diff --git a/assets/argo/argo-cd-5.16.0.tgz b/assets/argo/argo-cd-5.16.0.tgz new file mode 100644 index 000000000..a4c68a13a Binary files /dev/null and b/assets/argo/argo-cd-5.16.0.tgz differ diff --git a/assets/asserts/asserts-1.16.0.tgz b/assets/asserts/asserts-1.16.0.tgz new file mode 100644 index 000000000..0ac9bb134 Binary files /dev/null and b/assets/asserts/asserts-1.16.0.tgz differ diff --git a/assets/bitnami/postgresql-12.1.3.tgz b/assets/bitnami/postgresql-12.1.3.tgz new file mode 100644 index 000000000..24293fb14 Binary files /dev/null and b/assets/bitnami/postgresql-12.1.3.tgz differ diff --git a/assets/bitnami/redis-17.3.13.tgz b/assets/bitnami/redis-17.3.13.tgz new file mode 100644 index 000000000..5da7695d5 Binary files /dev/null and b/assets/bitnami/redis-17.3.13.tgz differ diff --git a/assets/gitlab/gitlab-6.6.1.tgz b/assets/gitlab/gitlab-6.6.1.tgz new file mode 100644 index 000000000..96d8aa8e8 Binary files /dev/null and b/assets/gitlab/gitlab-6.6.1.tgz differ diff --git a/assets/hashicorp/consul-1.0.2.tgz b/assets/hashicorp/consul-1.0.2.tgz new file mode 100644 index 000000000..ee639fb62 Binary files /dev/null and b/assets/hashicorp/consul-1.0.2.tgz differ diff --git a/assets/jfrog/artifactory-ha-107.47.10.tgz b/assets/jfrog/artifactory-ha-107.47.10.tgz new file mode 100644 index 000000000..129f5d7ef Binary files /dev/null and b/assets/jfrog/artifactory-ha-107.47.10.tgz differ diff --git a/assets/jfrog/artifactory-jcr-107.47.10.tgz b/assets/jfrog/artifactory-jcr-107.47.10.tgz new file mode 100644 index 000000000..419ff196d Binary files /dev/null and b/assets/jfrog/artifactory-jcr-107.47.10.tgz differ diff --git a/assets/nats/nats-0.19.1.tgz b/assets/nats/nats-0.19.1.tgz new file mode 100644 index 000000000..f7e2dd981 Binary files /dev/null and b/assets/nats/nats-0.19.1.tgz differ diff --git a/assets/redpanda/redpanda-2.3.9.tgz b/assets/redpanda/redpanda-2.3.9.tgz new file mode 100644 index 000000000..07ef3d3f1 Binary files /dev/null and b/assets/redpanda/redpanda-2.3.9.tgz differ diff --git a/charts/argo/argo-cd/.helmignore b/charts/argo/argo-cd/.helmignore new file mode 100644 index 000000000..3a063296a --- /dev/null +++ b/charts/argo/argo-cd/.helmignore @@ -0,0 +1,4 @@ +/*.tgz +output +ci/ +*.gotmpl diff --git a/charts/argo/argo-cd/Chart.yaml b/charts/argo/argo-cd/Chart.yaml index 6565abda6..0c44b53ba 100644 --- a/charts/argo/argo-cd/Chart.yaml +++ b/charts/argo/argo-cd/Chart.yaml @@ -1,6 +1,6 @@ annotations: artifacthub.io/changes: | - - "[Added]: Ability to deploy argocd-repo-server-server-tls secret and configure Strict TLS for Repo Server" + - "[Added]: Ability to annotate Deployment and Statefulset objects for all components" catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Argo CD catalog.cattle.io/kube-version: '>=1.22.0-0' @@ -28,4 +28,4 @@ name: argo-cd sources: - https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd - https://github.com/argoproj/argo-cd -version: 5.15.0 +version: 5.16.0 diff --git a/charts/argo/argo-cd/README.md b/charts/argo/argo-cd/README.md index d592025ed..6226c73f5 100644 --- a/charts/argo/argo-cd/README.md +++ b/charts/argo/argo-cd/README.md @@ -376,6 +376,7 @@ NAME: my-release | Key | Type | Default | Description | |-----|------|---------|-------------| | global.additionalLabels | object | `{}` | Common labels for the all resources | +| global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments | | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files | | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments | | global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all Argo CD deployments | @@ -389,6 +390,7 @@ NAME: my-release | global.podLabels | object | `{}` | Labels for the all deployed pods | | global.revisionHistoryLimit | int | `3` | Number of old deployment ReplicaSets to retain. The rest will be garbage collected. | | global.securityContext | object | `{}` (See [values.yaml]) | Toggle and define pod-level security context. | +| global.statefulsetAnnotations | object | `{}` | Annotations for the all deployed Statefulsets | ## Argo CD Configs @@ -506,6 +508,7 @@ NAME: my-release | controller.serviceAccount.create | bool | `true` | Create a service account for the application controller | | controller.serviceAccount.labels | object | `{}` | Labels applied to created service account | | controller.serviceAccount.name | string | `"argocd-application-controller"` | Service account name | +| controller.statefulsetAnnotations | object | `{}` | Annotations for the application controller StatefulSet | | controller.tolerations | list | `[]` | [Tolerations] for use with node taints | | controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the application controller | | controller.volumeMounts | list | `[]` | Additional volumeMounts to the application controller main container | @@ -533,6 +536,7 @@ NAME: my-release | repoServer.clusterRoleRules.rules | list | `[]` | List of custom rules for the Repo server's Cluster Role resource | | repoServer.containerPort | int | `8081` | Configures the repo server port | | repoServer.containerSecurityContext | object | See [values.yaml] | Repo server container-level security context | +| repoServer.deploymentAnnotations | object | `{}` | Annotations to be added to repo server Deployment | | repoServer.env | list | `[]` | Environment variables to pass to repo server | | repoServer.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to repo server | | repoServer.extraArgs | list | `[]` | Additional command line arguments to pass to repo server | @@ -632,6 +636,7 @@ NAME: my-release | server.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments | | server.containerPort | int | `8080` | Configures the server port | | server.containerSecurityContext | object | See [values.yaml] | Server container-level security context | +| server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment | | server.env | list | `[]` | Environment variables to pass to Argo CD server | | server.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to Argo CD server | | server.extensions.containerSecurityContext | object | See [values.yaml] | Server UI extensions container-level security context | @@ -775,6 +780,7 @@ server: | dex.containerPortHttp | int | `5556` | Container port for HTTP access | | dex.containerPortMetrics | int | `5558` | Container port for metrics access | | dex.containerSecurityContext | object | See [values.yaml] | Dex container-level security context | +| dex.deploymentAnnotations | object | `{}` | Annotations to be added to the Dex server Deployment | | dex.enabled | bool | `true` | Enable dex | | dex.env | list | `[]` | Environment variables to pass to the Dex server | | dex.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Dex server | @@ -848,6 +854,7 @@ server: | redis.affinity | object | `{}` | Assign custom [affinity] rules to the deployment | | redis.containerPort | int | `6379` | Redis container port | | redis.containerSecurityContext | object | See [values.yaml] | Redis container-level security context | +| redis.deploymentAnnotations | object | `{}` | Annotations to be added to the Redis server Deployment | | redis.enabled | bool | `true` | Enable redis | | redis.env | list | `[]` | Environment variables to pass to the Redis server | | redis.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Redis server | @@ -950,13 +957,12 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | Key | Type | Default | Description | |-----|------|---------|-------------| | applicationSet.affinity | object | `{}` | Assign custom [affinity] rules | -| applicationSet.args.debug | bool | `false` | Print debug logs | | applicationSet.args.dryRun | bool | `false` | Enable dry run mode | -| applicationSet.args.enableLeaderElection | bool | `false` | The default leader election setting | | applicationSet.args.metricsAddr | string | `":8080"` | The default metric address | | applicationSet.args.policy | string | `"sync"` | How application is synced between the generator and the cluster | | applicationSet.args.probeBindAddr | string | `":8081"` | The default health check port | | applicationSet.containerSecurityContext | object | See [values.yaml] | ApplicationSet controller container-level security context | +| applicationSet.deploymentAnnotations | object | `{}` | Annotations to be added to ApplicationSet controller Deployment | | applicationSet.enabled | bool | `true` | Enable ApplicationSet controller | | applicationSet.extraArgs | list | `[]` | List of extra cli args to add | | applicationSet.extraContainers | list | `[]` | Additional containers to be added to the applicationset controller pod | @@ -1058,6 +1064,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide | notifications.cm.create | bool | `true` | Whether helm chart creates controller config map | | notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context | | notifications.context | object | `{}` | Define user-defined context | +| notifications.deploymentAnnotations | object | `{}` | Annotations to be applied to the notifications controller Deployment | | notifications.enabled | bool | `true` | Enable notifications controller | | notifications.extraArgs | list | `[]` | Extra arguments to provide to the controller | | notifications.extraEnv | list | `[]` | Additional container environment variables | diff --git a/charts/argo/argo-cd/templates/NOTES.txt b/charts/argo/argo-cd/templates/NOTES.txt index 60e23c909..98bbb96a3 100644 --- a/charts/argo/argo-cd/templates/NOTES.txt +++ b/charts/argo/argo-cd/templates/NOTES.txt @@ -58,6 +58,12 @@ REMOVED option controller.service - Use controller.metrics {{- if .Values.repoServer.copyutil }} REMOVED option repoSever.copyutil.resources - Use repoServer.resources {{- end }} +{{- if .Values.applicationSet.args.debug }} +REMOVED option applicationSet.args.debug - Use applicationSet.logLevel: debug +{{- end }} +{{- if .Values.applicationSet.args.enableLeaderElection }} +REMOVED option applicationSet.args.enableLeaderElection - Value determined based on replicas +{{- end }} In order to access the server UI you have the following options: diff --git a/charts/argo/argo-cd/templates/argocd-application-controller/statefulset.yaml b/charts/argo/argo-cd/templates/argocd-application-controller/statefulset.yaml index 282bfe1f9..66486b535 100644 --- a/charts/argo/argo-cd/templates/argocd-application-controller/statefulset.yaml +++ b/charts/argo/argo-cd/templates/argocd-application-controller/statefulset.yaml @@ -1,7 +1,13 @@ apiVersion: apps/v1 kind: StatefulSet metadata: - name: {{ include "argo-cd.controller.fullname" . }} + {{- with (mergeOverwrite (deepCopy .Values.global.statefulsetAnnotations) .Values.controller.statefulsetAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + name: {{ template "argo-cd.controller.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }} spec: diff --git a/charts/argo/argo-cd/templates/argocd-applicationset/deployment.yaml b/charts/argo/argo-cd/templates/argocd-applicationset/deployment.yaml index 49c31ad03..6c48fefb4 100644 --- a/charts/argo/argo-cd/templates/argocd-applicationset/deployment.yaml +++ b/charts/argo/argo-cd/templates/argocd-applicationset/deployment.yaml @@ -2,6 +2,12 @@ apiVersion: apps/v1 kind: Deployment metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.applicationSet.deploymentAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: {{ include "argo-cd.applicationSet.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }} @@ -41,19 +47,16 @@ spec: command: - entrypoint.sh - argocd-applicationset-controller + - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} + - --enable-leader-election={{ gt ( .Values.applicationSet.replicaCount | int64) 1 }} + - --metrics-addr={{ .Values.applicationSet.args.metricsAddr }} + - --probe-addr={{ .Values.applicationSet.args.probeBindAddr }} + - --policy={{ .Values.applicationSet.args.policy }} + - --dry-run={{ .Values.applicationSet.args.dryRun }} - --logformat - {{ default .Values.global.logging.format .Values.applicationSet.logFormat }} - --loglevel - {{ default .Values.global.logging.level .Values.applicationSet.logLevel }} - - --metrics-addr={{ .Values.applicationSet.args.metricsAddr }} - - --probe-addr={{ .Values.applicationSet.args.probeBindAddr }} - {{- if or (gt ( .Values.applicationSet.replicaCount | int64) 1) .Values.applicationSet.args.enableLeaderElection }} - - --enable-leader-election=true - {{- end }} - - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }} - - --policy={{ .Values.applicationSet.args.policy }} - - --debug={{ .Values.applicationSet.args.debug }} - - --dry-run={{ .Values.applicationSet.args.dryRun }} {{- with .Values.applicationSet.extraArgs }} {{- toYaml . | nindent 12 }} {{- end }} diff --git a/charts/argo/argo-cd/templates/argocd-applicationset/role.yaml b/charts/argo/argo-cd/templates/argocd-applicationset/role.yaml index 8f60df1a6..a9ec2f92b 100644 --- a/charts/argo/argo-cd/templates/argocd-applicationset/role.yaml +++ b/charts/argo/argo-cd/templates/argocd-applicationset/role.yaml @@ -47,9 +47,20 @@ rules: - apiGroups: - "" resources: - - secrets - configmaps verbs: + - create + - update + - delete + - get + - list + - patch + - watch + - apiGroups: + - "" + resources: + - secrets + verbs: - get - list - watch @@ -62,16 +73,6 @@ rules: - get - list - watch - # Leader election - - apiGroups: - - "" - resources: - - configmaps - verbs: - - create - - update - - delete - - patch - apiGroups: - coordination.k8s.io resources: diff --git a/charts/argo/argo-cd/templates/argocd-configs/argocd-repo-server-tls.yaml b/charts/argo/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml similarity index 100% rename from charts/argo/argo-cd/templates/argocd-configs/argocd-repo-server-tls.yaml rename to charts/argo/argo-cd/templates/argocd-configs/argocd-repo-server-tls-secret.yaml diff --git a/charts/argo/argo-cd/templates/argocd-configs/argocd-server-tls.yaml b/charts/argo/argo-cd/templates/argocd-configs/argocd-server-tls-secret.yaml similarity index 100% rename from charts/argo/argo-cd/templates/argocd-configs/argocd-server-tls.yaml rename to charts/argo/argo-cd/templates/argocd-configs/argocd-server-tls-secret.yaml diff --git a/charts/argo/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml b/charts/argo/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml index 2f0d0d942..da9346072 100644 --- a/charts/argo/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml +++ b/charts/argo/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml @@ -2,7 +2,13 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ include "argo-cd.notifications.fullname" . }}-bot + {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.notifications.deploymentAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + name: {{ template "argo-cd.notifications.fullname" . }}-bot labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" .Values.notifications.bots.slack.name) | nindent 4 }} spec: diff --git a/charts/argo/argo-cd/templates/argocd-notifications/deployment.yaml b/charts/argo/argo-cd/templates/argocd-notifications/deployment.yaml index a14be88c9..2be14fdd0 100644 --- a/charts/argo/argo-cd/templates/argocd-notifications/deployment.yaml +++ b/charts/argo/argo-cd/templates/argocd-notifications/deployment.yaml @@ -2,6 +2,12 @@ apiVersion: apps/v1 kind: Deployment metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.notifications.deploymentAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: {{ include "argo-cd.notifications.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }} diff --git a/charts/argo/argo-cd/templates/argocd-repo-server/deployment.yaml b/charts/argo/argo-cd/templates/argocd-repo-server/deployment.yaml index 3437b8d33..d8cbb97dd 100644 --- a/charts/argo/argo-cd/templates/argocd-repo-server/deployment.yaml +++ b/charts/argo/argo-cd/templates/argocd-repo-server/deployment.yaml @@ -1,6 +1,12 @@ apiVersion: apps/v1 kind: Deployment metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.repoServer.deploymentAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: {{ template "argo-cd.repoServer.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }} @@ -16,6 +22,9 @@ spec: metadata: annotations: checksum/cmd-params: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmd-params-cm.yaml") . | sha256sum }} + {{- if .Values.repoServer.certificateSecret.enabled }} + checksum/repo-server-tls: {{ include (print $.Template.BasePath "/argocd-configs/argocd-repo-server-tls-secret.yaml") . | sha256sum }} + {{- end }} {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.repoServer.podAnnotations) }} {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} diff --git a/charts/argo/argo-cd/templates/argocd-server/deployment.yaml b/charts/argo/argo-cd/templates/argocd-server/deployment.yaml index 86739bdd3..7793b11ac 100644 --- a/charts/argo/argo-cd/templates/argocd-server/deployment.yaml +++ b/charts/argo/argo-cd/templates/argocd-server/deployment.yaml @@ -1,6 +1,12 @@ apiVersion: apps/v1 kind: Deployment metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.server.deploymentAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: {{ template "argo-cd.server.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }} diff --git a/charts/argo/argo-cd/templates/dex/deployment.yaml b/charts/argo/argo-cd/templates/dex/deployment.yaml index bbb16e449..5900070f1 100644 --- a/charts/argo/argo-cd/templates/dex/deployment.yaml +++ b/charts/argo/argo-cd/templates/dex/deployment.yaml @@ -2,6 +2,12 @@ apiVersion: apps/v1 kind: Deployment metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.dex.deploymentAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: {{ template "argo-cd.dex.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }} @@ -16,7 +22,7 @@ spec: annotations: checksum/cmd-params: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmd-params-cm.yaml") . | sha256sum }} {{- if .Values.dex.certificateSecret.enabled }} - checksum/dex-server-tls: {{ include (print $.Template.BasePath "/argocd-configs/argocd-dex-server-tls.yaml") . | sha256sum }} + checksum/dex-server-tls: {{ include (print $.Template.BasePath "/argocd-configs/argocd-dex-server-tls-secret.yaml") . | sha256sum }} {{- end }} {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.dex.podAnnotations) }} {{- range $key, $value := . }} diff --git a/charts/argo/argo-cd/templates/redis/deployment.yaml b/charts/argo/argo-cd/templates/redis/deployment.yaml index 238af4d0b..38ba73bea 100644 --- a/charts/argo/argo-cd/templates/redis/deployment.yaml +++ b/charts/argo/argo-cd/templates/redis/deployment.yaml @@ -3,6 +3,12 @@ apiVersion: apps/v1 kind: Deployment metadata: + {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.redis.deploymentAnnotations) }} + annotations: + {{- range $key, $value := . }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} name: {{ include "argo-cd.redis.fullname" . }} labels: {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }} diff --git a/charts/argo/argo-cd/values.yaml b/charts/argo/argo-cd/values.yaml index 63da9ea15..1aa6f4d53 100644 --- a/charts/argo/argo-cd/values.yaml +++ b/charts/argo/argo-cd/values.yaml @@ -68,6 +68,12 @@ global: # -- Set the global logging level. One of: `debug`, `info`, `warn` or `error` level: info + # -- Annotations for the all deployed Statefulsets + statefulsetAnnotations: {} + + # -- Annotations for the all deployed Deployments + deploymentAnnotations: {} + # -- Annotations for the all deployed pods podAnnotations: {} @@ -540,6 +546,9 @@ controller: # - secretRef: # name: secret-name + # -- Annotations for the application controller StatefulSet + statefulsetAnnotations: {} + # -- Annotations to be added to application controller pods podAnnotations: {} @@ -846,6 +855,9 @@ dex: # -- Certificate data. Must contain SANs of Dex service (ie: argocd-dex-server, argocd-dex-server.argo-cd.svc) crt: '' + # -- Annotations to be added to the Dex server Deployment + deploymentAnnotations: {} + # -- Annotations to be added to the Dex server pods podAnnotations: {} @@ -1029,6 +1041,9 @@ redis: # - secretRef: # name: secret-name + # -- Annotations to be added to the Redis server Deployment + deploymentAnnotations: {} + # -- Annotations to be added to the Redis server pods podAnnotations: {} @@ -1343,6 +1358,9 @@ server: # @default -- `""` (defaults to global.logging.level) # logLevel: "" + # -- Annotations to be added to server Deployment + deploymentAnnotations: {} + # -- Annotations to be added to server pods podAnnotations: {} @@ -1898,6 +1916,9 @@ repoServer: # @default -- `""` (defaults to global.logging.format) # logLevel: "" + # -- Annotations to be added to repo server Deployment + deploymentAnnotations: {} + # -- Annotations to be added to repo server pods podAnnotations: {} @@ -2153,12 +2174,8 @@ applicationSet: metricsAddr: :8080 # -- The default health check port probeBindAddr: :8081 - # -- The default leader election setting - enableLeaderElection: false # -- How application is synced between the generator and the cluster policy: sync - # -- Print debug logs - debug: false # -- Enable dry run mode dryRun: false @@ -2231,6 +2248,9 @@ applicationSet: # If not set and create is true, a name is generated using the fullname template name: "" + # -- Annotations to be added to ApplicationSet controller Deployment + deploymentAnnotations: {} + # -- Annotations for the controller pods podAnnotations: {} @@ -2521,6 +2541,9 @@ notifications: # service.slack: | # token: $slack-token + # -- Annotations to be applied to the notifications controller Deployment + deploymentAnnotations: {} + # -- Annotations to be applied to the controller Pods podAnnotations: {} diff --git a/charts/asserts/asserts/.helmignore b/charts/asserts/asserts/.helmignore new file mode 100644 index 000000000..0e8a0eb36 --- /dev/null +++ b/charts/asserts/asserts/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/asserts/asserts/Chart.yaml b/charts/asserts/asserts/Chart.yaml index 22da768d8..a157d0503 100644 --- a/charts/asserts/asserts/Chart.yaml +++ b/charts/asserts/asserts/Chart.yaml @@ -53,4 +53,4 @@ maintainers: url: https://github.com/asserts name: asserts type: application -version: 1.15.0 +version: 1.16.0 diff --git a/charts/asserts/asserts/values.yaml b/charts/asserts/asserts/values.yaml index 32cab88cf..c5d687b5b 100644 --- a/charts/asserts/asserts/values.yaml +++ b/charts/asserts/asserts/values.yaml @@ -376,16 +376,12 @@ grafana: ## Grafana admin password configuration ## ## If left with password: "" and existingSecret: "" - ## a random alpha numeric password will be generated. - ## Upon upgrading the release, you will need to provide - ## the password as a value in subsequent updates. - ## e.g. - # grafana: - # auth: - # password: - ## - ## If an existingSecret is created (recommended for production) - ## then that will be used. + ## a random alpha numeric password will be generated on + ## first run. Upon upgrading the release, the credentials + ## stored in the secret will be retrieved, secret handling + ## is out of the box. Note that this will fail if using the + ## "helm-diff" plugin and would require setting it explicitly + ## or providing an existingSecret. ## ## ref: https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues/#credential-errors-while-upgrading-chart-releases auth: @@ -792,25 +788,21 @@ postgres: ## Postgres password configuration ## - ## If left with password: "" and existingSecret: "" - ## a random alpha numeric password will be generated. - ## Upon upgrading the release, you will need to provide - ## the password as a value in subsequent updates. - ## e.g. - # postgres: - # global: - # postgresql: - # auth: - # postgresPassword: - ## - ## If an existingSecret is created (recommended for production) - ## then that will be used. + ## If left with postgresPassword: "" and existingSecret: "" + ## a random alpha numeric password will be generated on + ## first run. Upon upgrading the release, the credentials + ## stored in the secret will be retrieved, secret handling + ## is out of the box. Note that this will fail if using the + ## "helm-diff" plugin and would require setting it explicitly + ## or providing an existingSecret. ## ## ref: https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues/#credential-errors-while-upgrading-chart-releases global: postgresql: auth: database: "asserts" + postgresPassword: "" + existingSecret: "" image: repository: bitnami/postgresql diff --git a/charts/bitnami/postgresql/.helmignore b/charts/bitnami/postgresql/.helmignore new file mode 100644 index 000000000..f0c131944 --- /dev/null +++ b/charts/bitnami/postgresql/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/bitnami/postgresql/Chart.lock b/charts/bitnami/postgresql/Chart.lock index ab8d79c7a..0a08ea8ac 100644 --- a/charts/bitnami/postgresql/Chart.lock +++ b/charts/bitnami/postgresql/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: common repository: https://charts.bitnami.com/bitnami - version: 2.1.2 -digest: sha256:1c365a4551a2f4098e9584dc176b289c10437c679c7c3e2ec6153cabf863e1a4 -generated: "2022-11-01T11:07:06.309318341Z" + version: 2.2.1 +digest: sha256:6c67cfa9945bf608209d4e2ca8f17079fca4770907c7902d984187ab5b21811e +generated: "2022-12-01T20:16:55.812777288Z" diff --git a/charts/bitnami/postgresql/Chart.yaml b/charts/bitnami/postgresql/Chart.yaml index 853ff7e8d..68542927e 100644 --- a/charts/bitnami/postgresql/Chart.yaml +++ b/charts/bitnami/postgresql/Chart.yaml @@ -31,4 +31,4 @@ name: postgresql sources: - https://github.com/bitnami/containers/tree/main/bitnami/postgresql - https://www.postgresql.org/ -version: 12.1.2 +version: 12.1.3 diff --git a/charts/bitnami/postgresql/README.md b/charts/bitnami/postgresql/README.md index 6007c0f12..a439bf59b 100644 --- a/charts/bitnami/postgresql/README.md +++ b/charts/bitnami/postgresql/README.md @@ -101,7 +101,7 @@ kubectl delete pvc -l release=my-release | ---------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | | `image.registry` | PostgreSQL image registry | `docker.io` | | `image.repository` | PostgreSQL image repository | `bitnami/postgresql` | -| `image.tag` | PostgreSQL image tag (immutable tags are recommended) | `15.1.0-debian-11-r0` | +| `image.tag` | PostgreSQL image tag (immutable tags are recommended) | `15.1.0-debian-11-r7` | | `image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | PostgreSQL image pull policy | `IfNotPresent` | | `image.pullSecrets` | Specify image pull secrets | `[]` | @@ -382,7 +382,7 @@ kubectl delete pvc -l release=my-release | `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | | `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | | `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r50` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r57` | | `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | | `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | @@ -411,7 +411,7 @@ kubectl delete pvc -l release=my-release | `metrics.enabled` | Start a prometheus exporter | `false` | | `metrics.image.registry` | PostgreSQL Prometheus Exporter image registry | `docker.io` | | `metrics.image.repository` | PostgreSQL Prometheus Exporter image repository | `bitnami/postgres-exporter` | -| `metrics.image.tag` | PostgreSQL Prometheus Exporter image tag (immutable tags are recommended) | `0.11.1-debian-11-r27` | +| `metrics.image.tag` | PostgreSQL Prometheus Exporter image tag (immutable tags are recommended) | `0.11.1-debian-11-r34` | | `metrics.image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.pullPolicy` | PostgreSQL Prometheus Exporter image pull policy | `IfNotPresent` | | `metrics.image.pullSecrets` | Specify image pull secrets | `[]` | diff --git a/charts/bitnami/postgresql/charts/common/Chart.yaml b/charts/bitnami/postgresql/charts/common/Chart.yaml index 6f0c3a6b3..653c063f2 100644 --- a/charts/bitnami/postgresql/charts/common/Chart.yaml +++ b/charts/bitnami/postgresql/charts/common/Chart.yaml @@ -1,7 +1,7 @@ annotations: category: Infrastructure apiVersion: v2 -appVersion: 2.1.2 +appVersion: 2.2.1 description: A Library Helm Chart for grouping common logic between bitnami charts. This chart is not deployable by itself. home: https://github.com/bitnami/charts/tree/main/bitnami/common @@ -20,4 +20,4 @@ sources: - https://github.com/bitnami/charts - https://www.bitnami.com/ type: library -version: 2.1.2 +version: 2.2.1 diff --git a/charts/bitnami/postgresql/charts/common/README.md b/charts/bitnami/postgresql/charts/common/README.md index a2ecd6044..ec43a5fab 100644 --- a/charts/bitnami/postgresql/charts/common/README.md +++ b/charts/bitnami/postgresql/charts/common/README.md @@ -43,10 +43,11 @@ The following table lists the helpers available in the library which are scoped | Helper identifier | Description | Expected Input | |-------------------------------|------------------------------------------------------|------------------------------------------------| -| `common.affinities.nodes.soft` | Return a soft nodeAffinity definition | `dict "key" "FOO" "values" (list "BAR" "BAZ")` | -| `common.affinities.nodes.hard` | Return a hard nodeAffinity definition | `dict "key" "FOO" "values" (list "BAR" "BAZ")` | -| `common.affinities.pods.soft` | Return a soft podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $` | -| `common.affinities.pods.hard` | Return a hard podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $` | +| `common.affinities.nodes.soft` | Return a soft nodeAffinity definition | `dict "key" "FOO" "values" (list "BAR" "BAZ")` | +| `common.affinities.nodes.hard` | Return a hard nodeAffinity definition | `dict "key" "FOO" "values" (list "BAR" "BAZ")` | +| `common.affinities.pods.soft` | Return a soft podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $` | +| `common.affinities.pods.hard` | Return a hard podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $` | +| `common.affinities.topologyKey` | Return a topologyKey definition | `dict "topologyKey" "FOO"` | ### Capabilities @@ -107,12 +108,12 @@ The following table lists the helpers available in the library which are scoped ### Secrets -| Helper identifier | Description | Expected Input | -|---------------------------|--------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `common.secrets.name` | Generate the name of the secret. | `dict "existingSecret" .Values.path.to.the.existingSecret "defaultNameSuffix" "mySuffix" "context" $` see [ExistingSecret](#existingsecret) for the structure. | -| `common.secrets.key` | Generate secret key. | `dict "existingSecret" .Values.path.to.the.existingSecret "key" "keyName"` see [ExistingSecret](#existingsecret) for the structure. | -| `common.passwords.manage` | Generate secret password or retrieve one if already created. | `dict "secret" "secret-name" "key" "keyName" "providedValues" (list "path.to.password1" "path.to.password2") "length" 10 "strong" false "chartName" "chartName" "context" $`, length, strong and chartNAme fields are optional. | -| `common.secrets.exists` | Returns whether a previous generated secret already exists. | `dict "secret" "secret-name" "context" $` | +| Helper identifier | Description | Expected Input | +|-----------------------------------|--------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| `common.secrets.name` | Generate the name of the secret. | `dict "existingSecret" .Values.path.to.the.existingSecret "defaultNameSuffix" "mySuffix" "context" $` see [ExistingSecret](#existingsecret) for the structure. | +| `common.secrets.key` | Generate secret key. | `dict "existingSecret" .Values.path.to.the.existingSecret "key" "keyName"` see [ExistingSecret](#existingsecret) for the structure. | +| `common.secrets.passwords.manage` | Generate secret password or retrieve one if already created. | `dict "secret" "secret-name" "key" "keyName" "providedValues" (list "path.to.password1" "path.to.password2") "length" 10 "strong" false "chartName" "chartName" "context" $`, length, strong and chartNAme fields are optional. | +| `common.secrets.exists` | Returns whether a previous generated secret already exists. | `dict "secret" "secret-name" "context" $` | ### Storage diff --git a/charts/bitnami/postgresql/charts/common/templates/_affinities.tpl b/charts/bitnami/postgresql/charts/common/templates/_affinities.tpl index 497068f06..81902a681 100644 --- a/charts/bitnami/postgresql/charts/common/templates/_affinities.tpl +++ b/charts/bitnami/postgresql/charts/common/templates/_affinities.tpl @@ -45,9 +45,17 @@ Return a nodeAffinity definition {{- end -}} {{- end -}} +{{/* +Return a topologyKey definition +{{ include "common.affinities.topologyKey" (dict "topologyKey" "BAR") -}} +*/}} +{{- define "common.affinities.topologyKey" -}} +{{ .topologyKey | default "kubernetes.io/hostname" -}} +{{- end -}} + {{/* Return a soft podAffinity/podAntiAffinity definition -{{ include "common.affinities.pods.soft" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "context" $) -}} +{{ include "common.affinities.pods.soft" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "context" $) -}} */}} {{- define "common.affinities.pods.soft" -}} {{- $component := default "" .component -}} @@ -62,13 +70,13 @@ preferredDuringSchedulingIgnoredDuringExecution: {{- range $key, $value := $extraMatchLabels }} {{ $key }}: {{ $value | quote }} {{- end }} - topologyKey: kubernetes.io/hostname + topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }} weight: 1 {{- end -}} {{/* Return a hard podAffinity/podAntiAffinity definition -{{ include "common.affinities.pods.hard" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "context" $) -}} +{{ include "common.affinities.pods.hard" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "context" $) -}} */}} {{- define "common.affinities.pods.hard" -}} {{- $component := default "" .component -}} @@ -82,7 +90,7 @@ requiredDuringSchedulingIgnoredDuringExecution: {{- range $key, $value := $extraMatchLabels }} {{ $key }}: {{ $value | quote }} {{- end }} - topologyKey: kubernetes.io/hostname + topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }} {{- end -}} {{/* diff --git a/charts/bitnami/postgresql/values.yaml b/charts/bitnami/postgresql/values.yaml index b15c8c6f1..1d1b98d03 100644 --- a/charts/bitnami/postgresql/values.yaml +++ b/charts/bitnami/postgresql/values.yaml @@ -95,7 +95,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/postgresql - tag: 15.1.0-debian-11-r0 + tag: 15.1.0-debian-11-r7 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -1130,7 +1130,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/bitnami-shell - tag: 11-debian-11-r50 + tag: 11-debian-11-r57 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -1217,7 +1217,7 @@ metrics: image: registry: docker.io repository: bitnami/postgres-exporter - tag: 0.11.1-debian-11-r27 + tag: 0.11.1-debian-11-r34 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. diff --git a/charts/bitnami/redis/.helmignore b/charts/bitnami/redis/.helmignore new file mode 100644 index 000000000..f0c131944 --- /dev/null +++ b/charts/bitnami/redis/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/bitnami/redis/Chart.yaml b/charts/bitnami/redis/Chart.yaml index 734b4fe99..dfcdb3442 100644 --- a/charts/bitnami/redis/Chart.yaml +++ b/charts/bitnami/redis/Chart.yaml @@ -27,4 +27,4 @@ maintainers: name: redis sources: - https://github.com/bitnami/containers/tree/main/bitnami/redis -version: 17.3.11 +version: 17.3.13 diff --git a/charts/bitnami/redis/README.md b/charts/bitnami/redis/README.md index 0c097f556..90126b251 100644 --- a/charts/bitnami/redis/README.md +++ b/charts/bitnami/redis/README.md @@ -166,6 +166,7 @@ The command removes all the Kubernetes components associated with the chart and | `master.kind` | Use either Deployment or StatefulSet (default) | `StatefulSet` | | `master.schedulerName` | Alternate scheduler for Redis® master pods | `""` | | `master.updateStrategy.type` | Redis® master statefulset strategy type | `RollingUpdate` | +| `master.minReadySeconds` | How many seconds a pod needs to be ready before killing the next, during update | `0` | | `master.priorityClassName` | Redis® master pods' priorityClassName | `""` | | `master.hostAliases` | Redis® master pods host aliases | `[]` | | `master.podLabels` | Extra labels for Redis® master pods | `{}` | @@ -266,6 +267,7 @@ The command removes all the Kubernetes components associated with the chart and | `replica.containerSecurityContext.runAsUser` | Set Redis® replicas containers' Security Context runAsUser | `1001` | | `replica.schedulerName` | Alternate scheduler for Redis® replicas pods | `""` | | `replica.updateStrategy.type` | Redis® replicas statefulset strategy type | `RollingUpdate` | +| `replica.minReadySeconds` | How many seconds a pod needs to be ready before killing the next, during update | `0` | | `replica.priorityClassName` | Redis® replicas pods' priorityClassName | `""` | | `replica.podManagementPolicy` | podManagementPolicy to manage scaling operation of %%MAIN_CONTAINER_NAME%% pods | `""` | | `replica.hostAliases` | Redis® replicas pods host aliases | `[]` | diff --git a/charts/bitnami/redis/templates/master/application.yaml b/charts/bitnami/redis/templates/master/application.yaml index 17cdb8a31..b6e796237 100644 --- a/charts/bitnami/redis/templates/master/application.yaml +++ b/charts/bitnami/redis/templates/master/application.yaml @@ -26,6 +26,9 @@ spec: {{- else }} updateStrategy: {{- toYaml .Values.master.updateStrategy | nindent 4 }} {{- end }} + {{- if and .Values.master.minReadySeconds (semverCompare ">= 1.25" (include "common.capabilities.kubeVersion" .)) }} + minReadySeconds: {{ .Values.master.minReadySeconds }} + {{- end }} {{- end }} template: metadata: diff --git a/charts/bitnami/redis/templates/replicas/statefulset.yaml b/charts/bitnami/redis/templates/replicas/statefulset.yaml index dc52c4865..0bb028b44 100644 --- a/charts/bitnami/redis/templates/replicas/statefulset.yaml +++ b/charts/bitnami/redis/templates/replicas/statefulset.yaml @@ -23,6 +23,9 @@ spec: {{- if .Values.replica.updateStrategy }} updateStrategy: {{- toYaml .Values.replica.updateStrategy | nindent 4 }} {{- end }} + {{- if and .Values.replica.minReadySeconds (semverCompare ">= 1.25" (include "common.capabilities.kubeVersion" .)) }} + minReadySeconds: {{ .Values.replica.minReadySeconds }} + {{- end }} {{- if .Values.replica.podManagementPolicy }} podManagementPolicy: {{ .Values.replica.podManagementPolicy | quote }} {{- end }} diff --git a/charts/bitnami/redis/templates/sentinel/statefulset.yaml b/charts/bitnami/redis/templates/sentinel/statefulset.yaml index dda8a12f2..8382dd69d 100644 --- a/charts/bitnami/redis/templates/sentinel/statefulset.yaml +++ b/charts/bitnami/redis/templates/sentinel/statefulset.yaml @@ -22,6 +22,9 @@ spec: {{- if .Values.replica.updateStrategy }} updateStrategy: {{- toYaml .Values.replica.updateStrategy | nindent 4 }} {{- end }} + {{- if and .Values.replica.minReadySeconds (semverCompare ">= 1.25" (include "common.capabilities.kubeVersion" .)) }} + minReadySeconds: {{ .Values.replica.minReadySeconds }} + {{- end }} {{- if .Values.replica.podManagementPolicy }} podManagementPolicy: {{ .Values.replica.podManagementPolicy | quote }} {{- end }} diff --git a/charts/bitnami/redis/values.yaml b/charts/bitnami/redis/values.yaml index 9359c0ac4..34139e006 100644 --- a/charts/bitnami/redis/values.yaml +++ b/charts/bitnami/redis/values.yaml @@ -289,6 +289,9 @@ master: ## type: RollingUpdate rollingUpdate: {} + ## @param master.minReadySeconds How many seconds a pod needs to be ready before killing the next, during update + ## + minReadySeconds: 0 ## @param master.priorityClassName Redis® master pods' priorityClassName ## priorityClassName: "" @@ -687,6 +690,9 @@ replica: ## type: RollingUpdate rollingUpdate: {} + ## @param replica.minReadySeconds How many seconds a pod needs to be ready before killing the next, during update + ## + minReadySeconds: 0 ## @param replica.priorityClassName Redis® replicas pods' priorityClassName ## priorityClassName: "" diff --git a/charts/gitlab/gitlab/.markdownlint.yml b/charts/gitlab/gitlab/.markdownlint.yml new file mode 100644 index 000000000..2ad24e5f7 --- /dev/null +++ b/charts/gitlab/gitlab/.markdownlint.yml @@ -0,0 +1,151 @@ +--- +# Base Markdownlint configuration +# Extended Markdownlint configuration in doc/.markdownlint/ +default: true +first-header-h1: true +header-style: + style: "atx" +ul-style: + style: "dash" +no-trailing-spaces: false +line-length: false +no-duplicate-header: + allow_different_nesting: true +no-trailing-punctuation: + punctuation: ".,;:!。,;:!?" +ol-prefix: + style: "one" +no-inline-html: false +hr-style: + style: "---" +no-emphasis-as-heading: false +first-line-h1: false +code-block-style: + style: "fenced" +emphasis-style: false +link-fragments: false +reference-links-images: false +proper-names: + names: [ + "Akismet", + "Alertmanager", + "AlmaLinux", + "API", + "Asana", + "Auth0", + "Authentiq", + "Azure", + "Bamboo", + "Bitbucket", + "Bugzilla", + "CAS", + "CentOS", + "Consul", + "Debian", + "DevOps", + "Docker", + "DockerSlim", + "Elasticsearch", + "Facebook", + "fastlane", + "fluent-plugin-redis-slowlog", + "GDK", + "Geo", + "Git LFS", + "git-annex", + "git-sizer", + "Git", + "Gitaly", + "GitHub", + "GitLab Geo", + "GitLab Monitor", + "GitLab Operator", + "GitLab Pages", + "GitLab Rails", + "GitLab Runner", + "GitLab Shell", + "GitLab Workhorse", + "GitLab", + "Gitleaks", + "Gmail", + "Google", + "Grafana", + "Gzip", + "Helm", + "HipChat", + "ID", + "Ingress", + "jasmine-jquery", + "JavaScript", + "Jaeger", + "Jenkins", + "Jira", + "Jira Cloud", + "Jira Server", + "jQuery", + "JSON", + "JupyterHub", + "Karma", + "Kerberos", + "Knative", + "Kubernetes", + "LDAP", + "Let's Encrypt", + "Markdown", + "markdownlint", + "Mattermost", + "Microsoft", + "minikube", + "MinIO", + "ModSecurity", + "NGINX Ingress", + "NGINX", + "OAuth", + "OAuth 2", + "OmniAuth", + "Omnibus GitLab", + "OpenID", + "OpenShift", + "PgBouncer", + "Postfix", + "PostgreSQL", + "Praefect", + "Prometheus", + "Puma", + "puma-worker-killer", + "Python", + "Rake", + "Redis", + "Redmine", + "reCAPTCHA", + "Ruby", + "runit", + "Salesforce", + "SAML", + "Sendmail", + "Sentry", + "Service Desk", + "Sidekiq", + "Shibboleth", + "Slack", + "SMTP", + "SpotBugs", + "SSH", + "Tiller", + "TOML", + "Trello", + "Trello Power-Ups", + "TypeScript", + "Twitter", + "Ubuntu", + "Ultra Auth", + "Unicorn", + "unicorn-worker-killer", + "URL", + "WebdriverIO", + "Workload Identity Pool", + "Workload Identity Provider", + "YAML", + "YouTrack" + ] + code_blocks: false diff --git a/charts/gitlab/gitlab/.rubocop.yml b/charts/gitlab/gitlab/.rubocop.yml new file mode 100644 index 000000000..73ec8020b --- /dev/null +++ b/charts/gitlab/gitlab/.rubocop.yml @@ -0,0 +1,73 @@ +inherit_gem: + gitlab-styles: + - rubocop-default.yml + +inherit_from: .rubocop_todo.yml + +require: + - rubocop-rspec + +AllCops: + TargetRubyVersion: 2.7 + # Cop names are displayed in offense messages by default. Change behavior + # by overriding DisplayCopNames, or by giving the `--no-display-cop-names` + # option. + DisplayCopNames: true + # Style guide URLs are not displayed in offense messages by default. Change + # behavior by overriding DisplayStyleGuide, or by giving the + # -S/--display-style-guide option. + DisplayStyleGuide: false + # New cops introduced between major versions are set to a special pending status + # and are not enabled by default with warning message. + # Change this behavior by overriding either `NewCops: enable` or `NewCops: disable`. + # When `NewCops` is `enable`, pending cops are enabled in bulk. Can be overridden by + # the `--enable-pending-cops` command-line option. + # When `NewCops` is `disable`, pending cops are disabled in bulk. Can be overridden by + # the `--disable-pending-cops` command-line option. + NewCops: disable + # Determines if a notification for extension libraries should be shown when + # rubocop is run. Keys are the name of the extension, and values are an array + # of gems in the Gemfile that the extension is suggested for, if not already + # included. + SuggestExtensions: false + Exclude: + - 'bin/*' + - 'gems/**/*' + - '.bundle/**/*' + - 'cache/**/*' + - 'node_modules/**/*' + - 'vendor/bundle/**/*' + +# No rails in charts +Rails: + Enabled: false + +# TODO re-enable and start updating rspec tests +RSpec: + Enabled: false + +# We are not concerned with the security of using public in charts but we want to ensure +GitlabSecurity/PublicSend: + Enabled: false + +# TODO: temporarily excluding the file with lints at RuboCop 1.36 +Lint/BinaryOperatorWithIdenticalOperands: + Exclude: + - spec/configuration/gitaly_spec.rb + +Lint/HashCompareByIdentity: # (new in 0.93) + Enabled: true + +Lint/RedundantSafeNavigation: # (new in 0.93) + Enabled: true + +Style/ClassEqualityComparison: # (new in 0.93) + Enabled: true + +# Do not introduce global variables. +Style/GlobalVars: + Enabled: true + Exclude: [] + +Style/MultilineIfModifier: + Enabled: false diff --git a/charts/gitlab/gitlab/.rubocop_todo.yml b/charts/gitlab/gitlab/.rubocop_todo.yml new file mode 100644 index 000000000..d5f909833 --- /dev/null +++ b/charts/gitlab/gitlab/.rubocop_todo.yml @@ -0,0 +1,536 @@ +# This configuration was generated by +# `rubocop --auto-gen-config` +# on 2021-03-23 00:00:00 UTC using RuboCop version 0.93.1. +# The point is for the user to remove these configuration records +# one by one as the offenses are removed from the code base. +# Note that changes in the inspected code, or installation of new +# versions of RuboCop, may require this file to be generated again. + +# Offense count: 31 +# Cop supports --auto-correct. +CodeReuse/ActiveRecord: + Exclude: + - 'spec/scripts/lib/version_fetcher_spec.rb' + - 'spec/scripts/manage_version_spec.rb' + +# Offense count: 5 +# Cop supports --auto-correct. +Cop/LineBreakAfterGuardClauses: + Exclude: + - 'spec/configuration/certificates_spec.rb' + - 'spec/gitlab_test_helper.rb' + +# Offense count: 1 +# Cop supports --auto-correct. +Cop/LineBreakAroundConditionalBlock: + Exclude: + - 'scripts/manage_version.rb' + +# Offense count: 5 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyle, IndentationWidth. +# SupportedStyles: with_first_argument, with_fixed_indentation +Layout/ArgumentAlignment: + Exclude: + - 'spec/features/backups_spec.rb' + - 'spec/integration/check_config_spec.rb' + - 'spec/spec_helper.rb' + +# Offense count: 5 +# Cop supports --auto-correct. +Layout/EmptyLineAfterGuardClause: + Exclude: + - 'spec/configuration/certificates_spec.rb' + - 'spec/gitlab_test_helper.rb' + +# Offense count: 2 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyle. +# SupportedStyles: empty_lines, no_empty_lines +Layout/EmptyLinesAroundBlockBody: + Exclude: + - 'Rakefile' + - 'spec/features/backups_spec.rb' + +# Offense count: 6 +# Cop supports --auto-correct. +# Configuration parameters: AllowForAlignment, AllowBeforeTrailingComments, ForceEqualSignAlignment. +Layout/ExtraSpacing: + Exclude: + - 'spec/configuration/certificates_spec.rb' + - 'spec/configuration/mailroom_spec.rb' + - 'spec/configuration/redis_spec.rb' + - 'spec/helm_template_helper.rb' + +# Offense count: 16 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyle, IndentationWidth. +# SupportedStyles: consistent, consistent_relative_to_receiver, special_for_inner_method_call, special_for_inner_method_call_in_parentheses +Layout/FirstArgumentIndentation: + Exclude: + - 'spec/configuration/gitlab-yml-erb_spec.rb' + - 'spec/configuration/sidekiq_spec.rb' + +# Offense count: 27 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyle, IndentationWidth. +# SupportedStyles: special_inside_parentheses, consistent, align_braces +Layout/FirstHashElementIndentation: + Exclude: + - 'spec/configuration/database_spec.rb' + - 'spec/configuration/mailroom_spec.rb' + +# Offense count: 3 +# Cop supports --auto-correct. +# Configuration parameters: AllowMultipleStyles, EnforcedHashRocketStyle, EnforcedColonStyle, EnforcedLastArgumentHashStyle. +# SupportedHashRocketStyles: key, separator, table +# SupportedColonStyles: key, separator, table +# SupportedLastArgumentHashStyles: always_inspect, always_ignore, ignore_implicit, ignore_explicit +Layout/HashAlignment: + Exclude: + - 'spec/configuration/database_spec.rb' + +# Offense count: 2 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyle. +# SupportedStyles: symmetrical, new_line, same_line +Layout/MultilineHashBraceLayout: + Exclude: + - 'spec/configuration/mailroom_spec.rb' + +# Offense count: 1 +# Cop supports --auto-correct. +Layout/SpaceAfterColon: + Exclude: + - 'spec/gitlab_test_helper.rb' + +# Offense count: 239 +# Cop supports --auto-correct. +Layout/SpaceAfterComma: + Exclude: + - 'spec/configuration/certificates_spec.rb' + - 'spec/configuration/database_spec.rb' + - 'spec/configuration/gitaly_spec.rb' + - 'spec/configuration/mailroom_spec.rb' + - 'spec/configuration/redis_spec.rb' + - 'spec/helm_template_helper.rb' + +# Offense count: 2 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyleInsidePipes. +# SupportedStylesInsidePipes: space, no_space +Layout/SpaceAroundBlockParameters: + Exclude: + - 'spec/scripts/manage_version_spec.rb' + +# Offense count: 11 +# Cop supports --auto-correct. +# Configuration parameters: AllowForAlignment, EnforcedStyleForExponentOperator. +# SupportedStylesForExponentOperator: space, no_space +Layout/SpaceAroundOperators: + Exclude: + - 'spec/configuration/database_spec.rb' + - 'spec/configuration/mailroom_spec.rb' + - 'spec/configuration/redis_spec.rb' + - 'spec/gitlab_test_helper.rb' + - 'spec/helm_template_helper.rb' + +# Offense count: 9 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyleForEmptyBraces. +# SupportedStyles: space, no_space +# SupportedStylesForEmptyBraces: space, no_space +Layout/SpaceBeforeBlockBraces: + Exclude: + - 'spec/configuration/labels_spec.rb' + - 'spec/helm_template_helper.rb' + +# Offense count: 1 +# Cop supports --auto-correct. +Layout/SpaceBeforeComma: + Exclude: + - 'spec/helm_template_helper.rb' + +# Offense count: 16 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyle, EnforcedStyleForEmptyBrackets. +# SupportedStyles: space, no_space, compact +# SupportedStylesForEmptyBrackets: space, no_space +Layout/SpaceInsideArrayLiteralBrackets: + Exclude: + - 'spec/configuration/database_spec.rb' + - 'spec/helm_template_helper.rb' + - 'spec/integration/check_config_spec.rb' + +# Offense count: 2 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyleForEmptyBraces, SpaceBeforeBlockParameters. +# SupportedStyles: space, no_space +# SupportedStylesForEmptyBraces: space, no_space +Layout/SpaceInsideBlockBraces: + Exclude: + - 'spec/configuration/workhorse_spec.rb' + +# Offense count: 29 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyleForEmptyBraces. +# SupportedStyles: space, no_space, compact +# SupportedStylesForEmptyBraces: space, no_space +Layout/SpaceInsideHashLiteralBraces: + Exclude: + - 'spec/configuration/labels_spec.rb' + - 'spec/configuration/mailroom_spec.rb' + - 'spec/configuration/redis_spec.rb' + - 'spec/scripts/lib/version_fetcher_spec.rb' + +# Offense count: 4 +# Cop supports --auto-correct. +# Configuration parameters: AllowInHeredoc. +Layout/TrailingWhitespace: + Exclude: + - 'spec/configuration/database_spec.rb' + - 'spec/configuration/labels_spec.rb' + +# Offense count: 1 +Lint/MixedRegexpCaptureTypes: + Exclude: + - 'scripts/lib/version.rb' + +# Offense count: 1 +Lint/UselessAssignment: + Exclude: + - 'spec/helm_template_helper.rb' + +# Offense count: 1 +# Configuration parameters: IgnoredMethods. +Metrics/CyclomaticComplexity: + Max: 14 + +# Offense count: 1 +# Configuration parameters: IgnoredMethods. +Metrics/PerceivedComplexity: + Max: 15 + +# Offense count: 1 +# Configuration parameters: ExpectMatchingDefinition, CheckDefinitionPathHierarchy, Regex, IgnoreExecutableScripts, AllowedAcronyms. +# AllowedAcronyms: CLI, DSL, ACL, API, ASCII, CPU, CSS, DNS, EOF, GUID, HTML, HTTP, HTTPS, ID, IP, JSON, LHS, QPS, RAM, RHS, RPC, SLA, SMTP, SQL, SSH, TCP, TLS, TTL, UDP, UI, UID, UUID, URI, URL, UTF8, VM, XML, XMPP, XSRF, XSS +Naming/FileName: + Exclude: + - 'spec/configuration/gitlab-yml-erb_spec.rb' + +# Offense count: 1 +# Cop supports --auto-correct. +# Configuration parameters: PreferredName. +Naming/RescuedExceptionsVariableName: + Exclude: + - 'scripts/manage_version.rb' + +# Offense count: 1 +# Cop supports --auto-correct. +# Configuration parameters: AutoCorrect, SafeMultiline. +Performance/EndWith: + Exclude: + - 'scripts/support/changelog/Dangerfile' + +# Offense count: 2 +# Cop supports --auto-correct. +Performance/RegexpMatch: + Exclude: + - 'scripts/support/changelog/Dangerfile' + - 'spec/spec_helper.rb' + +# Offense count: 1 +# Cop supports --auto-correct. +# Configuration parameters: AutoCorrect, SafeMultiline. +Performance/StartWith: + Exclude: + - 'scripts/support/changelog/Dangerfile' + +# Offense count: 5 +Security/Open: + Exclude: + - 'scripts/lib/version_fetcher.rb' + - 'spec/features/backups_spec.rb' + - 'spec/gitlab_test_helper.rb' + +# Offense count: 4 +# Cop supports --auto-correct. +Security/YAMLLoad: + Exclude: + - 'spec/configuration/gitaly_spec.rb' + +# Offense count: 1 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyle. +# SupportedStyles: percent_q, bare_percent +Style/BarePercentLiterals: + Exclude: + - 'scripts/support/changelog/Dangerfile' + +# Offense count: 8 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyle, ProceduralMethods, FunctionalMethods, IgnoredMethods, AllowBracesOnProceduralOneLiners, BracesRequiredMethods. +# SupportedStyles: line_count_based, semantic, braces_for_chaining, always_braces +# ProceduralMethods: benchmark, bm, bmbm, create, each_with_object, measure, new, realtime, tap, with_object +# FunctionalMethods: let, let!, subject, watch +# IgnoredMethods: lambda, proc, it +Style/BlockDelimiters: + Exclude: + - 'spec/configuration/database_spec.rb' + - 'spec/configuration/redis_spec.rb' + - 'spec/helm_template_helper.rb' + +# Offense count: 3 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyle, SingleLineConditionsOnly, IncludeTernaryExpressions. +# SupportedStyles: assign_to_condition, assign_inside_condition +Style/ConditionalAssignment: + Exclude: + - 'scripts/lib/version.rb' + - 'scripts/manage_version.rb' + +# Offense count: 3 +# Cop supports --auto-correct. +Style/DefWithParentheses: + Exclude: + - 'spec/helm_template_helper.rb' + +# Offense count: 37 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyle. +# SupportedStyles: always, always_true, never +Style/FrozenStringLiteralComment: + Enabled: false + +# Offense count: 5 +# Configuration parameters: MinBodyLength. +Style/GuardClause: + Exclude: + - 'scripts/lib/version.rb' + - 'scripts/lib/version_mapping.rb' + - 'scripts/manage_version.rb' + +# Offense count: 2 +# Cop supports --auto-correct. +# Configuration parameters: UseHashRocketsWithSymbolValues, PreferHashRocketsForNonAlnumEndingSymbols. +# SupportedStyles: ruby19, hash_rockets, no_mixed_keys, ruby19_no_mixed_keys +Style/HashSyntax: + Exclude: + - 'spec/spec_helper.rb' + +# Offense count: 12 +# Cop supports --auto-correct. +Style/IfUnlessModifier: + Exclude: + - 'scripts/manage_version.rb' + - 'scripts/support/metadata/Dangerfile' + - 'spec/configuration/workhorse_spec.rb' + - 'spec/gitlab_test_helper.rb' + +# Offense count: 1 +# Cop supports --auto-correct. +# Configuration parameters: IgnoredMethods. +Style/MethodCallWithoutArgsParentheses: + Exclude: + - 'spec/spec_helper.rb' + +# Offense count: 1 +Style/MixinUsage: + Exclude: + - 'spec/spec_helper.rb' + +# Offense count: 2 +# Cop supports --auto-correct. +Style/MultilineWhenThen: + Exclude: + - 'spec/helm_template_helper.rb' + +# Offense count: 1 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyle. +# SupportedStyles: literals, strict +Style/MutableConstant: + Exclude: + - 'db/migrate/**/*' + - 'db/post_migrate/**/*' + - 'db/geo/migrate/**/*' + - 'scripts/lib/version.rb' + +# Offense count: 1 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyle, MinBodyLength. +# SupportedStyles: skip_modifier_ifs, always +Style/Next: + Exclude: + - 'spec/configuration/workhorse_spec.rb' + +# Offense count: 1 +# Cop supports --auto-correct. +# Configuration parameters: . +# SupportedStyles: compact, exploded +Style/RaiseArgs: + Exclude: + - 'scripts/manage_version.rb' + +# Offense count: 1 +# Cop supports --auto-correct. +Style/RedundantBegin: + Exclude: + - 'spec/gitlab_test_helper.rb' + +# Offense count: 2 +# Cop supports --auto-correct. +Style/RedundantFileExtensionInRequire: + Exclude: + - 'Rakefile' + - 'spec/scripts/lib/version_fetcher_spec.rb' + +# Offense count: 2 +# Cop supports --auto-correct. +Style/RedundantFreeze: + Exclude: + - 'scripts/tag_auto_deploy.rb' + +# Offense count: 9 +# Cop supports --auto-correct. +# Configuration parameters: AllowMultipleReturnValues. +Style/RedundantReturn: + Exclude: + - 'spec/gitlab_test_helper.rb' + +# Offense count: 3 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyle, AllowInnerSlashes. +# SupportedStyles: slashes, percent_r, mixed +Style/RegexpLiteral: + Exclude: + - 'scripts/lib/version.rb' + - 'scripts/support/changelog/Dangerfile' + - 'scripts/support/metadata/Dangerfile' + +# Offense count: 1 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyle. +# SupportedStyles: implicit, explicit +Style/RescueStandardError: + Exclude: + - 'spec/gitlab_test_helper.rb' + +# Offense count: 3 +# Cop supports --auto-correct. +# Configuration parameters: ConvertCodeThatCanStartToReturnNil, AllowedMethods. +# AllowedMethods: present?, blank?, presence, try, try! +Style/SafeNavigation: + Exclude: + - 'scripts/lib/version.rb' + - 'scripts/manage_version.rb' + +# Offense count: 16 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyle. +# SupportedStyles: only_raise, only_fail, semantic +Style/SignalException: + Exclude: + - 'scripts/support/changelog/Dangerfile' + - 'scripts/support/metadata/Dangerfile' + - 'spec/features/backups_spec.rb' + - 'spec/helm_template_helper.rb' + +# Offense count: 30 +# Cop supports --auto-correct. +Style/SingleArgumentDig: + Exclude: + - 'spec/configuration/pages_spec.rb' + - 'spec/configuration/praefect_spec.rb' + - 'spec/configuration/redis_spec.rb' + - 'spec/configuration/webservice_deployments_spec.rb' + +# Offense count: 2 +# Cop supports --auto-correct. +Style/SlicingWithRange: + Exclude: + - 'scripts/lib/version_fetcher.rb' + - 'scripts/tag_auto_deploy.rb' + +# Offense count: 1 +# Configuration parameters: AllowModifier. +Style/SoleNestedConditional: + Exclude: + - 'scripts/manage_version.rb' + +# Offense count: 3 +# Cop supports --auto-correct. +# Configuration parameters: . +# SupportedStyles: use_perl_names, use_english_names +Style/SpecialGlobalVars: + EnforcedStyle: use_perl_names + +# Offense count: 6 +# Cop supports --auto-correct. +Style/StderrPuts: + Exclude: + - 'scripts/lib/version_mapping.rb' + - 'scripts/manage_version.rb' + - 'scripts/tag_auto_deploy.rb' + +# Offense count: 3 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyle. +# SupportedStyles: single_quotes, double_quotes +Style/StringLiteralsInInterpolation: + Exclude: + - 'scripts/support/changelog/Dangerfile' + +# Offense count: 1 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyleForMultiline. +# SupportedStylesForMultiline: comma, consistent_comma, no_comma +Style/TrailingCommaInArguments: + Exclude: + - 'spec/configuration/sidekiq_spec.rb' + +# Offense count: 7 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyleForMultiline. +# SupportedStylesForMultiline: comma, consistent_comma, no_comma +Style/TrailingCommaInArrayLiteral: + Exclude: + - 'spec/configuration/gitaly_spec.rb' + - 'spec/configuration/labels_spec.rb' + - 'spec/configuration/sidekiq_spec.rb' + - 'spec/integration/check_config_spec.rb' + +# Offense count: 53 +# Cop supports --auto-correct. +# Configuration parameters: EnforcedStyleForMultiline. +# SupportedStylesForMultiline: comma, consistent_comma, no_comma +Style/TrailingCommaInHashLiteral: + Exclude: + - 'spec/configuration/certificates_spec.rb' + - 'spec/configuration/database_spec.rb' + - 'spec/configuration/gitaly_spec.rb' + - 'spec/configuration/mailroom_spec.rb' + - 'spec/configuration/redis_spec.rb' + +# Offense count: 2 +# Cop supports --auto-correct. +# Configuration parameters: ExactNameMatch, AllowPredicates, AllowDSLWriters, IgnoreClassMethods, AllowedMethods. +# AllowedMethods: to_ary, to_a, to_c, to_enum, to_h, to_hash, to_i, to_int, to_io, to_open, to_path, to_proc, to_r, to_regexp, to_str, to_s, to_sym +Style/TrivialAccessors: + Exclude: + - 'spec/helm_template_helper.rb' + +# Offense count: 9 +# Cop supports --auto-correct. +# Configuration parameters: WordRegex. +# SupportedStyles: percent, brackets +Style/WordArray: + EnforcedStyle: percent + MinSize: 4 + +# Offense count: 113 +# Cop supports --auto-correct. +# Configuration parameters: AutoCorrect, AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, IgnoredPatterns. +# URISchemes: http, https +Layout/LineLength: + Max: 285 diff --git a/charts/gitlab/gitlab/.vale.ini b/charts/gitlab/gitlab/.vale.ini new file mode 100644 index 000000000..13b198b91 --- /dev/null +++ b/charts/gitlab/gitlab/.vale.ini @@ -0,0 +1,9 @@ +# Vale configuration file. +# +# For more information, see https://errata-ai.gitbook.io/vale/getting-started/configuration. + +StylesPath = doc/.vale +MinAlertLevel = suggestion + +[*.md] +BasedOnStyles = gitlab diff --git a/charts/gitlab/gitlab/CHANGELOG.md b/charts/gitlab/gitlab/CHANGELOG.md index 205ad0d3a..fdd972c5f 100644 --- a/charts/gitlab/gitlab/CHANGELOG.md +++ b/charts/gitlab/gitlab/CHANGELOG.md @@ -2,6 +2,10 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 6.6.1 (2022-11-30) + +No changes. + ## 6.6.0 (2022-11-21) ### Added (8 changes) diff --git a/charts/gitlab/gitlab/Chart.yaml b/charts/gitlab/gitlab/Chart.yaml index 59463ec72..27cdf4b30 100644 --- a/charts/gitlab/gitlab/Chart.yaml +++ b/charts/gitlab/gitlab/Chart.yaml @@ -3,7 +3,7 @@ annotations: catalog.cattle.io/display-name: GitLab catalog.cattle.io/release-name: gitlab apiVersion: v1 -appVersion: 15.6.0 +appVersion: 15.6.1 description: The One DevOps Platform home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.png @@ -15,4 +15,4 @@ maintainers: name: gitlab sources: - https://gitlab.com/gitlab-org/charts/gitlab -version: 6.6.0 +version: 6.6.1 diff --git a/charts/gitlab/gitlab/charts/gitlab-runner/CHANGELOG.md b/charts/gitlab/gitlab/charts/gitlab-runner/CHANGELOG.md index 8ae5c69f0..3c22882c4 100644 --- a/charts/gitlab/gitlab/charts/gitlab-runner/CHANGELOG.md +++ b/charts/gitlab/gitlab/charts/gitlab-runner/CHANGELOG.md @@ -1,9 +1,8 @@ -## v0.46.1 (2022-11-11) +## v0.47.0 (2022-11-22) ### New features -- Update GitLab Runner version to 15.5.1 - +- Update GitLab Runner version to 15.6.0 ## v0.46.0 (2022-10-21) ### New features diff --git a/charts/gitlab/gitlab/charts/gitlab-runner/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab-runner/Chart.yaml index aeaebc9cc..c0d2a0985 100644 --- a/charts/gitlab/gitlab/charts/gitlab-runner/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab-runner/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.5.1 +appVersion: 15.6.0 description: GitLab Runner icon: https://gitlab.com/uploads/-/system/project/avatar/250833/runner_logo.png keywords: @@ -13,4 +13,4 @@ name: gitlab-runner sources: - https://gitlab.com/gitlab-org/gitlab-runner - https://docs.gitlab.com/runner/ -version: 0.46.1 +version: 0.47.0 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/geo-logcursor/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/geo-logcursor/Chart.yaml index 4e3ac583e..c68548984 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/geo-logcursor/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/geo-logcursor/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.6.0 +appVersion: 15.6.1 description: GitLab Geo logcursor home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -12,4 +12,4 @@ name: geo-logcursor sources: - https://gitlab.com/charts/gitlab/tree/master/charts/gitlab/charts/geo-logcursor - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-rails -version: 6.6.0 +version: 6.6.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/gitaly/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/gitaly/Chart.yaml index a662e35ae..322465fa3 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/gitaly/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/gitaly/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.6.0 +appVersion: 15.6.1 description: Git RPC service for handling all the git calls made by GitLab home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -13,4 +13,4 @@ name: gitaly sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitaly - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitaly -version: 6.6.0 +version: 6.6.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-exporter/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-exporter/Chart.yaml index b90f36e9f..b67710337 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-exporter/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-exporter/Chart.yaml @@ -14,4 +14,4 @@ sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-exporter - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-exporter - https://gitlab.com/gitlab-org/gitlab-exporter -version: 6.6.0 +version: 6.6.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-grafana/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-grafana/Chart.yaml index c413fa4fe..3f07858af 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-grafana/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-grafana/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.6.0 +appVersion: 15.6.1 description: Adapt the Grafana chart to interface to the GitLab App home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -13,4 +13,4 @@ name: gitlab-grafana sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-grafana - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-grafana -version: 6.6.0 +version: 6.6.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-pages/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-pages/Chart.yaml index 507551b0b..29a32c7e4 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-pages/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-pages/Chart.yaml @@ -14,4 +14,4 @@ sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-pages - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-pages - https://gitlab.com/gitlab-org/gitlab-pages -version: 6.6.0 +version: 6.6.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-shell/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-shell/Chart.yaml index 0713be06c..491c40236 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-shell/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-shell/Chart.yaml @@ -14,4 +14,4 @@ name: gitlab-shell sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-shell - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-shell -version: 6.6.0 +version: 6.6.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/kas/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/kas/Chart.yaml index 4e7784f3d..6d06b68a5 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/kas/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/kas/Chart.yaml @@ -17,4 +17,4 @@ name: kas sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-kas - https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent -version: 6.6.0 +version: 6.6.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/mailroom/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/mailroom/Chart.yaml index c0ddee6d2..754a02015 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/mailroom/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/mailroom/Chart.yaml @@ -13,4 +13,4 @@ name: mailroom sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/mailroom - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-mailroom -version: 6.6.0 +version: 6.6.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/migrations/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/migrations/Chart.yaml index 148f18dee..05a040f63 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/migrations/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/migrations/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.6.0 +appVersion: 15.6.1 description: Database migrations and other versioning tasks for upgrading Gitlab home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -12,4 +12,4 @@ name: migrations sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/migrations - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-rails -version: 6.6.0 +version: 6.6.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/praefect/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/praefect/Chart.yaml index 664406d56..3a2f18d86 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/praefect/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/praefect/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.6.0 +appVersion: 15.6.1 description: Praefect is a router and transaction manager for Gitaly, and a required component for running a Gitaly Cluster. home: https://about.gitlab.com/ @@ -16,4 +16,4 @@ sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/praefect - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitaly - https://gitlab.com/gitlab-org/gitaly/-/tree/master/cmd/praefect -version: 6.6.0 +version: 6.6.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/sidekiq/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/sidekiq/Chart.yaml index e406bb651..e1e5a2e16 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/sidekiq/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/sidekiq/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.6.0 +appVersion: 15.6.1 description: Gitlab Sidekiq for asynchronous task processing in rails home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -13,4 +13,4 @@ name: sidekiq sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/sidekiq - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-sidekiq -version: 6.6.0 +version: 6.6.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/spamcheck/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/spamcheck/Chart.yaml index fb05a07fa..29146fafc 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/spamcheck/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/spamcheck/Chart.yaml @@ -14,4 +14,4 @@ name: spamcheck sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/spamcheck - https://gitlab.com/gitlab-org/spamcheck -version: 6.6.0 +version: 6.6.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/toolbox/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/toolbox/Chart.yaml index 72b744b63..c2050a850 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/toolbox/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/toolbox/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.6.0 +appVersion: 15.6.1 description: For manually running rake tasks through kubectl home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -13,4 +13,4 @@ name: toolbox sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/toolbox - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-toolbox -version: 6.6.0 +version: 6.6.1 diff --git a/charts/gitlab/gitlab/charts/gitlab/charts/webservice/Chart.yaml b/charts/gitlab/gitlab/charts/gitlab/charts/webservice/Chart.yaml index eeeaea54a..60bc82c59 100644 --- a/charts/gitlab/gitlab/charts/gitlab/charts/webservice/Chart.yaml +++ b/charts/gitlab/gitlab/charts/gitlab/charts/webservice/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 15.6.0 +appVersion: 15.6.1 description: HTTP server for Gitlab home: https://about.gitlab.com/ icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg @@ -14,4 +14,4 @@ name: webservice sources: - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/webservice - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-webservice -version: 6.6.0 +version: 6.6.1 diff --git a/charts/gitlab/gitlab/requirements.lock b/charts/gitlab/gitlab/requirements.lock index 0f2b40179..e3a6317fb 100644 --- a/charts/gitlab/gitlab/requirements.lock +++ b/charts/gitlab/gitlab/requirements.lock @@ -22,7 +22,7 @@ dependencies: version: 8.9.4 - name: gitlab-runner repository: https://charts.gitlab.io/ - version: 0.46.1 + version: 0.47.0 - name: grafana repository: https://grafana.github.io/helm-charts version: 6.11.0 @@ -32,5 +32,5 @@ dependencies: - name: nginx-ingress repository: "" version: '*.*.*' -digest: sha256:19dcd732718aab19a79cd814707e51a43355a9ff320406f1146f1cf288fa1bd1 -generated: "2022-11-22T13:26:30.179216448Z" +digest: sha256:1a36b0e21d9953da190f461eccaee8056bd12a588578db8eca57caa488e8da48 +generated: "2022-11-30T19:13:56.463468432Z" diff --git a/charts/gitlab/gitlab/requirements.yaml b/charts/gitlab/gitlab/requirements.yaml index b2f0d83e8..2a225aaf3 100644 --- a/charts/gitlab/gitlab/requirements.yaml +++ b/charts/gitlab/gitlab/requirements.yaml @@ -21,7 +21,7 @@ dependencies: repository: https://raw.githubusercontent.com/bitnami/charts/eb5f9a9513d987b519f0ecd732e7031241c50328/bitnami condition: postgresql.install - name: gitlab-runner - version: 0.46.1 + version: 0.47.0 repository: https://charts.gitlab.io/ condition: gitlab-runner.install - name: grafana diff --git a/charts/hashicorp/consul/.helmignore b/charts/hashicorp/consul/.helmignore new file mode 100644 index 000000000..d1180d2fb --- /dev/null +++ b/charts/hashicorp/consul/.helmignore @@ -0,0 +1,4 @@ +.git/ +.terraform/ +bin/ +test/ diff --git a/charts/hashicorp/consul/Chart.yaml b/charts/hashicorp/consul/Chart.yaml index eb2acb9d6..505066e5f 100644 --- a/charts/hashicorp/consul/Chart.yaml +++ b/charts/hashicorp/consul/Chart.yaml @@ -1,9 +1,9 @@ annotations: artifacthub.io/images: | - name: consul - image: hashicorp/consul:1.14.1 + image: hashicorp/consul:1.14.2 - name: consul-k8s-control-plane - image: hashicorp/consul-k8s-control-plane:1.0.1 + image: hashicorp/consul-k8s-control-plane:1.0.2 - name: consul-dataplane image: hashicorp/consul-dataplane:1.0.0 - name: envoy @@ -25,7 +25,7 @@ annotations: catalog.cattle.io/kube-version: '>=1.21.0-0' catalog.cattle.io/release-name: consul apiVersion: v2 -appVersion: 1.14.1 +appVersion: 1.14.2 description: Official HashiCorp Consul Chart home: https://www.consul.io icon: https://raw.githubusercontent.com/hashicorp/consul-k8s/main/assets/icon.png @@ -34,4 +34,4 @@ name: consul sources: - https://github.com/hashicorp/consul - https://github.com/hashicorp/consul-k8s -version: 1.0.1 +version: 1.0.2 diff --git a/charts/hashicorp/consul/templates/api-gateway-controller-deployment.yaml b/charts/hashicorp/consul/templates/api-gateway-controller-deployment.yaml index 52884f725..c548b63e4 100644 --- a/charts/hashicorp/consul/templates/api-gateway-controller-deployment.yaml +++ b/charts/hashicorp/consul/templates/api-gateway-controller-deployment.yaml @@ -56,8 +56,8 @@ spec: name: sds protocol: TCP env: - {{- if .Values.global.tls.enabled }} {{- if or (not (and .Values.externalServers.enabled .Values.externalServers.useSystemRoots)) .Values.client.enabled }} + {{- if .Values.global.tls.enabled }} - name: CONSUL_CACERT value: /consul/tls/ca/tls.crt {{- end }} @@ -149,8 +149,9 @@ spec: - name: consul-bin mountPath: /consul-bin {{- end }} + {{- if or (not (and .Values.externalServers.enabled .Values.externalServers.useSystemRoots)) .Values.client.enabled }} {{- if .Values.global.tls.enabled }} - {{- if .Values.global.tls.enableAutoEncrypt }} + {{- if and .Values.client.enabled .Values.global.tls.enableAutoEncrypt }} - name: consul-auto-encrypt-ca-cert {{- else }} - name: consul-ca-cert @@ -158,6 +159,7 @@ spec: mountPath: /consul/tls/ca readOnly: true {{- end }} + {{- end }} - mountPath: /consul/login name: consul-data readOnly: true @@ -222,10 +224,6 @@ spec: {{- if .Values.global.acls.manageSystemACLs }} - name: api-gateway-controller-acl-init env: - - name: HOST_IP - valueFrom: - fieldRef: - fieldPath: status.hostIP - name: NAMESPACE valueFrom: fieldRef: @@ -242,15 +240,13 @@ spec: - mountPath: /consul/login name: consul-data readOnly: false + {{- if not (and .Values.externalServers.enabled .Values.externalServers.useSystemRoots) }} {{- if .Values.global.tls.enabled }} - {{- if .Values.global.tls.enableAutoEncrypt }} - - name: consul-auto-encrypt-ca-cert - {{- else }} - name: consul-ca-cert - {{- end }} mountPath: /consul/tls/ca readOnly: true {{- end }} + {{- end }} command: - "/bin/sh" - "-ec" @@ -262,10 +258,6 @@ spec: {{- else }} -auth-method-name={{ template "consul.fullname" . }}-k8s-component-auth-method \ {{- end }} - {{- if .Values.global.adminPartitions.enabled }} - -partition={{ .Values.global.adminPartitions.name }} \ - {{- end }} - -api-timeout={{ .Values.global.consulAPITimeout }} \ -log-level={{ default .Values.global.logLevel .Values.apiGateway.logLevel }} \ -log-json={{ .Values.global.logJSON }} resources: diff --git a/charts/hashicorp/consul/templates/cni-clusterrole.yaml b/charts/hashicorp/consul/templates/cni-clusterrole.yaml index 39dc5ead5..773942cca 100644 --- a/charts/hashicorp/consul/templates/cni-clusterrole.yaml +++ b/charts/hashicorp/consul/templates/cni-clusterrole.yaml @@ -3,7 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: {{ template "consul.fullname" . }}-cni - namespace: {{ .Release.Namespace }} + namespace: {{ default .Release.Namespace .Values.connectInject.cni.namespace }} labels: app: {{ template "consul.name" . }} chart: {{ template "consul.chart" . }} diff --git a/charts/hashicorp/consul/templates/cni-clusterrolebinding.yaml b/charts/hashicorp/consul/templates/cni-clusterrolebinding.yaml index 86c19d86a..4b860388b 100644 --- a/charts/hashicorp/consul/templates/cni-clusterrolebinding.yaml +++ b/charts/hashicorp/consul/templates/cni-clusterrolebinding.yaml @@ -16,5 +16,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "consul.fullname" . }}-cni - namespace: {{ .Release.Namespace }} + namespace: {{ default .Release.Namespace .Values.connectInject.cni.namespace }} {{- end }} diff --git a/charts/hashicorp/consul/templates/cni-daemonset.yaml b/charts/hashicorp/consul/templates/cni-daemonset.yaml index 7b9f90d93..e9a680733 100644 --- a/charts/hashicorp/consul/templates/cni-daemonset.yaml +++ b/charts/hashicorp/consul/templates/cni-daemonset.yaml @@ -4,7 +4,7 @@ apiVersion: apps/v1 kind: DaemonSet metadata: name: {{ template "consul.fullname" . }}-cni - namespace: {{ .Release.Namespace }} + namespace: {{ default .Release.Namespace .Values.connectInject.cni.namespace }} labels: app: {{ template "consul.name" . }} chart: {{ template "consul.chart" . }} diff --git a/charts/hashicorp/consul/templates/cni-networkattachmentdefinition.yaml b/charts/hashicorp/consul/templates/cni-networkattachmentdefinition.yaml index d0feaf5cb..80ef50bac 100644 --- a/charts/hashicorp/consul/templates/cni-networkattachmentdefinition.yaml +++ b/charts/hashicorp/consul/templates/cni-networkattachmentdefinition.yaml @@ -3,7 +3,7 @@ apiVersion: "k8s.cni.cncf.io/v1" kind: NetworkAttachmentDefinition metadata: name: {{ template "consul.fullname" . }}-cni - namespace: {{ .Release.Namespace }} + namespace: {{ default .Release.Namespace .Values.connectInject.cni.namespace }} labels: app: {{ template "consul.name" . }} chart: {{ template "consul.chart" . }} diff --git a/charts/hashicorp/consul/templates/cni-podsecuritypolicy.yaml b/charts/hashicorp/consul/templates/cni-podsecuritypolicy.yaml index 15b96bc23..b600ed1b4 100644 --- a/charts/hashicorp/consul/templates/cni-podsecuritypolicy.yaml +++ b/charts/hashicorp/consul/templates/cni-podsecuritypolicy.yaml @@ -3,7 +3,7 @@ apiVersion: policy/v1beta1 kind: PodSecurityPolicy metadata: name: {{ template "consul.fullname" . }}-cni - namespace: {{ .Release.Namespace }} + namespace: {{ default .Release.Namespace .Values.connectInject.cni.namespace }} labels: app: {{ template "consul.name" . }} chart: {{ template "consul.chart" . }} diff --git a/charts/hashicorp/consul/templates/cni-resourcequota.yaml b/charts/hashicorp/consul/templates/cni-resourcequota.yaml index abfe5a887..054c3061f 100644 --- a/charts/hashicorp/consul/templates/cni-resourcequota.yaml +++ b/charts/hashicorp/consul/templates/cni-resourcequota.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: ResourceQuota metadata: name: {{ template "consul.fullname" . }}-cni - namespace: {{ .Release.Namespace }} + namespace: {{ default .Release.Namespace .Values.connectInject.cni.namespace }} labels: app: {{ template "consul.name" . }} chart: {{ template "consul.chart" . }} diff --git a/charts/hashicorp/consul/templates/cni-securitycontextconstraints.yaml b/charts/hashicorp/consul/templates/cni-securitycontextconstraints.yaml index 95cfc555e..2c09dba9b 100644 --- a/charts/hashicorp/consul/templates/cni-securitycontextconstraints.yaml +++ b/charts/hashicorp/consul/templates/cni-securitycontextconstraints.yaml @@ -3,7 +3,7 @@ apiVersion: security.openshift.io/v1 kind: SecurityContextConstraints metadata: name: {{ template "consul.fullname" . }}-cni - namespace: {{ .Release.Namespace }} + namespace: {{ default .Release.Namespace .Values.connectInject.cni.namespace }} labels: app: {{ template "consul.name" . }} chart: {{ template "consul.chart" . }} diff --git a/charts/hashicorp/consul/templates/cni-serviceaccount.yaml b/charts/hashicorp/consul/templates/cni-serviceaccount.yaml index 6b2a7627f..cf4250b69 100644 --- a/charts/hashicorp/consul/templates/cni-serviceaccount.yaml +++ b/charts/hashicorp/consul/templates/cni-serviceaccount.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ template "consul.fullname" . }}-cni - namespace: {{ .Release.Namespace }} + namespace: {{ default .Release.Namespace .Values.connectInject.cni.namespace }} labels: app: {{ template "consul.name" . }} chart: {{ template "consul.chart" . }} diff --git a/charts/hashicorp/consul/values.yaml b/charts/hashicorp/consul/values.yaml index 05ac341f0..1d24ae005 100644 --- a/charts/hashicorp/consul/values.yaml +++ b/charts/hashicorp/consul/values.yaml @@ -63,7 +63,7 @@ global: # image: "hashicorp/consul-enterprise:1.10.0-ent" # ``` # @default: hashicorp/consul: - image: "hashicorp/consul:1.14.1" + image: "hashicorp/consul:1.14.2" # Array of objects containing image pull secret names that will be applied to each service account. # This can be used to reference image pull secrets if using a custom consul or consul-k8s-control-plane Docker image. @@ -83,7 +83,7 @@ global: # image that is used for functionality such as catalog sync. # This can be overridden per component. # @default: hashicorp/consul-k8s-control-plane: - imageK8S: hashicorp/consul-k8s-control-plane:1.0.1 + imageK8S: hashicorp/consul-k8s-control-plane:1.0.2 # The name of the datacenter that the agents should # register as. This can't be changed once the Consul cluster is up and running @@ -1945,6 +1945,11 @@ connectInject: # @type: string logLevel: null + # Set the namespace to install the CNI plugin into. Overrides global namespace settings for CNI resources. + # Ex: "kube-system" + # @type: string + namespace: null + # Location on the kubernetes node where the CNI plugin is installed. Shoud be the absolute path and start with a '/' # Example on GKE: # diff --git a/charts/jfrog/artifactory-ha/.helmignore b/charts/jfrog/artifactory-ha/.helmignore new file mode 100644 index 000000000..c7eb1e274 --- /dev/null +++ b/charts/jfrog/artifactory-ha/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +OWNERS \ No newline at end of file diff --git a/charts/jfrog/artifactory-ha/CHANGELOG.md b/charts/jfrog/artifactory-ha/CHANGELOG.md index 148f2eb12..76430e247 100644 --- a/charts/jfrog/artifactory-ha/CHANGELOG.md +++ b/charts/jfrog/artifactory-ha/CHANGELOG.md @@ -1,7 +1,15 @@ # JFrog Artifactory-ha Chart Changelog All changes to this chart will be documented in this file -## [107.46.17] - Sep 14, 2022 +## [107.47.10] - Oct 27, 2022 +* Updated router version to `7.51.0` + +## [107.47.0] - Sep 29, 2022 +* Updated initContainerImage to `ubi8/ubi-minimal:8.6-941` +* Added support for annotations for artifactory statefulset and nginx deployment [GH-1665](https://github.com/jfrog/charts/pull/1665) +* Updated router version to `7.49.0` + +## [107.46.0] - Sep 14, 2022 * **IMPORTANT** * Added support for lifecycle hooks for all containers, changed `artifactory.postStartCommand` to `.Values.artifactory.lifecycle.postStart.exec.command` * Updated initContainerImage and logger image to `ubi8/ubi-minimal:8.6-902` diff --git a/charts/jfrog/artifactory-ha/Chart.yaml b/charts/jfrog/artifactory-ha/Chart.yaml index b759fac31..20679e9b5 100644 --- a/charts/jfrog/artifactory-ha/Chart.yaml +++ b/charts/jfrog/artifactory-ha/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>= 1.14.0-0' catalog.cattle.io/release-name: artifactory-ha apiVersion: v2 -appVersion: 7.46.17 +appVersion: 7.47.10 dependencies: - condition: postgresql.enabled name: postgresql @@ -26,4 +26,4 @@ name: artifactory-ha sources: - https://github.com/jfrog/charts type: application -version: 107.46.17 +version: 107.47.10 diff --git a/charts/jfrog/artifactory-ha/ci/test-values.yaml b/charts/jfrog/artifactory-ha/ci/test-values.yaml index 4265822e1..8834717be 100644 --- a/charts/jfrog/artifactory-ha/ci/test-values.yaml +++ b/charts/jfrog/artifactory-ha/ci/test-values.yaml @@ -35,6 +35,9 @@ artifactory: javaOpts: xms: "4g" xmx: "4g" + statefulset: + annotations: + artifactory: test postgresql: postgresqlPassword: "password" diff --git a/charts/jfrog/artifactory-ha/templates/artifactory-node-statefulset.yaml b/charts/jfrog/artifactory-ha/templates/artifactory-node-statefulset.yaml index 4481c4059..a5498bd6b 100644 --- a/charts/jfrog/artifactory-ha/templates/artifactory-node-statefulset.yaml +++ b/charts/jfrog/artifactory-ha/templates/artifactory-node-statefulset.yaml @@ -12,6 +12,10 @@ metadata: {{- with .Values.artifactory.node.labels }} {{ toYaml . | indent 4 }} {{- end }} +{{- with .Values.artifactory.statefulset.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} spec: serviceName: {{ template "artifactory-ha.node.name" . }} replicas: {{ .Values.artifactory.node.replicaCount }} diff --git a/charts/jfrog/artifactory-ha/templates/artifactory-primary-statefulset.yaml b/charts/jfrog/artifactory-ha/templates/artifactory-primary-statefulset.yaml index 77ce33272..bcb095035 100644 --- a/charts/jfrog/artifactory-ha/templates/artifactory-primary-statefulset.yaml +++ b/charts/jfrog/artifactory-ha/templates/artifactory-primary-statefulset.yaml @@ -24,6 +24,10 @@ metadata: {{- if or .Values.artifactory.persistence.googleStorage.identity .Values.artifactory.persistence.googleStorage.credential }} {{- fail "\nGCP Bucket Authentication with Identity and Credential is deprecated" }} {{- end }} +{{- with .Values.artifactory.statefulset.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} spec: serviceName: {{ template "artifactory-ha.primary.name" . }} replicas: {{ .Values.artifactory.primary.replicaCount }} diff --git a/charts/jfrog/artifactory-ha/templates/nginx-deployment.yaml b/charts/jfrog/artifactory-ha/templates/nginx-deployment.yaml index cb99ebedd..306ff5550 100644 --- a/charts/jfrog/artifactory-ha/templates/nginx-deployment.yaml +++ b/charts/jfrog/artifactory-ha/templates/nginx-deployment.yaml @@ -14,6 +14,10 @@ metadata: {{- if .Values.nginx.labels }} {{ toYaml .Values.nginx.labels | indent 4 }} {{- end }} +{{- with .Values.nginx.deployment.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} spec: {{- if ne .Values.nginx.kind "DaemonSet" }} replicas: {{ .Values.nginx.replicaCount }} diff --git a/charts/jfrog/artifactory-ha/values.yaml b/charts/jfrog/artifactory-ha/values.yaml index e5c8c4b1a..3953d81e5 100644 --- a/charts/jfrog/artifactory-ha/values.yaml +++ b/charts/jfrog/artifactory-ha/values.yaml @@ -44,7 +44,7 @@ global: ## # fullnameOverride: -initContainerImage: releases-docker.jfrog.io/ubi8/ubi-minimal:8.6-902 +initContainerImage: releases-docker.jfrog.io/ubi8/ubi-minimal:8.6-941 installer: type: @@ -217,7 +217,7 @@ logger: image: registry: releases-docker.jfrog.io repository: ubi8/ubi-minimal - tag: 8.6-902 + tag: 8.6-941 ## You can use a pre-existing secret with keys license_token and iam_role by specifying licenseConfigSecretName ## Example : Create a generic secret using `kubectl create secret generic --from-literal=license_token=${TOKEN} --from-literal=iam_role=${ROLE_ARN}` @@ -234,7 +234,7 @@ router: image: registry: releases-docker.jfrog.io repository: jfrog/router - tag: 7.45.0 + tag: 7.51.0 imagePullPolicy: IfNotPresent serviceRegistry: ## Service registry (Access) TLS verification skipped if enabled @@ -1005,6 +1005,9 @@ artifactory: javaOpts: {} # other: "" + statefulset: + annotations: {} + ## The following setting are to configure a dedicated Ingress object for Replicator service replicator: name: replicator @@ -1597,6 +1600,9 @@ nginx: # tag: pullPolicy: IfNotPresent + deployment: + annotations: {} + # Priority Class name to be used in deployment if provided priorityClassName: diff --git a/charts/jfrog/artifactory-jcr/CHANGELOG.md b/charts/jfrog/artifactory-jcr/CHANGELOG.md index 6d8789386..8be62f93d 100644 --- a/charts/jfrog/artifactory-jcr/CHANGELOG.md +++ b/charts/jfrog/artifactory-jcr/CHANGELOG.md @@ -1,7 +1,7 @@ # JFrog Container Registry Chart Changelog All changes to this chart will be documented in this file. -## [107.46.17] - Aug 25, 2022 +## [107.47.10] - Aug 25, 2022 * Included event service as mandatory and remove the flag from values.yaml ## [107.41.0] - Jul 22, 2022 diff --git a/charts/jfrog/artifactory-jcr/Chart.yaml b/charts/jfrog/artifactory-jcr/Chart.yaml index d7ee1fe4a..60c486e87 100644 --- a/charts/jfrog/artifactory-jcr/Chart.yaml +++ b/charts/jfrog/artifactory-jcr/Chart.yaml @@ -4,11 +4,11 @@ annotations: catalog.cattle.io/kube-version: '>= 1.14.0-0' catalog.cattle.io/release-name: artifactory-jcr apiVersion: v2 -appVersion: 7.46.17 +appVersion: 7.47.10 dependencies: - name: artifactory repository: file://./charts/artifactory - version: 107.46.17 + version: 107.47.10 description: JFrog Container Registry home: https://jfrog.com/container-registry/ icon: https://raw.githubusercontent.com/jfrog/charts/ea5c3112c24a973f64f3ccd99747323db292a369/stable/artifactory-jcr/logo/jcr-logo.png @@ -27,4 +27,4 @@ name: artifactory-jcr sources: - https://github.com/jfrog/charts type: application -version: 107.46.17 +version: 107.47.10 diff --git a/charts/jfrog/artifactory-jcr/charts/artifactory/CHANGELOG.md b/charts/jfrog/artifactory-jcr/charts/artifactory/CHANGELOG.md index 6a2c96a24..694a29ba9 100644 --- a/charts/jfrog/artifactory-jcr/charts/artifactory/CHANGELOG.md +++ b/charts/jfrog/artifactory-jcr/charts/artifactory/CHANGELOG.md @@ -1,14 +1,22 @@ # JFrog Artifactory Chart Changelog All changes to this chart will be documented in this file. -## [107.46.17] - Sep 14, 2022 +## [107.47.10] - Oct 27, 2022 +* Updated router version to `7.51.0` + +## [107.47.0] - Sep 29, 2022 +* Updated initContainerImage to `ubi8/ubi-minimal:8.6-941` +* Added support for annotations for artifactory statefulset and nginx deployment [GH-1665](https://github.com/jfrog/charts/pull/1665) +* Updated router version to `7.49.0` + +## [107.46.0] - Sep 14, 2022 * **IMPORTANT** * Added support for lifecycle hooks for all containers, changed `artifactory.postStartCommand` to `.Values.artifactory.lifecycle.postStart.exec.command` * Updated initContainerImage to `ubi8/ubi-minimal:8.6-902` * Update nginx configuration to allow websocket requests when using pipelines * Fixed an issue to allow artifactory to make direct API calls to store instead via jfconnect service when `splitServicesToContainers=true` * Refactor binarystore.xml configuration (moved to `files/binarystore.xml` instead of key in values.yaml) -* Added new binary providers `cluster-s3-storage-v3`, `s3-storage-v3-direct`, `azure-blob-storage-direct`, `google-storage-v2` +* Added new binary providers `cluster-s3-storage-v3`, `s3-storage-v3-direct`, `azure-blob-storage-direct`, `google-storage-v2` * Deprecated (removed) `aws-s3` binary provider [JetS3t library](https://www.jfrog.com/confluence/display/JFROG/Configuring+the+Filestore#ConfiguringtheFilestore-BinaryProvider) * Deprecated (removed) `google-storage` binary provider and force persistence storage type `google-storage` to work with `google-storage-v2` only * Copy binarystore.xml in init Container to fix existing persistence on file system in clear text diff --git a/charts/jfrog/artifactory-jcr/charts/artifactory/Chart.yaml b/charts/jfrog/artifactory-jcr/charts/artifactory/Chart.yaml index f62cc5259..643d41eb1 100644 --- a/charts/jfrog/artifactory-jcr/charts/artifactory/Chart.yaml +++ b/charts/jfrog/artifactory-jcr/charts/artifactory/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: 7.46.17 +appVersion: 7.47.10 dependencies: - condition: postgresql.enabled name: postgresql @@ -21,4 +21,4 @@ name: artifactory sources: - https://github.com/jfrog/charts type: application -version: 107.46.17 +version: 107.47.10 diff --git a/charts/jfrog/artifactory-jcr/charts/artifactory/ci/test-values.yaml b/charts/jfrog/artifactory-jcr/charts/artifactory/ci/test-values.yaml index 5089b50f6..eff8d8ad5 100644 --- a/charts/jfrog/artifactory-jcr/charts/artifactory/ci/test-values.yaml +++ b/charts/jfrog/artifactory-jcr/charts/artifactory/ci/test-values.yaml @@ -27,6 +27,9 @@ artifactory: javaOpts: xms: "4g" xmx: "4g" + statefulset: + annotations: + artifactory: test postgresql: postgresqlPassword: password diff --git a/charts/jfrog/artifactory-jcr/charts/artifactory/templates/artifactory-statefulset.yaml b/charts/jfrog/artifactory-jcr/charts/artifactory/templates/artifactory-statefulset.yaml index c64e1fcb8..b60972dd8 100644 --- a/charts/jfrog/artifactory-jcr/charts/artifactory/templates/artifactory-statefulset.yaml +++ b/charts/jfrog/artifactory-jcr/charts/artifactory/templates/artifactory-statefulset.yaml @@ -14,6 +14,10 @@ metadata: {{- if and .Release.IsUpgrade .Values.postgresql.enabled }} databaseUpgradeReady: {{ required "\n\n*********\nIMPORTANT: UPGRADE STOPPED to prevent data loss!\nReview CHANGELOG.md (https://github.com/jfrog/charts/blob/master/stable/artifactory/CHANGELOG.md) \nNote: This applies only when you are using bundled postgresql (postgresql.enabled=true) \nIf you are upgrading from a chart version (< 11.x.x) that has postgresql.image.tag of 9.x or 10.x or 12.x, make sure to pass the current postgresql.image.tag and set databaseUpgradeReady=true \nOR \nIf you are upgrading from a chart version (>= 12.x), just set databaseUpgradeReady=true \n" .Values.databaseUpgradeReady | quote }} {{- end }} +{{- with .Values.artifactory.statefulset.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} {{- if and (eq (include "artifactory.isUsingDerby" .) "true") (gt (.Values.artifactory.replicaCount | int64) 1) }} {{- fail "Derby database is not supported in HA mode" }} {{- end }} diff --git a/charts/jfrog/artifactory-jcr/charts/artifactory/templates/nginx-deployment.yaml b/charts/jfrog/artifactory-jcr/charts/artifactory/templates/nginx-deployment.yaml index 435e918a0..d30857659 100644 --- a/charts/jfrog/artifactory-jcr/charts/artifactory/templates/nginx-deployment.yaml +++ b/charts/jfrog/artifactory-jcr/charts/artifactory/templates/nginx-deployment.yaml @@ -14,6 +14,10 @@ metadata: {{- if .Values.nginx.labels }} {{ toYaml .Values.nginx.labels | indent 4 }} {{- end }} +{{- with .Values.nginx.deployment.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} spec: {{- if eq .Values.nginx.kind "StatefulSet" }} serviceName: {{ template "artifactory.nginx.fullname" . }} diff --git a/charts/jfrog/artifactory-jcr/charts/artifactory/values.yaml b/charts/jfrog/artifactory-jcr/charts/artifactory/values.yaml index 24daa07e2..464768475 100644 --- a/charts/jfrog/artifactory-jcr/charts/artifactory/values.yaml +++ b/charts/jfrog/artifactory-jcr/charts/artifactory/values.yaml @@ -46,7 +46,7 @@ global: ## # fullnameOverride: -initContainerImage: releases-docker.jfrog.io/ubi8/ubi-minimal:8.6-902 +initContainerImage: releases-docker.jfrog.io/ubi8/ubi-minimal:8.6-941 # Init containers initContainers: @@ -175,7 +175,7 @@ logger: image: registry: releases-docker.jfrog.io repository: ubi8/ubi-minimal - tag: 8.6-902 + tag: 8.6-941 ## You can use a pre-existing secret with keys license_token and iam_role by specifying licenseConfigSecretName ## Example : Create a generic secret using `kubectl create secret generic --from-literal=license_token=${TOKEN} --from-literal=iam_role=${ROLE_ARN}` @@ -192,7 +192,7 @@ router: image: registry: releases-docker.jfrog.io repository: jfrog/router - tag: 7.45.0 + tag: 7.51.0 imagePullPolicy: IfNotPresent serviceRegistry: ## Service registry (Access) TLS verification skipped if enabled @@ -766,6 +766,9 @@ artifactory: ## If the type is NodePort you can set a fixed port # nodePort: 32082 + statefulset: + annotations: {} + ## The following setting are to configure a dedicated Ingress object for Replicator service replicator: name: replicator @@ -1440,6 +1443,9 @@ nginx: annotations: {} terminationGracePeriodSeconds: 30 + deployment: + annotations: {} + # Note that by default we use appVersion to get image tag/version image: registry: releases-docker.jfrog.io diff --git a/charts/nats/nats/.helmignore b/charts/nats/nats/.helmignore new file mode 100644 index 000000000..50af03172 --- /dev/null +++ b/charts/nats/nats/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/nats/nats/Chart.yaml b/charts/nats/nats/Chart.yaml index 3be609cf3..2c3f6226a 100644 --- a/charts/nats/nats/Chart.yaml +++ b/charts/nats/nats/Chart.yaml @@ -24,4 +24,4 @@ maintainers: name: Caleb Lloyd url: https://github.com/caleblloyd name: nats -version: 0.19.0 +version: 0.19.1 diff --git a/charts/nats/nats/templates/statefulset.yaml b/charts/nats/nats/templates/statefulset.yaml index 091817658..1d3d1eeb6 100644 --- a/charts/nats/nats/templates/statefulset.yaml +++ b/charts/nats/nats/templates/statefulset.yaml @@ -232,7 +232,7 @@ spec: fieldRef: apiVersion: v1 fieldPath: spec.nodeName - image: {{ include "nats.fixImage" .Values.bootconfig.image }} + image: {{ include "nats.image" .Values.bootconfig.image }} imagePullPolicy: {{ .Values.bootconfig.image.pullPolicy }} {{- if .Values.bootconfig.securityContext }} securityContext: diff --git a/charts/nats/nats/values.yaml b/charts/nats/nats/values.yaml index 1b9c54083..94f5528bf 100644 --- a/charts/nats/nats/values.yaml +++ b/charts/nats/nats/values.yaml @@ -575,7 +575,7 @@ exporter: enabled: true image: repository: natsio/prometheus-nats-exporter - tag: 0.10.0 + tag: 0.10.1 pullPolicy: IfNotPresent # registry: docker.io diff --git a/charts/redpanda/redpanda/.helmignore b/charts/redpanda/redpanda/.helmignore new file mode 100644 index 000000000..0e8a0eb36 --- /dev/null +++ b/charts/redpanda/redpanda/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/redpanda/redpanda/Chart.yaml b/charts/redpanda/redpanda/Chart.yaml index 5aad8d379..490ee1c29 100644 --- a/charts/redpanda/redpanda/Chart.yaml +++ b/charts/redpanda/redpanda/Chart.yaml @@ -18,7 +18,6 @@ apiVersion: v2 appVersion: v22.3.3 description: Redpanda is the real-time engine for modern apps. icon: https://images.ctfassets.net/paqvtpyf8rwu/3cYHw5UzhXCbKuR24GDFGO/73fb682e6157d11c10d5b2b5da1d5af0/skate-stand-panda.svg -kubeVersion: '>=1.21-0' maintainers: - name: redpanda-data url: https://github.com/orgs/redpanda-data/people @@ -26,4 +25,4 @@ name: redpanda sources: - https://github.com/redpanda-data/helm-charts type: application -version: 2.3.4 +version: 2.3.9 diff --git a/charts/redpanda/redpanda/ci/01-default-values.yaml b/charts/redpanda/redpanda/ci/01-default-values.yaml index 8d1b2648d..f99648d1a 100644 --- a/charts/redpanda/redpanda/ci/01-default-values.yaml +++ b/charts/redpanda/redpanda/ci/01-default-values.yaml @@ -12,597 +12,5 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - -# This file contains values for variables referenced from yaml files in the templates directory. -# -# For further information on Helm templating see the documentation at: -# https://helm.sh/docs/chart_template_guide/values_files/ - -# -# >>> This chart requires Helm version 3.5.0 or greater <<< -# - -# Common parameters -# -# Override redpanda.name template -nameOverride: "" -# Override redpanda.fullname template -fullnameOverride: "" -# Default kuberentes cluster domain -clusterDomain: cluster.local -# Additional labels added to all Kubernetes objects -commonLabels: {} - -# Redpanda parameters -# -image: - repository: vectorized/redpanda - # Redpanda version defaults to Chart.appVersion - tag: "" - # The imagePullPolicy will default to Always when the tag is 'latest' - pullPolicy: IfNotPresent -# Your license key (optional) -license_key: "" -license_secret_ref: {} -# Secret name and secret key where license is stored -# secret_name: my-secret -# secret_key: key-where-license-is-stored - -# -# Authentication -auth: - # - # SASL configuration - sasl: - enabled: false - # user list - # TODO create user at startup - users: - - name: admin - # Password for the user. This will be used to generate a secret - # password: password - # If password isn't given, then the secretName must point to an already existing secret - # secretName: adminPassword - -# -# TLS configuration -tls: - # Enable global TLS, which turns on TLS by default for all listeners - # Each listener must include a certificate name in its TLS section - # Any certificates in auth.tls.certs will still be loaded if enabled is false - # This is because listeners may enable TLS individually (see listeners..tls.enabled) - enabled: false - # list all certificates below, then reference a certificate's name in each listener (see listeners..tls.cert) - certs: - # This is the certificate name that is used to associate the certificate with a listener - # See listeners..tls.cert for more information - default: - # Define an issuerRef to use your own custom pre-installed Issuer - # issuerRef: - # name: redpanda-default-root-issuer - # kind: Issuer # Can be Issuer or ClusterIssuer - # The caEnabled flag determines whether the ca.crt file is included in the TLS mount path on each Redpanda pod - caEnabled: true - # duration: 43800h - -# -# External access configuration -external: - # Default external access value for all listeners except RPC - # External config doesn't apply to RPC listeners as they are never externally accessible - # These values can be overridden by each listener if needed - enabled: true - # Default external access type (options are NodePort and LoadBalancer) - # TODO include IP range for load balancer that support it: https://github.com/redpanda-data/helm-charts/issues/106 - type: NodePort - domain: local - # annotations: - # For example: - # cloud.google.com/load-balancer-type: "Internal" - # service.beta.kubernetes.io/aws-load-balancer-type: nlb - -# Logging -logging: - # Log level - # Valid values (from least to most logging) are warn, info, debug, trace - logLevel: info - # - # Send usage stats back to Redpanda - # See https://docs.redpanda.com/docs/cluster-administration/monitoring/#stats-reporting - usageStats: - # rpk.enable_usage_stats - enabled: true - # Your organization name (optional) - # organization: your-org - # Your cluster ID (optional) - # clusterId: your-helm-cluster -# -resources: - # Both Redpanda and Kubernetes have multiple ways to allocate resources. - # There are also several associated parameters that impact how these resources are used by - # Kubernetes, the Redpanda app, and the subsystem Redpanda is built on (Seastar). - # This section attempts to simplify allocating resources by providing a single location - # where resources are defined. - # Helm sets these resource values within the following templates: - # - statefulset.yaml - # - configmap.yaml - # - # The default values below are what should work for a development environment. - # Production-level values and other considerations are provided in comments - # if those values are different from the default. - # - cpu: - # Redpanda makes use of a thread per core model described here: - # https://redpanda.com/blog/tpc-buffers - # For this reason, Redpanda should only be given full cores (cores parameter below). - # - # NOTE: You can increase cores, but decreasing cores is not currently supported: - # https://github.com/redpanda-data/redpanda/issues/350 - # - # Equivalent to: --smp, resources.requests.cpu, and resources.limits.cpu - # For production: 4 or greater - cores: 1 - # - # Overprovisioned means Redpanda won't assume it has all of the provisioned CPU. - # This should be true unless the container has CPU affinity (eg. min and max above are equal). - # Equivalent to: --idle-poll-time-us 0 --thread-affinity 0 --poll-aio 0 - # overprovisioned: false - # - memory: - # Enables memory locking. - # For production: true - # enable_memory_locking: false - # - # It is recommended to have at least 2Gi of memory per core for the Redpanda binary. - # This memory is taken from the total memory given to each container. - # We allocate 80% of the container's memory to Redpanda, leaving the rest for - # the Seastar subsystem (reserveMemory) and other container processes. - # So at least 2.5Gi per core is recommended in order to ensure Redpanda has a full 2Gi. - # - # These values affect --memory and --reserve-memory flags passed to Redpanda and the memory - # requests/limits in the StatefulSet. - # Valid suffixes: k M G Ki Mi Gi - # Only support a single decimal (eg. 2.5Gi rather than 2.55Gi) - # - container: - # Minimum memory count for each Redpanda broker - # If omitted, the min value will equal the max value (requested resources defaults to limits) - # Equivalent to: resources.requests.memory - # For production: 10Gi or greater - # min: 2.5Gi - # - # Minimum memory count for each Redpanda broker - # Equivalent to: resources.limits.memory - # For production: 10Gi or greater - max: 2.5Gi - # - # redpanda: - # This optional redpanda section allows specifying the memory size for both the Redpanda - # process and the underlying reserved memory (used by Seastar). - # This section is omitted by default, and memory sizes are calculated automatically - # based on container memory. - # Uncommenting this section and setting memory and reserveMemory values will disable - # automatic calculation. - # - # If you are setting the following values manually, keep in mind the following guidelines (getting - # this wrong will potentially lead to performance issues, instability, loss of data, etc.): - # The amount of memory to allocate to a container is determined by the sum of three values: - # 1. Redpanda (at least 2Gi per core, ~80% of the container's total memory) - # 2. Seastar subsystem (200Mi * 0.2% of the container's total memory, 200Mi < x < 1Gi) - # 3. other container processes (whatever small amount remains) - # - # Memory for the Redpanda process. - # This must be lower the container's memory (resources.memory.container.min if provided, otherwise - # resources.memory.container.max). - # Equivalent to: --memory - # For production: 8Gi or greater - # memory: 2Gi - # - # Memory reserved for the Seastar subsystem. - # Any value above 1Gi will provide diminishing performance benefits. - # Equivalent to: --reserve-memory - # For production: 1Gi - # reserveMemory: 200Mi -# -# Persistence -storage: - # Absolute path on host to store Redpanda's data. - # If not specified, then `emptyDir` will be used instead. - # If specified, but `persistentVolume.enabled` is `true`, then has no effect. - hostPath: "" - # If `enabled` is `true` then a PersistentVolumeClaim will be created and - # used to store Redpanda's data, otherwise `hostPath` is used. - persistentVolume: - enabled: true - size: 20Gi - # If defined, then `storageClassName: `. - # If set to "-", then `storageClassName: ""`, which disables dynamic - # provisioning. - # If undefined or empty (default), then no `storageClassName` spec is set, - # so the default provisioner will be chosen (gp2 on AWS, standard on - # GKE, AWS & OpenStack). - storageClass: "" - # Additional labels to apply to the created PersistentVolumeClaims. - labels: {} - # Additional annotations to apply to the created PersistentVolumeClaims. - annotations: {} - -post_install_job: {} - # Resource requests and limits for the post-install batch job - # resources: - # requests: - # cpu: 1 - # memory: 512Mi - # limits: - # cpu: 2 - # memory: 1024Mi - -post_upgrade_job: {} - # Resource requests and limits for the post-upgrade batch job - # resources: - # requests: - # cpu: 1 - # memory: 512Mi - # limits: - # cpu: 2 - # memory: 1024Mi - -statefulset: - # Number of Redpanda brokers (recommend setting this to the number of nodes in the cluster) - replicas: 3 - updateStrategy: - type: RollingUpdate - podManagementPolicy: Parallel - budget: - maxUnavailable: 1 - # Additional annotations to apply to the Pods of this StatefulSet. - annotations: {} - # Adjust the period for your probes to meet your needs (see https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes) - startupProbe: - initialDelaySeconds: 1 - failureThreshold: 120 - periodSeconds: 10 - livenessProbe: - initialDelaySeconds: 10 - failureThreshold: 3 - periodSeconds: 10 - readinessProbe: - initialDelaySeconds: 1 - failureThreshold: 3 - periodSeconds: 10 - successThreshold: 1 - # - # A note regarding statefulset resources: - # Resources are set through the top-level resources section above. - # It is recommended to set resources values in that section rather than here, as this will guarantee - # memory is allocated across containers, Redpanda, and the Seastar subsystem correctly. - # This automatic memory allocation is in place because Repanda and the Seastar subsystem require flags - # at startup that set the amount of memory available to each process. - # Kubernetes (mainly statefulset), Redpanda, and Seastar memory values are tightly coupled. - # Adding a resource section here will be ignored. - # - # Inter-Pod Affinity rules for scheduling Pods of this StatefulSet. - # https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#inter-pod-affinity-and-anti-affinity - podAffinity: {} - # Anti-affinity rules for scheduling Pods of this StatefulSet. - # https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#inter-pod-affinity-and-anti-affinity - # You may either toggle options below for default anti-affinity rules, - # or specify the whole set of anti-affinity rules instead of them. - podAntiAffinity: - # The topologyKey to be used. - # Can be used to spread across different nodes, AZs, regions etc. - topologyKey: kubernetes.io/hostname - # Type of anti-affinity rules: either `soft`, `hard` or empty value (which - # disables anti-affinity rules). - type: soft - # Weight for `soft` anti-affinity rules. - # Does not apply for other anti-affinity types. - weight: 100 - # Node selection constraints for scheduling Pods of this StatefulSet. - # https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector - nodeSelector: {} - # PriorityClassName given to Pods of this StatefulSet - # https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass - priorityClassName: "" - # Taints to be tolerated by Pods of this StatefulSet. - # https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ - tolerations: [] - # https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ - topologySpreadConstraints: - maxSkew: 1 - topologyKey: topology.kubernetes.io/zone - whenUnsatisfiable: ScheduleAnyway - # When using persistent storage the volume will be mounted as root. In order for redpanda to use the volume - # we must set the fsGroup to the uid of redpanda, which is 101 - podSecurityContext: - fsGroup: 101 - # runAsNonRoot: true - # runAsUser: 1000 - -# Service account management -serviceAccount: - # Specifies whether a service account should be created - create: false - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - -tuning: {} - # This section contains Redpanda tuning parameters. - # Each parameter below is set to their default values. - # Remove the curly brackets above if you uncomment any parameters below. - # - # Increases the number of allowed asynchronous IO events. - # tune_aio_events: false - # - # Syncs NTP - # tune_clocksource: false - # - # Creates a "ballast" file so that, if a Redpanda node runs out of space, - # you can delete the ballast file to allow the node to resume operations and then - # delete a topic or records to reduce the space used by Redpanda. - # tune_ballast_file: false - # - # The path where the ballast file will be created. - # ballast_file_path: "/var/lib/redpanda/data/ballast" - # - # The ballast file size. - # ballast_file_size: "1GiB" - # - # (Optional) The vendor, VM type and storage device type that redpanda will run on, in - # the format ::. This hints to rpk which configuration values it - # should use for the redpanda IO scheduler. - # Some valid values are "gcp:c2-standard-16:nvme", "aws:i3.xlarge:default" - # well_known_io: "" - # - # The following tuning parameters must be false in container environments and will be ignored: - # tune_network - # tune_disk_scheduler - # tune_disk_nomerges - # tune_disk_irq - # tune_fstrim - # tune_cpu - # tune_swappiness - # tune_transparent_hugepages - # tune_coredump - -### Overrides -# -# This sections can be used to override global settings configured above for individual -# listeners. -# -listeners: - # Admin API listener - # The kafka listener group cannot be disabled - admin: - # The port for the admin server - port: 9644 - # Optional external section - external: - default: - # `enabled`` is used to override the setting of the `external` top-level key - # for this external listener. The default is `true`. - # enabled: true - - # External port - # `nodePort` defines the TCP port to listen on for NodePort types. - nodePort: 31644 - # Optional TLS section (required if global TLS is enabled) - tls: - # Optional flag to override the global TLS enabled flag - # enabled: true - # Name of certificate used for TLS (must match a cert registered at auth.tls.certs) - cert: default - # If true, the truststore file for this listener will be included in the ConfigMap - requireClientAuth: false - # Kafka API listeners - # The kafka listener group cannot be disabled - kafka: - port: 9093 - # Listeners internal to kubernetes service network - tls: - # enabled: true - cert: default - requireClientAuth: false - # External listeners - external: - # to disable external kafka listeners when the global `external` is enabled, - # replace this with an empty list, ie: `external: []` - default: - port: 9094 - # Type can be `NodePort or `LoadBalancer`. If unset, it will default to the type - # in the `external` section.` - type: NodePort - # External port - # This listener port will be used on each kubernetes node - nodePort: 31092 - # HTTP API listeners (aka PandaProxy) - # PandaProxy is a kafka client that connects to an endpoint from listeners.kafka.endpoints - http: - enabled: true - port: 8082 - kafkaEndpoint: default - tls: - # enabled: true - cert: default - requireClientAuth: false - # External listeners - external: - default: - # Ports must be unique per listener - port: 8083 - # Type of external access (options are ClusterIP, NodePort, and LoadBalancer) - type: NodePort - # External port - # This listener port will be used for the external port if NodePort is selected - nodePort: 30082 - # RPC listener - # The RPC listener cannot be disabled - rpc: - port: 33145 - tls: - # enabled: true - cert: default - requireClientAuth: false - # Schema registry listeners - schemaRegistry: - enabled: true - port: 8081 - # Schema Registry is a kafka client that connects to an endpoint from listeners.kafka.endpoints - kafkaEndpoint: default - tls: - # enabled: true - cert: default - requireClientAuth: false - external: - default: - # Ports must be unique per listener - port: 8080 - # Optional external section - # enabled: true - # Type of external access (options are NodePort and LoadBalancer) - # type: NodePort - # External port - # This listener port will be used for the external port if this is not included - nodePort: 30081 - -# Expert Config - -# This section contains various settings supported by Redpanda that may not work -# correctly in a kubernetes cluster. Changing these settings comes with some risk. -# -# Here be dragons! -# -# This section allows modifying various Redpanda settings not covered in other sections above. -# These values do not pertain to the kubernetes objects created with helm. -# Instead these parameters get passed directly to the Redpanda binary at startup. -# See https://docs.redpanda.com/docs/cluster-administration/configuration/ -config: - cluster: {} - # auto_create_topics_enabled: true # Allow topic auto creation - # transaction_coordinator_replication: 1 # Replication factor for a transaction coordinator topic - # id_allocator_replication: 1 # Replication factor for an ID allocator topic - # disable_metrics: false # Disable registering metrics - # enable_coproc: false # Enable coprocessing mode - # enable_idempotence: false # Enable idempotent producer - # enable_pid_file: true # Enable pid file; You probably don't want to change this - # enable_transactions: false # Enable transactions - # group_max_session_timeout_ms: 300s # The maximum allowed session timeout for registered consumers; Longer timeouts give consumers more time to process messages in between heartbeats at the cost of a longer time to detect failures; Default quota tracking window size in milliseconds - # group_min_session_timeout_ms: Optional # The minimum allowed session timeout for registered consumers; Shorter timeouts result in quicker failure detection at the cost of more frequent consumer heartbeating - # kafka_group_recovery_timeout_ms: 30000ms # Kafka group recovery timeout expressed in milliseconds - # kafka_qdc_enable: false # Enable kafka queue depth control - # kafka_qdc_max_latency_ms: 80ms # Max latency threshold for kafka queue depth control depth tracking - # log_cleanup_policy: deletion # Default topic cleanup policy - # log_compaction_interval_ms: 5min # How often do we trigger background compaction - # log_compression_type: producer # Default topic compression type - # log_message_timestamp_type: create_time # Default topic messages timestamp type - # retention_bytes: None # max bytes per partition on disk before triggering a compaction - # rm_sync_timeout_ms: 2000ms - # rm_violation_recovery_policy: crash # Describes how to recover from an invariant violation happened on the partition level - # target_quota_byte_rate: 2GB # Target quota byte rate in bytes per second - # tm_sync_timeout_ms: 2000ms # Time to wait state catch up before rejecting a request - # tm_violation_recovery_policy: crash # Describes how to recover from an invariant violation happened on the transaction coordinator level - # transactional_id_expiration_ms: 10080min # Producer ids are expired once this time has elapsed after the last write with the given producer ID - tunable: {} - # alter_topic_cfg_timeout_ms: 5s # Time to wait for entries replication in controller log when executing alter configuration request - # compacted_log_segment_size: 256MiB # How large in bytes should each compacted log segment be (default 256MiB) - # controller_backend_housekeeping_interval_ms: 1s # Interval between iterations of controller backend housekeeping loop - # coproc_max_batch_size: 32kb # Maximum amount of bytes to read from one topic read - # coproc_max_inflight_bytes: 10MB # Maximum amountt of inflight bytes when sending data to wasm engine - # coproc_max_ingest_bytes: 640kb # Maximum amount of data to hold from input logs in memory - # coproc_offset_flush_interval_ms: 300000ms # Interval for which all coprocessor offsets are flushed to disk - # create_topic_timeout_ms: 2000ms # Timeout (ms) to wait for new topic creation - # default_num_windows: 10 # Default number of quota tracking windows - # default_window_sec: 1000ms # Default quota tracking window size in milliseconds - # delete_retention_ms: 10080min # delete segments older than this (default 1 week) - # disable_batch_cache: false # Disable batch cache in log manager - # fetch_reads_debounce_timeout: 1ms # Time to wait for next read in fetch request when requested min bytes wasn't reached - # fetch_session_eviction_timeout_ms: 60s # Minimum time before which unused session will get evicted from sessions; Maximum time after which inactive session will be deleted is two time given configuration valuecache - # group_initial_rebalance_delay: 300ms # Extra delay (ms) added to rebalance phase to wait for new members - # group_new_member_join_timeout: 30000ms # Timeout for new member joins - # group_topic_partitions: 1 # Number of partitions in the internal group membership topic - # id_allocator_batch_size: 1000 # ID allocator allocates messages in batches (each batch is a one log record) and then serves requests from memory without touching the log until the batch is exhausted - # id_allocator_log_capacity: 100 # Capacity of the id_allocator log in number of messages; Once it reached id_allocator_stm should compact the log - # join_retry_timeout_ms: 5s # Time between cluster join retries in milliseconds - # kafka_qdc_idle_depth: 10 # Queue depth when idleness is detected in kafka queue depth control - # kafka_qdc_latency_alpha: 0.002 # Smoothing parameter for kafka queue depth control latency tracking - # kafka_qdc_max_depth: 100 # Maximum queue depth used in kafka queue depth control - # kafka_qdc_min_depth: 1 # Minimum queue depth used in kafka queue depth control - # kafka_qdc_window_count: 12 # Number of windows used in kafka queue depth control latency tracking - # kafka_qdc_window_size_ms: 1500ms # Window size for kafka queue depth control latency tracking - # kvstore_flush_interval: 10ms # Key-value store flush interval (ms) - # kvstore_max_segment_size: 16MB # Key-value maximum segment size (bytes) - # log_segment_size: 1GB # How large in bytes should each log segment be (default 1G) - # max_compacted_log_segment_size: 5GB # Max compacted segment size after consolidation - # max_kafka_throttle_delay_ms: 60000ms # Fail-safe maximum throttle delay on kafka requests - # metadata_dissemination_interval_ms: 3000ms # Interaval for metadata dissemination batching - # metadata_dissemination_retries: 10 # Number of attempts of looking up a topic's meta data like shard before failing a request - # metadata_dissemination_retry_delay_ms: 500ms # Delay before retry a topic lookup in a shard or other meta tables - # quota_manager_gc_sec: 30000ms # Quota manager GC frequency in milliseconds - # raft_learner_recovery_rate: 104857600 # Raft learner recovery rate in bytes per second - # raft_heartbeat_disconnect_failures: 3 #After how many failed heartbeats to forcibly close an unresponsive TCP connection. Set to 0 to disable force disconnection. - # raft_heartbeat_interval_ms: 150 #The interval in ms between raft leader heartbeats. - # raft_heartbeat_timeout_ms: 3000 #Raft heartbeat RPC timeout. - # raft_io_timeout_ms: 10000 #Raft I/O timeout. - # raft_max_concurrent_append_requests_per_follower: 16 #Maximum number of concurrent append entries requests sent by leader to one follower. - # raft_max_recovery_memory: 33554432 #Maximum memory that can be used for reads in the raft recovery process. - # raft_recovery_default_read_size: 524288 #Default size of read issued during raft follower recovery. - # raft_replicate_batch_window_size: 1048576 #Maximum size of requests cached for replication. - # raft_smp_max_non_local_requests: #Maximum number of x-core requests pending in Raft seastar::smp group. (for more details look at seastar::smp_service_group documentation). - # raft_timeout_now_timeout_ms: 1000 #Timeout for a timeout now request. - # raft_transfer_leader_recovery_timeout_ms: 1000 #Timeout waiting for follower recovery when transferring leadership. - # raft_election_timeout_ms: 1500ms # Election timeout expressed in milliseconds TBD - election_time_out - # readers_cache_eviction_timeout_ms: 30s # Duration after which inactive readers will be evicted from cache - # reclaim_growth_window: 3000ms # Length of time in which reclaim sizes grow - # reclaim_max_size: 4MB # Maximum batch cache reclaim size - # reclaim_min_size: 128KB # Minimum batch cache reclaim size - # reclaim_stable_window: 10000ms # Length of time above which growth is reset - # recovery_append_timeout_ms: 5s # Timeout for append entries requests issued while updating stale follower - # release_cache_on_segment_roll: false # Free cache when segments roll - # replicate_append_timeout_ms: 3s # Timeout for append entries requests issued while replicating entries - # segment_appender_flush_timeout_ms: 1ms # Maximum delay until buffered data is written - # wait_for_leader_timeout_ms: 5000ms # Timeout (ms) to wait for leadership in metadata cache - node: {} - # node_id: # Unique ID identifying a node in the cluster - # data_directory: # Place where redpanda will keep the data - # admin_api_doc_dir: /usr/share/redpanda/admin-api-doc # Admin API doc directory - # api_doc_dir: /usr/share/redpanda/proxy-api-doc # API doc directory - # coproc_supervisor_server: 127.0.0.1:43189 # IpAddress and port for supervisor service - # dashboard_dir: None # serve http dashboard on / url - # rack: None # Rack identifier - # developer_mode: optional # Skips most of the checks performed at startup - - # Invalid properties - # Any of these properties will be ignored. These otherwise valid properties are not allowed - # to be used in this section since they impact deploying Redpanda in Kubernetes. - # Make use of the above sections to modify these values instead (see comments below). - # admin: 127.0.0.1:9644 # Address and port of admin server - # admin_api_tls: validate_many # TLS configuration for admin HTTP server - # advertised_kafka_api: None # Address of Kafka API published to the clients - # advertised_pandaproxy_api: None # Rest API address and port to publish to client - # advertised_rpc_api: None # Address of RPC endpoint published to other cluster members - # cloud_storage_access_key: None # AWS access key - # cloud_storage_api_endpoint: None # Optional API endpoint - # cloud_storage_api_endpoint_port: 443 # TLS port override - # cloud_storage_bucket: None # AWS bucket that should be used to store data - # cloud_storage_disable_tls: false # Disable TLS for all S3 connections - # cloud_storage_enabled: false # Enable archival storage - # cloud_storage_max_connections: 20 # Max number of simultaneous uploads to S3 - # cloud_storage_reconciliation_ms: 10s # Interval at which the archival service runs reconciliation (ms) - # cloud_storage_region: None # AWS region that houses the bucket used for storage - # cloud_storage_secret_key: None # AWS secret key - # cloud_storage_trust_file: None # Path to certificate that should be used to validate server certificate during TLS handshake - # default_topic_partitions: 1 # Default number of partitions per topic - # default_topic_replications: 3 # Default replication factor for new topics - # enable_admin_api Enable the admin API true - # enable_sasl Enable SASL authentication for Kafka connections false - # kafka_api Address and port of an interface to listen for Kafka API requests 127.0.0.1:9092 - # kafka_api_tls TLS configuration for Kafka API endpoint None - # pandaproxy_api Rest API listen address and port 0.0.0.0:8082 - # pandaproxy_api_tls TLS configuration for Pandaproxy api validate_many - # rpc_server IP address and port for RPC server 127.0.0.1:33145 - # rpc_server_tls TLS configuration for RPC server validate - # seed_servers List of the seed servers used to join current cluster; If the seed_server list is empty the node will be a cluster root and it will form a new cluster None - # superusers List of superuser usernames None +--- +# This is left empty to test the default values diff --git a/charts/redpanda/redpanda/ci/02-one-node-cluster-no-tls-no-sasl-values.yaml b/charts/redpanda/redpanda/ci/02-one-node-cluster-no-tls-no-sasl-values.yaml index 007bb7e62..1a2eb04a6 100644 --- a/charts/redpanda/redpanda/ci/02-one-node-cluster-no-tls-no-sasl-values.yaml +++ b/charts/redpanda/redpanda/ci/02-one-node-cluster-no-tls-no-sasl-values.yaml @@ -12,6 +12,9 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +--- +commonLabels: + testlabel: "exercise_common_labels_template" statefulset: replicas: 1 tls: diff --git a/charts/redpanda/redpanda/templates/poddisruptionbudget.yaml b/charts/redpanda/redpanda/templates/poddisruptionbudget.yaml index e3efea930..7981f68c9 100644 --- a/charts/redpanda/redpanda/templates/poddisruptionbudget.yaml +++ b/charts/redpanda/redpanda/templates/poddisruptionbudget.yaml @@ -15,6 +15,7 @@ See the License for the specific language governing permissions and limitations under the License. */}} +{{- if .Capabilities.APIVersions.Has "policy/v1/PodDisruptionBudget" }} apiVersion: policy/v1 kind: PodDisruptionBudget metadata: @@ -35,3 +36,6 @@ spec: app.kubernetes.io/name: {{ template "redpanda.name" . }} app.kubernetes.io/instance: {{ .Release.Name | quote }} maxUnavailable: {{ .Values.statefulset.budget.maxUnavailable | int64 }} +{{- else if (not .Values.ephemeralUsage.enabled) }} +{{- fail "You must use Kubernetes 1.21+ for a production cluster. If you're not using this in production and you know why doing this is a bad idea, you can set 'ephemeralUsage.enabled=false' to continue." }} +{{- end }} diff --git a/charts/redpanda/redpanda/templates/statefulset.yaml b/charts/redpanda/redpanda/templates/statefulset.yaml index fe0475762..7750747e0 100644 --- a/charts/redpanda/redpanda/templates/statefulset.yaml +++ b/charts/redpanda/redpanda/templates/statefulset.yaml @@ -49,7 +49,7 @@ spec: app.kubernetes.io/instance: {{ .Release.Name | quote }} app.kubernetes.io/component: {{ template "redpanda.name" . }} {{- with .Values.commonLabels }} - {- toYaml . | nindent 8 }} + {{- toYaml . | nindent 8 }} {{- end }} annotations: checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} diff --git a/charts/redpanda/redpanda/templates/tests/test-kafka-produce-consume.yaml b/charts/redpanda/redpanda/templates/tests/test-kafka-produce-consume.yaml index 1e1630dad..3c683cb99 100644 --- a/charts/redpanda/redpanda/templates/tests/test-kafka-produce-consume.yaml +++ b/charts/redpanda/redpanda/templates/tests/test-kafka-produce-consume.yaml @@ -14,8 +14,8 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. */}} -apiVersion: v1 -kind: Pod +apiVersion: batch/v1 +kind: Job metadata: name: {{ include "redpanda.fullname" . }}-test-kafka-produce-consume namespace: {{ .Release.Namespace | quote }} @@ -32,47 +32,60 @@ metadata: "helm.sh/hook": test "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded spec: - restartPolicy: Never - containers: - - name: {{ template "redpanda.name" . }} - image: {{ .Values.image.repository}}:{{ template "redpanda.tag" . }} - command: - - /bin/bash - - -c - - > - rpk topic create "produce.consume.test" {{ include "rpk-topic-flags" . }} || exit 1 - echo "Pandas are awesome!" | rpk topic produce {{ include "rpk-topic-flags" . }} || exit 1 - rpk topic consume {{ include "rpk-topic-flags" . }} | grep "Pandas are awesome!" - volumeMounts: - - name: config - mountPath: /etc/redpanda + backoffLimit: 2 + completions: 1 + parallelism: 1 + ttlSecondsAfterFinished: 120 + template: + spec: + restartPolicy: Never + containers: + - name: {{ template "redpanda.name" . }} + image: {{ .Values.image.repository}}:{{ template "redpanda.tag" . }} + env: + - name: REDPANDA_BROKERS + value: "{{ include "redpanda.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.listeners.kafka.port }}" + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + command: + - /bin/bash + - -c + - > + rpk topic create produce.consume.test.$POD_NAME {{ include "rpk-topic-flags" . }} || exit 1 && + echo "Pandas are awesome!" | rpk topic produce produce.consume.test.$POD_NAME {{ include "rpk-topic-flags" . }} || exit 1 && + rpk topic consume produce.consume.test.$POD_NAME -n 1 {{ include "rpk-topic-flags" . }} | grep "Pandas are awesome!" + volumeMounts: + - name: config + mountPath: /etc/redpanda {{- if (include "tls-enabled" . | fromJson).bool -}} {{- range $name, $cert := .Values.tls.certs }} - - name: redpanda-{{ $name }}-cert - mountPath: {{ printf "/etc/tls/certs/%s" $name }} + - name: redpanda-{{ $name }}-cert + mountPath: {{ printf "/etc/tls/certs/%s" $name }} {{- end }} {{- end }} - resources: {{ toYaml .Values.statefulset.resources | nindent 12 }} - volumes: - - name: {{ template "redpanda.fullname" . }} - configMap: - name: {{ template "redpanda.fullname" . }} - - name: config - emptyDir: {} + resources: {{ toYaml .Values.statefulset.resources | nindent 12 }} + volumes: + - name: {{ template "redpanda.fullname" . }} + configMap: + name: {{ template "redpanda.fullname" . }} + - name: config + emptyDir: {} {{- if (include "tls-enabled" . | fromJson).bool }} {{- range $name, $cert := .Values.tls.certs }} - - name: redpanda-{{ $name }}-cert - secret: - defaultMode: 420 - items: - - key: tls.key - path: tls.key - - key: tls.crt - path: tls.crt - {{- if $cert.caEnabled }} - - key: ca.crt - path: ca.crt - {{- end }} - secretName: {{ template "redpanda.fullname" $ }}-{{ $name }}-cert + - name: redpanda-{{ $name }}-cert + secret: + defaultMode: 420 + items: + - key: tls.key + path: tls.key + - key: tls.crt + path: tls.crt + {{- if $cert.caEnabled }} + - key: ca.crt + path: ca.crt + {{- end }} + secretName: {{ template "redpanda.fullname" $ }}-{{ $name }}-cert {{- end }} {{- end -}} diff --git a/charts/redpanda/redpanda/values.schema.json b/charts/redpanda/redpanda/values.schema.json index f5d8322a6..371b5bbb1 100644 --- a/charts/redpanda/redpanda/values.schema.json +++ b/charts/redpanda/redpanda/values.schema.json @@ -134,7 +134,17 @@ ], "properties": { "issuerRef": { - "type": "string" + "type": "object", + "additionalProperties": false, + "properties": { + "kind": { + "type": "string", + "enum": ["ClusterIssuer", "Issuer"] + }, + "name": { + "type": "string" + } + } }, "caEnabled": { "type": "boolean" diff --git a/charts/redpanda/redpanda/values.yaml b/charts/redpanda/redpanda/values.yaml index 8d1b2648d..756645c13 100644 --- a/charts/redpanda/redpanda/values.yaml +++ b/charts/redpanda/redpanda/values.yaml @@ -92,8 +92,7 @@ external: # External config doesn't apply to RPC listeners as they are never externally accessible # These values can be overridden by each listener if needed enabled: true - # Default external access type (options are NodePort and LoadBalancer) - # TODO include IP range for load balancer that support it: https://github.com/redpanda-data/helm-charts/issues/106 + # Default external access type (NodePort is the only option for now) type: NodePort domain: local # annotations: @@ -412,8 +411,7 @@ listeners: # replace this with an empty list, ie: `external: []` default: port: 9094 - # Type can be `NodePort or `LoadBalancer`. If unset, it will default to the type - # in the `external` section.` + # If unset, it will default to the type in the `external` section. type: NodePort # External port # This listener port will be used on each kubernetes node @@ -433,7 +431,7 @@ listeners: default: # Ports must be unique per listener port: 8083 - # Type of external access (options are ClusterIP, NodePort, and LoadBalancer) + # If unset, it will default to the type in the `external` section. type: NodePort # External port # This listener port will be used for the external port if NodePort is selected @@ -462,12 +460,19 @@ listeners: port: 8080 # Optional external section # enabled: true - # Type of external access (options are NodePort and LoadBalancer) + # If unset, it will default to the type in the `external` section. # type: NodePort # External port # This listener port will be used for the external port if this is not included nodePort: 30081 +### Non-production usage +# +# ephemeralUsage - Enabling this key relaxes some properties related to high availability, like the +# implementation of a PodDisruptionBudget (this enables deployment onto older K8s versions as well) +ephemeralUsage: + enabled: false + # Expert Config # This section contains various settings supported by Redpanda that may not work @@ -506,7 +511,7 @@ config: # tm_violation_recovery_policy: crash # Describes how to recover from an invariant violation happened on the transaction coordinator level # transactional_id_expiration_ms: 10080min # Producer ids are expired once this time has elapsed after the last write with the given producer ID tunable: {} - # alter_topic_cfg_timeout_ms: 5s # Time to wait for entries replication in controller log when executing alter configuration request + # alter_topic_cfg_timeout_ms: 5s # Time to wait for entries replication in controller log when executing alter configuration request # compacted_log_segment_size: 256MiB # How large in bytes should each compacted log segment be (default 256MiB) # controller_backend_housekeeping_interval_ms: 1s # Interval between iterations of controller backend housekeeping loop # coproc_max_batch_size: 32kb # Maximum amount of bytes to read from one topic read @@ -541,18 +546,18 @@ config: # metadata_dissemination_retries: 10 # Number of attempts of looking up a topic's meta data like shard before failing a request # metadata_dissemination_retry_delay_ms: 500ms # Delay before retry a topic lookup in a shard or other meta tables # quota_manager_gc_sec: 30000ms # Quota manager GC frequency in milliseconds - # raft_learner_recovery_rate: 104857600 # Raft learner recovery rate in bytes per second - # raft_heartbeat_disconnect_failures: 3 #After how many failed heartbeats to forcibly close an unresponsive TCP connection. Set to 0 to disable force disconnection. - # raft_heartbeat_interval_ms: 150 #The interval in ms between raft leader heartbeats. - # raft_heartbeat_timeout_ms: 3000 #Raft heartbeat RPC timeout. - # raft_io_timeout_ms: 10000 #Raft I/O timeout. - # raft_max_concurrent_append_requests_per_follower: 16 #Maximum number of concurrent append entries requests sent by leader to one follower. - # raft_max_recovery_memory: 33554432 #Maximum memory that can be used for reads in the raft recovery process. - # raft_recovery_default_read_size: 524288 #Default size of read issued during raft follower recovery. - # raft_replicate_batch_window_size: 1048576 #Maximum size of requests cached for replication. - # raft_smp_max_non_local_requests: #Maximum number of x-core requests pending in Raft seastar::smp group. (for more details look at seastar::smp_service_group documentation). - # raft_timeout_now_timeout_ms: 1000 #Timeout for a timeout now request. - # raft_transfer_leader_recovery_timeout_ms: 1000 #Timeout waiting for follower recovery when transferring leadership. + # raft_learner_recovery_rate: 104857600 # Raft learner recovery rate in bytes per second + # raft_heartbeat_disconnect_failures: 3 # After how many failed heartbeats to forcibly close an unresponsive TCP connection. Set to 0 to disable force disconnection. + # raft_heartbeat_interval_ms: 150 # The interval in ms between raft leader heartbeats. + # raft_heartbeat_timeout_ms: 3000 # Raft heartbeat RPC timeout. + # raft_io_timeout_ms: 10000 # Raft I/O timeout. + # raft_max_concurrent_append_requests_per_follower: 16 # Maximum number of concurrent append entries requests sent by leader to one follower. + # raft_max_recovery_memory: 33554432 # Maximum memory that can be used for reads in the raft recovery process. + # raft_recovery_default_read_size: 524288 # Default size of read issued during raft follower recovery. + # raft_replicate_batch_window_size: 1048576 # Maximum size of requests cached for replication. + # raft_smp_max_non_local_requests: # Maximum number of x-core requests pending in Raft seastar::smp group. (for more details look at seastar::smp_service_group documentation). + # raft_timeout_now_timeout_ms: 1000 # Timeout for a timeout now request. + # raft_transfer_leader_recovery_timeout_ms: 1000 # Timeout waiting for follower recovery when transferring leadership. # raft_election_timeout_ms: 1500ms # Election timeout expressed in milliseconds TBD - election_time_out # readers_cache_eviction_timeout_ms: 30s # Duration after which inactive readers will be evicted from cache # reclaim_growth_window: 3000ms # Length of time in which reclaim sizes grow @@ -578,31 +583,31 @@ config: # Any of these properties will be ignored. These otherwise valid properties are not allowed # to be used in this section since they impact deploying Redpanda in Kubernetes. # Make use of the above sections to modify these values instead (see comments below). - # admin: 127.0.0.1:9644 # Address and port of admin server - # admin_api_tls: validate_many # TLS configuration for admin HTTP server - # advertised_kafka_api: None # Address of Kafka API published to the clients - # advertised_pandaproxy_api: None # Rest API address and port to publish to client - # advertised_rpc_api: None # Address of RPC endpoint published to other cluster members - # cloud_storage_access_key: None # AWS access key - # cloud_storage_api_endpoint: None # Optional API endpoint - # cloud_storage_api_endpoint_port: 443 # TLS port override - # cloud_storage_bucket: None # AWS bucket that should be used to store data + # admin: "127.0.0.1:9644" # Address and port of admin server + # admin_api_tls: validate_many # TLS configuration for admin HTTP server + # advertised_kafka_api: None # Address of Kafka API published to the clients + # advertised_pandaproxy_api: None # Rest API address and port to publish to client + # advertised_rpc_api: None # Address of RPC endpoint published to other cluster members + # cloud_storage_access_key: None # AWS access key + # cloud_storage_api_endpoint: None # Optional API endpoint + # cloud_storage_api_endpoint_port: 443 # TLS port override + # cloud_storage_bucket: None # AWS bucket that should be used to store data # cloud_storage_disable_tls: false # Disable TLS for all S3 connections - # cloud_storage_enabled: false # Enable archival storage - # cloud_storage_max_connections: 20 # Max number of simultaneous uploads to S3 - # cloud_storage_reconciliation_ms: 10s # Interval at which the archival service runs reconciliation (ms) - # cloud_storage_region: None # AWS region that houses the bucket used for storage - # cloud_storage_secret_key: None # AWS secret key - # cloud_storage_trust_file: None # Path to certificate that should be used to validate server certificate during TLS handshake - # default_topic_partitions: 1 # Default number of partitions per topic - # default_topic_replications: 3 # Default replication factor for new topics - # enable_admin_api Enable the admin API true - # enable_sasl Enable SASL authentication for Kafka connections false - # kafka_api Address and port of an interface to listen for Kafka API requests 127.0.0.1:9092 - # kafka_api_tls TLS configuration for Kafka API endpoint None - # pandaproxy_api Rest API listen address and port 0.0.0.0:8082 - # pandaproxy_api_tls TLS configuration for Pandaproxy api validate_many - # rpc_server IP address and port for RPC server 127.0.0.1:33145 - # rpc_server_tls TLS configuration for RPC server validate - # seed_servers List of the seed servers used to join current cluster; If the seed_server list is empty the node will be a cluster root and it will form a new cluster None - # superusers List of superuser usernames None + # cloud_storage_enabled: false # Enable archival storage + # cloud_storage_max_connections: 20 # Max number of simultaneous uploads to S3 + # cloud_storage_reconciliation_ms: 10s # Interval at which the archival service runs reconciliation (ms) + # cloud_storage_region: None # AWS region that houses the bucket used for storage + # cloud_storage_secret_key: None # AWS secret key + # cloud_storage_trust_file: None # Path to certificate that should be used to validate server certificate during TLS handshake + # default_topic_partitions: 1 # Default number of partitions per topic + # default_topic_replications: 3 # Default replication factor for new topics + # enable_admin_api: true # Enable the admin API + # enable_sasl: false # Enable SASL authentication for Kafka connections + # kafka_api: "127.0.0.1:9092" # Address and port of an interface to listen for Kafka API requests + # kafka_api_tls: None # TLS configuration for Kafka API endpoint + # pandaproxy_api: "0.0.0.0:8082" # Rest API listen address and port + # pandaproxy_api_tls: validate_many # TLS configuration for Pandaproxy api + # rpc_server: "127.0.0.1:33145" # IP address and port for RPC server + # rpc_server_tls: validate # TLS configuration for RPC server + # seed_servers: None # List of the seed servers used to join current cluster; If the seed_server list is empty the node will be a cluster root and it will form a new cluster + # superusers: None # List of superuser usernames diff --git a/index.yaml b/index.yaml index f354f20fc..91ccaa903 100644 --- a/index.yaml +++ b/index.yaml @@ -282,6 +282,41 @@ entries: - assets/ambassador/ambassador-6.7.1100.tgz version: 6.7.1100 argo-cd: + - annotations: + artifacthub.io/changes: | + - "[Added]: Ability to annotate Deployment and Statefulset objects for all components" + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Argo CD + catalog.cattle.io/kube-version: '>=1.22.0-0' + catalog.cattle.io/release-name: argo-cd + apiVersion: v2 + appVersion: v2.5.3 + created: "2022-12-02T01:33:17.388028-05:00" + dependencies: + - condition: redis-ha.enabled + name: redis-ha + repository: file://./charts/redis-ha + version: 4.22.3 + description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery + tool for Kubernetes. + digest: e4f841ad3f67a38b3b300305a541d441bc4d96ab67fefbaa90a947c6fecc431f + home: https://github.com/argoproj/argo-helm + icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png + keywords: + - argoproj + - argocd + - gitops + kubeVersion: '>=1.22.0-0' + maintainers: + - name: argoproj + url: https://argoproj.github.io/ + name: argo-cd + sources: + - https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd + - https://github.com/argoproj/argo-cd + urls: + - assets/argo/argo-cd-5.16.0.tgz + version: 5.16.0 - annotations: artifacthub.io/changes: | - "[Added]: Ability to deploy argocd-repo-server-server-tls secret and configure Strict TLS for Repo Server" @@ -772,6 +807,39 @@ entries: - assets/argo/argo-cd-5.8.0.tgz version: 5.8.0 artifactory-ha: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: JFrog Artifactory HA + catalog.cattle.io/kube-version: '>= 1.14.0-0' + catalog.cattle.io/release-name: artifactory-ha + apiVersion: v2 + appVersion: 7.47.10 + created: "2022-12-02T01:33:18.10381-05:00" + dependencies: + - condition: postgresql.enabled + name: postgresql + repository: file://./charts/postgresql + version: 10.3.18 + description: Universal Repository Manager supporting all major packaging formats, + build tools and CI servers. + digest: 08a99c8c52be3913a0a0477eb86969b0859c37fa1a62d5938c6f13f2e99811d1 + home: https://www.jfrog.com/artifactory/ + icon: https://raw.githubusercontent.com/jfrog/charts/ea5c3112c24a973f64f3ccd99747323db292a369/stable/artifactory-ha/logo/artifactory-logo.png + keywords: + - artifactory + - jfrog + - devops + kubeVersion: '>= 1.14.0-0' + maintainers: + - email: installers@jfrog.com + name: Chart Maintainers at JFrog + name: artifactory-ha + sources: + - https://github.com/jfrog/charts + type: application + urls: + - assets/jfrog/artifactory-ha-107.47.10.tgz + version: 107.47.10 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: JFrog Artifactory HA @@ -1030,6 +1098,40 @@ entries: - assets/jfrog/artifactory-ha-3.0.1400.tgz version: 3.0.1400 artifactory-jcr: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: JFrog Container Registry + catalog.cattle.io/kube-version: '>= 1.14.0-0' + catalog.cattle.io/release-name: artifactory-jcr + apiVersion: v2 + appVersion: 7.47.10 + created: "2022-12-02T01:33:18.153312-05:00" + dependencies: + - name: artifactory + repository: file://./charts/artifactory + version: 107.47.10 + description: JFrog Container Registry + digest: 0ac0c75fcc914cef0ffe5eb549843c91b5b2f39775fb21f198dc458bd002470a + home: https://jfrog.com/container-registry/ + icon: https://raw.githubusercontent.com/jfrog/charts/ea5c3112c24a973f64f3ccd99747323db292a369/stable/artifactory-jcr/logo/jcr-logo.png + keywords: + - artifactory + - jfrog + - container + - registry + - devops + - jfrog-container-registry + kubeVersion: '>= 1.14.0-0' + maintainers: + - email: helm@jfrog.com + name: Chart Maintainers at JFrog + name: artifactory-jcr + sources: + - https://github.com/jfrog/charts + type: application + urls: + - assets/jfrog/artifactory-jcr-107.47.10.tgz + version: 107.47.10 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: JFrog Container Registry @@ -1266,6 +1368,66 @@ entries: - assets/jfrog/artifactory-jcr-2.5.100.tgz version: 2.5.100 asserts: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Asserts + catalog.cattle.io/kube-version: '>=1.17-0' + catalog.cattle.io/release-name: asserts + apiVersion: v2 + created: "2022-12-02T01:33:17.451093-05:00" + dependencies: + - condition: knowledge-sensor.enabled + name: knowledge-sensor + repository: file://./charts/knowledge-sensor + version: 1.0.0 + - alias: tsdb + condition: tsdb.enabled + name: victoria-metrics-single + repository: file://./charts/victoria-metrics-single + version: 1.1.0 + - condition: alertmanager.enabled + name: alertmanager + repository: file://./charts/alertmanager + version: 1.0.0 + - alias: promxyruler + condition: promxyruler.enabled + name: promxy + repository: file://./charts/promxy + version: 0.7.0 + - alias: promxyuser + condition: promxyuser.enabled + name: promxy + repository: file://./charts/promxy + version: 0.7.0 + - name: common + repository: file://./charts/common + version: 1.x.x + - alias: redisgraph + condition: redisgraph.enabled + name: redis + repository: file://./charts/redis + version: 16.8.7 + - alias: redisearch + condition: redisearch.enabled + name: redis + repository: file://./charts/redis + version: 16.8.7 + - alias: postgres + condition: postgres.enabled + name: postgresql + repository: file://./charts/postgresql + version: 11.1.23 + description: Asserts Helm Chart to configure entire asserts stack + digest: 6f5972c252ae99304cde0f976139928859ac5b64af577bed679fa1fc8d7e3856 + icon: https://www.asserts.ai/favicon.png + maintainers: + - name: Asserts + url: https://github.com/asserts + name: asserts + type: application + urls: + - assets/asserts/asserts-1.16.0.tgz + version: 1.16.0 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Asserts @@ -2600,6 +2762,47 @@ entries: - assets/confluent/confluent-for-kubernetes-0.174.2101.tgz version: 0.174.2101 consul: + - annotations: + artifacthub.io/images: | + - name: consul + image: hashicorp/consul:1.14.2 + - name: consul-k8s-control-plane + image: hashicorp/consul-k8s-control-plane:1.0.2 + - name: consul-dataplane + image: hashicorp/consul-dataplane:1.0.0 + - name: envoy + image: envoyproxy/envoy:v1.23.1 + artifacthub.io/license: MPL-2.0 + artifacthub.io/links: | + - name: Documentation + url: https://www.consul.io/docs/k8s + - name: hashicorp/consul + url: https://github.com/hashicorp/consul + - name: hashicorp/consul-k8s + url: https://github.com/hashicorp/consul-k8s + artifacthub.io/prerelease: "false" + artifacthub.io/signKey: | + fingerprint: C874011F0AB405110D02105534365D9472D7468F + url: https://keybase.io/hashicorp/pgp_keys.asc + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Hashicorp Consul + catalog.cattle.io/kube-version: '>=1.21.0-0' + catalog.cattle.io/release-name: consul + apiVersion: v2 + appVersion: 1.14.2 + created: "2022-12-02T01:33:18.03326-05:00" + description: Official HashiCorp Consul Chart + digest: de47f16bf4eaff953ef580f9be79a37656224875ef05cc9e2a332cf437c5dac4 + home: https://www.consul.io + icon: https://raw.githubusercontent.com/hashicorp/consul-k8s/main/assets/icon.png + kubeVersion: '>=1.21.0-0' + name: consul + sources: + - https://github.com/hashicorp/consul + - https://github.com/hashicorp/consul-k8s + urls: + - assets/hashicorp/consul-1.0.2.tgz + version: 1.0.2 - annotations: artifacthub.io/images: | - name: consul @@ -4647,6 +4850,70 @@ entries: - assets/inaccel/fpga-operator-2.5.201.tgz version: 2.5.201 gitlab: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: GitLab + catalog.cattle.io/release-name: gitlab + apiVersion: v1 + appVersion: 15.6.1 + created: "2022-12-02T01:33:17.976977-05:00" + dependencies: + - name: gitlab + repository: "" + version: '*.*.*' + - name: certmanager-issuer + repository: "" + version: '*.*.*' + - name: minio + repository: "" + version: '*.*.*' + - name: registry + repository: "" + version: '*.*.*' + - alias: certmanager + condition: certmanager.install + name: cert-manager + repository: https://charts.jetstack.io/ + version: 1.5.4 + - condition: prometheus.install + name: prometheus + repository: https://prometheus-community.github.io/helm-charts + version: 15.0.4 + - condition: postgresql.install + name: postgresql + repository: https://raw.githubusercontent.com/bitnami/charts/eb5f9a9513d987b519f0ecd732e7031241c50328/bitnami + version: 8.9.4 + - condition: gitlab-runner.install + name: gitlab-runner + repository: https://charts.gitlab.io/ + version: 0.47.0 + - condition: global.grafana.enabled + name: grafana + repository: https://grafana.github.io/helm-charts + version: 6.11.0 + - condition: redis.install + name: redis + repository: https://raw.githubusercontent.com/bitnami/charts/eb5f9a9513d987b519f0ecd732e7031241c50328/bitnami + version: 11.3.4 + - condition: nginx-ingress.enabled + name: nginx-ingress + repository: "" + version: '*.*.*' + description: The One DevOps Platform + digest: 95ab7f7f18aa58b4d3664a9b0068314e41a2efbc55a8b283f533e9c62e80b2f2 + home: https://about.gitlab.com/ + icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.png + keywords: + - gitlab + maintainers: + - email: support@gitlab.com + name: GitLab Inc. + name: gitlab + sources: + - https://gitlab.com/gitlab-org/charts/gitlab + urls: + - assets/gitlab/gitlab-6.6.1.tgz + version: 6.6.1 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: GitLab @@ -8482,6 +8749,37 @@ entries: - assets/bitnami/mysql-9.4.1.tgz version: 9.4.1 nats: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: NATS Server + catalog.cattle.io/kube-version: '>=1.16-0' + catalog.cattle.io/release-name: nats + apiVersion: v2 + appVersion: 2.9.8 + created: "2022-12-02T01:33:18.360936-05:00" + description: A Helm chart for the NATS.io High Speed Cloud Native Distributed + Communications Technology. + digest: 4380cf25f1a3230a71a6bf41d8f11dd0d7d6f7983f40d1e09d38d3d9c0b86565 + home: http://github.com/nats-io/k8s + icon: https://nats.io/img/nats-icon-color.png + keywords: + - nats + - messaging + - cncf + maintainers: + - email: wally@nats.io + name: Waldemar Quevedo + url: https://github.com/wallyqs + - email: colin@nats.io + name: Colin Sullivan + url: https://github.com/ColinSullivan1 + - email: caleb@nats.io + name: Caleb Lloyd + url: https://github.com/caleblloyd + name: nats + urls: + - assets/nats/nats-0.19.1.tgz + version: 0.19.1 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: NATS Server @@ -10314,6 +10612,44 @@ entries: - assets/portworx/portworx-essentials-2.9.100.tgz version: 2.9.100 postgresql: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: PostgreSQL + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: postgresql + category: Database + apiVersion: v2 + appVersion: 15.1.0 + created: "2022-12-02T01:33:17.599515-05:00" + dependencies: + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: PostgreSQL (Postgres) is an open source object-relational database + known for reliability and data integrity. ACID-compliant, it supports foreign + keys, joins, views, triggers and stored procedures. + digest: af5b208a149746d6f689d240712336e75559e98131393d563dd06e18361810b8 + home: https://github.com/bitnami/charts/tree/main/bitnami/postgresql + icon: https://wiki.postgresql.org/images/a/a4/PostgreSQL_logo.3colors.svg + keywords: + - postgresql + - postgres + - database + - sql + - replication + - cluster + maintainers: + - name: Bitnami + url: https://github.com/bitnami/charts + name: postgresql + sources: + - https://github.com/bitnami/containers/tree/main/bitnami/postgresql + - https://www.postgresql.org/ + urls: + - assets/bitnami/postgresql-12.1.3.tgz + version: 12.1.3 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: PostgreSQL @@ -10682,6 +11018,40 @@ entries: - assets/quobyte/quobyte-cluster-0.1.5.tgz version: 0.1.5 redis: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Redis + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: redis + category: Database + apiVersion: v2 + appVersion: 7.0.5 + created: "2022-12-02T01:33:17.609686-05:00" + dependencies: + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: Redis(R) is an open source, advanced key-value store. It is often + referred to as a data structure server since keys can contain strings, hashes, + lists, sets and sorted sets. + digest: 4aa39e784fa3a62222db685ae3c3cf1c9590c673201e179c929eb44250ed6866 + home: https://github.com/bitnami/charts/tree/main/bitnami/redis + icon: https://redis.com/wp-content/uploads/2021/08/redis-logo.png + keywords: + - redis + - keyvalue + - database + maintainers: + - name: Bitnami + url: https://github.com/bitnami/charts + name: redis + sources: + - https://github.com/bitnami/containers/tree/main/bitnami/redis + urls: + - assets/bitnami/redis-17.3.13.tgz + version: 17.3.13 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Redis @@ -10853,6 +11223,38 @@ entries: - assets/bitnami/redis-17.3.7.tgz version: 17.3.7 redpanda: + - annotations: + artifacthub.io/images: | + - name: redpanda + image: vectorized/redpanda:v22.3.3 + - name: busybox + image: busybox:latest + artifacthub.io/license: Apache-2.0 + artifacthub.io/links: | + - name: Documentation + url: https://docs.redpanda.com + - name: "Helm (>= 3.6.0)" + url: https://helm.sh/docs/intro/install/ + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Redpanda + catalog.cattle.io/kube-version: '>=1.21-0' + catalog.cattle.io/release-name: redpanda + apiVersion: v2 + appVersion: v22.3.3 + created: "2022-12-02T01:33:18.469932-05:00" + description: Redpanda is the real-time engine for modern apps. + digest: a8ad2e4a5cc3790819aee6a5134adfd226ad0e3325ff154600046adc8570cdd1 + icon: https://images.ctfassets.net/paqvtpyf8rwu/3cYHw5UzhXCbKuR24GDFGO/73fb682e6157d11c10d5b2b5da1d5af0/skate-stand-panda.svg + maintainers: + - name: redpanda-data + url: https://github.com/orgs/redpanda-data/people + name: redpanda + sources: + - https://github.com/redpanda-data/helm-charts + type: application + urls: + - assets/redpanda/redpanda-2.3.9.tgz + version: 2.3.9 - annotations: artifacthub.io/images: | - name: redpanda