Merge pull request #676 from nflondo/main-source

Charts CI [modified charts]
pull/679/head
alex-isv 2023-02-28 09:22:35 -07:00 committed by GitHub
commit c577bb15c6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
559 changed files with 28351 additions and 1782 deletions

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

View File

@ -1,13 +1,13 @@
annotations:
artifacthub.io/changes: |
- kind: changed
description: Grouped component templates together
description: Upgrade Argo CD to v.2.6.3
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Argo CD
catalog.cattle.io/kube-version: '>=1.22.0-0'
catalog.cattle.io/release-name: argo-cd
apiVersion: v2
appVersion: v2.6.2
appVersion: v2.6.3
dependencies:
- condition: redis-ha.enabled
name: redis-ha
@ -29,4 +29,4 @@ name: argo-cd
sources:
- https://github.com/argoproj/argo-helm/tree/main/charts/argo-cd
- https://github.com/argoproj/argo-cd
version: 5.22.1
version: 5.23.3

View File

@ -509,7 +509,7 @@ NAME: my-release
| controller.pdb.annotations | object | `{}` | Annotations to be added to application controller pdb |
| controller.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the application controller |
| controller.pdb.labels | object | `{}` | Labels to be added to application controller pdb |
| controller.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). |
| controller.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). |
| controller.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
| controller.podAnnotations | object | `{}` | Annotations to be added to application controller pods |
| controller.podLabels | object | `{}` | Labels to be added to application controller pods |
@ -592,7 +592,7 @@ NAME: my-release
| repoServer.pdb.annotations | object | `{}` | Annotations to be added to repo server pdb |
| repoServer.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the repo server |
| repoServer.pdb.labels | object | `{}` | Labels to be added to repo server pdb |
| repoServer.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). |
| repoServer.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). |
| repoServer.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
| repoServer.podAnnotations | object | `{}` | Annotations to be added to repo server pods |
| repoServer.podLabels | object | `{}` | Labels to be added to repo server pods |
@ -642,7 +642,7 @@ NAME: my-release
| server.certificate.enabled | bool | `false` | Deploy a Certificate resource (requires cert-manager) |
| server.certificate.issuer.group | string | `""` | Certificate issuer group. Set if using an external issuer. Eg. `cert-manager.io` |
| server.certificate.issuer.kind | string | `""` | Certificate issuer kind. Either `Issuer` or `ClusterIssuer` |
| server.certificate.issuer.name | string | `""` | Certificate isser name. Eg. `letsencrypt` |
| server.certificate.issuer.name | string | `""` | Certificate issuer name. Eg. `letsencrypt` |
| server.certificate.privateKey.algorithm | string | `"RSA"` | Algorithm used to generate certificate private key. One of: `RSA`, `Ed25519` or `ECDSA` |
| server.certificate.privateKey.encoding | string | `"PKCS1"` | The private key cryptography standards (PKCS) encoding for private key. Either: `PCKS1` or `PKCS8` |
| server.certificate.privateKey.rotationPolicy | string | `"Never"` | Rotation policy of private key when certificate is re-issued. Either: `Never` or `Always` |
@ -725,7 +725,7 @@ NAME: my-release
| server.pdb.annotations | object | `{}` | Annotations to be added to Argo CD server pdb |
| server.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Argo CD server |
| server.pdb.labels | object | `{}` | Labels to be added to Argo CD server pdb |
| server.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). |
| server.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). |
| server.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
| server.podAnnotations | object | `{}` | Annotations to be added to server pods |
| server.podLabels | object | `{}` | Labels to be added to server pods |
@ -955,7 +955,7 @@ The main options are listed here:
| redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy |
| redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping |
| redis-ha.image.tag | string | `"7.0.7-alpine"` | Redis tag |
| redis-ha.persistentVolume.enabled | bool | `false` | Configures persistency on Redis nodes |
| redis-ha.persistentVolume.enabled | bool | `false` | Configures persistence on Redis nodes |
| redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) |
| redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled |
| redis-ha.redis.masterGroupName | string | `"argocd"` | Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated |
@ -1033,7 +1033,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| applicationSet.pdb.annotations | object | `{}` | Annotations to be added to ApplicationSet controller pdb |
| applicationSet.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the ApplicationSet controller |
| applicationSet.pdb.labels | object | `{}` | Labels to be added to ApplicationSet controller pdb |
| applicationSet.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). |
| applicationSet.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). |
| applicationSet.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
| applicationSet.podAnnotations | object | `{}` | Annotations for the ApplicationSet controller pods |
| applicationSet.podLabels | object | `{}` | Labels for the ApplicationSet controller pods |
@ -1072,32 +1072,6 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
|-----|------|---------|-------------|
| notifications.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules |
| notifications.argocdUrl | string | `nil` | Argo CD dashboard url; used in place of {{.context.argocdUrl}} in templates |
| notifications.bots.slack.affinity | object | `{}` (defaults to global.affinity preset) | Assign custom [affinity] rules |
| notifications.bots.slack.containerSecurityContext | object | See [values.yaml] | Slack bot container-level security Context |
| notifications.bots.slack.dnsConfig | object | `{}` | [DNS configuration] |
| notifications.bots.slack.dnsPolicy | string | `"ClusterFirst"` | Alternative DNS policy for Slack bot pods |
| notifications.bots.slack.enabled | bool | `false` | Enable slack bot |
| notifications.bots.slack.extraArgs | list | `[]` | List of extra cli args to add for Slack bot |
| notifications.bots.slack.image.imagePullPolicy | string | `""` (defaults to global.image.imagePullPolicy) | Image pull policy for the Slack bot |
| notifications.bots.slack.image.repository | string | `""` (defaults to global.image.repository) | Repository to use for the Slack bot |
| notifications.bots.slack.image.tag | string | `""` (defaults to global.image.tag) | Tag to use for the Slack bot |
| notifications.bots.slack.imagePullSecrets | list | `[]` (defaults to global.imagePullSecrets) | Secrets with credentials to pull images from a private registry |
| notifications.bots.slack.logFormat | string | `""` (defaults to global.logging.format) | Slack bot log format. Either `text` or `json` |
| notifications.bots.slack.logLevel | string | `""` (defaults to global.logging.level) | Slack bot log level. One of: `debug`, `info`, `warn`, `error` |
| notifications.bots.slack.nodeSelector | object | `{}` | [Node selector] |
| notifications.bots.slack.pdb.annotations | object | `{}` | Annotations to be added to Slack bot pdb |
| notifications.bots.slack.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the Slack bot |
| notifications.bots.slack.pdb.labels | object | `{}` | Labels to be added to Slack bot pdb |
| notifications.bots.slack.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). |
| notifications.bots.slack.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
| notifications.bots.slack.resources | object | `{}` | Resource limits and requests for the Slack bot |
| notifications.bots.slack.service.annotations | object | `{}` | Service annotations for Slack bot |
| notifications.bots.slack.service.port | int | `80` | Service port for Slack bot |
| notifications.bots.slack.service.type | string | `"LoadBalancer"` | Service type for Slack bot |
| notifications.bots.slack.serviceAccount.annotations | object | `{}` | Annotations applied to created service account |
| notifications.bots.slack.serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
| notifications.bots.slack.serviceAccount.name | string | `"argocd-notifications-bot"` | The name of the service account to use. |
| notifications.bots.slack.tolerations | list | `[]` | [Tolerations] for use with node taints |
| notifications.cm.create | bool | `true` | Whether helm chart creates notifications controller config map |
| notifications.containerPorts.metrics | int | `9001` | Metrics container port |
| notifications.containerSecurityContext | object | See [values.yaml] | Notification controller container-level security Context |
@ -1138,7 +1112,7 @@ If you want to use an existing Redis (eg. a managed service from a cloud provide
| notifications.pdb.annotations | object | `{}` | Annotations to be added to notifications controller pdb |
| notifications.pdb.enabled | bool | `false` | Deploy a [PodDisruptionBudget] for the notifications controller |
| notifications.pdb.labels | object | `{}` | Labels to be added to notifications controller pdb |
| notifications.pdb.maxUnavailable | string | `""` | Number of pods that are unavailble after eviction as number or percentage (eg.: 50%). |
| notifications.pdb.maxUnavailable | string | `""` | Number of pods that are unavailable after eviction as number or percentage (eg.: 50%). |
| notifications.pdb.minAvailable | string | `""` (defaults to 0 if not specified) | Number of pods that are available after eviction as number or percentage (eg.: 50%) |
| notifications.podAnnotations | object | `{}` | Annotations to be applied to the notifications controller Pods |
| notifications.podLabels | object | `{}` | Labels to be applied to the notifications controller Pods |

View File

@ -158,17 +158,6 @@ Create the name of the notifications service account to use
{{- end -}}
{{- end -}}
{{/*
Create the name of the notifications bots slack service account to use
*/}}
{{- define "argo-cd.notificationsBotsSlackServiceAccountName" -}}
{{- if .Values.notifications.bots.slack.serviceAccount.create -}}
{{ default (include "argo-cd.notifications.fullname" .) .Values.notifications.bots.slack.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.notifications.bots.slack.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Argo Configuration Preset Values (Incluenced by Values configuration)
*/}}

View File

@ -37,10 +37,15 @@ spec:
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.hostAliases }}
hostAliases:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "argo-cd.controllerServiceAccountName" . }}
containers:
- command:
- argocd-application-controller
@ -285,11 +290,6 @@ spec:
{{- end }}
{{- end }}
{{- end }}
serviceAccountName: {{ template "argo-cd.controllerServiceAccountName" . }}
{{- with .Values.global.hostAliases }}
hostAliases:
{{- toYaml . | nindent 6 }}
{{- end }}
volumes:
{{- with .Values.controller.volumes }}
{{- toYaml . | nindent 6 }}

View File

@ -35,15 +35,15 @@ spec:
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.hostAliases }}
hostAliases:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "argo-cd.applicationSetServiceAccountName" . }}
{{- with .Values.global.hostAliases }}
hostAliases:
{{- toYaml . | nindent 6 }}
{{- end }}
containers:
- name: {{ .Values.applicationSet.name }}
image: {{ default .Values.global.image.repository .Values.applicationSet.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.applicationSet.image.tag }}

View File

@ -1,71 +0,0 @@
{{ if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled }}
apiVersion: apps/v1
kind: Deployment
metadata:
{{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.notifications.deploymentAnnotations) }}
annotations:
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
name: {{ template "argo-cd.notifications.fullname" . }}-bot
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" .Values.notifications.bots.slack.name) | nindent 4 }}
spec:
replicas: 1
revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }}
strategy:
type: Recreate
selector:
matchLabels:
{{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 6 }}
template:
metadata:
labels:
{{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 8 }}
spec:
{{- with .Values.notifications.bots.slack.imagePullSecrets | default .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "argo-cd.notificationsBotsSlackServiceAccountName" . }}
containers:
- name: {{ include "argo-cd.notifications.fullname" . }}-bot
image: {{ default .Values.global.image.repository .Values.notifications.bots.slack.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.notifications.bots.slack.image.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy .Values.notifications.bots.slack.image.pullPolicy }}
command:
- argocd-notifications
- bot
- --loglevel={{ default .Values.global.logging.level .Values.notifications.bots.slack.logLevel }}
- --logformat={{ default .Values.global.logging.format .Values.notifications.bots.slack.logFormat }}
{{- range .Values.notifications.bots.slack.extraArgs }}
- {{ . | squote }}
{{- end }}
workingDir: /app
ports:
- containerPort: 8080
name: http
resources:
{{- toYaml .Values.notifications.bots.slack.resources | nindent 12 }}
securityContext:
{{- toYaml .Values.notifications.bots.slack.containerSecurityContext | nindent 12 }}
affinity:
{{- include "argo-cd.affinity" (dict "context" . "component" .Values.notifications.bots.slack) | nindent 8 }}
{{- with .Values.notifications.bots.slack.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.bots.slack.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.notifications.bots.slack.dnsConfig }}
dnsConfig:
{{- toYaml . | nindent 8 }}
{{- end }}
dnsPolicy: {{ .Values.notifications.bots.slack.dnsPolicy }}
{{ end }}

View File

@ -1,26 +0,0 @@
{{- if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled .Values.notifications.bots.slack.pdb.enabled }}
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: {{ include "argo-cd.notifications.fullname" . }}-bot
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" .Values.notifications.bots.slack.name) | nindent 4 }}
{{- with .Values.notifications.bots.slack.pdb.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.notifications.bots.slack.pdb.annotations }}
annotations:
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
spec:
{{- with .Values.notifications.bots.slack.pdb.maxUnavailable }}
maxUnavailable: {{ . }}
{{- else }}
minAvailable: {{ .Values.notifications.bots.slack.pdb.minAvailable | default 0 }}
{{- end }}
selector:
matchLabels:
{{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 6 }}
{{- end }}

View File

@ -1,27 +0,0 @@
{{ if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled }}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: {{ template "argo-cd.notifications.fullname" . }}-bot
rules:
- apiGroups:
- ""
resources:
- secrets
- configmaps
verbs:
- get
- list
- watch
- apiGroups:
- argoproj.io
resources:
- applications
- appprojects
verbs:
- get
- list
- watch
- update
- patch
{{ end }}

View File

@ -1,13 +0,0 @@
{{ if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled }}
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: {{ template "argo-cd.notifications.fullname" . }}-bot
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: {{ template "argo-cd.notifications.fullname" . }}-bot
subjects:
- kind: ServiceAccount
name: {{ template "argo-cd.notificationsBotsSlackServiceAccountName" . }}
{{ end }}

View File

@ -1,19 +0,0 @@
{{ if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ template "argo-cd.notifications.fullname" . }}-bot
{{- if .Values.notifications.bots.slack.service.annotations }}
annotations:
{{- toYaml .Values.notifications.bots.slack.service.annotations | nindent 4 }}
{{- end }}
spec:
ports:
- name: http
port: {{ .Values.notifications.bots.slack.service.port }}
protocol: TCP
targetPort: http
selector:
{{- include "argo-cd.selectorLabels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" "metrics") | nindent 6 }}
type: {{ .Values.notifications.bots.slack.service.type }}
{{ end }}

View File

@ -1,15 +0,0 @@
{{- if and .Values.notifications.enabled .Values.notifications.bots.slack.enabled .Values.notifications.bots.slack.serviceAccount.create }}
apiVersion: v1
kind: ServiceAccount
automountServiceAccountToken: {{ .Values.notifications.bots.slack.serviceAccount.automountServiceAccountToken }}
metadata:
name: {{ template "argo-cd.notificationsBotsSlackServiceAccountName" . }}
{{- if .Values.notifications.bots.slack.serviceAccount.annotations }}
annotations:
{{- range $key, $value := .Values.notifications.bots.slack.serviceAccount.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
labels:
{{- include "argo-cd.labels" (dict "context" . "component" .Values.notifications.bots.slack.name "name" .Values.notifications.bots.slack.name) | nindent 4 }}
{{- end }}

View File

@ -37,6 +37,10 @@ spec:
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.hostAliases }}
hostAliases:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}

View File

@ -40,11 +40,15 @@ spec:
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
automountServiceAccountToken: {{ .Values.repoServer.serviceAccount.automountServiceAccountToken }}
{{- with .Values.global.hostAliases }}
hostAliases:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "argo-cd.repoServerServiceAccountName" . }}
containers:
- name: {{ .Values.repoServer.name }}
image: {{ default .Values.global.image.repository .Values.repoServer.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.repoServer.image.tag }}
@ -312,11 +316,6 @@ spec:
{{- end }}
{{- end }}
{{- end }}
serviceAccountName: {{ template "argo-cd.repoServerServiceAccountName" . }}
{{- with .Values.global.hostAliases }}
hostAliases:
{{- toYaml . | nindent 6 }}
{{- end }}
volumes:
{{- with .Values.repoServer.volumes }}
{{- toYaml . | nindent 6 }}

View File

@ -37,10 +37,15 @@ spec:
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.hostAliases }}
hostAliases:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "argo-cd.serverServiceAccountName" . }}
containers:
- name: {{ .Values.server.name }}
image: {{ default .Values.global.image.repository .Values.server.image.repository }}:{{ default (include "argo-cd.defaultTag" .) .Values.server.image.tag }}
@ -369,11 +374,6 @@ spec:
{{- end }}
{{- end }}
{{- end }}
serviceAccountName: {{ template "argo-cd.serverServiceAccountName" . }}
{{- with .Values.global.hostAliases }}
hostAliases:
{{- toYaml . | nindent 6 }}
{{- end }}
volumes:
{{- with .Values.server.volumes }}
{{- toYaml . | nindent 6}}

View File

@ -39,10 +39,15 @@ spec:
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.hostAliases }}
hostAliases:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with.Values.global.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "argo-cd.dexServiceAccountName" . }}
containers:
- name: {{ .Values.dex.name }}
image: {{ .Values.dex.image.repository }}:{{ .Values.dex.image.tag }}
@ -159,11 +164,6 @@ spec:
{{- end }}
{{- end }}
{{- end }}
serviceAccountName: {{ template "argo-cd.dexServiceAccountName" . }}
{{- with .Values.global.hostAliases }}
hostAliases:
{{- toYaml . | nindent 6 }}
{{- end }}
volumes:
- name: static-files
emptyDir: {}

View File

@ -36,6 +36,10 @@ spec:
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.hostAliases }}
hostAliases:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.redis.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}

View File

@ -499,7 +499,7 @@ controller:
# -- Number of pods that are available after eviction as number or percentage (eg.: 50%)
# @default -- `""` (defaults to 0 if not specified)
minAvailable: ""
# -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%).
# -- Number of pods that are unavailable after eviction as number or percentage (eg.: 50%).
## Has higher precedence over `controller.pdb.minAvailable`
maxUnavailable: ""
@ -623,7 +623,7 @@ controller:
drop:
- ALL
# Rediness probe for application controller
# Readiness probe for application controller
## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/
readinessProbe:
# -- Minimum consecutive failures for the [probe] to be considered failed after having succeeded
@ -1243,7 +1243,7 @@ redis-ha:
# -- Tag to use for the redis-exporter
tag: 1.45.0
persistentVolume:
# -- Configures persistency on Redis nodes
# -- Configures persistence on Redis nodes
enabled: false
redis:
# -- Redis convention for naming the cluster group: must match `^[\\w-\\.]+$` and can be templated
@ -1342,7 +1342,7 @@ server:
# -- Number of pods that are available after eviction as number or percentage (eg.: 50%)
# @default -- `""` (defaults to 0 if not specified)
minAvailable: ""
# -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%).
# -- Number of pods that are unavailable after eviction as number or percentage (eg.: 50%).
## Has higher precedence over `server.pdb.minAvailable`
maxUnavailable: ""
@ -1380,7 +1380,7 @@ server:
lifecycle: {}
## Argo UI extensions
## This function in tech preview stage, do expect unstability or breaking changes in newer versions.
## This function in tech preview stage, do expect instability or breaking changes in newer versions.
## Ref: https://github.com/argoproj-labs/argocd-extensions
extensions:
# -- Enable support for Argo UI extensions
@ -1583,7 +1583,7 @@ server:
group: ""
# -- Certificate issuer kind. Either `Issuer` or `ClusterIssuer`
kind: ""
# -- Certificate isser name. Eg. `letsencrypt`
# -- Certificate issuer name. Eg. `letsencrypt`
name: ""
# Private key of the certificate
privateKey:
@ -1885,7 +1885,7 @@ repoServer:
# -- Number of pods that are available after eviction as number or percentage (eg.: 50%)
# @default -- `""` (defaults to 0 if not specified)
minAvailable: ""
# -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%).
# -- Number of pods that are unavailable after eviction as number or percentage (eg.: 50%).
## Has higher precedence over `repoServer.pdb.minAvailable`
maxUnavailable: ""
@ -2171,7 +2171,7 @@ applicationSet:
# -- Number of pods that are available after eviction as number or percentage (eg.: 50%)
# @default -- `""` (defaults to 0 if not specified)
minAvailable: ""
# -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%).
# -- Number of pods that are unavailable after eviction as number or percentage (eg.: 50%).
## Has higher precedence over `applicationSet.pdb.minAvailable`
maxUnavailable: ""
@ -2445,7 +2445,7 @@ notifications:
# -- Number of pods that are available after eviction as number or percentage (eg.: 50%)
# @default -- `""` (defaults to 0 if not specified)
minAvailable: ""
# -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%).
# -- Number of pods that are unavailable after eviction as number or percentage (eg.: 50%).
## Has higher precedence over `notifications.pdb.minAvailable`
maxUnavailable: ""
@ -2910,108 +2910,3 @@ notifications:
# For more information: https://argocd-notifications.readthedocs.io/en/stable/triggers/#default-triggers
# defaultTriggers: |
# - on-sync-status-unknown
## The optional bot component simplifies managing subscriptions
## For more information: https://argocd-notifications.readthedocs.io/en/stable/bots/overview/
bots:
slack:
# -- Enable slack bot
## You have to set secret.notifiers.slack.signingSecret
enabled: false
## Slack bot Pod Disruption Budget
## Ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
pdb:
# -- Deploy a [PodDisruptionBudget] for the Slack bot
enabled: false
# -- Labels to be added to Slack bot pdb
labels: {}
# -- Annotations to be added to Slack bot pdb
annotations: {}
# -- Number of pods that are available after eviction as number or percentage (eg.: 50%)
# @default -- `""` (defaults to 0 if not specified)
minAvailable: ""
# -- Number of pods that are unavailble after eviction as number or percentage (eg.: 50%).
## Has higher precedence over `notifications.bots.slack.pdb.minAvailable`
maxUnavailable: ""
## Slack bot image
image:
# -- Repository to use for the Slack bot
# @default -- `""` (defaults to global.image.repository)
repository: ""
# -- Tag to use for the Slack bot
# @default -- `""` (defaults to global.image.tag)
tag: ""
# -- Image pull policy for the Slack bot
# @default -- `""` (defaults to global.image.imagePullPolicy)
imagePullPolicy: ""
# -- Secrets with credentials to pull images from a private registry
# @default -- `[]` (defaults to global.imagePullSecrets)
imagePullSecrets: []
# -- Slack bot log format. Either `text` or `json`
# @default -- `""` (defaults to global.logging.format)
logFormat: ""
# -- Slack bot log level. One of: `debug`, `info`, `warn`, `error`
# @default -- `""` (defaults to global.logging.level)
logLevel: ""
# -- List of extra cli args to add for Slack bot
extraArgs: []
service:
# -- Service annotations for Slack bot
annotations: {}
# -- Service port for Slack bot
port: 80
# -- Service type for Slack bot
type: LoadBalancer
serviceAccount:
# -- Specifies whether a service account should be created
create: true
# -- The name of the service account to use.
## If not set and create is true, a name is generated using the fullname template
name: argocd-notifications-bot
# -- Annotations applied to created service account
annotations: {}
# -- [DNS configuration]
dnsConfig: {}
# -- Alternative DNS policy for Slack bot pods
dnsPolicy: "ClusterFirst"
# -- Slack bot container-level security Context
# @default -- See [values.yaml]
containerSecurityContext:
runAsNonRoot: true
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
capabilities:
drop:
- ALL
# -- Resource limits and requests for the Slack bot
resources: {}
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
# -- Assign custom [affinity] rules
# @default -- `{}` (defaults to global.affinity preset)
affinity: {}
# -- [Tolerations] for use with node taints
tolerations: []
# -- [Node selector]
nodeSelector: {}

View File

@ -4,9 +4,9 @@ dependencies:
version: 6.3.7
- name: mariadb
repository: https://charts.bitnami.com/bitnami
version: 11.4.6
version: 11.5.0
- name: common
repository: https://charts.bitnami.com/bitnami
version: 2.2.3
digest: sha256:603f659cc8e943991bea143717b130c43a0cf14fc1b9019d97006bfa9f825581
generated: "2023-02-17T19:05:31.835880298Z"
digest: sha256:9c6e8b16fcad61555ef0d4015cf8dd5643f88080c10588d0fc123f255b78f1b7
generated: "2023-02-23T11:02:34.782171834Z"

View File

@ -41,4 +41,4 @@ name: wordpress
sources:
- https://github.com/bitnami/containers/tree/main/bitnami/wordpress
- https://wordpress.org/
version: 15.2.45
version: 15.2.46

View File

@ -84,7 +84,7 @@ The command removes all the Kubernetes components associated with the chart and
| ------------------- | --------------------------------------------------------------------------------------------------------- | --------------------- |
| `image.registry` | WordPress image registry | `docker.io` |
| `image.repository` | WordPress image repository | `bitnami/wordpress` |
| `image.tag` | WordPress image tag (immutable tags are recommended) | `6.1.1-debian-11-r49` |
| `image.tag` | WordPress image tag (immutable tags are recommended) | `6.1.1-debian-11-r53` |
| `image.digest` | WordPress image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | WordPress image pull policy | `IfNotPresent` |
| `image.pullSecrets` | WordPress image pull secrets | `[]` |
@ -249,7 +249,7 @@ The command removes all the Kubernetes components associated with the chart and
| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` |
| `volumePermissions.image.registry` | Bitnami Shell image registry | `docker.io` |
| `volumePermissions.image.repository` | Bitnami Shell image repository | `bitnami/bitnami-shell` |
| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r86` |
| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r87` |
| `volumePermissions.image.digest` | Bitnami Shell image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `volumePermissions.image.pullPolicy` | Bitnami Shell image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Bitnami Shell image pull secrets | `[]` |
@ -281,7 +281,7 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.enabled` | Start a sidecar prometheus exporter to expose metrics | `false` |
| `metrics.image.registry` | Apache exporter image registry | `docker.io` |
| `metrics.image.repository` | Apache exporter image repository | `bitnami/apache-exporter` |
| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `0.11.0-debian-11-r93` |
| `metrics.image.tag` | Apache exporter image tag (immutable tags are recommended) | `0.13.0-debian-11-r0` |
| `metrics.image.digest` | Apache exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `metrics.image.pullPolicy` | Apache exporter image pull policy | `IfNotPresent` |
| `metrics.image.pullSecrets` | Apache exporter image pull secrets | `[]` |

View File

@ -1,6 +1,6 @@
dependencies:
- name: common
repository: https://charts.bitnami.com/bitnami
version: 2.2.2
digest: sha256:49ca75cf23ba5eb7df4becef52580f98c8bd8194eb80368b9d7b875f6eefa8e5
generated: "2022-12-15T08:09:23.256191892Z"
version: 2.2.3
digest: sha256:2c7165542fc01b9e98b577cd8b1095d0ed8267d34b97b6e581a1176bfb8e4dcb
generated: "2023-02-17T18:41:00.54667787Z"

View File

@ -28,4 +28,4 @@ sources:
- https://github.com/bitnami/containers/tree/main/bitnami/mariadb
- https://github.com/prometheus/mysqld_exporter
- https://mariadb.org
version: 11.4.6
version: 11.5.0

View File

@ -11,8 +11,8 @@ Trademarks: This software listing is packaged by Bitnami. The respective tradema
## TL;DR
```console
$ helm repo add my-repo https://charts.bitnami.com/bitnami
$ helm install my-release my-repo/mariadb
helm repo add my-repo https://charts.bitnami.com/bitnami
helm install my-release my-repo/mariadb
```
## Introduction
@ -34,8 +34,8 @@ Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment
To install the chart with the release name `my-release`:
```console
$ helm repo add my-repo https://charts.bitnami.com/bitnami
$ helm install my-release my-repo/mariadb
helm repo add my-repo https://charts.bitnami.com/bitnami
helm install my-release my-repo/mariadb
```
The command deploys MariaDB on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation.
@ -47,7 +47,7 @@ The command deploys MariaDB on the Kubernetes cluster in the default configurati
To uninstall/delete the `my-release` deployment:
```console
$ helm delete my-release
helm delete my-release
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
@ -62,11 +62,10 @@ The command removes all the Kubernetes components associated with the chart and
| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` |
| `global.storageClass` | Global storage class for dynamic provisioning | `""` |
### Common parameters
| Name | Description | Value |
| ------------------------ | --------------------------------------------------------------------------------------- | --------------- |
| ------------------------- | --------------------------------------------------------------------------------------- | --------------- |
| `kubeVersion` | Force target Kubernetes version (using Helm capabilities if not set) | `""` |
| `nameOverride` | String to partially override mariadb.fullname | `""` |
| `fullnameOverride` | String to fully override mariadb.fullname | `""` |
@ -79,7 +78,7 @@ The command removes all the Kubernetes components associated with the chart and
| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` |
| `diagnosticMode.command` | Command to override all containers in the deployment | `["sleep"]` |
| `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` |
| `serviceBindings.enabled` | Create secret for service binding (Experimental) | `false` |
### MariaDB common parameters
@ -87,7 +86,7 @@ The command removes all the Kubernetes components associated with the chart and
| -------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------- |
| `image.registry` | MariaDB image registry | `docker.io` |
| `image.repository` | MariaDB image repository | `bitnami/mariadb` |
| `image.tag` | MariaDB image tag (immutable tags are recommended) | `10.6.12-debian-11-r0` |
| `image.tag` | MariaDB image tag (immutable tags are recommended) | `10.6.12-debian-11-r3` |
| `image.digest` | MariaDB image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `image.pullPolicy` | MariaDB image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
@ -106,7 +105,6 @@ The command removes all the Kubernetes components associated with the chart and
| `initdbScripts` | Dictionary of initdb scripts | `{}` |
| `initdbScriptsConfigMap` | ConfigMap with the initdb scripts (Note: Overrides `initdbScripts`) | `""` |
### MariaDB Primary parameters
| Name | Description | Value |
@ -199,7 +197,6 @@ The command removes all the Kubernetes components associated with the chart and
| `primary.pdb.maxUnavailable` | Maximum number/percentage of MariaDB primary pods that can be unavailable after the eviction | `""` |
| `primary.revisionHistoryLimit` | Maximum number of revisions that will be maintained in the StatefulSet | `10` |
### MariaDB Secondary parameters
| Name | Description | Value |
@ -292,7 +289,6 @@ The command removes all the Kubernetes components associated with the chart and
| `secondary.pdb.maxUnavailable` | Maximum number/percentage of MariaDB secondary pods that may be made unavailable | `""` |
| `secondary.revisionHistoryLimit` | Maximum number of revisions that will be maintained in the StatefulSet | `10` |
### RBAC parameters
| Name | Description | Value |
@ -303,7 +299,6 @@ The command removes all the Kubernetes components associated with the chart and
| `serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `false` |
| `rbac.create` | Whether to create and use RBAC resources or not | `false` |
### Volume Permissions parameters
| Name | Description | Value |
@ -311,14 +306,13 @@ The command removes all the Kubernetes components associated with the chart and
| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` |
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
| `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r80` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag (immutable tags are recommended) | `11-debian-11-r86` |
| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` |
| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` |
### Metrics parameters
| Name | Description | Value |
@ -326,7 +320,7 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.enabled` | Start a side-car prometheus exporter | `false` |
| `metrics.image.registry` | Exporter image registry | `docker.io` |
| `metrics.image.repository` | Exporter image repository | `bitnami/mysqld-exporter` |
| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r86` |
| `metrics.image.tag` | Exporter image tag (immutable tags are recommended) | `0.14.0-debian-11-r90` |
| `metrics.image.digest` | Exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `metrics.image.pullPolicy` | Exporter image pull policy | `IfNotPresent` |
| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
@ -365,7 +359,6 @@ The command removes all the Kubernetes components associated with the chart and
| `metrics.prometheusRule.additionalLabels` | Additional labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` |
| `metrics.prometheusRule.rules` | Prometheus Rule definitions | `[]` |
### NetworkPolicy parameters
| Name | Description | Value |
@ -391,7 +384,7 @@ The above parameters map to the env variables defined in [bitnami/mariadb](https
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```console
$ helm install my-release \
helm install my-release \
--set auth.rootPassword=secretpassword,auth.database=app_database \
my-repo/mariadb
```
@ -403,7 +396,7 @@ The above command sets the MariaDB `root` account password to `secretpassword`.
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
```console
$ helm install my-release -f values.yaml my-repo/mariadb
helm install my-release -f values.yaml my-repo/mariadb
```
> **Tip**: You can use the default [values.yaml](values.yaml)
@ -463,7 +456,7 @@ Find more information about how to deal with common errors related to Bitnami's
It's necessary to set the `auth.rootPassword` parameter when upgrading for readiness/liveness probes to work properly. When you install this chart for the first time, some notes will be displayed providing the credentials you must use under the 'Administrator credentials' section. Please note down the password and run the command below to upgrade your chart:
```console
$ helm upgrade my-release my-repo/mariadb --set auth.rootPassword=[ROOT_PASSWORD]
helm upgrade my-release my-repo/mariadb --set auth.rootPassword=[ROOT_PASSWORD]
```
| Note: you need to substitute the placeholder _[ROOT_PASSWORD]_ with the value obtained in the installation notes.
@ -520,7 +513,7 @@ Backwards compatibility is not guaranteed. To upgrade to `8.0.0`, install a new
- Reuse the PVC used to hold the master data on your previous release. To do so, use the `primary.persistence.existingClaim` parameter. The following example assumes that the release name is `mariadb`:
```console
$ helm install mariadb my-repo/mariadb --set auth.rootPassword=[ROOT_PASSWORD] --set primary.persistence.existingClaim=[EXISTING_PVC]
helm install mariadb my-repo/mariadb --set auth.rootPassword=[ROOT_PASSWORD] --set primary.persistence.existingClaim=[EXISTING_PVC]
```
| Note: you need to substitute the placeholder _[EXISTING_PVC]_ with the name of the PVC used on your previous release, and _[ROOT_PASSWORD]_ with the root password used in your previous release.
@ -529,7 +522,7 @@ $ helm install mariadb my-repo/mariadb --set auth.rootPassword=[ROOT_PASSWORD] -
Helm performs a lookup for the object based on its group (apps), version (v1), and kind (Deployment). Also known as its GroupVersionKind, or GVK. Changing the GVK is considered a compatibility breaker from Kubernetes' point of view, so you cannot "upgrade" those objects to the new GVK in-place. Earlier versions of Helm 3 did not perform the lookup correctly which has since been fixed to match the spec.
In https://github.com/helm/charts/pull/17308 the `apiVersion` of the statefulset resources was updated to `apps/v1` in tune with the api's deprecated, resulting in compatibility breakage.
In <https://github.com/helm/charts/pull/17308> the `apiVersion` of the statefulset resources was updated to `apps/v1` in tune with the api's deprecated, resulting in compatibility breakage.
This major version bump signifies this change.
@ -546,7 +539,7 @@ Backwards compatibility is not guaranteed unless you modify the labels used on t
Use the workaround below to upgrade from versions previous to 5.0.0. The following example assumes that the release name is mariadb:
```console
$ kubectl delete statefulset opencart-mariadb --cascade=false
kubectl delete statefulset opencart-mariadb --cascade=false
```
## License
@ -557,7 +550,7 @@ Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
<http://www.apache.org/licenses/LICENSE-2.0>
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,

View File

@ -1,7 +1,8 @@
annotations:
category: Infrastructure
licenses: Apache-2.0
apiVersion: v2
appVersion: 2.2.2
appVersion: 2.2.3
description: A Library Helm Chart for grouping common logic between bitnami charts.
This chart is not deployable by itself.
home: https://github.com/bitnami/charts/tree/main/bitnami/common
@ -20,4 +21,4 @@ sources:
- https://github.com/bitnami/charts
- https://www.bitnami.com/
type: library
version: 2.2.2
version: 2.2.3

View File

@ -11,7 +11,7 @@ dependencies:
repository: https://charts.bitnami.com/bitnami
```
```bash
```console
$ helm dependency update
```
@ -336,7 +336,7 @@ $ helm install test mychart --set path.to.value00="",path.to.value01=""
## License
Copyright &copy; 2022 Bitnami
Copyright &copy; 2023 Bitnami
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

View File

@ -1,7 +1,7 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Return the proper image name
{{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" $) }}
{{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" .Values.global ) }}
*/}}
{{- define "common.images.image" -}}
{{- $registryName := .imageRoot.registry -}}

View File

@ -1,3 +1,7 @@
{{- $host := include "mariadb.primary.fullname" . }}
{{- $port := print .Values.primary.service.ports.mysql }}
{{- $rootPassword := include "common.secrets.passwords.manage" (dict "secret" (include "mariadb.secretName" .) "key" "mariadb-root-password" "providedValues" (list "auth.rootPassword") "context" $) | trimAll "\"" | b64dec }}
{{- $password := include "common.secrets.passwords.manage" (dict "secret" (include "mariadb.secretName" .) "key" "mariadb-password" "providedValues" (list "auth.password") "context" $) | trimAll "\"" | b64dec }}
{{- if eq (include "mariadb.createSecret" .) "true" }}
apiVersion: v1
kind: Secret
@ -14,13 +18,13 @@ metadata:
type: Opaque
data:
{{- if (not .Values.auth.forcePassword) }}
mariadb-root-password: {{ include "common.secrets.passwords.manage" (dict "secret" (include "common.names.fullname" .) "key" "mariadb-root-password" "providedValues" (list "auth.rootPassword") "context" $) }}
mariadb-root-password: {{ print $rootPassword | b64enc | quote }}
{{- else }}
mariadb-root-password: {{ required "A MariaDB Root Password is required!" .Values.auth.rootPassword | b64enc | quote }}
{{- end }}
{{- if (not (empty .Values.auth.username)) }}
{{- if (not .Values.auth.forcePassword) }}
mariadb-password: {{ include "common.secrets.passwords.manage" (dict "secret" (include "common.names.fullname" .) "key" "mariadb-password" "providedValues" (list "auth.password") "context" $) }}
mariadb-password: {{ print $password | b64enc | quote }}
{{- else }}
mariadb-password: {{ required "A MariaDB Database Password is required!" .Values.auth.password | b64enc | quote }}
{{- end }}
@ -33,3 +37,57 @@ data:
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.serviceBindings.enabled }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.names.fullname" . }}-svcbind-root
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: servicebinding.io/mysql
data:
provider: {{ print "bitnami" | b64enc | quote }}
type: {{ print "mysql" | b64enc | quote }}
host: {{ print $host | b64enc | quote }}
port: {{ print $port | b64enc | quote }}
user: {{ print "root" | b64enc | quote }}
password: {{ print $rootPassword | b64enc | quote }}
uri: {{ printf "mysql://root:%s@%s:%s" $rootPassword $host $port | b64enc | quote }}
{{- if .Values.auth.username }}
{{- $database := .Values.auth.database }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "common.names.fullname" . }}-svcbind-custom-user
namespace: {{ .Release.Namespace | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: servicebinding.io/mysql
data:
provider: {{ print "bitnami" | b64enc | quote }}
type: {{ print "mysql" | b64enc | quote }}
host: {{ print $host | b64enc | quote }}
port: {{ print $port | b64enc | quote }}
user: {{ print .Values.auth.username | b64enc | quote }}
{{- if $database }}
database: {{ print $database | b64enc | quote }}
{{- end }}
password: {{ print $password | b64enc | quote }}
uri: {{ printf "mysql://%s:%s@%s:%s/%s" .Values.auth.username $password $host $port $database | b64enc | quote }}
{{- end }}
{{- end }}

View File

@ -65,6 +65,12 @@ diagnosticMode:
args:
- infinity
## @param serviceBindings.enabled Create secret for service binding (Experimental)
## Ref: https://servicebinding.io/service-provider/
##
serviceBindings:
enabled: false
## @section MariaDB common parameters
##
@ -81,7 +87,7 @@ diagnosticMode:
image:
registry: docker.io
repository: bitnami/mariadb
tag: 10.6.12-debian-11-r0
tag: 10.6.12-debian-11-r3
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -989,7 +995,7 @@ volumePermissions:
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: 11-debian-11-r80
tag: 11-debian-11-r86
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)
@ -1025,7 +1031,7 @@ metrics:
image:
registry: docker.io
repository: bitnami/mysqld-exporter
tag: 0.14.0-debian-11-r86
tag: 0.14.0-debian-11-r90
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace)

View File

@ -73,7 +73,7 @@ diagnosticMode:
image:
registry: docker.io
repository: bitnami/wordpress
tag: 6.1.1-debian-11-r49
tag: 6.1.1-debian-11-r53
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
@ -757,7 +757,7 @@ volumePermissions:
image:
registry: docker.io
repository: bitnami/bitnami-shell
tag: 11-debian-11-r86
tag: 11-debian-11-r87
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
@ -851,7 +851,7 @@ metrics:
image:
registry: docker.io
repository: bitnami/apache-exporter
tag: 0.11.0-debian-11-r93
tag: 0.13.0-debian-11-r0
digest: ""
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.

View File

@ -22,4 +22,4 @@ keywords:
kubeVersion: '>=1.19-0'
name: sextant
type: application
version: 2.2.21
version: 2.3.0

View File

@ -4,7 +4,7 @@ annotations:
catalog.cattle.io/kube-version: '>=1.21.0-0'
catalog.cattle.io/release-name: kamaji
apiVersion: v2
appVersion: v0.2.0
appVersion: v0.2.1
description: Kamaji is a tool aimed to build and operate a Managed Kubernetes Service
with a fraction of the operational burden. With Kamaji, you can deploy and operate
hundreds of Kubernetes clusters as a hyper-scaler.
@ -22,4 +22,4 @@ name: kamaji
sources:
- https://github.com/clastix/kamaji
type: application
version: 0.11.2
version: 0.11.3

View File

@ -1,6 +1,6 @@
# kamaji
![Version: 0.11.2](https://img.shields.io/badge/Version-0.11.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.2.0](https://img.shields.io/badge/AppVersion-v0.2.0-informational?style=flat-square)
![Version: 0.11.3](https://img.shields.io/badge/Version-0.11.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.2.1](https://img.shields.io/badge/AppVersion-v0.2.1-informational?style=flat-square)
Kamaji is a tool aimed to build and operate a Managed Kubernetes Service with a fraction of the operational burden. With Kamaji, you can deploy and operate hundreds of Kubernetes clusters as a hyper-scaler.

View File

@ -4,9 +4,9 @@ annotations:
catalog.cattle.io/kube-version: '>=1.18-0'
catalog.cattle.io/release-name: cf-runtime
apiVersion: v2
appVersion: 1.9.7
appVersion: 1.9.10
description: A Helm chart for Codefresh Runner
icon: https://partner-charts.rancher.io/assets/logos/codefresh.jpg
name: cf-runtime
type: application
version: 1.9.7
version: 1.9.10

View File

@ -28,3 +28,6 @@ rules:
- apiGroups: [ "" ]
resources: [ "endpoints" ]
verbs: [ "get", "list", "watch", "create", "update", "delete" ]
- apiGroups: [ "coordination.k8s.io" ]
resources: [ "leases" ]
verbs: [ "get", "create", "update" ]

View File

@ -24,7 +24,7 @@ dockerRegistry: "quay.io" # Registry prefix for the runtime images (default quay
newRelicLicense: "" # NEWRELIC_LICENSE_KEY (for app-proxy and runner deployments)
runner: # Runner Deployment
image: "codefresh/venona:1.9.7"
image: "codefresh/venona:1.9.10"
env: {}
## e.g:
# env:
@ -53,7 +53,7 @@ runner: # Runner Deployment
# effect: NoSchedule
volumeProvisioner: # Volume-Provisioner Deployment
image: "codefresh/dind-volume-provisioner:1.31.9"
image: "codefresh/dind-volume-provisioner:1.33.1"
serviceAccount: {} # annotate volume-provisioner service account
## e.g:
# serviceAccount:
@ -154,7 +154,6 @@ storage: # Storage parameters for Volume-Provisioner
# DiskIOPSReadWrite: 500
# DiskMBpsReadWrite: 100
re:
# Optionally add an AWS IAM role to your pipelines
# More info: https://codefresh.io/docs/docs/administration/codefresh-runner/#injecting-aws-arn-roles-into-the-cluster
@ -215,4 +214,3 @@ monitor: # Monitor Deployment
resources: {}
serviceAccount:
annotations: {}

View File

@ -1,6 +1,6 @@
dependencies:
- name: crate-operator-crds
repository: file://../crate-operator-crds
version: 2.22.0
digest: sha256:ea59e13300da29acfb32097bfb382649618e7bf503248896fc5c9a66846ee36a
generated: "2023-01-31T14:30:10.49197227Z"
version: 2.23.0
digest: sha256:3fffe754574fad639050c4717e064e275fc0fb165dd21fc4564feb66cba406b1
generated: "2023-02-28T11:48:10.16603821Z"

View File

@ -3,16 +3,16 @@ annotations:
catalog.cattle.io/display-name: CrateDB Operator
catalog.cattle.io/release-name: crate-operator
apiVersion: v2
appVersion: 2.22.0
appVersion: 2.23.0
dependencies:
- condition: crate-operator-crds.enabled
name: crate-operator-crds
repository: file://./charts/crate-operator-crds
version: 2.22.0
version: 2.23.0
description: Crate Operator - Helm chart for installing and upgrading Crate Operator.
icon: https://raw.githubusercontent.com/crate/crate/master/docs/_static/crate-logo.svg
maintainers:
- name: Crate.io
name: crate-operator
type: application
version: 2.22.0
version: 2.23.0

View File

@ -1,9 +1,9 @@
apiVersion: v2
appVersion: 2.22.0
appVersion: 2.23.0
description: Crate Operator CRDs - Helm chart for installing and upgrading Custom
Resource Definitions (CRDs) for the Crate Operator.
maintainers:
- name: Crate.io
name: crate-operator-crds
type: application
version: 2.22.0
version: 2.23.0

View File

@ -1,5 +1,9 @@
# Datadog changelog
## 3.11.0
* Default `Agent` and `Cluster-Agent` image tags to `7.43.0`.
## 3.10.9
* Default `Agent` and `Cluster-Agent` image tags to `7.42.2`.

View File

@ -19,4 +19,4 @@ name: datadog
sources:
- https://app.datadoghq.com/account/settings#agent/kubernetes
- https://github.com/DataDog/datadog-agent
version: 3.10.9
version: 3.11.0

View File

@ -1,6 +1,6 @@
# Datadog
![Version: 3.10.9](https://img.shields.io/badge/Version-3.10.9-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square)
![Version: 3.11.0](https://img.shields.io/badge/Version-3.11.0-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square)
[Datadog](https://www.datadoghq.com/) is a hosted infrastructure monitoring platform. This chart adds the Datadog Agent to all nodes in your cluster via a DaemonSet. It also optionally depends on the [kube-state-metrics chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics). For more information about monitoring Kubernetes with Datadog, please refer to the [Datadog documentation website](https://docs.datadoghq.com/agent/basic_agent_usage/kubernetes/).
@ -443,7 +443,7 @@ helm install <RELEASE_NAME> \
| agents.image.pullPolicy | string | `"IfNotPresent"` | Datadog Agent image pull policy |
| agents.image.pullSecrets | list | `[]` | Datadog Agent repository pullSecret (ex: specify docker registry credentials) |
| agents.image.repository | string | `nil` | Override default registry + image.name for Agent |
| agents.image.tag | string | `"7.42.2"` | Define the Agent version to use |
| agents.image.tag | string | `"7.43.0"` | Define the Agent version to use |
| agents.image.tagSuffix | string | `""` | Suffix to append to Agent tag |
| agents.localService.forceLocalServiceEnabled | bool | `false` | Force the creation of the internal traffic policy service to target the agent running on the local node. By default, the internal traffic service is created only on Kubernetes 1.22+ where the feature became beta and enabled by default. This option allows to force the creation of the internal traffic service on kubernetes 1.21 where the feature was alpha and required a feature gate to be explicitly enabled. |
| agents.localService.overrideName | string | `""` | Name of the internal traffic service to target the agent running on the local node |
@ -501,7 +501,7 @@ helm install <RELEASE_NAME> \
| clusterAgent.image.pullPolicy | string | `"IfNotPresent"` | Cluster Agent image pullPolicy |
| clusterAgent.image.pullSecrets | list | `[]` | Cluster Agent repository pullSecret (ex: specify docker registry credentials) |
| clusterAgent.image.repository | string | `nil` | Override default registry + image.name for Cluster Agent |
| clusterAgent.image.tag | string | `"7.42.2"` | Cluster Agent image tag to use |
| clusterAgent.image.tag | string | `"7.43.0"` | Cluster Agent image tag to use |
| clusterAgent.livenessProbe | object | Every 15s / 6 KO / 1 OK | Override default Cluster Agent liveness probe settings |
| clusterAgent.metricsProvider.aggregator | string | `"avg"` | Define the aggregator the cluster agent will use to process the metrics. The options are (avg, min, max, sum) |
| clusterAgent.metricsProvider.createReaderRbac | bool | `true` | Create `external-metrics-reader` RBAC automatically (to allow HPA to read data from Cluster Agent) |
@ -547,7 +547,7 @@ helm install <RELEASE_NAME> \
| clusterChecksRunner.image.pullPolicy | string | `"IfNotPresent"` | Datadog Agent image pull policy |
| clusterChecksRunner.image.pullSecrets | list | `[]` | Datadog Agent repository pullSecret (ex: specify docker registry credentials) |
| clusterChecksRunner.image.repository | string | `nil` | Override default registry + image.name for Cluster Check Runners |
| clusterChecksRunner.image.tag | string | `"7.42.2"` | Define the Agent version to use |
| clusterChecksRunner.image.tag | string | `"7.43.0"` | Define the Agent version to use |
| clusterChecksRunner.image.tagSuffix | string | `""` | Suffix to append to Agent tag |
| clusterChecksRunner.livenessProbe | object | Every 15s / 6 KO / 1 OK | Override default agent liveness probe settings |
| clusterChecksRunner.networkPolicy.create | bool | `false` | If true, create a NetworkPolicy for the cluster checks runners. DEPRECATED. Use datadog.networkPolicy.create instead |

View File

@ -794,7 +794,7 @@ clusterAgent:
name: cluster-agent
# clusterAgent.image.tag -- Cluster Agent image tag to use
tag: 7.42.2
tag: 7.43.0
# clusterAgent.image.digest -- Cluster Agent image digest to use, takes precedence over tag if specified
digest: ""
@ -1116,7 +1116,7 @@ agents:
name: agent
# agents.image.tag -- Define the Agent version to use
tag: 7.42.2
tag: 7.43.0
# agents.image.digest -- Define Agent image digest to use, takes precedence over tag if specified
digest: ""
@ -1557,7 +1557,7 @@ clusterChecksRunner:
name: agent
# clusterChecksRunner.image.tag -- Define the Agent version to use
tag: 7.42.2
tag: 7.43.0
# clusterChecksRunner.image.digest -- Define Agent image digest to use, takes precedence over tag if specified
digest: ""

View File

@ -4,7 +4,7 @@ annotations:
catalog.cattle.io/kube-version: '>= 1.21.0 < 1.26.0'
catalog.cattle.io/release-name: csi-powerstore
apiVersion: v2
appVersion: 2.5.0
appVersion: 2.5.1
description: 'PowerStore CSI (Container Storage Interface) driver Kubernetes integration.
This chart includes everything required to provision via CSI as well as a PowerStore
StorageClass. '
@ -19,4 +19,4 @@ maintainers:
name: csi-powerstore
sources:
- https://github.com/dell/csi-powerstore
version: 2.5.0
version: 2.5.1

View File

@ -23,7 +23,7 @@
driverName: "csi-powerstore.dellemc.com"
# Driver version required to pull the latest driver image
version: "v2.5.0"
version: "v2.5.1"
# Specify kubelet config dir path.
# Ensure that the config.yaml file is present at this path.

View File

@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

View File

@ -16,4 +16,4 @@ maintainers:
url: https://dh2i.com
name: dxemssql
type: application
version: 1.0.1
version: 1.0.2

View File

@ -17,8 +17,7 @@ spec:
{{- include "dxemssql.labels" . | nindent 8 }}
spec:
securityContext:
fsGroup: 7979
fsGroupChangePolicy: "OnRootMismatch"
fsGroup: 10001
containers:
- name: sql
image: "{{ .Values.sqlImage.repository }}:{{ .Values.sqlImage.tag }}"

View File

@ -2,6 +2,50 @@
documentation](doc/development/changelog.md) for instructions on adding your own
entry.
## 6.9.1 (2023-02-23)
### Changed (1 change)
- [Update gitlab-org/charts/gitlab-runner from 0.49.3 to 0.50.1](gitlab-org/charts/gitlab@95cb8869b072a926117edd1335202120dd3db9bc) ([merge request](gitlab-org/charts/gitlab!2998))
## 6.9.0 (2023-02-21)
### Added (4 changes)
- [Add troubleshooting docs and note about annotation-value-word-blocklist](gitlab-org/charts/gitlab@cef52d0a33abd089e01d77e0749bdfda8b7a3ec2) ([merge request](gitlab-org/charts/gitlab!2978))
- [redis: Introduce support for Redis Cluster and specifying acl user](gitlab-org/charts/gitlab@630ce39a02927d40fa28a13f0590967a133fd2ef) ([merge request](gitlab-org/charts/gitlab!2873))
- [Add ci_runners_stale_machines_cleanup_worker cronjob](gitlab-org/charts/gitlab@8742fcbb39033f5e3baaf8226d5a370fd5604357) ([merge request](gitlab-org/charts/gitlab!2913))
- [Add support for toolbox.securityContext.fsGroupChangePolicy](gitlab-org/charts/gitlab@0217b7f8e8328fbec7c49af7c1f62cd34fcc03f6) ([merge request](gitlab-org/charts/gitlab!2905))
### Fixed (4 changes)
- [Fix unwanted 'v' prefix in helper image tag](gitlab-org/charts/gitlab@47aa2e34bbd38ba968033255e5e035ab9b7c5749) ([merge request](gitlab-org/charts/gitlab!2982))
- [Fix certmanager http01 solver on global "none" ingress class](gitlab-org/charts/gitlab@dbf596421f7cd5ee7374c107f2d6776249c75c69) ([merge request](gitlab-org/charts/gitlab!2908))
- [Force copy files in `configure` initContainer](gitlab-org/charts/gitlab@3c8bd2730aa117f9d1d76088a1e6e8d742a0d878) ([merge request](gitlab-org/charts/gitlab!2953))
- [Fix logic for Self-Signed-Certs Job inclusion](gitlab-org/charts/gitlab@b2d98174b41a831ad3b205cb367bf9904ebc2e25) ([merge request](gitlab-org/charts/gitlab!2862))
### Changed (9 changes)
- [Update gitlab-org/container-registry from 3.66.0-gitlab to 3.67.0-gitlab](gitlab-org/charts/gitlab@6d0ecfb2bce4a1cc7ec021a4ab98e82e3cd8079e) ([merge request](gitlab-org/charts/gitlab!2980))
- [Use 'gitlab.parseAppVersion' for helper image tags](gitlab-org/charts/gitlab@a350fe160cbb3bc549bafd8dd01d04e08a613623) ([merge request](gitlab-org/charts/gitlab!2878))
- [Update gitlab-org/charts/gitlab-runner from 0.49.1 to 0.49.2](gitlab-org/charts/gitlab@0ef1d3fdbfb79d6f325bcf67da35b8cdfb9e36c0) ([merge request](gitlab-org/charts/gitlab!2970))
- [Update gitlab-org/charts/gitlab-runner from 0.49.0 to 0.49.1](gitlab-org/charts/gitlab@89398c8f28e695a4f8416ddf729834e71258a70b) ([merge request](gitlab-org/charts/gitlab!2959))
- [Update gitlab-org/gitlab-exporter from 12.1.0 to 12.1.1](gitlab-org/charts/gitlab@ec0922cef35b9c6799dcc2db4b6a38ddc8990969) ([merge request](gitlab-org/charts/gitlab!2958))
- [Update gitlab-org/container-registry from 3.65.1-gitlab to 3.66.0-gitlab](gitlab-org/charts/gitlab@acecf98c3478f2faa1f5b39ef07ced9704184df3) ([merge request](gitlab-org/charts/gitlab!2946))
- [Update link and information about Prometheus scraping TLS endpoint](gitlab-org/charts/gitlab@ed0e9d353e23f3f89e4685fd2d5ab3ded7b8eadb) ([merge request](gitlab-org/charts/gitlab!2931))
- [Update gitlab-org/container-registry from 3.65.0-gitlab to 3.65.1-gitlab](gitlab-org/charts/gitlab@8a39c2456ae4fcd3169c8e6fb789b2c715e784ec) ([merge request](gitlab-org/charts/gitlab!2934))
- [Update gitlab-org/charts/gitlab-runner from 0.48.1 to 0.49.0](gitlab-org/charts/gitlab@b0e0eadd387c10f9d2168902a33c7b07fbf1a331) ([merge request](gitlab-org/charts/gitlab!2933))
### Deprecated (1 change)
- [Deprecate sidekiq queueSelector and negateQueues](gitlab-org/charts/gitlab@4f6e5846dbabd0b16f5fad771b8bb78dfaa241b8) ([merge request](gitlab-org/charts/gitlab!2969))
### Other (3 changes)
- [Add defaultReplicationFactor in Praefect's ConfigMap.](gitlab-org/charts/gitlab@36e44f78978b368c1db99a5dc747686ab4363e8c) by @kyunam-jo ([merge request](gitlab-org/charts/gitlab!2844))
- [Moved minio config to global in example config](gitlab-org/charts/gitlab@973557e4cf0c5ec1e0c399fcce557fae2a87de17) ([merge request](gitlab-org/charts/gitlab!2952))
- [Doc - configure the GitLab chart with an decomposed database](gitlab-org/charts/gitlab@af72661b6f82f8f16dab591c8af67e44baf0b998) ([merge request](gitlab-org/charts/gitlab!2890))
## 6.8.3 (2023-02-15)
No changes.
@ -36,6 +80,16 @@ No changes.
- [Update gitlab-org/gitlab-exporter from 11.18.2 to 12.1.0](gitlab-org/charts/gitlab@428de3dd7c208a0469b18b927fece2bc54029b19) ([merge request](gitlab-org/charts/gitlab!2911))
- [Update gitlab-org/container-registry from 3.63.0-gitlab to 3.64.0-gitlab](gitlab-org/charts/gitlab@a1edaea5f4d9d2a6d972b7412deafe6a2b50aedb) ([merge request](gitlab-org/charts/gitlab!2904))
## 6.7.7 (2023-02-10)
No changes.
## 6.7.6 (2023-01-30)
### Fixed (1 change)
- [Fix indent for priorityClassName in Toolbox backup job](gitlab-org/security/charts/gitlab@3ef41cf43a34d56bcdfd1353cffc5edec3fe9e08)
## 6.7.4 (2023-01-12)
No changes.
@ -78,6 +132,16 @@ No changes.
- [Use kubectl image with kubectl 1.24.7, yq 4.30.1](gitlab-org/charts/gitlab@e0c892e060ac405d8a2c90f7b4d632e1b3512728) ([merge request](gitlab-org/charts/gitlab!2871))
## 6.6.8 (2023-02-10)
No changes.
## 6.6.7 (2023-01-30)
### Fixed (1 change)
- [Fix indent for priorityClassName in Toolbox backup job](gitlab-org/security/charts/gitlab@47836b96b8ae6dd8fd7f7bab4f59e5321ecb023c)
## 6.6.5 (2023-01-12)
No changes.

View File

@ -3,7 +3,7 @@ annotations:
catalog.cattle.io/display-name: GitLab
catalog.cattle.io/release-name: gitlab
apiVersion: v1
appVersion: 15.8.3
appVersion: 15.9.1
description: The One DevOps Platform
home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.png
@ -15,4 +15,4 @@ maintainers:
name: gitlab
sources:
- https://gitlab.com/gitlab-org/charts/gitlab
version: 6.8.3
version: 6.9.1

View File

@ -26,3 +26,15 @@ reduce collision
{{- $name := printf "%s-issuer" .Release.Name | trunc 55 | trimSuffix "-" -}}
{{- printf "%s-%d" $name .Release.Revision | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Returns the http01 solver's ingress class field. Takes the IngressClass as paramter.
If the IngressClass is "none", the field is not set.
See: https://cert-manager.io/docs/configuration/acme/http01/#class
*/}}
{{- define "certmanager-issuer.http01.ingress.class.field" -}}
{{- $ingressClass := . | default "" -}}
{{- if ne "none" $ingressClass -}}
class: {{ $ingressClass }}
{{- end -}}
{{- end -}}

View File

@ -1,5 +1,6 @@
{{ if (pluck "configureCertmanager" .Values.global.ingress (dict "configureCertmanager" false) | first) }}
{{- $ingressCfg := dict "global" $.Values.global.ingress "local" .ingress "context" $ -}}
{{- $ingressClassName := include "ingress.class.name" $ingressCfg -}}
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
@ -22,5 +23,5 @@ spec:
- selector: {}
http01:
ingress:
class: {{ template "ingress.class.name" $ingressCfg }}
{{ include "certmanager-issuer.http01.ingress.class.field" $ingressClassName -}}
{{ end }}

View File

@ -28,7 +28,7 @@ spec:
{{- include "gitlab.priorityClassName" . | nindent 6 }}
containers:
- name: create-issuer
image: {{ include "gitlab.kubectl.image" . | quote }}
image: {{ include "gitlab.kubectl.image" . }}
command: ['/bin/bash', '/scripts/create-issuer', '/scripts/issuer.yml']
{{- include "gitlab.image.pullPolicy" $imageCfg | indent 10 }}
volumeMounts:

View File

@ -0,0 +1,31 @@
.new-runner-version-changelog: &new-runner-version-changelog
changelog_entry:
scope: new-feature
entry: Update GitLab Runner version to v{{ .Release.AppVersion }}
.update-chart-versions: &update-chart-versions
write:
file: Chart.yaml
contents: |
apiVersion: v1
name: gitlab-runner
version: {{ .Release.Version }}
appVersion: {{ .Release.AppVersion }}
description: GitLab Runner
keywords:
- git
- ci
- deploy
sources:
- https://gitlab.com/gitlab-org/charts/gitlab-runner
- https://gitlab.com/gitlab-org/gitlab-runner
- https://docs.gitlab.com/runner/
icon: https://gitlab.com/uploads/-/system/project/avatar/250833/runner_logo.png
maintainers:
- name: GitLab Inc.
email: support@gitlab.com
.commit-chart-versions: &commit-chart-versions
commit:
files: [Chart.yaml]
message: Update Chart version to v{{ .Release.Version }} and used GitLab Runner version to v{{ .Release.AppVersion }}

View File

@ -0,0 +1,7 @@
include:
- .common.release.yml
actions:
- *new-runner-version-changelog
- *update-chart-versions
- *commit-chart-versions

View File

@ -0,0 +1,5 @@
include:
- .common.release.yml
actions:
- *new-runner-version-changelog

View File

@ -33,7 +33,7 @@ label_matchers:
scope: maintenance
- labels:
- feature::enhancement
scope: feature
scope: new-feature
- labels:
- maintenance::refactor
scope: maintenance

View File

@ -1,20 +1,21 @@
## v0.49.2 (2023-02-10)
## v0.50.1 (2023-02-21)
### New features
- Update GitLab Runner version to 15.8.2
- Update GitLab Runner version to v15.9.1
## v0.49.1 (2023-02-03)
## v0.50.0 (2023-02-21)
### New features
- Update GitLab Runner version to 15.8.1
- Update GitLab Runner version to v15.9.0
- Add namespace to service account manifest !375 (Daniel Schömer @quatauta)
## v0.49.0 (2023-01-19)
### Maintenance
### New features
- Update GitLab Runner version to 15.8.0
- Add Chart repository as source !379 (Geoffrey McQuat @gmcquat)
- Fix grammatical error in instructional comment !376 (Shafiullah Khan @gitshafi)
- Add reference to actual documentation method of obtaining runnerRegistrationToken !361 (SveLem @SveLem)
## v0.48.0 (2022-12-17)

View File

@ -1,5 +1,5 @@
apiVersion: v1
appVersion: 15.8.2
appVersion: 15.9.1
description: GitLab Runner
icon: https://gitlab.com/uploads/-/system/project/avatar/250833/runner_logo.png
keywords:
@ -11,6 +11,7 @@ maintainers:
name: GitLab Inc.
name: gitlab-runner
sources:
- https://gitlab.com/gitlab-org/charts/gitlab-runner
- https://gitlab.com/gitlab-org/gitlab-runner
- https://docs.gitlab.com/runner/
version: 0.49.2
version: 0.50.1

View File

@ -7,6 +7,7 @@ metadata:
{{ $key }}: {{ $value | quote }}
{{- end }}
name: {{ include "gitlab-runner.fullname" . }}
namespace: {{ default .Release.Namespace .Values.runners.namespace | quote }}
labels:
app: {{ include "gitlab-runner.fullname" . }}
chart: {{ include "gitlab-runner.chart" . }}

View File

@ -53,6 +53,7 @@ imagePullPolicy: IfNotPresent
## The Registration Token for adding new Runners to the GitLab Server. This must
## be retrieved from your GitLab Instance.
## ref: https://docs.gitlab.com/ce/ci/runners/index.html
## ref: https://docs.gitlab.com/runner/register/
##
# runnerRegistrationToken: ""
@ -123,7 +124,7 @@ checkInterval: 30
## ref:
##
## When sessionServer is enabled, the user can either provide a public publicIP
## or either rely on the external IP auto discovery
## or rely on the external IP auto discovery
## When a serviceAccountName is used with the automounting to the pod disable,
## we recommend the usage of the publicIP
sessionServer:

View File

@ -1,5 +1,5 @@
apiVersion: v1
appVersion: 15.8.3
appVersion: 15.9.1
description: GitLab Geo logcursor
home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -12,4 +12,4 @@ name: geo-logcursor
sources:
- https://gitlab.com/charts/gitlab/tree/master/charts/gitlab/charts/geo-logcursor
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-rails
version: 6.8.3
version: 6.9.1

View File

@ -1,5 +1,5 @@
apiVersion: v1
appVersion: 15.8.3
appVersion: 15.9.1
description: Git RPC service for handling all the git calls made by GitLab
home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -13,4 +13,4 @@ name: gitaly
sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitaly
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitaly
version: 6.8.3
version: 6.9.1

View File

@ -1,5 +1,5 @@
apiVersion: v1
appVersion: 12.1.0
appVersion: 12.1.1
description: Exporter for GitLab Prometheus metrics (e.g. CI, pull mirrors)
home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -14,4 +14,4 @@ sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-exporter
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-exporter
- https://gitlab.com/gitlab-org/gitlab-exporter
version: 6.8.3
version: 6.9.1

View File

@ -1,5 +1,5 @@
apiVersion: v1
appVersion: 15.8.3
appVersion: 15.9.1
description: Adapt the Grafana chart to interface to the GitLab App
home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -13,4 +13,4 @@ name: gitlab-grafana
sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-grafana
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-grafana
version: 6.8.3
version: 6.9.1

View File

@ -1,5 +1,5 @@
apiVersion: v1
appVersion: 15.8.3
appVersion: 15.9.1
description: Daemon for serving static websites from GitLab projects
home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -14,4 +14,4 @@ sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-pages
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-pages
- https://gitlab.com/gitlab-org/gitlab-pages
version: 6.8.3
version: 6.9.1

View File

@ -51,8 +51,8 @@ data:
root-key=/etc/gitlab-secrets/pages/{{ template "gitlab.pages.hostname" $ }}.key
{{- end }}
{{- end }}
{{- if .Values.propagateCorrelationId }}
propagate-correlation-id={{ .Values.propagateCorrelationId }}
{{- if kindIs "bool" .Values.propagateCorrelationId }}
propagate-correlation-id={{ eq .Values.propagateCorrelationId true }}
{{- end }}
pages-domain={{ template "gitlab.pages.hostname" . }}
pages-root=/srv/gitlab-pages

View File

@ -1,5 +1,5 @@
apiVersion: v1
appVersion: 14.15.0
appVersion: 14.17.0
description: sshd for Gitlab
home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -14,4 +14,4 @@ name: gitlab-shell
sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-shell
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-shell
version: 6.8.3
version: 6.9.1

View File

@ -83,6 +83,18 @@ data:
- {%.%}
{%- end %}
{%- end %}
# GSSAPI-related settings
gssapi:
# Enable the gssapi-with-mic authentication method. Defaults to false.
enabled: {{ .Values.config.gssapi.enabled }}
# Library path for gssapi shared library - defaults to libgssapi_krb5.so.2
libpath: {{ .Values.config.gssapi.libpath }}
# Keytab path. Defaults to "", system default (usually /etc/krb5.keytab).
keytab: "/etc/krb5.keytab"
# The Kerberos service name to be used by sshd. Defaults to "", accepts any service name in keytab file.
service_principal_name: {{ .Values.config.gssapi.servicePrincipalName }}
{{- end }}
krb5.conf: |
{{- .Values.config.gssapi.krb5Config | nindent 4 }}
# Leave this here - This line denotes end of block to the parser.
{{- end }}

View File

@ -130,6 +130,16 @@ spec:
- name: shell-secrets
mountPath: '/etc/gitlab-secrets'
readOnly: true
- name: shell-config
mountPath: '/etc/krb5.conf'
subPath: krb5.conf
readOnly: true
{{- if .Values.config.gssapi.enabled }}
- name: gssapi-keytab
mountPath: '/etc/krb5.keytab'
subPath: {{ .Values.config.gssapi.keytab.key }}
readOnly: true
{{- end }}
{{- if eq .Values.sshDaemon "openssh" }}
- name: sshd-config
mountPath: /etc/ssh/sshd_config
@ -177,6 +187,11 @@ spec:
- name: shell-config
configMap:
name: {{ template "fullname" . }}
{{- if .Values.config.gssapi.enabled }}
- name: gssapi-keytab
secret:
secretName: {{ .Values.config.gssapi.keytab.secret }}
{{- end }}
{{- if eq .Values.sshDaemon "openssh" }}
- name: sshd-config
configMap:

View File

@ -104,6 +104,40 @@
"items": {
"type": "string"
}
},
"gssapi": {
"properties": {
"enabled": {
"title": "Enable GSS-API support for then gitlab-sshd daemon",
"type": "boolean"
},
"libpath": {
"title": "Library path for gssapi shared library",
"type": "string"
},
"keytab": {
"properties": {
"secret": {
"title": "The Kubernetes secret name"
},
"key": {
"title": "The Kubernetes secret key"
}
},
"title": "The Kubernetes secret holding the keytab for the gssapi-with-mic authentication method",
"type": "object"
},
"krb5Config": {
"title": "Content of the `/etc/krb5.conf` file in the gitlab-shell container",
"type": "string"
},
"servicePrincipalName": {
"title": "The Kerberos service name to be used by the gitlab-sshd daemon",
"type": "string"
}
},
"title": "GSS-API related settings",
"type": "object"
}
},
"required": [

View File

@ -111,6 +111,14 @@ config:
ciphers: [aes128-gcm@openssh.com, chacha20-poly1305@openssh.com, aes256-gcm@openssh.com, aes128-ctr, aes192-ctr, aes256-ctr]
kexAlgorithms: [curve25519-sha256, curve25519-sha256@libssh.org, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group14-sha256, diffie-hellman-group14-sha1]
macs: [hmac-sha2-256-etm@openssh.com, hmac-sha2-512-etm@openssh.com, hmac-sha2-256, hmac-sha2-512, hmac-sha1]
gssapi:
enabled: false
libpath: "libgssapi_krb5.so.2"
keytab:
#secret:
key: keytab
krb5Config: ""
servicePrincipalName: ""
## Allow to overwrite under which User and Group we're running.
securityContext:

View File

@ -1,5 +1,5 @@
apiVersion: v1
appVersion: 15.8.0
appVersion: v15.9.0
description: GitLab Agent Server
home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -17,4 +17,4 @@ name: kas
sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/gitlab-kas
- https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent
version: 6.8.3
version: 6.9.1

View File

@ -13,4 +13,4 @@ name: mailroom
sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/mailroom
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-mailroom
version: 6.8.3
version: 6.9.1

View File

@ -1,5 +1,5 @@
apiVersion: v1
appVersion: 15.8.3
appVersion: 15.9.1
description: Database migrations and other versioning tasks for upgrading Gitlab
home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -12,4 +12,4 @@ name: migrations
sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/migrations
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-rails
version: 6.8.3
version: 6.9.1

View File

@ -1,5 +1,5 @@
apiVersion: v1
appVersion: 15.8.3
appVersion: 15.9.1
description: Praefect is a router and transaction manager for Gitaly, and a required
component for running a Gitaly Cluster.
home: https://about.gitlab.com/
@ -16,4 +16,4 @@ sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/praefect
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitaly
- https://gitlab.com/gitlab-org/gitaly/-/tree/master/cmd/praefect
version: 6.8.3
version: 6.9.1

View File

@ -42,7 +42,6 @@ data:
[failover]
enabled = {{ .Values.failover.enabled }}
election_strategy = '{{ .Values.electionStrategy }}'
read_only_after_failover = {{ .Values.failover.readonlyAfter }}
[auth]
@ -80,6 +79,9 @@ data:
{{- $storageName := .name }}
[[virtual_storage]]
name = '{{ $storageName }}'
{{- if .defaultReplicationFactor }}
default_replication_factor = {{ .defaultReplicationFactor }}
{{- end -}}
{{- range until (.gitalyReplicas | int) }}
[[virtual_storage.node]]
{{- $serviceName := include "gitlab.praefect.gitaly.serviceName" (dict "context" $globalContext "name" $storageName) -}}

View File

@ -6,8 +6,6 @@ failover:
enabled: true
readonlyAfter: true
electionStrategy: sql
image:
repository: registry.gitlab.com/gitlab-org/build/cng/gitaly
# pullPolicy: IfNotPresent

View File

@ -1,5 +1,5 @@
apiVersion: v1
appVersion: 15.8.3
appVersion: 15.9.1
description: Gitlab Sidekiq for asynchronous task processing in rails
home: https://about.gitlab.com/
icon: https://gitlab.com/gitlab-com/gitlab-artwork/raw/master/logo/logo-square.svg
@ -13,4 +13,4 @@ name: sidekiq
sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/sidekiq
- https://gitlab.com/gitlab-org/build/CNG/tree/master/gitlab-sidekiq
version: 6.8.3
version: 6.9.1

View File

@ -14,4 +14,4 @@ name: spamcheck
sources:
- https://gitlab.com/gitlab-org/charts/gitlab/tree/master/charts/gitlab/charts/spamcheck
- https://gitlab.com/gitlab-org/spamcheck
version: 6.8.3
version: 6.9.1

Some files were not shown because too many files have changed in this diff Show More