andata
/
rancher-partner-charts
mirror of https://git.rancher.io/partner-charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main-source' of https://github.com/bhagirathhapse/partner-charts into main-source

pull/126/head
root 2021-08-23 09:46:34 +00:00
parent 45fb444866 fc0777d494
commit ab7e3bae5d
2661 changed files with 24877 additions and 35025 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
README.md
View File

@ -57,9 +57,9 @@ Set up the following in your `package.yaml` to track your upstream chart:
- `url` - the URL that references your upstream chart's tarball hosted in a Helm repository.
- `packageVersion` - The version of the package. This is used along with your upstream chart's name and version to generate a filename with the format `{PACKAGE_NAME}-{VERSION}{packageVersion}+up{VERSION}.tgz` for the package's tarball that gets generated.
- `packageVersion` - The version of the package. This is used along with your upstream chart's name and version to generate a filename with the format `{PACKAGE_NAME}-{VERSION}{packageVersion}.tgz` for the package's tarball that gets generated.
For example, an upstream chart `chart-0.1.2.tgz` and the `package.yaml` from below would generate a package with the name `chart-0.1.201+up0.1.2`.
For example, an upstream chart `chart-0.1.2.tgz` and the `package.yaml` from below would generate an asset with the name `chart-0.1.201.tgz`.
```yaml
url: https://example.com/helm-repo/chart-0.1.2.tgz
@ -186,7 +186,7 @@ Update the `url` to reference the new upstream chart. If your chart uses `packag
For example, an existing package tracking an upstream chart `url: https://example.com/helm-repo/chart-0.1.2.tgz`
can be updated to track the new `url: https://example.com/helm-repo/chart-0.1.3.tgz`, and a new package
`chart-0.1.301+up0.1.3.tgz` will be generated.
`chart-0.1.301.tgz` will be generated.
```yaml
url: https://example.com/helm-repo/chart-0.1.3.tgz
@ -207,8 +207,8 @@ If your chart uses `packageVersion`, increase the `packageVersion` in `package.y
create a new version of a package tracking the same upstream chart.
For example, an existing package tracking an upstream chart `url: https://example.com/helm-repo/chart-0.1.2.tgz`
generated a package `chart-0.1.201+up0.1.2.tgz`. Increasing the `packageVersion` without changing the `url`
will generate a new package `chart-0.1.202+up0.1.2.tgz` based off of the same upstream chart.
generated a package `chart-0.1.201.tgz`. Increasing the `packageVersion` without changing the `url`
will generate a new package `chart-0.1.202.tgz` based off of the same upstream chart.
### 7. Test your changes
@ -226,7 +226,7 @@ to set up a Helm repo in your current branch.
- `charts/{PACKAGE_NAME}/{PACKAGE_NAME}/{VERSION}` - Contains an unarchived version of your modified chart
- `assets/{PACKAGE_NAME}/` - Contains an archived (tarball) version of your modified chart
named `{PACKAGE_NAME}-{VERSION}{packageVersion}+up{VERSION}.tgz`
named `{PACKAGE_NAME}-{VERSION}{packageVersion}.tgz`
#### Test modified chart
To test your changes, just push the generated files to your fork as a separate commit and add your

BIN
assets/ambassador/ambassador-6.7.1100+up6.7.11.tgz
View File

Binary file not shown.

0
assets/ambassador/ambassador-6.7.1100.tgz Executable file → Normal file
View File

0
assets/artifactory-ha/artifactory-ha-3.0.1400.tgz Executable file → Normal file
View File

BIN
assets/artifactory-ha/artifactory-ha-4.13.0.tgz
View File

Binary file not shown.

0
assets/artifactory-ha/artifactory-ha-4.13.000.tgz Executable file → Normal file
View File

BIN
assets/artifactory-ha/artifactory-ha-4.13.1.tgz Normal file
View File

Binary file not shown.

0
assets/artifactory-ha/artifactory-ha-4.7.600.tgz Executable file → Normal file
View File

0
assets/artifactory-jcr/artifactory-jcr-2.5.100.tgz Executable file → Normal file
View File

BIN
assets/artifactory-jcr/artifactory-jcr-3.4.0.tgz
View File

Binary file not shown.

0
assets/artifactory-jcr/artifactory-jcr-3.4.000.tgz Executable file → Normal file
View File

BIN
assets/artifactory-jcr/artifactory-jcr-3.4.1.tgz Normal file
View File

Binary file not shown.

BIN
assets/citrix-adc-istio-ingress-gateway/citrix-adc-istio-ingress-gateway-1.2.100+up1.2.1.tgz
View File

Binary file not shown.

0
assets/citrix-adc-istio-ingress-gateway/citrix-adc-istio-ingress-gateway-1.2.100.tgz Executable file → Normal file
View File

BIN
assets/citrix-cpx-with-ingress-controller/citrix-cpx-with-ingress-controller-1.8.2800+up1.8.28.tgz
View File

Binary file not shown.

0
assets/citrix-cpx-with-ingress-controller/citrix-cpx-with-ingress-controller-1.8.2800.tgz Executable file → Normal file
View File

0
assets/cloudcasa/cloudcasa-0.1.000.tgz Executable file → Normal file
View File

BIN
assets/cloudcasa/cloudcasa-1.0.0.tgz
View File

Binary file not shown.

0
assets/cloudcasa/cloudcasa-1.tgz Executable file → Normal file
View File

BIN
assets/cloudcasa/cloudcasa-2.0.0.tgz
View File

Binary file not shown.

BIN
assets/cockroachdb/cockroachdb-4.1.200+up4.1.2.tgz
View File

Binary file not shown.

0
assets/cockroachdb/cockroachdb-4.1.200.tgz Executable file → Normal file
View File

BIN
assets/csi-wekafs/csi-wekafsplugin-0.6.400+up0.6.4.tgz
View File

Binary file not shown.

0
assets/csi-wekafs/csi-wekafsplugin-0.6.400.tgz Executable file → Normal file
View File

BIN
assets/csi-wekafs/csi-wekafsplugin-0.6.401.tgz Normal file
View File

Binary file not shown.

BIN
assets/datadog/datadog-2.4.200+up2.4.2.tgz
View File

Binary file not shown.

0
assets/datadog/datadog-2.4.200.tgz Executable file → Normal file
View File

BIN
assets/datadog/datadog-2.4.201.tgz Normal file
View File

Binary file not shown.

0
assets/dynatrace-oneagent-operator/dynatrace-oneagent-operator-0.8.000.tgz Executable file → Normal file
View File

BIN
assets/dynatrace-oneagent-operator/dynatrace-oneagent-operator-0.8.0.tgz → assets/dynatrace-oneagent-operator/dynatrace-oneagent-operator-0.8.1.tgz
View File

Binary file not shown.

BIN
assets/falcon-sensor/falcon-sensor-0.9.300+up0.9.3.tgz
View File

Binary file not shown.

0
assets/falcon-sensor/falcon-sensor-0.9.300.tgz Executable file → Normal file
View File

BIN
assets/federatorai/federatorai-4.5.100+up4.5.1.tgz
View File

Binary file not shown.

0
assets/federatorai/federatorai-4.5.100.tgz Executable file → Normal file
View File

0
assets/haproxy/haproxy-1.12.100.tgz Executable file → Normal file
View File

BIN
assets/haproxy/haproxy-1.12.500+up1.12.5.tgz
View File

Binary file not shown.

0
assets/haproxy/haproxy-1.12.500.tgz Executable file → Normal file
View File

0
assets/haproxy/haproxy-1.4.300.tgz Executable file → Normal file
View File

0
assets/hpe-csi-driver/hpe-csi-driver-1.3.000.tgz Executable file → Normal file
View File

BIN
assets/hpe-csi-driver/hpe-csi-driver-1.4.200+up1.4.2.tgz
View File

Binary file not shown.

0
assets/hpe-csi-driver/hpe-csi-driver-1.4.200.tgz Executable file → Normal file
View File

BIN
assets/hpe-csi-driver/hpe-csi-driver-2.0.0.tgz
View File

Binary file not shown.

BIN
assets/hpe-flexvolume-driver/hpe-flexvolume-driver-3.1.0.tgz
View File

Binary file not shown.

0
assets/hpe-flexvolume-driver/hpe-flexvolume-driver-3.1.000.tgz Executable file → Normal file
View File

BIN
assets/hpe-flexvolume-driver/hpe-flexvolume-driver-3.1.1.tgz Normal file
View File

Binary file not shown.

BIN
assets/instana-agent/instana-agent-1.0.2900+up1.0.29.tgz
View File

Binary file not shown.

0
assets/instana-agent/instana-agent-1.0.2900.tgz Executable file → Normal file
View File

BIN
assets/k8s-triliovault-operator/k8s-triliovault-operator-2.0.500+upv2.0.5.tgz
View File

Binary file not shown.

0
assets/k8s-triliovault-operator/k8s-triliovault-operator-2.0.500.tgz Executable file → Normal file
View File

0
assets/k8s-triliovault-operator/k8s-triliovault-operator-v2.0.200.tgz Executable file → Normal file
View File

BIN
assets/kubecost/cost-analyzer-1.70.0.tgz
View File

Binary file not shown.

0
assets/kubecost/cost-analyzer-1.70.000.tgz Executable file → Normal file
View File

BIN
assets/kubecost/cost-analyzer-1.70.1.tgz Normal file
View File

Binary file not shown.

0
assets/logos/cloudcasa.png Executable file → Normal file
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 21 KiB

After

Width:  |  Height:  |  Size: 21 KiB

BIN
assets/neuvector/neuvector-1.8.0.tgz Normal file
View File

Binary file not shown.

BIN
assets/nutanix-csi-storage/nutanix-csi-storage-2.3.100+up2.3.1.tgz
View File

Binary file not shown.

0
assets/nutanix-csi-storage/nutanix-csi-storage-2.3.100.tgz Executable file → Normal file
View File

BIN
assets/openebs/openebs-1.12.300+up1.12.3.tgz
View File

Binary file not shown.

0
assets/openebs/openebs-1.12.300.tgz Executable file → Normal file
View File

BIN
assets/openebs/openebs-2.11.0.tgz Normal file
View File

Binary file not shown.

BIN
assets/portshift-operator/portshift-operator-0.1.0.tgz
View File

Binary file not shown.

0
assets/portshift-operator/portshift-operator-0.1.000.tgz Executable file → Normal file
View File

BIN
assets/portshift-operator/portshift-operator-0.1.1.tgz Normal file
View File

Binary file not shown.

BIN
assets/streamsets/control-agent-2.0.100+up2.0.1.tgz
View File

Binary file not shown.

0
assets/streamsets/control-agent-2.0.100.tgz Executable file → Normal file
View File

BIN
assets/sysdig/sysdig-1.9.200+up1.9.2.tgz
View File

Binary file not shown.

0
assets/sysdig/sysdig-1.9.200.tgz Executable file → Normal file
View File

BIN
assets/universal-crossplane/universal-crossplane-1.2.200100+up1.2.2-up.1.tgz
View File

Binary file not shown.

0
assets/universal-crossplane/universal-crossplane-1.2.200100.tgz Executable file → Normal file
View File

528
charts/ambassador/ambassador/6.7.1100+up6.7.11/CHANGELOG.md
View File

@ -1,528 +0,0 @@
# Change Log
This file documents all notable changes to Ambassador Helm Chart. The release
numbering uses [semantic versioning](http://semver.org).
## Next Release
(no changes yet)
## v6.7.11
- Update Ambassador API Gateway chart image to version v1.13.8: [CHANGELOG](https://github.com/emissary-ingress/emissary/blob/master/CHANGELOG.md)
- Update Ambassador Edge Stack chart image to version v1.13.8: [CHANGELOG](https://github.com/emissary-ingress/emissary/blob/master/CHANGELOG.md)
- Bugfix: remove duplicate label key in ambassador-agent deployment
## v6.7.10
- Update Ambassador API Gateway chart image to version v1.13.7: [CHANGELOG](https://github.com/emissary-ingress/emissary/blob/master/CHANGELOG.md)
- Update Ambassador Edge Stack chart image to version v1.13.7: [CHANGELOG](https://github.com/emissary-ingress/emissary/blob/master/CHANGELOG.md)
## v6.7.9
- Update Ambassador chart image to version 1.13.6: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.7.8
- Update Ambassador chart image to version 1.13.5: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.7.7
- Bugfix: ambassador-injector and telepresence-proxy now use the correct default image repository
## v6.7.6
- Update Ambassador chart image to version 1.13.4: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
- Change: unless image.repository or image.fullImageOverride is explicitly set, the ambassador image used will be templated on .Values.enableAES. If AES is enabled, the chart will use docker.io/datawire/aes, otherwise will use docker.io/datawire/ambassador.
## v6.7.5
- Update Ambassador chart image to version v1.13.3: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.7.4
- Feature: The [Ambassador Module](https://www.getambassador.io/docs/edge-stack/latest/topics/running/ambassador/) can now be configured and managed by Helm
## v6.7.3
- Update Ambassador chart image to version v1.13.2: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.7.2
- Bugfix: Don't change the Role name when running in singleNamespace mode.
## v6.7.1
- Update Ambassador chart image to version v1.13.1: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.7.0
- Update Ambassador to version 1.13.0: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
- Feature: Ambassador Agent now available for API Gateway (https://app.getambassador.io)
- Feature: Add support for [pod toplology spread constraints](https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/) via the `topologySpreadConstraints` helm value to the Ambassador deployment. (thanks, [@lawliet89](https://github.com/lawliet89)!)
- BugFix: Add missing `ambassador_id` for resolvers.
- Change: Ambassador ClusterRoles are now aggregated under the label `rbac.getambassador.io/role-group`. The aggregated role has the same name as the previous role name (so no need to update ClusterRoleBindings).
## v6.6.4
- Update Ambassador to version 1.12.4: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.6.3
- Update Ambassador to version 1.12.3: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.6.2
- Update Ambassador to version 1.12.2: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.6.1
- Fix metadata field in ConsulRevoler
- Make resolvers available to OSS
## v6.6.0
- Update Ambassador to version 1.12.1: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
- Feature: Apply Ambassador Agent deployment by default to enable Service Catalog reporting (https://app.getambassador.io)
## v6.5.22
- Bugfix: Disable the cloud agent by default. The agent will be enabled in 6.6.0.
- Bugfix: Adds a check to prevent the cloud agent from being installed if AES version is less than 1.12.0
## v6.5.21
- Update Ambassador to version 1.12.0: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
- Feature: Add support for the ambassador-agent, reporting to Service Catalog (https://app.getambassador.io)
- Feature: All services are automatically instrumented with discovery annotations.
## v6.5.20
- Update Ambassador to version v1.11.2: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.5.19
- Make all `livenessProbe` and `readinessProbe` configurations available to the values file
## v6.5.18
- Update Ambassador to version v1.11.1: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.5.17
- Update Ambassador to version v1.11.0: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
- Bugfix: Fix Mapping definition to correctly support labels in use.
## v6.5.16
- Bugfix: Ambassador CRD cleanup will now execute as expected.
## v6.5.15
- Bugfix: Ambassador RBAC now includes permissions for IngressClasses.
## v6.5.14
- Update for Ambassador v1.10.0
## v6.5.13
- Update for Ambassador v1.9.1
## v6.5.12
- Feature: Add ability to configure `terminationGracePeriodSeconds` for the Ambassador container
- Update for Ambassador v1.9.0
## v6.5.11
- Feature: add affinity and tolerations support for redis pods
## v6.5.10
- Update Ambassador to version 1.8.1: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.5.9
- Update Ambassador to version 1.8.0: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
- Bugfix: The RBAC for AES now grants permission to "patch" Events.v1.core. Previously it granted "create" but not "patch".
## v6.5.8
- Update Ambassador to version 1.7.4: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.5.7
- Update Ambassador to version 1.7.3: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
- The BusyBox image image used by `test-ready` is now configurable (thanks, [Alan Silva](https://github.com/OmegaVVeapon)!)
## v6.5.6
- Update Ambassador to version 1.7.2: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
- Feature: Allow overriding the namespace for the release using the values file: [ambassador-chart/#122](https://github.com/datawire/ambassador-chart/pull/122)
## v6.5.5
- Allow hyphens in service annotations: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.5.4
- Upgrade Ambassador to version 1.7.1: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.5.3
- Upgrade Ambassador to version 1.7.0: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.5.2
- Feature: Add support for DaemonSet/Deployment labels: [ambassador-chart/#114](https://github.com/datawire/ambassador-chart/pull/114)
- Upgrade Ambassador to version 1.6.2: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.5.1
- Upgrade Ambassador to version 1.6.1: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.5.0
- Upgrade Ambassador to version 1.6.0: [CHANGELOG}](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.4.10
- Feature: Allow specifying annotations for the license-key-secret: [ambassador-chart/#106](https://github.com/datawire/ambassador-chart/issues/106)
- Feature: Annotation for keeping the AES secret on removal: [ambassador-chart/#110](https://github.com/datawire/ambassador-chart/issues/110)
- Fix: do not mount the secret if we do not want a secret: [ambassador-chart/#103](https://github.com/datawire/ambassador-chart/issues/103)
- Internal CI refactorings.
## v6.4.9
- BugFix: Cannot specify podSecurityPolicies: [ambassador-chart/#97](https://github.com/datawire/ambassador-chart/issues/97)
## v6.4.8
- Upgrade Ambassador to version 1.5.5: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.4.7
- BugFix: Registry service is now using the proper `app.kubernetes.io/name`
- BugFix: Restore ability to set `REDIS` env vars in `env` instead of `redisEnv`
- Feature: Add `envRaw` to support supplying raw yaml for environment variables. Deprecates `redisEnv`.
## v6.4.6
- Upgrade Ambassador to version 1.5.4: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
- Added support setting external IPs for the ambassador service (thanks, [Jason Smith](https://github.com/jasons42)!)
## v6.4.5
- Upgrade Ambassador to version 1.5.3: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.4.4
- Feature flag for enabling or disabling the [`Project` registry](https://www.getambassador.io/docs/edge-stack/latest/topics/using/projects/)
- redisEnv for setting environment variables to control how Ambassador interacts with redis. See [redis environment](https://www.getambassador.io/docs/edge-stack/latest/topics/running/environment/#redis)
## v6.4.3
- Upgrade Ambassador to version 1.5.2: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.4.2
- Upgrade Ambassador to version 1.5.1: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.4.1
- BugFix: The `PodSecurityPolicy` should not be created by default since it is a cluster-wide resource that should only be created once.
If you would like to use the default `PodSecurityPolicy`, make sure to unset `security.podSecurityPolicy` it in all other releases.
## v6.4.0
- Upgrade Ambassador to version 1.5.0: [CHANGELOG](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
- AuthService and RateLimitService are now installed in the same namespace as Ambassador.
- Changes RBAC permissions to better support single-namespace installations and detecting getambassador.io CRDs.
- Add option to install Service Preview components (traffic-manager, traffic-agent).
- Add option to install ambassador-injector, alongside Service Preview.
- Add additional security policy configurations.
`securityContext` has been deprecated in favor of `security` which allows you to set container and pod security contexts as well as a default `PodSecurityPolicy`.
## v6.3.6
- Switch from Quay.io to DockerHub
## v6.3.5
- Upgrade Ambassador to version 1.4.3: [CHANGELOG}](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.3.4
- Minor bug fixes
## v6.3.3
- Add extra labels to ServiceMonitor: [CHANGELOG}](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.3.2
- Upgrade Ambassador to version 1.4.2: [CHANGELOG}](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.3.1
- Upgrade Ambassador to version 1.4.1: [CHANGELOG}](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.3.0
- Adds: Option to create a ServiceMonitor for scraping via Prometheus Operator
## v6.2.5
- Upgrade Ambassador to version 1.4.0: [CHANGELOG}](https://github.com/datawire/ambassador/blob/master/CHANGELOG.md)
## v6.2.4
- Fix typing so that Helm3 doesn't complain (thanks, [Fabrice Rabaute](https://github.com/jfrabaute)!)
## v6.2.3
- Upgrade Ambassador to version 1.3.2.
- Use explicit types for things like ports, so that things like `helm .. --set service.ports[0].port=80` will be integers instead of ending up as strings
## v6.2.2
- Upgrade Ambassador to version 1.3.1.
- Remove unnecessary `version` field from CRDs.
- Add static label to AES resources, to better support `edgectl install`
## v6.2.1
- Upgrade Ambassador to version 1.3.0.
## v6.2.0
- Add option to not create DevPortal routes
## v6.1.5
- Upgrade Ambassador to version 1.2.2.
## v6.1.4
- Upgrade from Ambassador 1.2.0 to 1.2.1.
## v6.1.3
- Upgrade from Ambassador 1.1.1 to 1.2.0.
## v6.1.2
- Upgrade from Ambassador 1.1.0 to 1.1.1.
## v6.1.1
Minor Improvements:
- Adds: Option to override the name of the RBAC resources
## v6.1.0
Minor improvements including:
- Adds: Option to set `restartPolicy`
- Adds: Option to give the AES license key secret a custom name
- Fixes: Assumption that the AES will be installed only from the `datawire/aes` repository. The `enableAES` flag now configures whether the AES is installed.
- Clarification on how to install OSS
## v6.0.0
Introduces Ambassador Edge Stack being installed by default.
### Breaking changes
Ambassador Pro support has been removed in 6.0.0. Please upgrade to the Ambassador Edge Stack.
## v5.0.0
### Breaking changes
**Note** If upgrading an existing helm 2 installation no action is needed, previously installed CRDs will not be modified.
- Helm 3 support for CRDs was added. Specifically, the CRD templates were moved to non-templated files in the `/crds` directory, and to keep Helm 2 support they are globbed from there by `/templates/crds.yaml`. However, because Helm 3 CRDs are not templated, the labels for new installations have necessarily changed
## v4.0.0
### Breaking Changes
- Introduces the performance tuned and certified build of open source Ambassador, Ambassador core
- The license key is now stored and read from a Kubernetes secret by default
- Added `.Values.pro.licenseKey.secret.enabled` `.Values.pro.licenseKey.secret.create` fields to allow multiple releases in the same namespace to use the same license key secret.
### Minor Changes
- Introduces the ability to configure resource limits for both Ambassador Pro and it's redis instance
- Introduces the ability to configure additional `AuthService` options (see [AuthService documentation](https://www.getambassador.io/reference/services/auth-service/))
- The ambassador-pro-auth `AuthService` and ambassador-pro-ratelimit `RateLimitService` and now created as CRDs when `.Values.crds.enabled: true`
- Fixed misnamed selector for redis instance that failed in an edge case
- Exposes annotations for redis deployment and service
## v3.0.0
### Breaking Changes
- The default annotation has been removed. The service port will be set dynamically to 8080 or 8443 for http and https respectively.
- `service.http`, `service.https`, and `additionalTCPPort` has been replaced with `service.ports`.
- `rbac.namespaced` has been removed. Use `scope.singleNamespace` instead.
### Minor Changes
- Ambassador Pro will pick up when `AMBASSADOR_ID` is set in `.Values.env` [[#15025]](https://github.com/helm/charts/issues/15025).
- `{{release name}}-admins` has been renamed to `{{release name}}-admin` to match YAML install templates
- RBAC configuration has been updated to allow for CRD use when `scope.singleNamespace: true`. [[ambassador/#1576]](https://github.com/datawire/ambassador/issues/1576)
- RBAC configuration now allows for multiple Ambassadors to use CRDs. Set `crds.enabled` in releases that expect CRDs [[ambassador/#1679]](https://github.com/datawire/ambassador/issues/1679)
## v2.6.0
### Minor Changes
- Add ambassador CRDs!
- Update ambassador to 0.70.0
## v2.5.1
### Minor Changes
- Update ambassador to 0.61.1
## v2.5.0
### Minor Changes
- Add support for autoscaling using HPA, see `autoscaling` values.
## v2.4.1
### Minor Changes
- Update ambassador to 0.61.0
## v2.4.0
### Minor Changes
- Allow configuring `hostNetwork` and `dnsPolicy`
## v2.3.1
### Minor Changes
- Adds HOST_IP environment variable
## v2.3.0
### Minor Changes
- Adds support for init containers using `initContainers` and pod labels `podLabels`
## v2.2.5
### Minor Changes
- Update ambassador to 0.60.3
## v2.2.4
### Minor Changes
- Add support for Ambassador PRO [see readme](https://github.com/helm/charts/blob/master/stable/ambassador/README.md#ambassador-pro)
## v2.2.3
### Minor Changes
- Update ambassador to 0.60.2
## v2.2.2
### Minor Changes
- Update ambassador to 0.60.1
## v2.2.1
### Minor Changes
- Fix RBAC for ambassador 0.60.0
## v2.2.0
### Minor Changes
- Update ambassador to 0.60.0
## v2.1.0
### Minor Changes
- Added `scope.singleNamespace` for configuring ambassador to run in single namespace
## v2.0.2
### Minor Changes
- Update ambassador to 0.53.1
## v2.0.1
### Minor Changes
- Update ambassador to 0.52.0
## v2.0.0
### Major Changes
- Removed `ambassador.id` and `namespace.single` in favor of setting environment variables.
## v1.1.5
### Minor Changes
- Update ambassador to 0.50.3
## v1.1.4
### Minor Changes
- support targetPort specification
## v1.1.3
### Minor Changes
- Update ambassador to 0.50.2
## v1.1.2
### Minor Changes
- Add additional chart maintainer
## v1.1.1
### Minor Changes
- Default replicas -> 3
## v1.1.0
### Minor Changes
- Allow RBAC to be namespaced (`rbac.namespaced`)
## v1.0.0
### Major Changes
- First release of Ambassador Helm Chart in helm/charts
- For migration see [Migrating from datawire/ambassador chart](https://github.com/helm/charts/tree/master/stable/ambassador#migrating-from-datawireambassador-chart-chart-version-0400-or-0500)

23
charts/ambassador/ambassador/6.7.1100+up6.7.11/CONTRIBUTING.md
View File

@ -1,23 +0,0 @@
# Contributing to the Ambassador Helm Chart
This Helm chart is used to install The Ambassador Edge Stack (AES) and is
maintained by Datawire.
## Developing
All work on the helm chart should be done in a separate branch off `master` and
contributed with a Pull Request targeting `master`.
**Note**: All updates to the chart require you update the `version` in
`Chart.yaml`.
## Testing
The `ci/` directory contains scripts that will be run on PRs to `master`.
- `ci/run_tests.sh` will run the tests of the chart.
## Releasing
Releasing a new chart is done by pushing a tag to `master`. Travis will then
run the tests and push the chart to `https://getambassador.io/helm`.

28
charts/ambassador/ambassador/6.7.1100+up6.7.11/Chart.yaml
View File

@ -1,28 +0,0 @@
annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Ambassador Edge Stack
catalog.cattle.io/release-name: ambassador
apiVersion: v1
appVersion: 1.13.8
description: A Helm chart for Datawire Ambassador
home: https://www.getambassador.io/
icon: https://www.getambassador.io/images/logo.png
keywords:
- api gateway
- ambassador
- datawire
- envoy
maintainers:
- email: markus@maga.se
name: flydiverny
- email: flynn@datawire.io
name: kflynn
- email: nkrause@datawire.io
name: nbkrause
- email: lukeshu@datawire.io
name: lukeshu
name: ambassador
sources:
- https://github.com/datawire/ambassador
- https://github.com/prometheus/statsd_exporter
version: 6.7.1100+up6.7.11

37
charts/ambassador/ambassador/6.7.1100+up6.7.11/Makefile
View File

@ -1,37 +0,0 @@
HELM_TEST_IMAGE = quay.io/helmpack/chart-testing:v3.0.0-rc.1
K3D_CLUSTER_NAME = helm-chart-test-cluster
CHART_DIR := $(patsubst %/,%,$(dir $(abspath $(lastword $(MAKEFILE_LIST)))))
CHART_KUBECONFIG := /tmp/kubeconfig/k3dconfig
CT_EXEC = docker run --rm -v $(CHART_KUBECONFIG):/root/.kube/config -v $(CHART_DIR):/charts --network host $(HELM_TEST_IMAGE) ct
K3D_EXEC := KUBECONFIG=$(CHART_KUBECONFIG) k3d
test-chart: lint-chart preflight-chart-test chart-create-cluster
$(CT_EXEC) install --config /charts/ct.yaml && \
$(MAKE) chart-delete-cluster
.PHONY: test-chart
lint-chart: preflight-kubeconfig
$(CT_EXEC) lint --config /charts/ct.yaml
.PHONY: lint-chart
preflight-chart-test: preflight-kubeconfig
# check if k3d is installed
@if ! command -v k3d 2> /dev/null ; then \
printf 'k3d not installed, plz do that'; \
false; \
fi
.PHONY: preflight-chart-test
preflight-kubeconfig:
mkdir -p `dirname $(CHART_KUBECONFIG)`
touch $(CHART_KUBECONFIG)
.PHONY: preflight-kubeconfig
chart-create-cluster: preflight-kubeconfig
$(MAKE) chart-delete-cluster || true
$(K3D_EXEC) cluster create $(K3D_CLUSTER_NAME) --k3s-server-arg "--no-deploy=traefik"
.PHONY: chart-create-cluster
chart-delete-cluster:
$(K3D_EXEC) cluster delete $(K3D_CLUSTER_NAME)
.PHONY: chart-delete-cluster

478
charts/ambassador/ambassador/6.7.1100+up6.7.11/README.md
View File

@ -1,478 +0,0 @@
# Ambassador
The Ambassador Edge Stack is a self-service, comprehensive edge stack that is Kubernetes-native and built on [Envoy Proxy](https://www.envoyproxy.io/).
## TL;DR;
```console
$ helm repo add datawire https://getambassador.io
$ helm install ambassador datawire/ambassador
```
## Introduction
This chart bootstraps an [Ambassador](https://www.getambassador.io) deployment on
a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
## Prerequisites
- Kubernetes 1.11+
## Add this Helm repository to your Helm client
```console
helm repo add datawire https://getambassador.io
```
## Installing the Chart
To install the chart with the release name `my-release`:
```console
$ kubectl create namespace ambassador
$ helm install my-release datawire/ambassador -n ambassador
```
The command deploys Ambassador Edge Stack in the ambassador namespace on the Kubernetes cluster in the default configuration.
It is recommended to use the ambassador namespace for easy upgrades.
The [configuration](#configuration) section lists the parameters that can be configured during installation.
### Ambassador Edge Stack Installation
This chart defaults to installing The Ambassador Edge Stack with all of its configuration objects.
- A Redis instance
- `AuthService` resource for enabling authentication
- `RateLimitService` resource for enabling rate limiting
- `Mapping`s for internal request routing
If installing alongside another deployment of Ambassador, some of these resources can cause configuration errors since only one `AuthService` or `RateLimitService` can be configured at a time.
If you already have one of these resources configured in your cluster, please see the [configuration](#configuration) section below for information on how to disable them in the chart.
### Ambassador OSS Installation
This chart can still be used to install Ambassador OSS.
To install OSS, change the `image` to use the OSS image and set `enableAES: false` to skip the install of any AES resources.
## Uninstalling the Chart
To uninstall/delete the `my-release` deployment:
```console
$ helm uninstall my-release
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
## Changelog
Notable chart changes are listed in the [CHANGELOG](./CHANGELOG.md)
## Configuration
The following tables lists the configurable parameters of the Ambassador chart and their default values.
| Parameter | Description | Default |
|----------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------|
| `nameOverride` | Override the generated chart name. Defaults to .Chart.Name. | |
| `fullnameOverride` | Override the generated release name. Defaults to .Release.Name. | |
| `namespaceOverride` | Override the generated release namespace. Defaults to .Release.Namespace. | |
| `adminService.create` | If `true`, create a service for Ambassador's admin UI | `true` |
| `adminService.nodePort` | If explicit NodePort for admin service is required | `true` |
| `adminService.type` | Ambassador's admin service type to be used | `ClusterIP` |
| `adminService.annotations` | Annotations to apply to Ambassador admin service | `{}` |
| `adminService.loadBalancerIP` | IP address to assign (if cloud provider supports it) | `""` |
| `adminService.loadBalancerSourceRanges` | Passed to cloud provider load balancer if created (e.g: AWS ELB) | None |
| `ambassadorConfig` | Config thats mounted to `/ambassador/ambassador-config` | `""` |
| `crds.enabled` | If `true`, enables CRD resources for the installation. | `true` |
| `crds.create` | If `true`, Creates CRD resources | `true` |
| `crds.keep` | If `true`, if the ambassador CRDs should be kept when the chart is deleted | `true` |
| `daemonSet` | If `true`, Create a DaemonSet. By default Deployment controller will be created | `false` |
| `test.enabled` | If `true`, Create test Pod to verify the Ambassador service works correctly (Only created on `helm test`) | `true` |
| `test.image` | Image to use for the test Pod | `busybox` |
| `hostNetwork` | If `true`, uses the host network, useful for on-premise setups | `false` |
| `dnsPolicy` | Dns policy, when hostNetwork set to ClusterFirstWithHostNet | `ClusterFirst` |
| `env` | Any additional environment variables for ambassador pods | `{}` |
| `envRaw` | Additional environment variables in raw YAML format | `{}` |
| `image.pullPolicy` | Ambassador image pull policy | `IfNotPresent` |
| `image.repository` | Ambassador image | `docker.io/datawire/aes` |
| `image.tag` | Ambassador image tag | `1.13.8` |
| `imagePullSecrets` | Image pull secrets | `[]` |
| `namespace.name` | Set the `AMBASSADOR_NAMESPACE` environment variable | `metadata.namespace` |
| `scope.singleNamespace` | Set the `AMBASSADOR_SINGLE_NAMESPACE` environment variable and create namespaced RBAC if `rbac.enabled: true` | `false` |
| `podAnnotations` | Additional annotations for ambassador pods | `{}` |
| `deploymentAnnotations` | Additional annotations for ambassador DaemonSet/Deployment | `{}` |
| `podLabels` | Additional labels for ambassador pods | |
| `deploymentLabels` | Additional labels for ambassador DaemonSet/Deployment | |
| `affinity` | Affinity for ambassador pods | `{}` |
| `topologySpreadConstraints` | Topology Spread Constraints for Ambassador pods. Stable since 1.19. | `[]` |
| `nodeSelector` | NodeSelector for ambassador pods | `{}` |
| `priorityClassName` | The name of the priorityClass for the ambassador DaemonSet/Deployment | `""` |
| `rbac.create` | If `true`, create and use RBAC resources | `true` |
| `rbac.podSecurityPolicies` | pod security polices to bind to | |
| `rbac.nameOverride` | Overrides the default name of the RBAC resources | `` |
| `replicaCount` | Number of Ambassador replicas | `3` |
| `resources` | CPU/memory resource requests/limits | `{ "limits":{"cpu":"1000m","memory":"600Mi"},"requests":{"cpu":"200m","memory":"300Mi"}}` |
| `securityContext` | Set security context for pod | `{ "runAsUser": "8888" }` |
| `security.podSecurityContext` | Set the security context for the Ambassador pod | `{ "runAsUser": "8888" }` |
| `security.containerSecurityContext` | Set the security context for the Ambassador container | `{ "allowPrivilegeEscalation": false }` |
| `security.podSecurityPolicy` | Create a PodSecurityPolicy to be used for the pod. | `{}` |
| `restartPolicy` | Set the `restartPolicy` for pods | `` |
| `terminationGracePeriodSeconds` | Set the `terminationGracePeriodSeconds` for the pod. Defaults to 30 if unset. | `` |
| `initContainers` | Containers used to initialize context for pods | `[]` |
| `sidecarContainers` | Containers that share the pod context | `[]` |
| `livenessProbe.initialDelaySeconds` | Initial delay (s) for Ambassador pod's liveness probe | `30` |
| `livenessProbe.periodSeconds` | Probe period (s) for Ambassador pod's liveness probe | `3` |
| `livenessProbe.failureThreshold` | Failure threshold for Ambassador pod's liveness probe | `3` |
| `readinessProbe.initialDelaySeconds` | Initial delay (s) for Ambassador pod's readiness probe | `30` |
| `readinessProbe.periodSeconds` | Probe period (s) for Ambassador pod's readiness probe | `3` |
| `readinessProbe.failureThreshold` | Failure threshold for Ambassador pod's readiness probe | `3` |
| `service.annotations` | Annotations to apply to Ambassador service | `""` |
| `service.externalTrafficPolicy` | Sets the external traffic policy for the service | `""` |
| `service.nameOverride` | Sets the name of the service | `ambassador.fullname` |
| `service.ports` | List of ports Ambassador is listening on | `[{"name": "http","port": 80,"targetPort": 8080},{"name": "https","port": 443,"targetPort": 8443}]` |
| `service.loadBalancerIP` | IP address to assign (if cloud provider supports it) | `""` |
| `service.loadBalancerSourceRanges` | Passed to cloud provider load balancer if created (e.g: AWS ELB) | None |
| `service.sessionAffinity` | Sets the session affinity policy for the service | `""` |
| `service.sessionAffinityConfig` | Sets the session affinity config for the service | `""` |
| `service.type` | Service type to be used | `LoadBalancer` |
| `service.externalIPs` | External IPs to route to the ambassador service | `[]` |
| `serviceAccount.create` | If `true`, create a new service account | `true` |
| `serviceAccount.name` | Service account to be used | `ambassador` |
| `volumeMounts` | Volume mounts for the ambassador service | `[]` |
| `volumes` | Volumes for the ambassador service | `[]` |
| `enableAES` | Create the [AES configuration objects](#ambassador-edge-stack-installation) | `true` |
| `createDevPortalMappings` | Expose the dev portal on `/docs/` and `/documentation/` | `true` |
| `licenseKey.value` | Ambassador Edge Stack license. Empty will install in evaluation mode. | `` |
| `licenseKey.createSecret` | Set to `false` if installing mutltiple Ambassdor Edge Stacks in a namespace. | `true` |
| `licenseKey.secretName` | Name of the secret to store Ambassador license key in. | `` |
| `licenseKey.annotations` | Annotations to attach to the license-key-secret. | {} |
| `redisURL` | URL of redis instance not created by the release | `""` |
| `redisEnv` | (**DEPRECATED:** Use `envRaw`) Set env vars that control how Ambassador interacts with redis. | `""` |
| `redis.create` | Create a basic redis instance with default configurations | `true` |
| `redis.annotations` | Annotations for the redis service and deployment | `""` |
| `redis.resources` | Resource requests for the redis instance | `""` |
| `redis.nodeSelector` | NodeSelector for redis pods | `{}` |
| `redis.affinity` | Affinity for redis pods | `{}` |
| `redis.tolerations` | Tolerations for redis pods | `{}` |
| `authService.create` | Create the `AuthService` CRD for Ambassador Edge Stack | `true` |
| `authService.optional_configurations` | Config options for the `AuthService` CRD | `""` |
| `rateLimit.create` | Create the `RateLimit` CRD for Ambassador Edge Stack | `true` |
| `registry.create` | Create the `Project` registry. | `false` |
| `autoscaling.enabled` | If true, creates Horizontal Pod Autoscaler | `false` |
| `autoscaling.minReplicas` | If autoscaling enabled, this field sets minimum replica count | `2` |
| `autoscaling.maxReplicas` | If autoscaling enabled, this field sets maximum replica count | `5` |
| `autoscaling.metrics` | If autoscaling enabled, configure hpa metrics | |
| `podDisruptionBudget` | Pod disruption budget rules | `{}` |
| `resolvers.endpoint.create` | Create a KubernetesEndpointResolver | `false` |
| `resolvers.endpoint.name` | If creating a KubernetesEndpointResolver, the resolver name | `endpoint` |
| `resolvers.consul.create` | Create a ConsulResolver | `false` |
| `resolvers.consul.name` | If creating a ConsulResolver, the resolver name | `consul-dc1` |
| `resolvers.consul.spec` | If creating a ConsulResolver, additional configuration | `{}` |
| `module` | Configure and manage the Ambassador Module from the Chart | `{}` |
| `prometheusExporter.enabled` | DEPRECATED: Prometheus exporter side-car enabled | `false` |
| `prometheusExporter.pullPolicy` | DEPRECATED: Image pull policy | `IfNotPresent` |
| `prometheusExporter.repository` | DEPRECATED: Prometheus exporter image | `prom/statsd-exporter` |
| `prometheusExporter.tag` | DEPRECATED: Prometheus exporter image | `v0.8.1` |
| `prometheusExporter.resources` | DEPRECATED: CPU/memory resource requests/limits | `{}` |
| `metrics.serviceMonitor.enabled` | Create ServiceMonitor object (`adminService.create` should be to `true`) | `false` |
| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped | `30s` |
| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `30s` |
| `metrics.serviceMonitor.selector` | Label Selector for Prometheus to find ServiceMonitors | `{ prometheus: kube-prometheus }` |
| `servicePreview.enabled` | If true, install Service Preview components: traffic-manager & traffic-agent (`enableAES` needs to also be to `true`) | `false` |
| `servicePreview.trafficManager.image.repository` | Ambassador Traffic-manager image | Same value as `image.repository` |
| `servicePreview.trafficManager.image.tag` | Ambassador Traffic-manager image tag | Same value as `image.tag` |
| `servicePreview.trafficManager.serviceAccountName` | Traffic-manager Service Account to be used | `traffic-manager` |
| `servicePreview.trafficAgent.image.repository` | Ambassador Traffic-agent image | Same value as `image.repository` |
| `servicePreview.trafficAgent.image.tag` | Ambassador Traffic-agent image tag | Same value as `image.tag` |
| `servicePreview.trafficAgent.injector.enabled` | If true, install the ambassador-injector | `true` |
| `servicePreview.trafficAgent.injector.crtPEM` | TLS certificate for the Common Name of <ambassador-injector>.<namespace>.svc | Auto-generated, valid for 365 days |
| `servicePreview.trafficAgent.injector.keyPEM` | TLS private key for the Common Name of <ambassador-injector>.<namespace>.svc | Auto-generated, valid for 365 days |
| `servicePreview.trafficAgent.port` | Traffic-agent listening port number when injected with ambassador-injector | `9900` |
| `servicePreview.trafficAgent.serviceAccountName` | Label Selector for Prometheus to find ServiceMonitors | `traffic-agent` |
| `servicePreview.trafficAgent.singleNamespace` | If `true`, installs the traffic-agent ServiceAccount and Role in the current installation namespace; Otherwise uses a global ClusterRole applied to every ServiceAccount | `true` |
| `agent.enabled` | If `true`, installs the ambassador-agent Deployment, ServiceAccount and ClusterRole in the ambassador namespace | `true` |
| `agent.cloudConnectionToken` | API token for reporting snapshots to the [Service Catalog](https://app.getambassador.io/cloud/catalog/); If empty, agent will not report snapshots | `""` |
| `agent.rpcAddress` | Address of the ambassador Service Catalog rpc server. | `https://app.getambassador.io/` |
| `agent.image.repository` | Image repository for the ambassador-agent deployment. Defaults to value of `image.repository` | Same value as `image.repository` |
| `agent.image.tag` | Image tag for the ambassador-agent deployment. Defaults to value of `image.tag` | Same value as `image.tag` |
**NOTE:** Make sure the configured `service.http.targetPort` and `service.https.targetPort` ports match your [Ambassador Module's](https://www.getambassador.io/reference/modules/#the-ambassador-module) `service_port` and `redirect_cleartext_from` configurations.
### The Ambasssador Edge Stack
The Ambassador Edge Stack provides a comprehensive, self-service edge stack in
the Kubernetes cluster with a decentralized deployment model and a declarative
paradigm.
By default, this chart will install the latest image of The Ambassador Edge
Stack which will replace your existing deployment of Ambassador with no changes
to functionality.
### CRDs
This helm chart includes the creation of the core CRDs Ambassador uses for
configuration.
The `crds` flags (Helm 2 only) let you configure how a release manages crds.
- `crds.create` Can only be set on your first/master Ambassador release.
- `crds.enabled` Should be set on all releases using Ambassador CRDs
- `crds.keep` Configures if the CRDs are deleted when the master release is
purged. This value is only checked for the master release and can be set to
any value on secondary releases.
### Security
Ambassador takes security very seriously. For this reason, the YAML installation will default with a couple of basic security policies in place.
The `security` field of the `values.yaml` file configures these default policies and replaces the `securityContext` field used earlier.
The defaults will configure the pod to run as a non-root user and prohibit privilege escalation and outline a `PodSecurityPolicy` to ensure these conditions are met.
```yaml
security:
# Security Context for all containers in the pod.
# https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#podsecuritycontext-v1-core
podSecurityContext:
runAsUser: 8888
# Security Context for the Ambassador container specifically
# https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#securitycontext-v1-core
containerSecurityContext:
allowPrivilegeEscalation: false
# A basic PodSecurityPolicy to ensure Ambassador is running with appropriate security permissions
# https://kubernetes.io/docs/concepts/policy/pod-security-policy/
#
# A set of reasonable defaults is outlined below. This is not created by default as it should only
# be created by a one Release. If you want to use the PodSecurityPolicy in the chart, create it in
# the "master" Release and then leave it unset in all others. Set the `rbac.podSecurityPolicies`
# in all non-"master" Releases.
podSecurityPolicy: {}
# # Add AppArmor and Seccomp annotations
# # https://kubernetes.io/docs/concepts/policy/pod-security-policy/#apparmor
# annotations:
# spec:
# seLinux:
# rule: RunAsAny
# supplementalGroups:
# rule: 'MustRunAs'
# ranges:
# # Forbid adding the root group.
# - min: 1
# max: 65535
# fsGroup:
# rule: 'MustRunAs'
# ranges:
# # Forbid adding the root group.
# - min: 1
# max: 65535
# privileged: false
# allowPrivilegeEscalation: false
# runAsUser:
# rule: MustRunAsNonRoot
```
### Annotations
Ambassador is configured using Kubernetes Custom Resource Definitions (CRDs). If you are unable to use CRDs, Ambassador can also be configured using annotations on services. The `service.annotations` section of the values file contains commented out examples of [Ambassador Module](https://www.getambassador.io/reference/core/ambassador) and a global [TLSContext](https://www.getambassador.io/reference/core/tls) configurations which are typically created in the Ambassador service.
If you intend to use `service.annotations`, remember to include the `getambassador.io/config` annotation key as above.
### Prometheus Metrics
Using the Prometheus Exporter has been deprecated and is no longer recommended. You can now use `metrics.serviceMonitor.enabled` to create a `ServiceMonitor` from the chart if the [Prometheus Operator](https://github.com/coreos/prometheus-operator) has been installed on your cluster.
Please see Ambassador's [monitoring with Prometheus](https://www.getambassador.io/user-guide/monitoring/) docs for more information on using the `/metrics` endpoint for metrics collection.
### Specifying Values
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```console
$ helm install --wait my-release \
--set adminService.type=NodePort \
datawire/ambassador
```
Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example,
```console
$ helm install --wait my-release -f values.yaml datawire/ambassador
```
---
# Upgrading
## To 6.0.0
Introduces Ambassador Edge Stack being installed by default.
### Breaking changes
Ambassador Pro support has been removed in 6.0.0. Please [upgrade to the Ambassador Edge Stack](https://www.getambassador.io/user-guide/helm).
## To 5.0.0
### Breaking changes
**Note** If upgrading an existing helm 2 installation no action is needed, previously installed CRDs will not be modified.
- Helm 3 support for CRDs was added. Specifically, the CRD templates were moved to non-templated files in the `/crds` directory, and to keep Helm 2 support they are globbed from there by `/templates/crds.yaml`. However, because Helm 3 CRDs are not templated, the labels for new installations have necessarily changed
## To 4.0.0
The 4.0.0 chart contains a number of changes to the way Ambassador Pro is installed.
- Introduces the performance tuned and certified build of open source Ambassador, Ambassador core
- The license key is now stored and read from a Kubernetes secret by default
- Added `.Values.pro.licenseKey.secret.enabled` `.Values.pro.licenseKey.secret.create` fields to allow multiple releases in the same namespace to use the same license key secret.
- Introduces the ability to configure resource limits for both Ambassador Pro and it's redis instance
- Introduces the ability to configure additional `AuthService` options (see [AuthService documentation](https://www.getambassador.io/reference/services/auth-service/))
- The ambassador-pro-auth `AuthService` and ambassador-pro-ratelimit `RateLimitService` and now created as CRDs when `.Values.crds.enabled: true`
- Fixed misnamed selector for redis instance that failed in an edge case
- Exposes annotations for redis deployment and service
### Breaking changes
The value of `.Values.pro.image.tag` has been shortened to assume `amb-sidecar` (and `amb-core` for Ambassador core)
`values.yaml`
```diff
<3.0.0>
image:
repository: quay.io/datawire/ambassador_pro
- tag: amb-sidecar-0.6.0
<4.0.0+>
image:
repository: quay.io/datawire/ambassador_pro
+ tag: 0.7.0
```
Method for creating a Kubernetes secret to hold the license key has been changed
`values.yaml`
```diff
<3.0.0>
- secret: false
<4.0.0>
+ secret:
+ enabled: true
+ create: true
```
## To 3.0.0
### Service Ports
The way ports are assigned has been changed for a more dynamic method.
Now, instead of setting the port assignments for only the http and https, any port can be open on the load balancer using a list like you would in a standard Kubernetes YAML manifest.
`pre-3.0.0`
```yaml
service:
http:
enabled: true
port: 80
targetPort: 8080
https:
enabled: true
port: 443
targetPort: 8443
```
`3.0.0`
```yaml
service:
ports:
- name: http
port: 80
targetPort: 8080
- name: https
port: 443
targetPort: 8443
```
This change has also replaced the `.additionalTCPPorts` configuration. Additional TCP ports can be created the same as the http and https ports above.
### Annotations and `service_port`
The below Ambassador `Module` annotation is no longer being applied by default.
```yaml
getambassador.io/config: |
---
apiVersion: ambassador/v1
kind: Module
name: ambassador
config:
service_port: 8080
```
This was causing confusion with the `service_port` being hard-coded when enabling TLS termination in Ambassador.
Ambassador has been listening on port 8080 for HTTP and 8443 for HTTPS by default since version `0.60.0` (chart version 2.2.0).
### RBAC and CRDs
A `ClusterRole` and `ClusterRoleBinding` named `{{release name}}-crd` will be created to watch for the Ambassador Custom Resource Definitions. This will be created regardless of the value of `scope.singleNamespace` since CRDs are created the cluster scope.
`rbac.namespaced` has been removed. For namespaced RBAC, set `scope.singleNamespace: true` and `rbac.enabled: true`.
`crds.enabled` will indicate that you are using CRDs and will create the rbac resources regardless of the value of `crds.create`. This allows for multiple deployments to use the CRDs.
## To 2.0.0
### Ambassador ID
ambassador.id has been removed in favor of setting it via an environment variable in `env`. `AMBASSADOR_ID` defaults to `default` if not set in the environment. This is mainly used for [running multiple Ambassadors](https://www.getambassador.io/reference/running#ambassador_id) in the same cluster.
| Parameter | Env variables |
| --------------- | --------------- |
| `ambassador.id` | `AMBASSADOR_ID` |
## Migrating from `datawire/ambassador` chart (chart version 0.40.0 or 0.50.0)
Chart now runs ambassador as non-root by default, so you might need to update your ambassador module config to match this.
### Timings
Timings values have been removed in favor of setting the env variables using `env´
| Parameter | Env variables |
| ----------------- | -------------------------- |
| `timing.restart` | `AMBASSADOR_RESTART_TIME` |
| `timing.drain` | `AMBASSADOR_DRAIN_TIME` |
| `timing.shutdown` | `AMBASSADOR_SHUTDOWN_TIME` |
### Single namespace
| Parameter | Env variables |
| ------------------ | ----------------------------- |
| `namespace.single` | `AMBASSADOR_SINGLE_NAMESPACE` |
### Renamed values
Service ports values have changed names and target ports have new defaults.
| Previous parameter | New parameter | New default value |
| --------------------------- | -------------------------- | ----------------- |
| `service.enableHttp` | `service.http.enabled` | |
| `service.httpPort` | `service.http.port` | |
| `service.httpNodePort` | `service.http.nodePort` | |
| `service.targetPorts.http` | `service.http.targetPort` | `8080` |
| `service.enableHttps` | `service.https.enabled` | |
| `service.httpsPort` | `service.https.port` | |
| `service.httpsNodePort` | `service.https.nodePort` | |
| `service.targetPorts.https` | `service.https.targetPort` | `8443` |
### Exporter sidecar
Pre version `0.50.0` ambassador was using socat and required a sidecar to export statsd metrics. In `0.50.0` ambassador no longer uses socat and doesn't need a sidecar anymore to export its statsd metrics. Statsd metrics are disabled by default and can be enabled by setting environment `STATSD_ENABLED`, this will (in 0.50) send metrics to a service named `statsd-sink`, if you want to send it to another service or namespace it can be changed by setting `STATSD_HOST`
If you are using prometheus the chart allows you to enable a sidecar which can export to prometheus see the `prometheusExporter` values.

8
charts/ambassador/ambassador/6.7.1100+up6.7.11/RELEASE.tpl
View File

@ -1,8 +0,0 @@
## :tada: Ambassador Chart $CHART_VERSION :tada:
Upgrade Ambassador - https://www.getambassador.io/reference/upgrading#helm.html
View changelog - https://github.com/datawire/ambassador/blob/master/charts/ambassador/CHANGELOG.md
---

1
charts/ambassador/ambassador/6.7.1100+up6.7.11/RELEASE_TITLE.tpl
View File

@ -1 +0,0 @@
Ambassador Chart $CHART_VERSION

13
charts/ambassador/ambassador/6.7.1100+up6.7.11/app-readme.md
View File

@ -1,13 +0,0 @@
# Ambassador Edge Stack and Emissary Ingress Chart
[Ambassador Edge Stack](https://www.getambassador.io/products/edge-stack/) and its open source CNCF counterpart [Emissary-Ingress](https://www.getambassador.io/products/api-gateway/) are Kubernetes native, high-performance Ingress controllers designed with GitOps workflows and developer experience in mind. The Edge Stack allows users to manage [Authentication](https://www.getambassador.io/docs/edge-stack/latest/topics/using/filters/), [Rate Limits](https://www.getambassador.io/docs/edge-stack/latest/topics/using/rate-limits/rate-limits/), [TLS](https://www.getambassador.io/docs/edge-stack/latest/topics/running/tls/) and more with easy-to-use resources for [managing your APIs](https://www.getambassador.io/docs/edge-stack/latest/topics/using/intro-mappings/).
## Service Catalog
The default installation of Ambassador Edge Stack includes the deployment needed to get started with [Service Catalog](https://www.getambassador.io/products/service-catalog/) and the [Developer Control Plane](https://www.getambassador.io/developer-control-plane/). Simply generate your [Cloud Token](https://www.getambassador.io/docs/cloud/latest/service-catalog/quick-start/#1-connect-your-cluster-to-ambassador-cloud) and add it in the Service Catalog section as you're setting up the chart.
## More Info
Visit the [Quick Start](https://www.getambassador.io/docs/edge-stack/latest/tutorials/getting-started/) page for more instructions, or check out our [documentation](https://www.getambassador.io/docs/edge-stack). For any questions, or to join the community, visit our [Slack](https://a8r.io/slack) and say hi!
* Ambassador recommends a Kubernetes version of 1.16 or higher.

40
charts/ambassador/ambassador/6.7.1100+up6.7.11/ci/01-psp-values.yaml
View File

@ -1,40 +0,0 @@
security:
# Security Context for all containers in the pod.
# https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#podsecuritycontext-v1-core
podSecurityContext:
runAsUser: 8888
# Security Context for the Ambassador container specifically
# https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#securitycontext-v1-core
containerSecurityContext:
allowPrivilegeEscalation: false
# A basic PodSecurityPolicy to ensure Ambassador is running with appropriate security permissions
# https://kubernetes.io/docs/concepts/policy/pod-security-policy/
#
# A set of reasonable defaults is outlined below. This is not created by default as it should only
# be created by a one Release. If you want to use the PodSecurityPolicy in the chart, create it in
# the "master" Release and then leave it unset in all others. Set the `rbac.podSecurityPolicies`
# in all non-"master" Releases.
podSecurityPolicy:
# Add AppArmor and Seccomp annotations
# https://kubernetes.io/docs/concepts/policy/pod-security-policy/#apparmor
annotations:
seccomp.security.alpha.kubernetes.io/defaultProfileName: runtime/default
spec:
seLinux:
rule: RunAsAny
supplementalGroups:
rule: 'MustRunAs'
ranges:
# Forbid adding the root group.
- min: 1
max: 65535
fsGroup:
rule: 'MustRunAs'
ranges:
# Forbid adding the root group.
- min: 1
max: 65535
privileged: false
allowPrivilegeEscalation: false
runAsUser:
rule: MustRunAsNonRoot

8
charts/ambassador/ambassador/6.7.1100+up6.7.11/ci/02-oss-values.yaml
View File

@ -1,8 +0,0 @@
# install the Ambassador API Gateway
image:
pullPolicy: IfNotPresent
enableAES: false
deploymentStrategy:
type: Recreate

8
charts/ambassador/ambassador/6.7.1100+up6.7.11/ci/05-auth-disabled-values.yaml
View File

@ -1,8 +0,0 @@
service:
type: NodePort
authService:
create: false
deploymentStrategy:
type: Recreate

8
charts/ambassador/ambassador/6.7.1100+up6.7.11/ci/06-hpa-values.yaml
View File

@ -1,8 +0,0 @@
deploymentStrategy:
type: Recreate
service:
type: NodePort
autoscaling:
enabled: true

8
charts/ambassador/ambassador/6.7.1100+up6.7.11/ci/08-single-namespace-values.yaml
View File

@ -1,8 +0,0 @@
service:
type: NodePort
deploymentStrategy:
type: Recreate
scope:
singleNamespace: true

9
charts/ambassador/ambassador/6.7.1100+up6.7.11/ci/09-redis-false-values.yaml
View File

@ -1,9 +0,0 @@
service:
type: NodePort
redis:
enabled: false
# Annotations for Ambassador Pro's redis instance.
deploymentStrategy:
type: Recreate

7
charts/ambassador/ambassador/6.7.1100+up6.7.11/ci/12-daemonset-values.yaml
View File

@ -1,7 +0,0 @@
service:
type: NodePort
deploymentStrategy:
type: RollingUpdate
daemonSet: true

8
charts/ambassador/ambassador/6.7.1100+up6.7.11/ci/13-rl-disabled-values.yaml
View File

@ -1,8 +0,0 @@
service:
type: NodePort
rateLimit:
create: false
deploymentStrategy:
type: Recreate

3
charts/ambassador/ambassador/6.7.1100+up6.7.11/ci/14-deployment-labels.yaml
View File

@ -1,3 +0,0 @@
deploymentLabels:
label: foo
label2: bar

11
charts/ambassador/ambassador/6.7.1100+up6.7.11/ci/15-test-resolvers.yaml
View File

@ -1,11 +0,0 @@
resolvers:
endpoint:
create: true
name: endpoint-foo
consul:
create: true
name: consul-foo
spec:
address: ${HOST_IP}
datacenter: dc1

9
charts/ambassador/ambassador/6.7.1100+up6.7.11/ci/16-test-module.yaml
View File

@ -1,9 +0,0 @@
module:
lua_scripts: |
function envoy_on_response(response_handle)
response_handle:headers():add("Lua-Scripts-Enabled", "Processed")
end
ip_allow:
- peer: 127.0.0.1
- remote: 99.99.0.0/16

5
charts/ambassador/ambassador/6.7.1100+up6.7.11/ci/17-svc-preview.yaml
View File

@ -1,5 +0,0 @@
servicePreview:
enabled: true
trafficAgent:
injector:
enabled: true

21
charts/ambassador/ambassador/6.7.1100+up6.7.11/ci/check_updated_changelog.sh
View File

@ -1,21 +0,0 @@
#!/bin/bash
set -e
CURR_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
[ -d "$CURR_DIR" ] || { echo "FATAL: no current dir (maybe running in zsh?)"; exit 1; }
TOP_DIR=$CURR_DIR/..
# shellcheck source=common.sh
source "$CURR_DIR/common.sh"
echo ${TOP_DIR}
chart_version=$(get_chart_version ${TOP_DIR})
if ! grep "## v${chart_version}" ${TOP_DIR}/CHANGELOG.md > /dev/null 2>&1 ; then
echo "Current chart version does not appear in the changelog."
echo "Please run ambassador.git/charts/ambassador/ci/update_chart_changelog.sh and commit."
exit 1
fi
echo "Changelog looks good!"

47
charts/ambassador/ambassador/6.7.1100+up6.7.11/ci/tests/manifests/backend.yaml
View File

@ -1,47 +0,0 @@
---
apiVersion: getambassador.io/v1
kind: Mapping
metadata:
name: quote-backend
spec:
prefix: /backend/
service: quote
---
apiVersion: v1
kind: Service
metadata:
name: quote
spec:
ports:
- name: http
port: 80
targetPort: 8080
selector:
app: quote
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: quote
spec:
replicas: 1
selector:
matchLabels:
app: quote
strategy:
type: RollingUpdate
template:
metadata:
labels:
app: quote
spec:
containers:
- name: backend
image: datawire/quote:0.4.0
ports:
- name: http
containerPort: 8080
resources:
limits:
cpu: "0.1"
memory: 100Mi

9
charts/ambassador/ambassador/6.7.1100+up6.7.11/ci/tests/manifests/ci-default-values.yaml
View File

@ -1,9 +0,0 @@
#env:
# AMBASSADOR_SINGLE_NAMESPACE: true
# AMBASSADOR_NO_KUBEWATCH: no_kubewatch
deploymentStrategy:
type: Recreate
service:
type: NodePort

18
charts/ambassador/ambassador/6.7.1100+up6.7.11/ci/tests/manifests/helm-init.yaml
View File

@ -1,18 +0,0 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: tiller
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: tiller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: tiller
namespace: kube-system

6
charts/ambassador/ambassador/6.7.1100+up6.7.11/ci/tests/manifests/helm2-values.yaml
View File

@ -1,6 +0,0 @@
service:
type: NodePort
crds:
create: false

18
charts/ambassador/ambassador/6.7.1100+up6.7.11/ci/tests/manifests/tls.yaml
View File

@ -1,18 +0,0 @@
---
apiVersion: v1
data:
tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUNzRENDQVpnQ0NRRHVzSjFYNE54NjJEQU5CZ2txaGtpRzl3MEJBUXNGQURBYU1SZ3dGZ1lEVlFRRERBOWgKYldKaGMzTmhaRzl5TFdObGNuUXdIaGNOTVRreE1qRXpNakV3TXpBNVdoY05NakF4TWpFeU1qRXdNekE1V2pBYQpNUmd3RmdZRFZRUUREQTloYldKaGMzTmhaRzl5TFdObGNuUXdnZ0VpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCCkR3QXdnZ0VLQW9JQkFRQzJjcms1OTk0dklURnZpUGNJRjJpd3R0dVdpajFTeUZNSzVpbERieFByMmJCL3RmbDYKcmRwVUFlWkkrMTVDR2VHbi80ZitwRlFXODdwZ2ZvbDhlL3lCSTUvWStpdVIrQUY1bzhQV2h4aHBJdVk3RXdVbgpyT3ZJajcxaUZWa1Q4akRYZW9RWWdKalQ1MWh4SisyelVLZ3VtZDB6L05USEwrQndFbHZ4Z1ZuWlhUdlhsVGFiClBoWloyK3dZdDQvSnozN3lBMHJwNURKeTg5SStQNmVRSmNseUVyWmsvRUNuRFBxTlhDK1VyclVySXBsNkRScHUKdGZWOE9KM3BJZWc2YjBWQi9TQnRPNzFhMThkaXFPclFVREU5MEFOSWJsYWp0ODN5M0FIc29SNytpVGI0QXFvVwpiNG5LcVV1bEQ2QU0xVUg0TzR0SExIM05SemVOL1E1ZUtVb0ZBZ01CQUFFd0RRWUpLb1pJaHZjTkFRRUxCUUFECmdnRUJBQ045b050OVJXT2JOTTBmajg1cm9GUG1zRE1UWElFOU5SNmpDMjV1SGtpY0lnamtGd043NTFkTnQxT0YKZWZLSkFzTDlSWmZUNmVmMUMxOFlnWE1xbTF5Yis0Q1VWWU9RZW96MlgweEdyT1lLZUhPM0hqamNqcXZ1cUxTeApTQ2duVlM1NkhqZU15MzJBNnIxcUhBL1FsYkkraGJFbHN0MVNwYnFSOG95dE9oUzZpNFNWbWxacWxBRkx5WFRRCjZ6Nm5wc25lTmdXMXhkdDN2UkpleXVFWEFZL0Z0eUxmZnkxdk5uODhhTkg2Y2Z2eWJjaHNkaWlRNnVXTnowVGMKeVVodGZUYWFRVjA1d21KZEJ3ZmJndXF0UjFxbXdyNCtzcjA0MEhoQ0pSVmlRUUdHa2VWSVU5ZHFPY0ZkZk5FTQo5NmczU01YWGRrcVhBYzFFb2hZdEthMWwvNTA9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcEFJQkFBS0NBUUVBdG5LNU9mZmVMeUV4YjRqM0NCZG9zTGJibG9vOVVzaFRDdVlwUTI4VDY5bXdmN1g1CmVxM2FWQUhtU1B0ZVFobmhwLytIL3FSVUZ2TzZZSDZKZkh2OGdTT2YyUG9ya2ZnQmVhUEQxb2NZYVNMbU94TUYKSjZ6cnlJKzlZaFZaRS9JdzEzcUVHSUNZMCtkWWNTZnRzMUNvTHBuZE0velV4eS9nY0JKYjhZRloyVjA3MTVVMgptejRXV2R2c0dMZVB5YzkrOGdOSzZlUXljdlBTUGorbmtDWEpjaEsyWlB4QXB3ejZqVnd2bEs2MUt5S1plZzBhCmJyWDFmRGlkNlNIb09tOUZRZjBnYlR1OVd0ZkhZcWpxMEZBeFBkQURTRzVXbzdmTjh0d0I3S0VlL29rMitBS3EKRm0rSnlxbExwUStnRE5WQitEdUxSeXg5elVjM2pmME9YaWxLQlFJREFRQUJBb0lCQUVOQy9qaDV3Z2E4QlA2cQpqdkFEdVV2VXpoV3N0empxczNyRUtaZzd2aXRvSU9La1V1cEFaOG9xdlJ4UTE0b2xBb1V0OXBRUlB4TUxIYjN2ClNINkZNeXprMWt4bXhtTlUvQzQ5Q3Jqdkt6ZXZieE4rU3BzNjY5NFA1L0RlRCs0RGpyQVI4ZHNhcGIwUmdCQ1AKZU5sdnRlRWdSbVdoSTB5ZndPMXdSMGM4dWNRaE5GcjNNd0lMQ1FES0Zpa2NDSi9GV0FmNXc4ZGFnYnBYTXAxawo3ci9ya1BFcVh6NnRxam04eWZZWlRoaGIwUE5LcSsxOGdkaCtLeTZPL1RnTVZ2d1BLVkIrZUhoQmJZY2R6VGYxCmxia3pVeUFhZmR3VlBTTnhVOWhzSzBqNExWZG83YlVkajZySHNXTlBWcm1Ib1VsUnNjcno2aDhPZlQ0bU9WTi8KRmhtcEhvRUNnWUVBNlVENVlWMUJrWEg4S21WRjhiVGVGVGlTY1IvRGI4TVlRY3NLNzQrNEg5aEFmbjR3d3ZWeQpidi9kL2NsOWZHY0xXN0w1QWM1WWRxNlNWZGFHRVZpVzVOTy8xV0wwN3JjaG8xZTRaSzlPemJiUllNWW51cWRHCmF5eGhoUks0R25ubzZXMTlMWWc1d1F3TUJvUzNSbFVxUWN3UU1ESiszMVc4emwrazdpODk0dVVDZ1lFQXlEMXIKZHVMSGRMcG9UWEd2ZjZIVk9HQ1pWczQvSXg1M1B1WnRXY1FkYkc5MDZNWHRwdldWdDN1ek8rVVd2WGJIWHBSMQpjZWVrUHRucTI4a1BFT2oyd3NoVFRQQ05OT0dUWE01SzREbTVjNjVaeWY0WVJjQ0NZNEpSSUNqWHExeE9uc21nCk8ydTZiYlVQWE9veXFmVllWK0wwK25zcHNLOUNCd0ZaMjJqMXVLRUNnWUVBbzcyZTBzQ2FaTFcxcFRWT3NteWIKY2g0eWZ3TWpPUE9sdFpvSlpUNW9yTUlzRkNBVnJ1YUtuRzAxc3hDYzdKV1JuWiszdVpMVyt3bDFaSmlocU0rZApyYWtRQTRYaUZ5bXJqWFRvMXBWU0pvcnQxSmVHRUR1WTdXZE1WaFJiOVFvYmZMSUZxODd6YkJjKzRkeU1vK3pwCkt5TkxRZXBRc2dzSDdYK3EwaUdMdWhrQ2dZQUlYQWdRZm9jMUtGTVNhSnliQjNhUFUva1MxcWxzSGVsOGhzSXAKN1RZTlFObnduZEsrRmFLYWRsK1ZNSXN5ZmJMMUQ5MlhVOFJYbTJGaXE1SWxjcFJhcldKTTQvNEJKeW12eGl6NgpEMjdlbFhqS0pnRjlaL3dKaTNjM2tIendlbm9OeHYwWmZmWGFmcVNWakhGeEJ2MFpMakJzQkpoSStBZ1pvc1ROCmxDUXVBUUtCZ1FESHVxNUVseU1RS2NZWm5tRlN6T2ZYWXNJYm8rZEJJTlEyNnB0OFdacGMydnpsNkNrQXV3TWwKQU9jRllrbjBXSnVJRXRubnhPT3Rwcnh0VGRIWGIvOWZWY090Unp2TitvVjN2OVNEalZjWTRESWp3MXlpMkt1Vwp6MmV1N1lCNExlbG13TFlHMEJUMWp0ejJJREUxYW85MzgybEpWV2J4Y1dsdHArWTFCRWhkdmc9PQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo=
kind: Secret
metadata:
name: self-signed-cert
type: kubernetes.io/tls
---
apiVersion: getambassador.io/v1
kind: TLSContext
metadata:
name: tls
spec:
hosts: ["*"]
secret: self-signed-cert

53
charts/ambassador/ambassador/6.7.1100+up6.7.11/ci/update_chart_changelog.sh
View File

@ -1,53 +0,0 @@
#!/bin/bash
set -e
CURR_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
[ -d "$CURR_DIR" ] || { echo "FATAL: no current dir (maybe running in zsh?)"; exit 1; }
TOP_DIR=$CURR_DIR/..
# shellcheck source=common.sh
source "$CURR_DIR/common.sh"
chart_version=$(get_chart_version ${TOP_DIR})
new_changelog=${TOP_DIR}/CHANGELOG.new.md
rm ${new_changelog} || true
while IFS= read -r line ; do
echo -e "${line}"
echo -e "${line}" >> ${new_changelog}
if [[ "${line}" =~ "## Next Release" ]] ; then
echo "" >> ${new_changelog}
echo "(no changes yet)" >> ${new_changelog}
echo "" >> ${new_changelog}
echo "## v${chart_version}" >> ${new_changelog}
fi
done < ${TOP_DIR}/CHANGELOG.md
mv ${new_changelog} ${TOP_DIR}/CHANGELOG.md
if [[ -n "${DONT_COMMIT_DIFF}" ]] ; then
echo "DONT_COMMIT_DIFF is set, not committing"
exit 0
fi
if git diff --exit-code -- ${TOP_DIR}/CHANGELOG.md > /dev/null 2>&1 ; then
echo "No changes to changelog, exiting"
exit 0
fi
branch_name="$(git symbolic-ref HEAD 2>/dev/null)" ||
branch_name="detached"
if [[ "${branch_name}" == "refs/heads/master" ]] ; then
echo "Not committing local changes to branch because branch is master"
exit 1
elif [[ "${branch_name}" == "detached" ]] ; then
echo "Not committing local changes because you're in a detached head state"
echo "please create a branch then rerun this script"
exit 1
fi
branch_name=${branch_name##refs/heads/}
git add ${TOP_DIR}/CHANGELOG.md
git commit -m "Committing changelog for chart v${chart_version}"
git push -u origin ${branch_name}

27
charts/ambassador/ambassador/6.7.1100+up6.7.11/crds/filter.yaml
View File

@ -1,27 +0,0 @@
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
helm.sh/hook: crd-install
labels:
app.kubernetes.io/name: ambassador
product: aes
name: filters.getambassador.io
spec:
group: getambassador.io
names:
categories:
- ambassador-crds
kind: Filter
plural: filters
shortNames:
- fil
singular: filter
scope: Namespaced
versions:
- name: v1beta2
served: true
storage: false
- name: v2
served: true
storage: true

27
charts/ambassador/ambassador/6.7.1100+up6.7.11/crds/filterpolicy.yaml
View File

@ -1,27 +0,0 @@
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
helm.sh/hook: crd-install
labels:
app.kubernetes.io/name: ambassador
product: aes
name: filterpolicies.getambassador.io
spec:
group: getambassador.io
names:
categories:
- ambassador-crds
kind: FilterPolicy
plural: filterpolicies
shortNames:
- fp
singular: filterpolicy
scope: Namespaced
versions:
- name: v1beta2
served: true
storage: false
- name: v2
served: true
storage: true

115
charts/ambassador/ambassador/6.7.1100+up6.7.11/crds/getambassador.io_authservices.yaml
View File

@ -1,115 +0,0 @@
# GENERATED FILE: edits made by hand will not be preserved.
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.4.1
helm.sh/hook: crd-install
labels:
app.kubernetes.io/name: ambassador
product: aes
name: authservices.getambassador.io
spec:
group: getambassador.io
names:
categories:
- ambassador-crds
kind: AuthService
listKind: AuthServiceList
plural: authservices
singular: authservice
scope: Namespaced
validation:
openAPIV3Schema:
description: AuthService is the Schema for the authservices API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: AuthServiceSpec defines the desired state of AuthService
properties:
add_auth_headers:
additionalProperties:
description: BoolOrString is a type that can hold a Boolean or a string.
oneOf:
- type: string
- type: boolean
type: object
add_linkerd_headers:
type: boolean
allow_request_body:
type: boolean
allowed_authorization_headers:
items:
type: string
type: array
allowed_request_headers:
items:
type: string
type: array
ambassador_id:
description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. May either be a string or a list of strings. If no value is provided, the default is: \n ambassador_id: - \"default\""
items:
type: string
oneOf:
- type: string
- type: array
auth_service:
type: string
failure_mode_allow:
type: boolean
include_body:
properties:
allow_partial:
type: boolean
max_bytes:
description: These aren't pointer types because they are required.
type: integer
required:
- allow_partial
- max_bytes
type: object
path_prefix:
type: string
proto:
enum:
- http
- grpc
type: string
protocol_version:
enum:
- v2
- v3
type: string
status_on_error:
description: Why isn't this just an int??
properties:
code:
type: integer
type: object
timeout_ms:
type: integer
tls:
description: BoolOrString is a type that can hold a Boolean or a string.
oneOf:
- type: string
- type: boolean
required:
- auth_service
type: object
type: object
version: null
versions:
- name: v2
served: true
storage: true
- name: v1
served: true
storage: false

58
charts/ambassador/ambassador/6.7.1100+up6.7.11/crds/getambassador.io_consulresolvers.yaml
View File

@ -1,58 +0,0 @@
# GENERATED FILE: edits made by hand will not be preserved.
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.4.1
helm.sh/hook: crd-install
labels:
app.kubernetes.io/name: ambassador
product: aes
name: consulresolvers.getambassador.io
spec:
group: getambassador.io
names:
categories:
- ambassador-crds
kind: ConsulResolver
listKind: ConsulResolverList
plural: consulresolvers
singular: consulresolver
scope: Namespaced
validation:
openAPIV3Schema:
description: ConsulResolver is the Schema for the ConsulResolver API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ConsulResolver tells Ambassador to use Consul to resolve services. In addition to the AmbassadorID, it needs information about which Consul server and DC to use.
properties:
address:
type: string
ambassador_id:
description: "AmbassadorID declares which Ambassador instances should pay attention to this resource. May either be a string or a list of strings. If no value is provided, the default is: \n ambassador_id: - \"default\""
items:
type: string
oneOf:
- type: string
- type: array
datacenter:
type: string
type: object
type: object
version: null
versions:
- name: v2
served: true
storage: true
- name: v1
served: true
storage: false

Some files were not shown because too many files have changed in this diff Show More