Charts CI

``` Updated: aquarist-labs/s3gw: - 0.16.0 argo/argo-cd: - 5.33.1 bitnami/mariadb: - 12.2.3 bitnami/wordpress: - 16.1.2 btp/chronicle: - 0.1.13 gitlab/gitlab: - 6.11.3 gluu/gluu: - 5.0.17 haproxy/haproxy: - 1.30.5 kong/kong: - 2.20.2 nutanix/nutanix-csi-snapshot: - 6.2.1 nutanix/nutanix-csi-storage: - 2.6.3 pixie/pixie-operator-chart: - 0.1.0 yugabyte/yugabyte: - 2.16.4 yugabyte/yugaware: - 2.16.4 ```
2023-05-12 13:19:04 +00:00 · 2023-05-12 13:19:04 +00:00 · c0fe64868e
parent d9257e8824
commit c0fe64868e
152 changed files with 2268 additions and 767 deletions
--- a/assets/aquarist-labs/s3gw-0.16.0.tgz
+++ b/assets/aquarist-labs/s3gw-0.16.0.tgz
--- a/assets/argo/argo-cd-5.33.1.tgz
+++ b/assets/argo/argo-cd-5.33.1.tgz
--- a/assets/bitnami/mariadb-12.2.3.tgz
+++ b/assets/bitnami/mariadb-12.2.3.tgz
--- a/assets/bitnami/wordpress-16.1.2.tgz
+++ b/assets/bitnami/wordpress-16.1.2.tgz
--- a/assets/btp/chronicle-0.1.13.tgz
+++ b/assets/btp/chronicle-0.1.13.tgz
--- a/assets/gitlab/gitlab-6.11.3.tgz
+++ b/assets/gitlab/gitlab-6.11.3.tgz
--- a/assets/gluu/gluu-5.0.17.tgz
+++ b/assets/gluu/gluu-5.0.17.tgz
--- a/assets/haproxy/haproxy-1.30.5.tgz
+++ b/assets/haproxy/haproxy-1.30.5.tgz
--- a/assets/kong/kong-2.20.2.tgz
+++ b/assets/kong/kong-2.20.2.tgz
--- a/assets/nutanix/nutanix-csi-snapshot-6.2.1.tgz
+++ b/assets/nutanix/nutanix-csi-snapshot-6.2.1.tgz
--- a/assets/nutanix/nutanix-csi-storage-2.6.3.tgz
+++ b/assets/nutanix/nutanix-csi-storage-2.6.3.tgz
--- a/assets/pixie/pixie-operator-chart-0.1.1.tgz
+++ b/assets/pixie/pixie-operator-chart-0.1.1.tgz
--- a/assets/yugabyte/yugabyte-2.16.4.tgz
+++ b/assets/yugabyte/yugabyte-2.16.4.tgz
--- a/assets/yugabyte/yugaware-2.16.4.tgz
+++ b/assets/yugabyte/yugaware-2.16.4.tgz
--- a/charts/aquarist-labs/s3gw/Chart.yaml
+++ b/charts/aquarist-labs/s3gw/Chart.yaml
@ -32,4 +32,4 @@ sources:
 - https://github.com/aquarist-labs/s3gw
 - https://github.com/aquarist-labs/ceph
 type: application
-version: 0.15.0
+version: 0.16.0
--- a/charts/aquarist-labs/s3gw/questions.yaml
+++ b/charts/aquarist-labs/s3gw/questions.yaml
@ -73,7 +73,7 @@ questions:
  - variable: defaultUserCredentialsSecret
    show_if: useExistingSecret=true
-    default: s3gw-creds
+    default: ""
    description: |
      "The name of the secret containing the
      S3 credentials for the default user"
@ -335,3 +335,95 @@ questions:
    required: false
    type: string
    group: "Advanced"
  # Container Object Storage Interface (COSI)
  - variable: cosi.enabled
    default: false
    type: boolean
    description: "Deploy Container Object Storage Interface (COSI) for s3gw"
    required: true
    group: "COSI"
    show_subquestion_if: true
    subquestions:
      - variable: cosi.driver.imageName
        default: ""
        description: "Image name for the COSI Driver"
        label: "COSI Driver Image (e.g. s3gw-cosi-driver)"
        required: false
        type: string
        group: "COSI"
      - variable: cosi.driver.imageTag
        default: ""
        description: "Image tag for the COSI Driver"
        label: "COSI Driver Tag"
        required: false
        type: string
        group: "COSI"
      - variable: cosi.driver.imageRegistry
        default: ""
        description: "Image registry for the COSI Driver"
        label: "COSI Driver Registry (e.g. quay.io/s3gw)"
        required: false
        type: string
        group: "COSI"
      - variable: cosi.driver.imagePullPolicy
        default: "IfNotPresent"
        description: "Pull policy for the COSI Driver"
        label: "Pull policy for the COSI Driver"
        required: false
        type: string
        group: "COSI"
      - variable: cosi.driver.name
        default: ""
        description: "Name of the COSI Driver"
        label: "Name of the COSI Driver"
        required: false
        type: string
        group: "COSI"
      - variable: cosi.sidecar.imageName
        default:
        description: "Image name for the COSI Sidecar"
        label: "COSI Sidecar Image (e.g. s3gw-cosi-sidecar)"
        required: false
        type: string
        group: "COSI"
      - variable: cosi.sidecar.imageTag
        default:
        description: "Image tag for the COSI Sidecar"
        label: "COSI Sidecar Tag"
        required: false
        type: string
        group: "COSI"
      - variable: cosi.sidecar.imageRegistry
        default:
        description: "Image registry for the COSI Sidecar"
        label: "COSI Sidecar Registry (e.g. quay.io/s3gw)"
        required: false
        type: string
        group: "COSI"
      - variable: cosi.sidecar.imagePullPolicy
        default:
        description: "Pull policy for the COSI Sidecar"
        label: "Pull policy for the COSI Sidecar"
        required: false
        type: string
        group: "COSI"
      - variable: cosi.sidecar.logLevel
        default: "5"
        description: |
          "Log verbosity of the COSI Sidecar,
           higher values are more verbose."
        label: "Log verbosity of the COSI Sidecar"
        required: false
        type: string
        group: "COSI"
--- a/charts/aquarist-labs/s3gw/templates/NOTES.txt
+++ b/charts/aquarist-labs/s3gw/templates/NOTES.txt
@ -2,11 +2,11 @@ Thank you for installing {{ .Chart.Name }} {{ printf "v%s" .Chart.Version }}
 The S3 endpoint is available at:
-{{ printf "%s.%s" .Values.serviceName .Values.publicDomain | indent 4 }}
+{{ printf "%s.%s" (include "s3gw.serviceName" .) .Values.publicDomain | indent 4 }}
 {{ if .Values.ui.enabled}}
 and the web interface is available at:
-{{ printf "%s.%s" .Values.ui.serviceName .Values.ui.publicDomain | indent 4 }}
+{{ printf "%s.%s" (include "s3gw.uiServiceName" .) .Values.ui.publicDomain | indent 4 }}
 {{- end }}
 {{ if and (not .Values.useExistingSecret) (empty .Values.accessKey) }}
 An access key has been generated: {{ include "s3gw.defaultAccessKey" . | quote }}
@ -14,3 +14,9 @@ An access key has been generated: {{ include "s3gw.defaultAccessKey" . | quote }
 {{- if and (not .Values.useExistingSecret) (empty .Values.secretKey) }}
 A secret key has been generated: {{ include "s3gw.defaultSecretKey" . | quote }}
 {{ end }}
 {{- if .Values.cosi.enabled }}
 Name of the COSI driver:
 {{ printf "%s" (include "s3gw-cosi.driverName" .) | indent 4 }}
 {{ end }}
--- a/charts/aquarist-labs/s3gw/templates/_helpers.tpl
+++ b/charts/aquarist-labs/s3gw/templates/_helpers.tpl
@ -57,6 +57,11 @@ app.kubernetes.io/component: gateway
 app.kubernetes.io/component: ui
 {{- end }}
 {{- define "s3gw-cosi.selectorLabels" -}}
 {{ include "s3gw.commonSelectorLabels" . }}
 app.kubernetes.io/component: cosi
 {{- end }}
 {{/*
 Create the name of the service account to use
 */}}
@ -110,3 +115,117 @@ Default Access Credentials
 {{- $key := default (randAlphaNum 32) .Values.secretKey }}
 {{- printf "%s" $key }}
 {{- end }}
 {{/*
 Backend service name
 */}}
 {{- define "s3gw.serviceName" -}}
 {{- $dsn := printf "%s-%s" .Release.Name .Release.Namespace }}
 {{- $name := default $dsn .Values.serviceName }}
 {{- $name }}
 {{- end }}
 {{/*
 Frontend service name
 */}}
 {{- define "s3gw.uiServiceName" -}}
 {{- $dsn := printf "%s-%s-ui" .Release.Name .Release.Namespace }}
 {{- $name := default $dsn .Values.ui.serviceName }}
 {{- $name }}
 {{- end }}
 {{/*
 User credentials secret for S3 backend service
 */}}
 {{- define "s3gw.defaultUserCredentialsSecret" -}}
 {{- $dsn := printf "%s-%s-creds" .Release.Name .Release.Namespace }}
 {{- $name := default $dsn .Values.defaultUserCredentialsSecret }}
 {{- $name }}
 {{- end }}
 {{/*
 Config map name
 */}}
 {{- define "s3gw.configMap" -}}
 {{- $dcmn := printf "%s-%s-config" .Release.Name .Release.Namespace }}
 {{- $name := $dcmn }}
 {{- $name }}
 {{- end }}
 {{/*
 Traefik Middleware CORS name
 */}}
 {{- define "s3gw.CORSMiddlewareName" -}}
 {{- $dmcn := printf "%s-%s-cors-header" .Release.Name .Release.Namespace }}
 {{- $name := $dmcn }}
 {{- $name }}
 {{- end }}
 {{/*
 Version helpers for the cosi-driver image tag
 */}}
 {{- define "s3gw-cosi.driverImage" -}}
 {{- $defaulttag := printf "v%s" .Chart.Version }}
 {{- $tag := default $defaulttag .Values.cosi.driver.imageTag }}
 {{- $name := default "s3gw-cosi-driver" .Values.cosi.driver.imageName }}
 {{- $registry := default "quay.io/s3gw" .Values.cosi.driver.imageRegistry }}
 {{- printf "%s/%s:%s" $registry $name $tag }}
 {{- end }}
 {{/*
 Version helpers for the cosi-sidecar image tag
 */}}
 {{- define "s3gw-cosi.sidecarImage" -}}
 {{- $defaulttag := printf "v%s" .Chart.Version }}
 {{- $tag := default $defaulttag .Values.cosi.sidecar.imageTag }}
 {{- $name := default "s3gw-cosi-sidecar" .Values.cosi.sidecar.imageName }}
 {{- $registry := default "quay.io/s3gw" .Values.cosi.sidecar.imageRegistry }}
 {{- printf "%s/%s:%s" $registry $name $tag }}
 {{- end }}
 {{/*
 COSI driver name
 */}}
 {{- define "s3gw-cosi.driverName" -}}
 {{- $sn := .Release.Name }}
 {{- $ns := .Release.Namespace }}
 {{- $defaultname := printf "%s.%s.objectstorage.k8s.io" $sn $ns }}
 {{- $name := default $defaultname .Values.cosi.driver.name }}
 {{- printf "%s" $name }}
 {{- end }}
 {{/*
 COSI service account name
 */}}
 {{- define "s3gw-cosi.ServiceAccountName" -}}
 {{- $dcsan := printf "%s-%s-objectstorage-provisioner-sa" .Release.Name .Release.Namespace }}
 {{- $name := $dcsan }}
 {{- $name }}
 {{- end }}
 {{/*
 COSI driver secret name
 */}}
 {{- define "s3gw-cosi.driverSecretName" -}}
 {{- $ddsn := printf "%s-%s-objectstorage-provisioner" .Release.Name .Release.Namespace }}
 {{- $name := $ddsn }}
 {{- $name }}
 {{- end }}
 {{/*
 COSI cluster role name
 */}}
 {{- define "s3gw-cosi.ClusterRoleName" -}}
 {{- $dcrn := printf "%s-%s-objectstorage-provisioner-role" .Release.Name .Release.Namespace }}
 {{- $name := $dcrn }}
 {{- $name }}
 {{- end }}
 {{/*
 COSI cluster role binding name
 */}}
 {{- define "s3gw-cosi.ClusterRoleBindingName" -}}
 {{- $dcrn := printf "%s-%s-objectstorage-provisioner-role-binding" .Release.Name .Release.Namespace }}
 {{- $name := $dcrn }}
 {{- $name }}
 {{- end }}
--- a/charts/aquarist-labs/s3gw/templates/certificate.yaml
+++ b/charts/aquarist-labs/s3gw/templates/certificate.yaml
@ -4,35 +4,35 @@
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
-  name: s3gw-ca-cert
+  name: {{ .Release.Name }}-{{ .Release.Namespace }}-ca-cert
  namespace: {{ .Values.certManagerNamespace }}
  labels:
 {{ include "s3gw.labels" . | indent 4}}
 spec:
-  commonName: s3gw-ca
+  commonName: {{ .Release.Name }}-{{ .Release.Namespace }}-ca
  isCA: true
  issuerRef:
    kind: ClusterIssuer
-    name: s3gw-self-signed-issuer
+    name: {{ .Release.Name }}-{{ .Release.Namespace }}-self-signed-issuer
  privateKey:
    algorithm: ECDSA
    size: 256
-  secretName: s3gw-ca-root
+  secretName: {{ .Release.Name }}-{{ .Release.Namespace }}-ca-root
 ---
 # s3gw internal service certificate (private domain)
 apiVersion: cert-manager.io/v1
 kind: Certificate
 metadata:
-  name: s3gw-cluster-ip-cert
+  name: {{ .Release.Name }}-{{ .Release.Namespace }}-cluster-ip-cert
  namespace: {{ .Release.Namespace }}
  labels:
 {{ include "s3gw.labels" . | indent 4}}
 spec:
  dnsNames:
-    - '{{ .Values.serviceName }}.{{ .Release.Namespace }}.{{ .Values.privateDomain }}'
+    - '{{ include "s3gw.serviceName" . }}.{{ .Release.Namespace }}.{{ .Values.privateDomain }}'
-    - '*.{{ .Values.serviceName }}.{{ .Release.Namespace }}.{{ .Values.privateDomain }}'
+    - '*.{{ include "s3gw.serviceName" . }}.{{ .Release.Namespace }}.{{ .Values.privateDomain }}'
  issuerRef:
    kind: ClusterIssuer
-    name: s3gw-issuer
+    name: {{ .Release.Name }}-{{ .Release.Namespace }}-issuer
-  secretName: s3gw-cluster-ip-tls
+  secretName: {{ .Release.Name }}-{{ .Release.Namespace }}-cluster-ip-tls
 {{- end }}
--- a/charts/aquarist-labs/s3gw/templates/configmap.yaml
+++ b/charts/aquarist-labs/s3gw/templates/configmap.yaml
@ -2,15 +2,15 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: s3gw-config
+  name: {{ include "s3gw.configMap" . }}
  namespace: {{ .Release.Namespace }}
  labels:
 {{ include "s3gw.labels" . | indent 4}}
 data:
 {{- if .Values.ui.enabled }}
 {{- if or .Values.useCertManager .Values.tls.publicDomain.crt }}
-  RGW_SERVICE_URL: 'https://{{ .Values.serviceName }}.{{ .Values.publicDomain }}'
+  RGW_SERVICE_URL: 'https://{{ include "s3gw.serviceName" . }}.{{ .Values.publicDomain }}'
 {{- else}}
-  RGW_SERVICE_URL: 'http://{{ .Values.serviceName }}.{{ .Values.publicDomain }}'
+  RGW_SERVICE_URL: 'http://{{ include "s3gw.serviceName" . }}.{{ .Values.publicDomain }}'
 {{- end }}
 {{- end }}
--- a/charts/aquarist-labs/s3gw/templates/cosi-driver-deployment.yaml
+++ b/charts/aquarist-labs/s3gw/templates/cosi-driver-deployment.yaml
@ -0,0 +1,52 @@
 {{- if .Values.cosi.enabled }}
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: {{ .Release.Name }}-objectstorage-provisioner
  labels:
 {{ include "s3gw.labels" . | indent 4}}
  namespace: {{ .Release.Namespace }}
 spec:
  replicas: 1
  strategy:
    type: Recreate
  selector:
    matchLabels:
 {{ include "s3gw-cosi.selectorLabels" . | indent 6 }}
  template:
    metadata:
      labels:
 {{ include "s3gw-cosi.selectorLabels" . | indent 8 }}
    spec:
      serviceAccountName: {{ include "s3gw-cosi.ServiceAccountName" . }}
      volumes:
        - name: socket
          emptyDir: {}
      containers:
        - name: {{ .Release.Name }}-cosi-driver
          image: {{ include "s3gw-cosi.driverImage" . | quote }}
          imagePullPolicy: {{ default "IfNotPresent" .Values.cosi.driver.imagePullPolicy }}
          envFrom:
            - secretRef:
                name: {{ include "s3gw-cosi.driverSecretName" . }}
          volumeMounts:
            - mountPath: /var/lib/cosi
              name: socket
        - name: {{ .Release.Name }}-cosi-sidecar
          image: {{ include "s3gw-cosi.sidecarImage" . | quote }}
          imagePullPolicy: {{ default "IfNotPresent" .Values.cosi.sidecar.imagePullPolicy }}
          args:
            - {{ printf "--v=%s" (default "5" .Values.cosi.sidecar.logLevel) }}
          envFrom:
            - secretRef:
                name: {{ include "s3gw-cosi.driverSecretName" . }}
          env:
            - name: POD_NAMESPACE
              valueFrom:
                fieldRef:
                  fieldPath: metadata.namespace
          volumeMounts:
            - mountPath: /var/lib/cosi
              name: socket
 {{- end }}
--- a/charts/aquarist-labs/s3gw/templates/cosi-driver-secret.yaml
+++ b/charts/aquarist-labs/s3gw/templates/cosi-driver-secret.yaml
@ -0,0 +1,16 @@
 {{- if .Values.cosi.enabled }}
 ---
 apiVersion: v1
 kind: Secret
 metadata:
  name: {{ include "s3gw-cosi.driverSecretName" . }}
  labels:
 {{ include "s3gw.labels" . | indent 4 }}
  namespace: {{ .Release.Namespace }}
 type: Opaque
 stringData:
  DRIVERNAME: {{ include "s3gw-cosi.driverName" . }}
  ENDPOINT: {{ include "s3gw.serviceName" . }}.{{ .Release.Namespace }}.{{ .Values.privateDomain }}
  ACCESSKEY: {{ .Values.accessKey }}
  SECRETKEY: {{ .Values.secretKey }}
 {{- end }}
--- a/charts/aquarist-labs/s3gw/templates/cosi-rbac.yaml
+++ b/charts/aquarist-labs/s3gw/templates/cosi-rbac.yaml
@ -0,0 +1,60 @@
 {{- if .Values.cosi.enabled }}
 ---
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
  name: {{ include "s3gw-cosi.ClusterRoleName" . }}
  labels:
 {{ include "s3gw.labels" . | indent 4 }}
 rules:
 - apiGroups: ["objectstorage.k8s.io"]
  resources:
    - "buckets"
    - "bucketaccesses"
    - "bucketclaims"
    - "bucketaccessclasses"
    - "buckets/status"
    - "bucketaccesses/status"
    - "bucketclaims/status"
    - "bucketaccessclasses/status"
  verbs:
    - "get"
    - "list"
    - "watch"
    - "update"
    - "create"
    - "delete"
 - apiGroups: ["coordination.k8s.io"]
  resources: ["leases"]
  verbs:
    - "get"
    - "watch"
    - "list"
    - "delete"
    - "update"
    - "create"
 - apiGroups: [""]
  resources:
    - "secrets"
    - "events"
  verbs:
    - "get"
    - "delete"
    - "update"
    - "create"
 ---
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
  name: {{ include "s3gw-cosi.ClusterRoleBindingName" . }}
  labels:
 {{ include "s3gw.labels" . | indent 4 }}
 subjects:
  - kind: ServiceAccount
    name: {{ include "s3gw-cosi.ServiceAccountName" . }}
    namespace: {{ .Release.Namespace }}
 roleRef:
  kind: ClusterRole
  name: {{ include "s3gw-cosi.ClusterRoleName" . }}
  apiGroup: rbac.authorization.k8s.io
 {{- end }}
--- a/charts/aquarist-labs/s3gw/templates/cosi-sa.yaml
+++ b/charts/aquarist-labs/s3gw/templates/cosi-sa.yaml
@ -0,0 +1,10 @@
 {{- if .Values.cosi.enabled }}
 ---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: {{ include "s3gw-cosi.ServiceAccountName" . }}
  namespace: {{ .Release.Namespace }}
  labels:
 {{ include "s3gw.labels" . | indent 4 }}
 {{- end }}
--- a/charts/aquarist-labs/s3gw/templates/deployment.yaml
+++ b/charts/aquarist-labs/s3gw/templates/deployment.yaml
@ -2,7 +2,7 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: {{ .Chart.Name }}
+  name: {{ .Release.Name }}
  namespace: {{ .Release.Namespace }}
  labels:
 {{ include "s3gw.labels" . | indent 4 }}
@ -20,19 +20,19 @@ spec:
    spec:
 {{- if .Values.imageCredentials }}
      imagePullSecrets:
-        - name: {{ .Chart.Name }}-image-pull-secret
+        - name: {{ .Release.Name }}-image-pull-secret
 {{- end }}
      containers:
-        - name: {{ .Chart.Name }}
+        - name: {{ .Release.Name }}
          image: {{ include "s3gw.image" . | quote }}
          imagePullPolicy: {{ default "IfNotPresent" .Values.imagePullPolicy }}
          args:
            - "--rgw-dns-name"
 {{- if .Values.ingress.enabled }}
-            - {{ .Values.serviceName }}.{{ .Values.publicDomain }},
+            - {{ include "s3gw.serviceName" . }}.{{ .Values.publicDomain }},
-              {{ .Values.serviceName }}.{{ .Release.Namespace }}.{{ .Values.privateDomain }}
+              {{ include "s3gw.serviceName" . }}.{{ .Release.Namespace }}.{{ .Values.privateDomain }}
 {{- else}}
-            - {{ .Values.serviceName }}.{{ .Release.Namespace }}.{{ .Values.privateDomain }}
+            - {{ include "s3gw.serviceName" . }}.{{ .Release.Namespace }}.{{ .Values.privateDomain }}
 {{- end }}
            - "--rgw-backend-store"
            - sfs
@ -70,7 +70,7 @@ spec:
 {{ end }}
          envFrom:
            - secretRef:
-                name: {{ .Values.defaultUserCredentialsSecret }}
+                name: {{ include "s3gw.defaultUserCredentialsSecret" . }}
          volumeMounts:
            - name: s3gw-lh-store
              mountPath: /data
@ -82,14 +82,14 @@ spec:
            claimName: {{ .Release.Name }}-pvc
        - name: s3gw-cluster-ip-tls
          secret:
-            secretName: s3gw-cluster-ip-tls
+            secretName: {{ .Release.Name }}-{{ .Release.Namespace }}-cluster-ip-tls
            optional: false
 {{- if .Values.ui.enabled }}
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: '{{ .Chart.Name }}-ui'
+  name: '{{ .Release.Name }}-ui'
  namespace: {{ .Release.Namespace }}
  labels:
 {{ include "s3gw.labels" . | indent 4 }}
@ -106,7 +106,7 @@ spec:
    spec:
 {{- if .Values.imageCredentials }}
      imagePullSecrets:
-        - name: {{ .Chart.Name }}-image-pull-secret
+        - name: {{ .Release.Name }}-image-pull-secret
 {{- end }}
      containers:
        - name: s3gw-ui
@ -116,7 +116,7 @@ spec:
            - containerPort: 8080
          envFrom:
            - configMapRef:
-                name: s3gw-config
+                name: {{ include "s3gw.configMap" . }}
            - secretRef:
-                name: {{ .Values.defaultUserCredentialsSecret }}
+                name: {{ include "s3gw.defaultUserCredentialsSecret" . }}
 {{- end }}
--- a/charts/aquarist-labs/s3gw/templates/ingress-traefik.yaml
+++ b/charts/aquarist-labs/s3gw/templates/ingress-traefik.yaml
@ -4,40 +4,40 @@
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: '{{ .Chart.Name }}'
+  name: '{{ .Release.Name }}'
  namespace: {{ .Release.Namespace }}
  labels:
 {{ include "s3gw.labels" . | indent 4 }}
  annotations:
    traefik.ingress.kubernetes.io/router.tls: "true"
    traefik.ingress.kubernetes.io/router.middlewares:
-      '{{ .Release.Namespace }}-cors-header@kubernetescrd'
+      '{{ .Release.Namespace }}-{{ include "s3gw.CORSMiddlewareName" . }}@kubernetescrd'
    cert-manager.io/cluster-issuer: {{ default .Values.tlsIssuer .Values.customTlsIssuer | quote }}
 spec:
  tls:
    - hosts:
-        - '{{ .Values.serviceName }}.{{ .Values.publicDomain }}'
+        - '{{ include "s3gw.serviceName" . }}.{{ .Values.publicDomain }}'
-        - '*.{{ .Values.serviceName }}.{{ .Values.publicDomain }}'
+        - '*.{{ include "s3gw.serviceName" . }}.{{ .Values.publicDomain }}'
      secretName: s3gw-ingress-tls
  rules:
-    - host: '{{ .Values.serviceName }}.{{ .Values.publicDomain }}'
+    - host: '{{ include "s3gw.serviceName" . }}.{{ .Values.publicDomain }}'
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
-                name: '{{ .Values.serviceName }}'
+                name: '{{ include "s3gw.serviceName" . }}'
                port:
                  number: 80
-    - host: '*.{{ .Values.serviceName }}.{{ .Values.publicDomain }}'
+    - host: '*.{{ include "s3gw.serviceName" . }}.{{ .Values.publicDomain }}'
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
-                name: '{{ .Values.serviceName }}'
+                name: '{{ include "s3gw.serviceName" . }}'
                port:
                  number: 80
 ---
@ -45,33 +45,33 @@ spec:
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: '{{ .Chart.Name }}-no-tls'
+  name: '{{ .Release.Name }}-no-tls'
  namespace: {{ .Release.Namespace }}
  labels:
 {{ include "s3gw.labels" . | indent 4 }}
  annotations:
    traefik.ingress.kubernetes.io/router.middlewares:
-      '{{ .Release.Namespace }}-cors-header@kubernetescrd'
+      '{{ .Release.Namespace }}-{{ include "s3gw.CORSMiddlewareName" . }}@kubernetescrd'
 spec:
  rules:
-    - host: '{{ .Values.serviceName }}.{{ .Values.publicDomain }}'
+    - host: '{{ include "s3gw.serviceName" . }}.{{ .Values.publicDomain }}'
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
-                name: '{{ .Values.serviceName }}'
+                name: '{{ include "s3gw.serviceName" . }}'
                port:
                  number: 80
-    - host: '*.{{ .Values.serviceName }}.{{ .Values.publicDomain }}'
+    - host: '*.{{ include "s3gw.serviceName" . }}.{{ .Values.publicDomain }}'
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
-                name: '{{ .Values.serviceName }}'
+                name: '{{ include "s3gw.serviceName" . }}'
                port:
                  number: 80
 {{- if .Values.ui.enabled }}
@ -80,29 +80,29 @@ spec:
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: '{{ .Chart.Name }}-ui'
+  name: '{{ .Release.Name }}-ui'
  namespace: {{ .Release.Namespace }}
  labels:
 {{ include "s3gw.labels" . | indent 4 }}
  annotations:
    traefik.ingress.kubernetes.io/router.tls: "true"
    traefik.ingress.kubernetes.io/router.middlewares:
-      '{{ .Release.Namespace }}-cors-header@kubernetescrd'
+      '{{ .Release.Namespace }}-{{ include "s3gw.CORSMiddlewareName" . }}@kubernetescrd'
    cert-manager.io/cluster-issuer: {{ default .Values.tlsIssuer .Values.customTlsIssuer | quote }}
 spec:
  tls:
    - hosts:
-        - '{{ .Values.ui.serviceName }}.{{ .Values.ui.publicDomain }}'
+        - '{{ include "s3gw.uiServiceName" . }}.{{ .Values.ui.publicDomain }}'
      secretName: s3gw-ui-ingress-tls
  rules:
-    - host: '{{ .Values.ui.serviceName }}.{{ .Values.ui.publicDomain }}'
+    - host: '{{ include "s3gw.uiServiceName" . }}.{{ .Values.ui.publicDomain }}'
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
-                name: '{{ .Values.ui.serviceName }}'
+                name: '{{ include "s3gw.uiServiceName" . }}'
                port:
                  number: 80
 ---
@ -110,23 +110,23 @@ spec:
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: '{{ .Chart.Name }}-ui-no-tls'
+  name: '{{ .Release.Name }}-ui-no-tls'
  namespace: {{ .Release.Namespace }}
  labels:
 {{ include "s3gw.labels" . | indent 4 }}
  annotations:
    traefik.ingress.kubernetes.io/router.middlewares:
-      '{{ .Release.Namespace }}-cors-header@kubernetescrd'
+      '{{ .Release.Namespace }}-{{ include "s3gw.CORSMiddlewareName" . }}@kubernetescrd'
 spec:
  rules:
-    - host: '{{ .Values.ui.serviceName }}.{{ .Values.ui.publicDomain }}'
+    - host: '{{ include "s3gw.uiServiceName" . }}.{{ .Values.ui.publicDomain }}'
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
-                name: '{{ .Values.ui.serviceName }}'
+                name: '{{ include "s3gw.uiServiceName" . }}'
                port:
                  number: 80
 {{- end }}
@ -135,7 +135,7 @@ spec:
 apiVersion: traefik.containo.us/v1alpha1
 kind: Middleware
 metadata:
-  name: cors-header
+  name: {{ include "s3gw.CORSMiddlewareName" . }}
  namespace: {{ .Release.Namespace }}
  labels:
 {{ include "s3gw.labels" . | indent 4 }}
--- a/charts/aquarist-labs/s3gw/templates/secret.yaml
+++ b/charts/aquarist-labs/s3gw/templates/secret.yaml
@ -3,7 +3,7 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: '{{ .Values.defaultUserCredentialsSecret }}'
+  name: {{ include "s3gw.defaultUserCredentialsSecret" . }}
  namespace: {{ .Release.Namespace }}
  labels:
 {{ include "s3gw.labels" . | indent 4 }}
@ -17,7 +17,7 @@ stringData:
 apiVersion: v1
 kind: Secret
 metadata:
-  name: '{{ .Chart.Name }}-image-pull-secret'
+  name: '{{ .Release.Name }}-image-pull-secret'
  namespace: {{ .Release.Namespace }}
  labels:
 {{ include "s3gw.labels" . | indent 4 }}
--- a/charts/aquarist-labs/s3gw/templates/service.yaml
+++ b/charts/aquarist-labs/s3gw/templates/service.yaml
@ -2,7 +2,7 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: '{{ .Values.serviceName }}'
+  name: '{{ include "s3gw.serviceName" . }}'
  namespace: {{ .Release.Namespace }}
  labels:
 {{ include "s3gw.labels" . | indent 4 }}
@ -23,7 +23,7 @@ spec:
 apiVersion: v1
 kind: Service
 metadata:
-  name: '{{ .Values.ui.serviceName }}'
+  name: '{{ include "s3gw.uiServiceName" . }}'
  namespace: {{ .Release.Namespace }}
  labels:
 {{ include "s3gw.labels" . | indent 4 }}
--- a/charts/aquarist-labs/s3gw/templates/storage.yaml
+++ b/charts/aquarist-labs/s3gw/templates/storage.yaml
@ -19,7 +19,6 @@ apiVersion: storage.k8s.io/v1
 kind: StorageClass
 metadata:
  name: {{ .Values.storageClass.name }}
  namespace: {{ .Release.Namespace }}
  labels:
 {{ include "s3gw.labels" . | indent 4 }}
 volumeBindingMode: Immediate
--- a/charts/aquarist-labs/s3gw/templates/tests/smoke-bucket-create.yaml
+++ b/charts/aquarist-labs/s3gw/templates/tests/smoke-bucket-create.yaml
@ -2,7 +2,7 @@
 apiVersion: batch/v1
 kind: Job
 metadata:
-  name: 'smoke-{{ .Chart.Name }}-bucket-create'
+  name: 'smoke-{{ .Release.Name }}-bucket-create'
  namespace: '{{ .Release.Namespace }}'
  annotations:
    helm.sh/hook: test
@ -27,6 +27,6 @@ spec:
              value: {{ .Values.secretKey | quote }}
            - name: S3_HOSTNAME
              value:
-                '{{ .Values.serviceName }}.{{ .Release.Namespace }}.{{ .Values.privateDomain }}'
+                '{{ include "s3gw.serviceName" . }}.{{ .Release.Namespace }}.{{ .Values.privateDomain }}'
      restartPolicy: Never
  backoffLimit: 3
--- a/charts/aquarist-labs/s3gw/templates/tls-issuer.yaml
+++ b/charts/aquarist-labs/s3gw/templates/tls-issuer.yaml
@ -4,7 +4,7 @@
 apiVersion: cert-manager.io/v1
 kind: ClusterIssuer
 metadata:
-  name: s3gw-self-signed-issuer
+  name: {{ .Release.Name }}-{{ .Release.Namespace }}-self-signed-issuer
  labels:
 {{ include "s3gw.labels" . | indent 4}}
 spec:
@ -14,18 +14,18 @@ spec:
 apiVersion: cert-manager.io/v1
 kind: ClusterIssuer
 metadata:
-  name: s3gw-issuer
+  name: {{ .Release.Name }}-{{ .Release.Namespace }}-issuer
  labels:
 {{ include "s3gw.labels" . | indent 4}}
 spec:
  ca:
-    secretName: s3gw-ca-root
+    secretName: {{ .Release.Name }}-{{ .Release.Namespace }}-ca-root
 ---
 # Let's encrypt production issuer
 apiVersion: cert-manager.io/v1
 kind: ClusterIssuer
 metadata:
-  name: s3gw-letsencrypt-issuer
+  name: {{ .Release.Name }}-{{ .Release.Namespace }}-letsencrypt-issuer
  labels:
 {{ include "s3gw.labels" . | indent 4}}
 spec:
@ -33,7 +33,7 @@ spec:
    email: {{ .Values.email }}
    preferredChain: ""
    privateKeySecretRef:
-      name: s3gw-letsencrypt
+      name: {{ .Release.Name }}-{{ .Release.Namespace }}-letsencrypt
    server: https://acme-v02.api.letsencrypt.org/directory
    solvers:
    - http01:
--- a/charts/aquarist-labs/s3gw/templates/tls-secret.yaml
+++ b/charts/aquarist-labs/s3gw/templates/tls-secret.yaml
@ -3,7 +3,7 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: s3gw-ingress-tls
+  name: {{ .Release.Name }}-{{ .Release.Namespace }}-ingress-tls
  namespace: {{ .Release.Namespace }}
  labels:
 {{ include "s3gw.labels" . | indent 4 }}
@ -17,7 +17,7 @@ data:
 apiVersion: v1
 kind: Secret
 metadata:
-  name: s3gw-cluster-ip-tls
+  name: {{ .Release.Name }}-{{ .Release.Namespace }}-cluster-ip-tls
  namespace: {{ .Release.Namespace }}
  labels:
 {{ include "s3gw.labels" . | indent 4 }}
@ -32,7 +32,7 @@ data:
 apiVersion: v1
 kind: Secret
 metadata:
-  name: s3gw-ui-ingress-tls
+  name: {{ .Release.Name }}-{{ .Release.Namespace }}-ui-ingress-tls
  namespace: {{ .Release.Namespace }}
  labels:
 {{ include "s3gw.labels" . | indent 4 }}
--- a/charts/aquarist-labs/s3gw/values.yaml
+++ b/charts/aquarist-labs/s3gw/values.yaml
@ -45,7 +45,7 @@ ui:
  # 'enabled' will deploy the S3GW user interface if set to `true`.
  enabled: true
  # 'serviceName' is the service name of the S3GW user interface.
-  serviceName: "s3gw-ui"
+  serviceName: ""
  # 'publicDomain' is the public domain of the UI Service used by the Ingress.
  publicDomain: ""
@ -56,13 +56,13 @@ ui:
 # S3 Service
 #
 # 'serviceName' is the service name of S3GW.
-serviceName: "s3gw"
+serviceName: ""
 # 'useExistingSecret' use an existing secret containing the S3 credentials
 # for the default user
 useExistingSecret: false
 # 'defaultUserCredentialsSecret' the name of the secret containing
 # the S3 Access Key and the S3 Secret Key for the default user.
-defaultUserCredentialsSecret: "s3gw-creds"
+defaultUserCredentialsSecret: ""
 # 'accessKey' is the S3 Access Key; the value is used when
 # `useExistingSecret: false`.
 # Set this as the empty string to make the Chart to compute a random
@ -82,10 +82,15 @@ privateDomain: "svc.cluster.local"
 # Backing storage.
 # Name the storage class to use. If create is true, an opinionated storage class
 # will be created. This assumes the Longhorn storage driver is installed.
 #
 # By specifying storageClass.name = "" and storageClass.create = false the chart
 # uses the cluster's default storage class.
 # This is the chart's default behavior.
 #
 storageSize: 10Gi
 storageClass:
-  name: "longhorn-single"
+  name:
-  create: true
+  create: false
 # For testing only:
 #  local: false
 #  localPath: /var/lib/local-storage
@ -146,3 +151,82 @@ rgwCustomArgs: []
 #   - ENV_3
 #
 rgwCustomEnvs: []
 # --- Container Object Storage Interface (COSI) configuration ---
 #
 # !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 # WARNING: Be advised that COSI standard is currently in **alpha** state.
 # The COSI implementation provided by s3gw is considered an experimental feature
 # and changes to the COSI standard are expected in this phase.
 # The s3gw team does not control the upstream development of COSI.
 #
 # Additional information on COSI can be found here:
 # - https://github.com/kubernetes-sigs/container-object-storage-interface-spec
 # - https://github.com/kubernetes/enhancements/blob/master/keps/sig-storage/1979-object-storage-support/README.md
 # !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 #
 # If you are going to use COSI, ensure some resources are pre-deployed on the cluster:
 #
 #   1) COSI CRDs
 #
 #      To deploy COSI CRDs, run:
 #      $ kubectl create -k github.com/kubernetes-sigs/container-object-storage-interface-api
 #
 #   2) COSI Controller
 #
 #      To deploy COSI Controller, run:
 #      $ kubectl create -k github.com/kubernetes-sigs/container-object-storage-interface-controller
 #
 # COSI support is disabled by default in s3gw.
 # To enable it, set cosi.enabled: true.
 #
 # Normally, you don't need to change the chart's defaults for the COSI related fields.
 # However, the following fields can be customized:
 #
 #  - cosi.driver.imageName: it specifies a custom image name for the COSI driver.
 #                           Default: s3gw-cosi-driver
 #
 #  - cosi.driver.imageTag: it specifies a custom image tag for the COSI driver.
 #                          Default: the current chart version.
 #
 #  - cosi.driver.imageRegistry: it specifies a custom image registry for the COSI driver.
 #                               Default: quay.io/s3gw
 #
 #  - cosi.driver.imagePullPolicy: it specifies the pull policy for the COSI driver.
 #                                 Default: IfNotPresent
 #
 #  - cosi.driver.name: it specifies the name of the COSI driver.
 #                      Default: {Release.Name}.{Release.Namespace}.objectstorage.k8s.io
 #
 #  - cosi.sidecar.imageName: it specifies a custom image name for the COSI sidecar.
 #                            Default: s3gw-cosi-sidecar
 #
 #  - cosi.sidecar.imageTag: it specifies a custom image tag for the COSI sidecar.
 #                           Default: the current chart version.
 #
 #  - cosi.sidecar.imageRegistry: it specifies a custom image registry for the COSI sidecar.
 #                                Default: quay.io/s3gw
 #
 #  - cosi.sidecar.imagePullPolicy: it specifies the pull policy for the COSI sidecar.
 #                                  Default: IfNotPresent
 #
 #  - cosi.sidecar.logLevel: it specifies the log verbosity of the COSI sidecar.
 #                           Higher values are more verbose.
 #                           Default: 5
 #
 cosi:
  enabled: false
  driver:
    imageName:
    imageTag:
    imageRegistry:
    imagePullPolicy:
    name:
  sidecar:
    imageName:
    imageTag:
    imageRegistry:
    imagePullPolicy:
    logLevel: "5"
--- a/charts/argo/argo-cd/Chart.yaml
+++ b/charts/argo/argo-cd/Chart.yaml
@ -1,7 +1,7 @@
 annotations:
  artifacthub.io/changes: |
    - kind: added
-      description: Introduce chart signing
+      description: Ability to add additional labels to all CRDs via .Values.crds.additionalLabels
  artifacthub.io/signKey: |
    fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
    url: https://argoproj.github.io/argo-helm/pgp_keys.asc
@ -32,4 +32,4 @@ name: argo-cd
 sources:
 - https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd
 - https://github.com/argoproj/argo-cd
-version: 5.32.2
+version: 5.33.1
--- a/charts/argo/argo-cd/README.md
+++ b/charts/argo/argo-cd/README.md
@ -379,6 +379,7 @@ NAME: my-release
 | apiVersionOverrides.autoscaling | string | `""` | String to override apiVersion of autoscaling rendered by this helm chart |
 | apiVersionOverrides.certmanager | string | `""` | String to override apiVersion of cert-manager resources rendered by this helm chart |
 | apiVersionOverrides.cloudgoogle | string | `""` | String to override apiVersion of GKE resources rendered by this helm chart |
 | crds.additionalLabels | object | `{}` | Addtional labels to be added to all CRDs |
 | crds.annotations | object | `{}` | Annotations to be added to all CRDs |
 | crds.install | bool | `true` | Install and upgrade CRDs |
 | crds.keep | bool | `true` | Keep CRDs on chart uninstall |
@ -394,6 +395,7 @@ NAME: my-release
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
 | global.addPrometheusAnnotations | bool | `false` | Add Prometheus scrape annotations to all metrics services. This can be used as an alternative to the ServiceMonitors. |
 | global.additionalLabels | object | `{}` | Common labels for the all resources |
 | global.affinity.nodeAffinity.matchExpressions | list | `[]` | Default match expressions for node affinity |
 | global.affinity.nodeAffinity.type | string | `"hard"` | Default node affinity rules. Either: `none`, `soft` or `hard` |
@ -513,9 +515,11 @@ NAME: my-release
 | controller.metrics.rules.selector | object | `{}` | PrometheusRule selector |
 | controller.metrics.rules.spec | list | `[]` | PrometheusRule.Spec for the application controller |
 | controller.metrics.service.annotations | object | `{}` | Metrics service annotations |
 | controller.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) |
 | controller.metrics.service.labels | object | `{}` | Metrics service labels |
 | controller.metrics.service.portName | string | `"http-metrics"` | Metrics service port name |
 | controller.metrics.service.servicePort | int | `8082` | Metrics service port |
 | controller.metrics.service.type | string | `"ClusterIP"` | Metrics service type |
 | controller.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels |
 | controller.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations |
 | controller.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor |
@ -597,9 +601,11 @@ NAME: my-release
 | repoServer.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
 | repoServer.metrics.enabled | bool | `false` | Deploy metrics service |
 | repoServer.metrics.service.annotations | object | `{}` | Metrics service annotations |
 | repoServer.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) |
 | repoServer.metrics.service.labels | object | `{}` | Metrics service labels |
 | repoServer.metrics.service.portName | string | `"http-metrics"` | Metrics service port name |
 | repoServer.metrics.service.servicePort | int | `8084` | Metrics service port |
 | repoServer.metrics.service.type | string | `"ClusterIP"` | Metrics service type |
 | repoServer.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels |
 | repoServer.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations |
 | repoServer.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor |
@ -731,9 +737,11 @@ NAME: my-release
 | server.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
 | server.metrics.enabled | bool | `false` | Deploy metrics service |
 | server.metrics.service.annotations | object | `{}` | Metrics service annotations |
 | server.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) |
 | server.metrics.service.labels | object | `{}` | Metrics service labels |
 | server.metrics.service.portName | string | `"http-metrics"` | Metrics service port name |
 | server.metrics.service.servicePort | int | `8083` | Metrics service port |
 | server.metrics.service.type | string | `"ClusterIP"` | Metrics service type |
 | server.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels |
 | server.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations |
 | server.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor |
@ -1044,9 +1052,11 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
 | applicationSet.livenessProbe.timeoutSeconds | int | `1` | Number of seconds after which the [probe] times out |
 | applicationSet.metrics.enabled | bool | `false` | Deploy metrics service |
 | applicationSet.metrics.service.annotations | object | `{}` | Metrics service annotations |
 | applicationSet.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) |
 | applicationSet.metrics.service.labels | object | `{}` | Metrics service labels |
 | applicationSet.metrics.service.portName | string | `"http-metrics"` | Metrics service port name |
 | applicationSet.metrics.service.servicePort | int | `8085` | Metrics service port |
 | applicationSet.metrics.service.type | string | `"ClusterIP"` | Metrics service type |
 | applicationSet.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels |
 | applicationSet.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations |
 | applicationSet.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor |
@ -1128,8 +1138,10 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
 | notifications.metrics.enabled | bool | `false` | Enables prometheus metrics server |
 | notifications.metrics.port | int | `9001` | Metrics port |
 | notifications.metrics.service.annotations | object | `{}` | Metrics service annotations |
 | notifications.metrics.service.clusterIP | string | `""` | Metrics service clusterIP. `None` makes a "headless service" (no virtual IP) |
 | notifications.metrics.service.labels | object | `{}` | Metrics service labels |
 | notifications.metrics.service.portName | string | `"http-metrics"` | Metrics service port name |
 | notifications.metrics.service.type | string | `"ClusterIP"` | Metrics service type |
 | notifications.metrics.serviceMonitor.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels |
 | notifications.metrics.serviceMonitor.annotations | object | `{}` | Prometheus ServiceMonitor annotations |
 | notifications.metrics.serviceMonitor.enabled | bool | `false` | Enable a prometheus ServiceMonitor |
--- a/charts/argo/argo-cd/templates/argocd-application-controller/metrics.yaml
+++ b/charts/argo/argo-cd/templates/argocd-application-controller/metrics.yaml
@ -9,13 +9,21 @@ metadata:
    {{- with .Values.controller.metrics.service.labels }}
      {{- toYaml . | nindent 4 }}
    {{- end }}
-  {{- with .Values.controller.metrics.service.annotations }}
+  {{- if or .Values.controller.metrics.service.annotations .Values.global.addPrometheusAnnotations }}
  annotations:
-    {{- range $key, $value := . }}
+    {{- if .Values.global.addPrometheusAnnotations }}
    prometheus.io/port: {{ .Values.controller.metrics.service.servicePort | quote }}
    prometheus.io/scrape: "true"
    {{- end }}
    {{- range $key, $value := .Values.controller.metrics.service.annotations }}
    {{ $key }}: {{ $value | quote }}
    {{- end }}
  {{- end }}
 spec:
  type: {{ .Values.controller.metrics.service.type }}
  {{- if and .Values.controller.metrics.service.clusterIP (eq .Values.controller.metrics.service.type "ClusterIP") }}
  clusterIP: {{ .Values.controller.metrics.service.clusterIP }}
  {{- end }}
  ports:
  - name: {{ .Values.controller.metrics.service.portName }}
    protocol: TCP
--- a/charts/argo/argo-cd/templates/argocd-applicationset/metrics.yaml
+++ b/charts/argo/argo-cd/templates/argocd-applicationset/metrics.yaml
@ -9,13 +9,21 @@ metadata:
    {{- with .Values.applicationSet.metrics.service.labels }}
      {{- toYaml . | nindent 4 }}
    {{- end }}
-  {{- with .Values.applicationSet.metrics.service.annotations }}
+  {{- if or .Values.applicationSet.metrics.service.annotations .Values.global.addPrometheusAnnotations }}
  annotations:
-    {{- range $key, $value := . }}
+    {{- if .Values.global.addPrometheusAnnotations }}
    prometheus.io/port: {{ .Values.applicationSet.metrics.service.servicePort | quote }}
    prometheus.io/scrape: "true"
    {{- end }}
    {{- range $key, $value := .Values.applicationSet.metrics.service.annotations }}
    {{ $key }}: {{ $value | quote }}
    {{- end }}
  {{- end }}
 spec:
  type: {{ .Values.applicationSet.metrics.service.type }}
  {{- if and .Values.applicationSet.metrics.service.clusterIP (eq .Values.applicationSet.metrics.service.type "ClusterIP") }}
  clusterIP: {{ .Values.applicationSet.metrics.service.clusterIP }}
  {{- end }}
  ports:
  - name:  {{ .Values.applicationSet.metrics.service.portName }}
    protocol: TCP
--- a/charts/argo/argo-cd/templates/argocd-notifications/metrics.yaml
+++ b/charts/argo/argo-cd/templates/argocd-notifications/metrics.yaml
@ -9,13 +9,21 @@ metadata:
    {{- with .Values.notifications.metrics.service.labels }}
      {{- toYaml . | nindent 4 }}
    {{- end }}
-  {{- with .Values.notifications.metrics.service.annotations }}
+  {{- if or .Values.notifications.metrics.service.annotations .Values.global.addPrometheusAnnotations }}
  annotations:
-    {{- range $key, $value := . }}
+    {{- if .Values.global.addPrometheusAnnotations }}
    prometheus.io/port: {{ .Values.notifications.metrics.port | quote }}
    prometheus.io/scrape: "true"
    {{- end }}
    {{- range $key, $value := .Values.notifications.metrics.service.annotations }}
    {{ $key }}: {{ $value | quote }}
    {{- end }}
  {{- end }}
 spec:
  type: {{ .Values.notifications.metrics.service.type }}
  {{- if and .Values.notifications.metrics.service.clusterIP (eq .Values.notifications.metrics.service.type "ClusterIP") }}
  clusterIP: {{ .Values.notifications.metrics.service.clusterIP }}
  {{- end }}
  selector:
    {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.notifications.name) | nindent 6 }}
  ports:
--- a/charts/argo/argo-cd/templates/argocd-repo-server/metrics.yaml
+++ b/charts/argo/argo-cd/templates/argocd-repo-server/metrics.yaml
@ -9,13 +9,21 @@ metadata:
    {{- with .Values.repoServer.metrics.service.labels }}
      {{- toYaml . | nindent 4 }}
    {{- end }}
-  {{- with .Values.repoServer.metrics.service.annotations }}
+  {{- if or .Values.repoServer.metrics.service.annotations .Values.global.addPrometheusAnnotations }}
  annotations:
-    {{- range $key, $value := . }}
+    {{- if .Values.global.addPrometheusAnnotations }}
    prometheus.io/port: {{ .Values.repoServer.metrics.service.servicePort | quote }}
    prometheus.io/scrape: "true"
    {{- end }}
    {{- range $key, $value := .Values.repoServer.metrics.service.annotations }}
    {{ $key }}: {{ $value | quote }}
    {{- end }}
  {{- end }}
 spec:
  type: {{ .Values.repoServer.metrics.service.type }}
  {{- if and .Values.repoServer.metrics.service.clusterIP (eq .Values.repoServer.metrics.service.type "ClusterIP") }}
  clusterIP: {{ .Values.repoServer.metrics.service.clusterIP }}
  {{- end }}
  ports:
  - name: {{ .Values.repoServer.metrics.service.portName }}
    protocol: TCP
--- a/charts/argo/argo-cd/templates/argocd-server/metrics.yaml
+++ b/charts/argo/argo-cd/templates/argocd-server/metrics.yaml
@ -9,13 +9,21 @@ metadata:
    {{- with .Values.server.metrics.service.labels }}
      {{- toYaml . | nindent 4 }}
    {{- end }}
-  {{- with .Values.server.metrics.service.annotations }}
+  {{- if or .Values.server.metrics.service.annotations .Values.global.addPrometheusAnnotations }}
  annotations:
-    {{- range $key, $value := . }}
+    {{- if .Values.global.addPrometheusAnnotations }}
    prometheus.io/port: {{ .Values.server.metrics.service.servicePort | quote }}
    prometheus.io/scrape: "true"
    {{- end }}
    {{- range $key, $value := .Values.server.metrics.service.annotations }}
    {{ $key }}: {{ $value | quote }}
    {{- end }}
  {{- end }}
 spec:
  type: {{ .Values.server.metrics.service.type }}
  {{- if and .Values.server.metrics.service.clusterIP (eq .Values.server.metrics.service.type "ClusterIP") }}
  clusterIP: {{ .Values.server.metrics.service.clusterIP }}
  {{- end }}
  ports:
  - name: {{ .Values.server.metrics.service.portName }}
    protocol: TCP
--- a/charts/argo/argo-cd/templates/crds/crd-application.yaml
+++ b/charts/argo/argo-cd/templates/crds/crd-application.yaml
@ -12,6 +12,9 @@ metadata:
  labels:
    app.kubernetes.io/name: applications.argoproj.io
    app.kubernetes.io/part-of: argocd
    {{- with .Values.crds.additionalLabels }}
      {{- toYaml . | nindent 4}}
    {{- end }}
  name: applications.argoproj.io
 spec:
  group: argoproj.io
--- a/charts/argo/argo-cd/templates/crds/crd-applicationset.yaml
+++ b/charts/argo/argo-cd/templates/crds/crd-applicationset.yaml
@ -12,6 +12,9 @@ metadata:
  labels:
    app.kubernetes.io/name: applicationsets.argoproj.io
    app.kubernetes.io/part-of: argocd
    {{- with .Values.crds.additionalLabels }}
      {{- toYaml . | nindent 4}}
    {{- end }}
  name: applicationsets.argoproj.io
 spec:
  group: argoproj.io
--- a/charts/argo/argo-cd/templates/crds/crd-extension.yaml
+++ b/charts/argo/argo-cd/templates/crds/crd-extension.yaml
@ -13,6 +13,9 @@ metadata:
  labels:
    app.kubernetes.io/name: argocdextensions.argoproj.io
    app.kubernetes.io/part-of: argocd
    {{- with .Values.crds.additionalLabels }}
      {{- toYaml . | nindent 4}}
    {{- end }} 
  name: argocdextensions.argoproj.io
 spec:
  group: argoproj.io
--- a/charts/argo/argo-cd/templates/crds/crd-project.yaml
+++ b/charts/argo/argo-cd/templates/crds/crd-project.yaml
@ -12,6 +12,9 @@ metadata:
  labels:
    app.kubernetes.io/name: appprojects.argoproj.io
    app.kubernetes.io/part-of: argocd
    {{- with .Values.crds.additionalLabels }}
      {{- toYaml . | nindent 4}}
    {{- end }} 
  name: appprojects.argoproj.io
 spec:
  group: argoproj.io
--- a/charts/argo/argo-cd/templates/redis/metrics.yaml
+++ b/charts/argo/argo-cd/templates/redis/metrics.yaml
@ -10,16 +10,20 @@ metadata:
    {{- with .Values.redis.metrics.service.labels }}
      {{- toYaml . | nindent 4 }}
    {{- end }}
-  {{- with .Values.redis.metrics.service.annotations }}
+  {{- if or .Values.redis.metrics.service.annotations .Values.global.addPrometheusAnnotations }}
  annotations:
-    {{- range $key, $value := . }}
+    {{- if .Values.global.addPrometheusAnnotations }}
    prometheus.io/port: {{ .Values.redis.metrics.service.servicePort | quote }}
    prometheus.io/scrape: "true"
    {{- end }}
    {{- range $key, $value := .Values.redis.metrics.service.annotations }}
    {{ $key }}: {{ $value | quote }}
    {{- end }}
  {{- end }}
 spec:
  type: {{ .Values.redis.metrics.service.type }}
-  {{- with .Values.redis.metrics.service.clusterIP }}
+  {{- if and .Values.redis.metrics.service.clusterIP (eq .Values.redis.metrics.service.type "ClusterIP") }}
-  clusterIP: {{ . }}
+  clusterIP: {{ .Values.redis.metrics.service.clusterIP }}
  {{- end }}
  ports:
    - name: {{ .Values.redis.metrics.service.portName }}
--- a/charts/argo/argo-cd/values.yaml
+++ b/charts/argo/argo-cd/values.yaml
@ -38,6 +38,8 @@ crds:
  keep: true
  # -- Annotations to be added to all CRDs
  annotations: {}
  # -- Addtional labels to be added to all CRDs
  additionalLabels: {}
 ## Globally shared configuration
 global:
@ -79,6 +81,9 @@ global:
  # -- Labels for the all deployed pods
  podLabels: {}
  # -- Add Prometheus scrape annotations to all metrics services. This can be used as an alternative to the ServiceMonitors.
  addPrometheusAnnotations: false
  # -- Toggle and define pod-level security context.
  # @default -- `{}` (See [values.yaml])
  securityContext: {}
@ -762,6 +767,10 @@ controller:
      # -- Additional labels
      labels: []
    service:
      # -- Metrics service type
      type: ClusterIP
      # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP)
      clusterIP: ""
      # -- Metrics service annotations
      annotations: {}
      # -- Metrics service labels
@ -1773,6 +1782,10 @@ server:
    # -- Deploy metrics service
    enabled: false
    service:
      # -- Metrics service type
      type: ClusterIP
      # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP)
      clusterIP: ""
      # -- Metrics service annotations
      annotations: {}
      # -- Metrics service labels
@ -2241,6 +2254,10 @@ repoServer:
    # -- Deploy metrics service
    enabled: false
    service:
      # -- Metrics service type
      type: ClusterIP
      # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP)
      clusterIP: ""
      # -- Metrics service annotations
      annotations: {}
      # -- Metrics service labels
@ -2394,6 +2411,10 @@ applicationSet:
    # -- Deploy metrics service
    enabled: false
    service:
      # -- Metrics service type
      type: ClusterIP
      # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP)
      clusterIP: ""
      # -- Metrics service annotations
      annotations: {}
      # -- Metrics service labels
@ -2715,6 +2736,10 @@ notifications:
    # -- Metrics port
    port: 9001
    service:
      # -- Metrics service type
      type: ClusterIP
      # -- Metrics service clusterIP. `None` makes a "headless service" (no virtual IP)
      clusterIP: ""
      # -- Metrics service annotations
      annotations: {}
      # -- Metrics service labels
--- a/charts/bitnami/mariadb/Chart.yaml
+++ b/charts/bitnami/mariadb/Chart.yaml
@ -6,7 +6,7 @@ annotations:
  category: Database
  licenses: Apache-2.0
 apiVersion: v2
-appVersion: 10.11.2
+appVersion: 10.11.3
 dependencies:
 - name: common
  repository: file://./charts/common
@ -16,7 +16,7 @@ dependencies:
 description: MariaDB is an open source, community-developed SQL database server that
  is widely in use around the world due to its enterprise features, flexibility, and
  collaboration with leading tech firms.
-home: https://github.com/bitnami/charts/tree/main/bitnami/mariadb
+home: https://bitnami.com
 icon: https://mariadb.com/wp-content/uploads/2019/11/mariadb-logo-vert_black-transparent.png
 keywords:
 - mariadb
@ -25,11 +25,9 @@ keywords:
 - sql
 - prometheus
 maintainers:
- name: Bitnami
+- name: VMware, Inc.
  url: https://github.com/bitnami/charts
 name: mariadb
 sources:
- https://github.com/bitnami/containers/tree/main/bitnami/mariadb
+- https://github.com/bitnami/charts/tree/main/bitnami/mariadb
- https://github.com/prometheus/mysqld_exporter
+version: 12.2.3
 - https://mariadb.org
 version: 12.1.6
--- a/charts/bitnami/mariadb/README.md
+++ b/charts/bitnami/mariadb/README.md
@ -81,10 +81,10 @@ The command removes all the Kubernetes components associated with the chart and
 ### MariaDB common parameters
 | Name                       | Description                                                                                                                                                                                                                                                                   | Value                  |
-| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------- |
+| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- |
 | `image.registry`           | MariaDB image registry                                                                                                                                                                                                                                                        | `docker.io`            |
 | `image.repository`         | MariaDB image repository                                                                                                                                                                                                                                                      | `bitnami/mariadb`      |
-| `image.tag`                | MariaDB image tag (immutable tags are recommended)                                                                                                                                                                                                                            | `10.11.2-debian-11-r24` |
+| `image.tag`                | MariaDB image tag (immutable tags are recommended)                                                                                                                                                                                                                            | `10.11.3-debian-11-r1` |
 | `image.digest`             | MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag                                                                                                                                                                       | `""`                   |
 | `image.pullPolicy`         | MariaDB image pull policy                                                                                                                                                                                                                                                     | `IfNotPresent`         |
 | `image.pullSecrets`        | Specify docker-registry secret names as an array                                                                                                                                                                                                                              | `[]`                   |
--- a/charts/bitnami/mariadb/templates/secrets.yaml
+++ b/charts/bitnami/mariadb/templates/secrets.yaml
@ -2,8 +2,10 @@
 {{- $port := print .Values.primary.service.ports.mysql }}
 {{- $rootPassword := include "common.secrets.passwords.manage" ( dict "secret" ( include "mariadb.secretName" . ) "key" "mariadb-root-password" "providedValues" ( list "auth.rootPassword" ) "context" $ ) | trimAll "\"" | b64dec }}
 {{- $password := .Values.auth.password }}
-{{- if eq (include "mariadb.secret.existPassword" .) "true" }}
+{{- if and .Values.auth.username ( include "mariadb.secret.existPassword" . ) }}
-{{- $password := include "common.secrets.passwords.manage" (dict "secret" (include "mariadb.secretName" .) "key" "mariadb-password" "providedValues" (list "auth.password") "context" $) | trimAll "\"" | b64dec }}
+{{- $password = include "common.secrets.passwords.manage" ( dict "secret" ( include "mariadb.secretName" . ) "key" "mariadb-password" "providedValues" ( list "auth.password" ) "context" $ ) | trimAll "\"" | b64dec }}
 {{- else if ( and .Values.auth.username ( not .Values.auth.forcePassword ) ( empty .Values.auth.password ) ) }}
 {{- $password = randAlphaNum 10 }}
 {{- end }}
 {{- if eq ( include "mariadb.createSecret" . ) "true" }}
 apiVersion: v1
@ -25,7 +27,7 @@ data:
  {{- else }}
  mariadb-root-password: {{ required "A MariaDB Root Password is required!" .Values.auth.rootPassword | b64enc | quote }}
  {{- end }}
-  {{- if (not (empty .Values.auth.username)) }}
+  {{- if .Values.auth.username }}
  {{- if ( not .Values.auth.forcePassword ) }}
  mariadb-password: {{ print $password | b64enc | quote }}
  {{- else }}
@ -90,7 +92,7 @@ data:
  {{- if $database }}
  database: {{ print $database | b64enc | quote }}
  {{- end }}
-  {{- if and (.Values.auth.forcePassword) (empty $password) }}
+  {{- if and .Values.auth.forcePassword ( empty $password ) }}
  password: {{ required "A MariaDB Database Password is required!" $password | b64enc | quote }}
  {{- else }}
  password: {{ print $password | b64enc | quote }}
--- a/charts/bitnami/mariadb/values.yaml
+++ b/charts/bitnami/mariadb/values.yaml
@ -87,7 +87,7 @@ serviceBindings:
 image:
  registry: docker.io
  repository: bitnami/mariadb
-  tag: 10.11.2-debian-11-r24
+  tag: 10.11.3-debian-11-r1
  digest: ""
  ## Specify a imagePullPolicy
  ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
--- a/charts/bitnami/wordpress/Chart.lock
+++ b/charts/bitnami/wordpress/Chart.lock
@ -4,9 +4,9 @@ dependencies:
  version: 6.4.2
 - name: mariadb
  repository: oci://registry-1.docker.io/bitnamicharts
-  version: 12.1.6
+  version: 12.2.2
 - name: common
  repository: oci://registry-1.docker.io/bitnamicharts
  version: 2.2.5
-digest: sha256:6f26de206c1d79372b48cd8fb1e39b5edcd7ad599393ad1e5e72aab2342f4568
+digest: sha256:033438c997c901df94e343f56eab63fe55c9c2c71e0c04d9a95e2d27d60eb417
-generated: "2023-05-09T17:09:06.092220201Z"
+generated: "2023-05-11T19:30:55.4078027Z"
--- a/charts/bitnami/wordpress/Chart.yaml
+++ b/charts/bitnami/wordpress/Chart.yaml
@ -40,4 +40,4 @@ maintainers:
 name: wordpress
 sources:
 - https://github.com/bitnami/charts/tree/main/bitnami/wordpress
-version: 16.1.1
+version: 16.1.2
--- a/charts/bitnami/wordpress/README.md
+++ b/charts/bitnami/wordpress/README.md
@ -80,7 +80,7 @@ The command removes all the Kubernetes components associated with the chart and
 | ------------------- | --------------------------------------------------------------------------------------------------------- | --------------------- |
 | `image.registry`    | WordPress image registry                                                                                  | `docker.io`           |
 | `image.repository`  | WordPress image repository                                                                                | `bitnami/wordpress`   |
-| `image.tag`         | WordPress image tag (immutable tags are recommended)                                                      | `6.2.0-debian-11-r21` |
+| `image.tag`         | WordPress image tag (immutable tags are recommended)                                                      | `6.2.0-debian-11-r22` |
 | `image.digest`      | WordPress image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""`                  |
 | `image.pullPolicy`  | WordPress image pull policy                                                                               | `IfNotPresent`        |
 | `image.pullSecrets` | WordPress image pull secrets                                                                              | `[]`                  |
@ -246,7 +246,7 @@ The command removes all the Kubernetes components associated with the chart and
 | `volumePermissions.enabled`                            | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup`               | `false`                 |
 | `volumePermissions.image.registry`                     | Bitnami Shell image registry                                                                                  | `docker.io`             |
 | `volumePermissions.image.repository`                   | Bitnami Shell image repository                                                                                | `bitnami/bitnami-shell` |
-| `volumePermissions.image.tag`                          | Bitnami Shell image tag (immutable tags are recommended)                                                      | `11-debian-11-r114`     |
+| `volumePermissions.image.tag`                          | Bitnami Shell image tag (immutable tags are recommended)                                                      | `11-debian-11-r115`     |
 | `volumePermissions.image.digest`                       | Bitnami Shell image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""`                    |
 | `volumePermissions.image.pullPolicy`                   | Bitnami Shell image pull policy                                                                               | `IfNotPresent`          |
 | `volumePermissions.image.pullSecrets`                  | Bitnami Shell image pull secrets                                                                              | `[]`                    |
--- a/charts/bitnami/wordpress/charts/mariadb/Chart.yaml
+++ b/charts/bitnami/wordpress/charts/mariadb/Chart.yaml
@ -2,7 +2,7 @@ annotations:
  category: Database
  licenses: Apache-2.0
 apiVersion: v2
-appVersion: 10.11.2
+appVersion: 10.11.3
 dependencies:
 - name: common
  repository: oci://registry-1.docker.io/bitnamicharts
@ -12,7 +12,7 @@ dependencies:
 description: MariaDB is an open source, community-developed SQL database server that
  is widely in use around the world due to its enterprise features, flexibility, and
  collaboration with leading tech firms.
-home: https://github.com/bitnami/charts/tree/main/bitnami/mariadb
+home: https://bitnami.com
 icon: https://bitnami.com/assets/stacks/mariadb/img/mariadb-stack-220x234.png
 keywords:
 - mariadb
@ -21,11 +21,9 @@ keywords:
 - sql
 - prometheus
 maintainers:
- name: Bitnami
+- name: VMware, Inc.
  url: https://github.com/bitnami/charts
 name: mariadb
 sources:
- https://github.com/bitnami/containers/tree/main/bitnami/mariadb
+- https://github.com/bitnami/charts/tree/main/bitnami/mariadb
- https://github.com/prometheus/mysqld_exporter
+version: 12.2.2
 - https://mariadb.org
 version: 12.1.6
--- a/charts/bitnami/wordpress/charts/mariadb/README.md
+++ b/charts/bitnami/wordpress/charts/mariadb/README.md
@ -8,6 +8,8 @@ MariaDB is an open source, community-developed SQL database server that is widel
 Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.
 Looking to use MariaDB in production? Try [VMware Application Catalog](https://bitnami.com/enterprise), the enterprise edition of Bitnami Application Catalog.
 ## TL;DR
 ```console
@ -81,10 +83,10 @@ The command removes all the Kubernetes components associated with the chart and
 ### MariaDB common parameters
 | Name                       | Description                                                                                                                                                                                                                                                                   | Value                  |
-| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------- |
+| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- |
 | `image.registry`           | MariaDB image registry                                                                                                                                                                                                                                                        | `docker.io`            |
 | `image.repository`         | MariaDB image repository                                                                                                                                                                                                                                                      | `bitnami/mariadb`      |
-| `image.tag`                | MariaDB image tag (immutable tags are recommended)                                                                                                                                                                                                                            | `10.11.2-debian-11-r24` |
+| `image.tag`                | MariaDB image tag (immutable tags are recommended)                                                                                                                                                                                                                            | `10.11.3-debian-11-r0` |
 | `image.digest`             | MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag                                                                                                                                                                       | `""`                   |
 | `image.pullPolicy`         | MariaDB image pull policy                                                                                                                                                                                                                                                     | `IfNotPresent`         |
 | `image.pullSecrets`        | Specify docker-registry secret names as an array                                                                                                                                                                                                                              | `[]`                   |
--- a/charts/bitnami/wordpress/charts/mariadb/templates/secrets.yaml
+++ b/charts/bitnami/wordpress/charts/mariadb/templates/secrets.yaml
@ -2,8 +2,10 @@
 {{- $port := print .Values.primary.service.ports.mysql }}
 {{- $rootPassword := include "common.secrets.passwords.manage" ( dict "secret" ( include "mariadb.secretName" . ) "key" "mariadb-root-password" "providedValues" ( list "auth.rootPassword" ) "context" $ ) | trimAll "\"" | b64dec }}
 {{- $password := .Values.auth.password }}
-{{- if eq (include "mariadb.secret.existPassword" .) "true" }}
+{{- if and .Values.auth.username ( include "mariadb.secret.existPassword" . ) }}
-{{- $password := include "common.secrets.passwords.manage" (dict "secret" (include "mariadb.secretName" .) "key" "mariadb-password" "providedValues" (list "auth.password") "context" $) | trimAll "\"" | b64dec }}
+{{- $password = include "common.secrets.passwords.manage" ( dict "secret" ( include "mariadb.secretName" . ) "key" "mariadb-password" "providedValues" ( list "auth.password" ) "context" $ ) | trimAll "\"" | b64dec }}
 {{- else if ( and .Values.auth.username ( not .Values.auth.forcePassword ) ( empty .Values.auth.password ) ) }}
 {{- $password = randAlphaNum 10 }}
 {{- end }}
 {{- if eq ( include "mariadb.createSecret" . ) "true" }}
 apiVersion: v1
@ -25,7 +27,7 @@ data:
  {{- else }}
  mariadb-root-password: {{ required "A MariaDB Root Password is required!" .Values.auth.rootPassword | b64enc | quote }}
  {{- end }}
-  {{- if (not (empty .Values.auth.username)) }}
+  {{- if .Values.auth.username }}
  {{- if ( not .Values.auth.forcePassword ) }}
  mariadb-password: {{ print $password | b64enc | quote }}
  {{- else }}
@ -90,7 +92,7 @@ data:
  {{- if $database }}
  database: {{ print $database | b64enc | quote }}
  {{- end }}
-  {{- if and (.Values.auth.forcePassword) (empty $password) }}
+  {{- if and .Values.auth.forcePassword ( empty $password ) }}
  password: {{ required "A MariaDB Database Password is required!" $password | b64enc | quote }}
  {{- else }}
  password: {{ print $password | b64enc | quote }}
--- a/charts/bitnami/wordpress/charts/mariadb/values.yaml
+++ b/charts/bitnami/wordpress/charts/mariadb/values.yaml
@ -87,7 +87,7 @@ serviceBindings:
 image:
  registry: docker.io
  repository: bitnami/mariadb
-  tag: 10.11.2-debian-11-r24
+  tag: 10.11.3-debian-11-r0
  digest: ""
  ## Specify a imagePullPolicy
  ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
--- a/charts/bitnami/wordpress/values.yaml
+++ b/charts/bitnami/wordpress/values.yaml
@ -73,7 +73,7 @@ diagnosticMode:
 image:
  registry: docker.io
  repository: bitnami/wordpress
-  tag: 6.2.0-debian-11-r21
+  tag: 6.2.0-debian-11-r22
  digest: ""
  ## Specify a imagePullPolicy
  ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -761,7 +761,7 @@ volumePermissions:
  image:
    registry: docker.io
    repository: bitnami/bitnami-shell
-    tag: 11-debian-11-r114
+    tag: 11-debian-11-r115
    digest: ""
    pullPolicy: IfNotPresent
    ## Optionally specify an array of imagePullSecrets.
--- a/charts/btp/chronicle/Chart.yaml
+++ b/charts/btp/chronicle/Chart.yaml
@ -3,7 +3,7 @@ annotations:
  catalog.cattle.io/display-name: Chronicle
  catalog.cattle.io/release-name: chronicle
 apiVersion: v2
-appVersion: 0.2.1
+appVersion: 0.6.2
 dependencies:
 - name: standard-defs
  repository: https://btp-charts-stable.s3.amazonaws.com/charts/
@ -22,4 +22,4 @@ keywords:
 - blockchain
 name: chronicle
 type: application
-version: 0.1.7
+version: 0.1.13
--- a/charts/btp/chronicle/README.md
+++ b/charts/btp/chronicle/README.md
@ -35,6 +35,7 @@
 | `tp.image.tag` | the image tag | BTP2.1.0 |
 | `tp.extraVolumes` | extra volumes declarations for the chronicle-tp deployment | list | nil
 | `tp.extraVolumeMounts` | extra volume mounts for chronicle-tp deployment | list | nil
 | `tp.resources` | resources | map | nil |
 | `tp.maxUnavailable` | maximum unavailable nodes during a rolling upgrade |
 | `tp.minReadySeconds` | minimum time before node becomes available |
 | `postgres.enabled` | if true create an internal postgres instance | boolean | true |
@ -47,7 +48,7 @@
 | `postgres.port` | port for the postgres database | int | 5432 |
 | `postgres.password` | password for the postgres database | string | "postgres" |
 | `postgres.existingPasswordSecret` | name of a secret containing the postgres password | string | nil |
-| `postgres.existingPasswordSecret` | name of the key in a secret containing the postgres password | string | password |
+| `postgres.existingPasswordSecret` | name of the key in a secret containing the postgres password | string | nil |
 | `postgres.tls` | postgres TLS configuration | string | nil |
 | `postgres.persistence` | postgres persistence settings | map | N/A |
 | `postgres.persistence.enabled` | if true allocate a PVC for the postgres instance | boolean | false |
@ -55,4 +56,5 @@
 | `postgres.persistence.accessModes` | postgres PVC access modes | list | [ "ReadWriteOnce" ] |
 | `postgres.persistence.storageClass` | postgres PVC storageClass | string | nil |
 | `postgres.persistence.size` | postgres PVC volume size | string | "40Gi" |
-| `postgres.resources` | UI resources | map | nil |
+| `postgres.resources` | resources | map | nil |
 | `resources` | resources | map | nil |
--- a/charts/btp/chronicle/app-readme.md
+++ b/charts/btp/chronicle/app-readme.md
@ -8,5 +8,5 @@ You can find example domains and further instructions at https://examples.btp.wo
 ## *Important*
-*As Chronicle uses Sawtooth as it backing ledger, a minimum of 4 nodes is required for deployment.*
+*As Chronicle uses Sawtooth as its backing ledger, a minimum of 4 nodes is required for deployment.*
 *This helm chart will deploy and configure a 4 node Sawtooth network on your target cluster, so less than 4 nodes will result in the deployment failing.*
--- a/charts/btp/chronicle/templates/chronicle-config.yaml
+++ b/charts/btp/chronicle/templates/chronicle-config.yaml
@ -10,7 +10,7 @@ data:
    path = "/var/lib/chronicle/secrets/"
    [store]
    path = "/var/lib/chronicle/store/"
-    address = "postgresql://postgres@localhost:5432/postgres"
+    address = "postgresql://{{ .Values.postgres.user }}@{{ .Values.postgres.host }}:5432/{{ .Values.postgres.database }}"
    [validator]
    address = "tcp://{{ include "chronicle.sawtooth.service" . }}:{{ include "chronicle.sawtooth.sawcomp" . }}"
    [namespace_bindings]
--- a/charts/btp/chronicle/templates/chronicle-secret-volume.yaml
+++ b/charts/btp/chronicle/templates/chronicle-secret-volume.yaml
@ -2,6 +2,8 @@ apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
  name: chronicle-secrets
  annotations:
    "helm.sh/resource-policy": keep
 spec:
  accessModes:
    - ReadWriteOnce
--- a/charts/btp/chronicle/templates/statefulset.yaml
+++ b/charts/btp/chronicle/templates/statefulset.yaml
@ -63,7 +63,7 @@ spec:
              valueFrom:
                secretKeyRef:
                  name: {{ .Values.postgres.existingPasswordSecret }}
-                  key: password
+                  key: {{ .Values.postgres.existingPasswordSecretKey }}
              {{- else }}
              value: {{ .Values.postgres.password }}
              {{- end }}
@ -80,14 +80,31 @@ spec:
          command: [ "bash", "-c"]
          args:
            - |
              echo "Waiting 20 seconds for postgres to start";
              sleep 20;
              /usr/local/bin/chronicle \
              -c /etc/chronicle/config/config.toml \
              --console-logging json \
              --sawtooth tcp://{{ include "chronicle.sawtooth.service" . }}:{{ include "chronicle.sawtooth.sawcomp" . }} \
-              serve-api --interface 0.0.0.0:{{ .Values.port}} {{ if .Values.webUi }} --open {{ end }}
+              --remote-database \
              --database-name {{ .Values.postgres.database }} \
              --database-username {{ .Values.postgres.user }} \
              --database-host {{ .Values.postgres.host }} \
              serve-graphql --interface 0.0.0.0:{{ .Values.port}} {{ if .Values.webUi }} --open {{ end }}
          env: {{ include "lib.safeToYaml" .Values.env | nindent 12 }}
            - name: RUST_LOG
              value: {{ .Values.logLevel }}
            - name: PGPASSWORD
              {{- if .Values.postgres.existingPasswordSecret }}
              valueFrom:
                secretKeyRef:
                  name: {{ .Values.postgres.existingPasswordSecret }}
                  key: {{ .Values.postgres.existingPasswordSecretKey }}
              {{- else }}
              value: {{ .Values.postgres.password }}
              {{- end }}
            {{- include "lib.safeToYaml" .Values.postgres.env | nindent 12 }}
          resources: {{- include "lib.safeToYaml" .Values.resources | nindent 12 }}
          volumeMounts:
            - name: chronicle-config
              mountPath: /etc/chronicle/config/
--- a/charts/btp/chronicle/values.yaml
+++ b/charts/btp/chronicle/values.yaml
@ -18,7 +18,7 @@ image:
  ## @md | `image.repository` | the repository of the image | blockchaintp/chronicle |
  repository: blockchaintp/chronicle-amd64
  ## @md | `image.tag`| the tag of the image to use | latest |
-  tag: BTP2.1.0-0.5.0
+  tag: BTP2.1.0-0.6.2
  ## @md | `image.pullPolicy` | the image pull policy to use | IfNotPresent |
  pullPolicy: IfNotPresent
@ -95,12 +95,12 @@ tp:
    ## @md | `tp.image.repository` | the image repository | blockchaintp/chronicle-tp |
    repository: blockchaintp/chronicle-tp-amd64
    ## @md | `tp.image.tag` | the image tag | BTP2.1.0 |
-    tag: BTP2.1.0-0.5.0
+    tag: BTP2.1.0-0.6.2
  ## @md | `tp.extraVolumes` | extra volumes declarations for the chronicle-tp deployment | list | nil
  extraVolumes:
  ## @md | `tp.extraVolumeMounts` | extra volume mounts for chronicle-tp deployment | list | nil
  extraVolumeMounts:
-
+  ## @md | `tp.resources` | resources | map | nil |
  resources:
  ## @md | `tp.maxUnavailable` | maximum unavailable nodes during a rolling upgrade |
  maxUnavailable: 1
@ -132,8 +132,8 @@ postgres:
  password: postgres
  ## @md | `postgres.existingPasswordSecret` | name of a secret containing the postgres password | string | nil |
  existingPasswordSecret:
-  ## @md | `postgres.existingPasswordSecret` | name of the key in a secret containing the postgres password | string | password |
+  ## @md | `postgres.existingPasswordSecret` | name of the key in a secret containing the postgres password | string | nil |
-  existingPasswordSecretKey: password
+  existingPasswordSecretKey:
  ## @md | `postgres.tls` | postgres TLS configuration | string | nil |
  tls:
  ## @md | `postgres.persistence` | postgres persistence settings | map | N/A |
@ -152,5 +152,8 @@ postgres:
    storageClass:
    ## @md | `postgres.persistence.size` | postgres PVC volume size | string | "40Gi" |
    size: "40Gi"
-  ## @md | `postgres.resources` | UI resources | map | nil |
+  ## @md | `postgres.resources` | resources | map | nil |
  resources:
 ## @md | `resources` | resources | map | nil |
 resources:
--- a/charts/gitlab/gitlab/CHANGELOG.md
+++ b/charts/gitlab/gitlab/CHANGELOG.md
@ -2,6 +2,10 @@
 documentation](doc/development/changelog.md) for instructions on adding your own
 entry.
 ## 6.11.3 (2023-05-10)
 No changes.
 ## 6.11.2 (2023-05-03)
 No changes.
--- a/charts/gitlab/gitlab/Chart.yaml
+++ b/charts/gitlab/gitlab/Chart.yaml
@ -3,7 +3,7 @@ annotations:
  catalog.cattle.io/display-name: GitLab
  catalog.cattle.io/release-name: gitlab
 apiVersion: v1
-appVersion: 15.11.2
+appVersion: 15.11.3
 description: The One DevOps Platform
 home: https://about.gitlab.com/
 icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.png
@ -15,4 +15,4 @@ maintainers:
 name: gitlab
 sources:
 - https://gitlab.com/gitlab-org/charts/gitlab
-version: 6.11.2
+version: 6.11.3
--- a/charts/gitlab/gitlab/charts/gitlab/charts/geo-logcursor/Chart.yaml
+++ b/charts/gitlab/gitlab/charts/gitlab/charts/geo-logcursor/Chart.yaml
@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: 15.11.2
+appVersion: 15.11.3
 description: GitLab Geo logcursor
 home: https://about.gitlab.com/
 icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -12,4 +12,4 @@ name: geo-logcursor
 sources:
 - https://gitlab.com/charts/gitlab/tree/master/charts/gitlab/charts/geo-logcursor
 - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-rails
-version: 6.11.2
+version: 6.11.3
--- a/charts/gitlab/gitlab/charts/gitlab/charts/gitaly/Chart.yaml
+++ b/charts/gitlab/gitlab/charts/gitlab/charts/gitaly/Chart.yaml
@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: 15.11.2
+appVersion: 15.11.3
 description: Git RPC service for handling all the git calls made by GitLab
 home: https://about.gitlab.com/
 icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -13,4 +13,4 @@ name: gitaly
 sources:
 - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitaly
 - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitaly
-version: 6.11.2
+version: 6.11.3
--- a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-exporter/Chart.yaml
+++ b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-exporter/Chart.yaml
@ -14,4 +14,4 @@ sources:
 - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-exporter
 - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-exporter
 - https://gitlab.com/gitlab-org/gitlab-exporter
-version: 6.11.2
+version: 6.11.3
--- a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-grafana/Chart.yaml
+++ b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-grafana/Chart.yaml
@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: 15.11.2
+appVersion: 15.11.3
 description: Adapt the Grafana chart to interface to the GitLab App
 home: https://about.gitlab.com/
 icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -13,4 +13,4 @@ name: gitlab-grafana
 sources:
 - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-grafana
 - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-grafana
-version: 6.11.2
+version: 6.11.3
--- a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-pages/Chart.yaml
+++ b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-pages/Chart.yaml
@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: 15.11.2
+appVersion: 15.11.3
 description: Daemon for serving static websites from GitLab projects
 home: https://about.gitlab.com/
 icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -14,4 +14,4 @@ sources:
 - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-pages
 - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-pages
 - https://gitlab.com/gitlab-org/gitlab-pages
-version: 6.11.2
+version: 6.11.3
--- a/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-shell/Chart.yaml
+++ b/charts/gitlab/gitlab/charts/gitlab/charts/gitlab-shell/Chart.yaml
@ -14,4 +14,4 @@ name: gitlab-shell
 sources:
 - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-shell
 - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-shell
-version: 6.11.2
+version: 6.11.3
--- a/charts/gitlab/gitlab/charts/gitlab/charts/kas/Chart.yaml
+++ b/charts/gitlab/gitlab/charts/gitlab/charts/kas/Chart.yaml
@ -17,4 +17,4 @@ name: kas
 sources:
 - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-kas
 - https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent
-version: 6.11.2
+version: 6.11.3
--- a/charts/gitlab/gitlab/charts/gitlab/charts/mailroom/Chart.yaml
+++ b/charts/gitlab/gitlab/charts/gitlab/charts/mailroom/Chart.yaml
@ -13,4 +13,4 @@ name: mailroom
 sources:
 - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/mailroom
 - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-mailroom
-version: 6.11.2
+version: 6.11.3
--- a/charts/gitlab/gitlab/charts/gitlab/charts/migrations/Chart.yaml
+++ b/charts/gitlab/gitlab/charts/gitlab/charts/migrations/Chart.yaml
@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: 15.11.2
+appVersion: 15.11.3
 description: Database migrations and other versioning tasks for upgrading Gitlab
 home: https://about.gitlab.com/
 icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -12,4 +12,4 @@ name: migrations
 sources:
 - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/migrations
 - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-rails
-version: 6.11.2
+version: 6.11.3
--- a/charts/gitlab/gitlab/charts/gitlab/charts/praefect/Chart.yaml
+++ b/charts/gitlab/gitlab/charts/gitlab/charts/praefect/Chart.yaml
@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: 15.11.2
+appVersion: 15.11.3
 description: Praefect is a router and transaction manager for Gitaly, and a required
  component for running a Gitaly Cluster.
 home: https://about.gitlab.com/
@ -16,4 +16,4 @@ sources:
 - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/praefect
 - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitaly
 - https://gitlab.com/gitlab-org/gitaly/-/tree/master/cmd/praefect
-version: 6.11.2
+version: 6.11.3
--- a/charts/gitlab/gitlab/charts/gitlab/charts/sidekiq/Chart.yaml
+++ b/charts/gitlab/gitlab/charts/gitlab/charts/sidekiq/Chart.yaml
@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: 15.11.2
+appVersion: 15.11.3
 description: Gitlab Sidekiq for asynchronous task processing in rails
 home: https://about.gitlab.com/
 icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -13,4 +13,4 @@ name: sidekiq
 sources:
 - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/sidekiq
 - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-sidekiq
-version: 6.11.2
+version: 6.11.3
--- a/charts/gitlab/gitlab/charts/gitlab/charts/spamcheck/Chart.yaml
+++ b/charts/gitlab/gitlab/charts/gitlab/charts/spamcheck/Chart.yaml
@ -14,4 +14,4 @@ name: spamcheck
 sources:
 - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/spamcheck
 - https://gitlab.com/gitlab-org/spamcheck
-version: 6.11.2
+version: 6.11.3
--- a/charts/gitlab/gitlab/charts/gitlab/charts/toolbox/Chart.yaml
+++ b/charts/gitlab/gitlab/charts/gitlab/charts/toolbox/Chart.yaml
@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: 15.11.2
+appVersion: 15.11.3
 description: For manually running rake tasks through kubectl
 home: https://about.gitlab.com/
 icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -13,4 +13,4 @@ name: toolbox
 sources:
 - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/toolbox
 - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-toolbox
-version: 6.11.2
+version: 6.11.3
--- a/charts/gitlab/gitlab/charts/gitlab/charts/webservice/Chart.yaml
+++ b/charts/gitlab/gitlab/charts/gitlab/charts/webservice/Chart.yaml
@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: 15.11.2
+appVersion: 15.11.3
 description: HTTP server for Gitlab
 home: https://about.gitlab.com/
 icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -14,4 +14,4 @@ name: webservice
 sources:
 - https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/webservice
 - https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-webservice
-version: 6.11.2
+version: 6.11.3
--- a/charts/gitlab/gitlab/requirements.lock
+++ b/charts/gitlab/gitlab/requirements.lock
@ -36,4 +36,4 @@ dependencies:
  repository: https://charts.gitlab.io/
  version: 0.3.0
 digest: sha256:67477d660a351df330393ce9ed84458eafbc419de2c454339ed7539bde9c45ca
-generated: "2023-05-05T06:50:58.331129877Z"
+generated: "2023-05-10T20:18:20.96296619Z"
--- a/charts/gitlab/gitlab/values.yaml
+++ b/charts/gitlab/gitlab/values.yaml
@ -40,7 +40,7 @@ global:
  edition: ee
  ## https://docs.gitlab.com/charts/charts/globals#gitlab-version
-  gitlabVersion: "15.11.2"
+  gitlabVersion: "15.11.3"
  ## https://docs.gitlab.com/charts/charts/globals#application-resource
  application:
--- a/charts/gluu/gluu/Chart.yaml
+++ b/charts/gluu/gluu/Chart.yaml
@ -1,6 +1,6 @@
 annotations:
  artifacthub.io/changes: |
-    - Chart 5.0.16 dev release
+    - Chart 5.0.17 official release
  artifacthub.io/containsSecurityUpdates: "true"
  artifacthub.io/images: |
    - name: auth-server
@ -35,59 +35,59 @@ dependencies:
 - condition: global.config.enabled
  name: config
  repository: file://./charts/config
-  version: 5.0.16
+  version: 5.0.17
 - condition: global.config-api.enabled
  name: config-api
  repository: file://./charts/config-api
-  version: 5.0.16
+  version: 5.0.17
 - condition: global.opendj.enabled
  name: opendj
  repository: file://./charts/opendj
-  version: 5.0.16
+  version: 5.0.17
 - condition: global.auth-server.enabled
  name: auth-server
  repository: file://./charts/auth-server
-  version: 5.0.16
+  version: 5.0.17
 - condition: global.admin-ui.enabled
  name: admin-ui
  repository: file://./charts/admin-ui
-  version: 5.0.16
+  version: 5.0.17
 - condition: global.fido2.enabled
  name: fido2
  repository: file://./charts/fido2
-  version: 5.0.16
+  version: 5.0.17
 - condition: global.scim.enabled
  name: scim
  repository: file://./charts/scim
-  version: 5.0.16
+  version: 5.0.17
 - condition: global.nginx-ingress.enabled
  name: nginx-ingress
  repository: file://./charts/nginx-ingress
-  version: 5.0.16
+  version: 5.0.17
 - condition: global.oxshibboleth.enabled
  name: oxshibboleth
  repository: file://./charts/oxshibboleth
-  version: 5.0.16
+  version: 5.0.17
 - condition: global.oxpassport.enabled
  name: oxpassport
  repository: file://./charts/oxpassport
-  version: 5.0.16
+  version: 5.0.17
 - condition: global.casa.enabled
  name: casa
  repository: file://./charts/casa
-  version: 5.0.16
+  version: 5.0.17
 - condition: global.auth-server-key-rotation.enabled
  name: auth-server-key-rotation
  repository: file://./charts/auth-server-key-rotation
-  version: 5.0.16
+  version: 5.0.17
 - condition: global.persistence.enabled
  name: persistence
  repository: file://./charts/persistence
-  version: 5.0.16
+  version: 5.0.17
 - condition: global.istio.ingress
  name: cn-istio-ingress
  repository: file://./charts/cn-istio-ingress
-  version: 5.0.16
+  version: 5.0.17
 description: Gluu Access and Identity Management
 home: https://www.gluu.org
 icon: https://gluu.org/docs/gluu-server/favicon.ico
@ -99,4 +99,4 @@ name: gluu
 sources:
 - https://gluu.org/docs/gluu-server
 - https://github.com/GluuFederation/flex/flex-cn-setup
-version: 5.0.16
+version: 5.0.17
--- a/charts/gluu/gluu/README.md
+++ b/charts/gluu/gluu/README.md
@ -1,6 +1,6 @@
 # gluu
-![Version: 5.0.16](https://img.shields.io/badge/Version-5.0.16-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
+![Version: 5.0.17](https://img.shields.io/badge/Version-5.0.17-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
 Gluu Access and Identity Management
@ -23,20 +23,20 @@ Kubernetes: `>=v1.21.0-0`
 | Repository | Name | Version |
 |------------|------|---------|
-|  | admin-ui | 5.0.16 |
+|  | admin-ui | 5.0.17 |
-|  | auth-server | 5.0.16 |
+|  | auth-server | 5.0.17 |
-|  | auth-server-key-rotation | 5.0.16 |
+|  | auth-server-key-rotation | 5.0.17 |
-|  | casa | 5.0.16 |
+|  | casa | 5.0.17 |
-|  | cn-istio-ingress | 5.0.16 |
+|  | cn-istio-ingress | 5.0.17 |
-|  | config | 5.0.16 |
+|  | config | 5.0.17 |
-|  | config-api | 5.0.16 |
+|  | config-api | 5.0.17 |
-|  | fido2 | 5.0.16 |
+|  | fido2 | 5.0.17 |
-|  | nginx-ingress | 5.0.16 |
+|  | nginx-ingress | 5.0.17 |
-|  | opendj | 5.0.16 |
+|  | opendj | 5.0.17 |
-|  | oxpassport | 5.0.16 |
+|  | oxpassport | 5.0.17 |
-|  | oxshibboleth | 5.0.16 |
+|  | oxshibboleth | 5.0.17 |
-|  | persistence | 5.0.16 |
+|  | persistence | 5.0.17 |
-|  | scim | 5.0.16 |
+|  | scim | 5.0.17 |
 ## Values
--- a/charts/gluu/gluu/app-readme.md
+++ b/charts/gluu/gluu/app-readme.md
@ -1,3 +1,7 @@
 ## Tutorial
 For a full walkthrough of the Gluu Flex Server on Rancher, please see the [Gluu Server on Rancher Tutorial](https://docs.gluu.org/stable/admin/recipes/getting-started-rancher/).
 ## Introduction
 The Gluu Server is a container distribution of free open source software (FOSS) for identity and access management (IAM). SaaS, custom, open source and commercial web and mobile applications can leverage a Gluu Server for user authentication, identity information, and policy decisions.
@ -19,7 +23,6 @@ The Gluu Server can be deployed to support the following open standards for auth
 - OAuth 2.0    
 - OpenID Connect    
 - User Managed Access 2.0 (UMA)    
 - SAML 2.0   
 - System for Cross-domain Identity Management (SCIM)    
 - FIDO Universal 2nd Factor (U2F)
 - FIDO 2.0 / WebAuthn
--- a/charts/gluu/gluu/charts/admin-ui/Chart.yaml
+++ b/charts/gluu/gluu/charts/admin-ui/Chart.yaml
@ -17,4 +17,4 @@ sources:
 - https://github.com/GluuFederation/docker-gluu-admin-ui
 - https://github.com/GluuFederation/flex/tree/main/flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/admin-ui
 type: application
-version: 5.0.16
+version: 5.0.17
--- a/charts/gluu/gluu/charts/admin-ui/README.md
+++ b/charts/gluu/gluu/charts/admin-ui/README.md
@ -1,6 +1,6 @@
 # admin-ui
-![Version: 5.0.16](https://img.shields.io/badge/Version-5.0.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
+![Version: 5.0.17](https://img.shields.io/badge/Version-5.0.17-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
 Admin GUI. Requires license.
--- a/charts/gluu/gluu/charts/auth-server-key-rotation/Chart.yaml
+++ b/charts/gluu/gluu/charts/auth-server-key-rotation/Chart.yaml
@ -15,4 +15,4 @@ sources:
 - https://github.com/JanssenProject/docker-jans-certmanager
 - https://github.com/GluuFederation/flex/tree/main/flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/auth-server-key-rotation
 type: application
-version: 5.0.16
+version: 5.0.17
--- a/charts/gluu/gluu/charts/auth-server-key-rotation/README.md
+++ b/charts/gluu/gluu/charts/auth-server-key-rotation/README.md
@ -1,6 +1,6 @@
 # auth-server-key-rotation
-![Version: 5.0.16](https://img.shields.io/badge/Version-5.0.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
+![Version: 5.0.17](https://img.shields.io/badge/Version-5.0.17-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
 Responsible for regenerating auth-keys per x hours
--- a/charts/gluu/gluu/charts/auth-server/Chart.yaml
+++ b/charts/gluu/gluu/charts/auth-server/Chart.yaml
@ -19,4 +19,4 @@ sources:
 - https://github.com/JanssenProject/docker-jans-auth-server
 - https://github.com/GluuFederation/flex/tree/main/flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/auth-server
 type: application
-version: 5.0.16
+version: 5.0.17
--- a/charts/gluu/gluu/charts/auth-server/README.md
+++ b/charts/gluu/gluu/charts/auth-server/README.md
@ -1,6 +1,6 @@
 # auth-server
-![Version: 5.0.16](https://img.shields.io/badge/Version-5.0.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
+![Version: 5.0.17](https://img.shields.io/badge/Version-5.0.17-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
 OAuth Authorization Server, the OpenID Connect Provider, the UMA Authorization Server--this is the main Internet facing component of Gluu. It's the service that returns tokens, JWT's and identity assertions. This service must be Internet facing.
--- a/charts/gluu/gluu/charts/casa/Chart.yaml
+++ b/charts/gluu/gluu/charts/casa/Chart.yaml
@ -19,4 +19,4 @@ sources:
 - https://github.com/GluuFederation/docker-casa
 - https://github.com/GluuFederation/flex/tree/main/flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/casa
 type: application
-version: 5.0.16
+version: 5.0.17
--- a/charts/gluu/gluu/charts/casa/README.md
+++ b/charts/gluu/gluu/charts/casa/README.md
@ -1,6 +1,6 @@
 # casa
-![Version: 5.0.16](https://img.shields.io/badge/Version-5.0.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
+![Version: 5.0.17](https://img.shields.io/badge/Version-5.0.17-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
 Gluu Casa ("Casa") is a self-service web portal for end-users to manage authentication and authorization preferences for their account in a Gluu Server.
--- a/charts/gluu/gluu/charts/cn-istio-ingress/Chart.yaml
+++ b/charts/gluu/gluu/charts/cn-istio-ingress/Chart.yaml
@ -16,4 +16,4 @@ sources:
 - https://gluu.org/docs/gluu-server/
 - https://github.com/GluuFederation/flex/tree/main/flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/cn-istio-ingress
 type: application
-version: 5.0.16
+version: 5.0.17
--- a/charts/gluu/gluu/charts/cn-istio-ingress/README.md
+++ b/charts/gluu/gluu/charts/cn-istio-ingress/README.md
@ -1,6 +1,6 @@
 # cn-istio-ingress
-![Version: 5.0.16](https://img.shields.io/badge/Version-5.0.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
+![Version: 5.0.17](https://img.shields.io/badge/Version-5.0.17-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
 Istio Gateway
--- a/charts/gluu/gluu/charts/config-api/Chart.yaml
+++ b/charts/gluu/gluu/charts/config-api/Chart.yaml
@ -19,4 +19,4 @@ sources:
 - https://github.com/JanssenProject/jans/docker-jans-config-api
 - https://github.com/GluuFederation/flex/tree/main/flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/config-api
 type: application
-version: 5.0.16
+version: 5.0.17
--- a/charts/gluu/gluu/charts/config-api/README.md
+++ b/charts/gluu/gluu/charts/config-api/README.md
@ -1,6 +1,6 @@
 # config-api
-![Version: 5.0.16](https://img.shields.io/badge/Version-5.0.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
+![Version: 5.0.17](https://img.shields.io/badge/Version-5.0.17-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
 Jans Config Api endpoints can be used to configure jans-auth-server, which is an open-source OpenID Connect Provider (OP) and UMA Authorization Server (AS)
--- a/charts/gluu/gluu/charts/config/Chart.yaml
+++ b/charts/gluu/gluu/charts/config/Chart.yaml
@ -18,4 +18,4 @@ sources:
 - https://github.com/JanssenProject/jans/docker-jans-configurator
 - https://github.com/GluuFederation/flex/tree/main/flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/config
 type: application
-version: 5.0.16
+version: 5.0.17
--- a/charts/gluu/gluu/charts/config/README.md
+++ b/charts/gluu/gluu/charts/config/README.md
@ -1,6 +1,6 @@
 # config
-![Version: 5.0.16](https://img.shields.io/badge/Version-5.0.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
+![Version: 5.0.17](https://img.shields.io/badge/Version-5.0.17-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0](https://img.shields.io/badge/AppVersion-5.0.0-informational?style=flat-square)
 Configuration parameters for setup and initial configuration secret and config layers used by Gluu services.
--- a/Show More
+++ b/Show More