diff --git a/assets/aquarist-labs/s3gw-0.21.0.tgz b/assets/aquarist-labs/s3gw-0.21.0.tgz new file mode 100644 index 000000000..9c2b74a06 Binary files /dev/null and b/assets/aquarist-labs/s3gw-0.21.0.tgz differ diff --git a/assets/bitnami/airflow-16.0.0.tgz b/assets/bitnami/airflow-16.0.0.tgz new file mode 100644 index 000000000..db5b3c2fb Binary files /dev/null and b/assets/bitnami/airflow-16.0.0.tgz differ diff --git a/assets/bitnami/kafka-25.2.0.tgz b/assets/bitnami/kafka-25.2.0.tgz new file mode 100644 index 000000000..4fb52da0b Binary files /dev/null and b/assets/bitnami/kafka-25.2.0.tgz differ diff --git a/assets/bitnami/postgresql-13.0.0.tgz b/assets/bitnami/postgresql-13.0.0.tgz new file mode 100644 index 000000000..8b3720666 Binary files /dev/null and b/assets/bitnami/postgresql-13.0.0.tgz differ diff --git a/assets/bitnami/redis-18.1.1.tgz b/assets/bitnami/redis-18.1.1.tgz new file mode 100644 index 000000000..e1f341e66 Binary files /dev/null and b/assets/bitnami/redis-18.1.1.tgz differ diff --git a/assets/bitnami/wordpress-17.1.14.tgz b/assets/bitnami/wordpress-17.1.14.tgz new file mode 100644 index 000000000..0dee3b60f Binary files /dev/null and b/assets/bitnami/wordpress-17.1.14.tgz differ diff --git a/assets/crowdstrike/falcon-sensor-1.20.4.tgz b/assets/crowdstrike/falcon-sensor-1.20.4.tgz new file mode 100644 index 000000000..071f79b21 Binary files /dev/null and b/assets/crowdstrike/falcon-sensor-1.20.4.tgz differ diff --git a/assets/datadog/datadog-3.38.3.tgz b/assets/datadog/datadog-3.38.3.tgz new file mode 100644 index 000000000..bceba6d39 Binary files /dev/null and b/assets/datadog/datadog-3.38.3.tgz differ diff --git a/assets/haproxy/haproxy-1.33.1.tgz b/assets/haproxy/haproxy-1.33.1.tgz new file mode 100644 index 000000000..fe9701553 Binary files /dev/null and b/assets/haproxy/haproxy-1.33.1.tgz differ diff --git a/assets/kubecost/cost-analyzer-1.106.1.tgz b/assets/kubecost/cost-analyzer-1.106.1.tgz index 60b906050..dae9202f6 100644 Binary files a/assets/kubecost/cost-analyzer-1.106.1.tgz and b/assets/kubecost/cost-analyzer-1.106.1.tgz differ diff --git a/assets/kubecost/cost-analyzer-1.106.2.tgz b/assets/kubecost/cost-analyzer-1.106.2.tgz new file mode 100644 index 000000000..d3fbfb2b6 Binary files /dev/null and b/assets/kubecost/cost-analyzer-1.106.2.tgz differ diff --git a/assets/redpanda/redpanda-5.5.3.tgz b/assets/redpanda/redpanda-5.5.3.tgz new file mode 100644 index 000000000..3190e1423 Binary files /dev/null and b/assets/redpanda/redpanda-5.5.3.tgz differ diff --git a/assets/sysdig/sysdig-1.16.14.tgz b/assets/sysdig/sysdig-1.16.14.tgz new file mode 100644 index 000000000..057fda76e Binary files /dev/null and b/assets/sysdig/sysdig-1.16.14.tgz differ diff --git a/charts/aquarist-labs/s3gw/Chart.yaml b/charts/aquarist-labs/s3gw/Chart.yaml index 0df590cbd..0aff8c1b5 100644 --- a/charts/aquarist-labs/s3gw/Chart.yaml +++ b/charts/aquarist-labs/s3gw/Chart.yaml @@ -35,4 +35,4 @@ sources: - https://github.com/aquarist-labs/s3gw-cosi-driver - https://github.com/kubernetes-sigs/container-object-storage-interface-provisioner-sidecar type: application -version: 0.20.0 +version: 0.21.0 diff --git a/charts/aquarist-labs/s3gw/templates/_helpers.tpl b/charts/aquarist-labs/s3gw/templates/_helpers.tpl index b6dc68a82..24ee363e4 100644 --- a/charts/aquarist-labs/s3gw/templates/_helpers.tpl +++ b/charts/aquarist-labs/s3gw/templates/_helpers.tpl @@ -120,7 +120,7 @@ Default Access Credentials Backend service name */}} {{- define "s3gw.serviceName" -}} -{{- $dsn := printf "%s-%s" .Release.Name .Release.Namespace }} +{{- $dsn := printf "%s-%s-s3gw" .Release.Name .Release.Namespace }} {{- $name := default $dsn .Values.serviceName }} {{- $name }} {{- end }} @@ -129,7 +129,7 @@ Backend service name Frontend service name */}} {{- define "s3gw.uiServiceName" -}} -{{- $dsn := printf "%s-%s-ui" .Release.Name .Release.Namespace }} +{{- $dsn := printf "%s-%s-ui-s3gw" .Release.Name .Release.Namespace }} {{- $name := default $dsn .Values.ui.serviceName }} {{- $name }} {{- end }} @@ -138,7 +138,7 @@ Frontend service name User credentials secret for S3 backend service */}} {{- define "s3gw.defaultUserCredentialsSecret" -}} -{{- $dsn := printf "%s-%s-creds" .Release.Name .Release.Namespace }} +{{- $dsn := printf "%s-%s-creds-s3gw" .Release.Name .Release.Namespace }} {{- $name := default $dsn .Values.defaultUserCredentialsSecret }} {{- $name }} {{- end }} @@ -147,7 +147,7 @@ User credentials secret for S3 backend service Config map name */}} {{- define "s3gw.configMap" -}} -{{- $dcmn := printf "%s-%s-config" .Release.Name .Release.Namespace }} +{{- $dcmn := printf "%s-%s-config-s3gw" .Release.Name .Release.Namespace }} {{- $name := $dcmn }} {{- $name }} {{- end }} @@ -156,7 +156,7 @@ Config map name Traefik Middleware CORS name */}} {{- define "s3gw.CORSMiddlewareName" -}} -{{- $dmcn := printf "%s-%s-cors-header" .Release.Name .Release.Namespace }} +{{- $dmcn := printf "%s-%s-cors-header-s3gw" .Release.Name .Release.Namespace }} {{- $name := $dmcn }} {{- $name }} {{- end }} @@ -198,7 +198,7 @@ COSI driver name COSI service account name */}} {{- define "s3gw-cosi.ServiceAccountName" -}} -{{- $dcsan := printf "%s-%s-objectstorage-provisioner-sa" .Release.Name .Release.Namespace }} +{{- $dcsan := printf "%s-%s-objectstorage-provisioner-sa-s3gw" .Release.Name .Release.Namespace }} {{- $name := $dcsan }} {{- $name }} {{- end }} @@ -207,7 +207,7 @@ COSI service account name COSI driver secret name */}} {{- define "s3gw-cosi.driverSecretName" -}} -{{- $ddsn := printf "%s-%s-objectstorage-provisioner" .Release.Name .Release.Namespace }} +{{- $ddsn := printf "%s-%s-objectstorage-provisioner-s3gw" .Release.Name .Release.Namespace }} {{- $name := $ddsn }} {{- $name }} {{- end }} @@ -216,7 +216,7 @@ COSI driver secret name COSI cluster role name */}} {{- define "s3gw-cosi.ClusterRoleName" -}} -{{- $dcrn := printf "%s-%s-objectstorage-provisioner-role" .Release.Name .Release.Namespace }} +{{- $dcrn := printf "%s-%s-objectstorage-provisioner-role-s3gw" .Release.Name .Release.Namespace }} {{- $name := $dcrn }} {{- $name }} {{- end }} @@ -225,7 +225,7 @@ COSI cluster role name COSI cluster role binding name */}} {{- define "s3gw-cosi.ClusterRoleBindingName" -}} -{{- $dcrn := printf "%s-%s-objectstorage-provisioner-role-binding" .Release.Name .Release.Namespace }} +{{- $dcrn := printf "%s-%s-objectstorage-provisioner-role-binding-s3gw" .Release.Name .Release.Namespace }} {{- $name := $dcrn }} {{- $name }} {{- end }} diff --git a/charts/aquarist-labs/s3gw/templates/certificate.yaml b/charts/aquarist-labs/s3gw/templates/certificate.yaml index aa0f7963c..3e1c7bd20 100644 --- a/charts/aquarist-labs/s3gw/templates/certificate.yaml +++ b/charts/aquarist-labs/s3gw/templates/certificate.yaml @@ -4,26 +4,26 @@ apiVersion: cert-manager.io/v1 kind: Certificate metadata: - name: {{ .Release.Name }}-{{ .Release.Namespace }}-ca-cert + name: {{ .Release.Name }}-{{ .Release.Namespace }}-s3gw-ca-cert namespace: {{ .Values.certManagerNamespace }} labels: {{ include "s3gw.labels" . | indent 4}} spec: - commonName: {{ .Release.Name }}-{{ .Release.Namespace }}-ca + commonName: {{ .Release.Name }}-{{ .Release.Namespace }}-s3gw-ca isCA: true issuerRef: kind: ClusterIssuer - name: {{ .Release.Name }}-{{ .Release.Namespace }}-self-signed-issuer + name: {{ .Release.Name }}-{{ .Release.Namespace }}-s3gw-self-signed-issuer privateKey: algorithm: ECDSA size: 256 - secretName: {{ .Release.Name }}-{{ .Release.Namespace }}-ca-root + secretName: {{ .Release.Name }}-{{ .Release.Namespace }}-s3gw-ca-root --- # s3gw internal service certificate (private domain) apiVersion: cert-manager.io/v1 kind: Certificate metadata: - name: {{ .Release.Name }}-{{ .Release.Namespace }}-cluster-ip-cert + name: {{ .Release.Name }}-{{ .Release.Namespace }}-s3gw-cluster-ip-cert namespace: {{ .Release.Namespace }} labels: {{ include "s3gw.labels" . | indent 4}} @@ -33,6 +33,6 @@ spec: - '*.{{ include "s3gw.serviceName" . }}.{{ .Release.Namespace }}.{{ .Values.privateDomain }}' issuerRef: kind: ClusterIssuer - name: {{ .Release.Name }}-{{ .Release.Namespace }}-issuer - secretName: {{ .Release.Name }}-{{ .Release.Namespace }}-cluster-ip-tls + name: {{ .Release.Name }}-{{ .Release.Namespace }}-s3gw-issuer + secretName: {{ .Release.Name }}-{{ .Release.Namespace }}-s3gw-cluster-ip-tls {{- end }} diff --git a/charts/aquarist-labs/s3gw/templates/configmap.yaml b/charts/aquarist-labs/s3gw/templates/configmap.yaml index 725896f28..110ae1e71 100644 --- a/charts/aquarist-labs/s3gw/templates/configmap.yaml +++ b/charts/aquarist-labs/s3gw/templates/configmap.yaml @@ -9,8 +9,8 @@ metadata: data: {{- if .Values.ui.enabled }} {{- if or .Values.useCertManager .Values.tls.publicDomain.crt }} - RGW_SERVICE_URL: 'https://{{ include "s3gw.serviceName" . }}.{{ .Values.publicDomain }}' + S3GW_SERVICE_URL: 'https://{{ include "s3gw.serviceName" . }}.{{ .Values.publicDomain }}' {{- else}} - RGW_SERVICE_URL: 'http://{{ include "s3gw.serviceName" . }}.{{ .Values.publicDomain }}' + S3GW_SERVICE_URL: 'http://{{ include "s3gw.serviceName" . }}.{{ .Values.publicDomain }}' {{- end }} {{- end }} diff --git a/charts/aquarist-labs/s3gw/templates/cosi-driver-deployment.yaml b/charts/aquarist-labs/s3gw/templates/cosi-driver-deployment.yaml index 0b6e5b4a6..d180b311b 100644 --- a/charts/aquarist-labs/s3gw/templates/cosi-driver-deployment.yaml +++ b/charts/aquarist-labs/s3gw/templates/cosi-driver-deployment.yaml @@ -3,7 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ .Release.Name }}-objectstorage-provisioner + name: {{ .Release.Name }}-s3gw-objectstorage-provisioner labels: {{ include "s3gw.labels" . | indent 4}} namespace: {{ .Release.Namespace }} diff --git a/charts/aquarist-labs/s3gw/templates/deployment.yaml b/charts/aquarist-labs/s3gw/templates/deployment.yaml index 646a75b20..4252f149d 100644 --- a/charts/aquarist-labs/s3gw/templates/deployment.yaml +++ b/charts/aquarist-labs/s3gw/templates/deployment.yaml @@ -2,7 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ .Release.Name }} + name: {{ .Release.Name }}-s3gw namespace: {{ .Release.Namespace }} labels: {{ include "s3gw.labels" . | indent 4 }} @@ -79,17 +79,17 @@ spec: volumes: - name: s3gw-lh-store persistentVolumeClaim: - claimName: {{ .Release.Name }}-pvc + claimName: {{ .Release.Name }}-s3gw-pvc - name: s3gw-cluster-ip-tls secret: - secretName: {{ .Release.Name }}-{{ .Release.Namespace }}-cluster-ip-tls + secretName: {{ .Release.Name }}-{{ .Release.Namespace }}-s3gw-cluster-ip-tls optional: false {{- if .Values.ui.enabled }} --- apiVersion: apps/v1 kind: Deployment metadata: - name: '{{ .Release.Name }}-ui' + name: '{{ .Release.Name }}-s3gw-ui' namespace: {{ .Release.Namespace }} labels: {{ include "s3gw.labels" . | indent 4 }} diff --git a/charts/aquarist-labs/s3gw/templates/ingress-traefik.yaml b/charts/aquarist-labs/s3gw/templates/ingress-traefik.yaml index fff133cb6..08583f5c6 100644 --- a/charts/aquarist-labs/s3gw/templates/ingress-traefik.yaml +++ b/charts/aquarist-labs/s3gw/templates/ingress-traefik.yaml @@ -4,7 +4,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: '{{ .Release.Name }}' + name: '{{ .Release.Name }}-s3gw' namespace: {{ .Release.Namespace }} labels: {{ include "s3gw.labels" . | indent 4 }} @@ -45,7 +45,7 @@ spec: apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: '{{ .Release.Name }}-no-tls' + name: '{{ .Release.Name }}-s3gw-no-tls' namespace: {{ .Release.Namespace }} labels: {{ include "s3gw.labels" . | indent 4 }} @@ -80,7 +80,7 @@ spec: apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: '{{ .Release.Name }}-ui' + name: '{{ .Release.Name }}-s3gw-ui' namespace: {{ .Release.Namespace }} labels: {{ include "s3gw.labels" . | indent 4 }} @@ -110,7 +110,7 @@ spec: apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: '{{ .Release.Name }}-ui-no-tls' + name: '{{ .Release.Name }}-s3gw-ui-no-tls' namespace: {{ .Release.Namespace }} labels: {{ include "s3gw.labels" . | indent 4 }} diff --git a/charts/aquarist-labs/s3gw/templates/secret.yaml b/charts/aquarist-labs/s3gw/templates/secret.yaml index 1f794ed43..a2d4c0f40 100644 --- a/charts/aquarist-labs/s3gw/templates/secret.yaml +++ b/charts/aquarist-labs/s3gw/templates/secret.yaml @@ -17,7 +17,7 @@ stringData: apiVersion: v1 kind: Secret metadata: - name: '{{ .Release.Name }}-image-pull-secret' + name: '{{ .Release.Name }}-s3gw-image-pull-secret' namespace: {{ .Release.Namespace }} labels: {{ include "s3gw.labels" . | indent 4 }} diff --git a/charts/aquarist-labs/s3gw/templates/storage.yaml b/charts/aquarist-labs/s3gw/templates/storage.yaml index ede394cbb..0cc12dbcb 100644 --- a/charts/aquarist-labs/s3gw/templates/storage.yaml +++ b/charts/aquarist-labs/s3gw/templates/storage.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: '{{ .Release.Name }}-pvc' + name: '{{ .Release.Name }}-s3gw-pvc' namespace: {{ .Release.Namespace }} labels: {{ include "s3gw.labels" . | indent 4 }} @@ -39,7 +39,7 @@ parameters: apiVersion: v1 kind: PersistentVolume metadata: - name: '{{ .Release.Name }}.{{ .Release.Namespace }}-local-pv' + name: '{{ .Release.Name }}.{{ .Release.Namespace }}-s3gw-local-pv' labels: {{ include "s3gw.labels" . | indent 4 }} type: local diff --git a/charts/aquarist-labs/s3gw/templates/tls-issuer.yaml b/charts/aquarist-labs/s3gw/templates/tls-issuer.yaml index e9ae2492a..2cb25aa9c 100644 --- a/charts/aquarist-labs/s3gw/templates/tls-issuer.yaml +++ b/charts/aquarist-labs/s3gw/templates/tls-issuer.yaml @@ -5,7 +5,7 @@ apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: - name: {{ .Release.Name }}-{{ .Release.Namespace }}-self-signed-issuer + name: {{ .Release.Name }}-{{ .Release.Namespace }}-s3gw-self-signed-issuer labels: {{ include "s3gw.labels" . | indent 4}} spec: @@ -15,19 +15,19 @@ spec: apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: - name: {{ .Release.Name }}-{{ .Release.Namespace }}-issuer + name: {{ .Release.Name }}-{{ .Release.Namespace }}-s3gw-issuer labels: {{ include "s3gw.labels" . | indent 4}} spec: ca: - secretName: {{ .Release.Name }}-{{ .Release.Namespace }}-ca-root + secretName: {{ .Release.Name }}-{{ .Release.Namespace }}-s3gw-ca-root {{- else if eq .Values.tlsIssuer "s3gw-letsencrypt-issuer" }} --- # Let's encrypt production issuer apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: - name: {{ .Release.Name }}-{{ .Release.Namespace }}-letsencrypt-issuer + name: {{ .Release.Name }}-{{ .Release.Namespace }}-s3gw-letsencrypt-issuer labels: {{ include "s3gw.labels" . | indent 4}} spec: @@ -35,7 +35,7 @@ spec: email: {{ .Values.email }} preferredChain: "" privateKeySecretRef: - name: {{ .Release.Name }}-{{ .Release.Namespace }}-letsencrypt + name: {{ .Release.Name }}-{{ .Release.Namespace }}-s3gw-letsencrypt server: https://acme-v02.api.letsencrypt.org/directory solvers: - http01: diff --git a/charts/aquarist-labs/s3gw/templates/tls-secret.yaml b/charts/aquarist-labs/s3gw/templates/tls-secret.yaml index 919e6c869..a33347bd6 100644 --- a/charts/aquarist-labs/s3gw/templates/tls-secret.yaml +++ b/charts/aquarist-labs/s3gw/templates/tls-secret.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ .Release.Name }}-{{ .Release.Namespace }}-ingress-tls + name: {{ .Release.Name }}-{{ .Release.Namespace }}-s3gw-ingress-tls namespace: {{ .Release.Namespace }} labels: {{ include "s3gw.labels" . | indent 4 }} @@ -17,7 +17,7 @@ data: apiVersion: v1 kind: Secret metadata: - name: {{ .Release.Name }}-{{ .Release.Namespace }}-cluster-ip-tls + name: {{ .Release.Name }}-{{ .Release.Namespace }}-s3gw-cluster-ip-tls namespace: {{ .Release.Namespace }} labels: {{ include "s3gw.labels" . | indent 4 }} @@ -32,7 +32,7 @@ data: apiVersion: v1 kind: Secret metadata: - name: {{ .Release.Name }}-{{ .Release.Namespace }}-ui-ingress-tls + name: {{ .Release.Name }}-{{ .Release.Namespace }}-s3gw-ui-ingress-tls namespace: {{ .Release.Namespace }} labels: {{ include "s3gw.labels" . | indent 4 }} diff --git a/charts/bitnami/airflow/Chart.lock b/charts/bitnami/airflow/Chart.lock index e2dcb829a..9c0cf0b00 100644 --- a/charts/bitnami/airflow/Chart.lock +++ b/charts/bitnami/airflow/Chart.lock @@ -1,12 +1,12 @@ dependencies: - name: redis repository: oci://registry-1.docker.io/bitnamicharts - version: 18.0.4 + version: 18.1.0 - name: postgresql repository: oci://registry-1.docker.io/bitnamicharts - version: 12.12.4 + version: 13.0.0 - name: common repository: oci://registry-1.docker.io/bitnamicharts - version: 2.12.0 -digest: sha256:edbff56c03d0288ec31eaad7564d28437b0b5833336e7e4b7f23c267eaae0e2b -generated: "2023-09-22T13:55:34.768416404Z" + version: 2.12.1 +digest: sha256:29a9d75fbf3793eac4b0f1b9abd488eda1ff2a0dc650f768b2eeb10f4817a947 +generated: "2023-09-29T10:31:21.76653+02:00" diff --git a/charts/bitnami/airflow/Chart.yaml b/charts/bitnami/airflow/Chart.yaml index 2f081a4e9..d6d7dc445 100644 --- a/charts/bitnami/airflow/Chart.yaml +++ b/charts/bitnami/airflow/Chart.yaml @@ -28,7 +28,7 @@ dependencies: - condition: postgresql.enabled name: postgresql repository: file://./charts/postgresql - version: 12.x.x + version: 13.x.x - name: common repository: file://./charts/common tags: @@ -50,4 +50,4 @@ maintainers: name: airflow sources: - https://github.com/bitnami/charts/tree/main/bitnami/airflow -version: 15.0.7 +version: 16.0.0 diff --git a/charts/bitnami/airflow/README.md b/charts/bitnami/airflow/README.md index 83556aa6c..cfbd8093a 100644 --- a/charts/bitnami/airflow/README.md +++ b/charts/bitnami/airflow/README.md @@ -682,6 +682,10 @@ Find more information about how to deal with common errors related to Bitnami's ## Upgrading +### To 16.0.0 + +This major updates the PostgreSQL subchart to its newest major, 13.0.0. [Here](https://github.com/bitnami/charts/tree/master/bitnami/postgresql#to-1300) you can find more information about the changes introduced in that version. + ### To 15.0.0 This major updates the Redis® subchart to its newest major, 18.0.0. [Here](https://github.com/bitnami/charts/tree/main/bitnami/redis#to-1800) you can find more information about the changes introduced in that version. @@ -710,4 +714,4 @@ Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and -limitations under the License. \ No newline at end of file +limitations under the License. diff --git a/charts/bitnami/airflow/charts/common/Chart.yaml b/charts/bitnami/airflow/charts/common/Chart.yaml index 662a6d7d9..5d5d64b2e 100644 --- a/charts/bitnami/airflow/charts/common/Chart.yaml +++ b/charts/bitnami/airflow/charts/common/Chart.yaml @@ -2,7 +2,7 @@ annotations: category: Infrastructure licenses: Apache-2.0 apiVersion: v2 -appVersion: 2.12.0 +appVersion: 2.12.1 description: A Library Helm Chart for grouping common logic between bitnami charts. This chart is not deployable by itself. home: https://bitnami.com @@ -20,4 +20,4 @@ name: common sources: - https://github.com/bitnami/charts type: library -version: 2.12.0 +version: 2.12.1 diff --git a/charts/bitnami/airflow/charts/common/templates/_labels.tpl b/charts/bitnami/airflow/charts/common/templates/_labels.tpl index a3cdc2bfd..fa3833fb8 100644 --- a/charts/bitnami/airflow/charts/common/templates/_labels.tpl +++ b/charts/bitnami/airflow/charts/common/templates/_labels.tpl @@ -11,13 +11,19 @@ Kubernetes standard labels */}} {{- define "common.labels.standard" -}} {{- if and (hasKey . "customLabels") (hasKey . "context") -}} -{{ merge (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) (dict "app.kubernetes.io/name" (include "common.names.name" .context) "helm.sh/chart" (include "common.names.chart" .context) "app.kubernetes.io/instance" .context.Release.Name "app.kubernetes.io/managed-by" .context.Release.Service "app.kubernetes.io/version" .context.Chart.AppVersion) | toYaml }} +{{- $default := dict "app.kubernetes.io/name" (include "common.names.name" .context) "helm.sh/chart" (include "common.names.chart" .context) "app.kubernetes.io/instance" .context.Release.Name "app.kubernetes.io/managed-by" .context.Release.Service -}} +{{- with .context.Chart.AppVersion -}} +{{- $_ := set $default "app.kubernetes.io/version" . -}} +{{- end -}} +{{ template "common.tplvalues.merge" (dict "values" (list .customLabels $default) "context" .) }} {{- else -}} app.kubernetes.io/name: {{ include "common.names.name" . }} helm.sh/chart: {{ include "common.names.chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- with .Chart.AppVersion }} +app.kubernetes.io/version: {{ . | quote }} +{{- end -}} {{- end -}} {{- end -}} diff --git a/charts/bitnami/airflow/charts/postgresql/Chart.lock b/charts/bitnami/airflow/charts/postgresql/Chart.lock index 6c7414015..65b5f1063 100644 --- a/charts/bitnami/airflow/charts/postgresql/Chart.lock +++ b/charts/bitnami/airflow/charts/postgresql/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: common repository: oci://registry-1.docker.io/bitnamicharts - version: 2.11.1 -digest: sha256:ead8f26c76a9ec082f23629a358e8efd8f88d87aaed734bf41febcb8a7bc5d4c -generated: "2023-09-18T13:15:45.397687963Z" + version: 2.12.0 +digest: sha256:bee62139700f032539621dd38fa1d7285f277b91577c55ea26045254d33825ed +generated: "2023-09-22T17:01:50.438576915Z" diff --git a/charts/bitnami/airflow/charts/postgresql/Chart.yaml b/charts/bitnami/airflow/charts/postgresql/Chart.yaml index 7bace9b4a..c7322e37d 100644 --- a/charts/bitnami/airflow/charts/postgresql/Chart.yaml +++ b/charts/bitnami/airflow/charts/postgresql/Chart.yaml @@ -2,14 +2,14 @@ annotations: category: Database images: | - name: os-shell - image: docker.io/bitnami/os-shell:11-debian-11-r72 + image: docker.io/bitnami/os-shell:11-debian-11-r77 - name: postgres-exporter - image: docker.io/bitnami/postgres-exporter:0.14.0-debian-11-r0 + image: docker.io/bitnami/postgres-exporter:0.14.0-debian-11-r5 - name: postgresql - image: docker.io/bitnami/postgresql:15.4.0-debian-11-r39 + image: docker.io/bitnami/postgresql:16.0.0-debian-11-r3 licenses: Apache-2.0 apiVersion: v2 -appVersion: 15.4.0 +appVersion: 16.0.0 dependencies: - name: common repository: oci://registry-1.docker.io/bitnamicharts @@ -34,4 +34,4 @@ maintainers: name: postgresql sources: - https://github.com/bitnami/charts/tree/main/bitnami/postgresql -version: 12.12.4 +version: 13.0.0 diff --git a/charts/bitnami/airflow/charts/postgresql/README.md b/charts/bitnami/airflow/charts/postgresql/README.md index 13c32a25d..d72972812 100644 --- a/charts/bitnami/airflow/charts/postgresql/README.md +++ b/charts/bitnami/airflow/charts/postgresql/README.md @@ -100,7 +100,7 @@ kubectl delete pvc -l release=my-release | ---------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | | `image.registry` | PostgreSQL image registry | `docker.io` | | `image.repository` | PostgreSQL image repository | `bitnami/postgresql` | -| `image.tag` | PostgreSQL image tag (immutable tags are recommended) | `15.4.0-debian-11-r39` | +| `image.tag` | PostgreSQL image tag (immutable tags are recommended) | `16.0.0-debian-11-r3` | | `image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | PostgreSQL image pull policy | `IfNotPresent` | | `image.pullSecrets` | Specify image pull secrets | `[]` | @@ -379,6 +379,8 @@ kubectl delete pvc -l release=my-release | `backup.cronjob.startingDeadlineSeconds` | Set the cronjob parameter startingDeadlineSeconds | `""` | | `backup.cronjob.ttlSecondsAfterFinished` | Set the cronjob parameter ttlSecondsAfterFinished | `""` | | `backup.cronjob.restartPolicy` | Set the cronjob parameter restartPolicy | `OnFailure` | +| `backup.cronjob.podSecurityContext.enabled` | Enable PodSecurityContext for CronJob/Backup | `true` | +| `backup.cronjob.podSecurityContext.fsGroup` | Group ID for the CronJob | `1001` | | `backup.cronjob.containerSecurityContext.runAsUser` | User ID for the backup container | `1001` | | `backup.cronjob.containerSecurityContext.runAsGroup` | Group ID for the backup container | `0` | | `backup.cronjob.containerSecurityContext.runAsNonRoot` | Set backup container's Security Context runAsNonRoot | `true` | @@ -426,7 +428,7 @@ kubectl delete pvc -l release=my-release | `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | | `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | | `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r72` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r77` | | `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | | `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | @@ -457,7 +459,7 @@ kubectl delete pvc -l release=my-release | `metrics.enabled` | Start a prometheus exporter | `false` | | `metrics.image.registry` | PostgreSQL Prometheus Exporter image registry | `docker.io` | | `metrics.image.repository` | PostgreSQL Prometheus Exporter image repository | `bitnami/postgres-exporter` | -| `metrics.image.tag` | PostgreSQL Prometheus Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r0` | +| `metrics.image.tag` | PostgreSQL Prometheus Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r5` | | `metrics.image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.pullPolicy` | PostgreSQL Prometheus Exporter image pull policy | `IfNotPresent` | | `metrics.image.pullSecrets` | Specify image pull secrets | `[]` | diff --git a/charts/bitnami/airflow/charts/postgresql/charts/common/Chart.yaml b/charts/bitnami/airflow/charts/postgresql/charts/common/Chart.yaml index 3be88e6aa..662a6d7d9 100644 --- a/charts/bitnami/airflow/charts/postgresql/charts/common/Chart.yaml +++ b/charts/bitnami/airflow/charts/postgresql/charts/common/Chart.yaml @@ -2,7 +2,7 @@ annotations: category: Infrastructure licenses: Apache-2.0 apiVersion: v2 -appVersion: 2.11.1 +appVersion: 2.12.0 description: A Library Helm Chart for grouping common logic between bitnami charts. This chart is not deployable by itself. home: https://bitnami.com @@ -20,4 +20,4 @@ name: common sources: - https://github.com/bitnami/charts type: library -version: 2.11.1 +version: 2.12.0 diff --git a/charts/bitnami/airflow/charts/postgresql/charts/common/templates/_utils.tpl b/charts/bitnami/airflow/charts/postgresql/charts/common/templates/_utils.tpl index c87040cd9..bfbddf054 100644 --- a/charts/bitnami/airflow/charts/postgresql/charts/common/templates/_utils.tpl +++ b/charts/bitnami/airflow/charts/postgresql/charts/common/templates/_utils.tpl @@ -65,3 +65,13 @@ Usage: {{- end -}} {{- printf "%s" $key -}} {{- end -}} + +{{/* +Checksum a template at "path" containing a *single* resource (ConfigMap,Secret) for use in pod annotations, excluding the metadata (see #18376). +Usage: +{{ include "common.utils.checksumTemplate" (dict "path" "/configmap.yaml" "context" $) }} +*/}} +{{- define "common.utils.checksumTemplate" -}} +{{- $obj := include (print .context.Template.BasePath .path) .context | fromYaml -}} +{{ omit $obj "apiVersion" "kind" "metadata" | toYaml | sha256sum }} +{{- end -}} diff --git a/charts/bitnami/airflow/charts/postgresql/charts/common/values.schema.json b/charts/bitnami/airflow/charts/postgresql/charts/common/values.schema.json deleted file mode 100644 index 2124b3e4a..000000000 --- a/charts/bitnami/airflow/charts/postgresql/charts/common/values.schema.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "title": "Chart Values", - "type": "object", - "properties": { - "exampleValue": { - "type": "string", - "description": "", - "default": "common-chart" - } - } -} \ No newline at end of file diff --git a/charts/bitnami/airflow/charts/postgresql/templates/backup/cronjob.yaml b/charts/bitnami/airflow/charts/postgresql/templates/backup/cronjob.yaml index 012a44f98..72d1bf200 100644 --- a/charts/bitnami/airflow/charts/postgresql/templates/backup/cronjob.yaml +++ b/charts/bitnami/airflow/charts/postgresql/templates/backup/cronjob.yaml @@ -38,12 +38,14 @@ spec: annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 12 }} {{- end }} spec: + {{- include "postgresql.v1.imagePullSecrets" . | nindent 10 }} {{- if .Values.backup.cronjob.nodeSelector }} nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.nodeSelector "context" $) | nindent 12 }} {{- end }} containers: - name: {{ include "postgresql.v1.primary.fullname" . }}-pgdumpall image: {{ include "postgresql.v1.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy | quote }} env: - name: PGUSER {{- if .Values.auth.enablePostgresUser }} @@ -64,7 +66,7 @@ spec: - name: PGHOST value: {{ include "postgresql.v1.primary.fullname" . }} - name: PGPORT - value: {{ .Values.containerPorts.postgresql | quote }} + value: {{ include "postgresql.v1.service.port" . | quote }} - name: PGDUMP_DIR value: {{ .Values.backup.cronjob.storage.mountPath }} {{- if .Values.tls.enabled }} @@ -90,6 +92,10 @@ spec: securityContext: {{- include "common.tplvalues.render" ( dict "value" .Values.backup.cronjob.containerSecurityContext "context" $) | nindent 14 }} restartPolicy: {{ .Values.backup.cronjob.restartPolicy }} + {{- if .Values.backup.cronjob.podSecurityContext.enabled }} + securityContext: + fsGroup: {{ .Values.backup.cronjob.podSecurityContext.fsGroup }} + {{- end }} volumes: {{- if .Values.tls.enabled }} - name: raw-certificates diff --git a/charts/bitnami/airflow/charts/postgresql/values.yaml b/charts/bitnami/airflow/charts/postgresql/values.yaml index 3c7e9b704..0366bcad2 100644 --- a/charts/bitnami/airflow/charts/postgresql/values.yaml +++ b/charts/bitnami/airflow/charts/postgresql/values.yaml @@ -98,7 +98,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/postgresql - tag: 15.4.0-debian-11-r39 + tag: 16.0.0-debian-11-r3 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -1099,6 +1099,11 @@ backup: ttlSecondsAfterFinished: "" ## @param backup.cronjob.restartPolicy Set the cronjob parameter restartPolicy restartPolicy: OnFailure + ## @param backup.cronjob.podSecurityContext.enabled Enable PodSecurityContext for CronJob/Backup + ## @param backup.cronjob.podSecurityContext.fsGroup Group ID for the CronJob + podSecurityContext: + enabled: true + fsGroup: 1001 ## backup container's Security Context ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container ## @param backup.cronjob.containerSecurityContext.runAsUser User ID for the backup container @@ -1290,7 +1295,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/os-shell - tag: 11-debian-11-r72 + tag: 11-debian-11-r77 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -1391,7 +1396,7 @@ metrics: image: registry: docker.io repository: bitnami/postgres-exporter - tag: 0.14.0-debian-11-r0 + tag: 0.14.0-debian-11-r5 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. diff --git a/charts/bitnami/airflow/charts/redis/Chart.yaml b/charts/bitnami/airflow/charts/redis/Chart.yaml index 28864fe23..9f9678bd9 100644 --- a/charts/bitnami/airflow/charts/redis/Chart.yaml +++ b/charts/bitnami/airflow/charts/redis/Chart.yaml @@ -33,4 +33,4 @@ maintainers: name: redis sources: - https://github.com/bitnami/charts/tree/main/bitnami/redis -version: 18.0.4 +version: 18.1.0 diff --git a/charts/bitnami/airflow/charts/redis/README.md b/charts/bitnami/airflow/charts/redis/README.md index 1c807c8cf..be765f3f3 100644 --- a/charts/bitnami/airflow/charts/redis/README.md +++ b/charts/bitnami/airflow/charts/redis/README.md @@ -434,35 +434,38 @@ The command removes all the Kubernetes components associated with the chart and ### Other Parameters -| Name | Description | Value | -| --------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ------- | -| `serviceBindings.enabled` | Create secret for service binding (Experimental) | `false` | -| `networkPolicy.enabled` | Enable creation of NetworkPolicy resources | `false` | -| `networkPolicy.allowExternal` | Don't require client label for connections | `true` | -| `networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | -| `networkPolicy.extraEgress` | Add extra egress rules to the NetworkPolicy | `[]` | -| `networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | -| `networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | -| `podSecurityPolicy.create` | Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later | `false` | -| `podSecurityPolicy.enabled` | Enable PodSecurityPolicy's RBAC rules | `false` | -| `rbac.create` | Specifies whether RBAC resources should be created | `false` | -| `rbac.rules` | Custom RBAC rules to set | `[]` | -| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | -| `serviceAccount.name` | The name of the ServiceAccount to use. | `""` | -| `serviceAccount.automountServiceAccountToken` | Whether to auto mount the service account token | `true` | -| `serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | -| `pdb.create` | Specifies whether a PodDisruptionBudget should be created | `false` | -| `pdb.minAvailable` | Min number of pods that must still be available after the eviction | `1` | -| `pdb.maxUnavailable` | Max number of pods that can be unavailable after the eviction | `""` | -| `tls.enabled` | Enable TLS traffic | `false` | -| `tls.authClients` | Require clients to authenticate | `true` | -| `tls.autoGenerated` | Enable autogenerated certificates | `false` | -| `tls.existingSecret` | The name of the existing secret that contains the TLS certificates | `""` | -| `tls.certificatesSecret` | DEPRECATED. Use existingSecret instead. | `""` | -| `tls.certFilename` | Certificate filename | `""` | -| `tls.certKeyFilename` | Certificate Key filename | `""` | -| `tls.certCAFilename` | CA Certificate filename | `""` | -| `tls.dhParamsFilename` | File containing DH params (in order to support DH based ciphers) | `""` | +| Name | Description | Value | +| ----------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------- | ------- | +| `serviceBindings.enabled` | Create secret for service binding (Experimental) | `false` | +| `networkPolicy.enabled` | Enable creation of NetworkPolicy resources | `false` | +| `networkPolicy.allowExternal` | Don't require client label for connections | `true` | +| `networkPolicy.extraIngress` | Add extra ingress rules to the NetworkPolicy | `[]` | +| `networkPolicy.extraEgress` | Add extra egress rules to the NetworkPolicy | `[]` | +| `networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` | +| `networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` | +| `networkPolicy.metrics.allowExternal` | Don't require client label for connections for metrics endpoint | `true` | +| `networkPolicy.metrics.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces to metrics endpoint | `{}` | +| `networkPolicy.metrics.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces to metrics endpoint | `{}` | +| `podSecurityPolicy.create` | Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later | `false` | +| `podSecurityPolicy.enabled` | Enable PodSecurityPolicy's RBAC rules | `false` | +| `rbac.create` | Specifies whether RBAC resources should be created | `false` | +| `rbac.rules` | Custom RBAC rules to set | `[]` | +| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` | +| `serviceAccount.name` | The name of the ServiceAccount to use. | `""` | +| `serviceAccount.automountServiceAccountToken` | Whether to auto mount the service account token | `true` | +| `serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | +| `pdb.create` | Specifies whether a PodDisruptionBudget should be created | `false` | +| `pdb.minAvailable` | Min number of pods that must still be available after the eviction | `1` | +| `pdb.maxUnavailable` | Max number of pods that can be unavailable after the eviction | `""` | +| `tls.enabled` | Enable TLS traffic | `false` | +| `tls.authClients` | Require clients to authenticate | `true` | +| `tls.autoGenerated` | Enable autogenerated certificates | `false` | +| `tls.existingSecret` | The name of the existing secret that contains the TLS certificates | `""` | +| `tls.certificatesSecret` | DEPRECATED. Use existingSecret instead. | `""` | +| `tls.certFilename` | Certificate filename | `""` | +| `tls.certKeyFilename` | Certificate Key filename | `""` | +| `tls.certCAFilename` | CA Certificate filename | `""` | +| `tls.dhParamsFilename` | File containing DH params (in order to support DH based ciphers) | `""` | ### Metrics Parameters @@ -982,4 +985,4 @@ Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and -limitations under the License. \ No newline at end of file +limitations under the License. diff --git a/charts/bitnami/airflow/charts/redis/templates/networkpolicy.yaml b/charts/bitnami/airflow/charts/redis/templates/networkpolicy.yaml index 41d9b559b..bd8594e36 100644 --- a/charts/bitnami/airflow/charts/redis/templates/networkpolicy.yaml +++ b/charts/bitnami/airflow/charts/redis/templates/networkpolicy.yaml @@ -77,6 +77,27 @@ spec: # Allow prometheus scrapes for metrics - ports: - port: 9121 + {{- if not .Values.networkPolicy.metrics.allowExternal }} + from: + {{- if or .Values.networkPolicy.metrics.ingressNSMatchLabels .Values.networkPolicy.metrics.ingressNSPodMatchLabels }} + - namespaceSelector: + matchLabels: + {{- if .Values.networkPolicy.metrics.ingressNSMatchLabels }} + {{- range $key, $value := .Values.networkPolicy.metrics.ingressNSMatchLabels }} + {{ $key | quote }}: {{ $value | quote }} + {{- end }} + {{ else }} + {} + {{- end }} + {{- if .Values.networkPolicy.metrics.ingressNSPodMatchLabels }} + podSelector: + matchLabels: + {{- range $key, $value := .Values.networkPolicy.metrics.ingressNSPodMatchLabels }} + {{ $key | quote }}: {{ $value | quote }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} {{- end }} {{- if .Values.networkPolicy.extraIngress }} {{- include "common.tplvalues.render" ( dict "value" .Values.networkPolicy.extraIngress "context" $ ) | nindent 4 }} diff --git a/charts/bitnami/airflow/charts/redis/values.yaml b/charts/bitnami/airflow/charts/redis/values.yaml index 410b1a75d..8db5e2658 100644 --- a/charts/bitnami/airflow/charts/redis/values.yaml +++ b/charts/bitnami/airflow/charts/redis/values.yaml @@ -1385,6 +1385,18 @@ networkPolicy: ## ingressNSMatchLabels: {} ingressNSPodMatchLabels: {} + + metrics: + ## @param networkPolicy.metrics.allowExternal Don't require client label for connections for metrics endpoint + ## When set to false, only pods with the correct client label will have network access to the metrics port + ## + allowExternal: true + ## @param networkPolicy.metrics.ingressNSMatchLabels Labels to match to allow traffic from other namespaces to metrics endpoint + ## @param networkPolicy.metrics.ingressNSPodMatchLabels Pod labels to match to allow traffic from other namespaces to metrics endpoint + ## + ingressNSMatchLabels: {} + ingressNSPodMatchLabels: {} + ## PodSecurityPolicy configuration ## ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/ ## diff --git a/charts/bitnami/kafka/Chart.yaml b/charts/bitnami/kafka/Chart.yaml index ab6103763..2faf70d71 100644 --- a/charts/bitnami/kafka/Chart.yaml +++ b/charts/bitnami/kafka/Chart.yaml @@ -45,4 +45,4 @@ maintainers: name: kafka sources: - https://github.com/bitnami/charts/tree/main/bitnami/kafka -version: 25.1.12 +version: 25.2.0 diff --git a/charts/bitnami/kafka/README.md b/charts/bitnami/kafka/README.md index 532b6ff8e..de69675e5 100644 --- a/charts/bitnami/kafka/README.md +++ b/charts/bitnami/kafka/README.md @@ -620,11 +620,12 @@ The command removes all the Kubernetes components associated with the chart and ### KRaft chart parameters -| Name | Description | Value | -| ------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------ | -| `kraft.enabled` | Switch to enable or disable the KRaft mode for Kafka | `true` | -| `kraft.clusterId` | Kafka Kraft cluster ID. If not set, a random cluster ID will be generated the first time Kraft is initialized. | `""` | -| `kraft.controllerQuorumVoters` | Override the Kafka controller quorum voters of the Kafka Kraft cluster. If not set, it will be automatically configured to use all controller-elegible nodes. | `""` | +| Name | Description | Value | +| ------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------ | +| `kraft.enabled` | Switch to enable or disable the KRaft mode for Kafka | `true` | +| `kraft.existingClusterIdSecret` | Name of the secret containing the cluster ID for the Kafka KRaft cluster. This is incompatible with the clusterId parameter. If both are set, the existingClusterIdSecret will be used | `""` | +| `kraft.clusterId` | Kafka Kraft cluster ID. If not set, a random cluster ID will be generated the first time Kraft is initialized. | `""` | +| `kraft.controllerQuorumVoters` | Override the Kafka controller quorum voters of the Kafka Kraft cluster. If not set, it will be automatically configured to use all controller-elegible nodes. | `""` | ### ZooKeeper chart parameters diff --git a/charts/bitnami/kafka/templates/broker/statefulset.yaml b/charts/bitnami/kafka/templates/broker/statefulset.yaml index 399600379..4a5974ab3 100644 --- a/charts/bitnami/kafka/templates/broker/statefulset.yaml +++ b/charts/bitnami/kafka/templates/broker/statefulset.yaml @@ -152,7 +152,7 @@ spec: - name: KAFKA_KRAFT_CLUSTER_ID valueFrom: secretKeyRef: - name: {{ printf "%s-kraft-cluster-id" (include "common.names.fullname" .) }} + name: {{ default (printf "%s-kraft-cluster-id" (include "common.names.fullname" .)) .Values.kraft.existingClusterIdSecret }} key: kraft-cluster-id {{- if .Values.broker.zookeeperMigrationMode }} - name: KAFKA_SKIP_KRAFT_STORAGE_INIT diff --git a/charts/bitnami/kafka/templates/controller-eligible/statefulset.yaml b/charts/bitnami/kafka/templates/controller-eligible/statefulset.yaml index d661a455b..6a4a8fe00 100644 --- a/charts/bitnami/kafka/templates/controller-eligible/statefulset.yaml +++ b/charts/bitnami/kafka/templates/controller-eligible/statefulset.yaml @@ -151,7 +151,7 @@ spec: - name: KAFKA_KRAFT_CLUSTER_ID valueFrom: secretKeyRef: - name: {{ printf "%s-kraft-cluster-id" (include "common.names.fullname" .) }} + name: {{ default (printf "%s-kraft-cluster-id" (include "common.names.fullname" .)) .Values.kraft.existingClusterIdSecret }} key: kraft-cluster-id {{- if and (include "kafka.saslEnabled" .) (or (regexFind "SCRAM" (upper .Values.sasl.enabledMechanisms)) (regexFind "SCRAM" (upper .Values.sasl.controllerMechanism)) (regexFind "SCRAM" (upper .Values.sasl.interBrokerMechanism))) }} - name: KAFKA_KRAFT_BOOTSTRAP_SCRAM_USERS diff --git a/charts/bitnami/kafka/templates/secrets.yaml b/charts/bitnami/kafka/templates/secrets.yaml index 2deddb12f..abd2e9a63 100644 --- a/charts/bitnami/kafka/templates/secrets.yaml +++ b/charts/bitnami/kafka/templates/secrets.yaml @@ -104,7 +104,7 @@ data: {{- end }} {{- end }} {{- end }} -{{- if .Values.kraft.enabled }} +{{- if and .Values.kraft.enabled (not .Values.kraft.existingClusterIdSecret) }} --- apiVersion: v1 kind: Secret diff --git a/charts/bitnami/kafka/values.yaml b/charts/bitnami/kafka/values.yaml index a88743791..562af4f30 100644 --- a/charts/bitnami/kafka/values.yaml +++ b/charts/bitnami/kafka/values.yaml @@ -2285,6 +2285,8 @@ kraft: ## @param kraft.enabled Switch to enable or disable the KRaft mode for Kafka ## enabled: true + ## @param kraft.existingClusterIdSecret Name of the secret containing the cluster ID for the Kafka KRaft cluster. This is incompatible with the clusterId parameter. If both are set, the existingClusterIdSecret will be used + existingClusterIdSecret: "" ## @param kraft.clusterId Kafka Kraft cluster ID. If not set, a random cluster ID will be generated the first time Kraft is initialized. ## NOTE: Already initialized Kafka nodes will use cluster ID stored in their persisted storage. ## If reusing existing PVCs or migrating from Zookeeper mode, make sure the cluster ID is set matching the stored cluster ID, otherwise new nodes will fail to join the cluster. diff --git a/charts/bitnami/postgresql/Chart.yaml b/charts/bitnami/postgresql/Chart.yaml index d94147e59..6a7fe1428 100644 --- a/charts/bitnami/postgresql/Chart.yaml +++ b/charts/bitnami/postgresql/Chart.yaml @@ -8,12 +8,12 @@ annotations: - name: os-shell image: docker.io/bitnami/os-shell:11-debian-11-r77 - name: postgres-exporter - image: docker.io/bitnami/postgres-exporter:0.14.0-debian-11-r2 + image: docker.io/bitnami/postgres-exporter:0.14.0-debian-11-r5 - name: postgresql - image: docker.io/bitnami/postgresql:15.4.0-debian-11-r45 + image: docker.io/bitnami/postgresql:16.0.0-debian-11-r3 licenses: Apache-2.0 apiVersion: v2 -appVersion: 15.4.0 +appVersion: 16.0.0 dependencies: - name: common repository: file://./charts/common @@ -38,4 +38,4 @@ maintainers: name: postgresql sources: - https://github.com/bitnami/charts/tree/main/bitnami/postgresql -version: 12.12.10 +version: 13.0.0 diff --git a/charts/bitnami/postgresql/README.md b/charts/bitnami/postgresql/README.md index 09cf3fb72..d72972812 100644 --- a/charts/bitnami/postgresql/README.md +++ b/charts/bitnami/postgresql/README.md @@ -100,7 +100,7 @@ kubectl delete pvc -l release=my-release | ---------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | | `image.registry` | PostgreSQL image registry | `docker.io` | | `image.repository` | PostgreSQL image repository | `bitnami/postgresql` | -| `image.tag` | PostgreSQL image tag (immutable tags are recommended) | `15.4.0-debian-11-r45` | +| `image.tag` | PostgreSQL image tag (immutable tags are recommended) | `16.0.0-debian-11-r3` | | `image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | PostgreSQL image pull policy | `IfNotPresent` | | `image.pullSecrets` | Specify image pull secrets | `[]` | @@ -459,7 +459,7 @@ kubectl delete pvc -l release=my-release | `metrics.enabled` | Start a prometheus exporter | `false` | | `metrics.image.registry` | PostgreSQL Prometheus Exporter image registry | `docker.io` | | `metrics.image.repository` | PostgreSQL Prometheus Exporter image repository | `bitnami/postgres-exporter` | -| `metrics.image.tag` | PostgreSQL Prometheus Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r2` | +| `metrics.image.tag` | PostgreSQL Prometheus Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r5` | | `metrics.image.digest` | PostgreSQL image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.pullPolicy` | PostgreSQL Prometheus Exporter image pull policy | `IfNotPresent` | | `metrics.image.pullSecrets` | Specify image pull secrets | `[]` | diff --git a/charts/bitnami/postgresql/values.yaml b/charts/bitnami/postgresql/values.yaml index d0c62798c..0366bcad2 100644 --- a/charts/bitnami/postgresql/values.yaml +++ b/charts/bitnami/postgresql/values.yaml @@ -98,7 +98,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/postgresql - tag: 15.4.0-debian-11-r45 + tag: 16.0.0-debian-11-r3 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -1396,7 +1396,7 @@ metrics: image: registry: docker.io repository: bitnami/postgres-exporter - tag: 0.14.0-debian-11-r2 + tag: 0.14.0-debian-11-r5 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. diff --git a/charts/bitnami/redis/Chart.yaml b/charts/bitnami/redis/Chart.yaml index 37b7bfef3..e309370c5 100644 --- a/charts/bitnami/redis/Chart.yaml +++ b/charts/bitnami/redis/Chart.yaml @@ -37,4 +37,4 @@ maintainers: name: redis sources: - https://github.com/bitnami/charts/tree/main/bitnami/redis -version: 18.1.0 +version: 18.1.1 diff --git a/charts/bitnami/redis/templates/sentinel/statefulset.yaml b/charts/bitnami/redis/templates/sentinel/statefulset.yaml index 12a750e0e..5f76a0399 100644 --- a/charts/bitnami/redis/templates/sentinel/statefulset.yaml +++ b/charts/bitnami/redis/templates/sentinel/statefulset.yaml @@ -729,7 +729,9 @@ spec: claimName: {{ printf "%s" (tpl .Values.replica.persistence.existingClaim .) }} {{- else }} volumeClaimTemplates: - - metadata: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: name: redis-data labels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 10 }} app.kubernetes.io/component: node diff --git a/charts/bitnami/wordpress/Chart.yaml b/charts/bitnami/wordpress/Chart.yaml index acf656a10..56460a211 100644 --- a/charts/bitnami/wordpress/Chart.yaml +++ b/charts/bitnami/wordpress/Chart.yaml @@ -6,11 +6,11 @@ annotations: category: CMS images: | - name: apache-exporter - image: docker.io/bitnami/apache-exporter:1.0.1-debian-11-r56 + image: docker.io/bitnami/apache-exporter:1.0.2-debian-11-r0 - name: os-shell - image: docker.io/bitnami/os-shell:11-debian-11-r77 + image: docker.io/bitnami/os-shell:11-debian-11-r82 - name: wordpress - image: docker.io/bitnami/wordpress:6.3.1-debian-11-r25 + image: docker.io/bitnami/wordpress:6.3.1-debian-11-r26 licenses: Apache-2.0 apiVersion: v2 appVersion: 6.3.1 @@ -47,4 +47,4 @@ maintainers: name: wordpress sources: - https://github.com/bitnami/charts/tree/main/bitnami/wordpress -version: 17.1.12 +version: 17.1.14 diff --git a/charts/bitnami/wordpress/README.md b/charts/bitnami/wordpress/README.md index 965bfa6d3..5fadc9363 100644 --- a/charts/bitnami/wordpress/README.md +++ b/charts/bitnami/wordpress/README.md @@ -82,7 +82,7 @@ The command removes all the Kubernetes components associated with the chart and | ------------------- | --------------------------------------------------------------------------------------------------------- | --------------------- | | `image.registry` | WordPress image registry | `docker.io` | | `image.repository` | WordPress image repository | `bitnami/wordpress` | -| `image.tag` | WordPress image tag (immutable tags are recommended) | `6.3.1-debian-11-r25` | +| `image.tag` | WordPress image tag (immutable tags are recommended) | `6.3.1-debian-11-r26` | | `image.digest` | WordPress image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `image.pullPolicy` | WordPress image pull policy | `IfNotPresent` | | `image.pullSecrets` | WordPress image pull secrets | `[]` | @@ -249,7 +249,7 @@ The command removes all the Kubernetes components associated with the chart and | `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` | | `volumePermissions.image.registry` | OS Shell + Utility image registry | `docker.io` | | `volumePermissions.image.repository` | OS Shell + Utility image repository | `bitnami/os-shell` | -| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r77` | +| `volumePermissions.image.tag` | OS Shell + Utility image tag (immutable tags are recommended) | `11-debian-11-r82` | | `volumePermissions.image.digest` | OS Shell + Utility image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `volumePermissions.image.pullPolicy` | OS Shell + Utility image pull policy | `IfNotPresent` | | `volumePermissions.image.pullSecrets` | OS Shell + Utility image pull secrets | `[]` | @@ -281,7 +281,7 @@ The command removes all the Kubernetes components associated with the chart and | `metrics.enabled` | Start a sidecar prometheus exporter to expose metrics | `false` | | `metrics.image.registry` | Apache exporter image registry | `docker.io` | | `metrics.image.repository` | Apache exporter image repository | `bitnami/apache-exporter` | -| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `1.0.1-debian-11-r56` | +| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `1.0.2-debian-11-r0` | | `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | | `metrics.image.pullPolicy` | Apache exporter image pull policy | `IfNotPresent` | | `metrics.image.pullSecrets` | Apache exporter image pull secrets | `[]` | diff --git a/charts/bitnami/wordpress/templates/postinit-configmap.yaml b/charts/bitnami/wordpress/templates/postinit-configmap.yaml index 515e60dc9..48f8b63a2 100644 --- a/charts/bitnami/wordpress/templates/postinit-configmap.yaml +++ b/charts/bitnami/wordpress/templates/postinit-configmap.yaml @@ -38,7 +38,7 @@ data: wp total-cache flush all # Revoke permissions to edit wp-config.php - chmod a-w bitnami/wordpress/wp-config.php + chmod a-w /bitnami/wordpress/wp-config.php {{- end }} {{- if .Values.customPostInitScripts }} {{- include "common.tplvalues.render" (dict "value" .Values.customPostInitScripts "context" $) | nindent 2 }} diff --git a/charts/bitnami/wordpress/values.yaml b/charts/bitnami/wordpress/values.yaml index 1d70e88aa..38f7da501 100644 --- a/charts/bitnami/wordpress/values.yaml +++ b/charts/bitnami/wordpress/values.yaml @@ -76,7 +76,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/wordpress - tag: 6.3.1-debian-11-r25 + tag: 6.3.1-debian-11-r26 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' @@ -766,7 +766,7 @@ volumePermissions: image: registry: docker.io repository: bitnami/os-shell - tag: 11-debian-11-r77 + tag: 11-debian-11-r82 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. @@ -860,7 +860,7 @@ metrics: image: registry: docker.io repository: bitnami/apache-exporter - tag: 1.0.1-debian-11-r56 + tag: 1.0.2-debian-11-r0 digest: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. diff --git a/charts/crowdstrike/falcon-sensor/Chart.yaml b/charts/crowdstrike/falcon-sensor/Chart.yaml index ff5836c14..e47e4f42a 100644 --- a/charts/crowdstrike/falcon-sensor/Chart.yaml +++ b/charts/crowdstrike/falcon-sensor/Chart.yaml @@ -4,7 +4,7 @@ annotations: catalog.cattle.io/kube-version: '>1.22.0-0' catalog.cattle.io/release-name: falcon-sensor apiVersion: v2 -appVersion: 1.20.3 +appVersion: 1.20.4 description: A Helm chart to deploy CrowdStrike Falcon sensors into Kubernetes clusters. home: https://crowdstrike.com icon: https://raw.githubusercontent.com/CrowdStrike/falcon-helm/main/images/crowdstrike-logo.svg @@ -24,4 +24,4 @@ name: falcon-sensor sources: - https://github.com/CrowdStrike/falcon-helm type: application -version: 1.20.3 +version: 1.20.4 diff --git a/charts/crowdstrike/falcon-sensor/README.md b/charts/crowdstrike/falcon-sensor/README.md index 7e4536dfa..c5f26bd35 100644 --- a/charts/crowdstrike/falcon-sensor/README.md +++ b/charts/crowdstrike/falcon-sensor/README.md @@ -10,7 +10,7 @@ more. The Falcon Helm chart has been tested to deploy on the following Kubernetes distributions: * Amazon Elastic Kubernetes Service (EKS) - * Daemonset (node) sensor supprt for EKS nodes + * Daemonset (node) sensor support for EKS nodes * Container sensor support for EKS Fargate nodes * Azure Kubernetes Service (AKS) * Google Kubernetes Engine (GKE) diff --git a/charts/datadog/datadog/CHANGELOG.md b/charts/datadog/datadog/CHANGELOG.md index 95c27c29d..50a6ad3ef 100644 --- a/charts/datadog/datadog/CHANGELOG.md +++ b/charts/datadog/datadog/CHANGELOG.md @@ -1,5 +1,9 @@ # Datadog changelog +## 3.38.3 + +* Update `fips.image.tag` to `0.6.0` + ## 3.38.2 * Skip references to PodSecurityPolicy where the support of this API has been dropped. diff --git a/charts/datadog/datadog/Chart.yaml b/charts/datadog/datadog/Chart.yaml index b9449a66c..625902af3 100644 --- a/charts/datadog/datadog/Chart.yaml +++ b/charts/datadog/datadog/Chart.yaml @@ -19,4 +19,4 @@ name: datadog sources: - https://app.datadoghq.com/account/settings#agent/kubernetes - https://github.com/DataDog/datadog-agent -version: 3.38.2 +version: 3.38.3 diff --git a/charts/datadog/datadog/README.md b/charts/datadog/datadog/README.md index c24e5dc6d..3d4cc8ad1 100644 --- a/charts/datadog/datadog/README.md +++ b/charts/datadog/datadog/README.md @@ -1,6 +1,6 @@ # Datadog -![Version: 3.38.2](https://img.shields.io/badge/Version-3.38.2-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) +![Version: 3.38.3](https://img.shields.io/badge/Version-3.38.3-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) [Datadog](https://www.datadoghq.com/) is a hosted infrastructure monitoring platform. This chart adds the Datadog Agent to all nodes in your cluster via a DaemonSet. It also optionally depends on the [kube-state-metrics chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics). For more information about monitoring Kubernetes with Datadog, please refer to the [Datadog documentation website](https://docs.datadoghq.com/agent/basic_agent_usage/kubernetes/). @@ -743,7 +743,7 @@ helm install \ | fips.image.name | string | `"fips-proxy"` | | | fips.image.pullPolicy | string | `"IfNotPresent"` | Datadog the FIPS sidecar image pull policy | | fips.image.repository | string | `nil` | Override default registry + image.name for the FIPS sidecar container. | -| fips.image.tag | string | `"0.5.5"` | Define the FIPS sidecar container version to use. | +| fips.image.tag | string | `"0.6.0"` | Define the FIPS sidecar container version to use. | | fips.local_address | string | `"127.0.0.1"` | | | fips.port | int | `9803` | | | fips.portRange | int | `15` | | diff --git a/charts/datadog/datadog/values.yaml b/charts/datadog/datadog/values.yaml index 358a0ba8a..50b5ab7dc 100644 --- a/charts/datadog/datadog/values.yaml +++ b/charts/datadog/datadog/values.yaml @@ -1185,7 +1185,7 @@ fips: name: fips-proxy # fips.image.tag -- Define the FIPS sidecar container version to use. - tag: 0.5.5 + tag: 0.6.0 # fips.image.pullPolicy -- Datadog the FIPS sidecar image pull policy pullPolicy: IfNotPresent diff --git a/charts/haproxy/haproxy/Chart.yaml b/charts/haproxy/haproxy/Chart.yaml index 15e4bb939..9c3cc9da3 100644 --- a/charts/haproxy/haproxy/Chart.yaml +++ b/charts/haproxy/haproxy/Chart.yaml @@ -1,13 +1,12 @@ annotations: artifacthub.io/changes: | - - Use Ingress Controller 1.10.7 version for base image - - Enable new Prometheus endpoint on tcp/6060 by default + - Use Ingress Controller 1.10.8 version for base image catalog.cattle.io/certified: partner catalog.cattle.io/display-name: HAProxy Kubernetes Ingress Controller catalog.cattle.io/kube-version: '>=1.22.0-0' catalog.cattle.io/release-name: haproxy apiVersion: v2 -appVersion: 1.10.7 +appVersion: 1.10.8 description: A Helm chart for HAProxy Kubernetes Ingress Controller home: https://github.com/haproxytech/helm-charts/tree/main/kubernetes-ingress icon: https://raw.githubusercontent.com/haproxytech/helm-charts/main/kubernetes-ingress/chart-icon.png @@ -22,4 +21,4 @@ name: haproxy sources: - https://github.com/haproxytech/kubernetes-ingress type: application -version: 1.33.0 +version: 1.33.1 diff --git a/charts/kubecost/cost-analyzer/Chart.yaml b/charts/kubecost/cost-analyzer/Chart.yaml index 06fab1dd2..6c1a6099e 100644 --- a/charts/kubecost/cost-analyzer/Chart.yaml +++ b/charts/kubecost/cost-analyzer/Chart.yaml @@ -7,7 +7,7 @@ annotations: catalog.cattle.io/featured: "1" catalog.cattle.io/release-name: cost-analyzer apiVersion: v2 -appVersion: 1.106.1 +appVersion: 1.106.2 dependencies: - condition: global.grafana.enabled name: grafana @@ -25,4 +25,4 @@ description: A Helm chart that sets up Kubecost, Prometheus, and Grafana to moni cloud costs. icon: https://partner-charts.rancher.io/assets/logos/kubecost.png name: cost-analyzer -version: 1.106.1 +version: 1.106.2 diff --git a/charts/redpanda/redpanda/Chart.lock b/charts/redpanda/redpanda/Chart.lock index f138815dc..70eaa0151 100644 --- a/charts/redpanda/redpanda/Chart.lock +++ b/charts/redpanda/redpanda/Chart.lock @@ -6,4 +6,4 @@ dependencies: repository: https://charts.redpanda.com version: 0.1.5 digest: sha256:94c1a5a4f7d20096c89eca271067220c3f02e23d2738923ce009ea411bcff028 -generated: "2023-09-25T12:10:49.363737306Z" +generated: "2023-09-28T20:04:52.501304722Z" diff --git a/charts/redpanda/redpanda/Chart.yaml b/charts/redpanda/redpanda/Chart.yaml index 4afa36b7a..5b7cf7126 100644 --- a/charts/redpanda/redpanda/Chart.yaml +++ b/charts/redpanda/redpanda/Chart.yaml @@ -37,4 +37,4 @@ name: redpanda sources: - https://github.com/redpanda-data/helm-charts type: application -version: 5.4.12 +version: 5.5.3 diff --git a/charts/redpanda/redpanda/templates/_configmap.tpl b/charts/redpanda/redpanda/templates/_configmap.tpl index 969c34fb8..fcc3a9586 100644 --- a/charts/redpanda/redpanda/templates/_configmap.tpl +++ b/charts/redpanda/redpanda/templates/_configmap.tpl @@ -79,8 +79,8 @@ limitations under the License. {{- if and (not (hasKey .Values.config.cluster "storage_min_free_bytes")) ((include "redpanda-atleast-22-2-0" . | fromJson).bool) }} storage_min_free_bytes: {{ include "storage-min-free-bytes" . }} {{- end }} -{{- if and (include "is-licensed" . | fromJson).bool .Values.storage.tieredConfig.cloud_storage_enabled }} - {{- $tieredStorageConfig := deepCopy .Values.storage.tieredConfig }} +{{- if and (include "is-licensed" . | fromJson).bool (include "storage-tiered-config" .|fromJson).cloud_storage_enabled }} + {{- $tieredStorageConfig := (include "storage-tiered-config" .|fromJson) }} {{- $tieredStorageConfig = unset $tieredStorageConfig "cloud_storage_cache_directory" }} {{- if not (include "redpanda-atleast-22-3-0" . | fromJson).bool }} {{- $tieredStorageConfig = unset $tieredStorageConfig "cloud_storage_credentials_source"}} @@ -275,8 +275,8 @@ limitations under the License. {{- with $root.tempConfigMapServerList -}} {{- . | trim | nindent 8 }} {{- end -}} -{{- if and (include "is-licensed" . | fromJson).bool .Values.storage.tieredConfig.cloud_storage_enabled }} - {{- $tieredStorageConfig := deepCopy .Values.storage.tieredConfig }} +{{- if and (include "is-licensed" . | fromJson).bool (include "storage-tiered-config" .|fromJson).cloud_storage_enabled }} + {{- $tieredStorageConfig := (include "storage-tiered-config" .|fromJson) }} {{- if not (include "redpanda-atleast-22-3-0" . | fromJson).bool }} {{- $tieredStorageConfig = unset $tieredStorageConfig "cloud_storage_credentials_source"}} {{- end }} @@ -289,6 +289,32 @@ limitations under the License. {{- /* Schema Registry API */}} {{- if and .Values.listeners.schemaRegistry.enabled (include "redpanda-22-2-x-without-sasl" $root | fromJson).bool }} {{- $schemaRegistryService := .Values.listeners.schemaRegistry }} + schema_registry_client: + brokers: + {{- range (include "seed-server-list" $root | mustFromJson) }} + - address: {{ . }} + port: {{ $kafkaService.port }} + {{- end }} + {{- if (include "kafka-internal-tls-enabled" . | fromJson).bool }} + broker_tls: + enabled: true + require_client_auth: {{ $kafkaService.tls.requireClientAuth }} + cert_file: /etc/tls/certs/{{ $kafkaService.tls.cert }}/tls.crt + key_file: /etc/tls/certs/{{ $kafkaService.tls.cert }}/tls.key + {{- $cert := get .Values.tls.certs $kafkaService.tls.cert }} + {{- if empty $cert }} + {{- fail (printf "Certificate, '%s', used but not defined")}} + {{- end }} + {{- if $cert.caEnabled }} + truststore_file: /etc/tls/certs/{{ $kafkaService.tls.cert }}/ca.crt + {{- else }} + {{- /* This is a required field so we use the default in the redpanda debian container */}} + truststore_file: /etc/ssl/certs/ca-certificates.crt + {{- end }} + {{- end }} + {{- with .Values.config.schema_registry_client }} + {{- toYaml . | nindent 6 }} + {{- end }} schema_registry: schema_registry_api: - name: internal @@ -358,6 +384,32 @@ limitations under the License. {{- /* HTTP Proxy */}} {{- if and .Values.listeners.http.enabled (include "redpanda-22-2-x-without-sasl" $root | fromJson).bool }} {{- $HTTPService := .Values.listeners.http }} + pandaproxy_client: + brokers: + {{- range (include "seed-server-list" $root | mustFromJson) }} + - address: {{ . }} + port: {{ $kafkaService.port }} + {{- end }} + {{- if (include "kafka-internal-tls-enabled" . | fromJson).bool }} + broker_tls: + enabled: true + require_client_auth: {{ $kafkaService.tls.requireClientAuth }} + cert_file: /etc/tls/certs/{{ $kafkaService.tls.cert }}/tls.crt + key_file: /etc/tls/certs/{{ $kafkaService.tls.cert }}/tls.key + {{- $cert := get .Values.tls.certs $kafkaService.tls.cert }} + {{- if empty $cert }} + {{- fail (printf "Certificate, '%s', used but not defined")}} + {{- end }} + {{- if $cert.caEnabled }} + truststore_file: /etc/tls/certs/{{ $kafkaService.tls.cert }}/ca.crt + {{- else }} + {{- /* This is a required field so we use the default in the redpanda debian container */}} + truststore_file: /etc/ssl/certs/ca-certificates.crt + {{- end }} + {{- with .Values.config.pandaproxy_client }} + {{- toYaml . | nindent 6 }} + {{- end }} + {{- end }} pandaproxy: pandaproxy_api: - name: internal diff --git a/charts/redpanda/redpanda/templates/_example-commands.tpl b/charts/redpanda/redpanda/templates/_example-commands.tpl index 5913b068f..8fda2c701 100644 --- a/charts/redpanda/redpanda/templates/_example-commands.tpl +++ b/charts/redpanda/redpanda/templates/_example-commands.tpl @@ -51,9 +51,9 @@ and tested in a test. {{- $flags := fromJson (include "rpk-flags" .) -}} {{- $dummySasl := .dummySasl -}} {{- if $dummySasl -}} -{{ .rpk }} topic create test-topic {{ include "rpk-flags-no-admin-no-sasl" . }} {{ include "rpk-dummy-sasl" . }} +{{ .rpk }} topic create test-topic -p 3 -r {{ .Values.statefulset.replicas | int64 }} {{ include "rpk-flags-no-admin-no-sasl" . }} {{ include "rpk-dummy-sasl" . }} {{- else -}} -{{ .rpk }} topic create test-topic {{ include "rpk-flags-no-admin" . }} +{{ .rpk }} topic create test-topic -p 3 -r {{ .Values.statefulset.replicas | int64 }} {{ include "rpk-flags-no-admin" . }} {{- end -}} {{- end -}} diff --git a/charts/redpanda/redpanda/templates/_helpers.tpl b/charts/redpanda/redpanda/templates/_helpers.tpl index e50a67339..c56741098 100644 --- a/charts/redpanda/redpanda/templates/_helpers.tpl +++ b/charts/redpanda/redpanda/templates/_helpers.tpl @@ -777,4 +777,30 @@ return licenseSecretRef.key checks deprecated values entry if current values emp configMap: name: {{ include "redpanda.fullname" . }} {{- include "common-volumes" . }} -{{- end -}} \ No newline at end of file +{{- end -}} + +{{/* support legacy tiered storage type selection */}} +{{- define "storage-tiered-mountType" -}} +{{- if dig "tieredStoragePersistentVolume" "enabled" false .Values.storage -}} +persistentVolume +{{- else if dig "tieredStorageHostPath" false .Values.storage -}} +hostPath +{{- else -}} +{{- .Values.storage.tiered.mountType -}} +{{- end -}} +{{- end -}} + +{{/* support legacy storage.tieredStoragePersistentVolume */}} +{{- define "storage-tiered-persistentvolume" -}} +{{- dig "tieredStoragePersistentVolume" .Values.storage.tiered.persistentVolume .Values.storage | toJson -}} +{{- end -}} + +{{/* support legacy storage.tieredStorageHostPath */}} +{{- define "storage-tiered-hostpath" -}} +{{- dig "tieredStorageHostPath" .Values.storage.tiered.hostPath .Values.storage -}} +{{- end -}} + +{{/* support legacy storage.tieredConfig */}} +{{- define "storage-tiered-config" -}} +{{- dig "tieredConfig" .Values.storage.tiered.config .Values.storage | toJson -}} +{{- end -}} diff --git a/charts/redpanda/redpanda/templates/_statefulset.tpl b/charts/redpanda/redpanda/templates/_statefulset.tpl index 51e2cd686..882d5a767 100644 --- a/charts/redpanda/redpanda/templates/_statefulset.tpl +++ b/charts/redpanda/redpanda/templates/_statefulset.tpl @@ -38,10 +38,10 @@ app.kubernetes.io/component: {{ (include "redpanda.name" .) | trunc 51 }}-statef Set default path for tiered storage cache or use one provided */}} {{- define "tieredStorage.cacheDirectory" -}} -{{- if empty .Values.storage.tieredConfig.cloud_storage_cache_directory -}} +{{- if empty (include "storage-tiered-config" . | fromJson).cloud_storage_cache_directory -}} {{- printf "/var/lib/redpanda/data/cloud_storage_cache" -}} {{- else -}} - {{- .Values.storage.tieredConfig.cloud_storage_cache_directory -}} + {{- (include "storage-tiered-config" . | fromJson).cloud_storage_cache_directory -}} {{- end -}} {{- end -}} diff --git a/charts/redpanda/redpanda/templates/post-upgrade.yaml b/charts/redpanda/redpanda/templates/post-upgrade.yaml index 74ca032d7..3be4244be 100644 --- a/charts/redpanda/redpanda/templates/post-upgrade.yaml +++ b/charts/redpanda/redpanda/templates/post-upgrade.yaml @@ -69,7 +69,8 @@ spec: command: ["/bin/sh", "-c"] args: - | - rpk cluster config import -f /tmp/base-config/bootstrap.yaml {{ $rpkFlags }} + set -e + rpk cluster config import -f /etc/redpanda/bootstrap.yaml {{ $rpkFlags }} {{- range $key, $value := .Values.config.cluster }} {{- if $value }} rpk cluster config set {{ $key }} {{ $value }} {{ $rpkFlags }} diff --git a/charts/redpanda/redpanda/templates/service.internal.yaml b/charts/redpanda/redpanda/templates/service.internal.yaml index 1dcd041a8..e738c4dab 100644 --- a/charts/redpanda/redpanda/templates/service.internal.yaml +++ b/charts/redpanda/redpanda/templates/service.internal.yaml @@ -35,9 +35,7 @@ spec: type: ClusterIP publishNotReadyAddresses: true clusterIP: None - selector: - app.kubernetes.io/name: {{ template "redpanda.name" . }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} + selector: {{ (include "statefulset-pod-labels" .) | nindent 4 }} ports: - name: admin protocol: TCP diff --git a/charts/redpanda/redpanda/templates/service.loadbalancer.yaml b/charts/redpanda/redpanda/templates/service.loadbalancer.yaml index 5a9eb7456..b41aaccc6 100644 --- a/charts/redpanda/redpanda/templates/service.loadbalancer.yaml +++ b/charts/redpanda/redpanda/templates/service.loadbalancer.yaml @@ -90,9 +90,7 @@ spec: port: {{ dig "nodePort" (first (dig "advertisedPorts" (list $listener.port) $listener)) $listener }} {{- end }} {{- end }} - selector: - app.kubernetes.io/name: {{ template "redpanda.name" $root }} - app.kubernetes.io/instance: {{ $root.Release.Name }} + selector: {{ (include "statefulset-pod-labels" $root ) | nindent 4 }} statefulset.kubernetes.io/pod-name: {{ $podName }} {{- end }} {{- end }} diff --git a/charts/redpanda/redpanda/templates/services.nodeport.yaml b/charts/redpanda/redpanda/templates/services.nodeport.yaml index a88cd74bf..776e6e281 100644 --- a/charts/redpanda/redpanda/templates/services.nodeport.yaml +++ b/charts/redpanda/redpanda/templates/services.nodeport.yaml @@ -72,7 +72,5 @@ spec: nodePort: {{ first (dig "advertisedPorts" (list $listener.port) $listener) }} {{- end }} {{- end }} - selector: - app.kubernetes.io/name: {{ template "redpanda.name" . }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} + selector: {{ (include "statefulset-pod-labels" .) | nindent 4 }} {{- end }} diff --git a/charts/redpanda/redpanda/templates/statefulset.yaml b/charts/redpanda/redpanda/templates/statefulset.yaml index b2ddd1ede..4a2f8291c 100644 --- a/charts/redpanda/redpanda/templates/statefulset.yaml +++ b/charts/redpanda/redpanda/templates/statefulset.yaml @@ -102,16 +102,20 @@ spec: resources: {{- toYaml .Values.statefulset.initContainers.setDataDirOwnership.resources | nindent 12 }} {{- end }} {{- end }} -{{- if and (include "is-licensed" . | fromJson).bool .Values.storage.tieredConfig.cloud_storage_enabled }} +{{- if and (include "is-licensed" . | fromJson).bool (include "storage-tiered-config" .|fromJson).cloud_storage_enabled }} - name: set-tiered-storage-cache-dir-ownership image: {{ .Values.statefulset.initContainerImage.repository }}:{{ .Values.statefulset.initContainerImage.tag }} - command: ["/bin/sh", "-c", 'chown {{ $uid }}:{{ $gid }} -R {{ template "tieredStorage.cacheDirectory" . }}'] + command: ["/bin/sh", "-c", 'mkdir -p {{ include "tieredStorage.cacheDirectory" . }}; chown {{ $uid }}:{{ $gid }} -R {{ include "tieredStorage.cacheDirectory" . }}'] volumeMounts: {{ include "common-mounts" . | nindent 12 }} + - name: datadir + mountPath: /var/lib/redpanda/data + {{- if ne (include "storage-tiered-mountType" .) "none" }} + - name: tiered-storage-dir + mountPath: {{ include "tieredStorage.cacheDirectory" . }} + {{- end }} {{- if dig "initContainers" "setTieredStorageCacheDirOwnership" "extraVolumeMounts" false .Values.statefulset -}} {{ tpl .Values.statefulset.initContainers.setTieredStorageCacheDirOwnership.extraVolumeMounts . | nindent 12 }} {{- end }} - - name: tiered-storage-dir - mountPath: {{ template "tieredStorage.cacheDirectory" . }} {{- if get .Values.statefulset.initContainers.setTieredStorageCacheDirOwnership "resources" }} resources: {{- toYaml .Values.statefulset.initContainers.setTieredStorageCacheDirOwnership.resources | nindent 12 }} {{- end }} @@ -262,9 +266,9 @@ spec: mountPath: /var/lifecycle - name: datadir mountPath: /var/lib/redpanda/data -{{- if and (include "is-licensed" . | fromJson).bool .Values.storage.tieredConfig.cloud_storage_enabled }} +{{- if and (include "is-licensed" . | fromJson).bool (include "storage-tiered-config" .|fromJson).cloud_storage_enabled (ne (include "storage-tiered-mountType" .) "none") }} - name: tiered-storage-dir - mountPath: {{ template "tieredStorage.cacheDirectory" . }} + mountPath: {{ include "tieredStorage.cacheDirectory" . }} {{- end }} resources: {{- if hasKey .Values.resources.memory "min" }} @@ -336,17 +340,20 @@ spec: {{- else }} emptyDir: {} {{- end }} - {{- if and (include "is-licensed" . | fromJson).bool .Values.storage.tieredConfig.cloud_storage_enabled }} + {{- if and (include "is-licensed" . | fromJson).bool (include "storage-tiered-config" .|fromJson).cloud_storage_enabled }} + {{- $tieredType := include "storage-tiered-mountType" . }} + {{- if ne $tieredType "none" }} - name: tiered-storage-dir - {{- if .Values.storage.tieredStoragePersistentVolume.enabled }} + {{- if eq $tieredType "persistentVolume" }} persistentVolumeClaim: claimName: tiered-storage-dir - {{- else if .Values.storage.tieredStorageHostPath }} + {{- else if eq $tieredType "hostPath" }} hostPath: - path: {{ .Values.storage.tieredStorageHostPath | quote }} - {{- else }} + path: {{ include "storage-tiered-hostpath" . }} + {{- else }} emptyDir: - sizeLimit: {{ .Values.storage.tieredConfig.cloud_storage_cache_size }} + sizeLimit: {{ (include "storage-tiered-config" . | fromJson).cloud_storage_cache_size }} + {{- end }} {{- end }} {{- end }} - name: {{ template "redpanda.fullname" . }} @@ -410,7 +417,7 @@ spec: {{- with ( include "statefulset-tolerations" . ) }} tolerations: {{- . | nindent 8 }} {{- end }} -{{- if or .Values.storage.persistentVolume.enabled (and (include "is-licensed" . | fromJson).bool .Values.storage.tieredConfig.cloud_storage_enabled .Values.storage.tieredStoragePersistentVolume.enabled) }} +{{- if or .Values.storage.persistentVolume.enabled (and (include "is-licensed" . | fromJson).bool (include "storage-tiered-config" .|fromJson).cloud_storage_enabled (eq (include "storage-tiered-mountType" .) "persistentVolume" )) }} volumeClaimTemplates: {{- if .Values.storage.persistentVolume.enabled }} - metadata: @@ -441,33 +448,33 @@ spec: requests: storage: {{ .Values.storage.persistentVolume.size | quote }} {{- end }} -{{- if and (include "is-licensed" . | fromJson).bool .Values.storage.tieredConfig.cloud_storage_enabled .Values.storage.tieredStoragePersistentVolume.enabled }} +{{- if and (include "is-licensed" . | fromJson).bool (include "storage-tiered-config" .|fromJson).cloud_storage_enabled (eq (include "storage-tiered-mountType" .) "persistentVolume") }} - metadata: name: tiered-storage-dir labels: app.kubernetes.io/name: {{ template "redpanda.name" . }} app.kubernetes.io/instance: {{ .Release.Name | quote }} app.kubernetes.io/component: {{ template "redpanda.name" . }} - {{- with .Values.storage.tieredStoragePersistentVolume.labels }} - {{- toYaml . | nindent 10 }} + {{- with (include "storage-tiered-persistentvolume" . | fromJson).labels }} + {{ toYaml . | nindent 10 }} {{- end }} {{- with .Values.commonLabels }} {{- toYaml . | nindent 10 }} {{- end }} - {{- with .Values.storage.tieredStoragePersistentVolume.annotations }} - annotations: {{- toYaml . | nindent 10 }} + {{- with (include "storage-tiered-persistentvolume" . | fromJson).annotations }} + annotations: {{ toYaml . | nindent 10 }} {{- end }} spec: accessModes: ["ReadWriteOnce"] - {{- if .Values.storage.tieredStoragePersistentVolume.storageClass }} - {{- if (eq "-" .Values.storage.tieredStoragePersistentVolume.storageClass) }} + {{- with (include "storage-tiered-persistentvolume" . | fromJson).storageClass }} + {{- if eq "-" . }} storageClassName: "" {{- else }} - storageClassName: {{ .Values.storage.tieredStoragePersistentVolume.storageClass | quote }} + storageClassName: {{ . }} {{- end }} {{- end }} resources: requests: - storage: {{ .Values.storage.tieredConfig.cloud_storage_cache_size }} + storage: {{ (include "storage-tiered-config" .|fromJson).cloud_storage_cache_size }} {{- end }} {{- end }} diff --git a/charts/redpanda/redpanda/templates/tests/test-kafka-produce-consume.yaml b/charts/redpanda/redpanda/templates/tests/test-kafka-produce-consume.yaml index b497f58f4..ee6e8e410 100644 --- a/charts/redpanda/redpanda/templates/tests/test-kafka-produce-consume.yaml +++ b/charts/redpanda/redpanda/templates/tests/test-kafka-produce-consume.yaml @@ -53,7 +53,7 @@ spec: - | set -e {{- $cloudStorageFlags := "" }} -{{- if and (include "is-licensed" . | fromJson).bool .Values.storage.tieredConfig.cloud_storage_enabled }} +{{- if and (include "is-licensed" . | fromJson).bool (include "storage-tiered-config" .|fromJson).cloud_storage_enabled }} {{- $cloudStorageFlags = "-c retention.bytes=80 -c segment.bytes=40 -c redpanda.remote.read=true -c redpanda.remote.write=true"}} {{- end }} {{- if $sasl.enabled }} diff --git a/charts/redpanda/redpanda/values.schema.json b/charts/redpanda/redpanda/values.schema.json index 751e48732..af4d743c3 100644 --- a/charts/redpanda/redpanda/values.schema.json +++ b/charts/redpanda/redpanda/values.schema.json @@ -349,16 +349,142 @@ "type": "object", "required": [ "hostPath", - "persistentVolume" + "persistentVolume", + "tiered" ], "properties": { "hostPath": { "type": "string" }, + "tiered": { + "type": "object", + "required": [ + "mountType" + ], + "properties": { + "mountType": { + "type": "string", + "pattern": "^(none|hostPath|emptyDir|persistentVolume)$" + }, + "hostPath": { + "type": "string" + }, + "persistentVolume": { + "type": "object", + "required": [ + "storageClass", + "labels", + "annotations" + ], + "properties": { + "storageClass": { + "type": "string" + }, + "labels": { + "type": "object" + }, + "annotations": { + "type": "object" + } + } + }, + "config":{ + "type": "object", + "required": [ + "cloud_storage_enabled", + "cloud_storage_region", + "cloud_storage_bucket" + ], + "properties": { + "cloud_storage_enable_remote_write": { + "type": "boolean" + }, + "cloud_storage_enable_remote_read": { + "type": "boolean" + }, + "cloud_storage_credentials_source": { + "type": "string", + "pattern": "^(config_file|aws_instance_metadata|sts|gcp_instance_metadata)$" + }, + "cloud_storage_region": { + "type": "string" + }, + "cloud_storage_bucket": { + "type": "string" + }, + "cloud_storage_api_endpoint": { + "type": "string" + }, + "cloud_storage_cache_size": { + "type": "integer" + }, + "cloud_storage_cache_directory": { + "type": "string" + }, + "cloud_storage_cache_check_interval": { + "type": "integer" + }, + "cloud_storage_initial_backoff_ms": { + "type": "integer" + }, + "cloud_storage_max_connections": { + "type": "integer" + }, + "cloud_storage_segment_upload_timeout_ms": { + "type": "integer" + }, + "cloud_storage_manifest_upload_timeout_ms": { + "type": "integer" + }, + "cloud_storage_max_connection_idle_time_ms": { + "type": "integer" + }, + "cloud_storage_segment_max_upload_interval_sec": { + "type": "integer" + }, + "cloud_storage_trust_file": { + "type": "string" + }, + "cloud_storage_upload_ctrl_update_interval_ms": { + "type": "integer" + }, + "cloud_storage_upload_ctrl_p_coeff": { + "type": "integer" + }, + "cloud_storage_upload_ctrl_d_coeff": { + "type": "integer" + }, + "cloud_storage_upload_ctrl_min_shares": { + "type": "integer" + }, + "cloud_storage_upload_ctrl_max_shares": { + "type": "integer" + }, + "cloud_storage_reconciliation_interval_ms": { + "type": "integer" + }, + "cloud_storage_disable_tls": { + "type": "boolean" + }, + "cloud_storage_api_endpoint_port": { + "type": "integer" + }, + "cloud_storage_azure_adls_endpoint": { + "type": "string" + }, + "cloud_storage_azure_adls_port": { + "type": "integer" + } + } + } + } + }, "tieredStorageHostPath": { + "deprecated": true, "type": "string" }, "persistentVolume": { + "deprecated": true, "type": "object", "required": [ "enabled", @@ -387,6 +513,7 @@ } }, "tieredStoragePersistentVolume": { + "deprecated": true, "type": "object", "required": [ "enabled", @@ -410,6 +537,7 @@ } }, "tieredConfig":{ + "deprecated": true, "type": "object", "required": [ "cloud_storage_enabled", @@ -1277,6 +1405,76 @@ }, "rpk": { "type": "object" + }, + "schema_registry_client": { + "type": "object", + "properties": { + "retries": { + "type": "integer" + }, + "retry_base_backoff_ms": { + "type": "integer" + }, + "produce_batch_record_count": { + "type": "integer" + }, + "produce_batch_size_bytes": { + "type": "integer" + }, + "produce_batch_delay_ms": { + "type": "integer" + }, + "consumer_request_timeout_ms": { + "type": "integer" + }, + "consumer_request_max_bytes": { + "type": "integer" + }, + "consumer_session_timeout_ms": { + "type": "integer" + }, + "consumer_rebalance_timeout_ms": { + "type": "integer" + }, + "consumer_heartbeat_interval_ms": { + "type": "integer" + } + } + }, + "pandaproxy_client": { + "type": "object", + "properties": { + "retries": { + "type": "integer" + }, + "retry_base_backoff_ms": { + "type": "integer" + }, + "produce_batch_record_count": { + "type": "integer" + }, + "produce_batch_size_bytes": { + "type": "integer" + }, + "produce_batch_delay_ms": { + "type": "integer" + }, + "consumer_request_timeout_ms": { + "type": "integer" + }, + "consumer_request_max_bytes": { + "type": "integer" + }, + "consumer_session_timeout_ms": { + "type": "integer" + }, + "consumer_rebalance_timeout_ms": { + "type": "integer" + }, + "consumer_heartbeat_interval_ms": { + "type": "integer" + } + } } } } diff --git a/charts/redpanda/redpanda/values.yaml b/charts/redpanda/redpanda/values.yaml index 9164589e0..356aff378 100644 --- a/charts/redpanda/redpanda/values.yaml +++ b/charts/redpanda/redpanda/values.yaml @@ -389,98 +389,106 @@ storage: # Settings for the Tiered Storage cache. # For details, # see the [Tiered Storage documentation](https://docs.redpanda.com/docs/manage/kubernetes/tiered-storage/#caching). - # For the maximum size of the disk cache, see `tieredConfig.cloud_storage_cache_size`. - # - # -- Absolute path on the host to store Redpanda's Tiered Storage cache. - # If unspecified, then an `emptyDir` volume is used. - # If specified but `tieredStoragePersistentVolume.enabled` is `true`, `storage.tieredStorageHostPath` has no effect. - tieredStorageHostPath: "" - # If `tieredStoragePersistentVolume.enabled` is true, - # a PersistentVolumeClaim is created for the Tiered Storage cache and - # used to store data retrieved from cloud storage, such as S3). Otherwise `storage.tieredStorageHostPath` is used. - tieredStoragePersistentVolume: - enabled: false - # -- To disable dynamic provisioning, set to "-". - # If undefined or empty (default), then no storageClassName spec is set, - # and the default dynamic provisioner is chosen (gp2 on AWS, standard on - # GKE, AWS & OpenStack). - storageClass: "" - # -- Additional labels to apply to the created PersistentVolumeClaims. - labels: {} - # -- Additional annotations to apply to the created PersistentVolumeClaims. - annotations: {} - # - # -- Tiered Storage settings - # Requires `enterprise.licenseKey` or `enterprised.licenseSecretRef` - # For details, - # see the [Tiered Storage documentation](https://docs.redpanda.com/docs/manage/kubernetes/tiered-storage/). - tieredConfig: - # -- Global flag that enables Tiered Storage if a license key is provided. - # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_enabled). - cloud_storage_enabled: false - # -- See the [property reference documentation](https://docs.redpanda.com/docs/reference/tunable-properties/#cloud_storage_enable_remote_write). - cloud_storage_enable_remote_write: true - # -- See the [property reference documentation](https://docs.redpanda.com/docs/reference/tunable-properties/#cloud_storage_enable_remote_read). - cloud_storage_enable_remote_read: true - # -- Required for AWS and GCS. - # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_region). - cloud_storage_region: "" - # -- Required for AWS and GCS. - # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_bucket). - cloud_storage_bucket: "" - # -- Required for AWS and GCS authentication with access keys. - # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_access_key). - cloud_storage_access_key: "" - # -- Required for AWS and GCS authentication with access keys. - # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_secret_key). - cloud_storage_secret_key: "" - # -- See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_api_endpoint). - cloud_storage_api_endpoint: "" - # -- Required for ABS. - # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_azure_container). - cloud_storage_azure_container: null - # -- Required for ABS. - # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_azure_storage_account). - cloud_storage_azure_storage_account: null - # -- Required for ABS. - # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_azure_shared_key). - cloud_storage_azure_shared_key: null - # -- Required for ABS hierarchical namespace - # Available starting from 23.2.8 - # cloud_storage_azure_adls_endpoint: "" - # cloud_storage_azure_adls_port: "" - # Available starting from 22.3.X - # -- Required for AWS and GCS authentication with IAM roles. - # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_credentials_source). - cloud_storage_credentials_source: config_file + tiered: + # mountType can be one of: + # - none: does not mount a volume. Tiered storage will use the data directory. + # - hostPath: will allow you to chose a path on the Node the pod is running on + # - emptyDir: will mount a fresh empty directory every time the pod starts + # - persistentVolume: creates and mounts a PersistentVolumeClaim + mountType: emptyDir - # -- Maximum size of the disk cache used by Tiered Storage. - # Default is 20 GiB. - # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_cache_size). - cloud_storage_cache_size: 5368709120 - # cloud_storage_cache_directory: "" - # cloud_storage_cache_check_interval: 30000 - # cloud_storage_initial_backoff_ms: 100 - # cloud_storage_max_connections: 20 - # cloud_storage_segment_upload_timeout_ms: 30000 - # cloud_storage_manifest_upload_timeout_ms: 10000 - # cloud_storage_max_connection_idle_time_ms: 5000 - # cloud_storage_idle_timeout_ms: 10000 - # cloud_storage_segment_max_upload_interval_sec: 1 - # cloud_storage_trust_file: "" - # cloud_storage_upload_ctrl_update_interval_ms: 60000 - # cloud_storage_upload_ctrl_p_coeff: -2 - # cloud_storage_upload_ctrl_d_coeff: 0 - # cloud_storage_upload_ctrl_min_shares: 100 - # cloud_storage_upload_ctrl_max_shares: 1000 - # DEPRECATED: cloud_storage_reconciliation_interval_ms: 10000 - # cloud_storage_disable_tls: false - # cloud_storage_api_endpoint_port: 443 - # cloud_storage_idle_threshold_rps: 1 - # cloud_storage_enable_segment_merging: true - # cloud_storage_segment_size_target: # The default segment size is controlled by log_segment_size - # cloud_storage_segment_size_min: # Default is 50% of log segment size + # For the maximum size of the disk cache, see `tieredConfig.cloud_storage_cache_size`. + # + # -- Absolute path on the host to store Redpanda's Tiered Storage cache. + hostPath: "" + # PersistentVolumeClaim to be created for the Tiered Storage cache and + # used to store data retrieved from cloud storage, such as S3). + persistentVolume: + # -- To disable dynamic provisioning, set to "-". + # If undefined or empty (default), then no storageClassName spec is set, + # and the default dynamic provisioner is chosen (gp2 on AWS, standard on + # GKE, AWS & OpenStack). + storageClass: "" + # -- Additional labels to apply to the created PersistentVolumeClaims. + labels: {} + # -- Additional annotations to apply to the created PersistentVolumeClaims. + annotations: {} + # + # -- Tiered Storage settings + # Requires `enterprise.licenseKey` or `enterprised.licenseSecretRef` + # For details, + # see the [Tiered Storage documentation](https://docs.redpanda.com/docs/manage/kubernetes/tiered-storage/). + config: + # -- Global flag that enables Tiered Storage if a license key is provided. + # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_enabled). + cloud_storage_enabled: false + # -- See the [property reference documentation](https://docs.redpanda.com/docs/reference/tunable-properties/#cloud_storage_enable_remote_write). + cloud_storage_enable_remote_write: true + # -- See the [property reference documentation](https://docs.redpanda.com/docs/reference/tunable-properties/#cloud_storage_enable_remote_read). + cloud_storage_enable_remote_read: true + + # -- Required for AWS and GCS. + # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_region). + cloud_storage_region: "" + # -- Required for AWS and GCS. + # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_bucket). + cloud_storage_bucket: "" + # -- Required for AWS and GCS authentication with access keys. + # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_access_key). + cloud_storage_access_key: "" + # -- Required for AWS and GCS authentication with access keys. + # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_secret_key). + cloud_storage_secret_key: "" + # -- See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_api_endpoint). + cloud_storage_api_endpoint: "" + # -- Required for ABS. + # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_azure_container). + cloud_storage_azure_container: null + # -- Required for ABS. + # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_azure_storage_account). + cloud_storage_azure_storage_account: null + # -- Required for ABS. + # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_azure_shared_key). + cloud_storage_azure_shared_key: null + # -- Required for ABS hierarchical namespace + # Available starting from 23.2.8 + # cloud_storage_azure_adls_endpoint: "" + # cloud_storage_azure_adls_port: "" + # Available starting from 22.3.X + # -- Required for AWS and GCS authentication with IAM roles. + # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_credentials_source). + cloud_storage_credentials_source: config_file + + # -- Maximum size of the disk cache used by Tiered Storage. + # Default is 20 GiB. + # See the [property reference documentation](https://docs.redpanda.com/docs/reference/cluster-properties/#cloud_storage_cache_size). + cloud_storage_cache_size: 5368709120 + # cloud_storage_cache_directory: "" + # cloud_storage_cache_check_interval: 30000 + # cloud_storage_initial_backoff_ms: 100 + # cloud_storage_max_connections: 20 + # cloud_storage_segment_upload_timeout_ms: 30000 + # cloud_storage_manifest_upload_timeout_ms: 10000 + # cloud_storage_max_connection_idle_time_ms: 5000 + # cloud_storage_idle_timeout_ms: 10000 + # cloud_storage_segment_max_upload_interval_sec: 1 + # cloud_storage_trust_file: "" + # cloud_storage_upload_ctrl_update_interval_ms: 60000 + # cloud_storage_upload_ctrl_p_coeff: -2 + # cloud_storage_upload_ctrl_d_coeff: 0 + # cloud_storage_upload_ctrl_min_shares: 100 + # cloud_storage_upload_ctrl_max_shares: 1000 + # DEPRECATED: cloud_storage_reconciliation_interval_ms: 10000 + # cloud_storage_disable_tls: false + # cloud_storage_api_endpoint_port: 443 + # cloud_storage_idle_threshold_rps: 1 + # cloud_storage_enable_segment_merging: true + # cloud_storage_segment_size_target: # The default segment size is controlled by log_segment_size + # cloud_storage_segment_size_min: # Default is 50% of log segment size + # storage.tieredStorageHostPath has been deprecated. Use storage.tiered.hostPath and configure storage.tiered.mountType instead. + # storage.tieredStoragePersistentVolume has been deprecated. Use storage.tiered.persistentVolume and configure storage.tiered.mountType instead. + # storage.tieredConfig has been deprecated. Use storage.tiered.config instead. post_install_job: enabled: true @@ -989,6 +997,90 @@ config: # dashboard_dir: None # serve http dashboard on / url # developer_mode: optional # Skips most of the checks performed at startup + # Reference schema registry client https://docs.redpanda.com/current/reference/node-configuration-sample/ + schema_registry_client: {} + # # Number of times to retry a request to a broker + # # Default: 5 + # retries: 5 + # + # # Delay (in milliseconds) for initial retry backoff + # # Default: 100ms + # retry_base_backoff_ms: 100 + # + # # Number of records to batch before sending to broker + # # Default: 1000 + # produce_batch_record_count: 1000 + # + # # Number of bytes to batch before sending to broker + # # Defautl 1MiB + # produce_batch_size_bytes: 1048576 + # + # # Delay (in milliseconds) to wait before sending batch + # # Default: 100ms + # produce_batch_delay_ms: 100 + # + # # Interval (in milliseconds) for consumer request timeout + # # Default: 100ms + # consumer_request_timeout_ms: 100 + # + # # Max bytes to fetch per request + # # Default: 1MiB + # consumer_request_max_bytes: 1048576 + # + # # Timeout (in milliseconds) for consumer session + # # Default: 10s + # consumer_session_timeout_ms: 10000 + # + # # Timeout (in milliseconds) for consumer rebalance + # # Default: 2s + # consumer_rebalance_timeout_ms: 2000 + # + # # Interval (in milliseconds) for consumer heartbeats + # # Default: 500ms + # consumer_heartbeat_interval_ms: 500 + + # Reference panda proxy client https://docs.redpanda.com/current/reference/node-configuration-sample/ + pandaproxy_client: {} + # # Number of times to retry a request to a broker + # # Default: 5 + # retries: 5 + # + # # Delay (in milliseconds) for initial retry backoff + # # Default: 100ms + # retry_base_backoff_ms: 100 + # + # # Number of records to batch before sending to broker + # # Default: 1000 + # produce_batch_record_count: 1000 + # + # # Number of bytes to batch before sending to broker + # # Defautl 1MiB + # produce_batch_size_bytes: 1048576 + # + # # Delay (in milliseconds) to wait before sending batch + # # Default: 100ms + # produce_batch_delay_ms: 100 + # + # # Interval (in milliseconds) for consumer request timeout + # # Default: 100ms + # consumer_request_timeout_ms: 100 + # + # # Max bytes to fetch per request + # # Default: 1MiB + # consumer_request_max_bytes: 1048576 + # + # # Timeout (in milliseconds) for consumer session + # # Default: 10s + # consumer_session_timeout_ms: 10000 + # + # # Timeout (in milliseconds) for consumer rebalance + # # Default: 2s + # consumer_rebalance_timeout_ms: 2000 + # + # # Interval (in milliseconds) for consumer heartbeats + # # Default: 500ms + # consumer_heartbeat_interval_ms: 500 + # Invalid properties # Any of these properties will be ignored. These otherwise valid properties are not allowed # to be used in this section since they impact deploying Redpanda in Kubernetes. diff --git a/charts/sysdig/sysdig/CHANGELOG.md b/charts/sysdig/sysdig/CHANGELOG.md index fbcc79f23..605b49d70 100644 --- a/charts/sysdig/sysdig/CHANGELOG.md +++ b/charts/sysdig/sysdig/CHANGELOG.md @@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used exclusively to fix incorrect entries and not to add new ones. ## Change Log +# v1.16.14 +### New Features +* [45e2f7a9](https://github.com/sysdiglabs/charts/commit/45e2f7a96c565bfe0687acaacf350e81f94a23bb): release agent 12.16.2 ([#1381](https://github.com/sysdiglabs/charts/issues/1381)) # v1.16.13 ### Chores * **sysdig, nodel-analyzer** [44e1c6a3](https://github.com/sysdiglabs/charts/commit/44e1c6a385faf3bdcdd0cb8427254338c68254c7): bump sysdig/vuln-runtime-scanner to v1.5.7 ([#1361](https://github.com/sysdiglabs/charts/issues/1361)) diff --git a/charts/sysdig/sysdig/Chart.yaml b/charts/sysdig/sysdig/Chart.yaml index abfa2e650..78896a263 100644 --- a/charts/sysdig/sysdig/Chart.yaml +++ b/charts/sysdig/sysdig/Chart.yaml @@ -3,7 +3,7 @@ annotations: catalog.cattle.io/display-name: Sysdig catalog.cattle.io/release-name: sysdig apiVersion: v1 -appVersion: 12.16.1 +appVersion: 12.16.2 deprecated: true description: Sysdig Monitor and Secure agent home: https://www.sysdig.com/ @@ -19,4 +19,4 @@ name: sysdig sources: - https://app.sysdigcloud.com/#/settings/user - https://github.com/draios/sysdig -version: 1.16.13 +version: 1.16.14 diff --git a/charts/sysdig/sysdig/RELEASE-NOTES.md b/charts/sysdig/sysdig/RELEASE-NOTES.md index 5acd57153..965664103 100644 --- a/charts/sysdig/sysdig/RELEASE-NOTES.md +++ b/charts/sysdig/sysdig/RELEASE-NOTES.md @@ -1,5 +1,5 @@ # What's Changed -### Chores -- **sysdig, nodel-analyzer** [44e1c6a3](https://github.com/sysdiglabs/charts/commit/44e1c6a385faf3bdcdd0cb8427254338c68254c7): bump sysdig/vuln-runtime-scanner to v1.5.7 ([#1361](https://github.com/sysdiglabs/charts/issues/1361)) -#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.22.8...sysdig-1.16.13 +### New Features +- [45e2f7a9](https://github.com/sysdiglabs/charts/commit/45e2f7a96c565bfe0687acaacf350e81f94a23bb): release agent 12.16.2 ([#1381](https://github.com/sysdiglabs/charts/issues/1381)) +#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.23.6...sysdig-1.16.14 diff --git a/charts/sysdig/sysdig/values.yaml b/charts/sysdig/sysdig/values.yaml index ab0f0614c..0c2b6d634 100644 --- a/charts/sysdig/sysdig/values.yaml +++ b/charts/sysdig/sysdig/values.yaml @@ -7,7 +7,7 @@ image: overrideValue: null registry: quay.io repository: sysdig/agent - tag: 12.16.1 + tag: 12.16.2 # Specify a imagePullPolicy # Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' # ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images diff --git a/index.yaml b/index.yaml index 39c5dfc6c..53372d848 100644 --- a/index.yaml +++ b/index.yaml @@ -80,6 +80,63 @@ entries: - assets/datawiza/access-broker-0.1.1.tgz version: 0.1.1 airflow: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Apache Airflow + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: airflow + category: WorkFlow + images: | + - name: airflow-exporter + image: docker.io/bitnami/airflow-exporter:0.20220314.0-debian-11-r422 + - name: airflow-scheduler + image: docker.io/bitnami/airflow-scheduler:2.7.1-debian-11-r14 + - name: airflow-worker + image: docker.io/bitnami/airflow-worker:2.7.1-debian-11-r14 + - name: airflow + image: docker.io/bitnami/airflow:2.7.1-debian-11-r15 + - name: git + image: docker.io/bitnami/git:2.42.0-debian-11-r29 + - name: os-shell + image: docker.io/bitnami/os-shell:11-debian-11-r75 + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 2.7.1 + created: "2023-09-29T14:16:57.053653458Z" + dependencies: + - condition: redis.enabled + name: redis + repository: file://./charts/redis + version: 18.x.x + - condition: postgresql.enabled + name: postgresql + repository: file://./charts/postgresql + version: 13.x.x + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: Apache Airflow is a tool to express and execute workflows as directed + acyclic graphs (DAGs). It includes utilities to schedule tasks, monitor task + progress and handle task dependencies. + digest: f3c6890c4f9521801e5b1473e7ad6a21601aa349573fe9440fbae8ad7b80d7bf + home: https://bitnami.com + icon: https://svn.apache.org/repos/asf/comdev/project-logos/originals/airflow-1.svg + keywords: + - apache + - airflow + - workflow + - dag + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: airflow + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/airflow + urls: + - assets/bitnami/airflow-16.0.0.tgz + version: 16.0.0 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Apache Airflow @@ -14097,8 +14154,8 @@ entries: catalog.cattle.io/featured: "1" catalog.cattle.io/release-name: cost-analyzer apiVersion: v2 - appVersion: 1.106.1 - created: "2023-09-22T15:03:25.366999881Z" + appVersion: 1.106.2 + created: "2023-09-29T14:17:17.35201853Z" dependencies: - condition: global.grafana.enabled name: grafana @@ -14114,7 +14171,38 @@ entries: version: ~0.29.0 description: A Helm chart that sets up Kubecost, Prometheus, and Grafana to monitor cloud costs. - digest: 041730d3c3cef289833b2db8b4b23f889d1d396ea17df52fd95cbd668aca09ea + digest: 51c9c80fa0f30aa9aabd40fb10dd473a2aa7f8b3d8cc681a33a4bc3acf0896f6 + icon: https://partner-charts.rancher.io/assets/logos/kubecost.png + name: cost-analyzer + urls: + - assets/kubecost/cost-analyzer-1.106.2.tgz + version: 1.106.2 + - annotations: + artifacthub.io/links: | + - name: Homepage + url: https://www.kubecost.com + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Kubecost + catalog.cattle.io/release-name: cost-analyzer + apiVersion: v2 + appVersion: 1.106.1 + created: "2023-09-29T14:17:03.776646096Z" + dependencies: + - condition: global.grafana.enabled + name: grafana + repository: file://./charts/grafana + version: ~1.17.2 + - condition: global.prometheus.enabled + name: prometheus + repository: file://./charts/prometheus + version: ~11.0.2 + - condition: global.thanos.enabled + name: thanos + repository: file://./charts/thanos + version: ~0.29.0 + description: A Helm chart that sets up Kubecost, Prometheus, and Grafana to monitor + cloud costs. + digest: 42aa07e018b4193e86f30430077030064e0d48cff34de071f575544e782ae8e2 icon: https://partner-charts.rancher.io/assets/logos/kubecost.png name: cost-analyzer urls: @@ -16192,6 +16280,43 @@ entries: - assets/weka/csi-wekafsplugin-0.6.400.tgz version: 0.6.400 datadog: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Datadog + catalog.cattle.io/kube-version: '>=1.10-0' + catalog.cattle.io/release-name: datadog + apiVersion: v1 + appVersion: "7" + created: "2023-09-29T14:17:00.604690151Z" + dependencies: + - condition: clusterAgent.metricsProvider.useDatadogMetrics + name: datadog-crds + repository: https://helm.datadoghq.com + tags: + - install-crds + version: 1.0.1 + - condition: datadog.kubeStateMetricsEnabled + name: kube-state-metrics + repository: https://prometheus-community.github.io/helm-charts + version: 2.13.2 + description: Datadog Agent + digest: ffc87c46807aa9daaa9d920a555d4d2f4578cd7bc5fddc415e7e1de0e56dc699 + home: https://www.datadoghq.com + icon: https://datadog-live.imgix.net/img/dd_logo_70x75.png + keywords: + - monitoring + - alerting + - metric + maintainers: + - email: support@datadoghq.com + name: Datadog + name: datadog + sources: + - https://app.datadoghq.com/account/settings#agent/kubernetes + - https://github.com/DataDog/datadog-agent + urls: + - assets/datadog/datadog-3.38.3.tgz + version: 3.38.3 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Datadog @@ -20425,6 +20550,38 @@ entries: - assets/f5/f5-bigip-ctlr-0.0.1901.tgz version: 0.0.1901 falcon-sensor: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: CrowdStrike Falcon Platform + catalog.cattle.io/kube-version: '>1.22.0-0' + catalog.cattle.io/release-name: falcon-sensor + apiVersion: v2 + appVersion: 1.20.4 + created: "2023-09-29T14:17:00.066508553Z" + description: A Helm chart to deploy CrowdStrike Falcon sensors into Kubernetes + clusters. + digest: 4f11abf5518f6c26cb9acf42f370b871a0b0459cc16068a2b0be37e830804eaa + home: https://crowdstrike.com + icon: https://raw.githubusercontent.com/CrowdStrike/falcon-helm/main/images/crowdstrike-logo.svg + keywords: + - CrowdStrike + - Falcon + - EDR + - kubernetes + - security + - monitoring + - alerting + kubeVersion: '>1.22.0-0' + maintainers: + - email: integrations@crowdstrike.com + name: CrowdStrike Solutions Architecture + name: falcon-sensor + sources: + - https://github.com/CrowdStrike/falcon-helm + type: application + urls: + - assets/crowdstrike/falcon-sensor-1.20.4.tgz + version: 1.20.4 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: CrowdStrike Falcon Platform @@ -22773,6 +22930,34 @@ entries: - assets/gopaddle/gopaddle-4.2.5.tgz version: 4.2.5 haproxy: + - annotations: + artifacthub.io/changes: | + - Use Ingress Controller 1.10.8 version for base image + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: HAProxy Kubernetes Ingress Controller + catalog.cattle.io/kube-version: '>=1.22.0-0' + catalog.cattle.io/release-name: haproxy + apiVersion: v2 + appVersion: 1.10.8 + created: "2023-09-29T14:17:01.251354867Z" + description: A Helm chart for HAProxy Kubernetes Ingress Controller + digest: b483545a689d588f2191ff9ac27a86b8efa040c95bc7c76e662e1119d771467e + home: https://github.com/haproxytech/helm-charts/tree/main/kubernetes-ingress + icon: https://raw.githubusercontent.com/haproxytech/helm-charts/main/kubernetes-ingress/chart-icon.png + keywords: + - ingress + - haproxy + kubeVersion: '>=1.22.0-0' + maintainers: + - email: dkorunic@haproxy.com + name: Dinko Korunic + name: haproxy + sources: + - https://github.com/haproxytech/kubernetes-ingress + type: application + urls: + - assets/haproxy/haproxy-1.33.1.tgz + version: 1.33.1 - annotations: artifacthub.io/changes: | - Use Ingress Controller 1.10.7 version for base image @@ -28933,6 +29118,58 @@ entries: - assets/kasten/k10-4.5.900.tgz version: 4.5.900 kafka: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Apache Kafka + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: kafka + category: Infrastructure + images: | + - name: jmx-exporter + image: docker.io/bitnami/jmx-exporter:0.19.0-debian-11-r84 + - name: kafka-exporter + image: docker.io/bitnami/kafka-exporter:1.7.0-debian-11-r120 + - name: kafka + image: docker.io/bitnami/kafka:3.5.1-debian-11-r61 + - name: kubectl + image: docker.io/bitnami/kubectl:1.28.2-debian-11-r2 + - name: os-shell + image: docker.io/bitnami/os-shell:11-debian-11-r77 + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 3.5.1 + created: "2023-09-29T14:16:57.638396865Z" + dependencies: + - condition: zookeeper.enabled + name: zookeeper + repository: file://./charts/zookeeper + version: 12.x.x + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: Apache Kafka is a distributed streaming platform designed to build + real-time pipelines and can be used as a message broker or as a replacement + for a log aggregation solution for big data applications. + digest: 781cb55c299cfe621e2d85214f9f3a2f9e8f27992d9f1fb4f2e5e3fc39fff7db + home: https://bitnami.com + icon: https://svn.apache.org/repos/asf/comdev/project-logos/originals/kafka.svg + keywords: + - kafka + - zookeeper + - streaming + - producer + - consumer + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: kafka + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/kafka + urls: + - assets/bitnami/kafka-25.2.0.tgz + version: 25.2.0 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Apache Kafka @@ -42660,6 +42897,51 @@ entries: - assets/portworx/portworx-essentials-2.9.100.tgz version: 2.9.100 postgresql: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: PostgreSQL + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: postgresql + category: Database + images: | + - name: os-shell + image: docker.io/bitnami/os-shell:11-debian-11-r77 + - name: postgres-exporter + image: docker.io/bitnami/postgres-exporter:0.14.0-debian-11-r5 + - name: postgresql + image: docker.io/bitnami/postgresql:16.0.0-debian-11-r3 + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 16.0.0 + created: "2023-09-29T14:16:58.181162533Z" + dependencies: + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: PostgreSQL (Postgres) is an open source object-relational database + known for reliability and data integrity. ACID-compliant, it supports foreign + keys, joins, views, triggers and stored procedures. + digest: fc1b5353b3cc447a8824dc82cd85c59efc2db86311dca07f13096d08f22938ce + home: https://bitnami.com + icon: https://wiki.postgresql.org/images/a/a4/PostgreSQL_logo.3colors.svg + keywords: + - postgresql + - postgres + - database + - sql + - replication + - cluster + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: postgresql + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/postgresql + urls: + - assets/bitnami/postgresql-13.0.0.tgz + version: 13.0.0 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: PostgreSQL @@ -45546,6 +45828,50 @@ entries: - assets/quobyte/quobyte-cluster-0.1.5.tgz version: 0.1.5 redis: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Redis + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: redis + category: Database + images: | + - name: os-shell + image: docker.io/bitnami/os-shell:11-debian-11-r60 + - name: redis-exporter + image: docker.io/bitnami/redis-exporter:1.54.0-debian-11-r0 + - name: redis-sentinel + image: docker.io/bitnami/redis-sentinel:7.2.1-debian-11-r0 + - name: redis + image: docker.io/bitnami/redis:7.2.1-debian-11-r0 + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 7.2.1 + created: "2023-09-29T14:16:58.511223961Z" + dependencies: + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: Redis(R) is an open source, advanced key-value store. It is often + referred to as a data structure server since keys can contain strings, hashes, + lists, sets and sorted sets. + digest: 5cc1dd3a8dbba82fce3db82964f882a6102557febdc259bfc602c4e93facf5f7 + home: https://bitnami.com + icon: https://redis.com/wp-content/uploads/2021/08/redis-logo.png + keywords: + - redis + - keyvalue + - database + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: redis + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/redis + urls: + - assets/bitnami/redis-18.1.1.tgz + version: 18.1.1 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Redis @@ -47426,6 +47752,50 @@ entries: - assets/bitnami/redis-17.3.7.tgz version: 17.3.7 redpanda: + - annotations: + artifacthub.io/images: | + - name: redpanda + image: docker.redpanda.com/redpandadata/redpanda:v23.2.9 + - name: busybox + image: busybox:latest + - name: mintel/docker-alpine-bash-curl-jq + image: mintel/docker-alpine-bash-curl-jq:latest + artifacthub.io/license: Apache-2.0 + artifacthub.io/links: | + - name: Documentation + url: https://docs.redpanda.com + - name: "Helm (>= 3.6.0)" + url: https://helm.sh/docs/intro/install/ + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Redpanda + catalog.cattle.io/kube-version: '>=1.21-0' + catalog.cattle.io/release-name: redpanda + apiVersion: v2 + appVersion: v23.2.9 + created: "2023-09-29T14:17:18.953109635Z" + dependencies: + - condition: console.enabled + name: console + repository: file://./charts/console + version: '>=0.5 <1.0' + - condition: connectors.enabled + name: connectors + repository: file://./charts/connectors + version: '>=0.1.2 <1.0' + description: Redpanda is the real-time engine for modern apps. + digest: 0626582dab0370dd6fbbb6a4455a607cdfcb4a7845423b56029ee7c44646de28 + icon: https://images.ctfassets.net/paqvtpyf8rwu/3cYHw5UzhXCbKuR24GDFGO/73fb682e6157d11c10d5b2b5da1d5af0/skate-stand-panda.svg + kubeVersion: '>=1.21-0' + maintainers: + - name: redpanda-data + url: https://github.com/orgs/redpanda-data/people + name: redpanda + sources: + - https://github.com/redpanda-data/helm-charts + type: application + urls: + - assets/redpanda/redpanda-5.5.3.tgz + version: 5.5.3 - annotations: artifacthub.io/images: | - name: redpanda @@ -50544,6 +50914,48 @@ entries: - assets/redpanda/redpanda-2.1.7.tgz version: 2.1.7 s3gw: + - annotations: + app.aquarist-labs.io/name: s3gw + artifacthub.io/category: storage + artifacthub.io/links: | + - name: homepage + url: https://s3gw.io/ + - name: support + url: https://github.com/aquarist-labs/s3gw/issues + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: S3 Gateway + catalog.cattle.io/experimental: "true" + catalog.cattle.io/kube-version: '>=1.14' + catalog.cattle.io/namespace: s3gw + catalog.cattle.io/release-name: s3gw + apiVersion: v2 + appVersion: latest + created: "2023-09-29T14:16:54.638935674Z" + description: 'Easy-to-use Open Source and Cloud Native S3 service for use on Rancher''s + Kubernetes. ' + digest: 87656ca6bedf41e1cabb6979e28b8e5165f7444e32f0dbdc008eba85828a5572 + home: https://github.com/aquarist-labs/s3gw + icon: https://s3gw.io/img/logo-xl.png + keywords: + - storage + - s3 + kubeVersion: '>=1.14' + maintainers: + - email: s3gw@suse.com + name: s3gw maintainers + url: https://github.com/orgs/aquarist-labs/projects/5 + name: s3gw + sources: + - https://github.com/aquarist-labs/s3gw-charts + - https://github.com/aquarist-labs/s3gw + - https://github.com/aquarist-labs/ceph + - https://github.com/aquarist-labs/s3gw-ui + - https://github.com/aquarist-labs/s3gw-cosi-driver + - https://github.com/kubernetes-sigs/container-object-storage-interface-provisioner-sidecar + type: application + urls: + - assets/aquarist-labs/s3gw-0.21.0.tgz + version: 0.21.0 - annotations: app.aquarist-labs.io/name: s3gw artifacthub.io/category: storage @@ -54534,6 +54946,32 @@ entries: - assets/sumologic/sumologic-2.17.0.tgz version: 2.17.0 sysdig: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: Sysdig + catalog.cattle.io/release-name: sysdig + apiVersion: v1 + appVersion: 12.16.2 + created: "2023-09-29T14:17:19.369215247Z" + deprecated: true + description: Sysdig Monitor and Secure agent + digest: 9fb2a161b30eb40c0b7e086f7c3fb29c9f638f41108a1a1da152f8459f152fb9 + home: https://www.sysdig.com/ + icon: https://avatars.githubusercontent.com/u/5068817?s=200&v=4 + keywords: + - monitoring + - security + - alerting + - metric + - troubleshooting + - run-time + name: sysdig + sources: + - https://app.sysdigcloud.com/#/settings/user + - https://github.com/draios/sysdig + urls: + - assets/sysdig/sysdig-1.16.14.tgz + version: 1.16.14 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: Sysdig @@ -59375,6 +59813,60 @@ entries: - assets/hashicorp/vault-0.22.0.tgz version: 0.22.0 wordpress: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: WordPress + catalog.cattle.io/kube-version: '>=1.19-0' + catalog.cattle.io/release-name: wordpress + category: CMS + images: | + - name: apache-exporter + image: docker.io/bitnami/apache-exporter:1.0.2-debian-11-r0 + - name: os-shell + image: docker.io/bitnami/os-shell:11-debian-11-r82 + - name: wordpress + image: docker.io/bitnami/wordpress:6.3.1-debian-11-r26 + licenses: Apache-2.0 + apiVersion: v2 + appVersion: 6.3.1 + created: "2023-09-29T14:16:59.540984847Z" + dependencies: + - condition: memcached.enabled + name: memcached + repository: file://./charts/memcached + version: 6.x.x + - condition: mariadb.enabled + name: mariadb + repository: file://./charts/mariadb + version: 13.x.x + - name: common + repository: file://./charts/common + tags: + - bitnami-common + version: 2.x.x + description: WordPress is the world's most popular blogging and content management + platform. Powerful yet simple, everyone from students to global corporations + use it to build beautiful, functional websites. + digest: 5cbe3f520f228b5251059cc202a4b44a4d3979b2972393e8afcce23361fdf978 + home: https://bitnami.com + icon: https://s.w.org/style/images/about/WordPress-logotype-simplified.png + keywords: + - application + - blog + - cms + - http + - php + - web + - wordpress + maintainers: + - name: VMware, Inc. + url: https://github.com/bitnami/charts + name: wordpress + sources: + - https://github.com/bitnami/charts/tree/main/bitnami/wordpress + urls: + - assets/bitnami/wordpress-17.1.14.tgz + version: 17.1.14 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: WordPress