andata
/
rancher-partner-charts
mirror of https://git.rancher.io/partner-charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Charts CI 

```
Updated:
  aquarist-labs/s3gw:
    - 0.16.0
  argo/argo-cd:
    - 5.33.1
  bitnami/mariadb:
    - 12.2.3
  bitnami/wordpress:
    - 16.1.2
  btp/chronicle:
    - 0.1.13
  gitlab/gitlab:
    - 6.11.3
  gluu/gluu:
    - 5.0.17
  haproxy/haproxy:
    - 1.30.5
  kong/kong:
    - 2.20.2
  nutanix/nutanix-csi-snapshot:
    - 6.2.1
  nutanix/nutanix-csi-storage:
    - 2.6.3
  pixie/pixie-operator-chart:
    - 0.1.0
  yugabyte/yugabyte:
    - 2.16.4
  yugabyte/yugaware:
    - 2.16.4
```
pull/756/head
github-actions[bot] 2023-05-12 13:19:04 +00:00
parent d9257e8824
commit c0fe64868e
152 changed files with 2268 additions and 767 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
assets/aquarist-labs/s3gw-0.16.0.tgz Normal file
View File

Binary file not shown.

BIN
assets/argo/argo-cd-5.33.1.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/mariadb-12.2.3.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/wordpress-16.1.2.tgz Normal file
View File

Binary file not shown.

BIN
assets/btp/chronicle-0.1.13.tgz Normal file
View File

Binary file not shown.

BIN
assets/gitlab/gitlab-6.11.3.tgz Normal file
View File

Binary file not shown.

BIN
assets/gluu/gluu-5.0.17.tgz Normal file
View File

Binary file not shown.

BIN
assets/haproxy/haproxy-1.30.5.tgz Normal file
View File

Binary file not shown.

BIN
assets/kong/kong-2.20.2.tgz Normal file
View File

Binary file not shown.

BIN
assets/nutanix/nutanix-csi-snapshot-6.2.1.tgz Normal file
View File

Binary file not shown.

BIN
assets/nutanix/nutanix-csi-storage-2.6.3.tgz Normal file
View File

Binary file not shown.

BIN
assets/pixie/pixie-operator-chart-0.1.1.tgz
View File

Binary file not shown.

BIN
assets/yugabyte/yugabyte-2.16.4.tgz Normal file
View File

Binary file not shown.

BIN
assets/yugabyte/yugaware-2.16.4.tgz Normal file
View File

Binary file not shown.

2
charts/aquarist-labs/s3gw/Chart.yaml
View File

@ -32,4 +32,4 @@ sources:
- https://github.com/aquarist-labs/s3gw
- https://github.com/aquarist-labs/ceph
type: application
version: 0.15.0
version: 0.16.0

94
charts/aquarist-labs/s3gw/questions.yaml
View File

@ -73,7 +73,7 @@ questions:
- variable: defaultUserCredentialsSecret
show_if: useExistingSecret=true
default: s3gw-creds
default: ""
description: |
"The name of the secret containing the
S3 credentials for the default user"
@ -335,3 +335,95 @@ questions:
required: false
type: string
group: "Advanced"
# Container Object Storage Interface (COSI)
- variable: cosi.enabled
default: false
type: boolean
description: "Deploy Container Object Storage Interface (COSI) for s3gw"
required: true
group: "COSI"
show_subquestion_if: true
subquestions:
- variable: cosi.driver.imageName
default: ""
description: "Image name for the COSI Driver"
label: "COSI Driver Image (e.g. s3gw-cosi-driver)"
required: false
type: string
group: "COSI"
- variable: cosi.driver.imageTag
default: ""
description: "Image tag for the COSI Driver"
label: "COSI Driver Tag"
required: false
type: string
group: "COSI"
- variable: cosi.driver.imageRegistry
default: ""
description: "Image registry for the COSI Driver"
label: "COSI Driver Registry (e.g. quay.io/s3gw)"
required: false
type: string
group: "COSI"
- variable: cosi.driver.imagePullPolicy
default: "IfNotPresent"
description: "Pull policy for the COSI Driver"
label: "Pull policy for the COSI Driver"
required: false
type: string
group: "COSI"
- variable: cosi.driver.name
default: ""
description: "Name of the COSI Driver"
label: "Name of the COSI Driver"
required: false
type: string
group: "COSI"
- variable: cosi.sidecar.imageName
default:
description: "Image name for the COSI Sidecar"
label: "COSI Sidecar Image (e.g. s3gw-cosi-sidecar)"
required: false
type: string
group: "COSI"
- variable: cosi.sidecar.imageTag
default:
description: "Image tag for the COSI Sidecar"
label: "COSI Sidecar Tag"
required: false
type: string
group: "COSI"
- variable: cosi.sidecar.imageRegistry
default:
description: "Image registry for the COSI Sidecar"
label: "COSI Sidecar Registry (e.g. quay.io/s3gw)"
required: false
type: string
group: "COSI"
- variable: cosi.sidecar.imagePullPolicy
default:
description: "Pull policy for the COSI Sidecar"
label: "Pull policy for the COSI Sidecar"
required: false
type: string
group: "COSI"
- variable: cosi.sidecar.logLevel
default: "5"
description: |
"Log verbosity of the COSI Sidecar,
higher values are more verbose."
label: "Log verbosity of the COSI Sidecar"
required: false
type: string
group: "COSI"

10
charts/aquarist-labs/s3gw/templates/NOTES.txt
View File

@ -2,11 +2,11 @@ Thank you for installing {{ .Chart.Name }} {{ printf "v%s" .Chart.Version }}
The S3 endpoint is available at:
{{ printf "%s.%s" .Values.serviceName .Values.publicDomain | indent 4 }}
{{ printf "%s.%s" (include "s3gw.serviceName" .) .Values.publicDomain | indent 4 }}
{{ if .Values.ui.enabled}}
and the web interface is available at:
{{ printf "%s.%s" .Values.ui.serviceName .Values.ui.publicDomain | indent 4 }}
{{ printf "%s.%s" (include "s3gw.uiServiceName" .) .Values.ui.publicDomain | indent 4 }}
{{- end }}
{{ if and (not .Values.useExistingSecret) (empty .Values.accessKey) }}
An access key has been generated: {{ include "s3gw.defaultAccessKey" . | quote }}
@ -14,3 +14,9 @@ An access key has been generated: {{ include "s3gw.defaultAccessKey" . | quote }
{{- if and (not .Values.useExistingSecret) (empty .Values.secretKey) }}
A secret key has been generated: {{ include "s3gw.defaultSecretKey" . | quote }}
{{ end }}
{{- if .Values.cosi.enabled }}
Name of the COSI driver:
{{ printf "%s" (include "s3gw-cosi.driverName" .) | indent 4 }}
{{ end }}

119
charts/aquarist-labs/s3gw/templates/_helpers.tpl
View File

@ -57,6 +57,11 @@ app.kubernetes.io/component: gateway
app.kubernetes.io/component: ui
{{- end }}
{{- define "s3gw-cosi.selectorLabels" -}}
{{ include "s3gw.commonSelectorLabels" . }}
app.kubernetes.io/component: cosi
{{- end }}
{{/*
Create the name of the service account to use
*/}}
@ -110,3 +115,117 @@ Default Access Credentials
{{- $key := default (randAlphaNum 32) .Values.secretKey }}
{{- printf "%s" $key }}
{{- end }}
{{/*
Backend service name
*/}}
{{- define "s3gw.serviceName" -}}
{{- $dsn := printf "%s-%s" .Release.Name .Release.Namespace }}
{{- $name := default $dsn .Values.serviceName }}
{{- $name }}
{{- end }}
{{/*
Frontend service name
*/}}
{{- define "s3gw.uiServiceName" -}}
{{- $dsn := printf "%s-%s-ui" .Release.Name .Release.Namespace }}
{{- $name := default $dsn .Values.ui.serviceName }}
{{- $name }}
{{- end }}
{{/*
User credentials secret for S3 backend service
*/}}
{{- define "s3gw.defaultUserCredentialsSecret" -}}
{{- $dsn := printf "%s-%s-creds" .Release.Name .Release.Namespace }}
{{- $name := default $dsn .Values.defaultUserCredentialsSecret }}
{{- $name }}
{{- end }}
{{/*
Config map name
*/}}
{{- define "s3gw.configMap" -}}
{{- $dcmn := printf "%s-%s-config" .Release.Name .Release.Namespace }}
{{- $name := $dcmn }}
{{- $name }}
{{- end }}
{{/*
Traefik Middleware CORS name
*/}}
{{- define "s3gw.CORSMiddlewareName" -}}
{{- $dmcn := printf "%s-%s-cors-header" .Release.Name .Release.Namespace }}
{{- $name := $dmcn }}
{{- $name }}
{{- end }}
{{/*
Version helpers for the cosi-driver image tag
*/}}
{{- define "s3gw-cosi.driverImage" -}}
{{- $defaulttag := printf "v%s" .Chart.Version }}
{{- $tag := default $defaulttag .Values.cosi.driver.imageTag }}
{{- $name := default "s3gw-cosi-driver" .Values.cosi.driver.imageName }}
{{- $registry := default "quay.io/s3gw" .Values.cosi.driver.imageRegistry }}
{{- printf "%s/%s:%s" $registry $name $tag }}
{{- end }}
{{/*
Version helpers for the cosi-sidecar image tag
*/}}
{{- define "s3gw-cosi.sidecarImage" -}}
{{- $defaulttag := printf "v%s" .Chart.Version }}
{{- $tag := default $defaulttag .Values.cosi.sidecar.imageTag }}
{{- $name := default "s3gw-cosi-sidecar" .Values.cosi.sidecar.imageName }}
{{- $registry := default "quay.io/s3gw" .Values.cosi.sidecar.imageRegistry }}
{{- printf "%s/%s:%s" $registry $name $tag }}
{{- end }}
{{/*
COSI driver name
*/}}
{{- define "s3gw-cosi.driverName" -}}
{{- $sn := .Release.Name }}
{{- $ns := .Release.Namespace }}
{{- $defaultname := printf "%s.%s.objectstorage.k8s.io" $sn $ns }}
{{- $name := default $defaultname .Values.cosi.driver.name }}
{{- printf "%s" $name }}
{{- end }}
{{/*
COSI service account name
*/}}
{{- define "s3gw-cosi.ServiceAccountName" -}}
{{- $dcsan := printf "%s-%s-objectstorage-provisioner-sa" .Release.Name .Release.Namespace }}
{{- $name := $dcsan }}
{{- $name }}
{{- end }}
{{/*
COSI driver secret name
*/}}
{{- define "s3gw-cosi.driverSecretName" -}}
{{- $ddsn := printf "%s-%s-objectstorage-provisioner" .Release.Name .Release.Namespace }}
{{- $name := $ddsn }}
{{- $name }}
{{- end }}
{{/*
COSI cluster role name
*/}}
{{- define "s3gw-cosi.ClusterRoleName" -}}
{{- $dcrn := printf "%s-%s-objectstorage-provisioner-role" .Release.Name .Release.Namespace }}
{{- $name := $dcrn }}
{{- $name }}
{{- end }}
{{/*
COSI cluster role binding name
*/}}
{{- define "s3gw-cosi.ClusterRoleBindingName" -}}
{{- $dcrn := printf "%s-%s-objectstorage-provisioner-role-binding" .Release.Name .Release.Namespace }}
{{- $name := $dcrn }}
{{- $name }}
{{- end }}

18
charts/aquarist-labs/s3gw/templates/certificate.yaml
View File

@ -4,35 +4,35 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: s3gw-ca-cert
name: {{ .Release.Name }}-{{ .Release.Namespace }}-ca-cert
namespace: {{ .Values.certManagerNamespace }}
labels:
{{ include "s3gw.labels" . | indent 4}}
spec:
commonName: s3gw-ca
commonName: {{ .Release.Name }}-{{ .Release.Namespace }}-ca
isCA: true
issuerRef:
kind: ClusterIssuer
name: s3gw-self-signed-issuer
name: {{ .Release.Name }}-{{ .Release.Namespace }}-self-signed-issuer
privateKey:
algorithm: ECDSA
size: 256
secretName: s3gw-ca-root
secretName: {{ .Release.Name }}-{{ .Release.Namespace }}-ca-root
---
# s3gw internal service certificate (private domain)
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: s3gw-cluster-ip-cert
name: {{ .Release.Name }}-{{ .Release.Namespace }}-cluster-ip-cert
namespace: {{ .Release.Namespace }}
labels:
{{ include "s3gw.labels" . | indent 4}}
spec:
dnsNames:
- '{{ .Values.serviceName }}.{{ .Release.Namespace }}.{{ .Values.privateDomain }}'
- '*.{{ .Values.serviceName }}.{{ .Release.Namespace }}.{{ .Values.privateDomain }}'
- '{{ include "s3gw.serviceName" . }}.{{ .Release.Namespace }}.{{ .Values.privateDomain }}'
- '*.{{ include "s3gw.serviceName" . }}.{{ .Release.Namespace }}.{{ .Values.privateDomain }}'
issuerRef:
kind: ClusterIssuer
name: s3gw-issuer
secretName: s3gw-cluster-ip-tls
name: {{ .Release.Name }}-{{ .Release.Namespace }}-issuer
secretName: {{ .Release.Name }}-{{ .Release.Namespace }}-cluster-ip-tls
{{- end }}

6
charts/aquarist-labs/s3gw/templates/configmap.yaml
View File

@ -2,15 +2,15 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: s3gw-config
name: {{ include "s3gw.configMap" . }}
namespace: {{ .Release.Namespace }}
labels:
{{ include "s3gw.labels" . | indent 4}}
data:
{{- if .Values.ui.enabled }}
{{- if or .Values.useCertManager .Values.tls.publicDomain.crt }}
RGW_SERVICE_URL: 'https://{{ .Values.serviceName }}.{{ .Values.publicDomain }}'
RGW_SERVICE_URL: 'https://{{ include "s3gw.serviceName" . }}.{{ .Values.publicDomain }}'
{{- else}}
RGW_SERVICE_URL: 'http://{{ .Values.serviceName }}.{{ .Values.publicDomain }}'
RGW_SERVICE_URL: 'http://{{ include "s3gw.serviceName" . }}.{{ .Values.publicDomain }}'
{{- end }}
{{- end }}

52
charts/aquarist-labs/s3gw/templates/cosi-driver-deployment.yaml Normal file
View File

@ -0,0 +1,52 @@
{{- if .Values.cosi.enabled }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Release.Name }}-objectstorage-provisioner
labels:
{{ include "s3gw.labels" . | indent 4}}
namespace: {{ .Release.Namespace }}
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
{{ include "s3gw-cosi.selectorLabels" . | indent 6 }}
template:
metadata:
labels:
{{ include "s3gw-cosi.selectorLabels" . | indent 8 }}
spec:
serviceAccountName: {{ include "s3gw-cosi.ServiceAccountName" . }}
volumes:
- name: socket
emptyDir: {}
containers:
- name: {{ .Release.Name }}-cosi-driver
image: {{ include "s3gw-cosi.driverImage" . | quote }}
imagePullPolicy: {{ default "IfNotPresent" .Values.cosi.driver.imagePullPolicy }}
envFrom:
- secretRef:
name: {{ include "s3gw-cosi.driverSecretName" . }}
volumeMounts:
- mountPath: /var/lib/cosi
name: socket
- name: {{ .Release.Name }}-cosi-sidecar
image: {{ include "s3gw-cosi.sidecarImage" . | quote }}
imagePullPolicy: {{ default "IfNotPresent" .Values.cosi.sidecar.imagePullPolicy }}
args:
- {{ printf "--v=%s" (default "5" .Values.cosi.sidecar.logLevel) }}
envFrom:
- secretRef:
name: {{ include "s3gw-cosi.driverSecretName" . }}
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
volumeMounts:
- mountPath: /var/lib/cosi
name: socket
{{- end }}

16
charts/aquarist-labs/s3gw/templates/cosi-driver-secret.yaml Normal file
View File

@ -0,0 +1,16 @@
{{- if .Values.cosi.enabled }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "s3gw-cosi.driverSecretName" . }}
labels:
{{ include "s3gw.labels" . | indent 4 }}
namespace: {{ .Release.Namespace }}
type: Opaque
stringData:
DRIVERNAME: {{ include "s3gw-cosi.driverName" . }}
ENDPOINT: {{ include "s3gw.serviceName" . }}.{{ .Release.Namespace }}.{{ .Values.privateDomain }}
ACCESSKEY: {{ .Values.accessKey }}
SECRETKEY: {{ .Values.secretKey }}
{{- end }}

60
charts/aquarist-labs/s3gw/templates/cosi-rbac.yaml Normal file
View File

@ -0,0 +1,60 @@
{{- if .Values.cosi.enabled }}
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: {{ include "s3gw-cosi.ClusterRoleName" . }}
labels:
{{ include "s3gw.labels" . | indent 4 }}
rules:
- apiGroups: ["objectstorage.k8s.io"]
resources:
- "buckets"
- "bucketaccesses"
- "bucketclaims"
- "bucketaccessclasses"
- "buckets/status"
- "bucketaccesses/status"
- "bucketclaims/status"
- "bucketaccessclasses/status"
verbs:
- "get"
- "list"
- "watch"
- "update"
- "create"
- "delete"
- apiGroups: ["coordination.k8s.io"]
resources: ["leases"]
verbs:
- "get"
- "watch"
- "list"
- "delete"
- "update"
- "create"
- apiGroups: [""]
resources:
- "secrets"
- "events"
verbs:
- "get"
- "delete"
- "update"
- "create"
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: {{ include "s3gw-cosi.ClusterRoleBindingName" . }}
labels:
{{ include "s3gw.labels" . | indent 4 }}
subjects:
- kind: ServiceAccount
name: {{ include "s3gw-cosi.ServiceAccountName" . }}
namespace: {{ .Release.Namespace }}
roleRef:
kind: ClusterRole
name: {{ include "s3gw-cosi.ClusterRoleName" . }}
apiGroup: rbac.authorization.k8s.io
{{- end }}

10
charts/aquarist-labs/s3gw/templates/cosi-sa.yaml Normal file
View File

@ -0,0 +1,10 @@
{{- if .Values.cosi.enabled }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "s3gw-cosi.ServiceAccountName" . }}
namespace: {{ .Release.Namespace }}
labels:
{{ include "s3gw.labels" . | indent 4 }}
{{- end }}

24
charts/aquarist-labs/s3gw/templates/deployment.yaml
View File

@ -2,7 +2,7 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Chart.Name }}
name: {{ .Release.Name }}
namespace: {{ .Release.Namespace }}
labels:
{{ include "s3gw.labels" . | indent 4 }}
@ -20,19 +20,19 @@ spec:
spec:
{{- if .Values.imageCredentials }}
imagePullSecrets:
- name: {{ .Chart.Name }}-image-pull-secret
- name: {{ .Release.Name }}-image-pull-secret
{{- end }}
containers:
- name: {{ .Chart.Name }}
- name: {{ .Release.Name }}
image: {{ include "s3gw.image" . | quote }}
imagePullPolicy: {{ default "IfNotPresent" .Values.imagePullPolicy }}
args:
- "--rgw-dns-name"
{{- if .Values.ingress.enabled }}
- {{ .Values.serviceName }}.{{ .Values.publicDomain }},
{{ .Values.serviceName }}.{{ .Release.Namespace }}.{{ .Values.privateDomain }}
- {{ include "s3gw.serviceName" . }}.{{ .Values.publicDomain }},
{{ include "s3gw.serviceName" . }}.{{ .Release.Namespace }}.{{ .Values.privateDomain }}
{{- else}}
- {{ .Values.serviceName }}.{{ .Release.Namespace }}.{{ .Values.privateDomain }}
- {{ include "s3gw.serviceName" . }}.{{ .Release.Namespace }}.{{ .Values.privateDomain }}
{{- end }}
- "--rgw-backend-store"
- sfs
@ -70,7 +70,7 @@ spec:
{{ end }}
envFrom:
- secretRef:
name: {{ .Values.defaultUserCredentialsSecret }}
name: {{ include "s3gw.defaultUserCredentialsSecret" . }}
volumeMounts:
- name: s3gw-lh-store
mountPath: /data
@ -82,14 +82,14 @@ spec:
claimName: {{ .Release.Name }}-pvc
- name: s3gw-cluster-ip-tls
secret:
secretName: s3gw-cluster-ip-tls
secretName: {{ .Release.Name }}-{{ .Release.Namespace }}-cluster-ip-tls
optional: false
{{- if .Values.ui.enabled }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: '{{ .Chart.Name }}-ui'
name: '{{ .Release.Name }}-ui'
namespace: {{ .Release.Namespace }}
labels:
{{ include "s3gw.labels" . | indent 4 }}
@ -106,7 +106,7 @@ spec:
spec:
{{- if .Values.imageCredentials }}
imagePullSecrets:
- name: {{ .Chart.Name }}-image-pull-secret
- name: {{ .Release.Name }}-image-pull-secret
{{- end }}
containers:
- name: s3gw-ui
@ -116,7 +116,7 @@ spec:
- containerPort: 8080
envFrom:
- configMapRef:
name: s3gw-config
name: {{ include "s3gw.configMap" . }}
- secretRef:
name: {{ .Values.defaultUserCredentialsSecret }}
name: {{ include "s3gw.defaultUserCredentialsSecret" . }}
{{- end }}

48
charts/aquarist-labs/s3gw/templates/ingress-traefik.yaml
View File

@ -4,40 +4,40 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: '{{ .Chart.Name }}'
name: '{{ .Release.Name }}'
namespace: {{ .Release.Namespace }}
labels:
{{ include "s3gw.labels" . | indent 4 }}
annotations:
traefik.ingress.kubernetes.io/router.tls: "true"
traefik.ingress.kubernetes.io/router.middlewares:
'{{ .Release.Namespace }}-cors-header@kubernetescrd'
'{{ .Release.Namespace }}-{{ include "s3gw.CORSMiddlewareName" . }}@kubernetescrd'
cert-manager.io/cluster-issuer: {{ default .Values.tlsIssuer .Values.customTlsIssuer | quote }}
spec:
tls:
- hosts:
- '{{ .Values.serviceName }}.{{ .Values.publicDomain }}'
- '*.{{ .Values.serviceName }}.{{ .Values.publicDomain }}'
- '{{ include "s3gw.serviceName" . }}.{{ .Values.publicDomain }}'
- '*.{{ include "s3gw.serviceName" . }}.{{ .Values.publicDomain }}'
secretName: s3gw-ingress-tls
rules:
- host: '{{ .Values.serviceName }}.{{ .Values.publicDomain }}'
- host: '{{ include "s3gw.serviceName" . }}.{{ .Values.publicDomain }}'
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: '{{ .Values.serviceName }}'
name: '{{ include "s3gw.serviceName" . }}'
port:
number: 80
- host: '*.{{ .Values.serviceName }}.{{ .Values.publicDomain }}'
- host: '*.{{ include "s3gw.serviceName" . }}.{{ .Values.publicDomain }}'
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: '{{ .Values.serviceName }}'
name: '{{ include "s3gw.serviceName" . }}'
port:
number: 80
---
@ -45,33 +45,33 @@ spec:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: '{{ .Chart.Name }}-no-tls'
name: '{{ .Release.Name }}-no-tls'
namespace: {{ .Release.Namespace }}
labels:
{{ include "s3gw.labels" . | indent 4 }}
annotations:
traefik.ingress.kubernetes.io/router.middlewares:
'{{ .Release.Namespace }}-cors-header@kubernetescrd'
'{{ .Release.Namespace }}-{{ include "s3gw.CORSMiddlewareName" . }}@kubernetescrd'
spec:
rules:
- host: '{{ .Values.serviceName }}.{{ .Values.publicDomain }}'
- host: '{{ include "s3gw.serviceName" . }}.{{ .Values.publicDomain }}'
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: '{{ .Values.serviceName }}'
name: '{{ include "s3gw.serviceName" . }}'
port:
number: 80
- host: '*.{{ .Values.serviceName }}.{{ .Values.publicDomain }}'
- host: '*.{{ include "s3gw.serviceName" . }}.{{ .Values.publicDomain }}'
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: '{{ .Values.serviceName }}'
name: '{{ include "s3gw.serviceName" . }}'
port:
number: 80
{{- if .Values.ui.enabled }}
@ -80,29 +80,29 @@ spec:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: '{{ .Chart.Name }}-ui'
name: '{{ .Release.Name }}-ui'
namespace: {{ .Release.Namespace }}
labels:
{{ include "s3gw.labels" . | indent 4 }}
annotations:
traefik.ingress.kubernetes.io/router.tls: "true"
traefik.ingress.kubernetes.io/router.middlewares:
'{{ .Release.Namespace }}-cors-header@kubernetescrd'
'{{ .Release.Namespace }}-{{ include "s3gw.CORSMiddlewareName" . }}@kubernetescrd'
cert-manager.io/cluster-issuer: {{ default .Values.tlsIssuer .Values.customTlsIssuer | quote }}
spec:
tls:
- hosts:
- '{{ .Values.ui.serviceName }}.{{ .Values.ui.publicDomain }}'
- '{{ include "s3gw.uiServiceName" . }}.{{ .Values.ui.publicDomain }}'
secretName: s3gw-ui-ingress-tls
rules:
- host: '{{ .Values.ui.serviceName }}.{{ .Values.ui.publicDomain }}'
- host: '{{ include "s3gw.uiServiceName" . }}.{{ .Values.ui.publicDomain }}'
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: '{{ .Values.ui.serviceName }}'
name: '{{ include "s3gw.uiServiceName" . }}'
port:
number: 80
---
@ -110,23 +110,23 @@ spec:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: '{{ .Chart.Name }}-ui-no-tls'
name: '{{ .Release.Name }}-ui-no-tls'
namespace: {{ .Release.Namespace }}
labels:
{{ include "s3gw.labels" . | indent 4 }}
annotations:
traefik.ingress.kubernetes.io/router.middlewares:
'{{ .Release.Namespace }}-cors-header@kubernetescrd'
'{{ .Release.Namespace }}-{{ include "s3gw.CORSMiddlewareName" . }}@kubernetescrd'
spec:
rules:
- host: '{{ .Values.ui.serviceName }}.{{ .Values.ui.publicDomain }}'
- host: '{{ include "s3gw.uiServiceName" . }}.{{ .Values.ui.publicDomain }}'
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: '{{ .Values.ui.serviceName }}'
name: '{{ include "s3gw.uiServiceName" . }}'
port:
number: 80
{{- end }}
@ -135,7 +135,7 @@ spec:
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: cors-header
name: {{ include "s3gw.CORSMiddlewareName" . }}
namespace: {{ .Release.Namespace }}
labels:
{{ include "s3gw.labels" . | indent 4 }}

4
charts/aquarist-labs/s3gw/templates/secret.yaml
View File

@ -3,7 +3,7 @@
apiVersion: v1
kind: Secret
metadata:
name: '{{ .Values.defaultUserCredentialsSecret }}'
name: {{ include "s3gw.defaultUserCredentialsSecret" . }}
namespace: {{ .Release.Namespace }}
labels:
{{ include "s3gw.labels" . | indent 4 }}
@ -17,7 +17,7 @@ stringData:
apiVersion: v1
kind: Secret
metadata:
name: '{{ .Chart.Name }}-image-pull-secret'
name: '{{ .Release.Name }}-image-pull-secret'
namespace: {{ .Release.Namespace }}
labels:
{{ include "s3gw.labels" . | indent 4 }}

4
charts/aquarist-labs/s3gw/templates/service.yaml
View File

@ -2,7 +2,7 @@
apiVersion: v1
kind: Service
metadata:
name: '{{ .Values.serviceName }}'
name: '{{ include "s3gw.serviceName" . }}'
namespace: {{ .Release.Namespace }}
labels:
{{ include "s3gw.labels" . | indent 4 }}
@ -23,7 +23,7 @@ spec:
apiVersion: v1
kind: Service
metadata:
name: '{{ .Values.ui.serviceName }}'
name: '{{ include "s3gw.uiServiceName" . }}'
namespace: {{ .Release.Namespace }}
labels:
{{ include "s3gw.labels" . | indent 4 }}

1
charts/aquarist-labs/s3gw/templates/storage.yaml
View File

@ -19,7 +19,6 @@ apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: {{ .Values.storageClass.name }}
namespace: {{ .Release.Namespace }}
labels:
{{ include "s3gw.labels" . | indent 4 }}
volumeBindingMode: Immediate

4
charts/aquarist-labs/s3gw/templates/tests/smoke-bucket-create.yaml
View File

@ -2,7 +2,7 @@
apiVersion: batch/v1
kind: Job
metadata:
name: 'smoke-{{ .Chart.Name }}-bucket-create'
name: 'smoke-{{ .Release.Name }}-bucket-create'
namespace: '{{ .Release.Namespace }}'
annotations:
helm.sh/hook: test
@ -27,6 +27,6 @@ spec:
value: {{ .Values.secretKey | quote }}
- name: S3_HOSTNAME
value:
'{{ .Values.serviceName }}.{{ .Release.Namespace }}.{{ .Values.privateDomain }}'
'{{ include "s3gw.serviceName" . }}.{{ .Release.Namespace }}.{{ .Values.privateDomain }}'
restartPolicy: Never
backoffLimit: 3

10
charts/aquarist-labs/s3gw/templates/tls-issuer.yaml
View File

@ -4,7 +4,7 @@
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: s3gw-self-signed-issuer
name: {{ .Release.Name }}-{{ .Release.Namespace }}-self-signed-issuer
labels:
{{ include "s3gw.labels" . | indent 4}}
spec:
@ -14,18 +14,18 @@ spec:
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: s3gw-issuer
name: {{ .Release.Name }}-{{ .Release.Namespace }}-issuer
labels:
{{ include "s3gw.labels" . | indent 4}}
spec:
ca:
secretName: s3gw-ca-root
secretName: {{ .Release.Name }}-{{ .Release.Namespace }}-ca-root
---
# Let's encrypt production issuer
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: s3gw-letsencrypt-issuer
name: {{ .Release.Name }}-{{ .Release.Namespace }}-letsencrypt-issuer
labels:
{{ include "s3gw.labels" . | indent 4}}
spec:
@ -33,7 +33,7 @@ spec:
email: {{ .Values.email }}
preferredChain: ""
privateKeySecretRef:
name: s3gw-letsencrypt
name: {{ .Release.Name }}-{{ .Release.Namespace }}-letsencrypt
server: https://acme-v02.api.letsencrypt.org/directory
solvers:
- http01:

6
charts/aquarist-labs/s3gw/templates/tls-secret.yaml
View File

@ -3,7 +3,7 @@
apiVersion: v1
kind: Secret
metadata:
name: s3gw-ingress-tls
name: {{ .Release.Name }}-{{ .Release.Namespace }}-ingress-tls
namespace: {{ .Release.Namespace }}
labels:
{{ include "s3gw.labels" . | indent 4 }}
@ -17,7 +17,7 @@ data:
apiVersion: v1
kind: Secret
metadata:
name: s3gw-cluster-ip-tls
name: {{ .Release.Name }}-{{ .Release.Namespace }}-cluster-ip-tls
namespace: {{ .Release.Namespace }}
labels:
{{ include "s3gw.labels" . | indent 4 }}
@ -32,7 +32,7 @@ data:
apiVersion: v1
kind: Secret
metadata:
name: s3gw-ui-ingress-tls
name: {{ .Release.Name }}-{{ .Release.Namespace }}-ui-ingress-tls
namespace: {{ .Release.Namespace }}
labels:
{{ include "s3gw.labels" . | indent 4 }}

94
charts/aquarist-labs/s3gw/values.yaml
View File

@ -45,7 +45,7 @@ ui:
# 'enabled' will deploy the S3GW user interface if set to `true`.
enabled: true
# 'serviceName' is the service name of the S3GW user interface.
serviceName: "s3gw-ui"
serviceName: ""
# 'publicDomain' is the public domain of the UI Service used by the Ingress.
publicDomain: ""
@ -56,13 +56,13 @@ ui:
# S3 Service
#
# 'serviceName' is the service name of S3GW.
serviceName: "s3gw"
serviceName: ""
# 'useExistingSecret' use an existing secret containing the S3 credentials
# for the default user
useExistingSecret: false
# 'defaultUserCredentialsSecret' the name of the secret containing
# the S3 Access Key and the S3 Secret Key for the default user.
defaultUserCredentialsSecret: "s3gw-creds"
defaultUserCredentialsSecret: ""
# 'accessKey' is the S3 Access Key; the value is used when
# `useExistingSecret: false`.
# Set this as the empty string to make the Chart to compute a random
@ -82,10 +82,15 @@ privateDomain: "svc.cluster.local"
# Backing storage.
# Name the storage class to use. If create is true, an opinionated storage class
# will be created. This assumes the Longhorn storage driver is installed.
#
# By specifying storageClass.name = "" and storageClass.create = false the chart
# uses the cluster's default storage class.
# This is the chart's default behavior.
#
storageSize: 10Gi
storageClass:
name: "longhorn-single"
create: true
name:
create: false
# For testing only:
# local: false
# localPath: /var/lib/local-storage
@ -146,3 +151,82 @@ rgwCustomArgs: []
# - ENV_3
#
rgwCustomEnvs: []
# --- Container Object Storage Interface (COSI) configuration ---
#
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# WARNING: Be advised that COSI standard is currently in **alpha** state.
# The COSI implementation provided by s3gw is considered an experimental feature
# and changes to the COSI standard are expected in this phase.
# The s3gw team does not control the upstream development of COSI.
#
# Additional information on COSI can be found here:
# - https://github.com/kubernetes-sigs/container-object-storage-interface-spec
# - https://github.com/kubernetes/enhancements/blob/master/keps/sig-storage/1979-object-storage-support/README.md
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
#
# If you are going to use COSI, ensure some resources are pre-deployed on the cluster:
#
# 1) COSI CRDs
#
# To deploy COSI CRDs, run:
# $ kubectl create -k github.com/kubernetes-sigs/container-object-storage-interface-api
#
# 2) COSI Controller
#
# To deploy COSI Controller, run:
# $ kubectl create -k github.com/kubernetes-sigs/container-object-storage-interface-controller
#
# COSI support is disabled by default in s3gw.
# To enable it, set cosi.enabled: true.
#
# Normally, you don't need to change the chart's defaults for the COSI related fields.
# However, the following fields can be customized:
#
# - cosi.driver.imageName: it specifies a custom image name for the COSI driver.
# Default: s3gw-cosi-driver
#
# - cosi.driver.imageTag: it specifies a custom image tag for the COSI driver.
# Default: the current chart version.
#
# - cosi.driver.imageRegistry: it specifies a custom image registry for the COSI driver.
# Default: quay.io/s3gw
#
# - cosi.driver.imagePullPolicy: it specifies the pull policy for the COSI driver.
# Default: IfNotPresent
#
# - cosi.driver.name: it specifies the name of the COSI driver.
# Default: {Release.Name}.{Release.Namespace}.objectstorage.k8s.io
#
# - cosi.sidecar.imageName: it specifies a custom image name for the COSI sidecar.
# Default: s3gw-cosi-sidecar
#
# - cosi.sidecar.imageTag: it specifies a custom image tag for the COSI sidecar.
# Default: the current chart version.
#
# - cosi.sidecar.imageRegistry: it specifies a custom image registry for the COSI sidecar.
# Default: quay.io/s3gw
#
# - cosi.sidecar.imagePullPolicy: it specifies the pull policy for the COSI sidecar.
# Default: IfNotPresent
#
# - cosi.sidecar.logLevel: it specifies the log verbosity of the COSI sidecar.
# Higher values are more verbose.
# Default: 5
#
cosi:
enabled: false
driver:
imageName:
imageTag:
imageRegistry:
imagePullPolicy:
name:
sidecar:
imageName:
imageTag:
imageRegistry:
imagePullPolicy:
logLevel: "5"

4
charts/argo/argo-cd/Chart.yaml
View File

@ -1,7 +1,7 @@
annotations:
artifacthub.io/changes: |
- kind: added
description: Introduce chart signing
description: Ability to add additional labels to all CRDs via .Values.crds.additionalLabels
artifacthub.io/signKey: |
fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
url: https://argoproj.github.io/argo-helm/pgp_keys.asc
@ -32,4 +32,4 @@ name: argo-cd
sources:
- https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd
- https://github.com/argoproj/argo-cd
version: 5.32.2
version: 5.33.1

12
charts/argo/argo-cd/README.md
View File

@ -379,6 +379,7 @@ NAME: my-release
| apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart |
| apiVersionOverrides.certmanager | string | `""` | String to override apiVersion of cert-manager resources rendered by this helm chart |
| apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart |
| crds.additionalLabels | object | `{}` | Addtional labels to be added to all CRDs |
| crds.annotations | object | `{}` | Annotations to be added to all CRDs |
| crds.install | bool | `true` | Install and upgrade CRDs |
| crds.keep | bool | `true` | Keep CRDs on chart uninstall |
@ -394,6 +395,7 @@ NAME: my-release
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| global.addPrometheusAnnotations | bool | `false` | Add Prometheus scrape annotations to all metrics services. This can be used as an alternative to the ServiceMonitors. |
| global.additionalLabels | object | `{}` | Common labels for the all resources |
| global.affinity.nodeAffinity.matchExpressions | list | `[]` | Default match expressions for node affinity |
| global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `none`, `soft` or `hard` |
@ -513,9 +515,11 @@ NAME: my-release
| controller.metrics.rules.selector | object | `{}` | PrometheusRule selector |
| controller.metrics.rules.spec | list | `[]` | PrometheusRule.Spec for the application controller |
| controller.metrics.service.annotations | object | `{}` | Metrics service annotations |
| controller.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) |
| controller.metrics.service.labels | object | `{}` | Metrics service labels |
| controller.metrics.service.portName | string | `"http-metrics"` | Metrics service port name |
| controller.metrics.service.servicePort | int | `8082` | Metrics service port |
| controller.metrics.service.type | string | `"ClusterIP"` | Metrics service type |
| controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels |
| controller.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations |
| controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor |
@ -597,9 +601,11 @@ NAME: my-release
| repoServer.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
| repoServer.metrics.enabled | bool | `false` | Deploy metrics service |
| repoServer.metrics.service.annotations | object | `{}` | Metrics service annotations |
| repoServer.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) |
| repoServer.metrics.service.labels | object | `{}` | Metrics service labels |
| repoServer.metrics.service.portName | string | `"http-metrics"` | Metrics service port name |
| repoServer.metrics.service.servicePort | int | `8084` | Metrics service port |
| repoServer.metrics.service.type | string | `"ClusterIP"` | Metrics service type |
| repoServer.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels |
| repoServer.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations |
| repoServer.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor |
@ -731,9 +737,11 @@ NAME: my-release
| server.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
| server.metrics.enabled | bool | `false` | Deploy metrics service |
| server.metrics.service.annotations | object | `{}` | Metrics service annotations |
| server.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) |
| server.metrics.service.labels | object | `{}` | Metrics service labels |
| server.metrics.service.portName | string | `"http-metrics"` | Metrics service port name |
| server.metrics.service.servicePort | int | `8083` | Metrics service port |
| server.metrics.service.type | string | `"ClusterIP"` | Metrics service type |
| server.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels |
| server.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations |
| server.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor |
@ -1044,9 +1052,11 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| applicationSet.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
| applicationSet.metrics.enabled | bool | `false` | Deploy metrics service |
| applicationSet.metrics.service.annotations | object | `{}` | Metrics service annotations |
| applicationSet.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) |
| applicationSet.metrics.service.labels | object | `{}` | Metrics service labels |
| applicationSet.metrics.service.portName | string | `"http-metrics"` | Metrics service port name |
| applicationSet.metrics.service.servicePort | int | `8085` | Metrics service port |
| applicationSet.metrics.service.type | string | `"ClusterIP"` | Metrics service type |
| applicationSet.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels |
| applicationSet.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations |
| applicationSet.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor |
@ -1128,8 +1138,10 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| notifications.metrics.enabled | bool | `false` | Enables prometheus metrics server |
| notifications.metrics.port | int | `9001` | Metrics port |
| notifications.metrics.service.annotations | object | `{}` | Metrics service annotations |
| notifications.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) |
| notifications.metrics.service.labels | object | `{}` | Metrics service labels |
| notifications.metrics.service.portName | string | `"http-metrics"` | Metrics service port name |
| notifications.metrics.service.type | string | `"ClusterIP"` | Metrics service type |
| notifications.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels |
| notifications.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations |
| notifications.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor |

12
charts/argo/argo-cd/templates/argocd-application-controller/metrics.yaml
View File

@ -9,13 +9,21 @@ metadata:
{{- with .Values.controller.metrics.service.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.controller.metrics.service.annotations }}
{{- if or .Values.controller.metrics.service.annotations .Values.global.addPrometheusAnnotations }}
annotations:
{{- range $key, $value := . }}
{{- if .Values.global.addPrometheusAnnotations }}
prometheus.io/port: {{ .Values.controller.metrics.service.servicePort | quote }}
prometheus.io/scrape: "true"
{{- end }}
{{- range $key, $value := .Values.controller.metrics.service.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
spec:
type: {{ .Values.controller.metrics.service.type }}
{{- if and .Values.controller.metrics.service.clusterIP (eq .Values.controller.metrics.service.type "ClusterIP") }}
clusterIP: {{ .Values.controller.metrics.service.clusterIP }}
{{- end }}
ports:
- name: {{ .Values.controller.metrics.service.portName }}
protocol: TCP

12
charts/argo/argo-cd/templates/argocd-applicationset/metrics.yaml
View File

@ -9,13 +9,21 @@ metadata:
{{- with .Values.applicationSet.metrics.service.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.applicationSet.metrics.service.annotations }}
{{- if or .Values.applicationSet.metrics.service.annotations .Values.global.addPrometheusAnnotations }}
annotations:
{{- range $key, $value := . }}
{{- if .Values.global.addPrometheusAnnotations }}
prometheus.io/port: {{ .Values.applicationSet.metrics.service.servicePort | quote }}
prometheus.io/scrape: "true"
{{- end }}
{{- range $key, $value := .Values.applicationSet.metrics.service.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
spec:
type: {{ .Values.applicationSet.metrics.service.type }}
{{- if and .Values.applicationSet.metrics.service.clusterIP (eq .Values.applicationSet.metrics.service.type "ClusterIP") }}
clusterIP: {{ .Values.applicationSet.metrics.service.clusterIP }}
{{- end }}
ports:
- name: {{ .Values.applicationSet.metrics.service.portName }}
protocol: TCP

12
charts/argo/argo-cd/templates/argocd-notifications/metrics.yaml
View File

@ -9,13 +9,21 @@ metadata:
{{- with .Values.notifications.metrics.service.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.notifications.metrics.service.annotations }}
{{- if or .Values.notifications.metrics.service.annotations .Values.global.addPrometheusAnnotations }}
annotations:
{{- range $key, $value := . }}
{{- if .Values.global.addPrometheusAnnotations }}
prometheus.io/port: {{ .Values.notifications.metrics.port | quote }}
prometheus.io/scrape: "true"
{{- end }}
{{- range $key, $value := .Values.notifications.metrics.service.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
spec:
type: {{ .Values.notifications.metrics.service.type }}
{{- if and .Values.notifications.metrics.service.clusterIP (eq .Values.notifications.metrics.service.type "ClusterIP") }}
clusterIP: {{ .Values.notifications.metrics.service.clusterIP }}
{{- end }}
selector:
{{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.notifications.name) | nindent 6 }}
ports:

12
charts/argo/argo-cd/templates/argocd-repo-server/metrics.yaml
View File

@ -9,13 +9,21 @@ metadata:
{{- with .Values.repoServer.metrics.service.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.repoServer.metrics.service.annotations }}
{{- if or .Values.repoServer.metrics.service.annotations .Values.global.addPrometheusAnnotations }}
annotations:
{{- range $key, $value := . }}
{{- if .Values.global.addPrometheusAnnotations }}
prometheus.io/port: {{ .Values.repoServer.metrics.service.servicePort | quote }}
prometheus.io/scrape: "true"
{{- end }}
{{- range $key, $value := .Values.repoServer.metrics.service.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
spec:
type: {{ .Values.repoServer.metrics.service.type }}
{{- if and .Values.repoServer.metrics.service.clusterIP (eq .Values.repoServer.metrics.service.type "ClusterIP") }}
clusterIP: {{ .Values.repoServer.metrics.service.clusterIP }}
{{- end }}
ports:
- name: {{ .Values.repoServer.metrics.service.portName }}
protocol: TCP

12
charts/argo/argo-cd/templates/argocd-server/metrics.yaml
View File

@ -9,13 +9,21 @@ metadata:
{{- with .Values.server.metrics.service.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.server.metrics.service.annotations }}
{{- if or .Values.server.metrics.service.annotations .Values.global.addPrometheusAnnotations }}
annotations:
{{- range $key, $value := . }}
{{- if .Values.global.addPrometheusAnnotations }}
prometheus.io/port: {{ .Values.server.metrics.service.servicePort | quote }}
prometheus.io/scrape: "true"
{{- end }}
{{- range $key, $value := .Values.server.metrics.service.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
spec:
type: {{ .Values.server.metrics.service.type }}
{{- if and .Values.server.metrics.service.clusterIP (eq .Values.server.metrics.service.type "ClusterIP") }}
clusterIP: {{ .Values.server.metrics.service.clusterIP }}
{{- end }}
ports:
- name: {{ .Values.server.metrics.service.portName }}
protocol: TCP

3
charts/argo/argo-cd/templates/crds/crd-application.yaml
View File

@ -12,6 +12,9 @@ metadata:
labels:
app.kubernetes.io/name: applications.argoproj.io
app.kubernetes.io/part-of: argocd
{{- with .Values.crds.additionalLabels }}
{{- toYaml . | nindent 4}}
{{- end }}
name: applications.argoproj.io
spec:
group: argoproj.io

3
charts/argo/argo-cd/templates/crds/crd-applicationset.yaml
View File

@ -12,6 +12,9 @@ metadata:
labels:
app.kubernetes.io/name: applicationsets.argoproj.io
app.kubernetes.io/part-of: argocd
{{- with .Values.crds.additionalLabels }}
{{- toYaml . | nindent 4}}
{{- end }}
name: applicationsets.argoproj.io
spec:
group: argoproj.io

3
charts/argo/argo-cd/templates/crds/crd-extension.yaml
View File

@ -13,6 +13,9 @@ metadata:
labels:
app.kubernetes.io/name: argocdextensions.argoproj.io
app.kubernetes.io/part-of: argocd
{{- with .Values.crds.additionalLabels }}
{{- toYaml . | nindent 4}}
{{- end }}
name: argocdextensions.argoproj.io
spec:
group: argoproj.io

3
charts/argo/argo-cd/templates/crds/crd-project.yaml
View File

@ -12,6 +12,9 @@ metadata:
labels:
app.kubernetes.io/name: appprojects.argoproj.io
app.kubernetes.io/part-of: argocd
{{- with .Values.crds.additionalLabels }}
{{- toYaml . | nindent 4}}
{{- end }}
name: appprojects.argoproj.io
spec:
group: argoproj.io

12
charts/argo/argo-cd/templates/redis/metrics.yaml
View File

@ -10,16 +10,20 @@ metadata:
{{- with .Values.redis.metrics.service.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.redis.metrics.service.annotations }}
{{- if or .Values.redis.metrics.service.annotations .Values.global.addPrometheusAnnotations }}
annotations:
{{- range $key, $value := . }}
{{- if .Values.global.addPrometheusAnnotations }}
prometheus.io/port: {{ .Values.redis.metrics.service.servicePort | quote }}
prometheus.io/scrape: "true"
{{- end }}
{{- range $key, $value := .Values.redis.metrics.service.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
spec:
type: {{ .Values.redis.metrics.service.type }}
{{- with .Values.redis.metrics.service.clusterIP }}
clusterIP: {{ . }}
{{- if and .Values.redis.metrics.service.clusterIP (eq .Values.redis.metrics.service.type "ClusterIP") }}
clusterIP: {{ .Values.redis.metrics.service.clusterIP }}
{{- end }}
ports:
- name: {{ .Values.redis.metrics.service.portName }}

25
charts/argo/argo-cd/values.yaml
View File

@ -38,6 +38,8 @@ crds:
keep: true
# -- Annotations to be added to all CRDs
annotations: {}
# -- Addtional labels to be added to all CRDs
additionalLabels: {}
## Globally shared configuration
global:
@ -79,6 +81,9 @@ global:
# -- Labels for the all deployed pods
podLabels: {}
# -- Add Prometheus scrape annotations to all metrics services. This can be used as an alternative to the ServiceMonitors.
addPrometheusAnnotations: false
# -- Toggle and define pod-level security context.
# @default -- `{}` (See [values.yaml])
securityContext: {}
@ -762,6 +767,10 @@ controller:
# -- Additional labels
labels: []
service:
# -- Metrics service type
type: ClusterIP
# -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP)
clusterIP: ""
# -- Metrics service annotations
annotations: {}
# -- Metrics service labels
@ -1773,6 +1782,10 @@ server:
# -- Deploy metrics service
enabled: false
service:
# -- Metrics service type
type: ClusterIP
# -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP)
clusterIP: ""
# -- Metrics service annotations
annotations: {}
# -- Metrics service labels
@ -2241,6 +2254,10 @@ repoServer:
# -- Deploy metrics service
enabled: false
service:
# -- Metrics service type
type: ClusterIP
# -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP)
clusterIP: ""
# -- Metrics service annotations
annotations: {}
# -- Metrics service labels
@ -2394,6 +2411,10 @@ applicationSet:
# -- Deploy metrics service
enabled: false
service:
# -- Metrics service type
type: ClusterIP
# -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP)
clusterIP: ""
# -- Metrics service annotations
annotations: {}
# -- Metrics service labels
@ -2715,6 +2736,10 @@ notifications:
# -- Metrics port
port: 9001
service:
# -- Metrics service type
type: ClusterIP
# -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP)
clusterIP: ""
# -- Metrics service annotations
annotations: {}
# -- Metrics service labels

12
charts/bitnami/mariadb/Chart.yaml
View File

@ -6,7 +6,7 @@ annotations:
category: Database
licenses: Apache-2.0
apiVersion: v2
appVersion: 10.11.2
appVersion: 10.11.3
dependencies:
- name: common
repository: file://./charts/common
@ -16,7 +16,7 @@ dependencies:
description: MariaDB is an open source, community-developed SQL database server that
is widely in use around the world due to its enterprise features, flexibility, and
collaboration with leading tech firms.
home: https://github.com/bitnami/charts/tree/main/bitnami/mariadb
home: https://bitnami.com
icon: https://mariadb.com/wp-content/uploads/2019/11/mariadb-logo-vert_black-transparent.png
keywords:
- mariadb
@ -25,11 +25,9 @@ keywords:
- sql
- prometheus
maintainers:
- name: Bitnami
- name: VMware, Inc.
url: https://github.com/bitnami/charts
name: mariadb
sources:
- https://github.com/bitnami/containers/tree/main/bitnami/mariadb
- https://github.com/prometheus/mysqld_exporter
- https://mariadb.org
version: 12.1.6
- https://github.com/bitnami/charts/tree/main/bitnami/mariadb
version: 12.2.3

44
charts/bitnami/mariadb/README.md
View File

@ -80,28 +80,28 @@ The command removes all the Kubernetes components associated with the chart and
### MariaDB common parameters
| Name | Description | Value |
| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------- |
| `image.registry` | MariaDB image registry | `docker.io` |
| `image.repository` | MariaDB image repository | `bitnami/mariadb` |
| `image.tag` | MariaDB image tag (immutable tags are recommended) | `10.11.2-debian-11-r24` |
| `image.digest` | MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | MariaDB image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
| `image.debug` | Specify if debug logs should be enabled | `false` |
| `architecture` | MariaDB architecture (`standalone` or `replication`) | `standalone` |
| `auth.rootPassword` | Password for the `root` user. Ignored if existing secret is provided. | `""` |
| `auth.database` | Name for a custom database to create | `my_database` |
| `auth.username` | Name for a custom user to create | `""` |
| `auth.password` | Password for the new user. Ignored if existing secret is provided | `""` |
| `auth.replicationUser` | MariaDB replication user | `replicator` |
| `auth.replicationPassword` | MariaDB replication user password. Ignored if existing secret is provided | `""` |
| `auth.existingSecret` | Use existing secret for password details (`auth.rootPassword`, `auth.password`, `auth.replicationPassword` will be ignored and picked up from this secret). The secret has to contain the keys `mariadb-root-password`, `mariadb-replication-password` and `mariadb-password` | `""` |
| `auth.forcePassword` | Force users to specify required passwords | `false` |
| `auth.usePasswordFiles` | Mount credentials as files instead of using environment variables | `false` |
| `auth.customPasswordFiles` | Use custom password files when `auth.usePasswordFiles` is set to `true`. Define path for keys `root` and `user`, also define `replicator` if `architecture` is set to `replication` | `{}` |
| `initdbScripts` | Dictionary of initdb scripts | `{}` |
| `initdbScriptsConfigMap` | ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) | `""` |
| Name | Description | Value |
| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- |
| `image.registry` | MariaDB image registry | `docker.io` |
| `image.repository` | MariaDB image repository | `bitnami/mariadb` |
| `image.tag` | MariaDB image tag (immutable tags are recommended) | `10.11.3-debian-11-r1` |
| `image.digest` | MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | MariaDB image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
| `image.debug` | Specify if debug logs should be enabled | `false` |
| `architecture` | MariaDB architecture (`standalone` or `replication`) | `standalone` |
| `auth.rootPassword` | Password for the `root` user. Ignored if existing secret is provided. | `""` |
| `auth.database` | Name for a custom database to create | `my_database` |
| `auth.username` | Name for a custom user to create | `""` |
| `auth.password` | Password for the new user. Ignored if existing secret is provided | `""` |
| `auth.replicationUser` | MariaDB replication user | `replicator` |
| `auth.replicationPassword` | MariaDB replication user password. Ignored if existing secret is provided | `""` |
| `auth.existingSecret` | Use existing secret for password details (`auth.rootPassword`, `auth.password`, `auth.replicationPassword` will be ignored and picked up from this secret). The secret has to contain the keys `mariadb-root-password`, `mariadb-replication-password` and `mariadb-password` | `""` |
| `auth.forcePassword` | Force users to specify required passwords | `false` |
| `auth.usePasswordFiles` | Mount credentials as files instead of using environment variables | `false` |
| `auth.customPasswordFiles` | Use custom password files when `auth.usePasswordFiles` is set to `true`. Define path for keys `root` and `user`, also define `replicator` if `architecture` is set to `replication` | `{}` |
| `initdbScripts` | Dictionary of initdb scripts | `{}` |
| `initdbScriptsConfigMap` | ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) | `""` |
### MariaDB Primary parameters

22
charts/bitnami/mariadb/templates/secrets.yaml
View File

@ -1,11 +1,13 @@
{{- $host := include "mariadb.primary.fullname" . }}
{{- $port := print .Values.primary.service.ports.mysql }}
{{- $rootPassword := include "common.secrets.passwords.manage" (dict "secret" (include "mariadb.secretName" .) "key" "mariadb-root-password" "providedValues" (list "auth.rootPassword") "context" $) | trimAll "\"" | b64dec }}
{{- $rootPassword := include "common.secrets.passwords.manage" ( dict "secret" ( include "mariadb.secretName" . ) "key" "mariadb-root-password" "providedValues" ( list "auth.rootPassword" ) "context" $ ) | trimAll "\"" | b64dec }}
{{- $password := .Values.auth.password }}
{{- if eq (include "mariadb.secret.existPassword" .) "true" }}
{{- $password := include "common.secrets.passwords.manage" (dict "secret" (include "mariadb.secretName" .) "key" "mariadb-password" "providedValues" (list "auth.password") "context" $) | trimAll "\"" | b64dec }}
{{- if and .Values.auth.username ( include "mariadb.secret.existPassword" . ) }}
{{- $password = include "common.secrets.passwords.manage" ( dict "secret" ( include "mariadb.secretName" . ) "key" "mariadb-password" "providedValues" ( list "auth.password" ) "context" $ ) | trimAll "\"" | b64dec }}
{{- else if ( and .Values.auth.username ( not .Values.auth.forcePassword ) ( empty .Values.auth.password ) ) }}
{{- $password = randAlphaNum 10 }}
{{- end }}
{{- if eq (include "mariadb.createSecret" .) "true" }}
{{- if eq ( include "mariadb.createSecret" . ) "true" }}
apiVersion: v1
kind: Secret
metadata:
@ -20,21 +22,21 @@ metadata:
{{- end }}
type: Opaque
data:
{{- if (not .Values.auth.forcePassword) }}
{{- if ( not .Values.auth.forcePassword ) }}
mariadb-root-password: {{ print $rootPassword | b64enc | quote }}
{{- else }}
mariadb-root-password: {{ required "A MariaDB Root Password is required!" .Values.auth.rootPassword | b64enc | quote }}
{{- end }}
{{- if (not (empty .Values.auth.username)) }}
{{- if (not .Values.auth.forcePassword) }}
{{- if .Values.auth.username }}
{{- if ( not .Values.auth.forcePassword ) }}
mariadb-password: {{ print $password | b64enc | quote }}
{{- else }}
mariadb-password: {{ required "A MariaDB Database Password is required!" $password | b64enc | quote }}
{{- end }}
{{- end }}
{{- if eq .Values.architecture "replication" }}
{{- if (not .Values.auth.forcePassword) }}
mariadb-replication-password: {{ include "common.secrets.passwords.manage" (dict "secret" (include "common.names.fullname" .) "key" "mariadb-replication-password" "providedValues" (list "auth.replicationPassword") "context" $) }}
{{- if ( not .Values.auth.forcePassword ) }}
mariadb-replication-password: {{ include "common.secrets.passwords.manage" ( dict "secret" ( include "common.names.fullname" . ) "key" "mariadb-replication-password" "providedValues" ( list "auth.replicationPassword" ) "context" $ ) }}
{{- else }}
mariadb-replication-password: {{ required "A MariaDB Replication Password is required!" .Values.auth.replicationPassword | b64enc | quote }}
{{- end }}
@ -90,7 +92,7 @@ data:
{{- if $database }}
database: {{ print $database | b64enc | quote }}
{{- end }}
{{- if and (.Values.auth.forcePassword) (empty $password) }}
{{- if and .Values.auth.forcePassword ( empty $password ) }}
password: {{ required "A MariaDB Database Password is required!" $password | b64enc | quote }}
{{- else }}
password: {{ print $password | b64enc | quote }}

2
charts/bitnami/mariadb/values.yaml
View File

@ -87,7 +87,7 @@ serviceBindings:
image:
registry: docker.io
repository: bitnami/mariadb
tag: 10.11.2-debian-11-r24
tag: 10.11.3-debian-11-r1
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'

6
charts/bitnami/wordpress/Chart.lock
View File

@ -4,9 +4,9 @@ dependencies:
version: 6.4.2
- name: mariadb
repository: oci://registry-1.docker.io/bitnamicharts
version: 12.1.6
version: 12.2.2
- name: common
repository: oci://registry-1.docker.io/bitnamicharts
version: 2.2.5
digest: sha256:6f26de206c1d79372b48cd8fb1e39b5edcd7ad599393ad1e5e72aab2342f4568
generated: "2023-05-09T17:09:06.092220201Z"
digest: sha256:033438c997c901df94e343f56eab63fe55c9c2c71e0c04d9a95e2d27d60eb417
generated: "2023-05-11T19:30:55.4078027Z"

2
charts/bitnami/wordpress/Chart.yaml
View File

@ -40,4 +40,4 @@ maintainers:
name: wordpress
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/wordpress
version: 16.1.1
version: 16.1.2

4
charts/bitnami/wordpress/README.md
View File

@ -80,7 +80,7 @@ The command removes all the Kubernetes components associated with the chart and
| ------------------- | --------------------------------------------------------------------------------------------------------- | --------------------- |
| `image.registry` | WordPress image registry | `docker.io` |
| `image.repository` | WordPress image repository | `bitnami/wordpress` |
| `image.tag` | WordPress image tag (immutable tags are recommended) | `6.2.0-debian-11-r21` |
| `image.tag` | WordPress image tag (immutable tags are recommended) | `6.2.0-debian-11-r22` |
| `image.digest` | WordPress image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | WordPress image pull policy | `IfNotPresent` |
| `image.pullSecrets` | WordPress image pull secrets | `[]` |
@ -246,7 +246,7 @@ The command removes all the Kubernetes components associated with the chart and
| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` |
| `volumePermissions.image.registry` | Bitnami Shell image registry | `docker.io` |
| `volumePermissions.image.repository` | Bitnami Shell image repository | `bitnami/bitnami-shell` |
| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r114` |
| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r115` |
| `volumePermissions.image.digest` | Bitnami Shell image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `volumePermissions.image.pullPolicy` | Bitnami Shell image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Bitnami Shell image pull secrets | `[]` |

12
charts/bitnami/wordpress/charts/mariadb/Chart.yaml
View File

@ -2,7 +2,7 @@ annotations:
category: Database
licenses: Apache-2.0
apiVersion: v2
appVersion: 10.11.2
appVersion: 10.11.3
dependencies:
- name: common
repository: oci://registry-1.docker.io/bitnamicharts
@ -12,7 +12,7 @@ dependencies:
description: MariaDB is an open source, community-developed SQL database server that
is widely in use around the world due to its enterprise features, flexibility, and
collaboration with leading tech firms.
home: https://github.com/bitnami/charts/tree/main/bitnami/mariadb
home: https://bitnami.com
icon: https://bitnami.com/assets/stacks/mariadb/img/mariadb-stack-220x234.png
keywords:
- mariadb
@ -21,11 +21,9 @@ keywords:
- sql
- prometheus
maintainers:
- name: Bitnami
- name: VMware, Inc.
url: https://github.com/bitnami/charts
name: mariadb
sources:
- https://github.com/bitnami/containers/tree/main/bitnami/mariadb
- https://github.com/prometheus/mysqld_exporter
- https://mariadb.org
version: 12.1.6
- https://github.com/bitnami/charts/tree/main/bitnami/mariadb
version: 12.2.2

46
charts/bitnami/wordpress/charts/mariadb/README.md
View File

@ -8,6 +8,8 @@ MariaDB is an open source, community-developed SQL database server that is widel
Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.
Looking to use MariaDB in production? Try [VMware Application Catalog](https://bitnami.com/enterprise), the enterprise edition of Bitnami Application Catalog.
## TL;DR
```console
@ -80,28 +82,28 @@ The command removes all the Kubernetes components associated with the chart and
### MariaDB common parameters
| Name | Description | Value |
| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------- |
| `image.registry` | MariaDB image registry | `docker.io` |
| `image.repository` | MariaDB image repository | `bitnami/mariadb` |
| `image.tag` | MariaDB image tag (immutable tags are recommended) | `10.11.2-debian-11-r24` |
| `image.digest` | MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | MariaDB image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
| `image.debug` | Specify if debug logs should be enabled | `false` |
| `architecture` | MariaDB architecture (`standalone` or `replication`) | `standalone` |
| `auth.rootPassword` | Password for the `root` user. Ignored if existing secret is provided. | `""` |
| `auth.database` | Name for a custom database to create | `my_database` |
| `auth.username` | Name for a custom user to create | `""` |
| `auth.password` | Password for the new user. Ignored if existing secret is provided | `""` |
| `auth.replicationUser` | MariaDB replication user | `replicator` |
| `auth.replicationPassword` | MariaDB replication user password. Ignored if existing secret is provided | `""` |
| `auth.existingSecret` | Use existing secret for password details (`auth.rootPassword`, `auth.password`, `auth.replicationPassword` will be ignored and picked up from this secret). The secret has to contain the keys `mariadb-root-password`, `mariadb-replication-password` and `mariadb-password` | `""` |
| `auth.forcePassword` | Force users to specify required passwords | `false` |
| `auth.usePasswordFiles` | Mount credentials as files instead of using environment variables | `false` |
| `auth.customPasswordFiles` | Use custom password files when `auth.usePasswordFiles` is set to `true`. Define path for keys `root` and `user`, also define `replicator` if `architecture` is set to `replication` | `{}` |
| `initdbScripts` | Dictionary of initdb scripts | `{}` |
| `initdbScriptsConfigMap` | ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) | `""` |
| Name | Description | Value |
| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- |
| `image.registry` | MariaDB image registry | `docker.io` |
| `image.repository` | MariaDB image repository | `bitnami/mariadb` |
| `image.tag` | MariaDB image tag (immutable tags are recommended) | `10.11.3-debian-11-r0` |
| `image.digest` | MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | MariaDB image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
| `image.debug` | Specify if debug logs should be enabled | `false` |
| `architecture` | MariaDB architecture (`standalone` or `replication`) | `standalone` |
| `auth.rootPassword` | Password for the `root` user. Ignored if existing secret is provided. | `""` |
| `auth.database` | Name for a custom database to create | `my_database` |
| `auth.username` | Name for a custom user to create | `""` |
| `auth.password` | Password for the new user. Ignored if existing secret is provided | `""` |
| `auth.replicationUser` | MariaDB replication user | `replicator` |
| `auth.replicationPassword` | MariaDB replication user password. Ignored if existing secret is provided | `""` |
| `auth.existingSecret` | Use existing secret for password details (`auth.rootPassword`, `auth.password`, `auth.replicationPassword` will be ignored and picked up from this secret). The secret has to contain the keys `mariadb-root-password`, `mariadb-replication-password` and `mariadb-password` | `""` |
| `auth.forcePassword` | Force users to specify required passwords | `false` |
| `auth.usePasswordFiles` | Mount credentials as files instead of using environment variables | `false` |
| `auth.customPasswordFiles` | Use custom password files when `auth.usePasswordFiles` is set to `true`. Define path for keys `root` and `user`, also define `replicator` if `architecture` is set to `replication` | `{}` |
| `initdbScripts` | Dictionary of initdb scripts | `{}` |
| `initdbScriptsConfigMap` | ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) | `""` |
### MariaDB Primary parameters

22
charts/bitnami/wordpress/charts/mariadb/templates/secrets.yaml
View File

@ -1,11 +1,13 @@
{{- $host := include "mariadb.primary.fullname" . }}
{{- $port := print .Values.primary.service.ports.mysql }}
{{- $rootPassword := include "common.secrets.passwords.manage" (dict "secret" (include "mariadb.secretName" .) "key" "mariadb-root-password" "providedValues" (list "auth.rootPassword") "context" $) | trimAll "\"" | b64dec }}
{{- $rootPassword := include "common.secrets.passwords.manage" ( dict "secret" ( include "mariadb.secretName" . ) "key" "mariadb-root-password" "providedValues" ( list "auth.rootPassword" ) "context" $ ) | trimAll "\"" | b64dec }}
{{- $password := .Values.auth.password }}
{{- if eq (include "mariadb.secret.existPassword" .) "true" }}
{{- $password := include "common.secrets.passwords.manage" (dict "secret" (include "mariadb.secretName" .) "key" "mariadb-password" "providedValues" (list "auth.password") "context" $) | trimAll "\"" | b64dec }}
{{- if and .Values.auth.username ( include "mariadb.secret.existPassword" . ) }}
{{- $password = include "common.secrets.passwords.manage" ( dict "secret" ( include "mariadb.secretName" . ) "key" "mariadb-password" "providedValues" ( list "auth.password" ) "context" $ ) | trimAll "\"" | b64dec }}
{{- else if ( and .Values.auth.username ( not .Values.auth.forcePassword ) ( empty .Values.auth.password ) ) }}
{{- $password = randAlphaNum 10 }}
{{- end }}
{{- if eq (include "mariadb.createSecret" .) "true" }}
{{- if eq ( include "mariadb.createSecret" . ) "true" }}
apiVersion: v1
kind: Secret
metadata:
@ -20,21 +22,21 @@ metadata:
{{- end }}
type: Opaque
data:
{{- if (not .Values.auth.forcePassword) }}
{{- if ( not .Values.auth.forcePassword ) }}
mariadb-root-password: {{ print $rootPassword | b64enc | quote }}
{{- else }}
mariadb-root-password: {{ required "A MariaDB Root Password is required!" .Values.auth.rootPassword | b64enc | quote }}
{{- end }}
{{- if (not (empty .Values.auth.username)) }}
{{- if (not .Values.auth.forcePassword) }}
{{- if .Values.auth.username }}
{{- if ( not .Values.auth.forcePassword ) }}
mariadb-password: {{ print $password | b64enc | quote }}
{{- else }}
mariadb-password: {{ required "A MariaDB Database Password is required!" $password | b64enc | quote }}
{{- end }}
{{- end }}
{{- if eq .Values.architecture "replication" }}
{{- if (not .Values.auth.forcePassword) }}
mariadb-replication-password: {{ include "common.secrets.passwords.manage" (dict "secret" (include "common.names.fullname" .) "key" "mariadb-replication-password" "providedValues" (list "auth.replicationPassword") "context" $) }}
{{- if ( not .Values.auth.forcePassword ) }}
mariadb-replication-password: {{ include "common.secrets.passwords.manage" ( dict "secret" ( include "common.names.fullname" . ) "key" "mariadb-replication-password" "providedValues" ( list "auth.replicationPassword" ) "context" $ ) }}
{{- else }}
mariadb-replication-password: {{ required "A MariaDB Replication Password is required!" .Values.auth.replicationPassword | b64enc | quote }}
{{- end }}
@ -90,7 +92,7 @@ data:
{{- if $database }}
database: {{ print $database | b64enc | quote }}
{{- end }}
{{- if and (.Values.auth.forcePassword) (empty $password) }}
{{- if and .Values.auth.forcePassword ( empty $password ) }}
password: {{ required "A MariaDB Database Password is required!" $password | b64enc | quote }}
{{- else }}
password: {{ print $password | b64enc | quote }}

2
charts/bitnami/wordpress/charts/mariadb/values.yaml
View File

@ -87,7 +87,7 @@ serviceBindings:
image:
registry: docker.io
repository: bitnami/mariadb
tag: 10.11.2-debian-11-r24
tag: 10.11.3-debian-11-r0
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'

4
charts/bitnami/wordpress/values.yaml
View File

@ -73,7 +73,7 @@ diagnosticMode:
image:
registry: docker.io
repository: bitnami/wordpress
tag: 6.2.0-debian-11-r21
tag: 6.2.0-debian-11-r22
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -761,7 +761,7 @@ volumePermissions:
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: 11-debian-11-r114
tag: 11-debian-11-r115
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.

4
charts/btp/chronicle/Chart.yaml
View File

@ -3,7 +3,7 @@ annotations:
catalog.cattle.io/display-name: Chronicle
catalog.cattle.io/release-name: chronicle
apiVersion: v2
appVersion: 0.2.1
appVersion: 0.6.2
dependencies:
- name: standard-defs
repository: https://btp-charts-stable.s3.amazonaws.com/charts/
@ -22,4 +22,4 @@ keywords:
- blockchain
name: chronicle
type: application
version: 0.1.7
version: 0.1.13

6
charts/btp/chronicle/README.md
View File

@ -35,6 +35,7 @@
| `tp.image.tag` | the image tag | BTP2.1.0 |
| `tp.extraVolumes` | extra volumes declarations for the chronicle-tp deployment | list | nil
| `tp.extraVolumeMounts` | extra volume mounts for chronicle-tp deployment | list | nil
| `tp.resources` | resources | map | nil |
| `tp.maxUnavailable` | maximum unavailable nodes during a rolling upgrade |
| `tp.minReadySeconds` | minimum time before node becomes available |
| `postgres.enabled` | if true create an internal postgres instance | boolean | true |
@ -47,7 +48,7 @@
| `postgres.port` | port for the postgres database | int | 5432 |
| `postgres.password` | password for the postgres database | string | "postgres" |
| `postgres.existingPasswordSecret` | name of a secret containing the postgres password | string | nil |
| `postgres.existingPasswordSecret` | name of the key in a secret containing the postgres password | string | password |
| `postgres.existingPasswordSecret` | name of the key in a secret containing the postgres password | string | nil |
| `postgres.tls` | postgres TLS configuration | string | nil |
| `postgres.persistence` | postgres persistence settings | map | N/A |
| `postgres.persistence.enabled` | if true allocate a PVC for the postgres instance | boolean | false |
@ -55,4 +56,5 @@
| `postgres.persistence.accessModes` | postgres PVC access modes | list | [ "ReadWriteOnce" ] |
| `postgres.persistence.storageClass` | postgres PVC storageClass | string | nil |
| `postgres.persistence.size` | postgres PVC volume size | string | "40Gi" |
| `postgres.resources` | UI resources | map | nil |
| `postgres.resources` | resources | map | nil |
| `resources` | resources | map | nil |

2
charts/btp/chronicle/app-readme.md
View File

@ -8,5 +8,5 @@ You can find example domains and further instructions at https://examples.btp.wo
## *Important*
*As Chronicle uses Sawtooth as it backing ledger, a minimum of 4 nodes is required for deployment.*
*As Chronicle uses Sawtooth as its backing ledger, a minimum of 4 nodes is required for deployment.*
*This helm chart will deploy and configure a 4 node Sawtooth network on your target cluster, so less than 4 nodes will result in the deployment failing.*

2
charts/btp/chronicle/templates/chronicle-config.yaml
View File

@ -10,7 +10,7 @@ data:
path = "/var/lib/chronicle/secrets/"
[store]
path = "/var/lib/chronicle/store/"
address = "postgresql://postgres@localhost:5432/postgres"
address = "postgresql://{{ .Values.postgres.user }}@{{ .Values.postgres.host }}:5432/{{ .Values.postgres.database }}"
[validator]
address = "tcp://{{ include "chronicle.sawtooth.service" . }}:{{ include "chronicle.sawtooth.sawcomp" . }}"
[namespace_bindings]

2
charts/btp/chronicle/templates/chronicle-secret-volume.yaml
View File

@ -2,6 +2,8 @@ apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: chronicle-secrets
annotations:
"helm.sh/resource-policy": keep
spec:
accessModes:
- ReadWriteOnce

21
charts/btp/chronicle/templates/statefulset.yaml
View File

@ -63,7 +63,7 @@ spec:
valueFrom:
secretKeyRef:
name: {{ .Values.postgres.existingPasswordSecret }}
key: password
key: {{ .Values.postgres.existingPasswordSecretKey }}
{{- else }}
value: {{ .Values.postgres.password }}
{{- end }}
@ -80,14 +80,31 @@ spec:
command: [ "bash", "-c"]
args:
- |
echo "Waiting 20 seconds for postgres to start";
sleep 20;
/usr/local/bin/chronicle \
-c /etc/chronicle/config/config.toml \
--console-logging json \
--sawtooth tcp://{{ include "chronicle.sawtooth.service" . }}:{{ include "chronicle.sawtooth.sawcomp" . }} \
serve-api --interface 0.0.0.0:{{ .Values.port}} {{ if .Values.webUi }} --open {{ end }}
--remote-database \
--database-name {{ .Values.postgres.database }} \
--database-username {{ .Values.postgres.user }} \
--database-host {{ .Values.postgres.host }} \
serve-graphql --interface 0.0.0.0:{{ .Values.port}} {{ if .Values.webUi }} --open {{ end }}
env: {{ include "lib.safeToYaml" .Values.env | nindent 12 }}
- name: RUST_LOG
value: {{ .Values.logLevel }}
- name: PGPASSWORD
{{- if .Values.postgres.existingPasswordSecret }}
valueFrom:
secretKeyRef:
name: {{ .Values.postgres.existingPasswordSecret }}
key: {{ .Values.postgres.existingPasswordSecretKey }}
{{- else }}
value: {{ .Values.postgres.password }}
{{- end }}
{{- include "lib.safeToYaml" .Values.postgres.env | nindent 12 }}
resources: {{- include "lib.safeToYaml" .Values.resources | nindent 12 }}
volumeMounts:
- name: chronicle-config
mountPath: /etc/chronicle/config/

15
charts/btp/chronicle/values.yaml
View File

@ -18,7 +18,7 @@ image:
## @md | `image.repository` | the repository of the image | blockchaintp/chronicle |
repository: blockchaintp/chronicle-amd64
## @md | `image.tag`| the tag of the image to use | latest |
tag: BTP2.1.0-0.5.0
tag: BTP2.1.0-0.6.2
## @md | `image.pullPolicy` | the image pull policy to use | IfNotPresent |
pullPolicy: IfNotPresent
@ -95,12 +95,12 @@ tp:
## @md | `tp.image.repository` | the image repository | blockchaintp/chronicle-tp |
repository: blockchaintp/chronicle-tp-amd64
## @md | `tp.image.tag` | the image tag | BTP2.1.0 |
tag: BTP2.1.0-0.5.0
tag: BTP2.1.0-0.6.2
## @md | `tp.extraVolumes` | extra volumes declarations for the chronicle-tp deployment | list | nil
extraVolumes:
## @md | `tp.extraVolumeMounts` | extra volume mounts for chronicle-tp deployment | list | nil
extraVolumeMounts:
## @md | `tp.resources` | resources | map | nil |
resources:
## @md | `tp.maxUnavailable` | maximum unavailable nodes during a rolling upgrade |
maxUnavailable: 1
@ -132,8 +132,8 @@ postgres:
password: postgres
## @md | `postgres.existingPasswordSecret` | name of a secret containing the postgres password | string | nil |
existingPasswordSecret:
## @md | `postgres.existingPasswordSecret` | name of the key in a secret containing the postgres password | string | password |
existingPasswordSecretKey: password
## @md | `postgres.existingPasswordSecret` | name of the key in a secret containing the postgres password | string | nil |
existingPasswordSecretKey:
## @md | `postgres.tls` | postgres TLS configuration | string | nil |
tls:
## @md | `postgres.persistence` | postgres persistence settings | map | N/A |
@ -152,5 +152,8 @@ postgres:
storageClass:
## @md | `postgres.persistence.size` | postgres PVC volume size | string | "40Gi" |
size: "40Gi"
## @md | `postgres.resources` | UI resources | map | nil |
## @md | `postgres.resources` | resources | map | nil |
resources:
## @md | `resources` | resources | map | nil |
resources:

4
charts/gitlab/gitlab/CHANGELOG.md
View File

@ -2,6 +2,10 @@
documentation](doc/development/changelog.md) for instructions on adding your own
entry.
## 6.11.3 (2023-05-10)
No changes.
## 6.11.2 (2023-05-03)
No changes.

4
charts/gitlab/gitlab/Chart.yaml
View File

@ -3,7 +3,7 @@ annotations:
catalog.cattle.io/display-name: GitLab
catalog.cattle.io/release-name: gitlab
apiVersion: v1
appVersion: 15.11.2
appVersion: 15.11.3
description: The One DevOps Platform
home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.png
@ -15,4 +15,4 @@ maintainers:
name: gitlab
sources:
- https://gitlab.com/gitlab-org/charts/gitlab
version: 6.11.2
version: 6.11.3

4
charts/gitlab/gitlab/charts/gitlab/charts/geo-logcursor/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v1
appVersion: 15.11.2
appVersion: 15.11.3
description: GitLab Geo logcursor
home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -12,4 +12,4 @@ name: geo-logcursor
sources:
- https://gitlab.com/charts/gitlab/tree/master/charts/gitlab/charts/geo-logcursor
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-rails
version: 6.11.2
version: 6.11.3

4
charts/gitlab/gitlab/charts/gitlab/charts/gitaly/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v1
appVersion: 15.11.2
appVersion: 15.11.3
description: Git RPC service for handling all the git calls made by GitLab
home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -13,4 +13,4 @@ name: gitaly
sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitaly
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitaly
version: 6.11.2
version: 6.11.3

2
charts/gitlab/gitlab/charts/gitlab/charts/gitlab-exporter/Chart.yaml
View File

@ -14,4 +14,4 @@ sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-exporter
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-exporter
- https://gitlab.com/gitlab-org/gitlab-exporter
version: 6.11.2
version: 6.11.3

4
charts/gitlab/gitlab/charts/gitlab/charts/gitlab-grafana/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v1
appVersion: 15.11.2
appVersion: 15.11.3
description: Adapt the Grafana chart to interface to the GitLab App
home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -13,4 +13,4 @@ name: gitlab-grafana
sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-grafana
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-grafana
version: 6.11.2
version: 6.11.3

4
charts/gitlab/gitlab/charts/gitlab/charts/gitlab-pages/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v1
appVersion: 15.11.2
appVersion: 15.11.3
description: Daemon for serving static websites from GitLab projects
home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -14,4 +14,4 @@ sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-pages
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-pages
- https://gitlab.com/gitlab-org/gitlab-pages
version: 6.11.2
version: 6.11.3

2
charts/gitlab/gitlab/charts/gitlab/charts/gitlab-shell/Chart.yaml
View File

@ -14,4 +14,4 @@ name: gitlab-shell
sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-shell
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-shell
version: 6.11.2
version: 6.11.3

2
charts/gitlab/gitlab/charts/gitlab/charts/kas/Chart.yaml
View File

@ -17,4 +17,4 @@ name: kas
sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-kas
- https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent
version: 6.11.2
version: 6.11.3

2
charts/gitlab/gitlab/charts/gitlab/charts/mailroom/Chart.yaml
View File

@ -13,4 +13,4 @@ name: mailroom
sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/mailroom
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-mailroom
version: 6.11.2
version: 6.11.3

4
charts/gitlab/gitlab/charts/gitlab/charts/migrations/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v1
appVersion: 15.11.2
appVersion: 15.11.3
description: Database migrations and other versioning tasks for upgrading Gitlab
home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -12,4 +12,4 @@ name: migrations
sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/migrations
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-rails
version: 6.11.2
version: 6.11.3

4
charts/gitlab/gitlab/charts/gitlab/charts/praefect/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v1
appVersion: 15.11.2
appVersion: 15.11.3
description: Praefect is a router and transaction manager for Gitaly, and a required
component for running a Gitaly Cluster.
home: https://about.gitlab.com/
@ -16,4 +16,4 @@ sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/praefect
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitaly
- https://gitlab.com/gitlab-org/gitaly/-/tree/master/cmd/praefect
version: 6.11.2
version: 6.11.3

4
charts/gitlab/gitlab/charts/gitlab/charts/sidekiq/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v1
appVersion: 15.11.2
appVersion: 15.11.3
description: Gitlab Sidekiq for asynchronous task processing in rails
home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -13,4 +13,4 @@ name: sidekiq
sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/sidekiq
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-sidekiq
version: 6.11.2
version: 6.11.3

2
charts/gitlab/gitlab/charts/gitlab/charts/spamcheck/Chart.yaml
View File

@ -14,4 +14,4 @@ name: spamcheck
sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/spamcheck
- https://gitlab.com/gitlab-org/spamcheck
version: 6.11.2
version: 6.11.3

4
charts/gitlab/gitlab/charts/gitlab/charts/toolbox/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v1
appVersion: 15.11.2
appVersion: 15.11.3
description: For manually running rake tasks through kubectl
home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -13,4 +13,4 @@ name: toolbox
sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/toolbox
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-toolbox
version: 6.11.2
version: 6.11.3

4
charts/gitlab/gitlab/charts/gitlab/charts/webservice/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v1
appVersion: 15.11.2
appVersion: 15.11.3
description: HTTP server for Gitlab
home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -14,4 +14,4 @@ name: webservice
sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/webservice
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-webservice
version: 6.11.2
version: 6.11.3

2
charts/gitlab/gitlab/requirements.lock
View File

@ -36,4 +36,4 @@ dependencies:
repository: https://charts.gitlab.io/
version: 0.3.0
digest: sha256:67477d660a351df330393ce9ed84458eafbc419de2c454339ed7539bde9c45ca
generated: "2023-05-05T06:50:58.331129877Z"
generated: "2023-05-10T20:18:20.96296619Z"

2
charts/gitlab/gitlab/values.yaml
View File

@ -40,7 +40,7 @@ global:
edition: ee
## https://docs.gitlab.com/charts/charts/globals#gitlab-version
gitlabVersion: "15.11.2"
gitlabVersion: "15.11.3"
## https://docs.gitlab.com/charts/charts/globals#application-resource
application:

32
charts/gluu/gluu/Chart.yaml
View File

@ -1,6 +1,6 @@
annotations:
artifacthub.io/changes: |
- Chart 5.0.16 dev release
- Chart 5.0.17 official release
artifacthub.io/containsSecurityUpdates: "true"
artifacthub.io/images: |
- name: auth-server
@ -35,59 +35,59 @@ dependencies:
- condition: global.config.enabled
name: config
repository: file://./charts/config
version: 5.0.16
version: 5.0.17
- condition: global.config-api.enabled
name: config-api
repository: file://./charts/config-api
version: 5.0.16
version: 5.0.17
- condition: global.opendj.enabled
name: opendj
repository: file://./charts/opendj
version: 5.0.16
version: 5.0.17
- condition: global.auth-server.enabled
name: auth-server
repository: file://./charts/auth-server
version: 5.0.16
version: 5.0.17
- condition: global.admin-ui.enabled
name: admin-ui
repository: file://./charts/admin-ui
version: 5.0.16
version: 5.0.17
- condition: global.fido2.enabled
name: fido2
repository: file://./charts/fido2
version: 5.0.16
version: 5.0.17
- condition: global.scim.enabled
name: scim
repository: file://./charts/scim
version: 5.0.16
version: 5.0.17
- condition: global.nginx-ingress.enabled
name: nginx-ingress
repository: file://./charts/nginx-ingress
version: 5.0.16
version: 5.0.17
- condition: global.oxshibboleth.enabled
name: oxshibboleth
repository: file://./charts/oxshibboleth
version: 5.0.16
version: 5.0.17
- condition: global.oxpassport.enabled
name: oxpassport
repository: file://./charts/oxpassport
version: 5.0.16
version: 5.0.17
- condition: global.casa.enabled
name: casa
repository: file://./charts/casa
version: 5.0.16
version: 5.0.17
- condition: global.auth-server-key-rotation.enabled
name: auth-server-key-rotation
repository: file://./charts/auth-server-key-rotation
version: 5.0.16
version: 5.0.17
- condition: global.persistence.enabled
name: persistence
repository: file://./charts/persistence
version: 5.0.16
version: 5.0.17
- condition: global.istio.ingress
name: cn-istio-ingress
repository: file://./charts/cn-istio-ingress
version: 5.0.16
version: 5.0.17
description: Gluu Access and Identity Management
home: https://www.gluu.org
icon: https://gluu.org/docs/gluu-server/favicon.ico
@ -99,4 +99,4 @@ name: gluu
sources:
- https://gluu.org/docs/gluu-server
- https://github.com/GluuFederation/flex/flex-cn-setup
version: 5.0.16
version: 5.0.17

30
charts/gluu/gluu/README.md
View File

@ -1,6 +1,6 @@
# gluu
![Version: 5.0.16](https://img.shields.io/badge/Version-5.0.16-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
![Version: 5.0.17](https://img.shields.io/badge/Version-5.0.17-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
Gluu Access and Identity Management
@ -23,20 +23,20 @@ Kubernetes: `>=v1.21.0-0`
| Repository | Name | Version |
|------------|------|---------|
| | admin-ui | 5.0.16 |
| | auth-server | 5.0.16 |
| | auth-server-key-rotation | 5.0.16 |
| | casa | 5.0.16 |
| | cn-istio-ingress | 5.0.16 |
| | config | 5.0.16 |
| | config-api | 5.0.16 |
| | fido2 | 5.0.16 |
| | nginx-ingress | 5.0.16 |
| | opendj | 5.0.16 |
| | oxpassport | 5.0.16 |
| | oxshibboleth | 5.0.16 |
| | persistence | 5.0.16 |
| | scim | 5.0.16 |
| | admin-ui | 5.0.17 |
| | auth-server | 5.0.17 |
| | auth-server-key-rotation | 5.0.17 |
| | casa | 5.0.17 |
| | cn-istio-ingress | 5.0.17 |
| | config | 5.0.17 |
| | config-api | 5.0.17 |
| | fido2 | 5.0.17 |
| | nginx-ingress | 5.0.17 |
| | opendj | 5.0.17 |
| | oxpassport | 5.0.17 |
| | oxshibboleth | 5.0.17 |
| | persistence | 5.0.17 |
| | scim | 5.0.17 |
## Values

5
charts/gluu/gluu/app-readme.md
View File

@ -1,3 +1,7 @@
## Tutorial
For a full walkthrough of the Gluu Flex Server on Rancher, please see the [Gluu Server on Rancher Tutorial](https://docs.gluu.org/stable/admin/recipes/getting-started-rancher/).
## Introduction
The Gluu Server is a container distribution of free open source software (FOSS) for identity and access management (IAM). SaaS, custom, open source and commercial web and mobile applications can leverage a Gluu Server for user authentication, identity information, and policy decisions.
@ -19,7 +23,6 @@ The Gluu Server can be deployed to support the following open standards for auth
- OAuth 2.0
- OpenID Connect
- User Managed Access 2.0 (UMA)
- SAML 2.0
- System for Cross-domain Identity Management (SCIM)
- FIDO Universal 2nd Factor (U2F)
- FIDO 2.0 / WebAuthn

2
charts/gluu/gluu/charts/admin-ui/Chart.yaml
View File

@ -17,4 +17,4 @@ sources:
- https://github.com/GluuFederation/docker-gluu-admin-ui
- https://github.com/GluuFederation/flex/tree/main/flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/admin-ui
type: application
version: 5.0.16
version: 5.0.17

2
charts/gluu/gluu/charts/admin-ui/README.md
View File

@ -1,6 +1,6 @@
# admin-ui
![Version: 5.0.16](https://img.shields.io/badge/Version-5.0.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
![Version: 5.0.17](https://img.shields.io/badge/Version-5.0.17-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
Admin GUI. Requires license.

2
charts/gluu/gluu/charts/auth-server-key-rotation/Chart.yaml
View File

@ -15,4 +15,4 @@ sources:
- https://github.com/JanssenProject/docker-jans-certmanager
- https://github.com/GluuFederation/flex/tree/main/flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/auth-server-key-rotation
type: application
version: 5.0.16
version: 5.0.17

2
charts/gluu/gluu/charts/auth-server-key-rotation/README.md
View File

@ -1,6 +1,6 @@
# auth-server-key-rotation
![Version: 5.0.16](https://img.shields.io/badge/Version-5.0.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
![Version: 5.0.17](https://img.shields.io/badge/Version-5.0.17-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
Responsible for regenerating auth-keys per x hours

2
charts/gluu/gluu/charts/auth-server/Chart.yaml
View File

@ -19,4 +19,4 @@ sources:
- https://github.com/JanssenProject/docker-jans-auth-server
- https://github.com/GluuFederation/flex/tree/main/flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/auth-server
type: application
version: 5.0.16
version: 5.0.17

2
charts/gluu/gluu/charts/auth-server/README.md
View File

@ -1,6 +1,6 @@
# auth-server
![Version: 5.0.16](https://img.shields.io/badge/Version-5.0.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
![Version: 5.0.17](https://img.shields.io/badge/Version-5.0.17-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
OAuth Authorization Server, the OpenID Connect Provider, the UMA Authorization Server--this is the main Internet facing component of Gluu. It's the service that returns tokens, JWT's and identity assertions. This service must be Internet facing.

2
charts/gluu/gluu/charts/casa/Chart.yaml
View File

@ -19,4 +19,4 @@ sources:
- https://github.com/GluuFederation/docker-casa
- https://github.com/GluuFederation/flex/tree/main/flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/casa
type: application
version: 5.0.16
version: 5.0.17

2
charts/gluu/gluu/charts/casa/README.md
View File

@ -1,6 +1,6 @@
# casa
![Version: 5.0.16](https://img.shields.io/badge/Version-5.0.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
![Version: 5.0.17](https://img.shields.io/badge/Version-5.0.17-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
Gluu Casa ("Casa") is a self-service web portal for end-users to manage authentication and authorization preferences for their account in a Gluu Server.

2
charts/gluu/gluu/charts/cn-istio-ingress/Chart.yaml
View File

@ -16,4 +16,4 @@ sources:
- https://gluu.org/docs/gluu-server/
- https://github.com/GluuFederation/flex/tree/main/flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/cn-istio-ingress
type: application
version: 5.0.16
version: 5.0.17

2
charts/gluu/gluu/charts/cn-istio-ingress/README.md
View File

@ -1,6 +1,6 @@
# cn-istio-ingress
![Version: 5.0.16](https://img.shields.io/badge/Version-5.0.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
![Version: 5.0.17](https://img.shields.io/badge/Version-5.0.17-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
Istio Gateway

2
charts/gluu/gluu/charts/config-api/Chart.yaml
View File

@ -19,4 +19,4 @@ sources:
- https://github.com/JanssenProject/jans/docker-jans-config-api
- https://github.com/GluuFederation/flex/tree/main/flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/config-api
type: application
version: 5.0.16
version: 5.0.17

2
charts/gluu/gluu/charts/config-api/README.md
View File

@ -1,6 +1,6 @@
# config-api
![Version: 5.0.16](https://img.shields.io/badge/Version-5.0.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
![Version: 5.0.17](https://img.shields.io/badge/Version-5.0.17-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
Jans Config Api endpoints can be used to configure jans-auth-server, which is an open-source OpenID Connect Provider (OP) and UMA Authorization Server (AS)

2
charts/gluu/gluu/charts/config/Chart.yaml
View File

@ -18,4 +18,4 @@ sources:
- https://github.com/JanssenProject/jans/docker-jans-configurator
- https://github.com/GluuFederation/flex/tree/main/flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/config
type: application
version: 5.0.16
version: 5.0.17

2
charts/gluu/gluu/charts/config/README.md
View File

@ -1,6 +1,6 @@
# config
![Version: 5.0.16](https://img.shields.io/badge/Version-5.0.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
![Version: 5.0.17](https://img.shields.io/badge/Version-5.0.17-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
Configuration parameters for setup and initial configuration secret and config layers used by Gluu services.

Some files were not shown because too many files have changed in this diff Show More