andata
/
rancher-partner-charts
mirror of https://git.rancher.io/partner-charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Charts CI 

```
Updated:
  crate/crate-operator:
    - 2.39.0
  jenkins/jenkins:
    - 5.1.21
  speedscale/speedscale-operator:
    - 2.1.398
  traefik/traefik:
    - 28.1.0
```
pull/1022/head
github-actions[bot] 2024-05-23 00:54:28 +00:00
parent 577862d016
commit b828f5f0e0
34 changed files with 2142 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
assets/crate/crate-operator-2.39.0.tgz Normal file
View File

Binary file not shown.

BIN
assets/jenkins/jenkins-5.1.21.tgz Normal file
View File

Binary file not shown.

BIN
assets/speedscale/speedscale-operator-2.1.398.tgz Normal file
View File

Binary file not shown.

BIN
assets/traefik/traefik-28.1.0.tgz Normal file
View File

Binary file not shown.

6
charts/crate/crate-operator/Chart.lock
View File

@ -1,6 +1,6 @@
dependencies:
- name: crate-operator-crds
repository: file://../crate-operator-crds
version: 2.38.1
digest: sha256:147fae70bea115a4061056f76d174b8a89bdbf7585e28bf86e2f8e5e10ed7865
generated: "2024-03-14T09:07:58.874121656Z"
version: 2.39.0
digest: sha256:a93ac45e35694d7e1f5eaf9ef8007495e086591cb647ed5bf27881d6385b6393
generated: "2024-05-22T09:22:58.388083858Z"

6
charts/crate/crate-operator/Chart.yaml
View File

@ -3,16 +3,16 @@ annotations:
catalog.cattle.io/display-name: CrateDB Operator
catalog.cattle.io/release-name: crate-operator
apiVersion: v2
appVersion: 2.38.1
appVersion: 2.39.0
dependencies:
- condition: crate-operator-crds.enabled
name: crate-operator-crds
repository: file://./charts/crate-operator-crds
version: 2.38.1
version: 2.39.0
description: Crate Operator - Helm chart for installing and upgrading Crate Operator.
icon: https://raw.githubusercontent.com/crate/crate/master/docs/_static/crate-logo.svg
maintainers:
- name: Crate.io
name: crate-operator
type: application
version: 2.38.1
version: 2.39.0

4
charts/crate/crate-operator/charts/crate-operator-crds/Chart.yaml
View File

@ -1,9 +1,9 @@
apiVersion: v2
appVersion: 2.38.1
appVersion: 2.39.0
description: Crate Operator CRDs - Helm chart for installing and upgrading Custom
Resource Definitions (CRDs) for the Crate Operator.
maintainers:
- name: Crate.io
name: crate-operator-crds
type: application
version: 2.38.1
version: 2.39.0

12
charts/jenkins/jenkins/CHANGELOG.md
View File

@ -12,6 +12,18 @@ Use the following links to reference issues, PRs, and commits prior to v2.6.0.
The changelog until v1.5.7 was auto-generated based on git commits.
Those entries include a reference to the git commit to be able to get more details.
## 5.1.21
Update `kubernetes` to version `4231.vb_a_6b_8936497d`
## 5.1.20
Update `kubernetes` to version `4230.vceef11cb_ca_37`
## 5.1.19
Update `docker.io/kiwigrid/k8s-sidecar` to version `1.27.2`
## 5.1.18
Update `configuration-as-code` to version `1807.v0175eda_00a_20`

6
charts/jenkins/jenkins/Chart.yaml
View File

@ -1,12 +1,12 @@
annotations:
artifacthub.io/category: integration-delivery
artifacthub.io/changes: |
- Update `configuration-as-code` to version `1807.v0175eda_00a_20`
- Update `kubernetes` to version `4231.vb_a_6b_8936497d`
artifacthub.io/images: |
- name: jenkins
image: docker.io/jenkins/jenkins:2.452.1-jdk17
- name: k8s-sidecar
image: docker.io/kiwigrid/k8s-sidecar:1.27.1
image: docker.io/kiwigrid/k8s-sidecar:1.27.2
- name: inbound-agent
image: jenkins/inbound-agent:3248.v65ecb_254c298-1
artifacthub.io/license: Apache-2.0
@ -50,4 +50,4 @@ sources:
- https://github.com/maorfr/kube-tasks
- https://github.com/jenkinsci/configuration-as-code-plugin
type: application
version: 5.1.18
version: 5.1.21

4
charts/jenkins/jenkins/VALUES.md
View File

@ -155,7 +155,7 @@ The following tables list the configurable parameters of the Jenkins chart and t
| [controller.initializeOnce](./values.yaml#L414) | bool | Initialize only on first installation. Ensures plugins do not get updated inadvertently. Requires `persistence.enabled` to be set to `true` | `false` |
| [controller.installLatestPlugins](./values.yaml#L403) | bool | Download the minimum required version or latest version of all dependencies | `true` |
| [controller.installLatestSpecifiedPlugins](./values.yaml#L406) | bool | Set to true to download the latest version of any plugin that is requested to have the latest version | `false` |
| [controller.installPlugins](./values.yaml#L395) | list | List of Jenkins plugins to install. If you don't want to install plugins, set it to `false` | `["kubernetes:4219.v40ff98cfb_d6f","workflow-aggregator:596.v8c21c963d92d","git:5.2.2","configuration-as-code:1807.v0175eda_00a_20"]` |
| [controller.installPlugins](./values.yaml#L395) | list | List of Jenkins plugins to install. If you don't want to install plugins, set it to `false` | `["kubernetes:4231.vb_a_6b_8936497d","workflow-aggregator:596.v8c21c963d92d","git:5.2.2","configuration-as-code:1807.v0175eda_00a_20"]` |
| [controller.javaOpts](./values.yaml#L156) | string | Append to `JAVA_OPTS` env var | `nil` |
| [controller.jenkinsAdminEmail](./values.yaml#L96) | string | Email address for the administrator of the Jenkins instance | `nil` |
| [controller.jenkinsHome](./values.yaml#L101) | string | Custom Jenkins home path | `"/var/jenkins_home"` |
@ -244,7 +244,7 @@ The following tables list the configurable parameters of the Jenkins chart and t
| [controller.sidecars.configAutoReload.folder](./values.yaml#L591) | string | | `"/var/jenkins_home/casc_configs"` |
| [controller.sidecars.configAutoReload.image.registry](./values.yaml#L553) | string | Registry for the image that triggers the reload | `"docker.io"` |
| [controller.sidecars.configAutoReload.image.repository](./values.yaml#L555) | string | Repository of the image that triggers the reload | `"kiwigrid/k8s-sidecar"` |
| [controller.sidecars.configAutoReload.image.tag](./values.yaml#L557) | string | Tag for the image that triggers the reload | `"1.27.1"` |
| [controller.sidecars.configAutoReload.image.tag](./values.yaml#L557) | string | Tag for the image that triggers the reload | `"1.27.2"` |
| [controller.sidecars.configAutoReload.imagePullPolicy](./values.yaml#L558) | string | | `"IfNotPresent"` |
| [controller.sidecars.configAutoReload.reqRetryConnect](./values.yaml#L573) | int | How many connection-related errors to retry on | `10` |
| [controller.sidecars.configAutoReload.resources](./values.yaml#L559) | object | | `{}` |

4
charts/jenkins/jenkins/values.yaml
View File

@ -393,7 +393,7 @@ controller:
# Plugins will be installed during Jenkins controller start
# -- List of Jenkins plugins to install. If you don't want to install plugins, set it to `false`
installPlugins:
- kubernetes:4219.v40ff98cfb_d6f
- kubernetes:4231.vb_a_6b_8936497d
- workflow-aggregator:596.v8c21c963d92d
- git:5.2.2
- configuration-as-code:1807.v0175eda_00a_20
@ -554,7 +554,7 @@ controller:
# -- Repository of the image that triggers the reload
repository: kiwigrid/k8s-sidecar
# -- Tag for the image that triggers the reload
tag: 1.27.1
tag: 1.27.2
imagePullPolicy: IfNotPresent
resources: {}
# limits:

4
charts/speedscale/speedscale-operator/Chart.yaml
View File

@ -4,7 +4,7 @@ annotations:
catalog.cattle.io/kube-version: '>= 1.17.0-0'
catalog.cattle.io/release-name: speedscale-operator
apiVersion: v1
appVersion: 2.1.392
appVersion: 2.1.398
description: Stress test your APIs with real world scenarios. Collect and replay
traffic without scripting.
home: https://speedscale.com
@ -24,4 +24,4 @@ maintainers:
- email: support@speedscale.com
name: Speedscale Support
name: speedscale-operator
version: 2.1.392
version: 2.1.398

2
charts/speedscale/speedscale-operator/values.yaml
View File

@ -20,7 +20,7 @@ clusterName: "my-cluster"
# Speedscale components image settings.
image:
registry: gcr.io/speedscale
tag: v2.1.392
tag: v2.1.398
pullPolicy: Always
# Log level for Speedscale components.

117
charts/traefik/traefik/Changelog.md
View File

@ -1,5 +1,122 @@
# Change Log
## 28.1.0 ![AppVersion: v3.0.0](https://img.shields.io/static/v1?label=AppVersion&message=v3.0.0&color=success&logo=) ![Kubernetes: >=1.22.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.22.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm)
* fix(Traefik Hub): do not deploy mutating webhook when enabling only API Gateway
* feat(Traefik Hub): use Traefik Proxy otlp config
* chore: 🔧 update Traefik Hub CRD to v1.3.3
### Default value changes
```diff
diff --git a/traefik/values.yaml b/traefik/values.yaml
index 70297f6..2fd9282 100644
--- a/traefik/values.yaml
+++ b/traefik/values.yaml
@@ -1010,3 +1010,49 @@
## -- This will override the default app.kubernetes.io/instance label for all Objects.
# instanceLabelOverride: traefik
+# -- Traefik Hub configuration. See https://doc.traefik.io/traefik-hub/
+hub:
+ # Name of Secret with key 'token' set to a valid license token.
+ # It enables API Gateway.
+ token:
+ apimanagement:
+ # -- Set to true in order to enable API Management. Requires a valid license token.
+ enabled:
+ admission:
+ # -- WebHook admission server listen address. Default: "0.0.0.0:9943".
+ listenAddr:
+ # -- Certificate of the WebHook admission server. Default: "hub-agent-cert".
+ secretName:
+
+ ratelimit:
+ redis:
+ # -- Enable Redis Cluster. Default: true.
+ cluster:
+ # -- Database used to store information. Default: "0".
+ database:
+ # -- Endpoints of the Redis instances to connect to. Default: "".
+ endpoints:
+ # -- The username to use when connecting to Redis endpoints. Default: "".
+ username:
+ # -- The password to use when connecting to Redis endpoints. Default: "".
+ password:
+ sentinel:
+ # -- Name of the set of main nodes to use for main selection. Required when using Sentinel. Default: "".
+ masterset:
+ # -- Username to use for sentinel authentication (can be different from endpoint username). Default: "".
+ username:
+ # -- Password to use for sentinel authentication (can be different from endpoint password). Default: "".
+ password:
+ # -- Timeout applied on connection with redis. Default: "0s".
+ timeout:
+ tls:
+ # -- Path to the certificate authority used for the secured connection.
+ ca:
+ # -- Path to the public certificate used for the secure connection.
+ cert:
+ # -- Path to the private key used for the secure connection.
+ key:
+ # -- When insecureSkipVerify is set to true, the TLS connection accepts any certificate presented by the server. Default: false.
+ insecureSkipVerify:
+ # Enable export of errors logs to the platform. Default: true.
+ sendlogs:
```
## 28.1.0-beta.3 ![AppVersion: v3.0.0](https://img.shields.io/static/v1?label=AppVersion&message=v3.0.0&color=success&logo=) ![Kubernetes: >=1.22.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.22.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm)
**Release date:** 2024-05-03
* chore: 🔧 update Traefik Hub CRD to v1.3.2
* chore(release): 🚀 publish v28.1.0-beta.3
## 28.1.0-beta.2 ![AppVersion: v3.0.0](https://img.shields.io/static/v1?label=AppVersion&message=v3.0.0&color=success&logo=) ![Kubernetes: >=1.22.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.22.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm)
**Release date:** 2024-05-02
* fix: 🐛 refine Traefik Hub support
* chore(release): 🚀 publish v28.1.0-beta.2
### Default value changes
```diff
diff --git a/traefik/values.yaml b/traefik/values.yaml
index ce0a7a3..70297f6 100644
--- a/traefik/values.yaml
+++ b/traefik/values.yaml
@@ -1015,13 +1015,15 @@ hub:
# Name of Secret with key 'token' set to a valid license token.
# It enables API Gateway.
token:
- admission:
- # -- WebHook admission server listen address. Default: "0.0.0.0:9943".
- listenAddr:
- # -- Certificate of the WebHook admission server. Default: "hub-agent-cert".
- secretName:
- # -- Set to true in order to enable API Management. Requires a valid license token.
apimanagement:
+ # -- Set to true in order to enable API Management. Requires a valid license token.
+ enabled:
+ admission:
+ # -- WebHook admission server listen address. Default: "0.0.0.0:9943".
+ listenAddr:
+ # -- Certificate of the WebHook admission server. Default: "hub-agent-cert".
+ secretName:
+
metrics:
opentelemetry:
# -- Set to true to enable OpenTelemetry metrics exporter of Traefik Hub.
```
## 28.1.0-beta.1 ![AppVersion: v3.0.0](https://img.shields.io/static/v1?label=AppVersion&message=v3.0.0&color=success&logo=) ![Kubernetes: >=1.22.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.22.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm)
**Release date:** 2024-04-30
* feat: :rocket: add initial support for Traefik Hub Api Gateway
* chore(release): 🚀 publish v28.1.0-beta.1
## 28.0.0 ![AppVersion: v3.0.0](https://img.shields.io/static/v1?label=AppVersion&message=v3.0.0&color=success&logo=) ![Kubernetes: >=1.22.0-0](https://img.shields.io/static/v1?label=Kubernetes&message=%3E%3D1.22.0-0&color=informational&logo=kubernetes) ![Helm: v3](https://img.shields.io/static/v1?label=Helm&message=v3&color=informational&logo=helm)
**Release date:** 2024-04-30

11
charts/traefik/traefik/Chart.yaml
View File

@ -1,10 +1,7 @@
annotations:
artifacthub.io/changes: "- \"style: \U0001F3A8 consistent capitalization on `--entryPoints`
CLI flag\"\n- \"fix: \U0001F41B only expose http3 port on service when TCP variant
is exposed\"\n- \"fix: \U0001F41B logs filters on status codes\"\n- \"feat: ✨
add support of `experimental-v3.0` unstable version\"\n- \"feat: ability to override
liveness and readiness probe paths\"\n- \"feat(ports): add transport options\"\n-
\"chore(release): publish v28.0.0\"\n"
artifacthub.io/changes: "- \"fix(Traefik Hub): do not deploy mutating webhook when
enabling only API Gateway\"\n- \"feat(Traefik Hub): use Traefik Proxy otlp config\"\n-
\"chore: \U0001F527 update Traefik Hub CRD to v1.3.3\"\n"
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Traefik Proxy
catalog.cattle.io/kube-version: '>=1.22.0-0'
@ -32,4 +29,4 @@ sources:
- https://github.com/traefik/traefik
- https://github.com/traefik/traefik-helm-chart
type: application
version: 28.0.0
version: 28.1.0

24
charts/traefik/traefik/EXAMPLES.md
View File

@ -295,11 +295,15 @@ ports:
enabled: true
```
# Use ProxyProtocol on Digital Ocean
# Use PROXY protocol on Digital Ocean
PROXY protocol is a protocol for sending client connection information, such as origin IP addresses and port numbers, to the final backend server, rather than discarding it at the load balancer.
```yaml
.DOTrustedIPs: &DOTrustedIPs
- 127.0.0.1/32
- 10.120.0.0/16
service:
enabled: true
type: LoadBalancer
@ -310,13 +314,17 @@ service:
# This is the default and should stay as cluster to keep the DO health checks working.
externalTrafficPolicy: Cluster
additionalArguments:
# Tell Traefik to only trust incoming headers from the Digital Ocean Load Balancers.
- "--entryPoints.web.proxyProtocol.trustedIPs=127.0.0.1/32,10.120.0.0/16"
- "--entryPoints.websecure.proxyProtocol.trustedIPs=127.0.0.1/32,10.120.0.0/16"
# Also whitelist the source of headers to trust, the private IPs on the load balancers displayed on the networking page of DO.
- "--entryPoints.web.forwardedHeaders.trustedIPs=127.0.0.1/32,10.120.0.0/16"
- "--entryPoints.websecure.forwardedHeaders.trustedIPs=127.0.0.1/32,10.120.0.0/16"
ports:
web:
forwardedHeaders:
trustedIPs: *DOTrustedIPs
proxyProtocol:
trustedIPs: *DOTrustedIPs
websecure:
forwardedHeaders:
trustedIPs: *DOTrustedIPs
proxyProtocol:
trustedIPs: *DOTrustedIPs
```
# Enable plugin storage

22
charts/traefik/traefik/README.md
View File

@ -75,33 +75,27 @@ helm install -f myvalues.yaml traefik traefik/traefik
One can check what has changed in the [Changelog](./traefik/Changelog.md).
:information_source: With Helm v3, CRDs created by this chart can not be updated, cf. the [Helm Documentation on CRDs](https://helm.sh/docs/chart_best_practices/custom_resource_definitions).
:warning: Please read carefully release notes of this chart before upgrading CRDs.
```bash
# Update repository
helm repo update
# See current Chart & Traefik version
helm search repo traefik/traefik
# Update CRDs (Traefik Proxy v3 CRDs)
kubectl apply --server-side --force-conflicts -k https://github.com/traefik/traefik-helm-chart/traefik/crds/
# Upgrade Traefik
helm upgrade traefik traefik/traefik
```
New major version indicates that there is an incompatible breaking change.
### Upgrading CRDs
With Helm v3, CRDs created by this chart can not be updated, cf the [Helm Documentation on CRDs](https://helm.sh/docs/chart_best_practices/custom_resource_definitions). Please read carefully release notes of this chart before upgrading CRDs.
#### Upgrade from 27.X to 28.X+
🛂 **Warning**: Traefik v3 totally removes the crd support for traefik.containo.us CRDs. Existing resources may silently fail to work after upgrade to Traefik v3.
See [Migration guide from v2 to v3](https://doc.traefik.io/traefik/v3.0/migration/v2-to-v3/) for more details.
```bash
kubectl apply --server-side --force-conflicts -k https://github.com/traefik/traefik-helm-chart/traefik/crds/
```
#### Upgrade up to 27.X
When upgrading on Traefik Proxy v2 version, one need to stay at Traefik Helm Chart v27.x. The command to upgrade to the latest Traefik Proxy v2 CRD is:
```bash
kubectl apply --server-side --force-conflicts -k https://github.com/traefik/traefik-helm-chart/traefik/crds/?ref=v27
```

19
charts/traefik/traefik/VALUES.md
View File

@ -1,6 +1,6 @@
# traefik
![Version: 28.0.0](https://img.shields.io/badge/Version-28.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v3.0.0](https://img.shields.io/badge/AppVersion-v3.0.0-informational?style=flat-square)
![Version: 28.1.0](https://img.shields.io/badge/Version-28.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v3.0.0](https://img.shields.io/badge/AppVersion-v3.0.0-informational?style=flat-square)
A Traefik based Kubernetes ingress controller
@ -59,6 +59,23 @@ Kubernetes: `>=1.22.0-0`
| extraObjects | list | `[]` | Extra objects to deploy (value evaluated as a template) In some cases, it can avoid the need for additional, extended or adhoc deployments. See #595 for more details and traefik/tests/values/extra.yaml for example. |
| globalArguments | list | `["--global.checknewversion","--global.sendanonymoususage"]` | Global command arguments to be passed to all traefik's pods |
| hostNetwork | bool | `false` | If hostNetwork is true, runs traefik in the host network namespace To prevent unschedulabel pods due to port collisions, if hostNetwork=true and replicas>1, a pod anti-affinity is recommended and will be set if the affinity is left as default. |
| hub | object | `{"apimanagement":{"admission":{"listenAddr":null,"secretName":null},"enabled":null},"ratelimit":{"redis":{"cluster":null,"database":null,"endpoints":null,"password":null,"sentinel":{"masterset":null,"password":null,"username":null},"timeout":null,"tls":{"ca":null,"cert":null,"insecureSkipVerify":null,"key":null},"username":null}},"sendlogs":null,"token":null}` | Traefik Hub configuration. See https://doc.traefik.io/traefik-hub/ |
| hub.apimanagement.admission.listenAddr | string | `nil` | WebHook admission server listen address. Default: "0.0.0.0:9943". |
| hub.apimanagement.admission.secretName | string | `nil` | Certificate of the WebHook admission server. Default: "hub-agent-cert". |
| hub.apimanagement.enabled | string | `nil` | Set to true in order to enable API Management. Requires a valid license token. |
| hub.ratelimit.redis.cluster | string | `nil` | Enable Redis Cluster. Default: true. |
| hub.ratelimit.redis.database | string | `nil` | Database used to store information. Default: "0". |
| hub.ratelimit.redis.endpoints | string | `nil` | Endpoints of the Redis instances to connect to. Default: "". |
| hub.ratelimit.redis.password | string | `nil` | The password to use when connecting to Redis endpoints. Default: "". |
| hub.ratelimit.redis.sentinel.masterset | string | `nil` | Name of the set of main nodes to use for main selection. Required when using Sentinel. Default: "". |
| hub.ratelimit.redis.sentinel.password | string | `nil` | Password to use for sentinel authentication (can be different from endpoint password). Default: "". |
| hub.ratelimit.redis.sentinel.username | string | `nil` | Username to use for sentinel authentication (can be different from endpoint username). Default: "". |
| hub.ratelimit.redis.timeout | string | `nil` | Timeout applied on connection with redis. Default: "0s". |
| hub.ratelimit.redis.tls.ca | string | `nil` | Path to the certificate authority used for the secured connection. |
| hub.ratelimit.redis.tls.cert | string | `nil` | Path to the public certificate used for the secure connection. |
| hub.ratelimit.redis.tls.insecureSkipVerify | string | `nil` | When insecureSkipVerify is set to true, the TLS connection accepts any certificate presented by the server. Default: false. |
| hub.ratelimit.redis.tls.key | string | `nil` | Path to the private key used for the secure connection. |
| hub.ratelimit.redis.username | string | `nil` | The username to use when connecting to Redis endpoints. Default: "". |
| image.pullPolicy | string | `"IfNotPresent"` | Traefik image pull policy |
| image.registry | string | `"docker.io"` | Traefik image host registry |
| image.repository | string | `"traefik"` | Traefik image repository |

368
charts/traefik/traefik/crds/hub.traefik.io_accesscontrolpolicies.yaml Normal file
View File

@ -0,0 +1,368 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
name: accesscontrolpolicies.hub.traefik.io
spec:
group: hub.traefik.io
names:
kind: AccessControlPolicy
listKind: AccessControlPolicyList
plural: accesscontrolpolicies
singular: accesscontrolpolicy
scope: Cluster
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: AccessControlPolicy defines an access control policy.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: AccessControlPolicySpec configures an access control policy.
properties:
apiKey:
description: AccessControlPolicyAPIKey configure an APIKey control
policy.
properties:
forwardHeaders:
additionalProperties:
type: string
description: ForwardHeaders instructs the middleware to forward
key metadata as header values upon successful authentication.
type: object
keySource:
description: KeySource defines how to extract API keys from requests.
properties:
cookie:
description: Cookie is the name of a cookie.
type: string
header:
description: Header is the name of a header.
type: string
headerAuthScheme:
description: |-
HeaderAuthScheme sets an optional auth scheme when Header is set to "Authorization".
If set, this scheme is removed from the token, and all requests not including it are dropped.
type: string
query:
description: Query is the name of a query parameter.
type: string
type: object
keys:
description: Keys define the set of authorized keys to access
a protected resource.
items:
description: AccessControlPolicyAPIKeyKey defines an API key.
properties:
id:
description: ID is the unique identifier of the key.
type: string
metadata:
additionalProperties:
type: string
description: Metadata holds arbitrary metadata for this
key, can be used by ForwardHeaders.
type: object
value:
description: Value is the SHAKE-256 hash (using 64 bytes)
of the API key.
type: string
required:
- id
- value
type: object
type: array
required:
- keySource
type: object
basicAuth:
description: AccessControlPolicyBasicAuth holds the HTTP basic authentication
configuration.
properties:
forwardUsernameHeader:
type: string
realm:
type: string
stripAuthorizationHeader:
type: boolean
users:
items:
type: string
type: array
type: object
jwt:
description: AccessControlPolicyJWT configures a JWT access control
policy.
properties:
claims:
type: string
forwardHeaders:
additionalProperties:
type: string
type: object
jwksFile:
type: string
jwksUrl:
type: string
publicKey:
type: string
signingSecret:
type: string
signingSecretBase64Encoded:
type: boolean
stripAuthorizationHeader:
type: boolean
tokenQueryKey:
type: string
type: object
oAuthIntro:
description: AccessControlOAuthIntro configures an OAuth 2.0 Token
Introspection access control policy.
properties:
claims:
type: string
clientConfig:
description: AccessControlOAuthIntroClientConfig configures the
OAuth 2.0 client for issuing token introspection requests.
properties:
headers:
additionalProperties:
type: string
description: Headers to set when sending requests to the Authorization
Server.
type: object
maxRetries:
default: 3
description: MaxRetries defines the number of retries for
introspection requests.
type: integer
timeoutSeconds:
default: 5
description: TimeoutSeconds configures the maximum amount
of seconds to wait before giving up on requests.
type: integer
tls:
description: TLS configures TLS communication with the Authorization
Server.
properties:
ca:
description: CA sets the CA bundle used to sign the Authorization
Server certificate.
type: string
insecureSkipVerify:
description: |-
InsecureSkipVerify skips the Authorization Server certificate validation.
For testing purposes only, do not use in production.
type: boolean
type: object
tokenTypeHint:
description: |-
TokenTypeHint is a hint to pass to the Authorization Server.
See https://tools.ietf.org/html/rfc7662#section-2.1 for more information.
type: string
url:
description: URL of the Authorization Server.
type: string
required:
- url
type: object
forwardHeaders:
additionalProperties:
type: string
type: object
tokenSource:
description: |-
TokenSource describes how to extract tokens from HTTP requests.
If multiple sources are set, the order is the following: header > query > cookie.
properties:
cookie:
description: Cookie is the name of a cookie.
type: string
header:
description: Header is the name of a header.
type: string
headerAuthScheme:
description: |-
HeaderAuthScheme sets an optional auth scheme when Header is set to "Authorization".
If set, this scheme is removed from the token, and all requests not including it are dropped.
type: string
query:
description: Query is the name of a query parameter.
type: string
type: object
required:
- clientConfig
- tokenSource
type: object
oidc:
description: AccessControlPolicyOIDC holds the OIDC authentication
configuration.
properties:
authParams:
additionalProperties:
type: string
type: object
claims:
type: string
clientId:
type: string
disableAuthRedirectionPaths:
items:
type: string
type: array
forwardHeaders:
additionalProperties:
type: string
type: object
issuer:
type: string
logoutUrl:
type: string
redirectUrl:
type: string
scopes:
items:
type: string
type: array
secret:
description: |-
SecretReference represents a Secret Reference. It has enough information to retrieve secret
in any namespace
properties:
name:
description: name is unique within a namespace to reference
a secret resource.
type: string
namespace:
description: namespace defines the space within which the
secret name must be unique.
type: string
type: object
x-kubernetes-map-type: atomic
session:
description: Session holds session configuration.
properties:
domain:
type: string
path:
type: string
refresh:
type: boolean
sameSite:
type: string
secure:
type: boolean
type: object
stateCookie:
description: StateCookie holds state cookie configuration.
properties:
domain:
type: string
path:
type: string
sameSite:
type: string
secure:
type: boolean
type: object
type: object
oidcGoogle:
description: AccessControlPolicyOIDCGoogle holds the Google OIDC authentication
configuration.
properties:
authParams:
additionalProperties:
type: string
type: object
clientId:
type: string
emails:
description: Emails are the allowed emails to connect.
items:
type: string
minItems: 1
type: array
forwardHeaders:
additionalProperties:
type: string
type: object
logoutUrl:
type: string
redirectUrl:
type: string
secret:
description: |-
SecretReference represents a Secret Reference. It has enough information to retrieve secret
in any namespace
properties:
name:
description: name is unique within a namespace to reference
a secret resource.
type: string
namespace:
description: namespace defines the space within which the
secret name must be unique.
type: string
type: object
x-kubernetes-map-type: atomic
session:
description: Session holds session configuration.
properties:
domain:
type: string
path:
type: string
refresh:
type: boolean
sameSite:
type: string
secure:
type: boolean
type: object
stateCookie:
description: StateCookie holds state cookie configuration.
properties:
domain:
type: string
path:
type: string
sameSite:
type: string
secure:
type: boolean
type: object
type: object
type: object
status:
description: The current status of this access control policy.
properties:
specHash:
type: string
syncedAt:
format: date-time
type: string
version:
type: string
type: object
type: object
served: true
storage: true

153
charts/traefik/traefik/crds/hub.traefik.io_apiaccesses.yaml Normal file
View File

@ -0,0 +1,153 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
name: apiaccesses.hub.traefik.io
spec:
group: hub.traefik.io
names:
kind: APIAccess
listKind: APIAccessList
plural: apiaccesses
singular: apiaccess
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: APIAccess defines who can access to a set of APIs.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: The desired behavior of this APIAccess.
properties:
apiSelector:
description: |-
APISelector selects the APIs that will be accessible to the configured audience.
Multiple APIAccesses can select the same set of APIs.
This field is optional and follows standard label selector semantics.
An empty APISelector matches any API.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
apis:
description: |-
APIs defines a set of APIs that will be accessible to the configured audience.
Multiple APIAccesses can select the same APIs.
When combined with APISelector, this set of APIs is appended to the matching APIs.
items:
description: APIReference references an API.
properties:
name:
description: Name of the API.
maxLength: 253
type: string
required:
- name
type: object
maxItems: 100
type: array
x-kubernetes-validations:
- message: duplicated apis
rule: self.all(x, self.exists_one(y, x.name == y.name))
everyone:
description: Everyone indicates that all users will have access to
the selected APIs.
type: boolean
groups:
description: Groups are the consumer groups that will gain access
to the selected APIs.
items:
type: string
type: array
operationFilter:
description: |-
OperationFilter specifies the allowed operations on APIs and APIVersions.
If not set, all operations are available.
An empty OperationFilter prohibits all operations.
properties:
include:
description: Include defines the names of OperationSets that will
be accessible.
items:
type: string
maxItems: 100
type: array
type: object
type: object
x-kubernetes-validations:
- message: groups and everyone are mutually exclusive
rule: '(has(self.everyone) && has(self.groups)) ? !(self.everyone &&
self.groups.size() > 0) : true'
status:
description: The current status of this APIAccess.
properties:
hash:
description: Hash is a hash representing the APIAccess.
type: string
syncedAt:
format: date-time
type: string
version:
type: string
type: object
type: object
served: true
storage: true

101
charts/traefik/traefik/crds/hub.traefik.io_apiportals.yaml Normal file
View File

@ -0,0 +1,101 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
name: apiportals.hub.traefik.io
spec:
group: hub.traefik.io
names:
kind: APIPortal
listKind: APIPortalList
plural: apiportals
singular: apiportal
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: APIPortal defines a developer portal for accessing the documentation
of APIs.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: The desired behavior of this APIPortal.
properties:
description:
description: Description of the APIPortal.
type: string
title:
description: Title is the public facing name of the APIPortal.
type: string
trustedUrls:
description: TrustedURLs are the urls that are trusted by the OAuth
2.0 authorization server.
items:
type: string
maxItems: 1
minItems: 1
type: array
x-kubernetes-validations:
- message: must be a valid URLs
rule: self.all(x, isURL(x))
ui:
description: UI holds the UI customization options.
properties:
logoUrl:
description: LogoURL is the public URL of the logo.
type: string
type: object
required:
- trustedUrls
type: object
status:
description: The current status of this APIPortal.
properties:
hash:
description: Hash is a hash representing the APIPortal.
type: string
oidc:
description: OIDC is the OIDC configuration for accessing the exposed
APIPortal WebUI.
properties:
clientId:
description: ClientID is the OIDC ClientID for accessing the exposed
APIPortal WebUI.
type: string
issuer:
description: Issuer is the OIDC issuer for accessing the exposed
APIPortal WebUI.
type: string
secretName:
description: SecretName is the name of the secret containing the
OIDC ClientSecret for accessing the exposed APIPortal WebUI.
type: string
type: object
syncedAt:
format: date-time
type: string
version:
type: string
type: object
type: object
served: true
storage: true

166
charts/traefik/traefik/crds/hub.traefik.io_apiratelimits.yaml Normal file
View File

@ -0,0 +1,166 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
name: apiratelimits.hub.traefik.io
spec:
group: hub.traefik.io
names:
kind: APIRateLimit
listKind: APIRateLimitList
plural: apiratelimits
singular: apiratelimit
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: APIRateLimit defines how group of consumers are rate limited
on a set of APIs.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: The desired behavior of this APIRateLimit.
properties:
apiSelector:
description: |-
APISelector selects the APIs that will be rate limited.
Multiple APIRateLimits can select the same set of APIs.
This field is optional and follows standard label selector semantics.
An empty APISelector matches any API.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
apis:
description: |-
APIs defines a set of APIs that will be rate limited.
Multiple APIRateLimits can select the same APIs.
When combined with APISelector, this set of APIs is appended to the matching APIs.
items:
description: APIReference references an API.
properties:
name:
description: Name of the API.
maxLength: 253
type: string
required:
- name
type: object
maxItems: 100
type: array
x-kubernetes-validations:
- message: duplicated apis
rule: self.all(x, self.exists_one(y, x.name == y.name))
everyone:
description: |-
Everyone indicates that all users will, by default, be rate limited with this configuration.
If an APIRateLimit explicitly target a group, the default rate limit will be ignored.
type: boolean
groups:
description: |-
Groups are the consumer groups that will be rate limited.
Multiple APIRateLimits can target the same set of consumer groups, the most restrictive one applies.
When a consumer belongs to multiple groups, the least restrictive APIRateLimit applies.
items:
type: string
type: array
limit:
description: Limit is the maximum number of token in the bucket.
type: integer
x-kubernetes-validations:
- message: must be a positive number
rule: self >= 0
period:
description: Period is the unit of time for the Limit.
format: duration
type: string
x-kubernetes-validations:
- message: must be between 1s and 1h
rule: self >= duration('1s') && self <= duration('1h')
strategy:
description: |-
Strategy defines how the bucket state will be synchronized between the different Traefik Hub instances.
It can be, either "local" or "distributed".
enum:
- local
- distributed
type: string
required:
- limit
type: object
x-kubernetes-validations:
- message: groups and everyone are mutually exclusive
rule: '(has(self.everyone) && has(self.groups)) ? !(self.everyone &&
self.groups.size() > 0) : true'
status:
description: The current status of this APIRateLimit.
properties:
hash:
description: Hash is a hash representing the APIRateLimit.
type: string
syncedAt:
format: date-time
type: string
version:
type: string
type: object
type: object
served: true
storage: true

190
charts/traefik/traefik/crds/hub.traefik.io_apis.yaml Normal file
View File

@ -0,0 +1,190 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
name: apis.hub.traefik.io
spec:
group: hub.traefik.io
names:
kind: API
listKind: APIList
plural: apis
singular: api
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: |-
API defines an HTTP interface that is exposed to external clients. It specifies the supported versions
and provides instructions for accessing its documentation. Once instantiated, an API object is associated
with an Ingress, IngressRoute, or HTTPRoute resource, enabling the exposure of the described API to the outside world.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: APISpec describes the API.
properties:
openApiSpec:
description: OpenAPISpec defines the API contract as an OpenAPI specification.
properties:
operationSets:
description: OperationSets defines the sets of operations to be
referenced for granular filtering in APIAccesses.
items:
description: |-
OperationSet gives a name to a set of matching OpenAPI operations.
This set of operations can then be referenced for granular filtering in APIAccesses.
properties:
matchers:
description: Matchers defines a list of alternative rules
for matching OpenAPI operations.
items:
description: OperationMatcher defines criteria for matching
an OpenAPI operation.
minProperties: 1
properties:
methods:
description: Methods specifies the HTTP methods to
be included for selection.
items:
type: string
maxItems: 10
type: array
path:
description: Path specifies the exact path of the
operations to select.
maxLength: 255
type: string
x-kubernetes-validations:
- message: must start with a '/'
rule: self.startsWith('/')
- message: cannot contains '../'
rule: '!self.matches(r"""(\/\.\.\/)|(\/\.\.$)""")'
pathPrefix:
description: PathPrefix specifies the path prefix
of the operations to select.
maxLength: 255
type: string
x-kubernetes-validations:
- message: must start with a '/'
rule: self.startsWith('/')
- message: cannot contains '../'
rule: '!self.matches(r"""(\/\.\.\/)|(\/\.\.$)""")'
pathRegex:
description: PathRegex specifies a regular expression
pattern for matching operations based on their paths.
type: string
type: object
x-kubernetes-validations:
- message: path, pathPrefix and pathRegex are mutually
exclusive
rule: '[has(self.path), has(self.pathPrefix), has(self.pathRegex)].filter(x,
x).size() <= 1'
maxItems: 100
minItems: 1
type: array
name:
description: Name is the name of the OperationSet to reference
in APIAccesses.
maxLength: 253
type: string
required:
- matchers
- name
type: object
maxItems: 100
type: array
override:
description: Override holds data used to override OpenAPI specification.
properties:
servers:
items:
properties:
url:
type: string
x-kubernetes-validations:
- message: must be a valid URL
rule: isURL(self)
required:
- url
type: object
maxItems: 100
minItems: 1
type: array
required:
- servers
type: object
path:
description: |-
Path specifies the endpoint path within the Kubernetes Service where the OpenAPI specification can be obtained.
The Service queried is determined by the associated Ingress, IngressRoute, or HTTPRoute resource to which the API is attached.
It's important to note that this option is incompatible if the Ingress or IngressRoute specifies multiple backend services.
The Path must be accessible via a GET request method and should serve a YAML or JSON document containing the OpenAPI specification.
maxLength: 255
type: string
x-kubernetes-validations:
- message: must start with a '/'
rule: self.startsWith('/')
- message: cannot contains '../'
rule: '!self.matches(r"""(\/\.\.\/)|(\/\.\.$)""")'
url:
description: |-
URL is a Traefik Hub agent accessible URL for obtaining the OpenAPI specification.
The URL must be accessible via a GET request method and should serve a YAML or JSON document containing the OpenAPI specification.
type: string
x-kubernetes-validations:
- message: must be a valid URL
rule: isURL(self)
type: object
x-kubernetes-validations:
- message: path or url must be defined
rule: has(self.path) || has(self.url)
versions:
description: Versions are the different APIVersions available.
items:
description: APIVersionRef references an APIVersion.
properties:
name:
description: Name of the APIVersion.
maxLength: 253
type: string
required:
- name
type: object
maxItems: 100
minItems: 1
type: array
type: object
status:
description: The current status of this API.
properties:
hash:
description: Hash is a hash representing the API.
type: string
syncedAt:
format: date-time
type: string
version:
type: string
type: object
type: object
served: true
storage: true

194
charts/traefik/traefik/crds/hub.traefik.io_apiversions.yaml Normal file
View File

@ -0,0 +1,194 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
name: apiversions.hub.traefik.io
spec:
group: hub.traefik.io
names:
kind: APIVersion
listKind: APIVersionList
plural: apiversions
singular: apiversion
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .spec.title
name: Title
type: string
- jsonPath: .spec.release
name: Release
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: APIVersion defines a version of an API.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: The desired behavior of this APIVersion.
properties:
openApiSpec:
description: OpenAPISpec defines the API contract as an OpenAPI specification.
properties:
operationSets:
description: OperationSets defines the sets of operations to be
referenced for granular filtering in APIAccesses.
items:
description: |-
OperationSet gives a name to a set of matching OpenAPI operations.
This set of operations can then be referenced for granular filtering in APIAccesses.
properties:
matchers:
description: Matchers defines a list of alternative rules
for matching OpenAPI operations.
items:
description: OperationMatcher defines criteria for matching
an OpenAPI operation.
minProperties: 1
properties:
methods:
description: Methods specifies the HTTP methods to
be included for selection.
items:
type: string
maxItems: 10
type: array
path:
description: Path specifies the exact path of the
operations to select.
maxLength: 255
type: string
x-kubernetes-validations:
- message: must start with a '/'
rule: self.startsWith('/')
- message: cannot contains '../'
rule: '!self.matches(r"""(\/\.\.\/)|(\/\.\.$)""")'
pathPrefix:
description: PathPrefix specifies the path prefix
of the operations to select.
maxLength: 255
type: string
x-kubernetes-validations:
- message: must start with a '/'
rule: self.startsWith('/')
- message: cannot contains '../'
rule: '!self.matches(r"""(\/\.\.\/)|(\/\.\.$)""")'
pathRegex:
description: PathRegex specifies a regular expression
pattern for matching operations based on their paths.
type: string
type: object
x-kubernetes-validations:
- message: path, pathPrefix and pathRegex are mutually
exclusive
rule: '[has(self.path), has(self.pathPrefix), has(self.pathRegex)].filter(x,
x).size() <= 1'
maxItems: 100
minItems: 1
type: array
name:
description: Name is the name of the OperationSet to reference
in APIAccesses.
maxLength: 253
type: string
required:
- matchers
- name
type: object
maxItems: 100
type: array
override:
description: Override holds data used to override OpenAPI specification.
properties:
servers:
items:
properties:
url:
type: string
x-kubernetes-validations:
- message: must be a valid URL
rule: isURL(self)
required:
- url
type: object
maxItems: 100
minItems: 1
type: array
required:
- servers
type: object
path:
description: |-
Path specifies the endpoint path within the Kubernetes Service where the OpenAPI specification can be obtained.
The Service queried is determined by the associated Ingress, IngressRoute, or HTTPRoute resource to which the API is attached.
It's important to note that this option is incompatible if the Ingress or IngressRoute specifies multiple backend services.
The Path must be accessible via a GET request method and should serve a YAML or JSON document containing the OpenAPI specification.
maxLength: 255
type: string
x-kubernetes-validations:
- message: must start with a '/'
rule: self.startsWith('/')
- message: cannot contains '../'
rule: '!self.matches(r"""(\/\.\.\/)|(\/\.\.$)""")'
url:
description: |-
URL is a Traefik Hub agent accessible URL for obtaining the OpenAPI specification.
The URL must be accessible via a GET request method and should serve a YAML or JSON document containing the OpenAPI specification.
type: string
x-kubernetes-validations:
- message: must be a valid URL
rule: isURL(self)
type: object
x-kubernetes-validations:
- message: path or url must be defined
rule: has(self.path) || has(self.url)
release:
description: |-
Release is the version number of the API.
This value must follow the SemVer format: https://semver.org/
maxLength: 100
type: string
x-kubernetes-validations:
- message: must be a valid semver version
rule: self.matches(r"""^v?(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$""")
title:
description: Title is the public facing name of the APIVersion.
type: string
required:
- release
type: object
status:
description: The current status of this APIVersion.
properties:
hash:
description: Hash is a hash representing the APIVersion.
type: string
syncedAt:
format: date-time
type: string
version:
type: string
type: object
type: object
served: true
storage: true
subresources: {}

115
charts/traefik/traefik/crds/hub.traefik.io_edgeingresses.yaml Normal file
View File

@ -0,0 +1,115 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.13.0
name: edgeingresses.hub.traefik.io
spec:
group: hub.traefik.io
names:
kind: EdgeIngress
listKind: EdgeIngressList
plural: edgeingresses
singular: edgeingress
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .spec.service.name
name: Service
type: string
- jsonPath: .spec.service.port
name: Port
type: string
- jsonPath: .spec.acp.name
name: ACP
priority: 1
type: string
- jsonPath: .status.urls
name: URLs
type: string
- jsonPath: .status.connection
name: Connection
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: EdgeIngress defines an edge ingress.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: The desired behavior of this edge ingress.
properties:
acp:
description: EdgeIngressACP configures the ACP to use on the Ingress.
properties:
name:
type: string
required:
- name
type: object
customDomains:
description: CustomDomains are the custom domains for accessing the
exposed service.
items:
type: string
type: array
service:
description: EdgeIngressService configures the service to exposed
on the edge.
properties:
name:
type: string
port:
type: integer
required:
- name
- port
type: object
required:
- service
type: object
status:
description: The current status of this edge ingress.
properties:
connection:
description: Connection is the status of the underlying connection
to the edge.
type: string
customDomains:
description: CustomDomains are the custom domains for accessing the
exposed service.
items:
type: string
type: array
domain:
description: Domain is the Domain for accessing the exposed service.
type: string
specHash:
description: SpecHash is a hash representing the EdgeIngressSpec
type: string
syncedAt:
format: date-time
type: string
urls:
description: URLs is the list of coma separated URL for accessing
the exposed service.
type: string
version:
type: string
type: object
type: object
served: true
storage: true
subresources: {}

17
charts/traefik/traefik/templates/_helpers.tpl
View File

@ -126,6 +126,21 @@ Renders a complete tree, even values that contains template.
{{- end -}}
{{- define "imageVersion" -}}
{{ (split "@" (default $.Chart.AppVersion $.Values.image.tag))._0 }}
{{ (split "@" (default $.Chart.AppVersion $.Values.image.tag))._0 | replace "latest-" "" }}
{{- end -}}
{{/* Generate/load self-signed certificate for admission webhooks */}}
{{- define "traefik-hub.webhook_cert" -}}
{{- $cert := lookup "v1" "Secret" .Release.Namespace "hub-agent-cert" -}}
{{- if $cert -}}
{{/* reusing value of existing cert */}}
Cert: {{ index $cert.data "tls.crt" }}
Key: {{ index $cert.data "tls.key" }}
{{- else -}}
{{/* generate a new one */}}
{{- $altNames := list ( printf "admission.%s.svc" .Release.Namespace ) -}}
{{- $cert := genSelfSignedCert ( printf "admission.%s.svc" .Release.Namespace ) (list) $altNames 3650 -}}
Cert: {{ $cert.Cert | b64enc }}
Key: {{ $cert.Key | b64enc }}
{{- end -}}
{{- end -}}

80
charts/traefik/traefik/templates/_podtemplate.tpl
View File

@ -97,7 +97,7 @@
ports:
{{- $hostNetwork := .Values.hostNetwork }}
{{- range $name, $config := .Values.ports }}
{{- if $config }}
{{- if $config }}
{{- if and $hostNetwork (and $config.hostPort $config.port) }}
{{- if ne ($config.hostPort | int) ($config.port | int) }}
{{- fail "ERROR: All hostPort must match their respective containerPort when `hostNetwork` is enabled" }}
@ -112,15 +112,26 @@
hostIP: {{ $config.hostIP }}
{{- end }}
protocol: {{ default "TCP" $config.protocol | quote }}
{{- if ($config.http3).enabled }}
{{- if ($config.http3).enabled }}
- name: "{{ $name }}-http3"
containerPort: {{ $config.port }}
{{- if $config.hostPort }}
{{- if $config.hostPort }}
hostPort: {{ default $config.hostPort $config.http3.advertisedPort }}
{{- end }}
{{- end }}
protocol: UDP
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.hub.token }}
{{- $listenAddr := default ":9943" .Values.hub.apimanagement.admission.listenAddr }}
- name: admission
containerPort: {{ last (mustRegexSplit ":" $listenAddr 2) }}
protocol: TCP
{{- if .Values.hub.apimanagement.enabled }}
- name: apiportal
containerPort: 9903
protocol: TCP
{{- end }}
{{- end }}
{{- with .Values.securityContext }}
securityContext:
@ -333,7 +344,7 @@
{{- end }}
{{- end }}
{{- with .grpc }}
{{ if .enabled }}
{{- if .enabled }}
- "--metrics.otlp.grpc=true"
{{- with .endpoint }}
- "--metrics.otlp.grpc.endpoint={{ . }}"
@ -396,7 +407,7 @@
{{- end }}
{{- end }}
{{- with .grpc }}
{{ if .enabled }}
{{- if .enabled }}
- "--tracing.otlp.grpc=true"
{{- with .endpoint }}
- "--tracing.otlp.grpc.endpoint={{ . }}"
@ -425,7 +436,6 @@
{{- end }}
{{- end }}
{{- end }}
{{- range $pluginName, $plugin := .Values.experimental.plugins }}
{{- if or (ne (typeOf $plugin) "map[string]interface {}") (not (hasKey $plugin "moduleName")) (not (hasKey $plugin "version")) }}
{{- fail (printf "ERROR: plugin %s is missing moduleName/version keys !" $pluginName) }}
@ -642,7 +652,51 @@
- {{ . | quote }}
{{- end }}
{{- end }}
{{- with .Values.env }}
{{- with .Values.hub }}
{{- if .token }}
- "--hub.token=$(HUB_TOKEN)"
{{- if and (not .apimanagement.enabled) ($.Values.hub.apimanagement.admission.listenAddr) }}
{{- fail "ERROR: Cannot configure admission without enabling hub.apimanagement" }}
{{- end }}
{{- with .apimanagement }}
{{- if .enabled }}
{{- $listenAddr := default ":9943" .admission.listenAddr }}
- "--hub.apimanagement"
- "--hub.apimanagement.admission.listenAddr={{ $listenAddr }}"
{{- with .admission.secretName }}
- "--hub.apimanagement.admission.secretName={{ . }}"
{{- end }}
{{- end }}
{{- end }}
{{- with .platformUrl }}
- "--hub.platformUrl={{ . }}"
{{- end -}}
{{- range $field, $value := .ratelimit.redis }}
{{- if has $field (list "cluster" "database" "endpoints" "username" "password" "timeout") -}}
{{- with $value }}
- "--hub.ratelimit.redis.{{ $field }}={{ $value }}"
{{- end }}
{{- end }}
{{- end }}
{{- range $field, $value := .ratelimit.redis.sentinel }}
{{- if has $field (list "masterset" "password" "username") -}}
{{- with $value }}
- "--hub.ratelimit.redis.sentinel.{{ $field }}={{ $value }}"
{{- end }}
{{- end }}
{{- end }}
{{- range $field, $value := .ratelimit.redis.tls }}
{{- if has $field (list "ca" "cert" "insecureSkipVerify" "key") -}}
{{- with $value }}
- "--hub.ratelimit.redis.tls.{{ $field }}={{ $value }}"
{{- end }}
{{- end }}
{{- end }}
{{- with .sendlogs }}
- "--hub.sendlogs={{ . }}"
{{- end }}
{{- end }}
{{- end }}
env:
{{- if ($.Values.resources.limits).cpu }}
- name: GOMAXPROCS
@ -656,6 +710,14 @@
resourceFieldRef:
resource: limits.memory
{{- end }}
{{- with .Values.hub.token }}
- name: HUB_TOKEN
valueFrom:
secretKeyRef:
name: {{ . }}
key: token
{{- end }}
{{- with .Values.env }}
{{- toYaml . | nindent 10 }}
{{- end }}
{{- with .Values.envFrom }}

6
charts/traefik/traefik/templates/_service.tpl
View File

@ -50,7 +50,7 @@
{{- end }}
{{- define "traefik.service-ports" }}
{{- range $name, $config := .ports }}
{{- range $name, $config := .ports }}
{{- if (index (default dict $config.expose) $.serviceName) }}
{{- $port := default $config.port $config.exposedPort }}
{{- if empty $port }}
@ -78,7 +78,7 @@
{{- if $config.appProtocol }}
appProtocol: {{ $config.appProtocol }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}

253
charts/traefik/traefik/templates/hub-admission-controller.yaml Normal file
View File

@ -0,0 +1,253 @@
{{- if .Values.hub.token -}}
{{- if .Values.hub.apimanagement.enabled }}
{{- $cert := include "traefik-hub.webhook_cert" . | fromYaml }}
---
apiVersion: v1
kind: Secret
type: kubernetes.io/tls
metadata:
name: hub-agent-cert
namespace: {{ template "traefik.namespace" . }}
labels:
{{- include "traefik.labels" . | nindent 4 }}
data:
tls.crt: {{ $cert.Cert }}
tls.key: {{ $cert.Key }}
---
apiVersion: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration
metadata:
name: hub-edge-ingress
namespace: {{ template "traefik.namespace" . }}
labels:
{{- include "traefik.labels" . | nindent 4 }}
webhooks:
- name: admission.traefik.svc
clientConfig:
service:
name: admission
namespace: {{ template "traefik.namespace" . }}
path: /edge-ingress
caBundle: {{ $cert.Cert }}
sideEffects: None
admissionReviewVersions:
- v1
rules:
- operations:
- CREATE
- UPDATE
- DELETE
apiGroups:
- hub.traefik.io
apiVersions:
- v1alpha1
resources:
- edgeingresses
scope: Namespaced
---
apiVersion: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration
metadata:
name: hub-acp
namespace: {{ template "traefik.namespace" . }}
labels:
{{- include "traefik.labels" . | nindent 4 }}
webhooks:
- name: admission.traefik.svc
clientConfig:
service:
name: admission
namespace: {{ template "traefik.namespace" . }}
path: /acp
caBundle: {{ $cert.Cert }}
sideEffects: None
admissionReviewVersions:
- v1
rules:
- operations:
- CREATE
- UPDATE
- DELETE
apiGroups:
- hub.traefik.io
apiVersions:
- v1alpha1
resources:
- accesscontrolpolicies
---
apiVersion: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration
metadata:
name: hub-api
namespace: {{ template "traefik.namespace" . }}
labels:
{{- include "traefik.labels" . | nindent 4 }}
webhooks:
- name: hub-agent.traefik.portal
clientConfig:
service:
name: admission
namespace: {{ template "traefik.namespace" . }}
path: /api-portal
caBundle: {{ $cert.Cert }}
sideEffects: None
admissionReviewVersions:
- v1
rules:
- operations:
- CREATE
- UPDATE
- DELETE
apiGroups:
- hub.traefik.io
apiVersions:
- v1alpha1
resources:
- apiportals
- name: hub-agent.traefik.gateway
clientConfig:
service:
name: admission
namespace: {{ template "traefik.namespace" . }}
path: /api-gateway
caBundle: {{ $cert.Cert }}
sideEffects: None
admissionReviewVersions:
- v1
rules:
- operations:
- CREATE
- UPDATE
- DELETE
apiGroups:
- hub.traefik.io
apiVersions:
- v1alpha1
resources:
- apigateways
- name: hub-agent.traefik.api
clientConfig:
service:
name: admission
namespace: {{ template "traefik.namespace" . }}
path: /api
caBundle: {{ $cert.Cert }}
sideEffects: None
admissionReviewVersions:
- v1
rules:
- operations:
- CREATE
- UPDATE
- DELETE
apiGroups:
- hub.traefik.io
apiVersions:
- v1alpha1
resources:
- apis
- name: hub-agent.traefik.collection
clientConfig:
service:
name: admission
namespace: {{ template "traefik.namespace" . }}
path: /api-collection
caBundle: {{ $cert.Cert }}
sideEffects: None
admissionReviewVersions:
- v1
rules:
- operations:
- CREATE
- UPDATE
- DELETE
apiGroups:
- hub.traefik.io
apiVersions:
- v1alpha1
resources:
- apicollections
- name: hub-agent.traefik.access
clientConfig:
service:
name: admission
namespace: {{ template "traefik.namespace" . }}
path: /api-access
caBundle: {{ $cert.Cert }}
sideEffects: None
admissionReviewVersions:
- v1
rules:
- operations:
- CREATE
- UPDATE
- DELETE
apiGroups:
- hub.traefik.io
apiVersions:
- v1alpha1
resources:
- apiaccesses
- name: hub-agent.traefik.rate-limit
clientConfig:
service:
name: admission
namespace: {{ template "traefik.namespace" . }}
path: /api-rate-limit
caBundle: {{ $cert.Cert }}
sideEffects: None
admissionReviewVersions:
- v1
rules:
- operations:
- CREATE
- UPDATE
- DELETE
apiGroups:
- hub.traefik.io
apiVersions:
- v1alpha1
resources:
- apiratelimits
- name: hub-agent.traefik.version
clientConfig:
service:
name: admission
namespace: {{ template "traefik.namespace" . }}
path: /api-version
caBundle: {{ $cert.Cert }}
sideEffects: None
admissionReviewVersions:
- v1
rules:
- operations:
- CREATE
- UPDATE
- DELETE
apiGroups:
- hub.traefik.io
apiVersions:
- v1alpha1
resources:
- apiversions
---
apiVersion: v1
kind: Service
metadata:
name: admission
namespace: {{ template "traefik.namespace" . }}
labels:
{{- include "traefik.labels" . | nindent 4 }}
spec:
ports:
- name: https
port: 443
targetPort: admission
selector:
{{- include "traefik.labelselector" . | nindent 4 }}
{{- end -}}
{{- end -}}

19
charts/traefik/traefik/templates/hub-apiportal.yaml Normal file
View File

@ -0,0 +1,19 @@
{{- if .Values.hub.apimanagement.enabled }}
---
apiVersion: v1
kind: Service
metadata:
name: apiportal
namespace: {{ template "traefik.namespace" . }}
labels:
{{- include "traefik.labels" . | nindent 4 }}
spec:
ports:
- name: apiportal
port: 9903
protocol: TCP
targetPort: apiportal
selector:
{{- include "traefik.labelselector" . | nindent 4 }}
{{- end -}}

105
charts/traefik/traefik/templates/rbac/clusterrole.yaml
View File

@ -62,11 +62,11 @@ rules:
- ingressrouteudps
- middlewares
- middlewaretcps
- serverstransports
- serverstransporttcps
- tlsoptions
- tlsstores
- traefikservices
- serverstransports
- serverstransporttcps
verbs:
- get
- list
@ -117,3 +117,104 @@ rules:
{{- end -}}
{{- end -}}
{{- end -}}
{{- if .Values.hub.token }}
- apiGroups:
- hub.traefik.io
resources:
- accesscontrolpolicies
- apiaccesses
- apiportals
- apiratelimits
- apis
- apiversions
- edgeingresses
verbs:
- list
- watch
- create
- update
- patch
- delete
- get
- apiGroups:
- ""
resources:
- namespaces
- pods
verbs:
- list
- apiGroups:
- ""
resources:
- services
- endpoints
- namespaces
- pods
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- apiGroups:
- discovery.k8s.io
resources:
- endpointslices
verbs:
- list
- get
- watch
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- secrets
verbs:
- get
- list
- watch
- update
- create
- delete
- apiGroups:
- apps
resources:
- deployments
- statefulsets
- replicasets
- daemonsets
verbs:
- get
- list
- watch
- apiGroups:
- extensions
- networking.k8s.io
resources:
- ingresses
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
{{- end -}}

4
charts/traefik/traefik/templates/requirements.yaml
View File

@ -4,3 +4,7 @@
{{- fail "ERROR: This version of the Chart only supports Traefik Proxy v3" -}}
{{- end }}
{{- end }}
{{- if and .Values.hub.enabled (not (contains "traefik-hub" .Values.image.repository)) }}
{{- fail "ERROR: traefik-hub image is required when enabling Traefik Hub" -}}
{{- end }}

47
charts/traefik/traefik/values.yaml
View File

@ -1009,3 +1009,50 @@ extraObjects: []
#
## -- This will override the default app.kubernetes.io/instance label for all Objects.
# instanceLabelOverride: traefik
# -- Traefik Hub configuration. See https://doc.traefik.io/traefik-hub/
hub:
# Name of Secret with key 'token' set to a valid license token.
# It enables API Gateway.
token:
apimanagement:
# -- Set to true in order to enable API Management. Requires a valid license token.
enabled:
admission:
# -- WebHook admission server listen address. Default: "0.0.0.0:9943".
listenAddr:
# -- Certificate of the WebHook admission server. Default: "hub-agent-cert".
secretName:
ratelimit:
redis:
# -- Enable Redis Cluster. Default: true.
cluster:
# -- Database used to store information. Default: "0".
database:
# -- Endpoints of the Redis instances to connect to. Default: "".
endpoints:
# -- The username to use when connecting to Redis endpoints. Default: "".
username:
# -- The password to use when connecting to Redis endpoints. Default: "".
password:
sentinel:
# -- Name of the set of main nodes to use for main selection. Required when using Sentinel. Default: "".
masterset:
# -- Username to use for sentinel authentication (can be different from endpoint username). Default: "".
username:
# -- Password to use for sentinel authentication (can be different from endpoint password). Default: "".
password:
# -- Timeout applied on connection with redis. Default: "0s".
timeout:
tls:
# -- Path to the certificate authority used for the secured connection.
ca:
# -- Path to the public certificate used for the secure connection.
cert:
# -- Path to the private key used for the secure connection.
key:
# -- When insecureSkipVerify is set to true, the TLS connection accepts any certificate presented by the server. Default: false.
insecureSkipVerify:
# Enable export of errors logs to the platform. Default: true.
sendlogs:

146
index.yaml
View File

@ -11089,6 +11089,28 @@ entries:
- assets/kubecost/cost-analyzer-1.70.000.tgz
version: 1.70.000
crate-operator:
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: CrateDB Operator
catalog.cattle.io/release-name: crate-operator
apiVersion: v2
appVersion: 2.39.0
created: "2024-05-23T00:54:00.94063158Z"
dependencies:
- condition: crate-operator-crds.enabled
name: crate-operator-crds
repository: file://./charts/crate-operator-crds
version: 2.39.0
description: Crate Operator - Helm chart for installing and upgrading Crate Operator.
digest: a285c7d0b648bf0cad8690175d95f86818c799aed9bd647e59f6e89f2ae35fc6
icon: https://raw.githubusercontent.com/crate/crate/master/docs/_static/crate-logo.svg
maintainers:
- name: Crate.io
name: crate-operator
type: application
urls:
- assets/crate/crate-operator-2.39.0.tgz
version: 2.39.0
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: CrateDB Operator
@ -21922,6 +21944,63 @@ entries:
- assets/jaeger/jaeger-operator-2.36.0.tgz
version: 2.36.0
jenkins:
- annotations:
artifacthub.io/category: integration-delivery
artifacthub.io/changes: |
- Update `kubernetes` to version `4231.vb_a_6b_8936497d`
artifacthub.io/images: |
- name: jenkins
image: docker.io/jenkins/jenkins:2.452.1-jdk17
- name: k8s-sidecar
image: docker.io/kiwigrid/k8s-sidecar:1.27.2
- name: inbound-agent
image: jenkins/inbound-agent:3248.v65ecb_254c298-1
artifacthub.io/license: Apache-2.0
artifacthub.io/links: |
- name: Chart Source
url: https://github.com/jenkinsci/helm-charts/tree/main/charts/jenkins
- name: Jenkins
url: https://www.jenkins.io/
- name: support
url: https://github.com/jenkinsci/helm-charts/issues
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Jenkins
catalog.cattle.io/kube-version: '>=1.14-0'
catalog.cattle.io/release-name: jenkins
apiVersion: v2
appVersion: 2.452.1
created: "2024-05-23T00:54:01.907952806Z"
description: 'Jenkins - Build great things at any scale! As the leading open source
automation server, Jenkins provides over 1800 plugins to support building, deploying
and automating any project. '
digest: 88e734c56cefed48b147530c1236f3727953e5425126cce9fa1d84a5c2e62cd6
home: https://www.jenkins.io/
icon: https://get.jenkins.io/art/jenkins-logo/logo.svg
keywords:
- jenkins
- ci
- devops
maintainers:
- email: maor.friedman@redhat.com
name: maorfr
- email: mail@torstenwalter.de
name: torstenwalter
- email: garridomota@gmail.com
name: mogaal
- email: wmcdona89@gmail.com
name: wmcdona89
- email: timjacomb1@gmail.com
name: timja
name: jenkins
sources:
- https://github.com/jenkinsci/jenkins
- https://github.com/jenkinsci/docker-inbound-agent
- https://github.com/maorfr/kube-tasks
- https://github.com/jenkinsci/configuration-as-code-plugin
type: application
urls:
- assets/jenkins/jenkins-5.1.21.tgz
version: 5.1.21
- annotations:
artifacthub.io/category: integration-delivery
artifacthub.io/changes: |
@ -46276,6 +46355,37 @@ entries:
- assets/shipa/shipa-1.4.0.tgz
version: 1.4.0
speedscale-operator:
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Speedscale Operator
catalog.cattle.io/kube-version: '>= 1.17.0-0'
catalog.cattle.io/release-name: speedscale-operator
apiVersion: v1
appVersion: 2.1.398
created: "2024-05-23T00:54:05.855410555Z"
description: Stress test your APIs with real world scenarios. Collect and replay
traffic without scripting.
digest: 8a435cce8b520faeeac6fd3a29489de16f041a64f6a024724f8670c2c5e0d655
home: https://speedscale.com
icon: https://raw.githubusercontent.com/speedscale/assets/main/logo/gold_logo_only.png
keywords:
- speedscale
- test
- testing
- regression
- reliability
- load
- replay
- network
- traffic
kubeVersion: '>= 1.17.0-0'
maintainers:
- email: support@speedscale.com
name: Speedscale Support
name: speedscale-operator
urls:
- assets/speedscale/speedscale-operator-2.1.398.tgz
version: 2.1.398
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Speedscale Operator
@ -51443,6 +51553,42 @@ entries:
- assets/intel/tcs-issuer-0.1.0.tgz
version: 0.1.0
traefik:
- annotations:
artifacthub.io/changes: "- \"fix(Traefik Hub): do not deploy mutating webhook
when enabling only API Gateway\"\n- \"feat(Traefik Hub): use Traefik Proxy
otlp config\"\n- \"chore: \U0001F527 update Traefik Hub CRD to v1.3.3\"\n"
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Traefik Proxy
catalog.cattle.io/kube-version: '>=1.22.0-0'
catalog.cattle.io/release-name: traefik
apiVersion: v2
appVersion: v3.0.0
created: "2024-05-23T00:54:06.222540016Z"
description: A Traefik based Kubernetes ingress controller
digest: adbbec8918f8582a3dc984d25a0c35af8683693b401fd2a3572cae5f74063fa4
home: https://traefik.io/
icon: https://raw.githubusercontent.com/traefik/traefik/v2.3/docs/content/assets/img/traefik.logo.png
keywords:
- traefik
- ingress
- networking
kubeVersion: '>=1.22.0-0'
maintainers:
- email: michel.loiseleur@traefik.io
name: mloiseleur
- email: charlie.haley@traefik.io
name: charlie-haley
- email: remi.buisson@traefik.io
name: darkweaver87
- name: jnoordsij
name: traefik
sources:
- https://github.com/traefik/traefik
- https://github.com/traefik/traefik-helm-chart
type: application
urls:
- assets/traefik/traefik-28.1.0.tgz
version: 28.1.0
- annotations:
artifacthub.io/changes: "- \"style: \U0001F3A8 consistent capitalization on
`--entryPoints` CLI flag\"\n- \"fix: \U0001F41B only expose http3 port on