Charts CI

```
Updated:
  argo/argo-cd:
    - 5.16.0
  asserts/asserts:
    - 1.16.0
  bitnami/postgresql:
    - 12.1.3
  bitnami/redis:
    - 17.3.13
  gitlab/gitlab:
    - 6.6.1
  hashicorp/consul:
    - 1.0.2
  jfrog/artifactory-ha:
    - 107.47.10
  jfrog/artifactory-jcr:
    - 107.47.10
  nats/nats:
    - 0.19.1
  redpanda/redpanda:
    - 2.3.9
```

charts/argo/argo-cd/.helmignore

@@ -0,0 +1,4 @@
+/*.tgz
+output
+ci/
+*.gotmpl

charts/argo/argo-cd/Chart.yaml

@@ -1,6 +1,6 @@
 annotations:
   artifacthub.io/changes: |
-    - "[Added]: Ability to deploy argocd-repo-server-server-tls secret and configure Strict TLS for Repo Server"
+    - "[Added]: Ability to annotate Deployment and Statefulset objects for all components"
   catalog.cattle.io/certified: partner
   catalog.cattle.io/display-name: Argo CD
   catalog.cattle.io/kube-version: '>=1.22.0-0'
@@ -28,4 +28,4 @@ name: argo-cd
 sources:
 - https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd
 - https://github.com/argoproj/argo-cd
-version: 5.15.0
+version: 5.16.0

charts/argo/argo-cd/README.md

@@ -376,6 +376,7 @@ NAME: my-release
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
 | global.additionalLabels | object | `{}` | Common labels for the all resources |
+| global.deploymentAnnotations | object | `{}` | Annotations for the all deployed Deployments |
 | global.hostAliases | list | `[]` | Mapping between IP and hostnames that will be injected as entries in the pod's hosts files |
 | global.image.imagePullPolicy | string | `"IfNotPresent"` | If defined, a imagePullPolicy applied to all Argo CD deployments |
 | global.image.repository | string | `"quay.io/argoproj/argocd"` | If defined, a repository applied to all Argo CD deployments |
@@ -389,6 +390,7 @@ NAME: my-release
 | global.podLabels | object | `{}` | Labels for the all deployed pods |
 | global.revisionHistoryLimit | int | `3` | Number of old deployment ReplicaSets to retain. The rest will be garbage collected. |
 | global.securityContext | object | `{}` (See [values.yaml]) | Toggle and define pod-level security context. |
+| global.statefulsetAnnotations | object | `{}` | Annotations for the all deployed Statefulsets |
 
 ## Argo CD Configs
 
@@ -506,6 +508,7 @@ NAME: my-release
 | controller.serviceAccount.create | bool | `true` | Create a service account for the application controller |
 | controller.serviceAccount.labels | object | `{}` | Labels applied to created service account |
 | controller.serviceAccount.name | string | `"argocd-application-controller"` | Service account name |
+| controller.statefulsetAnnotations | object | `{}` | Annotations for the application controller StatefulSet |
 | controller.tolerations | list | `[]` | [Tolerations] for use with node taints |
 | controller.topologySpreadConstraints | list | `[]` | Assign custom [TopologySpreadConstraints] rules to the application controller |
 | controller.volumeMounts | list | `[]` | Additional volumeMounts to the application controller main container |
@@ -533,6 +536,7 @@ NAME: my-release
 | repoServer.clusterRoleRules.rules | list | `[]` | List of custom rules for the Repo server's Cluster Role resource |
 | repoServer.containerPort | int | `8081` | Configures the repo server port |
 | repoServer.containerSecurityContext | object | See [values.yaml] | Repo server container-level security context |
+| repoServer.deploymentAnnotations | object | `{}` | Annotations to be added to repo server Deployment |
 | repoServer.env | list | `[]` | Environment variables to pass to repo server |
 | repoServer.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to repo server |
 | repoServer.extraArgs | list | `[]` | Additional command line arguments to pass to repo server |
@@ -632,6 +636,7 @@ NAME: my-release
 | server.clusterAdminAccess.enabled | bool | `true` | Enable RBAC for local cluster deployments |
 | server.containerPort | int | `8080` | Configures the server port |
 | server.containerSecurityContext | object | See [values.yaml] | Server container-level security context |
+| server.deploymentAnnotations | object | `{}` | Annotations to be added to server Deployment |
 | server.env | list | `[]` | Environment variables to pass to Argo CD server |
 | server.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to Argo CD server |
 | server.extensions.containerSecurityContext | object | See [values.yaml] | Server UI extensions container-level security context |
@@ -775,6 +780,7 @@ server:
 | dex.containerPortHttp | int | `5556` | Container port for HTTP access |
 | dex.containerPortMetrics | int | `5558` | Container port for metrics access |
 | dex.containerSecurityContext | object | See [values.yaml] | Dex container-level security context |
+| dex.deploymentAnnotations | object | `{}` | Annotations to be added to the Dex server Deployment |
 | dex.enabled | bool | `true` | Enable dex |
 | dex.env | list | `[]` | Environment variables to pass to the Dex server |
 | dex.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Dex server |
@@ -848,6 +854,7 @@ server:
 | redis.affinity | object | `{}` | Assign custom [affinity] rules to the deployment |
 | redis.containerPort | int | `6379` | Redis container port |
 | redis.containerSecurityContext | object | See [values.yaml] | Redis container-level security context |
+| redis.deploymentAnnotations | object | `{}` | Annotations to be added to the Redis server Deployment |
 | redis.enabled | bool | `true` | Enable redis |
 | redis.env | list | `[]` | Environment variables to pass to the Redis server |
 | redis.envFrom | list | `[]` (See [values.yaml]) | envFrom to pass to the Redis server |
@@ -950,13 +957,12 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
 | applicationSet.affinity | object | `{}` | Assign custom [affinity] rules |
-| applicationSet.args.debug | bool | `false` | Print debug logs |
 | applicationSet.args.dryRun | bool | `false` | Enable dry run mode |
-| applicationSet.args.enableLeaderElection | bool | `false` | The default leader election setting |
 | applicationSet.args.metricsAddr | string | `":8080"` | The default metric address |
 | applicationSet.args.policy | string | `"sync"` | How application is synced between the generator and the cluster |
 | applicationSet.args.probeBindAddr | string | `":8081"` | The default health check port |
 | applicationSet.containerSecurityContext | object | See [values.yaml] | ApplicationSet controller container-level security context |
+| applicationSet.deploymentAnnotations | object | `{}` | Annotations to be added to ApplicationSet controller Deployment |
 | applicationSet.enabled | bool | `true` | Enable ApplicationSet controller |
 | applicationSet.extraArgs | list | `[]` | List of extra cli args to add |
 | applicationSet.extraContainers | list | `[]` | Additional containers to be added to the applicationset controller pod |
@@ -1058,6 +1064,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
 | notifications.cm.create | bool | `true` | Whether helm chart creates controller config map |
 | notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context |
 | notifications.context | object | `{}` | Define user-defined context |
+| notifications.deploymentAnnotations | object | `{}` | Annotations to be applied to the notifications controller Deployment |
 | notifications.enabled | bool | `true` | Enable notifications controller |
 | notifications.extraArgs | list | `[]` | Extra arguments to provide to the controller |
 | notifications.extraEnv | list | `[]` | Additional container environment variables |

charts/argo/argo-cd/templates/NOTES.txt

@@ -58,6 +58,12 @@ REMOVED option controller.service - Use controller.metrics
 {{- if .Values.repoServer.copyutil }}
 REMOVED option repoSever.copyutil.resources - Use repoServer.resources
 {{- end }}
+{{- if .Values.applicationSet.args.debug }}
+REMOVED option applicationSet.args.debug - Use applicationSet.logLevel: debug
+{{- end }}
+{{- if .Values.applicationSet.args.enableLeaderElection }}
+REMOVED option applicationSet.args.enableLeaderElection - Value determined based on replicas
+{{- end }}
 
 In order to access the server UI you have the following options:
 

charts/argo/argo-cd/templates/argocd-application-controller/statefulset.yaml

@@ -1,7 +1,13 @@
 apiVersion: apps/v1
 kind: StatefulSet
 metadata:
-  name: {{ include "argo-cd.controller.fullname" . }}
+  {{- with (mergeOverwrite (deepCopy .Values.global.statefulsetAnnotations) .Values.controller.statefulsetAnnotations) }}
+  annotations:
+    {{- range $key, $value := . }}
+    {{ $key }}: {{ $value | quote }}
+    {{- end }}
+  {{- end }}
+  name: {{ template "argo-cd.controller.fullname" . }}
   labels:
     {{- include "argo-cd.labels" (dict "context" . "component" .Values.controller.name "name" .Values.controller.name) | nindent 4 }}
 spec:

charts/argo/argo-cd/templates/argocd-applicationset/deployment.yaml

@@ -2,6 +2,12 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
+  {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.applicationSet.deploymentAnnotations) }}
+  annotations:
+    {{- range $key, $value := . }}
+    {{ $key }}: {{ $value | quote }}
+    {{- end }}
+  {{- end }}
   name: {{ include "argo-cd.applicationSet.fullname" . }}
   labels:
     {{- include "argo-cd.labels" (dict "context" . "component" .Values.applicationSet.name "name" .Values.applicationSet.name) | nindent 4 }}
@@ -41,19 +47,16 @@ spec:
           command:
             - entrypoint.sh
             - argocd-applicationset-controller
+            - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}
+            - --enable-leader-election={{ gt ( .Values.applicationSet.replicaCount | int64) 1 }}
+            - --metrics-addr={{ .Values.applicationSet.args.metricsAddr }}
+            - --probe-addr={{ .Values.applicationSet.args.probeBindAddr }}
+            - --policy={{ .Values.applicationSet.args.policy }}
+            - --dry-run={{ .Values.applicationSet.args.dryRun }}
             - --logformat
             - {{ default .Values.global.logging.format .Values.applicationSet.logFormat }}
             - --loglevel
             - {{ default .Values.global.logging.level .Values.applicationSet.logLevel }}
-            - --metrics-addr={{ .Values.applicationSet.args.metricsAddr }}
-            - --probe-addr={{ .Values.applicationSet.args.probeBindAddr }}
-            {{- if or (gt ( .Values.applicationSet.replicaCount | int64) 1) .Values.applicationSet.args.enableLeaderElection }}
-            - --enable-leader-election=true
-            {{- end }}
-            - --argocd-repo-server={{ template "argo-cd.repoServer.fullname" . }}:{{ .Values.repoServer.service.port }}
-            - --policy={{ .Values.applicationSet.args.policy }}
-            - --debug={{ .Values.applicationSet.args.debug }}
-            - --dry-run={{ .Values.applicationSet.args.dryRun }}
             {{- with .Values.applicationSet.extraArgs }}
               {{- toYaml . | nindent 12 }}
             {{- end }}

charts/argo/argo-cd/templates/argocd-applicationset/role.yaml

@@ -47,9 +47,20 @@ rules:
   - apiGroups:
     - ""
     resources:
-    - secrets
     - configmaps
     verbs:
+    - create
+    - update
+    - delete
+    - get
+    - list
+    - patch
+    - watch
+  - apiGroups:
+    - ""
+    resources:
+    - secrets
+    verbs:
     - get
     - list
     - watch
@@ -62,16 +73,6 @@ rules:
     - get
     - list
     - watch
-  # Leader election
-  - apiGroups:
-    - ""
-    resources:
-    - configmaps
-    verbs:
-    - create
-    - update
-    - delete
-    - patch
   - apiGroups:
     - coordination.k8s.io
     resources:

charts/argo/argo-cd/templates/argocd-notifications/bots/slack/deployment.yaml

@@ -2,7 +2,13 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: {{ include "argo-cd.notifications.fullname" . }}-bot
+  {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.notifications.deploymentAnnotations) }}
+  annotations:
+    {{- range $key, $value := . }}
+    {{ $key }}: {{ $value | quote }}
+    {{- end }}
+  {{- end }}
+  name: {{ template "argo-cd.notifications.fullname" . }}-bot
   labels:
     {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" .Values.notifications.bots.slack.name) | nindent 4 }}
 spec:

charts/argo/argo-cd/templates/argocd-notifications/deployment.yaml

@@ -2,6 +2,12 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
+  {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.notifications.deploymentAnnotations) }}
+  annotations:
+    {{- range $key, $value := . }}
+    {{ $key }}: {{ $value | quote }}
+    {{- end }}
+  {{- end }}
   name: {{ include "argo-cd.notifications.fullname" . }}
   labels:
     {{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.name "name" .Values.notifications.name) | nindent 4 }}

charts/argo/argo-cd/templates/argocd-repo-server/deployment.yaml

@@ -1,6 +1,12 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
+  {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.repoServer.deploymentAnnotations) }}
+  annotations:
+    {{- range $key, $value := . }}
+    {{ $key }}: {{ $value | quote }}
+    {{- end }}
+  {{- end }}
   name: {{ template "argo-cd.repoServer.fullname" . }}
   labels:
     {{- include "argo-cd.labels" (dict "context" . "component" .Values.repoServer.name "name" .Values.repoServer.name) | nindent 4 }}
@@ -16,6 +22,9 @@ spec:
     metadata:
       annotations:
         checksum/cmd-params: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmd-params-cm.yaml") . | sha256sum }}
+        {{- if .Values.repoServer.certificateSecret.enabled }}
+        checksum/repo-server-tls: {{ include (print $.Template.BasePath "/argocd-configs/argocd-repo-server-tls-secret.yaml") . | sha256sum }}
+        {{- end }}
         {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.repoServer.podAnnotations) }}
         {{- range $key, $value := . }}
         {{ $key }}: {{ $value | quote }}

charts/argo/argo-cd/templates/argocd-server/deployment.yaml

@@ -1,6 +1,12 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
+  {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.server.deploymentAnnotations) }}
+  annotations:
+    {{- range $key, $value := . }}
+    {{ $key }}: {{ $value | quote }}
+    {{- end }}
+  {{- end }}
   name: {{ template "argo-cd.server.fullname" . }}
   labels:
     {{- include "argo-cd.labels" (dict "context" . "component" .Values.server.name "name" .Values.server.name) | nindent 4 }}

charts/argo/argo-cd/templates/dex/deployment.yaml

@@ -2,6 +2,12 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
+  {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.dex.deploymentAnnotations) }}
+  annotations:
+    {{- range $key, $value := . }}
+    {{ $key }}: {{ $value | quote }}
+    {{- end }}
+  {{- end }}
   name: {{ template "argo-cd.dex.fullname" . }}
   labels:
     {{- include "argo-cd.labels" (dict "context" . "component" .Values.dex.name "name" .Values.dex.name) | nindent 4 }}
@@ -16,7 +22,7 @@ spec:
       annotations:
         checksum/cmd-params: {{ include (print $.Template.BasePath "/argocd-configs/argocd-cmd-params-cm.yaml") . | sha256sum }}
         {{- if .Values.dex.certificateSecret.enabled }}
-        checksum/dex-server-tls: {{ include (print $.Template.BasePath "/argocd-configs/argocd-dex-server-tls.yaml") . | sha256sum }}
+        checksum/dex-server-tls: {{ include (print $.Template.BasePath "/argocd-configs/argocd-dex-server-tls-secret.yaml") . | sha256sum }}
         {{- end }}
         {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.dex.podAnnotations) }}
         {{- range $key, $value := . }}

charts/argo/argo-cd/templates/redis/deployment.yaml

@@ -3,6 +3,12 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
+  {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.redis.deploymentAnnotations) }}
+  annotations:
+    {{- range $key, $value := . }}
+    {{ $key }}: {{ $value | quote }}
+    {{- end }}
+  {{- end }}
   name: {{ include "argo-cd.redis.fullname" . }}
   labels:
     {{- include "argo-cd.labels" (dict "context" . "component" .Values.redis.name "name" .Values.redis.name) | nindent 4 }}

charts/argo/argo-cd/values.yaml

@@ -68,6 +68,12 @@ global:
     # -- Set the global logging level. One of: `debug`, `info`, `warn` or `error`
     level: info
 
+  # -- Annotations for the all deployed Statefulsets
+  statefulsetAnnotations: {}
+
+  # -- Annotations for the all deployed Deployments
+  deploymentAnnotations: {}
+
   # -- Annotations for the all deployed pods
   podAnnotations: {}
 
@@ -540,6 +546,9 @@ controller:
   # - secretRef:
   #     name: secret-name
 
+  # -- Annotations for the application controller StatefulSet
+  statefulsetAnnotations: {}
+
   # -- Annotations to be added to application controller pods
   podAnnotations: {}
 
@@ -846,6 +855,9 @@ dex:
     # -- Certificate data. Must contain SANs of Dex service (ie: argocd-dex-server, argocd-dex-server.argo-cd.svc)
     crt: ''
 
+  # -- Annotations to be added to the Dex server Deployment
+  deploymentAnnotations: {}
+
   # -- Annotations to be added to the Dex server pods
   podAnnotations: {}
 
@@ -1029,6 +1041,9 @@ redis:
   # - secretRef:
   #     name: secret-name
 
+  # -- Annotations to be added to the Redis server Deployment
+  deploymentAnnotations: {}
+
   # -- Annotations to be added to the Redis server pods
   podAnnotations: {}
 
@@ -1343,6 +1358,9 @@ server:
   # @default -- `""` (defaults to global.logging.level)
   # logLevel: ""
 
+  # -- Annotations to be added to server Deployment
+  deploymentAnnotations: {}
+
   # -- Annotations to be added to server pods
   podAnnotations: {}
 
@@ -1898,6 +1916,9 @@ repoServer:
   # @default -- `""` (defaults to global.logging.format)
   # logLevel: ""
 
+  # -- Annotations to be added to repo server Deployment
+  deploymentAnnotations: {}
+
   # -- Annotations to be added to repo server pods
   podAnnotations: {}
 
@@ -2153,12 +2174,8 @@ applicationSet:
     metricsAddr: :8080
     # -- The default health check port
     probeBindAddr: :8081
-    # -- The default leader election setting
-    enableLeaderElection: false
     # -- How application is synced between the generator and the cluster
     policy: sync
-    # -- Print debug logs
-    debug: false
     # -- Enable dry run mode
     dryRun: false
 
@@ -2231,6 +2248,9 @@ applicationSet:
     # If not set and create is true, a name is generated using the fullname template
     name: ""
 
+  # -- Annotations to be added to ApplicationSet controller Deployment
+  deploymentAnnotations: {}
+
   # -- Annotations for the controller pods
   podAnnotations: {}
 
@@ -2521,6 +2541,9 @@ notifications:
     # service.slack: |
     #   token: $slack-token
 
+  # -- Annotations to be applied to the notifications controller Deployment
+  deploymentAnnotations: {}
+
   # -- Annotations to be applied to the controller Pods
   podAnnotations: {}
 

charts/asserts/asserts/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

charts/asserts/asserts/Chart.yaml

@@ -53,4 +53,4 @@ maintainers:
   url: https://github.com/asserts
 name: asserts
 type: application
-version: 1.15.0
+version: 1.16.0

charts/asserts/asserts/values.yaml

@@ -376,16 +376,12 @@ grafana:
   ## Grafana admin password configuration
   ##
   ## If left with password: "" and existingSecret: ""
-  ## a random alpha numeric password will be generated.
+  ## a random alpha numeric password will be generated on
-  ## Upon upgrading the release, you will need to provide
+  ## first run. Upon upgrading the release, the credentials
-  ## the password as a value in subsequent updates.
+  ## stored in the secret will be retrieved, secret handling
-  ## e.g.
+  ## is out of the box. Note that this will fail if using the
-  # grafana:
+  ## "helm-diff" plugin and would require setting it explicitly
-  #   auth:
+  ## or providing an existingSecret.
-  #     password: <grafana-admin-password>
-  ##
-  ## If an existingSecret is created (recommended for production)
-  ## then that will be used.
   ##
   ## ref: https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues/#credential-errors-while-upgrading-chart-releases
   auth:
@@ -792,25 +788,21 @@ postgres:
 
   ## Postgres password configuration
   ##
-  ## If left with password: "" and existingSecret: ""
+  ## If left with postgresPassword: "" and existingSecret: ""
-  ## a random alpha numeric password will be generated.
+  ## a random alpha numeric password will be generated on
-  ## Upon upgrading the release, you will need to provide
+  ## first run. Upon upgrading the release, the credentials
-  ## the password as a value in subsequent updates.
+  ## stored in the secret will be retrieved, secret handling
-  ## e.g.
+  ## is out of the box. Note that this will fail if using the
-  # postgres:
+  ## "helm-diff" plugin and would require setting it explicitly
-  #   global:
+  ## or providing an existingSecret.
-  #     postgresql:
-  #       auth:
-  #         postgresPassword: <postgres-password>
-  ##
-  ## If an existingSecret is created (recommended for production)
-  ## then that will be used.
   ##
   ## ref: https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues/#credential-errors-while-upgrading-chart-releases
   global:
     postgresql:
       auth:
         database: "asserts"
+        postgresPassword: ""
+        existingSecret: ""
 
   image:
     repository: bitnami/postgresql

charts/bitnami/postgresql/.helmignore

@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj

charts/bitnami/postgresql/Chart.lock

@@ -1,6 +1,6 @@
 dependencies:
 - name: common
   repository: https://charts.bitnami.com/bitnami
-  version: 2.1.2
+  version: 2.2.1
-digest: sha256:1c365a4551a2f4098e9584dc176b289c10437c679c7c3e2ec6153cabf863e1a4
+digest: sha256:6c67cfa9945bf608209d4e2ca8f17079fca4770907c7902d984187ab5b21811e
-generated: "2022-11-01T11:07:06.309318341Z"
+generated: "2022-12-01T20:16:55.812777288Z"

charts/bitnami/postgresql/Chart.yaml

@@ -31,4 +31,4 @@ name: postgresql
 sources:
 - https://github.com/bitnami/containers/tree/main/bitnami/postgresql
 - https://www.postgresql.org/
-version: 12.1.2
+version: 12.1.3

charts/bitnami/postgresql/README.md

@@ -101,7 +101,7 @@ kubectl delete pvc -l release=my-release
 | ---------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- |
 | `image.registry`                         | PostgreSQL image registry                                                                                                                                                                                                                                                                                                                     | `docker.io`                |
 | `image.repository`                       | PostgreSQL image repository                                                                                                                                                                                                                                                                                                                   | `bitnami/postgresql`       |
-| `image.tag`                              | PostgreSQL image tag (immutable tags are recommended)                                                                                                                                                                                                                                                                                         | `15.1.0-debian-11-r0`      |
+| `image.tag`                              | PostgreSQL image tag (immutable tags are recommended)                                                                                                                                                                                                                                                                                         | `15.1.0-debian-11-r7`      |
 | `image.digest`                           | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag                                                                                                                                                                                                                                    | `""`                       |
 | `image.pullPolicy`                       | PostgreSQL image pull policy                                                                                                                                                                                                                                                                                                                  | `IfNotPresent`             |
 | `image.pullSecrets`                      | Specify image pull secrets                                                                                                                                                                                                                                                                                                                    | `[]`                       |
@@ -382,7 +382,7 @@ kubectl delete pvc -l release=my-release
 | `volumePermissions.enabled`                            | Enable init container that changes the owner and group of the persistent volume                                                   | `false`                 |
 | `volumePermissions.image.registry`                     | Init container volume-permissions image registry                                                                                  | `docker.io`             |
 | `volumePermissions.image.repository`                   | Init container volume-permissions image repository                                                                                | `bitnami/bitnami-shell` |
-| `volumePermissions.image.tag`                          | Init container volume-permissions image tag (immutable tags are recommended)                                                      | `11-debian-11-r50`      |
+| `volumePermissions.image.tag`                          | Init container volume-permissions image tag (immutable tags are recommended)                                                      | `11-debian-11-r57`      |
 | `volumePermissions.image.digest`                       | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""`                    |
 | `volumePermissions.image.pullPolicy`                   | Init container volume-permissions image pull policy                                                                               | `IfNotPresent`          |
 | `volumePermissions.image.pullSecrets`                  | Init container volume-permissions image pull secrets                                                                              | `[]`                    |
@@ -411,7 +411,7 @@ kubectl delete pvc -l release=my-release
 | `metrics.enabled`                               | Start a prometheus exporter                                                                                | `false`                     |
 | `metrics.image.registry`                        | PostgreSQL Prometheus Exporter image registry                                                              | `docker.io`                 |
 | `metrics.image.repository`                      | PostgreSQL Prometheus Exporter image repository                                                            | `bitnami/postgres-exporter` |
-| `metrics.image.tag`                             | PostgreSQL Prometheus Exporter image tag (immutable tags are recommended)                                  | `0.11.1-debian-11-r27`      |
+| `metrics.image.tag`                             | PostgreSQL Prometheus Exporter image tag (immutable tags are recommended)                                  | `0.11.1-debian-11-r34`      |
 | `metrics.image.digest`                          | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""`                        |
 | `metrics.image.pullPolicy`                      | PostgreSQL Prometheus Exporter image pull policy                                                           | `IfNotPresent`              |
 | `metrics.image.pullSecrets`                     | Specify image pull secrets                                                                                 | `[]`                        |

charts/bitnami/postgresql/charts/common/Chart.yaml

@@ -1,7 +1,7 @@
 annotations:
   category: Infrastructure
 apiVersion: v2
-appVersion: 2.1.2
+appVersion: 2.2.1
 description: A Library Helm Chart for grouping common logic between bitnami charts.
   This chart is not deployable by itself.
 home: https://github.com/bitnami/charts/tree/main/bitnami/common
@@ -20,4 +20,4 @@ sources:
 - https://github.com/bitnami/charts
 - https://www.bitnami.com/
 type: library
-version: 2.1.2
+version: 2.2.1

charts/bitnami/postgresql/charts/common/README.md

@@ -43,10 +43,11 @@ The following table lists the helpers available in the library which are scoped
 
 | Helper identifier             | Description                                          | Expected Input                                 |
 |-------------------------------|------------------------------------------------------|------------------------------------------------|
-| `common.affinities.nodes.soft` | Return a soft nodeAffinity definition                | `dict "key" "FOO" "values" (list "BAR" "BAZ")` |
+| `common.affinities.nodes.soft`  | Return a soft nodeAffinity definition                 | `dict "key" "FOO" "values" (list "BAR" "BAZ")`  |
-| `common.affinities.nodes.hard` | Return a hard nodeAffinity definition                | `dict "key" "FOO" "values" (list "BAR" "BAZ")` |
+| `common.affinities.nodes.hard`  | Return a hard nodeAffinity definition                 | `dict "key" "FOO" "values" (list "BAR" "BAZ")`  |
-| `common.affinities.pods.soft`  | Return a soft podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $`           |
+| `common.affinities.pods.soft`   | Return a soft podAffinity/podAntiAffinity definition  | `dict "component" "FOO" "context" $`            |
-| `common.affinities.pods.hard`  | Return a hard podAffinity/podAntiAffinity definition | `dict "component" "FOO" "context" $`           |
+| `common.affinities.pods.hard`   | Return a hard podAffinity/podAntiAffinity definition  | `dict "component" "FOO" "context" $`            |
+| `common.affinities.topologyKey` | Return a topologyKey definition                       | `dict "topologyKey" "FOO"`                      |
 
 ### Capabilities
 
@@ -107,12 +108,12 @@ The following table lists the helpers available in the library which are scoped
 
 ### Secrets
 
-| Helper identifier         | Description                                                  | Expected Input                                                                                                                                                                                                                  |
+| Helper identifier                 | Description                                                  | Expected Input                                                                                                                                                                                                                  |
-|---------------------------|--------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+|-----------------------------------|--------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| `common.secrets.name`     | Generate the name of the secret.                             | `dict "existingSecret" .Values.path.to.the.existingSecret "defaultNameSuffix" "mySuffix" "context" $` see [ExistingSecret](#existingsecret) for the structure.                                                                  |
+| `common.secrets.name`             | Generate the name of the secret.                             | `dict "existingSecret" .Values.path.to.the.existingSecret "defaultNameSuffix" "mySuffix" "context" $` see [ExistingSecret](#existingsecret) for the structure.                                                                  |
-| `common.secrets.key`      | Generate secret key.                                         | `dict "existingSecret" .Values.path.to.the.existingSecret "key" "keyName"` see [ExistingSecret](#existingsecret) for the structure.                                                                                             |
+| `common.secrets.key`              | Generate secret key.                                         | `dict "existingSecret" .Values.path.to.the.existingSecret "key" "keyName"` see [ExistingSecret](#existingsecret) for the structure.                                                                                             |
-| `common.passwords.manage` | Generate secret password or retrieve one if already created. | `dict "secret" "secret-name" "key" "keyName" "providedValues" (list "path.to.password1" "path.to.password2") "length" 10 "strong" false "chartName" "chartName" "context" $`, length, strong and chartNAme fields are optional. |
+| `common.secrets.passwords.manage` | Generate secret password or retrieve one if already created. | `dict "secret" "secret-name" "key" "keyName" "providedValues" (list "path.to.password1" "path.to.password2") "length" 10 "strong" false "chartName" "chartName" "context" $`, length, strong and chartNAme fields are optional. |
-| `common.secrets.exists`   | Returns whether a previous generated secret already exists.  | `dict "secret" "secret-name" "context" $`                                                                                                                                                                                       |
+| `common.secrets.exists`           | Returns whether a previous generated secret already exists.  | `dict "secret" "secret-name" "context" $`                                                                                                                                                                                       |
 
 ### Storage
 

charts/bitnami/postgresql/charts/common/templates/_affinities.tpl

@@ -45,9 +45,17 @@ Return a nodeAffinity definition
   {{- end -}}
 {{- end -}}
 
+{{/*
+Return a topologyKey definition
+{{ include "common.affinities.topologyKey" (dict "topologyKey" "BAR") -}}
+*/}}
+{{- define "common.affinities.topologyKey" -}}
+{{ .topologyKey | default "kubernetes.io/hostname" -}}
+{{- end -}}
+
 {{/*
 Return a soft podAffinity/podAntiAffinity definition
-{{ include "common.affinities.pods.soft" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "context" $) -}}
+{{ include "common.affinities.pods.soft" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "context" $) -}}
 */}}
 {{- define "common.affinities.pods.soft" -}}
 {{- $component := default "" .component -}}
@@ -62,13 +70,13 @@ preferredDuringSchedulingIgnoredDuringExecution:
           {{- range $key, $value := $extraMatchLabels }}
           {{ $key }}: {{ $value | quote }}
           {{- end }}
-      topologyKey: kubernetes.io/hostname
+      topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }}
     weight: 1
 {{- end -}}
 
 {{/*
 Return a hard podAffinity/podAntiAffinity definition
-{{ include "common.affinities.pods.hard" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "context" $) -}}
+{{ include "common.affinities.pods.hard" (dict "component" "FOO" "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "context" $) -}}
 */}}
 {{- define "common.affinities.pods.hard" -}}
 {{- $component := default "" .component -}}
@@ -82,7 +90,7 @@ requiredDuringSchedulingIgnoredDuringExecution:
         {{- range $key, $value := $extraMatchLabels }}
         {{ $key }}: {{ $value | quote }}
         {{- end }}
-    topologyKey: kubernetes.io/hostname
+    topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }}
 {{- end -}}
 
 {{/*

charts/bitnami/postgresql/values.yaml

@@ -95,7 +95,7 @@ diagnosticMode:
 image:
   registry: docker.io
   repository: bitnami/postgresql
-  tag: 15.1.0-debian-11-r0
+  tag: 15.1.0-debian-11-r7
   digest: ""
   ## Specify a imagePullPolicy
   ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@@ -1130,7 +1130,7 @@ volumePermissions:
   image:
     registry: docker.io
     repository: bitnami/bitnami-shell
-    tag: 11-debian-11-r50
+    tag: 11-debian-11-r57
     digest: ""
     pullPolicy: IfNotPresent
     ## Optionally specify an array of imagePullSecrets.
@@ -1217,7 +1217,7 @@ metrics:
   image:
     registry: docker.io
     repository: bitnami/postgres-exporter
-    tag: 0.11.1-debian-11-r27
+    tag: 0.11.1-debian-11-r34
     digest: ""
     pullPolicy: IfNotPresent
     ## Optionally specify an array of imagePullSecrets.

charts/bitnami/redis/.helmignore

@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj

charts/bitnami/redis/Chart.yaml

@@ -27,4 +27,4 @@ maintainers:
 name: redis
 sources:
 - https://github.com/bitnami/containers/tree/main/bitnami/redis
-version: 17.3.11
+version: 17.3.13

charts/bitnami/redis/README.md

@@ -166,6 +166,7 @@ The command removes all the Kubernetes components associated with the chart and
 | `master.kind`                                        | Use either Deployment or StatefulSet (default)                                                        | `StatefulSet`            |
 | `master.schedulerName`                               | Alternate scheduler for Redis® master pods                                                        | `""`                     |
 | `master.updateStrategy.type`                         | Redis® master statefulset strategy type                                                           | `RollingUpdate`          |
+| `master.minReadySeconds`                             | How many seconds a pod needs to be ready before killing the next, during update                       | `0`                      |
 | `master.priorityClassName`                           | Redis® master pods' priorityClassName                                                             | `""`                     |
 | `master.hostAliases`                                 | Redis® master pods host aliases                                                                   | `[]`                     |
 | `master.podLabels`                                   | Extra labels for Redis® master pods                                                               | `{}`                     |
@@ -266,6 +267,7 @@ The command removes all the Kubernetes components associated with the chart and
 | `replica.containerSecurityContext.runAsUser`          | Set Redis® replicas containers' Security Context runAsUser                                          | `1001`                   |
 | `replica.schedulerName`                               | Alternate scheduler for Redis® replicas pods                                                        | `""`                     |
 | `replica.updateStrategy.type`                         | Redis® replicas statefulset strategy type                                                           | `RollingUpdate`          |
+| `replica.minReadySeconds`                             | How many seconds a pod needs to be ready before killing the next, during update                         | `0`                      |
 | `replica.priorityClassName`                           | Redis® replicas pods' priorityClassName                                                             | `""`                     |
 | `replica.podManagementPolicy`                         | podManagementPolicy to manage scaling operation of %%MAIN_CONTAINER_NAME%% pods                         | `""`                     |
 | `replica.hostAliases`                                 | Redis® replicas pods host aliases                                                                   | `[]`                     |

charts/bitnami/redis/templates/master/application.yaml

@@ -26,6 +26,9 @@ spec:
   {{- else }}
   updateStrategy: {{- toYaml .Values.master.updateStrategy | nindent 4 }}
   {{- end }}
+  {{- if and .Values.master.minReadySeconds (semverCompare ">= 1.25" (include "common.capabilities.kubeVersion" .)) }}
+  minReadySeconds: {{ .Values.master.minReadySeconds }}
+  {{- end }}
   {{- end }}
   template:
     metadata:

charts/bitnami/redis/templates/replicas/statefulset.yaml

@@ -23,6 +23,9 @@ spec:
   {{- if .Values.replica.updateStrategy }}
   updateStrategy: {{- toYaml .Values.replica.updateStrategy | nindent 4 }}
   {{- end }}
+  {{- if and .Values.replica.minReadySeconds (semverCompare ">= 1.25" (include "common.capabilities.kubeVersion" .)) }}
+  minReadySeconds: {{ .Values.replica.minReadySeconds }}
+  {{- end }}
   {{- if .Values.replica.podManagementPolicy }}
   podManagementPolicy: {{ .Values.replica.podManagementPolicy | quote }}
   {{- end }}

charts/bitnami/redis/templates/sentinel/statefulset.yaml

@@ -22,6 +22,9 @@ spec:
   {{- if .Values.replica.updateStrategy }}
   updateStrategy: {{- toYaml .Values.replica.updateStrategy | nindent 4 }}
   {{- end }}
+  {{- if and .Values.replica.minReadySeconds (semverCompare ">= 1.25" (include "common.capabilities.kubeVersion" .)) }}
+  minReadySeconds: {{ .Values.replica.minReadySeconds }}
+  {{- end }}
   {{- if .Values.replica.podManagementPolicy }}
   podManagementPolicy: {{ .Values.replica.podManagementPolicy | quote }}
   {{- end }}

charts/bitnami/redis/values.yaml

@@ -289,6 +289,9 @@ master:
     ##
     type: RollingUpdate
     rollingUpdate: {}
+  ## @param master.minReadySeconds How many seconds a pod needs to be ready before killing the next, during update
+  ##
+  minReadySeconds: 0
   ## @param master.priorityClassName Redis® master pods' priorityClassName
   ##
   priorityClassName: ""
@@ -687,6 +690,9 @@ replica:
     ##
     type: RollingUpdate
     rollingUpdate: {}
+  ## @param replica.minReadySeconds How many seconds a pod needs to be ready before killing the next, during update
+  ##
+  minReadySeconds: 0
   ## @param replica.priorityClassName Redis® replicas pods' priorityClassName
   ##
   priorityClassName: ""

charts/gitlab/gitlab/.markdownlint.yml

@@ -0,0 +1,151 @@
+---
+# Base Markdownlint configuration
+# Extended Markdownlint configuration in doc/.markdownlint/
+default: true
+first-header-h1: true
+header-style:
+  style: "atx"
+ul-style:
+  style: "dash"
+no-trailing-spaces: false
+line-length: false
+no-duplicate-header:
+  allow_different_nesting: true
+no-trailing-punctuation:
+  punctuation: ".,;:!。，；：！？"
+ol-prefix:
+  style: "one"
+no-inline-html: false
+hr-style:
+  style: "---"
+no-emphasis-as-heading: false
+first-line-h1: false
+code-block-style:
+  style: "fenced"
+emphasis-style: false
+link-fragments: false
+reference-links-images: false
+proper-names:
+  names: [
+    "Akismet",
+    "Alertmanager",
+    "AlmaLinux",
+    "API",
+    "Asana",
+    "Auth0",
+    "Authentiq",
+    "Azure",
+    "Bamboo",
+    "Bitbucket",
+    "Bugzilla",
+    "CAS",
+    "CentOS",
+    "Consul",
+    "Debian",
+    "DevOps",
+    "Docker",
+    "DockerSlim",
+    "Elasticsearch",
+    "Facebook",
+    "fastlane",
+    "fluent-plugin-redis-slowlog",
+    "GDK",
+    "Geo",
+    "Git LFS",
+    "git-annex",
+    "git-sizer",
+    "Git",
+    "Gitaly",
+    "GitHub",
+    "GitLab Geo",
+    "GitLab Monitor",
+    "GitLab Operator",
+    "GitLab Pages",
+    "GitLab Rails",
+    "GitLab Runner",
+    "GitLab Shell",
+    "GitLab Workhorse",
+    "GitLab",
+    "Gitleaks",
+    "Gmail",
+    "Google",
+    "Grafana",
+    "Gzip",
+    "Helm",
+    "HipChat",
+    "ID",
+    "Ingress",
+    "jasmine-jquery",
+    "JavaScript",
+    "Jaeger",
+    "Jenkins",
+    "Jira",
+    "Jira Cloud",
+    "Jira Server",
+    "jQuery",
+    "JSON",
+    "JupyterHub",
+    "Karma",
+    "Kerberos",
+    "Knative",
+    "Kubernetes",
+    "LDAP",
+    "Let's Encrypt",
+    "Markdown",
+    "markdownlint",
+    "Mattermost",
+    "Microsoft",
+    "minikube",
+    "MinIO",
+    "ModSecurity",
+    "NGINX Ingress",
+    "NGINX",
+    "OAuth",
+    "OAuth 2",
+    "OmniAuth",
+    "Omnibus GitLab",
+    "OpenID",
+    "OpenShift",
+    "PgBouncer",
+    "Postfix",
+    "PostgreSQL",
+    "Praefect",
+    "Prometheus",
+    "Puma",
+    "puma-worker-killer",
+    "Python",
+    "Rake",
+    "Redis",
+    "Redmine",
+    "reCAPTCHA",
+    "Ruby",
+    "runit",
+    "Salesforce",
+    "SAML",
+    "Sendmail",
+    "Sentry",
+    "Service Desk",
+    "Sidekiq",
+    "Shibboleth",
+    "Slack",
+    "SMTP",
+    "SpotBugs",
+    "SSH",
+    "Tiller",
+    "TOML",
+    "Trello",
+    "Trello Power-Ups",
+    "TypeScript",
+    "Twitter",
+    "Ubuntu",
+    "Ultra Auth",
+    "Unicorn",
+    "unicorn-worker-killer",
+    "URL",
+    "WebdriverIO",
+    "Workload Identity Pool",
+    "Workload Identity Provider",
+    "YAML",
+    "YouTrack"
+  ]
+  code_blocks: false

charts/gitlab/gitlab/.rubocop.yml

@@ -0,0 +1,73 @@
+inherit_gem:
+  gitlab-styles:
+    - rubocop-default.yml
+
+inherit_from: .rubocop_todo.yml
+
+require:
+  - rubocop-rspec
+
+AllCops:
+  TargetRubyVersion: 2.7
+  # Cop names are displayed in offense messages by default. Change behavior
+  # by overriding DisplayCopNames, or by giving the `--no-display-cop-names`
+  # option.
+  DisplayCopNames: true
+  # Style guide URLs are not displayed in offense messages by default. Change
+  # behavior by overriding DisplayStyleGuide, or by giving the
+  # -S/--display-style-guide option.
+  DisplayStyleGuide: false
+  # New cops introduced between major versions are set to a special pending status
+  # and are not enabled by default with warning message.
+  # Change this behavior by overriding either `NewCops: enable` or `NewCops: disable`.
+  # When `NewCops` is `enable`, pending cops are enabled in bulk. Can be overridden by
+  # the `--enable-pending-cops` command-line option.
+  # When `NewCops` is `disable`, pending cops are disabled in bulk. Can be overridden by
+  # the `--disable-pending-cops` command-line option.
+  NewCops: disable
+  # Determines if a notification for extension libraries should be shown when
+  # rubocop is run. Keys are the name of the extension, and values are an array
+  # of gems in the Gemfile that the extension is suggested for, if not already
+  # included.
+  SuggestExtensions: false
+  Exclude:
+    - 'bin/*'
+    - 'gems/**/*'
+    - '.bundle/**/*'
+    - 'cache/**/*'
+    - 'node_modules/**/*'
+    - 'vendor/bundle/**/*'
+
+# No rails in charts
+Rails:
+  Enabled: false
+
+# TODO re-enable and start updating rspec tests
+RSpec:
+  Enabled: false
+
+# We are not concerned with the security of using public in charts but we want to ensure
+GitlabSecurity/PublicSend:
+  Enabled: false
+
+# TODO: temporarily excluding the file with lints at RuboCop 1.36
+Lint/BinaryOperatorWithIdenticalOperands:
+  Exclude:
+    - spec/configuration/gitaly_spec.rb
+
+Lint/HashCompareByIdentity: # (new in 0.93)
+  Enabled: true
+
+Lint/RedundantSafeNavigation: # (new in 0.93)
+  Enabled: true
+
+Style/ClassEqualityComparison: # (new in 0.93)
+  Enabled: true
+
+# Do not introduce global variables.
+Style/GlobalVars:
+  Enabled: true
+  Exclude: []
+
+Style/MultilineIfModifier:
+  Enabled: false

charts/gitlab/gitlab/.rubocop_todo.yml

@@ -0,0 +1,536 @@
+# This configuration was generated by
+# `rubocop --auto-gen-config`
+# on 2021-03-23 00:00:00 UTC using RuboCop version 0.93.1.
+# The point is for the user to remove these configuration records
+# one by one as the offenses are removed from the code base.
+# Note that changes in the inspected code, or installation of new
+# versions of RuboCop, may require this file to be generated again.
+
+# Offense count: 31
+# Cop supports --auto-correct.
+CodeReuse/ActiveRecord:
+  Exclude:
+    - 'spec/scripts/lib/version_fetcher_spec.rb'
+    - 'spec/scripts/manage_version_spec.rb'
+
+# Offense count: 5
+# Cop supports --auto-correct.
+Cop/LineBreakAfterGuardClauses:
+  Exclude:
+    - 'spec/configuration/certificates_spec.rb'
+    - 'spec/gitlab_test_helper.rb'
+
+# Offense count: 1
+# Cop supports --auto-correct.
+Cop/LineBreakAroundConditionalBlock:
+  Exclude:
+    - 'scripts/manage_version.rb'
+
+# Offense count: 5
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle, IndentationWidth.
+# SupportedStyles: with_first_argument, with_fixed_indentation
+Layout/ArgumentAlignment:
+  Exclude:
+    - 'spec/features/backups_spec.rb'
+    - 'spec/integration/check_config_spec.rb'
+    - 'spec/spec_helper.rb'
+
+# Offense count: 5
+# Cop supports --auto-correct.
+Layout/EmptyLineAfterGuardClause:
+  Exclude:
+    - 'spec/configuration/certificates_spec.rb'
+    - 'spec/gitlab_test_helper.rb'
+
+# Offense count: 2
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: empty_lines, no_empty_lines
+Layout/EmptyLinesAroundBlockBody:
+  Exclude:
+    - 'Rakefile'
+    - 'spec/features/backups_spec.rb'
+
+# Offense count: 6
+# Cop supports --auto-correct.
+# Configuration parameters: AllowForAlignment, AllowBeforeTrailingComments, ForceEqualSignAlignment.
+Layout/ExtraSpacing:
+  Exclude:
+    - 'spec/configuration/certificates_spec.rb'
+    - 'spec/configuration/mailroom_spec.rb'
+    - 'spec/configuration/redis_spec.rb'
+    - 'spec/helm_template_helper.rb'
+
+# Offense count: 16
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle, IndentationWidth.
+# SupportedStyles: consistent, consistent_relative_to_receiver, special_for_inner_method_call, special_for_inner_method_call_in_parentheses
+Layout/FirstArgumentIndentation:
+  Exclude:
+    - 'spec/configuration/gitlab-yml-erb_spec.rb'
+    - 'spec/configuration/sidekiq_spec.rb'
+
+# Offense count: 27
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle, IndentationWidth.
+# SupportedStyles: special_inside_parentheses, consistent, align_braces
+Layout/FirstHashElementIndentation:
+  Exclude:
+    - 'spec/configuration/database_spec.rb'
+    - 'spec/configuration/mailroom_spec.rb'
+
+# Offense count: 3
+# Cop supports --auto-correct.
+# Configuration parameters: AllowMultipleStyles, EnforcedHashRocketStyle, EnforcedColonStyle, EnforcedLastArgumentHashStyle.
+# SupportedHashRocketStyles: key, separator, table
+# SupportedColonStyles: key, separator, table
+# SupportedLastArgumentHashStyles: always_inspect, always_ignore, ignore_implicit, ignore_explicit
+Layout/HashAlignment:
+  Exclude:
+    - 'spec/configuration/database_spec.rb'
+
+# Offense count: 2
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: symmetrical, new_line, same_line
+Layout/MultilineHashBraceLayout:
+  Exclude:
+    - 'spec/configuration/mailroom_spec.rb'
+
+# Offense count: 1
+# Cop supports --auto-correct.
+Layout/SpaceAfterColon:
+  Exclude:
+    - 'spec/gitlab_test_helper.rb'
+
+# Offense count: 239
+# Cop supports --auto-correct.
+Layout/SpaceAfterComma:
+  Exclude:
+    - 'spec/configuration/certificates_spec.rb'
+    - 'spec/configuration/database_spec.rb'
+    - 'spec/configuration/gitaly_spec.rb'
+    - 'spec/configuration/mailroom_spec.rb'
+    - 'spec/configuration/redis_spec.rb'
+    - 'spec/helm_template_helper.rb'
+
+# Offense count: 2
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyleInsidePipes.
+# SupportedStylesInsidePipes: space, no_space
+Layout/SpaceAroundBlockParameters:
+  Exclude:
+    - 'spec/scripts/manage_version_spec.rb'
+
+# Offense count: 11
+# Cop supports --auto-correct.
+# Configuration parameters: AllowForAlignment, EnforcedStyleForExponentOperator.
+# SupportedStylesForExponentOperator: space, no_space
+Layout/SpaceAroundOperators:
+  Exclude:
+    - 'spec/configuration/database_spec.rb'
+    - 'spec/configuration/mailroom_spec.rb'
+    - 'spec/configuration/redis_spec.rb'
+    - 'spec/gitlab_test_helper.rb'
+    - 'spec/helm_template_helper.rb'
+
+# Offense count: 9
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyleForEmptyBraces.
+# SupportedStyles: space, no_space
+# SupportedStylesForEmptyBraces: space, no_space
+Layout/SpaceBeforeBlockBraces:
+  Exclude:
+    - 'spec/configuration/labels_spec.rb'
+    - 'spec/helm_template_helper.rb'
+
+# Offense count: 1
+# Cop supports --auto-correct.
+Layout/SpaceBeforeComma:
+  Exclude:
+    - 'spec/helm_template_helper.rb'
+
+# Offense count: 16
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle, EnforcedStyleForEmptyBrackets.
+# SupportedStyles: space, no_space, compact
+# SupportedStylesForEmptyBrackets: space, no_space
+Layout/SpaceInsideArrayLiteralBrackets:
+  Exclude:
+    - 'spec/configuration/database_spec.rb'
+    - 'spec/helm_template_helper.rb'
+    - 'spec/integration/check_config_spec.rb'
+
+# Offense count: 2
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyleForEmptyBraces, SpaceBeforeBlockParameters.
+# SupportedStyles: space, no_space
+# SupportedStylesForEmptyBraces: space, no_space
+Layout/SpaceInsideBlockBraces:
+  Exclude:
+    - 'spec/configuration/workhorse_spec.rb'
+
+# Offense count: 29
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyleForEmptyBraces.
+# SupportedStyles: space, no_space, compact
+# SupportedStylesForEmptyBraces: space, no_space
+Layout/SpaceInsideHashLiteralBraces:
+  Exclude:
+    - 'spec/configuration/labels_spec.rb'
+    - 'spec/configuration/mailroom_spec.rb'
+    - 'spec/configuration/redis_spec.rb'
+    - 'spec/scripts/lib/version_fetcher_spec.rb'
+
+# Offense count: 4
+# Cop supports --auto-correct.
+# Configuration parameters: AllowInHeredoc.
+Layout/TrailingWhitespace:
+  Exclude:
+    - 'spec/configuration/database_spec.rb'
+    - 'spec/configuration/labels_spec.rb'
+
+# Offense count: 1
+Lint/MixedRegexpCaptureTypes:
+  Exclude:
+    - 'scripts/lib/version.rb'
+
+# Offense count: 1
+Lint/UselessAssignment:
+  Exclude:
+    - 'spec/helm_template_helper.rb'
+
+# Offense count: 1
+# Configuration parameters: IgnoredMethods.
+Metrics/CyclomaticComplexity:
+  Max: 14
+
+# Offense count: 1
+# Configuration parameters: IgnoredMethods.
+Metrics/PerceivedComplexity:
+  Max: 15
+
+# Offense count: 1
+# Configuration parameters: ExpectMatchingDefinition, CheckDefinitionPathHierarchy, Regex, IgnoreExecutableScripts, AllowedAcronyms.
+# AllowedAcronyms: CLI, DSL, ACL, API, ASCII, CPU, CSS, DNS, EOF, GUID, HTML, HTTP, HTTPS, ID, IP, JSON, LHS, QPS, RAM, RHS, RPC, SLA, SMTP, SQL, SSH, TCP, TLS, TTL, UDP, UI, UID, UUID, URI, URL, UTF8, VM, XML, XMPP, XSRF, XSS
+Naming/FileName:
+  Exclude:
+    - 'spec/configuration/gitlab-yml-erb_spec.rb'
+
+# Offense count: 1
+# Cop supports --auto-correct.
+# Configuration parameters: PreferredName.
+Naming/RescuedExceptionsVariableName:
+  Exclude:
+    - 'scripts/manage_version.rb'
+
+# Offense count: 1
+# Cop supports --auto-correct.
+# Configuration parameters: AutoCorrect, SafeMultiline.
+Performance/EndWith:
+  Exclude:
+    - 'scripts/support/changelog/Dangerfile'
+
+# Offense count: 2
+# Cop supports --auto-correct.
+Performance/RegexpMatch:
+  Exclude:
+    - 'scripts/support/changelog/Dangerfile'
+    - 'spec/spec_helper.rb'
+
+# Offense count: 1
+# Cop supports --auto-correct.
+# Configuration parameters: AutoCorrect, SafeMultiline.
+Performance/StartWith:
+  Exclude:
+    - 'scripts/support/changelog/Dangerfile'
+
+# Offense count: 5
+Security/Open:
+  Exclude:
+    - 'scripts/lib/version_fetcher.rb'
+    - 'spec/features/backups_spec.rb'
+    - 'spec/gitlab_test_helper.rb'
+
+# Offense count: 4
+# Cop supports --auto-correct.
+Security/YAMLLoad:
+  Exclude:
+    - 'spec/configuration/gitaly_spec.rb'
+
+# Offense count: 1
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: percent_q, bare_percent
+Style/BarePercentLiterals:
+  Exclude:
+    - 'scripts/support/changelog/Dangerfile'
+
+# Offense count: 8
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle, ProceduralMethods, FunctionalMethods, IgnoredMethods, AllowBracesOnProceduralOneLiners, BracesRequiredMethods.
+# SupportedStyles: line_count_based, semantic, braces_for_chaining, always_braces
+# ProceduralMethods: benchmark, bm, bmbm, create, each_with_object, measure, new, realtime, tap, with_object
+# FunctionalMethods: let, let!, subject, watch
+# IgnoredMethods: lambda, proc, it
+Style/BlockDelimiters:
+  Exclude:
+    - 'spec/configuration/database_spec.rb'
+    - 'spec/configuration/redis_spec.rb'
+    - 'spec/helm_template_helper.rb'
+
+# Offense count: 3
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle, SingleLineConditionsOnly, IncludeTernaryExpressions.
+# SupportedStyles: assign_to_condition, assign_inside_condition
+Style/ConditionalAssignment:
+  Exclude:
+    - 'scripts/lib/version.rb'
+    - 'scripts/manage_version.rb'
+
+# Offense count: 3
+# Cop supports --auto-correct.
+Style/DefWithParentheses:
+  Exclude:
+    - 'spec/helm_template_helper.rb'
+
+# Offense count: 37
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: always, always_true, never
+Style/FrozenStringLiteralComment:
+  Enabled: false
+
+# Offense count: 5
+# Configuration parameters: MinBodyLength.
+Style/GuardClause:
+  Exclude:
+    - 'scripts/lib/version.rb'
+    - 'scripts/lib/version_mapping.rb'
+    - 'scripts/manage_version.rb'
+
+# Offense count: 2
+# Cop supports --auto-correct.
+# Configuration parameters: UseHashRocketsWithSymbolValues, PreferHashRocketsForNonAlnumEndingSymbols.
+# SupportedStyles: ruby19, hash_rockets, no_mixed_keys, ruby19_no_mixed_keys
+Style/HashSyntax:
+  Exclude:
+    - 'spec/spec_helper.rb'
+
+# Offense count: 12
+# Cop supports --auto-correct.
+Style/IfUnlessModifier:
+  Exclude:
+    - 'scripts/manage_version.rb'
+    - 'scripts/support/metadata/Dangerfile'
+    - 'spec/configuration/workhorse_spec.rb'
+    - 'spec/gitlab_test_helper.rb'
+
+# Offense count: 1
+# Cop supports --auto-correct.
+# Configuration parameters: IgnoredMethods.
+Style/MethodCallWithoutArgsParentheses:
+  Exclude:
+    - 'spec/spec_helper.rb'
+
+# Offense count: 1
+Style/MixinUsage:
+  Exclude:
+    - 'spec/spec_helper.rb'
+
+# Offense count: 2
+# Cop supports --auto-correct.
+Style/MultilineWhenThen:
+  Exclude:
+    - 'spec/helm_template_helper.rb'
+
+# Offense count: 1
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: literals, strict
+Style/MutableConstant:
+  Exclude:
+    - 'db/migrate/**/*'
+    - 'db/post_migrate/**/*'
+    - 'db/geo/migrate/**/*'
+    - 'scripts/lib/version.rb'
+
+# Offense count: 1
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle, MinBodyLength.
+# SupportedStyles: skip_modifier_ifs, always
+Style/Next:
+  Exclude:
+    - 'spec/configuration/workhorse_spec.rb'
+
+# Offense count: 1
+# Cop supports --auto-correct.
+# Configuration parameters: .
+# SupportedStyles: compact, exploded
+Style/RaiseArgs:
+  Exclude:
+    - 'scripts/manage_version.rb'
+
+# Offense count: 1
+# Cop supports --auto-correct.
+Style/RedundantBegin:
+  Exclude:
+    - 'spec/gitlab_test_helper.rb'
+
+# Offense count: 2
+# Cop supports --auto-correct.
+Style/RedundantFileExtensionInRequire:
+  Exclude:
+    - 'Rakefile'
+    - 'spec/scripts/lib/version_fetcher_spec.rb'
+
+# Offense count: 2
+# Cop supports --auto-correct.
+Style/RedundantFreeze:
+  Exclude:
+    - 'scripts/tag_auto_deploy.rb'
+
+# Offense count: 9
+# Cop supports --auto-correct.
+# Configuration parameters: AllowMultipleReturnValues.
+Style/RedundantReturn:
+  Exclude:
+    - 'spec/gitlab_test_helper.rb'
+
+# Offense count: 3
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle, AllowInnerSlashes.
+# SupportedStyles: slashes, percent_r, mixed
+Style/RegexpLiteral:
+  Exclude:
+    - 'scripts/lib/version.rb'
+    - 'scripts/support/changelog/Dangerfile'
+    - 'scripts/support/metadata/Dangerfile'
+
+# Offense count: 1
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: implicit, explicit
+Style/RescueStandardError:
+  Exclude:
+    - 'spec/gitlab_test_helper.rb'
+
+# Offense count: 3
+# Cop supports --auto-correct.
+# Configuration parameters: ConvertCodeThatCanStartToReturnNil, AllowedMethods.
+# AllowedMethods: present?, blank?, presence, try, try!
+Style/SafeNavigation:
+  Exclude:
+    - 'scripts/lib/version.rb'
+    - 'scripts/manage_version.rb'
+
+# Offense count: 16
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: only_raise, only_fail, semantic
+Style/SignalException:
+  Exclude:
+    - 'scripts/support/changelog/Dangerfile'
+    - 'scripts/support/metadata/Dangerfile'
+    - 'spec/features/backups_spec.rb'
+    - 'spec/helm_template_helper.rb'
+
+# Offense count: 30
+# Cop supports --auto-correct.
+Style/SingleArgumentDig:
+  Exclude:
+    - 'spec/configuration/pages_spec.rb'
+    - 'spec/configuration/praefect_spec.rb'
+    - 'spec/configuration/redis_spec.rb'
+    - 'spec/configuration/webservice_deployments_spec.rb'
+
+# Offense count: 2
+# Cop supports --auto-correct.
+Style/SlicingWithRange:
+  Exclude:
+    - 'scripts/lib/version_fetcher.rb'
+    - 'scripts/tag_auto_deploy.rb'
+
+# Offense count: 1
+# Configuration parameters: AllowModifier.
+Style/SoleNestedConditional:
+  Exclude:
+    - 'scripts/manage_version.rb'
+
+# Offense count: 3
+# Cop supports --auto-correct.
+# Configuration parameters: .
+# SupportedStyles: use_perl_names, use_english_names
+Style/SpecialGlobalVars:
+  EnforcedStyle: use_perl_names
+
+# Offense count: 6
+# Cop supports --auto-correct.
+Style/StderrPuts:
+  Exclude:
+    - 'scripts/lib/version_mapping.rb'
+    - 'scripts/manage_version.rb'
+    - 'scripts/tag_auto_deploy.rb'
+
+# Offense count: 3
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: single_quotes, double_quotes
+Style/StringLiteralsInInterpolation:
+  Exclude:
+    - 'scripts/support/changelog/Dangerfile'
+
+# Offense count: 1
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyleForMultiline.
+# SupportedStylesForMultiline: comma, consistent_comma, no_comma
+Style/TrailingCommaInArguments:
+  Exclude:
+    - 'spec/configuration/sidekiq_spec.rb'
+
+# Offense count: 7
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyleForMultiline.
+# SupportedStylesForMultiline: comma, consistent_comma, no_comma
+Style/TrailingCommaInArrayLiteral:
+  Exclude:
+    - 'spec/configuration/gitaly_spec.rb'
+    - 'spec/configuration/labels_spec.rb'
+    - 'spec/configuration/sidekiq_spec.rb'
+    - 'spec/integration/check_config_spec.rb'
+
+# Offense count: 53
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyleForMultiline.
+# SupportedStylesForMultiline: comma, consistent_comma, no_comma
+Style/TrailingCommaInHashLiteral:
+  Exclude:
+    - 'spec/configuration/certificates_spec.rb'
+    - 'spec/configuration/database_spec.rb'
+    - 'spec/configuration/gitaly_spec.rb'
+    - 'spec/configuration/mailroom_spec.rb'
+    - 'spec/configuration/redis_spec.rb'
+
+# Offense count: 2
+# Cop supports --auto-correct.
+# Configuration parameters: ExactNameMatch, AllowPredicates, AllowDSLWriters, IgnoreClassMethods, AllowedMethods.
+# AllowedMethods: to_ary, to_a, to_c, to_enum, to_h, to_hash, to_i, to_int, to_io, to_open, to_path, to_proc, to_r, to_regexp, to_str, to_s, to_sym
+Style/TrivialAccessors:
+  Exclude:
+    - 'spec/helm_template_helper.rb'
+
+# Offense count: 9
+# Cop supports --auto-correct.
+# Configuration parameters: WordRegex.
+# SupportedStyles: percent, brackets
+Style/WordArray:
+  EnforcedStyle: percent
+  MinSize: 4
+
+# Offense count: 113
+# Cop supports --auto-correct.
+# Configuration parameters: AutoCorrect, AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, IgnoredPatterns.
+# URISchemes: http, https
+Layout/LineLength:
+  Max: 285

charts/gitlab/gitlab/.vale.ini

@@ -0,0 +1,9 @@
+# Vale configuration file.
+#
+# For more information, see https://errata-ai.gitbook.io/vale/getting-started/configuration.
+
+StylesPath = doc/.vale
+MinAlertLevel = suggestion
+
+[*.md]
+BasedOnStyles = gitlab

charts/gitlab/gitlab/CHANGELOG.md

@@ -2,6 +2,10 @@
 documentation](doc/development/changelog.md) for instructions on adding your own
 entry.
 
+## 6.6.1 (2022-11-30)
+
+No changes.
+
 ## 6.6.0 (2022-11-21)
 
 ### Added (8 changes)

charts/gitlab/gitlab/Chart.yaml

@@ -3,7 +3,7 @@ annotations:
   catalog.cattle.io/display-name: GitLab
   catalog.cattle.io/release-name: gitlab
 apiVersion: v1
-appVersion: 15.6.0
+appVersion: 15.6.1
 description: The One DevOps Platform
 home: https://about.gitlab.com/
 icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.png
@@ -15,4 +15,4 @@ maintainers:
 name: gitlab
 sources:
 - https://gitlab.com/gitlab-org/charts/gitlab
-version: 6.6.0
+version: 6.6.1

charts/gitlab/gitlab/charts/gitlab-runner/CHANGELOG.md

@@ -1,9 +1,8 @@
-## v0.46.1 (2022-11-11)
+## v0.47.0 (2022-11-22)
 
 ### New features
 
-- Update GitLab Runner version to 15.5.1
+- Update GitLab Runner version to 15.6.0
-
 ## v0.46.0 (2022-10-21)
 
 ### New features

charts/gitlab/gitlab/charts/gitlab-runner/Chart.yaml

@@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: 15.5.1
+appVersion: 15.6.0
 description: GitLab Runner
 icon: https://gitlab.com/uploads/-/system/project/avatar/250833/runner_logo.png
 keywords:
@@ -13,4 +13,4 @@ name: gitlab-runner
 sources:
 - https://gitlab.com/gitlab-org/gitlab-runner
 - https://docs.gitlab.com/runner/
-version: 0.46.1
+version: 0.47.0

charts/gitlab/gitlab/charts/gitlab/charts/geo-logcursor/Chart.yaml

@@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: 15.6.0
+appVersion: 15.6.1
 description: GitLab Geo logcursor
 home: https://about.gitlab.com/
 icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@@ -12,4 +12,4 @@ name: geo-logcursor
 sources:
 - https://gitlab.com/charts/gitlab/tree/master/charts/gitlab/charts/geo-logcursor
 - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-rails
-version: 6.6.0
+version: 6.6.1

charts/gitlab/gitlab/charts/gitlab/charts/gitaly/Chart.yaml

@@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: 15.6.0
+appVersion: 15.6.1
 description: Git RPC service for handling all the git calls made by GitLab
 home: https://about.gitlab.com/
 icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@@ -13,4 +13,4 @@ name: gitaly
 sources:
 - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitaly
 - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitaly
-version: 6.6.0
+version: 6.6.1

charts/gitlab/gitlab/charts/gitlab/charts/gitlab-exporter/Chart.yaml

@@ -14,4 +14,4 @@ sources:
 - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-exporter
 - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-exporter
 - https://gitlab.com/gitlab-org/gitlab-exporter
-version: 6.6.0
+version: 6.6.1

charts/gitlab/gitlab/charts/gitlab/charts/gitlab-grafana/Chart.yaml

@@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: 15.6.0
+appVersion: 15.6.1
 description: Adapt the Grafana chart to interface to the GitLab App
 home: https://about.gitlab.com/
 icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@@ -13,4 +13,4 @@ name: gitlab-grafana
 sources:
 - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-grafana
 - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-grafana
-version: 6.6.0
+version: 6.6.1

charts/gitlab/gitlab/charts/gitlab/charts/gitlab-pages/Chart.yaml

@@ -14,4 +14,4 @@ sources:
 - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-pages
 - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-pages
 - https://gitlab.com/gitlab-org/gitlab-pages
-version: 6.6.0
+version: 6.6.1

charts/gitlab/gitlab/charts/gitlab/charts/gitlab-shell/Chart.yaml

@@ -14,4 +14,4 @@ name: gitlab-shell
 sources:
 - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-shell
 - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-shell
-version: 6.6.0
+version: 6.6.1

charts/gitlab/gitlab/charts/gitlab/charts/kas/Chart.yaml

@@ -17,4 +17,4 @@ name: kas
 sources:
 - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-kas
 - https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent
-version: 6.6.0
+version: 6.6.1

charts/gitlab/gitlab/charts/gitlab/charts/mailroom/Chart.yaml

@@ -13,4 +13,4 @@ name: mailroom
 sources:
 - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/mailroom
 - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-mailroom
-version: 6.6.0
+version: 6.6.1

charts/gitlab/gitlab/charts/gitlab/charts/migrations/Chart.yaml

@@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: 15.6.0
+appVersion: 15.6.1
 description: Database migrations and other versioning tasks for upgrading Gitlab
 home: https://about.gitlab.com/
 icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@@ -12,4 +12,4 @@ name: migrations
 sources:
 - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/migrations
 - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-rails
-version: 6.6.0
+version: 6.6.1

charts/gitlab/gitlab/charts/gitlab/charts/praefect/Chart.yaml

@@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: 15.6.0
+appVersion: 15.6.1
 description: Praefect is a router and transaction manager for Gitaly, and a required
   component for running a Gitaly Cluster.
 home: https://about.gitlab.com/
@@ -16,4 +16,4 @@ sources:
 - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/praefect
 - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitaly
 - https://gitlab.com/gitlab-org/gitaly/-/tree/master/cmd/praefect
-version: 6.6.0
+version: 6.6.1

charts/gitlab/gitlab/charts/gitlab/charts/sidekiq/Chart.yaml

@@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: 15.6.0
+appVersion: 15.6.1
 description: Gitlab Sidekiq for asynchronous task processing in rails
 home: https://about.gitlab.com/
 icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@@ -13,4 +13,4 @@ name: sidekiq
 sources:
 - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/sidekiq
 - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-sidekiq
-version: 6.6.0
+version: 6.6.1

charts/gitlab/gitlab/charts/gitlab/charts/spamcheck/Chart.yaml

@@ -14,4 +14,4 @@ name: spamcheck
 sources:
 - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/spamcheck
 - https://gitlab.com/gitlab-org/spamcheck
-version: 6.6.0
+version: 6.6.1

charts/gitlab/gitlab/charts/gitlab/charts/toolbox/Chart.yaml

@@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: 15.6.0
+appVersion: 15.6.1
 description: For manually running rake tasks through kubectl
 home: https://about.gitlab.com/
 icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@@ -13,4 +13,4 @@ name: toolbox
 sources:
 - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/toolbox
 - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-toolbox
-version: 6.6.0
+version: 6.6.1

charts/gitlab/gitlab/charts/gitlab/charts/webservice/Chart.yaml

@@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: 15.6.0
+appVersion: 15.6.1
 description: HTTP server for Gitlab
 home: https://about.gitlab.com/
 icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@@ -14,4 +14,4 @@ name: webservice
 sources:
 - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/webservice
 - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-webservice
-version: 6.6.0
+version: 6.6.1

charts/gitlab/gitlab/requirements.lock

@@ -22,7 +22,7 @@ dependencies:
   version: 8.9.4
 - name: gitlab-runner
   repository: https://charts.gitlab.io/
-  version: 0.46.1
+  version: 0.47.0
 - name: grafana
   repository: https://grafana.github.io/helm-charts
   version: 6.11.0
@@ -32,5 +32,5 @@ dependencies:
 - name: nginx-ingress
   repository: ""
   version: '*.*.*'
-digest: sha256:19dcd732718aab19a79cd814707e51a43355a9ff320406f1146f1cf288fa1bd1
+digest: sha256:1a36b0e21d9953da190f461eccaee8056bd12a588578db8eca57caa488e8da48
-generated: "2022-11-22T13:26:30.179216448Z"
+generated: "2022-11-30T19:13:56.463468432Z"

charts/gitlab/gitlab/requirements.yaml

@@ -21,7 +21,7 @@ dependencies:
   repository: https://raw.githubusercontent.com/bitnami/charts/eb5f9a9513d987b519f0ecd732e7031241c50328/bitnami
   condition: postgresql.install
 - name: gitlab-runner
-  version: 0.46.1
+  version: 0.47.0
   repository: https://charts.gitlab.io/
   condition: gitlab-runner.install
 - name: grafana

charts/hashicorp/consul/.helmignore

@@ -0,0 +1,4 @@
+.git/
+.terraform/
+bin/
+test/

charts/hashicorp/consul/Chart.yaml

@@ -1,9 +1,9 @@
 annotations:
   artifacthub.io/images: |
     - name: consul
-      image: hashicorp/consul:1.14.1
+      image: hashicorp/consul:1.14.2
     - name: consul-k8s-control-plane
-      image: hashicorp/consul-k8s-control-plane:1.0.1
+      image: hashicorp/consul-k8s-control-plane:1.0.2
     - name: consul-dataplane
       image: hashicorp/consul-dataplane:1.0.0
     - name: envoy
@@ -25,7 +25,7 @@ annotations:
   catalog.cattle.io/kube-version: '>=1.21.0-0'
   catalog.cattle.io/release-name: consul
 apiVersion: v2
-appVersion: 1.14.1
+appVersion: 1.14.2
 description: Official HashiCorp Consul Chart
 home: https://www.consul.io
 icon: https://raw.githubusercontent.com/hashicorp/consul-k8s/main/assets/icon.png
@@ -34,4 +34,4 @@ name: consul
 sources:
 - https://github.com/hashicorp/consul
 - https://github.com/hashicorp/consul-k8s
-version: 1.0.1
+version: 1.0.2

charts/hashicorp/consul/templates/api-gateway-controller-deployment.yaml

@@ -56,8 +56,8 @@ spec:
           name: sds
           protocol: TCP
         env:
-        {{- if .Values.global.tls.enabled }}
         {{- if or (not (and .Values.externalServers.enabled .Values.externalServers.useSystemRoots)) .Values.client.enabled }}
+        {{- if .Values.global.tls.enabled }}
         - name: CONSUL_CACERT
           value: /consul/tls/ca/tls.crt
         {{- end }}
@@ -149,8 +149,9 @@ spec:
         - name: consul-bin
           mountPath: /consul-bin
         {{- end }}
+        {{- if or (not (and .Values.externalServers.enabled .Values.externalServers.useSystemRoots)) .Values.client.enabled }}
         {{- if .Values.global.tls.enabled }}
-        {{- if .Values.global.tls.enableAutoEncrypt }}
+        {{- if and .Values.client.enabled .Values.global.tls.enableAutoEncrypt }}
         - name: consul-auto-encrypt-ca-cert
         {{- else }}
         - name: consul-ca-cert
@@ -158,6 +159,7 @@ spec:
           mountPath: /consul/tls/ca
           readOnly: true
         {{- end }}
+        {{- end }}
         - mountPath: /consul/login
           name: consul-data
           readOnly: true
@@ -222,10 +224,6 @@ spec:
       {{- if .Values.global.acls.manageSystemACLs }}
       - name: api-gateway-controller-acl-init
         env:
-        - name: HOST_IP
-          valueFrom:
-            fieldRef:
-              fieldPath: status.hostIP
         - name: NAMESPACE
           valueFrom:
             fieldRef:
@@ -242,15 +240,13 @@ spec:
         - mountPath: /consul/login
           name: consul-data
           readOnly: false
+        {{- if not (and .Values.externalServers.enabled .Values.externalServers.useSystemRoots) }}
         {{- if .Values.global.tls.enabled }}
-        {{- if .Values.global.tls.enableAutoEncrypt }}
-        - name: consul-auto-encrypt-ca-cert
-        {{- else }}
         - name: consul-ca-cert
-        {{- end }}
           mountPath: /consul/tls/ca
           readOnly: true
         {{- end }}
+        {{- end }}
         command:
         - "/bin/sh"
         - "-ec"
@@ -262,10 +258,6 @@ spec:
             {{- else }}
             -auth-method-name={{ template "consul.fullname" . }}-k8s-component-auth-method \
             {{- end }}
-            {{- if .Values.global.adminPartitions.enabled }}
-            -partition={{ .Values.global.adminPartitions.name }} \
-            {{- end }}
-            -api-timeout={{ .Values.global.consulAPITimeout }} \
             -log-level={{ default .Values.global.logLevel .Values.apiGateway.logLevel }} \
             -log-json={{ .Values.global.logJSON }}
         resources:

charts/hashicorp/consul/templates/cni-clusterrole.yaml

@@ -3,7 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
   name: {{ template "consul.fullname" . }}-cni
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ default .Release.Namespace .Values.connectInject.cni.namespace }}
   labels:
     app: {{ template "consul.name" . }}
     chart: {{ template "consul.chart" . }}

charts/hashicorp/consul/templates/cni-clusterrolebinding.yaml

@@ -16,5 +16,5 @@ roleRef:
 subjects:
 - kind: ServiceAccount
   name: {{ template "consul.fullname" . }}-cni
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ default .Release.Namespace .Values.connectInject.cni.namespace }}
 {{- end }}

charts/hashicorp/consul/templates/cni-daemonset.yaml

@@ -4,7 +4,7 @@ apiVersion: apps/v1
 kind: DaemonSet
 metadata:
   name: {{ template "consul.fullname" . }}-cni
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ default .Release.Namespace .Values.connectInject.cni.namespace }}
   labels:
     app: {{ template "consul.name" . }}
     chart: {{ template "consul.chart" . }}

charts/hashicorp/consul/templates/cni-networkattachmentdefinition.yaml

@@ -3,7 +3,7 @@ apiVersion: "k8s.cni.cncf.io/v1"
 kind: NetworkAttachmentDefinition
 metadata:
   name: {{ template "consul.fullname" . }}-cni
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ default .Release.Namespace .Values.connectInject.cni.namespace }}
   labels:
     app: {{ template "consul.name" . }}
     chart: {{ template "consul.chart" . }}

charts/hashicorp/consul/templates/cni-podsecuritypolicy.yaml

@@ -3,7 +3,7 @@ apiVersion: policy/v1beta1
 kind: PodSecurityPolicy
 metadata:
   name: {{ template "consul.fullname" . }}-cni
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ default .Release.Namespace .Values.connectInject.cni.namespace }}
   labels:
     app: {{ template "consul.name" . }}
     chart: {{ template "consul.chart" . }}

charts/hashicorp/consul/templates/cni-resourcequota.yaml

@@ -3,7 +3,7 @@ apiVersion: v1
 kind: ResourceQuota
 metadata:
   name: {{ template "consul.fullname" . }}-cni
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ default .Release.Namespace .Values.connectInject.cni.namespace }}
   labels:
     app: {{ template "consul.name" . }}
     chart: {{ template "consul.chart" . }}

charts/hashicorp/consul/templates/cni-securitycontextconstraints.yaml

@@ -3,7 +3,7 @@ apiVersion: security.openshift.io/v1
 kind: SecurityContextConstraints
 metadata:
   name: {{ template "consul.fullname" . }}-cni
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ default .Release.Namespace .Values.connectInject.cni.namespace }}
   labels:
     app: {{ template "consul.name" . }}
     chart: {{ template "consul.chart" . }}

charts/hashicorp/consul/templates/cni-serviceaccount.yaml

@@ -3,7 +3,7 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: {{ template "consul.fullname" . }}-cni
-  namespace: {{ .Release.Namespace }}
+  namespace: {{ default .Release.Namespace .Values.connectInject.cni.namespace }}
   labels:
     app: {{ template "consul.name" . }}
     chart: {{ template "consul.chart" . }}

charts/hashicorp/consul/values.yaml

@@ -63,7 +63,7 @@ global:
   # image: "hashicorp/consul-enterprise:1.10.0-ent"
   # ```
   # @default: hashicorp/consul:<latest version>
-  image: "hashicorp/consul:1.14.1"
+  image: "hashicorp/consul:1.14.2"
 
   # Array of objects containing image pull secret names that will be applied to each service account.
   # This can be used to reference image pull secrets if using a custom consul or consul-k8s-control-plane Docker image.
@@ -83,7 +83,7 @@ global:
   # image that is used for functionality such as catalog sync.
   # This can be overridden per component.
   # @default: hashicorp/consul-k8s-control-plane:<latest version>
-  imageK8S: hashicorp/consul-k8s-control-plane:1.0.1
+  imageK8S: hashicorp/consul-k8s-control-plane:1.0.2
 
   # The name of the datacenter that the agents should
   # register as. This can't be changed once the Consul cluster is up and running
@@ -1945,6 +1945,11 @@ connectInject:
     # @type: string
     logLevel: null
 
+    # Set the namespace to install the CNI plugin into. Overrides global namespace settings for CNI resources.
+    # Ex: "kube-system" 
+    # @type: string
+    namespace: null
+
     # Location on the kubernetes node where the CNI plugin is installed. Shoud be the absolute path and start with a '/'
     # Example on GKE:
     #

charts/jfrog/artifactory-ha/.helmignore

@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+OWNERS

charts/jfrog/artifactory-ha/CHANGELOG.md

@@ -1,7 +1,15 @@
 # JFrog Artifactory-ha Chart Changelog
 All changes to this chart will be documented in this file
 
-## [107.46.17] - Sep 14, 2022
+## [107.47.10] - Oct 27, 2022
+* Updated router version to `7.51.0`
+
+## [107.47.0] - Sep 29, 2022
+* Updated initContainerImage to `ubi8/ubi-minimal:8.6-941`
+* Added support for annotations for artifactory statefulset and nginx deployment [GH-1665](https://github.com/jfrog/charts/pull/1665)
+* Updated router version to `7.49.0`
+
+## [107.46.0] - Sep 14, 2022
 * **IMPORTANT**
 * Added support for lifecycle hooks for all containers, changed `artifactory.postStartCommand` to `.Values.artifactory.lifecycle.postStart.exec.command`
 * Updated initContainerImage and logger image to `ubi8/ubi-minimal:8.6-902`

charts/jfrog/artifactory-ha/Chart.yaml

@@ -4,7 +4,7 @@ annotations:
   catalog.cattle.io/kube-version: '>= 1.14.0-0'
   catalog.cattle.io/release-name: artifactory-ha
 apiVersion: v2
-appVersion: 7.46.17
+appVersion: 7.47.10
 dependencies:
 - condition: postgresql.enabled
   name: postgresql
@@ -26,4 +26,4 @@ name: artifactory-ha
 sources:
 - https://github.com/jfrog/charts
 type: application
-version: 107.46.17
+version: 107.47.10

charts/jfrog/artifactory-ha/ci/test-values.yaml

@@ -35,6 +35,9 @@ artifactory:
   javaOpts:
     xms: "4g"
     xmx: "4g"
+  statefulset:
+    annotations:
+      artifactory: test
 
 postgresql:
   postgresqlPassword: "password"

charts/jfrog/artifactory-ha/templates/artifactory-node-statefulset.yaml

@@ -12,6 +12,10 @@ metadata:
 {{- with .Values.artifactory.node.labels }}
 {{ toYaml . | indent 4 }}
 {{- end }}
+{{- with .Values.artifactory.statefulset.annotations }}
+  annotations:
+{{ toYaml . | indent 4 }}
+{{- end }}
 spec:
   serviceName: {{ template "artifactory-ha.node.name" . }}
   replicas: {{ .Values.artifactory.node.replicaCount }}

charts/jfrog/artifactory-ha/templates/artifactory-primary-statefulset.yaml

@@ -24,6 +24,10 @@ metadata:
 {{- if or .Values.artifactory.persistence.googleStorage.identity .Values.artifactory.persistence.googleStorage.credential }}
     {{- fail "\nGCP Bucket Authentication with Identity and Credential is deprecated" }}
 {{- end }}
+{{- with .Values.artifactory.statefulset.annotations }}
+  annotations:
+{{ toYaml . | indent 4 }}
+{{- end }}
 spec:
   serviceName: {{ template "artifactory-ha.primary.name" . }}
   replicas: {{ .Values.artifactory.primary.replicaCount }}

charts/jfrog/artifactory-ha/templates/nginx-deployment.yaml

@@ -14,6 +14,10 @@ metadata:
 {{- if .Values.nginx.labels }}
 {{ toYaml .Values.nginx.labels | indent 4 }}
 {{- end }}
+{{- with .Values.nginx.deployment.annotations }}
+  annotations:
+{{ toYaml . | indent 4 }}
+{{- end }}
 spec:
 {{- if ne .Values.nginx.kind "DaemonSet" }}
   replicas: {{ .Values.nginx.replicaCount }}

charts/jfrog/artifactory-ha/values.yaml

@@ -44,7 +44,7 @@ global:
 ##
 # fullnameOverride:
 
-initContainerImage: releases-docker.jfrog.io/ubi8/ubi-minimal:8.6-902
+initContainerImage: releases-docker.jfrog.io/ubi8/ubi-minimal:8.6-941
 
 installer:
   type:
@@ -217,7 +217,7 @@ logger:
   image:
     registry: releases-docker.jfrog.io
     repository: ubi8/ubi-minimal
-    tag: 8.6-902
+    tag: 8.6-941
 
 ## You can use a pre-existing secret with keys license_token and iam_role by specifying licenseConfigSecretName
 ## Example : Create a generic secret using `kubectl create secret generic <secret-name> --from-literal=license_token=${TOKEN} --from-literal=iam_role=${ROLE_ARN}`
@@ -234,7 +234,7 @@ router:
   image:
     registry: releases-docker.jfrog.io
     repository: jfrog/router
-    tag: 7.45.0
+    tag: 7.51.0
     imagePullPolicy: IfNotPresent
   serviceRegistry:
     ## Service registry (Access) TLS verification skipped if enabled
@@ -1005,6 +1005,9 @@ artifactory:
   javaOpts: {}
     # other: ""
 
+  statefulset:
+    annotations: {}
+
   ## The following setting are to configure a dedicated Ingress object for Replicator service
   replicator:
     name: replicator
@@ -1597,6 +1600,9 @@ nginx:
     # tag:
     pullPolicy: IfNotPresent
 
+  deployment:
+    annotations: {}
+
   # Priority Class name to be used in deployment if provided
   priorityClassName:
 

charts/jfrog/artifactory-jcr/CHANGELOG.md

@@ -1,7 +1,7 @@
 # JFrog Container Registry Chart Changelog
 All changes to this chart will be documented in this file.
 
-## [107.46.17] - Aug 25, 2022
+## [107.47.10] - Aug 25, 2022
 * Included event service as mandatory and remove the flag from values.yaml
 
 ## [107.41.0] - Jul 22, 2022

charts/jfrog/artifactory-jcr/Chart.yaml

@@ -4,11 +4,11 @@ annotations:
   catalog.cattle.io/kube-version: '>= 1.14.0-0'
   catalog.cattle.io/release-name: artifactory-jcr
 apiVersion: v2
-appVersion: 7.46.17
+appVersion: 7.47.10
 dependencies:
 - name: artifactory
   repository: file://./charts/artifactory
-  version: 107.46.17
+  version: 107.47.10
 description: JFrog Container Registry
 home: https://jfrog.com/container-registry/
 icon: https://raw.githubusercontent.com/jfrog/charts/ea5c3112c24a973f64f3ccd99747323db292a369/stable/artifactory-jcr/logo/jcr-logo.png
@@ -27,4 +27,4 @@ name: artifactory-jcr
 sources:
 - https://github.com/jfrog/charts
 type: application
-version: 107.46.17
+version: 107.47.10

charts/jfrog/artifactory-jcr/charts/artifactory/CHANGELOG.md

@@ -1,14 +1,22 @@
 # JFrog Artifactory Chart Changelog
 All changes to this chart will be documented in this file.
 
-## [107.46.17] - Sep 14, 2022
+## [107.47.10] - Oct 27, 2022
+* Updated router version to `7.51.0`
+
+## [107.47.0] - Sep 29, 2022
+* Updated initContainerImage to `ubi8/ubi-minimal:8.6-941`
+* Added support for annotations for artifactory statefulset and nginx deployment [GH-1665](https://github.com/jfrog/charts/pull/1665)
+* Updated router version to `7.49.0`
+
+## [107.46.0] - Sep 14, 2022
 * **IMPORTANT**
 * Added support for lifecycle hooks for all containers, changed `artifactory.postStartCommand` to `.Values.artifactory.lifecycle.postStart.exec.command`
 * Updated initContainerImage to `ubi8/ubi-minimal:8.6-902`
 * Update nginx configuration to allow websocket requests when using pipelines
 * Fixed an issue to allow artifactory to make direct API calls to store  instead via jfconnect service when `splitServicesToContainers=true`
 * Refactor binarystore.xml configuration (moved to `files/binarystore.xml` instead of key in values.yaml)
-* Added new binary providers `cluster-s3-storage-v3`, `s3-storage-v3-direct`, `azure-blob-storage-direct`, `google-storage-v2` 
+* Added new binary providers `cluster-s3-storage-v3`, `s3-storage-v3-direct`, `azure-blob-storage-direct`, `google-storage-v2`
 * Deprecated (removed) `aws-s3` binary provider [JetS3t library](https://www.jfrog.com/confluence/display/JFROG/Configuring+the+Filestore#ConfiguringtheFilestore-BinaryProvider)
 * Deprecated (removed) `google-storage` binary provider and force persistence storage type `google-storage` to work with `google-storage-v2` only
 * Copy binarystore.xml in init Container to fix existing persistence on file system in clear text

charts/jfrog/artifactory-jcr/charts/artifactory/Chart.yaml

@@ -1,5 +1,5 @@
 apiVersion: v2
-appVersion: 7.46.17
+appVersion: 7.47.10
 dependencies:
 - condition: postgresql.enabled
   name: postgresql
@@ -21,4 +21,4 @@ name: artifactory
 sources:
 - https://github.com/jfrog/charts
 type: application
-version: 107.46.17
+version: 107.47.10

charts/jfrog/artifactory-jcr/charts/artifactory/ci/test-values.yaml

@@ -27,6 +27,9 @@ artifactory:
   javaOpts:
     xms: "4g"
     xmx: "4g"
+  statefulset:
+    annotations:
+      artifactory: test
 
 postgresql:
   postgresqlPassword: password

charts/jfrog/artifactory-jcr/charts/artifactory/templates/artifactory-statefulset.yaml

@@ -14,6 +14,10 @@ metadata:
 {{- if and .Release.IsUpgrade .Values.postgresql.enabled }}
     databaseUpgradeReady: {{ required "\n\n*********\nIMPORTANT: UPGRADE STOPPED to prevent data loss!\nReview CHANGELOG.md (https://github.com/jfrog/charts/blob/master/stable/artifactory/CHANGELOG.md) \nNote: This applies only when you are using bundled postgresql (postgresql.enabled=true) \nIf you are upgrading from a chart version (< 11.x.x) that has postgresql.image.tag of 9.x or 10.x or 12.x, make sure to pass the current postgresql.image.tag and set databaseUpgradeReady=true \nOR \nIf you are upgrading from a chart version (>= 12.x), just set databaseUpgradeReady=true \n" .Values.databaseUpgradeReady | quote }}
 {{- end }}
+{{- with .Values.artifactory.statefulset.annotations }}
+  annotations:
+{{ toYaml . | indent 4 }}
+{{- end }}
 {{- if and (eq (include "artifactory.isUsingDerby" .) "true") (gt (.Values.artifactory.replicaCount | int64) 1) }}
     {{- fail "Derby database is not supported in HA mode" }}
 {{- end }}

charts/jfrog/artifactory-jcr/charts/artifactory/templates/nginx-deployment.yaml

@@ -14,6 +14,10 @@ metadata:
 {{- if .Values.nginx.labels }}
 {{ toYaml .Values.nginx.labels | indent 4 }}
 {{- end }}
+{{- with .Values.nginx.deployment.annotations }}
+  annotations:
+{{ toYaml . | indent 4 }}
+{{- end }}
 spec:
 {{- if eq .Values.nginx.kind "StatefulSet" }}
   serviceName: {{ template "artifactory.nginx.fullname" . }}

charts/jfrog/artifactory-jcr/charts/artifactory/values.yaml

@@ -46,7 +46,7 @@ global:
 ##
 # fullnameOverride:
 
-initContainerImage: releases-docker.jfrog.io/ubi8/ubi-minimal:8.6-902
+initContainerImage: releases-docker.jfrog.io/ubi8/ubi-minimal:8.6-941
 
 # Init containers
 initContainers:
@@ -175,7 +175,7 @@ logger:
   image:
     registry: releases-docker.jfrog.io
     repository: ubi8/ubi-minimal
-    tag: 8.6-902
+    tag: 8.6-941
 
 ## You can use a pre-existing secret with keys license_token and iam_role by specifying licenseConfigSecretName
 ## Example : Create a generic secret using `kubectl create secret generic <secret-name> --from-literal=license_token=${TOKEN} --from-literal=iam_role=${ROLE_ARN}`
@@ -192,7 +192,7 @@ router:
   image:
     registry: releases-docker.jfrog.io
     repository: jfrog/router
-    tag: 7.45.0
+    tag: 7.51.0
     imagePullPolicy: IfNotPresent
   serviceRegistry:
     ## Service registry (Access) TLS verification skipped if enabled
@@ -766,6 +766,9 @@ artifactory:
     ## If the type is NodePort you can set a fixed port
     # nodePort: 32082
 
+  statefulset:
+    annotations: {}
+
   ## The following setting are to configure a dedicated Ingress object for Replicator service
   replicator:
     name: replicator
@@ -1440,6 +1443,9 @@ nginx:
   annotations: {}
   terminationGracePeriodSeconds: 30
 
+  deployment:
+    annotations: {}
+
   # Note that by default we use appVersion to get image tag/version
   image:
     registry: releases-docker.jfrog.io

charts/nats/nats/.helmignore

@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

charts/nats/nats/Chart.yaml

@@ -24,4 +24,4 @@ maintainers:
   name: Caleb Lloyd
   url: https://github.com/caleblloyd
 name: nats
-version: 0.19.0
+version: 0.19.1

charts/nats/nats/templates/statefulset.yaml

@@ -232,7 +232,7 @@ spec:
             fieldRef:
               apiVersion: v1
               fieldPath: spec.nodeName
-        image: {{ include "nats.fixImage" .Values.bootconfig.image }}
+        image: {{ include "nats.image" .Values.bootconfig.image }}
         imagePullPolicy: {{ .Values.bootconfig.image.pullPolicy }}
         {{- if .Values.bootconfig.securityContext }}
         securityContext:

charts/nats/nats/values.yaml

@@ -575,7 +575,7 @@ exporter:
   enabled: true
   image:
     repository: natsio/prometheus-nats-exporter
-    tag: 0.10.0
+    tag: 0.10.1
     pullPolicy: IfNotPresent
     # registry: docker.io