalog.cattle.io/display-name: JFrog Artifactory HA
|
||||
catalog.cattle.io/kube-version: '>= 1.19.0-0'
|
||||
catalog.cattle.io/release-name: artifactory-ha
|
||||
apiVersion: v2
|
||||
appVersion: 7.84.14
|
||||
created: "2024-06-07T00:57:38.426373386Z"
|
||||
dependencies:
|
||||
- condition: postgresql.enabled
|
||||
name: postgresql
|
||||
repository: file://./charts/postgresql
|
||||
version: 10.3.18
|
||||
description: Universal Repository Manager supporting all major packaging formats,
|
||||
build tools and CI servers.
|
||||
digest: bd964c37edb6388d44d187075887b1a962cc38aeac9f06e566b3cf32b50fdb2d
|
||||
home: https://www.jfrog.com/artifactory/
|
||||
icon: https://raw.githubusercontent.com/jfrog/charts/ea5c3112c24a973f64f3ccd99747323db292a369/stable/artifactory-ha/logo/artifactory-logo.png
|
||||
keywords:
|
||||
- artifactory
|
||||
- jfrog
|
||||
- devops
|
||||
kubeVersion: '>= 1.19.0-0'
|
||||
maintainers:
|
||||
- email: installers@jfrog.com
|
||||
name: Chart Maintainers at JFrog
|
||||
name: artifactory-ha
|
||||
sources:
|
||||
- https://github.com/jfrog/charts
|
||||
type: application
|
||||
urls:
|
||||
- assets/jfrog/artifactory-ha-107.84.14.tgz
|
||||
version: 107.84.14
|
||||
- annotations:
|
||||
artifactoryServiceVersion: 7.84.16
|
||||
catalog.cattle.io/certified: partner
|
||||
|
@ -1268,6 +1302,40 @@ entries:
|
|||
- assets/jfrog/artifactory-ha-107.55.14.tgz
|
||||
version: 107.55.14
|
||||
artifactory-jcr:
|
||||
- annotations:
|
||||
catalog.cattle.io/certified: partner
|
||||
catalog.cattle.io/display-name: JFrog Container Registry
|
||||
catalog.cattle.io/kube-version: '>= 1.19.0-0'
|
||||
catalog.cattle.io/release-name: artifactory-jcr
|
||||
apiVersion: v2
|
||||
appVersion: 7.84.14
|
||||
created: "2024-06-07T00:57:38.672526969Z"
|
||||
dependencies:
|
||||
- name: artifactory
|
||||
repository: file://./charts/artifactory
|
||||
version: 107.84.14
|
||||
description: JFrog Container Registry
|
||||
digest: 17beb379cb64a4df8589add14a19950934f08d2ee7b162ee08a6a600ce197002
|
||||
home: https://jfrog.com/container-registry/
|
||||
icon: https://raw.githubusercontent.com/jfrog/charts/ea5c3112c24a973f64f3ccd99747323db292a369/stable/artifactory-jcr/logo/jcr-logo.png
|
||||
keywords:
|
||||
- artifactory
|
||||
- jfrog
|
||||
- container
|
||||
- registry
|
||||
- devops
|
||||
- jfrog-container-registry
|
||||
kubeVersion: '>= 1.19.0-0'
|
||||
maintainers:
|
||||
- email: helm@jfrog.com
|
||||
name: Chart Maintainers at JFrog
|
||||
name: artifactory-jcr
|
||||
sources:
|
||||
- https://github.com/jfrog/charts
|
||||
type: application
|
||||
urls:
|
||||
- assets/jfrog/artifactory-jcr-107.84.14.tgz
|
||||
version: 107.84.14
|
||||
- annotations:
|
||||
catalog.cattle.io/certified: partner
|
||||
catalog.cattle.io/display-name: JFrog Container Registry
|
||||
|
@ -11134,6 +11202,117 @@ entries:
|
|||
- assets/inaccel/fpga-operator-2.5.201.tgz
|
||||
version: 2.5.201
|
||||
gluu:
|
||||
- annotations:
|
||||
artifacthub.io/containsSecurityUpdates: "true"
|
||||
artifacthub.io/images: |
|
||||
- name: auth-server
|
||||
image: ghcr.io/janssenproject/jans/auth-server:1.1.2-2
|
||||
- name: auth-server-key-rotation
|
||||
image: ghcr.io/janssenproject/jans/certmanager:1.1.2-2
|
||||
- name: configuration-manager
|
||||
image: ghcr.io/janssenproject/jans/configurator:1.1.2-2
|
||||
- name: config-api
|
||||
image: ghcr.io/janssenproject/jans/config-api:1.1.2-2
|
||||
- name: fido2
|
||||
image: ghcr.io/janssenproject/jans/fido2:1.1.2-2
|
||||
- name: persistence
|
||||
image: ghcr.io/janssenproject/jans/persistence-loader:1.1.2-2
|
||||
- name: scim
|
||||
image: ghcr.io/janssenproject/jans/scim:1.1.2-2
|
||||
- name: casa
|
||||
image: ghcr.io/janssenproject/jans/casa:1.1.2-2
|
||||
- name: admin-ui
|
||||
image: ghcr.io/gluufederation/flex/admin-ui:5.1.2-1
|
||||
- name: link
|
||||
image: ghcr.io/janssenproject/jans/link:1.1.2-2
|
||||
- name: saml
|
||||
image: ghcr.io/janssenproject/jans/saml:1.1.2-2
|
||||
- name: kc-scheduler
|
||||
image: ghcr.io/janssenproject/jans/kc-scheduler:1.1.2-2
|
||||
artifacthub.io/license: Apache-2.0
|
||||
catalog.cattle.io/certified: partner
|
||||
catalog.cattle.io/display-name: Gluu Cloud Identity and Access Management
|
||||
catalog.cattle.io/featured: "4"
|
||||
catalog.cattle.io/kube-version: '>=v1.21.0-0'
|
||||
catalog.cattle.io/release-name: gluu
|
||||
apiVersion: v2
|
||||
appVersion: 5.1.2
|
||||
created: "2024-06-07T00:57:37.608217215Z"
|
||||
dependencies:
|
||||
- condition: global.config.enabled
|
||||
name: config
|
||||
repository: file://./charts/config
|
||||
version: 1.1.2
|
||||
- condition: global.config-api.enabled
|
||||
name: config-api
|
||||
repository: file://./charts/config-api
|
||||
version: 1.1.2
|
||||
- condition: global.opendj.enabled
|
||||
name: opendj
|
||||
repository: file://./charts/opendj
|
||||
version: 5.1.2
|
||||
- condition: global.auth-server.enabled
|
||||
name: auth-server
|
||||
repository: file://./charts/auth-server
|
||||
version: 1.1.2
|
||||
- condition: global.admin-ui.enabled
|
||||
name: admin-ui
|
||||
repository: file://./charts/admin-ui
|
||||
version: 5.1.2
|
||||
- condition: global.fido2.enabled
|
||||
name: fido2
|
||||
repository: file://./charts/fido2
|
||||
version: 1.1.2
|
||||
- condition: global.scim.enabled
|
||||
name: scim
|
||||
repository: file://./charts/scim
|
||||
version: 1.1.2
|
||||
- condition: global.nginx-ingress.enabled
|
||||
name: nginx-ingress
|
||||
repository: file://./charts/nginx-ingress
|
||||
version: 5.1.2
|
||||
- condition: global.casa.enabled
|
||||
name: casa
|
||||
repository: file://./charts/casa
|
||||
version: 1.1.2
|
||||
- condition: global.auth-server-key-rotation.enabled
|
||||
name: auth-server-key-rotation
|
||||
repository: file://./charts/auth-server-key-rotation
|
||||
version: 1.1.2
|
||||
- condition: global.persistence.enabled
|
||||
name: persistence
|
||||
repository: file://./charts/persistence
|
||||
version: 1.1.2
|
||||
- condition: global.istio.ingress
|
||||
name: cn-istio-ingress
|
||||
repository: file://./charts/cn-istio-ingress
|
||||
version: 5.1.2
|
||||
- condition: global.link.enabled
|
||||
name: link
|
||||
repository: file://./charts/link
|
||||
version: 1.1.2
|
||||
- condition: global.saml.enabled
|
||||
name: saml
|
||||
repository: file://./charts/saml
|
||||
version: 1.1.2
|
||||
- condition: global.kc-scheduler.enabled
|
||||
name: kc-scheduler
|
||||
repository: file://./charts/kc-scheduler
|
||||
version: 1.1.2
|
||||
description: Gluu Access and Identity Management
|
||||
digest: fe5aee957ae0605969bb82ba17b626da9c99927d5f0990d644bbb245413ab94a
|
||||
home: https://www.gluu.org
|
||||
icon: https://gluu.org/docs/gluu-server/favicon.ico
|
||||
kubeVersion: '>=v1.21.0-0'
|
||||
maintainers:
|
||||
- email: team@gluu.org
|
||||
name: moabu
|
||||
name: gluu
|
||||
sources:
|
||||
- https://docs.gluu.org
|
||||
urls:
|
||||
- assets/gluu/gluu-5.1.2.tgz
|
||||
version: 5.1.2
|
||||
- annotations:
|
||||
artifacthub.io/containsSecurityUpdates: "true"
|
||||
artifacthub.io/images: |
|
||||
|
@ -11162,12 +11341,11 @@ entries:
|
|||
artifacthub.io/license: Apache-2.0
|
||||
catalog.cattle.io/certified: partner
|
||||
catalog.cattle.io/display-name: Gluu Cloud Identity and Access Management
|
||||
catalog.cattle.io/featured: "4"
|
||||
catalog.cattle.io/kube-version: '>=v1.21.0-0'
|
||||
catalog.cattle.io/release-name: gluu
|
||||
apiVersion: v2
|
||||
appVersion: 5.1.1
|
||||
created: "2024-04-16T10:50:01.9875302-06:00"
|
||||
created: "2024-06-07T00:57:30.012858903Z"
|
||||
dependencies:
|
||||
- condition: global.config.enabled
|
||||
name: config
|
||||
|
@ -11226,9 +11404,9 @@ entries:
|
|||
repository: file://./charts/saml
|
||||
version: 1.1.1
|
||||
description: Gluu Access and Identity Management
|
||||
digest: 60470a4e377d5baea30d9a73329c71336cfb158a030cd6f1bb78ce55beddab93
|
||||
digest: 29becffe78912baaeb60a44cd0060fae7a10ac327b7d6f6c852aa2be7f61532f
|
||||
home: https://www.gluu.org
|
||||
icon: file://assets/icons/gluu.ico
|
||||
icon: https://gluu.org/docs/gluu-server/favicon.ico
|
||||
kubeVersion: '>=v1.21.0-0'
|
||||
maintainers:
|
||||
- email: team@gluu.org
|
||||
|
@ -35822,6 +36000,28 @@ entries:
|
|||
- assets/portshift-operator/portshift-operator-0.1.000.tgz
|
||||
version: 0.1.000
|
||||
psmdb-db:
|
||||
- annotations:
|
||||
catalog.cattle.io/certified: partner
|
||||
catalog.cattle.io/display-name: Percona Server for MongoDB
|
||||
catalog.cattle.io/kube-version: '>=1.21-0'
|
||||
catalog.cattle.io/release-name: psmdb-db
|
||||
apiVersion: v2
|
||||
appVersion: 1.16.0
|
||||
created: "2024-06-07T00:57:41.032836651Z"
|
||||
description: A Helm chart for installing Percona Server MongoDB Cluster Databases
|
||||
using the PSMDB Operator.
|
||||
digest: d6fbf37467ce53a5d668bf82704e252c5f5c3dbb7676146990a5cd571297ab9e
|
||||
home: https://www.percona.com/doc/kubernetes-operator-for-psmongodb/index.html
|
||||
icon: https://raw.githubusercontent.com/percona/percona-server-mongodb-operator/main/operator.png
|
||||
maintainers:
|
||||
- email: tomislav.plavcic@percona.com
|
||||
name: tplavcic
|
||||
- email: natalia.marukovich@percona.com
|
||||
name: nmarukovich
|
||||
name: psmdb-db
|
||||
urls:
|
||||
- assets/percona/psmdb-db-1.16.1.tgz
|
||||
version: 1.16.1
|
||||
- annotations:
|
||||
catalog.cattle.io/certified: partner
|
||||
catalog.cattle.io/display-name: Percona Server for MongoDB
|
||||
|
|
Loading…
Reference in New Issue